xref: /linux/fs/libfs.c (revision 5c04a5b065e97dd331dba67da9896897fced3bee)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *	fs/libfs.c
4  *	Library for filesystems writers.
5  */
6 
7 #include <linux/blkdev.h>
8 #include <linux/export.h>
9 #include <linux/pagemap.h>
10 #include <linux/slab.h>
11 #include <linux/cred.h>
12 #include <linux/mount.h>
13 #include <linux/vfs.h>
14 #include <linux/quotaops.h>
15 #include <linux/mutex.h>
16 #include <linux/namei.h>
17 #include <linux/exportfs.h>
18 #include <linux/iversion.h>
19 #include <linux/writeback.h>
20 #include <linux/buffer_head.h> /* sync_mapping_buffers */
21 #include <linux/fs_context.h>
22 #include <linux/pseudo_fs.h>
23 #include <linux/fsnotify.h>
24 #include <linux/unicode.h>
25 #include <linux/fscrypt.h>
26 #include <linux/pidfs.h>
27 
28 #include <linux/uaccess.h>
29 
30 #include "internal.h"
31 
32 int simple_getattr(struct mnt_idmap *idmap, const struct path *path,
33 		   struct kstat *stat, u32 request_mask,
34 		   unsigned int query_flags)
35 {
36 	struct inode *inode = d_inode(path->dentry);
37 	generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat);
38 	stat->blocks = inode->i_mapping->nrpages << (PAGE_SHIFT - 9);
39 	return 0;
40 }
41 EXPORT_SYMBOL(simple_getattr);
42 
43 int simple_statfs(struct dentry *dentry, struct kstatfs *buf)
44 {
45 	u64 id = huge_encode_dev(dentry->d_sb->s_dev);
46 
47 	buf->f_fsid = u64_to_fsid(id);
48 	buf->f_type = dentry->d_sb->s_magic;
49 	buf->f_bsize = PAGE_SIZE;
50 	buf->f_namelen = NAME_MAX;
51 	return 0;
52 }
53 EXPORT_SYMBOL(simple_statfs);
54 
55 /*
56  * Retaining negative dentries for an in-memory filesystem just wastes
57  * memory and lookup time: arrange for them to be deleted immediately.
58  */
59 int always_delete_dentry(const struct dentry *dentry)
60 {
61 	return 1;
62 }
63 EXPORT_SYMBOL(always_delete_dentry);
64 
65 const struct dentry_operations simple_dentry_operations = {
66 	.d_delete = always_delete_dentry,
67 };
68 EXPORT_SYMBOL(simple_dentry_operations);
69 
70 /*
71  * Lookup the data. This is trivial - if the dentry didn't already
72  * exist, we know it is negative.  Set d_op to delete negative dentries.
73  */
74 struct dentry *simple_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
75 {
76 	if (dentry->d_name.len > NAME_MAX)
77 		return ERR_PTR(-ENAMETOOLONG);
78 	if (!dentry->d_sb->s_d_op)
79 		d_set_d_op(dentry, &simple_dentry_operations);
80 	d_add(dentry, NULL);
81 	return NULL;
82 }
83 EXPORT_SYMBOL(simple_lookup);
84 
85 int dcache_dir_open(struct inode *inode, struct file *file)
86 {
87 	file->private_data = d_alloc_cursor(file->f_path.dentry);
88 
89 	return file->private_data ? 0 : -ENOMEM;
90 }
91 EXPORT_SYMBOL(dcache_dir_open);
92 
93 int dcache_dir_close(struct inode *inode, struct file *file)
94 {
95 	dput(file->private_data);
96 	return 0;
97 }
98 EXPORT_SYMBOL(dcache_dir_close);
99 
100 /* parent is locked at least shared */
101 /*
102  * Returns an element of siblings' list.
103  * We are looking for <count>th positive after <p>; if
104  * found, dentry is grabbed and returned to caller.
105  * If no such element exists, NULL is returned.
106  */
107 static struct dentry *scan_positives(struct dentry *cursor,
108 					struct hlist_node **p,
109 					loff_t count,
110 					struct dentry *last)
111 {
112 	struct dentry *dentry = cursor->d_parent, *found = NULL;
113 
114 	spin_lock(&dentry->d_lock);
115 	while (*p) {
116 		struct dentry *d = hlist_entry(*p, struct dentry, d_sib);
117 		p = &d->d_sib.next;
118 		// we must at least skip cursors, to avoid livelocks
119 		if (d->d_flags & DCACHE_DENTRY_CURSOR)
120 			continue;
121 		if (simple_positive(d) && !--count) {
122 			spin_lock_nested(&d->d_lock, DENTRY_D_LOCK_NESTED);
123 			if (simple_positive(d))
124 				found = dget_dlock(d);
125 			spin_unlock(&d->d_lock);
126 			if (likely(found))
127 				break;
128 			count = 1;
129 		}
130 		if (need_resched()) {
131 			if (!hlist_unhashed(&cursor->d_sib))
132 				__hlist_del(&cursor->d_sib);
133 			hlist_add_behind(&cursor->d_sib, &d->d_sib);
134 			p = &cursor->d_sib.next;
135 			spin_unlock(&dentry->d_lock);
136 			cond_resched();
137 			spin_lock(&dentry->d_lock);
138 		}
139 	}
140 	spin_unlock(&dentry->d_lock);
141 	dput(last);
142 	return found;
143 }
144 
145 loff_t dcache_dir_lseek(struct file *file, loff_t offset, int whence)
146 {
147 	struct dentry *dentry = file->f_path.dentry;
148 	switch (whence) {
149 		case 1:
150 			offset += file->f_pos;
151 			fallthrough;
152 		case 0:
153 			if (offset >= 0)
154 				break;
155 			fallthrough;
156 		default:
157 			return -EINVAL;
158 	}
159 	if (offset != file->f_pos) {
160 		struct dentry *cursor = file->private_data;
161 		struct dentry *to = NULL;
162 
163 		inode_lock_shared(dentry->d_inode);
164 
165 		if (offset > 2)
166 			to = scan_positives(cursor, &dentry->d_children.first,
167 					    offset - 2, NULL);
168 		spin_lock(&dentry->d_lock);
169 		hlist_del_init(&cursor->d_sib);
170 		if (to)
171 			hlist_add_behind(&cursor->d_sib, &to->d_sib);
172 		spin_unlock(&dentry->d_lock);
173 		dput(to);
174 
175 		file->f_pos = offset;
176 
177 		inode_unlock_shared(dentry->d_inode);
178 	}
179 	return offset;
180 }
181 EXPORT_SYMBOL(dcache_dir_lseek);
182 
183 /*
184  * Directory is locked and all positive dentries in it are safe, since
185  * for ramfs-type trees they can't go away without unlink() or rmdir(),
186  * both impossible due to the lock on directory.
187  */
188 
189 int dcache_readdir(struct file *file, struct dir_context *ctx)
190 {
191 	struct dentry *dentry = file->f_path.dentry;
192 	struct dentry *cursor = file->private_data;
193 	struct dentry *next = NULL;
194 	struct hlist_node **p;
195 
196 	if (!dir_emit_dots(file, ctx))
197 		return 0;
198 
199 	if (ctx->pos == 2)
200 		p = &dentry->d_children.first;
201 	else
202 		p = &cursor->d_sib.next;
203 
204 	while ((next = scan_positives(cursor, p, 1, next)) != NULL) {
205 		if (!dir_emit(ctx, next->d_name.name, next->d_name.len,
206 			      d_inode(next)->i_ino,
207 			      fs_umode_to_dtype(d_inode(next)->i_mode)))
208 			break;
209 		ctx->pos++;
210 		p = &next->d_sib.next;
211 	}
212 	spin_lock(&dentry->d_lock);
213 	hlist_del_init(&cursor->d_sib);
214 	if (next)
215 		hlist_add_before(&cursor->d_sib, &next->d_sib);
216 	spin_unlock(&dentry->d_lock);
217 	dput(next);
218 
219 	return 0;
220 }
221 EXPORT_SYMBOL(dcache_readdir);
222 
223 ssize_t generic_read_dir(struct file *filp, char __user *buf, size_t siz, loff_t *ppos)
224 {
225 	return -EISDIR;
226 }
227 EXPORT_SYMBOL(generic_read_dir);
228 
229 const struct file_operations simple_dir_operations = {
230 	.open		= dcache_dir_open,
231 	.release	= dcache_dir_close,
232 	.llseek		= dcache_dir_lseek,
233 	.read		= generic_read_dir,
234 	.iterate_shared	= dcache_readdir,
235 	.fsync		= noop_fsync,
236 };
237 EXPORT_SYMBOL(simple_dir_operations);
238 
239 const struct inode_operations simple_dir_inode_operations = {
240 	.lookup		= simple_lookup,
241 };
242 EXPORT_SYMBOL(simple_dir_inode_operations);
243 
244 /* 0 is '.', 1 is '..', so always start with offset 2 or more */
245 enum {
246 	DIR_OFFSET_MIN	= 2,
247 };
248 
249 static void offset_set(struct dentry *dentry, long offset)
250 {
251 	dentry->d_fsdata = (void *)offset;
252 }
253 
254 static long dentry2offset(struct dentry *dentry)
255 {
256 	return (long)dentry->d_fsdata;
257 }
258 
259 static struct lock_class_key simple_offset_lock_class;
260 
261 /**
262  * simple_offset_init - initialize an offset_ctx
263  * @octx: directory offset map to be initialized
264  *
265  */
266 void simple_offset_init(struct offset_ctx *octx)
267 {
268 	mt_init_flags(&octx->mt, MT_FLAGS_ALLOC_RANGE);
269 	lockdep_set_class(&octx->mt.ma_lock, &simple_offset_lock_class);
270 	octx->next_offset = DIR_OFFSET_MIN;
271 }
272 
273 /**
274  * simple_offset_add - Add an entry to a directory's offset map
275  * @octx: directory offset ctx to be updated
276  * @dentry: new dentry being added
277  *
278  * Returns zero on success. @octx and the dentry's offset are updated.
279  * Otherwise, a negative errno value is returned.
280  */
281 int simple_offset_add(struct offset_ctx *octx, struct dentry *dentry)
282 {
283 	unsigned long offset;
284 	int ret;
285 
286 	if (dentry2offset(dentry) != 0)
287 		return -EBUSY;
288 
289 	ret = mtree_alloc_cyclic(&octx->mt, &offset, dentry, DIR_OFFSET_MIN,
290 				 LONG_MAX, &octx->next_offset, GFP_KERNEL);
291 	if (ret < 0)
292 		return ret;
293 
294 	offset_set(dentry, offset);
295 	return 0;
296 }
297 
298 /**
299  * simple_offset_remove - Remove an entry to a directory's offset map
300  * @octx: directory offset ctx to be updated
301  * @dentry: dentry being removed
302  *
303  */
304 void simple_offset_remove(struct offset_ctx *octx, struct dentry *dentry)
305 {
306 	long offset;
307 
308 	offset = dentry2offset(dentry);
309 	if (offset == 0)
310 		return;
311 
312 	mtree_erase(&octx->mt, offset);
313 	offset_set(dentry, 0);
314 }
315 
316 /**
317  * simple_offset_empty - Check if a dentry can be unlinked
318  * @dentry: dentry to be tested
319  *
320  * Returns 0 if @dentry is a non-empty directory; otherwise returns 1.
321  */
322 int simple_offset_empty(struct dentry *dentry)
323 {
324 	struct inode *inode = d_inode(dentry);
325 	struct offset_ctx *octx;
326 	struct dentry *child;
327 	unsigned long index;
328 	int ret = 1;
329 
330 	if (!inode || !S_ISDIR(inode->i_mode))
331 		return ret;
332 
333 	index = DIR_OFFSET_MIN;
334 	octx = inode->i_op->get_offset_ctx(inode);
335 	mt_for_each(&octx->mt, child, index, LONG_MAX) {
336 		spin_lock(&child->d_lock);
337 		if (simple_positive(child)) {
338 			spin_unlock(&child->d_lock);
339 			ret = 0;
340 			break;
341 		}
342 		spin_unlock(&child->d_lock);
343 	}
344 
345 	return ret;
346 }
347 
348 /**
349  * simple_offset_rename_exchange - exchange rename with directory offsets
350  * @old_dir: parent of dentry being moved
351  * @old_dentry: dentry being moved
352  * @new_dir: destination parent
353  * @new_dentry: destination dentry
354  *
355  * Returns zero on success. Otherwise a negative errno is returned and the
356  * rename is rolled back.
357  */
358 int simple_offset_rename_exchange(struct inode *old_dir,
359 				  struct dentry *old_dentry,
360 				  struct inode *new_dir,
361 				  struct dentry *new_dentry)
362 {
363 	struct offset_ctx *old_ctx = old_dir->i_op->get_offset_ctx(old_dir);
364 	struct offset_ctx *new_ctx = new_dir->i_op->get_offset_ctx(new_dir);
365 	long old_index = dentry2offset(old_dentry);
366 	long new_index = dentry2offset(new_dentry);
367 	int ret;
368 
369 	simple_offset_remove(old_ctx, old_dentry);
370 	simple_offset_remove(new_ctx, new_dentry);
371 
372 	ret = simple_offset_add(new_ctx, old_dentry);
373 	if (ret)
374 		goto out_restore;
375 
376 	ret = simple_offset_add(old_ctx, new_dentry);
377 	if (ret) {
378 		simple_offset_remove(new_ctx, old_dentry);
379 		goto out_restore;
380 	}
381 
382 	ret = simple_rename_exchange(old_dir, old_dentry, new_dir, new_dentry);
383 	if (ret) {
384 		simple_offset_remove(new_ctx, old_dentry);
385 		simple_offset_remove(old_ctx, new_dentry);
386 		goto out_restore;
387 	}
388 	return 0;
389 
390 out_restore:
391 	offset_set(old_dentry, old_index);
392 	mtree_store(&old_ctx->mt, old_index, old_dentry, GFP_KERNEL);
393 	offset_set(new_dentry, new_index);
394 	mtree_store(&new_ctx->mt, new_index, new_dentry, GFP_KERNEL);
395 	return ret;
396 }
397 
398 /**
399  * simple_offset_destroy - Release offset map
400  * @octx: directory offset ctx that is about to be destroyed
401  *
402  * During fs teardown (eg. umount), a directory's offset map might still
403  * contain entries. xa_destroy() cleans out anything that remains.
404  */
405 void simple_offset_destroy(struct offset_ctx *octx)
406 {
407 	mtree_destroy(&octx->mt);
408 }
409 
410 /**
411  * offset_dir_llseek - Advance the read position of a directory descriptor
412  * @file: an open directory whose position is to be updated
413  * @offset: a byte offset
414  * @whence: enumerator describing the starting position for this update
415  *
416  * SEEK_END, SEEK_DATA, and SEEK_HOLE are not supported for directories.
417  *
418  * Returns the updated read position if successful; otherwise a
419  * negative errno is returned and the read position remains unchanged.
420  */
421 static loff_t offset_dir_llseek(struct file *file, loff_t offset, int whence)
422 {
423 	switch (whence) {
424 	case SEEK_CUR:
425 		offset += file->f_pos;
426 		fallthrough;
427 	case SEEK_SET:
428 		if (offset >= 0)
429 			break;
430 		fallthrough;
431 	default:
432 		return -EINVAL;
433 	}
434 
435 	/* In this case, ->private_data is protected by f_pos_lock */
436 	file->private_data = NULL;
437 	return vfs_setpos(file, offset, LONG_MAX);
438 }
439 
440 static struct dentry *offset_find_next(struct offset_ctx *octx, loff_t offset)
441 {
442 	MA_STATE(mas, &octx->mt, offset, offset);
443 	struct dentry *child, *found = NULL;
444 
445 	rcu_read_lock();
446 	child = mas_find(&mas, LONG_MAX);
447 	if (!child)
448 		goto out;
449 	spin_lock(&child->d_lock);
450 	if (simple_positive(child))
451 		found = dget_dlock(child);
452 	spin_unlock(&child->d_lock);
453 out:
454 	rcu_read_unlock();
455 	return found;
456 }
457 
458 static bool offset_dir_emit(struct dir_context *ctx, struct dentry *dentry)
459 {
460 	struct inode *inode = d_inode(dentry);
461 	long offset = dentry2offset(dentry);
462 
463 	return ctx->actor(ctx, dentry->d_name.name, dentry->d_name.len, offset,
464 			  inode->i_ino, fs_umode_to_dtype(inode->i_mode));
465 }
466 
467 static void *offset_iterate_dir(struct inode *inode, struct dir_context *ctx)
468 {
469 	struct offset_ctx *octx = inode->i_op->get_offset_ctx(inode);
470 	struct dentry *dentry;
471 
472 	while (true) {
473 		dentry = offset_find_next(octx, ctx->pos);
474 		if (!dentry)
475 			return ERR_PTR(-ENOENT);
476 
477 		if (!offset_dir_emit(ctx, dentry)) {
478 			dput(dentry);
479 			break;
480 		}
481 
482 		ctx->pos = dentry2offset(dentry) + 1;
483 		dput(dentry);
484 	}
485 	return NULL;
486 }
487 
488 /**
489  * offset_readdir - Emit entries starting at offset @ctx->pos
490  * @file: an open directory to iterate over
491  * @ctx: directory iteration context
492  *
493  * Caller must hold @file's i_rwsem to prevent insertion or removal of
494  * entries during this call.
495  *
496  * On entry, @ctx->pos contains an offset that represents the first entry
497  * to be read from the directory.
498  *
499  * The operation continues until there are no more entries to read, or
500  * until the ctx->actor indicates there is no more space in the caller's
501  * output buffer.
502  *
503  * On return, @ctx->pos contains an offset that will read the next entry
504  * in this directory when offset_readdir() is called again with @ctx.
505  *
506  * Return values:
507  *   %0 - Complete
508  */
509 static int offset_readdir(struct file *file, struct dir_context *ctx)
510 {
511 	struct dentry *dir = file->f_path.dentry;
512 
513 	lockdep_assert_held(&d_inode(dir)->i_rwsem);
514 
515 	if (!dir_emit_dots(file, ctx))
516 		return 0;
517 
518 	/* In this case, ->private_data is protected by f_pos_lock */
519 	if (ctx->pos == DIR_OFFSET_MIN)
520 		file->private_data = NULL;
521 	else if (file->private_data == ERR_PTR(-ENOENT))
522 		return 0;
523 	file->private_data = offset_iterate_dir(d_inode(dir), ctx);
524 	return 0;
525 }
526 
527 const struct file_operations simple_offset_dir_operations = {
528 	.llseek		= offset_dir_llseek,
529 	.iterate_shared	= offset_readdir,
530 	.read		= generic_read_dir,
531 	.fsync		= noop_fsync,
532 };
533 
534 static struct dentry *find_next_child(struct dentry *parent, struct dentry *prev)
535 {
536 	struct dentry *child = NULL, *d;
537 
538 	spin_lock(&parent->d_lock);
539 	d = prev ? d_next_sibling(prev) : d_first_child(parent);
540 	hlist_for_each_entry_from(d, d_sib) {
541 		if (simple_positive(d)) {
542 			spin_lock_nested(&d->d_lock, DENTRY_D_LOCK_NESTED);
543 			if (simple_positive(d))
544 				child = dget_dlock(d);
545 			spin_unlock(&d->d_lock);
546 			if (likely(child))
547 				break;
548 		}
549 	}
550 	spin_unlock(&parent->d_lock);
551 	dput(prev);
552 	return child;
553 }
554 
555 void simple_recursive_removal(struct dentry *dentry,
556                               void (*callback)(struct dentry *))
557 {
558 	struct dentry *this = dget(dentry);
559 	while (true) {
560 		struct dentry *victim = NULL, *child;
561 		struct inode *inode = this->d_inode;
562 
563 		inode_lock(inode);
564 		if (d_is_dir(this))
565 			inode->i_flags |= S_DEAD;
566 		while ((child = find_next_child(this, victim)) == NULL) {
567 			// kill and ascend
568 			// update metadata while it's still locked
569 			inode_set_ctime_current(inode);
570 			clear_nlink(inode);
571 			inode_unlock(inode);
572 			victim = this;
573 			this = this->d_parent;
574 			inode = this->d_inode;
575 			inode_lock(inode);
576 			if (simple_positive(victim)) {
577 				d_invalidate(victim);	// avoid lost mounts
578 				if (d_is_dir(victim))
579 					fsnotify_rmdir(inode, victim);
580 				else
581 					fsnotify_unlink(inode, victim);
582 				if (callback)
583 					callback(victim);
584 				dput(victim);		// unpin it
585 			}
586 			if (victim == dentry) {
587 				inode_set_mtime_to_ts(inode,
588 						      inode_set_ctime_current(inode));
589 				if (d_is_dir(dentry))
590 					drop_nlink(inode);
591 				inode_unlock(inode);
592 				dput(dentry);
593 				return;
594 			}
595 		}
596 		inode_unlock(inode);
597 		this = child;
598 	}
599 }
600 EXPORT_SYMBOL(simple_recursive_removal);
601 
602 static const struct super_operations simple_super_operations = {
603 	.statfs		= simple_statfs,
604 };
605 
606 static int pseudo_fs_fill_super(struct super_block *s, struct fs_context *fc)
607 {
608 	struct pseudo_fs_context *ctx = fc->fs_private;
609 	struct inode *root;
610 
611 	s->s_maxbytes = MAX_LFS_FILESIZE;
612 	s->s_blocksize = PAGE_SIZE;
613 	s->s_blocksize_bits = PAGE_SHIFT;
614 	s->s_magic = ctx->magic;
615 	s->s_op = ctx->ops ?: &simple_super_operations;
616 	s->s_xattr = ctx->xattr;
617 	s->s_time_gran = 1;
618 	root = new_inode(s);
619 	if (!root)
620 		return -ENOMEM;
621 
622 	/*
623 	 * since this is the first inode, make it number 1. New inodes created
624 	 * after this must take care not to collide with it (by passing
625 	 * max_reserved of 1 to iunique).
626 	 */
627 	root->i_ino = 1;
628 	root->i_mode = S_IFDIR | S_IRUSR | S_IWUSR;
629 	simple_inode_init_ts(root);
630 	s->s_root = d_make_root(root);
631 	if (!s->s_root)
632 		return -ENOMEM;
633 	s->s_d_op = ctx->dops;
634 	return 0;
635 }
636 
637 static int pseudo_fs_get_tree(struct fs_context *fc)
638 {
639 	return get_tree_nodev(fc, pseudo_fs_fill_super);
640 }
641 
642 static void pseudo_fs_free(struct fs_context *fc)
643 {
644 	kfree(fc->fs_private);
645 }
646 
647 static const struct fs_context_operations pseudo_fs_context_ops = {
648 	.free		= pseudo_fs_free,
649 	.get_tree	= pseudo_fs_get_tree,
650 };
651 
652 /*
653  * Common helper for pseudo-filesystems (sockfs, pipefs, bdev - stuff that
654  * will never be mountable)
655  */
656 struct pseudo_fs_context *init_pseudo(struct fs_context *fc,
657 					unsigned long magic)
658 {
659 	struct pseudo_fs_context *ctx;
660 
661 	ctx = kzalloc(sizeof(struct pseudo_fs_context), GFP_KERNEL);
662 	if (likely(ctx)) {
663 		ctx->magic = magic;
664 		fc->fs_private = ctx;
665 		fc->ops = &pseudo_fs_context_ops;
666 		fc->sb_flags |= SB_NOUSER;
667 		fc->global = true;
668 	}
669 	return ctx;
670 }
671 EXPORT_SYMBOL(init_pseudo);
672 
673 int simple_open(struct inode *inode, struct file *file)
674 {
675 	if (inode->i_private)
676 		file->private_data = inode->i_private;
677 	return 0;
678 }
679 EXPORT_SYMBOL(simple_open);
680 
681 int simple_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry)
682 {
683 	struct inode *inode = d_inode(old_dentry);
684 
685 	inode_set_mtime_to_ts(dir,
686 			      inode_set_ctime_to_ts(dir, inode_set_ctime_current(inode)));
687 	inc_nlink(inode);
688 	ihold(inode);
689 	dget(dentry);
690 	d_instantiate(dentry, inode);
691 	return 0;
692 }
693 EXPORT_SYMBOL(simple_link);
694 
695 int simple_empty(struct dentry *dentry)
696 {
697 	struct dentry *child;
698 	int ret = 0;
699 
700 	spin_lock(&dentry->d_lock);
701 	hlist_for_each_entry(child, &dentry->d_children, d_sib) {
702 		spin_lock_nested(&child->d_lock, DENTRY_D_LOCK_NESTED);
703 		if (simple_positive(child)) {
704 			spin_unlock(&child->d_lock);
705 			goto out;
706 		}
707 		spin_unlock(&child->d_lock);
708 	}
709 	ret = 1;
710 out:
711 	spin_unlock(&dentry->d_lock);
712 	return ret;
713 }
714 EXPORT_SYMBOL(simple_empty);
715 
716 int simple_unlink(struct inode *dir, struct dentry *dentry)
717 {
718 	struct inode *inode = d_inode(dentry);
719 
720 	inode_set_mtime_to_ts(dir,
721 			      inode_set_ctime_to_ts(dir, inode_set_ctime_current(inode)));
722 	drop_nlink(inode);
723 	dput(dentry);
724 	return 0;
725 }
726 EXPORT_SYMBOL(simple_unlink);
727 
728 int simple_rmdir(struct inode *dir, struct dentry *dentry)
729 {
730 	if (!simple_empty(dentry))
731 		return -ENOTEMPTY;
732 
733 	drop_nlink(d_inode(dentry));
734 	simple_unlink(dir, dentry);
735 	drop_nlink(dir);
736 	return 0;
737 }
738 EXPORT_SYMBOL(simple_rmdir);
739 
740 /**
741  * simple_rename_timestamp - update the various inode timestamps for rename
742  * @old_dir: old parent directory
743  * @old_dentry: dentry that is being renamed
744  * @new_dir: new parent directory
745  * @new_dentry: target for rename
746  *
747  * POSIX mandates that the old and new parent directories have their ctime and
748  * mtime updated, and that inodes of @old_dentry and @new_dentry (if any), have
749  * their ctime updated.
750  */
751 void simple_rename_timestamp(struct inode *old_dir, struct dentry *old_dentry,
752 			     struct inode *new_dir, struct dentry *new_dentry)
753 {
754 	struct inode *newino = d_inode(new_dentry);
755 
756 	inode_set_mtime_to_ts(old_dir, inode_set_ctime_current(old_dir));
757 	if (new_dir != old_dir)
758 		inode_set_mtime_to_ts(new_dir,
759 				      inode_set_ctime_current(new_dir));
760 	inode_set_ctime_current(d_inode(old_dentry));
761 	if (newino)
762 		inode_set_ctime_current(newino);
763 }
764 EXPORT_SYMBOL_GPL(simple_rename_timestamp);
765 
766 int simple_rename_exchange(struct inode *old_dir, struct dentry *old_dentry,
767 			   struct inode *new_dir, struct dentry *new_dentry)
768 {
769 	bool old_is_dir = d_is_dir(old_dentry);
770 	bool new_is_dir = d_is_dir(new_dentry);
771 
772 	if (old_dir != new_dir && old_is_dir != new_is_dir) {
773 		if (old_is_dir) {
774 			drop_nlink(old_dir);
775 			inc_nlink(new_dir);
776 		} else {
777 			drop_nlink(new_dir);
778 			inc_nlink(old_dir);
779 		}
780 	}
781 	simple_rename_timestamp(old_dir, old_dentry, new_dir, new_dentry);
782 	return 0;
783 }
784 EXPORT_SYMBOL_GPL(simple_rename_exchange);
785 
786 int simple_rename(struct mnt_idmap *idmap, struct inode *old_dir,
787 		  struct dentry *old_dentry, struct inode *new_dir,
788 		  struct dentry *new_dentry, unsigned int flags)
789 {
790 	int they_are_dirs = d_is_dir(old_dentry);
791 
792 	if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
793 		return -EINVAL;
794 
795 	if (flags & RENAME_EXCHANGE)
796 		return simple_rename_exchange(old_dir, old_dentry, new_dir, new_dentry);
797 
798 	if (!simple_empty(new_dentry))
799 		return -ENOTEMPTY;
800 
801 	if (d_really_is_positive(new_dentry)) {
802 		simple_unlink(new_dir, new_dentry);
803 		if (they_are_dirs) {
804 			drop_nlink(d_inode(new_dentry));
805 			drop_nlink(old_dir);
806 		}
807 	} else if (they_are_dirs) {
808 		drop_nlink(old_dir);
809 		inc_nlink(new_dir);
810 	}
811 
812 	simple_rename_timestamp(old_dir, old_dentry, new_dir, new_dentry);
813 	return 0;
814 }
815 EXPORT_SYMBOL(simple_rename);
816 
817 /**
818  * simple_setattr - setattr for simple filesystem
819  * @idmap: idmap of the target mount
820  * @dentry: dentry
821  * @iattr: iattr structure
822  *
823  * Returns 0 on success, -error on failure.
824  *
825  * simple_setattr is a simple ->setattr implementation without a proper
826  * implementation of size changes.
827  *
828  * It can either be used for in-memory filesystems or special files
829  * on simple regular filesystems.  Anything that needs to change on-disk
830  * or wire state on size changes needs its own setattr method.
831  */
832 int simple_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
833 		   struct iattr *iattr)
834 {
835 	struct inode *inode = d_inode(dentry);
836 	int error;
837 
838 	error = setattr_prepare(idmap, dentry, iattr);
839 	if (error)
840 		return error;
841 
842 	if (iattr->ia_valid & ATTR_SIZE)
843 		truncate_setsize(inode, iattr->ia_size);
844 	setattr_copy(idmap, inode, iattr);
845 	mark_inode_dirty(inode);
846 	return 0;
847 }
848 EXPORT_SYMBOL(simple_setattr);
849 
850 static int simple_read_folio(struct file *file, struct folio *folio)
851 {
852 	folio_zero_range(folio, 0, folio_size(folio));
853 	flush_dcache_folio(folio);
854 	folio_mark_uptodate(folio);
855 	folio_unlock(folio);
856 	return 0;
857 }
858 
859 int simple_write_begin(struct file *file, struct address_space *mapping,
860 			loff_t pos, unsigned len,
861 			struct page **pagep, void **fsdata)
862 {
863 	struct folio *folio;
864 
865 	folio = __filemap_get_folio(mapping, pos / PAGE_SIZE, FGP_WRITEBEGIN,
866 			mapping_gfp_mask(mapping));
867 	if (IS_ERR(folio))
868 		return PTR_ERR(folio);
869 
870 	*pagep = &folio->page;
871 
872 	if (!folio_test_uptodate(folio) && (len != folio_size(folio))) {
873 		size_t from = offset_in_folio(folio, pos);
874 
875 		folio_zero_segments(folio, 0, from,
876 				from + len, folio_size(folio));
877 	}
878 	return 0;
879 }
880 EXPORT_SYMBOL(simple_write_begin);
881 
882 /**
883  * simple_write_end - .write_end helper for non-block-device FSes
884  * @file: See .write_end of address_space_operations
885  * @mapping: 		"
886  * @pos: 		"
887  * @len: 		"
888  * @copied: 		"
889  * @page: 		"
890  * @fsdata: 		"
891  *
892  * simple_write_end does the minimum needed for updating a page after writing is
893  * done. It has the same API signature as the .write_end of
894  * address_space_operations vector. So it can just be set onto .write_end for
895  * FSes that don't need any other processing. i_mutex is assumed to be held.
896  * Block based filesystems should use generic_write_end().
897  * NOTE: Even though i_size might get updated by this function, mark_inode_dirty
898  * is not called, so a filesystem that actually does store data in .write_inode
899  * should extend on what's done here with a call to mark_inode_dirty() in the
900  * case that i_size has changed.
901  *
902  * Use *ONLY* with simple_read_folio()
903  */
904 static int simple_write_end(struct file *file, struct address_space *mapping,
905 			loff_t pos, unsigned len, unsigned copied,
906 			struct page *page, void *fsdata)
907 {
908 	struct folio *folio = page_folio(page);
909 	struct inode *inode = folio->mapping->host;
910 	loff_t last_pos = pos + copied;
911 
912 	/* zero the stale part of the folio if we did a short copy */
913 	if (!folio_test_uptodate(folio)) {
914 		if (copied < len) {
915 			size_t from = offset_in_folio(folio, pos);
916 
917 			folio_zero_range(folio, from + copied, len - copied);
918 		}
919 		folio_mark_uptodate(folio);
920 	}
921 	/*
922 	 * No need to use i_size_read() here, the i_size
923 	 * cannot change under us because we hold the i_mutex.
924 	 */
925 	if (last_pos > inode->i_size)
926 		i_size_write(inode, last_pos);
927 
928 	folio_mark_dirty(folio);
929 	folio_unlock(folio);
930 	folio_put(folio);
931 
932 	return copied;
933 }
934 
935 /*
936  * Provides ramfs-style behavior: data in the pagecache, but no writeback.
937  */
938 const struct address_space_operations ram_aops = {
939 	.read_folio	= simple_read_folio,
940 	.write_begin	= simple_write_begin,
941 	.write_end	= simple_write_end,
942 	.dirty_folio	= noop_dirty_folio,
943 };
944 EXPORT_SYMBOL(ram_aops);
945 
946 /*
947  * the inodes created here are not hashed. If you use iunique to generate
948  * unique inode values later for this filesystem, then you must take care
949  * to pass it an appropriate max_reserved value to avoid collisions.
950  */
951 int simple_fill_super(struct super_block *s, unsigned long magic,
952 		      const struct tree_descr *files)
953 {
954 	struct inode *inode;
955 	struct dentry *dentry;
956 	int i;
957 
958 	s->s_blocksize = PAGE_SIZE;
959 	s->s_blocksize_bits = PAGE_SHIFT;
960 	s->s_magic = magic;
961 	s->s_op = &simple_super_operations;
962 	s->s_time_gran = 1;
963 
964 	inode = new_inode(s);
965 	if (!inode)
966 		return -ENOMEM;
967 	/*
968 	 * because the root inode is 1, the files array must not contain an
969 	 * entry at index 1
970 	 */
971 	inode->i_ino = 1;
972 	inode->i_mode = S_IFDIR | 0755;
973 	simple_inode_init_ts(inode);
974 	inode->i_op = &simple_dir_inode_operations;
975 	inode->i_fop = &simple_dir_operations;
976 	set_nlink(inode, 2);
977 	s->s_root = d_make_root(inode);
978 	if (!s->s_root)
979 		return -ENOMEM;
980 	for (i = 0; !files->name || files->name[0]; i++, files++) {
981 		if (!files->name)
982 			continue;
983 
984 		/* warn if it tries to conflict with the root inode */
985 		if (unlikely(i == 1))
986 			printk(KERN_WARNING "%s: %s passed in a files array"
987 				"with an index of 1!\n", __func__,
988 				s->s_type->name);
989 
990 		dentry = d_alloc_name(s->s_root, files->name);
991 		if (!dentry)
992 			return -ENOMEM;
993 		inode = new_inode(s);
994 		if (!inode) {
995 			dput(dentry);
996 			return -ENOMEM;
997 		}
998 		inode->i_mode = S_IFREG | files->mode;
999 		simple_inode_init_ts(inode);
1000 		inode->i_fop = files->ops;
1001 		inode->i_ino = i;
1002 		d_add(dentry, inode);
1003 	}
1004 	return 0;
1005 }
1006 EXPORT_SYMBOL(simple_fill_super);
1007 
1008 static DEFINE_SPINLOCK(pin_fs_lock);
1009 
1010 int simple_pin_fs(struct file_system_type *type, struct vfsmount **mount, int *count)
1011 {
1012 	struct vfsmount *mnt = NULL;
1013 	spin_lock(&pin_fs_lock);
1014 	if (unlikely(!*mount)) {
1015 		spin_unlock(&pin_fs_lock);
1016 		mnt = vfs_kern_mount(type, SB_KERNMOUNT, type->name, NULL);
1017 		if (IS_ERR(mnt))
1018 			return PTR_ERR(mnt);
1019 		spin_lock(&pin_fs_lock);
1020 		if (!*mount)
1021 			*mount = mnt;
1022 	}
1023 	mntget(*mount);
1024 	++*count;
1025 	spin_unlock(&pin_fs_lock);
1026 	mntput(mnt);
1027 	return 0;
1028 }
1029 EXPORT_SYMBOL(simple_pin_fs);
1030 
1031 void simple_release_fs(struct vfsmount **mount, int *count)
1032 {
1033 	struct vfsmount *mnt;
1034 	spin_lock(&pin_fs_lock);
1035 	mnt = *mount;
1036 	if (!--*count)
1037 		*mount = NULL;
1038 	spin_unlock(&pin_fs_lock);
1039 	mntput(mnt);
1040 }
1041 EXPORT_SYMBOL(simple_release_fs);
1042 
1043 /**
1044  * simple_read_from_buffer - copy data from the buffer to user space
1045  * @to: the user space buffer to read to
1046  * @count: the maximum number of bytes to read
1047  * @ppos: the current position in the buffer
1048  * @from: the buffer to read from
1049  * @available: the size of the buffer
1050  *
1051  * The simple_read_from_buffer() function reads up to @count bytes from the
1052  * buffer @from at offset @ppos into the user space address starting at @to.
1053  *
1054  * On success, the number of bytes read is returned and the offset @ppos is
1055  * advanced by this number, or negative value is returned on error.
1056  **/
1057 ssize_t simple_read_from_buffer(void __user *to, size_t count, loff_t *ppos,
1058 				const void *from, size_t available)
1059 {
1060 	loff_t pos = *ppos;
1061 	size_t ret;
1062 
1063 	if (pos < 0)
1064 		return -EINVAL;
1065 	if (pos >= available || !count)
1066 		return 0;
1067 	if (count > available - pos)
1068 		count = available - pos;
1069 	ret = copy_to_user(to, from + pos, count);
1070 	if (ret == count)
1071 		return -EFAULT;
1072 	count -= ret;
1073 	*ppos = pos + count;
1074 	return count;
1075 }
1076 EXPORT_SYMBOL(simple_read_from_buffer);
1077 
1078 /**
1079  * simple_write_to_buffer - copy data from user space to the buffer
1080  * @to: the buffer to write to
1081  * @available: the size of the buffer
1082  * @ppos: the current position in the buffer
1083  * @from: the user space buffer to read from
1084  * @count: the maximum number of bytes to read
1085  *
1086  * The simple_write_to_buffer() function reads up to @count bytes from the user
1087  * space address starting at @from into the buffer @to at offset @ppos.
1088  *
1089  * On success, the number of bytes written is returned and the offset @ppos is
1090  * advanced by this number, or negative value is returned on error.
1091  **/
1092 ssize_t simple_write_to_buffer(void *to, size_t available, loff_t *ppos,
1093 		const void __user *from, size_t count)
1094 {
1095 	loff_t pos = *ppos;
1096 	size_t res;
1097 
1098 	if (pos < 0)
1099 		return -EINVAL;
1100 	if (pos >= available || !count)
1101 		return 0;
1102 	if (count > available - pos)
1103 		count = available - pos;
1104 	res = copy_from_user(to + pos, from, count);
1105 	if (res == count)
1106 		return -EFAULT;
1107 	count -= res;
1108 	*ppos = pos + count;
1109 	return count;
1110 }
1111 EXPORT_SYMBOL(simple_write_to_buffer);
1112 
1113 /**
1114  * memory_read_from_buffer - copy data from the buffer
1115  * @to: the kernel space buffer to read to
1116  * @count: the maximum number of bytes to read
1117  * @ppos: the current position in the buffer
1118  * @from: the buffer to read from
1119  * @available: the size of the buffer
1120  *
1121  * The memory_read_from_buffer() function reads up to @count bytes from the
1122  * buffer @from at offset @ppos into the kernel space address starting at @to.
1123  *
1124  * On success, the number of bytes read is returned and the offset @ppos is
1125  * advanced by this number, or negative value is returned on error.
1126  **/
1127 ssize_t memory_read_from_buffer(void *to, size_t count, loff_t *ppos,
1128 				const void *from, size_t available)
1129 {
1130 	loff_t pos = *ppos;
1131 
1132 	if (pos < 0)
1133 		return -EINVAL;
1134 	if (pos >= available)
1135 		return 0;
1136 	if (count > available - pos)
1137 		count = available - pos;
1138 	memcpy(to, from + pos, count);
1139 	*ppos = pos + count;
1140 
1141 	return count;
1142 }
1143 EXPORT_SYMBOL(memory_read_from_buffer);
1144 
1145 /*
1146  * Transaction based IO.
1147  * The file expects a single write which triggers the transaction, and then
1148  * possibly a read which collects the result - which is stored in a
1149  * file-local buffer.
1150  */
1151 
1152 void simple_transaction_set(struct file *file, size_t n)
1153 {
1154 	struct simple_transaction_argresp *ar = file->private_data;
1155 
1156 	BUG_ON(n > SIMPLE_TRANSACTION_LIMIT);
1157 
1158 	/*
1159 	 * The barrier ensures that ar->size will really remain zero until
1160 	 * ar->data is ready for reading.
1161 	 */
1162 	smp_mb();
1163 	ar->size = n;
1164 }
1165 EXPORT_SYMBOL(simple_transaction_set);
1166 
1167 char *simple_transaction_get(struct file *file, const char __user *buf, size_t size)
1168 {
1169 	struct simple_transaction_argresp *ar;
1170 	static DEFINE_SPINLOCK(simple_transaction_lock);
1171 
1172 	if (size > SIMPLE_TRANSACTION_LIMIT - 1)
1173 		return ERR_PTR(-EFBIG);
1174 
1175 	ar = (struct simple_transaction_argresp *)get_zeroed_page(GFP_KERNEL);
1176 	if (!ar)
1177 		return ERR_PTR(-ENOMEM);
1178 
1179 	spin_lock(&simple_transaction_lock);
1180 
1181 	/* only one write allowed per open */
1182 	if (file->private_data) {
1183 		spin_unlock(&simple_transaction_lock);
1184 		free_page((unsigned long)ar);
1185 		return ERR_PTR(-EBUSY);
1186 	}
1187 
1188 	file->private_data = ar;
1189 
1190 	spin_unlock(&simple_transaction_lock);
1191 
1192 	if (copy_from_user(ar->data, buf, size))
1193 		return ERR_PTR(-EFAULT);
1194 
1195 	return ar->data;
1196 }
1197 EXPORT_SYMBOL(simple_transaction_get);
1198 
1199 ssize_t simple_transaction_read(struct file *file, char __user *buf, size_t size, loff_t *pos)
1200 {
1201 	struct simple_transaction_argresp *ar = file->private_data;
1202 
1203 	if (!ar)
1204 		return 0;
1205 	return simple_read_from_buffer(buf, size, pos, ar->data, ar->size);
1206 }
1207 EXPORT_SYMBOL(simple_transaction_read);
1208 
1209 int simple_transaction_release(struct inode *inode, struct file *file)
1210 {
1211 	free_page((unsigned long)file->private_data);
1212 	return 0;
1213 }
1214 EXPORT_SYMBOL(simple_transaction_release);
1215 
1216 /* Simple attribute files */
1217 
1218 struct simple_attr {
1219 	int (*get)(void *, u64 *);
1220 	int (*set)(void *, u64);
1221 	char get_buf[24];	/* enough to store a u64 and "\n\0" */
1222 	char set_buf[24];
1223 	void *data;
1224 	const char *fmt;	/* format for read operation */
1225 	struct mutex mutex;	/* protects access to these buffers */
1226 };
1227 
1228 /* simple_attr_open is called by an actual attribute open file operation
1229  * to set the attribute specific access operations. */
1230 int simple_attr_open(struct inode *inode, struct file *file,
1231 		     int (*get)(void *, u64 *), int (*set)(void *, u64),
1232 		     const char *fmt)
1233 {
1234 	struct simple_attr *attr;
1235 
1236 	attr = kzalloc(sizeof(*attr), GFP_KERNEL);
1237 	if (!attr)
1238 		return -ENOMEM;
1239 
1240 	attr->get = get;
1241 	attr->set = set;
1242 	attr->data = inode->i_private;
1243 	attr->fmt = fmt;
1244 	mutex_init(&attr->mutex);
1245 
1246 	file->private_data = attr;
1247 
1248 	return nonseekable_open(inode, file);
1249 }
1250 EXPORT_SYMBOL_GPL(simple_attr_open);
1251 
1252 int simple_attr_release(struct inode *inode, struct file *file)
1253 {
1254 	kfree(file->private_data);
1255 	return 0;
1256 }
1257 EXPORT_SYMBOL_GPL(simple_attr_release);	/* GPL-only?  This?  Really? */
1258 
1259 /* read from the buffer that is filled with the get function */
1260 ssize_t simple_attr_read(struct file *file, char __user *buf,
1261 			 size_t len, loff_t *ppos)
1262 {
1263 	struct simple_attr *attr;
1264 	size_t size;
1265 	ssize_t ret;
1266 
1267 	attr = file->private_data;
1268 
1269 	if (!attr->get)
1270 		return -EACCES;
1271 
1272 	ret = mutex_lock_interruptible(&attr->mutex);
1273 	if (ret)
1274 		return ret;
1275 
1276 	if (*ppos && attr->get_buf[0]) {
1277 		/* continued read */
1278 		size = strlen(attr->get_buf);
1279 	} else {
1280 		/* first read */
1281 		u64 val;
1282 		ret = attr->get(attr->data, &val);
1283 		if (ret)
1284 			goto out;
1285 
1286 		size = scnprintf(attr->get_buf, sizeof(attr->get_buf),
1287 				 attr->fmt, (unsigned long long)val);
1288 	}
1289 
1290 	ret = simple_read_from_buffer(buf, len, ppos, attr->get_buf, size);
1291 out:
1292 	mutex_unlock(&attr->mutex);
1293 	return ret;
1294 }
1295 EXPORT_SYMBOL_GPL(simple_attr_read);
1296 
1297 /* interpret the buffer as a number to call the set function with */
1298 static ssize_t simple_attr_write_xsigned(struct file *file, const char __user *buf,
1299 			  size_t len, loff_t *ppos, bool is_signed)
1300 {
1301 	struct simple_attr *attr;
1302 	unsigned long long val;
1303 	size_t size;
1304 	ssize_t ret;
1305 
1306 	attr = file->private_data;
1307 	if (!attr->set)
1308 		return -EACCES;
1309 
1310 	ret = mutex_lock_interruptible(&attr->mutex);
1311 	if (ret)
1312 		return ret;
1313 
1314 	ret = -EFAULT;
1315 	size = min(sizeof(attr->set_buf) - 1, len);
1316 	if (copy_from_user(attr->set_buf, buf, size))
1317 		goto out;
1318 
1319 	attr->set_buf[size] = '\0';
1320 	if (is_signed)
1321 		ret = kstrtoll(attr->set_buf, 0, &val);
1322 	else
1323 		ret = kstrtoull(attr->set_buf, 0, &val);
1324 	if (ret)
1325 		goto out;
1326 	ret = attr->set(attr->data, val);
1327 	if (ret == 0)
1328 		ret = len; /* on success, claim we got the whole input */
1329 out:
1330 	mutex_unlock(&attr->mutex);
1331 	return ret;
1332 }
1333 
1334 ssize_t simple_attr_write(struct file *file, const char __user *buf,
1335 			  size_t len, loff_t *ppos)
1336 {
1337 	return simple_attr_write_xsigned(file, buf, len, ppos, false);
1338 }
1339 EXPORT_SYMBOL_GPL(simple_attr_write);
1340 
1341 ssize_t simple_attr_write_signed(struct file *file, const char __user *buf,
1342 			  size_t len, loff_t *ppos)
1343 {
1344 	return simple_attr_write_xsigned(file, buf, len, ppos, true);
1345 }
1346 EXPORT_SYMBOL_GPL(simple_attr_write_signed);
1347 
1348 /**
1349  * generic_encode_ino32_fh - generic export_operations->encode_fh function
1350  * @inode:   the object to encode
1351  * @fh:      where to store the file handle fragment
1352  * @max_len: maximum length to store there (in 4 byte units)
1353  * @parent:  parent directory inode, if wanted
1354  *
1355  * This generic encode_fh function assumes that the 32 inode number
1356  * is suitable for locating an inode, and that the generation number
1357  * can be used to check that it is still valid.  It places them in the
1358  * filehandle fragment where export_decode_fh expects to find them.
1359  */
1360 int generic_encode_ino32_fh(struct inode *inode, __u32 *fh, int *max_len,
1361 			    struct inode *parent)
1362 {
1363 	struct fid *fid = (void *)fh;
1364 	int len = *max_len;
1365 	int type = FILEID_INO32_GEN;
1366 
1367 	if (parent && (len < 4)) {
1368 		*max_len = 4;
1369 		return FILEID_INVALID;
1370 	} else if (len < 2) {
1371 		*max_len = 2;
1372 		return FILEID_INVALID;
1373 	}
1374 
1375 	len = 2;
1376 	fid->i32.ino = inode->i_ino;
1377 	fid->i32.gen = inode->i_generation;
1378 	if (parent) {
1379 		fid->i32.parent_ino = parent->i_ino;
1380 		fid->i32.parent_gen = parent->i_generation;
1381 		len = 4;
1382 		type = FILEID_INO32_GEN_PARENT;
1383 	}
1384 	*max_len = len;
1385 	return type;
1386 }
1387 EXPORT_SYMBOL_GPL(generic_encode_ino32_fh);
1388 
1389 /**
1390  * generic_fh_to_dentry - generic helper for the fh_to_dentry export operation
1391  * @sb:		filesystem to do the file handle conversion on
1392  * @fid:	file handle to convert
1393  * @fh_len:	length of the file handle in bytes
1394  * @fh_type:	type of file handle
1395  * @get_inode:	filesystem callback to retrieve inode
1396  *
1397  * This function decodes @fid as long as it has one of the well-known
1398  * Linux filehandle types and calls @get_inode on it to retrieve the
1399  * inode for the object specified in the file handle.
1400  */
1401 struct dentry *generic_fh_to_dentry(struct super_block *sb, struct fid *fid,
1402 		int fh_len, int fh_type, struct inode *(*get_inode)
1403 			(struct super_block *sb, u64 ino, u32 gen))
1404 {
1405 	struct inode *inode = NULL;
1406 
1407 	if (fh_len < 2)
1408 		return NULL;
1409 
1410 	switch (fh_type) {
1411 	case FILEID_INO32_GEN:
1412 	case FILEID_INO32_GEN_PARENT:
1413 		inode = get_inode(sb, fid->i32.ino, fid->i32.gen);
1414 		break;
1415 	}
1416 
1417 	return d_obtain_alias(inode);
1418 }
1419 EXPORT_SYMBOL_GPL(generic_fh_to_dentry);
1420 
1421 /**
1422  * generic_fh_to_parent - generic helper for the fh_to_parent export operation
1423  * @sb:		filesystem to do the file handle conversion on
1424  * @fid:	file handle to convert
1425  * @fh_len:	length of the file handle in bytes
1426  * @fh_type:	type of file handle
1427  * @get_inode:	filesystem callback to retrieve inode
1428  *
1429  * This function decodes @fid as long as it has one of the well-known
1430  * Linux filehandle types and calls @get_inode on it to retrieve the
1431  * inode for the _parent_ object specified in the file handle if it
1432  * is specified in the file handle, or NULL otherwise.
1433  */
1434 struct dentry *generic_fh_to_parent(struct super_block *sb, struct fid *fid,
1435 		int fh_len, int fh_type, struct inode *(*get_inode)
1436 			(struct super_block *sb, u64 ino, u32 gen))
1437 {
1438 	struct inode *inode = NULL;
1439 
1440 	if (fh_len <= 2)
1441 		return NULL;
1442 
1443 	switch (fh_type) {
1444 	case FILEID_INO32_GEN_PARENT:
1445 		inode = get_inode(sb, fid->i32.parent_ino,
1446 				  (fh_len > 3 ? fid->i32.parent_gen : 0));
1447 		break;
1448 	}
1449 
1450 	return d_obtain_alias(inode);
1451 }
1452 EXPORT_SYMBOL_GPL(generic_fh_to_parent);
1453 
1454 /**
1455  * __generic_file_fsync - generic fsync implementation for simple filesystems
1456  *
1457  * @file:	file to synchronize
1458  * @start:	start offset in bytes
1459  * @end:	end offset in bytes (inclusive)
1460  * @datasync:	only synchronize essential metadata if true
1461  *
1462  * This is a generic implementation of the fsync method for simple
1463  * filesystems which track all non-inode metadata in the buffers list
1464  * hanging off the address_space structure.
1465  */
1466 int __generic_file_fsync(struct file *file, loff_t start, loff_t end,
1467 				 int datasync)
1468 {
1469 	struct inode *inode = file->f_mapping->host;
1470 	int err;
1471 	int ret;
1472 
1473 	err = file_write_and_wait_range(file, start, end);
1474 	if (err)
1475 		return err;
1476 
1477 	inode_lock(inode);
1478 	ret = sync_mapping_buffers(inode->i_mapping);
1479 	if (!(inode->i_state & I_DIRTY_ALL))
1480 		goto out;
1481 	if (datasync && !(inode->i_state & I_DIRTY_DATASYNC))
1482 		goto out;
1483 
1484 	err = sync_inode_metadata(inode, 1);
1485 	if (ret == 0)
1486 		ret = err;
1487 
1488 out:
1489 	inode_unlock(inode);
1490 	/* check and advance again to catch errors after syncing out buffers */
1491 	err = file_check_and_advance_wb_err(file);
1492 	if (ret == 0)
1493 		ret = err;
1494 	return ret;
1495 }
1496 EXPORT_SYMBOL(__generic_file_fsync);
1497 
1498 /**
1499  * generic_file_fsync - generic fsync implementation for simple filesystems
1500  *			with flush
1501  * @file:	file to synchronize
1502  * @start:	start offset in bytes
1503  * @end:	end offset in bytes (inclusive)
1504  * @datasync:	only synchronize essential metadata if true
1505  *
1506  */
1507 
1508 int generic_file_fsync(struct file *file, loff_t start, loff_t end,
1509 		       int datasync)
1510 {
1511 	struct inode *inode = file->f_mapping->host;
1512 	int err;
1513 
1514 	err = __generic_file_fsync(file, start, end, datasync);
1515 	if (err)
1516 		return err;
1517 	return blkdev_issue_flush(inode->i_sb->s_bdev);
1518 }
1519 EXPORT_SYMBOL(generic_file_fsync);
1520 
1521 /**
1522  * generic_check_addressable - Check addressability of file system
1523  * @blocksize_bits:	log of file system block size
1524  * @num_blocks:		number of blocks in file system
1525  *
1526  * Determine whether a file system with @num_blocks blocks (and a
1527  * block size of 2**@blocksize_bits) is addressable by the sector_t
1528  * and page cache of the system.  Return 0 if so and -EFBIG otherwise.
1529  */
1530 int generic_check_addressable(unsigned blocksize_bits, u64 num_blocks)
1531 {
1532 	u64 last_fs_block = num_blocks - 1;
1533 	u64 last_fs_page =
1534 		last_fs_block >> (PAGE_SHIFT - blocksize_bits);
1535 
1536 	if (unlikely(num_blocks == 0))
1537 		return 0;
1538 
1539 	if ((blocksize_bits < 9) || (blocksize_bits > PAGE_SHIFT))
1540 		return -EINVAL;
1541 
1542 	if ((last_fs_block > (sector_t)(~0ULL) >> (blocksize_bits - 9)) ||
1543 	    (last_fs_page > (pgoff_t)(~0ULL))) {
1544 		return -EFBIG;
1545 	}
1546 	return 0;
1547 }
1548 EXPORT_SYMBOL(generic_check_addressable);
1549 
1550 /*
1551  * No-op implementation of ->fsync for in-memory filesystems.
1552  */
1553 int noop_fsync(struct file *file, loff_t start, loff_t end, int datasync)
1554 {
1555 	return 0;
1556 }
1557 EXPORT_SYMBOL(noop_fsync);
1558 
1559 ssize_t noop_direct_IO(struct kiocb *iocb, struct iov_iter *iter)
1560 {
1561 	/*
1562 	 * iomap based filesystems support direct I/O without need for
1563 	 * this callback. However, it still needs to be set in
1564 	 * inode->a_ops so that open/fcntl know that direct I/O is
1565 	 * generally supported.
1566 	 */
1567 	return -EINVAL;
1568 }
1569 EXPORT_SYMBOL_GPL(noop_direct_IO);
1570 
1571 /* Because kfree isn't assignment-compatible with void(void*) ;-/ */
1572 void kfree_link(void *p)
1573 {
1574 	kfree(p);
1575 }
1576 EXPORT_SYMBOL(kfree_link);
1577 
1578 struct inode *alloc_anon_inode(struct super_block *s)
1579 {
1580 	static const struct address_space_operations anon_aops = {
1581 		.dirty_folio	= noop_dirty_folio,
1582 	};
1583 	struct inode *inode = new_inode_pseudo(s);
1584 
1585 	if (!inode)
1586 		return ERR_PTR(-ENOMEM);
1587 
1588 	inode->i_ino = get_next_ino();
1589 	inode->i_mapping->a_ops = &anon_aops;
1590 
1591 	/*
1592 	 * Mark the inode dirty from the very beginning,
1593 	 * that way it will never be moved to the dirty
1594 	 * list because mark_inode_dirty() will think
1595 	 * that it already _is_ on the dirty list.
1596 	 */
1597 	inode->i_state = I_DIRTY;
1598 	inode->i_mode = S_IRUSR | S_IWUSR;
1599 	inode->i_uid = current_fsuid();
1600 	inode->i_gid = current_fsgid();
1601 	inode->i_flags |= S_PRIVATE;
1602 	simple_inode_init_ts(inode);
1603 	return inode;
1604 }
1605 EXPORT_SYMBOL(alloc_anon_inode);
1606 
1607 /**
1608  * simple_nosetlease - generic helper for prohibiting leases
1609  * @filp: file pointer
1610  * @arg: type of lease to obtain
1611  * @flp: new lease supplied for insertion
1612  * @priv: private data for lm_setup operation
1613  *
1614  * Generic helper for filesystems that do not wish to allow leases to be set.
1615  * All arguments are ignored and it just returns -EINVAL.
1616  */
1617 int
1618 simple_nosetlease(struct file *filp, int arg, struct file_lease **flp,
1619 		  void **priv)
1620 {
1621 	return -EINVAL;
1622 }
1623 EXPORT_SYMBOL(simple_nosetlease);
1624 
1625 /**
1626  * simple_get_link - generic helper to get the target of "fast" symlinks
1627  * @dentry: not used here
1628  * @inode: the symlink inode
1629  * @done: not used here
1630  *
1631  * Generic helper for filesystems to use for symlink inodes where a pointer to
1632  * the symlink target is stored in ->i_link.  NOTE: this isn't normally called,
1633  * since as an optimization the path lookup code uses any non-NULL ->i_link
1634  * directly, without calling ->get_link().  But ->get_link() still must be set,
1635  * to mark the inode_operations as being for a symlink.
1636  *
1637  * Return: the symlink target
1638  */
1639 const char *simple_get_link(struct dentry *dentry, struct inode *inode,
1640 			    struct delayed_call *done)
1641 {
1642 	return inode->i_link;
1643 }
1644 EXPORT_SYMBOL(simple_get_link);
1645 
1646 const struct inode_operations simple_symlink_inode_operations = {
1647 	.get_link = simple_get_link,
1648 };
1649 EXPORT_SYMBOL(simple_symlink_inode_operations);
1650 
1651 /*
1652  * Operations for a permanently empty directory.
1653  */
1654 static struct dentry *empty_dir_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
1655 {
1656 	return ERR_PTR(-ENOENT);
1657 }
1658 
1659 static int empty_dir_getattr(struct mnt_idmap *idmap,
1660 			     const struct path *path, struct kstat *stat,
1661 			     u32 request_mask, unsigned int query_flags)
1662 {
1663 	struct inode *inode = d_inode(path->dentry);
1664 	generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat);
1665 	return 0;
1666 }
1667 
1668 static int empty_dir_setattr(struct mnt_idmap *idmap,
1669 			     struct dentry *dentry, struct iattr *attr)
1670 {
1671 	return -EPERM;
1672 }
1673 
1674 static ssize_t empty_dir_listxattr(struct dentry *dentry, char *list, size_t size)
1675 {
1676 	return -EOPNOTSUPP;
1677 }
1678 
1679 static const struct inode_operations empty_dir_inode_operations = {
1680 	.lookup		= empty_dir_lookup,
1681 	.permission	= generic_permission,
1682 	.setattr	= empty_dir_setattr,
1683 	.getattr	= empty_dir_getattr,
1684 	.listxattr	= empty_dir_listxattr,
1685 };
1686 
1687 static loff_t empty_dir_llseek(struct file *file, loff_t offset, int whence)
1688 {
1689 	/* An empty directory has two entries . and .. at offsets 0 and 1 */
1690 	return generic_file_llseek_size(file, offset, whence, 2, 2);
1691 }
1692 
1693 static int empty_dir_readdir(struct file *file, struct dir_context *ctx)
1694 {
1695 	dir_emit_dots(file, ctx);
1696 	return 0;
1697 }
1698 
1699 static const struct file_operations empty_dir_operations = {
1700 	.llseek		= empty_dir_llseek,
1701 	.read		= generic_read_dir,
1702 	.iterate_shared	= empty_dir_readdir,
1703 	.fsync		= noop_fsync,
1704 };
1705 
1706 
1707 void make_empty_dir_inode(struct inode *inode)
1708 {
1709 	set_nlink(inode, 2);
1710 	inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO;
1711 	inode->i_uid = GLOBAL_ROOT_UID;
1712 	inode->i_gid = GLOBAL_ROOT_GID;
1713 	inode->i_rdev = 0;
1714 	inode->i_size = 0;
1715 	inode->i_blkbits = PAGE_SHIFT;
1716 	inode->i_blocks = 0;
1717 
1718 	inode->i_op = &empty_dir_inode_operations;
1719 	inode->i_opflags &= ~IOP_XATTR;
1720 	inode->i_fop = &empty_dir_operations;
1721 }
1722 
1723 bool is_empty_dir_inode(struct inode *inode)
1724 {
1725 	return (inode->i_fop == &empty_dir_operations) &&
1726 		(inode->i_op == &empty_dir_inode_operations);
1727 }
1728 
1729 #if IS_ENABLED(CONFIG_UNICODE)
1730 /**
1731  * generic_ci_d_compare - generic d_compare implementation for casefolding filesystems
1732  * @dentry:	dentry whose name we are checking against
1733  * @len:	len of name of dentry
1734  * @str:	str pointer to name of dentry
1735  * @name:	Name to compare against
1736  *
1737  * Return: 0 if names match, 1 if mismatch, or -ERRNO
1738  */
1739 static int generic_ci_d_compare(const struct dentry *dentry, unsigned int len,
1740 				const char *str, const struct qstr *name)
1741 {
1742 	const struct dentry *parent;
1743 	const struct inode *dir;
1744 	char strbuf[DNAME_INLINE_LEN];
1745 	struct qstr qstr;
1746 
1747 	/*
1748 	 * Attempt a case-sensitive match first. It is cheaper and
1749 	 * should cover most lookups, including all the sane
1750 	 * applications that expect a case-sensitive filesystem.
1751 	 *
1752 	 * This comparison is safe under RCU because the caller
1753 	 * guarantees the consistency between str and len. See
1754 	 * __d_lookup_rcu_op_compare() for details.
1755 	 */
1756 	if (len == name->len && !memcmp(str, name->name, len))
1757 		return 0;
1758 
1759 	parent = READ_ONCE(dentry->d_parent);
1760 	dir = READ_ONCE(parent->d_inode);
1761 	if (!dir || !IS_CASEFOLDED(dir))
1762 		return 1;
1763 
1764 	/*
1765 	 * If the dentry name is stored in-line, then it may be concurrently
1766 	 * modified by a rename.  If this happens, the VFS will eventually retry
1767 	 * the lookup, so it doesn't matter what ->d_compare() returns.
1768 	 * However, it's unsafe to call utf8_strncasecmp() with an unstable
1769 	 * string.  Therefore, we have to copy the name into a temporary buffer.
1770 	 */
1771 	if (len <= DNAME_INLINE_LEN - 1) {
1772 		memcpy(strbuf, str, len);
1773 		strbuf[len] = 0;
1774 		str = strbuf;
1775 		/* prevent compiler from optimizing out the temporary buffer */
1776 		barrier();
1777 	}
1778 	qstr.len = len;
1779 	qstr.name = str;
1780 
1781 	return utf8_strncasecmp(dentry->d_sb->s_encoding, name, &qstr);
1782 }
1783 
1784 /**
1785  * generic_ci_d_hash - generic d_hash implementation for casefolding filesystems
1786  * @dentry:	dentry of the parent directory
1787  * @str:	qstr of name whose hash we should fill in
1788  *
1789  * Return: 0 if hash was successful or unchanged, and -EINVAL on error
1790  */
1791 static int generic_ci_d_hash(const struct dentry *dentry, struct qstr *str)
1792 {
1793 	const struct inode *dir = READ_ONCE(dentry->d_inode);
1794 	struct super_block *sb = dentry->d_sb;
1795 	const struct unicode_map *um = sb->s_encoding;
1796 	int ret;
1797 
1798 	if (!dir || !IS_CASEFOLDED(dir))
1799 		return 0;
1800 
1801 	ret = utf8_casefold_hash(um, dentry, str);
1802 	if (ret < 0 && sb_has_strict_encoding(sb))
1803 		return -EINVAL;
1804 	return 0;
1805 }
1806 
1807 static const struct dentry_operations generic_ci_dentry_ops = {
1808 	.d_hash = generic_ci_d_hash,
1809 	.d_compare = generic_ci_d_compare,
1810 #ifdef CONFIG_FS_ENCRYPTION
1811 	.d_revalidate = fscrypt_d_revalidate,
1812 #endif
1813 };
1814 #endif
1815 
1816 #ifdef CONFIG_FS_ENCRYPTION
1817 static const struct dentry_operations generic_encrypted_dentry_ops = {
1818 	.d_revalidate = fscrypt_d_revalidate,
1819 };
1820 #endif
1821 
1822 /**
1823  * generic_set_sb_d_ops - helper for choosing the set of
1824  * filesystem-wide dentry operations for the enabled features
1825  * @sb: superblock to be configured
1826  *
1827  * Filesystems supporting casefolding and/or fscrypt can call this
1828  * helper at mount-time to configure sb->s_d_op to best set of dentry
1829  * operations required for the enabled features. The helper must be
1830  * called after these have been configured, but before the root dentry
1831  * is created.
1832  */
1833 void generic_set_sb_d_ops(struct super_block *sb)
1834 {
1835 #if IS_ENABLED(CONFIG_UNICODE)
1836 	if (sb->s_encoding) {
1837 		sb->s_d_op = &generic_ci_dentry_ops;
1838 		return;
1839 	}
1840 #endif
1841 #ifdef CONFIG_FS_ENCRYPTION
1842 	if (sb->s_cop) {
1843 		sb->s_d_op = &generic_encrypted_dentry_ops;
1844 		return;
1845 	}
1846 #endif
1847 }
1848 EXPORT_SYMBOL(generic_set_sb_d_ops);
1849 
1850 /**
1851  * inode_maybe_inc_iversion - increments i_version
1852  * @inode: inode with the i_version that should be updated
1853  * @force: increment the counter even if it's not necessary?
1854  *
1855  * Every time the inode is modified, the i_version field must be seen to have
1856  * changed by any observer.
1857  *
1858  * If "force" is set or the QUERIED flag is set, then ensure that we increment
1859  * the value, and clear the queried flag.
1860  *
1861  * In the common case where neither is set, then we can return "false" without
1862  * updating i_version.
1863  *
1864  * If this function returns false, and no other metadata has changed, then we
1865  * can avoid logging the metadata.
1866  */
1867 bool inode_maybe_inc_iversion(struct inode *inode, bool force)
1868 {
1869 	u64 cur, new;
1870 
1871 	/*
1872 	 * The i_version field is not strictly ordered with any other inode
1873 	 * information, but the legacy inode_inc_iversion code used a spinlock
1874 	 * to serialize increments.
1875 	 *
1876 	 * Here, we add full memory barriers to ensure that any de-facto
1877 	 * ordering with other info is preserved.
1878 	 *
1879 	 * This barrier pairs with the barrier in inode_query_iversion()
1880 	 */
1881 	smp_mb();
1882 	cur = inode_peek_iversion_raw(inode);
1883 	do {
1884 		/* If flag is clear then we needn't do anything */
1885 		if (!force && !(cur & I_VERSION_QUERIED))
1886 			return false;
1887 
1888 		/* Since lowest bit is flag, add 2 to avoid it */
1889 		new = (cur & ~I_VERSION_QUERIED) + I_VERSION_INCREMENT;
1890 	} while (!atomic64_try_cmpxchg(&inode->i_version, &cur, new));
1891 	return true;
1892 }
1893 EXPORT_SYMBOL(inode_maybe_inc_iversion);
1894 
1895 /**
1896  * inode_query_iversion - read i_version for later use
1897  * @inode: inode from which i_version should be read
1898  *
1899  * Read the inode i_version counter. This should be used by callers that wish
1900  * to store the returned i_version for later comparison. This will guarantee
1901  * that a later query of the i_version will result in a different value if
1902  * anything has changed.
1903  *
1904  * In this implementation, we fetch the current value, set the QUERIED flag and
1905  * then try to swap it into place with a cmpxchg, if it wasn't already set. If
1906  * that fails, we try again with the newly fetched value from the cmpxchg.
1907  */
1908 u64 inode_query_iversion(struct inode *inode)
1909 {
1910 	u64 cur, new;
1911 
1912 	cur = inode_peek_iversion_raw(inode);
1913 	do {
1914 		/* If flag is already set, then no need to swap */
1915 		if (cur & I_VERSION_QUERIED) {
1916 			/*
1917 			 * This barrier (and the implicit barrier in the
1918 			 * cmpxchg below) pairs with the barrier in
1919 			 * inode_maybe_inc_iversion().
1920 			 */
1921 			smp_mb();
1922 			break;
1923 		}
1924 
1925 		new = cur | I_VERSION_QUERIED;
1926 	} while (!atomic64_try_cmpxchg(&inode->i_version, &cur, new));
1927 	return cur >> I_VERSION_QUERIED_SHIFT;
1928 }
1929 EXPORT_SYMBOL(inode_query_iversion);
1930 
1931 ssize_t direct_write_fallback(struct kiocb *iocb, struct iov_iter *iter,
1932 		ssize_t direct_written, ssize_t buffered_written)
1933 {
1934 	struct address_space *mapping = iocb->ki_filp->f_mapping;
1935 	loff_t pos = iocb->ki_pos - buffered_written;
1936 	loff_t end = iocb->ki_pos - 1;
1937 	int err;
1938 
1939 	/*
1940 	 * If the buffered write fallback returned an error, we want to return
1941 	 * the number of bytes which were written by direct I/O, or the error
1942 	 * code if that was zero.
1943 	 *
1944 	 * Note that this differs from normal direct-io semantics, which will
1945 	 * return -EFOO even if some bytes were written.
1946 	 */
1947 	if (unlikely(buffered_written < 0)) {
1948 		if (direct_written)
1949 			return direct_written;
1950 		return buffered_written;
1951 	}
1952 
1953 	/*
1954 	 * We need to ensure that the page cache pages are written to disk and
1955 	 * invalidated to preserve the expected O_DIRECT semantics.
1956 	 */
1957 	err = filemap_write_and_wait_range(mapping, pos, end);
1958 	if (err < 0) {
1959 		/*
1960 		 * We don't know how much we wrote, so just return the number of
1961 		 * bytes which were direct-written
1962 		 */
1963 		iocb->ki_pos -= buffered_written;
1964 		if (direct_written)
1965 			return direct_written;
1966 		return err;
1967 	}
1968 	invalidate_mapping_pages(mapping, pos >> PAGE_SHIFT, end >> PAGE_SHIFT);
1969 	return direct_written + buffered_written;
1970 }
1971 EXPORT_SYMBOL_GPL(direct_write_fallback);
1972 
1973 /**
1974  * simple_inode_init_ts - initialize the timestamps for a new inode
1975  * @inode: inode to be initialized
1976  *
1977  * When a new inode is created, most filesystems set the timestamps to the
1978  * current time. Add a helper to do this.
1979  */
1980 struct timespec64 simple_inode_init_ts(struct inode *inode)
1981 {
1982 	struct timespec64 ts = inode_set_ctime_current(inode);
1983 
1984 	inode_set_atime_to_ts(inode, ts);
1985 	inode_set_mtime_to_ts(inode, ts);
1986 	return ts;
1987 }
1988 EXPORT_SYMBOL(simple_inode_init_ts);
1989 
1990 static inline struct dentry *get_stashed_dentry(struct dentry *stashed)
1991 {
1992 	struct dentry *dentry;
1993 
1994 	guard(rcu)();
1995 	dentry = READ_ONCE(stashed);
1996 	if (!dentry)
1997 		return NULL;
1998 	if (!lockref_get_not_dead(&dentry->d_lockref))
1999 		return NULL;
2000 	return dentry;
2001 }
2002 
2003 static struct dentry *prepare_anon_dentry(struct dentry **stashed,
2004 					  struct super_block *sb,
2005 					  void *data)
2006 {
2007 	struct dentry *dentry;
2008 	struct inode *inode;
2009 	const struct stashed_operations *sops = sb->s_fs_info;
2010 	int ret;
2011 
2012 	inode = new_inode_pseudo(sb);
2013 	if (!inode) {
2014 		sops->put_data(data);
2015 		return ERR_PTR(-ENOMEM);
2016 	}
2017 
2018 	inode->i_flags |= S_IMMUTABLE;
2019 	inode->i_mode = S_IFREG;
2020 	simple_inode_init_ts(inode);
2021 
2022 	ret = sops->init_inode(inode, data);
2023 	if (ret < 0) {
2024 		iput(inode);
2025 		return ERR_PTR(ret);
2026 	}
2027 
2028 	/* Notice when this is changed. */
2029 	WARN_ON_ONCE(!S_ISREG(inode->i_mode));
2030 	WARN_ON_ONCE(!IS_IMMUTABLE(inode));
2031 
2032 	dentry = d_alloc_anon(sb);
2033 	if (!dentry) {
2034 		iput(inode);
2035 		return ERR_PTR(-ENOMEM);
2036 	}
2037 
2038 	/* Store address of location where dentry's supposed to be stashed. */
2039 	dentry->d_fsdata = stashed;
2040 
2041 	/* @data is now owned by the fs */
2042 	d_instantiate(dentry, inode);
2043 	return dentry;
2044 }
2045 
2046 static struct dentry *stash_dentry(struct dentry **stashed,
2047 				   struct dentry *dentry)
2048 {
2049 	guard(rcu)();
2050 	for (;;) {
2051 		struct dentry *old;
2052 
2053 		/* Assume any old dentry was cleared out. */
2054 		old = cmpxchg(stashed, NULL, dentry);
2055 		if (likely(!old))
2056 			return dentry;
2057 
2058 		/* Check if somebody else installed a reusable dentry. */
2059 		if (lockref_get_not_dead(&old->d_lockref))
2060 			return old;
2061 
2062 		/* There's an old dead dentry there, try to take it over. */
2063 		if (likely(try_cmpxchg(stashed, &old, dentry)))
2064 			return dentry;
2065 	}
2066 }
2067 
2068 /**
2069  * path_from_stashed - create path from stashed or new dentry
2070  * @stashed:    where to retrieve or stash dentry
2071  * @mnt:        mnt of the filesystems to use
2072  * @data:       data to store in inode->i_private
2073  * @path:       path to create
2074  *
2075  * The function tries to retrieve a stashed dentry from @stashed. If the dentry
2076  * is still valid then it will be reused. If the dentry isn't able the function
2077  * will allocate a new dentry and inode. It will then check again whether it
2078  * can reuse an existing dentry in case one has been added in the meantime or
2079  * update @stashed with the newly added dentry.
2080  *
2081  * Special-purpose helper for nsfs and pidfs.
2082  *
2083  * Return: On success zero and on failure a negative error is returned.
2084  */
2085 int path_from_stashed(struct dentry **stashed, struct vfsmount *mnt, void *data,
2086 		      struct path *path)
2087 {
2088 	struct dentry *dentry;
2089 	const struct stashed_operations *sops = mnt->mnt_sb->s_fs_info;
2090 
2091 	/* See if dentry can be reused. */
2092 	path->dentry = get_stashed_dentry(*stashed);
2093 	if (path->dentry) {
2094 		sops->put_data(data);
2095 		goto out_path;
2096 	}
2097 
2098 	/* Allocate a new dentry. */
2099 	dentry = prepare_anon_dentry(stashed, mnt->mnt_sb, data);
2100 	if (IS_ERR(dentry))
2101 		return PTR_ERR(dentry);
2102 
2103 	/* Added a new dentry. @data is now owned by the filesystem. */
2104 	path->dentry = stash_dentry(stashed, dentry);
2105 	if (path->dentry != dentry)
2106 		dput(dentry);
2107 
2108 out_path:
2109 	WARN_ON_ONCE(path->dentry->d_fsdata != stashed);
2110 	WARN_ON_ONCE(d_inode(path->dentry)->i_private != data);
2111 	path->mnt = mntget(mnt);
2112 	return 0;
2113 }
2114 
2115 void stashed_dentry_prune(struct dentry *dentry)
2116 {
2117 	struct dentry **stashed = dentry->d_fsdata;
2118 	struct inode *inode = d_inode(dentry);
2119 
2120 	if (WARN_ON_ONCE(!stashed))
2121 		return;
2122 
2123 	if (!inode)
2124 		return;
2125 
2126 	/*
2127 	 * Only replace our own @dentry as someone else might've
2128 	 * already cleared out @dentry and stashed their own
2129 	 * dentry in there.
2130 	 */
2131 	cmpxchg(stashed, dentry, NULL);
2132 }
2133