1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/fs/nfs/unlink.c 4 * 5 * nfs sillydelete handling 6 * 7 */ 8 9 #include <linux/slab.h> 10 #include <linux/string.h> 11 #include <linux/dcache.h> 12 #include <linux/sunrpc/sched.h> 13 #include <linux/sunrpc/clnt.h> 14 #include <linux/nfs_fs.h> 15 #include <linux/sched.h> 16 #include <linux/wait.h> 17 #include <linux/namei.h> 18 #include <linux/fsnotify.h> 19 20 #include "internal.h" 21 #include "nfs4_fs.h" 22 #include "iostat.h" 23 #include "delegation.h" 24 25 #include "nfstrace.h" 26 27 /** 28 * nfs_free_unlinkdata - release data from a sillydelete operation. 29 * @data: pointer to unlink structure. 30 */ 31 static void 32 nfs_free_unlinkdata(struct nfs_unlinkdata *data) 33 { 34 put_cred(data->cred); 35 kfree(data->args.name.name); 36 kfree(data); 37 } 38 39 /** 40 * nfs_async_unlink_done - Sillydelete post-processing 41 * @task: rpc_task of the sillydelete 42 * @calldata: pointer to nfs_unlinkdata 43 * 44 * Do the directory attribute update. 45 */ 46 static void nfs_async_unlink_done(struct rpc_task *task, void *calldata) 47 { 48 struct nfs_unlinkdata *data = calldata; 49 struct inode *dir = d_inode(data->dentry->d_parent); 50 51 trace_nfs_sillyrename_unlink(data, task->tk_status); 52 if (!NFS_PROTO(dir)->unlink_done(task, dir)) 53 rpc_restart_call_prepare(task); 54 } 55 56 /** 57 * nfs_async_unlink_release - Release the sillydelete data. 58 * @calldata: struct nfs_unlinkdata to release 59 * 60 * We need to call nfs_put_unlinkdata as a 'tk_release' task since the 61 * rpc_task would be freed too. 62 */ 63 static void nfs_async_unlink_release(void *calldata) 64 { 65 struct nfs_unlinkdata *data = calldata; 66 struct dentry *dentry = data->dentry; 67 struct super_block *sb = dentry->d_sb; 68 69 up_read_non_owner(&NFS_I(d_inode(dentry->d_parent))->rmdir_sem); 70 d_lookup_done(dentry); 71 nfs_free_unlinkdata(data); 72 dput(dentry); 73 nfs_sb_deactive(sb); 74 } 75 76 static void nfs_unlink_prepare(struct rpc_task *task, void *calldata) 77 { 78 struct nfs_unlinkdata *data = calldata; 79 struct inode *dir = d_inode(data->dentry->d_parent); 80 NFS_PROTO(dir)->unlink_rpc_prepare(task, data); 81 } 82 83 static const struct rpc_call_ops nfs_unlink_ops = { 84 .rpc_call_done = nfs_async_unlink_done, 85 .rpc_release = nfs_async_unlink_release, 86 .rpc_call_prepare = nfs_unlink_prepare, 87 }; 88 89 static void nfs_do_call_unlink(struct inode *inode, struct nfs_unlinkdata *data) 90 { 91 struct rpc_message msg = { 92 .rpc_argp = &data->args, 93 .rpc_resp = &data->res, 94 .rpc_cred = data->cred, 95 }; 96 struct rpc_task_setup task_setup_data = { 97 .rpc_message = &msg, 98 .callback_ops = &nfs_unlink_ops, 99 .callback_data = data, 100 .workqueue = nfsiod_workqueue, 101 .flags = RPC_TASK_ASYNC | RPC_TASK_CRED_NOREF, 102 }; 103 struct rpc_task *task; 104 struct inode *dir = d_inode(data->dentry->d_parent); 105 nfs_sb_active(dir->i_sb); 106 data->args.fh = NFS_FH(dir); 107 nfs_fattr_init(data->res.dir_attr); 108 109 NFS_PROTO(dir)->unlink_setup(&msg, data->dentry, inode); 110 111 task_setup_data.rpc_client = NFS_CLIENT(dir); 112 task = rpc_run_task(&task_setup_data); 113 if (!IS_ERR(task)) 114 rpc_put_task_async(task); 115 } 116 117 static int nfs_call_unlink(struct dentry *dentry, struct inode *inode, struct nfs_unlinkdata *data) 118 { 119 struct inode *dir = d_inode(dentry->d_parent); 120 struct dentry *alias; 121 122 down_read_non_owner(&NFS_I(dir)->rmdir_sem); 123 alias = d_alloc_parallel(dentry->d_parent, &data->args.name, &data->wq); 124 if (IS_ERR(alias)) { 125 up_read_non_owner(&NFS_I(dir)->rmdir_sem); 126 return 0; 127 } 128 if (!d_in_lookup(alias)) { 129 int ret; 130 void *devname_garbage = NULL; 131 132 /* 133 * Hey, we raced with lookup... See if we need to transfer 134 * the sillyrename information to the aliased dentry. 135 */ 136 spin_lock(&alias->d_lock); 137 if (d_really_is_positive(alias) && 138 !(alias->d_flags & DCACHE_NFSFS_RENAMED)) { 139 devname_garbage = alias->d_fsdata; 140 alias->d_fsdata = data; 141 alias->d_flags |= DCACHE_NFSFS_RENAMED; 142 ret = 1; 143 } else 144 ret = 0; 145 spin_unlock(&alias->d_lock); 146 dput(alias); 147 up_read_non_owner(&NFS_I(dir)->rmdir_sem); 148 /* 149 * If we'd displaced old cached devname, free it. At that 150 * point dentry is definitely not a root, so we won't need 151 * that anymore. 152 */ 153 kfree(devname_garbage); 154 return ret; 155 } 156 data->dentry = alias; 157 nfs_do_call_unlink(inode, data); 158 return 1; 159 } 160 161 /** 162 * nfs_async_unlink - asynchronous unlinking of a file 163 * @dentry: parent directory of dentry 164 * @name: name of dentry to unlink 165 */ 166 static int 167 nfs_async_unlink(struct dentry *dentry, const struct qstr *name) 168 { 169 struct nfs_unlinkdata *data; 170 int status = -ENOMEM; 171 void *devname_garbage = NULL; 172 173 data = kzalloc(sizeof(*data), GFP_KERNEL); 174 if (data == NULL) 175 goto out; 176 data->args.name.name = kstrdup(name->name, GFP_KERNEL); 177 if (!data->args.name.name) 178 goto out_free; 179 data->args.name.len = name->len; 180 181 data->cred = get_current_cred(); 182 data->res.dir_attr = &data->dir_attr; 183 init_waitqueue_head(&data->wq); 184 185 status = -EBUSY; 186 spin_lock(&dentry->d_lock); 187 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) 188 goto out_unlock; 189 dentry->d_flags |= DCACHE_NFSFS_RENAMED; 190 devname_garbage = dentry->d_fsdata; 191 dentry->d_fsdata = data; 192 spin_unlock(&dentry->d_lock); 193 /* 194 * If we'd displaced old cached devname, free it. At that 195 * point dentry is definitely not a root, so we won't need 196 * that anymore. 197 */ 198 kfree(devname_garbage); 199 return 0; 200 out_unlock: 201 spin_unlock(&dentry->d_lock); 202 put_cred(data->cred); 203 kfree(data->args.name.name); 204 out_free: 205 kfree(data); 206 out: 207 return status; 208 } 209 210 /** 211 * nfs_complete_unlink - Initialize completion of the sillydelete 212 * @dentry: dentry to delete 213 * @inode: inode 214 * 215 * Since we're most likely to be called by dentry_iput(), we 216 * only use the dentry to find the sillydelete. We then copy the name 217 * into the qstr. 218 */ 219 void 220 nfs_complete_unlink(struct dentry *dentry, struct inode *inode) 221 { 222 struct nfs_unlinkdata *data; 223 224 spin_lock(&dentry->d_lock); 225 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED; 226 data = dentry->d_fsdata; 227 dentry->d_fsdata = NULL; 228 spin_unlock(&dentry->d_lock); 229 230 if (NFS_STALE(inode) || !nfs_call_unlink(dentry, inode, data)) 231 nfs_free_unlinkdata(data); 232 } 233 234 /* Cancel a queued async unlink. Called when a sillyrename run fails. */ 235 static void 236 nfs_cancel_async_unlink(struct dentry *dentry) 237 { 238 spin_lock(&dentry->d_lock); 239 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) { 240 struct nfs_unlinkdata *data = dentry->d_fsdata; 241 242 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED; 243 dentry->d_fsdata = NULL; 244 spin_unlock(&dentry->d_lock); 245 nfs_free_unlinkdata(data); 246 return; 247 } 248 spin_unlock(&dentry->d_lock); 249 } 250 251 /** 252 * nfs_async_rename_done - Sillyrename post-processing 253 * @task: rpc_task of the sillyrename 254 * @calldata: nfs_renamedata for the sillyrename 255 * 256 * Do the directory attribute updates and the d_move 257 */ 258 static void nfs_async_rename_done(struct rpc_task *task, void *calldata) 259 { 260 struct nfs_renamedata *data = calldata; 261 struct inode *old_dir = data->old_dir; 262 struct inode *new_dir = data->new_dir; 263 struct dentry *old_dentry = data->old_dentry; 264 265 trace_nfs_sillyrename_rename(old_dir, old_dentry, 266 new_dir, data->new_dentry, task->tk_status); 267 if (!NFS_PROTO(old_dir)->rename_done(task, old_dir, new_dir)) { 268 rpc_restart_call_prepare(task); 269 return; 270 } 271 272 if (data->complete) 273 data->complete(task, data); 274 } 275 276 /** 277 * nfs_async_rename_release - Release the sillyrename data. 278 * @calldata: the struct nfs_renamedata to be released 279 */ 280 static void nfs_async_rename_release(void *calldata) 281 { 282 struct nfs_renamedata *data = calldata; 283 struct super_block *sb = data->old_dir->i_sb; 284 285 if (d_really_is_positive(data->old_dentry)) 286 nfs_mark_for_revalidate(d_inode(data->old_dentry)); 287 288 /* The result of the rename is unknown. Play it safe by 289 * forcing a new lookup */ 290 if (data->cancelled) { 291 spin_lock(&data->old_dir->i_lock); 292 nfs_force_lookup_revalidate(data->old_dir); 293 spin_unlock(&data->old_dir->i_lock); 294 if (data->new_dir != data->old_dir) { 295 spin_lock(&data->new_dir->i_lock); 296 nfs_force_lookup_revalidate(data->new_dir); 297 spin_unlock(&data->new_dir->i_lock); 298 } 299 } 300 301 dput(data->old_dentry); 302 dput(data->new_dentry); 303 iput(data->old_dir); 304 iput(data->new_dir); 305 nfs_sb_deactive(sb); 306 put_cred(data->cred); 307 kfree(data); 308 } 309 310 static void nfs_rename_prepare(struct rpc_task *task, void *calldata) 311 { 312 struct nfs_renamedata *data = calldata; 313 NFS_PROTO(data->old_dir)->rename_rpc_prepare(task, data); 314 } 315 316 static const struct rpc_call_ops nfs_rename_ops = { 317 .rpc_call_done = nfs_async_rename_done, 318 .rpc_release = nfs_async_rename_release, 319 .rpc_call_prepare = nfs_rename_prepare, 320 }; 321 322 /** 323 * nfs_async_rename - perform an asynchronous rename operation 324 * @old_dir: directory that currently holds the dentry to be renamed 325 * @new_dir: target directory for the rename 326 * @old_dentry: original dentry to be renamed 327 * @new_dentry: dentry to which the old_dentry should be renamed 328 * @complete: Function to run on successful completion 329 * 330 * It's expected that valid references to the dentries and inodes are held 331 */ 332 struct rpc_task * 333 nfs_async_rename(struct inode *old_dir, struct inode *new_dir, 334 struct dentry *old_dentry, struct dentry *new_dentry, 335 void (*complete)(struct rpc_task *, struct nfs_renamedata *)) 336 { 337 struct nfs_renamedata *data; 338 struct rpc_message msg = { }; 339 struct rpc_task_setup task_setup_data = { 340 .rpc_message = &msg, 341 .callback_ops = &nfs_rename_ops, 342 .workqueue = nfsiod_workqueue, 343 .rpc_client = NFS_CLIENT(old_dir), 344 .flags = RPC_TASK_ASYNC | RPC_TASK_CRED_NOREF, 345 }; 346 347 data = kzalloc(sizeof(*data), GFP_KERNEL); 348 if (data == NULL) 349 return ERR_PTR(-ENOMEM); 350 task_setup_data.callback_data = data; 351 352 data->cred = get_current_cred(); 353 354 msg.rpc_argp = &data->args; 355 msg.rpc_resp = &data->res; 356 msg.rpc_cred = data->cred; 357 358 /* set up nfs_renamedata */ 359 data->old_dir = old_dir; 360 ihold(old_dir); 361 data->new_dir = new_dir; 362 ihold(new_dir); 363 data->old_dentry = dget(old_dentry); 364 data->new_dentry = dget(new_dentry); 365 nfs_fattr_init(&data->old_fattr); 366 nfs_fattr_init(&data->new_fattr); 367 data->complete = complete; 368 369 /* set up nfs_renameargs */ 370 data->args.old_dir = NFS_FH(old_dir); 371 data->args.old_name = &old_dentry->d_name; 372 data->args.new_dir = NFS_FH(new_dir); 373 data->args.new_name = &new_dentry->d_name; 374 375 /* set up nfs_renameres */ 376 data->res.old_fattr = &data->old_fattr; 377 data->res.new_fattr = &data->new_fattr; 378 379 nfs_sb_active(old_dir->i_sb); 380 381 NFS_PROTO(data->old_dir)->rename_setup(&msg, old_dentry, new_dentry); 382 383 return rpc_run_task(&task_setup_data); 384 } 385 386 /* 387 * Perform tasks needed when a sillyrename is done such as cancelling the 388 * queued async unlink if it failed. 389 */ 390 static void 391 nfs_complete_sillyrename(struct rpc_task *task, struct nfs_renamedata *data) 392 { 393 struct dentry *dentry = data->old_dentry; 394 395 if (task->tk_status != 0) { 396 nfs_cancel_async_unlink(dentry); 397 return; 398 } 399 } 400 401 #define SILLYNAME_PREFIX ".nfs" 402 #define SILLYNAME_PREFIX_LEN ((unsigned)sizeof(SILLYNAME_PREFIX) - 1) 403 #define SILLYNAME_FILEID_LEN ((unsigned)sizeof(u64) << 1) 404 #define SILLYNAME_COUNTER_LEN ((unsigned)sizeof(unsigned int) << 1) 405 #define SILLYNAME_LEN (SILLYNAME_PREFIX_LEN + \ 406 SILLYNAME_FILEID_LEN + \ 407 SILLYNAME_COUNTER_LEN) 408 409 /** 410 * nfs_sillyrename - Perform a silly-rename of a dentry 411 * @dir: inode of directory that contains dentry 412 * @dentry: dentry to be sillyrenamed 413 * 414 * NFSv2/3 is stateless and the server doesn't know when the client is 415 * holding a file open. To prevent application problems when a file is 416 * unlinked while it's still open, the client performs a "silly-rename". 417 * That is, it renames the file to a hidden file in the same directory, 418 * and only performs the unlink once the last reference to it is put. 419 * 420 * The final cleanup is done during dentry_iput. 421 * 422 * (Note: NFSv4 is stateful, and has opens, so in theory an NFSv4 server 423 * could take responsibility for keeping open files referenced. The server 424 * would also need to ensure that opened-but-deleted files were kept over 425 * reboots. However, we may not assume a server does so. (RFC 5661 426 * does provide an OPEN4_RESULT_PRESERVE_UNLINKED flag that a server can 427 * use to advertise that it does this; some day we may take advantage of 428 * it.)) 429 */ 430 int 431 nfs_sillyrename(struct inode *dir, struct dentry *dentry) 432 { 433 static unsigned int sillycounter; 434 unsigned char silly[SILLYNAME_LEN + 1]; 435 unsigned long long fileid; 436 struct dentry *sdentry; 437 struct inode *inode = d_inode(dentry); 438 struct rpc_task *task; 439 int error = -EBUSY; 440 441 dfprintk(VFS, "NFS: silly-rename(%pd2, ct=%d)\n", 442 dentry, d_count(dentry)); 443 nfs_inc_stats(dir, NFSIOS_SILLYRENAME); 444 445 /* 446 * We don't allow a dentry to be silly-renamed twice. 447 */ 448 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) 449 goto out; 450 451 fileid = NFS_FILEID(d_inode(dentry)); 452 453 sdentry = NULL; 454 do { 455 int slen; 456 dput(sdentry); 457 sillycounter++; 458 slen = scnprintf(silly, sizeof(silly), 459 SILLYNAME_PREFIX "%0*llx%0*x", 460 SILLYNAME_FILEID_LEN, fileid, 461 SILLYNAME_COUNTER_LEN, sillycounter); 462 463 dfprintk(VFS, "NFS: trying to rename %pd to %s\n", 464 dentry, silly); 465 466 sdentry = lookup_one_len(silly, dentry->d_parent, slen); 467 /* 468 * N.B. Better to return EBUSY here ... it could be 469 * dangerous to delete the file while it's in use. 470 */ 471 if (IS_ERR(sdentry)) 472 goto out; 473 } while (d_inode(sdentry) != NULL); /* need negative lookup */ 474 475 ihold(inode); 476 477 /* queue unlink first. Can't do this from rpc_release as it 478 * has to allocate memory 479 */ 480 error = nfs_async_unlink(dentry, &sdentry->d_name); 481 if (error) 482 goto out_dput; 483 484 /* run the rename task, undo unlink if it fails */ 485 task = nfs_async_rename(dir, dir, dentry, sdentry, 486 nfs_complete_sillyrename); 487 if (IS_ERR(task)) { 488 error = -EBUSY; 489 nfs_cancel_async_unlink(dentry); 490 goto out_dput; 491 } 492 493 /* wait for the RPC task to complete, unless a SIGKILL intervenes */ 494 error = rpc_wait_for_completion_task(task); 495 if (error == 0) 496 error = task->tk_status; 497 switch (error) { 498 case 0: 499 /* The rename succeeded */ 500 nfs_set_verifier(dentry, nfs_save_change_attribute(dir)); 501 spin_lock(&inode->i_lock); 502 NFS_I(inode)->attr_gencount = nfs_inc_attr_generation_counter(); 503 NFS_I(inode)->cache_validity |= NFS_INO_INVALID_CHANGE 504 | NFS_INO_INVALID_CTIME 505 | NFS_INO_REVAL_FORCED; 506 spin_unlock(&inode->i_lock); 507 d_move(dentry, sdentry); 508 break; 509 case -ERESTARTSYS: 510 /* The result of the rename is unknown. Play it safe by 511 * forcing a new lookup */ 512 d_drop(dentry); 513 d_drop(sdentry); 514 } 515 rpc_put_task(task); 516 out_dput: 517 iput(inode); 518 dput(sdentry); 519 out: 520 return error; 521 } 522