1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/ext4/namei.c 4 * 5 * Copyright (C) 1992, 1993, 1994, 1995 6 * Remy Card (card@masi.ibp.fr) 7 * Laboratoire MASI - Institut Blaise Pascal 8 * Universite Pierre et Marie Curie (Paris VI) 9 * 10 * from 11 * 12 * linux/fs/minix/namei.c 13 * 14 * Copyright (C) 1991, 1992 Linus Torvalds 15 * 16 * Big-endian to little-endian byte-swapping/bitmaps by 17 * David S. Miller (davem@caip.rutgers.edu), 1995 18 * Directory entry file type support and forward compatibility hooks 19 * for B-tree directories by Theodore Ts'o (tytso@mit.edu), 1998 20 * Hash Tree Directory indexing (c) 21 * Daniel Phillips, 2001 22 * Hash Tree Directory indexing porting 23 * Christopher Li, 2002 24 * Hash Tree Directory indexing cleanup 25 * Theodore Ts'o, 2002 26 */ 27 28 #include <linux/fs.h> 29 #include <linux/pagemap.h> 30 #include <linux/time.h> 31 #include <linux/fcntl.h> 32 #include <linux/stat.h> 33 #include <linux/string.h> 34 #include <linux/quotaops.h> 35 #include <linux/buffer_head.h> 36 #include <linux/bio.h> 37 #include <linux/iversion.h> 38 #include <linux/unicode.h> 39 #include "ext4.h" 40 #include "ext4_jbd2.h" 41 42 #include "xattr.h" 43 #include "acl.h" 44 45 #include <trace/events/ext4.h> 46 /* 47 * define how far ahead to read directories while searching them. 48 */ 49 #define NAMEI_RA_CHUNKS 2 50 #define NAMEI_RA_BLOCKS 4 51 #define NAMEI_RA_SIZE (NAMEI_RA_CHUNKS * NAMEI_RA_BLOCKS) 52 53 static struct buffer_head *ext4_append(handle_t *handle, 54 struct inode *inode, 55 ext4_lblk_t *block) 56 { 57 struct buffer_head *bh; 58 int err; 59 60 if (unlikely(EXT4_SB(inode->i_sb)->s_max_dir_size_kb && 61 ((inode->i_size >> 10) >= 62 EXT4_SB(inode->i_sb)->s_max_dir_size_kb))) 63 return ERR_PTR(-ENOSPC); 64 65 *block = inode->i_size >> inode->i_sb->s_blocksize_bits; 66 67 bh = ext4_bread(handle, inode, *block, EXT4_GET_BLOCKS_CREATE); 68 if (IS_ERR(bh)) 69 return bh; 70 inode->i_size += inode->i_sb->s_blocksize; 71 EXT4_I(inode)->i_disksize = inode->i_size; 72 BUFFER_TRACE(bh, "get_write_access"); 73 err = ext4_journal_get_write_access(handle, inode->i_sb, bh, 74 EXT4_JTR_NONE); 75 if (err) { 76 brelse(bh); 77 ext4_std_error(inode->i_sb, err); 78 return ERR_PTR(err); 79 } 80 return bh; 81 } 82 83 static int ext4_dx_csum_verify(struct inode *inode, 84 struct ext4_dir_entry *dirent); 85 86 /* 87 * Hints to ext4_read_dirblock regarding whether we expect a directory 88 * block being read to be an index block, or a block containing 89 * directory entries (and if the latter, whether it was found via a 90 * logical block in an htree index block). This is used to control 91 * what sort of sanity checkinig ext4_read_dirblock() will do on the 92 * directory block read from the storage device. EITHER will means 93 * the caller doesn't know what kind of directory block will be read, 94 * so no specific verification will be done. 95 */ 96 typedef enum { 97 EITHER, INDEX, DIRENT, DIRENT_HTREE 98 } dirblock_type_t; 99 100 #define ext4_read_dirblock(inode, block, type) \ 101 __ext4_read_dirblock((inode), (block), (type), __func__, __LINE__) 102 103 static struct buffer_head *__ext4_read_dirblock(struct inode *inode, 104 ext4_lblk_t block, 105 dirblock_type_t type, 106 const char *func, 107 unsigned int line) 108 { 109 struct buffer_head *bh; 110 struct ext4_dir_entry *dirent; 111 int is_dx_block = 0; 112 113 if (ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_EIO)) 114 bh = ERR_PTR(-EIO); 115 else 116 bh = ext4_bread(NULL, inode, block, 0); 117 if (IS_ERR(bh)) { 118 __ext4_warning(inode->i_sb, func, line, 119 "inode #%lu: lblock %lu: comm %s: " 120 "error %ld reading directory block", 121 inode->i_ino, (unsigned long)block, 122 current->comm, PTR_ERR(bh)); 123 124 return bh; 125 } 126 if (!bh && (type == INDEX || type == DIRENT_HTREE)) { 127 ext4_error_inode(inode, func, line, block, 128 "Directory hole found for htree %s block", 129 (type == INDEX) ? "index" : "leaf"); 130 return ERR_PTR(-EFSCORRUPTED); 131 } 132 if (!bh) 133 return NULL; 134 dirent = (struct ext4_dir_entry *) bh->b_data; 135 /* Determine whether or not we have an index block */ 136 if (is_dx(inode)) { 137 if (block == 0) 138 is_dx_block = 1; 139 else if (ext4_rec_len_from_disk(dirent->rec_len, 140 inode->i_sb->s_blocksize) == 141 inode->i_sb->s_blocksize) 142 is_dx_block = 1; 143 } 144 if (!is_dx_block && type == INDEX) { 145 ext4_error_inode(inode, func, line, block, 146 "directory leaf block found instead of index block"); 147 brelse(bh); 148 return ERR_PTR(-EFSCORRUPTED); 149 } 150 if (!ext4_has_metadata_csum(inode->i_sb) || 151 buffer_verified(bh)) 152 return bh; 153 154 /* 155 * An empty leaf block can get mistaken for a index block; for 156 * this reason, we can only check the index checksum when the 157 * caller is sure it should be an index block. 158 */ 159 if (is_dx_block && type == INDEX) { 160 if (ext4_dx_csum_verify(inode, dirent) && 161 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 162 set_buffer_verified(bh); 163 else { 164 ext4_error_inode_err(inode, func, line, block, 165 EFSBADCRC, 166 "Directory index failed checksum"); 167 brelse(bh); 168 return ERR_PTR(-EFSBADCRC); 169 } 170 } 171 if (!is_dx_block) { 172 if (ext4_dirblock_csum_verify(inode, bh) && 173 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 174 set_buffer_verified(bh); 175 else { 176 ext4_error_inode_err(inode, func, line, block, 177 EFSBADCRC, 178 "Directory block failed checksum"); 179 brelse(bh); 180 return ERR_PTR(-EFSBADCRC); 181 } 182 } 183 return bh; 184 } 185 186 #ifdef DX_DEBUG 187 #define dxtrace(command) command 188 #else 189 #define dxtrace(command) 190 #endif 191 192 struct fake_dirent 193 { 194 __le32 inode; 195 __le16 rec_len; 196 u8 name_len; 197 u8 file_type; 198 }; 199 200 struct dx_countlimit 201 { 202 __le16 limit; 203 __le16 count; 204 }; 205 206 struct dx_entry 207 { 208 __le32 hash; 209 __le32 block; 210 }; 211 212 /* 213 * dx_root_info is laid out so that if it should somehow get overlaid by a 214 * dirent the two low bits of the hash version will be zero. Therefore, the 215 * hash version mod 4 should never be 0. Sincerely, the paranoia department. 216 */ 217 218 struct dx_root 219 { 220 struct fake_dirent dot; 221 char dot_name[4]; 222 struct fake_dirent dotdot; 223 char dotdot_name[4]; 224 struct dx_root_info 225 { 226 __le32 reserved_zero; 227 u8 hash_version; 228 u8 info_length; /* 8 */ 229 u8 indirect_levels; 230 u8 unused_flags; 231 } 232 info; 233 struct dx_entry entries[]; 234 }; 235 236 struct dx_node 237 { 238 struct fake_dirent fake; 239 struct dx_entry entries[]; 240 }; 241 242 243 struct dx_frame 244 { 245 struct buffer_head *bh; 246 struct dx_entry *entries; 247 struct dx_entry *at; 248 }; 249 250 struct dx_map_entry 251 { 252 u32 hash; 253 u16 offs; 254 u16 size; 255 }; 256 257 /* 258 * This goes at the end of each htree block. 259 */ 260 struct dx_tail { 261 u32 dt_reserved; 262 __le32 dt_checksum; /* crc32c(uuid+inum+dirblock) */ 263 }; 264 265 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry); 266 static void dx_set_block(struct dx_entry *entry, ext4_lblk_t value); 267 static inline unsigned dx_get_hash(struct dx_entry *entry); 268 static void dx_set_hash(struct dx_entry *entry, unsigned value); 269 static unsigned dx_get_count(struct dx_entry *entries); 270 static unsigned dx_get_limit(struct dx_entry *entries); 271 static void dx_set_count(struct dx_entry *entries, unsigned value); 272 static void dx_set_limit(struct dx_entry *entries, unsigned value); 273 static unsigned dx_root_limit(struct inode *dir, unsigned infosize); 274 static unsigned dx_node_limit(struct inode *dir); 275 static struct dx_frame *dx_probe(struct ext4_filename *fname, 276 struct inode *dir, 277 struct dx_hash_info *hinfo, 278 struct dx_frame *frame); 279 static void dx_release(struct dx_frame *frames); 280 static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de, 281 unsigned blocksize, struct dx_hash_info *hinfo, 282 struct dx_map_entry map[]); 283 static void dx_sort_map(struct dx_map_entry *map, unsigned count); 284 static struct ext4_dir_entry_2 *dx_move_dirents(struct inode *dir, char *from, 285 char *to, struct dx_map_entry *offsets, 286 int count, unsigned int blocksize); 287 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 288 unsigned int blocksize); 289 static void dx_insert_block(struct dx_frame *frame, 290 u32 hash, ext4_lblk_t block); 291 static int ext4_htree_next_block(struct inode *dir, __u32 hash, 292 struct dx_frame *frame, 293 struct dx_frame *frames, 294 __u32 *start_hash); 295 static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 296 struct ext4_filename *fname, 297 struct ext4_dir_entry_2 **res_dir); 298 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 299 struct inode *dir, struct inode *inode); 300 301 /* checksumming functions */ 302 void ext4_initialize_dirent_tail(struct buffer_head *bh, 303 unsigned int blocksize) 304 { 305 struct ext4_dir_entry_tail *t = EXT4_DIRENT_TAIL(bh->b_data, blocksize); 306 307 memset(t, 0, sizeof(struct ext4_dir_entry_tail)); 308 t->det_rec_len = ext4_rec_len_to_disk( 309 sizeof(struct ext4_dir_entry_tail), blocksize); 310 t->det_reserved_ft = EXT4_FT_DIR_CSUM; 311 } 312 313 /* Walk through a dirent block to find a checksum "dirent" at the tail */ 314 static struct ext4_dir_entry_tail *get_dirent_tail(struct inode *inode, 315 struct buffer_head *bh) 316 { 317 struct ext4_dir_entry_tail *t; 318 319 #ifdef PARANOID 320 struct ext4_dir_entry *d, *top; 321 322 d = (struct ext4_dir_entry *)bh->b_data; 323 top = (struct ext4_dir_entry *)(bh->b_data + 324 (EXT4_BLOCK_SIZE(inode->i_sb) - 325 sizeof(struct ext4_dir_entry_tail))); 326 while (d < top && d->rec_len) 327 d = (struct ext4_dir_entry *)(((void *)d) + 328 le16_to_cpu(d->rec_len)); 329 330 if (d != top) 331 return NULL; 332 333 t = (struct ext4_dir_entry_tail *)d; 334 #else 335 t = EXT4_DIRENT_TAIL(bh->b_data, EXT4_BLOCK_SIZE(inode->i_sb)); 336 #endif 337 338 if (t->det_reserved_zero1 || 339 le16_to_cpu(t->det_rec_len) != sizeof(struct ext4_dir_entry_tail) || 340 t->det_reserved_zero2 || 341 t->det_reserved_ft != EXT4_FT_DIR_CSUM) 342 return NULL; 343 344 return t; 345 } 346 347 static __le32 ext4_dirblock_csum(struct inode *inode, void *dirent, int size) 348 { 349 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 350 struct ext4_inode_info *ei = EXT4_I(inode); 351 __u32 csum; 352 353 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 354 return cpu_to_le32(csum); 355 } 356 357 #define warn_no_space_for_csum(inode) \ 358 __warn_no_space_for_csum((inode), __func__, __LINE__) 359 360 static void __warn_no_space_for_csum(struct inode *inode, const char *func, 361 unsigned int line) 362 { 363 __ext4_warning_inode(inode, func, line, 364 "No space for directory leaf checksum. Please run e2fsck -D."); 365 } 366 367 int ext4_dirblock_csum_verify(struct inode *inode, struct buffer_head *bh) 368 { 369 struct ext4_dir_entry_tail *t; 370 371 if (!ext4_has_metadata_csum(inode->i_sb)) 372 return 1; 373 374 t = get_dirent_tail(inode, bh); 375 if (!t) { 376 warn_no_space_for_csum(inode); 377 return 0; 378 } 379 380 if (t->det_checksum != ext4_dirblock_csum(inode, bh->b_data, 381 (char *)t - bh->b_data)) 382 return 0; 383 384 return 1; 385 } 386 387 static void ext4_dirblock_csum_set(struct inode *inode, 388 struct buffer_head *bh) 389 { 390 struct ext4_dir_entry_tail *t; 391 392 if (!ext4_has_metadata_csum(inode->i_sb)) 393 return; 394 395 t = get_dirent_tail(inode, bh); 396 if (!t) { 397 warn_no_space_for_csum(inode); 398 return; 399 } 400 401 t->det_checksum = ext4_dirblock_csum(inode, bh->b_data, 402 (char *)t - bh->b_data); 403 } 404 405 int ext4_handle_dirty_dirblock(handle_t *handle, 406 struct inode *inode, 407 struct buffer_head *bh) 408 { 409 ext4_dirblock_csum_set(inode, bh); 410 return ext4_handle_dirty_metadata(handle, inode, bh); 411 } 412 413 static struct dx_countlimit *get_dx_countlimit(struct inode *inode, 414 struct ext4_dir_entry *dirent, 415 int *offset) 416 { 417 struct ext4_dir_entry *dp; 418 struct dx_root_info *root; 419 int count_offset; 420 421 if (le16_to_cpu(dirent->rec_len) == EXT4_BLOCK_SIZE(inode->i_sb)) 422 count_offset = 8; 423 else if (le16_to_cpu(dirent->rec_len) == 12) { 424 dp = (struct ext4_dir_entry *)(((void *)dirent) + 12); 425 if (le16_to_cpu(dp->rec_len) != 426 EXT4_BLOCK_SIZE(inode->i_sb) - 12) 427 return NULL; 428 root = (struct dx_root_info *)(((void *)dp + 12)); 429 if (root->reserved_zero || 430 root->info_length != sizeof(struct dx_root_info)) 431 return NULL; 432 count_offset = 32; 433 } else 434 return NULL; 435 436 if (offset) 437 *offset = count_offset; 438 return (struct dx_countlimit *)(((void *)dirent) + count_offset); 439 } 440 441 static __le32 ext4_dx_csum(struct inode *inode, struct ext4_dir_entry *dirent, 442 int count_offset, int count, struct dx_tail *t) 443 { 444 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 445 struct ext4_inode_info *ei = EXT4_I(inode); 446 __u32 csum; 447 int size; 448 __u32 dummy_csum = 0; 449 int offset = offsetof(struct dx_tail, dt_checksum); 450 451 size = count_offset + (count * sizeof(struct dx_entry)); 452 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 453 csum = ext4_chksum(sbi, csum, (__u8 *)t, offset); 454 csum = ext4_chksum(sbi, csum, (__u8 *)&dummy_csum, sizeof(dummy_csum)); 455 456 return cpu_to_le32(csum); 457 } 458 459 static int ext4_dx_csum_verify(struct inode *inode, 460 struct ext4_dir_entry *dirent) 461 { 462 struct dx_countlimit *c; 463 struct dx_tail *t; 464 int count_offset, limit, count; 465 466 if (!ext4_has_metadata_csum(inode->i_sb)) 467 return 1; 468 469 c = get_dx_countlimit(inode, dirent, &count_offset); 470 if (!c) { 471 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 472 return 0; 473 } 474 limit = le16_to_cpu(c->limit); 475 count = le16_to_cpu(c->count); 476 if (count_offset + (limit * sizeof(struct dx_entry)) > 477 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 478 warn_no_space_for_csum(inode); 479 return 0; 480 } 481 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 482 483 if (t->dt_checksum != ext4_dx_csum(inode, dirent, count_offset, 484 count, t)) 485 return 0; 486 return 1; 487 } 488 489 static void ext4_dx_csum_set(struct inode *inode, struct ext4_dir_entry *dirent) 490 { 491 struct dx_countlimit *c; 492 struct dx_tail *t; 493 int count_offset, limit, count; 494 495 if (!ext4_has_metadata_csum(inode->i_sb)) 496 return; 497 498 c = get_dx_countlimit(inode, dirent, &count_offset); 499 if (!c) { 500 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 501 return; 502 } 503 limit = le16_to_cpu(c->limit); 504 count = le16_to_cpu(c->count); 505 if (count_offset + (limit * sizeof(struct dx_entry)) > 506 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 507 warn_no_space_for_csum(inode); 508 return; 509 } 510 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 511 512 t->dt_checksum = ext4_dx_csum(inode, dirent, count_offset, count, t); 513 } 514 515 static inline int ext4_handle_dirty_dx_node(handle_t *handle, 516 struct inode *inode, 517 struct buffer_head *bh) 518 { 519 ext4_dx_csum_set(inode, (struct ext4_dir_entry *)bh->b_data); 520 return ext4_handle_dirty_metadata(handle, inode, bh); 521 } 522 523 /* 524 * p is at least 6 bytes before the end of page 525 */ 526 static inline struct ext4_dir_entry_2 * 527 ext4_next_entry(struct ext4_dir_entry_2 *p, unsigned long blocksize) 528 { 529 return (struct ext4_dir_entry_2 *)((char *)p + 530 ext4_rec_len_from_disk(p->rec_len, blocksize)); 531 } 532 533 /* 534 * Future: use high four bits of block for coalesce-on-delete flags 535 * Mask them off for now. 536 */ 537 538 static inline ext4_lblk_t dx_get_block(struct dx_entry *entry) 539 { 540 return le32_to_cpu(entry->block) & 0x0fffffff; 541 } 542 543 static inline void dx_set_block(struct dx_entry *entry, ext4_lblk_t value) 544 { 545 entry->block = cpu_to_le32(value); 546 } 547 548 static inline unsigned dx_get_hash(struct dx_entry *entry) 549 { 550 return le32_to_cpu(entry->hash); 551 } 552 553 static inline void dx_set_hash(struct dx_entry *entry, unsigned value) 554 { 555 entry->hash = cpu_to_le32(value); 556 } 557 558 static inline unsigned dx_get_count(struct dx_entry *entries) 559 { 560 return le16_to_cpu(((struct dx_countlimit *) entries)->count); 561 } 562 563 static inline unsigned dx_get_limit(struct dx_entry *entries) 564 { 565 return le16_to_cpu(((struct dx_countlimit *) entries)->limit); 566 } 567 568 static inline void dx_set_count(struct dx_entry *entries, unsigned value) 569 { 570 ((struct dx_countlimit *) entries)->count = cpu_to_le16(value); 571 } 572 573 static inline void dx_set_limit(struct dx_entry *entries, unsigned value) 574 { 575 ((struct dx_countlimit *) entries)->limit = cpu_to_le16(value); 576 } 577 578 static inline unsigned dx_root_limit(struct inode *dir, unsigned infosize) 579 { 580 unsigned int entry_space = dir->i_sb->s_blocksize - 581 ext4_dir_rec_len(1, NULL) - 582 ext4_dir_rec_len(2, NULL) - infosize; 583 584 if (ext4_has_metadata_csum(dir->i_sb)) 585 entry_space -= sizeof(struct dx_tail); 586 return entry_space / sizeof(struct dx_entry); 587 } 588 589 static inline unsigned dx_node_limit(struct inode *dir) 590 { 591 unsigned int entry_space = dir->i_sb->s_blocksize - 592 ext4_dir_rec_len(0, dir); 593 594 if (ext4_has_metadata_csum(dir->i_sb)) 595 entry_space -= sizeof(struct dx_tail); 596 return entry_space / sizeof(struct dx_entry); 597 } 598 599 /* 600 * Debug 601 */ 602 #ifdef DX_DEBUG 603 static void dx_show_index(char * label, struct dx_entry *entries) 604 { 605 int i, n = dx_get_count (entries); 606 printk(KERN_DEBUG "%s index", label); 607 for (i = 0; i < n; i++) { 608 printk(KERN_CONT " %x->%lu", 609 i ? dx_get_hash(entries + i) : 0, 610 (unsigned long)dx_get_block(entries + i)); 611 } 612 printk(KERN_CONT "\n"); 613 } 614 615 struct stats 616 { 617 unsigned names; 618 unsigned space; 619 unsigned bcount; 620 }; 621 622 static struct stats dx_show_leaf(struct inode *dir, 623 struct dx_hash_info *hinfo, 624 struct ext4_dir_entry_2 *de, 625 int size, int show_names) 626 { 627 unsigned names = 0, space = 0; 628 char *base = (char *) de; 629 struct dx_hash_info h = *hinfo; 630 631 printk("names: "); 632 while ((char *) de < base + size) 633 { 634 if (de->inode) 635 { 636 if (show_names) 637 { 638 #ifdef CONFIG_FS_ENCRYPTION 639 int len; 640 char *name; 641 struct fscrypt_str fname_crypto_str = 642 FSTR_INIT(NULL, 0); 643 int res = 0; 644 645 name = de->name; 646 len = de->name_len; 647 if (!IS_ENCRYPTED(dir)) { 648 /* Directory is not encrypted */ 649 ext4fs_dirhash(dir, de->name, 650 de->name_len, &h); 651 printk("%*.s:(U)%x.%u ", len, 652 name, h.hash, 653 (unsigned) ((char *) de 654 - base)); 655 } else { 656 struct fscrypt_str de_name = 657 FSTR_INIT(name, len); 658 659 /* Directory is encrypted */ 660 res = fscrypt_fname_alloc_buffer( 661 len, &fname_crypto_str); 662 if (res) 663 printk(KERN_WARNING "Error " 664 "allocating crypto " 665 "buffer--skipping " 666 "crypto\n"); 667 res = fscrypt_fname_disk_to_usr(dir, 668 0, 0, &de_name, 669 &fname_crypto_str); 670 if (res) { 671 printk(KERN_WARNING "Error " 672 "converting filename " 673 "from disk to usr" 674 "\n"); 675 name = "??"; 676 len = 2; 677 } else { 678 name = fname_crypto_str.name; 679 len = fname_crypto_str.len; 680 } 681 if (IS_CASEFOLDED(dir)) 682 h.hash = EXT4_DIRENT_HASH(de); 683 else 684 ext4fs_dirhash(dir, de->name, 685 de->name_len, &h); 686 printk("%*.s:(E)%x.%u ", len, name, 687 h.hash, (unsigned) ((char *) de 688 - base)); 689 fscrypt_fname_free_buffer( 690 &fname_crypto_str); 691 } 692 #else 693 int len = de->name_len; 694 char *name = de->name; 695 ext4fs_dirhash(dir, de->name, de->name_len, &h); 696 printk("%*.s:%x.%u ", len, name, h.hash, 697 (unsigned) ((char *) de - base)); 698 #endif 699 } 700 space += ext4_dir_rec_len(de->name_len, dir); 701 names++; 702 } 703 de = ext4_next_entry(de, size); 704 } 705 printk(KERN_CONT "(%i)\n", names); 706 return (struct stats) { names, space, 1 }; 707 } 708 709 struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir, 710 struct dx_entry *entries, int levels) 711 { 712 unsigned blocksize = dir->i_sb->s_blocksize; 713 unsigned count = dx_get_count(entries), names = 0, space = 0, i; 714 unsigned bcount = 0; 715 struct buffer_head *bh; 716 printk("%i indexed blocks...\n", count); 717 for (i = 0; i < count; i++, entries++) 718 { 719 ext4_lblk_t block = dx_get_block(entries); 720 ext4_lblk_t hash = i ? dx_get_hash(entries): 0; 721 u32 range = i < count - 1? (dx_get_hash(entries + 1) - hash): ~hash; 722 struct stats stats; 723 printk("%s%3u:%03u hash %8x/%8x ",levels?"":" ", i, block, hash, range); 724 bh = ext4_bread(NULL,dir, block, 0); 725 if (!bh || IS_ERR(bh)) 726 continue; 727 stats = levels? 728 dx_show_entries(hinfo, dir, ((struct dx_node *) bh->b_data)->entries, levels - 1): 729 dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) 730 bh->b_data, blocksize, 0); 731 names += stats.names; 732 space += stats.space; 733 bcount += stats.bcount; 734 brelse(bh); 735 } 736 if (bcount) 737 printk(KERN_DEBUG "%snames %u, fullness %u (%u%%)\n", 738 levels ? "" : " ", names, space/bcount, 739 (space/bcount)*100/blocksize); 740 return (struct stats) { names, space, bcount}; 741 } 742 743 /* 744 * Linear search cross check 745 */ 746 static inline void htree_rep_invariant_check(struct dx_entry *at, 747 struct dx_entry *target, 748 u32 hash, unsigned int n) 749 { 750 while (n--) { 751 dxtrace(printk(KERN_CONT ",")); 752 if (dx_get_hash(++at) > hash) { 753 at--; 754 break; 755 } 756 } 757 ASSERT(at == target - 1); 758 } 759 #else /* DX_DEBUG */ 760 static inline void htree_rep_invariant_check(struct dx_entry *at, 761 struct dx_entry *target, 762 u32 hash, unsigned int n) 763 { 764 } 765 #endif /* DX_DEBUG */ 766 767 /* 768 * Probe for a directory leaf block to search. 769 * 770 * dx_probe can return ERR_BAD_DX_DIR, which means there was a format 771 * error in the directory index, and the caller should fall back to 772 * searching the directory normally. The callers of dx_probe **MUST** 773 * check for this error code, and make sure it never gets reflected 774 * back to userspace. 775 */ 776 static struct dx_frame * 777 dx_probe(struct ext4_filename *fname, struct inode *dir, 778 struct dx_hash_info *hinfo, struct dx_frame *frame_in) 779 { 780 unsigned count, indirect; 781 struct dx_entry *at, *entries, *p, *q, *m; 782 struct dx_root *root; 783 struct dx_frame *frame = frame_in; 784 struct dx_frame *ret_err = ERR_PTR(ERR_BAD_DX_DIR); 785 u32 hash; 786 787 memset(frame_in, 0, EXT4_HTREE_LEVEL * sizeof(frame_in[0])); 788 frame->bh = ext4_read_dirblock(dir, 0, INDEX); 789 if (IS_ERR(frame->bh)) 790 return (struct dx_frame *) frame->bh; 791 792 root = (struct dx_root *) frame->bh->b_data; 793 if (root->info.hash_version != DX_HASH_TEA && 794 root->info.hash_version != DX_HASH_HALF_MD4 && 795 root->info.hash_version != DX_HASH_LEGACY && 796 root->info.hash_version != DX_HASH_SIPHASH) { 797 ext4_warning_inode(dir, "Unrecognised inode hash code %u", 798 root->info.hash_version); 799 goto fail; 800 } 801 if (ext4_hash_in_dirent(dir)) { 802 if (root->info.hash_version != DX_HASH_SIPHASH) { 803 ext4_warning_inode(dir, 804 "Hash in dirent, but hash is not SIPHASH"); 805 goto fail; 806 } 807 } else { 808 if (root->info.hash_version == DX_HASH_SIPHASH) { 809 ext4_warning_inode(dir, 810 "Hash code is SIPHASH, but hash not in dirent"); 811 goto fail; 812 } 813 } 814 if (fname) 815 hinfo = &fname->hinfo; 816 hinfo->hash_version = root->info.hash_version; 817 if (hinfo->hash_version <= DX_HASH_TEA) 818 hinfo->hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 819 hinfo->seed = EXT4_SB(dir->i_sb)->s_hash_seed; 820 /* hash is already computed for encrypted casefolded directory */ 821 if (fname && fname_name(fname) && 822 !(IS_ENCRYPTED(dir) && IS_CASEFOLDED(dir))) 823 ext4fs_dirhash(dir, fname_name(fname), fname_len(fname), hinfo); 824 hash = hinfo->hash; 825 826 if (root->info.unused_flags & 1) { 827 ext4_warning_inode(dir, "Unimplemented hash flags: %#06x", 828 root->info.unused_flags); 829 goto fail; 830 } 831 832 indirect = root->info.indirect_levels; 833 if (indirect >= ext4_dir_htree_level(dir->i_sb)) { 834 ext4_warning(dir->i_sb, 835 "Directory (ino: %lu) htree depth %#06x exceed" 836 "supported value", dir->i_ino, 837 ext4_dir_htree_level(dir->i_sb)); 838 if (ext4_dir_htree_level(dir->i_sb) < EXT4_HTREE_LEVEL) { 839 ext4_warning(dir->i_sb, "Enable large directory " 840 "feature to access it"); 841 } 842 goto fail; 843 } 844 845 entries = (struct dx_entry *)(((char *)&root->info) + 846 root->info.info_length); 847 848 if (dx_get_limit(entries) != dx_root_limit(dir, 849 root->info.info_length)) { 850 ext4_warning_inode(dir, "dx entry: limit %u != root limit %u", 851 dx_get_limit(entries), 852 dx_root_limit(dir, root->info.info_length)); 853 goto fail; 854 } 855 856 dxtrace(printk("Look up %x", hash)); 857 while (1) { 858 count = dx_get_count(entries); 859 if (!count || count > dx_get_limit(entries)) { 860 ext4_warning_inode(dir, 861 "dx entry: count %u beyond limit %u", 862 count, dx_get_limit(entries)); 863 goto fail; 864 } 865 866 p = entries + 1; 867 q = entries + count - 1; 868 while (p <= q) { 869 m = p + (q - p) / 2; 870 dxtrace(printk(KERN_CONT ".")); 871 if (dx_get_hash(m) > hash) 872 q = m - 1; 873 else 874 p = m + 1; 875 } 876 877 htree_rep_invariant_check(entries, p, hash, count - 1); 878 879 at = p - 1; 880 dxtrace(printk(KERN_CONT " %x->%u\n", 881 at == entries ? 0 : dx_get_hash(at), 882 dx_get_block(at))); 883 frame->entries = entries; 884 frame->at = at; 885 if (!indirect--) 886 return frame; 887 frame++; 888 frame->bh = ext4_read_dirblock(dir, dx_get_block(at), INDEX); 889 if (IS_ERR(frame->bh)) { 890 ret_err = (struct dx_frame *) frame->bh; 891 frame->bh = NULL; 892 goto fail; 893 } 894 entries = ((struct dx_node *) frame->bh->b_data)->entries; 895 896 if (dx_get_limit(entries) != dx_node_limit(dir)) { 897 ext4_warning_inode(dir, 898 "dx entry: limit %u != node limit %u", 899 dx_get_limit(entries), dx_node_limit(dir)); 900 goto fail; 901 } 902 } 903 fail: 904 while (frame >= frame_in) { 905 brelse(frame->bh); 906 frame--; 907 } 908 909 if (ret_err == ERR_PTR(ERR_BAD_DX_DIR)) 910 ext4_warning_inode(dir, 911 "Corrupt directory, running e2fsck is recommended"); 912 return ret_err; 913 } 914 915 static void dx_release(struct dx_frame *frames) 916 { 917 struct dx_root_info *info; 918 int i; 919 unsigned int indirect_levels; 920 921 if (frames[0].bh == NULL) 922 return; 923 924 info = &((struct dx_root *)frames[0].bh->b_data)->info; 925 /* save local copy, "info" may be freed after brelse() */ 926 indirect_levels = info->indirect_levels; 927 for (i = 0; i <= indirect_levels; i++) { 928 if (frames[i].bh == NULL) 929 break; 930 brelse(frames[i].bh); 931 frames[i].bh = NULL; 932 } 933 } 934 935 /* 936 * This function increments the frame pointer to search the next leaf 937 * block, and reads in the necessary intervening nodes if the search 938 * should be necessary. Whether or not the search is necessary is 939 * controlled by the hash parameter. If the hash value is even, then 940 * the search is only continued if the next block starts with that 941 * hash value. This is used if we are searching for a specific file. 942 * 943 * If the hash value is HASH_NB_ALWAYS, then always go to the next block. 944 * 945 * This function returns 1 if the caller should continue to search, 946 * or 0 if it should not. If there is an error reading one of the 947 * index blocks, it will a negative error code. 948 * 949 * If start_hash is non-null, it will be filled in with the starting 950 * hash of the next page. 951 */ 952 static int ext4_htree_next_block(struct inode *dir, __u32 hash, 953 struct dx_frame *frame, 954 struct dx_frame *frames, 955 __u32 *start_hash) 956 { 957 struct dx_frame *p; 958 struct buffer_head *bh; 959 int num_frames = 0; 960 __u32 bhash; 961 962 p = frame; 963 /* 964 * Find the next leaf page by incrementing the frame pointer. 965 * If we run out of entries in the interior node, loop around and 966 * increment pointer in the parent node. When we break out of 967 * this loop, num_frames indicates the number of interior 968 * nodes need to be read. 969 */ 970 while (1) { 971 if (++(p->at) < p->entries + dx_get_count(p->entries)) 972 break; 973 if (p == frames) 974 return 0; 975 num_frames++; 976 p--; 977 } 978 979 /* 980 * If the hash is 1, then continue only if the next page has a 981 * continuation hash of any value. This is used for readdir 982 * handling. Otherwise, check to see if the hash matches the 983 * desired continuation hash. If it doesn't, return since 984 * there's no point to read in the successive index pages. 985 */ 986 bhash = dx_get_hash(p->at); 987 if (start_hash) 988 *start_hash = bhash; 989 if ((hash & 1) == 0) { 990 if ((bhash & ~1) != hash) 991 return 0; 992 } 993 /* 994 * If the hash is HASH_NB_ALWAYS, we always go to the next 995 * block so no check is necessary 996 */ 997 while (num_frames--) { 998 bh = ext4_read_dirblock(dir, dx_get_block(p->at), INDEX); 999 if (IS_ERR(bh)) 1000 return PTR_ERR(bh); 1001 p++; 1002 brelse(p->bh); 1003 p->bh = bh; 1004 p->at = p->entries = ((struct dx_node *) bh->b_data)->entries; 1005 } 1006 return 1; 1007 } 1008 1009 1010 /* 1011 * This function fills a red-black tree with information from a 1012 * directory block. It returns the number directory entries loaded 1013 * into the tree. If there is an error it is returned in err. 1014 */ 1015 static int htree_dirblock_to_tree(struct file *dir_file, 1016 struct inode *dir, ext4_lblk_t block, 1017 struct dx_hash_info *hinfo, 1018 __u32 start_hash, __u32 start_minor_hash) 1019 { 1020 struct buffer_head *bh; 1021 struct ext4_dir_entry_2 *de, *top; 1022 int err = 0, count = 0; 1023 struct fscrypt_str fname_crypto_str = FSTR_INIT(NULL, 0), tmp_str; 1024 int csum = ext4_has_metadata_csum(dir->i_sb); 1025 1026 dxtrace(printk(KERN_INFO "In htree dirblock_to_tree: block %lu\n", 1027 (unsigned long)block)); 1028 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1029 if (IS_ERR(bh)) 1030 return PTR_ERR(bh); 1031 1032 de = (struct ext4_dir_entry_2 *) bh->b_data; 1033 /* csum entries are not larger in the casefolded encrypted case */ 1034 top = (struct ext4_dir_entry_2 *) ((char *) de + 1035 dir->i_sb->s_blocksize - 1036 ext4_dir_rec_len(0, 1037 csum ? NULL : dir)); 1038 /* Check if the directory is encrypted */ 1039 if (IS_ENCRYPTED(dir)) { 1040 err = fscrypt_prepare_readdir(dir); 1041 if (err < 0) { 1042 brelse(bh); 1043 return err; 1044 } 1045 err = fscrypt_fname_alloc_buffer(EXT4_NAME_LEN, 1046 &fname_crypto_str); 1047 if (err < 0) { 1048 brelse(bh); 1049 return err; 1050 } 1051 } 1052 1053 for (; de < top; de = ext4_next_entry(de, dir->i_sb->s_blocksize)) { 1054 if (ext4_check_dir_entry(dir, NULL, de, bh, 1055 bh->b_data, bh->b_size, 1056 (block<<EXT4_BLOCK_SIZE_BITS(dir->i_sb)) 1057 + ((char *)de - bh->b_data))) { 1058 /* silently ignore the rest of the block */ 1059 break; 1060 } 1061 if (ext4_hash_in_dirent(dir)) { 1062 if (de->name_len && de->inode) { 1063 hinfo->hash = EXT4_DIRENT_HASH(de); 1064 hinfo->minor_hash = EXT4_DIRENT_MINOR_HASH(de); 1065 } else { 1066 hinfo->hash = 0; 1067 hinfo->minor_hash = 0; 1068 } 1069 } else { 1070 ext4fs_dirhash(dir, de->name, de->name_len, hinfo); 1071 } 1072 if ((hinfo->hash < start_hash) || 1073 ((hinfo->hash == start_hash) && 1074 (hinfo->minor_hash < start_minor_hash))) 1075 continue; 1076 if (de->inode == 0) 1077 continue; 1078 if (!IS_ENCRYPTED(dir)) { 1079 tmp_str.name = de->name; 1080 tmp_str.len = de->name_len; 1081 err = ext4_htree_store_dirent(dir_file, 1082 hinfo->hash, hinfo->minor_hash, de, 1083 &tmp_str); 1084 } else { 1085 int save_len = fname_crypto_str.len; 1086 struct fscrypt_str de_name = FSTR_INIT(de->name, 1087 de->name_len); 1088 1089 /* Directory is encrypted */ 1090 err = fscrypt_fname_disk_to_usr(dir, hinfo->hash, 1091 hinfo->minor_hash, &de_name, 1092 &fname_crypto_str); 1093 if (err) { 1094 count = err; 1095 goto errout; 1096 } 1097 err = ext4_htree_store_dirent(dir_file, 1098 hinfo->hash, hinfo->minor_hash, de, 1099 &fname_crypto_str); 1100 fname_crypto_str.len = save_len; 1101 } 1102 if (err != 0) { 1103 count = err; 1104 goto errout; 1105 } 1106 count++; 1107 } 1108 errout: 1109 brelse(bh); 1110 fscrypt_fname_free_buffer(&fname_crypto_str); 1111 return count; 1112 } 1113 1114 1115 /* 1116 * This function fills a red-black tree with information from a 1117 * directory. We start scanning the directory in hash order, starting 1118 * at start_hash and start_minor_hash. 1119 * 1120 * This function returns the number of entries inserted into the tree, 1121 * or a negative error code. 1122 */ 1123 int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash, 1124 __u32 start_minor_hash, __u32 *next_hash) 1125 { 1126 struct dx_hash_info hinfo; 1127 struct ext4_dir_entry_2 *de; 1128 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1129 struct inode *dir; 1130 ext4_lblk_t block; 1131 int count = 0; 1132 int ret, err; 1133 __u32 hashval; 1134 struct fscrypt_str tmp_str; 1135 1136 dxtrace(printk(KERN_DEBUG "In htree_fill_tree, start hash: %x:%x\n", 1137 start_hash, start_minor_hash)); 1138 dir = file_inode(dir_file); 1139 if (!(ext4_test_inode_flag(dir, EXT4_INODE_INDEX))) { 1140 if (ext4_hash_in_dirent(dir)) 1141 hinfo.hash_version = DX_HASH_SIPHASH; 1142 else 1143 hinfo.hash_version = 1144 EXT4_SB(dir->i_sb)->s_def_hash_version; 1145 if (hinfo.hash_version <= DX_HASH_TEA) 1146 hinfo.hash_version += 1147 EXT4_SB(dir->i_sb)->s_hash_unsigned; 1148 hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 1149 if (ext4_has_inline_data(dir)) { 1150 int has_inline_data = 1; 1151 count = ext4_inlinedir_to_tree(dir_file, dir, 0, 1152 &hinfo, start_hash, 1153 start_minor_hash, 1154 &has_inline_data); 1155 if (has_inline_data) { 1156 *next_hash = ~0; 1157 return count; 1158 } 1159 } 1160 count = htree_dirblock_to_tree(dir_file, dir, 0, &hinfo, 1161 start_hash, start_minor_hash); 1162 *next_hash = ~0; 1163 return count; 1164 } 1165 hinfo.hash = start_hash; 1166 hinfo.minor_hash = 0; 1167 frame = dx_probe(NULL, dir, &hinfo, frames); 1168 if (IS_ERR(frame)) 1169 return PTR_ERR(frame); 1170 1171 /* Add '.' and '..' from the htree header */ 1172 if (!start_hash && !start_minor_hash) { 1173 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1174 tmp_str.name = de->name; 1175 tmp_str.len = de->name_len; 1176 err = ext4_htree_store_dirent(dir_file, 0, 0, 1177 de, &tmp_str); 1178 if (err != 0) 1179 goto errout; 1180 count++; 1181 } 1182 if (start_hash < 2 || (start_hash ==2 && start_minor_hash==0)) { 1183 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1184 de = ext4_next_entry(de, dir->i_sb->s_blocksize); 1185 tmp_str.name = de->name; 1186 tmp_str.len = de->name_len; 1187 err = ext4_htree_store_dirent(dir_file, 2, 0, 1188 de, &tmp_str); 1189 if (err != 0) 1190 goto errout; 1191 count++; 1192 } 1193 1194 while (1) { 1195 if (fatal_signal_pending(current)) { 1196 err = -ERESTARTSYS; 1197 goto errout; 1198 } 1199 cond_resched(); 1200 block = dx_get_block(frame->at); 1201 ret = htree_dirblock_to_tree(dir_file, dir, block, &hinfo, 1202 start_hash, start_minor_hash); 1203 if (ret < 0) { 1204 err = ret; 1205 goto errout; 1206 } 1207 count += ret; 1208 hashval = ~0; 1209 ret = ext4_htree_next_block(dir, HASH_NB_ALWAYS, 1210 frame, frames, &hashval); 1211 *next_hash = hashval; 1212 if (ret < 0) { 1213 err = ret; 1214 goto errout; 1215 } 1216 /* 1217 * Stop if: (a) there are no more entries, or 1218 * (b) we have inserted at least one entry and the 1219 * next hash value is not a continuation 1220 */ 1221 if ((ret == 0) || 1222 (count && ((hashval & 1) == 0))) 1223 break; 1224 } 1225 dx_release(frames); 1226 dxtrace(printk(KERN_DEBUG "Fill tree: returned %d entries, " 1227 "next hash: %x\n", count, *next_hash)); 1228 return count; 1229 errout: 1230 dx_release(frames); 1231 return (err); 1232 } 1233 1234 static inline int search_dirblock(struct buffer_head *bh, 1235 struct inode *dir, 1236 struct ext4_filename *fname, 1237 unsigned int offset, 1238 struct ext4_dir_entry_2 **res_dir) 1239 { 1240 return ext4_search_dir(bh, bh->b_data, dir->i_sb->s_blocksize, dir, 1241 fname, offset, res_dir); 1242 } 1243 1244 /* 1245 * Directory block splitting, compacting 1246 */ 1247 1248 /* 1249 * Create map of hash values, offsets, and sizes, stored at end of block. 1250 * Returns number of entries mapped. 1251 */ 1252 static int dx_make_map(struct inode *dir, struct ext4_dir_entry_2 *de, 1253 unsigned blocksize, struct dx_hash_info *hinfo, 1254 struct dx_map_entry *map_tail) 1255 { 1256 int count = 0; 1257 char *base = (char *) de; 1258 struct dx_hash_info h = *hinfo; 1259 1260 while ((char *) de < base + blocksize) { 1261 if (de->name_len && de->inode) { 1262 if (ext4_hash_in_dirent(dir)) 1263 h.hash = EXT4_DIRENT_HASH(de); 1264 else 1265 ext4fs_dirhash(dir, de->name, de->name_len, &h); 1266 map_tail--; 1267 map_tail->hash = h.hash; 1268 map_tail->offs = ((char *) de - base)>>2; 1269 map_tail->size = le16_to_cpu(de->rec_len); 1270 count++; 1271 cond_resched(); 1272 } 1273 /* XXX: do we need to check rec_len == 0 case? -Chris */ 1274 de = ext4_next_entry(de, blocksize); 1275 } 1276 return count; 1277 } 1278 1279 /* Sort map by hash value */ 1280 static void dx_sort_map (struct dx_map_entry *map, unsigned count) 1281 { 1282 struct dx_map_entry *p, *q, *top = map + count - 1; 1283 int more; 1284 /* Combsort until bubble sort doesn't suck */ 1285 while (count > 2) { 1286 count = count*10/13; 1287 if (count - 9 < 2) /* 9, 10 -> 11 */ 1288 count = 11; 1289 for (p = top, q = p - count; q >= map; p--, q--) 1290 if (p->hash < q->hash) 1291 swap(*p, *q); 1292 } 1293 /* Garden variety bubble sort */ 1294 do { 1295 more = 0; 1296 q = top; 1297 while (q-- > map) { 1298 if (q[1].hash >= q[0].hash) 1299 continue; 1300 swap(*(q+1), *q); 1301 more = 1; 1302 } 1303 } while(more); 1304 } 1305 1306 static void dx_insert_block(struct dx_frame *frame, u32 hash, ext4_lblk_t block) 1307 { 1308 struct dx_entry *entries = frame->entries; 1309 struct dx_entry *old = frame->at, *new = old + 1; 1310 int count = dx_get_count(entries); 1311 1312 ASSERT(count < dx_get_limit(entries)); 1313 ASSERT(old < entries + count); 1314 memmove(new + 1, new, (char *)(entries + count) - (char *)(new)); 1315 dx_set_hash(new, hash); 1316 dx_set_block(new, block); 1317 dx_set_count(entries, count + 1); 1318 } 1319 1320 #if IS_ENABLED(CONFIG_UNICODE) 1321 /* 1322 * Test whether a case-insensitive directory entry matches the filename 1323 * being searched for. If quick is set, assume the name being looked up 1324 * is already in the casefolded form. 1325 * 1326 * Returns: 0 if the directory entry matches, more than 0 if it 1327 * doesn't match or less than zero on error. 1328 */ 1329 static int ext4_ci_compare(const struct inode *parent, const struct qstr *name, 1330 u8 *de_name, size_t de_name_len, bool quick) 1331 { 1332 const struct super_block *sb = parent->i_sb; 1333 const struct unicode_map *um = sb->s_encoding; 1334 struct fscrypt_str decrypted_name = FSTR_INIT(NULL, de_name_len); 1335 struct qstr entry = QSTR_INIT(de_name, de_name_len); 1336 int ret; 1337 1338 if (IS_ENCRYPTED(parent)) { 1339 const struct fscrypt_str encrypted_name = 1340 FSTR_INIT(de_name, de_name_len); 1341 1342 decrypted_name.name = kmalloc(de_name_len, GFP_KERNEL); 1343 if (!decrypted_name.name) 1344 return -ENOMEM; 1345 ret = fscrypt_fname_disk_to_usr(parent, 0, 0, &encrypted_name, 1346 &decrypted_name); 1347 if (ret < 0) 1348 goto out; 1349 entry.name = decrypted_name.name; 1350 entry.len = decrypted_name.len; 1351 } 1352 1353 if (quick) 1354 ret = utf8_strncasecmp_folded(um, name, &entry); 1355 else 1356 ret = utf8_strncasecmp(um, name, &entry); 1357 if (ret < 0) { 1358 /* Handle invalid character sequence as either an error 1359 * or as an opaque byte sequence. 1360 */ 1361 if (sb_has_strict_encoding(sb)) 1362 ret = -EINVAL; 1363 else if (name->len != entry.len) 1364 ret = 1; 1365 else 1366 ret = !!memcmp(name->name, entry.name, entry.len); 1367 } 1368 out: 1369 kfree(decrypted_name.name); 1370 return ret; 1371 } 1372 1373 int ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname, 1374 struct ext4_filename *name) 1375 { 1376 struct fscrypt_str *cf_name = &name->cf_name; 1377 struct dx_hash_info *hinfo = &name->hinfo; 1378 int len; 1379 1380 if (!IS_CASEFOLDED(dir) || !dir->i_sb->s_encoding || 1381 (IS_ENCRYPTED(dir) && !fscrypt_has_encryption_key(dir))) { 1382 cf_name->name = NULL; 1383 return 0; 1384 } 1385 1386 cf_name->name = kmalloc(EXT4_NAME_LEN, GFP_NOFS); 1387 if (!cf_name->name) 1388 return -ENOMEM; 1389 1390 len = utf8_casefold(dir->i_sb->s_encoding, 1391 iname, cf_name->name, 1392 EXT4_NAME_LEN); 1393 if (len <= 0) { 1394 kfree(cf_name->name); 1395 cf_name->name = NULL; 1396 } 1397 cf_name->len = (unsigned) len; 1398 if (!IS_ENCRYPTED(dir)) 1399 return 0; 1400 1401 hinfo->hash_version = DX_HASH_SIPHASH; 1402 hinfo->seed = NULL; 1403 if (cf_name->name) 1404 ext4fs_dirhash(dir, cf_name->name, cf_name->len, hinfo); 1405 else 1406 ext4fs_dirhash(dir, iname->name, iname->len, hinfo); 1407 return 0; 1408 } 1409 #endif 1410 1411 /* 1412 * Test whether a directory entry matches the filename being searched for. 1413 * 1414 * Return: %true if the directory entry matches, otherwise %false. 1415 */ 1416 static bool ext4_match(struct inode *parent, 1417 const struct ext4_filename *fname, 1418 struct ext4_dir_entry_2 *de) 1419 { 1420 struct fscrypt_name f; 1421 1422 if (!de->inode) 1423 return false; 1424 1425 f.usr_fname = fname->usr_fname; 1426 f.disk_name = fname->disk_name; 1427 #ifdef CONFIG_FS_ENCRYPTION 1428 f.crypto_buf = fname->crypto_buf; 1429 #endif 1430 1431 #if IS_ENABLED(CONFIG_UNICODE) 1432 if (parent->i_sb->s_encoding && IS_CASEFOLDED(parent) && 1433 (!IS_ENCRYPTED(parent) || fscrypt_has_encryption_key(parent))) { 1434 if (fname->cf_name.name) { 1435 struct qstr cf = {.name = fname->cf_name.name, 1436 .len = fname->cf_name.len}; 1437 if (IS_ENCRYPTED(parent)) { 1438 if (fname->hinfo.hash != EXT4_DIRENT_HASH(de) || 1439 fname->hinfo.minor_hash != 1440 EXT4_DIRENT_MINOR_HASH(de)) { 1441 1442 return false; 1443 } 1444 } 1445 return !ext4_ci_compare(parent, &cf, de->name, 1446 de->name_len, true); 1447 } 1448 return !ext4_ci_compare(parent, fname->usr_fname, de->name, 1449 de->name_len, false); 1450 } 1451 #endif 1452 1453 return fscrypt_match_name(&f, de->name, de->name_len); 1454 } 1455 1456 /* 1457 * Returns 0 if not found, -1 on failure, and 1 on success 1458 */ 1459 int ext4_search_dir(struct buffer_head *bh, char *search_buf, int buf_size, 1460 struct inode *dir, struct ext4_filename *fname, 1461 unsigned int offset, struct ext4_dir_entry_2 **res_dir) 1462 { 1463 struct ext4_dir_entry_2 * de; 1464 char * dlimit; 1465 int de_len; 1466 1467 de = (struct ext4_dir_entry_2 *)search_buf; 1468 dlimit = search_buf + buf_size; 1469 while ((char *) de < dlimit) { 1470 /* this code is executed quadratically often */ 1471 /* do minimal checking `by hand' */ 1472 if ((char *) de + de->name_len <= dlimit && 1473 ext4_match(dir, fname, de)) { 1474 /* found a match - just to be sure, do 1475 * a full check */ 1476 if (ext4_check_dir_entry(dir, NULL, de, bh, search_buf, 1477 buf_size, offset)) 1478 return -1; 1479 *res_dir = de; 1480 return 1; 1481 } 1482 /* prevent looping on a bad block */ 1483 de_len = ext4_rec_len_from_disk(de->rec_len, 1484 dir->i_sb->s_blocksize); 1485 if (de_len <= 0) 1486 return -1; 1487 offset += de_len; 1488 de = (struct ext4_dir_entry_2 *) ((char *) de + de_len); 1489 } 1490 return 0; 1491 } 1492 1493 static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block, 1494 struct ext4_dir_entry *de) 1495 { 1496 struct super_block *sb = dir->i_sb; 1497 1498 if (!is_dx(dir)) 1499 return 0; 1500 if (block == 0) 1501 return 1; 1502 if (de->inode == 0 && 1503 ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize) == 1504 sb->s_blocksize) 1505 return 1; 1506 return 0; 1507 } 1508 1509 /* 1510 * __ext4_find_entry() 1511 * 1512 * finds an entry in the specified directory with the wanted name. It 1513 * returns the cache buffer in which the entry was found, and the entry 1514 * itself (as a parameter - res_dir). It does NOT read the inode of the 1515 * entry - you'll have to do that yourself if you want to. 1516 * 1517 * The returned buffer_head has ->b_count elevated. The caller is expected 1518 * to brelse() it when appropriate. 1519 */ 1520 static struct buffer_head *__ext4_find_entry(struct inode *dir, 1521 struct ext4_filename *fname, 1522 struct ext4_dir_entry_2 **res_dir, 1523 int *inlined) 1524 { 1525 struct super_block *sb; 1526 struct buffer_head *bh_use[NAMEI_RA_SIZE]; 1527 struct buffer_head *bh, *ret = NULL; 1528 ext4_lblk_t start, block; 1529 const u8 *name = fname->usr_fname->name; 1530 size_t ra_max = 0; /* Number of bh's in the readahead 1531 buffer, bh_use[] */ 1532 size_t ra_ptr = 0; /* Current index into readahead 1533 buffer */ 1534 ext4_lblk_t nblocks; 1535 int i, namelen, retval; 1536 1537 *res_dir = NULL; 1538 sb = dir->i_sb; 1539 namelen = fname->usr_fname->len; 1540 if (namelen > EXT4_NAME_LEN) 1541 return NULL; 1542 1543 if (ext4_has_inline_data(dir)) { 1544 int has_inline_data = 1; 1545 ret = ext4_find_inline_entry(dir, fname, res_dir, 1546 &has_inline_data); 1547 if (has_inline_data) { 1548 if (inlined) 1549 *inlined = 1; 1550 goto cleanup_and_exit; 1551 } 1552 } 1553 1554 if ((namelen <= 2) && (name[0] == '.') && 1555 (name[1] == '.' || name[1] == '\0')) { 1556 /* 1557 * "." or ".." will only be in the first block 1558 * NFS may look up ".."; "." should be handled by the VFS 1559 */ 1560 block = start = 0; 1561 nblocks = 1; 1562 goto restart; 1563 } 1564 if (is_dx(dir)) { 1565 ret = ext4_dx_find_entry(dir, fname, res_dir); 1566 /* 1567 * On success, or if the error was file not found, 1568 * return. Otherwise, fall back to doing a search the 1569 * old fashioned way. 1570 */ 1571 if (!IS_ERR(ret) || PTR_ERR(ret) != ERR_BAD_DX_DIR) 1572 goto cleanup_and_exit; 1573 dxtrace(printk(KERN_DEBUG "ext4_find_entry: dx failed, " 1574 "falling back\n")); 1575 ret = NULL; 1576 } 1577 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1578 if (!nblocks) { 1579 ret = NULL; 1580 goto cleanup_and_exit; 1581 } 1582 start = EXT4_I(dir)->i_dir_start_lookup; 1583 if (start >= nblocks) 1584 start = 0; 1585 block = start; 1586 restart: 1587 do { 1588 /* 1589 * We deal with the read-ahead logic here. 1590 */ 1591 cond_resched(); 1592 if (ra_ptr >= ra_max) { 1593 /* Refill the readahead buffer */ 1594 ra_ptr = 0; 1595 if (block < start) 1596 ra_max = start - block; 1597 else 1598 ra_max = nblocks - block; 1599 ra_max = min(ra_max, ARRAY_SIZE(bh_use)); 1600 retval = ext4_bread_batch(dir, block, ra_max, 1601 false /* wait */, bh_use); 1602 if (retval) { 1603 ret = ERR_PTR(retval); 1604 ra_max = 0; 1605 goto cleanup_and_exit; 1606 } 1607 } 1608 if ((bh = bh_use[ra_ptr++]) == NULL) 1609 goto next; 1610 wait_on_buffer(bh); 1611 if (!buffer_uptodate(bh)) { 1612 EXT4_ERROR_INODE_ERR(dir, EIO, 1613 "reading directory lblock %lu", 1614 (unsigned long) block); 1615 brelse(bh); 1616 ret = ERR_PTR(-EIO); 1617 goto cleanup_and_exit; 1618 } 1619 if (!buffer_verified(bh) && 1620 !is_dx_internal_node(dir, block, 1621 (struct ext4_dir_entry *)bh->b_data) && 1622 !ext4_dirblock_csum_verify(dir, bh)) { 1623 EXT4_ERROR_INODE_ERR(dir, EFSBADCRC, 1624 "checksumming directory " 1625 "block %lu", (unsigned long)block); 1626 brelse(bh); 1627 ret = ERR_PTR(-EFSBADCRC); 1628 goto cleanup_and_exit; 1629 } 1630 set_buffer_verified(bh); 1631 i = search_dirblock(bh, dir, fname, 1632 block << EXT4_BLOCK_SIZE_BITS(sb), res_dir); 1633 if (i == 1) { 1634 EXT4_I(dir)->i_dir_start_lookup = block; 1635 ret = bh; 1636 goto cleanup_and_exit; 1637 } else { 1638 brelse(bh); 1639 if (i < 0) 1640 goto cleanup_and_exit; 1641 } 1642 next: 1643 if (++block >= nblocks) 1644 block = 0; 1645 } while (block != start); 1646 1647 /* 1648 * If the directory has grown while we were searching, then 1649 * search the last part of the directory before giving up. 1650 */ 1651 block = nblocks; 1652 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1653 if (block < nblocks) { 1654 start = 0; 1655 goto restart; 1656 } 1657 1658 cleanup_and_exit: 1659 /* Clean up the read-ahead blocks */ 1660 for (; ra_ptr < ra_max; ra_ptr++) 1661 brelse(bh_use[ra_ptr]); 1662 return ret; 1663 } 1664 1665 static struct buffer_head *ext4_find_entry(struct inode *dir, 1666 const struct qstr *d_name, 1667 struct ext4_dir_entry_2 **res_dir, 1668 int *inlined) 1669 { 1670 int err; 1671 struct ext4_filename fname; 1672 struct buffer_head *bh; 1673 1674 err = ext4_fname_setup_filename(dir, d_name, 1, &fname); 1675 if (err == -ENOENT) 1676 return NULL; 1677 if (err) 1678 return ERR_PTR(err); 1679 1680 bh = __ext4_find_entry(dir, &fname, res_dir, inlined); 1681 1682 ext4_fname_free_filename(&fname); 1683 return bh; 1684 } 1685 1686 static struct buffer_head *ext4_lookup_entry(struct inode *dir, 1687 struct dentry *dentry, 1688 struct ext4_dir_entry_2 **res_dir) 1689 { 1690 int err; 1691 struct ext4_filename fname; 1692 struct buffer_head *bh; 1693 1694 err = ext4_fname_prepare_lookup(dir, dentry, &fname); 1695 generic_set_encrypted_ci_d_ops(dentry); 1696 if (err == -ENOENT) 1697 return NULL; 1698 if (err) 1699 return ERR_PTR(err); 1700 1701 bh = __ext4_find_entry(dir, &fname, res_dir, NULL); 1702 1703 ext4_fname_free_filename(&fname); 1704 return bh; 1705 } 1706 1707 static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 1708 struct ext4_filename *fname, 1709 struct ext4_dir_entry_2 **res_dir) 1710 { 1711 struct super_block * sb = dir->i_sb; 1712 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1713 struct buffer_head *bh; 1714 ext4_lblk_t block; 1715 int retval; 1716 1717 #ifdef CONFIG_FS_ENCRYPTION 1718 *res_dir = NULL; 1719 #endif 1720 frame = dx_probe(fname, dir, NULL, frames); 1721 if (IS_ERR(frame)) 1722 return (struct buffer_head *) frame; 1723 do { 1724 block = dx_get_block(frame->at); 1725 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1726 if (IS_ERR(bh)) 1727 goto errout; 1728 1729 retval = search_dirblock(bh, dir, fname, 1730 block << EXT4_BLOCK_SIZE_BITS(sb), 1731 res_dir); 1732 if (retval == 1) 1733 goto success; 1734 brelse(bh); 1735 if (retval == -1) { 1736 bh = ERR_PTR(ERR_BAD_DX_DIR); 1737 goto errout; 1738 } 1739 1740 /* Check to see if we should continue to search */ 1741 retval = ext4_htree_next_block(dir, fname->hinfo.hash, frame, 1742 frames, NULL); 1743 if (retval < 0) { 1744 ext4_warning_inode(dir, 1745 "error %d reading directory index block", 1746 retval); 1747 bh = ERR_PTR(retval); 1748 goto errout; 1749 } 1750 } while (retval == 1); 1751 1752 bh = NULL; 1753 errout: 1754 dxtrace(printk(KERN_DEBUG "%s not found\n", fname->usr_fname->name)); 1755 success: 1756 dx_release(frames); 1757 return bh; 1758 } 1759 1760 static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags) 1761 { 1762 struct inode *inode; 1763 struct ext4_dir_entry_2 *de; 1764 struct buffer_head *bh; 1765 1766 if (dentry->d_name.len > EXT4_NAME_LEN) 1767 return ERR_PTR(-ENAMETOOLONG); 1768 1769 bh = ext4_lookup_entry(dir, dentry, &de); 1770 if (IS_ERR(bh)) 1771 return ERR_CAST(bh); 1772 inode = NULL; 1773 if (bh) { 1774 __u32 ino = le32_to_cpu(de->inode); 1775 brelse(bh); 1776 if (!ext4_valid_inum(dir->i_sb, ino)) { 1777 EXT4_ERROR_INODE(dir, "bad inode number: %u", ino); 1778 return ERR_PTR(-EFSCORRUPTED); 1779 } 1780 if (unlikely(ino == dir->i_ino)) { 1781 EXT4_ERROR_INODE(dir, "'%pd' linked to parent dir", 1782 dentry); 1783 return ERR_PTR(-EFSCORRUPTED); 1784 } 1785 inode = ext4_iget(dir->i_sb, ino, EXT4_IGET_NORMAL); 1786 if (inode == ERR_PTR(-ESTALE)) { 1787 EXT4_ERROR_INODE(dir, 1788 "deleted inode referenced: %u", 1789 ino); 1790 return ERR_PTR(-EFSCORRUPTED); 1791 } 1792 if (!IS_ERR(inode) && IS_ENCRYPTED(dir) && 1793 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 1794 !fscrypt_has_permitted_context(dir, inode)) { 1795 ext4_warning(inode->i_sb, 1796 "Inconsistent encryption contexts: %lu/%lu", 1797 dir->i_ino, inode->i_ino); 1798 iput(inode); 1799 return ERR_PTR(-EPERM); 1800 } 1801 } 1802 1803 #if IS_ENABLED(CONFIG_UNICODE) 1804 if (!inode && IS_CASEFOLDED(dir)) { 1805 /* Eventually we want to call d_add_ci(dentry, NULL) 1806 * for negative dentries in the encoding case as 1807 * well. For now, prevent the negative dentry 1808 * from being cached. 1809 */ 1810 return NULL; 1811 } 1812 #endif 1813 return d_splice_alias(inode, dentry); 1814 } 1815 1816 1817 struct dentry *ext4_get_parent(struct dentry *child) 1818 { 1819 __u32 ino; 1820 struct ext4_dir_entry_2 * de; 1821 struct buffer_head *bh; 1822 1823 bh = ext4_find_entry(d_inode(child), &dotdot_name, &de, NULL); 1824 if (IS_ERR(bh)) 1825 return ERR_CAST(bh); 1826 if (!bh) 1827 return ERR_PTR(-ENOENT); 1828 ino = le32_to_cpu(de->inode); 1829 brelse(bh); 1830 1831 if (!ext4_valid_inum(child->d_sb, ino)) { 1832 EXT4_ERROR_INODE(d_inode(child), 1833 "bad parent inode number: %u", ino); 1834 return ERR_PTR(-EFSCORRUPTED); 1835 } 1836 1837 return d_obtain_alias(ext4_iget(child->d_sb, ino, EXT4_IGET_NORMAL)); 1838 } 1839 1840 /* 1841 * Move count entries from end of map between two memory locations. 1842 * Returns pointer to last entry moved. 1843 */ 1844 static struct ext4_dir_entry_2 * 1845 dx_move_dirents(struct inode *dir, char *from, char *to, 1846 struct dx_map_entry *map, int count, 1847 unsigned blocksize) 1848 { 1849 unsigned rec_len = 0; 1850 1851 while (count--) { 1852 struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *) 1853 (from + (map->offs<<2)); 1854 rec_len = ext4_dir_rec_len(de->name_len, dir); 1855 1856 memcpy (to, de, rec_len); 1857 ((struct ext4_dir_entry_2 *) to)->rec_len = 1858 ext4_rec_len_to_disk(rec_len, blocksize); 1859 1860 /* wipe dir_entry excluding the rec_len field */ 1861 de->inode = 0; 1862 memset(&de->name_len, 0, ext4_rec_len_from_disk(de->rec_len, 1863 blocksize) - 1864 offsetof(struct ext4_dir_entry_2, 1865 name_len)); 1866 1867 map++; 1868 to += rec_len; 1869 } 1870 return (struct ext4_dir_entry_2 *) (to - rec_len); 1871 } 1872 1873 /* 1874 * Compact each dir entry in the range to the minimal rec_len. 1875 * Returns pointer to last entry in range. 1876 */ 1877 static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 1878 unsigned int blocksize) 1879 { 1880 struct ext4_dir_entry_2 *next, *to, *prev, *de = (struct ext4_dir_entry_2 *) base; 1881 unsigned rec_len = 0; 1882 1883 prev = to = de; 1884 while ((char*)de < base + blocksize) { 1885 next = ext4_next_entry(de, blocksize); 1886 if (de->inode && de->name_len) { 1887 rec_len = ext4_dir_rec_len(de->name_len, dir); 1888 if (de > to) 1889 memmove(to, de, rec_len); 1890 to->rec_len = ext4_rec_len_to_disk(rec_len, blocksize); 1891 prev = to; 1892 to = (struct ext4_dir_entry_2 *) (((char *) to) + rec_len); 1893 } 1894 de = next; 1895 } 1896 return prev; 1897 } 1898 1899 /* 1900 * Split a full leaf block to make room for a new dir entry. 1901 * Allocate a new block, and move entries so that they are approx. equally full. 1902 * Returns pointer to de in block into which the new entry will be inserted. 1903 */ 1904 static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir, 1905 struct buffer_head **bh,struct dx_frame *frame, 1906 struct dx_hash_info *hinfo) 1907 { 1908 unsigned blocksize = dir->i_sb->s_blocksize; 1909 unsigned count, continued; 1910 struct buffer_head *bh2; 1911 ext4_lblk_t newblock; 1912 u32 hash2; 1913 struct dx_map_entry *map; 1914 char *data1 = (*bh)->b_data, *data2; 1915 unsigned split, move, size; 1916 struct ext4_dir_entry_2 *de = NULL, *de2; 1917 int csum_size = 0; 1918 int err = 0, i; 1919 1920 if (ext4_has_metadata_csum(dir->i_sb)) 1921 csum_size = sizeof(struct ext4_dir_entry_tail); 1922 1923 bh2 = ext4_append(handle, dir, &newblock); 1924 if (IS_ERR(bh2)) { 1925 brelse(*bh); 1926 *bh = NULL; 1927 return (struct ext4_dir_entry_2 *) bh2; 1928 } 1929 1930 BUFFER_TRACE(*bh, "get_write_access"); 1931 err = ext4_journal_get_write_access(handle, dir->i_sb, *bh, 1932 EXT4_JTR_NONE); 1933 if (err) 1934 goto journal_error; 1935 1936 BUFFER_TRACE(frame->bh, "get_write_access"); 1937 err = ext4_journal_get_write_access(handle, dir->i_sb, frame->bh, 1938 EXT4_JTR_NONE); 1939 if (err) 1940 goto journal_error; 1941 1942 data2 = bh2->b_data; 1943 1944 /* create map in the end of data2 block */ 1945 map = (struct dx_map_entry *) (data2 + blocksize); 1946 count = dx_make_map(dir, (struct ext4_dir_entry_2 *) data1, 1947 blocksize, hinfo, map); 1948 map -= count; 1949 dx_sort_map(map, count); 1950 /* Ensure that neither split block is over half full */ 1951 size = 0; 1952 move = 0; 1953 for (i = count-1; i >= 0; i--) { 1954 /* is more than half of this entry in 2nd half of the block? */ 1955 if (size + map[i].size/2 > blocksize/2) 1956 break; 1957 size += map[i].size; 1958 move++; 1959 } 1960 /* 1961 * map index at which we will split 1962 * 1963 * If the sum of active entries didn't exceed half the block size, just 1964 * split it in half by count; each resulting block will have at least 1965 * half the space free. 1966 */ 1967 if (i > 0) 1968 split = count - move; 1969 else 1970 split = count/2; 1971 1972 hash2 = map[split].hash; 1973 continued = hash2 == map[split - 1].hash; 1974 dxtrace(printk(KERN_INFO "Split block %lu at %x, %i/%i\n", 1975 (unsigned long)dx_get_block(frame->at), 1976 hash2, split, count-split)); 1977 1978 /* Fancy dance to stay within two buffers */ 1979 de2 = dx_move_dirents(dir, data1, data2, map + split, count - split, 1980 blocksize); 1981 de = dx_pack_dirents(dir, data1, blocksize); 1982 de->rec_len = ext4_rec_len_to_disk(data1 + (blocksize - csum_size) - 1983 (char *) de, 1984 blocksize); 1985 de2->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 1986 (char *) de2, 1987 blocksize); 1988 if (csum_size) { 1989 ext4_initialize_dirent_tail(*bh, blocksize); 1990 ext4_initialize_dirent_tail(bh2, blocksize); 1991 } 1992 1993 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data1, 1994 blocksize, 1)); 1995 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data2, 1996 blocksize, 1)); 1997 1998 /* Which block gets the new entry? */ 1999 if (hinfo->hash >= hash2) { 2000 swap(*bh, bh2); 2001 de = de2; 2002 } 2003 dx_insert_block(frame, hash2 + continued, newblock); 2004 err = ext4_handle_dirty_dirblock(handle, dir, bh2); 2005 if (err) 2006 goto journal_error; 2007 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2008 if (err) 2009 goto journal_error; 2010 brelse(bh2); 2011 dxtrace(dx_show_index("frame", frame->entries)); 2012 return de; 2013 2014 journal_error: 2015 brelse(*bh); 2016 brelse(bh2); 2017 *bh = NULL; 2018 ext4_std_error(dir->i_sb, err); 2019 return ERR_PTR(err); 2020 } 2021 2022 int ext4_find_dest_de(struct inode *dir, struct inode *inode, 2023 struct buffer_head *bh, 2024 void *buf, int buf_size, 2025 struct ext4_filename *fname, 2026 struct ext4_dir_entry_2 **dest_de) 2027 { 2028 struct ext4_dir_entry_2 *de; 2029 unsigned short reclen = ext4_dir_rec_len(fname_len(fname), dir); 2030 int nlen, rlen; 2031 unsigned int offset = 0; 2032 char *top; 2033 2034 de = (struct ext4_dir_entry_2 *)buf; 2035 top = buf + buf_size - reclen; 2036 while ((char *) de <= top) { 2037 if (ext4_check_dir_entry(dir, NULL, de, bh, 2038 buf, buf_size, offset)) 2039 return -EFSCORRUPTED; 2040 if (ext4_match(dir, fname, de)) 2041 return -EEXIST; 2042 nlen = ext4_dir_rec_len(de->name_len, dir); 2043 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2044 if ((de->inode ? rlen - nlen : rlen) >= reclen) 2045 break; 2046 de = (struct ext4_dir_entry_2 *)((char *)de + rlen); 2047 offset += rlen; 2048 } 2049 if ((char *) de > top) 2050 return -ENOSPC; 2051 2052 *dest_de = de; 2053 return 0; 2054 } 2055 2056 void ext4_insert_dentry(struct inode *dir, 2057 struct inode *inode, 2058 struct ext4_dir_entry_2 *de, 2059 int buf_size, 2060 struct ext4_filename *fname) 2061 { 2062 2063 int nlen, rlen; 2064 2065 nlen = ext4_dir_rec_len(de->name_len, dir); 2066 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2067 if (de->inode) { 2068 struct ext4_dir_entry_2 *de1 = 2069 (struct ext4_dir_entry_2 *)((char *)de + nlen); 2070 de1->rec_len = ext4_rec_len_to_disk(rlen - nlen, buf_size); 2071 de->rec_len = ext4_rec_len_to_disk(nlen, buf_size); 2072 de = de1; 2073 } 2074 de->file_type = EXT4_FT_UNKNOWN; 2075 de->inode = cpu_to_le32(inode->i_ino); 2076 ext4_set_de_type(inode->i_sb, de, inode->i_mode); 2077 de->name_len = fname_len(fname); 2078 memcpy(de->name, fname_name(fname), fname_len(fname)); 2079 if (ext4_hash_in_dirent(dir)) { 2080 struct dx_hash_info *hinfo = &fname->hinfo; 2081 2082 EXT4_DIRENT_HASHES(de)->hash = cpu_to_le32(hinfo->hash); 2083 EXT4_DIRENT_HASHES(de)->minor_hash = 2084 cpu_to_le32(hinfo->minor_hash); 2085 } 2086 } 2087 2088 /* 2089 * Add a new entry into a directory (leaf) block. If de is non-NULL, 2090 * it points to a directory entry which is guaranteed to be large 2091 * enough for new directory entry. If de is NULL, then 2092 * add_dirent_to_buf will attempt search the directory block for 2093 * space. It will return -ENOSPC if no space is available, and -EIO 2094 * and -EEXIST if directory entry already exists. 2095 */ 2096 static int add_dirent_to_buf(handle_t *handle, struct ext4_filename *fname, 2097 struct inode *dir, 2098 struct inode *inode, struct ext4_dir_entry_2 *de, 2099 struct buffer_head *bh) 2100 { 2101 unsigned int blocksize = dir->i_sb->s_blocksize; 2102 int csum_size = 0; 2103 int err, err2; 2104 2105 if (ext4_has_metadata_csum(inode->i_sb)) 2106 csum_size = sizeof(struct ext4_dir_entry_tail); 2107 2108 if (!de) { 2109 err = ext4_find_dest_de(dir, inode, bh, bh->b_data, 2110 blocksize - csum_size, fname, &de); 2111 if (err) 2112 return err; 2113 } 2114 BUFFER_TRACE(bh, "get_write_access"); 2115 err = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2116 EXT4_JTR_NONE); 2117 if (err) { 2118 ext4_std_error(dir->i_sb, err); 2119 return err; 2120 } 2121 2122 /* By now the buffer is marked for journaling */ 2123 ext4_insert_dentry(dir, inode, de, blocksize, fname); 2124 2125 /* 2126 * XXX shouldn't update any times until successful 2127 * completion of syscall, but too many callers depend 2128 * on this. 2129 * 2130 * XXX similarly, too many callers depend on 2131 * ext4_new_inode() setting the times, but error 2132 * recovery deletes the inode, so the worst that can 2133 * happen is that the times are slightly out of date 2134 * and/or different from the directory change time. 2135 */ 2136 dir->i_mtime = dir->i_ctime = current_time(dir); 2137 ext4_update_dx_flag(dir); 2138 inode_inc_iversion(dir); 2139 err2 = ext4_mark_inode_dirty(handle, dir); 2140 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2141 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2142 if (err) 2143 ext4_std_error(dir->i_sb, err); 2144 return err ? err : err2; 2145 } 2146 2147 /* 2148 * This converts a one block unindexed directory to a 3 block indexed 2149 * directory, and adds the dentry to the indexed directory. 2150 */ 2151 static int make_indexed_dir(handle_t *handle, struct ext4_filename *fname, 2152 struct inode *dir, 2153 struct inode *inode, struct buffer_head *bh) 2154 { 2155 struct buffer_head *bh2; 2156 struct dx_root *root; 2157 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2158 struct dx_entry *entries; 2159 struct ext4_dir_entry_2 *de, *de2; 2160 char *data2, *top; 2161 unsigned len; 2162 int retval; 2163 unsigned blocksize; 2164 ext4_lblk_t block; 2165 struct fake_dirent *fde; 2166 int csum_size = 0; 2167 2168 if (ext4_has_metadata_csum(inode->i_sb)) 2169 csum_size = sizeof(struct ext4_dir_entry_tail); 2170 2171 blocksize = dir->i_sb->s_blocksize; 2172 dxtrace(printk(KERN_DEBUG "Creating index: inode %lu\n", dir->i_ino)); 2173 BUFFER_TRACE(bh, "get_write_access"); 2174 retval = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2175 EXT4_JTR_NONE); 2176 if (retval) { 2177 ext4_std_error(dir->i_sb, retval); 2178 brelse(bh); 2179 return retval; 2180 } 2181 root = (struct dx_root *) bh->b_data; 2182 2183 /* The 0th block becomes the root, move the dirents out */ 2184 fde = &root->dotdot; 2185 de = (struct ext4_dir_entry_2 *)((char *)fde + 2186 ext4_rec_len_from_disk(fde->rec_len, blocksize)); 2187 if ((char *) de >= (((char *) root) + blocksize)) { 2188 EXT4_ERROR_INODE(dir, "invalid rec_len for '..'"); 2189 brelse(bh); 2190 return -EFSCORRUPTED; 2191 } 2192 len = ((char *) root) + (blocksize - csum_size) - (char *) de; 2193 2194 /* Allocate new block for the 0th block's dirents */ 2195 bh2 = ext4_append(handle, dir, &block); 2196 if (IS_ERR(bh2)) { 2197 brelse(bh); 2198 return PTR_ERR(bh2); 2199 } 2200 ext4_set_inode_flag(dir, EXT4_INODE_INDEX); 2201 data2 = bh2->b_data; 2202 2203 memcpy(data2, de, len); 2204 memset(de, 0, len); /* wipe old data */ 2205 de = (struct ext4_dir_entry_2 *) data2; 2206 top = data2 + len; 2207 while ((char *)(de2 = ext4_next_entry(de, blocksize)) < top) 2208 de = de2; 2209 de->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 2210 (char *) de, blocksize); 2211 2212 if (csum_size) 2213 ext4_initialize_dirent_tail(bh2, blocksize); 2214 2215 /* Initialize the root; the dot dirents already exist */ 2216 de = (struct ext4_dir_entry_2 *) (&root->dotdot); 2217 de->rec_len = ext4_rec_len_to_disk( 2218 blocksize - ext4_dir_rec_len(2, NULL), blocksize); 2219 memset (&root->info, 0, sizeof(root->info)); 2220 root->info.info_length = sizeof(root->info); 2221 if (ext4_hash_in_dirent(dir)) 2222 root->info.hash_version = DX_HASH_SIPHASH; 2223 else 2224 root->info.hash_version = 2225 EXT4_SB(dir->i_sb)->s_def_hash_version; 2226 2227 entries = root->entries; 2228 dx_set_block(entries, 1); 2229 dx_set_count(entries, 1); 2230 dx_set_limit(entries, dx_root_limit(dir, sizeof(root->info))); 2231 2232 /* Initialize as for dx_probe */ 2233 fname->hinfo.hash_version = root->info.hash_version; 2234 if (fname->hinfo.hash_version <= DX_HASH_TEA) 2235 fname->hinfo.hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 2236 fname->hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 2237 2238 /* casefolded encrypted hashes are computed on fname setup */ 2239 if (!ext4_hash_in_dirent(dir)) 2240 ext4fs_dirhash(dir, fname_name(fname), 2241 fname_len(fname), &fname->hinfo); 2242 2243 memset(frames, 0, sizeof(frames)); 2244 frame = frames; 2245 frame->entries = entries; 2246 frame->at = entries; 2247 frame->bh = bh; 2248 2249 retval = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2250 if (retval) 2251 goto out_frames; 2252 retval = ext4_handle_dirty_dirblock(handle, dir, bh2); 2253 if (retval) 2254 goto out_frames; 2255 2256 de = do_split(handle,dir, &bh2, frame, &fname->hinfo); 2257 if (IS_ERR(de)) { 2258 retval = PTR_ERR(de); 2259 goto out_frames; 2260 } 2261 2262 retval = add_dirent_to_buf(handle, fname, dir, inode, de, bh2); 2263 out_frames: 2264 /* 2265 * Even if the block split failed, we have to properly write 2266 * out all the changes we did so far. Otherwise we can end up 2267 * with corrupted filesystem. 2268 */ 2269 if (retval) 2270 ext4_mark_inode_dirty(handle, dir); 2271 dx_release(frames); 2272 brelse(bh2); 2273 return retval; 2274 } 2275 2276 /* 2277 * ext4_add_entry() 2278 * 2279 * adds a file entry to the specified directory, using the same 2280 * semantics as ext4_find_entry(). It returns NULL if it failed. 2281 * 2282 * NOTE!! The inode part of 'de' is left at 0 - which means you 2283 * may not sleep between calling this and putting something into 2284 * the entry, as someone else might have used it while you slept. 2285 */ 2286 static int ext4_add_entry(handle_t *handle, struct dentry *dentry, 2287 struct inode *inode) 2288 { 2289 struct inode *dir = d_inode(dentry->d_parent); 2290 struct buffer_head *bh = NULL; 2291 struct ext4_dir_entry_2 *de; 2292 struct super_block *sb; 2293 struct ext4_filename fname; 2294 int retval; 2295 int dx_fallback=0; 2296 unsigned blocksize; 2297 ext4_lblk_t block, blocks; 2298 int csum_size = 0; 2299 2300 if (ext4_has_metadata_csum(inode->i_sb)) 2301 csum_size = sizeof(struct ext4_dir_entry_tail); 2302 2303 sb = dir->i_sb; 2304 blocksize = sb->s_blocksize; 2305 if (!dentry->d_name.len) 2306 return -EINVAL; 2307 2308 if (fscrypt_is_nokey_name(dentry)) 2309 return -ENOKEY; 2310 2311 #if IS_ENABLED(CONFIG_UNICODE) 2312 if (sb_has_strict_encoding(sb) && IS_CASEFOLDED(dir) && 2313 sb->s_encoding && utf8_validate(sb->s_encoding, &dentry->d_name)) 2314 return -EINVAL; 2315 #endif 2316 2317 retval = ext4_fname_setup_filename(dir, &dentry->d_name, 0, &fname); 2318 if (retval) 2319 return retval; 2320 2321 if (ext4_has_inline_data(dir)) { 2322 retval = ext4_try_add_inline_entry(handle, &fname, dir, inode); 2323 if (retval < 0) 2324 goto out; 2325 if (retval == 1) { 2326 retval = 0; 2327 goto out; 2328 } 2329 } 2330 2331 if (is_dx(dir)) { 2332 retval = ext4_dx_add_entry(handle, &fname, dir, inode); 2333 if (!retval || (retval != ERR_BAD_DX_DIR)) 2334 goto out; 2335 /* Can we just ignore htree data? */ 2336 if (ext4_has_metadata_csum(sb)) { 2337 EXT4_ERROR_INODE(dir, 2338 "Directory has corrupted htree index."); 2339 retval = -EFSCORRUPTED; 2340 goto out; 2341 } 2342 ext4_clear_inode_flag(dir, EXT4_INODE_INDEX); 2343 dx_fallback++; 2344 retval = ext4_mark_inode_dirty(handle, dir); 2345 if (unlikely(retval)) 2346 goto out; 2347 } 2348 blocks = dir->i_size >> sb->s_blocksize_bits; 2349 for (block = 0; block < blocks; block++) { 2350 bh = ext4_read_dirblock(dir, block, DIRENT); 2351 if (bh == NULL) { 2352 bh = ext4_bread(handle, dir, block, 2353 EXT4_GET_BLOCKS_CREATE); 2354 goto add_to_new_block; 2355 } 2356 if (IS_ERR(bh)) { 2357 retval = PTR_ERR(bh); 2358 bh = NULL; 2359 goto out; 2360 } 2361 retval = add_dirent_to_buf(handle, &fname, dir, inode, 2362 NULL, bh); 2363 if (retval != -ENOSPC) 2364 goto out; 2365 2366 if (blocks == 1 && !dx_fallback && 2367 ext4_has_feature_dir_index(sb)) { 2368 retval = make_indexed_dir(handle, &fname, dir, 2369 inode, bh); 2370 bh = NULL; /* make_indexed_dir releases bh */ 2371 goto out; 2372 } 2373 brelse(bh); 2374 } 2375 bh = ext4_append(handle, dir, &block); 2376 add_to_new_block: 2377 if (IS_ERR(bh)) { 2378 retval = PTR_ERR(bh); 2379 bh = NULL; 2380 goto out; 2381 } 2382 de = (struct ext4_dir_entry_2 *) bh->b_data; 2383 de->inode = 0; 2384 de->rec_len = ext4_rec_len_to_disk(blocksize - csum_size, blocksize); 2385 2386 if (csum_size) 2387 ext4_initialize_dirent_tail(bh, blocksize); 2388 2389 retval = add_dirent_to_buf(handle, &fname, dir, inode, de, bh); 2390 out: 2391 ext4_fname_free_filename(&fname); 2392 brelse(bh); 2393 if (retval == 0) 2394 ext4_set_inode_state(inode, EXT4_STATE_NEWENTRY); 2395 return retval; 2396 } 2397 2398 /* 2399 * Returns 0 for success, or a negative error value 2400 */ 2401 static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 2402 struct inode *dir, struct inode *inode) 2403 { 2404 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2405 struct dx_entry *entries, *at; 2406 struct buffer_head *bh; 2407 struct super_block *sb = dir->i_sb; 2408 struct ext4_dir_entry_2 *de; 2409 int restart; 2410 int err; 2411 2412 again: 2413 restart = 0; 2414 frame = dx_probe(fname, dir, NULL, frames); 2415 if (IS_ERR(frame)) 2416 return PTR_ERR(frame); 2417 entries = frame->entries; 2418 at = frame->at; 2419 bh = ext4_read_dirblock(dir, dx_get_block(frame->at), DIRENT_HTREE); 2420 if (IS_ERR(bh)) { 2421 err = PTR_ERR(bh); 2422 bh = NULL; 2423 goto cleanup; 2424 } 2425 2426 BUFFER_TRACE(bh, "get_write_access"); 2427 err = ext4_journal_get_write_access(handle, sb, bh, EXT4_JTR_NONE); 2428 if (err) 2429 goto journal_error; 2430 2431 err = add_dirent_to_buf(handle, fname, dir, inode, NULL, bh); 2432 if (err != -ENOSPC) 2433 goto cleanup; 2434 2435 err = 0; 2436 /* Block full, should compress but for now just split */ 2437 dxtrace(printk(KERN_DEBUG "using %u of %u node entries\n", 2438 dx_get_count(entries), dx_get_limit(entries))); 2439 /* Need to split index? */ 2440 if (dx_get_count(entries) == dx_get_limit(entries)) { 2441 ext4_lblk_t newblock; 2442 int levels = frame - frames + 1; 2443 unsigned int icount; 2444 int add_level = 1; 2445 struct dx_entry *entries2; 2446 struct dx_node *node2; 2447 struct buffer_head *bh2; 2448 2449 while (frame > frames) { 2450 if (dx_get_count((frame - 1)->entries) < 2451 dx_get_limit((frame - 1)->entries)) { 2452 add_level = 0; 2453 break; 2454 } 2455 frame--; /* split higher index block */ 2456 at = frame->at; 2457 entries = frame->entries; 2458 restart = 1; 2459 } 2460 if (add_level && levels == ext4_dir_htree_level(sb)) { 2461 ext4_warning(sb, "Directory (ino: %lu) index full, " 2462 "reach max htree level :%d", 2463 dir->i_ino, levels); 2464 if (ext4_dir_htree_level(sb) < EXT4_HTREE_LEVEL) { 2465 ext4_warning(sb, "Large directory feature is " 2466 "not enabled on this " 2467 "filesystem"); 2468 } 2469 err = -ENOSPC; 2470 goto cleanup; 2471 } 2472 icount = dx_get_count(entries); 2473 bh2 = ext4_append(handle, dir, &newblock); 2474 if (IS_ERR(bh2)) { 2475 err = PTR_ERR(bh2); 2476 goto cleanup; 2477 } 2478 node2 = (struct dx_node *)(bh2->b_data); 2479 entries2 = node2->entries; 2480 memset(&node2->fake, 0, sizeof(struct fake_dirent)); 2481 node2->fake.rec_len = ext4_rec_len_to_disk(sb->s_blocksize, 2482 sb->s_blocksize); 2483 BUFFER_TRACE(frame->bh, "get_write_access"); 2484 err = ext4_journal_get_write_access(handle, sb, frame->bh, 2485 EXT4_JTR_NONE); 2486 if (err) 2487 goto journal_error; 2488 if (!add_level) { 2489 unsigned icount1 = icount/2, icount2 = icount - icount1; 2490 unsigned hash2 = dx_get_hash(entries + icount1); 2491 dxtrace(printk(KERN_DEBUG "Split index %i/%i\n", 2492 icount1, icount2)); 2493 2494 BUFFER_TRACE(frame->bh, "get_write_access"); /* index root */ 2495 err = ext4_journal_get_write_access(handle, sb, 2496 (frame - 1)->bh, 2497 EXT4_JTR_NONE); 2498 if (err) 2499 goto journal_error; 2500 2501 memcpy((char *) entries2, (char *) (entries + icount1), 2502 icount2 * sizeof(struct dx_entry)); 2503 dx_set_count(entries, icount1); 2504 dx_set_count(entries2, icount2); 2505 dx_set_limit(entries2, dx_node_limit(dir)); 2506 2507 /* Which index block gets the new entry? */ 2508 if (at - entries >= icount1) { 2509 frame->at = at - entries - icount1 + entries2; 2510 frame->entries = entries = entries2; 2511 swap(frame->bh, bh2); 2512 } 2513 dx_insert_block((frame - 1), hash2, newblock); 2514 dxtrace(dx_show_index("node", frame->entries)); 2515 dxtrace(dx_show_index("node", 2516 ((struct dx_node *) bh2->b_data)->entries)); 2517 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2518 if (err) 2519 goto journal_error; 2520 brelse (bh2); 2521 err = ext4_handle_dirty_dx_node(handle, dir, 2522 (frame - 1)->bh); 2523 if (err) 2524 goto journal_error; 2525 err = ext4_handle_dirty_dx_node(handle, dir, 2526 frame->bh); 2527 if (restart || err) 2528 goto journal_error; 2529 } else { 2530 struct dx_root *dxroot; 2531 memcpy((char *) entries2, (char *) entries, 2532 icount * sizeof(struct dx_entry)); 2533 dx_set_limit(entries2, dx_node_limit(dir)); 2534 2535 /* Set up root */ 2536 dx_set_count(entries, 1); 2537 dx_set_block(entries + 0, newblock); 2538 dxroot = (struct dx_root *)frames[0].bh->b_data; 2539 dxroot->info.indirect_levels += 1; 2540 dxtrace(printk(KERN_DEBUG 2541 "Creating %d level index...\n", 2542 dxroot->info.indirect_levels)); 2543 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2544 if (err) 2545 goto journal_error; 2546 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2547 brelse(bh2); 2548 restart = 1; 2549 goto journal_error; 2550 } 2551 } 2552 de = do_split(handle, dir, &bh, frame, &fname->hinfo); 2553 if (IS_ERR(de)) { 2554 err = PTR_ERR(de); 2555 goto cleanup; 2556 } 2557 err = add_dirent_to_buf(handle, fname, dir, inode, de, bh); 2558 goto cleanup; 2559 2560 journal_error: 2561 ext4_std_error(dir->i_sb, err); /* this is a no-op if err == 0 */ 2562 cleanup: 2563 brelse(bh); 2564 dx_release(frames); 2565 /* @restart is true means htree-path has been changed, we need to 2566 * repeat dx_probe() to find out valid htree-path 2567 */ 2568 if (restart && err == 0) 2569 goto again; 2570 return err; 2571 } 2572 2573 /* 2574 * ext4_generic_delete_entry deletes a directory entry by merging it 2575 * with the previous entry 2576 */ 2577 int ext4_generic_delete_entry(struct inode *dir, 2578 struct ext4_dir_entry_2 *de_del, 2579 struct buffer_head *bh, 2580 void *entry_buf, 2581 int buf_size, 2582 int csum_size) 2583 { 2584 struct ext4_dir_entry_2 *de, *pde; 2585 unsigned int blocksize = dir->i_sb->s_blocksize; 2586 int i; 2587 2588 i = 0; 2589 pde = NULL; 2590 de = (struct ext4_dir_entry_2 *)entry_buf; 2591 while (i < buf_size - csum_size) { 2592 if (ext4_check_dir_entry(dir, NULL, de, bh, 2593 entry_buf, buf_size, i)) 2594 return -EFSCORRUPTED; 2595 if (de == de_del) { 2596 if (pde) { 2597 pde->rec_len = ext4_rec_len_to_disk( 2598 ext4_rec_len_from_disk(pde->rec_len, 2599 blocksize) + 2600 ext4_rec_len_from_disk(de->rec_len, 2601 blocksize), 2602 blocksize); 2603 2604 /* wipe entire dir_entry */ 2605 memset(de, 0, ext4_rec_len_from_disk(de->rec_len, 2606 blocksize)); 2607 } else { 2608 /* wipe dir_entry excluding the rec_len field */ 2609 de->inode = 0; 2610 memset(&de->name_len, 0, 2611 ext4_rec_len_from_disk(de->rec_len, 2612 blocksize) - 2613 offsetof(struct ext4_dir_entry_2, 2614 name_len)); 2615 } 2616 2617 inode_inc_iversion(dir); 2618 return 0; 2619 } 2620 i += ext4_rec_len_from_disk(de->rec_len, blocksize); 2621 pde = de; 2622 de = ext4_next_entry(de, blocksize); 2623 } 2624 return -ENOENT; 2625 } 2626 2627 static int ext4_delete_entry(handle_t *handle, 2628 struct inode *dir, 2629 struct ext4_dir_entry_2 *de_del, 2630 struct buffer_head *bh) 2631 { 2632 int err, csum_size = 0; 2633 2634 if (ext4_has_inline_data(dir)) { 2635 int has_inline_data = 1; 2636 err = ext4_delete_inline_entry(handle, dir, de_del, bh, 2637 &has_inline_data); 2638 if (has_inline_data) 2639 return err; 2640 } 2641 2642 if (ext4_has_metadata_csum(dir->i_sb)) 2643 csum_size = sizeof(struct ext4_dir_entry_tail); 2644 2645 BUFFER_TRACE(bh, "get_write_access"); 2646 err = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2647 EXT4_JTR_NONE); 2648 if (unlikely(err)) 2649 goto out; 2650 2651 err = ext4_generic_delete_entry(dir, de_del, bh, bh->b_data, 2652 dir->i_sb->s_blocksize, csum_size); 2653 if (err) 2654 goto out; 2655 2656 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2657 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2658 if (unlikely(err)) 2659 goto out; 2660 2661 return 0; 2662 out: 2663 if (err != -ENOENT) 2664 ext4_std_error(dir->i_sb, err); 2665 return err; 2666 } 2667 2668 /* 2669 * Set directory link count to 1 if nlinks > EXT4_LINK_MAX, or if nlinks == 2 2670 * since this indicates that nlinks count was previously 1 to avoid overflowing 2671 * the 16-bit i_links_count field on disk. Directories with i_nlink == 1 mean 2672 * that subdirectory link counts are not being maintained accurately. 2673 * 2674 * The caller has already checked for i_nlink overflow in case the DIR_LINK 2675 * feature is not enabled and returned -EMLINK. The is_dx() check is a proxy 2676 * for checking S_ISDIR(inode) (since the INODE_INDEX feature will not be set 2677 * on regular files) and to avoid creating huge/slow non-HTREE directories. 2678 */ 2679 static void ext4_inc_count(struct inode *inode) 2680 { 2681 inc_nlink(inode); 2682 if (is_dx(inode) && 2683 (inode->i_nlink > EXT4_LINK_MAX || inode->i_nlink == 2)) 2684 set_nlink(inode, 1); 2685 } 2686 2687 /* 2688 * If a directory had nlink == 1, then we should let it be 1. This indicates 2689 * directory has >EXT4_LINK_MAX subdirs. 2690 */ 2691 static void ext4_dec_count(struct inode *inode) 2692 { 2693 if (!S_ISDIR(inode->i_mode) || inode->i_nlink > 2) 2694 drop_nlink(inode); 2695 } 2696 2697 2698 /* 2699 * Add non-directory inode to a directory. On success, the inode reference is 2700 * consumed by dentry is instantiation. This is also indicated by clearing of 2701 * *inodep pointer. On failure, the caller is responsible for dropping the 2702 * inode reference in the safe context. 2703 */ 2704 static int ext4_add_nondir(handle_t *handle, 2705 struct dentry *dentry, struct inode **inodep) 2706 { 2707 struct inode *dir = d_inode(dentry->d_parent); 2708 struct inode *inode = *inodep; 2709 int err = ext4_add_entry(handle, dentry, inode); 2710 if (!err) { 2711 err = ext4_mark_inode_dirty(handle, inode); 2712 if (IS_DIRSYNC(dir)) 2713 ext4_handle_sync(handle); 2714 d_instantiate_new(dentry, inode); 2715 *inodep = NULL; 2716 return err; 2717 } 2718 drop_nlink(inode); 2719 ext4_orphan_add(handle, inode); 2720 unlock_new_inode(inode); 2721 return err; 2722 } 2723 2724 /* 2725 * By the time this is called, we already have created 2726 * the directory cache entry for the new file, but it 2727 * is so far negative - it has no inode. 2728 * 2729 * If the create succeeds, we fill in the inode information 2730 * with d_instantiate(). 2731 */ 2732 static int ext4_create(struct user_namespace *mnt_userns, struct inode *dir, 2733 struct dentry *dentry, umode_t mode, bool excl) 2734 { 2735 handle_t *handle; 2736 struct inode *inode; 2737 int err, credits, retries = 0; 2738 2739 err = dquot_initialize(dir); 2740 if (err) 2741 return err; 2742 2743 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2744 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2745 retry: 2746 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name, 2747 0, NULL, EXT4_HT_DIR, credits); 2748 handle = ext4_journal_current_handle(); 2749 err = PTR_ERR(inode); 2750 if (!IS_ERR(inode)) { 2751 inode->i_op = &ext4_file_inode_operations; 2752 inode->i_fop = &ext4_file_operations; 2753 ext4_set_aops(inode); 2754 err = ext4_add_nondir(handle, dentry, &inode); 2755 if (!err) 2756 ext4_fc_track_create(handle, dentry); 2757 } 2758 if (handle) 2759 ext4_journal_stop(handle); 2760 if (!IS_ERR_OR_NULL(inode)) 2761 iput(inode); 2762 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2763 goto retry; 2764 return err; 2765 } 2766 2767 static int ext4_mknod(struct user_namespace *mnt_userns, struct inode *dir, 2768 struct dentry *dentry, umode_t mode, dev_t rdev) 2769 { 2770 handle_t *handle; 2771 struct inode *inode; 2772 int err, credits, retries = 0; 2773 2774 err = dquot_initialize(dir); 2775 if (err) 2776 return err; 2777 2778 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2779 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2780 retry: 2781 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name, 2782 0, NULL, EXT4_HT_DIR, credits); 2783 handle = ext4_journal_current_handle(); 2784 err = PTR_ERR(inode); 2785 if (!IS_ERR(inode)) { 2786 init_special_inode(inode, inode->i_mode, rdev); 2787 inode->i_op = &ext4_special_inode_operations; 2788 err = ext4_add_nondir(handle, dentry, &inode); 2789 if (!err) 2790 ext4_fc_track_create(handle, dentry); 2791 } 2792 if (handle) 2793 ext4_journal_stop(handle); 2794 if (!IS_ERR_OR_NULL(inode)) 2795 iput(inode); 2796 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2797 goto retry; 2798 return err; 2799 } 2800 2801 static int ext4_tmpfile(struct user_namespace *mnt_userns, struct inode *dir, 2802 struct dentry *dentry, umode_t mode) 2803 { 2804 handle_t *handle; 2805 struct inode *inode; 2806 int err, retries = 0; 2807 2808 err = dquot_initialize(dir); 2809 if (err) 2810 return err; 2811 2812 retry: 2813 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, 2814 NULL, 0, NULL, 2815 EXT4_HT_DIR, 2816 EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) + 2817 4 + EXT4_XATTR_TRANS_BLOCKS); 2818 handle = ext4_journal_current_handle(); 2819 err = PTR_ERR(inode); 2820 if (!IS_ERR(inode)) { 2821 inode->i_op = &ext4_file_inode_operations; 2822 inode->i_fop = &ext4_file_operations; 2823 ext4_set_aops(inode); 2824 d_tmpfile(dentry, inode); 2825 err = ext4_orphan_add(handle, inode); 2826 if (err) 2827 goto err_unlock_inode; 2828 mark_inode_dirty(inode); 2829 unlock_new_inode(inode); 2830 } 2831 if (handle) 2832 ext4_journal_stop(handle); 2833 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2834 goto retry; 2835 return err; 2836 err_unlock_inode: 2837 ext4_journal_stop(handle); 2838 unlock_new_inode(inode); 2839 return err; 2840 } 2841 2842 struct ext4_dir_entry_2 *ext4_init_dot_dotdot(struct inode *inode, 2843 struct ext4_dir_entry_2 *de, 2844 int blocksize, int csum_size, 2845 unsigned int parent_ino, int dotdot_real_len) 2846 { 2847 de->inode = cpu_to_le32(inode->i_ino); 2848 de->name_len = 1; 2849 de->rec_len = ext4_rec_len_to_disk(ext4_dir_rec_len(de->name_len, NULL), 2850 blocksize); 2851 strcpy(de->name, "."); 2852 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2853 2854 de = ext4_next_entry(de, blocksize); 2855 de->inode = cpu_to_le32(parent_ino); 2856 de->name_len = 2; 2857 if (!dotdot_real_len) 2858 de->rec_len = ext4_rec_len_to_disk(blocksize - 2859 (csum_size + ext4_dir_rec_len(1, NULL)), 2860 blocksize); 2861 else 2862 de->rec_len = ext4_rec_len_to_disk( 2863 ext4_dir_rec_len(de->name_len, NULL), 2864 blocksize); 2865 strcpy(de->name, ".."); 2866 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2867 2868 return ext4_next_entry(de, blocksize); 2869 } 2870 2871 int ext4_init_new_dir(handle_t *handle, struct inode *dir, 2872 struct inode *inode) 2873 { 2874 struct buffer_head *dir_block = NULL; 2875 struct ext4_dir_entry_2 *de; 2876 ext4_lblk_t block = 0; 2877 unsigned int blocksize = dir->i_sb->s_blocksize; 2878 int csum_size = 0; 2879 int err; 2880 2881 if (ext4_has_metadata_csum(dir->i_sb)) 2882 csum_size = sizeof(struct ext4_dir_entry_tail); 2883 2884 if (ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)) { 2885 err = ext4_try_create_inline_dir(handle, dir, inode); 2886 if (err < 0 && err != -ENOSPC) 2887 goto out; 2888 if (!err) 2889 goto out; 2890 } 2891 2892 inode->i_size = 0; 2893 dir_block = ext4_append(handle, inode, &block); 2894 if (IS_ERR(dir_block)) 2895 return PTR_ERR(dir_block); 2896 de = (struct ext4_dir_entry_2 *)dir_block->b_data; 2897 ext4_init_dot_dotdot(inode, de, blocksize, csum_size, dir->i_ino, 0); 2898 set_nlink(inode, 2); 2899 if (csum_size) 2900 ext4_initialize_dirent_tail(dir_block, blocksize); 2901 2902 BUFFER_TRACE(dir_block, "call ext4_handle_dirty_metadata"); 2903 err = ext4_handle_dirty_dirblock(handle, inode, dir_block); 2904 if (err) 2905 goto out; 2906 set_buffer_verified(dir_block); 2907 out: 2908 brelse(dir_block); 2909 return err; 2910 } 2911 2912 static int ext4_mkdir(struct user_namespace *mnt_userns, struct inode *dir, 2913 struct dentry *dentry, umode_t mode) 2914 { 2915 handle_t *handle; 2916 struct inode *inode; 2917 int err, err2 = 0, credits, retries = 0; 2918 2919 if (EXT4_DIR_LINK_MAX(dir)) 2920 return -EMLINK; 2921 2922 err = dquot_initialize(dir); 2923 if (err) 2924 return err; 2925 2926 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2927 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2928 retry: 2929 inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFDIR | mode, 2930 &dentry->d_name, 2931 0, NULL, EXT4_HT_DIR, credits); 2932 handle = ext4_journal_current_handle(); 2933 err = PTR_ERR(inode); 2934 if (IS_ERR(inode)) 2935 goto out_stop; 2936 2937 inode->i_op = &ext4_dir_inode_operations; 2938 inode->i_fop = &ext4_dir_operations; 2939 err = ext4_init_new_dir(handle, dir, inode); 2940 if (err) 2941 goto out_clear_inode; 2942 err = ext4_mark_inode_dirty(handle, inode); 2943 if (!err) 2944 err = ext4_add_entry(handle, dentry, inode); 2945 if (err) { 2946 out_clear_inode: 2947 clear_nlink(inode); 2948 ext4_orphan_add(handle, inode); 2949 unlock_new_inode(inode); 2950 err2 = ext4_mark_inode_dirty(handle, inode); 2951 if (unlikely(err2)) 2952 err = err2; 2953 ext4_journal_stop(handle); 2954 iput(inode); 2955 goto out_retry; 2956 } 2957 ext4_inc_count(dir); 2958 2959 ext4_update_dx_flag(dir); 2960 err = ext4_mark_inode_dirty(handle, dir); 2961 if (err) 2962 goto out_clear_inode; 2963 d_instantiate_new(dentry, inode); 2964 ext4_fc_track_create(handle, dentry); 2965 if (IS_DIRSYNC(dir)) 2966 ext4_handle_sync(handle); 2967 2968 out_stop: 2969 if (handle) 2970 ext4_journal_stop(handle); 2971 out_retry: 2972 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2973 goto retry; 2974 return err; 2975 } 2976 2977 /* 2978 * routine to check that the specified directory is empty (for rmdir) 2979 */ 2980 bool ext4_empty_dir(struct inode *inode) 2981 { 2982 unsigned int offset; 2983 struct buffer_head *bh; 2984 struct ext4_dir_entry_2 *de; 2985 struct super_block *sb; 2986 2987 if (ext4_has_inline_data(inode)) { 2988 int has_inline_data = 1; 2989 int ret; 2990 2991 ret = empty_inline_dir(inode, &has_inline_data); 2992 if (has_inline_data) 2993 return ret; 2994 } 2995 2996 sb = inode->i_sb; 2997 if (inode->i_size < ext4_dir_rec_len(1, NULL) + 2998 ext4_dir_rec_len(2, NULL)) { 2999 EXT4_ERROR_INODE(inode, "invalid size"); 3000 return false; 3001 } 3002 /* The first directory block must not be a hole, 3003 * so treat it as DIRENT_HTREE 3004 */ 3005 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3006 if (IS_ERR(bh)) 3007 return false; 3008 3009 de = (struct ext4_dir_entry_2 *) bh->b_data; 3010 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3011 0) || 3012 le32_to_cpu(de->inode) != inode->i_ino || strcmp(".", de->name)) { 3013 ext4_warning_inode(inode, "directory missing '.'"); 3014 brelse(bh); 3015 return false; 3016 } 3017 offset = ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3018 de = ext4_next_entry(de, sb->s_blocksize); 3019 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3020 offset) || 3021 le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) { 3022 ext4_warning_inode(inode, "directory missing '..'"); 3023 brelse(bh); 3024 return false; 3025 } 3026 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3027 while (offset < inode->i_size) { 3028 if (!(offset & (sb->s_blocksize - 1))) { 3029 unsigned int lblock; 3030 brelse(bh); 3031 lblock = offset >> EXT4_BLOCK_SIZE_BITS(sb); 3032 bh = ext4_read_dirblock(inode, lblock, EITHER); 3033 if (bh == NULL) { 3034 offset += sb->s_blocksize; 3035 continue; 3036 } 3037 if (IS_ERR(bh)) 3038 return false; 3039 } 3040 de = (struct ext4_dir_entry_2 *) (bh->b_data + 3041 (offset & (sb->s_blocksize - 1))); 3042 if (ext4_check_dir_entry(inode, NULL, de, bh, 3043 bh->b_data, bh->b_size, offset)) { 3044 offset = (offset | (sb->s_blocksize - 1)) + 1; 3045 continue; 3046 } 3047 if (le32_to_cpu(de->inode)) { 3048 brelse(bh); 3049 return false; 3050 } 3051 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3052 } 3053 brelse(bh); 3054 return true; 3055 } 3056 3057 static int ext4_rmdir(struct inode *dir, struct dentry *dentry) 3058 { 3059 int retval; 3060 struct inode *inode; 3061 struct buffer_head *bh; 3062 struct ext4_dir_entry_2 *de; 3063 handle_t *handle = NULL; 3064 3065 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3066 return -EIO; 3067 3068 /* Initialize quotas before so that eventual writes go in 3069 * separate transaction */ 3070 retval = dquot_initialize(dir); 3071 if (retval) 3072 return retval; 3073 retval = dquot_initialize(d_inode(dentry)); 3074 if (retval) 3075 return retval; 3076 3077 retval = -ENOENT; 3078 bh = ext4_find_entry(dir, &dentry->d_name, &de, NULL); 3079 if (IS_ERR(bh)) 3080 return PTR_ERR(bh); 3081 if (!bh) 3082 goto end_rmdir; 3083 3084 inode = d_inode(dentry); 3085 3086 retval = -EFSCORRUPTED; 3087 if (le32_to_cpu(de->inode) != inode->i_ino) 3088 goto end_rmdir; 3089 3090 retval = -ENOTEMPTY; 3091 if (!ext4_empty_dir(inode)) 3092 goto end_rmdir; 3093 3094 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3095 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3096 if (IS_ERR(handle)) { 3097 retval = PTR_ERR(handle); 3098 handle = NULL; 3099 goto end_rmdir; 3100 } 3101 3102 if (IS_DIRSYNC(dir)) 3103 ext4_handle_sync(handle); 3104 3105 retval = ext4_delete_entry(handle, dir, de, bh); 3106 if (retval) 3107 goto end_rmdir; 3108 if (!EXT4_DIR_LINK_EMPTY(inode)) 3109 ext4_warning_inode(inode, 3110 "empty directory '%.*s' has too many links (%u)", 3111 dentry->d_name.len, dentry->d_name.name, 3112 inode->i_nlink); 3113 inode_inc_iversion(inode); 3114 clear_nlink(inode); 3115 /* There's no need to set i_disksize: the fact that i_nlink is 3116 * zero will ensure that the right thing happens during any 3117 * recovery. */ 3118 inode->i_size = 0; 3119 ext4_orphan_add(handle, inode); 3120 inode->i_ctime = dir->i_ctime = dir->i_mtime = current_time(inode); 3121 retval = ext4_mark_inode_dirty(handle, inode); 3122 if (retval) 3123 goto end_rmdir; 3124 ext4_dec_count(dir); 3125 ext4_update_dx_flag(dir); 3126 ext4_fc_track_unlink(handle, dentry); 3127 retval = ext4_mark_inode_dirty(handle, dir); 3128 3129 #if IS_ENABLED(CONFIG_UNICODE) 3130 /* VFS negative dentries are incompatible with Encoding and 3131 * Case-insensitiveness. Eventually we'll want avoid 3132 * invalidating the dentries here, alongside with returning the 3133 * negative dentries at ext4_lookup(), when it is better 3134 * supported by the VFS for the CI case. 3135 */ 3136 if (IS_CASEFOLDED(dir)) 3137 d_invalidate(dentry); 3138 #endif 3139 3140 end_rmdir: 3141 brelse(bh); 3142 if (handle) 3143 ext4_journal_stop(handle); 3144 return retval; 3145 } 3146 3147 int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name, 3148 struct inode *inode) 3149 { 3150 int retval = -ENOENT; 3151 struct buffer_head *bh; 3152 struct ext4_dir_entry_2 *de; 3153 int skip_remove_dentry = 0; 3154 3155 bh = ext4_find_entry(dir, d_name, &de, NULL); 3156 if (IS_ERR(bh)) 3157 return PTR_ERR(bh); 3158 3159 if (!bh) 3160 return -ENOENT; 3161 3162 if (le32_to_cpu(de->inode) != inode->i_ino) { 3163 /* 3164 * It's okay if we find dont find dentry which matches 3165 * the inode. That's because it might have gotten 3166 * renamed to a different inode number 3167 */ 3168 if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY) 3169 skip_remove_dentry = 1; 3170 else 3171 goto out; 3172 } 3173 3174 if (IS_DIRSYNC(dir)) 3175 ext4_handle_sync(handle); 3176 3177 if (!skip_remove_dentry) { 3178 retval = ext4_delete_entry(handle, dir, de, bh); 3179 if (retval) 3180 goto out; 3181 dir->i_ctime = dir->i_mtime = current_time(dir); 3182 ext4_update_dx_flag(dir); 3183 retval = ext4_mark_inode_dirty(handle, dir); 3184 if (retval) 3185 goto out; 3186 } else { 3187 retval = 0; 3188 } 3189 if (inode->i_nlink == 0) 3190 ext4_warning_inode(inode, "Deleting file '%.*s' with no links", 3191 d_name->len, d_name->name); 3192 else 3193 drop_nlink(inode); 3194 if (!inode->i_nlink) 3195 ext4_orphan_add(handle, inode); 3196 inode->i_ctime = current_time(inode); 3197 retval = ext4_mark_inode_dirty(handle, inode); 3198 3199 out: 3200 brelse(bh); 3201 return retval; 3202 } 3203 3204 static int ext4_unlink(struct inode *dir, struct dentry *dentry) 3205 { 3206 handle_t *handle; 3207 int retval; 3208 3209 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3210 return -EIO; 3211 3212 trace_ext4_unlink_enter(dir, dentry); 3213 /* 3214 * Initialize quotas before so that eventual writes go 3215 * in separate transaction 3216 */ 3217 retval = dquot_initialize(dir); 3218 if (retval) 3219 goto out_trace; 3220 retval = dquot_initialize(d_inode(dentry)); 3221 if (retval) 3222 goto out_trace; 3223 3224 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3225 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3226 if (IS_ERR(handle)) { 3227 retval = PTR_ERR(handle); 3228 goto out_trace; 3229 } 3230 3231 retval = __ext4_unlink(handle, dir, &dentry->d_name, d_inode(dentry)); 3232 if (!retval) 3233 ext4_fc_track_unlink(handle, dentry); 3234 #if IS_ENABLED(CONFIG_UNICODE) 3235 /* VFS negative dentries are incompatible with Encoding and 3236 * Case-insensitiveness. Eventually we'll want avoid 3237 * invalidating the dentries here, alongside with returning the 3238 * negative dentries at ext4_lookup(), when it is better 3239 * supported by the VFS for the CI case. 3240 */ 3241 if (IS_CASEFOLDED(dir)) 3242 d_invalidate(dentry); 3243 #endif 3244 if (handle) 3245 ext4_journal_stop(handle); 3246 3247 out_trace: 3248 trace_ext4_unlink_exit(dentry, retval); 3249 return retval; 3250 } 3251 3252 static int ext4_symlink(struct user_namespace *mnt_userns, struct inode *dir, 3253 struct dentry *dentry, const char *symname) 3254 { 3255 handle_t *handle; 3256 struct inode *inode; 3257 int err, len = strlen(symname); 3258 int credits; 3259 struct fscrypt_str disk_link; 3260 3261 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3262 return -EIO; 3263 3264 err = fscrypt_prepare_symlink(dir, symname, len, dir->i_sb->s_blocksize, 3265 &disk_link); 3266 if (err) 3267 return err; 3268 3269 err = dquot_initialize(dir); 3270 if (err) 3271 return err; 3272 3273 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3274 /* 3275 * For non-fast symlinks, we just allocate inode and put it on 3276 * orphan list in the first transaction => we need bitmap, 3277 * group descriptor, sb, inode block, quota blocks, and 3278 * possibly selinux xattr blocks. 3279 */ 3280 credits = 4 + EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) + 3281 EXT4_XATTR_TRANS_BLOCKS; 3282 } else { 3283 /* 3284 * Fast symlink. We have to add entry to directory 3285 * (EXT4_DATA_TRANS_BLOCKS + EXT4_INDEX_EXTRA_TRANS_BLOCKS), 3286 * allocate new inode (bitmap, group descriptor, inode block, 3287 * quota blocks, sb is already counted in previous macros). 3288 */ 3289 credits = EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3290 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3; 3291 } 3292 3293 inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFLNK|S_IRWXUGO, 3294 &dentry->d_name, 0, NULL, 3295 EXT4_HT_DIR, credits); 3296 handle = ext4_journal_current_handle(); 3297 if (IS_ERR(inode)) { 3298 if (handle) 3299 ext4_journal_stop(handle); 3300 return PTR_ERR(inode); 3301 } 3302 3303 if (IS_ENCRYPTED(inode)) { 3304 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 3305 if (err) 3306 goto err_drop_inode; 3307 inode->i_op = &ext4_encrypted_symlink_inode_operations; 3308 } 3309 3310 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3311 if (!IS_ENCRYPTED(inode)) 3312 inode->i_op = &ext4_symlink_inode_operations; 3313 inode_nohighmem(inode); 3314 ext4_set_aops(inode); 3315 /* 3316 * We cannot call page_symlink() with transaction started 3317 * because it calls into ext4_write_begin() which can wait 3318 * for transaction commit if we are running out of space 3319 * and thus we deadlock. So we have to stop transaction now 3320 * and restart it when symlink contents is written. 3321 * 3322 * To keep fs consistent in case of crash, we have to put inode 3323 * to orphan list in the mean time. 3324 */ 3325 drop_nlink(inode); 3326 err = ext4_orphan_add(handle, inode); 3327 if (handle) 3328 ext4_journal_stop(handle); 3329 handle = NULL; 3330 if (err) 3331 goto err_drop_inode; 3332 err = __page_symlink(inode, disk_link.name, disk_link.len, 1); 3333 if (err) 3334 goto err_drop_inode; 3335 /* 3336 * Now inode is being linked into dir (EXT4_DATA_TRANS_BLOCKS 3337 * + EXT4_INDEX_EXTRA_TRANS_BLOCKS), inode is also modified 3338 */ 3339 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3340 EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3341 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 1); 3342 if (IS_ERR(handle)) { 3343 err = PTR_ERR(handle); 3344 handle = NULL; 3345 goto err_drop_inode; 3346 } 3347 set_nlink(inode, 1); 3348 err = ext4_orphan_del(handle, inode); 3349 if (err) 3350 goto err_drop_inode; 3351 } else { 3352 /* clear the extent format for fast symlink */ 3353 ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS); 3354 if (!IS_ENCRYPTED(inode)) { 3355 inode->i_op = &ext4_fast_symlink_inode_operations; 3356 inode->i_link = (char *)&EXT4_I(inode)->i_data; 3357 } 3358 memcpy((char *)&EXT4_I(inode)->i_data, disk_link.name, 3359 disk_link.len); 3360 inode->i_size = disk_link.len - 1; 3361 } 3362 EXT4_I(inode)->i_disksize = inode->i_size; 3363 err = ext4_add_nondir(handle, dentry, &inode); 3364 if (handle) 3365 ext4_journal_stop(handle); 3366 if (inode) 3367 iput(inode); 3368 goto out_free_encrypted_link; 3369 3370 err_drop_inode: 3371 if (handle) 3372 ext4_journal_stop(handle); 3373 clear_nlink(inode); 3374 unlock_new_inode(inode); 3375 iput(inode); 3376 out_free_encrypted_link: 3377 if (disk_link.name != (unsigned char *)symname) 3378 kfree(disk_link.name); 3379 return err; 3380 } 3381 3382 int __ext4_link(struct inode *dir, struct inode *inode, struct dentry *dentry) 3383 { 3384 handle_t *handle; 3385 int err, retries = 0; 3386 retry: 3387 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3388 (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3389 EXT4_INDEX_EXTRA_TRANS_BLOCKS) + 1); 3390 if (IS_ERR(handle)) 3391 return PTR_ERR(handle); 3392 3393 if (IS_DIRSYNC(dir)) 3394 ext4_handle_sync(handle); 3395 3396 inode->i_ctime = current_time(inode); 3397 ext4_inc_count(inode); 3398 ihold(inode); 3399 3400 err = ext4_add_entry(handle, dentry, inode); 3401 if (!err) { 3402 err = ext4_mark_inode_dirty(handle, inode); 3403 /* this can happen only for tmpfile being 3404 * linked the first time 3405 */ 3406 if (inode->i_nlink == 1) 3407 ext4_orphan_del(handle, inode); 3408 d_instantiate(dentry, inode); 3409 ext4_fc_track_link(handle, dentry); 3410 } else { 3411 drop_nlink(inode); 3412 iput(inode); 3413 } 3414 ext4_journal_stop(handle); 3415 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3416 goto retry; 3417 return err; 3418 } 3419 3420 static int ext4_link(struct dentry *old_dentry, 3421 struct inode *dir, struct dentry *dentry) 3422 { 3423 struct inode *inode = d_inode(old_dentry); 3424 int err; 3425 3426 if (inode->i_nlink >= EXT4_LINK_MAX) 3427 return -EMLINK; 3428 3429 err = fscrypt_prepare_link(old_dentry, dir, dentry); 3430 if (err) 3431 return err; 3432 3433 if ((ext4_test_inode_flag(dir, EXT4_INODE_PROJINHERIT)) && 3434 (!projid_eq(EXT4_I(dir)->i_projid, 3435 EXT4_I(old_dentry->d_inode)->i_projid))) 3436 return -EXDEV; 3437 3438 err = dquot_initialize(dir); 3439 if (err) 3440 return err; 3441 return __ext4_link(dir, inode, dentry); 3442 } 3443 3444 /* 3445 * Try to find buffer head where contains the parent block. 3446 * It should be the inode block if it is inlined or the 1st block 3447 * if it is a normal dir. 3448 */ 3449 static struct buffer_head *ext4_get_first_dir_block(handle_t *handle, 3450 struct inode *inode, 3451 int *retval, 3452 struct ext4_dir_entry_2 **parent_de, 3453 int *inlined) 3454 { 3455 struct buffer_head *bh; 3456 3457 if (!ext4_has_inline_data(inode)) { 3458 /* The first directory block must not be a hole, so 3459 * treat it as DIRENT_HTREE 3460 */ 3461 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3462 if (IS_ERR(bh)) { 3463 *retval = PTR_ERR(bh); 3464 return NULL; 3465 } 3466 *parent_de = ext4_next_entry( 3467 (struct ext4_dir_entry_2 *)bh->b_data, 3468 inode->i_sb->s_blocksize); 3469 return bh; 3470 } 3471 3472 *inlined = 1; 3473 return ext4_get_first_inline_block(inode, parent_de, retval); 3474 } 3475 3476 struct ext4_renament { 3477 struct inode *dir; 3478 struct dentry *dentry; 3479 struct inode *inode; 3480 bool is_dir; 3481 int dir_nlink_delta; 3482 3483 /* entry for "dentry" */ 3484 struct buffer_head *bh; 3485 struct ext4_dir_entry_2 *de; 3486 int inlined; 3487 3488 /* entry for ".." in inode if it's a directory */ 3489 struct buffer_head *dir_bh; 3490 struct ext4_dir_entry_2 *parent_de; 3491 int dir_inlined; 3492 }; 3493 3494 static int ext4_rename_dir_prepare(handle_t *handle, struct ext4_renament *ent) 3495 { 3496 int retval; 3497 3498 ent->dir_bh = ext4_get_first_dir_block(handle, ent->inode, 3499 &retval, &ent->parent_de, 3500 &ent->dir_inlined); 3501 if (!ent->dir_bh) 3502 return retval; 3503 if (le32_to_cpu(ent->parent_de->inode) != ent->dir->i_ino) 3504 return -EFSCORRUPTED; 3505 BUFFER_TRACE(ent->dir_bh, "get_write_access"); 3506 return ext4_journal_get_write_access(handle, ent->dir->i_sb, 3507 ent->dir_bh, EXT4_JTR_NONE); 3508 } 3509 3510 static int ext4_rename_dir_finish(handle_t *handle, struct ext4_renament *ent, 3511 unsigned dir_ino) 3512 { 3513 int retval; 3514 3515 ent->parent_de->inode = cpu_to_le32(dir_ino); 3516 BUFFER_TRACE(ent->dir_bh, "call ext4_handle_dirty_metadata"); 3517 if (!ent->dir_inlined) { 3518 if (is_dx(ent->inode)) { 3519 retval = ext4_handle_dirty_dx_node(handle, 3520 ent->inode, 3521 ent->dir_bh); 3522 } else { 3523 retval = ext4_handle_dirty_dirblock(handle, ent->inode, 3524 ent->dir_bh); 3525 } 3526 } else { 3527 retval = ext4_mark_inode_dirty(handle, ent->inode); 3528 } 3529 if (retval) { 3530 ext4_std_error(ent->dir->i_sb, retval); 3531 return retval; 3532 } 3533 return 0; 3534 } 3535 3536 static int ext4_setent(handle_t *handle, struct ext4_renament *ent, 3537 unsigned ino, unsigned file_type) 3538 { 3539 int retval, retval2; 3540 3541 BUFFER_TRACE(ent->bh, "get write access"); 3542 retval = ext4_journal_get_write_access(handle, ent->dir->i_sb, ent->bh, 3543 EXT4_JTR_NONE); 3544 if (retval) 3545 return retval; 3546 ent->de->inode = cpu_to_le32(ino); 3547 if (ext4_has_feature_filetype(ent->dir->i_sb)) 3548 ent->de->file_type = file_type; 3549 inode_inc_iversion(ent->dir); 3550 ent->dir->i_ctime = ent->dir->i_mtime = 3551 current_time(ent->dir); 3552 retval = ext4_mark_inode_dirty(handle, ent->dir); 3553 BUFFER_TRACE(ent->bh, "call ext4_handle_dirty_metadata"); 3554 if (!ent->inlined) { 3555 retval2 = ext4_handle_dirty_dirblock(handle, ent->dir, ent->bh); 3556 if (unlikely(retval2)) { 3557 ext4_std_error(ent->dir->i_sb, retval2); 3558 return retval2; 3559 } 3560 } 3561 return retval; 3562 } 3563 3564 static void ext4_resetent(handle_t *handle, struct ext4_renament *ent, 3565 unsigned ino, unsigned file_type) 3566 { 3567 struct ext4_renament old = *ent; 3568 int retval = 0; 3569 3570 /* 3571 * old->de could have moved from under us during make indexed dir, 3572 * so the old->de may no longer valid and need to find it again 3573 * before reset old inode info. 3574 */ 3575 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL); 3576 if (IS_ERR(old.bh)) 3577 retval = PTR_ERR(old.bh); 3578 if (!old.bh) 3579 retval = -ENOENT; 3580 if (retval) { 3581 ext4_std_error(old.dir->i_sb, retval); 3582 return; 3583 } 3584 3585 ext4_setent(handle, &old, ino, file_type); 3586 brelse(old.bh); 3587 } 3588 3589 static int ext4_find_delete_entry(handle_t *handle, struct inode *dir, 3590 const struct qstr *d_name) 3591 { 3592 int retval = -ENOENT; 3593 struct buffer_head *bh; 3594 struct ext4_dir_entry_2 *de; 3595 3596 bh = ext4_find_entry(dir, d_name, &de, NULL); 3597 if (IS_ERR(bh)) 3598 return PTR_ERR(bh); 3599 if (bh) { 3600 retval = ext4_delete_entry(handle, dir, de, bh); 3601 brelse(bh); 3602 } 3603 return retval; 3604 } 3605 3606 static void ext4_rename_delete(handle_t *handle, struct ext4_renament *ent, 3607 int force_reread) 3608 { 3609 int retval; 3610 /* 3611 * ent->de could have moved from under us during htree split, so make 3612 * sure that we are deleting the right entry. We might also be pointing 3613 * to a stale entry in the unused part of ent->bh so just checking inum 3614 * and the name isn't enough. 3615 */ 3616 if (le32_to_cpu(ent->de->inode) != ent->inode->i_ino || 3617 ent->de->name_len != ent->dentry->d_name.len || 3618 strncmp(ent->de->name, ent->dentry->d_name.name, 3619 ent->de->name_len) || 3620 force_reread) { 3621 retval = ext4_find_delete_entry(handle, ent->dir, 3622 &ent->dentry->d_name); 3623 } else { 3624 retval = ext4_delete_entry(handle, ent->dir, ent->de, ent->bh); 3625 if (retval == -ENOENT) { 3626 retval = ext4_find_delete_entry(handle, ent->dir, 3627 &ent->dentry->d_name); 3628 } 3629 } 3630 3631 if (retval) { 3632 ext4_warning_inode(ent->dir, 3633 "Deleting old file: nlink %d, error=%d", 3634 ent->dir->i_nlink, retval); 3635 } 3636 } 3637 3638 static void ext4_update_dir_count(handle_t *handle, struct ext4_renament *ent) 3639 { 3640 if (ent->dir_nlink_delta) { 3641 if (ent->dir_nlink_delta == -1) 3642 ext4_dec_count(ent->dir); 3643 else 3644 ext4_inc_count(ent->dir); 3645 ext4_mark_inode_dirty(handle, ent->dir); 3646 } 3647 } 3648 3649 static struct inode *ext4_whiteout_for_rename(struct user_namespace *mnt_userns, 3650 struct ext4_renament *ent, 3651 int credits, handle_t **h) 3652 { 3653 struct inode *wh; 3654 handle_t *handle; 3655 int retries = 0; 3656 3657 /* 3658 * for inode block, sb block, group summaries, 3659 * and inode bitmap 3660 */ 3661 credits += (EXT4_MAXQUOTAS_TRANS_BLOCKS(ent->dir->i_sb) + 3662 EXT4_XATTR_TRANS_BLOCKS + 4); 3663 retry: 3664 wh = ext4_new_inode_start_handle(mnt_userns, ent->dir, 3665 S_IFCHR | WHITEOUT_MODE, 3666 &ent->dentry->d_name, 0, NULL, 3667 EXT4_HT_DIR, credits); 3668 3669 handle = ext4_journal_current_handle(); 3670 if (IS_ERR(wh)) { 3671 if (handle) 3672 ext4_journal_stop(handle); 3673 if (PTR_ERR(wh) == -ENOSPC && 3674 ext4_should_retry_alloc(ent->dir->i_sb, &retries)) 3675 goto retry; 3676 } else { 3677 *h = handle; 3678 init_special_inode(wh, wh->i_mode, WHITEOUT_DEV); 3679 wh->i_op = &ext4_special_inode_operations; 3680 } 3681 return wh; 3682 } 3683 3684 /* 3685 * Anybody can rename anything with this: the permission checks are left to the 3686 * higher-level routines. 3687 * 3688 * n.b. old_{dentry,inode) refers to the source dentry/inode 3689 * while new_{dentry,inode) refers to the destination dentry/inode 3690 * This comes from rename(const char *oldpath, const char *newpath) 3691 */ 3692 static int ext4_rename(struct user_namespace *mnt_userns, struct inode *old_dir, 3693 struct dentry *old_dentry, struct inode *new_dir, 3694 struct dentry *new_dentry, unsigned int flags) 3695 { 3696 handle_t *handle = NULL; 3697 struct ext4_renament old = { 3698 .dir = old_dir, 3699 .dentry = old_dentry, 3700 .inode = d_inode(old_dentry), 3701 }; 3702 struct ext4_renament new = { 3703 .dir = new_dir, 3704 .dentry = new_dentry, 3705 .inode = d_inode(new_dentry), 3706 }; 3707 int force_reread; 3708 int retval; 3709 struct inode *whiteout = NULL; 3710 int credits; 3711 u8 old_file_type; 3712 3713 if (new.inode && new.inode->i_nlink == 0) { 3714 EXT4_ERROR_INODE(new.inode, 3715 "target of rename is already freed"); 3716 return -EFSCORRUPTED; 3717 } 3718 3719 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT)) && 3720 (!projid_eq(EXT4_I(new_dir)->i_projid, 3721 EXT4_I(old_dentry->d_inode)->i_projid))) 3722 return -EXDEV; 3723 3724 retval = dquot_initialize(old.dir); 3725 if (retval) 3726 return retval; 3727 retval = dquot_initialize(new.dir); 3728 if (retval) 3729 return retval; 3730 3731 /* Initialize quotas before so that eventual writes go 3732 * in separate transaction */ 3733 if (new.inode) { 3734 retval = dquot_initialize(new.inode); 3735 if (retval) 3736 return retval; 3737 } 3738 3739 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL); 3740 if (IS_ERR(old.bh)) 3741 return PTR_ERR(old.bh); 3742 /* 3743 * Check for inode number is _not_ due to possible IO errors. 3744 * We might rmdir the source, keep it as pwd of some process 3745 * and merrily kill the link to whatever was created under the 3746 * same name. Goodbye sticky bit ;-< 3747 */ 3748 retval = -ENOENT; 3749 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 3750 goto release_bh; 3751 3752 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 3753 &new.de, &new.inlined); 3754 if (IS_ERR(new.bh)) { 3755 retval = PTR_ERR(new.bh); 3756 new.bh = NULL; 3757 goto release_bh; 3758 } 3759 if (new.bh) { 3760 if (!new.inode) { 3761 brelse(new.bh); 3762 new.bh = NULL; 3763 } 3764 } 3765 if (new.inode && !test_opt(new.dir->i_sb, NO_AUTO_DA_ALLOC)) 3766 ext4_alloc_da_blocks(old.inode); 3767 3768 credits = (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 3769 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2); 3770 if (!(flags & RENAME_WHITEOUT)) { 3771 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, credits); 3772 if (IS_ERR(handle)) { 3773 retval = PTR_ERR(handle); 3774 goto release_bh; 3775 } 3776 } else { 3777 whiteout = ext4_whiteout_for_rename(mnt_userns, &old, credits, &handle); 3778 if (IS_ERR(whiteout)) { 3779 retval = PTR_ERR(whiteout); 3780 goto release_bh; 3781 } 3782 } 3783 3784 old_file_type = old.de->file_type; 3785 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 3786 ext4_handle_sync(handle); 3787 3788 if (S_ISDIR(old.inode->i_mode)) { 3789 if (new.inode) { 3790 retval = -ENOTEMPTY; 3791 if (!ext4_empty_dir(new.inode)) 3792 goto end_rename; 3793 } else { 3794 retval = -EMLINK; 3795 if (new.dir != old.dir && EXT4_DIR_LINK_MAX(new.dir)) 3796 goto end_rename; 3797 } 3798 retval = ext4_rename_dir_prepare(handle, &old); 3799 if (retval) 3800 goto end_rename; 3801 } 3802 /* 3803 * If we're renaming a file within an inline_data dir and adding or 3804 * setting the new dirent causes a conversion from inline_data to 3805 * extents/blockmap, we need to force the dirent delete code to 3806 * re-read the directory, or else we end up trying to delete a dirent 3807 * from what is now the extent tree root (or a block map). 3808 */ 3809 force_reread = (new.dir->i_ino == old.dir->i_ino && 3810 ext4_test_inode_flag(new.dir, EXT4_INODE_INLINE_DATA)); 3811 3812 if (whiteout) { 3813 /* 3814 * Do this before adding a new entry, so the old entry is sure 3815 * to be still pointing to the valid old entry. 3816 */ 3817 retval = ext4_setent(handle, &old, whiteout->i_ino, 3818 EXT4_FT_CHRDEV); 3819 if (retval) 3820 goto end_rename; 3821 retval = ext4_mark_inode_dirty(handle, whiteout); 3822 if (unlikely(retval)) 3823 goto end_rename; 3824 3825 } 3826 if (!new.bh) { 3827 retval = ext4_add_entry(handle, new.dentry, old.inode); 3828 if (retval) 3829 goto end_rename; 3830 } else { 3831 retval = ext4_setent(handle, &new, 3832 old.inode->i_ino, old_file_type); 3833 if (retval) 3834 goto end_rename; 3835 } 3836 if (force_reread) 3837 force_reread = !ext4_test_inode_flag(new.dir, 3838 EXT4_INODE_INLINE_DATA); 3839 3840 /* 3841 * Like most other Unix systems, set the ctime for inodes on a 3842 * rename. 3843 */ 3844 old.inode->i_ctime = current_time(old.inode); 3845 retval = ext4_mark_inode_dirty(handle, old.inode); 3846 if (unlikely(retval)) 3847 goto end_rename; 3848 3849 if (!whiteout) { 3850 /* 3851 * ok, that's it 3852 */ 3853 ext4_rename_delete(handle, &old, force_reread); 3854 } 3855 3856 if (new.inode) { 3857 ext4_dec_count(new.inode); 3858 new.inode->i_ctime = current_time(new.inode); 3859 } 3860 old.dir->i_ctime = old.dir->i_mtime = current_time(old.dir); 3861 ext4_update_dx_flag(old.dir); 3862 if (old.dir_bh) { 3863 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 3864 if (retval) 3865 goto end_rename; 3866 3867 ext4_dec_count(old.dir); 3868 if (new.inode) { 3869 /* checked ext4_empty_dir above, can't have another 3870 * parent, ext4_dec_count() won't work for many-linked 3871 * dirs */ 3872 clear_nlink(new.inode); 3873 } else { 3874 ext4_inc_count(new.dir); 3875 ext4_update_dx_flag(new.dir); 3876 retval = ext4_mark_inode_dirty(handle, new.dir); 3877 if (unlikely(retval)) 3878 goto end_rename; 3879 } 3880 } 3881 retval = ext4_mark_inode_dirty(handle, old.dir); 3882 if (unlikely(retval)) 3883 goto end_rename; 3884 3885 if (S_ISDIR(old.inode->i_mode)) { 3886 /* 3887 * We disable fast commits here that's because the 3888 * replay code is not yet capable of changing dot dot 3889 * dirents in directories. 3890 */ 3891 ext4_fc_mark_ineligible(old.inode->i_sb, 3892 EXT4_FC_REASON_RENAME_DIR, handle); 3893 } else { 3894 struct super_block *sb = old.inode->i_sb; 3895 3896 if (new.inode) 3897 ext4_fc_track_unlink(handle, new.dentry); 3898 if (test_opt2(sb, JOURNAL_FAST_COMMIT) && 3899 !(EXT4_SB(sb)->s_mount_state & EXT4_FC_REPLAY) && 3900 !(ext4_test_mount_flag(sb, EXT4_MF_FC_INELIGIBLE))) { 3901 __ext4_fc_track_link(handle, old.inode, new.dentry); 3902 __ext4_fc_track_unlink(handle, old.inode, old.dentry); 3903 if (whiteout) 3904 __ext4_fc_track_create(handle, whiteout, 3905 old.dentry); 3906 } 3907 } 3908 3909 if (new.inode) { 3910 retval = ext4_mark_inode_dirty(handle, new.inode); 3911 if (unlikely(retval)) 3912 goto end_rename; 3913 if (!new.inode->i_nlink) 3914 ext4_orphan_add(handle, new.inode); 3915 } 3916 retval = 0; 3917 3918 end_rename: 3919 if (whiteout) { 3920 if (retval) { 3921 ext4_resetent(handle, &old, 3922 old.inode->i_ino, old_file_type); 3923 drop_nlink(whiteout); 3924 ext4_orphan_add(handle, whiteout); 3925 } 3926 unlock_new_inode(whiteout); 3927 ext4_journal_stop(handle); 3928 iput(whiteout); 3929 } else { 3930 ext4_journal_stop(handle); 3931 } 3932 release_bh: 3933 brelse(old.dir_bh); 3934 brelse(old.bh); 3935 brelse(new.bh); 3936 return retval; 3937 } 3938 3939 static int ext4_cross_rename(struct inode *old_dir, struct dentry *old_dentry, 3940 struct inode *new_dir, struct dentry *new_dentry) 3941 { 3942 handle_t *handle = NULL; 3943 struct ext4_renament old = { 3944 .dir = old_dir, 3945 .dentry = old_dentry, 3946 .inode = d_inode(old_dentry), 3947 }; 3948 struct ext4_renament new = { 3949 .dir = new_dir, 3950 .dentry = new_dentry, 3951 .inode = d_inode(new_dentry), 3952 }; 3953 u8 new_file_type; 3954 int retval; 3955 struct timespec64 ctime; 3956 3957 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT) && 3958 !projid_eq(EXT4_I(new_dir)->i_projid, 3959 EXT4_I(old_dentry->d_inode)->i_projid)) || 3960 (ext4_test_inode_flag(old_dir, EXT4_INODE_PROJINHERIT) && 3961 !projid_eq(EXT4_I(old_dir)->i_projid, 3962 EXT4_I(new_dentry->d_inode)->i_projid))) 3963 return -EXDEV; 3964 3965 retval = dquot_initialize(old.dir); 3966 if (retval) 3967 return retval; 3968 retval = dquot_initialize(new.dir); 3969 if (retval) 3970 return retval; 3971 3972 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, 3973 &old.de, &old.inlined); 3974 if (IS_ERR(old.bh)) 3975 return PTR_ERR(old.bh); 3976 /* 3977 * Check for inode number is _not_ due to possible IO errors. 3978 * We might rmdir the source, keep it as pwd of some process 3979 * and merrily kill the link to whatever was created under the 3980 * same name. Goodbye sticky bit ;-< 3981 */ 3982 retval = -ENOENT; 3983 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 3984 goto end_rename; 3985 3986 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 3987 &new.de, &new.inlined); 3988 if (IS_ERR(new.bh)) { 3989 retval = PTR_ERR(new.bh); 3990 new.bh = NULL; 3991 goto end_rename; 3992 } 3993 3994 /* RENAME_EXCHANGE case: old *and* new must both exist */ 3995 if (!new.bh || le32_to_cpu(new.de->inode) != new.inode->i_ino) 3996 goto end_rename; 3997 3998 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, 3999 (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 4000 2 * EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2)); 4001 if (IS_ERR(handle)) { 4002 retval = PTR_ERR(handle); 4003 handle = NULL; 4004 goto end_rename; 4005 } 4006 4007 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 4008 ext4_handle_sync(handle); 4009 4010 if (S_ISDIR(old.inode->i_mode)) { 4011 old.is_dir = true; 4012 retval = ext4_rename_dir_prepare(handle, &old); 4013 if (retval) 4014 goto end_rename; 4015 } 4016 if (S_ISDIR(new.inode->i_mode)) { 4017 new.is_dir = true; 4018 retval = ext4_rename_dir_prepare(handle, &new); 4019 if (retval) 4020 goto end_rename; 4021 } 4022 4023 /* 4024 * Other than the special case of overwriting a directory, parents' 4025 * nlink only needs to be modified if this is a cross directory rename. 4026 */ 4027 if (old.dir != new.dir && old.is_dir != new.is_dir) { 4028 old.dir_nlink_delta = old.is_dir ? -1 : 1; 4029 new.dir_nlink_delta = -old.dir_nlink_delta; 4030 retval = -EMLINK; 4031 if ((old.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(old.dir)) || 4032 (new.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(new.dir))) 4033 goto end_rename; 4034 } 4035 4036 new_file_type = new.de->file_type; 4037 retval = ext4_setent(handle, &new, old.inode->i_ino, old.de->file_type); 4038 if (retval) 4039 goto end_rename; 4040 4041 retval = ext4_setent(handle, &old, new.inode->i_ino, new_file_type); 4042 if (retval) 4043 goto end_rename; 4044 4045 /* 4046 * Like most other Unix systems, set the ctime for inodes on a 4047 * rename. 4048 */ 4049 ctime = current_time(old.inode); 4050 old.inode->i_ctime = ctime; 4051 new.inode->i_ctime = ctime; 4052 retval = ext4_mark_inode_dirty(handle, old.inode); 4053 if (unlikely(retval)) 4054 goto end_rename; 4055 retval = ext4_mark_inode_dirty(handle, new.inode); 4056 if (unlikely(retval)) 4057 goto end_rename; 4058 ext4_fc_mark_ineligible(new.inode->i_sb, 4059 EXT4_FC_REASON_CROSS_RENAME, handle); 4060 if (old.dir_bh) { 4061 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 4062 if (retval) 4063 goto end_rename; 4064 } 4065 if (new.dir_bh) { 4066 retval = ext4_rename_dir_finish(handle, &new, old.dir->i_ino); 4067 if (retval) 4068 goto end_rename; 4069 } 4070 ext4_update_dir_count(handle, &old); 4071 ext4_update_dir_count(handle, &new); 4072 retval = 0; 4073 4074 end_rename: 4075 brelse(old.dir_bh); 4076 brelse(new.dir_bh); 4077 brelse(old.bh); 4078 brelse(new.bh); 4079 if (handle) 4080 ext4_journal_stop(handle); 4081 return retval; 4082 } 4083 4084 static int ext4_rename2(struct user_namespace *mnt_userns, 4085 struct inode *old_dir, struct dentry *old_dentry, 4086 struct inode *new_dir, struct dentry *new_dentry, 4087 unsigned int flags) 4088 { 4089 int err; 4090 4091 if (unlikely(ext4_forced_shutdown(EXT4_SB(old_dir->i_sb)))) 4092 return -EIO; 4093 4094 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 4095 return -EINVAL; 4096 4097 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 4098 flags); 4099 if (err) 4100 return err; 4101 4102 if (flags & RENAME_EXCHANGE) { 4103 return ext4_cross_rename(old_dir, old_dentry, 4104 new_dir, new_dentry); 4105 } 4106 4107 return ext4_rename(mnt_userns, old_dir, old_dentry, new_dir, new_dentry, flags); 4108 } 4109 4110 /* 4111 * directories can handle most operations... 4112 */ 4113 const struct inode_operations ext4_dir_inode_operations = { 4114 .create = ext4_create, 4115 .lookup = ext4_lookup, 4116 .link = ext4_link, 4117 .unlink = ext4_unlink, 4118 .symlink = ext4_symlink, 4119 .mkdir = ext4_mkdir, 4120 .rmdir = ext4_rmdir, 4121 .mknod = ext4_mknod, 4122 .tmpfile = ext4_tmpfile, 4123 .rename = ext4_rename2, 4124 .setattr = ext4_setattr, 4125 .getattr = ext4_getattr, 4126 .listxattr = ext4_listxattr, 4127 .get_acl = ext4_get_acl, 4128 .set_acl = ext4_set_acl, 4129 .fiemap = ext4_fiemap, 4130 .fileattr_get = ext4_fileattr_get, 4131 .fileattr_set = ext4_fileattr_set, 4132 }; 4133 4134 const struct inode_operations ext4_special_inode_operations = { 4135 .setattr = ext4_setattr, 4136 .getattr = ext4_getattr, 4137 .listxattr = ext4_listxattr, 4138 .get_acl = ext4_get_acl, 4139 .set_acl = ext4_set_acl, 4140 }; 4141