1 /* * This file is part of UBIFS. 2 * 3 * Copyright (C) 2006-2008 Nokia Corporation. 4 * Copyright (C) 2006, 2007 University of Szeged, Hungary 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License version 2 as published by 8 * the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, but WITHOUT 11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 13 * more details. 14 * 15 * You should have received a copy of the GNU General Public License along with 16 * this program; if not, write to the Free Software Foundation, Inc., 51 17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 18 * 19 * Authors: Artem Bityutskiy (Битюцкий Артём) 20 * Adrian Hunter 21 * Zoltan Sogor 22 */ 23 24 /* 25 * This file implements directory operations. 26 * 27 * All FS operations in this file allocate budget before writing anything to the 28 * media. If they fail to allocate it, the error is returned. The only 29 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even 30 * if they unable to allocate the budget, because deletion %-ENOSPC failure is 31 * not what users are usually ready to get. UBIFS budgeting subsystem has some 32 * space reserved for these purposes. 33 * 34 * All operations in this file write all inodes which they change straight 35 * away, instead of marking them dirty. For example, 'ubifs_link()' changes 36 * @i_size of the parent inode and writes the parent inode together with the 37 * target inode. This was done to simplify file-system recovery which would 38 * otherwise be very difficult to do. The only exception is rename which marks 39 * the re-named inode dirty (because its @i_ctime is updated) but does not 40 * write it, but just marks it as dirty. 41 */ 42 43 #include "ubifs.h" 44 45 /** 46 * inherit_flags - inherit flags of the parent inode. 47 * @dir: parent inode 48 * @mode: new inode mode flags 49 * 50 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the 51 * parent directory inode @dir. UBIFS inodes inherit the following flags: 52 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on 53 * sub-directory basis; 54 * o %UBIFS_SYNC_FL - useful for the same reasons; 55 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories. 56 * 57 * This function returns the inherited flags. 58 */ 59 static int inherit_flags(const struct inode *dir, umode_t mode) 60 { 61 int flags; 62 const struct ubifs_inode *ui = ubifs_inode(dir); 63 64 if (!S_ISDIR(dir->i_mode)) 65 /* 66 * The parent is not a directory, which means that an extended 67 * attribute inode is being created. No flags. 68 */ 69 return 0; 70 71 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL); 72 if (!S_ISDIR(mode)) 73 /* The "DIRSYNC" flag only applies to directories */ 74 flags &= ~UBIFS_DIRSYNC_FL; 75 return flags; 76 } 77 78 /** 79 * ubifs_new_inode - allocate new UBIFS inode object. 80 * @c: UBIFS file-system description object 81 * @dir: parent directory inode 82 * @mode: inode mode flags 83 * 84 * This function finds an unused inode number, allocates new inode and 85 * initializes it. Returns new inode in case of success and an error code in 86 * case of failure. 87 */ 88 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir, 89 umode_t mode) 90 { 91 int err; 92 struct inode *inode; 93 struct ubifs_inode *ui; 94 bool encrypted = false; 95 96 if (ubifs_crypt_is_encrypted(dir)) { 97 err = fscrypt_get_encryption_info(dir); 98 if (err) { 99 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err); 100 return ERR_PTR(err); 101 } 102 103 if (!fscrypt_has_encryption_key(dir)) 104 return ERR_PTR(-EPERM); 105 106 encrypted = true; 107 } 108 109 inode = new_inode(c->vfs_sb); 110 ui = ubifs_inode(inode); 111 if (!inode) 112 return ERR_PTR(-ENOMEM); 113 114 /* 115 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and 116 * marking them dirty in file write path (see 'file_update_time()'). 117 * UBIFS has to fully control "clean <-> dirty" transitions of inodes 118 * to make budgeting work. 119 */ 120 inode->i_flags |= S_NOCMTIME; 121 122 inode_init_owner(inode, dir, mode); 123 inode->i_mtime = inode->i_atime = inode->i_ctime = 124 current_time(inode); 125 inode->i_mapping->nrpages = 0; 126 127 switch (mode & S_IFMT) { 128 case S_IFREG: 129 inode->i_mapping->a_ops = &ubifs_file_address_operations; 130 inode->i_op = &ubifs_file_inode_operations; 131 inode->i_fop = &ubifs_file_operations; 132 break; 133 case S_IFDIR: 134 inode->i_op = &ubifs_dir_inode_operations; 135 inode->i_fop = &ubifs_dir_operations; 136 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ; 137 break; 138 case S_IFLNK: 139 inode->i_op = &ubifs_symlink_inode_operations; 140 break; 141 case S_IFSOCK: 142 case S_IFIFO: 143 case S_IFBLK: 144 case S_IFCHR: 145 inode->i_op = &ubifs_file_inode_operations; 146 encrypted = false; 147 break; 148 default: 149 BUG(); 150 } 151 152 ui->flags = inherit_flags(dir, mode); 153 ubifs_set_inode_flags(inode); 154 if (S_ISREG(mode)) 155 ui->compr_type = c->default_compr; 156 else 157 ui->compr_type = UBIFS_COMPR_NONE; 158 ui->synced_i_size = 0; 159 160 spin_lock(&c->cnt_lock); 161 /* Inode number overflow is currently not supported */ 162 if (c->highest_inum >= INUM_WARN_WATERMARK) { 163 if (c->highest_inum >= INUM_WATERMARK) { 164 spin_unlock(&c->cnt_lock); 165 ubifs_err(c, "out of inode numbers"); 166 make_bad_inode(inode); 167 iput(inode); 168 return ERR_PTR(-EINVAL); 169 } 170 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)", 171 (unsigned long)c->highest_inum, INUM_WATERMARK); 172 } 173 174 inode->i_ino = ++c->highest_inum; 175 /* 176 * The creation sequence number remains with this inode for its 177 * lifetime. All nodes for this inode have a greater sequence number, 178 * and so it is possible to distinguish obsolete nodes belonging to a 179 * previous incarnation of the same inode number - for example, for the 180 * purpose of rebuilding the index. 181 */ 182 ui->creat_sqnum = ++c->max_sqnum; 183 spin_unlock(&c->cnt_lock); 184 185 if (encrypted) { 186 err = fscrypt_inherit_context(dir, inode, &encrypted, true); 187 if (err) { 188 ubifs_err(c, "fscrypt_inherit_context failed: %i", err); 189 make_bad_inode(inode); 190 iput(inode); 191 return ERR_PTR(err); 192 } 193 } 194 195 return inode; 196 } 197 198 static int dbg_check_name(const struct ubifs_info *c, 199 const struct ubifs_dent_node *dent, 200 const struct fscrypt_name *nm) 201 { 202 if (!dbg_is_chk_gen(c)) 203 return 0; 204 if (le16_to_cpu(dent->nlen) != fname_len(nm)) 205 return -EINVAL; 206 if (memcmp(dent->name, fname_name(nm), fname_len(nm))) 207 return -EINVAL; 208 return 0; 209 } 210 211 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry, 212 unsigned int flags) 213 { 214 int err; 215 union ubifs_key key; 216 struct inode *inode = NULL; 217 struct ubifs_dent_node *dent = NULL; 218 struct ubifs_info *c = dir->i_sb->s_fs_info; 219 struct fscrypt_name nm; 220 221 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino); 222 223 err = fscrypt_prepare_lookup(dir, dentry, flags); 224 if (err) 225 return ERR_PTR(err); 226 227 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 228 if (err) 229 return ERR_PTR(err); 230 231 if (fname_len(&nm) > UBIFS_MAX_NLEN) { 232 inode = ERR_PTR(-ENAMETOOLONG); 233 goto done; 234 } 235 236 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS); 237 if (!dent) { 238 inode = ERR_PTR(-ENOMEM); 239 goto done; 240 } 241 242 if (nm.hash) { 243 ubifs_assert(fname_len(&nm) == 0); 244 ubifs_assert(fname_name(&nm) == NULL); 245 dent_key_init_hash(c, &key, dir->i_ino, nm.hash); 246 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash); 247 } else { 248 dent_key_init(c, &key, dir->i_ino, &nm); 249 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm); 250 } 251 252 if (err) { 253 if (err == -ENOENT) 254 dbg_gen("not found"); 255 else 256 inode = ERR_PTR(err); 257 goto done; 258 } 259 260 if (dbg_check_name(c, dent, &nm)) { 261 inode = ERR_PTR(-EINVAL); 262 goto done; 263 } 264 265 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum)); 266 if (IS_ERR(inode)) { 267 /* 268 * This should not happen. Probably the file-system needs 269 * checking. 270 */ 271 err = PTR_ERR(inode); 272 ubifs_err(c, "dead directory entry '%pd', error %d", 273 dentry, err); 274 ubifs_ro_mode(c, err); 275 goto done; 276 } 277 278 if (ubifs_crypt_is_encrypted(dir) && 279 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 280 !fscrypt_has_permitted_context(dir, inode)) { 281 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu", 282 dir->i_ino, inode->i_ino); 283 iput(inode); 284 inode = ERR_PTR(-EPERM); 285 } 286 287 done: 288 kfree(dent); 289 fscrypt_free_filename(&nm); 290 return d_splice_alias(inode, dentry); 291 } 292 293 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode, 294 bool excl) 295 { 296 struct inode *inode; 297 struct ubifs_info *c = dir->i_sb->s_fs_info; 298 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 299 .dirtied_ino = 1 }; 300 struct ubifs_inode *dir_ui = ubifs_inode(dir); 301 struct fscrypt_name nm; 302 int err, sz_change; 303 304 /* 305 * Budget request settings: new inode, new direntry, changing the 306 * parent directory inode. 307 */ 308 309 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 310 dentry, mode, dir->i_ino); 311 312 err = ubifs_budget_space(c, &req); 313 if (err) 314 return err; 315 316 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 317 if (err) 318 goto out_budg; 319 320 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 321 322 inode = ubifs_new_inode(c, dir, mode); 323 if (IS_ERR(inode)) { 324 err = PTR_ERR(inode); 325 goto out_fname; 326 } 327 328 err = ubifs_init_security(dir, inode, &dentry->d_name); 329 if (err) 330 goto out_inode; 331 332 mutex_lock(&dir_ui->ui_mutex); 333 dir->i_size += sz_change; 334 dir_ui->ui_size = dir->i_size; 335 dir->i_mtime = dir->i_ctime = inode->i_ctime; 336 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 337 if (err) 338 goto out_cancel; 339 mutex_unlock(&dir_ui->ui_mutex); 340 341 ubifs_release_budget(c, &req); 342 fscrypt_free_filename(&nm); 343 insert_inode_hash(inode); 344 d_instantiate(dentry, inode); 345 return 0; 346 347 out_cancel: 348 dir->i_size -= sz_change; 349 dir_ui->ui_size = dir->i_size; 350 mutex_unlock(&dir_ui->ui_mutex); 351 out_inode: 352 make_bad_inode(inode); 353 iput(inode); 354 out_fname: 355 fscrypt_free_filename(&nm); 356 out_budg: 357 ubifs_release_budget(c, &req); 358 ubifs_err(c, "cannot create regular file, error %d", err); 359 return err; 360 } 361 362 static int do_tmpfile(struct inode *dir, struct dentry *dentry, 363 umode_t mode, struct inode **whiteout) 364 { 365 struct inode *inode; 366 struct ubifs_info *c = dir->i_sb->s_fs_info; 367 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1}; 368 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 }; 369 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir); 370 int err, instantiated = 0; 371 struct fscrypt_name nm; 372 373 /* 374 * Budget request settings: new dirty inode, new direntry, 375 * budget for dirtied inode will be released via writeback. 376 */ 377 378 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 379 dentry, mode, dir->i_ino); 380 381 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 382 if (err) 383 return err; 384 385 err = ubifs_budget_space(c, &req); 386 if (err) { 387 fscrypt_free_filename(&nm); 388 return err; 389 } 390 391 err = ubifs_budget_space(c, &ino_req); 392 if (err) { 393 ubifs_release_budget(c, &req); 394 fscrypt_free_filename(&nm); 395 return err; 396 } 397 398 inode = ubifs_new_inode(c, dir, mode); 399 if (IS_ERR(inode)) { 400 err = PTR_ERR(inode); 401 goto out_budg; 402 } 403 ui = ubifs_inode(inode); 404 405 if (whiteout) { 406 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV); 407 ubifs_assert(inode->i_op == &ubifs_file_inode_operations); 408 } 409 410 err = ubifs_init_security(dir, inode, &dentry->d_name); 411 if (err) 412 goto out_inode; 413 414 mutex_lock(&ui->ui_mutex); 415 insert_inode_hash(inode); 416 417 if (whiteout) { 418 mark_inode_dirty(inode); 419 drop_nlink(inode); 420 *whiteout = inode; 421 } else { 422 d_tmpfile(dentry, inode); 423 } 424 ubifs_assert(ui->dirty); 425 426 instantiated = 1; 427 mutex_unlock(&ui->ui_mutex); 428 429 mutex_lock(&dir_ui->ui_mutex); 430 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 431 if (err) 432 goto out_cancel; 433 mutex_unlock(&dir_ui->ui_mutex); 434 435 ubifs_release_budget(c, &req); 436 437 return 0; 438 439 out_cancel: 440 mutex_unlock(&dir_ui->ui_mutex); 441 out_inode: 442 make_bad_inode(inode); 443 if (!instantiated) 444 iput(inode); 445 out_budg: 446 ubifs_release_budget(c, &req); 447 if (!instantiated) 448 ubifs_release_budget(c, &ino_req); 449 fscrypt_free_filename(&nm); 450 ubifs_err(c, "cannot create temporary file, error %d", err); 451 return err; 452 } 453 454 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry, 455 umode_t mode) 456 { 457 return do_tmpfile(dir, dentry, mode, NULL); 458 } 459 460 /** 461 * vfs_dent_type - get VFS directory entry type. 462 * @type: UBIFS directory entry type 463 * 464 * This function converts UBIFS directory entry type into VFS directory entry 465 * type. 466 */ 467 static unsigned int vfs_dent_type(uint8_t type) 468 { 469 switch (type) { 470 case UBIFS_ITYPE_REG: 471 return DT_REG; 472 case UBIFS_ITYPE_DIR: 473 return DT_DIR; 474 case UBIFS_ITYPE_LNK: 475 return DT_LNK; 476 case UBIFS_ITYPE_BLK: 477 return DT_BLK; 478 case UBIFS_ITYPE_CHR: 479 return DT_CHR; 480 case UBIFS_ITYPE_FIFO: 481 return DT_FIFO; 482 case UBIFS_ITYPE_SOCK: 483 return DT_SOCK; 484 default: 485 BUG(); 486 } 487 return 0; 488 } 489 490 /* 491 * The classical Unix view for directory is that it is a linear array of 492 * (name, inode number) entries. Linux/VFS assumes this model as well. 493 * Particularly, 'readdir()' call wants us to return a directory entry offset 494 * which later may be used to continue 'readdir()'ing the directory or to 495 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this 496 * model because directory entries are identified by keys, which may collide. 497 * 498 * UBIFS uses directory entry hash value for directory offsets, so 499 * 'seekdir()'/'telldir()' may not always work because of possible key 500 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work 501 * properly by means of saving full directory entry name in the private field 502 * of the file description object. 503 * 504 * This means that UBIFS cannot support NFS which requires full 505 * 'seekdir()'/'telldir()' support. 506 */ 507 static int ubifs_readdir(struct file *file, struct dir_context *ctx) 508 { 509 int fstr_real_len = 0, err = 0; 510 struct fscrypt_name nm; 511 struct fscrypt_str fstr = {0}; 512 union ubifs_key key; 513 struct ubifs_dent_node *dent; 514 struct inode *dir = file_inode(file); 515 struct ubifs_info *c = dir->i_sb->s_fs_info; 516 bool encrypted = ubifs_crypt_is_encrypted(dir); 517 518 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos); 519 520 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2) 521 /* 522 * The directory was seek'ed to a senseless position or there 523 * are no more entries. 524 */ 525 return 0; 526 527 if (encrypted) { 528 err = fscrypt_get_encryption_info(dir); 529 if (err && err != -ENOKEY) 530 return err; 531 532 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr); 533 if (err) 534 return err; 535 536 fstr_real_len = fstr.len; 537 } 538 539 if (file->f_version == 0) { 540 /* 541 * The file was seek'ed, which means that @file->private_data 542 * is now invalid. This may also be just the first 543 * 'ubifs_readdir()' invocation, in which case 544 * @file->private_data is NULL, and the below code is 545 * basically a no-op. 546 */ 547 kfree(file->private_data); 548 file->private_data = NULL; 549 } 550 551 /* 552 * 'generic_file_llseek()' unconditionally sets @file->f_version to 553 * zero, and we use this for detecting whether the file was seek'ed. 554 */ 555 file->f_version = 1; 556 557 /* File positions 0 and 1 correspond to "." and ".." */ 558 if (ctx->pos < 2) { 559 ubifs_assert(!file->private_data); 560 if (!dir_emit_dots(file, ctx)) { 561 if (encrypted) 562 fscrypt_fname_free_buffer(&fstr); 563 return 0; 564 } 565 566 /* Find the first entry in TNC and save it */ 567 lowest_dent_key(c, &key, dir->i_ino); 568 fname_len(&nm) = 0; 569 dent = ubifs_tnc_next_ent(c, &key, &nm); 570 if (IS_ERR(dent)) { 571 err = PTR_ERR(dent); 572 goto out; 573 } 574 575 ctx->pos = key_hash_flash(c, &dent->key); 576 file->private_data = dent; 577 } 578 579 dent = file->private_data; 580 if (!dent) { 581 /* 582 * The directory was seek'ed to and is now readdir'ed. 583 * Find the entry corresponding to @ctx->pos or the closest one. 584 */ 585 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos); 586 fname_len(&nm) = 0; 587 dent = ubifs_tnc_next_ent(c, &key, &nm); 588 if (IS_ERR(dent)) { 589 err = PTR_ERR(dent); 590 goto out; 591 } 592 ctx->pos = key_hash_flash(c, &dent->key); 593 file->private_data = dent; 594 } 595 596 while (1) { 597 dbg_gen("ino %llu, new f_pos %#x", 598 (unsigned long long)le64_to_cpu(dent->inum), 599 key_hash_flash(c, &dent->key)); 600 ubifs_assert(le64_to_cpu(dent->ch.sqnum) > 601 ubifs_inode(dir)->creat_sqnum); 602 603 fname_len(&nm) = le16_to_cpu(dent->nlen); 604 fname_name(&nm) = dent->name; 605 606 if (encrypted) { 607 fstr.len = fstr_real_len; 608 609 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c, 610 &dent->key), 611 le32_to_cpu(dent->cookie), 612 &nm.disk_name, &fstr); 613 if (err) 614 goto out; 615 } else { 616 fstr.len = fname_len(&nm); 617 fstr.name = fname_name(&nm); 618 } 619 620 if (!dir_emit(ctx, fstr.name, fstr.len, 621 le64_to_cpu(dent->inum), 622 vfs_dent_type(dent->type))) { 623 if (encrypted) 624 fscrypt_fname_free_buffer(&fstr); 625 return 0; 626 } 627 628 /* Switch to the next entry */ 629 key_read(c, &dent->key, &key); 630 dent = ubifs_tnc_next_ent(c, &key, &nm); 631 if (IS_ERR(dent)) { 632 err = PTR_ERR(dent); 633 goto out; 634 } 635 636 kfree(file->private_data); 637 ctx->pos = key_hash_flash(c, &dent->key); 638 file->private_data = dent; 639 cond_resched(); 640 } 641 642 out: 643 kfree(file->private_data); 644 file->private_data = NULL; 645 646 if (encrypted) 647 fscrypt_fname_free_buffer(&fstr); 648 649 if (err != -ENOENT) 650 ubifs_err(c, "cannot find next direntry, error %d", err); 651 else 652 /* 653 * -ENOENT is a non-fatal error in this context, the TNC uses 654 * it to indicate that the cursor moved past the current directory 655 * and readdir() has to stop. 656 */ 657 err = 0; 658 659 660 /* 2 is a special value indicating that there are no more direntries */ 661 ctx->pos = 2; 662 return err; 663 } 664 665 /* Free saved readdir() state when the directory is closed */ 666 static int ubifs_dir_release(struct inode *dir, struct file *file) 667 { 668 kfree(file->private_data); 669 file->private_data = NULL; 670 return 0; 671 } 672 673 /** 674 * lock_2_inodes - a wrapper for locking two UBIFS inodes. 675 * @inode1: first inode 676 * @inode2: second inode 677 * 678 * We do not implement any tricks to guarantee strict lock ordering, because 679 * VFS has already done it for us on the @i_mutex. So this is just a simple 680 * wrapper function. 681 */ 682 static void lock_2_inodes(struct inode *inode1, struct inode *inode2) 683 { 684 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 685 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 686 } 687 688 /** 689 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes. 690 * @inode1: first inode 691 * @inode2: second inode 692 */ 693 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2) 694 { 695 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 696 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 697 } 698 699 static int ubifs_link(struct dentry *old_dentry, struct inode *dir, 700 struct dentry *dentry) 701 { 702 struct ubifs_info *c = dir->i_sb->s_fs_info; 703 struct inode *inode = d_inode(old_dentry); 704 struct ubifs_inode *ui = ubifs_inode(inode); 705 struct ubifs_inode *dir_ui = ubifs_inode(dir); 706 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len); 707 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2, 708 .dirtied_ino_d = ALIGN(ui->data_len, 8) }; 709 struct fscrypt_name nm; 710 711 /* 712 * Budget request settings: new direntry, changing the target inode, 713 * changing the parent inode. 714 */ 715 716 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu", 717 dentry, inode->i_ino, 718 inode->i_nlink, dir->i_ino); 719 ubifs_assert(inode_is_locked(dir)); 720 ubifs_assert(inode_is_locked(inode)); 721 722 err = fscrypt_prepare_link(old_dentry, dir, dentry); 723 if (err) 724 return err; 725 726 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 727 if (err) 728 return err; 729 730 err = dbg_check_synced_i_size(c, inode); 731 if (err) 732 goto out_fname; 733 734 err = ubifs_budget_space(c, &req); 735 if (err) 736 goto out_fname; 737 738 lock_2_inodes(dir, inode); 739 740 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */ 741 if (inode->i_nlink == 0) 742 ubifs_delete_orphan(c, inode->i_ino); 743 744 inc_nlink(inode); 745 ihold(inode); 746 inode->i_ctime = current_time(inode); 747 dir->i_size += sz_change; 748 dir_ui->ui_size = dir->i_size; 749 dir->i_mtime = dir->i_ctime = inode->i_ctime; 750 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 751 if (err) 752 goto out_cancel; 753 unlock_2_inodes(dir, inode); 754 755 ubifs_release_budget(c, &req); 756 d_instantiate(dentry, inode); 757 fscrypt_free_filename(&nm); 758 return 0; 759 760 out_cancel: 761 dir->i_size -= sz_change; 762 dir_ui->ui_size = dir->i_size; 763 drop_nlink(inode); 764 if (inode->i_nlink == 0) 765 ubifs_add_orphan(c, inode->i_ino); 766 unlock_2_inodes(dir, inode); 767 ubifs_release_budget(c, &req); 768 iput(inode); 769 out_fname: 770 fscrypt_free_filename(&nm); 771 return err; 772 } 773 774 static int ubifs_unlink(struct inode *dir, struct dentry *dentry) 775 { 776 struct ubifs_info *c = dir->i_sb->s_fs_info; 777 struct inode *inode = d_inode(dentry); 778 struct ubifs_inode *dir_ui = ubifs_inode(dir); 779 int err, sz_change, budgeted = 1; 780 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 781 unsigned int saved_nlink = inode->i_nlink; 782 struct fscrypt_name nm; 783 784 /* 785 * Budget request settings: deletion direntry, deletion inode (+1 for 786 * @dirtied_ino), changing the parent directory inode. If budgeting 787 * fails, go ahead anyway because we have extra space reserved for 788 * deletions. 789 */ 790 791 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu", 792 dentry, inode->i_ino, 793 inode->i_nlink, dir->i_ino); 794 795 if (ubifs_crypt_is_encrypted(dir)) { 796 err = fscrypt_get_encryption_info(dir); 797 if (err && err != -ENOKEY) 798 return err; 799 } 800 801 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 802 if (err) 803 return err; 804 805 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 806 807 ubifs_assert(inode_is_locked(dir)); 808 ubifs_assert(inode_is_locked(inode)); 809 err = dbg_check_synced_i_size(c, inode); 810 if (err) 811 goto out_fname; 812 813 err = ubifs_budget_space(c, &req); 814 if (err) { 815 if (err != -ENOSPC) 816 goto out_fname; 817 budgeted = 0; 818 } 819 820 lock_2_inodes(dir, inode); 821 inode->i_ctime = current_time(dir); 822 drop_nlink(inode); 823 dir->i_size -= sz_change; 824 dir_ui->ui_size = dir->i_size; 825 dir->i_mtime = dir->i_ctime = inode->i_ctime; 826 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 827 if (err) 828 goto out_cancel; 829 unlock_2_inodes(dir, inode); 830 831 if (budgeted) 832 ubifs_release_budget(c, &req); 833 else { 834 /* We've deleted something - clean the "no space" flags */ 835 c->bi.nospace = c->bi.nospace_rp = 0; 836 smp_wmb(); 837 } 838 fscrypt_free_filename(&nm); 839 return 0; 840 841 out_cancel: 842 dir->i_size += sz_change; 843 dir_ui->ui_size = dir->i_size; 844 set_nlink(inode, saved_nlink); 845 unlock_2_inodes(dir, inode); 846 if (budgeted) 847 ubifs_release_budget(c, &req); 848 out_fname: 849 fscrypt_free_filename(&nm); 850 return err; 851 } 852 853 /** 854 * check_dir_empty - check if a directory is empty or not. 855 * @dir: VFS inode object of the directory to check 856 * 857 * This function checks if directory @dir is empty. Returns zero if the 858 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes 859 * in case of of errors. 860 */ 861 int ubifs_check_dir_empty(struct inode *dir) 862 { 863 struct ubifs_info *c = dir->i_sb->s_fs_info; 864 struct fscrypt_name nm = { 0 }; 865 struct ubifs_dent_node *dent; 866 union ubifs_key key; 867 int err; 868 869 lowest_dent_key(c, &key, dir->i_ino); 870 dent = ubifs_tnc_next_ent(c, &key, &nm); 871 if (IS_ERR(dent)) { 872 err = PTR_ERR(dent); 873 if (err == -ENOENT) 874 err = 0; 875 } else { 876 kfree(dent); 877 err = -ENOTEMPTY; 878 } 879 return err; 880 } 881 882 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry) 883 { 884 struct ubifs_info *c = dir->i_sb->s_fs_info; 885 struct inode *inode = d_inode(dentry); 886 int err, sz_change, budgeted = 1; 887 struct ubifs_inode *dir_ui = ubifs_inode(dir); 888 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 }; 889 struct fscrypt_name nm; 890 891 /* 892 * Budget request settings: deletion direntry, deletion inode and 893 * changing the parent inode. If budgeting fails, go ahead anyway 894 * because we have extra space reserved for deletions. 895 */ 896 897 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry, 898 inode->i_ino, dir->i_ino); 899 ubifs_assert(inode_is_locked(dir)); 900 ubifs_assert(inode_is_locked(inode)); 901 err = ubifs_check_dir_empty(d_inode(dentry)); 902 if (err) 903 return err; 904 905 if (ubifs_crypt_is_encrypted(dir)) { 906 err = fscrypt_get_encryption_info(dir); 907 if (err && err != -ENOKEY) 908 return err; 909 } 910 911 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm); 912 if (err) 913 return err; 914 915 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 916 917 err = ubifs_budget_space(c, &req); 918 if (err) { 919 if (err != -ENOSPC) 920 goto out_fname; 921 budgeted = 0; 922 } 923 924 lock_2_inodes(dir, inode); 925 inode->i_ctime = current_time(dir); 926 clear_nlink(inode); 927 drop_nlink(dir); 928 dir->i_size -= sz_change; 929 dir_ui->ui_size = dir->i_size; 930 dir->i_mtime = dir->i_ctime = inode->i_ctime; 931 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0); 932 if (err) 933 goto out_cancel; 934 unlock_2_inodes(dir, inode); 935 936 if (budgeted) 937 ubifs_release_budget(c, &req); 938 else { 939 /* We've deleted something - clean the "no space" flags */ 940 c->bi.nospace = c->bi.nospace_rp = 0; 941 smp_wmb(); 942 } 943 fscrypt_free_filename(&nm); 944 return 0; 945 946 out_cancel: 947 dir->i_size += sz_change; 948 dir_ui->ui_size = dir->i_size; 949 inc_nlink(dir); 950 set_nlink(inode, 2); 951 unlock_2_inodes(dir, inode); 952 if (budgeted) 953 ubifs_release_budget(c, &req); 954 out_fname: 955 fscrypt_free_filename(&nm); 956 return err; 957 } 958 959 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 960 { 961 struct inode *inode; 962 struct ubifs_inode *dir_ui = ubifs_inode(dir); 963 struct ubifs_info *c = dir->i_sb->s_fs_info; 964 int err, sz_change; 965 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 }; 966 struct fscrypt_name nm; 967 968 /* 969 * Budget request settings: new inode, new direntry and changing parent 970 * directory inode. 971 */ 972 973 dbg_gen("dent '%pd', mode %#hx in dir ino %lu", 974 dentry, mode, dir->i_ino); 975 976 err = ubifs_budget_space(c, &req); 977 if (err) 978 return err; 979 980 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 981 if (err) 982 goto out_budg; 983 984 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 985 986 inode = ubifs_new_inode(c, dir, S_IFDIR | mode); 987 if (IS_ERR(inode)) { 988 err = PTR_ERR(inode); 989 goto out_fname; 990 } 991 992 err = ubifs_init_security(dir, inode, &dentry->d_name); 993 if (err) 994 goto out_inode; 995 996 mutex_lock(&dir_ui->ui_mutex); 997 insert_inode_hash(inode); 998 inc_nlink(inode); 999 inc_nlink(dir); 1000 dir->i_size += sz_change; 1001 dir_ui->ui_size = dir->i_size; 1002 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1003 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1004 if (err) { 1005 ubifs_err(c, "cannot create directory, error %d", err); 1006 goto out_cancel; 1007 } 1008 mutex_unlock(&dir_ui->ui_mutex); 1009 1010 ubifs_release_budget(c, &req); 1011 d_instantiate(dentry, inode); 1012 fscrypt_free_filename(&nm); 1013 return 0; 1014 1015 out_cancel: 1016 dir->i_size -= sz_change; 1017 dir_ui->ui_size = dir->i_size; 1018 drop_nlink(dir); 1019 mutex_unlock(&dir_ui->ui_mutex); 1020 out_inode: 1021 make_bad_inode(inode); 1022 iput(inode); 1023 out_fname: 1024 fscrypt_free_filename(&nm); 1025 out_budg: 1026 ubifs_release_budget(c, &req); 1027 return err; 1028 } 1029 1030 static int ubifs_mknod(struct inode *dir, struct dentry *dentry, 1031 umode_t mode, dev_t rdev) 1032 { 1033 struct inode *inode; 1034 struct ubifs_inode *ui; 1035 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1036 struct ubifs_info *c = dir->i_sb->s_fs_info; 1037 union ubifs_dev_desc *dev = NULL; 1038 int sz_change; 1039 int err, devlen = 0; 1040 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1041 .dirtied_ino = 1 }; 1042 struct fscrypt_name nm; 1043 1044 /* 1045 * Budget request settings: new inode, new direntry and changing parent 1046 * directory inode. 1047 */ 1048 1049 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino); 1050 1051 if (S_ISBLK(mode) || S_ISCHR(mode)) { 1052 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1053 if (!dev) 1054 return -ENOMEM; 1055 devlen = ubifs_encode_dev(dev, rdev); 1056 } 1057 1058 req.new_ino_d = ALIGN(devlen, 8); 1059 err = ubifs_budget_space(c, &req); 1060 if (err) { 1061 kfree(dev); 1062 return err; 1063 } 1064 1065 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1066 if (err) { 1067 kfree(dev); 1068 goto out_budg; 1069 } 1070 1071 sz_change = CALC_DENT_SIZE(fname_len(&nm)); 1072 1073 inode = ubifs_new_inode(c, dir, mode); 1074 if (IS_ERR(inode)) { 1075 kfree(dev); 1076 err = PTR_ERR(inode); 1077 goto out_fname; 1078 } 1079 1080 init_special_inode(inode, inode->i_mode, rdev); 1081 inode->i_size = ubifs_inode(inode)->ui_size = devlen; 1082 ui = ubifs_inode(inode); 1083 ui->data = dev; 1084 ui->data_len = devlen; 1085 1086 err = ubifs_init_security(dir, inode, &dentry->d_name); 1087 if (err) 1088 goto out_inode; 1089 1090 mutex_lock(&dir_ui->ui_mutex); 1091 dir->i_size += sz_change; 1092 dir_ui->ui_size = dir->i_size; 1093 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1094 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1095 if (err) 1096 goto out_cancel; 1097 mutex_unlock(&dir_ui->ui_mutex); 1098 1099 ubifs_release_budget(c, &req); 1100 insert_inode_hash(inode); 1101 d_instantiate(dentry, inode); 1102 fscrypt_free_filename(&nm); 1103 return 0; 1104 1105 out_cancel: 1106 dir->i_size -= sz_change; 1107 dir_ui->ui_size = dir->i_size; 1108 mutex_unlock(&dir_ui->ui_mutex); 1109 out_inode: 1110 make_bad_inode(inode); 1111 iput(inode); 1112 out_fname: 1113 fscrypt_free_filename(&nm); 1114 out_budg: 1115 ubifs_release_budget(c, &req); 1116 return err; 1117 } 1118 1119 static int ubifs_symlink(struct inode *dir, struct dentry *dentry, 1120 const char *symname) 1121 { 1122 struct inode *inode; 1123 struct ubifs_inode *ui; 1124 struct ubifs_inode *dir_ui = ubifs_inode(dir); 1125 struct ubifs_info *c = dir->i_sb->s_fs_info; 1126 int err, len = strlen(symname); 1127 int sz_change = CALC_DENT_SIZE(len); 1128 struct fscrypt_str disk_link; 1129 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 1130 .new_ino_d = ALIGN(len, 8), 1131 .dirtied_ino = 1 }; 1132 struct fscrypt_name nm; 1133 1134 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry, 1135 symname, dir->i_ino); 1136 1137 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA, 1138 &disk_link); 1139 if (err) 1140 return err; 1141 1142 /* 1143 * Budget request settings: new inode, new direntry and changing parent 1144 * directory inode. 1145 */ 1146 err = ubifs_budget_space(c, &req); 1147 if (err) 1148 return err; 1149 1150 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm); 1151 if (err) 1152 goto out_budg; 1153 1154 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO); 1155 if (IS_ERR(inode)) { 1156 err = PTR_ERR(inode); 1157 goto out_fname; 1158 } 1159 1160 ui = ubifs_inode(inode); 1161 ui->data = kmalloc(disk_link.len, GFP_NOFS); 1162 if (!ui->data) { 1163 err = -ENOMEM; 1164 goto out_inode; 1165 } 1166 1167 if (IS_ENCRYPTED(inode)) { 1168 disk_link.name = ui->data; /* encrypt directly into ui->data */ 1169 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 1170 if (err) 1171 goto out_inode; 1172 } else { 1173 memcpy(ui->data, disk_link.name, disk_link.len); 1174 inode->i_link = ui->data; 1175 } 1176 1177 /* 1178 * The terminating zero byte is not written to the flash media and it 1179 * is put just to make later in-memory string processing simpler. Thus, 1180 * data length is @disk_link.len - 1, not @disk_link.len. 1181 */ 1182 ui->data_len = disk_link.len - 1; 1183 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1; 1184 1185 err = ubifs_init_security(dir, inode, &dentry->d_name); 1186 if (err) 1187 goto out_inode; 1188 1189 mutex_lock(&dir_ui->ui_mutex); 1190 dir->i_size += sz_change; 1191 dir_ui->ui_size = dir->i_size; 1192 dir->i_mtime = dir->i_ctime = inode->i_ctime; 1193 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0); 1194 if (err) 1195 goto out_cancel; 1196 mutex_unlock(&dir_ui->ui_mutex); 1197 1198 insert_inode_hash(inode); 1199 d_instantiate(dentry, inode); 1200 err = 0; 1201 goto out_fname; 1202 1203 out_cancel: 1204 dir->i_size -= sz_change; 1205 dir_ui->ui_size = dir->i_size; 1206 mutex_unlock(&dir_ui->ui_mutex); 1207 out_inode: 1208 make_bad_inode(inode); 1209 iput(inode); 1210 out_fname: 1211 fscrypt_free_filename(&nm); 1212 out_budg: 1213 ubifs_release_budget(c, &req); 1214 return err; 1215 } 1216 1217 /** 1218 * lock_4_inodes - a wrapper for locking three UBIFS inodes. 1219 * @inode1: first inode 1220 * @inode2: second inode 1221 * @inode3: third inode 1222 * @inode4: fouth inode 1223 * 1224 * This function is used for 'ubifs_rename()' and @inode1 may be the same as 1225 * @inode2 whereas @inode3 and @inode4 may be %NULL. 1226 * 1227 * We do not implement any tricks to guarantee strict lock ordering, because 1228 * VFS has already done it for us on the @i_mutex. So this is just a simple 1229 * wrapper function. 1230 */ 1231 static void lock_4_inodes(struct inode *inode1, struct inode *inode2, 1232 struct inode *inode3, struct inode *inode4) 1233 { 1234 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1); 1235 if (inode2 != inode1) 1236 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2); 1237 if (inode3) 1238 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3); 1239 if (inode4) 1240 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4); 1241 } 1242 1243 /** 1244 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename. 1245 * @inode1: first inode 1246 * @inode2: second inode 1247 * @inode3: third inode 1248 * @inode4: fouth inode 1249 */ 1250 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2, 1251 struct inode *inode3, struct inode *inode4) 1252 { 1253 if (inode4) 1254 mutex_unlock(&ubifs_inode(inode4)->ui_mutex); 1255 if (inode3) 1256 mutex_unlock(&ubifs_inode(inode3)->ui_mutex); 1257 if (inode1 != inode2) 1258 mutex_unlock(&ubifs_inode(inode2)->ui_mutex); 1259 mutex_unlock(&ubifs_inode(inode1)->ui_mutex); 1260 } 1261 1262 static int do_rename(struct inode *old_dir, struct dentry *old_dentry, 1263 struct inode *new_dir, struct dentry *new_dentry, 1264 unsigned int flags) 1265 { 1266 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1267 struct inode *old_inode = d_inode(old_dentry); 1268 struct inode *new_inode = d_inode(new_dentry); 1269 struct inode *whiteout = NULL; 1270 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode); 1271 struct ubifs_inode *whiteout_ui = NULL; 1272 int err, release, sync = 0, move = (new_dir != old_dir); 1273 int is_dir = S_ISDIR(old_inode->i_mode); 1274 int unlink = !!new_inode, new_sz, old_sz; 1275 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1276 .dirtied_ino = 3 }; 1277 struct ubifs_budget_req ino_req = { .dirtied_ino = 1, 1278 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) }; 1279 struct timespec64 time; 1280 unsigned int uninitialized_var(saved_nlink); 1281 struct fscrypt_name old_nm, new_nm; 1282 1283 /* 1284 * Budget request settings: deletion direntry, new direntry, removing 1285 * the old inode, and changing old and new parent directory inodes. 1286 * 1287 * However, this operation also marks the target inode as dirty and 1288 * does not write it, so we allocate budget for the target inode 1289 * separately. 1290 */ 1291 1292 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x", 1293 old_dentry, old_inode->i_ino, old_dir->i_ino, 1294 new_dentry, new_dir->i_ino, flags); 1295 1296 if (unlink) 1297 ubifs_assert(inode_is_locked(new_inode)); 1298 1299 if (unlink && is_dir) { 1300 err = ubifs_check_dir_empty(new_inode); 1301 if (err) 1302 return err; 1303 } 1304 1305 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm); 1306 if (err) 1307 return err; 1308 1309 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm); 1310 if (err) { 1311 fscrypt_free_filename(&old_nm); 1312 return err; 1313 } 1314 1315 new_sz = CALC_DENT_SIZE(fname_len(&new_nm)); 1316 old_sz = CALC_DENT_SIZE(fname_len(&old_nm)); 1317 1318 err = ubifs_budget_space(c, &req); 1319 if (err) { 1320 fscrypt_free_filename(&old_nm); 1321 fscrypt_free_filename(&new_nm); 1322 return err; 1323 } 1324 err = ubifs_budget_space(c, &ino_req); 1325 if (err) { 1326 fscrypt_free_filename(&old_nm); 1327 fscrypt_free_filename(&new_nm); 1328 ubifs_release_budget(c, &req); 1329 return err; 1330 } 1331 1332 if (flags & RENAME_WHITEOUT) { 1333 union ubifs_dev_desc *dev = NULL; 1334 1335 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS); 1336 if (!dev) { 1337 err = -ENOMEM; 1338 goto out_release; 1339 } 1340 1341 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout); 1342 if (err) { 1343 kfree(dev); 1344 goto out_release; 1345 } 1346 1347 whiteout->i_state |= I_LINKABLE; 1348 whiteout_ui = ubifs_inode(whiteout); 1349 whiteout_ui->data = dev; 1350 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0)); 1351 ubifs_assert(!whiteout_ui->dirty); 1352 } 1353 1354 lock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1355 1356 /* 1357 * Like most other Unix systems, set the @i_ctime for inodes on a 1358 * rename. 1359 */ 1360 time = current_time(old_dir); 1361 old_inode->i_ctime = time; 1362 1363 /* We must adjust parent link count when renaming directories */ 1364 if (is_dir) { 1365 if (move) { 1366 /* 1367 * @old_dir loses a link because we are moving 1368 * @old_inode to a different directory. 1369 */ 1370 drop_nlink(old_dir); 1371 /* 1372 * @new_dir only gains a link if we are not also 1373 * overwriting an existing directory. 1374 */ 1375 if (!unlink) 1376 inc_nlink(new_dir); 1377 } else { 1378 /* 1379 * @old_inode is not moving to a different directory, 1380 * but @old_dir still loses a link if we are 1381 * overwriting an existing directory. 1382 */ 1383 if (unlink) 1384 drop_nlink(old_dir); 1385 } 1386 } 1387 1388 old_dir->i_size -= old_sz; 1389 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1390 old_dir->i_mtime = old_dir->i_ctime = time; 1391 new_dir->i_mtime = new_dir->i_ctime = time; 1392 1393 /* 1394 * And finally, if we unlinked a direntry which happened to have the 1395 * same name as the moved direntry, we have to decrement @i_nlink of 1396 * the unlinked inode and change its ctime. 1397 */ 1398 if (unlink) { 1399 /* 1400 * Directories cannot have hard-links, so if this is a 1401 * directory, just clear @i_nlink. 1402 */ 1403 saved_nlink = new_inode->i_nlink; 1404 if (is_dir) 1405 clear_nlink(new_inode); 1406 else 1407 drop_nlink(new_inode); 1408 new_inode->i_ctime = time; 1409 } else { 1410 new_dir->i_size += new_sz; 1411 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1412 } 1413 1414 /* 1415 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode 1416 * is dirty, because this will be done later on at the end of 1417 * 'ubifs_rename()'. 1418 */ 1419 if (IS_SYNC(old_inode)) { 1420 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1421 if (unlink && IS_SYNC(new_inode)) 1422 sync = 1; 1423 } 1424 1425 if (whiteout) { 1426 struct ubifs_budget_req wht_req = { .dirtied_ino = 1, 1427 .dirtied_ino_d = \ 1428 ALIGN(ubifs_inode(whiteout)->data_len, 8) }; 1429 1430 err = ubifs_budget_space(c, &wht_req); 1431 if (err) { 1432 kfree(whiteout_ui->data); 1433 whiteout_ui->data_len = 0; 1434 iput(whiteout); 1435 goto out_release; 1436 } 1437 1438 inc_nlink(whiteout); 1439 mark_inode_dirty(whiteout); 1440 whiteout->i_state &= ~I_LINKABLE; 1441 iput(whiteout); 1442 } 1443 1444 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir, 1445 new_inode, &new_nm, whiteout, sync); 1446 if (err) 1447 goto out_cancel; 1448 1449 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1450 ubifs_release_budget(c, &req); 1451 1452 mutex_lock(&old_inode_ui->ui_mutex); 1453 release = old_inode_ui->dirty; 1454 mark_inode_dirty_sync(old_inode); 1455 mutex_unlock(&old_inode_ui->ui_mutex); 1456 1457 if (release) 1458 ubifs_release_budget(c, &ino_req); 1459 if (IS_SYNC(old_inode)) 1460 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL); 1461 1462 fscrypt_free_filename(&old_nm); 1463 fscrypt_free_filename(&new_nm); 1464 return err; 1465 1466 out_cancel: 1467 if (unlink) { 1468 set_nlink(new_inode, saved_nlink); 1469 } else { 1470 new_dir->i_size -= new_sz; 1471 ubifs_inode(new_dir)->ui_size = new_dir->i_size; 1472 } 1473 old_dir->i_size += old_sz; 1474 ubifs_inode(old_dir)->ui_size = old_dir->i_size; 1475 if (is_dir) { 1476 if (move) { 1477 inc_nlink(old_dir); 1478 if (!unlink) 1479 drop_nlink(new_dir); 1480 } else { 1481 if (unlink) 1482 inc_nlink(old_dir); 1483 } 1484 } 1485 if (whiteout) { 1486 drop_nlink(whiteout); 1487 iput(whiteout); 1488 } 1489 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout); 1490 out_release: 1491 ubifs_release_budget(c, &ino_req); 1492 ubifs_release_budget(c, &req); 1493 fscrypt_free_filename(&old_nm); 1494 fscrypt_free_filename(&new_nm); 1495 return err; 1496 } 1497 1498 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry, 1499 struct inode *new_dir, struct dentry *new_dentry) 1500 { 1501 struct ubifs_info *c = old_dir->i_sb->s_fs_info; 1502 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1, 1503 .dirtied_ino = 2 }; 1504 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir); 1505 struct inode *fst_inode = d_inode(old_dentry); 1506 struct inode *snd_inode = d_inode(new_dentry); 1507 struct timespec64 time; 1508 int err; 1509 struct fscrypt_name fst_nm, snd_nm; 1510 1511 ubifs_assert(fst_inode && snd_inode); 1512 1513 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm); 1514 if (err) 1515 return err; 1516 1517 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm); 1518 if (err) { 1519 fscrypt_free_filename(&fst_nm); 1520 return err; 1521 } 1522 1523 lock_4_inodes(old_dir, new_dir, NULL, NULL); 1524 1525 time = current_time(old_dir); 1526 fst_inode->i_ctime = time; 1527 snd_inode->i_ctime = time; 1528 old_dir->i_mtime = old_dir->i_ctime = time; 1529 new_dir->i_mtime = new_dir->i_ctime = time; 1530 1531 if (old_dir != new_dir) { 1532 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) { 1533 inc_nlink(new_dir); 1534 drop_nlink(old_dir); 1535 } 1536 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) { 1537 drop_nlink(new_dir); 1538 inc_nlink(old_dir); 1539 } 1540 } 1541 1542 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir, 1543 snd_inode, &snd_nm, sync); 1544 1545 unlock_4_inodes(old_dir, new_dir, NULL, NULL); 1546 ubifs_release_budget(c, &req); 1547 1548 fscrypt_free_filename(&fst_nm); 1549 fscrypt_free_filename(&snd_nm); 1550 return err; 1551 } 1552 1553 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry, 1554 struct inode *new_dir, struct dentry *new_dentry, 1555 unsigned int flags) 1556 { 1557 int err; 1558 1559 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE)) 1560 return -EINVAL; 1561 1562 ubifs_assert(inode_is_locked(old_dir)); 1563 ubifs_assert(inode_is_locked(new_dir)); 1564 1565 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 1566 flags); 1567 if (err) 1568 return err; 1569 1570 if (flags & RENAME_EXCHANGE) 1571 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry); 1572 1573 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags); 1574 } 1575 1576 int ubifs_getattr(const struct path *path, struct kstat *stat, 1577 u32 request_mask, unsigned int flags) 1578 { 1579 loff_t size; 1580 struct inode *inode = d_inode(path->dentry); 1581 struct ubifs_inode *ui = ubifs_inode(inode); 1582 1583 mutex_lock(&ui->ui_mutex); 1584 1585 if (ui->flags & UBIFS_APPEND_FL) 1586 stat->attributes |= STATX_ATTR_APPEND; 1587 if (ui->flags & UBIFS_COMPR_FL) 1588 stat->attributes |= STATX_ATTR_COMPRESSED; 1589 if (ui->flags & UBIFS_CRYPT_FL) 1590 stat->attributes |= STATX_ATTR_ENCRYPTED; 1591 if (ui->flags & UBIFS_IMMUTABLE_FL) 1592 stat->attributes |= STATX_ATTR_IMMUTABLE; 1593 1594 stat->attributes_mask |= (STATX_ATTR_APPEND | 1595 STATX_ATTR_COMPRESSED | 1596 STATX_ATTR_ENCRYPTED | 1597 STATX_ATTR_IMMUTABLE); 1598 1599 generic_fillattr(inode, stat); 1600 stat->blksize = UBIFS_BLOCK_SIZE; 1601 stat->size = ui->ui_size; 1602 1603 /* 1604 * Unfortunately, the 'stat()' system call was designed for block 1605 * device based file systems, and it is not appropriate for UBIFS, 1606 * because UBIFS does not have notion of "block". For example, it is 1607 * difficult to tell how many block a directory takes - it actually 1608 * takes less than 300 bytes, but we have to round it to block size, 1609 * which introduces large mistake. This makes utilities like 'du' to 1610 * report completely senseless numbers. This is the reason why UBIFS 1611 * goes the same way as JFFS2 - it reports zero blocks for everything 1612 * but regular files, which makes more sense than reporting completely 1613 * wrong sizes. 1614 */ 1615 if (S_ISREG(inode->i_mode)) { 1616 size = ui->xattr_size; 1617 size += stat->size; 1618 size = ALIGN(size, UBIFS_BLOCK_SIZE); 1619 /* 1620 * Note, user-space expects 512-byte blocks count irrespectively 1621 * of what was reported in @stat->size. 1622 */ 1623 stat->blocks = size >> 9; 1624 } else 1625 stat->blocks = 0; 1626 mutex_unlock(&ui->ui_mutex); 1627 return 0; 1628 } 1629 1630 static int ubifs_dir_open(struct inode *dir, struct file *file) 1631 { 1632 if (ubifs_crypt_is_encrypted(dir)) 1633 return fscrypt_get_encryption_info(dir) ? -EACCES : 0; 1634 1635 return 0; 1636 } 1637 1638 const struct inode_operations ubifs_dir_inode_operations = { 1639 .lookup = ubifs_lookup, 1640 .create = ubifs_create, 1641 .link = ubifs_link, 1642 .symlink = ubifs_symlink, 1643 .unlink = ubifs_unlink, 1644 .mkdir = ubifs_mkdir, 1645 .rmdir = ubifs_rmdir, 1646 .mknod = ubifs_mknod, 1647 .rename = ubifs_rename, 1648 .setattr = ubifs_setattr, 1649 .getattr = ubifs_getattr, 1650 .listxattr = ubifs_listxattr, 1651 #ifdef CONFIG_UBIFS_ATIME_SUPPORT 1652 .update_time = ubifs_update_time, 1653 #endif 1654 .tmpfile = ubifs_tmpfile, 1655 }; 1656 1657 const struct file_operations ubifs_dir_operations = { 1658 .llseek = generic_file_llseek, 1659 .release = ubifs_dir_release, 1660 .read = generic_read_dir, 1661 .iterate_shared = ubifs_readdir, 1662 .fsync = ubifs_fsync, 1663 .unlocked_ioctl = ubifs_ioctl, 1664 .open = ubifs_dir_open, 1665 #ifdef CONFIG_COMPAT 1666 .compat_ioctl = ubifs_compat_ioctl, 1667 #endif 1668 }; 1669