1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * dir.c - Operations for configfs directories.
4 *
5 * Based on sysfs:
6 * sysfs is Copyright (C) 2001, 2002, 2003 Patrick Mochel
7 *
8 * configfs Copyright (C) 2005 Oracle. All rights reserved.
9 */
10
11 #undef DEBUG
12
13 #include <linux/fs.h>
14 #include <linux/fsnotify.h>
15 #include <linux/mount.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/err.h>
19
20 #include <linux/configfs.h>
21 #include "configfs_internal.h"
22
23 /*
24 * Protects mutations of configfs_dirent linkage together with proper i_mutex
25 * Also protects mutations of symlinks linkage to target configfs_dirent
26 * Mutators of configfs_dirent linkage must *both* have the proper inode locked
27 * and configfs_dirent_lock locked, in that order.
28 * This allows one to safely traverse configfs_dirent trees and symlinks without
29 * having to lock inodes.
30 *
31 * Protects setting of CONFIGFS_USET_DROPPING: checking the flag
32 * unlocked is not reliable unless in detach_groups() called from
33 * rmdir()/unregister() and from configfs_attach_group()
34 */
35 DEFINE_SPINLOCK(configfs_dirent_lock);
36
37 /*
38 * All of link_obj/unlink_obj/link_group/unlink_group require that
39 * subsys->su_mutex is held.
40 * But parent configfs_subsystem is NULL when config_item is root.
41 * Use this mutex when config_item is root.
42 */
43 static DEFINE_MUTEX(configfs_subsystem_mutex);
44
configfs_d_iput(struct dentry * dentry,struct inode * inode)45 static void configfs_d_iput(struct dentry * dentry,
46 struct inode * inode)
47 {
48 struct configfs_dirent *sd = dentry->d_fsdata;
49
50 if (sd) {
51 /* Coordinate with configfs_readdir */
52 spin_lock(&configfs_dirent_lock);
53 /*
54 * Set sd->s_dentry to null only when this dentry is the one
55 * that is going to be killed. Otherwise configfs_d_iput may
56 * run just after configfs_lookup and set sd->s_dentry to
57 * NULL even it's still in use.
58 */
59 if (sd->s_dentry == dentry)
60 sd->s_dentry = NULL;
61
62 spin_unlock(&configfs_dirent_lock);
63 configfs_put(sd);
64 }
65 iput(inode);
66 }
67
68 const struct dentry_operations configfs_dentry_ops = {
69 .d_iput = configfs_d_iput,
70 };
71
72 #ifdef CONFIG_LOCKDEP
73
74 /*
75 * Helpers to make lockdep happy with our recursive locking of default groups'
76 * inodes (see configfs_attach_group() and configfs_detach_group()).
77 * We put default groups i_mutexes in separate classes according to their depth
78 * from the youngest non-default group ancestor.
79 *
80 * For a non-default group A having default groups A/B, A/C, and A/C/D, default
81 * groups A/B and A/C will have their inode's mutex in class
82 * default_group_class[0], and default group A/C/D will be in
83 * default_group_class[1].
84 *
85 * The lock classes are declared and assigned in inode.c, according to the
86 * s_depth value.
87 * The s_depth value is initialized to -1, adjusted to >= 0 when attaching
88 * default groups, and reset to -1 when all default groups are attached. During
89 * attachment, if configfs_create() sees s_depth > 0, the lock class of the new
90 * inode's mutex is set to default_group_class[s_depth - 1].
91 */
92
configfs_init_dirent_depth(struct configfs_dirent * sd)93 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
94 {
95 sd->s_depth = -1;
96 }
97
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)98 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
99 struct configfs_dirent *sd)
100 {
101 int parent_depth = parent_sd->s_depth;
102
103 if (parent_depth >= 0)
104 sd->s_depth = parent_depth + 1;
105 }
106
107 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)108 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
109 {
110 /*
111 * item's i_mutex class is already setup, so s_depth is now only
112 * used to set new sub-directories s_depth, which is always done
113 * with item's i_mutex locked.
114 */
115 /*
116 * sd->s_depth == -1 iff we are a non default group.
117 * else (we are a default group) sd->s_depth > 0 (see
118 * create_dir()).
119 */
120 if (sd->s_depth == -1)
121 /*
122 * We are a non default group and we are going to create
123 * default groups.
124 */
125 sd->s_depth = 0;
126 }
127
128 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)129 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
130 {
131 /* We will not create default groups anymore. */
132 sd->s_depth = -1;
133 }
134
135 #else /* CONFIG_LOCKDEP */
136
configfs_init_dirent_depth(struct configfs_dirent * sd)137 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
138 {
139 }
140
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)141 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
142 struct configfs_dirent *sd)
143 {
144 }
145
146 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)147 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
148 {
149 }
150
151 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)152 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
153 {
154 }
155
156 #endif /* CONFIG_LOCKDEP */
157
new_fragment(void)158 static struct configfs_fragment *new_fragment(void)
159 {
160 struct configfs_fragment *p;
161
162 p = kmalloc(sizeof(struct configfs_fragment), GFP_KERNEL);
163 if (p) {
164 atomic_set(&p->frag_count, 1);
165 init_rwsem(&p->frag_sem);
166 p->frag_dead = false;
167 }
168 return p;
169 }
170
put_fragment(struct configfs_fragment * frag)171 void put_fragment(struct configfs_fragment *frag)
172 {
173 if (frag && atomic_dec_and_test(&frag->frag_count))
174 kfree(frag);
175 }
176
get_fragment(struct configfs_fragment * frag)177 struct configfs_fragment *get_fragment(struct configfs_fragment *frag)
178 {
179 if (likely(frag))
180 atomic_inc(&frag->frag_count);
181 return frag;
182 }
183
184 /*
185 * Allocates a new configfs_dirent and links it to the parent configfs_dirent
186 */
configfs_new_dirent(struct configfs_dirent * parent_sd,void * element,int type,struct configfs_fragment * frag)187 static struct configfs_dirent *configfs_new_dirent(struct configfs_dirent *parent_sd,
188 void *element, int type,
189 struct configfs_fragment *frag)
190 {
191 struct configfs_dirent * sd;
192
193 sd = kmem_cache_zalloc(configfs_dir_cachep, GFP_KERNEL);
194 if (!sd)
195 return ERR_PTR(-ENOMEM);
196
197 atomic_set(&sd->s_count, 1);
198 INIT_LIST_HEAD(&sd->s_children);
199 sd->s_element = element;
200 sd->s_type = type;
201 configfs_init_dirent_depth(sd);
202 spin_lock(&configfs_dirent_lock);
203 if (parent_sd->s_type & CONFIGFS_USET_DROPPING) {
204 spin_unlock(&configfs_dirent_lock);
205 kmem_cache_free(configfs_dir_cachep, sd);
206 return ERR_PTR(-ENOENT);
207 }
208 sd->s_frag = get_fragment(frag);
209
210 /*
211 * configfs_lookup scans only for unpinned items. s_children is
212 * partitioned so that configfs_lookup can bail out early.
213 * CONFIGFS_PINNED and CONFIGFS_NOT_PINNED are not symmetrical. readdir
214 * cursors still need to be inserted at the front of the list.
215 */
216 if (sd->s_type & CONFIGFS_PINNED)
217 list_add_tail(&sd->s_sibling, &parent_sd->s_children);
218 else
219 list_add(&sd->s_sibling, &parent_sd->s_children);
220 spin_unlock(&configfs_dirent_lock);
221
222 return sd;
223 }
224
225 /*
226 *
227 * Return -EEXIST if there is already a configfs element with the same
228 * name for the same parent.
229 *
230 * called with parent inode's i_mutex held
231 */
configfs_dirent_exists(struct dentry * dentry)232 static int configfs_dirent_exists(struct dentry *dentry)
233 {
234 struct configfs_dirent *parent_sd = dentry->d_parent->d_fsdata;
235 const unsigned char *new = dentry->d_name.name;
236 struct configfs_dirent *sd;
237
238 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
239 if (sd->s_element) {
240 const unsigned char *existing = configfs_get_name(sd);
241 if (strcmp(existing, new))
242 continue;
243 else
244 return -EEXIST;
245 }
246 }
247
248 return 0;
249 }
250
251
configfs_make_dirent(struct configfs_dirent * parent_sd,struct dentry * dentry,void * element,umode_t mode,int type,struct configfs_fragment * frag)252 int configfs_make_dirent(struct configfs_dirent * parent_sd,
253 struct dentry * dentry, void * element,
254 umode_t mode, int type, struct configfs_fragment *frag)
255 {
256 struct configfs_dirent * sd;
257
258 sd = configfs_new_dirent(parent_sd, element, type, frag);
259 if (IS_ERR(sd))
260 return PTR_ERR(sd);
261
262 sd->s_mode = mode;
263 sd->s_dentry = dentry;
264 if (dentry)
265 dentry->d_fsdata = configfs_get(sd);
266
267 return 0;
268 }
269
configfs_remove_dirent(struct dentry * dentry)270 static void configfs_remove_dirent(struct dentry *dentry)
271 {
272 struct configfs_dirent *sd = dentry->d_fsdata;
273
274 if (!sd)
275 return;
276 spin_lock(&configfs_dirent_lock);
277 list_del_init(&sd->s_sibling);
278 spin_unlock(&configfs_dirent_lock);
279 configfs_put(sd);
280 }
281
282 /**
283 * configfs_create_dir - create a directory for an config_item.
284 * @item: config_itemwe're creating directory for.
285 * @dentry: config_item's dentry.
286 * @frag: config_item's fragment.
287 *
288 * Note: user-created entries won't be allowed under this new directory
289 * until it is validated by configfs_dir_set_ready()
290 */
291
configfs_create_dir(struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)292 static int configfs_create_dir(struct config_item *item, struct dentry *dentry,
293 struct configfs_fragment *frag)
294 {
295 int error;
296 umode_t mode = S_IFDIR| S_IRWXU | S_IRUGO | S_IXUGO;
297 struct dentry *p = dentry->d_parent;
298 struct inode *inode;
299
300 BUG_ON(!item);
301
302 error = configfs_make_dirent(p->d_fsdata, dentry, item, mode,
303 CONFIGFS_DIR | CONFIGFS_USET_CREATING,
304 frag);
305 if (unlikely(error))
306 return error;
307
308 configfs_set_dir_dirent_depth(p->d_fsdata, dentry->d_fsdata);
309 inode = configfs_create(dentry, mode);
310 if (IS_ERR(inode))
311 goto out_remove;
312
313 inode->i_op = &configfs_dir_inode_operations;
314 inode->i_fop = &configfs_dir_operations;
315 /* directory inodes start off with i_nlink == 2 (for "." entry) */
316 inc_nlink(inode);
317 d_instantiate(dentry, inode);
318 /* already hashed */
319 dget(dentry); /* pin directory dentries in core */
320 inc_nlink(d_inode(p));
321 item->ci_dentry = dentry;
322 return 0;
323
324 out_remove:
325 configfs_put(dentry->d_fsdata);
326 configfs_remove_dirent(dentry);
327 return PTR_ERR(inode);
328 }
329
330 /*
331 * Allow userspace to create new entries under a new directory created with
332 * configfs_create_dir(), and under all of its chidlren directories recursively.
333 * @sd configfs_dirent of the new directory to validate
334 *
335 * Caller must hold configfs_dirent_lock.
336 */
configfs_dir_set_ready(struct configfs_dirent * sd)337 static void configfs_dir_set_ready(struct configfs_dirent *sd)
338 {
339 struct configfs_dirent *child_sd;
340
341 sd->s_type &= ~CONFIGFS_USET_CREATING;
342 list_for_each_entry(child_sd, &sd->s_children, s_sibling)
343 if (child_sd->s_type & CONFIGFS_USET_CREATING)
344 configfs_dir_set_ready(child_sd);
345 }
346
347 /*
348 * Check that a directory does not belong to a directory hierarchy being
349 * attached and not validated yet.
350 * @sd configfs_dirent of the directory to check
351 *
352 * @return non-zero iff the directory was validated
353 *
354 * Note: takes configfs_dirent_lock, so the result may change from false to true
355 * in two consecutive calls, but never from true to false.
356 */
configfs_dirent_is_ready(struct configfs_dirent * sd)357 int configfs_dirent_is_ready(struct configfs_dirent *sd)
358 {
359 int ret;
360
361 spin_lock(&configfs_dirent_lock);
362 ret = !(sd->s_type & CONFIGFS_USET_CREATING);
363 spin_unlock(&configfs_dirent_lock);
364
365 return ret;
366 }
367
configfs_create_link(struct configfs_dirent * target,struct dentry * parent,struct dentry * dentry,char * body)368 int configfs_create_link(struct configfs_dirent *target, struct dentry *parent,
369 struct dentry *dentry, char *body)
370 {
371 int err = 0;
372 umode_t mode = S_IFLNK | S_IRWXUGO;
373 struct configfs_dirent *p = parent->d_fsdata;
374 struct inode *inode;
375
376 err = configfs_make_dirent(p, dentry, target, mode, CONFIGFS_ITEM_LINK,
377 p->s_frag);
378 if (err)
379 return err;
380
381 inode = configfs_create(dentry, mode);
382 if (IS_ERR(inode))
383 goto out_remove;
384
385 inode->i_link = body;
386 inode->i_op = &configfs_symlink_inode_operations;
387 d_instantiate(dentry, inode);
388 dget(dentry); /* pin link dentries in core */
389 return 0;
390
391 out_remove:
392 configfs_put(dentry->d_fsdata);
393 configfs_remove_dirent(dentry);
394 return PTR_ERR(inode);
395 }
396
remove_dir(struct dentry * d)397 static void remove_dir(struct dentry * d)
398 {
399 struct dentry * parent = dget(d->d_parent);
400
401 configfs_remove_dirent(d);
402
403 if (d_really_is_positive(d))
404 simple_rmdir(d_inode(parent),d);
405
406 pr_debug(" o %pd removing done (%d)\n", d, d_count(d));
407
408 dput(parent);
409 }
410
411 /**
412 * configfs_remove_dir - remove an config_item's directory.
413 * @item: config_item we're removing.
414 *
415 * The only thing special about this is that we remove any files in
416 * the directory before we remove the directory, and we've inlined
417 * what used to be configfs_rmdir() below, instead of calling separately.
418 *
419 * Caller holds the mutex of the item's inode
420 */
421
configfs_remove_dir(struct config_item * item)422 static void configfs_remove_dir(struct config_item * item)
423 {
424 struct dentry * dentry = dget(item->ci_dentry);
425
426 if (!dentry)
427 return;
428
429 remove_dir(dentry);
430 /**
431 * Drop reference from dget() on entrance.
432 */
433 dput(dentry);
434 }
435
configfs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)436 static struct dentry * configfs_lookup(struct inode *dir,
437 struct dentry *dentry,
438 unsigned int flags)
439 {
440 struct configfs_dirent * parent_sd = dentry->d_parent->d_fsdata;
441 struct configfs_dirent * sd;
442 struct inode *inode = NULL;
443
444 if (dentry->d_name.len > NAME_MAX)
445 return ERR_PTR(-ENAMETOOLONG);
446
447 /*
448 * Fake invisibility if dir belongs to a group/default groups hierarchy
449 * being attached
450 *
451 * This forbids userspace to read/write attributes of items which may
452 * not complete their initialization, since the dentries of the
453 * attributes won't be instantiated.
454 */
455 if (!configfs_dirent_is_ready(parent_sd))
456 return ERR_PTR(-ENOENT);
457
458 spin_lock(&configfs_dirent_lock);
459 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
460
461 /*
462 * s_children is partitioned, see configfs_new_dirent. The first
463 * pinned item indicates we can stop scanning.
464 */
465 if (sd->s_type & CONFIGFS_PINNED)
466 break;
467
468 /*
469 * Note: CONFIGFS_PINNED and CONFIGFS_NOT_PINNED are asymmetric.
470 * there may be a readdir cursor in this list
471 */
472 if ((sd->s_type & CONFIGFS_NOT_PINNED) &&
473 !strcmp(configfs_get_name(sd), dentry->d_name.name)) {
474 struct configfs_attribute *attr = sd->s_element;
475 umode_t mode = (attr->ca_mode & S_IALLUGO) | S_IFREG;
476
477 dentry->d_fsdata = configfs_get(sd);
478 sd->s_dentry = dentry;
479 spin_unlock(&configfs_dirent_lock);
480
481 inode = configfs_create(dentry, mode);
482 if (IS_ERR(inode)) {
483 configfs_put(sd);
484 return ERR_CAST(inode);
485 }
486 if (sd->s_type & CONFIGFS_ITEM_BIN_ATTR) {
487 inode->i_size = 0;
488 inode->i_fop = &configfs_bin_file_operations;
489 } else {
490 inode->i_size = PAGE_SIZE;
491 inode->i_fop = &configfs_file_operations;
492 }
493 goto done;
494 }
495 }
496 spin_unlock(&configfs_dirent_lock);
497 done:
498 d_add(dentry, inode);
499 return NULL;
500 }
501
502 /*
503 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
504 * attributes and are removed by rmdir(). We recurse, setting
505 * CONFIGFS_USET_DROPPING on all children that are candidates for
506 * default detach.
507 * If there is an error, the caller will reset the flags via
508 * configfs_detach_rollback().
509 */
configfs_detach_prep(struct dentry * dentry,struct dentry ** wait)510 static int configfs_detach_prep(struct dentry *dentry, struct dentry **wait)
511 {
512 struct configfs_dirent *parent_sd = dentry->d_fsdata;
513 struct configfs_dirent *sd;
514 int ret;
515
516 /* Mark that we're trying to drop the group */
517 parent_sd->s_type |= CONFIGFS_USET_DROPPING;
518
519 ret = -EBUSY;
520 if (parent_sd->s_links)
521 goto out;
522
523 ret = 0;
524 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
525 if (!sd->s_element ||
526 (sd->s_type & CONFIGFS_NOT_PINNED))
527 continue;
528 if (sd->s_type & CONFIGFS_USET_DEFAULT) {
529 /* Abort if racing with mkdir() */
530 if (sd->s_type & CONFIGFS_USET_IN_MKDIR) {
531 if (wait)
532 *wait= dget(sd->s_dentry);
533 return -EAGAIN;
534 }
535
536 /*
537 * Yup, recursive. If there's a problem, blame
538 * deep nesting of default_groups
539 */
540 ret = configfs_detach_prep(sd->s_dentry, wait);
541 if (!ret)
542 continue;
543 } else
544 ret = -ENOTEMPTY;
545
546 break;
547 }
548
549 out:
550 return ret;
551 }
552
553 /*
554 * Walk the tree, resetting CONFIGFS_USET_DROPPING wherever it was
555 * set.
556 */
configfs_detach_rollback(struct dentry * dentry)557 static void configfs_detach_rollback(struct dentry *dentry)
558 {
559 struct configfs_dirent *parent_sd = dentry->d_fsdata;
560 struct configfs_dirent *sd;
561
562 parent_sd->s_type &= ~CONFIGFS_USET_DROPPING;
563
564 list_for_each_entry(sd, &parent_sd->s_children, s_sibling)
565 if (sd->s_type & CONFIGFS_USET_DEFAULT)
566 configfs_detach_rollback(sd->s_dentry);
567 }
568
detach_attrs(struct config_item * item)569 static void detach_attrs(struct config_item * item)
570 {
571 struct dentry * dentry = dget(item->ci_dentry);
572 struct configfs_dirent * parent_sd;
573 struct configfs_dirent * sd, * tmp;
574
575 if (!dentry)
576 return;
577
578 pr_debug("configfs %s: dropping attrs for dir\n",
579 dentry->d_name.name);
580
581 parent_sd = dentry->d_fsdata;
582 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
583 if (!sd->s_element || !(sd->s_type & CONFIGFS_NOT_PINNED))
584 continue;
585 spin_lock(&configfs_dirent_lock);
586 list_del_init(&sd->s_sibling);
587 spin_unlock(&configfs_dirent_lock);
588 configfs_drop_dentry(sd, dentry);
589 configfs_put(sd);
590 }
591
592 /**
593 * Drop reference from dget() on entrance.
594 */
595 dput(dentry);
596 }
597
populate_attrs(struct config_item * item)598 static int populate_attrs(struct config_item *item)
599 {
600 const struct config_item_type *t = item->ci_type;
601 struct configfs_group_operations *ops;
602 struct configfs_attribute *attr;
603 struct configfs_bin_attribute *bin_attr;
604 int error = 0;
605 int i;
606
607 if (!t)
608 return -EINVAL;
609
610 ops = t->ct_group_ops;
611
612 if (t->ct_attrs) {
613 for (i = 0; (attr = t->ct_attrs[i]) != NULL; i++) {
614 if (ops && ops->is_visible && !ops->is_visible(item, attr, i))
615 continue;
616
617 if ((error = configfs_create_file(item, attr)))
618 break;
619 }
620 }
621 if (!error && t->ct_bin_attrs) {
622 for (i = 0; (bin_attr = t->ct_bin_attrs[i]) != NULL; i++) {
623 if (ops && ops->is_bin_visible && !ops->is_bin_visible(item, bin_attr, i))
624 continue;
625
626 error = configfs_create_bin_file(item, bin_attr);
627 if (error)
628 break;
629 }
630 }
631
632 if (error)
633 detach_attrs(item);
634
635 return error;
636 }
637
638 static int configfs_attach_group(struct config_item *parent_item,
639 struct config_item *item,
640 struct dentry *dentry,
641 struct configfs_fragment *frag);
642 static void configfs_detach_group(struct config_item *item);
643
detach_groups(struct config_group * group)644 static void detach_groups(struct config_group *group)
645 {
646 struct dentry * dentry = dget(group->cg_item.ci_dentry);
647 struct dentry *child;
648 struct configfs_dirent *parent_sd;
649 struct configfs_dirent *sd, *tmp;
650
651 if (!dentry)
652 return;
653
654 parent_sd = dentry->d_fsdata;
655 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
656 if (!sd->s_element ||
657 !(sd->s_type & CONFIGFS_USET_DEFAULT))
658 continue;
659
660 child = sd->s_dentry;
661
662 inode_lock(d_inode(child));
663
664 configfs_detach_group(sd->s_element);
665 d_inode(child)->i_flags |= S_DEAD;
666 dont_mount(child);
667
668 inode_unlock(d_inode(child));
669
670 d_delete(child);
671 dput(child);
672 }
673
674 /**
675 * Drop reference from dget() on entrance.
676 */
677 dput(dentry);
678 }
679
680 /*
681 * This fakes mkdir(2) on a default_groups[] entry. It
682 * creates a dentry, attachs it, and then does fixup
683 * on the sd->s_type.
684 *
685 * We could, perhaps, tweak our parent's ->mkdir for a minute and
686 * try using vfs_mkdir. Just a thought.
687 */
create_default_group(struct config_group * parent_group,struct config_group * group,struct configfs_fragment * frag)688 static int create_default_group(struct config_group *parent_group,
689 struct config_group *group,
690 struct configfs_fragment *frag)
691 {
692 int ret;
693 struct configfs_dirent *sd;
694 /* We trust the caller holds a reference to parent */
695 struct dentry *child, *parent = parent_group->cg_item.ci_dentry;
696
697 if (!group->cg_item.ci_name)
698 group->cg_item.ci_name = group->cg_item.ci_namebuf;
699
700 ret = -ENOMEM;
701 child = d_alloc_name(parent, group->cg_item.ci_name);
702 if (child) {
703 d_add(child, NULL);
704
705 ret = configfs_attach_group(&parent_group->cg_item,
706 &group->cg_item, child, frag);
707 if (!ret) {
708 sd = child->d_fsdata;
709 sd->s_type |= CONFIGFS_USET_DEFAULT;
710 } else {
711 BUG_ON(d_inode(child));
712 d_drop(child);
713 dput(child);
714 }
715 }
716
717 return ret;
718 }
719
populate_groups(struct config_group * group,struct configfs_fragment * frag)720 static int populate_groups(struct config_group *group,
721 struct configfs_fragment *frag)
722 {
723 struct config_group *new_group;
724 int ret = 0;
725
726 list_for_each_entry(new_group, &group->default_groups, group_entry) {
727 ret = create_default_group(group, new_group, frag);
728 if (ret) {
729 detach_groups(group);
730 break;
731 }
732 }
733
734 return ret;
735 }
736
configfs_remove_default_groups(struct config_group * group)737 void configfs_remove_default_groups(struct config_group *group)
738 {
739 struct config_group *g, *n;
740
741 list_for_each_entry_safe(g, n, &group->default_groups, group_entry) {
742 list_del(&g->group_entry);
743 config_item_put(&g->cg_item);
744 }
745 }
746 EXPORT_SYMBOL(configfs_remove_default_groups);
747
748 /*
749 * All of link_obj/unlink_obj/link_group/unlink_group require that
750 * subsys->su_mutex is held.
751 */
752
unlink_obj(struct config_item * item)753 static void unlink_obj(struct config_item *item)
754 {
755 struct config_group *group;
756
757 group = item->ci_group;
758 if (group) {
759 list_del_init(&item->ci_entry);
760
761 item->ci_group = NULL;
762 item->ci_parent = NULL;
763
764 /* Drop the reference for ci_entry */
765 config_item_put(item);
766
767 /* Drop the reference for ci_parent */
768 config_group_put(group);
769 }
770 }
771
link_obj(struct config_item * parent_item,struct config_item * item)772 static void link_obj(struct config_item *parent_item, struct config_item *item)
773 {
774 /*
775 * Parent seems redundant with group, but it makes certain
776 * traversals much nicer.
777 */
778 item->ci_parent = parent_item;
779
780 /*
781 * We hold a reference on the parent for the child's ci_parent
782 * link.
783 */
784 item->ci_group = config_group_get(to_config_group(parent_item));
785 list_add_tail(&item->ci_entry, &item->ci_group->cg_children);
786
787 /*
788 * We hold a reference on the child for ci_entry on the parent's
789 * cg_children
790 */
791 config_item_get(item);
792 }
793
unlink_group(struct config_group * group)794 static void unlink_group(struct config_group *group)
795 {
796 struct config_group *new_group;
797
798 list_for_each_entry(new_group, &group->default_groups, group_entry)
799 unlink_group(new_group);
800
801 group->cg_subsys = NULL;
802 unlink_obj(&group->cg_item);
803 }
804
link_group(struct config_group * parent_group,struct config_group * group)805 static void link_group(struct config_group *parent_group, struct config_group *group)
806 {
807 struct config_group *new_group;
808 struct configfs_subsystem *subsys = NULL; /* gcc is a turd */
809
810 link_obj(&parent_group->cg_item, &group->cg_item);
811
812 if (parent_group->cg_subsys)
813 subsys = parent_group->cg_subsys;
814 else if (configfs_is_root(&parent_group->cg_item))
815 subsys = to_configfs_subsystem(group);
816 else
817 BUG();
818 group->cg_subsys = subsys;
819
820 list_for_each_entry(new_group, &group->default_groups, group_entry)
821 link_group(group, new_group);
822 }
823
824 /*
825 * The goal is that configfs_attach_item() (and
826 * configfs_attach_group()) can be called from either the VFS or this
827 * module. That is, they assume that the items have been created,
828 * the dentry allocated, and the dcache is all ready to go.
829 *
830 * If they fail, they must clean up after themselves as if they
831 * had never been called. The caller (VFS or local function) will
832 * handle cleaning up the dcache bits.
833 *
834 * configfs_detach_group() and configfs_detach_item() behave similarly on
835 * the way out. They assume that the proper semaphores are held, they
836 * clean up the configfs items, and they expect their callers will
837 * handle the dcache bits.
838 */
configfs_attach_item(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)839 static int configfs_attach_item(struct config_item *parent_item,
840 struct config_item *item,
841 struct dentry *dentry,
842 struct configfs_fragment *frag)
843 {
844 int ret;
845
846 ret = configfs_create_dir(item, dentry, frag);
847 if (!ret) {
848 ret = populate_attrs(item);
849 if (ret) {
850 /*
851 * We are going to remove an inode and its dentry but
852 * the VFS may already have hit and used them. Thus,
853 * we must lock them as rmdir() would.
854 */
855 inode_lock(d_inode(dentry));
856 configfs_remove_dir(item);
857 d_inode(dentry)->i_flags |= S_DEAD;
858 dont_mount(dentry);
859 inode_unlock(d_inode(dentry));
860 d_delete(dentry);
861 }
862 }
863
864 return ret;
865 }
866
867 /* Caller holds the mutex of the item's inode */
configfs_detach_item(struct config_item * item)868 static void configfs_detach_item(struct config_item *item)
869 {
870 detach_attrs(item);
871 configfs_remove_dir(item);
872 }
873
configfs_attach_group(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)874 static int configfs_attach_group(struct config_item *parent_item,
875 struct config_item *item,
876 struct dentry *dentry,
877 struct configfs_fragment *frag)
878 {
879 int ret;
880 struct configfs_dirent *sd;
881
882 ret = configfs_attach_item(parent_item, item, dentry, frag);
883 if (!ret) {
884 sd = dentry->d_fsdata;
885 sd->s_type |= CONFIGFS_USET_DIR;
886
887 /*
888 * FYI, we're faking mkdir in populate_groups()
889 * We must lock the group's inode to avoid races with the VFS
890 * which can already hit the inode and try to add/remove entries
891 * under it.
892 *
893 * We must also lock the inode to remove it safely in case of
894 * error, as rmdir() would.
895 */
896 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
897 configfs_adjust_dir_dirent_depth_before_populate(sd);
898 ret = populate_groups(to_config_group(item), frag);
899 if (ret) {
900 configfs_detach_item(item);
901 d_inode(dentry)->i_flags |= S_DEAD;
902 dont_mount(dentry);
903 }
904 configfs_adjust_dir_dirent_depth_after_populate(sd);
905 inode_unlock(d_inode(dentry));
906 if (ret)
907 d_delete(dentry);
908 }
909
910 return ret;
911 }
912
913 /* Caller holds the mutex of the group's inode */
configfs_detach_group(struct config_item * item)914 static void configfs_detach_group(struct config_item *item)
915 {
916 detach_groups(to_config_group(item));
917 configfs_detach_item(item);
918 }
919
920 /*
921 * After the item has been detached from the filesystem view, we are
922 * ready to tear it out of the hierarchy. Notify the client before
923 * we do that so they can perform any cleanup that requires
924 * navigating the hierarchy. A client does not need to provide this
925 * callback. The subsystem semaphore MUST be held by the caller, and
926 * references must be valid for both items. It also assumes the
927 * caller has validated ci_type.
928 */
client_disconnect_notify(struct config_item * parent_item,struct config_item * item)929 static void client_disconnect_notify(struct config_item *parent_item,
930 struct config_item *item)
931 {
932 const struct config_item_type *type;
933
934 type = parent_item->ci_type;
935 BUG_ON(!type);
936
937 if (type->ct_group_ops && type->ct_group_ops->disconnect_notify)
938 type->ct_group_ops->disconnect_notify(to_config_group(parent_item),
939 item);
940 }
941
942 /*
943 * Drop the initial reference from make_item()/make_group()
944 * This function assumes that reference is held on item
945 * and that item holds a valid reference to the parent. Also, it
946 * assumes the caller has validated ci_type.
947 */
client_drop_item(struct config_item * parent_item,struct config_item * item)948 static void client_drop_item(struct config_item *parent_item,
949 struct config_item *item)
950 {
951 const struct config_item_type *type;
952
953 type = parent_item->ci_type;
954 BUG_ON(!type);
955
956 /*
957 * If ->drop_item() exists, it is responsible for the
958 * config_item_put().
959 */
960 if (type->ct_group_ops && type->ct_group_ops->drop_item)
961 type->ct_group_ops->drop_item(to_config_group(parent_item),
962 item);
963 else
964 config_item_put(item);
965 }
966
967 #ifdef DEBUG
configfs_dump_one(struct configfs_dirent * sd,int level)968 static void configfs_dump_one(struct configfs_dirent *sd, int level)
969 {
970 pr_info("%*s\"%s\":\n", level, " ", configfs_get_name(sd));
971
972 #define type_print(_type) if (sd->s_type & _type) pr_info("%*s %s\n", level, " ", #_type)
973 type_print(CONFIGFS_ROOT);
974 type_print(CONFIGFS_DIR);
975 type_print(CONFIGFS_ITEM_ATTR);
976 type_print(CONFIGFS_ITEM_LINK);
977 type_print(CONFIGFS_USET_DIR);
978 type_print(CONFIGFS_USET_DEFAULT);
979 type_print(CONFIGFS_USET_DROPPING);
980 #undef type_print
981 }
982
configfs_dump(struct configfs_dirent * sd,int level)983 static int configfs_dump(struct configfs_dirent *sd, int level)
984 {
985 struct configfs_dirent *child_sd;
986 int ret = 0;
987
988 configfs_dump_one(sd, level);
989
990 if (!(sd->s_type & (CONFIGFS_DIR|CONFIGFS_ROOT)))
991 return 0;
992
993 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
994 ret = configfs_dump(child_sd, level + 2);
995 if (ret)
996 break;
997 }
998
999 return ret;
1000 }
1001 #endif
1002
1003
1004 /*
1005 * configfs_depend_item() and configfs_undepend_item()
1006 *
1007 * WARNING: Do not call these from a configfs callback!
1008 *
1009 * This describes these functions and their helpers.
1010 *
1011 * Allow another kernel system to depend on a config_item. If this
1012 * happens, the item cannot go away until the dependent can live without
1013 * it. The idea is to give client modules as simple an interface as
1014 * possible. When a system asks them to depend on an item, they just
1015 * call configfs_depend_item(). If the item is live and the client
1016 * driver is in good shape, we'll happily do the work for them.
1017 *
1018 * Why is the locking complex? Because configfs uses the VFS to handle
1019 * all locking, but this function is called outside the normal
1020 * VFS->configfs path. So it must take VFS locks to prevent the
1021 * VFS->configfs stuff (configfs_mkdir(), configfs_rmdir(), etc). This is
1022 * why you can't call these functions underneath configfs callbacks.
1023 *
1024 * Note, btw, that this can be called at *any* time, even when a configfs
1025 * subsystem isn't registered, or when configfs is loading or unloading.
1026 * Just like configfs_register_subsystem(). So we take the same
1027 * precautions. We pin the filesystem. We lock configfs_dirent_lock.
1028 * If we can find the target item in the
1029 * configfs tree, it must be part of the subsystem tree as well, so we
1030 * do not need the subsystem semaphore. Holding configfs_dirent_lock helps
1031 * locking out mkdir() and rmdir(), who might be racing us.
1032 */
1033
1034 /*
1035 * configfs_depend_prep()
1036 *
1037 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
1038 * attributes. This is similar but not the same to configfs_detach_prep().
1039 * Note that configfs_detach_prep() expects the parent to be locked when it
1040 * is called, but we lock the parent *inside* configfs_depend_prep(). We
1041 * do that so we can unlock it if we find nothing.
1042 *
1043 * Here we do a depth-first search of the dentry hierarchy looking for
1044 * our object.
1045 * We deliberately ignore items tagged as dropping since they are virtually
1046 * dead, as well as items in the middle of attachment since they virtually
1047 * do not exist yet. This completes the locking out of racing mkdir() and
1048 * rmdir().
1049 * Note: subdirectories in the middle of attachment start with s_type =
1050 * CONFIGFS_DIR|CONFIGFS_USET_CREATING set by create_dir(). When
1051 * CONFIGFS_USET_CREATING is set, we ignore the item. The actual set of
1052 * s_type is in configfs_new_dirent(), which has configfs_dirent_lock.
1053 *
1054 * If the target is not found, -ENOENT is bubbled up.
1055 *
1056 * This adds a requirement that all config_items be unique!
1057 *
1058 * This is recursive. There isn't
1059 * much on the stack, though, so folks that need this function - be careful
1060 * about your stack! Patches will be accepted to make it iterative.
1061 */
configfs_depend_prep(struct dentry * origin,struct config_item * target)1062 static int configfs_depend_prep(struct dentry *origin,
1063 struct config_item *target)
1064 {
1065 struct configfs_dirent *child_sd, *sd;
1066 int ret = 0;
1067
1068 BUG_ON(!origin || !origin->d_fsdata);
1069 sd = origin->d_fsdata;
1070
1071 if (sd->s_element == target) /* Boo-yah */
1072 goto out;
1073
1074 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
1075 if ((child_sd->s_type & CONFIGFS_DIR) &&
1076 !(child_sd->s_type & CONFIGFS_USET_DROPPING) &&
1077 !(child_sd->s_type & CONFIGFS_USET_CREATING)) {
1078 ret = configfs_depend_prep(child_sd->s_dentry,
1079 target);
1080 if (!ret)
1081 goto out; /* Child path boo-yah */
1082 }
1083 }
1084
1085 /* We looped all our children and didn't find target */
1086 ret = -ENOENT;
1087
1088 out:
1089 return ret;
1090 }
1091
configfs_do_depend_item(struct dentry * subsys_dentry,struct config_item * target)1092 static int configfs_do_depend_item(struct dentry *subsys_dentry,
1093 struct config_item *target)
1094 {
1095 struct configfs_dirent *p;
1096 int ret;
1097
1098 spin_lock(&configfs_dirent_lock);
1099 /* Scan the tree, return 0 if found */
1100 ret = configfs_depend_prep(subsys_dentry, target);
1101 if (ret)
1102 goto out_unlock_dirent_lock;
1103
1104 /*
1105 * We are sure that the item is not about to be removed by rmdir(), and
1106 * not in the middle of attachment by mkdir().
1107 */
1108 p = target->ci_dentry->d_fsdata;
1109 p->s_dependent_count += 1;
1110
1111 out_unlock_dirent_lock:
1112 spin_unlock(&configfs_dirent_lock);
1113
1114 return ret;
1115 }
1116
1117 static inline struct configfs_dirent *
configfs_find_subsys_dentry(struct configfs_dirent * root_sd,struct config_item * subsys_item)1118 configfs_find_subsys_dentry(struct configfs_dirent *root_sd,
1119 struct config_item *subsys_item)
1120 {
1121 struct configfs_dirent *p;
1122 struct configfs_dirent *ret = NULL;
1123
1124 list_for_each_entry(p, &root_sd->s_children, s_sibling) {
1125 if (p->s_type & CONFIGFS_DIR &&
1126 p->s_element == subsys_item) {
1127 ret = p;
1128 break;
1129 }
1130 }
1131
1132 return ret;
1133 }
1134
1135
configfs_depend_item(struct configfs_subsystem * subsys,struct config_item * target)1136 int configfs_depend_item(struct configfs_subsystem *subsys,
1137 struct config_item *target)
1138 {
1139 int ret;
1140 struct configfs_dirent *subsys_sd;
1141 struct config_item *s_item = &subsys->su_group.cg_item;
1142 struct dentry *root;
1143
1144 /*
1145 * Pin the configfs filesystem. This means we can safely access
1146 * the root of the configfs filesystem.
1147 */
1148 root = configfs_pin_fs();
1149 if (IS_ERR(root))
1150 return PTR_ERR(root);
1151
1152 /*
1153 * Next, lock the root directory. We're going to check that the
1154 * subsystem is really registered, and so we need to lock out
1155 * configfs_[un]register_subsystem().
1156 */
1157 inode_lock(d_inode(root));
1158
1159 subsys_sd = configfs_find_subsys_dentry(root->d_fsdata, s_item);
1160 if (!subsys_sd) {
1161 ret = -ENOENT;
1162 goto out_unlock_fs;
1163 }
1164
1165 /* Ok, now we can trust subsys/s_item */
1166 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1167
1168 out_unlock_fs:
1169 inode_unlock(d_inode(root));
1170
1171 /*
1172 * If we succeeded, the fs is pinned via other methods. If not,
1173 * we're done with it anyway. So release_fs() is always right.
1174 */
1175 configfs_release_fs();
1176
1177 return ret;
1178 }
1179 EXPORT_SYMBOL(configfs_depend_item);
1180
1181 /*
1182 * Release the dependent linkage. This is much simpler than
1183 * configfs_depend_item() because we know that the client driver is
1184 * pinned, thus the subsystem is pinned, and therefore configfs is pinned.
1185 */
configfs_undepend_item(struct config_item * target)1186 void configfs_undepend_item(struct config_item *target)
1187 {
1188 struct configfs_dirent *sd;
1189
1190 /*
1191 * Since we can trust everything is pinned, we just need
1192 * configfs_dirent_lock.
1193 */
1194 spin_lock(&configfs_dirent_lock);
1195
1196 sd = target->ci_dentry->d_fsdata;
1197 BUG_ON(sd->s_dependent_count < 1);
1198
1199 sd->s_dependent_count -= 1;
1200
1201 /*
1202 * After this unlock, we cannot trust the item to stay alive!
1203 * DO NOT REFERENCE item after this unlock.
1204 */
1205 spin_unlock(&configfs_dirent_lock);
1206 }
1207 EXPORT_SYMBOL(configfs_undepend_item);
1208
1209 /*
1210 * caller_subsys is a caller's subsystem not target's. This is used to
1211 * determine if we should lock root and check subsys or not. When we are
1212 * in the same subsystem as our target there is no need to do locking as
1213 * we know that subsys is valid and is not unregistered during this function
1214 * as we are called from callback of one of his children and VFS holds a lock
1215 * on some inode. Otherwise we have to lock our root to ensure that target's
1216 * subsystem it is not unregistered during this function.
1217 */
configfs_depend_item_unlocked(struct configfs_subsystem * caller_subsys,struct config_item * target)1218 int configfs_depend_item_unlocked(struct configfs_subsystem *caller_subsys,
1219 struct config_item *target)
1220 {
1221 struct configfs_subsystem *target_subsys;
1222 struct config_group *root, *parent;
1223 struct configfs_dirent *subsys_sd;
1224 int ret = -ENOENT;
1225
1226 /* Disallow this function for configfs root */
1227 if (configfs_is_root(target))
1228 return -EINVAL;
1229
1230 parent = target->ci_group;
1231 /*
1232 * This may happen when someone is trying to depend root
1233 * directory of some subsystem
1234 */
1235 if (configfs_is_root(&parent->cg_item)) {
1236 target_subsys = to_configfs_subsystem(to_config_group(target));
1237 root = parent;
1238 } else {
1239 target_subsys = parent->cg_subsys;
1240 /* Find a cofnigfs root as we may need it for locking */
1241 for (root = parent; !configfs_is_root(&root->cg_item);
1242 root = root->cg_item.ci_group)
1243 ;
1244 }
1245
1246 if (target_subsys != caller_subsys) {
1247 /*
1248 * We are in other configfs subsystem, so we have to do
1249 * additional locking to prevent other subsystem from being
1250 * unregistered
1251 */
1252 inode_lock(d_inode(root->cg_item.ci_dentry));
1253
1254 /*
1255 * As we are trying to depend item from other subsystem
1256 * we have to check if this subsystem is still registered
1257 */
1258 subsys_sd = configfs_find_subsys_dentry(
1259 root->cg_item.ci_dentry->d_fsdata,
1260 &target_subsys->su_group.cg_item);
1261 if (!subsys_sd)
1262 goto out_root_unlock;
1263 } else {
1264 subsys_sd = target_subsys->su_group.cg_item.ci_dentry->d_fsdata;
1265 }
1266
1267 /* Now we can execute core of depend item */
1268 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1269
1270 if (target_subsys != caller_subsys)
1271 out_root_unlock:
1272 /*
1273 * We were called from subsystem other than our target so we
1274 * took some locks so now it's time to release them
1275 */
1276 inode_unlock(d_inode(root->cg_item.ci_dentry));
1277
1278 return ret;
1279 }
1280 EXPORT_SYMBOL(configfs_depend_item_unlocked);
1281
configfs_mkdir(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,umode_t mode)1282 static struct dentry *configfs_mkdir(struct mnt_idmap *idmap, struct inode *dir,
1283 struct dentry *dentry, umode_t mode)
1284 {
1285 int ret = 0;
1286 int module_got = 0;
1287 struct config_group *group = NULL;
1288 struct config_item *item = NULL;
1289 struct config_item *parent_item;
1290 struct configfs_subsystem *subsys;
1291 struct configfs_dirent *sd;
1292 const struct config_item_type *type;
1293 struct module *subsys_owner = NULL, *new_item_owner = NULL;
1294 struct configfs_fragment *frag;
1295 char *name;
1296
1297 sd = dentry->d_parent->d_fsdata;
1298
1299 /*
1300 * Fake invisibility if dir belongs to a group/default groups hierarchy
1301 * being attached
1302 */
1303 if (!configfs_dirent_is_ready(sd)) {
1304 ret = -ENOENT;
1305 goto out;
1306 }
1307
1308 if (!(sd->s_type & CONFIGFS_USET_DIR)) {
1309 ret = -EPERM;
1310 goto out;
1311 }
1312
1313 frag = new_fragment();
1314 if (!frag) {
1315 ret = -ENOMEM;
1316 goto out;
1317 }
1318
1319 /* Get a working ref for the duration of this function */
1320 parent_item = configfs_get_config_item(dentry->d_parent);
1321 type = parent_item->ci_type;
1322 subsys = to_config_group(parent_item)->cg_subsys;
1323 BUG_ON(!subsys);
1324
1325 if (!type || !type->ct_group_ops ||
1326 (!type->ct_group_ops->make_group &&
1327 !type->ct_group_ops->make_item)) {
1328 ret = -EPERM; /* Lack-of-mkdir returns -EPERM */
1329 goto out_put;
1330 }
1331
1332 /*
1333 * The subsystem may belong to a different module than the item
1334 * being created. We don't want to safely pin the new item but
1335 * fail to pin the subsystem it sits under.
1336 */
1337 if (!subsys->su_group.cg_item.ci_type) {
1338 ret = -EINVAL;
1339 goto out_put;
1340 }
1341 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1342 if (!try_module_get(subsys_owner)) {
1343 ret = -EINVAL;
1344 goto out_put;
1345 }
1346
1347 name = kmalloc(dentry->d_name.len + 1, GFP_KERNEL);
1348 if (!name) {
1349 ret = -ENOMEM;
1350 goto out_subsys_put;
1351 }
1352
1353 snprintf(name, dentry->d_name.len + 1, "%s", dentry->d_name.name);
1354
1355 mutex_lock(&subsys->su_mutex);
1356 if (type->ct_group_ops->make_group) {
1357 group = type->ct_group_ops->make_group(to_config_group(parent_item), name);
1358 if (!group)
1359 group = ERR_PTR(-ENOMEM);
1360 if (!IS_ERR(group)) {
1361 link_group(to_config_group(parent_item), group);
1362 item = &group->cg_item;
1363 } else
1364 ret = PTR_ERR(group);
1365 } else {
1366 item = type->ct_group_ops->make_item(to_config_group(parent_item), name);
1367 if (!item)
1368 item = ERR_PTR(-ENOMEM);
1369 if (!IS_ERR(item))
1370 link_obj(parent_item, item);
1371 else
1372 ret = PTR_ERR(item);
1373 }
1374 mutex_unlock(&subsys->su_mutex);
1375
1376 kfree(name);
1377 if (ret) {
1378 /*
1379 * If ret != 0, then link_obj() was never called.
1380 * There are no extra references to clean up.
1381 */
1382 goto out_subsys_put;
1383 }
1384
1385 /*
1386 * link_obj() has been called (via link_group() for groups).
1387 * From here on out, errors must clean that up.
1388 */
1389
1390 type = item->ci_type;
1391 if (!type) {
1392 ret = -EINVAL;
1393 goto out_unlink;
1394 }
1395
1396 new_item_owner = type->ct_owner;
1397 if (!try_module_get(new_item_owner)) {
1398 ret = -EINVAL;
1399 goto out_unlink;
1400 }
1401
1402 /*
1403 * I hate doing it this way, but if there is
1404 * an error, module_put() probably should
1405 * happen after any cleanup.
1406 */
1407 module_got = 1;
1408
1409 /*
1410 * Make racing rmdir() fail if it did not tag parent with
1411 * CONFIGFS_USET_DROPPING
1412 * Note: if CONFIGFS_USET_DROPPING is already set, attach_group() will
1413 * fail and let rmdir() terminate correctly
1414 */
1415 spin_lock(&configfs_dirent_lock);
1416 /* This will make configfs_detach_prep() fail */
1417 sd->s_type |= CONFIGFS_USET_IN_MKDIR;
1418 spin_unlock(&configfs_dirent_lock);
1419
1420 if (group)
1421 ret = configfs_attach_group(parent_item, item, dentry, frag);
1422 else
1423 ret = configfs_attach_item(parent_item, item, dentry, frag);
1424
1425 spin_lock(&configfs_dirent_lock);
1426 sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
1427 if (!ret)
1428 configfs_dir_set_ready(dentry->d_fsdata);
1429 spin_unlock(&configfs_dirent_lock);
1430
1431 out_unlink:
1432 if (ret) {
1433 /* Tear down everything we built up */
1434 mutex_lock(&subsys->su_mutex);
1435
1436 client_disconnect_notify(parent_item, item);
1437 if (group)
1438 unlink_group(group);
1439 else
1440 unlink_obj(item);
1441 client_drop_item(parent_item, item);
1442
1443 mutex_unlock(&subsys->su_mutex);
1444
1445 if (module_got)
1446 module_put(new_item_owner);
1447 }
1448
1449 out_subsys_put:
1450 if (ret)
1451 module_put(subsys_owner);
1452
1453 out_put:
1454 /*
1455 * link_obj()/link_group() took a reference from child->parent,
1456 * so the parent is safely pinned. We can drop our working
1457 * reference.
1458 */
1459 config_item_put(parent_item);
1460 put_fragment(frag);
1461
1462 out:
1463 return ERR_PTR(ret);
1464 }
1465
configfs_rmdir(struct inode * dir,struct dentry * dentry)1466 static int configfs_rmdir(struct inode *dir, struct dentry *dentry)
1467 {
1468 struct config_item *parent_item;
1469 struct config_item *item;
1470 struct configfs_subsystem *subsys;
1471 struct configfs_dirent *sd;
1472 struct configfs_fragment *frag;
1473 struct module *subsys_owner = NULL, *dead_item_owner = NULL;
1474 int ret;
1475
1476 sd = dentry->d_fsdata;
1477 if (sd->s_type & CONFIGFS_USET_DEFAULT)
1478 return -EPERM;
1479
1480 /* Get a working ref until we have the child */
1481 parent_item = configfs_get_config_item(dentry->d_parent);
1482 subsys = to_config_group(parent_item)->cg_subsys;
1483 BUG_ON(!subsys);
1484
1485 if (!parent_item->ci_type) {
1486 config_item_put(parent_item);
1487 return -EINVAL;
1488 }
1489
1490 /* configfs_mkdir() shouldn't have allowed this */
1491 BUG_ON(!subsys->su_group.cg_item.ci_type);
1492 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1493
1494 /*
1495 * Ensure that no racing symlink() will make detach_prep() fail while
1496 * the new link is temporarily attached
1497 */
1498 do {
1499 struct dentry *wait;
1500
1501 mutex_lock(&configfs_symlink_mutex);
1502 spin_lock(&configfs_dirent_lock);
1503 /*
1504 * Here's where we check for dependents. We're protected by
1505 * configfs_dirent_lock.
1506 * If no dependent, atomically tag the item as dropping.
1507 */
1508 ret = sd->s_dependent_count ? -EBUSY : 0;
1509 if (!ret) {
1510 ret = configfs_detach_prep(dentry, &wait);
1511 if (ret)
1512 configfs_detach_rollback(dentry);
1513 }
1514 spin_unlock(&configfs_dirent_lock);
1515 mutex_unlock(&configfs_symlink_mutex);
1516
1517 if (ret) {
1518 if (ret != -EAGAIN) {
1519 config_item_put(parent_item);
1520 return ret;
1521 }
1522
1523 /* Wait until the racing operation terminates */
1524 inode_lock(d_inode(wait));
1525 inode_unlock(d_inode(wait));
1526 dput(wait);
1527 }
1528 } while (ret == -EAGAIN);
1529
1530 frag = sd->s_frag;
1531 if (down_write_killable(&frag->frag_sem)) {
1532 spin_lock(&configfs_dirent_lock);
1533 configfs_detach_rollback(dentry);
1534 spin_unlock(&configfs_dirent_lock);
1535 config_item_put(parent_item);
1536 return -EINTR;
1537 }
1538 frag->frag_dead = true;
1539 up_write(&frag->frag_sem);
1540
1541 /* Get a working ref for the duration of this function */
1542 item = configfs_get_config_item(dentry);
1543
1544 /* Drop reference from above, item already holds one. */
1545 config_item_put(parent_item);
1546
1547 if (item->ci_type)
1548 dead_item_owner = item->ci_type->ct_owner;
1549
1550 if (sd->s_type & CONFIGFS_USET_DIR) {
1551 configfs_detach_group(item);
1552
1553 mutex_lock(&subsys->su_mutex);
1554 client_disconnect_notify(parent_item, item);
1555 unlink_group(to_config_group(item));
1556 } else {
1557 configfs_detach_item(item);
1558
1559 mutex_lock(&subsys->su_mutex);
1560 client_disconnect_notify(parent_item, item);
1561 unlink_obj(item);
1562 }
1563
1564 client_drop_item(parent_item, item);
1565 mutex_unlock(&subsys->su_mutex);
1566
1567 /* Drop our reference from above */
1568 config_item_put(item);
1569
1570 module_put(dead_item_owner);
1571 module_put(subsys_owner);
1572
1573 return 0;
1574 }
1575
1576 const struct inode_operations configfs_dir_inode_operations = {
1577 .mkdir = configfs_mkdir,
1578 .rmdir = configfs_rmdir,
1579 .symlink = configfs_symlink,
1580 .unlink = configfs_unlink,
1581 .lookup = configfs_lookup,
1582 .setattr = configfs_setattr,
1583 };
1584
1585 const struct inode_operations configfs_root_inode_operations = {
1586 .lookup = configfs_lookup,
1587 .setattr = configfs_setattr,
1588 };
1589
configfs_dir_open(struct inode * inode,struct file * file)1590 static int configfs_dir_open(struct inode *inode, struct file *file)
1591 {
1592 struct dentry * dentry = file->f_path.dentry;
1593 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1594 int err;
1595
1596 inode_lock(d_inode(dentry));
1597 /*
1598 * Fake invisibility if dir belongs to a group/default groups hierarchy
1599 * being attached
1600 */
1601 err = -ENOENT;
1602 if (configfs_dirent_is_ready(parent_sd)) {
1603 file->private_data = configfs_new_dirent(parent_sd, NULL, 0, NULL);
1604 if (IS_ERR(file->private_data))
1605 err = PTR_ERR(file->private_data);
1606 else
1607 err = 0;
1608 }
1609 inode_unlock(d_inode(dentry));
1610
1611 return err;
1612 }
1613
configfs_dir_close(struct inode * inode,struct file * file)1614 static int configfs_dir_close(struct inode *inode, struct file *file)
1615 {
1616 struct dentry * dentry = file->f_path.dentry;
1617 struct configfs_dirent * cursor = file->private_data;
1618
1619 inode_lock(d_inode(dentry));
1620 spin_lock(&configfs_dirent_lock);
1621 list_del_init(&cursor->s_sibling);
1622 spin_unlock(&configfs_dirent_lock);
1623 inode_unlock(d_inode(dentry));
1624
1625 release_configfs_dirent(cursor);
1626
1627 return 0;
1628 }
1629
configfs_readdir(struct file * file,struct dir_context * ctx)1630 static int configfs_readdir(struct file *file, struct dir_context *ctx)
1631 {
1632 struct dentry *dentry = file->f_path.dentry;
1633 struct super_block *sb = dentry->d_sb;
1634 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1635 struct configfs_dirent *cursor = file->private_data;
1636 struct list_head *p, *q = &cursor->s_sibling;
1637 ino_t ino = 0;
1638
1639 if (!dir_emit_dots(file, ctx))
1640 return 0;
1641 spin_lock(&configfs_dirent_lock);
1642 if (ctx->pos == 2)
1643 list_move(q, &parent_sd->s_children);
1644 for (p = q->next; p != &parent_sd->s_children; p = p->next) {
1645 struct configfs_dirent *next;
1646 const char *name;
1647 int len;
1648 struct inode *inode = NULL;
1649
1650 next = list_entry(p, struct configfs_dirent, s_sibling);
1651 if (!next->s_element)
1652 continue;
1653
1654 /*
1655 * We'll have a dentry and an inode for
1656 * PINNED items and for open attribute
1657 * files. We lock here to prevent a race
1658 * with configfs_d_iput() clearing
1659 * s_dentry before calling iput().
1660 *
1661 * Why do we go to the trouble? If
1662 * someone has an attribute file open,
1663 * the inode number should match until
1664 * they close it. Beyond that, we don't
1665 * care.
1666 */
1667 dentry = next->s_dentry;
1668 if (dentry)
1669 inode = d_inode(dentry);
1670 if (inode)
1671 ino = inode->i_ino;
1672 spin_unlock(&configfs_dirent_lock);
1673 if (!inode)
1674 ino = iunique(sb, 2);
1675
1676 name = configfs_get_name(next);
1677 len = strlen(name);
1678
1679 if (!dir_emit(ctx, name, len, ino,
1680 fs_umode_to_dtype(next->s_mode)))
1681 return 0;
1682
1683 spin_lock(&configfs_dirent_lock);
1684 list_move(q, p);
1685 p = q;
1686 ctx->pos++;
1687 }
1688 spin_unlock(&configfs_dirent_lock);
1689 return 0;
1690 }
1691
configfs_dir_lseek(struct file * file,loff_t offset,int whence)1692 static loff_t configfs_dir_lseek(struct file *file, loff_t offset, int whence)
1693 {
1694 struct dentry * dentry = file->f_path.dentry;
1695
1696 switch (whence) {
1697 case 1:
1698 offset += file->f_pos;
1699 fallthrough;
1700 case 0:
1701 if (offset >= 0)
1702 break;
1703 fallthrough;
1704 default:
1705 return -EINVAL;
1706 }
1707 if (offset != file->f_pos) {
1708 file->f_pos = offset;
1709 if (file->f_pos >= 2) {
1710 struct configfs_dirent *sd = dentry->d_fsdata;
1711 struct configfs_dirent *cursor = file->private_data;
1712 struct list_head *p;
1713 loff_t n = file->f_pos - 2;
1714
1715 spin_lock(&configfs_dirent_lock);
1716 list_del(&cursor->s_sibling);
1717 p = sd->s_children.next;
1718 while (n && p != &sd->s_children) {
1719 struct configfs_dirent *next;
1720 next = list_entry(p, struct configfs_dirent,
1721 s_sibling);
1722 if (next->s_element)
1723 n--;
1724 p = p->next;
1725 }
1726 list_add_tail(&cursor->s_sibling, p);
1727 spin_unlock(&configfs_dirent_lock);
1728 }
1729 }
1730 return offset;
1731 }
1732
1733 const struct file_operations configfs_dir_operations = {
1734 .open = configfs_dir_open,
1735 .release = configfs_dir_close,
1736 .llseek = configfs_dir_lseek,
1737 .read = generic_read_dir,
1738 .iterate_shared = configfs_readdir,
1739 };
1740
1741 /**
1742 * configfs_register_group - creates a parent-child relation between two groups
1743 * @parent_group: parent group
1744 * @group: child group
1745 *
1746 * link groups, creates dentry for the child and attaches it to the
1747 * parent dentry.
1748 *
1749 * Return: 0 on success, negative errno code on error
1750 */
configfs_register_group(struct config_group * parent_group,struct config_group * group)1751 int configfs_register_group(struct config_group *parent_group,
1752 struct config_group *group)
1753 {
1754 struct configfs_subsystem *subsys = parent_group->cg_subsys;
1755 struct dentry *parent;
1756 struct configfs_fragment *frag;
1757 int ret;
1758
1759 frag = new_fragment();
1760 if (!frag)
1761 return -ENOMEM;
1762
1763 mutex_lock(&subsys->su_mutex);
1764 link_group(parent_group, group);
1765 mutex_unlock(&subsys->su_mutex);
1766
1767 parent = parent_group->cg_item.ci_dentry;
1768
1769 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1770 ret = create_default_group(parent_group, group, frag);
1771 if (ret)
1772 goto err_out;
1773
1774 spin_lock(&configfs_dirent_lock);
1775 configfs_dir_set_ready(group->cg_item.ci_dentry->d_fsdata);
1776 spin_unlock(&configfs_dirent_lock);
1777 inode_unlock(d_inode(parent));
1778 put_fragment(frag);
1779 return 0;
1780 err_out:
1781 inode_unlock(d_inode(parent));
1782 mutex_lock(&subsys->su_mutex);
1783 unlink_group(group);
1784 mutex_unlock(&subsys->su_mutex);
1785 put_fragment(frag);
1786 return ret;
1787 }
1788 EXPORT_SYMBOL(configfs_register_group);
1789
1790 /**
1791 * configfs_unregister_group() - unregisters a child group from its parent
1792 * @group: parent group to be unregistered
1793 *
1794 * Undoes configfs_register_group()
1795 */
configfs_unregister_group(struct config_group * group)1796 void configfs_unregister_group(struct config_group *group)
1797 {
1798 struct configfs_subsystem *subsys = group->cg_subsys;
1799 struct dentry *dentry = group->cg_item.ci_dentry;
1800 struct dentry *parent = group->cg_item.ci_parent->ci_dentry;
1801 struct configfs_dirent *sd = dentry->d_fsdata;
1802 struct configfs_fragment *frag = sd->s_frag;
1803
1804 down_write(&frag->frag_sem);
1805 frag->frag_dead = true;
1806 up_write(&frag->frag_sem);
1807
1808 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1809 spin_lock(&configfs_dirent_lock);
1810 configfs_detach_prep(dentry, NULL);
1811 spin_unlock(&configfs_dirent_lock);
1812
1813 configfs_detach_group(&group->cg_item);
1814 d_inode(dentry)->i_flags |= S_DEAD;
1815 dont_mount(dentry);
1816 d_drop(dentry);
1817 fsnotify_rmdir(d_inode(parent), dentry);
1818 inode_unlock(d_inode(parent));
1819
1820 dput(dentry);
1821
1822 mutex_lock(&subsys->su_mutex);
1823 unlink_group(group);
1824 mutex_unlock(&subsys->su_mutex);
1825 }
1826 EXPORT_SYMBOL(configfs_unregister_group);
1827
1828 /**
1829 * configfs_register_default_group() - allocates and registers a child group
1830 * @parent_group: parent group
1831 * @name: child group name
1832 * @item_type: child item type description
1833 *
1834 * boilerplate to allocate and register a child group with its parent. We need
1835 * kzalloc'ed memory because child's default_group is initially empty.
1836 *
1837 * Return: allocated config group or ERR_PTR() on error
1838 */
1839 struct config_group *
configfs_register_default_group(struct config_group * parent_group,const char * name,const struct config_item_type * item_type)1840 configfs_register_default_group(struct config_group *parent_group,
1841 const char *name,
1842 const struct config_item_type *item_type)
1843 {
1844 int ret;
1845 struct config_group *group;
1846
1847 group = kzalloc(sizeof(*group), GFP_KERNEL);
1848 if (!group)
1849 return ERR_PTR(-ENOMEM);
1850 config_group_init_type_name(group, name, item_type);
1851
1852 ret = configfs_register_group(parent_group, group);
1853 if (ret) {
1854 kfree(group);
1855 return ERR_PTR(ret);
1856 }
1857 return group;
1858 }
1859 EXPORT_SYMBOL(configfs_register_default_group);
1860
1861 /**
1862 * configfs_unregister_default_group() - unregisters and frees a child group
1863 * @group: the group to act on
1864 */
configfs_unregister_default_group(struct config_group * group)1865 void configfs_unregister_default_group(struct config_group *group)
1866 {
1867 configfs_unregister_group(group);
1868 kfree(group);
1869 }
1870 EXPORT_SYMBOL(configfs_unregister_default_group);
1871
configfs_register_subsystem(struct configfs_subsystem * subsys)1872 int configfs_register_subsystem(struct configfs_subsystem *subsys)
1873 {
1874 int err;
1875 struct config_group *group = &subsys->su_group;
1876 struct dentry *dentry;
1877 struct dentry *root;
1878 struct configfs_dirent *sd;
1879 struct configfs_fragment *frag;
1880
1881 frag = new_fragment();
1882 if (!frag)
1883 return -ENOMEM;
1884
1885 root = configfs_pin_fs();
1886 if (IS_ERR(root)) {
1887 put_fragment(frag);
1888 return PTR_ERR(root);
1889 }
1890
1891 if (!group->cg_item.ci_name)
1892 group->cg_item.ci_name = group->cg_item.ci_namebuf;
1893
1894 sd = root->d_fsdata;
1895 mutex_lock(&configfs_subsystem_mutex);
1896 link_group(to_config_group(sd->s_element), group);
1897 mutex_unlock(&configfs_subsystem_mutex);
1898
1899 inode_lock_nested(d_inode(root), I_MUTEX_PARENT);
1900
1901 err = -ENOMEM;
1902 dentry = d_alloc_name(root, group->cg_item.ci_name);
1903 if (dentry) {
1904 d_add(dentry, NULL);
1905
1906 err = configfs_dirent_exists(dentry);
1907 if (!err)
1908 err = configfs_attach_group(sd->s_element,
1909 &group->cg_item,
1910 dentry, frag);
1911 if (err) {
1912 BUG_ON(d_inode(dentry));
1913 d_drop(dentry);
1914 dput(dentry);
1915 } else {
1916 spin_lock(&configfs_dirent_lock);
1917 configfs_dir_set_ready(dentry->d_fsdata);
1918 spin_unlock(&configfs_dirent_lock);
1919 }
1920 }
1921
1922 inode_unlock(d_inode(root));
1923
1924 if (err) {
1925 mutex_lock(&configfs_subsystem_mutex);
1926 unlink_group(group);
1927 mutex_unlock(&configfs_subsystem_mutex);
1928 configfs_release_fs();
1929 }
1930 put_fragment(frag);
1931
1932 return err;
1933 }
1934
configfs_unregister_subsystem(struct configfs_subsystem * subsys)1935 void configfs_unregister_subsystem(struct configfs_subsystem *subsys)
1936 {
1937 struct config_group *group = &subsys->su_group;
1938 struct dentry *dentry = group->cg_item.ci_dentry;
1939 struct dentry *root = dentry->d_sb->s_root;
1940 struct configfs_dirent *sd = dentry->d_fsdata;
1941 struct configfs_fragment *frag = sd->s_frag;
1942
1943 if (dentry->d_parent != root) {
1944 pr_err("Tried to unregister non-subsystem!\n");
1945 return;
1946 }
1947
1948 down_write(&frag->frag_sem);
1949 frag->frag_dead = true;
1950 up_write(&frag->frag_sem);
1951
1952 inode_lock_nested(d_inode(root),
1953 I_MUTEX_PARENT);
1954 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
1955 mutex_lock(&configfs_symlink_mutex);
1956 spin_lock(&configfs_dirent_lock);
1957 if (configfs_detach_prep(dentry, NULL)) {
1958 pr_err("Tried to unregister non-empty subsystem!\n");
1959 }
1960 spin_unlock(&configfs_dirent_lock);
1961 mutex_unlock(&configfs_symlink_mutex);
1962 configfs_detach_group(&group->cg_item);
1963 d_inode(dentry)->i_flags |= S_DEAD;
1964 dont_mount(dentry);
1965 inode_unlock(d_inode(dentry));
1966
1967 d_drop(dentry);
1968 fsnotify_rmdir(d_inode(root), dentry);
1969
1970 inode_unlock(d_inode(root));
1971
1972 dput(dentry);
1973
1974 mutex_lock(&configfs_subsystem_mutex);
1975 unlink_group(group);
1976 mutex_unlock(&configfs_subsystem_mutex);
1977 configfs_release_fs();
1978 }
1979
1980 EXPORT_SYMBOL(configfs_register_subsystem);
1981 EXPORT_SYMBOL(configfs_unregister_subsystem);
1982