1 /* * This file is part of UBIFS.
2 *
3 * Copyright (C) 2006-2008 Nokia Corporation.
4 * Copyright (C) 2006, 2007 University of Szeged, Hungary
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published by
8 * the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18 *
19 * Authors: Artem Bityutskiy (Битюцкий Артём)
20 * Adrian Hunter
21 * Zoltan Sogor
22 */
23
24 /*
25 * This file implements directory operations.
26 *
27 * All FS operations in this file allocate budget before writing anything to the
28 * media. If they fail to allocate it, the error is returned. The only
29 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even
30 * if they unable to allocate the budget, because deletion %-ENOSPC failure is
31 * not what users are usually ready to get. UBIFS budgeting subsystem has some
32 * space reserved for these purposes.
33 *
34 * All operations in this file write all inodes which they change straight
35 * away, instead of marking them dirty. For example, 'ubifs_link()' changes
36 * @i_size of the parent inode and writes the parent inode together with the
37 * target inode. This was done to simplify file-system recovery which would
38 * otherwise be very difficult to do. The only exception is rename which marks
39 * the re-named inode dirty (because its @i_ctime is updated) but does not
40 * write it, but just marks it as dirty.
41 */
42
43 #include "ubifs.h"
44
45 /**
46 * inherit_flags - inherit flags of the parent inode.
47 * @dir: parent inode
48 * @mode: new inode mode flags
49 *
50 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the
51 * parent directory inode @dir. UBIFS inodes inherit the following flags:
52 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on
53 * sub-directory basis;
54 * o %UBIFS_SYNC_FL - useful for the same reasons;
55 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories.
56 *
57 * This function returns the inherited flags.
58 */
inherit_flags(const struct inode * dir,umode_t mode)59 static int inherit_flags(const struct inode *dir, umode_t mode)
60 {
61 int flags;
62 const struct ubifs_inode *ui = ubifs_inode(dir);
63
64 if (!S_ISDIR(dir->i_mode))
65 /*
66 * The parent is not a directory, which means that an extended
67 * attribute inode is being created. No flags.
68 */
69 return 0;
70
71 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL);
72 if (!S_ISDIR(mode))
73 /* The "DIRSYNC" flag only applies to directories */
74 flags &= ~UBIFS_DIRSYNC_FL;
75 return flags;
76 }
77
78 /**
79 * ubifs_new_inode - allocate new UBIFS inode object.
80 * @c: UBIFS file-system description object
81 * @dir: parent directory inode
82 * @mode: inode mode flags
83 *
84 * This function finds an unused inode number, allocates new inode and
85 * initializes it. Returns new inode in case of success and an error code in
86 * case of failure.
87 */
ubifs_new_inode(struct ubifs_info * c,struct inode * dir,umode_t mode)88 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir,
89 umode_t mode)
90 {
91 int err;
92 struct inode *inode;
93 struct ubifs_inode *ui;
94 bool encrypted = false;
95
96 if (ubifs_crypt_is_encrypted(dir)) {
97 err = fscrypt_get_encryption_info(dir);
98 if (err) {
99 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err);
100 return ERR_PTR(err);
101 }
102
103 if (!fscrypt_has_encryption_key(dir))
104 return ERR_PTR(-EPERM);
105
106 encrypted = true;
107 }
108
109 inode = new_inode(c->vfs_sb);
110 ui = ubifs_inode(inode);
111 if (!inode)
112 return ERR_PTR(-ENOMEM);
113
114 /*
115 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and
116 * marking them dirty in file write path (see 'file_update_time()').
117 * UBIFS has to fully control "clean <-> dirty" transitions of inodes
118 * to make budgeting work.
119 */
120 inode->i_flags |= S_NOCMTIME;
121
122 inode_init_owner(inode, dir, mode);
123 inode->i_mtime = inode->i_atime = inode->i_ctime =
124 current_time(inode);
125 inode->i_mapping->nrpages = 0;
126
127 switch (mode & S_IFMT) {
128 case S_IFREG:
129 inode->i_mapping->a_ops = &ubifs_file_address_operations;
130 inode->i_op = &ubifs_file_inode_operations;
131 inode->i_fop = &ubifs_file_operations;
132 break;
133 case S_IFDIR:
134 inode->i_op = &ubifs_dir_inode_operations;
135 inode->i_fop = &ubifs_dir_operations;
136 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ;
137 break;
138 case S_IFLNK:
139 inode->i_op = &ubifs_symlink_inode_operations;
140 break;
141 case S_IFSOCK:
142 case S_IFIFO:
143 case S_IFBLK:
144 case S_IFCHR:
145 inode->i_op = &ubifs_file_inode_operations;
146 encrypted = false;
147 break;
148 default:
149 BUG();
150 }
151
152 ui->flags = inherit_flags(dir, mode);
153 ubifs_set_inode_flags(inode);
154 if (S_ISREG(mode))
155 ui->compr_type = c->default_compr;
156 else
157 ui->compr_type = UBIFS_COMPR_NONE;
158 ui->synced_i_size = 0;
159
160 spin_lock(&c->cnt_lock);
161 /* Inode number overflow is currently not supported */
162 if (c->highest_inum >= INUM_WARN_WATERMARK) {
163 if (c->highest_inum >= INUM_WATERMARK) {
164 spin_unlock(&c->cnt_lock);
165 ubifs_err(c, "out of inode numbers");
166 make_bad_inode(inode);
167 iput(inode);
168 return ERR_PTR(-EINVAL);
169 }
170 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)",
171 (unsigned long)c->highest_inum, INUM_WATERMARK);
172 }
173
174 inode->i_ino = ++c->highest_inum;
175 /*
176 * The creation sequence number remains with this inode for its
177 * lifetime. All nodes for this inode have a greater sequence number,
178 * and so it is possible to distinguish obsolete nodes belonging to a
179 * previous incarnation of the same inode number - for example, for the
180 * purpose of rebuilding the index.
181 */
182 ui->creat_sqnum = ++c->max_sqnum;
183 spin_unlock(&c->cnt_lock);
184
185 if (encrypted) {
186 err = fscrypt_inherit_context(dir, inode, &encrypted, true);
187 if (err) {
188 ubifs_err(c, "fscrypt_inherit_context failed: %i", err);
189 make_bad_inode(inode);
190 iput(inode);
191 return ERR_PTR(err);
192 }
193 }
194
195 return inode;
196 }
197
dbg_check_name(const struct ubifs_info * c,const struct ubifs_dent_node * dent,const struct fscrypt_name * nm)198 static int dbg_check_name(const struct ubifs_info *c,
199 const struct ubifs_dent_node *dent,
200 const struct fscrypt_name *nm)
201 {
202 if (!dbg_is_chk_gen(c))
203 return 0;
204 if (le16_to_cpu(dent->nlen) != fname_len(nm))
205 return -EINVAL;
206 if (memcmp(dent->name, fname_name(nm), fname_len(nm)))
207 return -EINVAL;
208 return 0;
209 }
210
ubifs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)211 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
212 unsigned int flags)
213 {
214 int err;
215 union ubifs_key key;
216 struct inode *inode = NULL;
217 struct ubifs_dent_node *dent = NULL;
218 struct ubifs_info *c = dir->i_sb->s_fs_info;
219 struct fscrypt_name nm;
220
221 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
222
223 err = fscrypt_prepare_lookup(dir, dentry, &nm);
224 if (err == -ENOENT)
225 return d_splice_alias(NULL, dentry);
226 if (err)
227 return ERR_PTR(err);
228
229 if (fname_len(&nm) > UBIFS_MAX_NLEN) {
230 inode = ERR_PTR(-ENAMETOOLONG);
231 goto done;
232 }
233
234 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
235 if (!dent) {
236 inode = ERR_PTR(-ENOMEM);
237 goto done;
238 }
239
240 if (nm.hash) {
241 ubifs_assert(c, fname_len(&nm) == 0);
242 ubifs_assert(c, fname_name(&nm) == NULL);
243 if (nm.hash & ~UBIFS_S_KEY_HASH_MASK)
244 goto done; /* ENOENT */
245 dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
246 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
247 } else {
248 dent_key_init(c, &key, dir->i_ino, &nm);
249 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm);
250 }
251
252 if (err) {
253 if (err == -ENOENT)
254 dbg_gen("not found");
255 else
256 inode = ERR_PTR(err);
257 goto done;
258 }
259
260 if (dbg_check_name(c, dent, &nm)) {
261 inode = ERR_PTR(-EINVAL);
262 goto done;
263 }
264
265 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum));
266 if (IS_ERR(inode)) {
267 /*
268 * This should not happen. Probably the file-system needs
269 * checking.
270 */
271 err = PTR_ERR(inode);
272 ubifs_err(c, "dead directory entry '%pd', error %d",
273 dentry, err);
274 ubifs_ro_mode(c, err);
275 goto done;
276 }
277
278 if (ubifs_crypt_is_encrypted(dir) &&
279 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
280 !fscrypt_has_permitted_context(dir, inode)) {
281 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu",
282 dir->i_ino, inode->i_ino);
283 iput(inode);
284 inode = ERR_PTR(-EPERM);
285 }
286
287 done:
288 kfree(dent);
289 fscrypt_free_filename(&nm);
290 return d_splice_alias(inode, dentry);
291 }
292
ubifs_prepare_create(struct inode * dir,struct dentry * dentry,struct fscrypt_name * nm)293 static int ubifs_prepare_create(struct inode *dir, struct dentry *dentry,
294 struct fscrypt_name *nm)
295 {
296 if (fscrypt_is_nokey_name(dentry))
297 return -ENOKEY;
298
299 return fscrypt_setup_filename(dir, &dentry->d_name, 0, nm);
300 }
301
ubifs_create(struct inode * dir,struct dentry * dentry,umode_t mode,bool excl)302 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
303 bool excl)
304 {
305 struct inode *inode;
306 struct ubifs_info *c = dir->i_sb->s_fs_info;
307 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
308 .dirtied_ino = 1 };
309 struct ubifs_inode *dir_ui = ubifs_inode(dir);
310 struct fscrypt_name nm;
311 int err, sz_change;
312
313 /*
314 * Budget request settings: new inode, new direntry, changing the
315 * parent directory inode.
316 */
317
318 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
319 dentry, mode, dir->i_ino);
320
321 err = ubifs_budget_space(c, &req);
322 if (err)
323 return err;
324
325 err = ubifs_prepare_create(dir, dentry, &nm);
326 if (err)
327 goto out_budg;
328
329 sz_change = CALC_DENT_SIZE(fname_len(&nm));
330
331 inode = ubifs_new_inode(c, dir, mode);
332 if (IS_ERR(inode)) {
333 err = PTR_ERR(inode);
334 goto out_fname;
335 }
336
337 err = ubifs_init_security(dir, inode, &dentry->d_name);
338 if (err)
339 goto out_inode;
340
341 mutex_lock(&dir_ui->ui_mutex);
342 dir->i_size += sz_change;
343 dir_ui->ui_size = dir->i_size;
344 dir->i_mtime = dir->i_ctime = inode->i_ctime;
345 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
346 if (err)
347 goto out_cancel;
348 mutex_unlock(&dir_ui->ui_mutex);
349
350 ubifs_release_budget(c, &req);
351 fscrypt_free_filename(&nm);
352 insert_inode_hash(inode);
353 d_instantiate(dentry, inode);
354 return 0;
355
356 out_cancel:
357 dir->i_size -= sz_change;
358 dir_ui->ui_size = dir->i_size;
359 mutex_unlock(&dir_ui->ui_mutex);
360 out_inode:
361 make_bad_inode(inode);
362 iput(inode);
363 out_fname:
364 fscrypt_free_filename(&nm);
365 out_budg:
366 ubifs_release_budget(c, &req);
367 ubifs_err(c, "cannot create regular file, error %d", err);
368 return err;
369 }
370
do_tmpfile(struct inode * dir,struct dentry * dentry,umode_t mode,struct inode ** whiteout)371 static int do_tmpfile(struct inode *dir, struct dentry *dentry,
372 umode_t mode, struct inode **whiteout)
373 {
374 struct inode *inode;
375 struct ubifs_info *c = dir->i_sb->s_fs_info;
376 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
377 .dirtied_ino = 1};
378 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 };
379 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir);
380 int err, instantiated = 0;
381 struct fscrypt_name nm;
382
383 /*
384 * Budget request settings: new inode, new direntry, changing the
385 * parent directory inode.
386 * Allocate budget separately for new dirtied inode, the budget will
387 * be released via writeback.
388 */
389
390 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
391 dentry, mode, dir->i_ino);
392
393 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
394 if (err)
395 return err;
396
397 err = ubifs_budget_space(c, &req);
398 if (err) {
399 fscrypt_free_filename(&nm);
400 return err;
401 }
402
403 err = ubifs_budget_space(c, &ino_req);
404 if (err) {
405 ubifs_release_budget(c, &req);
406 fscrypt_free_filename(&nm);
407 return err;
408 }
409
410 inode = ubifs_new_inode(c, dir, mode);
411 if (IS_ERR(inode)) {
412 err = PTR_ERR(inode);
413 goto out_budg;
414 }
415 ui = ubifs_inode(inode);
416
417 if (whiteout) {
418 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV);
419 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations);
420 }
421
422 err = ubifs_init_security(dir, inode, &dentry->d_name);
423 if (err)
424 goto out_inode;
425
426 mutex_lock(&ui->ui_mutex);
427 insert_inode_hash(inode);
428
429 if (whiteout) {
430 mark_inode_dirty(inode);
431 drop_nlink(inode);
432 *whiteout = inode;
433 } else {
434 d_tmpfile(dentry, inode);
435 }
436 ubifs_assert(c, ui->dirty);
437
438 instantiated = 1;
439 mutex_unlock(&ui->ui_mutex);
440
441 mutex_lock(&dir_ui->ui_mutex);
442 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
443 if (err)
444 goto out_cancel;
445 mutex_unlock(&dir_ui->ui_mutex);
446
447 ubifs_release_budget(c, &req);
448 fscrypt_free_filename(&nm);
449
450 return 0;
451
452 out_cancel:
453 mutex_unlock(&dir_ui->ui_mutex);
454 out_inode:
455 make_bad_inode(inode);
456 if (!instantiated)
457 iput(inode);
458 else if (whiteout)
459 iput(*whiteout);
460 out_budg:
461 ubifs_release_budget(c, &req);
462 if (!instantiated)
463 ubifs_release_budget(c, &ino_req);
464 fscrypt_free_filename(&nm);
465 ubifs_err(c, "cannot create temporary file, error %d", err);
466 return err;
467 }
468
ubifs_tmpfile(struct inode * dir,struct dentry * dentry,umode_t mode)469 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry,
470 umode_t mode)
471 {
472 return do_tmpfile(dir, dentry, mode, NULL);
473 }
474
475 /**
476 * vfs_dent_type - get VFS directory entry type.
477 * @type: UBIFS directory entry type
478 *
479 * This function converts UBIFS directory entry type into VFS directory entry
480 * type.
481 */
vfs_dent_type(uint8_t type)482 static unsigned int vfs_dent_type(uint8_t type)
483 {
484 switch (type) {
485 case UBIFS_ITYPE_REG:
486 return DT_REG;
487 case UBIFS_ITYPE_DIR:
488 return DT_DIR;
489 case UBIFS_ITYPE_LNK:
490 return DT_LNK;
491 case UBIFS_ITYPE_BLK:
492 return DT_BLK;
493 case UBIFS_ITYPE_CHR:
494 return DT_CHR;
495 case UBIFS_ITYPE_FIFO:
496 return DT_FIFO;
497 case UBIFS_ITYPE_SOCK:
498 return DT_SOCK;
499 default:
500 BUG();
501 }
502 return 0;
503 }
504
505 /*
506 * The classical Unix view for directory is that it is a linear array of
507 * (name, inode number) entries. Linux/VFS assumes this model as well.
508 * Particularly, 'readdir()' call wants us to return a directory entry offset
509 * which later may be used to continue 'readdir()'ing the directory or to
510 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this
511 * model because directory entries are identified by keys, which may collide.
512 *
513 * UBIFS uses directory entry hash value for directory offsets, so
514 * 'seekdir()'/'telldir()' may not always work because of possible key
515 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work
516 * properly by means of saving full directory entry name in the private field
517 * of the file description object.
518 *
519 * This means that UBIFS cannot support NFS which requires full
520 * 'seekdir()'/'telldir()' support.
521 */
ubifs_readdir(struct file * file,struct dir_context * ctx)522 static int ubifs_readdir(struct file *file, struct dir_context *ctx)
523 {
524 int fstr_real_len = 0, err = 0;
525 struct fscrypt_name nm;
526 struct fscrypt_str fstr = {0};
527 union ubifs_key key;
528 struct ubifs_dent_node *dent;
529 struct inode *dir = file_inode(file);
530 struct ubifs_info *c = dir->i_sb->s_fs_info;
531 bool encrypted = ubifs_crypt_is_encrypted(dir);
532
533 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
534
535 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2)
536 /*
537 * The directory was seek'ed to a senseless position or there
538 * are no more entries.
539 */
540 return 0;
541
542 if (encrypted) {
543 err = fscrypt_get_encryption_info(dir);
544 if (err && err != -ENOKEY)
545 return err;
546
547 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr);
548 if (err)
549 return err;
550
551 fstr_real_len = fstr.len;
552 }
553
554 if (file->f_version == 0) {
555 /*
556 * The file was seek'ed, which means that @file->private_data
557 * is now invalid. This may also be just the first
558 * 'ubifs_readdir()' invocation, in which case
559 * @file->private_data is NULL, and the below code is
560 * basically a no-op.
561 */
562 kfree(file->private_data);
563 file->private_data = NULL;
564 }
565
566 /*
567 * 'generic_file_llseek()' unconditionally sets @file->f_version to
568 * zero, and we use this for detecting whether the file was seek'ed.
569 */
570 file->f_version = 1;
571
572 /* File positions 0 and 1 correspond to "." and ".." */
573 if (ctx->pos < 2) {
574 ubifs_assert(c, !file->private_data);
575 if (!dir_emit_dots(file, ctx)) {
576 if (encrypted)
577 fscrypt_fname_free_buffer(&fstr);
578 return 0;
579 }
580
581 /* Find the first entry in TNC and save it */
582 lowest_dent_key(c, &key, dir->i_ino);
583 fname_len(&nm) = 0;
584 dent = ubifs_tnc_next_ent(c, &key, &nm);
585 if (IS_ERR(dent)) {
586 err = PTR_ERR(dent);
587 goto out;
588 }
589
590 ctx->pos = key_hash_flash(c, &dent->key);
591 file->private_data = dent;
592 }
593
594 dent = file->private_data;
595 if (!dent) {
596 /*
597 * The directory was seek'ed to and is now readdir'ed.
598 * Find the entry corresponding to @ctx->pos or the closest one.
599 */
600 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos);
601 fname_len(&nm) = 0;
602 dent = ubifs_tnc_next_ent(c, &key, &nm);
603 if (IS_ERR(dent)) {
604 err = PTR_ERR(dent);
605 goto out;
606 }
607 ctx->pos = key_hash_flash(c, &dent->key);
608 file->private_data = dent;
609 }
610
611 while (1) {
612 dbg_gen("ino %llu, new f_pos %#x",
613 (unsigned long long)le64_to_cpu(dent->inum),
614 key_hash_flash(c, &dent->key));
615 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) >
616 ubifs_inode(dir)->creat_sqnum);
617
618 fname_len(&nm) = le16_to_cpu(dent->nlen);
619 fname_name(&nm) = dent->name;
620
621 if (encrypted) {
622 fstr.len = fstr_real_len;
623
624 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c,
625 &dent->key),
626 le32_to_cpu(dent->cookie),
627 &nm.disk_name, &fstr);
628 if (err)
629 goto out;
630 } else {
631 fstr.len = fname_len(&nm);
632 fstr.name = fname_name(&nm);
633 }
634
635 if (!dir_emit(ctx, fstr.name, fstr.len,
636 le64_to_cpu(dent->inum),
637 vfs_dent_type(dent->type))) {
638 if (encrypted)
639 fscrypt_fname_free_buffer(&fstr);
640 return 0;
641 }
642
643 /* Switch to the next entry */
644 key_read(c, &dent->key, &key);
645 dent = ubifs_tnc_next_ent(c, &key, &nm);
646 if (IS_ERR(dent)) {
647 err = PTR_ERR(dent);
648 goto out;
649 }
650
651 kfree(file->private_data);
652 ctx->pos = key_hash_flash(c, &dent->key);
653 file->private_data = dent;
654 cond_resched();
655 }
656
657 out:
658 kfree(file->private_data);
659 file->private_data = NULL;
660
661 if (encrypted)
662 fscrypt_fname_free_buffer(&fstr);
663
664 if (err != -ENOENT)
665 ubifs_err(c, "cannot find next direntry, error %d", err);
666 else
667 /*
668 * -ENOENT is a non-fatal error in this context, the TNC uses
669 * it to indicate that the cursor moved past the current directory
670 * and readdir() has to stop.
671 */
672 err = 0;
673
674
675 /* 2 is a special value indicating that there are no more direntries */
676 ctx->pos = 2;
677 return err;
678 }
679
680 /* Free saved readdir() state when the directory is closed */
ubifs_dir_release(struct inode * dir,struct file * file)681 static int ubifs_dir_release(struct inode *dir, struct file *file)
682 {
683 kfree(file->private_data);
684 file->private_data = NULL;
685 return 0;
686 }
687
688 /**
689 * lock_2_inodes - a wrapper for locking two UBIFS inodes.
690 * @inode1: first inode
691 * @inode2: second inode
692 *
693 * We do not implement any tricks to guarantee strict lock ordering, because
694 * VFS has already done it for us on the @i_mutex. So this is just a simple
695 * wrapper function.
696 */
lock_2_inodes(struct inode * inode1,struct inode * inode2)697 static void lock_2_inodes(struct inode *inode1, struct inode *inode2)
698 {
699 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
700 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
701 }
702
703 /**
704 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes.
705 * @inode1: first inode
706 * @inode2: second inode
707 */
unlock_2_inodes(struct inode * inode1,struct inode * inode2)708 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2)
709 {
710 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
711 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
712 }
713
ubifs_link(struct dentry * old_dentry,struct inode * dir,struct dentry * dentry)714 static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
715 struct dentry *dentry)
716 {
717 struct ubifs_info *c = dir->i_sb->s_fs_info;
718 struct inode *inode = d_inode(old_dentry);
719 struct ubifs_inode *ui = ubifs_inode(inode);
720 struct ubifs_inode *dir_ui = ubifs_inode(dir);
721 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
722 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2,
723 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
724 struct fscrypt_name nm;
725
726 /*
727 * Budget request settings: new direntry, changing the target inode,
728 * changing the parent inode.
729 */
730
731 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu",
732 dentry, inode->i_ino,
733 inode->i_nlink, dir->i_ino);
734 ubifs_assert(c, inode_is_locked(dir));
735 ubifs_assert(c, inode_is_locked(inode));
736
737 err = fscrypt_prepare_link(old_dentry, dir, dentry);
738 if (err)
739 return err;
740
741 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
742 if (err)
743 return err;
744
745 err = dbg_check_synced_i_size(c, inode);
746 if (err)
747 goto out_fname;
748
749 err = ubifs_budget_space(c, &req);
750 if (err)
751 goto out_fname;
752
753 lock_2_inodes(dir, inode);
754
755 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */
756 if (inode->i_nlink == 0)
757 ubifs_delete_orphan(c, inode->i_ino);
758
759 inc_nlink(inode);
760 ihold(inode);
761 inode->i_ctime = current_time(inode);
762 dir->i_size += sz_change;
763 dir_ui->ui_size = dir->i_size;
764 dir->i_mtime = dir->i_ctime = inode->i_ctime;
765 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
766 if (err)
767 goto out_cancel;
768 unlock_2_inodes(dir, inode);
769
770 ubifs_release_budget(c, &req);
771 d_instantiate(dentry, inode);
772 fscrypt_free_filename(&nm);
773 return 0;
774
775 out_cancel:
776 dir->i_size -= sz_change;
777 dir_ui->ui_size = dir->i_size;
778 drop_nlink(inode);
779 if (inode->i_nlink == 0)
780 ubifs_add_orphan(c, inode->i_ino);
781 unlock_2_inodes(dir, inode);
782 ubifs_release_budget(c, &req);
783 iput(inode);
784 out_fname:
785 fscrypt_free_filename(&nm);
786 return err;
787 }
788
ubifs_unlink(struct inode * dir,struct dentry * dentry)789 static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
790 {
791 struct ubifs_info *c = dir->i_sb->s_fs_info;
792 struct inode *inode = d_inode(dentry);
793 struct ubifs_inode *dir_ui = ubifs_inode(dir);
794 int err, sz_change, budgeted = 1;
795 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
796 unsigned int saved_nlink = inode->i_nlink;
797 struct fscrypt_name nm;
798
799 /*
800 * Budget request settings: deletion direntry, deletion inode (+1 for
801 * @dirtied_ino), changing the parent directory inode. If budgeting
802 * fails, go ahead anyway because we have extra space reserved for
803 * deletions.
804 */
805
806 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
807 dentry, inode->i_ino,
808 inode->i_nlink, dir->i_ino);
809
810 if (ubifs_crypt_is_encrypted(dir)) {
811 err = fscrypt_get_encryption_info(dir);
812 if (err && err != -ENOKEY)
813 return err;
814 }
815
816 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
817 if (err)
818 return err;
819
820 sz_change = CALC_DENT_SIZE(fname_len(&nm));
821
822 ubifs_assert(c, inode_is_locked(dir));
823 ubifs_assert(c, inode_is_locked(inode));
824 err = dbg_check_synced_i_size(c, inode);
825 if (err)
826 goto out_fname;
827
828 err = ubifs_budget_space(c, &req);
829 if (err) {
830 if (err != -ENOSPC)
831 goto out_fname;
832 budgeted = 0;
833 }
834
835 lock_2_inodes(dir, inode);
836 inode->i_ctime = current_time(dir);
837 drop_nlink(inode);
838 dir->i_size -= sz_change;
839 dir_ui->ui_size = dir->i_size;
840 dir->i_mtime = dir->i_ctime = inode->i_ctime;
841 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
842 if (err)
843 goto out_cancel;
844 unlock_2_inodes(dir, inode);
845
846 if (budgeted)
847 ubifs_release_budget(c, &req);
848 else {
849 /* We've deleted something - clean the "no space" flags */
850 c->bi.nospace = c->bi.nospace_rp = 0;
851 smp_wmb();
852 }
853 fscrypt_free_filename(&nm);
854 return 0;
855
856 out_cancel:
857 dir->i_size += sz_change;
858 dir_ui->ui_size = dir->i_size;
859 set_nlink(inode, saved_nlink);
860 unlock_2_inodes(dir, inode);
861 if (budgeted)
862 ubifs_release_budget(c, &req);
863 out_fname:
864 fscrypt_free_filename(&nm);
865 return err;
866 }
867
868 /**
869 * check_dir_empty - check if a directory is empty or not.
870 * @dir: VFS inode object of the directory to check
871 *
872 * This function checks if directory @dir is empty. Returns zero if the
873 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes
874 * in case of of errors.
875 */
ubifs_check_dir_empty(struct inode * dir)876 int ubifs_check_dir_empty(struct inode *dir)
877 {
878 struct ubifs_info *c = dir->i_sb->s_fs_info;
879 struct fscrypt_name nm = { 0 };
880 struct ubifs_dent_node *dent;
881 union ubifs_key key;
882 int err;
883
884 lowest_dent_key(c, &key, dir->i_ino);
885 dent = ubifs_tnc_next_ent(c, &key, &nm);
886 if (IS_ERR(dent)) {
887 err = PTR_ERR(dent);
888 if (err == -ENOENT)
889 err = 0;
890 } else {
891 kfree(dent);
892 err = -ENOTEMPTY;
893 }
894 return err;
895 }
896
ubifs_rmdir(struct inode * dir,struct dentry * dentry)897 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
898 {
899 struct ubifs_info *c = dir->i_sb->s_fs_info;
900 struct inode *inode = d_inode(dentry);
901 int err, sz_change, budgeted = 1;
902 struct ubifs_inode *dir_ui = ubifs_inode(dir);
903 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
904 struct fscrypt_name nm;
905
906 /*
907 * Budget request settings: deletion direntry, deletion inode and
908 * changing the parent inode. If budgeting fails, go ahead anyway
909 * because we have extra space reserved for deletions.
910 */
911
912 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry,
913 inode->i_ino, dir->i_ino);
914 ubifs_assert(c, inode_is_locked(dir));
915 ubifs_assert(c, inode_is_locked(inode));
916 err = ubifs_check_dir_empty(d_inode(dentry));
917 if (err)
918 return err;
919
920 if (ubifs_crypt_is_encrypted(dir)) {
921 err = fscrypt_get_encryption_info(dir);
922 if (err && err != -ENOKEY)
923 return err;
924 }
925
926 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
927 if (err)
928 return err;
929
930 sz_change = CALC_DENT_SIZE(fname_len(&nm));
931
932 err = ubifs_budget_space(c, &req);
933 if (err) {
934 if (err != -ENOSPC)
935 goto out_fname;
936 budgeted = 0;
937 }
938
939 lock_2_inodes(dir, inode);
940 inode->i_ctime = current_time(dir);
941 clear_nlink(inode);
942 drop_nlink(dir);
943 dir->i_size -= sz_change;
944 dir_ui->ui_size = dir->i_size;
945 dir->i_mtime = dir->i_ctime = inode->i_ctime;
946 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
947 if (err)
948 goto out_cancel;
949 unlock_2_inodes(dir, inode);
950
951 if (budgeted)
952 ubifs_release_budget(c, &req);
953 else {
954 /* We've deleted something - clean the "no space" flags */
955 c->bi.nospace = c->bi.nospace_rp = 0;
956 smp_wmb();
957 }
958 fscrypt_free_filename(&nm);
959 return 0;
960
961 out_cancel:
962 dir->i_size += sz_change;
963 dir_ui->ui_size = dir->i_size;
964 inc_nlink(dir);
965 set_nlink(inode, 2);
966 unlock_2_inodes(dir, inode);
967 if (budgeted)
968 ubifs_release_budget(c, &req);
969 out_fname:
970 fscrypt_free_filename(&nm);
971 return err;
972 }
973
ubifs_mkdir(struct inode * dir,struct dentry * dentry,umode_t mode)974 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
975 {
976 struct inode *inode;
977 struct ubifs_inode *dir_ui = ubifs_inode(dir);
978 struct ubifs_info *c = dir->i_sb->s_fs_info;
979 int err, sz_change;
980 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
981 .dirtied_ino = 1};
982 struct fscrypt_name nm;
983
984 /*
985 * Budget request settings: new inode, new direntry and changing parent
986 * directory inode.
987 */
988
989 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
990 dentry, mode, dir->i_ino);
991
992 err = ubifs_budget_space(c, &req);
993 if (err)
994 return err;
995
996 err = ubifs_prepare_create(dir, dentry, &nm);
997 if (err)
998 goto out_budg;
999
1000 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1001
1002 inode = ubifs_new_inode(c, dir, S_IFDIR | mode);
1003 if (IS_ERR(inode)) {
1004 err = PTR_ERR(inode);
1005 goto out_fname;
1006 }
1007
1008 err = ubifs_init_security(dir, inode, &dentry->d_name);
1009 if (err)
1010 goto out_inode;
1011
1012 mutex_lock(&dir_ui->ui_mutex);
1013 insert_inode_hash(inode);
1014 inc_nlink(inode);
1015 inc_nlink(dir);
1016 dir->i_size += sz_change;
1017 dir_ui->ui_size = dir->i_size;
1018 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1019 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1020 if (err) {
1021 ubifs_err(c, "cannot create directory, error %d", err);
1022 goto out_cancel;
1023 }
1024 mutex_unlock(&dir_ui->ui_mutex);
1025
1026 ubifs_release_budget(c, &req);
1027 d_instantiate(dentry, inode);
1028 fscrypt_free_filename(&nm);
1029 return 0;
1030
1031 out_cancel:
1032 dir->i_size -= sz_change;
1033 dir_ui->ui_size = dir->i_size;
1034 drop_nlink(dir);
1035 mutex_unlock(&dir_ui->ui_mutex);
1036 out_inode:
1037 make_bad_inode(inode);
1038 iput(inode);
1039 out_fname:
1040 fscrypt_free_filename(&nm);
1041 out_budg:
1042 ubifs_release_budget(c, &req);
1043 return err;
1044 }
1045
ubifs_mknod(struct inode * dir,struct dentry * dentry,umode_t mode,dev_t rdev)1046 static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
1047 umode_t mode, dev_t rdev)
1048 {
1049 struct inode *inode;
1050 struct ubifs_inode *ui;
1051 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1052 struct ubifs_info *c = dir->i_sb->s_fs_info;
1053 union ubifs_dev_desc *dev = NULL;
1054 int sz_change;
1055 int err, devlen = 0;
1056 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1057 .dirtied_ino = 1 };
1058 struct fscrypt_name nm;
1059
1060 /*
1061 * Budget request settings: new inode, new direntry and changing parent
1062 * directory inode.
1063 */
1064
1065 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino);
1066
1067 if (S_ISBLK(mode) || S_ISCHR(mode)) {
1068 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1069 if (!dev)
1070 return -ENOMEM;
1071 devlen = ubifs_encode_dev(dev, rdev);
1072 }
1073
1074 req.new_ino_d = ALIGN(devlen, 8);
1075 err = ubifs_budget_space(c, &req);
1076 if (err) {
1077 kfree(dev);
1078 return err;
1079 }
1080
1081 err = ubifs_prepare_create(dir, dentry, &nm);
1082 if (err) {
1083 kfree(dev);
1084 goto out_budg;
1085 }
1086
1087 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1088
1089 inode = ubifs_new_inode(c, dir, mode);
1090 if (IS_ERR(inode)) {
1091 kfree(dev);
1092 err = PTR_ERR(inode);
1093 goto out_fname;
1094 }
1095
1096 init_special_inode(inode, inode->i_mode, rdev);
1097 inode->i_size = ubifs_inode(inode)->ui_size = devlen;
1098 ui = ubifs_inode(inode);
1099 ui->data = dev;
1100 ui->data_len = devlen;
1101
1102 err = ubifs_init_security(dir, inode, &dentry->d_name);
1103 if (err)
1104 goto out_inode;
1105
1106 mutex_lock(&dir_ui->ui_mutex);
1107 dir->i_size += sz_change;
1108 dir_ui->ui_size = dir->i_size;
1109 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1110 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1111 if (err)
1112 goto out_cancel;
1113 mutex_unlock(&dir_ui->ui_mutex);
1114
1115 ubifs_release_budget(c, &req);
1116 insert_inode_hash(inode);
1117 d_instantiate(dentry, inode);
1118 fscrypt_free_filename(&nm);
1119 return 0;
1120
1121 out_cancel:
1122 dir->i_size -= sz_change;
1123 dir_ui->ui_size = dir->i_size;
1124 mutex_unlock(&dir_ui->ui_mutex);
1125 out_inode:
1126 make_bad_inode(inode);
1127 iput(inode);
1128 out_fname:
1129 fscrypt_free_filename(&nm);
1130 out_budg:
1131 ubifs_release_budget(c, &req);
1132 return err;
1133 }
1134
ubifs_symlink(struct inode * dir,struct dentry * dentry,const char * symname)1135 static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
1136 const char *symname)
1137 {
1138 struct inode *inode;
1139 struct ubifs_inode *ui;
1140 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1141 struct ubifs_info *c = dir->i_sb->s_fs_info;
1142 int err, sz_change, len = strlen(symname);
1143 struct fscrypt_str disk_link;
1144 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1145 .dirtied_ino = 1 };
1146 struct fscrypt_name nm;
1147
1148 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
1149 symname, dir->i_ino);
1150
1151 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA,
1152 &disk_link);
1153 if (err)
1154 return err;
1155
1156 /*
1157 * Budget request settings: new inode, new direntry and changing parent
1158 * directory inode.
1159 */
1160 req.new_ino_d = ALIGN(disk_link.len - 1, 8);
1161 err = ubifs_budget_space(c, &req);
1162 if (err)
1163 return err;
1164
1165 err = ubifs_prepare_create(dir, dentry, &nm);
1166 if (err)
1167 goto out_budg;
1168
1169 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1170
1171 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO);
1172 if (IS_ERR(inode)) {
1173 err = PTR_ERR(inode);
1174 goto out_fname;
1175 }
1176
1177 ui = ubifs_inode(inode);
1178 ui->data = kmalloc(disk_link.len, GFP_NOFS);
1179 if (!ui->data) {
1180 err = -ENOMEM;
1181 goto out_inode;
1182 }
1183
1184 if (IS_ENCRYPTED(inode)) {
1185 disk_link.name = ui->data; /* encrypt directly into ui->data */
1186 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link);
1187 if (err)
1188 goto out_inode;
1189 } else {
1190 memcpy(ui->data, disk_link.name, disk_link.len);
1191 inode->i_link = ui->data;
1192 }
1193
1194 /*
1195 * The terminating zero byte is not written to the flash media and it
1196 * is put just to make later in-memory string processing simpler. Thus,
1197 * data length is @disk_link.len - 1, not @disk_link.len.
1198 */
1199 ui->data_len = disk_link.len - 1;
1200 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1;
1201
1202 err = ubifs_init_security(dir, inode, &dentry->d_name);
1203 if (err)
1204 goto out_inode;
1205
1206 mutex_lock(&dir_ui->ui_mutex);
1207 dir->i_size += sz_change;
1208 dir_ui->ui_size = dir->i_size;
1209 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1210 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1211 if (err)
1212 goto out_cancel;
1213 mutex_unlock(&dir_ui->ui_mutex);
1214
1215 insert_inode_hash(inode);
1216 d_instantiate(dentry, inode);
1217 err = 0;
1218 goto out_fname;
1219
1220 out_cancel:
1221 dir->i_size -= sz_change;
1222 dir_ui->ui_size = dir->i_size;
1223 mutex_unlock(&dir_ui->ui_mutex);
1224 out_inode:
1225 make_bad_inode(inode);
1226 iput(inode);
1227 out_fname:
1228 fscrypt_free_filename(&nm);
1229 out_budg:
1230 ubifs_release_budget(c, &req);
1231 return err;
1232 }
1233
1234 /**
1235 * lock_4_inodes - a wrapper for locking three UBIFS inodes.
1236 * @inode1: first inode
1237 * @inode2: second inode
1238 * @inode3: third inode
1239 * @inode4: fouth inode
1240 *
1241 * This function is used for 'ubifs_rename()' and @inode1 may be the same as
1242 * @inode2 whereas @inode3 and @inode4 may be %NULL.
1243 *
1244 * We do not implement any tricks to guarantee strict lock ordering, because
1245 * VFS has already done it for us on the @i_mutex. So this is just a simple
1246 * wrapper function.
1247 */
lock_4_inodes(struct inode * inode1,struct inode * inode2,struct inode * inode3,struct inode * inode4)1248 static void lock_4_inodes(struct inode *inode1, struct inode *inode2,
1249 struct inode *inode3, struct inode *inode4)
1250 {
1251 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
1252 if (inode2 != inode1)
1253 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
1254 if (inode3)
1255 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3);
1256 if (inode4)
1257 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4);
1258 }
1259
1260 /**
1261 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename.
1262 * @inode1: first inode
1263 * @inode2: second inode
1264 * @inode3: third inode
1265 * @inode4: fouth inode
1266 */
unlock_4_inodes(struct inode * inode1,struct inode * inode2,struct inode * inode3,struct inode * inode4)1267 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2,
1268 struct inode *inode3, struct inode *inode4)
1269 {
1270 if (inode4)
1271 mutex_unlock(&ubifs_inode(inode4)->ui_mutex);
1272 if (inode3)
1273 mutex_unlock(&ubifs_inode(inode3)->ui_mutex);
1274 if (inode1 != inode2)
1275 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
1276 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
1277 }
1278
do_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1279 static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1280 struct inode *new_dir, struct dentry *new_dentry,
1281 unsigned int flags)
1282 {
1283 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1284 struct inode *old_inode = d_inode(old_dentry);
1285 struct inode *new_inode = d_inode(new_dentry);
1286 struct inode *whiteout = NULL;
1287 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode);
1288 struct ubifs_inode *whiteout_ui = NULL;
1289 int err, release, sync = 0, move = (new_dir != old_dir);
1290 int is_dir = S_ISDIR(old_inode->i_mode);
1291 int unlink = !!new_inode, new_sz, old_sz;
1292 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1293 .dirtied_ino = 3 };
1294 struct ubifs_budget_req ino_req = { .dirtied_ino = 1,
1295 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) };
1296 struct timespec64 time;
1297 unsigned int saved_nlink;
1298 struct fscrypt_name old_nm, new_nm;
1299
1300 /*
1301 * Budget request settings: deletion direntry, new direntry, removing
1302 * the old inode, and changing old and new parent directory inodes.
1303 *
1304 * However, this operation also marks the target inode as dirty and
1305 * does not write it, so we allocate budget for the target inode
1306 * separately.
1307 */
1308
1309 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x",
1310 old_dentry, old_inode->i_ino, old_dir->i_ino,
1311 new_dentry, new_dir->i_ino, flags);
1312
1313 if (unlink) {
1314 ubifs_assert(c, inode_is_locked(new_inode));
1315
1316 /* Budget for old inode's data when its nlink > 1. */
1317 req.dirtied_ino_d = ALIGN(ubifs_inode(new_inode)->data_len, 8);
1318 }
1319
1320 if (unlink && is_dir) {
1321 err = ubifs_check_dir_empty(new_inode);
1322 if (err)
1323 return err;
1324 }
1325
1326 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm);
1327 if (err)
1328 return err;
1329
1330 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm);
1331 if (err) {
1332 fscrypt_free_filename(&old_nm);
1333 return err;
1334 }
1335
1336 new_sz = CALC_DENT_SIZE(fname_len(&new_nm));
1337 old_sz = CALC_DENT_SIZE(fname_len(&old_nm));
1338
1339 err = ubifs_budget_space(c, &req);
1340 if (err) {
1341 fscrypt_free_filename(&old_nm);
1342 fscrypt_free_filename(&new_nm);
1343 return err;
1344 }
1345 err = ubifs_budget_space(c, &ino_req);
1346 if (err) {
1347 fscrypt_free_filename(&old_nm);
1348 fscrypt_free_filename(&new_nm);
1349 ubifs_release_budget(c, &req);
1350 return err;
1351 }
1352
1353 if (flags & RENAME_WHITEOUT) {
1354 union ubifs_dev_desc *dev = NULL;
1355 struct ubifs_budget_req wht_req;
1356
1357 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1358 if (!dev) {
1359 err = -ENOMEM;
1360 goto out_release;
1361 }
1362
1363 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout);
1364 if (err) {
1365 kfree(dev);
1366 goto out_release;
1367 }
1368
1369 spin_lock(&whiteout->i_lock);
1370 whiteout->i_state |= I_LINKABLE;
1371 spin_unlock(&whiteout->i_lock);
1372
1373 whiteout_ui = ubifs_inode(whiteout);
1374 whiteout_ui->data = dev;
1375 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0));
1376 ubifs_assert(c, !whiteout_ui->dirty);
1377
1378 memset(&wht_req, 0, sizeof(struct ubifs_budget_req));
1379 wht_req.dirtied_ino = 1;
1380 wht_req.dirtied_ino_d = ALIGN(whiteout_ui->data_len, 8);
1381 /*
1382 * To avoid deadlock between space budget (holds ui_mutex and
1383 * waits wb work) and writeback work(waits ui_mutex), do space
1384 * budget before ubifs inodes locked.
1385 */
1386 err = ubifs_budget_space(c, &wht_req);
1387 if (err) {
1388 iput(whiteout);
1389 goto out_release;
1390 }
1391
1392 /* Add the old_dentry size to the old_dir size. */
1393 old_sz -= CALC_DENT_SIZE(fname_len(&old_nm));
1394 }
1395
1396 lock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1397
1398 /*
1399 * Like most other Unix systems, set the @i_ctime for inodes on a
1400 * rename.
1401 */
1402 time = current_time(old_dir);
1403 old_inode->i_ctime = time;
1404
1405 /* We must adjust parent link count when renaming directories */
1406 if (is_dir) {
1407 if (move) {
1408 /*
1409 * @old_dir loses a link because we are moving
1410 * @old_inode to a different directory.
1411 */
1412 drop_nlink(old_dir);
1413 /*
1414 * @new_dir only gains a link if we are not also
1415 * overwriting an existing directory.
1416 */
1417 if (!unlink)
1418 inc_nlink(new_dir);
1419 } else {
1420 /*
1421 * @old_inode is not moving to a different directory,
1422 * but @old_dir still loses a link if we are
1423 * overwriting an existing directory.
1424 */
1425 if (unlink)
1426 drop_nlink(old_dir);
1427 }
1428 }
1429
1430 old_dir->i_size -= old_sz;
1431 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1432 old_dir->i_mtime = old_dir->i_ctime = time;
1433 new_dir->i_mtime = new_dir->i_ctime = time;
1434
1435 /*
1436 * And finally, if we unlinked a direntry which happened to have the
1437 * same name as the moved direntry, we have to decrement @i_nlink of
1438 * the unlinked inode and change its ctime.
1439 */
1440 if (unlink) {
1441 /*
1442 * Directories cannot have hard-links, so if this is a
1443 * directory, just clear @i_nlink.
1444 */
1445 saved_nlink = new_inode->i_nlink;
1446 if (is_dir)
1447 clear_nlink(new_inode);
1448 else
1449 drop_nlink(new_inode);
1450 new_inode->i_ctime = time;
1451 } else {
1452 new_dir->i_size += new_sz;
1453 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1454 }
1455
1456 /*
1457 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode
1458 * is dirty, because this will be done later on at the end of
1459 * 'ubifs_rename()'.
1460 */
1461 if (IS_SYNC(old_inode)) {
1462 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1463 if (unlink && IS_SYNC(new_inode))
1464 sync = 1;
1465 }
1466
1467 if (whiteout) {
1468 inc_nlink(whiteout);
1469 mark_inode_dirty(whiteout);
1470
1471 spin_lock(&whiteout->i_lock);
1472 whiteout->i_state &= ~I_LINKABLE;
1473 spin_unlock(&whiteout->i_lock);
1474
1475 iput(whiteout);
1476 }
1477
1478 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir,
1479 new_inode, &new_nm, whiteout, sync);
1480 if (err)
1481 goto out_cancel;
1482
1483 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1484 ubifs_release_budget(c, &req);
1485
1486 mutex_lock(&old_inode_ui->ui_mutex);
1487 release = old_inode_ui->dirty;
1488 mark_inode_dirty_sync(old_inode);
1489 mutex_unlock(&old_inode_ui->ui_mutex);
1490
1491 if (release)
1492 ubifs_release_budget(c, &ino_req);
1493 if (IS_SYNC(old_inode))
1494 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL);
1495
1496 fscrypt_free_filename(&old_nm);
1497 fscrypt_free_filename(&new_nm);
1498 return err;
1499
1500 out_cancel:
1501 if (unlink) {
1502 set_nlink(new_inode, saved_nlink);
1503 } else {
1504 new_dir->i_size -= new_sz;
1505 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1506 }
1507 old_dir->i_size += old_sz;
1508 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1509 if (is_dir) {
1510 if (move) {
1511 inc_nlink(old_dir);
1512 if (!unlink)
1513 drop_nlink(new_dir);
1514 } else {
1515 if (unlink)
1516 inc_nlink(old_dir);
1517 }
1518 }
1519 if (whiteout) {
1520 drop_nlink(whiteout);
1521 iput(whiteout);
1522 }
1523 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1524 out_release:
1525 ubifs_release_budget(c, &ino_req);
1526 ubifs_release_budget(c, &req);
1527 fscrypt_free_filename(&old_nm);
1528 fscrypt_free_filename(&new_nm);
1529 return err;
1530 }
1531
ubifs_xrename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)1532 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
1533 struct inode *new_dir, struct dentry *new_dentry)
1534 {
1535 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1536 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1537 .dirtied_ino = 2 };
1538 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1539 struct inode *fst_inode = d_inode(old_dentry);
1540 struct inode *snd_inode = d_inode(new_dentry);
1541 struct timespec64 time;
1542 int err;
1543 struct fscrypt_name fst_nm, snd_nm;
1544
1545 ubifs_assert(c, fst_inode && snd_inode);
1546
1547 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm);
1548 if (err)
1549 return err;
1550
1551 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm);
1552 if (err) {
1553 fscrypt_free_filename(&fst_nm);
1554 return err;
1555 }
1556
1557 err = ubifs_budget_space(c, &req);
1558 if (err)
1559 goto out;
1560
1561 lock_4_inodes(old_dir, new_dir, NULL, NULL);
1562
1563 time = current_time(old_dir);
1564 fst_inode->i_ctime = time;
1565 snd_inode->i_ctime = time;
1566 old_dir->i_mtime = old_dir->i_ctime = time;
1567 new_dir->i_mtime = new_dir->i_ctime = time;
1568
1569 if (old_dir != new_dir) {
1570 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) {
1571 inc_nlink(new_dir);
1572 drop_nlink(old_dir);
1573 }
1574 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) {
1575 drop_nlink(new_dir);
1576 inc_nlink(old_dir);
1577 }
1578 }
1579
1580 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir,
1581 snd_inode, &snd_nm, sync);
1582
1583 unlock_4_inodes(old_dir, new_dir, NULL, NULL);
1584 ubifs_release_budget(c, &req);
1585
1586 out:
1587 fscrypt_free_filename(&fst_nm);
1588 fscrypt_free_filename(&snd_nm);
1589 return err;
1590 }
1591
ubifs_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1592 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry,
1593 struct inode *new_dir, struct dentry *new_dentry,
1594 unsigned int flags)
1595 {
1596 int err;
1597 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1598
1599 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE))
1600 return -EINVAL;
1601
1602 ubifs_assert(c, inode_is_locked(old_dir));
1603 ubifs_assert(c, inode_is_locked(new_dir));
1604
1605 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry,
1606 flags);
1607 if (err)
1608 return err;
1609
1610 if (flags & RENAME_EXCHANGE)
1611 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry);
1612
1613 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags);
1614 }
1615
ubifs_getattr(const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1616 int ubifs_getattr(const struct path *path, struct kstat *stat,
1617 u32 request_mask, unsigned int flags)
1618 {
1619 loff_t size;
1620 struct inode *inode = d_inode(path->dentry);
1621 struct ubifs_inode *ui = ubifs_inode(inode);
1622
1623 mutex_lock(&ui->ui_mutex);
1624
1625 if (ui->flags & UBIFS_APPEND_FL)
1626 stat->attributes |= STATX_ATTR_APPEND;
1627 if (ui->flags & UBIFS_COMPR_FL)
1628 stat->attributes |= STATX_ATTR_COMPRESSED;
1629 if (ui->flags & UBIFS_CRYPT_FL)
1630 stat->attributes |= STATX_ATTR_ENCRYPTED;
1631 if (ui->flags & UBIFS_IMMUTABLE_FL)
1632 stat->attributes |= STATX_ATTR_IMMUTABLE;
1633
1634 stat->attributes_mask |= (STATX_ATTR_APPEND |
1635 STATX_ATTR_COMPRESSED |
1636 STATX_ATTR_ENCRYPTED |
1637 STATX_ATTR_IMMUTABLE);
1638
1639 generic_fillattr(inode, stat);
1640 stat->blksize = UBIFS_BLOCK_SIZE;
1641 stat->size = ui->ui_size;
1642
1643 /*
1644 * Unfortunately, the 'stat()' system call was designed for block
1645 * device based file systems, and it is not appropriate for UBIFS,
1646 * because UBIFS does not have notion of "block". For example, it is
1647 * difficult to tell how many block a directory takes - it actually
1648 * takes less than 300 bytes, but we have to round it to block size,
1649 * which introduces large mistake. This makes utilities like 'du' to
1650 * report completely senseless numbers. This is the reason why UBIFS
1651 * goes the same way as JFFS2 - it reports zero blocks for everything
1652 * but regular files, which makes more sense than reporting completely
1653 * wrong sizes.
1654 */
1655 if (S_ISREG(inode->i_mode)) {
1656 size = ui->xattr_size;
1657 size += stat->size;
1658 size = ALIGN(size, UBIFS_BLOCK_SIZE);
1659 /*
1660 * Note, user-space expects 512-byte blocks count irrespectively
1661 * of what was reported in @stat->size.
1662 */
1663 stat->blocks = size >> 9;
1664 } else
1665 stat->blocks = 0;
1666 mutex_unlock(&ui->ui_mutex);
1667 return 0;
1668 }
1669
ubifs_dir_open(struct inode * dir,struct file * file)1670 static int ubifs_dir_open(struct inode *dir, struct file *file)
1671 {
1672 if (ubifs_crypt_is_encrypted(dir))
1673 return fscrypt_get_encryption_info(dir) ? -EACCES : 0;
1674
1675 return 0;
1676 }
1677
1678 const struct inode_operations ubifs_dir_inode_operations = {
1679 .lookup = ubifs_lookup,
1680 .create = ubifs_create,
1681 .link = ubifs_link,
1682 .symlink = ubifs_symlink,
1683 .unlink = ubifs_unlink,
1684 .mkdir = ubifs_mkdir,
1685 .rmdir = ubifs_rmdir,
1686 .mknod = ubifs_mknod,
1687 .rename = ubifs_rename,
1688 .setattr = ubifs_setattr,
1689 .getattr = ubifs_getattr,
1690 #ifdef CONFIG_UBIFS_FS_XATTR
1691 .listxattr = ubifs_listxattr,
1692 #endif
1693 #ifdef CONFIG_UBIFS_ATIME_SUPPORT
1694 .update_time = ubifs_update_time,
1695 #endif
1696 .tmpfile = ubifs_tmpfile,
1697 };
1698
1699 const struct file_operations ubifs_dir_operations = {
1700 .llseek = generic_file_llseek,
1701 .release = ubifs_dir_release,
1702 .read = generic_read_dir,
1703 .iterate_shared = ubifs_readdir,
1704 .fsync = ubifs_fsync,
1705 .unlocked_ioctl = ubifs_ioctl,
1706 .open = ubifs_dir_open,
1707 #ifdef CONFIG_COMPAT
1708 .compat_ioctl = ubifs_compat_ioctl,
1709 #endif
1710 };
1711