xref: /linux/fs/jffs2/dir.c (revision be969b7cfbcfa8a835a528f1dc467f0975c6d883)
1 /*
2  * JFFS2 -- Journalling Flash File System, Version 2.
3  *
4  * Copyright © 2001-2007 Red Hat, Inc.
5  * Copyright © 2004-2010 David Woodhouse <dwmw2@infradead.org>
6  *
7  * Created by David Woodhouse <dwmw2@infradead.org>
8  *
9  * For licensing information, see the file 'LICENCE' in this directory.
10  *
11  */
12 
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14 
15 #include <linux/kernel.h>
16 #include <linux/slab.h>
17 #include <linux/fs.h>
18 #include <linux/crc32.h>
19 #include <linux/jffs2.h>
20 #include "jffs2_fs_i.h"
21 #include "jffs2_fs_sb.h"
22 #include <linux/time.h>
23 #include "nodelist.h"
24 
25 static int jffs2_readdir (struct file *, struct dir_context *);
26 
27 static int jffs2_create (struct inode *,struct dentry *,umode_t,
28 			 bool);
29 static struct dentry *jffs2_lookup (struct inode *,struct dentry *,
30 				    unsigned int);
31 static int jffs2_link (struct dentry *,struct inode *,struct dentry *);
32 static int jffs2_unlink (struct inode *,struct dentry *);
33 static int jffs2_symlink (struct inode *,struct dentry *,const char *);
34 static int jffs2_mkdir (struct inode *,struct dentry *,umode_t);
35 static int jffs2_rmdir (struct inode *,struct dentry *);
36 static int jffs2_mknod (struct inode *,struct dentry *,umode_t,dev_t);
37 static int jffs2_rename (struct inode *, struct dentry *,
38 			 struct inode *, struct dentry *,
39 			 unsigned int);
40 
41 const struct file_operations jffs2_dir_operations =
42 {
43 	.read =		generic_read_dir,
44 	.iterate_shared=jffs2_readdir,
45 	.unlocked_ioctl=jffs2_ioctl,
46 	.fsync =	jffs2_fsync,
47 	.llseek =	generic_file_llseek,
48 };
49 
50 
51 const struct inode_operations jffs2_dir_inode_operations =
52 {
53 	.create =	jffs2_create,
54 	.lookup =	jffs2_lookup,
55 	.link =		jffs2_link,
56 	.unlink =	jffs2_unlink,
57 	.symlink =	jffs2_symlink,
58 	.mkdir =	jffs2_mkdir,
59 	.rmdir =	jffs2_rmdir,
60 	.mknod =	jffs2_mknod,
61 	.rename =	jffs2_rename,
62 	.get_acl =	jffs2_get_acl,
63 	.set_acl =	jffs2_set_acl,
64 	.setattr =	jffs2_setattr,
65 	.listxattr =	jffs2_listxattr,
66 };
67 
68 /***********************************************************************/
69 
70 
71 /* We keep the dirent list sorted in increasing order of name hash,
72    and we use the same hash function as the dentries. Makes this
73    nice and simple
74 */
75 static struct dentry *jffs2_lookup(struct inode *dir_i, struct dentry *target,
76 				   unsigned int flags)
77 {
78 	struct jffs2_inode_info *dir_f;
79 	struct jffs2_full_dirent *fd = NULL, *fd_list;
80 	uint32_t ino = 0;
81 	struct inode *inode = NULL;
82 	unsigned int nhash;
83 
84 	jffs2_dbg(1, "jffs2_lookup()\n");
85 
86 	if (target->d_name.len > JFFS2_MAX_NAME_LEN)
87 		return ERR_PTR(-ENAMETOOLONG);
88 
89 	dir_f = JFFS2_INODE_INFO(dir_i);
90 
91 	/* The 'nhash' on the fd_list is not the same as the dentry hash */
92 	nhash = full_name_hash(NULL, target->d_name.name, target->d_name.len);
93 
94 	mutex_lock(&dir_f->sem);
95 
96 	/* NB: The 2.2 backport will need to explicitly check for '.' and '..' here */
97 	for (fd_list = dir_f->dents; fd_list && fd_list->nhash <= nhash; fd_list = fd_list->next) {
98 		if (fd_list->nhash == nhash &&
99 		    (!fd || fd_list->version > fd->version) &&
100 		    strlen(fd_list->name) == target->d_name.len &&
101 		    !strncmp(fd_list->name, target->d_name.name, target->d_name.len)) {
102 			fd = fd_list;
103 		}
104 	}
105 	if (fd)
106 		ino = fd->ino;
107 	mutex_unlock(&dir_f->sem);
108 	if (ino) {
109 		inode = jffs2_iget(dir_i->i_sb, ino);
110 		if (IS_ERR(inode))
111 			pr_warn("iget() failed for ino #%u\n", ino);
112 	}
113 
114 	return d_splice_alias(inode, target);
115 }
116 
117 /***********************************************************************/
118 
119 
120 static int jffs2_readdir(struct file *file, struct dir_context *ctx)
121 {
122 	struct inode *inode = file_inode(file);
123 	struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
124 	struct jffs2_full_dirent *fd;
125 	unsigned long curofs = 1;
126 
127 	jffs2_dbg(1, "jffs2_readdir() for dir_i #%lu\n", inode->i_ino);
128 
129 	if (!dir_emit_dots(file, ctx))
130 		return 0;
131 
132 	mutex_lock(&f->sem);
133 	for (fd = f->dents; fd; fd = fd->next) {
134 		curofs++;
135 		/* First loop: curofs = 2; pos = 2 */
136 		if (curofs < ctx->pos) {
137 			jffs2_dbg(2, "Skipping dirent: \"%s\", ino #%u, type %d, because curofs %ld < offset %ld\n",
138 				  fd->name, fd->ino, fd->type, curofs, (unsigned long)ctx->pos);
139 			continue;
140 		}
141 		if (!fd->ino) {
142 			jffs2_dbg(2, "Skipping deletion dirent \"%s\"\n",
143 				  fd->name);
144 			ctx->pos++;
145 			continue;
146 		}
147 		jffs2_dbg(2, "Dirent %ld: \"%s\", ino #%u, type %d\n",
148 			  (unsigned long)ctx->pos, fd->name, fd->ino, fd->type);
149 		if (!dir_emit(ctx, fd->name, strlen(fd->name), fd->ino, fd->type))
150 			break;
151 		ctx->pos++;
152 	}
153 	mutex_unlock(&f->sem);
154 	return 0;
155 }
156 
157 /***********************************************************************/
158 
159 
160 static int jffs2_create(struct inode *dir_i, struct dentry *dentry,
161 			umode_t mode, bool excl)
162 {
163 	struct jffs2_raw_inode *ri;
164 	struct jffs2_inode_info *f, *dir_f;
165 	struct jffs2_sb_info *c;
166 	struct inode *inode;
167 	int ret;
168 
169 	ri = jffs2_alloc_raw_inode();
170 	if (!ri)
171 		return -ENOMEM;
172 
173 	c = JFFS2_SB_INFO(dir_i->i_sb);
174 
175 	jffs2_dbg(1, "%s()\n", __func__);
176 
177 	inode = jffs2_new_inode(dir_i, mode, ri);
178 
179 	if (IS_ERR(inode)) {
180 		jffs2_dbg(1, "jffs2_new_inode() failed\n");
181 		jffs2_free_raw_inode(ri);
182 		return PTR_ERR(inode);
183 	}
184 
185 	inode->i_op = &jffs2_file_inode_operations;
186 	inode->i_fop = &jffs2_file_operations;
187 	inode->i_mapping->a_ops = &jffs2_file_address_operations;
188 	inode->i_mapping->nrpages = 0;
189 
190 	f = JFFS2_INODE_INFO(inode);
191 	dir_f = JFFS2_INODE_INFO(dir_i);
192 
193 	/* jffs2_do_create() will want to lock it, _after_ reserving
194 	   space and taking c-alloc_sem. If we keep it locked here,
195 	   lockdep gets unhappy (although it's a false positive;
196 	   nothing else will be looking at this inode yet so there's
197 	   no chance of AB-BA deadlock involving its f->sem). */
198 	mutex_unlock(&f->sem);
199 
200 	ret = jffs2_do_create(c, dir_f, f, ri, &dentry->d_name);
201 	if (ret)
202 		goto fail;
203 
204 	dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(ri->ctime));
205 
206 	jffs2_free_raw_inode(ri);
207 
208 	jffs2_dbg(1, "%s(): Created ino #%lu with mode %o, nlink %d(%d). nrpages %ld\n",
209 		  __func__, inode->i_ino, inode->i_mode, inode->i_nlink,
210 		  f->inocache->pino_nlink, inode->i_mapping->nrpages);
211 
212 	d_instantiate_new(dentry, inode);
213 	return 0;
214 
215  fail:
216 	iget_failed(inode);
217 	jffs2_free_raw_inode(ri);
218 	return ret;
219 }
220 
221 /***********************************************************************/
222 
223 
224 static int jffs2_unlink(struct inode *dir_i, struct dentry *dentry)
225 {
226 	struct jffs2_sb_info *c = JFFS2_SB_INFO(dir_i->i_sb);
227 	struct jffs2_inode_info *dir_f = JFFS2_INODE_INFO(dir_i);
228 	struct jffs2_inode_info *dead_f = JFFS2_INODE_INFO(d_inode(dentry));
229 	int ret;
230 	uint32_t now = JFFS2_NOW();
231 
232 	ret = jffs2_do_unlink(c, dir_f, dentry->d_name.name,
233 			      dentry->d_name.len, dead_f, now);
234 	if (dead_f->inocache)
235 		set_nlink(d_inode(dentry), dead_f->inocache->pino_nlink);
236 	if (!ret)
237 		dir_i->i_mtime = dir_i->i_ctime = ITIME(now);
238 	return ret;
239 }
240 /***********************************************************************/
241 
242 
243 static int jffs2_link (struct dentry *old_dentry, struct inode *dir_i, struct dentry *dentry)
244 {
245 	struct jffs2_sb_info *c = JFFS2_SB_INFO(old_dentry->d_sb);
246 	struct jffs2_inode_info *f = JFFS2_INODE_INFO(d_inode(old_dentry));
247 	struct jffs2_inode_info *dir_f = JFFS2_INODE_INFO(dir_i);
248 	int ret;
249 	uint8_t type;
250 	uint32_t now;
251 
252 	/* Don't let people make hard links to bad inodes. */
253 	if (!f->inocache)
254 		return -EIO;
255 
256 	if (d_is_dir(old_dentry))
257 		return -EPERM;
258 
259 	/* XXX: This is ugly */
260 	type = (d_inode(old_dentry)->i_mode & S_IFMT) >> 12;
261 	if (!type) type = DT_REG;
262 
263 	now = JFFS2_NOW();
264 	ret = jffs2_do_link(c, dir_f, f->inocache->ino, type, dentry->d_name.name, dentry->d_name.len, now);
265 
266 	if (!ret) {
267 		mutex_lock(&f->sem);
268 		set_nlink(d_inode(old_dentry), ++f->inocache->pino_nlink);
269 		mutex_unlock(&f->sem);
270 		d_instantiate(dentry, d_inode(old_dentry));
271 		dir_i->i_mtime = dir_i->i_ctime = ITIME(now);
272 		ihold(d_inode(old_dentry));
273 	}
274 	return ret;
275 }
276 
277 /***********************************************************************/
278 
279 static int jffs2_symlink (struct inode *dir_i, struct dentry *dentry, const char *target)
280 {
281 	struct jffs2_inode_info *f, *dir_f;
282 	struct jffs2_sb_info *c;
283 	struct inode *inode;
284 	struct jffs2_raw_inode *ri;
285 	struct jffs2_raw_dirent *rd;
286 	struct jffs2_full_dnode *fn;
287 	struct jffs2_full_dirent *fd;
288 	int namelen;
289 	uint32_t alloclen;
290 	int ret, targetlen = strlen(target);
291 
292 	/* FIXME: If you care. We'd need to use frags for the target
293 	   if it grows much more than this */
294 	if (targetlen > 254)
295 		return -ENAMETOOLONG;
296 
297 	ri = jffs2_alloc_raw_inode();
298 
299 	if (!ri)
300 		return -ENOMEM;
301 
302 	c = JFFS2_SB_INFO(dir_i->i_sb);
303 
304 	/* Try to reserve enough space for both node and dirent.
305 	 * Just the node will do for now, though
306 	 */
307 	namelen = dentry->d_name.len;
308 	ret = jffs2_reserve_space(c, sizeof(*ri) + targetlen, &alloclen,
309 				  ALLOC_NORMAL, JFFS2_SUMMARY_INODE_SIZE);
310 
311 	if (ret) {
312 		jffs2_free_raw_inode(ri);
313 		return ret;
314 	}
315 
316 	inode = jffs2_new_inode(dir_i, S_IFLNK | S_IRWXUGO, ri);
317 
318 	if (IS_ERR(inode)) {
319 		jffs2_free_raw_inode(ri);
320 		jffs2_complete_reservation(c);
321 		return PTR_ERR(inode);
322 	}
323 
324 	inode->i_op = &jffs2_symlink_inode_operations;
325 
326 	f = JFFS2_INODE_INFO(inode);
327 
328 	inode->i_size = targetlen;
329 	ri->isize = ri->dsize = ri->csize = cpu_to_je32(inode->i_size);
330 	ri->totlen = cpu_to_je32(sizeof(*ri) + inode->i_size);
331 	ri->hdr_crc = cpu_to_je32(crc32(0, ri, sizeof(struct jffs2_unknown_node)-4));
332 
333 	ri->compr = JFFS2_COMPR_NONE;
334 	ri->data_crc = cpu_to_je32(crc32(0, target, targetlen));
335 	ri->node_crc = cpu_to_je32(crc32(0, ri, sizeof(*ri)-8));
336 
337 	fn = jffs2_write_dnode(c, f, ri, target, targetlen, ALLOC_NORMAL);
338 
339 	jffs2_free_raw_inode(ri);
340 
341 	if (IS_ERR(fn)) {
342 		/* Eeek. Wave bye bye */
343 		mutex_unlock(&f->sem);
344 		jffs2_complete_reservation(c);
345 		ret = PTR_ERR(fn);
346 		goto fail;
347 	}
348 
349 	/* We use f->target field to store the target path. */
350 	f->target = kmemdup(target, targetlen + 1, GFP_KERNEL);
351 	if (!f->target) {
352 		pr_warn("Can't allocate %d bytes of memory\n", targetlen + 1);
353 		mutex_unlock(&f->sem);
354 		jffs2_complete_reservation(c);
355 		ret = -ENOMEM;
356 		goto fail;
357 	}
358 	inode->i_link = f->target;
359 
360 	jffs2_dbg(1, "%s(): symlink's target '%s' cached\n",
361 		  __func__, (char *)f->target);
362 
363 	/* No data here. Only a metadata node, which will be
364 	   obsoleted by the first data write
365 	*/
366 	f->metadata = fn;
367 	mutex_unlock(&f->sem);
368 
369 	jffs2_complete_reservation(c);
370 
371 	ret = jffs2_init_security(inode, dir_i, &dentry->d_name);
372 	if (ret)
373 		goto fail;
374 
375 	ret = jffs2_init_acl_post(inode);
376 	if (ret)
377 		goto fail;
378 
379 	ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen,
380 				  ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen));
381 	if (ret)
382 		goto fail;
383 
384 	rd = jffs2_alloc_raw_dirent();
385 	if (!rd) {
386 		/* Argh. Now we treat it like a normal delete */
387 		jffs2_complete_reservation(c);
388 		ret = -ENOMEM;
389 		goto fail;
390 	}
391 
392 	dir_f = JFFS2_INODE_INFO(dir_i);
393 	mutex_lock(&dir_f->sem);
394 
395 	rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
396 	rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
397 	rd->totlen = cpu_to_je32(sizeof(*rd) + namelen);
398 	rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4));
399 
400 	rd->pino = cpu_to_je32(dir_i->i_ino);
401 	rd->version = cpu_to_je32(++dir_f->highest_version);
402 	rd->ino = cpu_to_je32(inode->i_ino);
403 	rd->mctime = cpu_to_je32(JFFS2_NOW());
404 	rd->nsize = namelen;
405 	rd->type = DT_LNK;
406 	rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8));
407 	rd->name_crc = cpu_to_je32(crc32(0, dentry->d_name.name, namelen));
408 
409 	fd = jffs2_write_dirent(c, dir_f, rd, dentry->d_name.name, namelen, ALLOC_NORMAL);
410 
411 	if (IS_ERR(fd)) {
412 		/* dirent failed to write. Delete the inode normally
413 		   as if it were the final unlink() */
414 		jffs2_complete_reservation(c);
415 		jffs2_free_raw_dirent(rd);
416 		mutex_unlock(&dir_f->sem);
417 		ret = PTR_ERR(fd);
418 		goto fail;
419 	}
420 
421 	dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(rd->mctime));
422 
423 	jffs2_free_raw_dirent(rd);
424 
425 	/* Link the fd into the inode's list, obsoleting an old
426 	   one if necessary. */
427 	jffs2_add_fd_to_list(c, fd, &dir_f->dents);
428 
429 	mutex_unlock(&dir_f->sem);
430 	jffs2_complete_reservation(c);
431 
432 	d_instantiate_new(dentry, inode);
433 	return 0;
434 
435  fail:
436 	iget_failed(inode);
437 	return ret;
438 }
439 
440 
441 static int jffs2_mkdir (struct inode *dir_i, struct dentry *dentry, umode_t mode)
442 {
443 	struct jffs2_inode_info *f, *dir_f;
444 	struct jffs2_sb_info *c;
445 	struct inode *inode;
446 	struct jffs2_raw_inode *ri;
447 	struct jffs2_raw_dirent *rd;
448 	struct jffs2_full_dnode *fn;
449 	struct jffs2_full_dirent *fd;
450 	int namelen;
451 	uint32_t alloclen;
452 	int ret;
453 
454 	mode |= S_IFDIR;
455 
456 	ri = jffs2_alloc_raw_inode();
457 	if (!ri)
458 		return -ENOMEM;
459 
460 	c = JFFS2_SB_INFO(dir_i->i_sb);
461 
462 	/* Try to reserve enough space for both node and dirent.
463 	 * Just the node will do for now, though
464 	 */
465 	namelen = dentry->d_name.len;
466 	ret = jffs2_reserve_space(c, sizeof(*ri), &alloclen, ALLOC_NORMAL,
467 				  JFFS2_SUMMARY_INODE_SIZE);
468 
469 	if (ret) {
470 		jffs2_free_raw_inode(ri);
471 		return ret;
472 	}
473 
474 	inode = jffs2_new_inode(dir_i, mode, ri);
475 
476 	if (IS_ERR(inode)) {
477 		jffs2_free_raw_inode(ri);
478 		jffs2_complete_reservation(c);
479 		return PTR_ERR(inode);
480 	}
481 
482 	inode->i_op = &jffs2_dir_inode_operations;
483 	inode->i_fop = &jffs2_dir_operations;
484 
485 	f = JFFS2_INODE_INFO(inode);
486 
487 	/* Directories get nlink 2 at start */
488 	set_nlink(inode, 2);
489 	/* but ic->pino_nlink is the parent ino# */
490 	f->inocache->pino_nlink = dir_i->i_ino;
491 
492 	ri->data_crc = cpu_to_je32(0);
493 	ri->node_crc = cpu_to_je32(crc32(0, ri, sizeof(*ri)-8));
494 
495 	fn = jffs2_write_dnode(c, f, ri, NULL, 0, ALLOC_NORMAL);
496 
497 	jffs2_free_raw_inode(ri);
498 
499 	if (IS_ERR(fn)) {
500 		/* Eeek. Wave bye bye */
501 		mutex_unlock(&f->sem);
502 		jffs2_complete_reservation(c);
503 		ret = PTR_ERR(fn);
504 		goto fail;
505 	}
506 	/* No data here. Only a metadata node, which will be
507 	   obsoleted by the first data write
508 	*/
509 	f->metadata = fn;
510 	mutex_unlock(&f->sem);
511 
512 	jffs2_complete_reservation(c);
513 
514 	ret = jffs2_init_security(inode, dir_i, &dentry->d_name);
515 	if (ret)
516 		goto fail;
517 
518 	ret = jffs2_init_acl_post(inode);
519 	if (ret)
520 		goto fail;
521 
522 	ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen,
523 				  ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen));
524 	if (ret)
525 		goto fail;
526 
527 	rd = jffs2_alloc_raw_dirent();
528 	if (!rd) {
529 		/* Argh. Now we treat it like a normal delete */
530 		jffs2_complete_reservation(c);
531 		ret = -ENOMEM;
532 		goto fail;
533 	}
534 
535 	dir_f = JFFS2_INODE_INFO(dir_i);
536 	mutex_lock(&dir_f->sem);
537 
538 	rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
539 	rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
540 	rd->totlen = cpu_to_je32(sizeof(*rd) + namelen);
541 	rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4));
542 
543 	rd->pino = cpu_to_je32(dir_i->i_ino);
544 	rd->version = cpu_to_je32(++dir_f->highest_version);
545 	rd->ino = cpu_to_je32(inode->i_ino);
546 	rd->mctime = cpu_to_je32(JFFS2_NOW());
547 	rd->nsize = namelen;
548 	rd->type = DT_DIR;
549 	rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8));
550 	rd->name_crc = cpu_to_je32(crc32(0, dentry->d_name.name, namelen));
551 
552 	fd = jffs2_write_dirent(c, dir_f, rd, dentry->d_name.name, namelen, ALLOC_NORMAL);
553 
554 	if (IS_ERR(fd)) {
555 		/* dirent failed to write. Delete the inode normally
556 		   as if it were the final unlink() */
557 		jffs2_complete_reservation(c);
558 		jffs2_free_raw_dirent(rd);
559 		mutex_unlock(&dir_f->sem);
560 		ret = PTR_ERR(fd);
561 		goto fail;
562 	}
563 
564 	dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(rd->mctime));
565 	inc_nlink(dir_i);
566 
567 	jffs2_free_raw_dirent(rd);
568 
569 	/* Link the fd into the inode's list, obsoleting an old
570 	   one if necessary. */
571 	jffs2_add_fd_to_list(c, fd, &dir_f->dents);
572 
573 	mutex_unlock(&dir_f->sem);
574 	jffs2_complete_reservation(c);
575 
576 	d_instantiate_new(dentry, inode);
577 	return 0;
578 
579  fail:
580 	iget_failed(inode);
581 	return ret;
582 }
583 
584 static int jffs2_rmdir (struct inode *dir_i, struct dentry *dentry)
585 {
586 	struct jffs2_sb_info *c = JFFS2_SB_INFO(dir_i->i_sb);
587 	struct jffs2_inode_info *dir_f = JFFS2_INODE_INFO(dir_i);
588 	struct jffs2_inode_info *f = JFFS2_INODE_INFO(d_inode(dentry));
589 	struct jffs2_full_dirent *fd;
590 	int ret;
591 	uint32_t now = JFFS2_NOW();
592 
593 	mutex_lock(&f->sem);
594 	for (fd = f->dents ; fd; fd = fd->next) {
595 		if (fd->ino) {
596 			mutex_unlock(&f->sem);
597 			return -ENOTEMPTY;
598 		}
599 	}
600 	mutex_unlock(&f->sem);
601 
602 	ret = jffs2_do_unlink(c, dir_f, dentry->d_name.name,
603 			      dentry->d_name.len, f, now);
604 	if (!ret) {
605 		dir_i->i_mtime = dir_i->i_ctime = ITIME(now);
606 		clear_nlink(d_inode(dentry));
607 		drop_nlink(dir_i);
608 	}
609 	return ret;
610 }
611 
612 static int jffs2_mknod (struct inode *dir_i, struct dentry *dentry, umode_t mode, dev_t rdev)
613 {
614 	struct jffs2_inode_info *f, *dir_f;
615 	struct jffs2_sb_info *c;
616 	struct inode *inode;
617 	struct jffs2_raw_inode *ri;
618 	struct jffs2_raw_dirent *rd;
619 	struct jffs2_full_dnode *fn;
620 	struct jffs2_full_dirent *fd;
621 	int namelen;
622 	union jffs2_device_node dev;
623 	int devlen = 0;
624 	uint32_t alloclen;
625 	int ret;
626 
627 	ri = jffs2_alloc_raw_inode();
628 	if (!ri)
629 		return -ENOMEM;
630 
631 	c = JFFS2_SB_INFO(dir_i->i_sb);
632 
633 	if (S_ISBLK(mode) || S_ISCHR(mode))
634 		devlen = jffs2_encode_dev(&dev, rdev);
635 
636 	/* Try to reserve enough space for both node and dirent.
637 	 * Just the node will do for now, though
638 	 */
639 	namelen = dentry->d_name.len;
640 	ret = jffs2_reserve_space(c, sizeof(*ri) + devlen, &alloclen,
641 				  ALLOC_NORMAL, JFFS2_SUMMARY_INODE_SIZE);
642 
643 	if (ret) {
644 		jffs2_free_raw_inode(ri);
645 		return ret;
646 	}
647 
648 	inode = jffs2_new_inode(dir_i, mode, ri);
649 
650 	if (IS_ERR(inode)) {
651 		jffs2_free_raw_inode(ri);
652 		jffs2_complete_reservation(c);
653 		return PTR_ERR(inode);
654 	}
655 	inode->i_op = &jffs2_file_inode_operations;
656 	init_special_inode(inode, inode->i_mode, rdev);
657 
658 	f = JFFS2_INODE_INFO(inode);
659 
660 	ri->dsize = ri->csize = cpu_to_je32(devlen);
661 	ri->totlen = cpu_to_je32(sizeof(*ri) + devlen);
662 	ri->hdr_crc = cpu_to_je32(crc32(0, ri, sizeof(struct jffs2_unknown_node)-4));
663 
664 	ri->compr = JFFS2_COMPR_NONE;
665 	ri->data_crc = cpu_to_je32(crc32(0, &dev, devlen));
666 	ri->node_crc = cpu_to_je32(crc32(0, ri, sizeof(*ri)-8));
667 
668 	fn = jffs2_write_dnode(c, f, ri, (char *)&dev, devlen, ALLOC_NORMAL);
669 
670 	jffs2_free_raw_inode(ri);
671 
672 	if (IS_ERR(fn)) {
673 		/* Eeek. Wave bye bye */
674 		mutex_unlock(&f->sem);
675 		jffs2_complete_reservation(c);
676 		ret = PTR_ERR(fn);
677 		goto fail;
678 	}
679 	/* No data here. Only a metadata node, which will be
680 	   obsoleted by the first data write
681 	*/
682 	f->metadata = fn;
683 	mutex_unlock(&f->sem);
684 
685 	jffs2_complete_reservation(c);
686 
687 	ret = jffs2_init_security(inode, dir_i, &dentry->d_name);
688 	if (ret)
689 		goto fail;
690 
691 	ret = jffs2_init_acl_post(inode);
692 	if (ret)
693 		goto fail;
694 
695 	ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen,
696 				  ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen));
697 	if (ret)
698 		goto fail;
699 
700 	rd = jffs2_alloc_raw_dirent();
701 	if (!rd) {
702 		/* Argh. Now we treat it like a normal delete */
703 		jffs2_complete_reservation(c);
704 		ret = -ENOMEM;
705 		goto fail;
706 	}
707 
708 	dir_f = JFFS2_INODE_INFO(dir_i);
709 	mutex_lock(&dir_f->sem);
710 
711 	rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
712 	rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
713 	rd->totlen = cpu_to_je32(sizeof(*rd) + namelen);
714 	rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4));
715 
716 	rd->pino = cpu_to_je32(dir_i->i_ino);
717 	rd->version = cpu_to_je32(++dir_f->highest_version);
718 	rd->ino = cpu_to_je32(inode->i_ino);
719 	rd->mctime = cpu_to_je32(JFFS2_NOW());
720 	rd->nsize = namelen;
721 
722 	/* XXX: This is ugly. */
723 	rd->type = (mode & S_IFMT) >> 12;
724 
725 	rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8));
726 	rd->name_crc = cpu_to_je32(crc32(0, dentry->d_name.name, namelen));
727 
728 	fd = jffs2_write_dirent(c, dir_f, rd, dentry->d_name.name, namelen, ALLOC_NORMAL);
729 
730 	if (IS_ERR(fd)) {
731 		/* dirent failed to write. Delete the inode normally
732 		   as if it were the final unlink() */
733 		jffs2_complete_reservation(c);
734 		jffs2_free_raw_dirent(rd);
735 		mutex_unlock(&dir_f->sem);
736 		ret = PTR_ERR(fd);
737 		goto fail;
738 	}
739 
740 	dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(rd->mctime));
741 
742 	jffs2_free_raw_dirent(rd);
743 
744 	/* Link the fd into the inode's list, obsoleting an old
745 	   one if necessary. */
746 	jffs2_add_fd_to_list(c, fd, &dir_f->dents);
747 
748 	mutex_unlock(&dir_f->sem);
749 	jffs2_complete_reservation(c);
750 
751 	d_instantiate_new(dentry, inode);
752 	return 0;
753 
754  fail:
755 	iget_failed(inode);
756 	return ret;
757 }
758 
759 static int jffs2_rename (struct inode *old_dir_i, struct dentry *old_dentry,
760 			 struct inode *new_dir_i, struct dentry *new_dentry,
761 			 unsigned int flags)
762 {
763 	int ret;
764 	struct jffs2_sb_info *c = JFFS2_SB_INFO(old_dir_i->i_sb);
765 	struct jffs2_inode_info *victim_f = NULL;
766 	uint8_t type;
767 	uint32_t now;
768 
769 	if (flags & ~RENAME_NOREPLACE)
770 		return -EINVAL;
771 
772 	/* The VFS will check for us and prevent trying to rename a
773 	 * file over a directory and vice versa, but if it's a directory,
774 	 * the VFS can't check whether the victim is empty. The filesystem
775 	 * needs to do that for itself.
776 	 */
777 	if (d_really_is_positive(new_dentry)) {
778 		victim_f = JFFS2_INODE_INFO(d_inode(new_dentry));
779 		if (d_is_dir(new_dentry)) {
780 			struct jffs2_full_dirent *fd;
781 
782 			mutex_lock(&victim_f->sem);
783 			for (fd = victim_f->dents; fd; fd = fd->next) {
784 				if (fd->ino) {
785 					mutex_unlock(&victim_f->sem);
786 					return -ENOTEMPTY;
787 				}
788 			}
789 			mutex_unlock(&victim_f->sem);
790 		}
791 	}
792 
793 	/* XXX: We probably ought to alloc enough space for
794 	   both nodes at the same time. Writing the new link,
795 	   then getting -ENOSPC, is quite bad :)
796 	*/
797 
798 	/* Make a hard link */
799 
800 	/* XXX: This is ugly */
801 	type = (d_inode(old_dentry)->i_mode & S_IFMT) >> 12;
802 	if (!type) type = DT_REG;
803 
804 	now = JFFS2_NOW();
805 	ret = jffs2_do_link(c, JFFS2_INODE_INFO(new_dir_i),
806 			    d_inode(old_dentry)->i_ino, type,
807 			    new_dentry->d_name.name, new_dentry->d_name.len, now);
808 
809 	if (ret)
810 		return ret;
811 
812 	if (victim_f) {
813 		/* There was a victim. Kill it off nicely */
814 		if (d_is_dir(new_dentry))
815 			clear_nlink(d_inode(new_dentry));
816 		else
817 			drop_nlink(d_inode(new_dentry));
818 		/* Don't oops if the victim was a dirent pointing to an
819 		   inode which didn't exist. */
820 		if (victim_f->inocache) {
821 			mutex_lock(&victim_f->sem);
822 			if (d_is_dir(new_dentry))
823 				victim_f->inocache->pino_nlink = 0;
824 			else
825 				victim_f->inocache->pino_nlink--;
826 			mutex_unlock(&victim_f->sem);
827 		}
828 	}
829 
830 	/* If it was a directory we moved, and there was no victim,
831 	   increase i_nlink on its new parent */
832 	if (d_is_dir(old_dentry) && !victim_f)
833 		inc_nlink(new_dir_i);
834 
835 	/* Unlink the original */
836 	ret = jffs2_do_unlink(c, JFFS2_INODE_INFO(old_dir_i),
837 			      old_dentry->d_name.name, old_dentry->d_name.len, NULL, now);
838 
839 	/* We don't touch inode->i_nlink */
840 
841 	if (ret) {
842 		/* Oh shit. We really ought to make a single node which can do both atomically */
843 		struct jffs2_inode_info *f = JFFS2_INODE_INFO(d_inode(old_dentry));
844 		mutex_lock(&f->sem);
845 		inc_nlink(d_inode(old_dentry));
846 		if (f->inocache && !d_is_dir(old_dentry))
847 			f->inocache->pino_nlink++;
848 		mutex_unlock(&f->sem);
849 
850 		pr_notice("%s(): Link succeeded, unlink failed (err %d). You now have a hard link\n",
851 			  __func__, ret);
852 		/*
853 		 * We can't keep the target in dcache after that.
854 		 * For one thing, we can't afford dentry aliases for directories.
855 		 * For another, if there was a victim, we _can't_ set new inode
856 		 * for that sucker and we have to trigger mount eviction - the
857 		 * caller won't do it on its own since we are returning an error.
858 		 */
859 		d_invalidate(new_dentry);
860 		new_dir_i->i_mtime = new_dir_i->i_ctime = ITIME(now);
861 		return ret;
862 	}
863 
864 	if (d_is_dir(old_dentry))
865 		drop_nlink(old_dir_i);
866 
867 	new_dir_i->i_mtime = new_dir_i->i_ctime = old_dir_i->i_mtime = old_dir_i->i_ctime = ITIME(now);
868 
869 	return 0;
870 }
871 
872