1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_mount.h" 25 #include "xfs_da_format.h" 26 #include "xfs_inode.h" 27 #include "xfs_bmap.h" 28 #include "xfs_bmap_util.h" 29 #include "xfs_acl.h" 30 #include "xfs_quota.h" 31 #include "xfs_error.h" 32 #include "xfs_attr.h" 33 #include "xfs_trans.h" 34 #include "xfs_trace.h" 35 #include "xfs_icache.h" 36 #include "xfs_symlink.h" 37 #include "xfs_da_btree.h" 38 #include "xfs_dir2.h" 39 #include "xfs_trans_space.h" 40 #include "xfs_pnfs.h" 41 #include "xfs_iomap.h" 42 43 #include <linux/capability.h> 44 #include <linux/xattr.h> 45 #include <linux/posix_acl.h> 46 #include <linux/security.h> 47 #include <linux/iomap.h> 48 #include <linux/slab.h> 49 50 /* 51 * Directories have different lock order w.r.t. mmap_sem compared to regular 52 * files. This is due to readdir potentially triggering page faults on a user 53 * buffer inside filldir(), and this happens with the ilock on the directory 54 * held. For regular files, the lock order is the other way around - the 55 * mmap_sem is taken during the page fault, and then we lock the ilock to do 56 * block mapping. Hence we need a different class for the directory ilock so 57 * that lockdep can tell them apart. 58 */ 59 static struct lock_class_key xfs_nondir_ilock_class; 60 static struct lock_class_key xfs_dir_ilock_class; 61 62 static int 63 xfs_initxattrs( 64 struct inode *inode, 65 const struct xattr *xattr_array, 66 void *fs_info) 67 { 68 const struct xattr *xattr; 69 struct xfs_inode *ip = XFS_I(inode); 70 int error = 0; 71 72 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 73 error = xfs_attr_set(ip, xattr->name, xattr->value, 74 xattr->value_len, ATTR_SECURE); 75 if (error < 0) 76 break; 77 } 78 return error; 79 } 80 81 /* 82 * Hook in SELinux. This is not quite correct yet, what we really need 83 * here (as we do for default ACLs) is a mechanism by which creation of 84 * these attrs can be journalled at inode creation time (along with the 85 * inode, of course, such that log replay can't cause these to be lost). 86 */ 87 88 STATIC int 89 xfs_init_security( 90 struct inode *inode, 91 struct inode *dir, 92 const struct qstr *qstr) 93 { 94 return security_inode_init_security(inode, dir, qstr, 95 &xfs_initxattrs, NULL); 96 } 97 98 static void 99 xfs_dentry_to_name( 100 struct xfs_name *namep, 101 struct dentry *dentry) 102 { 103 namep->name = dentry->d_name.name; 104 namep->len = dentry->d_name.len; 105 namep->type = XFS_DIR3_FT_UNKNOWN; 106 } 107 108 static int 109 xfs_dentry_mode_to_name( 110 struct xfs_name *namep, 111 struct dentry *dentry, 112 int mode) 113 { 114 namep->name = dentry->d_name.name; 115 namep->len = dentry->d_name.len; 116 namep->type = xfs_mode_to_ftype(mode); 117 118 if (unlikely(namep->type == XFS_DIR3_FT_UNKNOWN)) 119 return -EFSCORRUPTED; 120 121 return 0; 122 } 123 124 STATIC void 125 xfs_cleanup_inode( 126 struct inode *dir, 127 struct inode *inode, 128 struct dentry *dentry) 129 { 130 struct xfs_name teardown; 131 132 /* Oh, the horror. 133 * If we can't add the ACL or we fail in 134 * xfs_init_security we must back out. 135 * ENOSPC can hit here, among other things. 136 */ 137 xfs_dentry_to_name(&teardown, dentry); 138 139 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode)); 140 } 141 142 STATIC int 143 xfs_generic_create( 144 struct inode *dir, 145 struct dentry *dentry, 146 umode_t mode, 147 dev_t rdev, 148 bool tmpfile) /* unnamed file */ 149 { 150 struct inode *inode; 151 struct xfs_inode *ip = NULL; 152 struct posix_acl *default_acl, *acl; 153 struct xfs_name name; 154 int error; 155 156 /* 157 * Irix uses Missed'em'V split, but doesn't want to see 158 * the upper 5 bits of (14bit) major. 159 */ 160 if (S_ISCHR(mode) || S_ISBLK(mode)) { 161 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) 162 return -EINVAL; 163 } else { 164 rdev = 0; 165 } 166 167 error = posix_acl_create(dir, &mode, &default_acl, &acl); 168 if (error) 169 return error; 170 171 /* Verify mode is valid also for tmpfile case */ 172 error = xfs_dentry_mode_to_name(&name, dentry, mode); 173 if (unlikely(error)) 174 goto out_free_acl; 175 176 if (!tmpfile) { 177 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); 178 } else { 179 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip); 180 } 181 if (unlikely(error)) 182 goto out_free_acl; 183 184 inode = VFS_I(ip); 185 186 error = xfs_init_security(inode, dir, &dentry->d_name); 187 if (unlikely(error)) 188 goto out_cleanup_inode; 189 190 #ifdef CONFIG_XFS_POSIX_ACL 191 if (default_acl) { 192 error = __xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); 193 if (error) 194 goto out_cleanup_inode; 195 } 196 if (acl) { 197 error = __xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); 198 if (error) 199 goto out_cleanup_inode; 200 } 201 #endif 202 203 xfs_setup_iops(ip); 204 205 if (tmpfile) 206 d_tmpfile(dentry, inode); 207 else 208 d_instantiate(dentry, inode); 209 210 xfs_finish_inode_setup(ip); 211 212 out_free_acl: 213 if (default_acl) 214 posix_acl_release(default_acl); 215 if (acl) 216 posix_acl_release(acl); 217 return error; 218 219 out_cleanup_inode: 220 xfs_finish_inode_setup(ip); 221 if (!tmpfile) 222 xfs_cleanup_inode(dir, inode, dentry); 223 iput(inode); 224 goto out_free_acl; 225 } 226 227 STATIC int 228 xfs_vn_mknod( 229 struct inode *dir, 230 struct dentry *dentry, 231 umode_t mode, 232 dev_t rdev) 233 { 234 return xfs_generic_create(dir, dentry, mode, rdev, false); 235 } 236 237 STATIC int 238 xfs_vn_create( 239 struct inode *dir, 240 struct dentry *dentry, 241 umode_t mode, 242 bool flags) 243 { 244 return xfs_vn_mknod(dir, dentry, mode, 0); 245 } 246 247 STATIC int 248 xfs_vn_mkdir( 249 struct inode *dir, 250 struct dentry *dentry, 251 umode_t mode) 252 { 253 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); 254 } 255 256 STATIC struct dentry * 257 xfs_vn_lookup( 258 struct inode *dir, 259 struct dentry *dentry, 260 unsigned int flags) 261 { 262 struct xfs_inode *cip; 263 struct xfs_name name; 264 int error; 265 266 if (dentry->d_name.len >= MAXNAMELEN) 267 return ERR_PTR(-ENAMETOOLONG); 268 269 xfs_dentry_to_name(&name, dentry); 270 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL); 271 if (unlikely(error)) { 272 if (unlikely(error != -ENOENT)) 273 return ERR_PTR(error); 274 d_add(dentry, NULL); 275 return NULL; 276 } 277 278 return d_splice_alias(VFS_I(cip), dentry); 279 } 280 281 STATIC struct dentry * 282 xfs_vn_ci_lookup( 283 struct inode *dir, 284 struct dentry *dentry, 285 unsigned int flags) 286 { 287 struct xfs_inode *ip; 288 struct xfs_name xname; 289 struct xfs_name ci_name; 290 struct qstr dname; 291 int error; 292 293 if (dentry->d_name.len >= MAXNAMELEN) 294 return ERR_PTR(-ENAMETOOLONG); 295 296 xfs_dentry_to_name(&xname, dentry); 297 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name); 298 if (unlikely(error)) { 299 if (unlikely(error != -ENOENT)) 300 return ERR_PTR(error); 301 /* 302 * call d_add(dentry, NULL) here when d_drop_negative_children 303 * is called in xfs_vn_mknod (ie. allow negative dentries 304 * with CI filesystems). 305 */ 306 return NULL; 307 } 308 309 /* if exact match, just splice and exit */ 310 if (!ci_name.name) 311 return d_splice_alias(VFS_I(ip), dentry); 312 313 /* else case-insensitive match... */ 314 dname.name = ci_name.name; 315 dname.len = ci_name.len; 316 dentry = d_add_ci(dentry, VFS_I(ip), &dname); 317 kmem_free(ci_name.name); 318 return dentry; 319 } 320 321 STATIC int 322 xfs_vn_link( 323 struct dentry *old_dentry, 324 struct inode *dir, 325 struct dentry *dentry) 326 { 327 struct inode *inode = d_inode(old_dentry); 328 struct xfs_name name; 329 int error; 330 331 error = xfs_dentry_mode_to_name(&name, dentry, inode->i_mode); 332 if (unlikely(error)) 333 return error; 334 335 error = xfs_link(XFS_I(dir), XFS_I(inode), &name); 336 if (unlikely(error)) 337 return error; 338 339 ihold(inode); 340 d_instantiate(dentry, inode); 341 return 0; 342 } 343 344 STATIC int 345 xfs_vn_unlink( 346 struct inode *dir, 347 struct dentry *dentry) 348 { 349 struct xfs_name name; 350 int error; 351 352 xfs_dentry_to_name(&name, dentry); 353 354 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry))); 355 if (error) 356 return error; 357 358 /* 359 * With unlink, the VFS makes the dentry "negative": no inode, 360 * but still hashed. This is incompatible with case-insensitive 361 * mode, so invalidate (unhash) the dentry in CI-mode. 362 */ 363 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb)) 364 d_invalidate(dentry); 365 return 0; 366 } 367 368 STATIC int 369 xfs_vn_symlink( 370 struct inode *dir, 371 struct dentry *dentry, 372 const char *symname) 373 { 374 struct inode *inode; 375 struct xfs_inode *cip = NULL; 376 struct xfs_name name; 377 int error; 378 umode_t mode; 379 380 mode = S_IFLNK | 381 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO); 382 error = xfs_dentry_mode_to_name(&name, dentry, mode); 383 if (unlikely(error)) 384 goto out; 385 386 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip); 387 if (unlikely(error)) 388 goto out; 389 390 inode = VFS_I(cip); 391 392 error = xfs_init_security(inode, dir, &dentry->d_name); 393 if (unlikely(error)) 394 goto out_cleanup_inode; 395 396 xfs_setup_iops(cip); 397 398 d_instantiate(dentry, inode); 399 xfs_finish_inode_setup(cip); 400 return 0; 401 402 out_cleanup_inode: 403 xfs_finish_inode_setup(cip); 404 xfs_cleanup_inode(dir, inode, dentry); 405 iput(inode); 406 out: 407 return error; 408 } 409 410 STATIC int 411 xfs_vn_rename( 412 struct inode *odir, 413 struct dentry *odentry, 414 struct inode *ndir, 415 struct dentry *ndentry, 416 unsigned int flags) 417 { 418 struct inode *new_inode = d_inode(ndentry); 419 int omode = 0; 420 int error; 421 struct xfs_name oname; 422 struct xfs_name nname; 423 424 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 425 return -EINVAL; 426 427 /* if we are exchanging files, we need to set i_mode of both files */ 428 if (flags & RENAME_EXCHANGE) 429 omode = d_inode(ndentry)->i_mode; 430 431 error = xfs_dentry_mode_to_name(&oname, odentry, omode); 432 if (omode && unlikely(error)) 433 return error; 434 435 error = xfs_dentry_mode_to_name(&nname, ndentry, 436 d_inode(odentry)->i_mode); 437 if (unlikely(error)) 438 return error; 439 440 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)), 441 XFS_I(ndir), &nname, 442 new_inode ? XFS_I(new_inode) : NULL, flags); 443 } 444 445 /* 446 * careful here - this function can get called recursively, so 447 * we need to be very careful about how much stack we use. 448 * uio is kmalloced for this reason... 449 */ 450 STATIC const char * 451 xfs_vn_get_link( 452 struct dentry *dentry, 453 struct inode *inode, 454 struct delayed_call *done) 455 { 456 char *link; 457 int error = -ENOMEM; 458 459 if (!dentry) 460 return ERR_PTR(-ECHILD); 461 462 link = kmalloc(XFS_SYMLINK_MAXLEN+1, GFP_KERNEL); 463 if (!link) 464 goto out_err; 465 466 error = xfs_readlink(XFS_I(d_inode(dentry)), link); 467 if (unlikely(error)) 468 goto out_kfree; 469 470 set_delayed_call(done, kfree_link, link); 471 return link; 472 473 out_kfree: 474 kfree(link); 475 out_err: 476 return ERR_PTR(error); 477 } 478 479 STATIC const char * 480 xfs_vn_get_link_inline( 481 struct dentry *dentry, 482 struct inode *inode, 483 struct delayed_call *done) 484 { 485 ASSERT(XFS_I(inode)->i_df.if_flags & XFS_IFINLINE); 486 return XFS_I(inode)->i_df.if_u1.if_data; 487 } 488 489 STATIC int 490 xfs_vn_getattr( 491 const struct path *path, 492 struct kstat *stat, 493 u32 request_mask, 494 unsigned int query_flags) 495 { 496 struct inode *inode = d_inode(path->dentry); 497 struct xfs_inode *ip = XFS_I(inode); 498 struct xfs_mount *mp = ip->i_mount; 499 500 trace_xfs_getattr(ip); 501 502 if (XFS_FORCED_SHUTDOWN(mp)) 503 return -EIO; 504 505 stat->size = XFS_ISIZE(ip); 506 stat->dev = inode->i_sb->s_dev; 507 stat->mode = inode->i_mode; 508 stat->nlink = inode->i_nlink; 509 stat->uid = inode->i_uid; 510 stat->gid = inode->i_gid; 511 stat->ino = ip->i_ino; 512 stat->atime = inode->i_atime; 513 stat->mtime = inode->i_mtime; 514 stat->ctime = inode->i_ctime; 515 stat->blocks = 516 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks); 517 518 if (ip->i_d.di_version == 3) { 519 if (request_mask & STATX_BTIME) { 520 stat->result_mask |= STATX_BTIME; 521 stat->btime.tv_sec = ip->i_d.di_crtime.t_sec; 522 stat->btime.tv_nsec = ip->i_d.di_crtime.t_nsec; 523 } 524 } 525 526 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE) 527 stat->attributes |= STATX_ATTR_IMMUTABLE; 528 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND) 529 stat->attributes |= STATX_ATTR_APPEND; 530 if (ip->i_d.di_flags & XFS_DIFLAG_NODUMP) 531 stat->attributes |= STATX_ATTR_NODUMP; 532 533 switch (inode->i_mode & S_IFMT) { 534 case S_IFBLK: 535 case S_IFCHR: 536 stat->blksize = BLKDEV_IOSIZE; 537 stat->rdev = inode->i_rdev; 538 break; 539 default: 540 if (XFS_IS_REALTIME_INODE(ip)) { 541 /* 542 * If the file blocks are being allocated from a 543 * realtime volume, then return the inode's realtime 544 * extent size or the realtime volume's extent size. 545 */ 546 stat->blksize = 547 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog; 548 } else 549 stat->blksize = xfs_preferred_iosize(mp); 550 stat->rdev = 0; 551 break; 552 } 553 554 return 0; 555 } 556 557 static void 558 xfs_setattr_mode( 559 struct xfs_inode *ip, 560 struct iattr *iattr) 561 { 562 struct inode *inode = VFS_I(ip); 563 umode_t mode = iattr->ia_mode; 564 565 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 566 567 inode->i_mode &= S_IFMT; 568 inode->i_mode |= mode & ~S_IFMT; 569 } 570 571 void 572 xfs_setattr_time( 573 struct xfs_inode *ip, 574 struct iattr *iattr) 575 { 576 struct inode *inode = VFS_I(ip); 577 578 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 579 580 if (iattr->ia_valid & ATTR_ATIME) 581 inode->i_atime = iattr->ia_atime; 582 if (iattr->ia_valid & ATTR_CTIME) 583 inode->i_ctime = iattr->ia_ctime; 584 if (iattr->ia_valid & ATTR_MTIME) 585 inode->i_mtime = iattr->ia_mtime; 586 } 587 588 static int 589 xfs_vn_change_ok( 590 struct dentry *dentry, 591 struct iattr *iattr) 592 { 593 struct xfs_mount *mp = XFS_I(d_inode(dentry))->i_mount; 594 595 if (mp->m_flags & XFS_MOUNT_RDONLY) 596 return -EROFS; 597 598 if (XFS_FORCED_SHUTDOWN(mp)) 599 return -EIO; 600 601 return setattr_prepare(dentry, iattr); 602 } 603 604 /* 605 * Set non-size attributes of an inode. 606 * 607 * Caution: The caller of this function is responsible for calling 608 * setattr_prepare() or otherwise verifying the change is fine. 609 */ 610 int 611 xfs_setattr_nonsize( 612 struct xfs_inode *ip, 613 struct iattr *iattr, 614 int flags) 615 { 616 xfs_mount_t *mp = ip->i_mount; 617 struct inode *inode = VFS_I(ip); 618 int mask = iattr->ia_valid; 619 xfs_trans_t *tp; 620 int error; 621 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID; 622 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID; 623 struct xfs_dquot *udqp = NULL, *gdqp = NULL; 624 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL; 625 626 ASSERT((mask & ATTR_SIZE) == 0); 627 628 /* 629 * If disk quotas is on, we make sure that the dquots do exist on disk, 630 * before we start any other transactions. Trying to do this later 631 * is messy. We don't care to take a readlock to look at the ids 632 * in inode here, because we can't hold it across the trans_reserve. 633 * If the IDs do change before we take the ilock, we're covered 634 * because the i_*dquot fields will get updated anyway. 635 */ 636 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) { 637 uint qflags = 0; 638 639 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) { 640 uid = iattr->ia_uid; 641 qflags |= XFS_QMOPT_UQUOTA; 642 } else { 643 uid = inode->i_uid; 644 } 645 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) { 646 gid = iattr->ia_gid; 647 qflags |= XFS_QMOPT_GQUOTA; 648 } else { 649 gid = inode->i_gid; 650 } 651 652 /* 653 * We take a reference when we initialize udqp and gdqp, 654 * so it is important that we never blindly double trip on 655 * the same variable. See xfs_create() for an example. 656 */ 657 ASSERT(udqp == NULL); 658 ASSERT(gdqp == NULL); 659 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid), 660 xfs_kgid_to_gid(gid), 661 xfs_get_projid(ip), 662 qflags, &udqp, &gdqp, NULL); 663 if (error) 664 return error; 665 } 666 667 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_ichange, 0, 0, 0, &tp); 668 if (error) 669 goto out_dqrele; 670 671 xfs_ilock(ip, XFS_ILOCK_EXCL); 672 xfs_trans_ijoin(tp, ip, 0); 673 674 /* 675 * Change file ownership. Must be the owner or privileged. 676 */ 677 if (mask & (ATTR_UID|ATTR_GID)) { 678 /* 679 * These IDs could have changed since we last looked at them. 680 * But, we're assured that if the ownership did change 681 * while we didn't have the inode locked, inode's dquot(s) 682 * would have changed also. 683 */ 684 iuid = inode->i_uid; 685 igid = inode->i_gid; 686 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid; 687 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid; 688 689 /* 690 * Do a quota reservation only if uid/gid is actually 691 * going to change. 692 */ 693 if (XFS_IS_QUOTA_RUNNING(mp) && 694 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) || 695 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) { 696 ASSERT(tp); 697 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp, 698 NULL, capable(CAP_FOWNER) ? 699 XFS_QMOPT_FORCE_RES : 0); 700 if (error) /* out of quota */ 701 goto out_cancel; 702 } 703 } 704 705 /* 706 * Change file ownership. Must be the owner or privileged. 707 */ 708 if (mask & (ATTR_UID|ATTR_GID)) { 709 /* 710 * CAP_FSETID overrides the following restrictions: 711 * 712 * The set-user-ID and set-group-ID bits of a file will be 713 * cleared upon successful return from chown() 714 */ 715 if ((inode->i_mode & (S_ISUID|S_ISGID)) && 716 !capable(CAP_FSETID)) 717 inode->i_mode &= ~(S_ISUID|S_ISGID); 718 719 /* 720 * Change the ownerships and register quota modifications 721 * in the transaction. 722 */ 723 if (!uid_eq(iuid, uid)) { 724 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) { 725 ASSERT(mask & ATTR_UID); 726 ASSERT(udqp); 727 olddquot1 = xfs_qm_vop_chown(tp, ip, 728 &ip->i_udquot, udqp); 729 } 730 ip->i_d.di_uid = xfs_kuid_to_uid(uid); 731 inode->i_uid = uid; 732 } 733 if (!gid_eq(igid, gid)) { 734 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) { 735 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) || 736 !XFS_IS_PQUOTA_ON(mp)); 737 ASSERT(mask & ATTR_GID); 738 ASSERT(gdqp); 739 olddquot2 = xfs_qm_vop_chown(tp, ip, 740 &ip->i_gdquot, gdqp); 741 } 742 ip->i_d.di_gid = xfs_kgid_to_gid(gid); 743 inode->i_gid = gid; 744 } 745 } 746 747 if (mask & ATTR_MODE) 748 xfs_setattr_mode(ip, iattr); 749 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 750 xfs_setattr_time(ip, iattr); 751 752 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 753 754 XFS_STATS_INC(mp, xs_ig_attrchg); 755 756 if (mp->m_flags & XFS_MOUNT_WSYNC) 757 xfs_trans_set_sync(tp); 758 error = xfs_trans_commit(tp); 759 760 xfs_iunlock(ip, XFS_ILOCK_EXCL); 761 762 /* 763 * Release any dquot(s) the inode had kept before chown. 764 */ 765 xfs_qm_dqrele(olddquot1); 766 xfs_qm_dqrele(olddquot2); 767 xfs_qm_dqrele(udqp); 768 xfs_qm_dqrele(gdqp); 769 770 if (error) 771 return error; 772 773 /* 774 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode 775 * update. We could avoid this with linked transactions 776 * and passing down the transaction pointer all the way 777 * to attr_set. No previous user of the generic 778 * Posix ACL code seems to care about this issue either. 779 */ 780 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { 781 error = posix_acl_chmod(inode, inode->i_mode); 782 if (error) 783 return error; 784 } 785 786 return 0; 787 788 out_cancel: 789 xfs_trans_cancel(tp); 790 out_dqrele: 791 xfs_qm_dqrele(udqp); 792 xfs_qm_dqrele(gdqp); 793 return error; 794 } 795 796 int 797 xfs_vn_setattr_nonsize( 798 struct dentry *dentry, 799 struct iattr *iattr) 800 { 801 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 802 int error; 803 804 trace_xfs_setattr(ip); 805 806 error = xfs_vn_change_ok(dentry, iattr); 807 if (error) 808 return error; 809 return xfs_setattr_nonsize(ip, iattr, 0); 810 } 811 812 /* 813 * Truncate file. Must have write permission and not be a directory. 814 * 815 * Caution: The caller of this function is responsible for calling 816 * setattr_prepare() or otherwise verifying the change is fine. 817 */ 818 STATIC int 819 xfs_setattr_size( 820 struct xfs_inode *ip, 821 struct iattr *iattr) 822 { 823 struct xfs_mount *mp = ip->i_mount; 824 struct inode *inode = VFS_I(ip); 825 xfs_off_t oldsize, newsize; 826 struct xfs_trans *tp; 827 int error; 828 uint lock_flags = 0; 829 bool did_zeroing = false; 830 831 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); 832 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL)); 833 ASSERT(S_ISREG(inode->i_mode)); 834 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| 835 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); 836 837 oldsize = inode->i_size; 838 newsize = iattr->ia_size; 839 840 /* 841 * Short circuit the truncate case for zero length files. 842 */ 843 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) { 844 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME))) 845 return 0; 846 847 /* 848 * Use the regular setattr path to update the timestamps. 849 */ 850 iattr->ia_valid &= ~ATTR_SIZE; 851 return xfs_setattr_nonsize(ip, iattr, 0); 852 } 853 854 /* 855 * Make sure that the dquots are attached to the inode. 856 */ 857 error = xfs_qm_dqattach(ip, 0); 858 if (error) 859 return error; 860 861 /* 862 * Wait for all direct I/O to complete. 863 */ 864 inode_dio_wait(inode); 865 866 /* 867 * File data changes must be complete before we start the transaction to 868 * modify the inode. This needs to be done before joining the inode to 869 * the transaction because the inode cannot be unlocked once it is a 870 * part of the transaction. 871 * 872 * Start with zeroing any data beyond EOF that we may expose on file 873 * extension, or zeroing out the rest of the block on a downward 874 * truncate. 875 */ 876 if (newsize > oldsize) { 877 error = xfs_zero_eof(ip, newsize, oldsize, &did_zeroing); 878 } else { 879 error = iomap_truncate_page(inode, newsize, &did_zeroing, 880 &xfs_iomap_ops); 881 } 882 883 if (error) 884 return error; 885 886 /* 887 * We've already locked out new page faults, so now we can safely remove 888 * pages from the page cache knowing they won't get refaulted until we 889 * drop the XFS_MMAP_EXCL lock after the extent manipulations are 890 * complete. The truncate_setsize() call also cleans partial EOF page 891 * PTEs on extending truncates and hence ensures sub-page block size 892 * filesystems are correctly handled, too. 893 * 894 * We have to do all the page cache truncate work outside the 895 * transaction context as the "lock" order is page lock->log space 896 * reservation as defined by extent allocation in the writeback path. 897 * Hence a truncate can fail with ENOMEM from xfs_trans_alloc(), but 898 * having already truncated the in-memory version of the file (i.e. made 899 * user visible changes). There's not much we can do about this, except 900 * to hope that the caller sees ENOMEM and retries the truncate 901 * operation. 902 * 903 * And we update in-core i_size and truncate page cache beyond newsize 904 * before writeback the [di_size, newsize] range, so we're guaranteed 905 * not to write stale data past the new EOF on truncate down. 906 */ 907 truncate_setsize(inode, newsize); 908 909 /* 910 * We are going to log the inode size change in this transaction so 911 * any previous writes that are beyond the on disk EOF and the new 912 * EOF that have not been written out need to be written here. If we 913 * do not write the data out, we expose ourselves to the null files 914 * problem. Note that this includes any block zeroing we did above; 915 * otherwise those blocks may not be zeroed after a crash. 916 */ 917 if (did_zeroing || 918 (newsize > ip->i_d.di_size && oldsize != ip->i_d.di_size)) { 919 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping, 920 ip->i_d.di_size, newsize - 1); 921 if (error) 922 return error; 923 } 924 925 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate, 0, 0, 0, &tp); 926 if (error) 927 return error; 928 929 lock_flags |= XFS_ILOCK_EXCL; 930 xfs_ilock(ip, XFS_ILOCK_EXCL); 931 xfs_trans_ijoin(tp, ip, 0); 932 933 /* 934 * Only change the c/mtime if we are changing the size or we are 935 * explicitly asked to change it. This handles the semantic difference 936 * between truncate() and ftruncate() as implemented in the VFS. 937 * 938 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a 939 * special case where we need to update the times despite not having 940 * these flags set. For all other operations the VFS set these flags 941 * explicitly if it wants a timestamp update. 942 */ 943 if (newsize != oldsize && 944 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) { 945 iattr->ia_ctime = iattr->ia_mtime = 946 current_time(inode); 947 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME; 948 } 949 950 /* 951 * The first thing we do is set the size to new_size permanently on 952 * disk. This way we don't have to worry about anyone ever being able 953 * to look at the data being freed even in the face of a crash. 954 * What we're getting around here is the case where we free a block, it 955 * is allocated to another file, it is written to, and then we crash. 956 * If the new data gets written to the file but the log buffers 957 * containing the free and reallocation don't, then we'd end up with 958 * garbage in the blocks being freed. As long as we make the new size 959 * permanent before actually freeing any blocks it doesn't matter if 960 * they get written to. 961 */ 962 ip->i_d.di_size = newsize; 963 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 964 965 if (newsize <= oldsize) { 966 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize); 967 if (error) 968 goto out_trans_cancel; 969 970 /* 971 * Truncated "down", so we're removing references to old data 972 * here - if we delay flushing for a long time, we expose 973 * ourselves unduly to the notorious NULL files problem. So, 974 * we mark this inode and flush it when the file is closed, 975 * and do not wait the usual (long) time for writeout. 976 */ 977 xfs_iflags_set(ip, XFS_ITRUNCATED); 978 979 /* A truncate down always removes post-EOF blocks. */ 980 xfs_inode_clear_eofblocks_tag(ip); 981 } 982 983 if (iattr->ia_valid & ATTR_MODE) 984 xfs_setattr_mode(ip, iattr); 985 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 986 xfs_setattr_time(ip, iattr); 987 988 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 989 990 XFS_STATS_INC(mp, xs_ig_attrchg); 991 992 if (mp->m_flags & XFS_MOUNT_WSYNC) 993 xfs_trans_set_sync(tp); 994 995 error = xfs_trans_commit(tp); 996 out_unlock: 997 if (lock_flags) 998 xfs_iunlock(ip, lock_flags); 999 return error; 1000 1001 out_trans_cancel: 1002 xfs_trans_cancel(tp); 1003 goto out_unlock; 1004 } 1005 1006 int 1007 xfs_vn_setattr_size( 1008 struct dentry *dentry, 1009 struct iattr *iattr) 1010 { 1011 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1012 int error; 1013 1014 trace_xfs_setattr(ip); 1015 1016 error = xfs_vn_change_ok(dentry, iattr); 1017 if (error) 1018 return error; 1019 return xfs_setattr_size(ip, iattr); 1020 } 1021 1022 STATIC int 1023 xfs_vn_setattr( 1024 struct dentry *dentry, 1025 struct iattr *iattr) 1026 { 1027 int error; 1028 1029 if (iattr->ia_valid & ATTR_SIZE) { 1030 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 1031 uint iolock = XFS_IOLOCK_EXCL; 1032 1033 error = xfs_break_layouts(d_inode(dentry), &iolock); 1034 if (error) 1035 return error; 1036 1037 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 1038 error = xfs_vn_setattr_size(dentry, iattr); 1039 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL); 1040 } else { 1041 error = xfs_vn_setattr_nonsize(dentry, iattr); 1042 } 1043 1044 return error; 1045 } 1046 1047 STATIC int 1048 xfs_vn_update_time( 1049 struct inode *inode, 1050 struct timespec *now, 1051 int flags) 1052 { 1053 struct xfs_inode *ip = XFS_I(inode); 1054 struct xfs_mount *mp = ip->i_mount; 1055 struct xfs_trans *tp; 1056 int error; 1057 1058 trace_xfs_update_time(ip); 1059 1060 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_fsyncts, 0, 0, 0, &tp); 1061 if (error) 1062 return error; 1063 1064 xfs_ilock(ip, XFS_ILOCK_EXCL); 1065 if (flags & S_CTIME) 1066 inode->i_ctime = *now; 1067 if (flags & S_MTIME) 1068 inode->i_mtime = *now; 1069 if (flags & S_ATIME) 1070 inode->i_atime = *now; 1071 1072 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 1073 xfs_trans_log_inode(tp, ip, XFS_ILOG_TIMESTAMP); 1074 return xfs_trans_commit(tp); 1075 } 1076 1077 STATIC int 1078 xfs_vn_fiemap( 1079 struct inode *inode, 1080 struct fiemap_extent_info *fieinfo, 1081 u64 start, 1082 u64 length) 1083 { 1084 int error; 1085 1086 xfs_ilock(XFS_I(inode), XFS_IOLOCK_SHARED); 1087 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) { 1088 fieinfo->fi_flags &= ~FIEMAP_FLAG_XATTR; 1089 error = iomap_fiemap(inode, fieinfo, start, length, 1090 &xfs_xattr_iomap_ops); 1091 } else { 1092 error = iomap_fiemap(inode, fieinfo, start, length, 1093 &xfs_iomap_ops); 1094 } 1095 xfs_iunlock(XFS_I(inode), XFS_IOLOCK_SHARED); 1096 1097 return error; 1098 } 1099 1100 STATIC int 1101 xfs_vn_tmpfile( 1102 struct inode *dir, 1103 struct dentry *dentry, 1104 umode_t mode) 1105 { 1106 return xfs_generic_create(dir, dentry, mode, 0, true); 1107 } 1108 1109 static const struct inode_operations xfs_inode_operations = { 1110 .get_acl = xfs_get_acl, 1111 .set_acl = xfs_set_acl, 1112 .getattr = xfs_vn_getattr, 1113 .setattr = xfs_vn_setattr, 1114 .listxattr = xfs_vn_listxattr, 1115 .fiemap = xfs_vn_fiemap, 1116 .update_time = xfs_vn_update_time, 1117 }; 1118 1119 static const struct inode_operations xfs_dir_inode_operations = { 1120 .create = xfs_vn_create, 1121 .lookup = xfs_vn_lookup, 1122 .link = xfs_vn_link, 1123 .unlink = xfs_vn_unlink, 1124 .symlink = xfs_vn_symlink, 1125 .mkdir = xfs_vn_mkdir, 1126 /* 1127 * Yes, XFS uses the same method for rmdir and unlink. 1128 * 1129 * There are some subtile differences deeper in the code, 1130 * but we use S_ISDIR to check for those. 1131 */ 1132 .rmdir = xfs_vn_unlink, 1133 .mknod = xfs_vn_mknod, 1134 .rename = xfs_vn_rename, 1135 .get_acl = xfs_get_acl, 1136 .set_acl = xfs_set_acl, 1137 .getattr = xfs_vn_getattr, 1138 .setattr = xfs_vn_setattr, 1139 .listxattr = xfs_vn_listxattr, 1140 .update_time = xfs_vn_update_time, 1141 .tmpfile = xfs_vn_tmpfile, 1142 }; 1143 1144 static const struct inode_operations xfs_dir_ci_inode_operations = { 1145 .create = xfs_vn_create, 1146 .lookup = xfs_vn_ci_lookup, 1147 .link = xfs_vn_link, 1148 .unlink = xfs_vn_unlink, 1149 .symlink = xfs_vn_symlink, 1150 .mkdir = xfs_vn_mkdir, 1151 /* 1152 * Yes, XFS uses the same method for rmdir and unlink. 1153 * 1154 * There are some subtile differences deeper in the code, 1155 * but we use S_ISDIR to check for those. 1156 */ 1157 .rmdir = xfs_vn_unlink, 1158 .mknod = xfs_vn_mknod, 1159 .rename = xfs_vn_rename, 1160 .get_acl = xfs_get_acl, 1161 .set_acl = xfs_set_acl, 1162 .getattr = xfs_vn_getattr, 1163 .setattr = xfs_vn_setattr, 1164 .listxattr = xfs_vn_listxattr, 1165 .update_time = xfs_vn_update_time, 1166 .tmpfile = xfs_vn_tmpfile, 1167 }; 1168 1169 static const struct inode_operations xfs_symlink_inode_operations = { 1170 .get_link = xfs_vn_get_link, 1171 .getattr = xfs_vn_getattr, 1172 .setattr = xfs_vn_setattr, 1173 .listxattr = xfs_vn_listxattr, 1174 .update_time = xfs_vn_update_time, 1175 }; 1176 1177 static const struct inode_operations xfs_inline_symlink_inode_operations = { 1178 .get_link = xfs_vn_get_link_inline, 1179 .getattr = xfs_vn_getattr, 1180 .setattr = xfs_vn_setattr, 1181 .listxattr = xfs_vn_listxattr, 1182 .update_time = xfs_vn_update_time, 1183 }; 1184 1185 STATIC void 1186 xfs_diflags_to_iflags( 1187 struct inode *inode, 1188 struct xfs_inode *ip) 1189 { 1190 uint16_t flags = ip->i_d.di_flags; 1191 1192 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | 1193 S_NOATIME | S_DAX); 1194 1195 if (flags & XFS_DIFLAG_IMMUTABLE) 1196 inode->i_flags |= S_IMMUTABLE; 1197 if (flags & XFS_DIFLAG_APPEND) 1198 inode->i_flags |= S_APPEND; 1199 if (flags & XFS_DIFLAG_SYNC) 1200 inode->i_flags |= S_SYNC; 1201 if (flags & XFS_DIFLAG_NOATIME) 1202 inode->i_flags |= S_NOATIME; 1203 if (S_ISREG(inode->i_mode) && 1204 ip->i_mount->m_sb.sb_blocksize == PAGE_SIZE && 1205 !xfs_is_reflink_inode(ip) && 1206 (ip->i_mount->m_flags & XFS_MOUNT_DAX || 1207 ip->i_d.di_flags2 & XFS_DIFLAG2_DAX)) 1208 inode->i_flags |= S_DAX; 1209 } 1210 1211 /* 1212 * Initialize the Linux inode. 1213 * 1214 * When reading existing inodes from disk this is called directly from xfs_iget, 1215 * when creating a new inode it is called from xfs_ialloc after setting up the 1216 * inode. These callers have different criteria for clearing XFS_INEW, so leave 1217 * it up to the caller to deal with unlocking the inode appropriately. 1218 */ 1219 void 1220 xfs_setup_inode( 1221 struct xfs_inode *ip) 1222 { 1223 struct inode *inode = &ip->i_vnode; 1224 gfp_t gfp_mask; 1225 1226 inode->i_ino = ip->i_ino; 1227 inode->i_state = I_NEW; 1228 1229 inode_sb_list_add(inode); 1230 /* make the inode look hashed for the writeback code */ 1231 hlist_add_fake(&inode->i_hash); 1232 1233 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid); 1234 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid); 1235 1236 i_size_write(inode, ip->i_d.di_size); 1237 xfs_diflags_to_iflags(inode, ip); 1238 1239 if (S_ISDIR(inode->i_mode)) { 1240 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class); 1241 ip->d_ops = ip->i_mount->m_dir_inode_ops; 1242 } else { 1243 ip->d_ops = ip->i_mount->m_nondir_inode_ops; 1244 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class); 1245 } 1246 1247 /* 1248 * Ensure all page cache allocations are done from GFP_NOFS context to 1249 * prevent direct reclaim recursion back into the filesystem and blowing 1250 * stacks or deadlocking. 1251 */ 1252 gfp_mask = mapping_gfp_mask(inode->i_mapping); 1253 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS))); 1254 1255 /* 1256 * If there is no attribute fork no ACL can exist on this inode, 1257 * and it can't have any file capabilities attached to it either. 1258 */ 1259 if (!XFS_IFORK_Q(ip)) { 1260 inode_has_no_xattr(inode); 1261 cache_no_acl(inode); 1262 } 1263 } 1264 1265 void 1266 xfs_setup_iops( 1267 struct xfs_inode *ip) 1268 { 1269 struct inode *inode = &ip->i_vnode; 1270 1271 switch (inode->i_mode & S_IFMT) { 1272 case S_IFREG: 1273 inode->i_op = &xfs_inode_operations; 1274 inode->i_fop = &xfs_file_operations; 1275 inode->i_mapping->a_ops = &xfs_address_space_operations; 1276 break; 1277 case S_IFDIR: 1278 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb)) 1279 inode->i_op = &xfs_dir_ci_inode_operations; 1280 else 1281 inode->i_op = &xfs_dir_inode_operations; 1282 inode->i_fop = &xfs_dir_file_operations; 1283 break; 1284 case S_IFLNK: 1285 if (ip->i_df.if_flags & XFS_IFINLINE) 1286 inode->i_op = &xfs_inline_symlink_inode_operations; 1287 else 1288 inode->i_op = &xfs_symlink_inode_operations; 1289 break; 1290 default: 1291 inode->i_op = &xfs_inode_operations; 1292 init_special_inode(inode, inode->i_mode, inode->i_rdev); 1293 break; 1294 } 1295 } 1296