1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * dir.c - Operations for configfs directories.
4 *
5 * Based on sysfs:
6 * sysfs is Copyright (C) 2001, 2002, 2003 Patrick Mochel
7 *
8 * configfs Copyright (C) 2005 Oracle. All rights reserved.
9 */
10
11 #undef DEBUG
12
13 #include <linux/fs.h>
14 #include <linux/fsnotify.h>
15 #include <linux/mount.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/err.h>
19
20 #include <linux/configfs.h>
21 #include "configfs_internal.h"
22
23 /*
24 * Protects mutations of configfs_dirent linkage together with proper i_mutex
25 * Also protects mutations of symlinks linkage to target configfs_dirent
26 * Mutators of configfs_dirent linkage must *both* have the proper inode locked
27 * and configfs_dirent_lock locked, in that order.
28 * This allows one to safely traverse configfs_dirent trees and symlinks without
29 * having to lock inodes.
30 *
31 * Protects setting of CONFIGFS_USET_DROPPING: checking the flag
32 * unlocked is not reliable unless in detach_groups() called from
33 * rmdir()/unregister() and from configfs_attach_group()
34 */
35 DEFINE_SPINLOCK(configfs_dirent_lock);
36
37 /*
38 * All of link_obj/unlink_obj/link_group/unlink_group require that
39 * subsys->su_mutex is held.
40 * But parent configfs_subsystem is NULL when config_item is root.
41 * Use this mutex when config_item is root.
42 */
43 static DEFINE_MUTEX(configfs_subsystem_mutex);
44
configfs_d_iput(struct dentry * dentry,struct inode * inode)45 static void configfs_d_iput(struct dentry * dentry,
46 struct inode * inode)
47 {
48 struct configfs_dirent *sd = dentry->d_fsdata;
49
50 if (sd) {
51 /* Coordinate with configfs_readdir */
52 spin_lock(&configfs_dirent_lock);
53 /*
54 * Set sd->s_dentry to null only when this dentry is the one
55 * that is going to be killed. Otherwise configfs_d_iput may
56 * run just after configfs_lookup and set sd->s_dentry to
57 * NULL even it's still in use.
58 */
59 if (sd->s_dentry == dentry)
60 sd->s_dentry = NULL;
61
62 spin_unlock(&configfs_dirent_lock);
63 configfs_put(sd);
64 }
65 iput(inode);
66 }
67
68 const struct dentry_operations configfs_dentry_ops = {
69 .d_iput = configfs_d_iput,
70 .d_delete = always_delete_dentry,
71 };
72
73 #ifdef CONFIG_LOCKDEP
74
75 /*
76 * Helpers to make lockdep happy with our recursive locking of default groups'
77 * inodes (see configfs_attach_group() and configfs_detach_group()).
78 * We put default groups i_mutexes in separate classes according to their depth
79 * from the youngest non-default group ancestor.
80 *
81 * For a non-default group A having default groups A/B, A/C, and A/C/D, default
82 * groups A/B and A/C will have their inode's mutex in class
83 * default_group_class[0], and default group A/C/D will be in
84 * default_group_class[1].
85 *
86 * The lock classes are declared and assigned in inode.c, according to the
87 * s_depth value.
88 * The s_depth value is initialized to -1, adjusted to >= 0 when attaching
89 * default groups, and reset to -1 when all default groups are attached. During
90 * attachment, if configfs_create() sees s_depth > 0, the lock class of the new
91 * inode's mutex is set to default_group_class[s_depth - 1].
92 */
93
configfs_init_dirent_depth(struct configfs_dirent * sd)94 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
95 {
96 sd->s_depth = -1;
97 }
98
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)99 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
100 struct configfs_dirent *sd)
101 {
102 int parent_depth = parent_sd->s_depth;
103
104 if (parent_depth >= 0)
105 sd->s_depth = parent_depth + 1;
106 }
107
108 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)109 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
110 {
111 /*
112 * item's i_mutex class is already setup, so s_depth is now only
113 * used to set new sub-directories s_depth, which is always done
114 * with item's i_mutex locked.
115 */
116 /*
117 * sd->s_depth == -1 iff we are a non default group.
118 * else (we are a default group) sd->s_depth > 0 (see
119 * create_dir()).
120 */
121 if (sd->s_depth == -1)
122 /*
123 * We are a non default group and we are going to create
124 * default groups.
125 */
126 sd->s_depth = 0;
127 }
128
129 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)130 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
131 {
132 /* We will not create default groups anymore. */
133 sd->s_depth = -1;
134 }
135
136 #else /* CONFIG_LOCKDEP */
137
configfs_init_dirent_depth(struct configfs_dirent * sd)138 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
139 {
140 }
141
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)142 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
143 struct configfs_dirent *sd)
144 {
145 }
146
147 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)148 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
149 {
150 }
151
152 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)153 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
154 {
155 }
156
157 #endif /* CONFIG_LOCKDEP */
158
new_fragment(void)159 static struct configfs_fragment *new_fragment(void)
160 {
161 struct configfs_fragment *p;
162
163 p = kmalloc(sizeof(struct configfs_fragment), GFP_KERNEL);
164 if (p) {
165 atomic_set(&p->frag_count, 1);
166 init_rwsem(&p->frag_sem);
167 p->frag_dead = false;
168 }
169 return p;
170 }
171
put_fragment(struct configfs_fragment * frag)172 void put_fragment(struct configfs_fragment *frag)
173 {
174 if (frag && atomic_dec_and_test(&frag->frag_count))
175 kfree(frag);
176 }
177
get_fragment(struct configfs_fragment * frag)178 struct configfs_fragment *get_fragment(struct configfs_fragment *frag)
179 {
180 if (likely(frag))
181 atomic_inc(&frag->frag_count);
182 return frag;
183 }
184
185 /*
186 * Allocates a new configfs_dirent and links it to the parent configfs_dirent
187 */
configfs_new_dirent(struct configfs_dirent * parent_sd,void * element,int type,struct configfs_fragment * frag)188 static struct configfs_dirent *configfs_new_dirent(struct configfs_dirent *parent_sd,
189 void *element, int type,
190 struct configfs_fragment *frag)
191 {
192 struct configfs_dirent * sd;
193
194 sd = kmem_cache_zalloc(configfs_dir_cachep, GFP_KERNEL);
195 if (!sd)
196 return ERR_PTR(-ENOMEM);
197
198 atomic_set(&sd->s_count, 1);
199 INIT_LIST_HEAD(&sd->s_children);
200 sd->s_element = element;
201 sd->s_type = type;
202 configfs_init_dirent_depth(sd);
203 spin_lock(&configfs_dirent_lock);
204 if (parent_sd->s_type & CONFIGFS_USET_DROPPING) {
205 spin_unlock(&configfs_dirent_lock);
206 kmem_cache_free(configfs_dir_cachep, sd);
207 return ERR_PTR(-ENOENT);
208 }
209 sd->s_frag = get_fragment(frag);
210 list_add(&sd->s_sibling, &parent_sd->s_children);
211 spin_unlock(&configfs_dirent_lock);
212
213 return sd;
214 }
215
216 /*
217 *
218 * Return -EEXIST if there is already a configfs element with the same
219 * name for the same parent.
220 *
221 * called with parent inode's i_mutex held
222 */
configfs_dirent_exists(struct configfs_dirent * parent_sd,const unsigned char * new)223 static int configfs_dirent_exists(struct configfs_dirent *parent_sd,
224 const unsigned char *new)
225 {
226 struct configfs_dirent * sd;
227
228 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
229 if (sd->s_element) {
230 const unsigned char *existing = configfs_get_name(sd);
231 if (strcmp(existing, new))
232 continue;
233 else
234 return -EEXIST;
235 }
236 }
237
238 return 0;
239 }
240
241
configfs_make_dirent(struct configfs_dirent * parent_sd,struct dentry * dentry,void * element,umode_t mode,int type,struct configfs_fragment * frag)242 int configfs_make_dirent(struct configfs_dirent * parent_sd,
243 struct dentry * dentry, void * element,
244 umode_t mode, int type, struct configfs_fragment *frag)
245 {
246 struct configfs_dirent * sd;
247
248 sd = configfs_new_dirent(parent_sd, element, type, frag);
249 if (IS_ERR(sd))
250 return PTR_ERR(sd);
251
252 sd->s_mode = mode;
253 sd->s_dentry = dentry;
254 if (dentry)
255 dentry->d_fsdata = configfs_get(sd);
256
257 return 0;
258 }
259
configfs_remove_dirent(struct dentry * dentry)260 static void configfs_remove_dirent(struct dentry *dentry)
261 {
262 struct configfs_dirent *sd = dentry->d_fsdata;
263
264 if (!sd)
265 return;
266 spin_lock(&configfs_dirent_lock);
267 list_del_init(&sd->s_sibling);
268 spin_unlock(&configfs_dirent_lock);
269 configfs_put(sd);
270 }
271
272 /**
273 * configfs_create_dir - create a directory for an config_item.
274 * @item: config_itemwe're creating directory for.
275 * @dentry: config_item's dentry.
276 * @frag: config_item's fragment.
277 *
278 * Note: user-created entries won't be allowed under this new directory
279 * until it is validated by configfs_dir_set_ready()
280 */
281
configfs_create_dir(struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)282 static int configfs_create_dir(struct config_item *item, struct dentry *dentry,
283 struct configfs_fragment *frag)
284 {
285 int error;
286 umode_t mode = S_IFDIR| S_IRWXU | S_IRUGO | S_IXUGO;
287 struct dentry *p = dentry->d_parent;
288 struct inode *inode;
289
290 BUG_ON(!item);
291
292 error = configfs_dirent_exists(p->d_fsdata, dentry->d_name.name);
293 if (unlikely(error))
294 return error;
295
296 error = configfs_make_dirent(p->d_fsdata, dentry, item, mode,
297 CONFIGFS_DIR | CONFIGFS_USET_CREATING,
298 frag);
299 if (unlikely(error))
300 return error;
301
302 configfs_set_dir_dirent_depth(p->d_fsdata, dentry->d_fsdata);
303 inode = configfs_create(dentry, mode);
304 if (IS_ERR(inode))
305 goto out_remove;
306
307 inode->i_op = &configfs_dir_inode_operations;
308 inode->i_fop = &configfs_dir_operations;
309 /* directory inodes start off with i_nlink == 2 (for "." entry) */
310 inc_nlink(inode);
311 d_instantiate(dentry, inode);
312 /* already hashed */
313 dget(dentry); /* pin directory dentries in core */
314 inc_nlink(d_inode(p));
315 item->ci_dentry = dentry;
316 return 0;
317
318 out_remove:
319 configfs_put(dentry->d_fsdata);
320 configfs_remove_dirent(dentry);
321 return PTR_ERR(inode);
322 }
323
324 /*
325 * Allow userspace to create new entries under a new directory created with
326 * configfs_create_dir(), and under all of its chidlren directories recursively.
327 * @sd configfs_dirent of the new directory to validate
328 *
329 * Caller must hold configfs_dirent_lock.
330 */
configfs_dir_set_ready(struct configfs_dirent * sd)331 static void configfs_dir_set_ready(struct configfs_dirent *sd)
332 {
333 struct configfs_dirent *child_sd;
334
335 sd->s_type &= ~CONFIGFS_USET_CREATING;
336 list_for_each_entry(child_sd, &sd->s_children, s_sibling)
337 if (child_sd->s_type & CONFIGFS_USET_CREATING)
338 configfs_dir_set_ready(child_sd);
339 }
340
341 /*
342 * Check that a directory does not belong to a directory hierarchy being
343 * attached and not validated yet.
344 * @sd configfs_dirent of the directory to check
345 *
346 * @return non-zero iff the directory was validated
347 *
348 * Note: takes configfs_dirent_lock, so the result may change from false to true
349 * in two consecutive calls, but never from true to false.
350 */
configfs_dirent_is_ready(struct configfs_dirent * sd)351 int configfs_dirent_is_ready(struct configfs_dirent *sd)
352 {
353 int ret;
354
355 spin_lock(&configfs_dirent_lock);
356 ret = !(sd->s_type & CONFIGFS_USET_CREATING);
357 spin_unlock(&configfs_dirent_lock);
358
359 return ret;
360 }
361
configfs_create_link(struct configfs_dirent * target,struct dentry * parent,struct dentry * dentry,char * body)362 int configfs_create_link(struct configfs_dirent *target, struct dentry *parent,
363 struct dentry *dentry, char *body)
364 {
365 int err = 0;
366 umode_t mode = S_IFLNK | S_IRWXUGO;
367 struct configfs_dirent *p = parent->d_fsdata;
368 struct inode *inode;
369
370 err = configfs_make_dirent(p, dentry, target, mode, CONFIGFS_ITEM_LINK,
371 p->s_frag);
372 if (err)
373 return err;
374
375 inode = configfs_create(dentry, mode);
376 if (IS_ERR(inode))
377 goto out_remove;
378
379 inode->i_link = body;
380 inode->i_op = &configfs_symlink_inode_operations;
381 d_instantiate(dentry, inode);
382 dget(dentry); /* pin link dentries in core */
383 return 0;
384
385 out_remove:
386 configfs_put(dentry->d_fsdata);
387 configfs_remove_dirent(dentry);
388 return PTR_ERR(inode);
389 }
390
remove_dir(struct dentry * d)391 static void remove_dir(struct dentry * d)
392 {
393 struct dentry * parent = dget(d->d_parent);
394
395 configfs_remove_dirent(d);
396
397 if (d_really_is_positive(d))
398 simple_rmdir(d_inode(parent),d);
399
400 pr_debug(" o %pd removing done (%d)\n", d, d_count(d));
401
402 dput(parent);
403 }
404
405 /**
406 * configfs_remove_dir - remove an config_item's directory.
407 * @item: config_item we're removing.
408 *
409 * The only thing special about this is that we remove any files in
410 * the directory before we remove the directory, and we've inlined
411 * what used to be configfs_rmdir() below, instead of calling separately.
412 *
413 * Caller holds the mutex of the item's inode
414 */
415
configfs_remove_dir(struct config_item * item)416 static void configfs_remove_dir(struct config_item * item)
417 {
418 struct dentry * dentry = dget(item->ci_dentry);
419
420 if (!dentry)
421 return;
422
423 remove_dir(dentry);
424 /**
425 * Drop reference from dget() on entrance.
426 */
427 dput(dentry);
428 }
429
configfs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)430 static struct dentry * configfs_lookup(struct inode *dir,
431 struct dentry *dentry,
432 unsigned int flags)
433 {
434 struct configfs_dirent * parent_sd = dentry->d_parent->d_fsdata;
435 struct configfs_dirent * sd;
436 struct inode *inode = NULL;
437
438 if (dentry->d_name.len > NAME_MAX)
439 return ERR_PTR(-ENAMETOOLONG);
440
441 /*
442 * Fake invisibility if dir belongs to a group/default groups hierarchy
443 * being attached
444 *
445 * This forbids userspace to read/write attributes of items which may
446 * not complete their initialization, since the dentries of the
447 * attributes won't be instantiated.
448 */
449 if (!configfs_dirent_is_ready(parent_sd))
450 return ERR_PTR(-ENOENT);
451
452 spin_lock(&configfs_dirent_lock);
453 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
454 if ((sd->s_type & CONFIGFS_NOT_PINNED) &&
455 !strcmp(configfs_get_name(sd), dentry->d_name.name)) {
456 struct configfs_attribute *attr = sd->s_element;
457 umode_t mode = (attr->ca_mode & S_IALLUGO) | S_IFREG;
458
459 dentry->d_fsdata = configfs_get(sd);
460 sd->s_dentry = dentry;
461 spin_unlock(&configfs_dirent_lock);
462
463 inode = configfs_create(dentry, mode);
464 if (IS_ERR(inode)) {
465 configfs_put(sd);
466 return ERR_CAST(inode);
467 }
468 if (sd->s_type & CONFIGFS_ITEM_BIN_ATTR) {
469 inode->i_size = 0;
470 inode->i_fop = &configfs_bin_file_operations;
471 } else {
472 inode->i_size = PAGE_SIZE;
473 inode->i_fop = &configfs_file_operations;
474 }
475 goto done;
476 }
477 }
478 spin_unlock(&configfs_dirent_lock);
479 done:
480 d_add(dentry, inode);
481 return NULL;
482 }
483
484 /*
485 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
486 * attributes and are removed by rmdir(). We recurse, setting
487 * CONFIGFS_USET_DROPPING on all children that are candidates for
488 * default detach.
489 * If there is an error, the caller will reset the flags via
490 * configfs_detach_rollback().
491 */
configfs_detach_prep(struct dentry * dentry,struct dentry ** wait)492 static int configfs_detach_prep(struct dentry *dentry, struct dentry **wait)
493 {
494 struct configfs_dirent *parent_sd = dentry->d_fsdata;
495 struct configfs_dirent *sd;
496 int ret;
497
498 /* Mark that we're trying to drop the group */
499 parent_sd->s_type |= CONFIGFS_USET_DROPPING;
500
501 ret = -EBUSY;
502 if (parent_sd->s_links)
503 goto out;
504
505 ret = 0;
506 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
507 if (!sd->s_element ||
508 (sd->s_type & CONFIGFS_NOT_PINNED))
509 continue;
510 if (sd->s_type & CONFIGFS_USET_DEFAULT) {
511 /* Abort if racing with mkdir() */
512 if (sd->s_type & CONFIGFS_USET_IN_MKDIR) {
513 if (wait)
514 *wait= dget(sd->s_dentry);
515 return -EAGAIN;
516 }
517
518 /*
519 * Yup, recursive. If there's a problem, blame
520 * deep nesting of default_groups
521 */
522 ret = configfs_detach_prep(sd->s_dentry, wait);
523 if (!ret)
524 continue;
525 } else
526 ret = -ENOTEMPTY;
527
528 break;
529 }
530
531 out:
532 return ret;
533 }
534
535 /*
536 * Walk the tree, resetting CONFIGFS_USET_DROPPING wherever it was
537 * set.
538 */
configfs_detach_rollback(struct dentry * dentry)539 static void configfs_detach_rollback(struct dentry *dentry)
540 {
541 struct configfs_dirent *parent_sd = dentry->d_fsdata;
542 struct configfs_dirent *sd;
543
544 parent_sd->s_type &= ~CONFIGFS_USET_DROPPING;
545
546 list_for_each_entry(sd, &parent_sd->s_children, s_sibling)
547 if (sd->s_type & CONFIGFS_USET_DEFAULT)
548 configfs_detach_rollback(sd->s_dentry);
549 }
550
detach_attrs(struct config_item * item)551 static void detach_attrs(struct config_item * item)
552 {
553 struct dentry * dentry = dget(item->ci_dentry);
554 struct configfs_dirent * parent_sd;
555 struct configfs_dirent * sd, * tmp;
556
557 if (!dentry)
558 return;
559
560 pr_debug("configfs %s: dropping attrs for dir\n",
561 dentry->d_name.name);
562
563 parent_sd = dentry->d_fsdata;
564 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
565 if (!sd->s_element || !(sd->s_type & CONFIGFS_NOT_PINNED))
566 continue;
567 spin_lock(&configfs_dirent_lock);
568 list_del_init(&sd->s_sibling);
569 spin_unlock(&configfs_dirent_lock);
570 configfs_drop_dentry(sd, dentry);
571 configfs_put(sd);
572 }
573
574 /**
575 * Drop reference from dget() on entrance.
576 */
577 dput(dentry);
578 }
579
populate_attrs(struct config_item * item)580 static int populate_attrs(struct config_item *item)
581 {
582 const struct config_item_type *t = item->ci_type;
583 struct configfs_group_operations *ops;
584 struct configfs_attribute *attr;
585 struct configfs_bin_attribute *bin_attr;
586 int error = 0;
587 int i;
588
589 if (!t)
590 return -EINVAL;
591
592 ops = t->ct_group_ops;
593
594 if (t->ct_attrs) {
595 for (i = 0; (attr = t->ct_attrs[i]) != NULL; i++) {
596 if (ops && ops->is_visible && !ops->is_visible(item, attr, i))
597 continue;
598
599 if ((error = configfs_create_file(item, attr)))
600 break;
601 }
602 }
603 if (t->ct_bin_attrs) {
604 for (i = 0; (bin_attr = t->ct_bin_attrs[i]) != NULL; i++) {
605 if (ops && ops->is_bin_visible && !ops->is_bin_visible(item, bin_attr, i))
606 continue;
607
608 error = configfs_create_bin_file(item, bin_attr);
609 if (error)
610 break;
611 }
612 }
613
614 if (error)
615 detach_attrs(item);
616
617 return error;
618 }
619
620 static int configfs_attach_group(struct config_item *parent_item,
621 struct config_item *item,
622 struct dentry *dentry,
623 struct configfs_fragment *frag);
624 static void configfs_detach_group(struct config_item *item);
625
detach_groups(struct config_group * group)626 static void detach_groups(struct config_group *group)
627 {
628 struct dentry * dentry = dget(group->cg_item.ci_dentry);
629 struct dentry *child;
630 struct configfs_dirent *parent_sd;
631 struct configfs_dirent *sd, *tmp;
632
633 if (!dentry)
634 return;
635
636 parent_sd = dentry->d_fsdata;
637 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
638 if (!sd->s_element ||
639 !(sd->s_type & CONFIGFS_USET_DEFAULT))
640 continue;
641
642 child = sd->s_dentry;
643
644 inode_lock(d_inode(child));
645
646 configfs_detach_group(sd->s_element);
647 d_inode(child)->i_flags |= S_DEAD;
648 dont_mount(child);
649
650 inode_unlock(d_inode(child));
651
652 d_delete(child);
653 dput(child);
654 }
655
656 /**
657 * Drop reference from dget() on entrance.
658 */
659 dput(dentry);
660 }
661
662 /*
663 * This fakes mkdir(2) on a default_groups[] entry. It
664 * creates a dentry, attachs it, and then does fixup
665 * on the sd->s_type.
666 *
667 * We could, perhaps, tweak our parent's ->mkdir for a minute and
668 * try using vfs_mkdir. Just a thought.
669 */
create_default_group(struct config_group * parent_group,struct config_group * group,struct configfs_fragment * frag)670 static int create_default_group(struct config_group *parent_group,
671 struct config_group *group,
672 struct configfs_fragment *frag)
673 {
674 int ret;
675 struct configfs_dirent *sd;
676 /* We trust the caller holds a reference to parent */
677 struct dentry *child, *parent = parent_group->cg_item.ci_dentry;
678
679 if (!group->cg_item.ci_name)
680 group->cg_item.ci_name = group->cg_item.ci_namebuf;
681
682 ret = -ENOMEM;
683 child = d_alloc_name(parent, group->cg_item.ci_name);
684 if (child) {
685 d_add(child, NULL);
686
687 ret = configfs_attach_group(&parent_group->cg_item,
688 &group->cg_item, child, frag);
689 if (!ret) {
690 sd = child->d_fsdata;
691 sd->s_type |= CONFIGFS_USET_DEFAULT;
692 } else {
693 BUG_ON(d_inode(child));
694 d_drop(child);
695 dput(child);
696 }
697 }
698
699 return ret;
700 }
701
populate_groups(struct config_group * group,struct configfs_fragment * frag)702 static int populate_groups(struct config_group *group,
703 struct configfs_fragment *frag)
704 {
705 struct config_group *new_group;
706 int ret = 0;
707
708 list_for_each_entry(new_group, &group->default_groups, group_entry) {
709 ret = create_default_group(group, new_group, frag);
710 if (ret) {
711 detach_groups(group);
712 break;
713 }
714 }
715
716 return ret;
717 }
718
configfs_remove_default_groups(struct config_group * group)719 void configfs_remove_default_groups(struct config_group *group)
720 {
721 struct config_group *g, *n;
722
723 list_for_each_entry_safe(g, n, &group->default_groups, group_entry) {
724 list_del(&g->group_entry);
725 config_item_put(&g->cg_item);
726 }
727 }
728 EXPORT_SYMBOL(configfs_remove_default_groups);
729
730 /*
731 * All of link_obj/unlink_obj/link_group/unlink_group require that
732 * subsys->su_mutex is held.
733 */
734
unlink_obj(struct config_item * item)735 static void unlink_obj(struct config_item *item)
736 {
737 struct config_group *group;
738
739 group = item->ci_group;
740 if (group) {
741 list_del_init(&item->ci_entry);
742
743 item->ci_group = NULL;
744 item->ci_parent = NULL;
745
746 /* Drop the reference for ci_entry */
747 config_item_put(item);
748
749 /* Drop the reference for ci_parent */
750 config_group_put(group);
751 }
752 }
753
link_obj(struct config_item * parent_item,struct config_item * item)754 static void link_obj(struct config_item *parent_item, struct config_item *item)
755 {
756 /*
757 * Parent seems redundant with group, but it makes certain
758 * traversals much nicer.
759 */
760 item->ci_parent = parent_item;
761
762 /*
763 * We hold a reference on the parent for the child's ci_parent
764 * link.
765 */
766 item->ci_group = config_group_get(to_config_group(parent_item));
767 list_add_tail(&item->ci_entry, &item->ci_group->cg_children);
768
769 /*
770 * We hold a reference on the child for ci_entry on the parent's
771 * cg_children
772 */
773 config_item_get(item);
774 }
775
unlink_group(struct config_group * group)776 static void unlink_group(struct config_group *group)
777 {
778 struct config_group *new_group;
779
780 list_for_each_entry(new_group, &group->default_groups, group_entry)
781 unlink_group(new_group);
782
783 group->cg_subsys = NULL;
784 unlink_obj(&group->cg_item);
785 }
786
link_group(struct config_group * parent_group,struct config_group * group)787 static void link_group(struct config_group *parent_group, struct config_group *group)
788 {
789 struct config_group *new_group;
790 struct configfs_subsystem *subsys = NULL; /* gcc is a turd */
791
792 link_obj(&parent_group->cg_item, &group->cg_item);
793
794 if (parent_group->cg_subsys)
795 subsys = parent_group->cg_subsys;
796 else if (configfs_is_root(&parent_group->cg_item))
797 subsys = to_configfs_subsystem(group);
798 else
799 BUG();
800 group->cg_subsys = subsys;
801
802 list_for_each_entry(new_group, &group->default_groups, group_entry)
803 link_group(group, new_group);
804 }
805
806 /*
807 * The goal is that configfs_attach_item() (and
808 * configfs_attach_group()) can be called from either the VFS or this
809 * module. That is, they assume that the items have been created,
810 * the dentry allocated, and the dcache is all ready to go.
811 *
812 * If they fail, they must clean up after themselves as if they
813 * had never been called. The caller (VFS or local function) will
814 * handle cleaning up the dcache bits.
815 *
816 * configfs_detach_group() and configfs_detach_item() behave similarly on
817 * the way out. They assume that the proper semaphores are held, they
818 * clean up the configfs items, and they expect their callers will
819 * handle the dcache bits.
820 */
configfs_attach_item(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)821 static int configfs_attach_item(struct config_item *parent_item,
822 struct config_item *item,
823 struct dentry *dentry,
824 struct configfs_fragment *frag)
825 {
826 int ret;
827
828 ret = configfs_create_dir(item, dentry, frag);
829 if (!ret) {
830 ret = populate_attrs(item);
831 if (ret) {
832 /*
833 * We are going to remove an inode and its dentry but
834 * the VFS may already have hit and used them. Thus,
835 * we must lock them as rmdir() would.
836 */
837 inode_lock(d_inode(dentry));
838 configfs_remove_dir(item);
839 d_inode(dentry)->i_flags |= S_DEAD;
840 dont_mount(dentry);
841 inode_unlock(d_inode(dentry));
842 d_delete(dentry);
843 }
844 }
845
846 return ret;
847 }
848
849 /* Caller holds the mutex of the item's inode */
configfs_detach_item(struct config_item * item)850 static void configfs_detach_item(struct config_item *item)
851 {
852 detach_attrs(item);
853 configfs_remove_dir(item);
854 }
855
configfs_attach_group(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)856 static int configfs_attach_group(struct config_item *parent_item,
857 struct config_item *item,
858 struct dentry *dentry,
859 struct configfs_fragment *frag)
860 {
861 int ret;
862 struct configfs_dirent *sd;
863
864 ret = configfs_attach_item(parent_item, item, dentry, frag);
865 if (!ret) {
866 sd = dentry->d_fsdata;
867 sd->s_type |= CONFIGFS_USET_DIR;
868
869 /*
870 * FYI, we're faking mkdir in populate_groups()
871 * We must lock the group's inode to avoid races with the VFS
872 * which can already hit the inode and try to add/remove entries
873 * under it.
874 *
875 * We must also lock the inode to remove it safely in case of
876 * error, as rmdir() would.
877 */
878 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
879 configfs_adjust_dir_dirent_depth_before_populate(sd);
880 ret = populate_groups(to_config_group(item), frag);
881 if (ret) {
882 configfs_detach_item(item);
883 d_inode(dentry)->i_flags |= S_DEAD;
884 dont_mount(dentry);
885 }
886 configfs_adjust_dir_dirent_depth_after_populate(sd);
887 inode_unlock(d_inode(dentry));
888 if (ret)
889 d_delete(dentry);
890 }
891
892 return ret;
893 }
894
895 /* Caller holds the mutex of the group's inode */
configfs_detach_group(struct config_item * item)896 static void configfs_detach_group(struct config_item *item)
897 {
898 detach_groups(to_config_group(item));
899 configfs_detach_item(item);
900 }
901
902 /*
903 * After the item has been detached from the filesystem view, we are
904 * ready to tear it out of the hierarchy. Notify the client before
905 * we do that so they can perform any cleanup that requires
906 * navigating the hierarchy. A client does not need to provide this
907 * callback. The subsystem semaphore MUST be held by the caller, and
908 * references must be valid for both items. It also assumes the
909 * caller has validated ci_type.
910 */
client_disconnect_notify(struct config_item * parent_item,struct config_item * item)911 static void client_disconnect_notify(struct config_item *parent_item,
912 struct config_item *item)
913 {
914 const struct config_item_type *type;
915
916 type = parent_item->ci_type;
917 BUG_ON(!type);
918
919 if (type->ct_group_ops && type->ct_group_ops->disconnect_notify)
920 type->ct_group_ops->disconnect_notify(to_config_group(parent_item),
921 item);
922 }
923
924 /*
925 * Drop the initial reference from make_item()/make_group()
926 * This function assumes that reference is held on item
927 * and that item holds a valid reference to the parent. Also, it
928 * assumes the caller has validated ci_type.
929 */
client_drop_item(struct config_item * parent_item,struct config_item * item)930 static void client_drop_item(struct config_item *parent_item,
931 struct config_item *item)
932 {
933 const struct config_item_type *type;
934
935 type = parent_item->ci_type;
936 BUG_ON(!type);
937
938 /*
939 * If ->drop_item() exists, it is responsible for the
940 * config_item_put().
941 */
942 if (type->ct_group_ops && type->ct_group_ops->drop_item)
943 type->ct_group_ops->drop_item(to_config_group(parent_item),
944 item);
945 else
946 config_item_put(item);
947 }
948
949 #ifdef DEBUG
configfs_dump_one(struct configfs_dirent * sd,int level)950 static void configfs_dump_one(struct configfs_dirent *sd, int level)
951 {
952 pr_info("%*s\"%s\":\n", level, " ", configfs_get_name(sd));
953
954 #define type_print(_type) if (sd->s_type & _type) pr_info("%*s %s\n", level, " ", #_type);
955 type_print(CONFIGFS_ROOT);
956 type_print(CONFIGFS_DIR);
957 type_print(CONFIGFS_ITEM_ATTR);
958 type_print(CONFIGFS_ITEM_LINK);
959 type_print(CONFIGFS_USET_DIR);
960 type_print(CONFIGFS_USET_DEFAULT);
961 type_print(CONFIGFS_USET_DROPPING);
962 #undef type_print
963 }
964
configfs_dump(struct configfs_dirent * sd,int level)965 static int configfs_dump(struct configfs_dirent *sd, int level)
966 {
967 struct configfs_dirent *child_sd;
968 int ret = 0;
969
970 configfs_dump_one(sd, level);
971
972 if (!(sd->s_type & (CONFIGFS_DIR|CONFIGFS_ROOT)))
973 return 0;
974
975 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
976 ret = configfs_dump(child_sd, level + 2);
977 if (ret)
978 break;
979 }
980
981 return ret;
982 }
983 #endif
984
985
986 /*
987 * configfs_depend_item() and configfs_undepend_item()
988 *
989 * WARNING: Do not call these from a configfs callback!
990 *
991 * This describes these functions and their helpers.
992 *
993 * Allow another kernel system to depend on a config_item. If this
994 * happens, the item cannot go away until the dependent can live without
995 * it. The idea is to give client modules as simple an interface as
996 * possible. When a system asks them to depend on an item, they just
997 * call configfs_depend_item(). If the item is live and the client
998 * driver is in good shape, we'll happily do the work for them.
999 *
1000 * Why is the locking complex? Because configfs uses the VFS to handle
1001 * all locking, but this function is called outside the normal
1002 * VFS->configfs path. So it must take VFS locks to prevent the
1003 * VFS->configfs stuff (configfs_mkdir(), configfs_rmdir(), etc). This is
1004 * why you can't call these functions underneath configfs callbacks.
1005 *
1006 * Note, btw, that this can be called at *any* time, even when a configfs
1007 * subsystem isn't registered, or when configfs is loading or unloading.
1008 * Just like configfs_register_subsystem(). So we take the same
1009 * precautions. We pin the filesystem. We lock configfs_dirent_lock.
1010 * If we can find the target item in the
1011 * configfs tree, it must be part of the subsystem tree as well, so we
1012 * do not need the subsystem semaphore. Holding configfs_dirent_lock helps
1013 * locking out mkdir() and rmdir(), who might be racing us.
1014 */
1015
1016 /*
1017 * configfs_depend_prep()
1018 *
1019 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
1020 * attributes. This is similar but not the same to configfs_detach_prep().
1021 * Note that configfs_detach_prep() expects the parent to be locked when it
1022 * is called, but we lock the parent *inside* configfs_depend_prep(). We
1023 * do that so we can unlock it if we find nothing.
1024 *
1025 * Here we do a depth-first search of the dentry hierarchy looking for
1026 * our object.
1027 * We deliberately ignore items tagged as dropping since they are virtually
1028 * dead, as well as items in the middle of attachment since they virtually
1029 * do not exist yet. This completes the locking out of racing mkdir() and
1030 * rmdir().
1031 * Note: subdirectories in the middle of attachment start with s_type =
1032 * CONFIGFS_DIR|CONFIGFS_USET_CREATING set by create_dir(). When
1033 * CONFIGFS_USET_CREATING is set, we ignore the item. The actual set of
1034 * s_type is in configfs_new_dirent(), which has configfs_dirent_lock.
1035 *
1036 * If the target is not found, -ENOENT is bubbled up.
1037 *
1038 * This adds a requirement that all config_items be unique!
1039 *
1040 * This is recursive. There isn't
1041 * much on the stack, though, so folks that need this function - be careful
1042 * about your stack! Patches will be accepted to make it iterative.
1043 */
configfs_depend_prep(struct dentry * origin,struct config_item * target)1044 static int configfs_depend_prep(struct dentry *origin,
1045 struct config_item *target)
1046 {
1047 struct configfs_dirent *child_sd, *sd;
1048 int ret = 0;
1049
1050 BUG_ON(!origin || !origin->d_fsdata);
1051 sd = origin->d_fsdata;
1052
1053 if (sd->s_element == target) /* Boo-yah */
1054 goto out;
1055
1056 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
1057 if ((child_sd->s_type & CONFIGFS_DIR) &&
1058 !(child_sd->s_type & CONFIGFS_USET_DROPPING) &&
1059 !(child_sd->s_type & CONFIGFS_USET_CREATING)) {
1060 ret = configfs_depend_prep(child_sd->s_dentry,
1061 target);
1062 if (!ret)
1063 goto out; /* Child path boo-yah */
1064 }
1065 }
1066
1067 /* We looped all our children and didn't find target */
1068 ret = -ENOENT;
1069
1070 out:
1071 return ret;
1072 }
1073
configfs_do_depend_item(struct dentry * subsys_dentry,struct config_item * target)1074 static int configfs_do_depend_item(struct dentry *subsys_dentry,
1075 struct config_item *target)
1076 {
1077 struct configfs_dirent *p;
1078 int ret;
1079
1080 spin_lock(&configfs_dirent_lock);
1081 /* Scan the tree, return 0 if found */
1082 ret = configfs_depend_prep(subsys_dentry, target);
1083 if (ret)
1084 goto out_unlock_dirent_lock;
1085
1086 /*
1087 * We are sure that the item is not about to be removed by rmdir(), and
1088 * not in the middle of attachment by mkdir().
1089 */
1090 p = target->ci_dentry->d_fsdata;
1091 p->s_dependent_count += 1;
1092
1093 out_unlock_dirent_lock:
1094 spin_unlock(&configfs_dirent_lock);
1095
1096 return ret;
1097 }
1098
1099 static inline struct configfs_dirent *
configfs_find_subsys_dentry(struct configfs_dirent * root_sd,struct config_item * subsys_item)1100 configfs_find_subsys_dentry(struct configfs_dirent *root_sd,
1101 struct config_item *subsys_item)
1102 {
1103 struct configfs_dirent *p;
1104 struct configfs_dirent *ret = NULL;
1105
1106 list_for_each_entry(p, &root_sd->s_children, s_sibling) {
1107 if (p->s_type & CONFIGFS_DIR &&
1108 p->s_element == subsys_item) {
1109 ret = p;
1110 break;
1111 }
1112 }
1113
1114 return ret;
1115 }
1116
1117
configfs_depend_item(struct configfs_subsystem * subsys,struct config_item * target)1118 int configfs_depend_item(struct configfs_subsystem *subsys,
1119 struct config_item *target)
1120 {
1121 int ret;
1122 struct configfs_dirent *subsys_sd;
1123 struct config_item *s_item = &subsys->su_group.cg_item;
1124 struct dentry *root;
1125
1126 /*
1127 * Pin the configfs filesystem. This means we can safely access
1128 * the root of the configfs filesystem.
1129 */
1130 root = configfs_pin_fs();
1131 if (IS_ERR(root))
1132 return PTR_ERR(root);
1133
1134 /*
1135 * Next, lock the root directory. We're going to check that the
1136 * subsystem is really registered, and so we need to lock out
1137 * configfs_[un]register_subsystem().
1138 */
1139 inode_lock(d_inode(root));
1140
1141 subsys_sd = configfs_find_subsys_dentry(root->d_fsdata, s_item);
1142 if (!subsys_sd) {
1143 ret = -ENOENT;
1144 goto out_unlock_fs;
1145 }
1146
1147 /* Ok, now we can trust subsys/s_item */
1148 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1149
1150 out_unlock_fs:
1151 inode_unlock(d_inode(root));
1152
1153 /*
1154 * If we succeeded, the fs is pinned via other methods. If not,
1155 * we're done with it anyway. So release_fs() is always right.
1156 */
1157 configfs_release_fs();
1158
1159 return ret;
1160 }
1161 EXPORT_SYMBOL(configfs_depend_item);
1162
1163 /*
1164 * Release the dependent linkage. This is much simpler than
1165 * configfs_depend_item() because we know that the client driver is
1166 * pinned, thus the subsystem is pinned, and therefore configfs is pinned.
1167 */
configfs_undepend_item(struct config_item * target)1168 void configfs_undepend_item(struct config_item *target)
1169 {
1170 struct configfs_dirent *sd;
1171
1172 /*
1173 * Since we can trust everything is pinned, we just need
1174 * configfs_dirent_lock.
1175 */
1176 spin_lock(&configfs_dirent_lock);
1177
1178 sd = target->ci_dentry->d_fsdata;
1179 BUG_ON(sd->s_dependent_count < 1);
1180
1181 sd->s_dependent_count -= 1;
1182
1183 /*
1184 * After this unlock, we cannot trust the item to stay alive!
1185 * DO NOT REFERENCE item after this unlock.
1186 */
1187 spin_unlock(&configfs_dirent_lock);
1188 }
1189 EXPORT_SYMBOL(configfs_undepend_item);
1190
1191 /*
1192 * caller_subsys is a caller's subsystem not target's. This is used to
1193 * determine if we should lock root and check subsys or not. When we are
1194 * in the same subsystem as our target there is no need to do locking as
1195 * we know that subsys is valid and is not unregistered during this function
1196 * as we are called from callback of one of his children and VFS holds a lock
1197 * on some inode. Otherwise we have to lock our root to ensure that target's
1198 * subsystem it is not unregistered during this function.
1199 */
configfs_depend_item_unlocked(struct configfs_subsystem * caller_subsys,struct config_item * target)1200 int configfs_depend_item_unlocked(struct configfs_subsystem *caller_subsys,
1201 struct config_item *target)
1202 {
1203 struct configfs_subsystem *target_subsys;
1204 struct config_group *root, *parent;
1205 struct configfs_dirent *subsys_sd;
1206 int ret = -ENOENT;
1207
1208 /* Disallow this function for configfs root */
1209 if (configfs_is_root(target))
1210 return -EINVAL;
1211
1212 parent = target->ci_group;
1213 /*
1214 * This may happen when someone is trying to depend root
1215 * directory of some subsystem
1216 */
1217 if (configfs_is_root(&parent->cg_item)) {
1218 target_subsys = to_configfs_subsystem(to_config_group(target));
1219 root = parent;
1220 } else {
1221 target_subsys = parent->cg_subsys;
1222 /* Find a cofnigfs root as we may need it for locking */
1223 for (root = parent; !configfs_is_root(&root->cg_item);
1224 root = root->cg_item.ci_group)
1225 ;
1226 }
1227
1228 if (target_subsys != caller_subsys) {
1229 /*
1230 * We are in other configfs subsystem, so we have to do
1231 * additional locking to prevent other subsystem from being
1232 * unregistered
1233 */
1234 inode_lock(d_inode(root->cg_item.ci_dentry));
1235
1236 /*
1237 * As we are trying to depend item from other subsystem
1238 * we have to check if this subsystem is still registered
1239 */
1240 subsys_sd = configfs_find_subsys_dentry(
1241 root->cg_item.ci_dentry->d_fsdata,
1242 &target_subsys->su_group.cg_item);
1243 if (!subsys_sd)
1244 goto out_root_unlock;
1245 } else {
1246 subsys_sd = target_subsys->su_group.cg_item.ci_dentry->d_fsdata;
1247 }
1248
1249 /* Now we can execute core of depend item */
1250 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1251
1252 if (target_subsys != caller_subsys)
1253 out_root_unlock:
1254 /*
1255 * We were called from subsystem other than our target so we
1256 * took some locks so now it's time to release them
1257 */
1258 inode_unlock(d_inode(root->cg_item.ci_dentry));
1259
1260 return ret;
1261 }
1262 EXPORT_SYMBOL(configfs_depend_item_unlocked);
1263
configfs_mkdir(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,umode_t mode)1264 static int configfs_mkdir(struct mnt_idmap *idmap, struct inode *dir,
1265 struct dentry *dentry, umode_t mode)
1266 {
1267 int ret = 0;
1268 int module_got = 0;
1269 struct config_group *group = NULL;
1270 struct config_item *item = NULL;
1271 struct config_item *parent_item;
1272 struct configfs_subsystem *subsys;
1273 struct configfs_dirent *sd;
1274 const struct config_item_type *type;
1275 struct module *subsys_owner = NULL, *new_item_owner = NULL;
1276 struct configfs_fragment *frag;
1277 char *name;
1278
1279 sd = dentry->d_parent->d_fsdata;
1280
1281 /*
1282 * Fake invisibility if dir belongs to a group/default groups hierarchy
1283 * being attached
1284 */
1285 if (!configfs_dirent_is_ready(sd)) {
1286 ret = -ENOENT;
1287 goto out;
1288 }
1289
1290 if (!(sd->s_type & CONFIGFS_USET_DIR)) {
1291 ret = -EPERM;
1292 goto out;
1293 }
1294
1295 frag = new_fragment();
1296 if (!frag) {
1297 ret = -ENOMEM;
1298 goto out;
1299 }
1300
1301 /* Get a working ref for the duration of this function */
1302 parent_item = configfs_get_config_item(dentry->d_parent);
1303 type = parent_item->ci_type;
1304 subsys = to_config_group(parent_item)->cg_subsys;
1305 BUG_ON(!subsys);
1306
1307 if (!type || !type->ct_group_ops ||
1308 (!type->ct_group_ops->make_group &&
1309 !type->ct_group_ops->make_item)) {
1310 ret = -EPERM; /* Lack-of-mkdir returns -EPERM */
1311 goto out_put;
1312 }
1313
1314 /*
1315 * The subsystem may belong to a different module than the item
1316 * being created. We don't want to safely pin the new item but
1317 * fail to pin the subsystem it sits under.
1318 */
1319 if (!subsys->su_group.cg_item.ci_type) {
1320 ret = -EINVAL;
1321 goto out_put;
1322 }
1323 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1324 if (!try_module_get(subsys_owner)) {
1325 ret = -EINVAL;
1326 goto out_put;
1327 }
1328
1329 name = kmalloc(dentry->d_name.len + 1, GFP_KERNEL);
1330 if (!name) {
1331 ret = -ENOMEM;
1332 goto out_subsys_put;
1333 }
1334
1335 snprintf(name, dentry->d_name.len + 1, "%s", dentry->d_name.name);
1336
1337 mutex_lock(&subsys->su_mutex);
1338 if (type->ct_group_ops->make_group) {
1339 group = type->ct_group_ops->make_group(to_config_group(parent_item), name);
1340 if (!group)
1341 group = ERR_PTR(-ENOMEM);
1342 if (!IS_ERR(group)) {
1343 link_group(to_config_group(parent_item), group);
1344 item = &group->cg_item;
1345 } else
1346 ret = PTR_ERR(group);
1347 } else {
1348 item = type->ct_group_ops->make_item(to_config_group(parent_item), name);
1349 if (!item)
1350 item = ERR_PTR(-ENOMEM);
1351 if (!IS_ERR(item))
1352 link_obj(parent_item, item);
1353 else
1354 ret = PTR_ERR(item);
1355 }
1356 mutex_unlock(&subsys->su_mutex);
1357
1358 kfree(name);
1359 if (ret) {
1360 /*
1361 * If ret != 0, then link_obj() was never called.
1362 * There are no extra references to clean up.
1363 */
1364 goto out_subsys_put;
1365 }
1366
1367 /*
1368 * link_obj() has been called (via link_group() for groups).
1369 * From here on out, errors must clean that up.
1370 */
1371
1372 type = item->ci_type;
1373 if (!type) {
1374 ret = -EINVAL;
1375 goto out_unlink;
1376 }
1377
1378 new_item_owner = type->ct_owner;
1379 if (!try_module_get(new_item_owner)) {
1380 ret = -EINVAL;
1381 goto out_unlink;
1382 }
1383
1384 /*
1385 * I hate doing it this way, but if there is
1386 * an error, module_put() probably should
1387 * happen after any cleanup.
1388 */
1389 module_got = 1;
1390
1391 /*
1392 * Make racing rmdir() fail if it did not tag parent with
1393 * CONFIGFS_USET_DROPPING
1394 * Note: if CONFIGFS_USET_DROPPING is already set, attach_group() will
1395 * fail and let rmdir() terminate correctly
1396 */
1397 spin_lock(&configfs_dirent_lock);
1398 /* This will make configfs_detach_prep() fail */
1399 sd->s_type |= CONFIGFS_USET_IN_MKDIR;
1400 spin_unlock(&configfs_dirent_lock);
1401
1402 if (group)
1403 ret = configfs_attach_group(parent_item, item, dentry, frag);
1404 else
1405 ret = configfs_attach_item(parent_item, item, dentry, frag);
1406
1407 spin_lock(&configfs_dirent_lock);
1408 sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
1409 if (!ret)
1410 configfs_dir_set_ready(dentry->d_fsdata);
1411 spin_unlock(&configfs_dirent_lock);
1412
1413 out_unlink:
1414 if (ret) {
1415 /* Tear down everything we built up */
1416 mutex_lock(&subsys->su_mutex);
1417
1418 client_disconnect_notify(parent_item, item);
1419 if (group)
1420 unlink_group(group);
1421 else
1422 unlink_obj(item);
1423 client_drop_item(parent_item, item);
1424
1425 mutex_unlock(&subsys->su_mutex);
1426
1427 if (module_got)
1428 module_put(new_item_owner);
1429 }
1430
1431 out_subsys_put:
1432 if (ret)
1433 module_put(subsys_owner);
1434
1435 out_put:
1436 /*
1437 * link_obj()/link_group() took a reference from child->parent,
1438 * so the parent is safely pinned. We can drop our working
1439 * reference.
1440 */
1441 config_item_put(parent_item);
1442 put_fragment(frag);
1443
1444 out:
1445 return ret;
1446 }
1447
configfs_rmdir(struct inode * dir,struct dentry * dentry)1448 static int configfs_rmdir(struct inode *dir, struct dentry *dentry)
1449 {
1450 struct config_item *parent_item;
1451 struct config_item *item;
1452 struct configfs_subsystem *subsys;
1453 struct configfs_dirent *sd;
1454 struct configfs_fragment *frag;
1455 struct module *subsys_owner = NULL, *dead_item_owner = NULL;
1456 int ret;
1457
1458 sd = dentry->d_fsdata;
1459 if (sd->s_type & CONFIGFS_USET_DEFAULT)
1460 return -EPERM;
1461
1462 /* Get a working ref until we have the child */
1463 parent_item = configfs_get_config_item(dentry->d_parent);
1464 subsys = to_config_group(parent_item)->cg_subsys;
1465 BUG_ON(!subsys);
1466
1467 if (!parent_item->ci_type) {
1468 config_item_put(parent_item);
1469 return -EINVAL;
1470 }
1471
1472 /* configfs_mkdir() shouldn't have allowed this */
1473 BUG_ON(!subsys->su_group.cg_item.ci_type);
1474 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1475
1476 /*
1477 * Ensure that no racing symlink() will make detach_prep() fail while
1478 * the new link is temporarily attached
1479 */
1480 do {
1481 struct dentry *wait;
1482
1483 mutex_lock(&configfs_symlink_mutex);
1484 spin_lock(&configfs_dirent_lock);
1485 /*
1486 * Here's where we check for dependents. We're protected by
1487 * configfs_dirent_lock.
1488 * If no dependent, atomically tag the item as dropping.
1489 */
1490 ret = sd->s_dependent_count ? -EBUSY : 0;
1491 if (!ret) {
1492 ret = configfs_detach_prep(dentry, &wait);
1493 if (ret)
1494 configfs_detach_rollback(dentry);
1495 }
1496 spin_unlock(&configfs_dirent_lock);
1497 mutex_unlock(&configfs_symlink_mutex);
1498
1499 if (ret) {
1500 if (ret != -EAGAIN) {
1501 config_item_put(parent_item);
1502 return ret;
1503 }
1504
1505 /* Wait until the racing operation terminates */
1506 inode_lock(d_inode(wait));
1507 inode_unlock(d_inode(wait));
1508 dput(wait);
1509 }
1510 } while (ret == -EAGAIN);
1511
1512 frag = sd->s_frag;
1513 if (down_write_killable(&frag->frag_sem)) {
1514 spin_lock(&configfs_dirent_lock);
1515 configfs_detach_rollback(dentry);
1516 spin_unlock(&configfs_dirent_lock);
1517 config_item_put(parent_item);
1518 return -EINTR;
1519 }
1520 frag->frag_dead = true;
1521 up_write(&frag->frag_sem);
1522
1523 /* Get a working ref for the duration of this function */
1524 item = configfs_get_config_item(dentry);
1525
1526 /* Drop reference from above, item already holds one. */
1527 config_item_put(parent_item);
1528
1529 if (item->ci_type)
1530 dead_item_owner = item->ci_type->ct_owner;
1531
1532 if (sd->s_type & CONFIGFS_USET_DIR) {
1533 configfs_detach_group(item);
1534
1535 mutex_lock(&subsys->su_mutex);
1536 client_disconnect_notify(parent_item, item);
1537 unlink_group(to_config_group(item));
1538 } else {
1539 configfs_detach_item(item);
1540
1541 mutex_lock(&subsys->su_mutex);
1542 client_disconnect_notify(parent_item, item);
1543 unlink_obj(item);
1544 }
1545
1546 client_drop_item(parent_item, item);
1547 mutex_unlock(&subsys->su_mutex);
1548
1549 /* Drop our reference from above */
1550 config_item_put(item);
1551
1552 module_put(dead_item_owner);
1553 module_put(subsys_owner);
1554
1555 return 0;
1556 }
1557
1558 const struct inode_operations configfs_dir_inode_operations = {
1559 .mkdir = configfs_mkdir,
1560 .rmdir = configfs_rmdir,
1561 .symlink = configfs_symlink,
1562 .unlink = configfs_unlink,
1563 .lookup = configfs_lookup,
1564 .setattr = configfs_setattr,
1565 };
1566
1567 const struct inode_operations configfs_root_inode_operations = {
1568 .lookup = configfs_lookup,
1569 .setattr = configfs_setattr,
1570 };
1571
configfs_dir_open(struct inode * inode,struct file * file)1572 static int configfs_dir_open(struct inode *inode, struct file *file)
1573 {
1574 struct dentry * dentry = file->f_path.dentry;
1575 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1576 int err;
1577
1578 inode_lock(d_inode(dentry));
1579 /*
1580 * Fake invisibility if dir belongs to a group/default groups hierarchy
1581 * being attached
1582 */
1583 err = -ENOENT;
1584 if (configfs_dirent_is_ready(parent_sd)) {
1585 file->private_data = configfs_new_dirent(parent_sd, NULL, 0, NULL);
1586 if (IS_ERR(file->private_data))
1587 err = PTR_ERR(file->private_data);
1588 else
1589 err = 0;
1590 }
1591 inode_unlock(d_inode(dentry));
1592
1593 return err;
1594 }
1595
configfs_dir_close(struct inode * inode,struct file * file)1596 static int configfs_dir_close(struct inode *inode, struct file *file)
1597 {
1598 struct dentry * dentry = file->f_path.dentry;
1599 struct configfs_dirent * cursor = file->private_data;
1600
1601 inode_lock(d_inode(dentry));
1602 spin_lock(&configfs_dirent_lock);
1603 list_del_init(&cursor->s_sibling);
1604 spin_unlock(&configfs_dirent_lock);
1605 inode_unlock(d_inode(dentry));
1606
1607 release_configfs_dirent(cursor);
1608
1609 return 0;
1610 }
1611
configfs_readdir(struct file * file,struct dir_context * ctx)1612 static int configfs_readdir(struct file *file, struct dir_context *ctx)
1613 {
1614 struct dentry *dentry = file->f_path.dentry;
1615 struct super_block *sb = dentry->d_sb;
1616 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1617 struct configfs_dirent *cursor = file->private_data;
1618 struct list_head *p, *q = &cursor->s_sibling;
1619 ino_t ino = 0;
1620
1621 if (!dir_emit_dots(file, ctx))
1622 return 0;
1623 spin_lock(&configfs_dirent_lock);
1624 if (ctx->pos == 2)
1625 list_move(q, &parent_sd->s_children);
1626 for (p = q->next; p != &parent_sd->s_children; p = p->next) {
1627 struct configfs_dirent *next;
1628 const char *name;
1629 int len;
1630 struct inode *inode = NULL;
1631
1632 next = list_entry(p, struct configfs_dirent, s_sibling);
1633 if (!next->s_element)
1634 continue;
1635
1636 /*
1637 * We'll have a dentry and an inode for
1638 * PINNED items and for open attribute
1639 * files. We lock here to prevent a race
1640 * with configfs_d_iput() clearing
1641 * s_dentry before calling iput().
1642 *
1643 * Why do we go to the trouble? If
1644 * someone has an attribute file open,
1645 * the inode number should match until
1646 * they close it. Beyond that, we don't
1647 * care.
1648 */
1649 dentry = next->s_dentry;
1650 if (dentry)
1651 inode = d_inode(dentry);
1652 if (inode)
1653 ino = inode->i_ino;
1654 spin_unlock(&configfs_dirent_lock);
1655 if (!inode)
1656 ino = iunique(sb, 2);
1657
1658 name = configfs_get_name(next);
1659 len = strlen(name);
1660
1661 if (!dir_emit(ctx, name, len, ino,
1662 fs_umode_to_dtype(next->s_mode)))
1663 return 0;
1664
1665 spin_lock(&configfs_dirent_lock);
1666 list_move(q, p);
1667 p = q;
1668 ctx->pos++;
1669 }
1670 spin_unlock(&configfs_dirent_lock);
1671 return 0;
1672 }
1673
configfs_dir_lseek(struct file * file,loff_t offset,int whence)1674 static loff_t configfs_dir_lseek(struct file *file, loff_t offset, int whence)
1675 {
1676 struct dentry * dentry = file->f_path.dentry;
1677
1678 switch (whence) {
1679 case 1:
1680 offset += file->f_pos;
1681 fallthrough;
1682 case 0:
1683 if (offset >= 0)
1684 break;
1685 fallthrough;
1686 default:
1687 return -EINVAL;
1688 }
1689 if (offset != file->f_pos) {
1690 file->f_pos = offset;
1691 if (file->f_pos >= 2) {
1692 struct configfs_dirent *sd = dentry->d_fsdata;
1693 struct configfs_dirent *cursor = file->private_data;
1694 struct list_head *p;
1695 loff_t n = file->f_pos - 2;
1696
1697 spin_lock(&configfs_dirent_lock);
1698 list_del(&cursor->s_sibling);
1699 p = sd->s_children.next;
1700 while (n && p != &sd->s_children) {
1701 struct configfs_dirent *next;
1702 next = list_entry(p, struct configfs_dirent,
1703 s_sibling);
1704 if (next->s_element)
1705 n--;
1706 p = p->next;
1707 }
1708 list_add_tail(&cursor->s_sibling, p);
1709 spin_unlock(&configfs_dirent_lock);
1710 }
1711 }
1712 return offset;
1713 }
1714
1715 const struct file_operations configfs_dir_operations = {
1716 .open = configfs_dir_open,
1717 .release = configfs_dir_close,
1718 .llseek = configfs_dir_lseek,
1719 .read = generic_read_dir,
1720 .iterate_shared = configfs_readdir,
1721 };
1722
1723 /**
1724 * configfs_register_group - creates a parent-child relation between two groups
1725 * @parent_group: parent group
1726 * @group: child group
1727 *
1728 * link groups, creates dentry for the child and attaches it to the
1729 * parent dentry.
1730 *
1731 * Return: 0 on success, negative errno code on error
1732 */
configfs_register_group(struct config_group * parent_group,struct config_group * group)1733 int configfs_register_group(struct config_group *parent_group,
1734 struct config_group *group)
1735 {
1736 struct configfs_subsystem *subsys = parent_group->cg_subsys;
1737 struct dentry *parent;
1738 struct configfs_fragment *frag;
1739 int ret;
1740
1741 frag = new_fragment();
1742 if (!frag)
1743 return -ENOMEM;
1744
1745 mutex_lock(&subsys->su_mutex);
1746 link_group(parent_group, group);
1747 mutex_unlock(&subsys->su_mutex);
1748
1749 parent = parent_group->cg_item.ci_dentry;
1750
1751 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1752 ret = create_default_group(parent_group, group, frag);
1753 if (ret)
1754 goto err_out;
1755
1756 spin_lock(&configfs_dirent_lock);
1757 configfs_dir_set_ready(group->cg_item.ci_dentry->d_fsdata);
1758 spin_unlock(&configfs_dirent_lock);
1759 inode_unlock(d_inode(parent));
1760 put_fragment(frag);
1761 return 0;
1762 err_out:
1763 inode_unlock(d_inode(parent));
1764 mutex_lock(&subsys->su_mutex);
1765 unlink_group(group);
1766 mutex_unlock(&subsys->su_mutex);
1767 put_fragment(frag);
1768 return ret;
1769 }
1770 EXPORT_SYMBOL(configfs_register_group);
1771
1772 /**
1773 * configfs_unregister_group() - unregisters a child group from its parent
1774 * @group: parent group to be unregistered
1775 *
1776 * Undoes configfs_register_group()
1777 */
configfs_unregister_group(struct config_group * group)1778 void configfs_unregister_group(struct config_group *group)
1779 {
1780 struct configfs_subsystem *subsys = group->cg_subsys;
1781 struct dentry *dentry = group->cg_item.ci_dentry;
1782 struct dentry *parent = group->cg_item.ci_parent->ci_dentry;
1783 struct configfs_dirent *sd = dentry->d_fsdata;
1784 struct configfs_fragment *frag = sd->s_frag;
1785
1786 down_write(&frag->frag_sem);
1787 frag->frag_dead = true;
1788 up_write(&frag->frag_sem);
1789
1790 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1791 spin_lock(&configfs_dirent_lock);
1792 configfs_detach_prep(dentry, NULL);
1793 spin_unlock(&configfs_dirent_lock);
1794
1795 configfs_detach_group(&group->cg_item);
1796 d_inode(dentry)->i_flags |= S_DEAD;
1797 dont_mount(dentry);
1798 d_drop(dentry);
1799 fsnotify_rmdir(d_inode(parent), dentry);
1800 inode_unlock(d_inode(parent));
1801
1802 dput(dentry);
1803
1804 mutex_lock(&subsys->su_mutex);
1805 unlink_group(group);
1806 mutex_unlock(&subsys->su_mutex);
1807 }
1808 EXPORT_SYMBOL(configfs_unregister_group);
1809
1810 /**
1811 * configfs_register_default_group() - allocates and registers a child group
1812 * @parent_group: parent group
1813 * @name: child group name
1814 * @item_type: child item type description
1815 *
1816 * boilerplate to allocate and register a child group with its parent. We need
1817 * kzalloc'ed memory because child's default_group is initially empty.
1818 *
1819 * Return: allocated config group or ERR_PTR() on error
1820 */
1821 struct config_group *
configfs_register_default_group(struct config_group * parent_group,const char * name,const struct config_item_type * item_type)1822 configfs_register_default_group(struct config_group *parent_group,
1823 const char *name,
1824 const struct config_item_type *item_type)
1825 {
1826 int ret;
1827 struct config_group *group;
1828
1829 group = kzalloc(sizeof(*group), GFP_KERNEL);
1830 if (!group)
1831 return ERR_PTR(-ENOMEM);
1832 config_group_init_type_name(group, name, item_type);
1833
1834 ret = configfs_register_group(parent_group, group);
1835 if (ret) {
1836 kfree(group);
1837 return ERR_PTR(ret);
1838 }
1839 return group;
1840 }
1841 EXPORT_SYMBOL(configfs_register_default_group);
1842
1843 /**
1844 * configfs_unregister_default_group() - unregisters and frees a child group
1845 * @group: the group to act on
1846 */
configfs_unregister_default_group(struct config_group * group)1847 void configfs_unregister_default_group(struct config_group *group)
1848 {
1849 configfs_unregister_group(group);
1850 kfree(group);
1851 }
1852 EXPORT_SYMBOL(configfs_unregister_default_group);
1853
configfs_register_subsystem(struct configfs_subsystem * subsys)1854 int configfs_register_subsystem(struct configfs_subsystem *subsys)
1855 {
1856 int err;
1857 struct config_group *group = &subsys->su_group;
1858 struct dentry *dentry;
1859 struct dentry *root;
1860 struct configfs_dirent *sd;
1861 struct configfs_fragment *frag;
1862
1863 frag = new_fragment();
1864 if (!frag)
1865 return -ENOMEM;
1866
1867 root = configfs_pin_fs();
1868 if (IS_ERR(root)) {
1869 put_fragment(frag);
1870 return PTR_ERR(root);
1871 }
1872
1873 if (!group->cg_item.ci_name)
1874 group->cg_item.ci_name = group->cg_item.ci_namebuf;
1875
1876 sd = root->d_fsdata;
1877 mutex_lock(&configfs_subsystem_mutex);
1878 link_group(to_config_group(sd->s_element), group);
1879 mutex_unlock(&configfs_subsystem_mutex);
1880
1881 inode_lock_nested(d_inode(root), I_MUTEX_PARENT);
1882
1883 err = -ENOMEM;
1884 dentry = d_alloc_name(root, group->cg_item.ci_name);
1885 if (dentry) {
1886 d_add(dentry, NULL);
1887
1888 err = configfs_attach_group(sd->s_element, &group->cg_item,
1889 dentry, frag);
1890 if (err) {
1891 BUG_ON(d_inode(dentry));
1892 d_drop(dentry);
1893 dput(dentry);
1894 } else {
1895 spin_lock(&configfs_dirent_lock);
1896 configfs_dir_set_ready(dentry->d_fsdata);
1897 spin_unlock(&configfs_dirent_lock);
1898 }
1899 }
1900
1901 inode_unlock(d_inode(root));
1902
1903 if (err) {
1904 mutex_lock(&configfs_subsystem_mutex);
1905 unlink_group(group);
1906 mutex_unlock(&configfs_subsystem_mutex);
1907 configfs_release_fs();
1908 }
1909 put_fragment(frag);
1910
1911 return err;
1912 }
1913
configfs_unregister_subsystem(struct configfs_subsystem * subsys)1914 void configfs_unregister_subsystem(struct configfs_subsystem *subsys)
1915 {
1916 struct config_group *group = &subsys->su_group;
1917 struct dentry *dentry = group->cg_item.ci_dentry;
1918 struct dentry *root = dentry->d_sb->s_root;
1919 struct configfs_dirent *sd = dentry->d_fsdata;
1920 struct configfs_fragment *frag = sd->s_frag;
1921
1922 if (dentry->d_parent != root) {
1923 pr_err("Tried to unregister non-subsystem!\n");
1924 return;
1925 }
1926
1927 down_write(&frag->frag_sem);
1928 frag->frag_dead = true;
1929 up_write(&frag->frag_sem);
1930
1931 inode_lock_nested(d_inode(root),
1932 I_MUTEX_PARENT);
1933 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
1934 mutex_lock(&configfs_symlink_mutex);
1935 spin_lock(&configfs_dirent_lock);
1936 if (configfs_detach_prep(dentry, NULL)) {
1937 pr_err("Tried to unregister non-empty subsystem!\n");
1938 }
1939 spin_unlock(&configfs_dirent_lock);
1940 mutex_unlock(&configfs_symlink_mutex);
1941 configfs_detach_group(&group->cg_item);
1942 d_inode(dentry)->i_flags |= S_DEAD;
1943 dont_mount(dentry);
1944 inode_unlock(d_inode(dentry));
1945
1946 d_drop(dentry);
1947 fsnotify_rmdir(d_inode(root), dentry);
1948
1949 inode_unlock(d_inode(root));
1950
1951 dput(dentry);
1952
1953 mutex_lock(&configfs_subsystem_mutex);
1954 unlink_group(group);
1955 mutex_unlock(&configfs_subsystem_mutex);
1956 configfs_release_fs();
1957 }
1958
1959 EXPORT_SYMBOL(configfs_register_subsystem);
1960 EXPORT_SYMBOL(configfs_unregister_subsystem);
1961