1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_mount.h" 25 #include "xfs_da_format.h" 26 #include "xfs_inode.h" 27 #include "xfs_bmap.h" 28 #include "xfs_bmap_util.h" 29 #include "xfs_acl.h" 30 #include "xfs_quota.h" 31 #include "xfs_error.h" 32 #include "xfs_attr.h" 33 #include "xfs_trans.h" 34 #include "xfs_trace.h" 35 #include "xfs_icache.h" 36 #include "xfs_symlink.h" 37 #include "xfs_da_btree.h" 38 #include "xfs_dir2.h" 39 #include "xfs_trans_space.h" 40 #include "xfs_pnfs.h" 41 42 #include <linux/capability.h> 43 #include <linux/xattr.h> 44 #include <linux/posix_acl.h> 45 #include <linux/security.h> 46 #include <linux/fiemap.h> 47 #include <linux/slab.h> 48 49 /* 50 * Directories have different lock order w.r.t. mmap_sem compared to regular 51 * files. This is due to readdir potentially triggering page faults on a user 52 * buffer inside filldir(), and this happens with the ilock on the directory 53 * held. For regular files, the lock order is the other way around - the 54 * mmap_sem is taken during the page fault, and then we lock the ilock to do 55 * block mapping. Hence we need a different class for the directory ilock so 56 * that lockdep can tell them apart. 57 */ 58 static struct lock_class_key xfs_nondir_ilock_class; 59 static struct lock_class_key xfs_dir_ilock_class; 60 61 static int 62 xfs_initxattrs( 63 struct inode *inode, 64 const struct xattr *xattr_array, 65 void *fs_info) 66 { 67 const struct xattr *xattr; 68 struct xfs_inode *ip = XFS_I(inode); 69 int error = 0; 70 71 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 72 error = xfs_attr_set(ip, xattr->name, xattr->value, 73 xattr->value_len, ATTR_SECURE); 74 if (error < 0) 75 break; 76 } 77 return error; 78 } 79 80 /* 81 * Hook in SELinux. This is not quite correct yet, what we really need 82 * here (as we do for default ACLs) is a mechanism by which creation of 83 * these attrs can be journalled at inode creation time (along with the 84 * inode, of course, such that log replay can't cause these to be lost). 85 */ 86 87 STATIC int 88 xfs_init_security( 89 struct inode *inode, 90 struct inode *dir, 91 const struct qstr *qstr) 92 { 93 return security_inode_init_security(inode, dir, qstr, 94 &xfs_initxattrs, NULL); 95 } 96 97 static void 98 xfs_dentry_to_name( 99 struct xfs_name *namep, 100 struct dentry *dentry, 101 int mode) 102 { 103 namep->name = dentry->d_name.name; 104 namep->len = dentry->d_name.len; 105 namep->type = xfs_mode_to_ftype[(mode & S_IFMT) >> S_SHIFT]; 106 } 107 108 STATIC void 109 xfs_cleanup_inode( 110 struct inode *dir, 111 struct inode *inode, 112 struct dentry *dentry) 113 { 114 struct xfs_name teardown; 115 116 /* Oh, the horror. 117 * If we can't add the ACL or we fail in 118 * xfs_init_security we must back out. 119 * ENOSPC can hit here, among other things. 120 */ 121 xfs_dentry_to_name(&teardown, dentry, 0); 122 123 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode)); 124 } 125 126 STATIC int 127 xfs_generic_create( 128 struct inode *dir, 129 struct dentry *dentry, 130 umode_t mode, 131 dev_t rdev, 132 bool tmpfile) /* unnamed file */ 133 { 134 struct inode *inode; 135 struct xfs_inode *ip = NULL; 136 struct posix_acl *default_acl, *acl; 137 struct xfs_name name; 138 int error; 139 140 /* 141 * Irix uses Missed'em'V split, but doesn't want to see 142 * the upper 5 bits of (14bit) major. 143 */ 144 if (S_ISCHR(mode) || S_ISBLK(mode)) { 145 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) 146 return -EINVAL; 147 rdev = sysv_encode_dev(rdev); 148 } else { 149 rdev = 0; 150 } 151 152 error = posix_acl_create(dir, &mode, &default_acl, &acl); 153 if (error) 154 return error; 155 156 if (!tmpfile) { 157 xfs_dentry_to_name(&name, dentry, mode); 158 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); 159 } else { 160 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip); 161 } 162 if (unlikely(error)) 163 goto out_free_acl; 164 165 inode = VFS_I(ip); 166 167 error = xfs_init_security(inode, dir, &dentry->d_name); 168 if (unlikely(error)) 169 goto out_cleanup_inode; 170 171 #ifdef CONFIG_XFS_POSIX_ACL 172 if (default_acl) { 173 error = xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); 174 if (error) 175 goto out_cleanup_inode; 176 } 177 if (acl) { 178 error = xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); 179 if (error) 180 goto out_cleanup_inode; 181 } 182 #endif 183 184 if (tmpfile) 185 d_tmpfile(dentry, inode); 186 else 187 d_instantiate(dentry, inode); 188 189 xfs_finish_inode_setup(ip); 190 191 out_free_acl: 192 if (default_acl) 193 posix_acl_release(default_acl); 194 if (acl) 195 posix_acl_release(acl); 196 return error; 197 198 out_cleanup_inode: 199 xfs_finish_inode_setup(ip); 200 if (!tmpfile) 201 xfs_cleanup_inode(dir, inode, dentry); 202 iput(inode); 203 goto out_free_acl; 204 } 205 206 STATIC int 207 xfs_vn_mknod( 208 struct inode *dir, 209 struct dentry *dentry, 210 umode_t mode, 211 dev_t rdev) 212 { 213 return xfs_generic_create(dir, dentry, mode, rdev, false); 214 } 215 216 STATIC int 217 xfs_vn_create( 218 struct inode *dir, 219 struct dentry *dentry, 220 umode_t mode, 221 bool flags) 222 { 223 return xfs_vn_mknod(dir, dentry, mode, 0); 224 } 225 226 STATIC int 227 xfs_vn_mkdir( 228 struct inode *dir, 229 struct dentry *dentry, 230 umode_t mode) 231 { 232 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); 233 } 234 235 STATIC struct dentry * 236 xfs_vn_lookup( 237 struct inode *dir, 238 struct dentry *dentry, 239 unsigned int flags) 240 { 241 struct xfs_inode *cip; 242 struct xfs_name name; 243 int error; 244 245 if (dentry->d_name.len >= MAXNAMELEN) 246 return ERR_PTR(-ENAMETOOLONG); 247 248 xfs_dentry_to_name(&name, dentry, 0); 249 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL); 250 if (unlikely(error)) { 251 if (unlikely(error != -ENOENT)) 252 return ERR_PTR(error); 253 d_add(dentry, NULL); 254 return NULL; 255 } 256 257 return d_splice_alias(VFS_I(cip), dentry); 258 } 259 260 STATIC struct dentry * 261 xfs_vn_ci_lookup( 262 struct inode *dir, 263 struct dentry *dentry, 264 unsigned int flags) 265 { 266 struct xfs_inode *ip; 267 struct xfs_name xname; 268 struct xfs_name ci_name; 269 struct qstr dname; 270 int error; 271 272 if (dentry->d_name.len >= MAXNAMELEN) 273 return ERR_PTR(-ENAMETOOLONG); 274 275 xfs_dentry_to_name(&xname, dentry, 0); 276 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name); 277 if (unlikely(error)) { 278 if (unlikely(error != -ENOENT)) 279 return ERR_PTR(error); 280 /* 281 * call d_add(dentry, NULL) here when d_drop_negative_children 282 * is called in xfs_vn_mknod (ie. allow negative dentries 283 * with CI filesystems). 284 */ 285 return NULL; 286 } 287 288 /* if exact match, just splice and exit */ 289 if (!ci_name.name) 290 return d_splice_alias(VFS_I(ip), dentry); 291 292 /* else case-insensitive match... */ 293 dname.name = ci_name.name; 294 dname.len = ci_name.len; 295 dentry = d_add_ci(dentry, VFS_I(ip), &dname); 296 kmem_free(ci_name.name); 297 return dentry; 298 } 299 300 STATIC int 301 xfs_vn_link( 302 struct dentry *old_dentry, 303 struct inode *dir, 304 struct dentry *dentry) 305 { 306 struct inode *inode = d_inode(old_dentry); 307 struct xfs_name name; 308 int error; 309 310 xfs_dentry_to_name(&name, dentry, inode->i_mode); 311 312 error = xfs_link(XFS_I(dir), XFS_I(inode), &name); 313 if (unlikely(error)) 314 return error; 315 316 ihold(inode); 317 d_instantiate(dentry, inode); 318 return 0; 319 } 320 321 STATIC int 322 xfs_vn_unlink( 323 struct inode *dir, 324 struct dentry *dentry) 325 { 326 struct xfs_name name; 327 int error; 328 329 xfs_dentry_to_name(&name, dentry, 0); 330 331 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry))); 332 if (error) 333 return error; 334 335 /* 336 * With unlink, the VFS makes the dentry "negative": no inode, 337 * but still hashed. This is incompatible with case-insensitive 338 * mode, so invalidate (unhash) the dentry in CI-mode. 339 */ 340 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb)) 341 d_invalidate(dentry); 342 return 0; 343 } 344 345 STATIC int 346 xfs_vn_symlink( 347 struct inode *dir, 348 struct dentry *dentry, 349 const char *symname) 350 { 351 struct inode *inode; 352 struct xfs_inode *cip = NULL; 353 struct xfs_name name; 354 int error; 355 umode_t mode; 356 357 mode = S_IFLNK | 358 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO); 359 xfs_dentry_to_name(&name, dentry, mode); 360 361 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip); 362 if (unlikely(error)) 363 goto out; 364 365 inode = VFS_I(cip); 366 367 error = xfs_init_security(inode, dir, &dentry->d_name); 368 if (unlikely(error)) 369 goto out_cleanup_inode; 370 371 d_instantiate(dentry, inode); 372 xfs_finish_inode_setup(cip); 373 return 0; 374 375 out_cleanup_inode: 376 xfs_finish_inode_setup(cip); 377 xfs_cleanup_inode(dir, inode, dentry); 378 iput(inode); 379 out: 380 return error; 381 } 382 383 STATIC int 384 xfs_vn_rename( 385 struct inode *odir, 386 struct dentry *odentry, 387 struct inode *ndir, 388 struct dentry *ndentry, 389 unsigned int flags) 390 { 391 struct inode *new_inode = d_inode(ndentry); 392 int omode = 0; 393 struct xfs_name oname; 394 struct xfs_name nname; 395 396 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 397 return -EINVAL; 398 399 /* if we are exchanging files, we need to set i_mode of both files */ 400 if (flags & RENAME_EXCHANGE) 401 omode = d_inode(ndentry)->i_mode; 402 403 xfs_dentry_to_name(&oname, odentry, omode); 404 xfs_dentry_to_name(&nname, ndentry, d_inode(odentry)->i_mode); 405 406 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)), 407 XFS_I(ndir), &nname, 408 new_inode ? XFS_I(new_inode) : NULL, flags); 409 } 410 411 /* 412 * careful here - this function can get called recursively, so 413 * we need to be very careful about how much stack we use. 414 * uio is kmalloced for this reason... 415 */ 416 STATIC const char * 417 xfs_vn_get_link( 418 struct dentry *dentry, 419 struct inode *inode, 420 struct delayed_call *done) 421 { 422 char *link; 423 int error = -ENOMEM; 424 425 if (!dentry) 426 return ERR_PTR(-ECHILD); 427 428 link = kmalloc(MAXPATHLEN+1, GFP_KERNEL); 429 if (!link) 430 goto out_err; 431 432 error = xfs_readlink(XFS_I(d_inode(dentry)), link); 433 if (unlikely(error)) 434 goto out_kfree; 435 436 set_delayed_call(done, kfree_link, link); 437 return link; 438 439 out_kfree: 440 kfree(link); 441 out_err: 442 return ERR_PTR(error); 443 } 444 445 STATIC int 446 xfs_vn_getattr( 447 struct vfsmount *mnt, 448 struct dentry *dentry, 449 struct kstat *stat) 450 { 451 struct inode *inode = d_inode(dentry); 452 struct xfs_inode *ip = XFS_I(inode); 453 struct xfs_mount *mp = ip->i_mount; 454 455 trace_xfs_getattr(ip); 456 457 if (XFS_FORCED_SHUTDOWN(mp)) 458 return -EIO; 459 460 stat->size = XFS_ISIZE(ip); 461 stat->dev = inode->i_sb->s_dev; 462 stat->mode = inode->i_mode; 463 stat->nlink = inode->i_nlink; 464 stat->uid = inode->i_uid; 465 stat->gid = inode->i_gid; 466 stat->ino = ip->i_ino; 467 stat->atime = inode->i_atime; 468 stat->mtime = inode->i_mtime; 469 stat->ctime = inode->i_ctime; 470 stat->blocks = 471 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks); 472 473 474 switch (inode->i_mode & S_IFMT) { 475 case S_IFBLK: 476 case S_IFCHR: 477 stat->blksize = BLKDEV_IOSIZE; 478 stat->rdev = MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 479 sysv_minor(ip->i_df.if_u2.if_rdev)); 480 break; 481 default: 482 if (XFS_IS_REALTIME_INODE(ip)) { 483 /* 484 * If the file blocks are being allocated from a 485 * realtime volume, then return the inode's realtime 486 * extent size or the realtime volume's extent size. 487 */ 488 stat->blksize = 489 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog; 490 } else 491 stat->blksize = xfs_preferred_iosize(mp); 492 stat->rdev = 0; 493 break; 494 } 495 496 return 0; 497 } 498 499 static void 500 xfs_setattr_mode( 501 struct xfs_inode *ip, 502 struct iattr *iattr) 503 { 504 struct inode *inode = VFS_I(ip); 505 umode_t mode = iattr->ia_mode; 506 507 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 508 509 inode->i_mode &= S_IFMT; 510 inode->i_mode |= mode & ~S_IFMT; 511 } 512 513 void 514 xfs_setattr_time( 515 struct xfs_inode *ip, 516 struct iattr *iattr) 517 { 518 struct inode *inode = VFS_I(ip); 519 520 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 521 522 if (iattr->ia_valid & ATTR_ATIME) 523 inode->i_atime = iattr->ia_atime; 524 if (iattr->ia_valid & ATTR_CTIME) 525 inode->i_ctime = iattr->ia_ctime; 526 if (iattr->ia_valid & ATTR_MTIME) 527 inode->i_mtime = iattr->ia_mtime; 528 } 529 530 int 531 xfs_setattr_nonsize( 532 struct xfs_inode *ip, 533 struct iattr *iattr, 534 int flags) 535 { 536 xfs_mount_t *mp = ip->i_mount; 537 struct inode *inode = VFS_I(ip); 538 int mask = iattr->ia_valid; 539 xfs_trans_t *tp; 540 int error; 541 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID; 542 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID; 543 struct xfs_dquot *udqp = NULL, *gdqp = NULL; 544 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL; 545 546 trace_xfs_setattr(ip); 547 548 /* If acls are being inherited, we already have this checked */ 549 if (!(flags & XFS_ATTR_NOACL)) { 550 if (mp->m_flags & XFS_MOUNT_RDONLY) 551 return -EROFS; 552 553 if (XFS_FORCED_SHUTDOWN(mp)) 554 return -EIO; 555 556 error = inode_change_ok(inode, iattr); 557 if (error) 558 return error; 559 } 560 561 ASSERT((mask & ATTR_SIZE) == 0); 562 563 /* 564 * If disk quotas is on, we make sure that the dquots do exist on disk, 565 * before we start any other transactions. Trying to do this later 566 * is messy. We don't care to take a readlock to look at the ids 567 * in inode here, because we can't hold it across the trans_reserve. 568 * If the IDs do change before we take the ilock, we're covered 569 * because the i_*dquot fields will get updated anyway. 570 */ 571 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) { 572 uint qflags = 0; 573 574 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) { 575 uid = iattr->ia_uid; 576 qflags |= XFS_QMOPT_UQUOTA; 577 } else { 578 uid = inode->i_uid; 579 } 580 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) { 581 gid = iattr->ia_gid; 582 qflags |= XFS_QMOPT_GQUOTA; 583 } else { 584 gid = inode->i_gid; 585 } 586 587 /* 588 * We take a reference when we initialize udqp and gdqp, 589 * so it is important that we never blindly double trip on 590 * the same variable. See xfs_create() for an example. 591 */ 592 ASSERT(udqp == NULL); 593 ASSERT(gdqp == NULL); 594 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid), 595 xfs_kgid_to_gid(gid), 596 xfs_get_projid(ip), 597 qflags, &udqp, &gdqp, NULL); 598 if (error) 599 return error; 600 } 601 602 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE); 603 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_ichange, 0, 0); 604 if (error) 605 goto out_trans_cancel; 606 607 xfs_ilock(ip, XFS_ILOCK_EXCL); 608 609 /* 610 * Change file ownership. Must be the owner or privileged. 611 */ 612 if (mask & (ATTR_UID|ATTR_GID)) { 613 /* 614 * These IDs could have changed since we last looked at them. 615 * But, we're assured that if the ownership did change 616 * while we didn't have the inode locked, inode's dquot(s) 617 * would have changed also. 618 */ 619 iuid = inode->i_uid; 620 igid = inode->i_gid; 621 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid; 622 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid; 623 624 /* 625 * Do a quota reservation only if uid/gid is actually 626 * going to change. 627 */ 628 if (XFS_IS_QUOTA_RUNNING(mp) && 629 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) || 630 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) { 631 ASSERT(tp); 632 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp, 633 NULL, capable(CAP_FOWNER) ? 634 XFS_QMOPT_FORCE_RES : 0); 635 if (error) /* out of quota */ 636 goto out_unlock; 637 } 638 } 639 640 xfs_trans_ijoin(tp, ip, 0); 641 642 /* 643 * Change file ownership. Must be the owner or privileged. 644 */ 645 if (mask & (ATTR_UID|ATTR_GID)) { 646 /* 647 * CAP_FSETID overrides the following restrictions: 648 * 649 * The set-user-ID and set-group-ID bits of a file will be 650 * cleared upon successful return from chown() 651 */ 652 if ((inode->i_mode & (S_ISUID|S_ISGID)) && 653 !capable(CAP_FSETID)) 654 inode->i_mode &= ~(S_ISUID|S_ISGID); 655 656 /* 657 * Change the ownerships and register quota modifications 658 * in the transaction. 659 */ 660 if (!uid_eq(iuid, uid)) { 661 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) { 662 ASSERT(mask & ATTR_UID); 663 ASSERT(udqp); 664 olddquot1 = xfs_qm_vop_chown(tp, ip, 665 &ip->i_udquot, udqp); 666 } 667 ip->i_d.di_uid = xfs_kuid_to_uid(uid); 668 inode->i_uid = uid; 669 } 670 if (!gid_eq(igid, gid)) { 671 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) { 672 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) || 673 !XFS_IS_PQUOTA_ON(mp)); 674 ASSERT(mask & ATTR_GID); 675 ASSERT(gdqp); 676 olddquot2 = xfs_qm_vop_chown(tp, ip, 677 &ip->i_gdquot, gdqp); 678 } 679 ip->i_d.di_gid = xfs_kgid_to_gid(gid); 680 inode->i_gid = gid; 681 } 682 } 683 684 if (mask & ATTR_MODE) 685 xfs_setattr_mode(ip, iattr); 686 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 687 xfs_setattr_time(ip, iattr); 688 689 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 690 691 XFS_STATS_INC(mp, xs_ig_attrchg); 692 693 if (mp->m_flags & XFS_MOUNT_WSYNC) 694 xfs_trans_set_sync(tp); 695 error = xfs_trans_commit(tp); 696 697 xfs_iunlock(ip, XFS_ILOCK_EXCL); 698 699 /* 700 * Release any dquot(s) the inode had kept before chown. 701 */ 702 xfs_qm_dqrele(olddquot1); 703 xfs_qm_dqrele(olddquot2); 704 xfs_qm_dqrele(udqp); 705 xfs_qm_dqrele(gdqp); 706 707 if (error) 708 return error; 709 710 /* 711 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode 712 * update. We could avoid this with linked transactions 713 * and passing down the transaction pointer all the way 714 * to attr_set. No previous user of the generic 715 * Posix ACL code seems to care about this issue either. 716 */ 717 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { 718 error = posix_acl_chmod(inode, inode->i_mode); 719 if (error) 720 return error; 721 } 722 723 return 0; 724 725 out_unlock: 726 xfs_iunlock(ip, XFS_ILOCK_EXCL); 727 out_trans_cancel: 728 xfs_trans_cancel(tp); 729 xfs_qm_dqrele(udqp); 730 xfs_qm_dqrele(gdqp); 731 return error; 732 } 733 734 /* 735 * Truncate file. Must have write permission and not be a directory. 736 */ 737 int 738 xfs_setattr_size( 739 struct xfs_inode *ip, 740 struct iattr *iattr) 741 { 742 struct xfs_mount *mp = ip->i_mount; 743 struct inode *inode = VFS_I(ip); 744 xfs_off_t oldsize, newsize; 745 struct xfs_trans *tp; 746 int error; 747 uint lock_flags = 0; 748 bool did_zeroing = false; 749 750 trace_xfs_setattr(ip); 751 752 if (mp->m_flags & XFS_MOUNT_RDONLY) 753 return -EROFS; 754 755 if (XFS_FORCED_SHUTDOWN(mp)) 756 return -EIO; 757 758 error = inode_change_ok(inode, iattr); 759 if (error) 760 return error; 761 762 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); 763 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL)); 764 ASSERT(S_ISREG(inode->i_mode)); 765 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| 766 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); 767 768 oldsize = inode->i_size; 769 newsize = iattr->ia_size; 770 771 /* 772 * Short circuit the truncate case for zero length files. 773 */ 774 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) { 775 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME))) 776 return 0; 777 778 /* 779 * Use the regular setattr path to update the timestamps. 780 */ 781 iattr->ia_valid &= ~ATTR_SIZE; 782 return xfs_setattr_nonsize(ip, iattr, 0); 783 } 784 785 /* 786 * Make sure that the dquots are attached to the inode. 787 */ 788 error = xfs_qm_dqattach(ip, 0); 789 if (error) 790 return error; 791 792 /* 793 * File data changes must be complete before we start the transaction to 794 * modify the inode. This needs to be done before joining the inode to 795 * the transaction because the inode cannot be unlocked once it is a 796 * part of the transaction. 797 * 798 * Start with zeroing any data block beyond EOF that we may expose on 799 * file extension. 800 */ 801 if (newsize > oldsize) { 802 error = xfs_zero_eof(ip, newsize, oldsize, &did_zeroing); 803 if (error) 804 return error; 805 } 806 807 /* 808 * We are going to log the inode size change in this transaction so 809 * any previous writes that are beyond the on disk EOF and the new 810 * EOF that have not been written out need to be written here. If we 811 * do not write the data out, we expose ourselves to the null files 812 * problem. Note that this includes any block zeroing we did above; 813 * otherwise those blocks may not be zeroed after a crash. 814 */ 815 if (newsize > ip->i_d.di_size && 816 (oldsize != ip->i_d.di_size || did_zeroing)) { 817 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping, 818 ip->i_d.di_size, newsize); 819 if (error) 820 return error; 821 } 822 823 /* Now wait for all direct I/O to complete. */ 824 inode_dio_wait(inode); 825 826 /* 827 * We've already locked out new page faults, so now we can safely remove 828 * pages from the page cache knowing they won't get refaulted until we 829 * drop the XFS_MMAP_EXCL lock after the extent manipulations are 830 * complete. The truncate_setsize() call also cleans partial EOF page 831 * PTEs on extending truncates and hence ensures sub-page block size 832 * filesystems are correctly handled, too. 833 * 834 * We have to do all the page cache truncate work outside the 835 * transaction context as the "lock" order is page lock->log space 836 * reservation as defined by extent allocation in the writeback path. 837 * Hence a truncate can fail with ENOMEM from xfs_trans_reserve(), but 838 * having already truncated the in-memory version of the file (i.e. made 839 * user visible changes). There's not much we can do about this, except 840 * to hope that the caller sees ENOMEM and retries the truncate 841 * operation. 842 */ 843 if (IS_DAX(inode)) 844 error = dax_truncate_page(inode, newsize, xfs_get_blocks_direct); 845 else 846 error = block_truncate_page(inode->i_mapping, newsize, 847 xfs_get_blocks); 848 if (error) 849 return error; 850 truncate_setsize(inode, newsize); 851 852 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_SIZE); 853 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_itruncate, 0, 0); 854 if (error) 855 goto out_trans_cancel; 856 857 lock_flags |= XFS_ILOCK_EXCL; 858 xfs_ilock(ip, XFS_ILOCK_EXCL); 859 xfs_trans_ijoin(tp, ip, 0); 860 861 /* 862 * Only change the c/mtime if we are changing the size or we are 863 * explicitly asked to change it. This handles the semantic difference 864 * between truncate() and ftruncate() as implemented in the VFS. 865 * 866 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a 867 * special case where we need to update the times despite not having 868 * these flags set. For all other operations the VFS set these flags 869 * explicitly if it wants a timestamp update. 870 */ 871 if (newsize != oldsize && 872 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) { 873 iattr->ia_ctime = iattr->ia_mtime = 874 current_fs_time(inode->i_sb); 875 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME; 876 } 877 878 /* 879 * The first thing we do is set the size to new_size permanently on 880 * disk. This way we don't have to worry about anyone ever being able 881 * to look at the data being freed even in the face of a crash. 882 * What we're getting around here is the case where we free a block, it 883 * is allocated to another file, it is written to, and then we crash. 884 * If the new data gets written to the file but the log buffers 885 * containing the free and reallocation don't, then we'd end up with 886 * garbage in the blocks being freed. As long as we make the new size 887 * permanent before actually freeing any blocks it doesn't matter if 888 * they get written to. 889 */ 890 ip->i_d.di_size = newsize; 891 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 892 893 if (newsize <= oldsize) { 894 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize); 895 if (error) 896 goto out_trans_cancel; 897 898 /* 899 * Truncated "down", so we're removing references to old data 900 * here - if we delay flushing for a long time, we expose 901 * ourselves unduly to the notorious NULL files problem. So, 902 * we mark this inode and flush it when the file is closed, 903 * and do not wait the usual (long) time for writeout. 904 */ 905 xfs_iflags_set(ip, XFS_ITRUNCATED); 906 907 /* A truncate down always removes post-EOF blocks. */ 908 xfs_inode_clear_eofblocks_tag(ip); 909 } 910 911 if (iattr->ia_valid & ATTR_MODE) 912 xfs_setattr_mode(ip, iattr); 913 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 914 xfs_setattr_time(ip, iattr); 915 916 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 917 918 XFS_STATS_INC(mp, xs_ig_attrchg); 919 920 if (mp->m_flags & XFS_MOUNT_WSYNC) 921 xfs_trans_set_sync(tp); 922 923 error = xfs_trans_commit(tp); 924 out_unlock: 925 if (lock_flags) 926 xfs_iunlock(ip, lock_flags); 927 return error; 928 929 out_trans_cancel: 930 xfs_trans_cancel(tp); 931 goto out_unlock; 932 } 933 934 STATIC int 935 xfs_vn_setattr( 936 struct dentry *dentry, 937 struct iattr *iattr) 938 { 939 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 940 int error; 941 942 if (iattr->ia_valid & ATTR_SIZE) { 943 uint iolock = XFS_IOLOCK_EXCL; 944 945 xfs_ilock(ip, iolock); 946 error = xfs_break_layouts(d_inode(dentry), &iolock, true); 947 if (!error) { 948 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 949 iolock |= XFS_MMAPLOCK_EXCL; 950 951 error = xfs_setattr_size(ip, iattr); 952 } 953 xfs_iunlock(ip, iolock); 954 } else { 955 error = xfs_setattr_nonsize(ip, iattr, 0); 956 } 957 958 return error; 959 } 960 961 STATIC int 962 xfs_vn_update_time( 963 struct inode *inode, 964 struct timespec *now, 965 int flags) 966 { 967 struct xfs_inode *ip = XFS_I(inode); 968 struct xfs_mount *mp = ip->i_mount; 969 struct xfs_trans *tp; 970 int error; 971 972 trace_xfs_update_time(ip); 973 974 tp = xfs_trans_alloc(mp, XFS_TRANS_FSYNC_TS); 975 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_fsyncts, 0, 0); 976 if (error) { 977 xfs_trans_cancel(tp); 978 return error; 979 } 980 981 xfs_ilock(ip, XFS_ILOCK_EXCL); 982 if (flags & S_CTIME) 983 inode->i_ctime = *now; 984 if (flags & S_MTIME) 985 inode->i_mtime = *now; 986 if (flags & S_ATIME) 987 inode->i_atime = *now; 988 989 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 990 xfs_trans_log_inode(tp, ip, XFS_ILOG_TIMESTAMP); 991 return xfs_trans_commit(tp); 992 } 993 994 #define XFS_FIEMAP_FLAGS (FIEMAP_FLAG_SYNC|FIEMAP_FLAG_XATTR) 995 996 /* 997 * Call fiemap helper to fill in user data. 998 * Returns positive errors to xfs_getbmap. 999 */ 1000 STATIC int 1001 xfs_fiemap_format( 1002 void **arg, 1003 struct getbmapx *bmv, 1004 int *full) 1005 { 1006 int error; 1007 struct fiemap_extent_info *fieinfo = *arg; 1008 u32 fiemap_flags = 0; 1009 u64 logical, physical, length; 1010 1011 /* Do nothing for a hole */ 1012 if (bmv->bmv_block == -1LL) 1013 return 0; 1014 1015 logical = BBTOB(bmv->bmv_offset); 1016 physical = BBTOB(bmv->bmv_block); 1017 length = BBTOB(bmv->bmv_length); 1018 1019 if (bmv->bmv_oflags & BMV_OF_PREALLOC) 1020 fiemap_flags |= FIEMAP_EXTENT_UNWRITTEN; 1021 else if (bmv->bmv_oflags & BMV_OF_DELALLOC) { 1022 fiemap_flags |= (FIEMAP_EXTENT_DELALLOC | 1023 FIEMAP_EXTENT_UNKNOWN); 1024 physical = 0; /* no block yet */ 1025 } 1026 if (bmv->bmv_oflags & BMV_OF_LAST) 1027 fiemap_flags |= FIEMAP_EXTENT_LAST; 1028 1029 error = fiemap_fill_next_extent(fieinfo, logical, physical, 1030 length, fiemap_flags); 1031 if (error > 0) { 1032 error = 0; 1033 *full = 1; /* user array now full */ 1034 } 1035 1036 return error; 1037 } 1038 1039 STATIC int 1040 xfs_vn_fiemap( 1041 struct inode *inode, 1042 struct fiemap_extent_info *fieinfo, 1043 u64 start, 1044 u64 length) 1045 { 1046 xfs_inode_t *ip = XFS_I(inode); 1047 struct getbmapx bm; 1048 int error; 1049 1050 error = fiemap_check_flags(fieinfo, XFS_FIEMAP_FLAGS); 1051 if (error) 1052 return error; 1053 1054 /* Set up bmap header for xfs internal routine */ 1055 bm.bmv_offset = BTOBBT(start); 1056 /* Special case for whole file */ 1057 if (length == FIEMAP_MAX_OFFSET) 1058 bm.bmv_length = -1LL; 1059 else 1060 bm.bmv_length = BTOBB(start + length) - bm.bmv_offset; 1061 1062 /* We add one because in getbmap world count includes the header */ 1063 bm.bmv_count = !fieinfo->fi_extents_max ? MAXEXTNUM : 1064 fieinfo->fi_extents_max + 1; 1065 bm.bmv_count = min_t(__s32, bm.bmv_count, 1066 (PAGE_SIZE * 16 / sizeof(struct getbmapx))); 1067 bm.bmv_iflags = BMV_IF_PREALLOC | BMV_IF_NO_HOLES; 1068 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) 1069 bm.bmv_iflags |= BMV_IF_ATTRFORK; 1070 if (!(fieinfo->fi_flags & FIEMAP_FLAG_SYNC)) 1071 bm.bmv_iflags |= BMV_IF_DELALLOC; 1072 1073 error = xfs_getbmap(ip, &bm, xfs_fiemap_format, fieinfo); 1074 if (error) 1075 return error; 1076 1077 return 0; 1078 } 1079 1080 STATIC int 1081 xfs_vn_tmpfile( 1082 struct inode *dir, 1083 struct dentry *dentry, 1084 umode_t mode) 1085 { 1086 return xfs_generic_create(dir, dentry, mode, 0, true); 1087 } 1088 1089 static const struct inode_operations xfs_inode_operations = { 1090 .get_acl = xfs_get_acl, 1091 .set_acl = xfs_set_acl, 1092 .getattr = xfs_vn_getattr, 1093 .setattr = xfs_vn_setattr, 1094 .setxattr = generic_setxattr, 1095 .getxattr = generic_getxattr, 1096 .removexattr = generic_removexattr, 1097 .listxattr = xfs_vn_listxattr, 1098 .fiemap = xfs_vn_fiemap, 1099 .update_time = xfs_vn_update_time, 1100 }; 1101 1102 static const struct inode_operations xfs_dir_inode_operations = { 1103 .create = xfs_vn_create, 1104 .lookup = xfs_vn_lookup, 1105 .link = xfs_vn_link, 1106 .unlink = xfs_vn_unlink, 1107 .symlink = xfs_vn_symlink, 1108 .mkdir = xfs_vn_mkdir, 1109 /* 1110 * Yes, XFS uses the same method for rmdir and unlink. 1111 * 1112 * There are some subtile differences deeper in the code, 1113 * but we use S_ISDIR to check for those. 1114 */ 1115 .rmdir = xfs_vn_unlink, 1116 .mknod = xfs_vn_mknod, 1117 .rename2 = xfs_vn_rename, 1118 .get_acl = xfs_get_acl, 1119 .set_acl = xfs_set_acl, 1120 .getattr = xfs_vn_getattr, 1121 .setattr = xfs_vn_setattr, 1122 .setxattr = generic_setxattr, 1123 .getxattr = generic_getxattr, 1124 .removexattr = generic_removexattr, 1125 .listxattr = xfs_vn_listxattr, 1126 .update_time = xfs_vn_update_time, 1127 .tmpfile = xfs_vn_tmpfile, 1128 }; 1129 1130 static const struct inode_operations xfs_dir_ci_inode_operations = { 1131 .create = xfs_vn_create, 1132 .lookup = xfs_vn_ci_lookup, 1133 .link = xfs_vn_link, 1134 .unlink = xfs_vn_unlink, 1135 .symlink = xfs_vn_symlink, 1136 .mkdir = xfs_vn_mkdir, 1137 /* 1138 * Yes, XFS uses the same method for rmdir and unlink. 1139 * 1140 * There are some subtile differences deeper in the code, 1141 * but we use S_ISDIR to check for those. 1142 */ 1143 .rmdir = xfs_vn_unlink, 1144 .mknod = xfs_vn_mknod, 1145 .rename2 = xfs_vn_rename, 1146 .get_acl = xfs_get_acl, 1147 .set_acl = xfs_set_acl, 1148 .getattr = xfs_vn_getattr, 1149 .setattr = xfs_vn_setattr, 1150 .setxattr = generic_setxattr, 1151 .getxattr = generic_getxattr, 1152 .removexattr = generic_removexattr, 1153 .listxattr = xfs_vn_listxattr, 1154 .update_time = xfs_vn_update_time, 1155 .tmpfile = xfs_vn_tmpfile, 1156 }; 1157 1158 static const struct inode_operations xfs_symlink_inode_operations = { 1159 .readlink = generic_readlink, 1160 .get_link = xfs_vn_get_link, 1161 .getattr = xfs_vn_getattr, 1162 .setattr = xfs_vn_setattr, 1163 .setxattr = generic_setxattr, 1164 .getxattr = generic_getxattr, 1165 .removexattr = generic_removexattr, 1166 .listxattr = xfs_vn_listxattr, 1167 .update_time = xfs_vn_update_time, 1168 }; 1169 1170 STATIC void 1171 xfs_diflags_to_iflags( 1172 struct inode *inode, 1173 struct xfs_inode *ip) 1174 { 1175 uint16_t flags = ip->i_d.di_flags; 1176 1177 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | 1178 S_NOATIME | S_DAX); 1179 1180 if (flags & XFS_DIFLAG_IMMUTABLE) 1181 inode->i_flags |= S_IMMUTABLE; 1182 if (flags & XFS_DIFLAG_APPEND) 1183 inode->i_flags |= S_APPEND; 1184 if (flags & XFS_DIFLAG_SYNC) 1185 inode->i_flags |= S_SYNC; 1186 if (flags & XFS_DIFLAG_NOATIME) 1187 inode->i_flags |= S_NOATIME; 1188 if (S_ISREG(inode->i_mode) && 1189 ip->i_mount->m_sb.sb_blocksize == PAGE_SIZE && 1190 (ip->i_mount->m_flags & XFS_MOUNT_DAX || 1191 ip->i_d.di_flags2 & XFS_DIFLAG2_DAX)) 1192 inode->i_flags |= S_DAX; 1193 } 1194 1195 /* 1196 * Initialize the Linux inode and set up the operation vectors. 1197 * 1198 * When reading existing inodes from disk this is called directly from xfs_iget, 1199 * when creating a new inode it is called from xfs_ialloc after setting up the 1200 * inode. These callers have different criteria for clearing XFS_INEW, so leave 1201 * it up to the caller to deal with unlocking the inode appropriately. 1202 */ 1203 void 1204 xfs_setup_inode( 1205 struct xfs_inode *ip) 1206 { 1207 struct inode *inode = &ip->i_vnode; 1208 gfp_t gfp_mask; 1209 1210 inode->i_ino = ip->i_ino; 1211 inode->i_state = I_NEW; 1212 1213 inode_sb_list_add(inode); 1214 /* make the inode look hashed for the writeback code */ 1215 hlist_add_fake(&inode->i_hash); 1216 1217 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid); 1218 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid); 1219 1220 switch (inode->i_mode & S_IFMT) { 1221 case S_IFBLK: 1222 case S_IFCHR: 1223 inode->i_rdev = 1224 MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 1225 sysv_minor(ip->i_df.if_u2.if_rdev)); 1226 break; 1227 default: 1228 inode->i_rdev = 0; 1229 break; 1230 } 1231 1232 i_size_write(inode, ip->i_d.di_size); 1233 xfs_diflags_to_iflags(inode, ip); 1234 1235 ip->d_ops = ip->i_mount->m_nondir_inode_ops; 1236 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class); 1237 switch (inode->i_mode & S_IFMT) { 1238 case S_IFREG: 1239 inode->i_op = &xfs_inode_operations; 1240 inode->i_fop = &xfs_file_operations; 1241 inode->i_mapping->a_ops = &xfs_address_space_operations; 1242 break; 1243 case S_IFDIR: 1244 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class); 1245 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb)) 1246 inode->i_op = &xfs_dir_ci_inode_operations; 1247 else 1248 inode->i_op = &xfs_dir_inode_operations; 1249 inode->i_fop = &xfs_dir_file_operations; 1250 ip->d_ops = ip->i_mount->m_dir_inode_ops; 1251 break; 1252 case S_IFLNK: 1253 inode->i_op = &xfs_symlink_inode_operations; 1254 if (!(ip->i_df.if_flags & XFS_IFINLINE)) 1255 inode->i_mapping->a_ops = &xfs_address_space_operations; 1256 break; 1257 default: 1258 inode->i_op = &xfs_inode_operations; 1259 init_special_inode(inode, inode->i_mode, inode->i_rdev); 1260 break; 1261 } 1262 1263 /* 1264 * Ensure all page cache allocations are done from GFP_NOFS context to 1265 * prevent direct reclaim recursion back into the filesystem and blowing 1266 * stacks or deadlocking. 1267 */ 1268 gfp_mask = mapping_gfp_mask(inode->i_mapping); 1269 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS))); 1270 1271 /* 1272 * If there is no attribute fork no ACL can exist on this inode, 1273 * and it can't have any file capabilities attached to it either. 1274 */ 1275 if (!XFS_IFORK_Q(ip)) { 1276 inode_has_no_xattr(inode); 1277 cache_no_acl(inode); 1278 } 1279 } 1280