1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/ext4/namei.c 4 * 5 * Copyright (C) 1992, 1993, 1994, 1995 6 * Remy Card (card@masi.ibp.fr) 7 * Laboratoire MASI - Institut Blaise Pascal 8 * Universite Pierre et Marie Curie (Paris VI) 9 * 10 * from 11 * 12 * linux/fs/minix/namei.c 13 * 14 * Copyright (C) 1991, 1992 Linus Torvalds 15 * 16 * Big-endian to little-endian byte-swapping/bitmaps by 17 * David S. Miller (davem@caip.rutgers.edu), 1995 18 * Directory entry file type support and forward compatibility hooks 19 * for B-tree directories by Theodore Ts'o (tytso@mit.edu), 1998 20 * Hash Tree Directory indexing (c) 21 * Daniel Phillips, 2001 22 * Hash Tree Directory indexing porting 23 * Christopher Li, 2002 24 * Hash Tree Directory indexing cleanup 25 * Theodore Ts'o, 2002 26 */ 27 28 #include <linux/fs.h> 29 #include <linux/pagemap.h> 30 #include <linux/time.h> 31 #include <linux/fcntl.h> 32 #include <linux/stat.h> 33 #include <linux/string.h> 34 #include <linux/quotaops.h> 35 #include <linux/buffer_head.h> 36 #include <linux/bio.h> 37 #include <linux/iversion.h> 38 #include <linux/unicode.h> 39 #include "ext4.h" 40 #include "ext4_jbd2.h" 41 42 #include "xattr.h" 43 #include "acl.h" 44 45 #include <trace/events/ext4.h> 46 /* 47 * define how far ahead to read directories while searching them. 48 */ 49 #define NAMEI_RA_CHUNKS 2 50 #define NAMEI_RA_BLOCKS 4 51 #define NAMEI_RA_SIZE (NAMEI_RA_CHUNKS * NAMEI_RA_BLOCKS) 52 53 static struct buffer_head *ext4_append(handle_t *handle, 54 struct inode *inode, 55 ext4_lblk_t *block) 56 { 57 struct ext4_map_blocks map; 58 struct buffer_head *bh; 59 int err; 60 61 if (unlikely(EXT4_SB(inode->i_sb)->s_max_dir_size_kb && 62 ((inode->i_size >> 10) >= 63 EXT4_SB(inode->i_sb)->s_max_dir_size_kb))) 64 return ERR_PTR(-ENOSPC); 65 66 *block = inode->i_size >> inode->i_sb->s_blocksize_bits; 67 map.m_lblk = *block; 68 map.m_len = 1; 69 70 /* 71 * We're appending new directory block. Make sure the block is not 72 * allocated yet, otherwise we will end up corrupting the 73 * directory. 74 */ 75 err = ext4_map_blocks(NULL, inode, &map, 0); 76 if (err < 0) 77 return ERR_PTR(err); 78 if (err) { 79 EXT4_ERROR_INODE(inode, "Logical block already allocated"); 80 return ERR_PTR(-EFSCORRUPTED); 81 } 82 83 bh = ext4_bread(handle, inode, *block, EXT4_GET_BLOCKS_CREATE); 84 if (IS_ERR(bh)) 85 return bh; 86 inode->i_size += inode->i_sb->s_blocksize; 87 EXT4_I(inode)->i_disksize = inode->i_size; 88 err = ext4_mark_inode_dirty(handle, inode); 89 if (err) 90 goto out; 91 BUFFER_TRACE(bh, "get_write_access"); 92 err = ext4_journal_get_write_access(handle, inode->i_sb, bh, 93 EXT4_JTR_NONE); 94 if (err) 95 goto out; 96 return bh; 97 98 out: 99 brelse(bh); 100 ext4_std_error(inode->i_sb, err); 101 return ERR_PTR(err); 102 } 103 104 static int ext4_dx_csum_verify(struct inode *inode, 105 struct ext4_dir_entry *dirent); 106 107 /* 108 * Hints to ext4_read_dirblock regarding whether we expect a directory 109 * block being read to be an index block, or a block containing 110 * directory entries (and if the latter, whether it was found via a 111 * logical block in an htree index block). This is used to control 112 * what sort of sanity checkinig ext4_read_dirblock() will do on the 113 * directory block read from the storage device. EITHER will means 114 * the caller doesn't know what kind of directory block will be read, 115 * so no specific verification will be done. 116 */ 117 typedef enum { 118 EITHER, INDEX, DIRENT, DIRENT_HTREE 119 } dirblock_type_t; 120 121 #define ext4_read_dirblock(inode, block, type) \ 122 __ext4_read_dirblock((inode), (block), (type), __func__, __LINE__) 123 124 static struct buffer_head *__ext4_read_dirblock(struct inode *inode, 125 ext4_lblk_t block, 126 dirblock_type_t type, 127 const char *func, 128 unsigned int line) 129 { 130 struct buffer_head *bh; 131 struct ext4_dir_entry *dirent; 132 int is_dx_block = 0; 133 134 if (block >= inode->i_size >> inode->i_blkbits) { 135 ext4_error_inode(inode, func, line, block, 136 "Attempting to read directory block (%u) that is past i_size (%llu)", 137 block, inode->i_size); 138 return ERR_PTR(-EFSCORRUPTED); 139 } 140 141 if (ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_EIO)) 142 bh = ERR_PTR(-EIO); 143 else 144 bh = ext4_bread(NULL, inode, block, 0); 145 if (IS_ERR(bh)) { 146 __ext4_warning(inode->i_sb, func, line, 147 "inode #%lu: lblock %lu: comm %s: " 148 "error %ld reading directory block", 149 inode->i_ino, (unsigned long)block, 150 current->comm, PTR_ERR(bh)); 151 152 return bh; 153 } 154 if (!bh && (type == INDEX || type == DIRENT_HTREE)) { 155 ext4_error_inode(inode, func, line, block, 156 "Directory hole found for htree %s block", 157 (type == INDEX) ? "index" : "leaf"); 158 return ERR_PTR(-EFSCORRUPTED); 159 } 160 if (!bh) 161 return NULL; 162 dirent = (struct ext4_dir_entry *) bh->b_data; 163 /* Determine whether or not we have an index block */ 164 if (is_dx(inode)) { 165 if (block == 0) 166 is_dx_block = 1; 167 else if (ext4_rec_len_from_disk(dirent->rec_len, 168 inode->i_sb->s_blocksize) == 169 inode->i_sb->s_blocksize) 170 is_dx_block = 1; 171 } 172 if (!is_dx_block && type == INDEX) { 173 ext4_error_inode(inode, func, line, block, 174 "directory leaf block found instead of index block"); 175 brelse(bh); 176 return ERR_PTR(-EFSCORRUPTED); 177 } 178 if (!ext4_has_metadata_csum(inode->i_sb) || 179 buffer_verified(bh)) 180 return bh; 181 182 /* 183 * An empty leaf block can get mistaken for a index block; for 184 * this reason, we can only check the index checksum when the 185 * caller is sure it should be an index block. 186 */ 187 if (is_dx_block && type == INDEX) { 188 if (ext4_dx_csum_verify(inode, dirent) && 189 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 190 set_buffer_verified(bh); 191 else { 192 ext4_error_inode_err(inode, func, line, block, 193 EFSBADCRC, 194 "Directory index failed checksum"); 195 brelse(bh); 196 return ERR_PTR(-EFSBADCRC); 197 } 198 } 199 if (!is_dx_block) { 200 if (ext4_dirblock_csum_verify(inode, bh) && 201 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 202 set_buffer_verified(bh); 203 else { 204 ext4_error_inode_err(inode, func, line, block, 205 EFSBADCRC, 206 "Directory block failed checksum"); 207 brelse(bh); 208 return ERR_PTR(-EFSBADCRC); 209 } 210 } 211 return bh; 212 } 213 214 #ifdef DX_DEBUG 215 #define dxtrace(command) command 216 #else 217 #define dxtrace(command) 218 #endif 219 220 struct fake_dirent 221 { 222 __le32 inode; 223 __le16 rec_len; 224 u8 name_len; 225 u8 file_type; 226 }; 227 228 struct dx_countlimit 229 { 230 __le16 limit; 231 __le16 count; 232 }; 233 234 struct dx_entry 235 { 236 __le32 hash; 237 __le32 block; 238 }; 239 240 /* 241 * dx_root_info is laid out so that if it should somehow get overlaid by a 242 * dirent the two low bits of the hash version will be zero. Therefore, the 243 * hash version mod 4 should never be 0. Sincerely, the paranoia department. 244 */ 245 246 struct dx_root 247 { 248 struct fake_dirent dot; 249 char dot_name[4]; 250 struct fake_dirent dotdot; 251 char dotdot_name[4]; 252 struct dx_root_info 253 { 254 __le32 reserved_zero; 255 u8 hash_version; 256 u8 info_length; /* 8 */ 257 u8 indirect_levels; 258 u8 unused_flags; 259 } 260 info; 261 struct dx_entry entries[]; 262 }; 263 264 struct dx_node 265 { 266 struct fake_dirent fake; 267 struct dx_entry entries[]; 268 }; 269 270 271 struct dx_frame 272 { 273 struct buffer_head *bh; 274 struct dx_entry *entries; 275 struct dx_entry *at; 276 }; 277 278 struct dx_map_entry 279 { 280 u32 hash; 281 u16 offs; 282 u16 size; 283 }; 284 285 /* 286 * This goes at the end of each htree block. 287 */ 288 struct dx_tail { 289 u32 dt_reserved; 290 __le32 dt_checksum; /* crc32c(uuid+inum+dirblock) */ 291 }; 292 293 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry); 294 static void dx_set_block(struct dx_entry *entry, ext4_lblk_t value); 295 static inline unsigned dx_get_hash(struct dx_entry *entry); 296 static void dx_set_hash(struct dx_entry *entry, unsigned value); 297 static unsigned dx_get_count(struct dx_entry *entries); 298 static unsigned dx_get_limit(struct dx_entry *entries); 299 static void dx_set_count(struct dx_entry *entries, unsigned value); 300 static void dx_set_limit(struct dx_entry *entries, unsigned value); 301 static unsigned dx_root_limit(struct inode *dir, unsigned infosize); 302 static unsigned dx_node_limit(struct inode *dir); 303 static struct dx_frame *dx_probe(struct ext4_filename *fname, 304 struct inode *dir, 305 struct dx_hash_info *hinfo, 306 struct dx_frame *frame); 307 static void dx_release(struct dx_frame *frames); 308 static int dx_make_map(struct inode *dir, struct buffer_head *bh, 309 struct dx_hash_info *hinfo, 310 struct dx_map_entry *map_tail); 311 static void dx_sort_map(struct dx_map_entry *map, unsigned count); 312 static struct ext4_dir_entry_2 *dx_move_dirents(struct inode *dir, char *from, 313 char *to, struct dx_map_entry *offsets, 314 int count, unsigned int blocksize); 315 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 316 unsigned int blocksize); 317 static void dx_insert_block(struct dx_frame *frame, 318 u32 hash, ext4_lblk_t block); 319 static int ext4_htree_next_block(struct inode *dir, __u32 hash, 320 struct dx_frame *frame, 321 struct dx_frame *frames, 322 __u32 *start_hash); 323 static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 324 struct ext4_filename *fname, 325 struct ext4_dir_entry_2 **res_dir); 326 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 327 struct inode *dir, struct inode *inode); 328 329 /* checksumming functions */ 330 void ext4_initialize_dirent_tail(struct buffer_head *bh, 331 unsigned int blocksize) 332 { 333 struct ext4_dir_entry_tail *t = EXT4_DIRENT_TAIL(bh->b_data, blocksize); 334 335 memset(t, 0, sizeof(struct ext4_dir_entry_tail)); 336 t->det_rec_len = ext4_rec_len_to_disk( 337 sizeof(struct ext4_dir_entry_tail), blocksize); 338 t->det_reserved_ft = EXT4_FT_DIR_CSUM; 339 } 340 341 /* Walk through a dirent block to find a checksum "dirent" at the tail */ 342 static struct ext4_dir_entry_tail *get_dirent_tail(struct inode *inode, 343 struct buffer_head *bh) 344 { 345 struct ext4_dir_entry_tail *t; 346 347 #ifdef PARANOID 348 struct ext4_dir_entry *d, *top; 349 350 d = (struct ext4_dir_entry *)bh->b_data; 351 top = (struct ext4_dir_entry *)(bh->b_data + 352 (EXT4_BLOCK_SIZE(inode->i_sb) - 353 sizeof(struct ext4_dir_entry_tail))); 354 while (d < top && d->rec_len) 355 d = (struct ext4_dir_entry *)(((void *)d) + 356 le16_to_cpu(d->rec_len)); 357 358 if (d != top) 359 return NULL; 360 361 t = (struct ext4_dir_entry_tail *)d; 362 #else 363 t = EXT4_DIRENT_TAIL(bh->b_data, EXT4_BLOCK_SIZE(inode->i_sb)); 364 #endif 365 366 if (t->det_reserved_zero1 || 367 le16_to_cpu(t->det_rec_len) != sizeof(struct ext4_dir_entry_tail) || 368 t->det_reserved_zero2 || 369 t->det_reserved_ft != EXT4_FT_DIR_CSUM) 370 return NULL; 371 372 return t; 373 } 374 375 static __le32 ext4_dirblock_csum(struct inode *inode, void *dirent, int size) 376 { 377 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 378 struct ext4_inode_info *ei = EXT4_I(inode); 379 __u32 csum; 380 381 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 382 return cpu_to_le32(csum); 383 } 384 385 #define warn_no_space_for_csum(inode) \ 386 __warn_no_space_for_csum((inode), __func__, __LINE__) 387 388 static void __warn_no_space_for_csum(struct inode *inode, const char *func, 389 unsigned int line) 390 { 391 __ext4_warning_inode(inode, func, line, 392 "No space for directory leaf checksum. Please run e2fsck -D."); 393 } 394 395 int ext4_dirblock_csum_verify(struct inode *inode, struct buffer_head *bh) 396 { 397 struct ext4_dir_entry_tail *t; 398 399 if (!ext4_has_metadata_csum(inode->i_sb)) 400 return 1; 401 402 t = get_dirent_tail(inode, bh); 403 if (!t) { 404 warn_no_space_for_csum(inode); 405 return 0; 406 } 407 408 if (t->det_checksum != ext4_dirblock_csum(inode, bh->b_data, 409 (char *)t - bh->b_data)) 410 return 0; 411 412 return 1; 413 } 414 415 static void ext4_dirblock_csum_set(struct inode *inode, 416 struct buffer_head *bh) 417 { 418 struct ext4_dir_entry_tail *t; 419 420 if (!ext4_has_metadata_csum(inode->i_sb)) 421 return; 422 423 t = get_dirent_tail(inode, bh); 424 if (!t) { 425 warn_no_space_for_csum(inode); 426 return; 427 } 428 429 t->det_checksum = ext4_dirblock_csum(inode, bh->b_data, 430 (char *)t - bh->b_data); 431 } 432 433 int ext4_handle_dirty_dirblock(handle_t *handle, 434 struct inode *inode, 435 struct buffer_head *bh) 436 { 437 ext4_dirblock_csum_set(inode, bh); 438 return ext4_handle_dirty_metadata(handle, inode, bh); 439 } 440 441 static struct dx_countlimit *get_dx_countlimit(struct inode *inode, 442 struct ext4_dir_entry *dirent, 443 int *offset) 444 { 445 struct ext4_dir_entry *dp; 446 struct dx_root_info *root; 447 int count_offset; 448 449 if (le16_to_cpu(dirent->rec_len) == EXT4_BLOCK_SIZE(inode->i_sb)) 450 count_offset = 8; 451 else if (le16_to_cpu(dirent->rec_len) == 12) { 452 dp = (struct ext4_dir_entry *)(((void *)dirent) + 12); 453 if (le16_to_cpu(dp->rec_len) != 454 EXT4_BLOCK_SIZE(inode->i_sb) - 12) 455 return NULL; 456 root = (struct dx_root_info *)(((void *)dp + 12)); 457 if (root->reserved_zero || 458 root->info_length != sizeof(struct dx_root_info)) 459 return NULL; 460 count_offset = 32; 461 } else 462 return NULL; 463 464 if (offset) 465 *offset = count_offset; 466 return (struct dx_countlimit *)(((void *)dirent) + count_offset); 467 } 468 469 static __le32 ext4_dx_csum(struct inode *inode, struct ext4_dir_entry *dirent, 470 int count_offset, int count, struct dx_tail *t) 471 { 472 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 473 struct ext4_inode_info *ei = EXT4_I(inode); 474 __u32 csum; 475 int size; 476 __u32 dummy_csum = 0; 477 int offset = offsetof(struct dx_tail, dt_checksum); 478 479 size = count_offset + (count * sizeof(struct dx_entry)); 480 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 481 csum = ext4_chksum(sbi, csum, (__u8 *)t, offset); 482 csum = ext4_chksum(sbi, csum, (__u8 *)&dummy_csum, sizeof(dummy_csum)); 483 484 return cpu_to_le32(csum); 485 } 486 487 static int ext4_dx_csum_verify(struct inode *inode, 488 struct ext4_dir_entry *dirent) 489 { 490 struct dx_countlimit *c; 491 struct dx_tail *t; 492 int count_offset, limit, count; 493 494 if (!ext4_has_metadata_csum(inode->i_sb)) 495 return 1; 496 497 c = get_dx_countlimit(inode, dirent, &count_offset); 498 if (!c) { 499 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 500 return 0; 501 } 502 limit = le16_to_cpu(c->limit); 503 count = le16_to_cpu(c->count); 504 if (count_offset + (limit * sizeof(struct dx_entry)) > 505 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 506 warn_no_space_for_csum(inode); 507 return 0; 508 } 509 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 510 511 if (t->dt_checksum != ext4_dx_csum(inode, dirent, count_offset, 512 count, t)) 513 return 0; 514 return 1; 515 } 516 517 static void ext4_dx_csum_set(struct inode *inode, struct ext4_dir_entry *dirent) 518 { 519 struct dx_countlimit *c; 520 struct dx_tail *t; 521 int count_offset, limit, count; 522 523 if (!ext4_has_metadata_csum(inode->i_sb)) 524 return; 525 526 c = get_dx_countlimit(inode, dirent, &count_offset); 527 if (!c) { 528 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 529 return; 530 } 531 limit = le16_to_cpu(c->limit); 532 count = le16_to_cpu(c->count); 533 if (count_offset + (limit * sizeof(struct dx_entry)) > 534 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 535 warn_no_space_for_csum(inode); 536 return; 537 } 538 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 539 540 t->dt_checksum = ext4_dx_csum(inode, dirent, count_offset, count, t); 541 } 542 543 static inline int ext4_handle_dirty_dx_node(handle_t *handle, 544 struct inode *inode, 545 struct buffer_head *bh) 546 { 547 ext4_dx_csum_set(inode, (struct ext4_dir_entry *)bh->b_data); 548 return ext4_handle_dirty_metadata(handle, inode, bh); 549 } 550 551 /* 552 * p is at least 6 bytes before the end of page 553 */ 554 static inline struct ext4_dir_entry_2 * 555 ext4_next_entry(struct ext4_dir_entry_2 *p, unsigned long blocksize) 556 { 557 return (struct ext4_dir_entry_2 *)((char *)p + 558 ext4_rec_len_from_disk(p->rec_len, blocksize)); 559 } 560 561 /* 562 * Future: use high four bits of block for coalesce-on-delete flags 563 * Mask them off for now. 564 */ 565 566 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry) 567 { 568 return le32_to_cpu(entry->block) & 0x0fffffff; 569 } 570 571 static inline void dx_set_block(struct dx_entry *entry, ext4_lblk_t value) 572 { 573 entry->block = cpu_to_le32(value); 574 } 575 576 static inline unsigned dx_get_hash(struct dx_entry *entry) 577 { 578 return le32_to_cpu(entry->hash); 579 } 580 581 static inline void dx_set_hash(struct dx_entry *entry, unsigned value) 582 { 583 entry->hash = cpu_to_le32(value); 584 } 585 586 static inline unsigned dx_get_count(struct dx_entry *entries) 587 { 588 return le16_to_cpu(((struct dx_countlimit *) entries)->count); 589 } 590 591 static inline unsigned dx_get_limit(struct dx_entry *entries) 592 { 593 return le16_to_cpu(((struct dx_countlimit *) entries)->limit); 594 } 595 596 static inline void dx_set_count(struct dx_entry *entries, unsigned value) 597 { 598 ((struct dx_countlimit *) entries)->count = cpu_to_le16(value); 599 } 600 601 static inline void dx_set_limit(struct dx_entry *entries, unsigned value) 602 { 603 ((struct dx_countlimit *) entries)->limit = cpu_to_le16(value); 604 } 605 606 static inline unsigned dx_root_limit(struct inode *dir, unsigned infosize) 607 { 608 unsigned int entry_space = dir->i_sb->s_blocksize - 609 ext4_dir_rec_len(1, NULL) - 610 ext4_dir_rec_len(2, NULL) - infosize; 611 612 if (ext4_has_metadata_csum(dir->i_sb)) 613 entry_space -= sizeof(struct dx_tail); 614 return entry_space / sizeof(struct dx_entry); 615 } 616 617 static inline unsigned dx_node_limit(struct inode *dir) 618 { 619 unsigned int entry_space = dir->i_sb->s_blocksize - 620 ext4_dir_rec_len(0, dir); 621 622 if (ext4_has_metadata_csum(dir->i_sb)) 623 entry_space -= sizeof(struct dx_tail); 624 return entry_space / sizeof(struct dx_entry); 625 } 626 627 /* 628 * Debug 629 */ 630 #ifdef DX_DEBUG 631 static void dx_show_index(char * label, struct dx_entry *entries) 632 { 633 int i, n = dx_get_count (entries); 634 printk(KERN_DEBUG "%s index", label); 635 for (i = 0; i < n; i++) { 636 printk(KERN_CONT " %x->%lu", 637 i ? dx_get_hash(entries + i) : 0, 638 (unsigned long)dx_get_block(entries + i)); 639 } 640 printk(KERN_CONT "\n"); 641 } 642 643 struct stats 644 { 645 unsigned names; 646 unsigned space; 647 unsigned bcount; 648 }; 649 650 static struct stats dx_show_leaf(struct inode *dir, 651 struct dx_hash_info *hinfo, 652 struct ext4_dir_entry_2 *de, 653 int size, int show_names) 654 { 655 unsigned names = 0, space = 0; 656 char *base = (char *) de; 657 struct dx_hash_info h = *hinfo; 658 659 printk("names: "); 660 while ((char *) de < base + size) 661 { 662 if (de->inode) 663 { 664 if (show_names) 665 { 666 #ifdef CONFIG_FS_ENCRYPTION 667 int len; 668 char *name; 669 struct fscrypt_str fname_crypto_str = 670 FSTR_INIT(NULL, 0); 671 int res = 0; 672 673 name = de->name; 674 len = de->name_len; 675 if (!IS_ENCRYPTED(dir)) { 676 /* Directory is not encrypted */ 677 ext4fs_dirhash(dir, de->name, 678 de->name_len, &h); 679 printk("%*.s:(U)%x.%u ", len, 680 name, h.hash, 681 (unsigned) ((char *) de 682 - base)); 683 } else { 684 struct fscrypt_str de_name = 685 FSTR_INIT(name, len); 686 687 /* Directory is encrypted */ 688 res = fscrypt_fname_alloc_buffer( 689 len, &fname_crypto_str); 690 if (res) 691 printk(KERN_WARNING "Error " 692 "allocating crypto " 693 "buffer--skipping " 694 "crypto\n"); 695 res = fscrypt_fname_disk_to_usr(dir, 696 0, 0, &de_name, 697 &fname_crypto_str); 698 if (res) { 699 printk(KERN_WARNING "Error " 700 "converting filename " 701 "from disk to usr" 702 "\n"); 703 name = "??"; 704 len = 2; 705 } else { 706 name = fname_crypto_str.name; 707 len = fname_crypto_str.len; 708 } 709 if (IS_CASEFOLDED(dir)) 710 h.hash = EXT4_DIRENT_HASH(de); 711 else 712 ext4fs_dirhash(dir, de->name, 713 de->name_len, &h); 714 printk("%*.s:(E)%x.%u ", len, name, 715 h.hash, (unsigned) ((char *) de 716 - base)); 717 fscrypt_fname_free_buffer( 718 &fname_crypto_str); 719 } 720 #else 721 int len = de->name_len; 722 char *name = de->name; 723 ext4fs_dirhash(dir, de->name, de->name_len, &h); 724 printk("%*.s:%x.%u ", len, name, h.hash, 725 (unsigned) ((char *) de - base)); 726 #endif 727 } 728 space += ext4_dir_rec_len(de->name_len, dir); 729 names++; 730 } 731 de = ext4_next_entry(de, size); 732 } 733 printk(KERN_CONT "(%i)\n", names); 734 return (struct stats) { names, space, 1 }; 735 } 736 737 struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir, 738 struct dx_entry *entries, int levels) 739 { 740 unsigned blocksize = dir->i_sb->s_blocksize; 741 unsigned count = dx_get_count(entries), names = 0, space = 0, i; 742 unsigned bcount = 0; 743 struct buffer_head *bh; 744 printk("%i indexed blocks...\n", count); 745 for (i = 0; i < count; i++, entries++) 746 { 747 ext4_lblk_t block = dx_get_block(entries); 748 ext4_lblk_t hash = i ? dx_get_hash(entries): 0; 749 u32 range = i < count - 1? (dx_get_hash(entries + 1) - hash): ~hash; 750 struct stats stats; 751 printk("%s%3u:%03u hash %8x/%8x ",levels?"":" ", i, block, hash, range); 752 bh = ext4_bread(NULL,dir, block, 0); 753 if (!bh || IS_ERR(bh)) 754 continue; 755 stats = levels? 756 dx_show_entries(hinfo, dir, ((struct dx_node *) bh->b_data)->entries, levels - 1): 757 dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) 758 bh->b_data, blocksize, 0); 759 names += stats.names; 760 space += stats.space; 761 bcount += stats.bcount; 762 brelse(bh); 763 } 764 if (bcount) 765 printk(KERN_DEBUG "%snames %u, fullness %u (%u%%)\n", 766 levels ? "" : " ", names, space/bcount, 767 (space/bcount)*100/blocksize); 768 return (struct stats) { names, space, bcount}; 769 } 770 771 /* 772 * Linear search cross check 773 */ 774 static inline void htree_rep_invariant_check(struct dx_entry *at, 775 struct dx_entry *target, 776 u32 hash, unsigned int n) 777 { 778 while (n--) { 779 dxtrace(printk(KERN_CONT ",")); 780 if (dx_get_hash(++at) > hash) { 781 at--; 782 break; 783 } 784 } 785 ASSERT(at == target - 1); 786 } 787 #else /* DX_DEBUG */ 788 static inline void htree_rep_invariant_check(struct dx_entry *at, 789 struct dx_entry *target, 790 u32 hash, unsigned int n) 791 { 792 } 793 #endif /* DX_DEBUG */ 794 795 /* 796 * Probe for a directory leaf block to search. 797 * 798 * dx_probe can return ERR_BAD_DX_DIR, which means there was a format 799 * error in the directory index, and the caller should fall back to 800 * searching the directory normally. The callers of dx_probe **MUST** 801 * check for this error code, and make sure it never gets reflected 802 * back to userspace. 803 */ 804 static struct dx_frame * 805 dx_probe(struct ext4_filename *fname, struct inode *dir, 806 struct dx_hash_info *hinfo, struct dx_frame *frame_in) 807 { 808 unsigned count, indirect, level, i; 809 struct dx_entry *at, *entries, *p, *q, *m; 810 struct dx_root *root; 811 struct dx_frame *frame = frame_in; 812 struct dx_frame *ret_err = ERR_PTR(ERR_BAD_DX_DIR); 813 u32 hash; 814 ext4_lblk_t block; 815 ext4_lblk_t blocks[EXT4_HTREE_LEVEL]; 816 817 memset(frame_in, 0, EXT4_HTREE_LEVEL * sizeof(frame_in[0])); 818 frame->bh = ext4_read_dirblock(dir, 0, INDEX); 819 if (IS_ERR(frame->bh)) 820 return (struct dx_frame *) frame->bh; 821 822 root = (struct dx_root *) frame->bh->b_data; 823 if (root->info.hash_version != DX_HASH_TEA && 824 root->info.hash_version != DX_HASH_HALF_MD4 && 825 root->info.hash_version != DX_HASH_LEGACY && 826 root->info.hash_version != DX_HASH_SIPHASH) { 827 ext4_warning_inode(dir, "Unrecognised inode hash code %u", 828 root->info.hash_version); 829 goto fail; 830 } 831 if (ext4_hash_in_dirent(dir)) { 832 if (root->info.hash_version != DX_HASH_SIPHASH) { 833 ext4_warning_inode(dir, 834 "Hash in dirent, but hash is not SIPHASH"); 835 goto fail; 836 } 837 } else { 838 if (root->info.hash_version == DX_HASH_SIPHASH) { 839 ext4_warning_inode(dir, 840 "Hash code is SIPHASH, but hash not in dirent"); 841 goto fail; 842 } 843 } 844 if (fname) 845 hinfo = &fname->hinfo; 846 hinfo->hash_version = root->info.hash_version; 847 if (hinfo->hash_version <= DX_HASH_TEA) 848 hinfo->hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 849 hinfo->seed = EXT4_SB(dir->i_sb)->s_hash_seed; 850 /* hash is already computed for encrypted casefolded directory */ 851 if (fname && fname_name(fname) && 852 !(IS_ENCRYPTED(dir) && IS_CASEFOLDED(dir))) 853 ext4fs_dirhash(dir, fname_name(fname), fname_len(fname), hinfo); 854 hash = hinfo->hash; 855 856 if (root->info.unused_flags & 1) { 857 ext4_warning_inode(dir, "Unimplemented hash flags: %#06x", 858 root->info.unused_flags); 859 goto fail; 860 } 861 862 indirect = root->info.indirect_levels; 863 if (indirect >= ext4_dir_htree_level(dir->i_sb)) { 864 ext4_warning(dir->i_sb, 865 "Directory (ino: %lu) htree depth %#06x exceed" 866 "supported value", dir->i_ino, 867 ext4_dir_htree_level(dir->i_sb)); 868 if (ext4_dir_htree_level(dir->i_sb) < EXT4_HTREE_LEVEL) { 869 ext4_warning(dir->i_sb, "Enable large directory " 870 "feature to access it"); 871 } 872 goto fail; 873 } 874 875 entries = (struct dx_entry *)(((char *)&root->info) + 876 root->info.info_length); 877 878 if (dx_get_limit(entries) != dx_root_limit(dir, 879 root->info.info_length)) { 880 ext4_warning_inode(dir, "dx entry: limit %u != root limit %u", 881 dx_get_limit(entries), 882 dx_root_limit(dir, root->info.info_length)); 883 goto fail; 884 } 885 886 dxtrace(printk("Look up %x", hash)); 887 level = 0; 888 blocks[0] = 0; 889 while (1) { 890 count = dx_get_count(entries); 891 if (!count || count > dx_get_limit(entries)) { 892 ext4_warning_inode(dir, 893 "dx entry: count %u beyond limit %u", 894 count, dx_get_limit(entries)); 895 goto fail; 896 } 897 898 p = entries + 1; 899 q = entries + count - 1; 900 while (p <= q) { 901 m = p + (q - p) / 2; 902 dxtrace(printk(KERN_CONT ".")); 903 if (dx_get_hash(m) > hash) 904 q = m - 1; 905 else 906 p = m + 1; 907 } 908 909 htree_rep_invariant_check(entries, p, hash, count - 1); 910 911 at = p - 1; 912 dxtrace(printk(KERN_CONT " %x->%u\n", 913 at == entries ? 0 : dx_get_hash(at), 914 dx_get_block(at))); 915 frame->entries = entries; 916 frame->at = at; 917 918 block = dx_get_block(at); 919 for (i = 0; i <= level; i++) { 920 if (blocks[i] == block) { 921 ext4_warning_inode(dir, 922 "dx entry: tree cycle block %u points back to block %u", 923 blocks[level], block); 924 goto fail; 925 } 926 } 927 if (++level > indirect) 928 return frame; 929 blocks[level] = block; 930 frame++; 931 frame->bh = ext4_read_dirblock(dir, block, INDEX); 932 if (IS_ERR(frame->bh)) { 933 ret_err = (struct dx_frame *) frame->bh; 934 frame->bh = NULL; 935 goto fail; 936 } 937 938 entries = ((struct dx_node *) frame->bh->b_data)->entries; 939 940 if (dx_get_limit(entries) != dx_node_limit(dir)) { 941 ext4_warning_inode(dir, 942 "dx entry: limit %u != node limit %u", 943 dx_get_limit(entries), dx_node_limit(dir)); 944 goto fail; 945 } 946 } 947 fail: 948 while (frame >= frame_in) { 949 brelse(frame->bh); 950 frame--; 951 } 952 953 if (ret_err == ERR_PTR(ERR_BAD_DX_DIR)) 954 ext4_warning_inode(dir, 955 "Corrupt directory, running e2fsck is recommended"); 956 return ret_err; 957 } 958 959 static void dx_release(struct dx_frame *frames) 960 { 961 struct dx_root_info *info; 962 int i; 963 unsigned int indirect_levels; 964 965 if (frames[0].bh == NULL) 966 return; 967 968 info = &((struct dx_root *)frames[0].bh->b_data)->info; 969 /* save local copy, "info" may be freed after brelse() */ 970 indirect_levels = info->indirect_levels; 971 for (i = 0; i <= indirect_levels; i++) { 972 if (frames[i].bh == NULL) 973 break; 974 brelse(frames[i].bh); 975 frames[i].bh = NULL; 976 } 977 } 978 979 /* 980 * This function increments the frame pointer to search the next leaf 981 * block, and reads in the necessary intervening nodes if the search 982 * should be necessary. Whether or not the search is necessary is 983 * controlled by the hash parameter. If the hash value is even, then 984 * the search is only continued if the next block starts with that 985 * hash value. This is used if we are searching for a specific file. 986 * 987 * If the hash value is HASH_NB_ALWAYS, then always go to the next block. 988 * 989 * This function returns 1 if the caller should continue to search, 990 * or 0 if it should not. If there is an error reading one of the 991 * index blocks, it will a negative error code. 992 * 993 * If start_hash is non-null, it will be filled in with the starting 994 * hash of the next page. 995 */ 996 static int ext4_htree_next_block(struct inode *dir, __u32 hash, 997 struct dx_frame *frame, 998 struct dx_frame *frames, 999 __u32 *start_hash) 1000 { 1001 struct dx_frame *p; 1002 struct buffer_head *bh; 1003 int num_frames = 0; 1004 __u32 bhash; 1005 1006 p = frame; 1007 /* 1008 * Find the next leaf page by incrementing the frame pointer. 1009 * If we run out of entries in the interior node, loop around and 1010 * increment pointer in the parent node. When we break out of 1011 * this loop, num_frames indicates the number of interior 1012 * nodes need to be read. 1013 */ 1014 while (1) { 1015 if (++(p->at) < p->entries + dx_get_count(p->entries)) 1016 break; 1017 if (p == frames) 1018 return 0; 1019 num_frames++; 1020 p--; 1021 } 1022 1023 /* 1024 * If the hash is 1, then continue only if the next page has a 1025 * continuation hash of any value. This is used for readdir 1026 * handling. Otherwise, check to see if the hash matches the 1027 * desired continuation hash. If it doesn't, return since 1028 * there's no point to read in the successive index pages. 1029 */ 1030 bhash = dx_get_hash(p->at); 1031 if (start_hash) 1032 *start_hash = bhash; 1033 if ((hash & 1) == 0) { 1034 if ((bhash & ~1) != hash) 1035 return 0; 1036 } 1037 /* 1038 * If the hash is HASH_NB_ALWAYS, we always go to the next 1039 * block so no check is necessary 1040 */ 1041 while (num_frames--) { 1042 bh = ext4_read_dirblock(dir, dx_get_block(p->at), INDEX); 1043 if (IS_ERR(bh)) 1044 return PTR_ERR(bh); 1045 p++; 1046 brelse(p->bh); 1047 p->bh = bh; 1048 p->at = p->entries = ((struct dx_node *) bh->b_data)->entries; 1049 } 1050 return 1; 1051 } 1052 1053 1054 /* 1055 * This function fills a red-black tree with information from a 1056 * directory block. It returns the number directory entries loaded 1057 * into the tree. If there is an error it is returned in err. 1058 */ 1059 static int htree_dirblock_to_tree(struct file *dir_file, 1060 struct inode *dir, ext4_lblk_t block, 1061 struct dx_hash_info *hinfo, 1062 __u32 start_hash, __u32 start_minor_hash) 1063 { 1064 struct buffer_head *bh; 1065 struct ext4_dir_entry_2 *de, *top; 1066 int err = 0, count = 0; 1067 struct fscrypt_str fname_crypto_str = FSTR_INIT(NULL, 0), tmp_str; 1068 int csum = ext4_has_metadata_csum(dir->i_sb); 1069 1070 dxtrace(printk(KERN_INFO "In htree dirblock_to_tree: block %lu\n", 1071 (unsigned long)block)); 1072 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1073 if (IS_ERR(bh)) 1074 return PTR_ERR(bh); 1075 1076 de = (struct ext4_dir_entry_2 *) bh->b_data; 1077 /* csum entries are not larger in the casefolded encrypted case */ 1078 top = (struct ext4_dir_entry_2 *) ((char *) de + 1079 dir->i_sb->s_blocksize - 1080 ext4_dir_rec_len(0, 1081 csum ? NULL : dir)); 1082 /* Check if the directory is encrypted */ 1083 if (IS_ENCRYPTED(dir)) { 1084 err = fscrypt_prepare_readdir(dir); 1085 if (err < 0) { 1086 brelse(bh); 1087 return err; 1088 } 1089 err = fscrypt_fname_alloc_buffer(EXT4_NAME_LEN, 1090 &fname_crypto_str); 1091 if (err < 0) { 1092 brelse(bh); 1093 return err; 1094 } 1095 } 1096 1097 for (; de < top; de = ext4_next_entry(de, dir->i_sb->s_blocksize)) { 1098 if (ext4_check_dir_entry(dir, NULL, de, bh, 1099 bh->b_data, bh->b_size, 1100 (block<<EXT4_BLOCK_SIZE_BITS(dir->i_sb)) 1101 + ((char *)de - bh->b_data))) { 1102 /* silently ignore the rest of the block */ 1103 break; 1104 } 1105 if (ext4_hash_in_dirent(dir)) { 1106 if (de->name_len && de->inode) { 1107 hinfo->hash = EXT4_DIRENT_HASH(de); 1108 hinfo->minor_hash = EXT4_DIRENT_MINOR_HASH(de); 1109 } else { 1110 hinfo->hash = 0; 1111 hinfo->minor_hash = 0; 1112 } 1113 } else { 1114 ext4fs_dirhash(dir, de->name, de->name_len, hinfo); 1115 } 1116 if ((hinfo->hash < start_hash) || 1117 ((hinfo->hash == start_hash) && 1118 (hinfo->minor_hash < start_minor_hash))) 1119 continue; 1120 if (de->inode == 0) 1121 continue; 1122 if (!IS_ENCRYPTED(dir)) { 1123 tmp_str.name = de->name; 1124 tmp_str.len = de->name_len; 1125 err = ext4_htree_store_dirent(dir_file, 1126 hinfo->hash, hinfo->minor_hash, de, 1127 &tmp_str); 1128 } else { 1129 int save_len = fname_crypto_str.len; 1130 struct fscrypt_str de_name = FSTR_INIT(de->name, 1131 de->name_len); 1132 1133 /* Directory is encrypted */ 1134 err = fscrypt_fname_disk_to_usr(dir, hinfo->hash, 1135 hinfo->minor_hash, &de_name, 1136 &fname_crypto_str); 1137 if (err) { 1138 count = err; 1139 goto errout; 1140 } 1141 err = ext4_htree_store_dirent(dir_file, 1142 hinfo->hash, hinfo->minor_hash, de, 1143 &fname_crypto_str); 1144 fname_crypto_str.len = save_len; 1145 } 1146 if (err != 0) { 1147 count = err; 1148 goto errout; 1149 } 1150 count++; 1151 } 1152 errout: 1153 brelse(bh); 1154 fscrypt_fname_free_buffer(&fname_crypto_str); 1155 return count; 1156 } 1157 1158 1159 /* 1160 * This function fills a red-black tree with information from a 1161 * directory. We start scanning the directory in hash order, starting 1162 * at start_hash and start_minor_hash. 1163 * 1164 * This function returns the number of entries inserted into the tree, 1165 * or a negative error code. 1166 */ 1167 int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash, 1168 __u32 start_minor_hash, __u32 *next_hash) 1169 { 1170 struct dx_hash_info hinfo; 1171 struct ext4_dir_entry_2 *de; 1172 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1173 struct inode *dir; 1174 ext4_lblk_t block; 1175 int count = 0; 1176 int ret, err; 1177 __u32 hashval; 1178 struct fscrypt_str tmp_str; 1179 1180 dxtrace(printk(KERN_DEBUG "In htree_fill_tree, start hash: %x:%x\n", 1181 start_hash, start_minor_hash)); 1182 dir = file_inode(dir_file); 1183 if (!(ext4_test_inode_flag(dir, EXT4_INODE_INDEX))) { 1184 if (ext4_hash_in_dirent(dir)) 1185 hinfo.hash_version = DX_HASH_SIPHASH; 1186 else 1187 hinfo.hash_version = 1188 EXT4_SB(dir->i_sb)->s_def_hash_version; 1189 if (hinfo.hash_version <= DX_HASH_TEA) 1190 hinfo.hash_version += 1191 EXT4_SB(dir->i_sb)->s_hash_unsigned; 1192 hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 1193 if (ext4_has_inline_data(dir)) { 1194 int has_inline_data = 1; 1195 count = ext4_inlinedir_to_tree(dir_file, dir, 0, 1196 &hinfo, start_hash, 1197 start_minor_hash, 1198 &has_inline_data); 1199 if (has_inline_data) { 1200 *next_hash = ~0; 1201 return count; 1202 } 1203 } 1204 count = htree_dirblock_to_tree(dir_file, dir, 0, &hinfo, 1205 start_hash, start_minor_hash); 1206 *next_hash = ~0; 1207 return count; 1208 } 1209 hinfo.hash = start_hash; 1210 hinfo.minor_hash = 0; 1211 frame = dx_probe(NULL, dir, &hinfo, frames); 1212 if (IS_ERR(frame)) 1213 return PTR_ERR(frame); 1214 1215 /* Add '.' and '..' from the htree header */ 1216 if (!start_hash && !start_minor_hash) { 1217 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1218 tmp_str.name = de->name; 1219 tmp_str.len = de->name_len; 1220 err = ext4_htree_store_dirent(dir_file, 0, 0, 1221 de, &tmp_str); 1222 if (err != 0) 1223 goto errout; 1224 count++; 1225 } 1226 if (start_hash < 2 || (start_hash ==2 && start_minor_hash==0)) { 1227 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1228 de = ext4_next_entry(de, dir->i_sb->s_blocksize); 1229 tmp_str.name = de->name; 1230 tmp_str.len = de->name_len; 1231 err = ext4_htree_store_dirent(dir_file, 2, 0, 1232 de, &tmp_str); 1233 if (err != 0) 1234 goto errout; 1235 count++; 1236 } 1237 1238 while (1) { 1239 if (fatal_signal_pending(current)) { 1240 err = -ERESTARTSYS; 1241 goto errout; 1242 } 1243 cond_resched(); 1244 block = dx_get_block(frame->at); 1245 ret = htree_dirblock_to_tree(dir_file, dir, block, &hinfo, 1246 start_hash, start_minor_hash); 1247 if (ret < 0) { 1248 err = ret; 1249 goto errout; 1250 } 1251 count += ret; 1252 hashval = ~0; 1253 ret = ext4_htree_next_block(dir, HASH_NB_ALWAYS, 1254 frame, frames, &hashval); 1255 *next_hash = hashval; 1256 if (ret < 0) { 1257 err = ret; 1258 goto errout; 1259 } 1260 /* 1261 * Stop if: (a) there are no more entries, or 1262 * (b) we have inserted at least one entry and the 1263 * next hash value is not a continuation 1264 */ 1265 if ((ret == 0) || 1266 (count && ((hashval & 1) == 0))) 1267 break; 1268 } 1269 dx_release(frames); 1270 dxtrace(printk(KERN_DEBUG "Fill tree: returned %d entries, " 1271 "next hash: %x\n", count, *next_hash)); 1272 return count; 1273 errout: 1274 dx_release(frames); 1275 return (err); 1276 } 1277 1278 static inline int search_dirblock(struct buffer_head *bh, 1279 struct inode *dir, 1280 struct ext4_filename *fname, 1281 unsigned int offset, 1282 struct ext4_dir_entry_2 **res_dir) 1283 { 1284 return ext4_search_dir(bh, bh->b_data, dir->i_sb->s_blocksize, dir, 1285 fname, offset, res_dir); 1286 } 1287 1288 /* 1289 * Directory block splitting, compacting 1290 */ 1291 1292 /* 1293 * Create map of hash values, offsets, and sizes, stored at end of block. 1294 * Returns number of entries mapped. 1295 */ 1296 static int dx_make_map(struct inode *dir, struct buffer_head *bh, 1297 struct dx_hash_info *hinfo, 1298 struct dx_map_entry *map_tail) 1299 { 1300 int count = 0; 1301 struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *)bh->b_data; 1302 unsigned int buflen = bh->b_size; 1303 char *base = bh->b_data; 1304 struct dx_hash_info h = *hinfo; 1305 1306 if (ext4_has_metadata_csum(dir->i_sb)) 1307 buflen -= sizeof(struct ext4_dir_entry_tail); 1308 1309 while ((char *) de < base + buflen) { 1310 if (ext4_check_dir_entry(dir, NULL, de, bh, base, buflen, 1311 ((char *)de) - base)) 1312 return -EFSCORRUPTED; 1313 if (de->name_len && de->inode) { 1314 if (ext4_hash_in_dirent(dir)) 1315 h.hash = EXT4_DIRENT_HASH(de); 1316 else 1317 ext4fs_dirhash(dir, de->name, de->name_len, &h); 1318 map_tail--; 1319 map_tail->hash = h.hash; 1320 map_tail->offs = ((char *) de - base)>>2; 1321 map_tail->size = le16_to_cpu(de->rec_len); 1322 count++; 1323 cond_resched(); 1324 } 1325 de = ext4_next_entry(de, dir->i_sb->s_blocksize); 1326 } 1327 return count; 1328 } 1329 1330 /* Sort map by hash value */ 1331 static void dx_sort_map (struct dx_map_entry *map, unsigned count) 1332 { 1333 struct dx_map_entry *p, *q, *top = map + count - 1; 1334 int more; 1335 /* Combsort until bubble sort doesn't suck */ 1336 while (count > 2) { 1337 count = count*10/13; 1338 if (count - 9 < 2) /* 9, 10 -> 11 */ 1339 count = 11; 1340 for (p = top, q = p - count; q >= map; p--, q--) 1341 if (p->hash < q->hash) 1342 swap(*p, *q); 1343 } 1344 /* Garden variety bubble sort */ 1345 do { 1346 more = 0; 1347 q = top; 1348 while (q-- > map) { 1349 if (q[1].hash >= q[0].hash) 1350 continue; 1351 swap(*(q+1), *q); 1352 more = 1; 1353 } 1354 } while(more); 1355 } 1356 1357 static void dx_insert_block(struct dx_frame *frame, u32 hash, ext4_lblk_t block) 1358 { 1359 struct dx_entry *entries = frame->entries; 1360 struct dx_entry *old = frame->at, *new = old + 1; 1361 int count = dx_get_count(entries); 1362 1363 ASSERT(count < dx_get_limit(entries)); 1364 ASSERT(old < entries + count); 1365 memmove(new + 1, new, (char *)(entries + count) - (char *)(new)); 1366 dx_set_hash(new, hash); 1367 dx_set_block(new, block); 1368 dx_set_count(entries, count + 1); 1369 } 1370 1371 #if IS_ENABLED(CONFIG_UNICODE) 1372 /* 1373 * Test whether a case-insensitive directory entry matches the filename 1374 * being searched for. If quick is set, assume the name being looked up 1375 * is already in the casefolded form. 1376 * 1377 * Returns: 0 if the directory entry matches, more than 0 if it 1378 * doesn't match or less than zero on error. 1379 */ 1380 static int ext4_ci_compare(const struct inode *parent, const struct qstr *name, 1381 u8 *de_name, size_t de_name_len, bool quick) 1382 { 1383 const struct super_block *sb = parent->i_sb; 1384 const struct unicode_map *um = sb->s_encoding; 1385 struct fscrypt_str decrypted_name = FSTR_INIT(NULL, de_name_len); 1386 struct qstr entry = QSTR_INIT(de_name, de_name_len); 1387 int ret; 1388 1389 if (IS_ENCRYPTED(parent)) { 1390 const struct fscrypt_str encrypted_name = 1391 FSTR_INIT(de_name, de_name_len); 1392 1393 decrypted_name.name = kmalloc(de_name_len, GFP_KERNEL); 1394 if (!decrypted_name.name) 1395 return -ENOMEM; 1396 ret = fscrypt_fname_disk_to_usr(parent, 0, 0, &encrypted_name, 1397 &decrypted_name); 1398 if (ret < 0) 1399 goto out; 1400 entry.name = decrypted_name.name; 1401 entry.len = decrypted_name.len; 1402 } 1403 1404 if (quick) 1405 ret = utf8_strncasecmp_folded(um, name, &entry); 1406 else 1407 ret = utf8_strncasecmp(um, name, &entry); 1408 if (ret < 0) { 1409 /* Handle invalid character sequence as either an error 1410 * or as an opaque byte sequence. 1411 */ 1412 if (sb_has_strict_encoding(sb)) 1413 ret = -EINVAL; 1414 else if (name->len != entry.len) 1415 ret = 1; 1416 else 1417 ret = !!memcmp(name->name, entry.name, entry.len); 1418 } 1419 out: 1420 kfree(decrypted_name.name); 1421 return ret; 1422 } 1423 1424 int ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname, 1425 struct ext4_filename *name) 1426 { 1427 struct fscrypt_str *cf_name = &name->cf_name; 1428 struct dx_hash_info *hinfo = &name->hinfo; 1429 int len; 1430 1431 if (!IS_CASEFOLDED(dir) || !dir->i_sb->s_encoding || 1432 (IS_ENCRYPTED(dir) && !fscrypt_has_encryption_key(dir))) { 1433 cf_name->name = NULL; 1434 return 0; 1435 } 1436 1437 cf_name->name = kmalloc(EXT4_NAME_LEN, GFP_NOFS); 1438 if (!cf_name->name) 1439 return -ENOMEM; 1440 1441 len = utf8_casefold(dir->i_sb->s_encoding, 1442 iname, cf_name->name, 1443 EXT4_NAME_LEN); 1444 if (len <= 0) { 1445 kfree(cf_name->name); 1446 cf_name->name = NULL; 1447 } 1448 cf_name->len = (unsigned) len; 1449 if (!IS_ENCRYPTED(dir)) 1450 return 0; 1451 1452 hinfo->hash_version = DX_HASH_SIPHASH; 1453 hinfo->seed = NULL; 1454 if (cf_name->name) 1455 ext4fs_dirhash(dir, cf_name->name, cf_name->len, hinfo); 1456 else 1457 ext4fs_dirhash(dir, iname->name, iname->len, hinfo); 1458 return 0; 1459 } 1460 #endif 1461 1462 /* 1463 * Test whether a directory entry matches the filename being searched for. 1464 * 1465 * Return: %true if the directory entry matches, otherwise %false. 1466 */ 1467 static bool ext4_match(struct inode *parent, 1468 const struct ext4_filename *fname, 1469 struct ext4_dir_entry_2 *de) 1470 { 1471 struct fscrypt_name f; 1472 1473 if (!de->inode) 1474 return false; 1475 1476 f.usr_fname = fname->usr_fname; 1477 f.disk_name = fname->disk_name; 1478 #ifdef CONFIG_FS_ENCRYPTION 1479 f.crypto_buf = fname->crypto_buf; 1480 #endif 1481 1482 #if IS_ENABLED(CONFIG_UNICODE) 1483 if (parent->i_sb->s_encoding && IS_CASEFOLDED(parent) && 1484 (!IS_ENCRYPTED(parent) || fscrypt_has_encryption_key(parent))) { 1485 if (fname->cf_name.name) { 1486 struct qstr cf = {.name = fname->cf_name.name, 1487 .len = fname->cf_name.len}; 1488 if (IS_ENCRYPTED(parent)) { 1489 if (fname->hinfo.hash != EXT4_DIRENT_HASH(de) || 1490 fname->hinfo.minor_hash != 1491 EXT4_DIRENT_MINOR_HASH(de)) { 1492 1493 return false; 1494 } 1495 } 1496 return !ext4_ci_compare(parent, &cf, de->name, 1497 de->name_len, true); 1498 } 1499 return !ext4_ci_compare(parent, fname->usr_fname, de->name, 1500 de->name_len, false); 1501 } 1502 #endif 1503 1504 return fscrypt_match_name(&f, de->name, de->name_len); 1505 } 1506 1507 /* 1508 * Returns 0 if not found, -1 on failure, and 1 on success 1509 */ 1510 int ext4_search_dir(struct buffer_head *bh, char *search_buf, int buf_size, 1511 struct inode *dir, struct ext4_filename *fname, 1512 unsigned int offset, struct ext4_dir_entry_2 **res_dir) 1513 { 1514 struct ext4_dir_entry_2 * de; 1515 char * dlimit; 1516 int de_len; 1517 1518 de = (struct ext4_dir_entry_2 *)search_buf; 1519 dlimit = search_buf + buf_size; 1520 while ((char *) de < dlimit - EXT4_BASE_DIR_LEN) { 1521 /* this code is executed quadratically often */ 1522 /* do minimal checking `by hand' */ 1523 if (de->name + de->name_len <= dlimit && 1524 ext4_match(dir, fname, de)) { 1525 /* found a match - just to be sure, do 1526 * a full check */ 1527 if (ext4_check_dir_entry(dir, NULL, de, bh, search_buf, 1528 buf_size, offset)) 1529 return -1; 1530 *res_dir = de; 1531 return 1; 1532 } 1533 /* prevent looping on a bad block */ 1534 de_len = ext4_rec_len_from_disk(de->rec_len, 1535 dir->i_sb->s_blocksize); 1536 if (de_len <= 0) 1537 return -1; 1538 offset += de_len; 1539 de = (struct ext4_dir_entry_2 *) ((char *) de + de_len); 1540 } 1541 return 0; 1542 } 1543 1544 static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block, 1545 struct ext4_dir_entry *de) 1546 { 1547 struct super_block *sb = dir->i_sb; 1548 1549 if (!is_dx(dir)) 1550 return 0; 1551 if (block == 0) 1552 return 1; 1553 if (de->inode == 0 && 1554 ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize) == 1555 sb->s_blocksize) 1556 return 1; 1557 return 0; 1558 } 1559 1560 /* 1561 * __ext4_find_entry() 1562 * 1563 * finds an entry in the specified directory with the wanted name. It 1564 * returns the cache buffer in which the entry was found, and the entry 1565 * itself (as a parameter - res_dir). It does NOT read the inode of the 1566 * entry - you'll have to do that yourself if you want to. 1567 * 1568 * The returned buffer_head has ->b_count elevated. The caller is expected 1569 * to brelse() it when appropriate. 1570 */ 1571 static struct buffer_head *__ext4_find_entry(struct inode *dir, 1572 struct ext4_filename *fname, 1573 struct ext4_dir_entry_2 **res_dir, 1574 int *inlined) 1575 { 1576 struct super_block *sb; 1577 struct buffer_head *bh_use[NAMEI_RA_SIZE]; 1578 struct buffer_head *bh, *ret = NULL; 1579 ext4_lblk_t start, block; 1580 const u8 *name = fname->usr_fname->name; 1581 size_t ra_max = 0; /* Number of bh's in the readahead 1582 buffer, bh_use[] */ 1583 size_t ra_ptr = 0; /* Current index into readahead 1584 buffer */ 1585 ext4_lblk_t nblocks; 1586 int i, namelen, retval; 1587 1588 *res_dir = NULL; 1589 sb = dir->i_sb; 1590 namelen = fname->usr_fname->len; 1591 if (namelen > EXT4_NAME_LEN) 1592 return NULL; 1593 1594 if (ext4_has_inline_data(dir)) { 1595 int has_inline_data = 1; 1596 ret = ext4_find_inline_entry(dir, fname, res_dir, 1597 &has_inline_data); 1598 if (inlined) 1599 *inlined = has_inline_data; 1600 if (has_inline_data) 1601 goto cleanup_and_exit; 1602 } 1603 1604 if ((namelen <= 2) && (name[0] == '.') && 1605 (name[1] == '.' || name[1] == '\0')) { 1606 /* 1607 * "." or ".." will only be in the first block 1608 * NFS may look up ".."; "." should be handled by the VFS 1609 */ 1610 block = start = 0; 1611 nblocks = 1; 1612 goto restart; 1613 } 1614 if (is_dx(dir)) { 1615 ret = ext4_dx_find_entry(dir, fname, res_dir); 1616 /* 1617 * On success, or if the error was file not found, 1618 * return. Otherwise, fall back to doing a search the 1619 * old fashioned way. 1620 */ 1621 if (!IS_ERR(ret) || PTR_ERR(ret) != ERR_BAD_DX_DIR) 1622 goto cleanup_and_exit; 1623 dxtrace(printk(KERN_DEBUG "ext4_find_entry: dx failed, " 1624 "falling back\n")); 1625 ret = NULL; 1626 } 1627 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1628 if (!nblocks) { 1629 ret = NULL; 1630 goto cleanup_and_exit; 1631 } 1632 start = EXT4_I(dir)->i_dir_start_lookup; 1633 if (start >= nblocks) 1634 start = 0; 1635 block = start; 1636 restart: 1637 do { 1638 /* 1639 * We deal with the read-ahead logic here. 1640 */ 1641 cond_resched(); 1642 if (ra_ptr >= ra_max) { 1643 /* Refill the readahead buffer */ 1644 ra_ptr = 0; 1645 if (block < start) 1646 ra_max = start - block; 1647 else 1648 ra_max = nblocks - block; 1649 ra_max = min(ra_max, ARRAY_SIZE(bh_use)); 1650 retval = ext4_bread_batch(dir, block, ra_max, 1651 false /* wait */, bh_use); 1652 if (retval) { 1653 ret = ERR_PTR(retval); 1654 ra_max = 0; 1655 goto cleanup_and_exit; 1656 } 1657 } 1658 if ((bh = bh_use[ra_ptr++]) == NULL) 1659 goto next; 1660 wait_on_buffer(bh); 1661 if (!buffer_uptodate(bh)) { 1662 EXT4_ERROR_INODE_ERR(dir, EIO, 1663 "reading directory lblock %lu", 1664 (unsigned long) block); 1665 brelse(bh); 1666 ret = ERR_PTR(-EIO); 1667 goto cleanup_and_exit; 1668 } 1669 if (!buffer_verified(bh) && 1670 !is_dx_internal_node(dir, block, 1671 (struct ext4_dir_entry *)bh->b_data) && 1672 !ext4_dirblock_csum_verify(dir, bh)) { 1673 EXT4_ERROR_INODE_ERR(dir, EFSBADCRC, 1674 "checksumming directory " 1675 "block %lu", (unsigned long)block); 1676 brelse(bh); 1677 ret = ERR_PTR(-EFSBADCRC); 1678 goto cleanup_and_exit; 1679 } 1680 set_buffer_verified(bh); 1681 i = search_dirblock(bh, dir, fname, 1682 block << EXT4_BLOCK_SIZE_BITS(sb), res_dir); 1683 if (i == 1) { 1684 EXT4_I(dir)->i_dir_start_lookup = block; 1685 ret = bh; 1686 goto cleanup_and_exit; 1687 } else { 1688 brelse(bh); 1689 if (i < 0) 1690 goto cleanup_and_exit; 1691 } 1692 next: 1693 if (++block >= nblocks) 1694 block = 0; 1695 } while (block != start); 1696 1697 /* 1698 * If the directory has grown while we were searching, then 1699 * search the last part of the directory before giving up. 1700 */ 1701 block = nblocks; 1702 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1703 if (block < nblocks) { 1704 start = 0; 1705 goto restart; 1706 } 1707 1708 cleanup_and_exit: 1709 /* Clean up the read-ahead blocks */ 1710 for (; ra_ptr < ra_max; ra_ptr++) 1711 brelse(bh_use[ra_ptr]); 1712 return ret; 1713 } 1714 1715 static struct buffer_head *ext4_find_entry(struct inode *dir, 1716 const struct qstr *d_name, 1717 struct ext4_dir_entry_2 **res_dir, 1718 int *inlined) 1719 { 1720 int err; 1721 struct ext4_filename fname; 1722 struct buffer_head *bh; 1723 1724 err = ext4_fname_setup_filename(dir, d_name, 1, &fname); 1725 if (err == -ENOENT) 1726 return NULL; 1727 if (err) 1728 return ERR_PTR(err); 1729 1730 bh = __ext4_find_entry(dir, &fname, res_dir, inlined); 1731 1732 ext4_fname_free_filename(&fname); 1733 return bh; 1734 } 1735 1736 static struct buffer_head *ext4_lookup_entry(struct inode *dir, 1737 struct dentry *dentry, 1738 struct ext4_dir_entry_2 **res_dir) 1739 { 1740 int err; 1741 struct ext4_filename fname; 1742 struct buffer_head *bh; 1743 1744 err = ext4_fname_prepare_lookup(dir, dentry, &fname); 1745 generic_set_encrypted_ci_d_ops(dentry); 1746 if (err == -ENOENT) 1747 return NULL; 1748 if (err) 1749 return ERR_PTR(err); 1750 1751 bh = __ext4_find_entry(dir, &fname, res_dir, NULL); 1752 1753 ext4_fname_free_filename(&fname); 1754 return bh; 1755 } 1756 1757 static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 1758 struct ext4_filename *fname, 1759 struct ext4_dir_entry_2 **res_dir) 1760 { 1761 struct super_block * sb = dir->i_sb; 1762 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1763 struct buffer_head *bh; 1764 ext4_lblk_t block; 1765 int retval; 1766 1767 #ifdef CONFIG_FS_ENCRYPTION 1768 *res_dir = NULL; 1769 #endif 1770 frame = dx_probe(fname, dir, NULL, frames); 1771 if (IS_ERR(frame)) 1772 return (struct buffer_head *) frame; 1773 do { 1774 block = dx_get_block(frame->at); 1775 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1776 if (IS_ERR(bh)) 1777 goto errout; 1778 1779 retval = search_dirblock(bh, dir, fname, 1780 block << EXT4_BLOCK_SIZE_BITS(sb), 1781 res_dir); 1782 if (retval == 1) 1783 goto success; 1784 brelse(bh); 1785 if (retval == -1) { 1786 bh = ERR_PTR(ERR_BAD_DX_DIR); 1787 goto errout; 1788 } 1789 1790 /* Check to see if we should continue to search */ 1791 retval = ext4_htree_next_block(dir, fname->hinfo.hash, frame, 1792 frames, NULL); 1793 if (retval < 0) { 1794 ext4_warning_inode(dir, 1795 "error %d reading directory index block", 1796 retval); 1797 bh = ERR_PTR(retval); 1798 goto errout; 1799 } 1800 } while (retval == 1); 1801 1802 bh = NULL; 1803 errout: 1804 dxtrace(printk(KERN_DEBUG "%s not found\n", fname->usr_fname->name)); 1805 success: 1806 dx_release(frames); 1807 return bh; 1808 } 1809 1810 static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags) 1811 { 1812 struct inode *inode; 1813 struct ext4_dir_entry_2 *de; 1814 struct buffer_head *bh; 1815 1816 if (dentry->d_name.len > EXT4_NAME_LEN) 1817 return ERR_PTR(-ENAMETOOLONG); 1818 1819 bh = ext4_lookup_entry(dir, dentry, &de); 1820 if (IS_ERR(bh)) 1821 return ERR_CAST(bh); 1822 inode = NULL; 1823 if (bh) { 1824 __u32 ino = le32_to_cpu(de->inode); 1825 brelse(bh); 1826 if (!ext4_valid_inum(dir->i_sb, ino)) { 1827 EXT4_ERROR_INODE(dir, "bad inode number: %u", ino); 1828 return ERR_PTR(-EFSCORRUPTED); 1829 } 1830 if (unlikely(ino == dir->i_ino)) { 1831 EXT4_ERROR_INODE(dir, "'%pd' linked to parent dir", 1832 dentry); 1833 return ERR_PTR(-EFSCORRUPTED); 1834 } 1835 inode = ext4_iget(dir->i_sb, ino, EXT4_IGET_NORMAL); 1836 if (inode == ERR_PTR(-ESTALE)) { 1837 EXT4_ERROR_INODE(dir, 1838 "deleted inode referenced: %u", 1839 ino); 1840 return ERR_PTR(-EFSCORRUPTED); 1841 } 1842 if (!IS_ERR(inode) && IS_ENCRYPTED(dir) && 1843 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 1844 !fscrypt_has_permitted_context(dir, inode)) { 1845 ext4_warning(inode->i_sb, 1846 "Inconsistent encryption contexts: %lu/%lu", 1847 dir->i_ino, inode->i_ino); 1848 iput(inode); 1849 return ERR_PTR(-EPERM); 1850 } 1851 } 1852 1853 #if IS_ENABLED(CONFIG_UNICODE) 1854 if (!inode && IS_CASEFOLDED(dir)) { 1855 /* Eventually we want to call d_add_ci(dentry, NULL) 1856 * for negative dentries in the encoding case as 1857 * well. For now, prevent the negative dentry 1858 * from being cached. 1859 */ 1860 return NULL; 1861 } 1862 #endif 1863 return d_splice_alias(inode, dentry); 1864 } 1865 1866 1867 struct dentry *ext4_get_parent(struct dentry *child) 1868 { 1869 __u32 ino; 1870 struct ext4_dir_entry_2 * de; 1871 struct buffer_head *bh; 1872 1873 bh = ext4_find_entry(d_inode(child), &dotdot_name, &de, NULL); 1874 if (IS_ERR(bh)) 1875 return ERR_CAST(bh); 1876 if (!bh) 1877 return ERR_PTR(-ENOENT); 1878 ino = le32_to_cpu(de->inode); 1879 brelse(bh); 1880 1881 if (!ext4_valid_inum(child->d_sb, ino)) { 1882 EXT4_ERROR_INODE(d_inode(child), 1883 "bad parent inode number: %u", ino); 1884 return ERR_PTR(-EFSCORRUPTED); 1885 } 1886 1887 return d_obtain_alias(ext4_iget(child->d_sb, ino, EXT4_IGET_NORMAL)); 1888 } 1889 1890 /* 1891 * Move count entries from end of map between two memory locations. 1892 * Returns pointer to last entry moved. 1893 */ 1894 static struct ext4_dir_entry_2 * 1895 dx_move_dirents(struct inode *dir, char *from, char *to, 1896 struct dx_map_entry *map, int count, 1897 unsigned blocksize) 1898 { 1899 unsigned rec_len = 0; 1900 1901 while (count--) { 1902 struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *) 1903 (from + (map->offs<<2)); 1904 rec_len = ext4_dir_rec_len(de->name_len, dir); 1905 1906 memcpy (to, de, rec_len); 1907 ((struct ext4_dir_entry_2 *) to)->rec_len = 1908 ext4_rec_len_to_disk(rec_len, blocksize); 1909 1910 /* wipe dir_entry excluding the rec_len field */ 1911 de->inode = 0; 1912 memset(&de->name_len, 0, ext4_rec_len_from_disk(de->rec_len, 1913 blocksize) - 1914 offsetof(struct ext4_dir_entry_2, 1915 name_len)); 1916 1917 map++; 1918 to += rec_len; 1919 } 1920 return (struct ext4_dir_entry_2 *) (to - rec_len); 1921 } 1922 1923 /* 1924 * Compact each dir entry in the range to the minimal rec_len. 1925 * Returns pointer to last entry in range. 1926 */ 1927 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 1928 unsigned int blocksize) 1929 { 1930 struct ext4_dir_entry_2 *next, *to, *prev, *de = (struct ext4_dir_entry_2 *) base; 1931 unsigned rec_len = 0; 1932 1933 prev = to = de; 1934 while ((char*)de < base + blocksize) { 1935 next = ext4_next_entry(de, blocksize); 1936 if (de->inode && de->name_len) { 1937 rec_len = ext4_dir_rec_len(de->name_len, dir); 1938 if (de > to) 1939 memmove(to, de, rec_len); 1940 to->rec_len = ext4_rec_len_to_disk(rec_len, blocksize); 1941 prev = to; 1942 to = (struct ext4_dir_entry_2 *) (((char *) to) + rec_len); 1943 } 1944 de = next; 1945 } 1946 return prev; 1947 } 1948 1949 /* 1950 * Split a full leaf block to make room for a new dir entry. 1951 * Allocate a new block, and move entries so that they are approx. equally full. 1952 * Returns pointer to de in block into which the new entry will be inserted. 1953 */ 1954 static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir, 1955 struct buffer_head **bh,struct dx_frame *frame, 1956 struct dx_hash_info *hinfo) 1957 { 1958 unsigned blocksize = dir->i_sb->s_blocksize; 1959 unsigned continued; 1960 int count; 1961 struct buffer_head *bh2; 1962 ext4_lblk_t newblock; 1963 u32 hash2; 1964 struct dx_map_entry *map; 1965 char *data1 = (*bh)->b_data, *data2; 1966 unsigned split, move, size; 1967 struct ext4_dir_entry_2 *de = NULL, *de2; 1968 int csum_size = 0; 1969 int err = 0, i; 1970 1971 if (ext4_has_metadata_csum(dir->i_sb)) 1972 csum_size = sizeof(struct ext4_dir_entry_tail); 1973 1974 bh2 = ext4_append(handle, dir, &newblock); 1975 if (IS_ERR(bh2)) { 1976 brelse(*bh); 1977 *bh = NULL; 1978 return (struct ext4_dir_entry_2 *) bh2; 1979 } 1980 1981 BUFFER_TRACE(*bh, "get_write_access"); 1982 err = ext4_journal_get_write_access(handle, dir->i_sb, *bh, 1983 EXT4_JTR_NONE); 1984 if (err) 1985 goto journal_error; 1986 1987 BUFFER_TRACE(frame->bh, "get_write_access"); 1988 err = ext4_journal_get_write_access(handle, dir->i_sb, frame->bh, 1989 EXT4_JTR_NONE); 1990 if (err) 1991 goto journal_error; 1992 1993 data2 = bh2->b_data; 1994 1995 /* create map in the end of data2 block */ 1996 map = (struct dx_map_entry *) (data2 + blocksize); 1997 count = dx_make_map(dir, *bh, hinfo, map); 1998 if (count < 0) { 1999 err = count; 2000 goto journal_error; 2001 } 2002 map -= count; 2003 dx_sort_map(map, count); 2004 /* Ensure that neither split block is over half full */ 2005 size = 0; 2006 move = 0; 2007 for (i = count-1; i >= 0; i--) { 2008 /* is more than half of this entry in 2nd half of the block? */ 2009 if (size + map[i].size/2 > blocksize/2) 2010 break; 2011 size += map[i].size; 2012 move++; 2013 } 2014 /* 2015 * map index at which we will split 2016 * 2017 * If the sum of active entries didn't exceed half the block size, just 2018 * split it in half by count; each resulting block will have at least 2019 * half the space free. 2020 */ 2021 if (i > 0) 2022 split = count - move; 2023 else 2024 split = count/2; 2025 2026 hash2 = map[split].hash; 2027 continued = hash2 == map[split - 1].hash; 2028 dxtrace(printk(KERN_INFO "Split block %lu at %x, %i/%i\n", 2029 (unsigned long)dx_get_block(frame->at), 2030 hash2, split, count-split)); 2031 2032 /* Fancy dance to stay within two buffers */ 2033 de2 = dx_move_dirents(dir, data1, data2, map + split, count - split, 2034 blocksize); 2035 de = dx_pack_dirents(dir, data1, blocksize); 2036 de->rec_len = ext4_rec_len_to_disk(data1 + (blocksize - csum_size) - 2037 (char *) de, 2038 blocksize); 2039 de2->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 2040 (char *) de2, 2041 blocksize); 2042 if (csum_size) { 2043 ext4_initialize_dirent_tail(*bh, blocksize); 2044 ext4_initialize_dirent_tail(bh2, blocksize); 2045 } 2046 2047 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data1, 2048 blocksize, 1)); 2049 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data2, 2050 blocksize, 1)); 2051 2052 /* Which block gets the new entry? */ 2053 if (hinfo->hash >= hash2) { 2054 swap(*bh, bh2); 2055 de = de2; 2056 } 2057 dx_insert_block(frame, hash2 + continued, newblock); 2058 err = ext4_handle_dirty_dirblock(handle, dir, bh2); 2059 if (err) 2060 goto journal_error; 2061 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2062 if (err) 2063 goto journal_error; 2064 brelse(bh2); 2065 dxtrace(dx_show_index("frame", frame->entries)); 2066 return de; 2067 2068 journal_error: 2069 brelse(*bh); 2070 brelse(bh2); 2071 *bh = NULL; 2072 ext4_std_error(dir->i_sb, err); 2073 return ERR_PTR(err); 2074 } 2075 2076 int ext4_find_dest_de(struct inode *dir, struct inode *inode, 2077 struct buffer_head *bh, 2078 void *buf, int buf_size, 2079 struct ext4_filename *fname, 2080 struct ext4_dir_entry_2 **dest_de) 2081 { 2082 struct ext4_dir_entry_2 *de; 2083 unsigned short reclen = ext4_dir_rec_len(fname_len(fname), dir); 2084 int nlen, rlen; 2085 unsigned int offset = 0; 2086 char *top; 2087 2088 de = buf; 2089 top = buf + buf_size - reclen; 2090 while ((char *) de <= top) { 2091 if (ext4_check_dir_entry(dir, NULL, de, bh, 2092 buf, buf_size, offset)) 2093 return -EFSCORRUPTED; 2094 if (ext4_match(dir, fname, de)) 2095 return -EEXIST; 2096 nlen = ext4_dir_rec_len(de->name_len, dir); 2097 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2098 if ((de->inode ? rlen - nlen : rlen) >= reclen) 2099 break; 2100 de = (struct ext4_dir_entry_2 *)((char *)de + rlen); 2101 offset += rlen; 2102 } 2103 if ((char *) de > top) 2104 return -ENOSPC; 2105 2106 *dest_de = de; 2107 return 0; 2108 } 2109 2110 void ext4_insert_dentry(struct inode *dir, 2111 struct inode *inode, 2112 struct ext4_dir_entry_2 *de, 2113 int buf_size, 2114 struct ext4_filename *fname) 2115 { 2116 2117 int nlen, rlen; 2118 2119 nlen = ext4_dir_rec_len(de->name_len, dir); 2120 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2121 if (de->inode) { 2122 struct ext4_dir_entry_2 *de1 = 2123 (struct ext4_dir_entry_2 *)((char *)de + nlen); 2124 de1->rec_len = ext4_rec_len_to_disk(rlen - nlen, buf_size); 2125 de->rec_len = ext4_rec_len_to_disk(nlen, buf_size); 2126 de = de1; 2127 } 2128 de->file_type = EXT4_FT_UNKNOWN; 2129 de->inode = cpu_to_le32(inode->i_ino); 2130 ext4_set_de_type(inode->i_sb, de, inode->i_mode); 2131 de->name_len = fname_len(fname); 2132 memcpy(de->name, fname_name(fname), fname_len(fname)); 2133 if (ext4_hash_in_dirent(dir)) { 2134 struct dx_hash_info *hinfo = &fname->hinfo; 2135 2136 EXT4_DIRENT_HASHES(de)->hash = cpu_to_le32(hinfo->hash); 2137 EXT4_DIRENT_HASHES(de)->minor_hash = 2138 cpu_to_le32(hinfo->minor_hash); 2139 } 2140 } 2141 2142 /* 2143 * Add a new entry into a directory (leaf) block. If de is non-NULL, 2144 * it points to a directory entry which is guaranteed to be large 2145 * enough for new directory entry. If de is NULL, then 2146 * add_dirent_to_buf will attempt search the directory block for 2147 * space. It will return -ENOSPC if no space is available, and -EIO 2148 * and -EEXIST if directory entry already exists. 2149 */ 2150 static int add_dirent_to_buf(handle_t *handle, struct ext4_filename *fname, 2151 struct inode *dir, 2152 struct inode *inode, struct ext4_dir_entry_2 *de, 2153 struct buffer_head *bh) 2154 { 2155 unsigned int blocksize = dir->i_sb->s_blocksize; 2156 int csum_size = 0; 2157 int err, err2; 2158 2159 if (ext4_has_metadata_csum(inode->i_sb)) 2160 csum_size = sizeof(struct ext4_dir_entry_tail); 2161 2162 if (!de) { 2163 err = ext4_find_dest_de(dir, inode, bh, bh->b_data, 2164 blocksize - csum_size, fname, &de); 2165 if (err) 2166 return err; 2167 } 2168 BUFFER_TRACE(bh, "get_write_access"); 2169 err = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2170 EXT4_JTR_NONE); 2171 if (err) { 2172 ext4_std_error(dir->i_sb, err); 2173 return err; 2174 } 2175 2176 /* By now the buffer is marked for journaling */ 2177 ext4_insert_dentry(dir, inode, de, blocksize, fname); 2178 2179 /* 2180 * XXX shouldn't update any times until successful 2181 * completion of syscall, but too many callers depend 2182 * on this. 2183 * 2184 * XXX similarly, too many callers depend on 2185 * ext4_new_inode() setting the times, but error 2186 * recovery deletes the inode, so the worst that can 2187 * happen is that the times are slightly out of date 2188 * and/or different from the directory change time. 2189 */ 2190 dir->i_mtime = dir->i_ctime = current_time(dir); 2191 ext4_update_dx_flag(dir); 2192 inode_inc_iversion(dir); 2193 err2 = ext4_mark_inode_dirty(handle, dir); 2194 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2195 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2196 if (err) 2197 ext4_std_error(dir->i_sb, err); 2198 return err ? err : err2; 2199 } 2200 2201 /* 2202 * This converts a one block unindexed directory to a 3 block indexed 2203 * directory, and adds the dentry to the indexed directory. 2204 */ 2205 static int make_indexed_dir(handle_t *handle, struct ext4_filename *fname, 2206 struct inode *dir, 2207 struct inode *inode, struct buffer_head *bh) 2208 { 2209 struct buffer_head *bh2; 2210 struct dx_root *root; 2211 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2212 struct dx_entry *entries; 2213 struct ext4_dir_entry_2 *de, *de2; 2214 char *data2, *top; 2215 unsigned len; 2216 int retval; 2217 unsigned blocksize; 2218 ext4_lblk_t block; 2219 struct fake_dirent *fde; 2220 int csum_size = 0; 2221 2222 if (ext4_has_metadata_csum(inode->i_sb)) 2223 csum_size = sizeof(struct ext4_dir_entry_tail); 2224 2225 blocksize = dir->i_sb->s_blocksize; 2226 dxtrace(printk(KERN_DEBUG "Creating index: inode %lu\n", dir->i_ino)); 2227 BUFFER_TRACE(bh, "get_write_access"); 2228 retval = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2229 EXT4_JTR_NONE); 2230 if (retval) { 2231 ext4_std_error(dir->i_sb, retval); 2232 brelse(bh); 2233 return retval; 2234 } 2235 root = (struct dx_root *) bh->b_data; 2236 2237 /* The 0th block becomes the root, move the dirents out */ 2238 fde = &root->dotdot; 2239 de = (struct ext4_dir_entry_2 *)((char *)fde + 2240 ext4_rec_len_from_disk(fde->rec_len, blocksize)); 2241 if ((char *) de >= (((char *) root) + blocksize)) { 2242 EXT4_ERROR_INODE(dir, "invalid rec_len for '..'"); 2243 brelse(bh); 2244 return -EFSCORRUPTED; 2245 } 2246 len = ((char *) root) + (blocksize - csum_size) - (char *) de; 2247 2248 /* Allocate new block for the 0th block's dirents */ 2249 bh2 = ext4_append(handle, dir, &block); 2250 if (IS_ERR(bh2)) { 2251 brelse(bh); 2252 return PTR_ERR(bh2); 2253 } 2254 ext4_set_inode_flag(dir, EXT4_INODE_INDEX); 2255 data2 = bh2->b_data; 2256 2257 memcpy(data2, de, len); 2258 memset(de, 0, len); /* wipe old data */ 2259 de = (struct ext4_dir_entry_2 *) data2; 2260 top = data2 + len; 2261 while ((char *)(de2 = ext4_next_entry(de, blocksize)) < top) { 2262 if (ext4_check_dir_entry(dir, NULL, de, bh2, data2, len, 2263 (data2 + (blocksize - csum_size) - 2264 (char *) de))) { 2265 brelse(bh2); 2266 brelse(bh); 2267 return -EFSCORRUPTED; 2268 } 2269 de = de2; 2270 } 2271 de->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 2272 (char *) de, blocksize); 2273 2274 if (csum_size) 2275 ext4_initialize_dirent_tail(bh2, blocksize); 2276 2277 /* Initialize the root; the dot dirents already exist */ 2278 de = (struct ext4_dir_entry_2 *) (&root->dotdot); 2279 de->rec_len = ext4_rec_len_to_disk( 2280 blocksize - ext4_dir_rec_len(2, NULL), blocksize); 2281 memset (&root->info, 0, sizeof(root->info)); 2282 root->info.info_length = sizeof(root->info); 2283 if (ext4_hash_in_dirent(dir)) 2284 root->info.hash_version = DX_HASH_SIPHASH; 2285 else 2286 root->info.hash_version = 2287 EXT4_SB(dir->i_sb)->s_def_hash_version; 2288 2289 entries = root->entries; 2290 dx_set_block(entries, 1); 2291 dx_set_count(entries, 1); 2292 dx_set_limit(entries, dx_root_limit(dir, sizeof(root->info))); 2293 2294 /* Initialize as for dx_probe */ 2295 fname->hinfo.hash_version = root->info.hash_version; 2296 if (fname->hinfo.hash_version <= DX_HASH_TEA) 2297 fname->hinfo.hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 2298 fname->hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 2299 2300 /* casefolded encrypted hashes are computed on fname setup */ 2301 if (!ext4_hash_in_dirent(dir)) 2302 ext4fs_dirhash(dir, fname_name(fname), 2303 fname_len(fname), &fname->hinfo); 2304 2305 memset(frames, 0, sizeof(frames)); 2306 frame = frames; 2307 frame->entries = entries; 2308 frame->at = entries; 2309 frame->bh = bh; 2310 2311 retval = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2312 if (retval) 2313 goto out_frames; 2314 retval = ext4_handle_dirty_dirblock(handle, dir, bh2); 2315 if (retval) 2316 goto out_frames; 2317 2318 de = do_split(handle,dir, &bh2, frame, &fname->hinfo); 2319 if (IS_ERR(de)) { 2320 retval = PTR_ERR(de); 2321 goto out_frames; 2322 } 2323 2324 retval = add_dirent_to_buf(handle, fname, dir, inode, de, bh2); 2325 out_frames: 2326 /* 2327 * Even if the block split failed, we have to properly write 2328 * out all the changes we did so far. Otherwise we can end up 2329 * with corrupted filesystem. 2330 */ 2331 if (retval) 2332 ext4_mark_inode_dirty(handle, dir); 2333 dx_release(frames); 2334 brelse(bh2); 2335 return retval; 2336 } 2337 2338 /* 2339 * ext4_add_entry() 2340 * 2341 * adds a file entry to the specified directory, using the same 2342 * semantics as ext4_find_entry(). It returns NULL if it failed. 2343 * 2344 * NOTE!! The inode part of 'de' is left at 0 - which means you 2345 * may not sleep between calling this and putting something into 2346 * the entry, as someone else might have used it while you slept. 2347 */ 2348 static int ext4_add_entry(handle_t *handle, struct dentry *dentry, 2349 struct inode *inode) 2350 { 2351 struct inode *dir = d_inode(dentry->d_parent); 2352 struct buffer_head *bh = NULL; 2353 struct ext4_dir_entry_2 *de; 2354 struct super_block *sb; 2355 struct ext4_filename fname; 2356 int retval; 2357 int dx_fallback=0; 2358 unsigned blocksize; 2359 ext4_lblk_t block, blocks; 2360 int csum_size = 0; 2361 2362 if (ext4_has_metadata_csum(inode->i_sb)) 2363 csum_size = sizeof(struct ext4_dir_entry_tail); 2364 2365 sb = dir->i_sb; 2366 blocksize = sb->s_blocksize; 2367 if (!dentry->d_name.len) 2368 return -EINVAL; 2369 2370 if (fscrypt_is_nokey_name(dentry)) 2371 return -ENOKEY; 2372 2373 #if IS_ENABLED(CONFIG_UNICODE) 2374 if (sb_has_strict_encoding(sb) && IS_CASEFOLDED(dir) && 2375 sb->s_encoding && utf8_validate(sb->s_encoding, &dentry->d_name)) 2376 return -EINVAL; 2377 #endif 2378 2379 retval = ext4_fname_setup_filename(dir, &dentry->d_name, 0, &fname); 2380 if (retval) 2381 return retval; 2382 2383 if (ext4_has_inline_data(dir)) { 2384 retval = ext4_try_add_inline_entry(handle, &fname, dir, inode); 2385 if (retval < 0) 2386 goto out; 2387 if (retval == 1) { 2388 retval = 0; 2389 goto out; 2390 } 2391 } 2392 2393 if (is_dx(dir)) { 2394 retval = ext4_dx_add_entry(handle, &fname, dir, inode); 2395 if (!retval || (retval != ERR_BAD_DX_DIR)) 2396 goto out; 2397 /* Can we just ignore htree data? */ 2398 if (ext4_has_metadata_csum(sb)) { 2399 EXT4_ERROR_INODE(dir, 2400 "Directory has corrupted htree index."); 2401 retval = -EFSCORRUPTED; 2402 goto out; 2403 } 2404 ext4_clear_inode_flag(dir, EXT4_INODE_INDEX); 2405 dx_fallback++; 2406 retval = ext4_mark_inode_dirty(handle, dir); 2407 if (unlikely(retval)) 2408 goto out; 2409 } 2410 blocks = dir->i_size >> sb->s_blocksize_bits; 2411 for (block = 0; block < blocks; block++) { 2412 bh = ext4_read_dirblock(dir, block, DIRENT); 2413 if (bh == NULL) { 2414 bh = ext4_bread(handle, dir, block, 2415 EXT4_GET_BLOCKS_CREATE); 2416 goto add_to_new_block; 2417 } 2418 if (IS_ERR(bh)) { 2419 retval = PTR_ERR(bh); 2420 bh = NULL; 2421 goto out; 2422 } 2423 retval = add_dirent_to_buf(handle, &fname, dir, inode, 2424 NULL, bh); 2425 if (retval != -ENOSPC) 2426 goto out; 2427 2428 if (blocks == 1 && !dx_fallback && 2429 ext4_has_feature_dir_index(sb)) { 2430 retval = make_indexed_dir(handle, &fname, dir, 2431 inode, bh); 2432 bh = NULL; /* make_indexed_dir releases bh */ 2433 goto out; 2434 } 2435 brelse(bh); 2436 } 2437 bh = ext4_append(handle, dir, &block); 2438 add_to_new_block: 2439 if (IS_ERR(bh)) { 2440 retval = PTR_ERR(bh); 2441 bh = NULL; 2442 goto out; 2443 } 2444 de = (struct ext4_dir_entry_2 *) bh->b_data; 2445 de->inode = 0; 2446 de->rec_len = ext4_rec_len_to_disk(blocksize - csum_size, blocksize); 2447 2448 if (csum_size) 2449 ext4_initialize_dirent_tail(bh, blocksize); 2450 2451 retval = add_dirent_to_buf(handle, &fname, dir, inode, de, bh); 2452 out: 2453 ext4_fname_free_filename(&fname); 2454 brelse(bh); 2455 if (retval == 0) 2456 ext4_set_inode_state(inode, EXT4_STATE_NEWENTRY); 2457 return retval; 2458 } 2459 2460 /* 2461 * Returns 0 for success, or a negative error value 2462 */ 2463 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 2464 struct inode *dir, struct inode *inode) 2465 { 2466 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2467 struct dx_entry *entries, *at; 2468 struct buffer_head *bh; 2469 struct super_block *sb = dir->i_sb; 2470 struct ext4_dir_entry_2 *de; 2471 int restart; 2472 int err; 2473 2474 again: 2475 restart = 0; 2476 frame = dx_probe(fname, dir, NULL, frames); 2477 if (IS_ERR(frame)) 2478 return PTR_ERR(frame); 2479 entries = frame->entries; 2480 at = frame->at; 2481 bh = ext4_read_dirblock(dir, dx_get_block(frame->at), DIRENT_HTREE); 2482 if (IS_ERR(bh)) { 2483 err = PTR_ERR(bh); 2484 bh = NULL; 2485 goto cleanup; 2486 } 2487 2488 BUFFER_TRACE(bh, "get_write_access"); 2489 err = ext4_journal_get_write_access(handle, sb, bh, EXT4_JTR_NONE); 2490 if (err) 2491 goto journal_error; 2492 2493 err = add_dirent_to_buf(handle, fname, dir, inode, NULL, bh); 2494 if (err != -ENOSPC) 2495 goto cleanup; 2496 2497 err = 0; 2498 /* Block full, should compress but for now just split */ 2499 dxtrace(printk(KERN_DEBUG "using %u of %u node entries\n", 2500 dx_get_count(entries), dx_get_limit(entries))); 2501 /* Need to split index? */ 2502 if (dx_get_count(entries) == dx_get_limit(entries)) { 2503 ext4_lblk_t newblock; 2504 int levels = frame - frames + 1; 2505 unsigned int icount; 2506 int add_level = 1; 2507 struct dx_entry *entries2; 2508 struct dx_node *node2; 2509 struct buffer_head *bh2; 2510 2511 while (frame > frames) { 2512 if (dx_get_count((frame - 1)->entries) < 2513 dx_get_limit((frame - 1)->entries)) { 2514 add_level = 0; 2515 break; 2516 } 2517 frame--; /* split higher index block */ 2518 at = frame->at; 2519 entries = frame->entries; 2520 restart = 1; 2521 } 2522 if (add_level && levels == ext4_dir_htree_level(sb)) { 2523 ext4_warning(sb, "Directory (ino: %lu) index full, " 2524 "reach max htree level :%d", 2525 dir->i_ino, levels); 2526 if (ext4_dir_htree_level(sb) < EXT4_HTREE_LEVEL) { 2527 ext4_warning(sb, "Large directory feature is " 2528 "not enabled on this " 2529 "filesystem"); 2530 } 2531 err = -ENOSPC; 2532 goto cleanup; 2533 } 2534 icount = dx_get_count(entries); 2535 bh2 = ext4_append(handle, dir, &newblock); 2536 if (IS_ERR(bh2)) { 2537 err = PTR_ERR(bh2); 2538 goto cleanup; 2539 } 2540 node2 = (struct dx_node *)(bh2->b_data); 2541 entries2 = node2->entries; 2542 memset(&node2->fake, 0, sizeof(struct fake_dirent)); 2543 node2->fake.rec_len = ext4_rec_len_to_disk(sb->s_blocksize, 2544 sb->s_blocksize); 2545 BUFFER_TRACE(frame->bh, "get_write_access"); 2546 err = ext4_journal_get_write_access(handle, sb, frame->bh, 2547 EXT4_JTR_NONE); 2548 if (err) 2549 goto journal_error; 2550 if (!add_level) { 2551 unsigned icount1 = icount/2, icount2 = icount - icount1; 2552 unsigned hash2 = dx_get_hash(entries + icount1); 2553 dxtrace(printk(KERN_DEBUG "Split index %i/%i\n", 2554 icount1, icount2)); 2555 2556 BUFFER_TRACE(frame->bh, "get_write_access"); /* index root */ 2557 err = ext4_journal_get_write_access(handle, sb, 2558 (frame - 1)->bh, 2559 EXT4_JTR_NONE); 2560 if (err) 2561 goto journal_error; 2562 2563 memcpy((char *) entries2, (char *) (entries + icount1), 2564 icount2 * sizeof(struct dx_entry)); 2565 dx_set_count(entries, icount1); 2566 dx_set_count(entries2, icount2); 2567 dx_set_limit(entries2, dx_node_limit(dir)); 2568 2569 /* Which index block gets the new entry? */ 2570 if (at - entries >= icount1) { 2571 frame->at = at - entries - icount1 + entries2; 2572 frame->entries = entries = entries2; 2573 swap(frame->bh, bh2); 2574 } 2575 dx_insert_block((frame - 1), hash2, newblock); 2576 dxtrace(dx_show_index("node", frame->entries)); 2577 dxtrace(dx_show_index("node", 2578 ((struct dx_node *) bh2->b_data)->entries)); 2579 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2580 if (err) 2581 goto journal_error; 2582 brelse (bh2); 2583 err = ext4_handle_dirty_dx_node(handle, dir, 2584 (frame - 1)->bh); 2585 if (err) 2586 goto journal_error; 2587 err = ext4_handle_dirty_dx_node(handle, dir, 2588 frame->bh); 2589 if (restart || err) 2590 goto journal_error; 2591 } else { 2592 struct dx_root *dxroot; 2593 memcpy((char *) entries2, (char *) entries, 2594 icount * sizeof(struct dx_entry)); 2595 dx_set_limit(entries2, dx_node_limit(dir)); 2596 2597 /* Set up root */ 2598 dx_set_count(entries, 1); 2599 dx_set_block(entries + 0, newblock); 2600 dxroot = (struct dx_root *)frames[0].bh->b_data; 2601 dxroot->info.indirect_levels += 1; 2602 dxtrace(printk(KERN_DEBUG 2603 "Creating %d level index...\n", 2604 dxroot->info.indirect_levels)); 2605 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2606 if (err) 2607 goto journal_error; 2608 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2609 brelse(bh2); 2610 restart = 1; 2611 goto journal_error; 2612 } 2613 } 2614 de = do_split(handle, dir, &bh, frame, &fname->hinfo); 2615 if (IS_ERR(de)) { 2616 err = PTR_ERR(de); 2617 goto cleanup; 2618 } 2619 err = add_dirent_to_buf(handle, fname, dir, inode, de, bh); 2620 goto cleanup; 2621 2622 journal_error: 2623 ext4_std_error(dir->i_sb, err); /* this is a no-op if err == 0 */ 2624 cleanup: 2625 brelse(bh); 2626 dx_release(frames); 2627 /* @restart is true means htree-path has been changed, we need to 2628 * repeat dx_probe() to find out valid htree-path 2629 */ 2630 if (restart && err == 0) 2631 goto again; 2632 return err; 2633 } 2634 2635 /* 2636 * ext4_generic_delete_entry deletes a directory entry by merging it 2637 * with the previous entry 2638 */ 2639 int ext4_generic_delete_entry(struct inode *dir, 2640 struct ext4_dir_entry_2 *de_del, 2641 struct buffer_head *bh, 2642 void *entry_buf, 2643 int buf_size, 2644 int csum_size) 2645 { 2646 struct ext4_dir_entry_2 *de, *pde; 2647 unsigned int blocksize = dir->i_sb->s_blocksize; 2648 int i; 2649 2650 i = 0; 2651 pde = NULL; 2652 de = entry_buf; 2653 while (i < buf_size - csum_size) { 2654 if (ext4_check_dir_entry(dir, NULL, de, bh, 2655 entry_buf, buf_size, i)) 2656 return -EFSCORRUPTED; 2657 if (de == de_del) { 2658 if (pde) { 2659 pde->rec_len = ext4_rec_len_to_disk( 2660 ext4_rec_len_from_disk(pde->rec_len, 2661 blocksize) + 2662 ext4_rec_len_from_disk(de->rec_len, 2663 blocksize), 2664 blocksize); 2665 2666 /* wipe entire dir_entry */ 2667 memset(de, 0, ext4_rec_len_from_disk(de->rec_len, 2668 blocksize)); 2669 } else { 2670 /* wipe dir_entry excluding the rec_len field */ 2671 de->inode = 0; 2672 memset(&de->name_len, 0, 2673 ext4_rec_len_from_disk(de->rec_len, 2674 blocksize) - 2675 offsetof(struct ext4_dir_entry_2, 2676 name_len)); 2677 } 2678 2679 inode_inc_iversion(dir); 2680 return 0; 2681 } 2682 i += ext4_rec_len_from_disk(de->rec_len, blocksize); 2683 pde = de; 2684 de = ext4_next_entry(de, blocksize); 2685 } 2686 return -ENOENT; 2687 } 2688 2689 static int ext4_delete_entry(handle_t *handle, 2690 struct inode *dir, 2691 struct ext4_dir_entry_2 *de_del, 2692 struct buffer_head *bh) 2693 { 2694 int err, csum_size = 0; 2695 2696 if (ext4_has_inline_data(dir)) { 2697 int has_inline_data = 1; 2698 err = ext4_delete_inline_entry(handle, dir, de_del, bh, 2699 &has_inline_data); 2700 if (has_inline_data) 2701 return err; 2702 } 2703 2704 if (ext4_has_metadata_csum(dir->i_sb)) 2705 csum_size = sizeof(struct ext4_dir_entry_tail); 2706 2707 BUFFER_TRACE(bh, "get_write_access"); 2708 err = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2709 EXT4_JTR_NONE); 2710 if (unlikely(err)) 2711 goto out; 2712 2713 err = ext4_generic_delete_entry(dir, de_del, bh, bh->b_data, 2714 dir->i_sb->s_blocksize, csum_size); 2715 if (err) 2716 goto out; 2717 2718 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2719 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2720 if (unlikely(err)) 2721 goto out; 2722 2723 return 0; 2724 out: 2725 if (err != -ENOENT) 2726 ext4_std_error(dir->i_sb, err); 2727 return err; 2728 } 2729 2730 /* 2731 * Set directory link count to 1 if nlinks > EXT4_LINK_MAX, or if nlinks == 2 2732 * since this indicates that nlinks count was previously 1 to avoid overflowing 2733 * the 16-bit i_links_count field on disk. Directories with i_nlink == 1 mean 2734 * that subdirectory link counts are not being maintained accurately. 2735 * 2736 * The caller has already checked for i_nlink overflow in case the DIR_LINK 2737 * feature is not enabled and returned -EMLINK. The is_dx() check is a proxy 2738 * for checking S_ISDIR(inode) (since the INODE_INDEX feature will not be set 2739 * on regular files) and to avoid creating huge/slow non-HTREE directories. 2740 */ 2741 static void ext4_inc_count(struct inode *inode) 2742 { 2743 inc_nlink(inode); 2744 if (is_dx(inode) && 2745 (inode->i_nlink > EXT4_LINK_MAX || inode->i_nlink == 2)) 2746 set_nlink(inode, 1); 2747 } 2748 2749 /* 2750 * If a directory had nlink == 1, then we should let it be 1. This indicates 2751 * directory has >EXT4_LINK_MAX subdirs. 2752 */ 2753 static void ext4_dec_count(struct inode *inode) 2754 { 2755 if (!S_ISDIR(inode->i_mode) || inode->i_nlink > 2) 2756 drop_nlink(inode); 2757 } 2758 2759 2760 /* 2761 * Add non-directory inode to a directory. On success, the inode reference is 2762 * consumed by dentry is instantiation. This is also indicated by clearing of 2763 * *inodep pointer. On failure, the caller is responsible for dropping the 2764 * inode reference in the safe context. 2765 */ 2766 static int ext4_add_nondir(handle_t *handle, 2767 struct dentry *dentry, struct inode **inodep) 2768 { 2769 struct inode *dir = d_inode(dentry->d_parent); 2770 struct inode *inode = *inodep; 2771 int err = ext4_add_entry(handle, dentry, inode); 2772 if (!err) { 2773 err = ext4_mark_inode_dirty(handle, inode); 2774 if (IS_DIRSYNC(dir)) 2775 ext4_handle_sync(handle); 2776 d_instantiate_new(dentry, inode); 2777 *inodep = NULL; 2778 return err; 2779 } 2780 drop_nlink(inode); 2781 ext4_orphan_add(handle, inode); 2782 unlock_new_inode(inode); 2783 return err; 2784 } 2785 2786 /* 2787 * By the time this is called, we already have created 2788 * the directory cache entry for the new file, but it 2789 * is so far negative - it has no inode. 2790 * 2791 * If the create succeeds, we fill in the inode information 2792 * with d_instantiate(). 2793 */ 2794 static int ext4_create(struct mnt_idmap *idmap, struct inode *dir, 2795 struct dentry *dentry, umode_t mode, bool excl) 2796 { 2797 handle_t *handle; 2798 struct inode *inode; 2799 int err, credits, retries = 0; 2800 2801 err = dquot_initialize(dir); 2802 if (err) 2803 return err; 2804 2805 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2806 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2807 retry: 2808 inode = ext4_new_inode_start_handle(idmap, dir, mode, &dentry->d_name, 2809 0, NULL, EXT4_HT_DIR, credits); 2810 handle = ext4_journal_current_handle(); 2811 err = PTR_ERR(inode); 2812 if (!IS_ERR(inode)) { 2813 inode->i_op = &ext4_file_inode_operations; 2814 inode->i_fop = &ext4_file_operations; 2815 ext4_set_aops(inode); 2816 err = ext4_add_nondir(handle, dentry, &inode); 2817 if (!err) 2818 ext4_fc_track_create(handle, dentry); 2819 } 2820 if (handle) 2821 ext4_journal_stop(handle); 2822 if (!IS_ERR_OR_NULL(inode)) 2823 iput(inode); 2824 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2825 goto retry; 2826 return err; 2827 } 2828 2829 static int ext4_mknod(struct mnt_idmap *idmap, struct inode *dir, 2830 struct dentry *dentry, umode_t mode, dev_t rdev) 2831 { 2832 handle_t *handle; 2833 struct inode *inode; 2834 int err, credits, retries = 0; 2835 2836 err = dquot_initialize(dir); 2837 if (err) 2838 return err; 2839 2840 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2841 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2842 retry: 2843 inode = ext4_new_inode_start_handle(idmap, dir, mode, &dentry->d_name, 2844 0, NULL, EXT4_HT_DIR, credits); 2845 handle = ext4_journal_current_handle(); 2846 err = PTR_ERR(inode); 2847 if (!IS_ERR(inode)) { 2848 init_special_inode(inode, inode->i_mode, rdev); 2849 inode->i_op = &ext4_special_inode_operations; 2850 err = ext4_add_nondir(handle, dentry, &inode); 2851 if (!err) 2852 ext4_fc_track_create(handle, dentry); 2853 } 2854 if (handle) 2855 ext4_journal_stop(handle); 2856 if (!IS_ERR_OR_NULL(inode)) 2857 iput(inode); 2858 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2859 goto retry; 2860 return err; 2861 } 2862 2863 static int ext4_tmpfile(struct mnt_idmap *idmap, struct inode *dir, 2864 struct file *file, umode_t mode) 2865 { 2866 handle_t *handle; 2867 struct inode *inode; 2868 int err, retries = 0; 2869 2870 err = dquot_initialize(dir); 2871 if (err) 2872 return err; 2873 2874 retry: 2875 inode = ext4_new_inode_start_handle(idmap, dir, mode, 2876 NULL, 0, NULL, 2877 EXT4_HT_DIR, 2878 EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) + 2879 4 + EXT4_XATTR_TRANS_BLOCKS); 2880 handle = ext4_journal_current_handle(); 2881 err = PTR_ERR(inode); 2882 if (!IS_ERR(inode)) { 2883 inode->i_op = &ext4_file_inode_operations; 2884 inode->i_fop = &ext4_file_operations; 2885 ext4_set_aops(inode); 2886 d_tmpfile(file, inode); 2887 err = ext4_orphan_add(handle, inode); 2888 if (err) 2889 goto err_unlock_inode; 2890 mark_inode_dirty(inode); 2891 unlock_new_inode(inode); 2892 } 2893 if (handle) 2894 ext4_journal_stop(handle); 2895 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2896 goto retry; 2897 return finish_open_simple(file, err); 2898 err_unlock_inode: 2899 ext4_journal_stop(handle); 2900 unlock_new_inode(inode); 2901 return err; 2902 } 2903 2904 struct ext4_dir_entry_2 *ext4_init_dot_dotdot(struct inode *inode, 2905 struct ext4_dir_entry_2 *de, 2906 int blocksize, int csum_size, 2907 unsigned int parent_ino, int dotdot_real_len) 2908 { 2909 de->inode = cpu_to_le32(inode->i_ino); 2910 de->name_len = 1; 2911 de->rec_len = ext4_rec_len_to_disk(ext4_dir_rec_len(de->name_len, NULL), 2912 blocksize); 2913 strcpy(de->name, "."); 2914 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2915 2916 de = ext4_next_entry(de, blocksize); 2917 de->inode = cpu_to_le32(parent_ino); 2918 de->name_len = 2; 2919 if (!dotdot_real_len) 2920 de->rec_len = ext4_rec_len_to_disk(blocksize - 2921 (csum_size + ext4_dir_rec_len(1, NULL)), 2922 blocksize); 2923 else 2924 de->rec_len = ext4_rec_len_to_disk( 2925 ext4_dir_rec_len(de->name_len, NULL), 2926 blocksize); 2927 strcpy(de->name, ".."); 2928 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2929 2930 return ext4_next_entry(de, blocksize); 2931 } 2932 2933 int ext4_init_new_dir(handle_t *handle, struct inode *dir, 2934 struct inode *inode) 2935 { 2936 struct buffer_head *dir_block = NULL; 2937 struct ext4_dir_entry_2 *de; 2938 ext4_lblk_t block = 0; 2939 unsigned int blocksize = dir->i_sb->s_blocksize; 2940 int csum_size = 0; 2941 int err; 2942 2943 if (ext4_has_metadata_csum(dir->i_sb)) 2944 csum_size = sizeof(struct ext4_dir_entry_tail); 2945 2946 if (ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)) { 2947 err = ext4_try_create_inline_dir(handle, dir, inode); 2948 if (err < 0 && err != -ENOSPC) 2949 goto out; 2950 if (!err) 2951 goto out; 2952 } 2953 2954 inode->i_size = 0; 2955 dir_block = ext4_append(handle, inode, &block); 2956 if (IS_ERR(dir_block)) 2957 return PTR_ERR(dir_block); 2958 de = (struct ext4_dir_entry_2 *)dir_block->b_data; 2959 ext4_init_dot_dotdot(inode, de, blocksize, csum_size, dir->i_ino, 0); 2960 set_nlink(inode, 2); 2961 if (csum_size) 2962 ext4_initialize_dirent_tail(dir_block, blocksize); 2963 2964 BUFFER_TRACE(dir_block, "call ext4_handle_dirty_metadata"); 2965 err = ext4_handle_dirty_dirblock(handle, inode, dir_block); 2966 if (err) 2967 goto out; 2968 set_buffer_verified(dir_block); 2969 out: 2970 brelse(dir_block); 2971 return err; 2972 } 2973 2974 static int ext4_mkdir(struct mnt_idmap *idmap, struct inode *dir, 2975 struct dentry *dentry, umode_t mode) 2976 { 2977 handle_t *handle; 2978 struct inode *inode; 2979 int err, err2 = 0, credits, retries = 0; 2980 2981 if (EXT4_DIR_LINK_MAX(dir)) 2982 return -EMLINK; 2983 2984 err = dquot_initialize(dir); 2985 if (err) 2986 return err; 2987 2988 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2989 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2990 retry: 2991 inode = ext4_new_inode_start_handle(idmap, dir, S_IFDIR | mode, 2992 &dentry->d_name, 2993 0, NULL, EXT4_HT_DIR, credits); 2994 handle = ext4_journal_current_handle(); 2995 err = PTR_ERR(inode); 2996 if (IS_ERR(inode)) 2997 goto out_stop; 2998 2999 inode->i_op = &ext4_dir_inode_operations; 3000 inode->i_fop = &ext4_dir_operations; 3001 err = ext4_init_new_dir(handle, dir, inode); 3002 if (err) 3003 goto out_clear_inode; 3004 err = ext4_mark_inode_dirty(handle, inode); 3005 if (!err) 3006 err = ext4_add_entry(handle, dentry, inode); 3007 if (err) { 3008 out_clear_inode: 3009 clear_nlink(inode); 3010 ext4_orphan_add(handle, inode); 3011 unlock_new_inode(inode); 3012 err2 = ext4_mark_inode_dirty(handle, inode); 3013 if (unlikely(err2)) 3014 err = err2; 3015 ext4_journal_stop(handle); 3016 iput(inode); 3017 goto out_retry; 3018 } 3019 ext4_inc_count(dir); 3020 3021 ext4_update_dx_flag(dir); 3022 err = ext4_mark_inode_dirty(handle, dir); 3023 if (err) 3024 goto out_clear_inode; 3025 d_instantiate_new(dentry, inode); 3026 ext4_fc_track_create(handle, dentry); 3027 if (IS_DIRSYNC(dir)) 3028 ext4_handle_sync(handle); 3029 3030 out_stop: 3031 if (handle) 3032 ext4_journal_stop(handle); 3033 out_retry: 3034 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3035 goto retry; 3036 return err; 3037 } 3038 3039 /* 3040 * routine to check that the specified directory is empty (for rmdir) 3041 */ 3042 bool ext4_empty_dir(struct inode *inode) 3043 { 3044 unsigned int offset; 3045 struct buffer_head *bh; 3046 struct ext4_dir_entry_2 *de; 3047 struct super_block *sb; 3048 3049 if (ext4_has_inline_data(inode)) { 3050 int has_inline_data = 1; 3051 int ret; 3052 3053 ret = empty_inline_dir(inode, &has_inline_data); 3054 if (has_inline_data) 3055 return ret; 3056 } 3057 3058 sb = inode->i_sb; 3059 if (inode->i_size < ext4_dir_rec_len(1, NULL) + 3060 ext4_dir_rec_len(2, NULL)) { 3061 EXT4_ERROR_INODE(inode, "invalid size"); 3062 return false; 3063 } 3064 /* The first directory block must not be a hole, 3065 * so treat it as DIRENT_HTREE 3066 */ 3067 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3068 if (IS_ERR(bh)) 3069 return false; 3070 3071 de = (struct ext4_dir_entry_2 *) bh->b_data; 3072 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3073 0) || 3074 le32_to_cpu(de->inode) != inode->i_ino || strcmp(".", de->name)) { 3075 ext4_warning_inode(inode, "directory missing '.'"); 3076 brelse(bh); 3077 return false; 3078 } 3079 offset = ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3080 de = ext4_next_entry(de, sb->s_blocksize); 3081 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3082 offset) || 3083 le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) { 3084 ext4_warning_inode(inode, "directory missing '..'"); 3085 brelse(bh); 3086 return false; 3087 } 3088 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3089 while (offset < inode->i_size) { 3090 if (!(offset & (sb->s_blocksize - 1))) { 3091 unsigned int lblock; 3092 brelse(bh); 3093 lblock = offset >> EXT4_BLOCK_SIZE_BITS(sb); 3094 bh = ext4_read_dirblock(inode, lblock, EITHER); 3095 if (bh == NULL) { 3096 offset += sb->s_blocksize; 3097 continue; 3098 } 3099 if (IS_ERR(bh)) 3100 return false; 3101 } 3102 de = (struct ext4_dir_entry_2 *) (bh->b_data + 3103 (offset & (sb->s_blocksize - 1))); 3104 if (ext4_check_dir_entry(inode, NULL, de, bh, 3105 bh->b_data, bh->b_size, offset) || 3106 le32_to_cpu(de->inode)) { 3107 brelse(bh); 3108 return false; 3109 } 3110 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3111 } 3112 brelse(bh); 3113 return true; 3114 } 3115 3116 static int ext4_rmdir(struct inode *dir, struct dentry *dentry) 3117 { 3118 int retval; 3119 struct inode *inode; 3120 struct buffer_head *bh; 3121 struct ext4_dir_entry_2 *de; 3122 handle_t *handle = NULL; 3123 3124 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3125 return -EIO; 3126 3127 /* Initialize quotas before so that eventual writes go in 3128 * separate transaction */ 3129 retval = dquot_initialize(dir); 3130 if (retval) 3131 return retval; 3132 retval = dquot_initialize(d_inode(dentry)); 3133 if (retval) 3134 return retval; 3135 3136 retval = -ENOENT; 3137 bh = ext4_find_entry(dir, &dentry->d_name, &de, NULL); 3138 if (IS_ERR(bh)) 3139 return PTR_ERR(bh); 3140 if (!bh) 3141 goto end_rmdir; 3142 3143 inode = d_inode(dentry); 3144 3145 retval = -EFSCORRUPTED; 3146 if (le32_to_cpu(de->inode) != inode->i_ino) 3147 goto end_rmdir; 3148 3149 retval = -ENOTEMPTY; 3150 if (!ext4_empty_dir(inode)) 3151 goto end_rmdir; 3152 3153 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3154 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3155 if (IS_ERR(handle)) { 3156 retval = PTR_ERR(handle); 3157 handle = NULL; 3158 goto end_rmdir; 3159 } 3160 3161 if (IS_DIRSYNC(dir)) 3162 ext4_handle_sync(handle); 3163 3164 retval = ext4_delete_entry(handle, dir, de, bh); 3165 if (retval) 3166 goto end_rmdir; 3167 if (!EXT4_DIR_LINK_EMPTY(inode)) 3168 ext4_warning_inode(inode, 3169 "empty directory '%.*s' has too many links (%u)", 3170 dentry->d_name.len, dentry->d_name.name, 3171 inode->i_nlink); 3172 inode_inc_iversion(inode); 3173 clear_nlink(inode); 3174 /* There's no need to set i_disksize: the fact that i_nlink is 3175 * zero will ensure that the right thing happens during any 3176 * recovery. */ 3177 inode->i_size = 0; 3178 ext4_orphan_add(handle, inode); 3179 inode->i_ctime = dir->i_ctime = dir->i_mtime = current_time(inode); 3180 retval = ext4_mark_inode_dirty(handle, inode); 3181 if (retval) 3182 goto end_rmdir; 3183 ext4_dec_count(dir); 3184 ext4_update_dx_flag(dir); 3185 ext4_fc_track_unlink(handle, dentry); 3186 retval = ext4_mark_inode_dirty(handle, dir); 3187 3188 #if IS_ENABLED(CONFIG_UNICODE) 3189 /* VFS negative dentries are incompatible with Encoding and 3190 * Case-insensitiveness. Eventually we'll want avoid 3191 * invalidating the dentries here, alongside with returning the 3192 * negative dentries at ext4_lookup(), when it is better 3193 * supported by the VFS for the CI case. 3194 */ 3195 if (IS_CASEFOLDED(dir)) 3196 d_invalidate(dentry); 3197 #endif 3198 3199 end_rmdir: 3200 brelse(bh); 3201 if (handle) 3202 ext4_journal_stop(handle); 3203 return retval; 3204 } 3205 3206 int __ext4_unlink(struct inode *dir, const struct qstr *d_name, 3207 struct inode *inode, 3208 struct dentry *dentry /* NULL during fast_commit recovery */) 3209 { 3210 int retval = -ENOENT; 3211 struct buffer_head *bh; 3212 struct ext4_dir_entry_2 *de; 3213 handle_t *handle; 3214 int skip_remove_dentry = 0; 3215 3216 /* 3217 * Keep this outside the transaction; it may have to set up the 3218 * directory's encryption key, which isn't GFP_NOFS-safe. 3219 */ 3220 bh = ext4_find_entry(dir, d_name, &de, NULL); 3221 if (IS_ERR(bh)) 3222 return PTR_ERR(bh); 3223 3224 if (!bh) 3225 return -ENOENT; 3226 3227 if (le32_to_cpu(de->inode) != inode->i_ino) { 3228 /* 3229 * It's okay if we find dont find dentry which matches 3230 * the inode. That's because it might have gotten 3231 * renamed to a different inode number 3232 */ 3233 if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY) 3234 skip_remove_dentry = 1; 3235 else 3236 goto out_bh; 3237 } 3238 3239 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3240 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3241 if (IS_ERR(handle)) { 3242 retval = PTR_ERR(handle); 3243 goto out_bh; 3244 } 3245 3246 if (IS_DIRSYNC(dir)) 3247 ext4_handle_sync(handle); 3248 3249 if (!skip_remove_dentry) { 3250 retval = ext4_delete_entry(handle, dir, de, bh); 3251 if (retval) 3252 goto out_handle; 3253 dir->i_ctime = dir->i_mtime = current_time(dir); 3254 ext4_update_dx_flag(dir); 3255 retval = ext4_mark_inode_dirty(handle, dir); 3256 if (retval) 3257 goto out_handle; 3258 } else { 3259 retval = 0; 3260 } 3261 if (inode->i_nlink == 0) 3262 ext4_warning_inode(inode, "Deleting file '%.*s' with no links", 3263 d_name->len, d_name->name); 3264 else 3265 drop_nlink(inode); 3266 if (!inode->i_nlink) 3267 ext4_orphan_add(handle, inode); 3268 inode->i_ctime = current_time(inode); 3269 retval = ext4_mark_inode_dirty(handle, inode); 3270 if (dentry && !retval) 3271 ext4_fc_track_unlink(handle, dentry); 3272 out_handle: 3273 ext4_journal_stop(handle); 3274 out_bh: 3275 brelse(bh); 3276 return retval; 3277 } 3278 3279 static int ext4_unlink(struct inode *dir, struct dentry *dentry) 3280 { 3281 int retval; 3282 3283 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3284 return -EIO; 3285 3286 trace_ext4_unlink_enter(dir, dentry); 3287 /* 3288 * Initialize quotas before so that eventual writes go 3289 * in separate transaction 3290 */ 3291 retval = dquot_initialize(dir); 3292 if (retval) 3293 goto out_trace; 3294 retval = dquot_initialize(d_inode(dentry)); 3295 if (retval) 3296 goto out_trace; 3297 3298 retval = __ext4_unlink(dir, &dentry->d_name, d_inode(dentry), dentry); 3299 #if IS_ENABLED(CONFIG_UNICODE) 3300 /* VFS negative dentries are incompatible with Encoding and 3301 * Case-insensitiveness. Eventually we'll want avoid 3302 * invalidating the dentries here, alongside with returning the 3303 * negative dentries at ext4_lookup(), when it is better 3304 * supported by the VFS for the CI case. 3305 */ 3306 if (IS_CASEFOLDED(dir)) 3307 d_invalidate(dentry); 3308 #endif 3309 3310 out_trace: 3311 trace_ext4_unlink_exit(dentry, retval); 3312 return retval; 3313 } 3314 3315 static int ext4_init_symlink_block(handle_t *handle, struct inode *inode, 3316 struct fscrypt_str *disk_link) 3317 { 3318 struct buffer_head *bh; 3319 char *kaddr; 3320 int err = 0; 3321 3322 bh = ext4_bread(handle, inode, 0, EXT4_GET_BLOCKS_CREATE); 3323 if (IS_ERR(bh)) 3324 return PTR_ERR(bh); 3325 3326 BUFFER_TRACE(bh, "get_write_access"); 3327 err = ext4_journal_get_write_access(handle, inode->i_sb, bh, EXT4_JTR_NONE); 3328 if (err) 3329 goto out; 3330 3331 kaddr = (char *)bh->b_data; 3332 memcpy(kaddr, disk_link->name, disk_link->len); 3333 inode->i_size = disk_link->len - 1; 3334 EXT4_I(inode)->i_disksize = inode->i_size; 3335 err = ext4_handle_dirty_metadata(handle, inode, bh); 3336 out: 3337 brelse(bh); 3338 return err; 3339 } 3340 3341 static int ext4_symlink(struct mnt_idmap *idmap, struct inode *dir, 3342 struct dentry *dentry, const char *symname) 3343 { 3344 handle_t *handle; 3345 struct inode *inode; 3346 int err, len = strlen(symname); 3347 int credits; 3348 struct fscrypt_str disk_link; 3349 int retries = 0; 3350 3351 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3352 return -EIO; 3353 3354 err = fscrypt_prepare_symlink(dir, symname, len, dir->i_sb->s_blocksize, 3355 &disk_link); 3356 if (err) 3357 return err; 3358 3359 err = dquot_initialize(dir); 3360 if (err) 3361 return err; 3362 3363 /* 3364 * EXT4_INDEX_EXTRA_TRANS_BLOCKS for addition of entry into the 3365 * directory. +3 for inode, inode bitmap, group descriptor allocation. 3366 * EXT4_DATA_TRANS_BLOCKS for the data block allocation and 3367 * modification. 3368 */ 3369 credits = EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3370 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3; 3371 retry: 3372 inode = ext4_new_inode_start_handle(idmap, dir, S_IFLNK|S_IRWXUGO, 3373 &dentry->d_name, 0, NULL, 3374 EXT4_HT_DIR, credits); 3375 handle = ext4_journal_current_handle(); 3376 if (IS_ERR(inode)) { 3377 if (handle) 3378 ext4_journal_stop(handle); 3379 err = PTR_ERR(inode); 3380 goto out_retry; 3381 } 3382 3383 if (IS_ENCRYPTED(inode)) { 3384 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 3385 if (err) 3386 goto err_drop_inode; 3387 inode->i_op = &ext4_encrypted_symlink_inode_operations; 3388 } else { 3389 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3390 inode->i_op = &ext4_symlink_inode_operations; 3391 } else { 3392 inode->i_op = &ext4_fast_symlink_inode_operations; 3393 inode->i_link = (char *)&EXT4_I(inode)->i_data; 3394 } 3395 } 3396 3397 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3398 /* alloc symlink block and fill it */ 3399 err = ext4_init_symlink_block(handle, inode, &disk_link); 3400 if (err) 3401 goto err_drop_inode; 3402 } else { 3403 /* clear the extent format for fast symlink */ 3404 ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS); 3405 memcpy((char *)&EXT4_I(inode)->i_data, disk_link.name, 3406 disk_link.len); 3407 inode->i_size = disk_link.len - 1; 3408 EXT4_I(inode)->i_disksize = inode->i_size; 3409 } 3410 err = ext4_add_nondir(handle, dentry, &inode); 3411 if (handle) 3412 ext4_journal_stop(handle); 3413 iput(inode); 3414 goto out_retry; 3415 3416 err_drop_inode: 3417 clear_nlink(inode); 3418 ext4_orphan_add(handle, inode); 3419 unlock_new_inode(inode); 3420 if (handle) 3421 ext4_journal_stop(handle); 3422 iput(inode); 3423 out_retry: 3424 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3425 goto retry; 3426 if (disk_link.name != (unsigned char *)symname) 3427 kfree(disk_link.name); 3428 return err; 3429 } 3430 3431 int __ext4_link(struct inode *dir, struct inode *inode, struct dentry *dentry) 3432 { 3433 handle_t *handle; 3434 int err, retries = 0; 3435 retry: 3436 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3437 (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3438 EXT4_INDEX_EXTRA_TRANS_BLOCKS) + 1); 3439 if (IS_ERR(handle)) 3440 return PTR_ERR(handle); 3441 3442 if (IS_DIRSYNC(dir)) 3443 ext4_handle_sync(handle); 3444 3445 inode->i_ctime = current_time(inode); 3446 ext4_inc_count(inode); 3447 ihold(inode); 3448 3449 err = ext4_add_entry(handle, dentry, inode); 3450 if (!err) { 3451 err = ext4_mark_inode_dirty(handle, inode); 3452 /* this can happen only for tmpfile being 3453 * linked the first time 3454 */ 3455 if (inode->i_nlink == 1) 3456 ext4_orphan_del(handle, inode); 3457 d_instantiate(dentry, inode); 3458 ext4_fc_track_link(handle, dentry); 3459 } else { 3460 drop_nlink(inode); 3461 iput(inode); 3462 } 3463 ext4_journal_stop(handle); 3464 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3465 goto retry; 3466 return err; 3467 } 3468 3469 static int ext4_link(struct dentry *old_dentry, 3470 struct inode *dir, struct dentry *dentry) 3471 { 3472 struct inode *inode = d_inode(old_dentry); 3473 int err; 3474 3475 if (inode->i_nlink >= EXT4_LINK_MAX) 3476 return -EMLINK; 3477 3478 err = fscrypt_prepare_link(old_dentry, dir, dentry); 3479 if (err) 3480 return err; 3481 3482 if ((ext4_test_inode_flag(dir, EXT4_INODE_PROJINHERIT)) && 3483 (!projid_eq(EXT4_I(dir)->i_projid, 3484 EXT4_I(old_dentry->d_inode)->i_projid))) 3485 return -EXDEV; 3486 3487 err = dquot_initialize(dir); 3488 if (err) 3489 return err; 3490 return __ext4_link(dir, inode, dentry); 3491 } 3492 3493 /* 3494 * Try to find buffer head where contains the parent block. 3495 * It should be the inode block if it is inlined or the 1st block 3496 * if it is a normal dir. 3497 */ 3498 static struct buffer_head *ext4_get_first_dir_block(handle_t *handle, 3499 struct inode *inode, 3500 int *retval, 3501 struct ext4_dir_entry_2 **parent_de, 3502 int *inlined) 3503 { 3504 struct buffer_head *bh; 3505 3506 if (!ext4_has_inline_data(inode)) { 3507 struct ext4_dir_entry_2 *de; 3508 unsigned int offset; 3509 3510 /* The first directory block must not be a hole, so 3511 * treat it as DIRENT_HTREE 3512 */ 3513 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3514 if (IS_ERR(bh)) { 3515 *retval = PTR_ERR(bh); 3516 return NULL; 3517 } 3518 3519 de = (struct ext4_dir_entry_2 *) bh->b_data; 3520 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, 3521 bh->b_size, 0) || 3522 le32_to_cpu(de->inode) != inode->i_ino || 3523 strcmp(".", de->name)) { 3524 EXT4_ERROR_INODE(inode, "directory missing '.'"); 3525 brelse(bh); 3526 *retval = -EFSCORRUPTED; 3527 return NULL; 3528 } 3529 offset = ext4_rec_len_from_disk(de->rec_len, 3530 inode->i_sb->s_blocksize); 3531 de = ext4_next_entry(de, inode->i_sb->s_blocksize); 3532 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, 3533 bh->b_size, offset) || 3534 le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) { 3535 EXT4_ERROR_INODE(inode, "directory missing '..'"); 3536 brelse(bh); 3537 *retval = -EFSCORRUPTED; 3538 return NULL; 3539 } 3540 *parent_de = de; 3541 3542 return bh; 3543 } 3544 3545 *inlined = 1; 3546 return ext4_get_first_inline_block(inode, parent_de, retval); 3547 } 3548 3549 struct ext4_renament { 3550 struct inode *dir; 3551 struct dentry *dentry; 3552 struct inode *inode; 3553 bool is_dir; 3554 int dir_nlink_delta; 3555 3556 /* entry for "dentry" */ 3557 struct buffer_head *bh; 3558 struct ext4_dir_entry_2 *de; 3559 int inlined; 3560 3561 /* entry for ".." in inode if it's a directory */ 3562 struct buffer_head *dir_bh; 3563 struct ext4_dir_entry_2 *parent_de; 3564 int dir_inlined; 3565 }; 3566 3567 static int ext4_rename_dir_prepare(handle_t *handle, struct ext4_renament *ent) 3568 { 3569 int retval; 3570 3571 ent->dir_bh = ext4_get_first_dir_block(handle, ent->inode, 3572 &retval, &ent->parent_de, 3573 &ent->dir_inlined); 3574 if (!ent->dir_bh) 3575 return retval; 3576 if (le32_to_cpu(ent->parent_de->inode) != ent->dir->i_ino) 3577 return -EFSCORRUPTED; 3578 BUFFER_TRACE(ent->dir_bh, "get_write_access"); 3579 return ext4_journal_get_write_access(handle, ent->dir->i_sb, 3580 ent->dir_bh, EXT4_JTR_NONE); 3581 } 3582 3583 static int ext4_rename_dir_finish(handle_t *handle, struct ext4_renament *ent, 3584 unsigned dir_ino) 3585 { 3586 int retval; 3587 3588 ent->parent_de->inode = cpu_to_le32(dir_ino); 3589 BUFFER_TRACE(ent->dir_bh, "call ext4_handle_dirty_metadata"); 3590 if (!ent->dir_inlined) { 3591 if (is_dx(ent->inode)) { 3592 retval = ext4_handle_dirty_dx_node(handle, 3593 ent->inode, 3594 ent->dir_bh); 3595 } else { 3596 retval = ext4_handle_dirty_dirblock(handle, ent->inode, 3597 ent->dir_bh); 3598 } 3599 } else { 3600 retval = ext4_mark_inode_dirty(handle, ent->inode); 3601 } 3602 if (retval) { 3603 ext4_std_error(ent->dir->i_sb, retval); 3604 return retval; 3605 } 3606 return 0; 3607 } 3608 3609 static int ext4_setent(handle_t *handle, struct ext4_renament *ent, 3610 unsigned ino, unsigned file_type) 3611 { 3612 int retval, retval2; 3613 3614 BUFFER_TRACE(ent->bh, "get write access"); 3615 retval = ext4_journal_get_write_access(handle, ent->dir->i_sb, ent->bh, 3616 EXT4_JTR_NONE); 3617 if (retval) 3618 return retval; 3619 ent->de->inode = cpu_to_le32(ino); 3620 if (ext4_has_feature_filetype(ent->dir->i_sb)) 3621 ent->de->file_type = file_type; 3622 inode_inc_iversion(ent->dir); 3623 ent->dir->i_ctime = ent->dir->i_mtime = 3624 current_time(ent->dir); 3625 retval = ext4_mark_inode_dirty(handle, ent->dir); 3626 BUFFER_TRACE(ent->bh, "call ext4_handle_dirty_metadata"); 3627 if (!ent->inlined) { 3628 retval2 = ext4_handle_dirty_dirblock(handle, ent->dir, ent->bh); 3629 if (unlikely(retval2)) { 3630 ext4_std_error(ent->dir->i_sb, retval2); 3631 return retval2; 3632 } 3633 } 3634 return retval; 3635 } 3636 3637 static void ext4_resetent(handle_t *handle, struct ext4_renament *ent, 3638 unsigned ino, unsigned file_type) 3639 { 3640 struct ext4_renament old = *ent; 3641 int retval = 0; 3642 3643 /* 3644 * old->de could have moved from under us during make indexed dir, 3645 * so the old->de may no longer valid and need to find it again 3646 * before reset old inode info. 3647 */ 3648 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, 3649 &old.inlined); 3650 if (IS_ERR(old.bh)) 3651 retval = PTR_ERR(old.bh); 3652 if (!old.bh) 3653 retval = -ENOENT; 3654 if (retval) { 3655 ext4_std_error(old.dir->i_sb, retval); 3656 return; 3657 } 3658 3659 ext4_setent(handle, &old, ino, file_type); 3660 brelse(old.bh); 3661 } 3662 3663 static int ext4_find_delete_entry(handle_t *handle, struct inode *dir, 3664 const struct qstr *d_name) 3665 { 3666 int retval = -ENOENT; 3667 struct buffer_head *bh; 3668 struct ext4_dir_entry_2 *de; 3669 3670 bh = ext4_find_entry(dir, d_name, &de, NULL); 3671 if (IS_ERR(bh)) 3672 return PTR_ERR(bh); 3673 if (bh) { 3674 retval = ext4_delete_entry(handle, dir, de, bh); 3675 brelse(bh); 3676 } 3677 return retval; 3678 } 3679 3680 static void ext4_rename_delete(handle_t *handle, struct ext4_renament *ent, 3681 int force_reread) 3682 { 3683 int retval; 3684 /* 3685 * ent->de could have moved from under us during htree split, so make 3686 * sure that we are deleting the right entry. We might also be pointing 3687 * to a stale entry in the unused part of ent->bh so just checking inum 3688 * and the name isn't enough. 3689 */ 3690 if (le32_to_cpu(ent->de->inode) != ent->inode->i_ino || 3691 ent->de->name_len != ent->dentry->d_name.len || 3692 strncmp(ent->de->name, ent->dentry->d_name.name, 3693 ent->de->name_len) || 3694 force_reread) { 3695 retval = ext4_find_delete_entry(handle, ent->dir, 3696 &ent->dentry->d_name); 3697 } else { 3698 retval = ext4_delete_entry(handle, ent->dir, ent->de, ent->bh); 3699 if (retval == -ENOENT) { 3700 retval = ext4_find_delete_entry(handle, ent->dir, 3701 &ent->dentry->d_name); 3702 } 3703 } 3704 3705 if (retval) { 3706 ext4_warning_inode(ent->dir, 3707 "Deleting old file: nlink %d, error=%d", 3708 ent->dir->i_nlink, retval); 3709 } 3710 } 3711 3712 static void ext4_update_dir_count(handle_t *handle, struct ext4_renament *ent) 3713 { 3714 if (ent->dir_nlink_delta) { 3715 if (ent->dir_nlink_delta == -1) 3716 ext4_dec_count(ent->dir); 3717 else 3718 ext4_inc_count(ent->dir); 3719 ext4_mark_inode_dirty(handle, ent->dir); 3720 } 3721 } 3722 3723 static struct inode *ext4_whiteout_for_rename(struct mnt_idmap *idmap, 3724 struct ext4_renament *ent, 3725 int credits, handle_t **h) 3726 { 3727 struct inode *wh; 3728 handle_t *handle; 3729 int retries = 0; 3730 3731 /* 3732 * for inode block, sb block, group summaries, 3733 * and inode bitmap 3734 */ 3735 credits += (EXT4_MAXQUOTAS_TRANS_BLOCKS(ent->dir->i_sb) + 3736 EXT4_XATTR_TRANS_BLOCKS + 4); 3737 retry: 3738 wh = ext4_new_inode_start_handle(idmap, ent->dir, 3739 S_IFCHR | WHITEOUT_MODE, 3740 &ent->dentry->d_name, 0, NULL, 3741 EXT4_HT_DIR, credits); 3742 3743 handle = ext4_journal_current_handle(); 3744 if (IS_ERR(wh)) { 3745 if (handle) 3746 ext4_journal_stop(handle); 3747 if (PTR_ERR(wh) == -ENOSPC && 3748 ext4_should_retry_alloc(ent->dir->i_sb, &retries)) 3749 goto retry; 3750 } else { 3751 *h = handle; 3752 init_special_inode(wh, wh->i_mode, WHITEOUT_DEV); 3753 wh->i_op = &ext4_special_inode_operations; 3754 } 3755 return wh; 3756 } 3757 3758 /* 3759 * Anybody can rename anything with this: the permission checks are left to the 3760 * higher-level routines. 3761 * 3762 * n.b. old_{dentry,inode) refers to the source dentry/inode 3763 * while new_{dentry,inode) refers to the destination dentry/inode 3764 * This comes from rename(const char *oldpath, const char *newpath) 3765 */ 3766 static int ext4_rename(struct mnt_idmap *idmap, struct inode *old_dir, 3767 struct dentry *old_dentry, struct inode *new_dir, 3768 struct dentry *new_dentry, unsigned int flags) 3769 { 3770 handle_t *handle = NULL; 3771 struct ext4_renament old = { 3772 .dir = old_dir, 3773 .dentry = old_dentry, 3774 .inode = d_inode(old_dentry), 3775 }; 3776 struct ext4_renament new = { 3777 .dir = new_dir, 3778 .dentry = new_dentry, 3779 .inode = d_inode(new_dentry), 3780 }; 3781 int force_reread; 3782 int retval; 3783 struct inode *whiteout = NULL; 3784 int credits; 3785 u8 old_file_type; 3786 3787 if (new.inode && new.inode->i_nlink == 0) { 3788 EXT4_ERROR_INODE(new.inode, 3789 "target of rename is already freed"); 3790 return -EFSCORRUPTED; 3791 } 3792 3793 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT)) && 3794 (!projid_eq(EXT4_I(new_dir)->i_projid, 3795 EXT4_I(old_dentry->d_inode)->i_projid))) 3796 return -EXDEV; 3797 3798 retval = dquot_initialize(old.dir); 3799 if (retval) 3800 return retval; 3801 retval = dquot_initialize(old.inode); 3802 if (retval) 3803 return retval; 3804 retval = dquot_initialize(new.dir); 3805 if (retval) 3806 return retval; 3807 3808 /* Initialize quotas before so that eventual writes go 3809 * in separate transaction */ 3810 if (new.inode) { 3811 retval = dquot_initialize(new.inode); 3812 if (retval) 3813 return retval; 3814 } 3815 3816 /* 3817 * We need to protect against old.inode directory getting converted 3818 * from inline directory format into a normal one. 3819 */ 3820 if (S_ISDIR(old.inode->i_mode)) 3821 inode_lock_nested(old.inode, I_MUTEX_NONDIR2); 3822 3823 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, 3824 &old.inlined); 3825 if (IS_ERR(old.bh)) { 3826 retval = PTR_ERR(old.bh); 3827 goto unlock_moved_dir; 3828 } 3829 3830 /* 3831 * Check for inode number is _not_ due to possible IO errors. 3832 * We might rmdir the source, keep it as pwd of some process 3833 * and merrily kill the link to whatever was created under the 3834 * same name. Goodbye sticky bit ;-< 3835 */ 3836 retval = -ENOENT; 3837 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 3838 goto release_bh; 3839 3840 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 3841 &new.de, &new.inlined); 3842 if (IS_ERR(new.bh)) { 3843 retval = PTR_ERR(new.bh); 3844 new.bh = NULL; 3845 goto release_bh; 3846 } 3847 if (new.bh) { 3848 if (!new.inode) { 3849 brelse(new.bh); 3850 new.bh = NULL; 3851 } 3852 } 3853 if (new.inode && !test_opt(new.dir->i_sb, NO_AUTO_DA_ALLOC)) 3854 ext4_alloc_da_blocks(old.inode); 3855 3856 credits = (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 3857 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2); 3858 if (!(flags & RENAME_WHITEOUT)) { 3859 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, credits); 3860 if (IS_ERR(handle)) { 3861 retval = PTR_ERR(handle); 3862 goto release_bh; 3863 } 3864 } else { 3865 whiteout = ext4_whiteout_for_rename(idmap, &old, credits, &handle); 3866 if (IS_ERR(whiteout)) { 3867 retval = PTR_ERR(whiteout); 3868 goto release_bh; 3869 } 3870 } 3871 3872 old_file_type = old.de->file_type; 3873 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 3874 ext4_handle_sync(handle); 3875 3876 if (S_ISDIR(old.inode->i_mode)) { 3877 if (new.inode) { 3878 retval = -ENOTEMPTY; 3879 if (!ext4_empty_dir(new.inode)) 3880 goto end_rename; 3881 } else { 3882 retval = -EMLINK; 3883 if (new.dir != old.dir && EXT4_DIR_LINK_MAX(new.dir)) 3884 goto end_rename; 3885 } 3886 retval = ext4_rename_dir_prepare(handle, &old); 3887 if (retval) 3888 goto end_rename; 3889 } 3890 /* 3891 * If we're renaming a file within an inline_data dir and adding or 3892 * setting the new dirent causes a conversion from inline_data to 3893 * extents/blockmap, we need to force the dirent delete code to 3894 * re-read the directory, or else we end up trying to delete a dirent 3895 * from what is now the extent tree root (or a block map). 3896 */ 3897 force_reread = (new.dir->i_ino == old.dir->i_ino && 3898 ext4_test_inode_flag(new.dir, EXT4_INODE_INLINE_DATA)); 3899 3900 if (whiteout) { 3901 /* 3902 * Do this before adding a new entry, so the old entry is sure 3903 * to be still pointing to the valid old entry. 3904 */ 3905 retval = ext4_setent(handle, &old, whiteout->i_ino, 3906 EXT4_FT_CHRDEV); 3907 if (retval) 3908 goto end_rename; 3909 retval = ext4_mark_inode_dirty(handle, whiteout); 3910 if (unlikely(retval)) 3911 goto end_rename; 3912 3913 } 3914 if (!new.bh) { 3915 retval = ext4_add_entry(handle, new.dentry, old.inode); 3916 if (retval) 3917 goto end_rename; 3918 } else { 3919 retval = ext4_setent(handle, &new, 3920 old.inode->i_ino, old_file_type); 3921 if (retval) 3922 goto end_rename; 3923 } 3924 if (force_reread) 3925 force_reread = !ext4_test_inode_flag(new.dir, 3926 EXT4_INODE_INLINE_DATA); 3927 3928 /* 3929 * Like most other Unix systems, set the ctime for inodes on a 3930 * rename. 3931 */ 3932 old.inode->i_ctime = current_time(old.inode); 3933 retval = ext4_mark_inode_dirty(handle, old.inode); 3934 if (unlikely(retval)) 3935 goto end_rename; 3936 3937 if (!whiteout) { 3938 /* 3939 * ok, that's it 3940 */ 3941 ext4_rename_delete(handle, &old, force_reread); 3942 } 3943 3944 if (new.inode) { 3945 ext4_dec_count(new.inode); 3946 new.inode->i_ctime = current_time(new.inode); 3947 } 3948 old.dir->i_ctime = old.dir->i_mtime = current_time(old.dir); 3949 ext4_update_dx_flag(old.dir); 3950 if (old.dir_bh) { 3951 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 3952 if (retval) 3953 goto end_rename; 3954 3955 ext4_dec_count(old.dir); 3956 if (new.inode) { 3957 /* checked ext4_empty_dir above, can't have another 3958 * parent, ext4_dec_count() won't work for many-linked 3959 * dirs */ 3960 clear_nlink(new.inode); 3961 } else { 3962 ext4_inc_count(new.dir); 3963 ext4_update_dx_flag(new.dir); 3964 retval = ext4_mark_inode_dirty(handle, new.dir); 3965 if (unlikely(retval)) 3966 goto end_rename; 3967 } 3968 } 3969 retval = ext4_mark_inode_dirty(handle, old.dir); 3970 if (unlikely(retval)) 3971 goto end_rename; 3972 3973 if (S_ISDIR(old.inode->i_mode)) { 3974 /* 3975 * We disable fast commits here that's because the 3976 * replay code is not yet capable of changing dot dot 3977 * dirents in directories. 3978 */ 3979 ext4_fc_mark_ineligible(old.inode->i_sb, 3980 EXT4_FC_REASON_RENAME_DIR, handle); 3981 } else { 3982 struct super_block *sb = old.inode->i_sb; 3983 3984 if (new.inode) 3985 ext4_fc_track_unlink(handle, new.dentry); 3986 if (test_opt2(sb, JOURNAL_FAST_COMMIT) && 3987 !(EXT4_SB(sb)->s_mount_state & EXT4_FC_REPLAY) && 3988 !(ext4_test_mount_flag(sb, EXT4_MF_FC_INELIGIBLE))) { 3989 __ext4_fc_track_link(handle, old.inode, new.dentry); 3990 __ext4_fc_track_unlink(handle, old.inode, old.dentry); 3991 if (whiteout) 3992 __ext4_fc_track_create(handle, whiteout, 3993 old.dentry); 3994 } 3995 } 3996 3997 if (new.inode) { 3998 retval = ext4_mark_inode_dirty(handle, new.inode); 3999 if (unlikely(retval)) 4000 goto end_rename; 4001 if (!new.inode->i_nlink) 4002 ext4_orphan_add(handle, new.inode); 4003 } 4004 retval = 0; 4005 4006 end_rename: 4007 if (whiteout) { 4008 if (retval) { 4009 ext4_resetent(handle, &old, 4010 old.inode->i_ino, old_file_type); 4011 drop_nlink(whiteout); 4012 ext4_orphan_add(handle, whiteout); 4013 } 4014 unlock_new_inode(whiteout); 4015 ext4_journal_stop(handle); 4016 iput(whiteout); 4017 } else { 4018 ext4_journal_stop(handle); 4019 } 4020 release_bh: 4021 brelse(old.dir_bh); 4022 brelse(old.bh); 4023 brelse(new.bh); 4024 4025 unlock_moved_dir: 4026 if (S_ISDIR(old.inode->i_mode)) 4027 inode_unlock(old.inode); 4028 4029 return retval; 4030 } 4031 4032 static int ext4_cross_rename(struct inode *old_dir, struct dentry *old_dentry, 4033 struct inode *new_dir, struct dentry *new_dentry) 4034 { 4035 handle_t *handle = NULL; 4036 struct ext4_renament old = { 4037 .dir = old_dir, 4038 .dentry = old_dentry, 4039 .inode = d_inode(old_dentry), 4040 }; 4041 struct ext4_renament new = { 4042 .dir = new_dir, 4043 .dentry = new_dentry, 4044 .inode = d_inode(new_dentry), 4045 }; 4046 u8 new_file_type; 4047 int retval; 4048 struct timespec64 ctime; 4049 4050 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT) && 4051 !projid_eq(EXT4_I(new_dir)->i_projid, 4052 EXT4_I(old_dentry->d_inode)->i_projid)) || 4053 (ext4_test_inode_flag(old_dir, EXT4_INODE_PROJINHERIT) && 4054 !projid_eq(EXT4_I(old_dir)->i_projid, 4055 EXT4_I(new_dentry->d_inode)->i_projid))) 4056 return -EXDEV; 4057 4058 retval = dquot_initialize(old.dir); 4059 if (retval) 4060 return retval; 4061 retval = dquot_initialize(new.dir); 4062 if (retval) 4063 return retval; 4064 4065 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, 4066 &old.de, &old.inlined); 4067 if (IS_ERR(old.bh)) 4068 return PTR_ERR(old.bh); 4069 /* 4070 * Check for inode number is _not_ due to possible IO errors. 4071 * We might rmdir the source, keep it as pwd of some process 4072 * and merrily kill the link to whatever was created under the 4073 * same name. Goodbye sticky bit ;-< 4074 */ 4075 retval = -ENOENT; 4076 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 4077 goto end_rename; 4078 4079 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 4080 &new.de, &new.inlined); 4081 if (IS_ERR(new.bh)) { 4082 retval = PTR_ERR(new.bh); 4083 new.bh = NULL; 4084 goto end_rename; 4085 } 4086 4087 /* RENAME_EXCHANGE case: old *and* new must both exist */ 4088 if (!new.bh || le32_to_cpu(new.de->inode) != new.inode->i_ino) 4089 goto end_rename; 4090 4091 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, 4092 (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 4093 2 * EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2)); 4094 if (IS_ERR(handle)) { 4095 retval = PTR_ERR(handle); 4096 handle = NULL; 4097 goto end_rename; 4098 } 4099 4100 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 4101 ext4_handle_sync(handle); 4102 4103 if (S_ISDIR(old.inode->i_mode)) { 4104 old.is_dir = true; 4105 retval = ext4_rename_dir_prepare(handle, &old); 4106 if (retval) 4107 goto end_rename; 4108 } 4109 if (S_ISDIR(new.inode->i_mode)) { 4110 new.is_dir = true; 4111 retval = ext4_rename_dir_prepare(handle, &new); 4112 if (retval) 4113 goto end_rename; 4114 } 4115 4116 /* 4117 * Other than the special case of overwriting a directory, parents' 4118 * nlink only needs to be modified if this is a cross directory rename. 4119 */ 4120 if (old.dir != new.dir && old.is_dir != new.is_dir) { 4121 old.dir_nlink_delta = old.is_dir ? -1 : 1; 4122 new.dir_nlink_delta = -old.dir_nlink_delta; 4123 retval = -EMLINK; 4124 if ((old.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(old.dir)) || 4125 (new.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(new.dir))) 4126 goto end_rename; 4127 } 4128 4129 new_file_type = new.de->file_type; 4130 retval = ext4_setent(handle, &new, old.inode->i_ino, old.de->file_type); 4131 if (retval) 4132 goto end_rename; 4133 4134 retval = ext4_setent(handle, &old, new.inode->i_ino, new_file_type); 4135 if (retval) 4136 goto end_rename; 4137 4138 /* 4139 * Like most other Unix systems, set the ctime for inodes on a 4140 * rename. 4141 */ 4142 ctime = current_time(old.inode); 4143 old.inode->i_ctime = ctime; 4144 new.inode->i_ctime = ctime; 4145 retval = ext4_mark_inode_dirty(handle, old.inode); 4146 if (unlikely(retval)) 4147 goto end_rename; 4148 retval = ext4_mark_inode_dirty(handle, new.inode); 4149 if (unlikely(retval)) 4150 goto end_rename; 4151 ext4_fc_mark_ineligible(new.inode->i_sb, 4152 EXT4_FC_REASON_CROSS_RENAME, handle); 4153 if (old.dir_bh) { 4154 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 4155 if (retval) 4156 goto end_rename; 4157 } 4158 if (new.dir_bh) { 4159 retval = ext4_rename_dir_finish(handle, &new, old.dir->i_ino); 4160 if (retval) 4161 goto end_rename; 4162 } 4163 ext4_update_dir_count(handle, &old); 4164 ext4_update_dir_count(handle, &new); 4165 retval = 0; 4166 4167 end_rename: 4168 brelse(old.dir_bh); 4169 brelse(new.dir_bh); 4170 brelse(old.bh); 4171 brelse(new.bh); 4172 if (handle) 4173 ext4_journal_stop(handle); 4174 return retval; 4175 } 4176 4177 static int ext4_rename2(struct mnt_idmap *idmap, 4178 struct inode *old_dir, struct dentry *old_dentry, 4179 struct inode *new_dir, struct dentry *new_dentry, 4180 unsigned int flags) 4181 { 4182 int err; 4183 4184 if (unlikely(ext4_forced_shutdown(EXT4_SB(old_dir->i_sb)))) 4185 return -EIO; 4186 4187 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 4188 return -EINVAL; 4189 4190 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 4191 flags); 4192 if (err) 4193 return err; 4194 4195 if (flags & RENAME_EXCHANGE) { 4196 return ext4_cross_rename(old_dir, old_dentry, 4197 new_dir, new_dentry); 4198 } 4199 4200 return ext4_rename(idmap, old_dir, old_dentry, new_dir, new_dentry, flags); 4201 } 4202 4203 /* 4204 * directories can handle most operations... 4205 */ 4206 const struct inode_operations ext4_dir_inode_operations = { 4207 .create = ext4_create, 4208 .lookup = ext4_lookup, 4209 .link = ext4_link, 4210 .unlink = ext4_unlink, 4211 .symlink = ext4_symlink, 4212 .mkdir = ext4_mkdir, 4213 .rmdir = ext4_rmdir, 4214 .mknod = ext4_mknod, 4215 .tmpfile = ext4_tmpfile, 4216 .rename = ext4_rename2, 4217 .setattr = ext4_setattr, 4218 .getattr = ext4_getattr, 4219 .listxattr = ext4_listxattr, 4220 .get_inode_acl = ext4_get_acl, 4221 .set_acl = ext4_set_acl, 4222 .fiemap = ext4_fiemap, 4223 .fileattr_get = ext4_fileattr_get, 4224 .fileattr_set = ext4_fileattr_set, 4225 }; 4226 4227 const struct inode_operations ext4_special_inode_operations = { 4228 .setattr = ext4_setattr, 4229 .getattr = ext4_getattr, 4230 .listxattr = ext4_listxattr, 4231 .get_inode_acl = ext4_get_acl, 4232 .set_acl = ext4_set_acl, 4233 }; 4234