xref: /linux/fs/ext4/namei.c (revision 3f0a50f345f78183f6e9b39c2f45ca5dcaa511ca)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  linux/fs/ext4/namei.c
4  *
5  * Copyright (C) 1992, 1993, 1994, 1995
6  * Remy Card (card@masi.ibp.fr)
7  * Laboratoire MASI - Institut Blaise Pascal
8  * Universite Pierre et Marie Curie (Paris VI)
9  *
10  *  from
11  *
12  *  linux/fs/minix/namei.c
13  *
14  *  Copyright (C) 1991, 1992  Linus Torvalds
15  *
16  *  Big-endian to little-endian byte-swapping/bitmaps by
17  *        David S. Miller (davem@caip.rutgers.edu), 1995
18  *  Directory entry file type support and forward compatibility hooks
19  *	for B-tree directories by Theodore Ts'o (tytso@mit.edu), 1998
20  *  Hash Tree Directory indexing (c)
21  *	Daniel Phillips, 2001
22  *  Hash Tree Directory indexing porting
23  *	Christopher Li, 2002
24  *  Hash Tree Directory indexing cleanup
25  *	Theodore Ts'o, 2002
26  */
27 
28 #include <linux/fs.h>
29 #include <linux/pagemap.h>
30 #include <linux/time.h>
31 #include <linux/fcntl.h>
32 #include <linux/stat.h>
33 #include <linux/string.h>
34 #include <linux/quotaops.h>
35 #include <linux/buffer_head.h>
36 #include <linux/bio.h>
37 #include <linux/iversion.h>
38 #include <linux/unicode.h>
39 #include "ext4.h"
40 #include "ext4_jbd2.h"
41 
42 #include "xattr.h"
43 #include "acl.h"
44 
45 #include <trace/events/ext4.h>
46 /*
47  * define how far ahead to read directories while searching them.
48  */
49 #define NAMEI_RA_CHUNKS  2
50 #define NAMEI_RA_BLOCKS  4
51 #define NAMEI_RA_SIZE	     (NAMEI_RA_CHUNKS * NAMEI_RA_BLOCKS)
52 
53 static struct buffer_head *ext4_append(handle_t *handle,
54 					struct inode *inode,
55 					ext4_lblk_t *block)
56 {
57 	struct buffer_head *bh;
58 	int err;
59 
60 	if (unlikely(EXT4_SB(inode->i_sb)->s_max_dir_size_kb &&
61 		     ((inode->i_size >> 10) >=
62 		      EXT4_SB(inode->i_sb)->s_max_dir_size_kb)))
63 		return ERR_PTR(-ENOSPC);
64 
65 	*block = inode->i_size >> inode->i_sb->s_blocksize_bits;
66 
67 	bh = ext4_bread(handle, inode, *block, EXT4_GET_BLOCKS_CREATE);
68 	if (IS_ERR(bh))
69 		return bh;
70 	inode->i_size += inode->i_sb->s_blocksize;
71 	EXT4_I(inode)->i_disksize = inode->i_size;
72 	BUFFER_TRACE(bh, "get_write_access");
73 	err = ext4_journal_get_write_access(handle, inode->i_sb, bh,
74 					    EXT4_JTR_NONE);
75 	if (err) {
76 		brelse(bh);
77 		ext4_std_error(inode->i_sb, err);
78 		return ERR_PTR(err);
79 	}
80 	return bh;
81 }
82 
83 static int ext4_dx_csum_verify(struct inode *inode,
84 			       struct ext4_dir_entry *dirent);
85 
86 /*
87  * Hints to ext4_read_dirblock regarding whether we expect a directory
88  * block being read to be an index block, or a block containing
89  * directory entries (and if the latter, whether it was found via a
90  * logical block in an htree index block).  This is used to control
91  * what sort of sanity checkinig ext4_read_dirblock() will do on the
92  * directory block read from the storage device.  EITHER will means
93  * the caller doesn't know what kind of directory block will be read,
94  * so no specific verification will be done.
95  */
96 typedef enum {
97 	EITHER, INDEX, DIRENT, DIRENT_HTREE
98 } dirblock_type_t;
99 
100 #define ext4_read_dirblock(inode, block, type) \
101 	__ext4_read_dirblock((inode), (block), (type), __func__, __LINE__)
102 
103 static struct buffer_head *__ext4_read_dirblock(struct inode *inode,
104 						ext4_lblk_t block,
105 						dirblock_type_t type,
106 						const char *func,
107 						unsigned int line)
108 {
109 	struct buffer_head *bh;
110 	struct ext4_dir_entry *dirent;
111 	int is_dx_block = 0;
112 
113 	if (ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_EIO))
114 		bh = ERR_PTR(-EIO);
115 	else
116 		bh = ext4_bread(NULL, inode, block, 0);
117 	if (IS_ERR(bh)) {
118 		__ext4_warning(inode->i_sb, func, line,
119 			       "inode #%lu: lblock %lu: comm %s: "
120 			       "error %ld reading directory block",
121 			       inode->i_ino, (unsigned long)block,
122 			       current->comm, PTR_ERR(bh));
123 
124 		return bh;
125 	}
126 	if (!bh && (type == INDEX || type == DIRENT_HTREE)) {
127 		ext4_error_inode(inode, func, line, block,
128 				 "Directory hole found for htree %s block",
129 				 (type == INDEX) ? "index" : "leaf");
130 		return ERR_PTR(-EFSCORRUPTED);
131 	}
132 	if (!bh)
133 		return NULL;
134 	dirent = (struct ext4_dir_entry *) bh->b_data;
135 	/* Determine whether or not we have an index block */
136 	if (is_dx(inode)) {
137 		if (block == 0)
138 			is_dx_block = 1;
139 		else if (ext4_rec_len_from_disk(dirent->rec_len,
140 						inode->i_sb->s_blocksize) ==
141 			 inode->i_sb->s_blocksize)
142 			is_dx_block = 1;
143 	}
144 	if (!is_dx_block && type == INDEX) {
145 		ext4_error_inode(inode, func, line, block,
146 		       "directory leaf block found instead of index block");
147 		brelse(bh);
148 		return ERR_PTR(-EFSCORRUPTED);
149 	}
150 	if (!ext4_has_metadata_csum(inode->i_sb) ||
151 	    buffer_verified(bh))
152 		return bh;
153 
154 	/*
155 	 * An empty leaf block can get mistaken for a index block; for
156 	 * this reason, we can only check the index checksum when the
157 	 * caller is sure it should be an index block.
158 	 */
159 	if (is_dx_block && type == INDEX) {
160 		if (ext4_dx_csum_verify(inode, dirent) &&
161 		    !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC))
162 			set_buffer_verified(bh);
163 		else {
164 			ext4_error_inode_err(inode, func, line, block,
165 					     EFSBADCRC,
166 					     "Directory index failed checksum");
167 			brelse(bh);
168 			return ERR_PTR(-EFSBADCRC);
169 		}
170 	}
171 	if (!is_dx_block) {
172 		if (ext4_dirblock_csum_verify(inode, bh) &&
173 		    !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC))
174 			set_buffer_verified(bh);
175 		else {
176 			ext4_error_inode_err(inode, func, line, block,
177 					     EFSBADCRC,
178 					     "Directory block failed checksum");
179 			brelse(bh);
180 			return ERR_PTR(-EFSBADCRC);
181 		}
182 	}
183 	return bh;
184 }
185 
186 #ifdef DX_DEBUG
187 #define dxtrace(command) command
188 #else
189 #define dxtrace(command)
190 #endif
191 
192 struct fake_dirent
193 {
194 	__le32 inode;
195 	__le16 rec_len;
196 	u8 name_len;
197 	u8 file_type;
198 };
199 
200 struct dx_countlimit
201 {
202 	__le16 limit;
203 	__le16 count;
204 };
205 
206 struct dx_entry
207 {
208 	__le32 hash;
209 	__le32 block;
210 };
211 
212 /*
213  * dx_root_info is laid out so that if it should somehow get overlaid by a
214  * dirent the two low bits of the hash version will be zero.  Therefore, the
215  * hash version mod 4 should never be 0.  Sincerely, the paranoia department.
216  */
217 
218 struct dx_root
219 {
220 	struct fake_dirent dot;
221 	char dot_name[4];
222 	struct fake_dirent dotdot;
223 	char dotdot_name[4];
224 	struct dx_root_info
225 	{
226 		__le32 reserved_zero;
227 		u8 hash_version;
228 		u8 info_length; /* 8 */
229 		u8 indirect_levels;
230 		u8 unused_flags;
231 	}
232 	info;
233 	struct dx_entry	entries[];
234 };
235 
236 struct dx_node
237 {
238 	struct fake_dirent fake;
239 	struct dx_entry	entries[];
240 };
241 
242 
243 struct dx_frame
244 {
245 	struct buffer_head *bh;
246 	struct dx_entry *entries;
247 	struct dx_entry *at;
248 };
249 
250 struct dx_map_entry
251 {
252 	u32 hash;
253 	u16 offs;
254 	u16 size;
255 };
256 
257 /*
258  * This goes at the end of each htree block.
259  */
260 struct dx_tail {
261 	u32 dt_reserved;
262 	__le32 dt_checksum;	/* crc32c(uuid+inum+dirblock) */
263 };
264 
265 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry);
266 static void dx_set_block(struct dx_entry *entry, ext4_lblk_t value);
267 static inline unsigned dx_get_hash(struct dx_entry *entry);
268 static void dx_set_hash(struct dx_entry *entry, unsigned value);
269 static unsigned dx_get_count(struct dx_entry *entries);
270 static unsigned dx_get_limit(struct dx_entry *entries);
271 static void dx_set_count(struct dx_entry *entries, unsigned value);
272 static void dx_set_limit(struct dx_entry *entries, unsigned value);
273 static unsigned dx_root_limit(struct inode *dir, unsigned infosize);
274 static unsigned dx_node_limit(struct inode *dir);
275 static struct dx_frame *dx_probe(struct ext4_filename *fname,
276 				 struct inode *dir,
277 				 struct dx_hash_info *hinfo,
278 				 struct dx_frame *frame);
279 static void dx_release(struct dx_frame *frames);
280 static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de,
281 		       unsigned blocksize, struct dx_hash_info *hinfo,
282 		       struct dx_map_entry map[]);
283 static void dx_sort_map(struct dx_map_entry *map, unsigned count);
284 static struct ext4_dir_entry_2 *dx_move_dirents(struct inode *dir, char *from,
285 					char *to, struct dx_map_entry *offsets,
286 					int count, unsigned int blocksize);
287 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base,
288 						unsigned int blocksize);
289 static void dx_insert_block(struct dx_frame *frame,
290 					u32 hash, ext4_lblk_t block);
291 static int ext4_htree_next_block(struct inode *dir, __u32 hash,
292 				 struct dx_frame *frame,
293 				 struct dx_frame *frames,
294 				 __u32 *start_hash);
295 static struct buffer_head * ext4_dx_find_entry(struct inode *dir,
296 		struct ext4_filename *fname,
297 		struct ext4_dir_entry_2 **res_dir);
298 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname,
299 			     struct inode *dir, struct inode *inode);
300 
301 /* checksumming functions */
302 void ext4_initialize_dirent_tail(struct buffer_head *bh,
303 				 unsigned int blocksize)
304 {
305 	struct ext4_dir_entry_tail *t = EXT4_DIRENT_TAIL(bh->b_data, blocksize);
306 
307 	memset(t, 0, sizeof(struct ext4_dir_entry_tail));
308 	t->det_rec_len = ext4_rec_len_to_disk(
309 			sizeof(struct ext4_dir_entry_tail), blocksize);
310 	t->det_reserved_ft = EXT4_FT_DIR_CSUM;
311 }
312 
313 /* Walk through a dirent block to find a checksum "dirent" at the tail */
314 static struct ext4_dir_entry_tail *get_dirent_tail(struct inode *inode,
315 						   struct buffer_head *bh)
316 {
317 	struct ext4_dir_entry_tail *t;
318 
319 #ifdef PARANOID
320 	struct ext4_dir_entry *d, *top;
321 
322 	d = (struct ext4_dir_entry *)bh->b_data;
323 	top = (struct ext4_dir_entry *)(bh->b_data +
324 		(EXT4_BLOCK_SIZE(inode->i_sb) -
325 		 sizeof(struct ext4_dir_entry_tail)));
326 	while (d < top && d->rec_len)
327 		d = (struct ext4_dir_entry *)(((void *)d) +
328 		    le16_to_cpu(d->rec_len));
329 
330 	if (d != top)
331 		return NULL;
332 
333 	t = (struct ext4_dir_entry_tail *)d;
334 #else
335 	t = EXT4_DIRENT_TAIL(bh->b_data, EXT4_BLOCK_SIZE(inode->i_sb));
336 #endif
337 
338 	if (t->det_reserved_zero1 ||
339 	    le16_to_cpu(t->det_rec_len) != sizeof(struct ext4_dir_entry_tail) ||
340 	    t->det_reserved_zero2 ||
341 	    t->det_reserved_ft != EXT4_FT_DIR_CSUM)
342 		return NULL;
343 
344 	return t;
345 }
346 
347 static __le32 ext4_dirblock_csum(struct inode *inode, void *dirent, int size)
348 {
349 	struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
350 	struct ext4_inode_info *ei = EXT4_I(inode);
351 	__u32 csum;
352 
353 	csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size);
354 	return cpu_to_le32(csum);
355 }
356 
357 #define warn_no_space_for_csum(inode)					\
358 	__warn_no_space_for_csum((inode), __func__, __LINE__)
359 
360 static void __warn_no_space_for_csum(struct inode *inode, const char *func,
361 				     unsigned int line)
362 {
363 	__ext4_warning_inode(inode, func, line,
364 		"No space for directory leaf checksum. Please run e2fsck -D.");
365 }
366 
367 int ext4_dirblock_csum_verify(struct inode *inode, struct buffer_head *bh)
368 {
369 	struct ext4_dir_entry_tail *t;
370 
371 	if (!ext4_has_metadata_csum(inode->i_sb))
372 		return 1;
373 
374 	t = get_dirent_tail(inode, bh);
375 	if (!t) {
376 		warn_no_space_for_csum(inode);
377 		return 0;
378 	}
379 
380 	if (t->det_checksum != ext4_dirblock_csum(inode, bh->b_data,
381 						  (char *)t - bh->b_data))
382 		return 0;
383 
384 	return 1;
385 }
386 
387 static void ext4_dirblock_csum_set(struct inode *inode,
388 				 struct buffer_head *bh)
389 {
390 	struct ext4_dir_entry_tail *t;
391 
392 	if (!ext4_has_metadata_csum(inode->i_sb))
393 		return;
394 
395 	t = get_dirent_tail(inode, bh);
396 	if (!t) {
397 		warn_no_space_for_csum(inode);
398 		return;
399 	}
400 
401 	t->det_checksum = ext4_dirblock_csum(inode, bh->b_data,
402 					     (char *)t - bh->b_data);
403 }
404 
405 int ext4_handle_dirty_dirblock(handle_t *handle,
406 			       struct inode *inode,
407 			       struct buffer_head *bh)
408 {
409 	ext4_dirblock_csum_set(inode, bh);
410 	return ext4_handle_dirty_metadata(handle, inode, bh);
411 }
412 
413 static struct dx_countlimit *get_dx_countlimit(struct inode *inode,
414 					       struct ext4_dir_entry *dirent,
415 					       int *offset)
416 {
417 	struct ext4_dir_entry *dp;
418 	struct dx_root_info *root;
419 	int count_offset;
420 
421 	if (le16_to_cpu(dirent->rec_len) == EXT4_BLOCK_SIZE(inode->i_sb))
422 		count_offset = 8;
423 	else if (le16_to_cpu(dirent->rec_len) == 12) {
424 		dp = (struct ext4_dir_entry *)(((void *)dirent) + 12);
425 		if (le16_to_cpu(dp->rec_len) !=
426 		    EXT4_BLOCK_SIZE(inode->i_sb) - 12)
427 			return NULL;
428 		root = (struct dx_root_info *)(((void *)dp + 12));
429 		if (root->reserved_zero ||
430 		    root->info_length != sizeof(struct dx_root_info))
431 			return NULL;
432 		count_offset = 32;
433 	} else
434 		return NULL;
435 
436 	if (offset)
437 		*offset = count_offset;
438 	return (struct dx_countlimit *)(((void *)dirent) + count_offset);
439 }
440 
441 static __le32 ext4_dx_csum(struct inode *inode, struct ext4_dir_entry *dirent,
442 			   int count_offset, int count, struct dx_tail *t)
443 {
444 	struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb);
445 	struct ext4_inode_info *ei = EXT4_I(inode);
446 	__u32 csum;
447 	int size;
448 	__u32 dummy_csum = 0;
449 	int offset = offsetof(struct dx_tail, dt_checksum);
450 
451 	size = count_offset + (count * sizeof(struct dx_entry));
452 	csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size);
453 	csum = ext4_chksum(sbi, csum, (__u8 *)t, offset);
454 	csum = ext4_chksum(sbi, csum, (__u8 *)&dummy_csum, sizeof(dummy_csum));
455 
456 	return cpu_to_le32(csum);
457 }
458 
459 static int ext4_dx_csum_verify(struct inode *inode,
460 			       struct ext4_dir_entry *dirent)
461 {
462 	struct dx_countlimit *c;
463 	struct dx_tail *t;
464 	int count_offset, limit, count;
465 
466 	if (!ext4_has_metadata_csum(inode->i_sb))
467 		return 1;
468 
469 	c = get_dx_countlimit(inode, dirent, &count_offset);
470 	if (!c) {
471 		EXT4_ERROR_INODE(inode, "dir seems corrupt?  Run e2fsck -D.");
472 		return 0;
473 	}
474 	limit = le16_to_cpu(c->limit);
475 	count = le16_to_cpu(c->count);
476 	if (count_offset + (limit * sizeof(struct dx_entry)) >
477 	    EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) {
478 		warn_no_space_for_csum(inode);
479 		return 0;
480 	}
481 	t = (struct dx_tail *)(((struct dx_entry *)c) + limit);
482 
483 	if (t->dt_checksum != ext4_dx_csum(inode, dirent, count_offset,
484 					    count, t))
485 		return 0;
486 	return 1;
487 }
488 
489 static void ext4_dx_csum_set(struct inode *inode, struct ext4_dir_entry *dirent)
490 {
491 	struct dx_countlimit *c;
492 	struct dx_tail *t;
493 	int count_offset, limit, count;
494 
495 	if (!ext4_has_metadata_csum(inode->i_sb))
496 		return;
497 
498 	c = get_dx_countlimit(inode, dirent, &count_offset);
499 	if (!c) {
500 		EXT4_ERROR_INODE(inode, "dir seems corrupt?  Run e2fsck -D.");
501 		return;
502 	}
503 	limit = le16_to_cpu(c->limit);
504 	count = le16_to_cpu(c->count);
505 	if (count_offset + (limit * sizeof(struct dx_entry)) >
506 	    EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) {
507 		warn_no_space_for_csum(inode);
508 		return;
509 	}
510 	t = (struct dx_tail *)(((struct dx_entry *)c) + limit);
511 
512 	t->dt_checksum = ext4_dx_csum(inode, dirent, count_offset, count, t);
513 }
514 
515 static inline int ext4_handle_dirty_dx_node(handle_t *handle,
516 					    struct inode *inode,
517 					    struct buffer_head *bh)
518 {
519 	ext4_dx_csum_set(inode, (struct ext4_dir_entry *)bh->b_data);
520 	return ext4_handle_dirty_metadata(handle, inode, bh);
521 }
522 
523 /*
524  * p is at least 6 bytes before the end of page
525  */
526 static inline struct ext4_dir_entry_2 *
527 ext4_next_entry(struct ext4_dir_entry_2 *p, unsigned long blocksize)
528 {
529 	return (struct ext4_dir_entry_2 *)((char *)p +
530 		ext4_rec_len_from_disk(p->rec_len, blocksize));
531 }
532 
533 /*
534  * Future: use high four bits of block for coalesce-on-delete flags
535  * Mask them off for now.
536  */
537 
538 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry)
539 {
540 	return le32_to_cpu(entry->block) & 0x0fffffff;
541 }
542 
543 static inline void dx_set_block(struct dx_entry *entry, ext4_lblk_t value)
544 {
545 	entry->block = cpu_to_le32(value);
546 }
547 
548 static inline unsigned dx_get_hash(struct dx_entry *entry)
549 {
550 	return le32_to_cpu(entry->hash);
551 }
552 
553 static inline void dx_set_hash(struct dx_entry *entry, unsigned value)
554 {
555 	entry->hash = cpu_to_le32(value);
556 }
557 
558 static inline unsigned dx_get_count(struct dx_entry *entries)
559 {
560 	return le16_to_cpu(((struct dx_countlimit *) entries)->count);
561 }
562 
563 static inline unsigned dx_get_limit(struct dx_entry *entries)
564 {
565 	return le16_to_cpu(((struct dx_countlimit *) entries)->limit);
566 }
567 
568 static inline void dx_set_count(struct dx_entry *entries, unsigned value)
569 {
570 	((struct dx_countlimit *) entries)->count = cpu_to_le16(value);
571 }
572 
573 static inline void dx_set_limit(struct dx_entry *entries, unsigned value)
574 {
575 	((struct dx_countlimit *) entries)->limit = cpu_to_le16(value);
576 }
577 
578 static inline unsigned dx_root_limit(struct inode *dir, unsigned infosize)
579 {
580 	unsigned int entry_space = dir->i_sb->s_blocksize -
581 			ext4_dir_rec_len(1, NULL) -
582 			ext4_dir_rec_len(2, NULL) - infosize;
583 
584 	if (ext4_has_metadata_csum(dir->i_sb))
585 		entry_space -= sizeof(struct dx_tail);
586 	return entry_space / sizeof(struct dx_entry);
587 }
588 
589 static inline unsigned dx_node_limit(struct inode *dir)
590 {
591 	unsigned int entry_space = dir->i_sb->s_blocksize -
592 			ext4_dir_rec_len(0, dir);
593 
594 	if (ext4_has_metadata_csum(dir->i_sb))
595 		entry_space -= sizeof(struct dx_tail);
596 	return entry_space / sizeof(struct dx_entry);
597 }
598 
599 /*
600  * Debug
601  */
602 #ifdef DX_DEBUG
603 static void dx_show_index(char * label, struct dx_entry *entries)
604 {
605 	int i, n = dx_get_count (entries);
606 	printk(KERN_DEBUG "%s index", label);
607 	for (i = 0; i < n; i++) {
608 		printk(KERN_CONT " %x->%lu",
609 		       i ? dx_get_hash(entries + i) : 0,
610 		       (unsigned long)dx_get_block(entries + i));
611 	}
612 	printk(KERN_CONT "\n");
613 }
614 
615 struct stats
616 {
617 	unsigned names;
618 	unsigned space;
619 	unsigned bcount;
620 };
621 
622 static struct stats dx_show_leaf(struct inode *dir,
623 				struct dx_hash_info *hinfo,
624 				struct ext4_dir_entry_2 *de,
625 				int size, int show_names)
626 {
627 	unsigned names = 0, space = 0;
628 	char *base = (char *) de;
629 	struct dx_hash_info h = *hinfo;
630 
631 	printk("names: ");
632 	while ((char *) de < base + size)
633 	{
634 		if (de->inode)
635 		{
636 			if (show_names)
637 			{
638 #ifdef CONFIG_FS_ENCRYPTION
639 				int len;
640 				char *name;
641 				struct fscrypt_str fname_crypto_str =
642 					FSTR_INIT(NULL, 0);
643 				int res = 0;
644 
645 				name  = de->name;
646 				len = de->name_len;
647 				if (!IS_ENCRYPTED(dir)) {
648 					/* Directory is not encrypted */
649 					ext4fs_dirhash(dir, de->name,
650 						de->name_len, &h);
651 					printk("%*.s:(U)%x.%u ", len,
652 					       name, h.hash,
653 					       (unsigned) ((char *) de
654 							   - base));
655 				} else {
656 					struct fscrypt_str de_name =
657 						FSTR_INIT(name, len);
658 
659 					/* Directory is encrypted */
660 					res = fscrypt_fname_alloc_buffer(
661 						len, &fname_crypto_str);
662 					if (res)
663 						printk(KERN_WARNING "Error "
664 							"allocating crypto "
665 							"buffer--skipping "
666 							"crypto\n");
667 					res = fscrypt_fname_disk_to_usr(dir,
668 						0, 0, &de_name,
669 						&fname_crypto_str);
670 					if (res) {
671 						printk(KERN_WARNING "Error "
672 							"converting filename "
673 							"from disk to usr"
674 							"\n");
675 						name = "??";
676 						len = 2;
677 					} else {
678 						name = fname_crypto_str.name;
679 						len = fname_crypto_str.len;
680 					}
681 					if (IS_CASEFOLDED(dir))
682 						h.hash = EXT4_DIRENT_HASH(de);
683 					else
684 						ext4fs_dirhash(dir, de->name,
685 						       de->name_len, &h);
686 					printk("%*.s:(E)%x.%u ", len, name,
687 					       h.hash, (unsigned) ((char *) de
688 								   - base));
689 					fscrypt_fname_free_buffer(
690 							&fname_crypto_str);
691 				}
692 #else
693 				int len = de->name_len;
694 				char *name = de->name;
695 				ext4fs_dirhash(dir, de->name, de->name_len, &h);
696 				printk("%*.s:%x.%u ", len, name, h.hash,
697 				       (unsigned) ((char *) de - base));
698 #endif
699 			}
700 			space += ext4_dir_rec_len(de->name_len, dir);
701 			names++;
702 		}
703 		de = ext4_next_entry(de, size);
704 	}
705 	printk(KERN_CONT "(%i)\n", names);
706 	return (struct stats) { names, space, 1 };
707 }
708 
709 struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir,
710 			     struct dx_entry *entries, int levels)
711 {
712 	unsigned blocksize = dir->i_sb->s_blocksize;
713 	unsigned count = dx_get_count(entries), names = 0, space = 0, i;
714 	unsigned bcount = 0;
715 	struct buffer_head *bh;
716 	printk("%i indexed blocks...\n", count);
717 	for (i = 0; i < count; i++, entries++)
718 	{
719 		ext4_lblk_t block = dx_get_block(entries);
720 		ext4_lblk_t hash  = i ? dx_get_hash(entries): 0;
721 		u32 range = i < count - 1? (dx_get_hash(entries + 1) - hash): ~hash;
722 		struct stats stats;
723 		printk("%s%3u:%03u hash %8x/%8x ",levels?"":"   ", i, block, hash, range);
724 		bh = ext4_bread(NULL,dir, block, 0);
725 		if (!bh || IS_ERR(bh))
726 			continue;
727 		stats = levels?
728 		   dx_show_entries(hinfo, dir, ((struct dx_node *) bh->b_data)->entries, levels - 1):
729 		   dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *)
730 			bh->b_data, blocksize, 0);
731 		names += stats.names;
732 		space += stats.space;
733 		bcount += stats.bcount;
734 		brelse(bh);
735 	}
736 	if (bcount)
737 		printk(KERN_DEBUG "%snames %u, fullness %u (%u%%)\n",
738 		       levels ? "" : "   ", names, space/bcount,
739 		       (space/bcount)*100/blocksize);
740 	return (struct stats) { names, space, bcount};
741 }
742 
743 /*
744  * Linear search cross check
745  */
746 static inline void htree_rep_invariant_check(struct dx_entry *at,
747 					     struct dx_entry *target,
748 					     u32 hash, unsigned int n)
749 {
750 	while (n--) {
751 		dxtrace(printk(KERN_CONT ","));
752 		if (dx_get_hash(++at) > hash) {
753 			at--;
754 			break;
755 		}
756 	}
757 	ASSERT(at == target - 1);
758 }
759 #else /* DX_DEBUG */
760 static inline void htree_rep_invariant_check(struct dx_entry *at,
761 					     struct dx_entry *target,
762 					     u32 hash, unsigned int n)
763 {
764 }
765 #endif /* DX_DEBUG */
766 
767 /*
768  * Probe for a directory leaf block to search.
769  *
770  * dx_probe can return ERR_BAD_DX_DIR, which means there was a format
771  * error in the directory index, and the caller should fall back to
772  * searching the directory normally.  The callers of dx_probe **MUST**
773  * check for this error code, and make sure it never gets reflected
774  * back to userspace.
775  */
776 static struct dx_frame *
777 dx_probe(struct ext4_filename *fname, struct inode *dir,
778 	 struct dx_hash_info *hinfo, struct dx_frame *frame_in)
779 {
780 	unsigned count, indirect;
781 	struct dx_entry *at, *entries, *p, *q, *m;
782 	struct dx_root *root;
783 	struct dx_frame *frame = frame_in;
784 	struct dx_frame *ret_err = ERR_PTR(ERR_BAD_DX_DIR);
785 	u32 hash;
786 
787 	memset(frame_in, 0, EXT4_HTREE_LEVEL * sizeof(frame_in[0]));
788 	frame->bh = ext4_read_dirblock(dir, 0, INDEX);
789 	if (IS_ERR(frame->bh))
790 		return (struct dx_frame *) frame->bh;
791 
792 	root = (struct dx_root *) frame->bh->b_data;
793 	if (root->info.hash_version != DX_HASH_TEA &&
794 	    root->info.hash_version != DX_HASH_HALF_MD4 &&
795 	    root->info.hash_version != DX_HASH_LEGACY &&
796 	    root->info.hash_version != DX_HASH_SIPHASH) {
797 		ext4_warning_inode(dir, "Unrecognised inode hash code %u",
798 				   root->info.hash_version);
799 		goto fail;
800 	}
801 	if (ext4_hash_in_dirent(dir)) {
802 		if (root->info.hash_version != DX_HASH_SIPHASH) {
803 			ext4_warning_inode(dir,
804 				"Hash in dirent, but hash is not SIPHASH");
805 			goto fail;
806 		}
807 	} else {
808 		if (root->info.hash_version == DX_HASH_SIPHASH) {
809 			ext4_warning_inode(dir,
810 				"Hash code is SIPHASH, but hash not in dirent");
811 			goto fail;
812 		}
813 	}
814 	if (fname)
815 		hinfo = &fname->hinfo;
816 	hinfo->hash_version = root->info.hash_version;
817 	if (hinfo->hash_version <= DX_HASH_TEA)
818 		hinfo->hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned;
819 	hinfo->seed = EXT4_SB(dir->i_sb)->s_hash_seed;
820 	/* hash is already computed for encrypted casefolded directory */
821 	if (fname && fname_name(fname) &&
822 				!(IS_ENCRYPTED(dir) && IS_CASEFOLDED(dir)))
823 		ext4fs_dirhash(dir, fname_name(fname), fname_len(fname), hinfo);
824 	hash = hinfo->hash;
825 
826 	if (root->info.unused_flags & 1) {
827 		ext4_warning_inode(dir, "Unimplemented hash flags: %#06x",
828 				   root->info.unused_flags);
829 		goto fail;
830 	}
831 
832 	indirect = root->info.indirect_levels;
833 	if (indirect >= ext4_dir_htree_level(dir->i_sb)) {
834 		ext4_warning(dir->i_sb,
835 			     "Directory (ino: %lu) htree depth %#06x exceed"
836 			     "supported value", dir->i_ino,
837 			     ext4_dir_htree_level(dir->i_sb));
838 		if (ext4_dir_htree_level(dir->i_sb) < EXT4_HTREE_LEVEL) {
839 			ext4_warning(dir->i_sb, "Enable large directory "
840 						"feature to access it");
841 		}
842 		goto fail;
843 	}
844 
845 	entries = (struct dx_entry *)(((char *)&root->info) +
846 				      root->info.info_length);
847 
848 	if (dx_get_limit(entries) != dx_root_limit(dir,
849 						   root->info.info_length)) {
850 		ext4_warning_inode(dir, "dx entry: limit %u != root limit %u",
851 				   dx_get_limit(entries),
852 				   dx_root_limit(dir, root->info.info_length));
853 		goto fail;
854 	}
855 
856 	dxtrace(printk("Look up %x", hash));
857 	while (1) {
858 		count = dx_get_count(entries);
859 		if (!count || count > dx_get_limit(entries)) {
860 			ext4_warning_inode(dir,
861 					   "dx entry: count %u beyond limit %u",
862 					   count, dx_get_limit(entries));
863 			goto fail;
864 		}
865 
866 		p = entries + 1;
867 		q = entries + count - 1;
868 		while (p <= q) {
869 			m = p + (q - p) / 2;
870 			dxtrace(printk(KERN_CONT "."));
871 			if (dx_get_hash(m) > hash)
872 				q = m - 1;
873 			else
874 				p = m + 1;
875 		}
876 
877 		htree_rep_invariant_check(entries, p, hash, count - 1);
878 
879 		at = p - 1;
880 		dxtrace(printk(KERN_CONT " %x->%u\n",
881 			       at == entries ? 0 : dx_get_hash(at),
882 			       dx_get_block(at)));
883 		frame->entries = entries;
884 		frame->at = at;
885 		if (!indirect--)
886 			return frame;
887 		frame++;
888 		frame->bh = ext4_read_dirblock(dir, dx_get_block(at), INDEX);
889 		if (IS_ERR(frame->bh)) {
890 			ret_err = (struct dx_frame *) frame->bh;
891 			frame->bh = NULL;
892 			goto fail;
893 		}
894 		entries = ((struct dx_node *) frame->bh->b_data)->entries;
895 
896 		if (dx_get_limit(entries) != dx_node_limit(dir)) {
897 			ext4_warning_inode(dir,
898 				"dx entry: limit %u != node limit %u",
899 				dx_get_limit(entries), dx_node_limit(dir));
900 			goto fail;
901 		}
902 	}
903 fail:
904 	while (frame >= frame_in) {
905 		brelse(frame->bh);
906 		frame--;
907 	}
908 
909 	if (ret_err == ERR_PTR(ERR_BAD_DX_DIR))
910 		ext4_warning_inode(dir,
911 			"Corrupt directory, running e2fsck is recommended");
912 	return ret_err;
913 }
914 
915 static void dx_release(struct dx_frame *frames)
916 {
917 	struct dx_root_info *info;
918 	int i;
919 	unsigned int indirect_levels;
920 
921 	if (frames[0].bh == NULL)
922 		return;
923 
924 	info = &((struct dx_root *)frames[0].bh->b_data)->info;
925 	/* save local copy, "info" may be freed after brelse() */
926 	indirect_levels = info->indirect_levels;
927 	for (i = 0; i <= indirect_levels; i++) {
928 		if (frames[i].bh == NULL)
929 			break;
930 		brelse(frames[i].bh);
931 		frames[i].bh = NULL;
932 	}
933 }
934 
935 /*
936  * This function increments the frame pointer to search the next leaf
937  * block, and reads in the necessary intervening nodes if the search
938  * should be necessary.  Whether or not the search is necessary is
939  * controlled by the hash parameter.  If the hash value is even, then
940  * the search is only continued if the next block starts with that
941  * hash value.  This is used if we are searching for a specific file.
942  *
943  * If the hash value is HASH_NB_ALWAYS, then always go to the next block.
944  *
945  * This function returns 1 if the caller should continue to search,
946  * or 0 if it should not.  If there is an error reading one of the
947  * index blocks, it will a negative error code.
948  *
949  * If start_hash is non-null, it will be filled in with the starting
950  * hash of the next page.
951  */
952 static int ext4_htree_next_block(struct inode *dir, __u32 hash,
953 				 struct dx_frame *frame,
954 				 struct dx_frame *frames,
955 				 __u32 *start_hash)
956 {
957 	struct dx_frame *p;
958 	struct buffer_head *bh;
959 	int num_frames = 0;
960 	__u32 bhash;
961 
962 	p = frame;
963 	/*
964 	 * Find the next leaf page by incrementing the frame pointer.
965 	 * If we run out of entries in the interior node, loop around and
966 	 * increment pointer in the parent node.  When we break out of
967 	 * this loop, num_frames indicates the number of interior
968 	 * nodes need to be read.
969 	 */
970 	while (1) {
971 		if (++(p->at) < p->entries + dx_get_count(p->entries))
972 			break;
973 		if (p == frames)
974 			return 0;
975 		num_frames++;
976 		p--;
977 	}
978 
979 	/*
980 	 * If the hash is 1, then continue only if the next page has a
981 	 * continuation hash of any value.  This is used for readdir
982 	 * handling.  Otherwise, check to see if the hash matches the
983 	 * desired continuation hash.  If it doesn't, return since
984 	 * there's no point to read in the successive index pages.
985 	 */
986 	bhash = dx_get_hash(p->at);
987 	if (start_hash)
988 		*start_hash = bhash;
989 	if ((hash & 1) == 0) {
990 		if ((bhash & ~1) != hash)
991 			return 0;
992 	}
993 	/*
994 	 * If the hash is HASH_NB_ALWAYS, we always go to the next
995 	 * block so no check is necessary
996 	 */
997 	while (num_frames--) {
998 		bh = ext4_read_dirblock(dir, dx_get_block(p->at), INDEX);
999 		if (IS_ERR(bh))
1000 			return PTR_ERR(bh);
1001 		p++;
1002 		brelse(p->bh);
1003 		p->bh = bh;
1004 		p->at = p->entries = ((struct dx_node *) bh->b_data)->entries;
1005 	}
1006 	return 1;
1007 }
1008 
1009 
1010 /*
1011  * This function fills a red-black tree with information from a
1012  * directory block.  It returns the number directory entries loaded
1013  * into the tree.  If there is an error it is returned in err.
1014  */
1015 static int htree_dirblock_to_tree(struct file *dir_file,
1016 				  struct inode *dir, ext4_lblk_t block,
1017 				  struct dx_hash_info *hinfo,
1018 				  __u32 start_hash, __u32 start_minor_hash)
1019 {
1020 	struct buffer_head *bh;
1021 	struct ext4_dir_entry_2 *de, *top;
1022 	int err = 0, count = 0;
1023 	struct fscrypt_str fname_crypto_str = FSTR_INIT(NULL, 0), tmp_str;
1024 	int csum = ext4_has_metadata_csum(dir->i_sb);
1025 
1026 	dxtrace(printk(KERN_INFO "In htree dirblock_to_tree: block %lu\n",
1027 							(unsigned long)block));
1028 	bh = ext4_read_dirblock(dir, block, DIRENT_HTREE);
1029 	if (IS_ERR(bh))
1030 		return PTR_ERR(bh);
1031 
1032 	de = (struct ext4_dir_entry_2 *) bh->b_data;
1033 	/* csum entries are not larger in the casefolded encrypted case */
1034 	top = (struct ext4_dir_entry_2 *) ((char *) de +
1035 					   dir->i_sb->s_blocksize -
1036 					   ext4_dir_rec_len(0,
1037 							   csum ? NULL : dir));
1038 	/* Check if the directory is encrypted */
1039 	if (IS_ENCRYPTED(dir)) {
1040 		err = fscrypt_prepare_readdir(dir);
1041 		if (err < 0) {
1042 			brelse(bh);
1043 			return err;
1044 		}
1045 		err = fscrypt_fname_alloc_buffer(EXT4_NAME_LEN,
1046 						 &fname_crypto_str);
1047 		if (err < 0) {
1048 			brelse(bh);
1049 			return err;
1050 		}
1051 	}
1052 
1053 	for (; de < top; de = ext4_next_entry(de, dir->i_sb->s_blocksize)) {
1054 		if (ext4_check_dir_entry(dir, NULL, de, bh,
1055 				bh->b_data, bh->b_size,
1056 				(block<<EXT4_BLOCK_SIZE_BITS(dir->i_sb))
1057 					 + ((char *)de - bh->b_data))) {
1058 			/* silently ignore the rest of the block */
1059 			break;
1060 		}
1061 		if (ext4_hash_in_dirent(dir)) {
1062 			if (de->name_len && de->inode) {
1063 				hinfo->hash = EXT4_DIRENT_HASH(de);
1064 				hinfo->minor_hash = EXT4_DIRENT_MINOR_HASH(de);
1065 			} else {
1066 				hinfo->hash = 0;
1067 				hinfo->minor_hash = 0;
1068 			}
1069 		} else {
1070 			ext4fs_dirhash(dir, de->name, de->name_len, hinfo);
1071 		}
1072 		if ((hinfo->hash < start_hash) ||
1073 		    ((hinfo->hash == start_hash) &&
1074 		     (hinfo->minor_hash < start_minor_hash)))
1075 			continue;
1076 		if (de->inode == 0)
1077 			continue;
1078 		if (!IS_ENCRYPTED(dir)) {
1079 			tmp_str.name = de->name;
1080 			tmp_str.len = de->name_len;
1081 			err = ext4_htree_store_dirent(dir_file,
1082 				   hinfo->hash, hinfo->minor_hash, de,
1083 				   &tmp_str);
1084 		} else {
1085 			int save_len = fname_crypto_str.len;
1086 			struct fscrypt_str de_name = FSTR_INIT(de->name,
1087 								de->name_len);
1088 
1089 			/* Directory is encrypted */
1090 			err = fscrypt_fname_disk_to_usr(dir, hinfo->hash,
1091 					hinfo->minor_hash, &de_name,
1092 					&fname_crypto_str);
1093 			if (err) {
1094 				count = err;
1095 				goto errout;
1096 			}
1097 			err = ext4_htree_store_dirent(dir_file,
1098 				   hinfo->hash, hinfo->minor_hash, de,
1099 					&fname_crypto_str);
1100 			fname_crypto_str.len = save_len;
1101 		}
1102 		if (err != 0) {
1103 			count = err;
1104 			goto errout;
1105 		}
1106 		count++;
1107 	}
1108 errout:
1109 	brelse(bh);
1110 	fscrypt_fname_free_buffer(&fname_crypto_str);
1111 	return count;
1112 }
1113 
1114 
1115 /*
1116  * This function fills a red-black tree with information from a
1117  * directory.  We start scanning the directory in hash order, starting
1118  * at start_hash and start_minor_hash.
1119  *
1120  * This function returns the number of entries inserted into the tree,
1121  * or a negative error code.
1122  */
1123 int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash,
1124 			 __u32 start_minor_hash, __u32 *next_hash)
1125 {
1126 	struct dx_hash_info hinfo;
1127 	struct ext4_dir_entry_2 *de;
1128 	struct dx_frame frames[EXT4_HTREE_LEVEL], *frame;
1129 	struct inode *dir;
1130 	ext4_lblk_t block;
1131 	int count = 0;
1132 	int ret, err;
1133 	__u32 hashval;
1134 	struct fscrypt_str tmp_str;
1135 
1136 	dxtrace(printk(KERN_DEBUG "In htree_fill_tree, start hash: %x:%x\n",
1137 		       start_hash, start_minor_hash));
1138 	dir = file_inode(dir_file);
1139 	if (!(ext4_test_inode_flag(dir, EXT4_INODE_INDEX))) {
1140 		if (ext4_hash_in_dirent(dir))
1141 			hinfo.hash_version = DX_HASH_SIPHASH;
1142 		else
1143 			hinfo.hash_version =
1144 					EXT4_SB(dir->i_sb)->s_def_hash_version;
1145 		if (hinfo.hash_version <= DX_HASH_TEA)
1146 			hinfo.hash_version +=
1147 				EXT4_SB(dir->i_sb)->s_hash_unsigned;
1148 		hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed;
1149 		if (ext4_has_inline_data(dir)) {
1150 			int has_inline_data = 1;
1151 			count = ext4_inlinedir_to_tree(dir_file, dir, 0,
1152 						       &hinfo, start_hash,
1153 						       start_minor_hash,
1154 						       &has_inline_data);
1155 			if (has_inline_data) {
1156 				*next_hash = ~0;
1157 				return count;
1158 			}
1159 		}
1160 		count = htree_dirblock_to_tree(dir_file, dir, 0, &hinfo,
1161 					       start_hash, start_minor_hash);
1162 		*next_hash = ~0;
1163 		return count;
1164 	}
1165 	hinfo.hash = start_hash;
1166 	hinfo.minor_hash = 0;
1167 	frame = dx_probe(NULL, dir, &hinfo, frames);
1168 	if (IS_ERR(frame))
1169 		return PTR_ERR(frame);
1170 
1171 	/* Add '.' and '..' from the htree header */
1172 	if (!start_hash && !start_minor_hash) {
1173 		de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data;
1174 		tmp_str.name = de->name;
1175 		tmp_str.len = de->name_len;
1176 		err = ext4_htree_store_dirent(dir_file, 0, 0,
1177 					      de, &tmp_str);
1178 		if (err != 0)
1179 			goto errout;
1180 		count++;
1181 	}
1182 	if (start_hash < 2 || (start_hash ==2 && start_minor_hash==0)) {
1183 		de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data;
1184 		de = ext4_next_entry(de, dir->i_sb->s_blocksize);
1185 		tmp_str.name = de->name;
1186 		tmp_str.len = de->name_len;
1187 		err = ext4_htree_store_dirent(dir_file, 2, 0,
1188 					      de, &tmp_str);
1189 		if (err != 0)
1190 			goto errout;
1191 		count++;
1192 	}
1193 
1194 	while (1) {
1195 		if (fatal_signal_pending(current)) {
1196 			err = -ERESTARTSYS;
1197 			goto errout;
1198 		}
1199 		cond_resched();
1200 		block = dx_get_block(frame->at);
1201 		ret = htree_dirblock_to_tree(dir_file, dir, block, &hinfo,
1202 					     start_hash, start_minor_hash);
1203 		if (ret < 0) {
1204 			err = ret;
1205 			goto errout;
1206 		}
1207 		count += ret;
1208 		hashval = ~0;
1209 		ret = ext4_htree_next_block(dir, HASH_NB_ALWAYS,
1210 					    frame, frames, &hashval);
1211 		*next_hash = hashval;
1212 		if (ret < 0) {
1213 			err = ret;
1214 			goto errout;
1215 		}
1216 		/*
1217 		 * Stop if:  (a) there are no more entries, or
1218 		 * (b) we have inserted at least one entry and the
1219 		 * next hash value is not a continuation
1220 		 */
1221 		if ((ret == 0) ||
1222 		    (count && ((hashval & 1) == 0)))
1223 			break;
1224 	}
1225 	dx_release(frames);
1226 	dxtrace(printk(KERN_DEBUG "Fill tree: returned %d entries, "
1227 		       "next hash: %x\n", count, *next_hash));
1228 	return count;
1229 errout:
1230 	dx_release(frames);
1231 	return (err);
1232 }
1233 
1234 static inline int search_dirblock(struct buffer_head *bh,
1235 				  struct inode *dir,
1236 				  struct ext4_filename *fname,
1237 				  unsigned int offset,
1238 				  struct ext4_dir_entry_2 **res_dir)
1239 {
1240 	return ext4_search_dir(bh, bh->b_data, dir->i_sb->s_blocksize, dir,
1241 			       fname, offset, res_dir);
1242 }
1243 
1244 /*
1245  * Directory block splitting, compacting
1246  */
1247 
1248 /*
1249  * Create map of hash values, offsets, and sizes, stored at end of block.
1250  * Returns number of entries mapped.
1251  */
1252 static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de,
1253 		       unsigned blocksize, struct dx_hash_info *hinfo,
1254 		       struct dx_map_entry *map_tail)
1255 {
1256 	int count = 0;
1257 	char *base = (char *) de;
1258 	struct dx_hash_info h = *hinfo;
1259 
1260 	while ((char *) de < base + blocksize) {
1261 		if (de->name_len && de->inode) {
1262 			if (ext4_hash_in_dirent(dir))
1263 				h.hash = EXT4_DIRENT_HASH(de);
1264 			else
1265 				ext4fs_dirhash(dir, de->name, de->name_len, &h);
1266 			map_tail--;
1267 			map_tail->hash = h.hash;
1268 			map_tail->offs = ((char *) de - base)>>2;
1269 			map_tail->size = le16_to_cpu(de->rec_len);
1270 			count++;
1271 			cond_resched();
1272 		}
1273 		/* XXX: do we need to check rec_len == 0 case? -Chris */
1274 		de = ext4_next_entry(de, blocksize);
1275 	}
1276 	return count;
1277 }
1278 
1279 /* Sort map by hash value */
1280 static void dx_sort_map (struct dx_map_entry *map, unsigned count)
1281 {
1282 	struct dx_map_entry *p, *q, *top = map + count - 1;
1283 	int more;
1284 	/* Combsort until bubble sort doesn't suck */
1285 	while (count > 2) {
1286 		count = count*10/13;
1287 		if (count - 9 < 2) /* 9, 10 -> 11 */
1288 			count = 11;
1289 		for (p = top, q = p - count; q >= map; p--, q--)
1290 			if (p->hash < q->hash)
1291 				swap(*p, *q);
1292 	}
1293 	/* Garden variety bubble sort */
1294 	do {
1295 		more = 0;
1296 		q = top;
1297 		while (q-- > map) {
1298 			if (q[1].hash >= q[0].hash)
1299 				continue;
1300 			swap(*(q+1), *q);
1301 			more = 1;
1302 		}
1303 	} while(more);
1304 }
1305 
1306 static void dx_insert_block(struct dx_frame *frame, u32 hash, ext4_lblk_t block)
1307 {
1308 	struct dx_entry *entries = frame->entries;
1309 	struct dx_entry *old = frame->at, *new = old + 1;
1310 	int count = dx_get_count(entries);
1311 
1312 	ASSERT(count < dx_get_limit(entries));
1313 	ASSERT(old < entries + count);
1314 	memmove(new + 1, new, (char *)(entries + count) - (char *)(new));
1315 	dx_set_hash(new, hash);
1316 	dx_set_block(new, block);
1317 	dx_set_count(entries, count + 1);
1318 }
1319 
1320 #if IS_ENABLED(CONFIG_UNICODE)
1321 /*
1322  * Test whether a case-insensitive directory entry matches the filename
1323  * being searched for.  If quick is set, assume the name being looked up
1324  * is already in the casefolded form.
1325  *
1326  * Returns: 0 if the directory entry matches, more than 0 if it
1327  * doesn't match or less than zero on error.
1328  */
1329 static int ext4_ci_compare(const struct inode *parent, const struct qstr *name,
1330 			   u8 *de_name, size_t de_name_len, bool quick)
1331 {
1332 	const struct super_block *sb = parent->i_sb;
1333 	const struct unicode_map *um = sb->s_encoding;
1334 	struct fscrypt_str decrypted_name = FSTR_INIT(NULL, de_name_len);
1335 	struct qstr entry = QSTR_INIT(de_name, de_name_len);
1336 	int ret;
1337 
1338 	if (IS_ENCRYPTED(parent)) {
1339 		const struct fscrypt_str encrypted_name =
1340 				FSTR_INIT(de_name, de_name_len);
1341 
1342 		decrypted_name.name = kmalloc(de_name_len, GFP_KERNEL);
1343 		if (!decrypted_name.name)
1344 			return -ENOMEM;
1345 		ret = fscrypt_fname_disk_to_usr(parent, 0, 0, &encrypted_name,
1346 						&decrypted_name);
1347 		if (ret < 0)
1348 			goto out;
1349 		entry.name = decrypted_name.name;
1350 		entry.len = decrypted_name.len;
1351 	}
1352 
1353 	if (quick)
1354 		ret = utf8_strncasecmp_folded(um, name, &entry);
1355 	else
1356 		ret = utf8_strncasecmp(um, name, &entry);
1357 	if (ret < 0) {
1358 		/* Handle invalid character sequence as either an error
1359 		 * or as an opaque byte sequence.
1360 		 */
1361 		if (sb_has_strict_encoding(sb))
1362 			ret = -EINVAL;
1363 		else if (name->len != entry.len)
1364 			ret = 1;
1365 		else
1366 			ret = !!memcmp(name->name, entry.name, entry.len);
1367 	}
1368 out:
1369 	kfree(decrypted_name.name);
1370 	return ret;
1371 }
1372 
1373 int ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname,
1374 				  struct ext4_filename *name)
1375 {
1376 	struct fscrypt_str *cf_name = &name->cf_name;
1377 	struct dx_hash_info *hinfo = &name->hinfo;
1378 	int len;
1379 
1380 	if (!IS_CASEFOLDED(dir) || !dir->i_sb->s_encoding ||
1381 	    (IS_ENCRYPTED(dir) && !fscrypt_has_encryption_key(dir))) {
1382 		cf_name->name = NULL;
1383 		return 0;
1384 	}
1385 
1386 	cf_name->name = kmalloc(EXT4_NAME_LEN, GFP_NOFS);
1387 	if (!cf_name->name)
1388 		return -ENOMEM;
1389 
1390 	len = utf8_casefold(dir->i_sb->s_encoding,
1391 			    iname, cf_name->name,
1392 			    EXT4_NAME_LEN);
1393 	if (len <= 0) {
1394 		kfree(cf_name->name);
1395 		cf_name->name = NULL;
1396 	}
1397 	cf_name->len = (unsigned) len;
1398 	if (!IS_ENCRYPTED(dir))
1399 		return 0;
1400 
1401 	hinfo->hash_version = DX_HASH_SIPHASH;
1402 	hinfo->seed = NULL;
1403 	if (cf_name->name)
1404 		ext4fs_dirhash(dir, cf_name->name, cf_name->len, hinfo);
1405 	else
1406 		ext4fs_dirhash(dir, iname->name, iname->len, hinfo);
1407 	return 0;
1408 }
1409 #endif
1410 
1411 /*
1412  * Test whether a directory entry matches the filename being searched for.
1413  *
1414  * Return: %true if the directory entry matches, otherwise %false.
1415  */
1416 static bool ext4_match(struct inode *parent,
1417 			      const struct ext4_filename *fname,
1418 			      struct ext4_dir_entry_2 *de)
1419 {
1420 	struct fscrypt_name f;
1421 
1422 	if (!de->inode)
1423 		return false;
1424 
1425 	f.usr_fname = fname->usr_fname;
1426 	f.disk_name = fname->disk_name;
1427 #ifdef CONFIG_FS_ENCRYPTION
1428 	f.crypto_buf = fname->crypto_buf;
1429 #endif
1430 
1431 #if IS_ENABLED(CONFIG_UNICODE)
1432 	if (parent->i_sb->s_encoding && IS_CASEFOLDED(parent) &&
1433 	    (!IS_ENCRYPTED(parent) || fscrypt_has_encryption_key(parent))) {
1434 		if (fname->cf_name.name) {
1435 			struct qstr cf = {.name = fname->cf_name.name,
1436 					  .len = fname->cf_name.len};
1437 			if (IS_ENCRYPTED(parent)) {
1438 				if (fname->hinfo.hash != EXT4_DIRENT_HASH(de) ||
1439 					fname->hinfo.minor_hash !=
1440 						EXT4_DIRENT_MINOR_HASH(de)) {
1441 
1442 					return false;
1443 				}
1444 			}
1445 			return !ext4_ci_compare(parent, &cf, de->name,
1446 							de->name_len, true);
1447 		}
1448 		return !ext4_ci_compare(parent, fname->usr_fname, de->name,
1449 						de->name_len, false);
1450 	}
1451 #endif
1452 
1453 	return fscrypt_match_name(&f, de->name, de->name_len);
1454 }
1455 
1456 /*
1457  * Returns 0 if not found, -1 on failure, and 1 on success
1458  */
1459 int ext4_search_dir(struct buffer_head *bh, char *search_buf, int buf_size,
1460 		    struct inode *dir, struct ext4_filename *fname,
1461 		    unsigned int offset, struct ext4_dir_entry_2 **res_dir)
1462 {
1463 	struct ext4_dir_entry_2 * de;
1464 	char * dlimit;
1465 	int de_len;
1466 
1467 	de = (struct ext4_dir_entry_2 *)search_buf;
1468 	dlimit = search_buf + buf_size;
1469 	while ((char *) de < dlimit) {
1470 		/* this code is executed quadratically often */
1471 		/* do minimal checking `by hand' */
1472 		if ((char *) de + de->name_len <= dlimit &&
1473 		    ext4_match(dir, fname, de)) {
1474 			/* found a match - just to be sure, do
1475 			 * a full check */
1476 			if (ext4_check_dir_entry(dir, NULL, de, bh, search_buf,
1477 						 buf_size, offset))
1478 				return -1;
1479 			*res_dir = de;
1480 			return 1;
1481 		}
1482 		/* prevent looping on a bad block */
1483 		de_len = ext4_rec_len_from_disk(de->rec_len,
1484 						dir->i_sb->s_blocksize);
1485 		if (de_len <= 0)
1486 			return -1;
1487 		offset += de_len;
1488 		de = (struct ext4_dir_entry_2 *) ((char *) de + de_len);
1489 	}
1490 	return 0;
1491 }
1492 
1493 static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block,
1494 			       struct ext4_dir_entry *de)
1495 {
1496 	struct super_block *sb = dir->i_sb;
1497 
1498 	if (!is_dx(dir))
1499 		return 0;
1500 	if (block == 0)
1501 		return 1;
1502 	if (de->inode == 0 &&
1503 	    ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize) ==
1504 			sb->s_blocksize)
1505 		return 1;
1506 	return 0;
1507 }
1508 
1509 /*
1510  *	__ext4_find_entry()
1511  *
1512  * finds an entry in the specified directory with the wanted name. It
1513  * returns the cache buffer in which the entry was found, and the entry
1514  * itself (as a parameter - res_dir). It does NOT read the inode of the
1515  * entry - you'll have to do that yourself if you want to.
1516  *
1517  * The returned buffer_head has ->b_count elevated.  The caller is expected
1518  * to brelse() it when appropriate.
1519  */
1520 static struct buffer_head *__ext4_find_entry(struct inode *dir,
1521 					     struct ext4_filename *fname,
1522 					     struct ext4_dir_entry_2 **res_dir,
1523 					     int *inlined)
1524 {
1525 	struct super_block *sb;
1526 	struct buffer_head *bh_use[NAMEI_RA_SIZE];
1527 	struct buffer_head *bh, *ret = NULL;
1528 	ext4_lblk_t start, block;
1529 	const u8 *name = fname->usr_fname->name;
1530 	size_t ra_max = 0;	/* Number of bh's in the readahead
1531 				   buffer, bh_use[] */
1532 	size_t ra_ptr = 0;	/* Current index into readahead
1533 				   buffer */
1534 	ext4_lblk_t  nblocks;
1535 	int i, namelen, retval;
1536 
1537 	*res_dir = NULL;
1538 	sb = dir->i_sb;
1539 	namelen = fname->usr_fname->len;
1540 	if (namelen > EXT4_NAME_LEN)
1541 		return NULL;
1542 
1543 	if (ext4_has_inline_data(dir)) {
1544 		int has_inline_data = 1;
1545 		ret = ext4_find_inline_entry(dir, fname, res_dir,
1546 					     &has_inline_data);
1547 		if (has_inline_data) {
1548 			if (inlined)
1549 				*inlined = 1;
1550 			goto cleanup_and_exit;
1551 		}
1552 	}
1553 
1554 	if ((namelen <= 2) && (name[0] == '.') &&
1555 	    (name[1] == '.' || name[1] == '\0')) {
1556 		/*
1557 		 * "." or ".." will only be in the first block
1558 		 * NFS may look up ".."; "." should be handled by the VFS
1559 		 */
1560 		block = start = 0;
1561 		nblocks = 1;
1562 		goto restart;
1563 	}
1564 	if (is_dx(dir)) {
1565 		ret = ext4_dx_find_entry(dir, fname, res_dir);
1566 		/*
1567 		 * On success, or if the error was file not found,
1568 		 * return.  Otherwise, fall back to doing a search the
1569 		 * old fashioned way.
1570 		 */
1571 		if (!IS_ERR(ret) || PTR_ERR(ret) != ERR_BAD_DX_DIR)
1572 			goto cleanup_and_exit;
1573 		dxtrace(printk(KERN_DEBUG "ext4_find_entry: dx failed, "
1574 			       "falling back\n"));
1575 		ret = NULL;
1576 	}
1577 	nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb);
1578 	if (!nblocks) {
1579 		ret = NULL;
1580 		goto cleanup_and_exit;
1581 	}
1582 	start = EXT4_I(dir)->i_dir_start_lookup;
1583 	if (start >= nblocks)
1584 		start = 0;
1585 	block = start;
1586 restart:
1587 	do {
1588 		/*
1589 		 * We deal with the read-ahead logic here.
1590 		 */
1591 		cond_resched();
1592 		if (ra_ptr >= ra_max) {
1593 			/* Refill the readahead buffer */
1594 			ra_ptr = 0;
1595 			if (block < start)
1596 				ra_max = start - block;
1597 			else
1598 				ra_max = nblocks - block;
1599 			ra_max = min(ra_max, ARRAY_SIZE(bh_use));
1600 			retval = ext4_bread_batch(dir, block, ra_max,
1601 						  false /* wait */, bh_use);
1602 			if (retval) {
1603 				ret = ERR_PTR(retval);
1604 				ra_max = 0;
1605 				goto cleanup_and_exit;
1606 			}
1607 		}
1608 		if ((bh = bh_use[ra_ptr++]) == NULL)
1609 			goto next;
1610 		wait_on_buffer(bh);
1611 		if (!buffer_uptodate(bh)) {
1612 			EXT4_ERROR_INODE_ERR(dir, EIO,
1613 					     "reading directory lblock %lu",
1614 					     (unsigned long) block);
1615 			brelse(bh);
1616 			ret = ERR_PTR(-EIO);
1617 			goto cleanup_and_exit;
1618 		}
1619 		if (!buffer_verified(bh) &&
1620 		    !is_dx_internal_node(dir, block,
1621 					 (struct ext4_dir_entry *)bh->b_data) &&
1622 		    !ext4_dirblock_csum_verify(dir, bh)) {
1623 			EXT4_ERROR_INODE_ERR(dir, EFSBADCRC,
1624 					     "checksumming directory "
1625 					     "block %lu", (unsigned long)block);
1626 			brelse(bh);
1627 			ret = ERR_PTR(-EFSBADCRC);
1628 			goto cleanup_and_exit;
1629 		}
1630 		set_buffer_verified(bh);
1631 		i = search_dirblock(bh, dir, fname,
1632 			    block << EXT4_BLOCK_SIZE_BITS(sb), res_dir);
1633 		if (i == 1) {
1634 			EXT4_I(dir)->i_dir_start_lookup = block;
1635 			ret = bh;
1636 			goto cleanup_and_exit;
1637 		} else {
1638 			brelse(bh);
1639 			if (i < 0)
1640 				goto cleanup_and_exit;
1641 		}
1642 	next:
1643 		if (++block >= nblocks)
1644 			block = 0;
1645 	} while (block != start);
1646 
1647 	/*
1648 	 * If the directory has grown while we were searching, then
1649 	 * search the last part of the directory before giving up.
1650 	 */
1651 	block = nblocks;
1652 	nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb);
1653 	if (block < nblocks) {
1654 		start = 0;
1655 		goto restart;
1656 	}
1657 
1658 cleanup_and_exit:
1659 	/* Clean up the read-ahead blocks */
1660 	for (; ra_ptr < ra_max; ra_ptr++)
1661 		brelse(bh_use[ra_ptr]);
1662 	return ret;
1663 }
1664 
1665 static struct buffer_head *ext4_find_entry(struct inode *dir,
1666 					   const struct qstr *d_name,
1667 					   struct ext4_dir_entry_2 **res_dir,
1668 					   int *inlined)
1669 {
1670 	int err;
1671 	struct ext4_filename fname;
1672 	struct buffer_head *bh;
1673 
1674 	err = ext4_fname_setup_filename(dir, d_name, 1, &fname);
1675 	if (err == -ENOENT)
1676 		return NULL;
1677 	if (err)
1678 		return ERR_PTR(err);
1679 
1680 	bh = __ext4_find_entry(dir, &fname, res_dir, inlined);
1681 
1682 	ext4_fname_free_filename(&fname);
1683 	return bh;
1684 }
1685 
1686 static struct buffer_head *ext4_lookup_entry(struct inode *dir,
1687 					     struct dentry *dentry,
1688 					     struct ext4_dir_entry_2 **res_dir)
1689 {
1690 	int err;
1691 	struct ext4_filename fname;
1692 	struct buffer_head *bh;
1693 
1694 	err = ext4_fname_prepare_lookup(dir, dentry, &fname);
1695 	generic_set_encrypted_ci_d_ops(dentry);
1696 	if (err == -ENOENT)
1697 		return NULL;
1698 	if (err)
1699 		return ERR_PTR(err);
1700 
1701 	bh = __ext4_find_entry(dir, &fname, res_dir, NULL);
1702 
1703 	ext4_fname_free_filename(&fname);
1704 	return bh;
1705 }
1706 
1707 static struct buffer_head * ext4_dx_find_entry(struct inode *dir,
1708 			struct ext4_filename *fname,
1709 			struct ext4_dir_entry_2 **res_dir)
1710 {
1711 	struct super_block * sb = dir->i_sb;
1712 	struct dx_frame frames[EXT4_HTREE_LEVEL], *frame;
1713 	struct buffer_head *bh;
1714 	ext4_lblk_t block;
1715 	int retval;
1716 
1717 #ifdef CONFIG_FS_ENCRYPTION
1718 	*res_dir = NULL;
1719 #endif
1720 	frame = dx_probe(fname, dir, NULL, frames);
1721 	if (IS_ERR(frame))
1722 		return (struct buffer_head *) frame;
1723 	do {
1724 		block = dx_get_block(frame->at);
1725 		bh = ext4_read_dirblock(dir, block, DIRENT_HTREE);
1726 		if (IS_ERR(bh))
1727 			goto errout;
1728 
1729 		retval = search_dirblock(bh, dir, fname,
1730 					 block << EXT4_BLOCK_SIZE_BITS(sb),
1731 					 res_dir);
1732 		if (retval == 1)
1733 			goto success;
1734 		brelse(bh);
1735 		if (retval == -1) {
1736 			bh = ERR_PTR(ERR_BAD_DX_DIR);
1737 			goto errout;
1738 		}
1739 
1740 		/* Check to see if we should continue to search */
1741 		retval = ext4_htree_next_block(dir, fname->hinfo.hash, frame,
1742 					       frames, NULL);
1743 		if (retval < 0) {
1744 			ext4_warning_inode(dir,
1745 				"error %d reading directory index block",
1746 				retval);
1747 			bh = ERR_PTR(retval);
1748 			goto errout;
1749 		}
1750 	} while (retval == 1);
1751 
1752 	bh = NULL;
1753 errout:
1754 	dxtrace(printk(KERN_DEBUG "%s not found\n", fname->usr_fname->name));
1755 success:
1756 	dx_release(frames);
1757 	return bh;
1758 }
1759 
1760 static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
1761 {
1762 	struct inode *inode;
1763 	struct ext4_dir_entry_2 *de;
1764 	struct buffer_head *bh;
1765 
1766 	if (dentry->d_name.len > EXT4_NAME_LEN)
1767 		return ERR_PTR(-ENAMETOOLONG);
1768 
1769 	bh = ext4_lookup_entry(dir, dentry, &de);
1770 	if (IS_ERR(bh))
1771 		return ERR_CAST(bh);
1772 	inode = NULL;
1773 	if (bh) {
1774 		__u32 ino = le32_to_cpu(de->inode);
1775 		brelse(bh);
1776 		if (!ext4_valid_inum(dir->i_sb, ino)) {
1777 			EXT4_ERROR_INODE(dir, "bad inode number: %u", ino);
1778 			return ERR_PTR(-EFSCORRUPTED);
1779 		}
1780 		if (unlikely(ino == dir->i_ino)) {
1781 			EXT4_ERROR_INODE(dir, "'%pd' linked to parent dir",
1782 					 dentry);
1783 			return ERR_PTR(-EFSCORRUPTED);
1784 		}
1785 		inode = ext4_iget(dir->i_sb, ino, EXT4_IGET_NORMAL);
1786 		if (inode == ERR_PTR(-ESTALE)) {
1787 			EXT4_ERROR_INODE(dir,
1788 					 "deleted inode referenced: %u",
1789 					 ino);
1790 			return ERR_PTR(-EFSCORRUPTED);
1791 		}
1792 		if (!IS_ERR(inode) && IS_ENCRYPTED(dir) &&
1793 		    (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
1794 		    !fscrypt_has_permitted_context(dir, inode)) {
1795 			ext4_warning(inode->i_sb,
1796 				     "Inconsistent encryption contexts: %lu/%lu",
1797 				     dir->i_ino, inode->i_ino);
1798 			iput(inode);
1799 			return ERR_PTR(-EPERM);
1800 		}
1801 	}
1802 
1803 #if IS_ENABLED(CONFIG_UNICODE)
1804 	if (!inode && IS_CASEFOLDED(dir)) {
1805 		/* Eventually we want to call d_add_ci(dentry, NULL)
1806 		 * for negative dentries in the encoding case as
1807 		 * well.  For now, prevent the negative dentry
1808 		 * from being cached.
1809 		 */
1810 		return NULL;
1811 	}
1812 #endif
1813 	return d_splice_alias(inode, dentry);
1814 }
1815 
1816 
1817 struct dentry *ext4_get_parent(struct dentry *child)
1818 {
1819 	__u32 ino;
1820 	struct ext4_dir_entry_2 * de;
1821 	struct buffer_head *bh;
1822 
1823 	bh = ext4_find_entry(d_inode(child), &dotdot_name, &de, NULL);
1824 	if (IS_ERR(bh))
1825 		return ERR_CAST(bh);
1826 	if (!bh)
1827 		return ERR_PTR(-ENOENT);
1828 	ino = le32_to_cpu(de->inode);
1829 	brelse(bh);
1830 
1831 	if (!ext4_valid_inum(child->d_sb, ino)) {
1832 		EXT4_ERROR_INODE(d_inode(child),
1833 				 "bad parent inode number: %u", ino);
1834 		return ERR_PTR(-EFSCORRUPTED);
1835 	}
1836 
1837 	return d_obtain_alias(ext4_iget(child->d_sb, ino, EXT4_IGET_NORMAL));
1838 }
1839 
1840 /*
1841  * Move count entries from end of map between two memory locations.
1842  * Returns pointer to last entry moved.
1843  */
1844 static struct ext4_dir_entry_2 *
1845 dx_move_dirents(struct inode *dir, char *from, char *to,
1846 		struct dx_map_entry *map, int count,
1847 		unsigned blocksize)
1848 {
1849 	unsigned rec_len = 0;
1850 
1851 	while (count--) {
1852 		struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *)
1853 						(from + (map->offs<<2));
1854 		rec_len = ext4_dir_rec_len(de->name_len, dir);
1855 
1856 		memcpy (to, de, rec_len);
1857 		((struct ext4_dir_entry_2 *) to)->rec_len =
1858 				ext4_rec_len_to_disk(rec_len, blocksize);
1859 
1860 		/* wipe dir_entry excluding the rec_len field */
1861 		de->inode = 0;
1862 		memset(&de->name_len, 0, ext4_rec_len_from_disk(de->rec_len,
1863 								blocksize) -
1864 					 offsetof(struct ext4_dir_entry_2,
1865 								name_len));
1866 
1867 		map++;
1868 		to += rec_len;
1869 	}
1870 	return (struct ext4_dir_entry_2 *) (to - rec_len);
1871 }
1872 
1873 /*
1874  * Compact each dir entry in the range to the minimal rec_len.
1875  * Returns pointer to last entry in range.
1876  */
1877 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base,
1878 							unsigned int blocksize)
1879 {
1880 	struct ext4_dir_entry_2 *next, *to, *prev, *de = (struct ext4_dir_entry_2 *) base;
1881 	unsigned rec_len = 0;
1882 
1883 	prev = to = de;
1884 	while ((char*)de < base + blocksize) {
1885 		next = ext4_next_entry(de, blocksize);
1886 		if (de->inode && de->name_len) {
1887 			rec_len = ext4_dir_rec_len(de->name_len, dir);
1888 			if (de > to)
1889 				memmove(to, de, rec_len);
1890 			to->rec_len = ext4_rec_len_to_disk(rec_len, blocksize);
1891 			prev = to;
1892 			to = (struct ext4_dir_entry_2 *) (((char *) to) + rec_len);
1893 		}
1894 		de = next;
1895 	}
1896 	return prev;
1897 }
1898 
1899 /*
1900  * Split a full leaf block to make room for a new dir entry.
1901  * Allocate a new block, and move entries so that they are approx. equally full.
1902  * Returns pointer to de in block into which the new entry will be inserted.
1903  */
1904 static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir,
1905 			struct buffer_head **bh,struct dx_frame *frame,
1906 			struct dx_hash_info *hinfo)
1907 {
1908 	unsigned blocksize = dir->i_sb->s_blocksize;
1909 	unsigned count, continued;
1910 	struct buffer_head *bh2;
1911 	ext4_lblk_t newblock;
1912 	u32 hash2;
1913 	struct dx_map_entry *map;
1914 	char *data1 = (*bh)->b_data, *data2;
1915 	unsigned split, move, size;
1916 	struct ext4_dir_entry_2 *de = NULL, *de2;
1917 	int	csum_size = 0;
1918 	int	err = 0, i;
1919 
1920 	if (ext4_has_metadata_csum(dir->i_sb))
1921 		csum_size = sizeof(struct ext4_dir_entry_tail);
1922 
1923 	bh2 = ext4_append(handle, dir, &newblock);
1924 	if (IS_ERR(bh2)) {
1925 		brelse(*bh);
1926 		*bh = NULL;
1927 		return (struct ext4_dir_entry_2 *) bh2;
1928 	}
1929 
1930 	BUFFER_TRACE(*bh, "get_write_access");
1931 	err = ext4_journal_get_write_access(handle, dir->i_sb, *bh,
1932 					    EXT4_JTR_NONE);
1933 	if (err)
1934 		goto journal_error;
1935 
1936 	BUFFER_TRACE(frame->bh, "get_write_access");
1937 	err = ext4_journal_get_write_access(handle, dir->i_sb, frame->bh,
1938 					    EXT4_JTR_NONE);
1939 	if (err)
1940 		goto journal_error;
1941 
1942 	data2 = bh2->b_data;
1943 
1944 	/* create map in the end of data2 block */
1945 	map = (struct dx_map_entry *) (data2 + blocksize);
1946 	count = dx_make_map(dir, (struct ext4_dir_entry_2 *) data1,
1947 			     blocksize, hinfo, map);
1948 	map -= count;
1949 	dx_sort_map(map, count);
1950 	/* Ensure that neither split block is over half full */
1951 	size = 0;
1952 	move = 0;
1953 	for (i = count-1; i >= 0; i--) {
1954 		/* is more than half of this entry in 2nd half of the block? */
1955 		if (size + map[i].size/2 > blocksize/2)
1956 			break;
1957 		size += map[i].size;
1958 		move++;
1959 	}
1960 	/*
1961 	 * map index at which we will split
1962 	 *
1963 	 * If the sum of active entries didn't exceed half the block size, just
1964 	 * split it in half by count; each resulting block will have at least
1965 	 * half the space free.
1966 	 */
1967 	if (i > 0)
1968 		split = count - move;
1969 	else
1970 		split = count/2;
1971 
1972 	hash2 = map[split].hash;
1973 	continued = hash2 == map[split - 1].hash;
1974 	dxtrace(printk(KERN_INFO "Split block %lu at %x, %i/%i\n",
1975 			(unsigned long)dx_get_block(frame->at),
1976 					hash2, split, count-split));
1977 
1978 	/* Fancy dance to stay within two buffers */
1979 	de2 = dx_move_dirents(dir, data1, data2, map + split, count - split,
1980 			      blocksize);
1981 	de = dx_pack_dirents(dir, data1, blocksize);
1982 	de->rec_len = ext4_rec_len_to_disk(data1 + (blocksize - csum_size) -
1983 					   (char *) de,
1984 					   blocksize);
1985 	de2->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) -
1986 					    (char *) de2,
1987 					    blocksize);
1988 	if (csum_size) {
1989 		ext4_initialize_dirent_tail(*bh, blocksize);
1990 		ext4_initialize_dirent_tail(bh2, blocksize);
1991 	}
1992 
1993 	dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data1,
1994 			blocksize, 1));
1995 	dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data2,
1996 			blocksize, 1));
1997 
1998 	/* Which block gets the new entry? */
1999 	if (hinfo->hash >= hash2) {
2000 		swap(*bh, bh2);
2001 		de = de2;
2002 	}
2003 	dx_insert_block(frame, hash2 + continued, newblock);
2004 	err = ext4_handle_dirty_dirblock(handle, dir, bh2);
2005 	if (err)
2006 		goto journal_error;
2007 	err = ext4_handle_dirty_dx_node(handle, dir, frame->bh);
2008 	if (err)
2009 		goto journal_error;
2010 	brelse(bh2);
2011 	dxtrace(dx_show_index("frame", frame->entries));
2012 	return de;
2013 
2014 journal_error:
2015 	brelse(*bh);
2016 	brelse(bh2);
2017 	*bh = NULL;
2018 	ext4_std_error(dir->i_sb, err);
2019 	return ERR_PTR(err);
2020 }
2021 
2022 int ext4_find_dest_de(struct inode *dir, struct inode *inode,
2023 		      struct buffer_head *bh,
2024 		      void *buf, int buf_size,
2025 		      struct ext4_filename *fname,
2026 		      struct ext4_dir_entry_2 **dest_de)
2027 {
2028 	struct ext4_dir_entry_2 *de;
2029 	unsigned short reclen = ext4_dir_rec_len(fname_len(fname), dir);
2030 	int nlen, rlen;
2031 	unsigned int offset = 0;
2032 	char *top;
2033 
2034 	de = (struct ext4_dir_entry_2 *)buf;
2035 	top = buf + buf_size - reclen;
2036 	while ((char *) de <= top) {
2037 		if (ext4_check_dir_entry(dir, NULL, de, bh,
2038 					 buf, buf_size, offset))
2039 			return -EFSCORRUPTED;
2040 		if (ext4_match(dir, fname, de))
2041 			return -EEXIST;
2042 		nlen = ext4_dir_rec_len(de->name_len, dir);
2043 		rlen = ext4_rec_len_from_disk(de->rec_len, buf_size);
2044 		if ((de->inode ? rlen - nlen : rlen) >= reclen)
2045 			break;
2046 		de = (struct ext4_dir_entry_2 *)((char *)de + rlen);
2047 		offset += rlen;
2048 	}
2049 	if ((char *) de > top)
2050 		return -ENOSPC;
2051 
2052 	*dest_de = de;
2053 	return 0;
2054 }
2055 
2056 void ext4_insert_dentry(struct inode *dir,
2057 			struct inode *inode,
2058 			struct ext4_dir_entry_2 *de,
2059 			int buf_size,
2060 			struct ext4_filename *fname)
2061 {
2062 
2063 	int nlen, rlen;
2064 
2065 	nlen = ext4_dir_rec_len(de->name_len, dir);
2066 	rlen = ext4_rec_len_from_disk(de->rec_len, buf_size);
2067 	if (de->inode) {
2068 		struct ext4_dir_entry_2 *de1 =
2069 			(struct ext4_dir_entry_2 *)((char *)de + nlen);
2070 		de1->rec_len = ext4_rec_len_to_disk(rlen - nlen, buf_size);
2071 		de->rec_len = ext4_rec_len_to_disk(nlen, buf_size);
2072 		de = de1;
2073 	}
2074 	de->file_type = EXT4_FT_UNKNOWN;
2075 	de->inode = cpu_to_le32(inode->i_ino);
2076 	ext4_set_de_type(inode->i_sb, de, inode->i_mode);
2077 	de->name_len = fname_len(fname);
2078 	memcpy(de->name, fname_name(fname), fname_len(fname));
2079 	if (ext4_hash_in_dirent(dir)) {
2080 		struct dx_hash_info *hinfo = &fname->hinfo;
2081 
2082 		EXT4_DIRENT_HASHES(de)->hash = cpu_to_le32(hinfo->hash);
2083 		EXT4_DIRENT_HASHES(de)->minor_hash =
2084 						cpu_to_le32(hinfo->minor_hash);
2085 	}
2086 }
2087 
2088 /*
2089  * Add a new entry into a directory (leaf) block.  If de is non-NULL,
2090  * it points to a directory entry which is guaranteed to be large
2091  * enough for new directory entry.  If de is NULL, then
2092  * add_dirent_to_buf will attempt search the directory block for
2093  * space.  It will return -ENOSPC if no space is available, and -EIO
2094  * and -EEXIST if directory entry already exists.
2095  */
2096 static int add_dirent_to_buf(handle_t *handle, struct ext4_filename *fname,
2097 			     struct inode *dir,
2098 			     struct inode *inode, struct ext4_dir_entry_2 *de,
2099 			     struct buffer_head *bh)
2100 {
2101 	unsigned int	blocksize = dir->i_sb->s_blocksize;
2102 	int		csum_size = 0;
2103 	int		err, err2;
2104 
2105 	if (ext4_has_metadata_csum(inode->i_sb))
2106 		csum_size = sizeof(struct ext4_dir_entry_tail);
2107 
2108 	if (!de) {
2109 		err = ext4_find_dest_de(dir, inode, bh, bh->b_data,
2110 					blocksize - csum_size, fname, &de);
2111 		if (err)
2112 			return err;
2113 	}
2114 	BUFFER_TRACE(bh, "get_write_access");
2115 	err = ext4_journal_get_write_access(handle, dir->i_sb, bh,
2116 					    EXT4_JTR_NONE);
2117 	if (err) {
2118 		ext4_std_error(dir->i_sb, err);
2119 		return err;
2120 	}
2121 
2122 	/* By now the buffer is marked for journaling */
2123 	ext4_insert_dentry(dir, inode, de, blocksize, fname);
2124 
2125 	/*
2126 	 * XXX shouldn't update any times until successful
2127 	 * completion of syscall, but too many callers depend
2128 	 * on this.
2129 	 *
2130 	 * XXX similarly, too many callers depend on
2131 	 * ext4_new_inode() setting the times, but error
2132 	 * recovery deletes the inode, so the worst that can
2133 	 * happen is that the times are slightly out of date
2134 	 * and/or different from the directory change time.
2135 	 */
2136 	dir->i_mtime = dir->i_ctime = current_time(dir);
2137 	ext4_update_dx_flag(dir);
2138 	inode_inc_iversion(dir);
2139 	err2 = ext4_mark_inode_dirty(handle, dir);
2140 	BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata");
2141 	err = ext4_handle_dirty_dirblock(handle, dir, bh);
2142 	if (err)
2143 		ext4_std_error(dir->i_sb, err);
2144 	return err ? err : err2;
2145 }
2146 
2147 /*
2148  * This converts a one block unindexed directory to a 3 block indexed
2149  * directory, and adds the dentry to the indexed directory.
2150  */
2151 static int make_indexed_dir(handle_t *handle, struct ext4_filename *fname,
2152 			    struct inode *dir,
2153 			    struct inode *inode, struct buffer_head *bh)
2154 {
2155 	struct buffer_head *bh2;
2156 	struct dx_root	*root;
2157 	struct dx_frame	frames[EXT4_HTREE_LEVEL], *frame;
2158 	struct dx_entry *entries;
2159 	struct ext4_dir_entry_2	*de, *de2;
2160 	char		*data2, *top;
2161 	unsigned	len;
2162 	int		retval;
2163 	unsigned	blocksize;
2164 	ext4_lblk_t  block;
2165 	struct fake_dirent *fde;
2166 	int csum_size = 0;
2167 
2168 	if (ext4_has_metadata_csum(inode->i_sb))
2169 		csum_size = sizeof(struct ext4_dir_entry_tail);
2170 
2171 	blocksize =  dir->i_sb->s_blocksize;
2172 	dxtrace(printk(KERN_DEBUG "Creating index: inode %lu\n", dir->i_ino));
2173 	BUFFER_TRACE(bh, "get_write_access");
2174 	retval = ext4_journal_get_write_access(handle, dir->i_sb, bh,
2175 					       EXT4_JTR_NONE);
2176 	if (retval) {
2177 		ext4_std_error(dir->i_sb, retval);
2178 		brelse(bh);
2179 		return retval;
2180 	}
2181 	root = (struct dx_root *) bh->b_data;
2182 
2183 	/* The 0th block becomes the root, move the dirents out */
2184 	fde = &root->dotdot;
2185 	de = (struct ext4_dir_entry_2 *)((char *)fde +
2186 		ext4_rec_len_from_disk(fde->rec_len, blocksize));
2187 	if ((char *) de >= (((char *) root) + blocksize)) {
2188 		EXT4_ERROR_INODE(dir, "invalid rec_len for '..'");
2189 		brelse(bh);
2190 		return -EFSCORRUPTED;
2191 	}
2192 	len = ((char *) root) + (blocksize - csum_size) - (char *) de;
2193 
2194 	/* Allocate new block for the 0th block's dirents */
2195 	bh2 = ext4_append(handle, dir, &block);
2196 	if (IS_ERR(bh2)) {
2197 		brelse(bh);
2198 		return PTR_ERR(bh2);
2199 	}
2200 	ext4_set_inode_flag(dir, EXT4_INODE_INDEX);
2201 	data2 = bh2->b_data;
2202 
2203 	memcpy(data2, de, len);
2204 	memset(de, 0, len); /* wipe old data */
2205 	de = (struct ext4_dir_entry_2 *) data2;
2206 	top = data2 + len;
2207 	while ((char *)(de2 = ext4_next_entry(de, blocksize)) < top)
2208 		de = de2;
2209 	de->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) -
2210 					   (char *) de, blocksize);
2211 
2212 	if (csum_size)
2213 		ext4_initialize_dirent_tail(bh2, blocksize);
2214 
2215 	/* Initialize the root; the dot dirents already exist */
2216 	de = (struct ext4_dir_entry_2 *) (&root->dotdot);
2217 	de->rec_len = ext4_rec_len_to_disk(
2218 			blocksize - ext4_dir_rec_len(2, NULL), blocksize);
2219 	memset (&root->info, 0, sizeof(root->info));
2220 	root->info.info_length = sizeof(root->info);
2221 	if (ext4_hash_in_dirent(dir))
2222 		root->info.hash_version = DX_HASH_SIPHASH;
2223 	else
2224 		root->info.hash_version =
2225 				EXT4_SB(dir->i_sb)->s_def_hash_version;
2226 
2227 	entries = root->entries;
2228 	dx_set_block(entries, 1);
2229 	dx_set_count(entries, 1);
2230 	dx_set_limit(entries, dx_root_limit(dir, sizeof(root->info)));
2231 
2232 	/* Initialize as for dx_probe */
2233 	fname->hinfo.hash_version = root->info.hash_version;
2234 	if (fname->hinfo.hash_version <= DX_HASH_TEA)
2235 		fname->hinfo.hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned;
2236 	fname->hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed;
2237 
2238 	/* casefolded encrypted hashes are computed on fname setup */
2239 	if (!ext4_hash_in_dirent(dir))
2240 		ext4fs_dirhash(dir, fname_name(fname),
2241 				fname_len(fname), &fname->hinfo);
2242 
2243 	memset(frames, 0, sizeof(frames));
2244 	frame = frames;
2245 	frame->entries = entries;
2246 	frame->at = entries;
2247 	frame->bh = bh;
2248 
2249 	retval = ext4_handle_dirty_dx_node(handle, dir, frame->bh);
2250 	if (retval)
2251 		goto out_frames;
2252 	retval = ext4_handle_dirty_dirblock(handle, dir, bh2);
2253 	if (retval)
2254 		goto out_frames;
2255 
2256 	de = do_split(handle,dir, &bh2, frame, &fname->hinfo);
2257 	if (IS_ERR(de)) {
2258 		retval = PTR_ERR(de);
2259 		goto out_frames;
2260 	}
2261 
2262 	retval = add_dirent_to_buf(handle, fname, dir, inode, de, bh2);
2263 out_frames:
2264 	/*
2265 	 * Even if the block split failed, we have to properly write
2266 	 * out all the changes we did so far. Otherwise we can end up
2267 	 * with corrupted filesystem.
2268 	 */
2269 	if (retval)
2270 		ext4_mark_inode_dirty(handle, dir);
2271 	dx_release(frames);
2272 	brelse(bh2);
2273 	return retval;
2274 }
2275 
2276 /*
2277  *	ext4_add_entry()
2278  *
2279  * adds a file entry to the specified directory, using the same
2280  * semantics as ext4_find_entry(). It returns NULL if it failed.
2281  *
2282  * NOTE!! The inode part of 'de' is left at 0 - which means you
2283  * may not sleep between calling this and putting something into
2284  * the entry, as someone else might have used it while you slept.
2285  */
2286 static int ext4_add_entry(handle_t *handle, struct dentry *dentry,
2287 			  struct inode *inode)
2288 {
2289 	struct inode *dir = d_inode(dentry->d_parent);
2290 	struct buffer_head *bh = NULL;
2291 	struct ext4_dir_entry_2 *de;
2292 	struct super_block *sb;
2293 	struct ext4_filename fname;
2294 	int	retval;
2295 	int	dx_fallback=0;
2296 	unsigned blocksize;
2297 	ext4_lblk_t block, blocks;
2298 	int	csum_size = 0;
2299 
2300 	if (ext4_has_metadata_csum(inode->i_sb))
2301 		csum_size = sizeof(struct ext4_dir_entry_tail);
2302 
2303 	sb = dir->i_sb;
2304 	blocksize = sb->s_blocksize;
2305 	if (!dentry->d_name.len)
2306 		return -EINVAL;
2307 
2308 	if (fscrypt_is_nokey_name(dentry))
2309 		return -ENOKEY;
2310 
2311 #if IS_ENABLED(CONFIG_UNICODE)
2312 	if (sb_has_strict_encoding(sb) && IS_CASEFOLDED(dir) &&
2313 	    sb->s_encoding && utf8_validate(sb->s_encoding, &dentry->d_name))
2314 		return -EINVAL;
2315 #endif
2316 
2317 	retval = ext4_fname_setup_filename(dir, &dentry->d_name, 0, &fname);
2318 	if (retval)
2319 		return retval;
2320 
2321 	if (ext4_has_inline_data(dir)) {
2322 		retval = ext4_try_add_inline_entry(handle, &fname, dir, inode);
2323 		if (retval < 0)
2324 			goto out;
2325 		if (retval == 1) {
2326 			retval = 0;
2327 			goto out;
2328 		}
2329 	}
2330 
2331 	if (is_dx(dir)) {
2332 		retval = ext4_dx_add_entry(handle, &fname, dir, inode);
2333 		if (!retval || (retval != ERR_BAD_DX_DIR))
2334 			goto out;
2335 		/* Can we just ignore htree data? */
2336 		if (ext4_has_metadata_csum(sb)) {
2337 			EXT4_ERROR_INODE(dir,
2338 				"Directory has corrupted htree index.");
2339 			retval = -EFSCORRUPTED;
2340 			goto out;
2341 		}
2342 		ext4_clear_inode_flag(dir, EXT4_INODE_INDEX);
2343 		dx_fallback++;
2344 		retval = ext4_mark_inode_dirty(handle, dir);
2345 		if (unlikely(retval))
2346 			goto out;
2347 	}
2348 	blocks = dir->i_size >> sb->s_blocksize_bits;
2349 	for (block = 0; block < blocks; block++) {
2350 		bh = ext4_read_dirblock(dir, block, DIRENT);
2351 		if (bh == NULL) {
2352 			bh = ext4_bread(handle, dir, block,
2353 					EXT4_GET_BLOCKS_CREATE);
2354 			goto add_to_new_block;
2355 		}
2356 		if (IS_ERR(bh)) {
2357 			retval = PTR_ERR(bh);
2358 			bh = NULL;
2359 			goto out;
2360 		}
2361 		retval = add_dirent_to_buf(handle, &fname, dir, inode,
2362 					   NULL, bh);
2363 		if (retval != -ENOSPC)
2364 			goto out;
2365 
2366 		if (blocks == 1 && !dx_fallback &&
2367 		    ext4_has_feature_dir_index(sb)) {
2368 			retval = make_indexed_dir(handle, &fname, dir,
2369 						  inode, bh);
2370 			bh = NULL; /* make_indexed_dir releases bh */
2371 			goto out;
2372 		}
2373 		brelse(bh);
2374 	}
2375 	bh = ext4_append(handle, dir, &block);
2376 add_to_new_block:
2377 	if (IS_ERR(bh)) {
2378 		retval = PTR_ERR(bh);
2379 		bh = NULL;
2380 		goto out;
2381 	}
2382 	de = (struct ext4_dir_entry_2 *) bh->b_data;
2383 	de->inode = 0;
2384 	de->rec_len = ext4_rec_len_to_disk(blocksize - csum_size, blocksize);
2385 
2386 	if (csum_size)
2387 		ext4_initialize_dirent_tail(bh, blocksize);
2388 
2389 	retval = add_dirent_to_buf(handle, &fname, dir, inode, de, bh);
2390 out:
2391 	ext4_fname_free_filename(&fname);
2392 	brelse(bh);
2393 	if (retval == 0)
2394 		ext4_set_inode_state(inode, EXT4_STATE_NEWENTRY);
2395 	return retval;
2396 }
2397 
2398 /*
2399  * Returns 0 for success, or a negative error value
2400  */
2401 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname,
2402 			     struct inode *dir, struct inode *inode)
2403 {
2404 	struct dx_frame frames[EXT4_HTREE_LEVEL], *frame;
2405 	struct dx_entry *entries, *at;
2406 	struct buffer_head *bh;
2407 	struct super_block *sb = dir->i_sb;
2408 	struct ext4_dir_entry_2 *de;
2409 	int restart;
2410 	int err;
2411 
2412 again:
2413 	restart = 0;
2414 	frame = dx_probe(fname, dir, NULL, frames);
2415 	if (IS_ERR(frame))
2416 		return PTR_ERR(frame);
2417 	entries = frame->entries;
2418 	at = frame->at;
2419 	bh = ext4_read_dirblock(dir, dx_get_block(frame->at), DIRENT_HTREE);
2420 	if (IS_ERR(bh)) {
2421 		err = PTR_ERR(bh);
2422 		bh = NULL;
2423 		goto cleanup;
2424 	}
2425 
2426 	BUFFER_TRACE(bh, "get_write_access");
2427 	err = ext4_journal_get_write_access(handle, sb, bh, EXT4_JTR_NONE);
2428 	if (err)
2429 		goto journal_error;
2430 
2431 	err = add_dirent_to_buf(handle, fname, dir, inode, NULL, bh);
2432 	if (err != -ENOSPC)
2433 		goto cleanup;
2434 
2435 	err = 0;
2436 	/* Block full, should compress but for now just split */
2437 	dxtrace(printk(KERN_DEBUG "using %u of %u node entries\n",
2438 		       dx_get_count(entries), dx_get_limit(entries)));
2439 	/* Need to split index? */
2440 	if (dx_get_count(entries) == dx_get_limit(entries)) {
2441 		ext4_lblk_t newblock;
2442 		int levels = frame - frames + 1;
2443 		unsigned int icount;
2444 		int add_level = 1;
2445 		struct dx_entry *entries2;
2446 		struct dx_node *node2;
2447 		struct buffer_head *bh2;
2448 
2449 		while (frame > frames) {
2450 			if (dx_get_count((frame - 1)->entries) <
2451 			    dx_get_limit((frame - 1)->entries)) {
2452 				add_level = 0;
2453 				break;
2454 			}
2455 			frame--; /* split higher index block */
2456 			at = frame->at;
2457 			entries = frame->entries;
2458 			restart = 1;
2459 		}
2460 		if (add_level && levels == ext4_dir_htree_level(sb)) {
2461 			ext4_warning(sb, "Directory (ino: %lu) index full, "
2462 					 "reach max htree level :%d",
2463 					 dir->i_ino, levels);
2464 			if (ext4_dir_htree_level(sb) < EXT4_HTREE_LEVEL) {
2465 				ext4_warning(sb, "Large directory feature is "
2466 						 "not enabled on this "
2467 						 "filesystem");
2468 			}
2469 			err = -ENOSPC;
2470 			goto cleanup;
2471 		}
2472 		icount = dx_get_count(entries);
2473 		bh2 = ext4_append(handle, dir, &newblock);
2474 		if (IS_ERR(bh2)) {
2475 			err = PTR_ERR(bh2);
2476 			goto cleanup;
2477 		}
2478 		node2 = (struct dx_node *)(bh2->b_data);
2479 		entries2 = node2->entries;
2480 		memset(&node2->fake, 0, sizeof(struct fake_dirent));
2481 		node2->fake.rec_len = ext4_rec_len_to_disk(sb->s_blocksize,
2482 							   sb->s_blocksize);
2483 		BUFFER_TRACE(frame->bh, "get_write_access");
2484 		err = ext4_journal_get_write_access(handle, sb, frame->bh,
2485 						    EXT4_JTR_NONE);
2486 		if (err)
2487 			goto journal_error;
2488 		if (!add_level) {
2489 			unsigned icount1 = icount/2, icount2 = icount - icount1;
2490 			unsigned hash2 = dx_get_hash(entries + icount1);
2491 			dxtrace(printk(KERN_DEBUG "Split index %i/%i\n",
2492 				       icount1, icount2));
2493 
2494 			BUFFER_TRACE(frame->bh, "get_write_access"); /* index root */
2495 			err = ext4_journal_get_write_access(handle, sb,
2496 							    (frame - 1)->bh,
2497 							    EXT4_JTR_NONE);
2498 			if (err)
2499 				goto journal_error;
2500 
2501 			memcpy((char *) entries2, (char *) (entries + icount1),
2502 			       icount2 * sizeof(struct dx_entry));
2503 			dx_set_count(entries, icount1);
2504 			dx_set_count(entries2, icount2);
2505 			dx_set_limit(entries2, dx_node_limit(dir));
2506 
2507 			/* Which index block gets the new entry? */
2508 			if (at - entries >= icount1) {
2509 				frame->at = at - entries - icount1 + entries2;
2510 				frame->entries = entries = entries2;
2511 				swap(frame->bh, bh2);
2512 			}
2513 			dx_insert_block((frame - 1), hash2, newblock);
2514 			dxtrace(dx_show_index("node", frame->entries));
2515 			dxtrace(dx_show_index("node",
2516 			       ((struct dx_node *) bh2->b_data)->entries));
2517 			err = ext4_handle_dirty_dx_node(handle, dir, bh2);
2518 			if (err)
2519 				goto journal_error;
2520 			brelse (bh2);
2521 			err = ext4_handle_dirty_dx_node(handle, dir,
2522 						   (frame - 1)->bh);
2523 			if (err)
2524 				goto journal_error;
2525 			err = ext4_handle_dirty_dx_node(handle, dir,
2526 							frame->bh);
2527 			if (restart || err)
2528 				goto journal_error;
2529 		} else {
2530 			struct dx_root *dxroot;
2531 			memcpy((char *) entries2, (char *) entries,
2532 			       icount * sizeof(struct dx_entry));
2533 			dx_set_limit(entries2, dx_node_limit(dir));
2534 
2535 			/* Set up root */
2536 			dx_set_count(entries, 1);
2537 			dx_set_block(entries + 0, newblock);
2538 			dxroot = (struct dx_root *)frames[0].bh->b_data;
2539 			dxroot->info.indirect_levels += 1;
2540 			dxtrace(printk(KERN_DEBUG
2541 				       "Creating %d level index...\n",
2542 				       dxroot->info.indirect_levels));
2543 			err = ext4_handle_dirty_dx_node(handle, dir, frame->bh);
2544 			if (err)
2545 				goto journal_error;
2546 			err = ext4_handle_dirty_dx_node(handle, dir, bh2);
2547 			brelse(bh2);
2548 			restart = 1;
2549 			goto journal_error;
2550 		}
2551 	}
2552 	de = do_split(handle, dir, &bh, frame, &fname->hinfo);
2553 	if (IS_ERR(de)) {
2554 		err = PTR_ERR(de);
2555 		goto cleanup;
2556 	}
2557 	err = add_dirent_to_buf(handle, fname, dir, inode, de, bh);
2558 	goto cleanup;
2559 
2560 journal_error:
2561 	ext4_std_error(dir->i_sb, err); /* this is a no-op if err == 0 */
2562 cleanup:
2563 	brelse(bh);
2564 	dx_release(frames);
2565 	/* @restart is true means htree-path has been changed, we need to
2566 	 * repeat dx_probe() to find out valid htree-path
2567 	 */
2568 	if (restart && err == 0)
2569 		goto again;
2570 	return err;
2571 }
2572 
2573 /*
2574  * ext4_generic_delete_entry deletes a directory entry by merging it
2575  * with the previous entry
2576  */
2577 int ext4_generic_delete_entry(struct inode *dir,
2578 			      struct ext4_dir_entry_2 *de_del,
2579 			      struct buffer_head *bh,
2580 			      void *entry_buf,
2581 			      int buf_size,
2582 			      int csum_size)
2583 {
2584 	struct ext4_dir_entry_2 *de, *pde;
2585 	unsigned int blocksize = dir->i_sb->s_blocksize;
2586 	int i;
2587 
2588 	i = 0;
2589 	pde = NULL;
2590 	de = (struct ext4_dir_entry_2 *)entry_buf;
2591 	while (i < buf_size - csum_size) {
2592 		if (ext4_check_dir_entry(dir, NULL, de, bh,
2593 					 entry_buf, buf_size, i))
2594 			return -EFSCORRUPTED;
2595 		if (de == de_del)  {
2596 			if (pde) {
2597 				pde->rec_len = ext4_rec_len_to_disk(
2598 					ext4_rec_len_from_disk(pde->rec_len,
2599 							       blocksize) +
2600 					ext4_rec_len_from_disk(de->rec_len,
2601 							       blocksize),
2602 					blocksize);
2603 
2604 				/* wipe entire dir_entry */
2605 				memset(de, 0, ext4_rec_len_from_disk(de->rec_len,
2606 								blocksize));
2607 			} else {
2608 				/* wipe dir_entry excluding the rec_len field */
2609 				de->inode = 0;
2610 				memset(&de->name_len, 0,
2611 					ext4_rec_len_from_disk(de->rec_len,
2612 								blocksize) -
2613 					offsetof(struct ext4_dir_entry_2,
2614 								name_len));
2615 			}
2616 
2617 			inode_inc_iversion(dir);
2618 			return 0;
2619 		}
2620 		i += ext4_rec_len_from_disk(de->rec_len, blocksize);
2621 		pde = de;
2622 		de = ext4_next_entry(de, blocksize);
2623 	}
2624 	return -ENOENT;
2625 }
2626 
2627 static int ext4_delete_entry(handle_t *handle,
2628 			     struct inode *dir,
2629 			     struct ext4_dir_entry_2 *de_del,
2630 			     struct buffer_head *bh)
2631 {
2632 	int err, csum_size = 0;
2633 
2634 	if (ext4_has_inline_data(dir)) {
2635 		int has_inline_data = 1;
2636 		err = ext4_delete_inline_entry(handle, dir, de_del, bh,
2637 					       &has_inline_data);
2638 		if (has_inline_data)
2639 			return err;
2640 	}
2641 
2642 	if (ext4_has_metadata_csum(dir->i_sb))
2643 		csum_size = sizeof(struct ext4_dir_entry_tail);
2644 
2645 	BUFFER_TRACE(bh, "get_write_access");
2646 	err = ext4_journal_get_write_access(handle, dir->i_sb, bh,
2647 					    EXT4_JTR_NONE);
2648 	if (unlikely(err))
2649 		goto out;
2650 
2651 	err = ext4_generic_delete_entry(dir, de_del, bh, bh->b_data,
2652 					dir->i_sb->s_blocksize, csum_size);
2653 	if (err)
2654 		goto out;
2655 
2656 	BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata");
2657 	err = ext4_handle_dirty_dirblock(handle, dir, bh);
2658 	if (unlikely(err))
2659 		goto out;
2660 
2661 	return 0;
2662 out:
2663 	if (err != -ENOENT)
2664 		ext4_std_error(dir->i_sb, err);
2665 	return err;
2666 }
2667 
2668 /*
2669  * Set directory link count to 1 if nlinks > EXT4_LINK_MAX, or if nlinks == 2
2670  * since this indicates that nlinks count was previously 1 to avoid overflowing
2671  * the 16-bit i_links_count field on disk.  Directories with i_nlink == 1 mean
2672  * that subdirectory link counts are not being maintained accurately.
2673  *
2674  * The caller has already checked for i_nlink overflow in case the DIR_LINK
2675  * feature is not enabled and returned -EMLINK.  The is_dx() check is a proxy
2676  * for checking S_ISDIR(inode) (since the INODE_INDEX feature will not be set
2677  * on regular files) and to avoid creating huge/slow non-HTREE directories.
2678  */
2679 static void ext4_inc_count(struct inode *inode)
2680 {
2681 	inc_nlink(inode);
2682 	if (is_dx(inode) &&
2683 	    (inode->i_nlink > EXT4_LINK_MAX || inode->i_nlink == 2))
2684 		set_nlink(inode, 1);
2685 }
2686 
2687 /*
2688  * If a directory had nlink == 1, then we should let it be 1. This indicates
2689  * directory has >EXT4_LINK_MAX subdirs.
2690  */
2691 static void ext4_dec_count(struct inode *inode)
2692 {
2693 	if (!S_ISDIR(inode->i_mode) || inode->i_nlink > 2)
2694 		drop_nlink(inode);
2695 }
2696 
2697 
2698 /*
2699  * Add non-directory inode to a directory. On success, the inode reference is
2700  * consumed by dentry is instantiation. This is also indicated by clearing of
2701  * *inodep pointer. On failure, the caller is responsible for dropping the
2702  * inode reference in the safe context.
2703  */
2704 static int ext4_add_nondir(handle_t *handle,
2705 		struct dentry *dentry, struct inode **inodep)
2706 {
2707 	struct inode *dir = d_inode(dentry->d_parent);
2708 	struct inode *inode = *inodep;
2709 	int err = ext4_add_entry(handle, dentry, inode);
2710 	if (!err) {
2711 		err = ext4_mark_inode_dirty(handle, inode);
2712 		if (IS_DIRSYNC(dir))
2713 			ext4_handle_sync(handle);
2714 		d_instantiate_new(dentry, inode);
2715 		*inodep = NULL;
2716 		return err;
2717 	}
2718 	drop_nlink(inode);
2719 	ext4_orphan_add(handle, inode);
2720 	unlock_new_inode(inode);
2721 	return err;
2722 }
2723 
2724 /*
2725  * By the time this is called, we already have created
2726  * the directory cache entry for the new file, but it
2727  * is so far negative - it has no inode.
2728  *
2729  * If the create succeeds, we fill in the inode information
2730  * with d_instantiate().
2731  */
2732 static int ext4_create(struct user_namespace *mnt_userns, struct inode *dir,
2733 		       struct dentry *dentry, umode_t mode, bool excl)
2734 {
2735 	handle_t *handle;
2736 	struct inode *inode;
2737 	int err, credits, retries = 0;
2738 
2739 	err = dquot_initialize(dir);
2740 	if (err)
2741 		return err;
2742 
2743 	credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) +
2744 		   EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3);
2745 retry:
2746 	inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name,
2747 					    0, NULL, EXT4_HT_DIR, credits);
2748 	handle = ext4_journal_current_handle();
2749 	err = PTR_ERR(inode);
2750 	if (!IS_ERR(inode)) {
2751 		inode->i_op = &ext4_file_inode_operations;
2752 		inode->i_fop = &ext4_file_operations;
2753 		ext4_set_aops(inode);
2754 		err = ext4_add_nondir(handle, dentry, &inode);
2755 		if (!err)
2756 			ext4_fc_track_create(handle, dentry);
2757 	}
2758 	if (handle)
2759 		ext4_journal_stop(handle);
2760 	if (!IS_ERR_OR_NULL(inode))
2761 		iput(inode);
2762 	if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries))
2763 		goto retry;
2764 	return err;
2765 }
2766 
2767 static int ext4_mknod(struct user_namespace *mnt_userns, struct inode *dir,
2768 		      struct dentry *dentry, umode_t mode, dev_t rdev)
2769 {
2770 	handle_t *handle;
2771 	struct inode *inode;
2772 	int err, credits, retries = 0;
2773 
2774 	err = dquot_initialize(dir);
2775 	if (err)
2776 		return err;
2777 
2778 	credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) +
2779 		   EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3);
2780 retry:
2781 	inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name,
2782 					    0, NULL, EXT4_HT_DIR, credits);
2783 	handle = ext4_journal_current_handle();
2784 	err = PTR_ERR(inode);
2785 	if (!IS_ERR(inode)) {
2786 		init_special_inode(inode, inode->i_mode, rdev);
2787 		inode->i_op = &ext4_special_inode_operations;
2788 		err = ext4_add_nondir(handle, dentry, &inode);
2789 		if (!err)
2790 			ext4_fc_track_create(handle, dentry);
2791 	}
2792 	if (handle)
2793 		ext4_journal_stop(handle);
2794 	if (!IS_ERR_OR_NULL(inode))
2795 		iput(inode);
2796 	if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries))
2797 		goto retry;
2798 	return err;
2799 }
2800 
2801 static int ext4_tmpfile(struct user_namespace *mnt_userns, struct inode *dir,
2802 			struct dentry *dentry, umode_t mode)
2803 {
2804 	handle_t *handle;
2805 	struct inode *inode;
2806 	int err, retries = 0;
2807 
2808 	err = dquot_initialize(dir);
2809 	if (err)
2810 		return err;
2811 
2812 retry:
2813 	inode = ext4_new_inode_start_handle(mnt_userns, dir, mode,
2814 					    NULL, 0, NULL,
2815 					    EXT4_HT_DIR,
2816 			EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) +
2817 			  4 + EXT4_XATTR_TRANS_BLOCKS);
2818 	handle = ext4_journal_current_handle();
2819 	err = PTR_ERR(inode);
2820 	if (!IS_ERR(inode)) {
2821 		inode->i_op = &ext4_file_inode_operations;
2822 		inode->i_fop = &ext4_file_operations;
2823 		ext4_set_aops(inode);
2824 		d_tmpfile(dentry, inode);
2825 		err = ext4_orphan_add(handle, inode);
2826 		if (err)
2827 			goto err_unlock_inode;
2828 		mark_inode_dirty(inode);
2829 		unlock_new_inode(inode);
2830 	}
2831 	if (handle)
2832 		ext4_journal_stop(handle);
2833 	if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries))
2834 		goto retry;
2835 	return err;
2836 err_unlock_inode:
2837 	ext4_journal_stop(handle);
2838 	unlock_new_inode(inode);
2839 	return err;
2840 }
2841 
2842 struct ext4_dir_entry_2 *ext4_init_dot_dotdot(struct inode *inode,
2843 			  struct ext4_dir_entry_2 *de,
2844 			  int blocksize, int csum_size,
2845 			  unsigned int parent_ino, int dotdot_real_len)
2846 {
2847 	de->inode = cpu_to_le32(inode->i_ino);
2848 	de->name_len = 1;
2849 	de->rec_len = ext4_rec_len_to_disk(ext4_dir_rec_len(de->name_len, NULL),
2850 					   blocksize);
2851 	strcpy(de->name, ".");
2852 	ext4_set_de_type(inode->i_sb, de, S_IFDIR);
2853 
2854 	de = ext4_next_entry(de, blocksize);
2855 	de->inode = cpu_to_le32(parent_ino);
2856 	de->name_len = 2;
2857 	if (!dotdot_real_len)
2858 		de->rec_len = ext4_rec_len_to_disk(blocksize -
2859 					(csum_size + ext4_dir_rec_len(1, NULL)),
2860 					blocksize);
2861 	else
2862 		de->rec_len = ext4_rec_len_to_disk(
2863 					ext4_dir_rec_len(de->name_len, NULL),
2864 					blocksize);
2865 	strcpy(de->name, "..");
2866 	ext4_set_de_type(inode->i_sb, de, S_IFDIR);
2867 
2868 	return ext4_next_entry(de, blocksize);
2869 }
2870 
2871 int ext4_init_new_dir(handle_t *handle, struct inode *dir,
2872 			     struct inode *inode)
2873 {
2874 	struct buffer_head *dir_block = NULL;
2875 	struct ext4_dir_entry_2 *de;
2876 	ext4_lblk_t block = 0;
2877 	unsigned int blocksize = dir->i_sb->s_blocksize;
2878 	int csum_size = 0;
2879 	int err;
2880 
2881 	if (ext4_has_metadata_csum(dir->i_sb))
2882 		csum_size = sizeof(struct ext4_dir_entry_tail);
2883 
2884 	if (ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)) {
2885 		err = ext4_try_create_inline_dir(handle, dir, inode);
2886 		if (err < 0 && err != -ENOSPC)
2887 			goto out;
2888 		if (!err)
2889 			goto out;
2890 	}
2891 
2892 	inode->i_size = 0;
2893 	dir_block = ext4_append(handle, inode, &block);
2894 	if (IS_ERR(dir_block))
2895 		return PTR_ERR(dir_block);
2896 	de = (struct ext4_dir_entry_2 *)dir_block->b_data;
2897 	ext4_init_dot_dotdot(inode, de, blocksize, csum_size, dir->i_ino, 0);
2898 	set_nlink(inode, 2);
2899 	if (csum_size)
2900 		ext4_initialize_dirent_tail(dir_block, blocksize);
2901 
2902 	BUFFER_TRACE(dir_block, "call ext4_handle_dirty_metadata");
2903 	err = ext4_handle_dirty_dirblock(handle, inode, dir_block);
2904 	if (err)
2905 		goto out;
2906 	set_buffer_verified(dir_block);
2907 out:
2908 	brelse(dir_block);
2909 	return err;
2910 }
2911 
2912 static int ext4_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
2913 		      struct dentry *dentry, umode_t mode)
2914 {
2915 	handle_t *handle;
2916 	struct inode *inode;
2917 	int err, err2 = 0, credits, retries = 0;
2918 
2919 	if (EXT4_DIR_LINK_MAX(dir))
2920 		return -EMLINK;
2921 
2922 	err = dquot_initialize(dir);
2923 	if (err)
2924 		return err;
2925 
2926 	credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) +
2927 		   EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3);
2928 retry:
2929 	inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFDIR | mode,
2930 					    &dentry->d_name,
2931 					    0, NULL, EXT4_HT_DIR, credits);
2932 	handle = ext4_journal_current_handle();
2933 	err = PTR_ERR(inode);
2934 	if (IS_ERR(inode))
2935 		goto out_stop;
2936 
2937 	inode->i_op = &ext4_dir_inode_operations;
2938 	inode->i_fop = &ext4_dir_operations;
2939 	err = ext4_init_new_dir(handle, dir, inode);
2940 	if (err)
2941 		goto out_clear_inode;
2942 	err = ext4_mark_inode_dirty(handle, inode);
2943 	if (!err)
2944 		err = ext4_add_entry(handle, dentry, inode);
2945 	if (err) {
2946 out_clear_inode:
2947 		clear_nlink(inode);
2948 		ext4_orphan_add(handle, inode);
2949 		unlock_new_inode(inode);
2950 		err2 = ext4_mark_inode_dirty(handle, inode);
2951 		if (unlikely(err2))
2952 			err = err2;
2953 		ext4_journal_stop(handle);
2954 		iput(inode);
2955 		goto out_retry;
2956 	}
2957 	ext4_inc_count(dir);
2958 
2959 	ext4_update_dx_flag(dir);
2960 	err = ext4_mark_inode_dirty(handle, dir);
2961 	if (err)
2962 		goto out_clear_inode;
2963 	d_instantiate_new(dentry, inode);
2964 	ext4_fc_track_create(handle, dentry);
2965 	if (IS_DIRSYNC(dir))
2966 		ext4_handle_sync(handle);
2967 
2968 out_stop:
2969 	if (handle)
2970 		ext4_journal_stop(handle);
2971 out_retry:
2972 	if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries))
2973 		goto retry;
2974 	return err;
2975 }
2976 
2977 /*
2978  * routine to check that the specified directory is empty (for rmdir)
2979  */
2980 bool ext4_empty_dir(struct inode *inode)
2981 {
2982 	unsigned int offset;
2983 	struct buffer_head *bh;
2984 	struct ext4_dir_entry_2 *de;
2985 	struct super_block *sb;
2986 
2987 	if (ext4_has_inline_data(inode)) {
2988 		int has_inline_data = 1;
2989 		int ret;
2990 
2991 		ret = empty_inline_dir(inode, &has_inline_data);
2992 		if (has_inline_data)
2993 			return ret;
2994 	}
2995 
2996 	sb = inode->i_sb;
2997 	if (inode->i_size < ext4_dir_rec_len(1, NULL) +
2998 					ext4_dir_rec_len(2, NULL)) {
2999 		EXT4_ERROR_INODE(inode, "invalid size");
3000 		return false;
3001 	}
3002 	/* The first directory block must not be a hole,
3003 	 * so treat it as DIRENT_HTREE
3004 	 */
3005 	bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE);
3006 	if (IS_ERR(bh))
3007 		return false;
3008 
3009 	de = (struct ext4_dir_entry_2 *) bh->b_data;
3010 	if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size,
3011 				 0) ||
3012 	    le32_to_cpu(de->inode) != inode->i_ino || strcmp(".", de->name)) {
3013 		ext4_warning_inode(inode, "directory missing '.'");
3014 		brelse(bh);
3015 		return false;
3016 	}
3017 	offset = ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize);
3018 	de = ext4_next_entry(de, sb->s_blocksize);
3019 	if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size,
3020 				 offset) ||
3021 	    le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) {
3022 		ext4_warning_inode(inode, "directory missing '..'");
3023 		brelse(bh);
3024 		return false;
3025 	}
3026 	offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize);
3027 	while (offset < inode->i_size) {
3028 		if (!(offset & (sb->s_blocksize - 1))) {
3029 			unsigned int lblock;
3030 			brelse(bh);
3031 			lblock = offset >> EXT4_BLOCK_SIZE_BITS(sb);
3032 			bh = ext4_read_dirblock(inode, lblock, EITHER);
3033 			if (bh == NULL) {
3034 				offset += sb->s_blocksize;
3035 				continue;
3036 			}
3037 			if (IS_ERR(bh))
3038 				return false;
3039 		}
3040 		de = (struct ext4_dir_entry_2 *) (bh->b_data +
3041 					(offset & (sb->s_blocksize - 1)));
3042 		if (ext4_check_dir_entry(inode, NULL, de, bh,
3043 					 bh->b_data, bh->b_size, offset)) {
3044 			offset = (offset | (sb->s_blocksize - 1)) + 1;
3045 			continue;
3046 		}
3047 		if (le32_to_cpu(de->inode)) {
3048 			brelse(bh);
3049 			return false;
3050 		}
3051 		offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize);
3052 	}
3053 	brelse(bh);
3054 	return true;
3055 }
3056 
3057 static int ext4_rmdir(struct inode *dir, struct dentry *dentry)
3058 {
3059 	int retval;
3060 	struct inode *inode;
3061 	struct buffer_head *bh;
3062 	struct ext4_dir_entry_2 *de;
3063 	handle_t *handle = NULL;
3064 
3065 	if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb))))
3066 		return -EIO;
3067 
3068 	/* Initialize quotas before so that eventual writes go in
3069 	 * separate transaction */
3070 	retval = dquot_initialize(dir);
3071 	if (retval)
3072 		return retval;
3073 	retval = dquot_initialize(d_inode(dentry));
3074 	if (retval)
3075 		return retval;
3076 
3077 	retval = -ENOENT;
3078 	bh = ext4_find_entry(dir, &dentry->d_name, &de, NULL);
3079 	if (IS_ERR(bh))
3080 		return PTR_ERR(bh);
3081 	if (!bh)
3082 		goto end_rmdir;
3083 
3084 	inode = d_inode(dentry);
3085 
3086 	retval = -EFSCORRUPTED;
3087 	if (le32_to_cpu(de->inode) != inode->i_ino)
3088 		goto end_rmdir;
3089 
3090 	retval = -ENOTEMPTY;
3091 	if (!ext4_empty_dir(inode))
3092 		goto end_rmdir;
3093 
3094 	handle = ext4_journal_start(dir, EXT4_HT_DIR,
3095 				    EXT4_DATA_TRANS_BLOCKS(dir->i_sb));
3096 	if (IS_ERR(handle)) {
3097 		retval = PTR_ERR(handle);
3098 		handle = NULL;
3099 		goto end_rmdir;
3100 	}
3101 
3102 	if (IS_DIRSYNC(dir))
3103 		ext4_handle_sync(handle);
3104 
3105 	retval = ext4_delete_entry(handle, dir, de, bh);
3106 	if (retval)
3107 		goto end_rmdir;
3108 	if (!EXT4_DIR_LINK_EMPTY(inode))
3109 		ext4_warning_inode(inode,
3110 			     "empty directory '%.*s' has too many links (%u)",
3111 			     dentry->d_name.len, dentry->d_name.name,
3112 			     inode->i_nlink);
3113 	inode_inc_iversion(inode);
3114 	clear_nlink(inode);
3115 	/* There's no need to set i_disksize: the fact that i_nlink is
3116 	 * zero will ensure that the right thing happens during any
3117 	 * recovery. */
3118 	inode->i_size = 0;
3119 	ext4_orphan_add(handle, inode);
3120 	inode->i_ctime = dir->i_ctime = dir->i_mtime = current_time(inode);
3121 	retval = ext4_mark_inode_dirty(handle, inode);
3122 	if (retval)
3123 		goto end_rmdir;
3124 	ext4_dec_count(dir);
3125 	ext4_update_dx_flag(dir);
3126 	ext4_fc_track_unlink(handle, dentry);
3127 	retval = ext4_mark_inode_dirty(handle, dir);
3128 
3129 #if IS_ENABLED(CONFIG_UNICODE)
3130 	/* VFS negative dentries are incompatible with Encoding and
3131 	 * Case-insensitiveness. Eventually we'll want avoid
3132 	 * invalidating the dentries here, alongside with returning the
3133 	 * negative dentries at ext4_lookup(), when it is better
3134 	 * supported by the VFS for the CI case.
3135 	 */
3136 	if (IS_CASEFOLDED(dir))
3137 		d_invalidate(dentry);
3138 #endif
3139 
3140 end_rmdir:
3141 	brelse(bh);
3142 	if (handle)
3143 		ext4_journal_stop(handle);
3144 	return retval;
3145 }
3146 
3147 int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name,
3148 		  struct inode *inode)
3149 {
3150 	int retval = -ENOENT;
3151 	struct buffer_head *bh;
3152 	struct ext4_dir_entry_2 *de;
3153 	int skip_remove_dentry = 0;
3154 
3155 	bh = ext4_find_entry(dir, d_name, &de, NULL);
3156 	if (IS_ERR(bh))
3157 		return PTR_ERR(bh);
3158 
3159 	if (!bh)
3160 		return -ENOENT;
3161 
3162 	if (le32_to_cpu(de->inode) != inode->i_ino) {
3163 		/*
3164 		 * It's okay if we find dont find dentry which matches
3165 		 * the inode. That's because it might have gotten
3166 		 * renamed to a different inode number
3167 		 */
3168 		if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY)
3169 			skip_remove_dentry = 1;
3170 		else
3171 			goto out;
3172 	}
3173 
3174 	if (IS_DIRSYNC(dir))
3175 		ext4_handle_sync(handle);
3176 
3177 	if (!skip_remove_dentry) {
3178 		retval = ext4_delete_entry(handle, dir, de, bh);
3179 		if (retval)
3180 			goto out;
3181 		dir->i_ctime = dir->i_mtime = current_time(dir);
3182 		ext4_update_dx_flag(dir);
3183 		retval = ext4_mark_inode_dirty(handle, dir);
3184 		if (retval)
3185 			goto out;
3186 	} else {
3187 		retval = 0;
3188 	}
3189 	if (inode->i_nlink == 0)
3190 		ext4_warning_inode(inode, "Deleting file '%.*s' with no links",
3191 				   d_name->len, d_name->name);
3192 	else
3193 		drop_nlink(inode);
3194 	if (!inode->i_nlink)
3195 		ext4_orphan_add(handle, inode);
3196 	inode->i_ctime = current_time(inode);
3197 	retval = ext4_mark_inode_dirty(handle, inode);
3198 
3199 out:
3200 	brelse(bh);
3201 	return retval;
3202 }
3203 
3204 static int ext4_unlink(struct inode *dir, struct dentry *dentry)
3205 {
3206 	handle_t *handle;
3207 	int retval;
3208 
3209 	if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb))))
3210 		return -EIO;
3211 
3212 	trace_ext4_unlink_enter(dir, dentry);
3213 	/*
3214 	 * Initialize quotas before so that eventual writes go
3215 	 * in separate transaction
3216 	 */
3217 	retval = dquot_initialize(dir);
3218 	if (retval)
3219 		goto out_trace;
3220 	retval = dquot_initialize(d_inode(dentry));
3221 	if (retval)
3222 		goto out_trace;
3223 
3224 	handle = ext4_journal_start(dir, EXT4_HT_DIR,
3225 				    EXT4_DATA_TRANS_BLOCKS(dir->i_sb));
3226 	if (IS_ERR(handle)) {
3227 		retval = PTR_ERR(handle);
3228 		goto out_trace;
3229 	}
3230 
3231 	retval = __ext4_unlink(handle, dir, &dentry->d_name, d_inode(dentry));
3232 	if (!retval)
3233 		ext4_fc_track_unlink(handle, dentry);
3234 #if IS_ENABLED(CONFIG_UNICODE)
3235 	/* VFS negative dentries are incompatible with Encoding and
3236 	 * Case-insensitiveness. Eventually we'll want avoid
3237 	 * invalidating the dentries here, alongside with returning the
3238 	 * negative dentries at ext4_lookup(), when it is  better
3239 	 * supported by the VFS for the CI case.
3240 	 */
3241 	if (IS_CASEFOLDED(dir))
3242 		d_invalidate(dentry);
3243 #endif
3244 	if (handle)
3245 		ext4_journal_stop(handle);
3246 
3247 out_trace:
3248 	trace_ext4_unlink_exit(dentry, retval);
3249 	return retval;
3250 }
3251 
3252 static int ext4_symlink(struct user_namespace *mnt_userns, struct inode *dir,
3253 			struct dentry *dentry, const char *symname)
3254 {
3255 	handle_t *handle;
3256 	struct inode *inode;
3257 	int err, len = strlen(symname);
3258 	int credits;
3259 	struct fscrypt_str disk_link;
3260 
3261 	if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb))))
3262 		return -EIO;
3263 
3264 	err = fscrypt_prepare_symlink(dir, symname, len, dir->i_sb->s_blocksize,
3265 				      &disk_link);
3266 	if (err)
3267 		return err;
3268 
3269 	err = dquot_initialize(dir);
3270 	if (err)
3271 		return err;
3272 
3273 	if ((disk_link.len > EXT4_N_BLOCKS * 4)) {
3274 		/*
3275 		 * For non-fast symlinks, we just allocate inode and put it on
3276 		 * orphan list in the first transaction => we need bitmap,
3277 		 * group descriptor, sb, inode block, quota blocks, and
3278 		 * possibly selinux xattr blocks.
3279 		 */
3280 		credits = 4 + EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) +
3281 			  EXT4_XATTR_TRANS_BLOCKS;
3282 	} else {
3283 		/*
3284 		 * Fast symlink. We have to add entry to directory
3285 		 * (EXT4_DATA_TRANS_BLOCKS + EXT4_INDEX_EXTRA_TRANS_BLOCKS),
3286 		 * allocate new inode (bitmap, group descriptor, inode block,
3287 		 * quota blocks, sb is already counted in previous macros).
3288 		 */
3289 		credits = EXT4_DATA_TRANS_BLOCKS(dir->i_sb) +
3290 			  EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3;
3291 	}
3292 
3293 	inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFLNK|S_IRWXUGO,
3294 					    &dentry->d_name, 0, NULL,
3295 					    EXT4_HT_DIR, credits);
3296 	handle = ext4_journal_current_handle();
3297 	if (IS_ERR(inode)) {
3298 		if (handle)
3299 			ext4_journal_stop(handle);
3300 		return PTR_ERR(inode);
3301 	}
3302 
3303 	if (IS_ENCRYPTED(inode)) {
3304 		err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link);
3305 		if (err)
3306 			goto err_drop_inode;
3307 		inode->i_op = &ext4_encrypted_symlink_inode_operations;
3308 	}
3309 
3310 	if ((disk_link.len > EXT4_N_BLOCKS * 4)) {
3311 		if (!IS_ENCRYPTED(inode))
3312 			inode->i_op = &ext4_symlink_inode_operations;
3313 		inode_nohighmem(inode);
3314 		ext4_set_aops(inode);
3315 		/*
3316 		 * We cannot call page_symlink() with transaction started
3317 		 * because it calls into ext4_write_begin() which can wait
3318 		 * for transaction commit if we are running out of space
3319 		 * and thus we deadlock. So we have to stop transaction now
3320 		 * and restart it when symlink contents is written.
3321 		 *
3322 		 * To keep fs consistent in case of crash, we have to put inode
3323 		 * to orphan list in the mean time.
3324 		 */
3325 		drop_nlink(inode);
3326 		err = ext4_orphan_add(handle, inode);
3327 		if (handle)
3328 			ext4_journal_stop(handle);
3329 		handle = NULL;
3330 		if (err)
3331 			goto err_drop_inode;
3332 		err = __page_symlink(inode, disk_link.name, disk_link.len, 1);
3333 		if (err)
3334 			goto err_drop_inode;
3335 		/*
3336 		 * Now inode is being linked into dir (EXT4_DATA_TRANS_BLOCKS
3337 		 * + EXT4_INDEX_EXTRA_TRANS_BLOCKS), inode is also modified
3338 		 */
3339 		handle = ext4_journal_start(dir, EXT4_HT_DIR,
3340 				EXT4_DATA_TRANS_BLOCKS(dir->i_sb) +
3341 				EXT4_INDEX_EXTRA_TRANS_BLOCKS + 1);
3342 		if (IS_ERR(handle)) {
3343 			err = PTR_ERR(handle);
3344 			handle = NULL;
3345 			goto err_drop_inode;
3346 		}
3347 		set_nlink(inode, 1);
3348 		err = ext4_orphan_del(handle, inode);
3349 		if (err)
3350 			goto err_drop_inode;
3351 	} else {
3352 		/* clear the extent format for fast symlink */
3353 		ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS);
3354 		if (!IS_ENCRYPTED(inode)) {
3355 			inode->i_op = &ext4_fast_symlink_inode_operations;
3356 			inode->i_link = (char *)&EXT4_I(inode)->i_data;
3357 		}
3358 		memcpy((char *)&EXT4_I(inode)->i_data, disk_link.name,
3359 		       disk_link.len);
3360 		inode->i_size = disk_link.len - 1;
3361 	}
3362 	EXT4_I(inode)->i_disksize = inode->i_size;
3363 	err = ext4_add_nondir(handle, dentry, &inode);
3364 	if (handle)
3365 		ext4_journal_stop(handle);
3366 	if (inode)
3367 		iput(inode);
3368 	goto out_free_encrypted_link;
3369 
3370 err_drop_inode:
3371 	if (handle)
3372 		ext4_journal_stop(handle);
3373 	clear_nlink(inode);
3374 	unlock_new_inode(inode);
3375 	iput(inode);
3376 out_free_encrypted_link:
3377 	if (disk_link.name != (unsigned char *)symname)
3378 		kfree(disk_link.name);
3379 	return err;
3380 }
3381 
3382 int __ext4_link(struct inode *dir, struct inode *inode, struct dentry *dentry)
3383 {
3384 	handle_t *handle;
3385 	int err, retries = 0;
3386 retry:
3387 	handle = ext4_journal_start(dir, EXT4_HT_DIR,
3388 		(EXT4_DATA_TRANS_BLOCKS(dir->i_sb) +
3389 		 EXT4_INDEX_EXTRA_TRANS_BLOCKS) + 1);
3390 	if (IS_ERR(handle))
3391 		return PTR_ERR(handle);
3392 
3393 	if (IS_DIRSYNC(dir))
3394 		ext4_handle_sync(handle);
3395 
3396 	inode->i_ctime = current_time(inode);
3397 	ext4_inc_count(inode);
3398 	ihold(inode);
3399 
3400 	err = ext4_add_entry(handle, dentry, inode);
3401 	if (!err) {
3402 		err = ext4_mark_inode_dirty(handle, inode);
3403 		/* this can happen only for tmpfile being
3404 		 * linked the first time
3405 		 */
3406 		if (inode->i_nlink == 1)
3407 			ext4_orphan_del(handle, inode);
3408 		d_instantiate(dentry, inode);
3409 		ext4_fc_track_link(handle, dentry);
3410 	} else {
3411 		drop_nlink(inode);
3412 		iput(inode);
3413 	}
3414 	ext4_journal_stop(handle);
3415 	if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries))
3416 		goto retry;
3417 	return err;
3418 }
3419 
3420 static int ext4_link(struct dentry *old_dentry,
3421 		     struct inode *dir, struct dentry *dentry)
3422 {
3423 	struct inode *inode = d_inode(old_dentry);
3424 	int err;
3425 
3426 	if (inode->i_nlink >= EXT4_LINK_MAX)
3427 		return -EMLINK;
3428 
3429 	err = fscrypt_prepare_link(old_dentry, dir, dentry);
3430 	if (err)
3431 		return err;
3432 
3433 	if ((ext4_test_inode_flag(dir, EXT4_INODE_PROJINHERIT)) &&
3434 	    (!projid_eq(EXT4_I(dir)->i_projid,
3435 			EXT4_I(old_dentry->d_inode)->i_projid)))
3436 		return -EXDEV;
3437 
3438 	err = dquot_initialize(dir);
3439 	if (err)
3440 		return err;
3441 	return __ext4_link(dir, inode, dentry);
3442 }
3443 
3444 /*
3445  * Try to find buffer head where contains the parent block.
3446  * It should be the inode block if it is inlined or the 1st block
3447  * if it is a normal dir.
3448  */
3449 static struct buffer_head *ext4_get_first_dir_block(handle_t *handle,
3450 					struct inode *inode,
3451 					int *retval,
3452 					struct ext4_dir_entry_2 **parent_de,
3453 					int *inlined)
3454 {
3455 	struct buffer_head *bh;
3456 
3457 	if (!ext4_has_inline_data(inode)) {
3458 		/* The first directory block must not be a hole, so
3459 		 * treat it as DIRENT_HTREE
3460 		 */
3461 		bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE);
3462 		if (IS_ERR(bh)) {
3463 			*retval = PTR_ERR(bh);
3464 			return NULL;
3465 		}
3466 		*parent_de = ext4_next_entry(
3467 					(struct ext4_dir_entry_2 *)bh->b_data,
3468 					inode->i_sb->s_blocksize);
3469 		return bh;
3470 	}
3471 
3472 	*inlined = 1;
3473 	return ext4_get_first_inline_block(inode, parent_de, retval);
3474 }
3475 
3476 struct ext4_renament {
3477 	struct inode *dir;
3478 	struct dentry *dentry;
3479 	struct inode *inode;
3480 	bool is_dir;
3481 	int dir_nlink_delta;
3482 
3483 	/* entry for "dentry" */
3484 	struct buffer_head *bh;
3485 	struct ext4_dir_entry_2 *de;
3486 	int inlined;
3487 
3488 	/* entry for ".." in inode if it's a directory */
3489 	struct buffer_head *dir_bh;
3490 	struct ext4_dir_entry_2 *parent_de;
3491 	int dir_inlined;
3492 };
3493 
3494 static int ext4_rename_dir_prepare(handle_t *handle, struct ext4_renament *ent)
3495 {
3496 	int retval;
3497 
3498 	ent->dir_bh = ext4_get_first_dir_block(handle, ent->inode,
3499 					      &retval, &ent->parent_de,
3500 					      &ent->dir_inlined);
3501 	if (!ent->dir_bh)
3502 		return retval;
3503 	if (le32_to_cpu(ent->parent_de->inode) != ent->dir->i_ino)
3504 		return -EFSCORRUPTED;
3505 	BUFFER_TRACE(ent->dir_bh, "get_write_access");
3506 	return ext4_journal_get_write_access(handle, ent->dir->i_sb,
3507 					     ent->dir_bh, EXT4_JTR_NONE);
3508 }
3509 
3510 static int ext4_rename_dir_finish(handle_t *handle, struct ext4_renament *ent,
3511 				  unsigned dir_ino)
3512 {
3513 	int retval;
3514 
3515 	ent->parent_de->inode = cpu_to_le32(dir_ino);
3516 	BUFFER_TRACE(ent->dir_bh, "call ext4_handle_dirty_metadata");
3517 	if (!ent->dir_inlined) {
3518 		if (is_dx(ent->inode)) {
3519 			retval = ext4_handle_dirty_dx_node(handle,
3520 							   ent->inode,
3521 							   ent->dir_bh);
3522 		} else {
3523 			retval = ext4_handle_dirty_dirblock(handle, ent->inode,
3524 							    ent->dir_bh);
3525 		}
3526 	} else {
3527 		retval = ext4_mark_inode_dirty(handle, ent->inode);
3528 	}
3529 	if (retval) {
3530 		ext4_std_error(ent->dir->i_sb, retval);
3531 		return retval;
3532 	}
3533 	return 0;
3534 }
3535 
3536 static int ext4_setent(handle_t *handle, struct ext4_renament *ent,
3537 		       unsigned ino, unsigned file_type)
3538 {
3539 	int retval, retval2;
3540 
3541 	BUFFER_TRACE(ent->bh, "get write access");
3542 	retval = ext4_journal_get_write_access(handle, ent->dir->i_sb, ent->bh,
3543 					       EXT4_JTR_NONE);
3544 	if (retval)
3545 		return retval;
3546 	ent->de->inode = cpu_to_le32(ino);
3547 	if (ext4_has_feature_filetype(ent->dir->i_sb))
3548 		ent->de->file_type = file_type;
3549 	inode_inc_iversion(ent->dir);
3550 	ent->dir->i_ctime = ent->dir->i_mtime =
3551 		current_time(ent->dir);
3552 	retval = ext4_mark_inode_dirty(handle, ent->dir);
3553 	BUFFER_TRACE(ent->bh, "call ext4_handle_dirty_metadata");
3554 	if (!ent->inlined) {
3555 		retval2 = ext4_handle_dirty_dirblock(handle, ent->dir, ent->bh);
3556 		if (unlikely(retval2)) {
3557 			ext4_std_error(ent->dir->i_sb, retval2);
3558 			return retval2;
3559 		}
3560 	}
3561 	return retval;
3562 }
3563 
3564 static void ext4_resetent(handle_t *handle, struct ext4_renament *ent,
3565 			  unsigned ino, unsigned file_type)
3566 {
3567 	struct ext4_renament old = *ent;
3568 	int retval = 0;
3569 
3570 	/*
3571 	 * old->de could have moved from under us during make indexed dir,
3572 	 * so the old->de may no longer valid and need to find it again
3573 	 * before reset old inode info.
3574 	 */
3575 	old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL);
3576 	if (IS_ERR(old.bh))
3577 		retval = PTR_ERR(old.bh);
3578 	if (!old.bh)
3579 		retval = -ENOENT;
3580 	if (retval) {
3581 		ext4_std_error(old.dir->i_sb, retval);
3582 		return;
3583 	}
3584 
3585 	ext4_setent(handle, &old, ino, file_type);
3586 	brelse(old.bh);
3587 }
3588 
3589 static int ext4_find_delete_entry(handle_t *handle, struct inode *dir,
3590 				  const struct qstr *d_name)
3591 {
3592 	int retval = -ENOENT;
3593 	struct buffer_head *bh;
3594 	struct ext4_dir_entry_2 *de;
3595 
3596 	bh = ext4_find_entry(dir, d_name, &de, NULL);
3597 	if (IS_ERR(bh))
3598 		return PTR_ERR(bh);
3599 	if (bh) {
3600 		retval = ext4_delete_entry(handle, dir, de, bh);
3601 		brelse(bh);
3602 	}
3603 	return retval;
3604 }
3605 
3606 static void ext4_rename_delete(handle_t *handle, struct ext4_renament *ent,
3607 			       int force_reread)
3608 {
3609 	int retval;
3610 	/*
3611 	 * ent->de could have moved from under us during htree split, so make
3612 	 * sure that we are deleting the right entry.  We might also be pointing
3613 	 * to a stale entry in the unused part of ent->bh so just checking inum
3614 	 * and the name isn't enough.
3615 	 */
3616 	if (le32_to_cpu(ent->de->inode) != ent->inode->i_ino ||
3617 	    ent->de->name_len != ent->dentry->d_name.len ||
3618 	    strncmp(ent->de->name, ent->dentry->d_name.name,
3619 		    ent->de->name_len) ||
3620 	    force_reread) {
3621 		retval = ext4_find_delete_entry(handle, ent->dir,
3622 						&ent->dentry->d_name);
3623 	} else {
3624 		retval = ext4_delete_entry(handle, ent->dir, ent->de, ent->bh);
3625 		if (retval == -ENOENT) {
3626 			retval = ext4_find_delete_entry(handle, ent->dir,
3627 							&ent->dentry->d_name);
3628 		}
3629 	}
3630 
3631 	if (retval) {
3632 		ext4_warning_inode(ent->dir,
3633 				   "Deleting old file: nlink %d, error=%d",
3634 				   ent->dir->i_nlink, retval);
3635 	}
3636 }
3637 
3638 static void ext4_update_dir_count(handle_t *handle, struct ext4_renament *ent)
3639 {
3640 	if (ent->dir_nlink_delta) {
3641 		if (ent->dir_nlink_delta == -1)
3642 			ext4_dec_count(ent->dir);
3643 		else
3644 			ext4_inc_count(ent->dir);
3645 		ext4_mark_inode_dirty(handle, ent->dir);
3646 	}
3647 }
3648 
3649 static struct inode *ext4_whiteout_for_rename(struct user_namespace *mnt_userns,
3650 					      struct ext4_renament *ent,
3651 					      int credits, handle_t **h)
3652 {
3653 	struct inode *wh;
3654 	handle_t *handle;
3655 	int retries = 0;
3656 
3657 	/*
3658 	 * for inode block, sb block, group summaries,
3659 	 * and inode bitmap
3660 	 */
3661 	credits += (EXT4_MAXQUOTAS_TRANS_BLOCKS(ent->dir->i_sb) +
3662 		    EXT4_XATTR_TRANS_BLOCKS + 4);
3663 retry:
3664 	wh = ext4_new_inode_start_handle(mnt_userns, ent->dir,
3665 					 S_IFCHR | WHITEOUT_MODE,
3666 					 &ent->dentry->d_name, 0, NULL,
3667 					 EXT4_HT_DIR, credits);
3668 
3669 	handle = ext4_journal_current_handle();
3670 	if (IS_ERR(wh)) {
3671 		if (handle)
3672 			ext4_journal_stop(handle);
3673 		if (PTR_ERR(wh) == -ENOSPC &&
3674 		    ext4_should_retry_alloc(ent->dir->i_sb, &retries))
3675 			goto retry;
3676 	} else {
3677 		*h = handle;
3678 		init_special_inode(wh, wh->i_mode, WHITEOUT_DEV);
3679 		wh->i_op = &ext4_special_inode_operations;
3680 	}
3681 	return wh;
3682 }
3683 
3684 /*
3685  * Anybody can rename anything with this: the permission checks are left to the
3686  * higher-level routines.
3687  *
3688  * n.b.  old_{dentry,inode) refers to the source dentry/inode
3689  * while new_{dentry,inode) refers to the destination dentry/inode
3690  * This comes from rename(const char *oldpath, const char *newpath)
3691  */
3692 static int ext4_rename(struct user_namespace *mnt_userns, struct inode *old_dir,
3693 		       struct dentry *old_dentry, struct inode *new_dir,
3694 		       struct dentry *new_dentry, unsigned int flags)
3695 {
3696 	handle_t *handle = NULL;
3697 	struct ext4_renament old = {
3698 		.dir = old_dir,
3699 		.dentry = old_dentry,
3700 		.inode = d_inode(old_dentry),
3701 	};
3702 	struct ext4_renament new = {
3703 		.dir = new_dir,
3704 		.dentry = new_dentry,
3705 		.inode = d_inode(new_dentry),
3706 	};
3707 	int force_reread;
3708 	int retval;
3709 	struct inode *whiteout = NULL;
3710 	int credits;
3711 	u8 old_file_type;
3712 
3713 	if (new.inode && new.inode->i_nlink == 0) {
3714 		EXT4_ERROR_INODE(new.inode,
3715 				 "target of rename is already freed");
3716 		return -EFSCORRUPTED;
3717 	}
3718 
3719 	if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT)) &&
3720 	    (!projid_eq(EXT4_I(new_dir)->i_projid,
3721 			EXT4_I(old_dentry->d_inode)->i_projid)))
3722 		return -EXDEV;
3723 
3724 	retval = dquot_initialize(old.dir);
3725 	if (retval)
3726 		return retval;
3727 	retval = dquot_initialize(new.dir);
3728 	if (retval)
3729 		return retval;
3730 
3731 	/* Initialize quotas before so that eventual writes go
3732 	 * in separate transaction */
3733 	if (new.inode) {
3734 		retval = dquot_initialize(new.inode);
3735 		if (retval)
3736 			return retval;
3737 	}
3738 
3739 	old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL);
3740 	if (IS_ERR(old.bh))
3741 		return PTR_ERR(old.bh);
3742 	/*
3743 	 *  Check for inode number is _not_ due to possible IO errors.
3744 	 *  We might rmdir the source, keep it as pwd of some process
3745 	 *  and merrily kill the link to whatever was created under the
3746 	 *  same name. Goodbye sticky bit ;-<
3747 	 */
3748 	retval = -ENOENT;
3749 	if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino)
3750 		goto release_bh;
3751 
3752 	new.bh = ext4_find_entry(new.dir, &new.dentry->d_name,
3753 				 &new.de, &new.inlined);
3754 	if (IS_ERR(new.bh)) {
3755 		retval = PTR_ERR(new.bh);
3756 		new.bh = NULL;
3757 		goto release_bh;
3758 	}
3759 	if (new.bh) {
3760 		if (!new.inode) {
3761 			brelse(new.bh);
3762 			new.bh = NULL;
3763 		}
3764 	}
3765 	if (new.inode && !test_opt(new.dir->i_sb, NO_AUTO_DA_ALLOC))
3766 		ext4_alloc_da_blocks(old.inode);
3767 
3768 	credits = (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) +
3769 		   EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2);
3770 	if (!(flags & RENAME_WHITEOUT)) {
3771 		handle = ext4_journal_start(old.dir, EXT4_HT_DIR, credits);
3772 		if (IS_ERR(handle)) {
3773 			retval = PTR_ERR(handle);
3774 			goto release_bh;
3775 		}
3776 	} else {
3777 		whiteout = ext4_whiteout_for_rename(mnt_userns, &old, credits, &handle);
3778 		if (IS_ERR(whiteout)) {
3779 			retval = PTR_ERR(whiteout);
3780 			goto release_bh;
3781 		}
3782 	}
3783 
3784 	old_file_type = old.de->file_type;
3785 	if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir))
3786 		ext4_handle_sync(handle);
3787 
3788 	if (S_ISDIR(old.inode->i_mode)) {
3789 		if (new.inode) {
3790 			retval = -ENOTEMPTY;
3791 			if (!ext4_empty_dir(new.inode))
3792 				goto end_rename;
3793 		} else {
3794 			retval = -EMLINK;
3795 			if (new.dir != old.dir && EXT4_DIR_LINK_MAX(new.dir))
3796 				goto end_rename;
3797 		}
3798 		retval = ext4_rename_dir_prepare(handle, &old);
3799 		if (retval)
3800 			goto end_rename;
3801 	}
3802 	/*
3803 	 * If we're renaming a file within an inline_data dir and adding or
3804 	 * setting the new dirent causes a conversion from inline_data to
3805 	 * extents/blockmap, we need to force the dirent delete code to
3806 	 * re-read the directory, or else we end up trying to delete a dirent
3807 	 * from what is now the extent tree root (or a block map).
3808 	 */
3809 	force_reread = (new.dir->i_ino == old.dir->i_ino &&
3810 			ext4_test_inode_flag(new.dir, EXT4_INODE_INLINE_DATA));
3811 
3812 	if (whiteout) {
3813 		/*
3814 		 * Do this before adding a new entry, so the old entry is sure
3815 		 * to be still pointing to the valid old entry.
3816 		 */
3817 		retval = ext4_setent(handle, &old, whiteout->i_ino,
3818 				     EXT4_FT_CHRDEV);
3819 		if (retval)
3820 			goto end_rename;
3821 		retval = ext4_mark_inode_dirty(handle, whiteout);
3822 		if (unlikely(retval))
3823 			goto end_rename;
3824 
3825 	}
3826 	if (!new.bh) {
3827 		retval = ext4_add_entry(handle, new.dentry, old.inode);
3828 		if (retval)
3829 			goto end_rename;
3830 	} else {
3831 		retval = ext4_setent(handle, &new,
3832 				     old.inode->i_ino, old_file_type);
3833 		if (retval)
3834 			goto end_rename;
3835 	}
3836 	if (force_reread)
3837 		force_reread = !ext4_test_inode_flag(new.dir,
3838 						     EXT4_INODE_INLINE_DATA);
3839 
3840 	/*
3841 	 * Like most other Unix systems, set the ctime for inodes on a
3842 	 * rename.
3843 	 */
3844 	old.inode->i_ctime = current_time(old.inode);
3845 	retval = ext4_mark_inode_dirty(handle, old.inode);
3846 	if (unlikely(retval))
3847 		goto end_rename;
3848 
3849 	if (!whiteout) {
3850 		/*
3851 		 * ok, that's it
3852 		 */
3853 		ext4_rename_delete(handle, &old, force_reread);
3854 	}
3855 
3856 	if (new.inode) {
3857 		ext4_dec_count(new.inode);
3858 		new.inode->i_ctime = current_time(new.inode);
3859 	}
3860 	old.dir->i_ctime = old.dir->i_mtime = current_time(old.dir);
3861 	ext4_update_dx_flag(old.dir);
3862 	if (old.dir_bh) {
3863 		retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino);
3864 		if (retval)
3865 			goto end_rename;
3866 
3867 		ext4_dec_count(old.dir);
3868 		if (new.inode) {
3869 			/* checked ext4_empty_dir above, can't have another
3870 			 * parent, ext4_dec_count() won't work for many-linked
3871 			 * dirs */
3872 			clear_nlink(new.inode);
3873 		} else {
3874 			ext4_inc_count(new.dir);
3875 			ext4_update_dx_flag(new.dir);
3876 			retval = ext4_mark_inode_dirty(handle, new.dir);
3877 			if (unlikely(retval))
3878 				goto end_rename;
3879 		}
3880 	}
3881 	retval = ext4_mark_inode_dirty(handle, old.dir);
3882 	if (unlikely(retval))
3883 		goto end_rename;
3884 
3885 	if (S_ISDIR(old.inode->i_mode)) {
3886 		/*
3887 		 * We disable fast commits here that's because the
3888 		 * replay code is not yet capable of changing dot dot
3889 		 * dirents in directories.
3890 		 */
3891 		ext4_fc_mark_ineligible(old.inode->i_sb,
3892 			EXT4_FC_REASON_RENAME_DIR, handle);
3893 	} else {
3894 		struct super_block *sb = old.inode->i_sb;
3895 
3896 		if (new.inode)
3897 			ext4_fc_track_unlink(handle, new.dentry);
3898 		if (test_opt2(sb, JOURNAL_FAST_COMMIT) &&
3899 		    !(EXT4_SB(sb)->s_mount_state & EXT4_FC_REPLAY) &&
3900 		    !(ext4_test_mount_flag(sb, EXT4_MF_FC_INELIGIBLE))) {
3901 			__ext4_fc_track_link(handle, old.inode, new.dentry);
3902 			__ext4_fc_track_unlink(handle, old.inode, old.dentry);
3903 			if (whiteout)
3904 				__ext4_fc_track_create(handle, whiteout,
3905 						       old.dentry);
3906 		}
3907 	}
3908 
3909 	if (new.inode) {
3910 		retval = ext4_mark_inode_dirty(handle, new.inode);
3911 		if (unlikely(retval))
3912 			goto end_rename;
3913 		if (!new.inode->i_nlink)
3914 			ext4_orphan_add(handle, new.inode);
3915 	}
3916 	retval = 0;
3917 
3918 end_rename:
3919 	if (whiteout) {
3920 		if (retval) {
3921 			ext4_resetent(handle, &old,
3922 				      old.inode->i_ino, old_file_type);
3923 			drop_nlink(whiteout);
3924 			ext4_orphan_add(handle, whiteout);
3925 		}
3926 		unlock_new_inode(whiteout);
3927 		ext4_journal_stop(handle);
3928 		iput(whiteout);
3929 	} else {
3930 		ext4_journal_stop(handle);
3931 	}
3932 release_bh:
3933 	brelse(old.dir_bh);
3934 	brelse(old.bh);
3935 	brelse(new.bh);
3936 	return retval;
3937 }
3938 
3939 static int ext4_cross_rename(struct inode *old_dir, struct dentry *old_dentry,
3940 			     struct inode *new_dir, struct dentry *new_dentry)
3941 {
3942 	handle_t *handle = NULL;
3943 	struct ext4_renament old = {
3944 		.dir = old_dir,
3945 		.dentry = old_dentry,
3946 		.inode = d_inode(old_dentry),
3947 	};
3948 	struct ext4_renament new = {
3949 		.dir = new_dir,
3950 		.dentry = new_dentry,
3951 		.inode = d_inode(new_dentry),
3952 	};
3953 	u8 new_file_type;
3954 	int retval;
3955 	struct timespec64 ctime;
3956 
3957 	if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT) &&
3958 	     !projid_eq(EXT4_I(new_dir)->i_projid,
3959 			EXT4_I(old_dentry->d_inode)->i_projid)) ||
3960 	    (ext4_test_inode_flag(old_dir, EXT4_INODE_PROJINHERIT) &&
3961 	     !projid_eq(EXT4_I(old_dir)->i_projid,
3962 			EXT4_I(new_dentry->d_inode)->i_projid)))
3963 		return -EXDEV;
3964 
3965 	retval = dquot_initialize(old.dir);
3966 	if (retval)
3967 		return retval;
3968 	retval = dquot_initialize(new.dir);
3969 	if (retval)
3970 		return retval;
3971 
3972 	old.bh = ext4_find_entry(old.dir, &old.dentry->d_name,
3973 				 &old.de, &old.inlined);
3974 	if (IS_ERR(old.bh))
3975 		return PTR_ERR(old.bh);
3976 	/*
3977 	 *  Check for inode number is _not_ due to possible IO errors.
3978 	 *  We might rmdir the source, keep it as pwd of some process
3979 	 *  and merrily kill the link to whatever was created under the
3980 	 *  same name. Goodbye sticky bit ;-<
3981 	 */
3982 	retval = -ENOENT;
3983 	if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino)
3984 		goto end_rename;
3985 
3986 	new.bh = ext4_find_entry(new.dir, &new.dentry->d_name,
3987 				 &new.de, &new.inlined);
3988 	if (IS_ERR(new.bh)) {
3989 		retval = PTR_ERR(new.bh);
3990 		new.bh = NULL;
3991 		goto end_rename;
3992 	}
3993 
3994 	/* RENAME_EXCHANGE case: old *and* new must both exist */
3995 	if (!new.bh || le32_to_cpu(new.de->inode) != new.inode->i_ino)
3996 		goto end_rename;
3997 
3998 	handle = ext4_journal_start(old.dir, EXT4_HT_DIR,
3999 		(2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) +
4000 		 2 * EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2));
4001 	if (IS_ERR(handle)) {
4002 		retval = PTR_ERR(handle);
4003 		handle = NULL;
4004 		goto end_rename;
4005 	}
4006 
4007 	if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir))
4008 		ext4_handle_sync(handle);
4009 
4010 	if (S_ISDIR(old.inode->i_mode)) {
4011 		old.is_dir = true;
4012 		retval = ext4_rename_dir_prepare(handle, &old);
4013 		if (retval)
4014 			goto end_rename;
4015 	}
4016 	if (S_ISDIR(new.inode->i_mode)) {
4017 		new.is_dir = true;
4018 		retval = ext4_rename_dir_prepare(handle, &new);
4019 		if (retval)
4020 			goto end_rename;
4021 	}
4022 
4023 	/*
4024 	 * Other than the special case of overwriting a directory, parents'
4025 	 * nlink only needs to be modified if this is a cross directory rename.
4026 	 */
4027 	if (old.dir != new.dir && old.is_dir != new.is_dir) {
4028 		old.dir_nlink_delta = old.is_dir ? -1 : 1;
4029 		new.dir_nlink_delta = -old.dir_nlink_delta;
4030 		retval = -EMLINK;
4031 		if ((old.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(old.dir)) ||
4032 		    (new.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(new.dir)))
4033 			goto end_rename;
4034 	}
4035 
4036 	new_file_type = new.de->file_type;
4037 	retval = ext4_setent(handle, &new, old.inode->i_ino, old.de->file_type);
4038 	if (retval)
4039 		goto end_rename;
4040 
4041 	retval = ext4_setent(handle, &old, new.inode->i_ino, new_file_type);
4042 	if (retval)
4043 		goto end_rename;
4044 
4045 	/*
4046 	 * Like most other Unix systems, set the ctime for inodes on a
4047 	 * rename.
4048 	 */
4049 	ctime = current_time(old.inode);
4050 	old.inode->i_ctime = ctime;
4051 	new.inode->i_ctime = ctime;
4052 	retval = ext4_mark_inode_dirty(handle, old.inode);
4053 	if (unlikely(retval))
4054 		goto end_rename;
4055 	retval = ext4_mark_inode_dirty(handle, new.inode);
4056 	if (unlikely(retval))
4057 		goto end_rename;
4058 	ext4_fc_mark_ineligible(new.inode->i_sb,
4059 				EXT4_FC_REASON_CROSS_RENAME, handle);
4060 	if (old.dir_bh) {
4061 		retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino);
4062 		if (retval)
4063 			goto end_rename;
4064 	}
4065 	if (new.dir_bh) {
4066 		retval = ext4_rename_dir_finish(handle, &new, old.dir->i_ino);
4067 		if (retval)
4068 			goto end_rename;
4069 	}
4070 	ext4_update_dir_count(handle, &old);
4071 	ext4_update_dir_count(handle, &new);
4072 	retval = 0;
4073 
4074 end_rename:
4075 	brelse(old.dir_bh);
4076 	brelse(new.dir_bh);
4077 	brelse(old.bh);
4078 	brelse(new.bh);
4079 	if (handle)
4080 		ext4_journal_stop(handle);
4081 	return retval;
4082 }
4083 
4084 static int ext4_rename2(struct user_namespace *mnt_userns,
4085 			struct inode *old_dir, struct dentry *old_dentry,
4086 			struct inode *new_dir, struct dentry *new_dentry,
4087 			unsigned int flags)
4088 {
4089 	int err;
4090 
4091 	if (unlikely(ext4_forced_shutdown(EXT4_SB(old_dir->i_sb))))
4092 		return -EIO;
4093 
4094 	if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
4095 		return -EINVAL;
4096 
4097 	err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry,
4098 				     flags);
4099 	if (err)
4100 		return err;
4101 
4102 	if (flags & RENAME_EXCHANGE) {
4103 		return ext4_cross_rename(old_dir, old_dentry,
4104 					 new_dir, new_dentry);
4105 	}
4106 
4107 	return ext4_rename(mnt_userns, old_dir, old_dentry, new_dir, new_dentry, flags);
4108 }
4109 
4110 /*
4111  * directories can handle most operations...
4112  */
4113 const struct inode_operations ext4_dir_inode_operations = {
4114 	.create		= ext4_create,
4115 	.lookup		= ext4_lookup,
4116 	.link		= ext4_link,
4117 	.unlink		= ext4_unlink,
4118 	.symlink	= ext4_symlink,
4119 	.mkdir		= ext4_mkdir,
4120 	.rmdir		= ext4_rmdir,
4121 	.mknod		= ext4_mknod,
4122 	.tmpfile	= ext4_tmpfile,
4123 	.rename		= ext4_rename2,
4124 	.setattr	= ext4_setattr,
4125 	.getattr	= ext4_getattr,
4126 	.listxattr	= ext4_listxattr,
4127 	.get_acl	= ext4_get_acl,
4128 	.set_acl	= ext4_set_acl,
4129 	.fiemap         = ext4_fiemap,
4130 	.fileattr_get	= ext4_fileattr_get,
4131 	.fileattr_set	= ext4_fileattr_set,
4132 };
4133 
4134 const struct inode_operations ext4_special_inode_operations = {
4135 	.setattr	= ext4_setattr,
4136 	.getattr	= ext4_getattr,
4137 	.listxattr	= ext4_listxattr,
4138 	.get_acl	= ext4_get_acl,
4139 	.set_acl	= ext4_set_acl,
4140 };
4141