1 // SPDX-License-Identifier: GPL-2.0-only 2 /* * This file is part of UBIFS. 3 * 4 * Copyright (C) 2006-2008 Nokia Corporation. 5 * Copyright (C) 2006, 2007 University of Szeged, Hungary 6 * 7 * Authors: Artem Bityutskiy (Битюцкий Артём) 8 * Adrian Hunter 9 * Zoltan Sogor 10 */ 11 12 /* 13 * This file implements directory operations. 14 * 15 * All FS operations in this file allocate budget before writing anything to the 16 * media. If they fail to allocate it, the error is returned. The only 17 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even 18 * if they unable to allocate the budget, because deletion %-ENOSPC failure is 19 * not what users are usually ready to get. UBIFS budgeting subsystem has some 20 * space reserved for these purposes. 21 * 22 * All operations in this file write all inodes which they change straight 23 * away, instead of marking them dirty. For example, 'ubifs_link()' changes 24 * @i_size of the parent inode and writes the parent inode together with the 25 * target inode. This was done to simplify file-system recovery which would 26 * otherwise be very difficult to do. The only exception is rename which marks 27 * the re-named inode dirty (because its @i_ctime is updated) but does not 28 * write it, but just marks it as dirty. 29 */ 30 31 #include "ubifs.h" 32 33 /** 34 * inherit_flags - inherit flags of the parent inode. 35 * @dir: parent inode 36 * @mode: new inode mode flags 37 * 38 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the 39 * parent directory inode @dir. UBIFS inodes inherit the following flags: 40 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on 41 * sub-directory basis; 42 * o %UBIFS_SYNC_FL - useful for the same reasons; 43 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories. 44 * 45 * This function returns the inherited flags. 46 */ 47 static int inherit_flags(const struct inode *dir, umode_t mode) 48 { 49 int flags; 50 const struct ubifs_inode *ui = ubifs_inode(dir); 51 52 if (!S_ISDIR(dir->i_mode)) 53 /* 54 * The parent is not a directory, which means that an extended 55 * attribute inode is being created. No flags. 56 */ 57 return 0; 58 59 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL); 60 if (!S_ISDIR(mode)) 61 /* The "DIRSYNC" flag only applies to directories */ 62 flags &= ~UBIFS_DIRSYNC_FL; 63 return flags; 64 } 65 66 /** 67 * ubifs_new_inode - allocate new UBIFS inode object. 68 * @c: UBIFS file-system description object 69 * @dir: parent directory inode 70 * @mode: inode mode flags 71 * @is_xattr: whether the inode is xattr inode 72 * 73 * This function finds an unused inode number, allocates new inode and 74 * initializes it. Returns new inode in case of success and an error code in 75 * case of failure. 76 */ 77 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir, 78 umode_t mode, bool is_xattr) 79 { 80 int err; 81 struct inode *inode; 82 struct ubifs_inode *ui; 83 bool encrypted = false; 84 85 inode = new_inode(c->vfs_sb); 86 ui = ubifs_inode(inode); 87 if (!inode) 88 return ERR_PTR(-ENOMEM); 89 90 /* 91 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and 92 * marking them dirty in file write path (see 'file_update_time()'). 93 * UBIFS has to fully control "clean <-> dirty" transitions of inodes 94 * to make budgeting work. 95 */ 96 inode->i_flags |= S_NOCMTIME; 97 98 inode_init_owner(&nop_mnt_idmap, inode, dir, mode); 99 simple_inode_init_ts(inode); 100 inode->i_mapping->nrpages = 0; 101 102 if (!is_xattr) { 103 err = fscrypt_prepare_new_inode(dir, inode, &encrypted); 104 if (err) { 105 ubifs_err(c, "fscrypt_prepare_new_inode failed: %i", err); 106 goto out_iput; 107 } 108 } 109 110 switch (mode & S_IFMT) { 111 case S_IFREG: 112 inode->i_mapping->a_ops = &ubifs_file_address_operations; 113 inode->i_op = &ubifs_file_inode_operations; 114 inode->i_fop = &ubifs_file_operations; 115 break; 116 case S_IFDIR: 117 inode->i_op = &ubifs_dir_inode_operations; 118 inode->i_fop = &ubifs_dir_operations; 119 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ; 120 break; 121 case S_IFLNK: 122 inode->i_op = &ubifs_symlink_inode_operations; 123 break; 124 case S_IFSOCK: 125 case S_IFIFO: 126 case S_IFBLK: 127 case S_IFCHR: 128 inode->i_op = &ubifs_file_inode_operations; 129 break; 130 default: 131 BUG(); 132 } 133 134 ui->flags = inherit_flags(dir, mode); 135 ubifs_set_inode_flags(inode); 136 if (S_ISREG(mode)) 137 ui->compr_type = c->default_compr; 138 else 139 ui->compr_type = UBIFS_COMPR_NONE; 140 ui->synced_i_size = 0; 141 142 spin_lock(&c->cnt_lock); 143 /* Inode number overflow is currently not supported */ 144 if (c->highest_inum >= INUM_WARN_WATERMARK) { 145 if (c->highest_inum >= INUM_WATERMARK) { 146 spin_unlock(&c->cnt_lock); 147 ubifs_err(c, "out of inode numbers"); 148 err = -EINVAL; 149 goto out_iput; 150 } 151 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)", 152 (unsigned long)c->highest_inum, INUM_WATERMARK); 153 } 154 155 inode->i_ino = ++c->highest_inum; 156 /* 157 * The creation sequence number remains with this inode for its 158 * lifetime. All nodes for this inode have a greater sequence number, 159 * and so it is possible to distinguish obsolete nodes belonging to a 160 * previous incarnation of the same inode number - for example, for the 161 * purpose of rebuilding the index. 162 */ 163 ui->creat_sqnum = ++c->max_sqnum; 164 spin_unlock(&c->cnt_lock); 165 166 if (encrypted) { 167 err = fscrypt_set_context(inode, NULL); 168 if (err) { 169 ubifs_err(c, "fscrypt_set_context failed: %i", err); 170 goto out_iput; 171 } 172 } 173 174 return inode; 175 176 out_iput: 177 make_bad_inode(inode); 178 iput(inode); 179 return ERR_PTR(err); 180 } 181 182 static int dbg_check_name(const struct ubifs_info *c, 183 const struct ubifs_dent_node *dent, 184 const struct fscrypt_name *nm) 185 { 186 if (!dbg_is_chk_gen(c)) 187 return 0; 188 if (le16_to_cpu(dent->nlen) != fname_len(nm)) 189 return -EINVAL; 190 if (memcmp(dent->name, fname_name(nm), fname_len(nm))) 191 return -EINVAL; 192 return 0; 193 } 194 195 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, 196 unsigned int flags) 197 { 198 int err; 199 union ubifs_key key; 200 struct inode *inode = NULL; 201 struct ubifs_dent_node *dent = NULL; 202 struct ubifs_info *c = dir->i_sb->s_fs_info; 203 struct fscrypt_name nm; 204 205 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 206 207 err = fscrypt_prepare_lookup(dir, dentry, &nm); 208 if (err == -ENOENT) 209 return d_splice_alias(NULL, dentry); 210 if (err) 211 return ERR_PTR(err); 212 213 if (fname_len(&nm) > UBIFS_MAX_NLEN) { 214 inode = ERR_PTR(-ENAMETOOLONG); 215 goto done; 216 } 217 218 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 219 if (!dent) { 220 inode = ERR_PTR(-ENOMEM); 221 goto done; 222 } 223 224 if (fname_name(&nm) == NULL) { 225 if (nm.hash & ~UBIFS_S_KEY_HASH_MASK) 226 goto done; /* ENOENT */ 227 dent_key_init_hash(c, &key, dir->i_ino, nm.hash); 228 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); 229 } else { 230 dent_key_init(c, &key, dir->i_ino, &nm); 231 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm); 232 } 233 234 if (err) { 235 if (err == -ENOENT) 236 dbg_gen("not found"); 237 else 238 inode = ERR_PTR(err); 239 goto done; 240 } 241 242 if (dbg_check_name(c, dent, &nm)) { 243 inode = ERR_PTR(-EINVAL); 244 goto done; 245 } 246 247 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 248 if (IS_ERR(inode)) { 249 /* 250 * This should not happen. Probably the file-system needs 251 * checking. 252 */ 253 err = PTR_ERR(inode); 254 ubifs_err(c, "dead directory entry '%pd', error %d", 255 dentry, err); 256 ubifs_ro_mode(c, err); 257 goto done; 258 } 259 260 if (IS_ENCRYPTED(dir) && 261 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 262 !fscrypt_has_permitted_context(dir, inode)) { 263 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", 264 dir->i_ino, inode->i_ino); 265 iput(inode); 266 inode = ERR_PTR(-EPERM); 267 } 268 269 done: 270 kfree(dent); 271 fscrypt_free_filename(&nm); 272 return d_splice_alias(inode, dentry); 273 } 274 275 static int ubifs_prepare_create(struct inode *dir, struct dentry *dentry, 276 struct fscrypt_name *nm) 277 { 278 if (fscrypt_is_nokey_name(dentry)) 279 return -ENOKEY; 280 281 return fscrypt_setup_filename(dir, &dentry->d_name, 0, nm); 282 } 283 284 static int ubifs_create(struct mnt_idmap *idmap, struct inode *dir, 285 struct dentry *dentry, umode_t mode, bool excl) 286 { 287 struct inode *inode; 288 struct ubifs_info *c = dir->i_sb->s_fs_info; 289 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 290 .dirtied_ino = 1 }; 291 struct ubifs_inode *dir_ui = ubifs_inode(dir); 292 struct fscrypt_name nm; 293 int err, sz_change; 294 295 /* 296 * Budget request settings: new inode, new direntry, changing the 297 * parent directory inode. 298 */ 299 300 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 301 dentry, mode, dir->i_ino); 302 303 err = ubifs_budget_space(c, &req); 304 if (err) 305 return err; 306 307 err = ubifs_prepare_create(dir, dentry, &nm); 308 if (err) 309 goto out_budg; 310 311 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 312 313 inode = ubifs_new_inode(c, dir, mode, false); 314 if (IS_ERR(inode)) { 315 err = PTR_ERR(inode); 316 goto out_fname; 317 } 318 319 err = ubifs_init_security(dir, inode, &dentry->d_name); 320 if (err) 321 goto out_inode; 322 323 mutex_lock(&dir_ui->ui_mutex); 324 dir->i_size += sz_change; 325 dir_ui->ui_size = dir->i_size; 326 inode_set_mtime_to_ts(dir, 327 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 328 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 329 if (err) 330 goto out_cancel; 331 mutex_unlock(&dir_ui->ui_mutex); 332 333 ubifs_release_budget(c, &req); 334 fscrypt_free_filename(&nm); 335 insert_inode_hash(inode); 336 d_instantiate(dentry, inode); 337 return 0; 338 339 out_cancel: 340 dir->i_size -= sz_change; 341 dir_ui->ui_size = dir->i_size; 342 mutex_unlock(&dir_ui->ui_mutex); 343 out_inode: 344 make_bad_inode(inode); 345 iput(inode); 346 out_fname: 347 fscrypt_free_filename(&nm); 348 out_budg: 349 ubifs_release_budget(c, &req); 350 ubifs_err(c, "cannot create regular file, error %d", err); 351 return err; 352 } 353 354 static struct inode *create_whiteout(struct inode *dir, struct dentry *dentry) 355 { 356 int err; 357 umode_t mode = S_IFCHR | WHITEOUT_MODE; 358 struct inode *inode; 359 struct ubifs_info *c = dir->i_sb->s_fs_info; 360 361 /* 362 * Create an inode('nlink = 1') for whiteout without updating journal, 363 * let ubifs_jnl_rename() store it on flash to complete rename whiteout 364 * atomically. 365 */ 366 367 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 368 dentry, mode, dir->i_ino); 369 370 inode = ubifs_new_inode(c, dir, mode, false); 371 if (IS_ERR(inode)) { 372 err = PTR_ERR(inode); 373 goto out_free; 374 } 375 376 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV); 377 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations); 378 379 err = ubifs_init_security(dir, inode, &dentry->d_name); 380 if (err) 381 goto out_inode; 382 383 /* The dir size is updated by do_rename. */ 384 insert_inode_hash(inode); 385 386 return inode; 387 388 out_inode: 389 make_bad_inode(inode); 390 iput(inode); 391 out_free: 392 ubifs_err(c, "cannot create whiteout file, error %d", err); 393 return ERR_PTR(err); 394 } 395 396 /** 397 * lock_2_inodes - a wrapper for locking two UBIFS inodes. 398 * @inode1: first inode 399 * @inode2: second inode 400 * 401 * We do not implement any tricks to guarantee strict lock ordering, because 402 * VFS has already done it for us on the @i_mutex. So this is just a simple 403 * wrapper function. 404 */ 405 static void lock_2_inodes(struct inode *inode1, struct inode *inode2) 406 { 407 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 408 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 409 } 410 411 /** 412 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes. 413 * @inode1: first inode 414 * @inode2: second inode 415 */ 416 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2) 417 { 418 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 419 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 420 } 421 422 static int ubifs_tmpfile(struct mnt_idmap *idmap, struct inode *dir, 423 struct file *file, umode_t mode) 424 { 425 struct dentry *dentry = file->f_path.dentry; 426 struct inode *inode; 427 struct ubifs_info *c = dir->i_sb->s_fs_info; 428 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 429 .dirtied_ino = 1}; 430 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 431 struct ubifs_inode *ui; 432 int err, instantiated = 0; 433 struct fscrypt_name nm; 434 435 /* 436 * Budget request settings: new inode, new direntry, changing the 437 * parent directory inode. 438 * Allocate budget separately for new dirtied inode, the budget will 439 * be released via writeback. 440 */ 441 442 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 443 dentry, mode, dir->i_ino); 444 445 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 446 if (err) 447 return err; 448 449 err = ubifs_budget_space(c, &req); 450 if (err) { 451 fscrypt_free_filename(&nm); 452 return err; 453 } 454 455 err = ubifs_budget_space(c, &ino_req); 456 if (err) { 457 ubifs_release_budget(c, &req); 458 fscrypt_free_filename(&nm); 459 return err; 460 } 461 462 inode = ubifs_new_inode(c, dir, mode, false); 463 if (IS_ERR(inode)) { 464 err = PTR_ERR(inode); 465 goto out_budg; 466 } 467 ui = ubifs_inode(inode); 468 469 err = ubifs_init_security(dir, inode, &dentry->d_name); 470 if (err) 471 goto out_inode; 472 473 mutex_lock(&ui->ui_mutex); 474 insert_inode_hash(inode); 475 d_tmpfile(file, inode); 476 ubifs_assert(c, ui->dirty); 477 478 instantiated = 1; 479 mutex_unlock(&ui->ui_mutex); 480 481 lock_2_inodes(dir, inode); 482 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 483 if (err) 484 goto out_cancel; 485 unlock_2_inodes(dir, inode); 486 487 ubifs_release_budget(c, &req); 488 fscrypt_free_filename(&nm); 489 490 return finish_open_simple(file, 0); 491 492 out_cancel: 493 unlock_2_inodes(dir, inode); 494 out_inode: 495 make_bad_inode(inode); 496 if (!instantiated) 497 iput(inode); 498 out_budg: 499 ubifs_release_budget(c, &req); 500 if (!instantiated) 501 ubifs_release_budget(c, &ino_req); 502 fscrypt_free_filename(&nm); 503 ubifs_err(c, "cannot create temporary file, error %d", err); 504 return err; 505 } 506 507 /** 508 * vfs_dent_type - get VFS directory entry type. 509 * @type: UBIFS directory entry type 510 * 511 * This function converts UBIFS directory entry type into VFS directory entry 512 * type. 513 */ 514 static unsigned int vfs_dent_type(uint8_t type) 515 { 516 switch (type) { 517 case UBIFS_ITYPE_REG: 518 return DT_REG; 519 case UBIFS_ITYPE_DIR: 520 return DT_DIR; 521 case UBIFS_ITYPE_LNK: 522 return DT_LNK; 523 case UBIFS_ITYPE_BLK: 524 return DT_BLK; 525 case UBIFS_ITYPE_CHR: 526 return DT_CHR; 527 case UBIFS_ITYPE_FIFO: 528 return DT_FIFO; 529 case UBIFS_ITYPE_SOCK: 530 return DT_SOCK; 531 default: 532 BUG(); 533 } 534 return 0; 535 } 536 537 /* 538 * The classical Unix view for directory is that it is a linear array of 539 * (name, inode number) entries. Linux/VFS assumes this model as well. 540 * Particularly, 'readdir()' call wants us to return a directory entry offset 541 * which later may be used to continue 'readdir()'ing the directory or to 542 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this 543 * model because directory entries are identified by keys, which may collide. 544 * 545 * UBIFS uses directory entry hash value for directory offsets, so 546 * 'seekdir()'/'telldir()' may not always work because of possible key 547 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work 548 * properly by means of saving full directory entry name in the private field 549 * of the file description object. 550 * 551 * This means that UBIFS cannot support NFS which requires full 552 * 'seekdir()'/'telldir()' support. 553 */ 554 static int ubifs_readdir(struct file *file, struct dir_context *ctx) 555 { 556 int fstr_real_len = 0, err = 0; 557 struct fscrypt_name nm; 558 struct fscrypt_str fstr = {0}; 559 union ubifs_key key; 560 struct ubifs_dent_node *dent; 561 struct inode *dir = file_inode(file); 562 struct ubifs_info *c = dir->i_sb->s_fs_info; 563 bool encrypted = IS_ENCRYPTED(dir); 564 565 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 566 567 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2) 568 /* 569 * The directory was seek'ed to a senseless position or there 570 * are no more entries. 571 */ 572 return 0; 573 574 if (encrypted) { 575 err = fscrypt_prepare_readdir(dir); 576 if (err) 577 return err; 578 579 err = fscrypt_fname_alloc_buffer(UBIFS_MAX_NLEN, &fstr); 580 if (err) 581 return err; 582 583 fstr_real_len = fstr.len; 584 } 585 586 if (file->f_version == 0) { 587 /* 588 * The file was seek'ed, which means that @file->private_data 589 * is now invalid. This may also be just the first 590 * 'ubifs_readdir()' invocation, in which case 591 * @file->private_data is NULL, and the below code is 592 * basically a no-op. 593 */ 594 kfree(file->private_data); 595 file->private_data = NULL; 596 } 597 598 /* 599 * 'generic_file_llseek()' unconditionally sets @file->f_version to 600 * zero, and we use this for detecting whether the file was seek'ed. 601 */ 602 file->f_version = 1; 603 604 /* File positions 0 and 1 correspond to "." and ".." */ 605 if (ctx->pos < 2) { 606 ubifs_assert(c, !file->private_data); 607 if (!dir_emit_dots(file, ctx)) { 608 if (encrypted) 609 fscrypt_fname_free_buffer(&fstr); 610 return 0; 611 } 612 613 /* Find the first entry in TNC and save it */ 614 lowest_dent_key(c, &key, dir->i_ino); 615 fname_len(&nm) = 0; 616 dent = ubifs_tnc_next_ent(c, &key, &nm); 617 if (IS_ERR(dent)) { 618 err = PTR_ERR(dent); 619 goto out; 620 } 621 622 ctx->pos = key_hash_flash(c, &dent->key); 623 file->private_data = dent; 624 } 625 626 dent = file->private_data; 627 if (!dent) { 628 /* 629 * The directory was seek'ed to and is now readdir'ed. 630 * Find the entry corresponding to @ctx->pos or the closest one. 631 */ 632 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 633 fname_len(&nm) = 0; 634 dent = ubifs_tnc_next_ent(c, &key, &nm); 635 if (IS_ERR(dent)) { 636 err = PTR_ERR(dent); 637 goto out; 638 } 639 ctx->pos = key_hash_flash(c, &dent->key); 640 file->private_data = dent; 641 } 642 643 while (1) { 644 dbg_gen("ino %llu, new f_pos %#x", 645 (unsigned long long)le64_to_cpu(dent->inum), 646 key_hash_flash(c, &dent->key)); 647 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) > 648 ubifs_inode(dir)->creat_sqnum); 649 650 fname_len(&nm) = le16_to_cpu(dent->nlen); 651 fname_name(&nm) = dent->name; 652 653 if (encrypted) { 654 fstr.len = fstr_real_len; 655 656 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c, 657 &dent->key), 658 le32_to_cpu(dent->cookie), 659 &nm.disk_name, &fstr); 660 if (err) 661 goto out; 662 } else { 663 fstr.len = fname_len(&nm); 664 fstr.name = fname_name(&nm); 665 } 666 667 if (!dir_emit(ctx, fstr.name, fstr.len, 668 le64_to_cpu(dent->inum), 669 vfs_dent_type(dent->type))) { 670 if (encrypted) 671 fscrypt_fname_free_buffer(&fstr); 672 return 0; 673 } 674 675 /* Switch to the next entry */ 676 key_read(c, &dent->key, &key); 677 dent = ubifs_tnc_next_ent(c, &key, &nm); 678 if (IS_ERR(dent)) { 679 err = PTR_ERR(dent); 680 goto out; 681 } 682 683 kfree(file->private_data); 684 ctx->pos = key_hash_flash(c, &dent->key); 685 file->private_data = dent; 686 cond_resched(); 687 } 688 689 out: 690 kfree(file->private_data); 691 file->private_data = NULL; 692 693 if (encrypted) 694 fscrypt_fname_free_buffer(&fstr); 695 696 if (err != -ENOENT) 697 ubifs_err(c, "cannot find next direntry, error %d", err); 698 else 699 /* 700 * -ENOENT is a non-fatal error in this context, the TNC uses 701 * it to indicate that the cursor moved past the current directory 702 * and readdir() has to stop. 703 */ 704 err = 0; 705 706 707 /* 2 is a special value indicating that there are no more direntries */ 708 ctx->pos = 2; 709 return err; 710 } 711 712 /* Free saved readdir() state when the directory is closed */ 713 static int ubifs_dir_release(struct inode *dir, struct file *file) 714 { 715 kfree(file->private_data); 716 file->private_data = NULL; 717 return 0; 718 } 719 720 static int ubifs_link(struct dentry *old_dentry, struct inode *dir, 721 struct dentry *dentry) 722 { 723 struct ubifs_info *c = dir->i_sb->s_fs_info; 724 struct inode *inode = d_inode(old_dentry); 725 struct ubifs_inode *ui = ubifs_inode(inode); 726 struct ubifs_inode *dir_ui = ubifs_inode(dir); 727 int err, sz_change; 728 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 729 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 730 struct fscrypt_name nm; 731 732 /* 733 * Budget request settings: new direntry, changing the target inode, 734 * changing the parent inode. 735 */ 736 737 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu", 738 dentry, inode->i_ino, 739 inode->i_nlink, dir->i_ino); 740 ubifs_assert(c, inode_is_locked(dir)); 741 ubifs_assert(c, inode_is_locked(inode)); 742 743 err = fscrypt_prepare_link(old_dentry, dir, dentry); 744 if (err) 745 return err; 746 747 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 748 if (err) 749 return err; 750 751 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 752 753 err = dbg_check_synced_i_size(c, inode); 754 if (err) 755 goto out_fname; 756 757 err = ubifs_budget_space(c, &req); 758 if (err) 759 goto out_fname; 760 761 lock_2_inodes(dir, inode); 762 763 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */ 764 if (inode->i_nlink == 0) 765 ubifs_delete_orphan(c, inode->i_ino); 766 767 inc_nlink(inode); 768 ihold(inode); 769 inode_set_ctime_current(inode); 770 dir->i_size += sz_change; 771 dir_ui->ui_size = dir->i_size; 772 inode_set_mtime_to_ts(dir, 773 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 774 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 775 if (err) 776 goto out_cancel; 777 unlock_2_inodes(dir, inode); 778 779 ubifs_release_budget(c, &req); 780 d_instantiate(dentry, inode); 781 fscrypt_free_filename(&nm); 782 return 0; 783 784 out_cancel: 785 dir->i_size -= sz_change; 786 dir_ui->ui_size = dir->i_size; 787 drop_nlink(inode); 788 if (inode->i_nlink == 0) 789 ubifs_add_orphan(c, inode->i_ino); 790 unlock_2_inodes(dir, inode); 791 ubifs_release_budget(c, &req); 792 iput(inode); 793 out_fname: 794 fscrypt_free_filename(&nm); 795 return err; 796 } 797 798 static int ubifs_unlink(struct inode *dir, struct dentry *dentry) 799 { 800 struct ubifs_info *c = dir->i_sb->s_fs_info; 801 struct inode *inode = d_inode(dentry); 802 struct ubifs_inode *dir_ui = ubifs_inode(dir); 803 int err, sz_change, budgeted = 1; 804 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 805 unsigned int saved_nlink = inode->i_nlink; 806 struct fscrypt_name nm; 807 808 /* 809 * Budget request settings: deletion direntry, deletion inode (+1 for 810 * @dirtied_ino), changing the parent directory inode. If budgeting 811 * fails, go ahead anyway because we have extra space reserved for 812 * deletions. 813 */ 814 815 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 816 dentry, inode->i_ino, 817 inode->i_nlink, dir->i_ino); 818 819 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 820 if (err) 821 return err; 822 823 err = ubifs_purge_xattrs(inode); 824 if (err) 825 return err; 826 827 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 828 829 ubifs_assert(c, inode_is_locked(dir)); 830 ubifs_assert(c, inode_is_locked(inode)); 831 err = dbg_check_synced_i_size(c, inode); 832 if (err) 833 goto out_fname; 834 835 err = ubifs_budget_space(c, &req); 836 if (err) { 837 if (err != -ENOSPC) 838 goto out_fname; 839 budgeted = 0; 840 } 841 842 lock_2_inodes(dir, inode); 843 inode_set_ctime_current(inode); 844 drop_nlink(inode); 845 dir->i_size -= sz_change; 846 dir_ui->ui_size = dir->i_size; 847 inode_set_mtime_to_ts(dir, 848 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 849 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 850 if (err) 851 goto out_cancel; 852 unlock_2_inodes(dir, inode); 853 854 if (budgeted) 855 ubifs_release_budget(c, &req); 856 else { 857 /* We've deleted something - clean the "no space" flags */ 858 c->bi.nospace = c->bi.nospace_rp = 0; 859 smp_wmb(); 860 } 861 fscrypt_free_filename(&nm); 862 return 0; 863 864 out_cancel: 865 dir->i_size += sz_change; 866 dir_ui->ui_size = dir->i_size; 867 set_nlink(inode, saved_nlink); 868 unlock_2_inodes(dir, inode); 869 if (budgeted) 870 ubifs_release_budget(c, &req); 871 out_fname: 872 fscrypt_free_filename(&nm); 873 return err; 874 } 875 876 /** 877 * ubifs_check_dir_empty - check if a directory is empty or not. 878 * @dir: VFS inode object of the directory to check 879 * 880 * This function checks if directory @dir is empty. Returns zero if the 881 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 882 * in case of errors. 883 */ 884 int ubifs_check_dir_empty(struct inode *dir) 885 { 886 struct ubifs_info *c = dir->i_sb->s_fs_info; 887 struct fscrypt_name nm = { 0 }; 888 struct ubifs_dent_node *dent; 889 union ubifs_key key; 890 int err; 891 892 lowest_dent_key(c, &key, dir->i_ino); 893 dent = ubifs_tnc_next_ent(c, &key, &nm); 894 if (IS_ERR(dent)) { 895 err = PTR_ERR(dent); 896 if (err == -ENOENT) 897 err = 0; 898 } else { 899 kfree(dent); 900 err = -ENOTEMPTY; 901 } 902 return err; 903 } 904 905 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry) 906 { 907 struct ubifs_info *c = dir->i_sb->s_fs_info; 908 struct inode *inode = d_inode(dentry); 909 int err, sz_change, budgeted = 1; 910 struct ubifs_inode *dir_ui = ubifs_inode(dir); 911 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 912 struct fscrypt_name nm; 913 914 /* 915 * Budget request settings: deletion direntry, deletion inode and 916 * changing the parent inode. If budgeting fails, go ahead anyway 917 * because we have extra space reserved for deletions. 918 */ 919 920 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry, 921 inode->i_ino, dir->i_ino); 922 ubifs_assert(c, inode_is_locked(dir)); 923 ubifs_assert(c, inode_is_locked(inode)); 924 err = ubifs_check_dir_empty(d_inode(dentry)); 925 if (err) 926 return err; 927 928 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 929 if (err) 930 return err; 931 932 err = ubifs_purge_xattrs(inode); 933 if (err) 934 return err; 935 936 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 937 938 err = ubifs_budget_space(c, &req); 939 if (err) { 940 if (err != -ENOSPC) 941 goto out_fname; 942 budgeted = 0; 943 } 944 945 lock_2_inodes(dir, inode); 946 inode_set_ctime_current(inode); 947 clear_nlink(inode); 948 drop_nlink(dir); 949 dir->i_size -= sz_change; 950 dir_ui->ui_size = dir->i_size; 951 inode_set_mtime_to_ts(dir, 952 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 953 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 954 if (err) 955 goto out_cancel; 956 unlock_2_inodes(dir, inode); 957 958 if (budgeted) 959 ubifs_release_budget(c, &req); 960 else { 961 /* We've deleted something - clean the "no space" flags */ 962 c->bi.nospace = c->bi.nospace_rp = 0; 963 smp_wmb(); 964 } 965 fscrypt_free_filename(&nm); 966 return 0; 967 968 out_cancel: 969 dir->i_size += sz_change; 970 dir_ui->ui_size = dir->i_size; 971 inc_nlink(dir); 972 set_nlink(inode, 2); 973 unlock_2_inodes(dir, inode); 974 if (budgeted) 975 ubifs_release_budget(c, &req); 976 out_fname: 977 fscrypt_free_filename(&nm); 978 return err; 979 } 980 981 static int ubifs_mkdir(struct mnt_idmap *idmap, struct inode *dir, 982 struct dentry *dentry, umode_t mode) 983 { 984 struct inode *inode; 985 struct ubifs_inode *dir_ui = ubifs_inode(dir); 986 struct ubifs_info *c = dir->i_sb->s_fs_info; 987 int err, sz_change; 988 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 989 .dirtied_ino = 1}; 990 struct fscrypt_name nm; 991 992 /* 993 * Budget request settings: new inode, new direntry and changing parent 994 * directory inode. 995 */ 996 997 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 998 dentry, mode, dir->i_ino); 999 1000 err = ubifs_budget_space(c, &req); 1001 if (err) 1002 return err; 1003 1004 err = ubifs_prepare_create(dir, dentry, &nm); 1005 if (err) 1006 goto out_budg; 1007 1008 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1009 1010 inode = ubifs_new_inode(c, dir, S_IFDIR | mode, false); 1011 if (IS_ERR(inode)) { 1012 err = PTR_ERR(inode); 1013 goto out_fname; 1014 } 1015 1016 err = ubifs_init_security(dir, inode, &dentry->d_name); 1017 if (err) 1018 goto out_inode; 1019 1020 mutex_lock(&dir_ui->ui_mutex); 1021 insert_inode_hash(inode); 1022 inc_nlink(inode); 1023 inc_nlink(dir); 1024 dir->i_size += sz_change; 1025 dir_ui->ui_size = dir->i_size; 1026 inode_set_mtime_to_ts(dir, 1027 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 1028 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1029 if (err) { 1030 ubifs_err(c, "cannot create directory, error %d", err); 1031 goto out_cancel; 1032 } 1033 mutex_unlock(&dir_ui->ui_mutex); 1034 1035 ubifs_release_budget(c, &req); 1036 d_instantiate(dentry, inode); 1037 fscrypt_free_filename(&nm); 1038 return 0; 1039 1040 out_cancel: 1041 dir->i_size -= sz_change; 1042 dir_ui->ui_size = dir->i_size; 1043 drop_nlink(dir); 1044 mutex_unlock(&dir_ui->ui_mutex); 1045 out_inode: 1046 make_bad_inode(inode); 1047 iput(inode); 1048 out_fname: 1049 fscrypt_free_filename(&nm); 1050 out_budg: 1051 ubifs_release_budget(c, &req); 1052 return err; 1053 } 1054 1055 static int ubifs_mknod(struct mnt_idmap *idmap, struct inode *dir, 1056 struct dentry *dentry, umode_t mode, dev_t rdev) 1057 { 1058 struct inode *inode; 1059 struct ubifs_inode *ui; 1060 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1061 struct ubifs_info *c = dir->i_sb->s_fs_info; 1062 union ubifs_dev_desc *dev = NULL; 1063 int sz_change; 1064 int err, devlen = 0; 1065 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1066 .dirtied_ino = 1 }; 1067 struct fscrypt_name nm; 1068 1069 /* 1070 * Budget request settings: new inode, new direntry and changing parent 1071 * directory inode. 1072 */ 1073 1074 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino); 1075 1076 if (S_ISBLK(mode) || S_ISCHR(mode)) { 1077 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1078 if (!dev) 1079 return -ENOMEM; 1080 devlen = ubifs_encode_dev(dev, rdev); 1081 } 1082 1083 req.new_ino_d = ALIGN(devlen, 8); 1084 err = ubifs_budget_space(c, &req); 1085 if (err) { 1086 kfree(dev); 1087 return err; 1088 } 1089 1090 err = ubifs_prepare_create(dir, dentry, &nm); 1091 if (err) { 1092 kfree(dev); 1093 goto out_budg; 1094 } 1095 1096 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1097 1098 inode = ubifs_new_inode(c, dir, mode, false); 1099 if (IS_ERR(inode)) { 1100 kfree(dev); 1101 err = PTR_ERR(inode); 1102 goto out_fname; 1103 } 1104 1105 init_special_inode(inode, inode->i_mode, rdev); 1106 inode->i_size = ubifs_inode(inode)->ui_size = devlen; 1107 ui = ubifs_inode(inode); 1108 ui->data = dev; 1109 ui->data_len = devlen; 1110 1111 err = ubifs_init_security(dir, inode, &dentry->d_name); 1112 if (err) 1113 goto out_inode; 1114 1115 mutex_lock(&dir_ui->ui_mutex); 1116 dir->i_size += sz_change; 1117 dir_ui->ui_size = dir->i_size; 1118 inode_set_mtime_to_ts(dir, 1119 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 1120 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1121 if (err) 1122 goto out_cancel; 1123 mutex_unlock(&dir_ui->ui_mutex); 1124 1125 ubifs_release_budget(c, &req); 1126 insert_inode_hash(inode); 1127 d_instantiate(dentry, inode); 1128 fscrypt_free_filename(&nm); 1129 return 0; 1130 1131 out_cancel: 1132 dir->i_size -= sz_change; 1133 dir_ui->ui_size = dir->i_size; 1134 mutex_unlock(&dir_ui->ui_mutex); 1135 out_inode: 1136 /* Free inode->i_link before inode is marked as bad. */ 1137 fscrypt_free_inode(inode); 1138 make_bad_inode(inode); 1139 iput(inode); 1140 out_fname: 1141 fscrypt_free_filename(&nm); 1142 out_budg: 1143 ubifs_release_budget(c, &req); 1144 return err; 1145 } 1146 1147 static int ubifs_symlink(struct mnt_idmap *idmap, struct inode *dir, 1148 struct dentry *dentry, const char *symname) 1149 { 1150 struct inode *inode; 1151 struct ubifs_inode *ui; 1152 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1153 struct ubifs_info *c = dir->i_sb->s_fs_info; 1154 int err, sz_change, len = strlen(symname); 1155 struct fscrypt_str disk_link; 1156 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1157 .dirtied_ino = 1 }; 1158 struct fscrypt_name nm; 1159 1160 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1161 symname, dir->i_ino); 1162 1163 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA, 1164 &disk_link); 1165 if (err) 1166 return err; 1167 1168 /* 1169 * Budget request settings: new inode, new direntry and changing parent 1170 * directory inode. 1171 */ 1172 req.new_ino_d = ALIGN(disk_link.len - 1, 8); 1173 err = ubifs_budget_space(c, &req); 1174 if (err) 1175 return err; 1176 1177 err = ubifs_prepare_create(dir, dentry, &nm); 1178 if (err) 1179 goto out_budg; 1180 1181 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1182 1183 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO, false); 1184 if (IS_ERR(inode)) { 1185 err = PTR_ERR(inode); 1186 goto out_fname; 1187 } 1188 1189 ui = ubifs_inode(inode); 1190 ui->data = kmalloc(disk_link.len, GFP_NOFS); 1191 if (!ui->data) { 1192 err = -ENOMEM; 1193 goto out_inode; 1194 } 1195 1196 if (IS_ENCRYPTED(inode)) { 1197 disk_link.name = ui->data; /* encrypt directly into ui->data */ 1198 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 1199 if (err) 1200 goto out_inode; 1201 } else { 1202 memcpy(ui->data, disk_link.name, disk_link.len); 1203 inode->i_link = ui->data; 1204 } 1205 1206 /* 1207 * The terminating zero byte is not written to the flash media and it 1208 * is put just to make later in-memory string processing simpler. Thus, 1209 * data length is @disk_link.len - 1, not @disk_link.len. 1210 */ 1211 ui->data_len = disk_link.len - 1; 1212 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1; 1213 1214 err = ubifs_init_security(dir, inode, &dentry->d_name); 1215 if (err) 1216 goto out_inode; 1217 1218 mutex_lock(&dir_ui->ui_mutex); 1219 dir->i_size += sz_change; 1220 dir_ui->ui_size = dir->i_size; 1221 inode_set_mtime_to_ts(dir, 1222 inode_set_ctime_to_ts(dir, inode_get_ctime(inode))); 1223 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1224 if (err) 1225 goto out_cancel; 1226 mutex_unlock(&dir_ui->ui_mutex); 1227 1228 insert_inode_hash(inode); 1229 d_instantiate(dentry, inode); 1230 err = 0; 1231 goto out_fname; 1232 1233 out_cancel: 1234 dir->i_size -= sz_change; 1235 dir_ui->ui_size = dir->i_size; 1236 mutex_unlock(&dir_ui->ui_mutex); 1237 out_inode: 1238 /* Free inode->i_link before inode is marked as bad. */ 1239 fscrypt_free_inode(inode); 1240 make_bad_inode(inode); 1241 iput(inode); 1242 out_fname: 1243 fscrypt_free_filename(&nm); 1244 out_budg: 1245 ubifs_release_budget(c, &req); 1246 return err; 1247 } 1248 1249 /** 1250 * lock_4_inodes - a wrapper for locking three UBIFS inodes. 1251 * @inode1: first inode 1252 * @inode2: second inode 1253 * @inode3: third inode 1254 * @inode4: fourth inode 1255 * 1256 * This function is used for 'ubifs_rename()' and @inode1 may be the same as 1257 * @inode2 whereas @inode3 and @inode4 may be %NULL. 1258 * 1259 * We do not implement any tricks to guarantee strict lock ordering, because 1260 * VFS has already done it for us on the @i_mutex. So this is just a simple 1261 * wrapper function. 1262 */ 1263 static void lock_4_inodes(struct inode *inode1, struct inode *inode2, 1264 struct inode *inode3, struct inode *inode4) 1265 { 1266 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 1267 if (inode2 != inode1) 1268 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 1269 if (inode3) 1270 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3); 1271 if (inode4) 1272 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4); 1273 } 1274 1275 /** 1276 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename. 1277 * @inode1: first inode 1278 * @inode2: second inode 1279 * @inode3: third inode 1280 * @inode4: fourth inode 1281 */ 1282 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2, 1283 struct inode *inode3, struct inode *inode4) 1284 { 1285 if (inode4) 1286 mutex_unlock(&ubifs_inode(inode4)->ui_mutex); 1287 if (inode3) 1288 mutex_unlock(&ubifs_inode(inode3)->ui_mutex); 1289 if (inode1 != inode2) 1290 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 1291 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 1292 } 1293 1294 static int do_rename(struct inode *old_dir, struct dentry *old_dentry, 1295 struct inode *new_dir, struct dentry *new_dentry, 1296 unsigned int flags) 1297 { 1298 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1299 struct inode *old_inode = d_inode(old_dentry); 1300 struct inode *new_inode = d_inode(new_dentry); 1301 struct inode *whiteout = NULL; 1302 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode); 1303 struct ubifs_inode *whiteout_ui = NULL; 1304 int err, release, sync = 0, move = (new_dir != old_dir); 1305 int is_dir = S_ISDIR(old_inode->i_mode); 1306 int unlink = !!new_inode, new_sz, old_sz; 1307 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1308 .dirtied_ino = 3 }; 1309 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1310 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1311 struct ubifs_budget_req wht_req; 1312 unsigned int saved_nlink; 1313 struct fscrypt_name old_nm, new_nm; 1314 1315 /* 1316 * Budget request settings: 1317 * req: deletion direntry, new direntry, removing the old inode, 1318 * and changing old and new parent directory inodes. 1319 * 1320 * wht_req: new whiteout inode for RENAME_WHITEOUT. 1321 * 1322 * ino_req: marks the target inode as dirty and does not write it. 1323 */ 1324 1325 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x", 1326 old_dentry, old_inode->i_ino, old_dir->i_ino, 1327 new_dentry, new_dir->i_ino, flags); 1328 1329 if (unlink) { 1330 ubifs_assert(c, inode_is_locked(new_inode)); 1331 1332 /* Budget for old inode's data when its nlink > 1. */ 1333 req.dirtied_ino_d = ALIGN(ubifs_inode(new_inode)->data_len, 8); 1334 err = ubifs_purge_xattrs(new_inode); 1335 if (err) 1336 return err; 1337 } 1338 1339 if (unlink && is_dir) { 1340 err = ubifs_check_dir_empty(new_inode); 1341 if (err) 1342 return err; 1343 } 1344 1345 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm); 1346 if (err) 1347 return err; 1348 1349 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm); 1350 if (err) { 1351 fscrypt_free_filename(&old_nm); 1352 return err; 1353 } 1354 1355 new_sz = CALC_DENT_SIZE(fname_len(&new_nm)); 1356 old_sz = CALC_DENT_SIZE(fname_len(&old_nm)); 1357 1358 err = ubifs_budget_space(c, &req); 1359 if (err) { 1360 fscrypt_free_filename(&old_nm); 1361 fscrypt_free_filename(&new_nm); 1362 return err; 1363 } 1364 err = ubifs_budget_space(c, &ino_req); 1365 if (err) { 1366 fscrypt_free_filename(&old_nm); 1367 fscrypt_free_filename(&new_nm); 1368 ubifs_release_budget(c, &req); 1369 return err; 1370 } 1371 1372 if (flags & RENAME_WHITEOUT) { 1373 union ubifs_dev_desc *dev = NULL; 1374 1375 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1376 if (!dev) { 1377 err = -ENOMEM; 1378 goto out_release; 1379 } 1380 1381 /* 1382 * The whiteout inode without dentry is pinned in memory, 1383 * umount won't happen during rename process because we 1384 * got parent dentry. 1385 */ 1386 whiteout = create_whiteout(old_dir, old_dentry); 1387 if (IS_ERR(whiteout)) { 1388 err = PTR_ERR(whiteout); 1389 kfree(dev); 1390 goto out_release; 1391 } 1392 1393 whiteout_ui = ubifs_inode(whiteout); 1394 whiteout_ui->data = dev; 1395 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0)); 1396 ubifs_assert(c, !whiteout_ui->dirty); 1397 1398 memset(&wht_req, 0, sizeof(struct ubifs_budget_req)); 1399 wht_req.new_ino = 1; 1400 wht_req.new_ino_d = ALIGN(whiteout_ui->data_len, 8); 1401 /* 1402 * To avoid deadlock between space budget (holds ui_mutex and 1403 * waits wb work) and writeback work(waits ui_mutex), do space 1404 * budget before ubifs inodes locked. 1405 */ 1406 err = ubifs_budget_space(c, &wht_req); 1407 if (err) { 1408 /* 1409 * Whiteout inode can not be written on flash by 1410 * ubifs_jnl_write_inode(), because it's neither 1411 * dirty nor zero-nlink. 1412 */ 1413 iput(whiteout); 1414 goto out_release; 1415 } 1416 1417 /* Add the old_dentry size to the old_dir size. */ 1418 old_sz -= CALC_DENT_SIZE(fname_len(&old_nm)); 1419 } 1420 1421 lock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1422 1423 /* 1424 * Like most other Unix systems, set the @i_ctime for inodes on a 1425 * rename. 1426 */ 1427 simple_rename_timestamp(old_dir, old_dentry, new_dir, new_dentry); 1428 1429 /* We must adjust parent link count when renaming directories */ 1430 if (is_dir) { 1431 if (move) { 1432 /* 1433 * @old_dir loses a link because we are moving 1434 * @old_inode to a different directory. 1435 */ 1436 drop_nlink(old_dir); 1437 /* 1438 * @new_dir only gains a link if we are not also 1439 * overwriting an existing directory. 1440 */ 1441 if (!unlink) 1442 inc_nlink(new_dir); 1443 } else { 1444 /* 1445 * @old_inode is not moving to a different directory, 1446 * but @old_dir still loses a link if we are 1447 * overwriting an existing directory. 1448 */ 1449 if (unlink) 1450 drop_nlink(old_dir); 1451 } 1452 } 1453 1454 old_dir->i_size -= old_sz; 1455 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1456 1457 /* 1458 * And finally, if we unlinked a direntry which happened to have the 1459 * same name as the moved direntry, we have to decrement @i_nlink of 1460 * the unlinked inode. 1461 */ 1462 if (unlink) { 1463 /* 1464 * Directories cannot have hard-links, so if this is a 1465 * directory, just clear @i_nlink. 1466 */ 1467 saved_nlink = new_inode->i_nlink; 1468 if (is_dir) 1469 clear_nlink(new_inode); 1470 else 1471 drop_nlink(new_inode); 1472 } else { 1473 new_dir->i_size += new_sz; 1474 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1475 } 1476 1477 /* 1478 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode 1479 * is dirty, because this will be done later on at the end of 1480 * 'ubifs_rename()'. 1481 */ 1482 if (IS_SYNC(old_inode)) { 1483 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1484 if (unlink && IS_SYNC(new_inode)) 1485 sync = 1; 1486 /* 1487 * S_SYNC flag of whiteout inherits from the old_dir, and we 1488 * have already checked the old dir inode. So there is no need 1489 * to check whiteout. 1490 */ 1491 } 1492 1493 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir, 1494 new_inode, &new_nm, whiteout, sync); 1495 if (err) 1496 goto out_cancel; 1497 1498 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1499 ubifs_release_budget(c, &req); 1500 1501 if (whiteout) { 1502 ubifs_release_budget(c, &wht_req); 1503 iput(whiteout); 1504 } 1505 1506 mutex_lock(&old_inode_ui->ui_mutex); 1507 release = old_inode_ui->dirty; 1508 mark_inode_dirty_sync(old_inode); 1509 mutex_unlock(&old_inode_ui->ui_mutex); 1510 1511 if (release) 1512 ubifs_release_budget(c, &ino_req); 1513 if (IS_SYNC(old_inode)) 1514 /* 1515 * Rename finished here. Although old inode cannot be updated 1516 * on flash, old ctime is not a big problem, don't return err 1517 * code to userspace. 1518 */ 1519 old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1520 1521 fscrypt_free_filename(&old_nm); 1522 fscrypt_free_filename(&new_nm); 1523 return 0; 1524 1525 out_cancel: 1526 if (unlink) { 1527 set_nlink(new_inode, saved_nlink); 1528 } else { 1529 new_dir->i_size -= new_sz; 1530 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1531 } 1532 old_dir->i_size += old_sz; 1533 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1534 if (is_dir) { 1535 if (move) { 1536 inc_nlink(old_dir); 1537 if (!unlink) 1538 drop_nlink(new_dir); 1539 } else { 1540 if (unlink) 1541 inc_nlink(old_dir); 1542 } 1543 } 1544 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1545 if (whiteout) { 1546 ubifs_release_budget(c, &wht_req); 1547 iput(whiteout); 1548 } 1549 out_release: 1550 ubifs_release_budget(c, &ino_req); 1551 ubifs_release_budget(c, &req); 1552 fscrypt_free_filename(&old_nm); 1553 fscrypt_free_filename(&new_nm); 1554 return err; 1555 } 1556 1557 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry, 1558 struct inode *new_dir, struct dentry *new_dentry) 1559 { 1560 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1561 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1562 .dirtied_ino = 2 }; 1563 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1564 struct inode *fst_inode = d_inode(old_dentry); 1565 struct inode *snd_inode = d_inode(new_dentry); 1566 int err; 1567 struct fscrypt_name fst_nm, snd_nm; 1568 1569 ubifs_assert(c, fst_inode && snd_inode); 1570 1571 /* 1572 * Budget request settings: changing two direntries, changing the two 1573 * parent directory inodes. 1574 */ 1575 1576 dbg_gen("dent '%pd' ino %lu in dir ino %lu exchange dent '%pd' ino %lu in dir ino %lu", 1577 old_dentry, fst_inode->i_ino, old_dir->i_ino, 1578 new_dentry, snd_inode->i_ino, new_dir->i_ino); 1579 1580 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm); 1581 if (err) 1582 return err; 1583 1584 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm); 1585 if (err) { 1586 fscrypt_free_filename(&fst_nm); 1587 return err; 1588 } 1589 1590 err = ubifs_budget_space(c, &req); 1591 if (err) 1592 goto out; 1593 1594 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1595 1596 simple_rename_timestamp(old_dir, old_dentry, new_dir, new_dentry); 1597 1598 if (old_dir != new_dir) { 1599 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) { 1600 inc_nlink(new_dir); 1601 drop_nlink(old_dir); 1602 } 1603 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) { 1604 drop_nlink(new_dir); 1605 inc_nlink(old_dir); 1606 } 1607 } 1608 1609 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir, 1610 snd_inode, &snd_nm, sync); 1611 1612 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1613 ubifs_release_budget(c, &req); 1614 1615 out: 1616 fscrypt_free_filename(&fst_nm); 1617 fscrypt_free_filename(&snd_nm); 1618 return err; 1619 } 1620 1621 static int ubifs_rename(struct mnt_idmap *idmap, 1622 struct inode *old_dir, struct dentry *old_dentry, 1623 struct inode *new_dir, struct dentry *new_dentry, 1624 unsigned int flags) 1625 { 1626 int err; 1627 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1628 1629 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE)) 1630 return -EINVAL; 1631 1632 ubifs_assert(c, inode_is_locked(old_dir)); 1633 ubifs_assert(c, inode_is_locked(new_dir)); 1634 1635 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 1636 flags); 1637 if (err) 1638 return err; 1639 1640 if (flags & RENAME_EXCHANGE) 1641 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry); 1642 1643 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags); 1644 } 1645 1646 int ubifs_getattr(struct mnt_idmap *idmap, const struct path *path, 1647 struct kstat *stat, u32 request_mask, unsigned int flags) 1648 { 1649 loff_t size; 1650 struct inode *inode = d_inode(path->dentry); 1651 struct ubifs_inode *ui = ubifs_inode(inode); 1652 1653 mutex_lock(&ui->ui_mutex); 1654 1655 if (ui->flags & UBIFS_APPEND_FL) 1656 stat->attributes |= STATX_ATTR_APPEND; 1657 if (ui->flags & UBIFS_COMPR_FL) 1658 stat->attributes |= STATX_ATTR_COMPRESSED; 1659 if (ui->flags & UBIFS_CRYPT_FL) 1660 stat->attributes |= STATX_ATTR_ENCRYPTED; 1661 if (ui->flags & UBIFS_IMMUTABLE_FL) 1662 stat->attributes |= STATX_ATTR_IMMUTABLE; 1663 1664 stat->attributes_mask |= (STATX_ATTR_APPEND | 1665 STATX_ATTR_COMPRESSED | 1666 STATX_ATTR_ENCRYPTED | 1667 STATX_ATTR_IMMUTABLE); 1668 1669 generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat); 1670 stat->blksize = UBIFS_BLOCK_SIZE; 1671 stat->size = ui->ui_size; 1672 1673 /* 1674 * Unfortunately, the 'stat()' system call was designed for block 1675 * device based file systems, and it is not appropriate for UBIFS, 1676 * because UBIFS does not have notion of "block". For example, it is 1677 * difficult to tell how many block a directory takes - it actually 1678 * takes less than 300 bytes, but we have to round it to block size, 1679 * which introduces large mistake. This makes utilities like 'du' to 1680 * report completely senseless numbers. This is the reason why UBIFS 1681 * goes the same way as JFFS2 - it reports zero blocks for everything 1682 * but regular files, which makes more sense than reporting completely 1683 * wrong sizes. 1684 */ 1685 if (S_ISREG(inode->i_mode)) { 1686 size = ui->xattr_size; 1687 size += stat->size; 1688 size = ALIGN(size, UBIFS_BLOCK_SIZE); 1689 /* 1690 * Note, user-space expects 512-byte blocks count irrespectively 1691 * of what was reported in @stat->size. 1692 */ 1693 stat->blocks = size >> 9; 1694 } else 1695 stat->blocks = 0; 1696 mutex_unlock(&ui->ui_mutex); 1697 return 0; 1698 } 1699 1700 const struct inode_operations ubifs_dir_inode_operations = { 1701 .lookup = ubifs_lookup, 1702 .create = ubifs_create, 1703 .link = ubifs_link, 1704 .symlink = ubifs_symlink, 1705 .unlink = ubifs_unlink, 1706 .mkdir = ubifs_mkdir, 1707 .rmdir = ubifs_rmdir, 1708 .mknod = ubifs_mknod, 1709 .rename = ubifs_rename, 1710 .setattr = ubifs_setattr, 1711 .getattr = ubifs_getattr, 1712 .listxattr = ubifs_listxattr, 1713 .update_time = ubifs_update_time, 1714 .tmpfile = ubifs_tmpfile, 1715 .fileattr_get = ubifs_fileattr_get, 1716 .fileattr_set = ubifs_fileattr_set, 1717 }; 1718 1719 const struct file_operations ubifs_dir_operations = { 1720 .llseek = generic_file_llseek, 1721 .release = ubifs_dir_release, 1722 .read = generic_read_dir, 1723 .iterate_shared = ubifs_readdir, 1724 .fsync = ubifs_fsync, 1725 .unlocked_ioctl = ubifs_ioctl, 1726 #ifdef CONFIG_COMPAT 1727 .compat_ioctl = ubifs_compat_ioctl, 1728 #endif 1729 }; 1730