1 /* * This file is part of UBIFS.
2 *
3 * Copyright (C) 2006-2008 Nokia Corporation.
4 * Copyright (C) 2006, 2007 University of Szeged, Hungary
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published by
8 * the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18 *
19 * Authors: Artem Bityutskiy (Битюцкий Артём)
20 * Adrian Hunter
21 * Zoltan Sogor
22 */
23
24 /*
25 * This file implements directory operations.
26 *
27 * All FS operations in this file allocate budget before writing anything to the
28 * media. If they fail to allocate it, the error is returned. The only
29 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even
30 * if they unable to allocate the budget, because deletion %-ENOSPC failure is
31 * not what users are usually ready to get. UBIFS budgeting subsystem has some
32 * space reserved for these purposes.
33 *
34 * All operations in this file write all inodes which they change straight
35 * away, instead of marking them dirty. For example, 'ubifs_link()' changes
36 * @i_size of the parent inode and writes the parent inode together with the
37 * target inode. This was done to simplify file-system recovery which would
38 * otherwise be very difficult to do. The only exception is rename which marks
39 * the re-named inode dirty (because its @i_ctime is updated) but does not
40 * write it, but just marks it as dirty.
41 */
42
43 #include "ubifs.h"
44
45 /**
46 * inherit_flags - inherit flags of the parent inode.
47 * @dir: parent inode
48 * @mode: new inode mode flags
49 *
50 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the
51 * parent directory inode @dir. UBIFS inodes inherit the following flags:
52 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on
53 * sub-directory basis;
54 * o %UBIFS_SYNC_FL - useful for the same reasons;
55 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories.
56 *
57 * This function returns the inherited flags.
58 */
inherit_flags(const struct inode * dir,umode_t mode)59 static int inherit_flags(const struct inode *dir, umode_t mode)
60 {
61 int flags;
62 const struct ubifs_inode *ui = ubifs_inode(dir);
63
64 if (!S_ISDIR(dir->i_mode))
65 /*
66 * The parent is not a directory, which means that an extended
67 * attribute inode is being created. No flags.
68 */
69 return 0;
70
71 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL);
72 if (!S_ISDIR(mode))
73 /* The "DIRSYNC" flag only applies to directories */
74 flags &= ~UBIFS_DIRSYNC_FL;
75 return flags;
76 }
77
78 /**
79 * ubifs_new_inode - allocate new UBIFS inode object.
80 * @c: UBIFS file-system description object
81 * @dir: parent directory inode
82 * @mode: inode mode flags
83 *
84 * This function finds an unused inode number, allocates new inode and
85 * initializes it. Returns new inode in case of success and an error code in
86 * case of failure.
87 */
ubifs_new_inode(struct ubifs_info * c,struct inode * dir,umode_t mode)88 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir,
89 umode_t mode)
90 {
91 int err;
92 struct inode *inode;
93 struct ubifs_inode *ui;
94 bool encrypted = false;
95
96 if (ubifs_crypt_is_encrypted(dir)) {
97 err = fscrypt_get_encryption_info(dir);
98 if (err) {
99 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err);
100 return ERR_PTR(err);
101 }
102
103 if (!fscrypt_has_encryption_key(dir))
104 return ERR_PTR(-EPERM);
105
106 encrypted = true;
107 }
108
109 inode = new_inode(c->vfs_sb);
110 ui = ubifs_inode(inode);
111 if (!inode)
112 return ERR_PTR(-ENOMEM);
113
114 /*
115 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and
116 * marking them dirty in file write path (see 'file_update_time()').
117 * UBIFS has to fully control "clean <-> dirty" transitions of inodes
118 * to make budgeting work.
119 */
120 inode->i_flags |= S_NOCMTIME;
121
122 inode_init_owner(inode, dir, mode);
123 inode->i_mtime = inode->i_atime = inode->i_ctime =
124 current_time(inode);
125 inode->i_mapping->nrpages = 0;
126
127 switch (mode & S_IFMT) {
128 case S_IFREG:
129 inode->i_mapping->a_ops = &ubifs_file_address_operations;
130 inode->i_op = &ubifs_file_inode_operations;
131 inode->i_fop = &ubifs_file_operations;
132 break;
133 case S_IFDIR:
134 inode->i_op = &ubifs_dir_inode_operations;
135 inode->i_fop = &ubifs_dir_operations;
136 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ;
137 break;
138 case S_IFLNK:
139 inode->i_op = &ubifs_symlink_inode_operations;
140 break;
141 case S_IFSOCK:
142 case S_IFIFO:
143 case S_IFBLK:
144 case S_IFCHR:
145 inode->i_op = &ubifs_file_inode_operations;
146 encrypted = false;
147 break;
148 default:
149 BUG();
150 }
151
152 ui->flags = inherit_flags(dir, mode);
153 ubifs_set_inode_flags(inode);
154 if (S_ISREG(mode))
155 ui->compr_type = c->default_compr;
156 else
157 ui->compr_type = UBIFS_COMPR_NONE;
158 ui->synced_i_size = 0;
159
160 spin_lock(&c->cnt_lock);
161 /* Inode number overflow is currently not supported */
162 if (c->highest_inum >= INUM_WARN_WATERMARK) {
163 if (c->highest_inum >= INUM_WATERMARK) {
164 spin_unlock(&c->cnt_lock);
165 ubifs_err(c, "out of inode numbers");
166 make_bad_inode(inode);
167 iput(inode);
168 return ERR_PTR(-EINVAL);
169 }
170 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)",
171 (unsigned long)c->highest_inum, INUM_WATERMARK);
172 }
173
174 inode->i_ino = ++c->highest_inum;
175 /*
176 * The creation sequence number remains with this inode for its
177 * lifetime. All nodes for this inode have a greater sequence number,
178 * and so it is possible to distinguish obsolete nodes belonging to a
179 * previous incarnation of the same inode number - for example, for the
180 * purpose of rebuilding the index.
181 */
182 ui->creat_sqnum = ++c->max_sqnum;
183 spin_unlock(&c->cnt_lock);
184
185 if (encrypted) {
186 err = fscrypt_inherit_context(dir, inode, &encrypted, true);
187 if (err) {
188 ubifs_err(c, "fscrypt_inherit_context failed: %i", err);
189 make_bad_inode(inode);
190 iput(inode);
191 return ERR_PTR(err);
192 }
193 }
194
195 return inode;
196 }
197
dbg_check_name(const struct ubifs_info * c,const struct ubifs_dent_node * dent,const struct fscrypt_name * nm)198 static int dbg_check_name(const struct ubifs_info *c,
199 const struct ubifs_dent_node *dent,
200 const struct fscrypt_name *nm)
201 {
202 if (!dbg_is_chk_gen(c))
203 return 0;
204 if (le16_to_cpu(dent->nlen) != fname_len(nm))
205 return -EINVAL;
206 if (memcmp(dent->name, fname_name(nm), fname_len(nm)))
207 return -EINVAL;
208 return 0;
209 }
210
ubifs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)211 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
212 unsigned int flags)
213 {
214 int err;
215 union ubifs_key key;
216 struct inode *inode = NULL;
217 struct ubifs_dent_node *dent = NULL;
218 struct ubifs_info *c = dir->i_sb->s_fs_info;
219 struct fscrypt_name nm;
220
221 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
222
223 err = fscrypt_prepare_lookup(dir, dentry, flags);
224 if (err)
225 return ERR_PTR(err);
226
227 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
228 if (err)
229 return ERR_PTR(err);
230
231 if (fname_len(&nm) > UBIFS_MAX_NLEN) {
232 inode = ERR_PTR(-ENAMETOOLONG);
233 goto done;
234 }
235
236 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
237 if (!dent) {
238 inode = ERR_PTR(-ENOMEM);
239 goto done;
240 }
241
242 if (nm.hash) {
243 ubifs_assert(c, fname_len(&nm) == 0);
244 ubifs_assert(c, fname_name(&nm) == NULL);
245 dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
246 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
247 } else {
248 dent_key_init(c, &key, dir->i_ino, &nm);
249 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm);
250 }
251
252 if (err) {
253 if (err == -ENOENT)
254 dbg_gen("not found");
255 else
256 inode = ERR_PTR(err);
257 goto done;
258 }
259
260 if (dbg_check_name(c, dent, &nm)) {
261 inode = ERR_PTR(-EINVAL);
262 goto done;
263 }
264
265 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum));
266 if (IS_ERR(inode)) {
267 /*
268 * This should not happen. Probably the file-system needs
269 * checking.
270 */
271 err = PTR_ERR(inode);
272 ubifs_err(c, "dead directory entry '%pd', error %d",
273 dentry, err);
274 ubifs_ro_mode(c, err);
275 goto done;
276 }
277
278 if (ubifs_crypt_is_encrypted(dir) &&
279 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
280 !fscrypt_has_permitted_context(dir, inode)) {
281 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu",
282 dir->i_ino, inode->i_ino);
283 iput(inode);
284 inode = ERR_PTR(-EPERM);
285 }
286
287 done:
288 kfree(dent);
289 fscrypt_free_filename(&nm);
290 return d_splice_alias(inode, dentry);
291 }
292
ubifs_create(struct inode * dir,struct dentry * dentry,umode_t mode,bool excl)293 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
294 bool excl)
295 {
296 struct inode *inode;
297 struct ubifs_info *c = dir->i_sb->s_fs_info;
298 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
299 .dirtied_ino = 1 };
300 struct ubifs_inode *dir_ui = ubifs_inode(dir);
301 struct fscrypt_name nm;
302 int err, sz_change;
303
304 /*
305 * Budget request settings: new inode, new direntry, changing the
306 * parent directory inode.
307 */
308
309 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
310 dentry, mode, dir->i_ino);
311
312 err = ubifs_budget_space(c, &req);
313 if (err)
314 return err;
315
316 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
317 if (err)
318 goto out_budg;
319
320 sz_change = CALC_DENT_SIZE(fname_len(&nm));
321
322 inode = ubifs_new_inode(c, dir, mode);
323 if (IS_ERR(inode)) {
324 err = PTR_ERR(inode);
325 goto out_fname;
326 }
327
328 err = ubifs_init_security(dir, inode, &dentry->d_name);
329 if (err)
330 goto out_inode;
331
332 mutex_lock(&dir_ui->ui_mutex);
333 dir->i_size += sz_change;
334 dir_ui->ui_size = dir->i_size;
335 dir->i_mtime = dir->i_ctime = inode->i_ctime;
336 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
337 if (err)
338 goto out_cancel;
339 mutex_unlock(&dir_ui->ui_mutex);
340
341 ubifs_release_budget(c, &req);
342 fscrypt_free_filename(&nm);
343 insert_inode_hash(inode);
344 d_instantiate(dentry, inode);
345 return 0;
346
347 out_cancel:
348 dir->i_size -= sz_change;
349 dir_ui->ui_size = dir->i_size;
350 mutex_unlock(&dir_ui->ui_mutex);
351 out_inode:
352 make_bad_inode(inode);
353 iput(inode);
354 out_fname:
355 fscrypt_free_filename(&nm);
356 out_budg:
357 ubifs_release_budget(c, &req);
358 ubifs_err(c, "cannot create regular file, error %d", err);
359 return err;
360 }
361
do_tmpfile(struct inode * dir,struct dentry * dentry,umode_t mode,struct inode ** whiteout)362 static int do_tmpfile(struct inode *dir, struct dentry *dentry,
363 umode_t mode, struct inode **whiteout)
364 {
365 struct inode *inode;
366 struct ubifs_info *c = dir->i_sb->s_fs_info;
367 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1};
368 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 };
369 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir);
370 int err, instantiated = 0;
371 struct fscrypt_name nm;
372
373 /*
374 * Budget request settings: new dirty inode, new direntry,
375 * budget for dirtied inode will be released via writeback.
376 */
377
378 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
379 dentry, mode, dir->i_ino);
380
381 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
382 if (err)
383 return err;
384
385 err = ubifs_budget_space(c, &req);
386 if (err) {
387 fscrypt_free_filename(&nm);
388 return err;
389 }
390
391 err = ubifs_budget_space(c, &ino_req);
392 if (err) {
393 ubifs_release_budget(c, &req);
394 fscrypt_free_filename(&nm);
395 return err;
396 }
397
398 inode = ubifs_new_inode(c, dir, mode);
399 if (IS_ERR(inode)) {
400 err = PTR_ERR(inode);
401 goto out_budg;
402 }
403 ui = ubifs_inode(inode);
404
405 if (whiteout) {
406 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV);
407 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations);
408 }
409
410 err = ubifs_init_security(dir, inode, &dentry->d_name);
411 if (err)
412 goto out_inode;
413
414 mutex_lock(&ui->ui_mutex);
415 insert_inode_hash(inode);
416
417 if (whiteout) {
418 mark_inode_dirty(inode);
419 drop_nlink(inode);
420 *whiteout = inode;
421 } else {
422 d_tmpfile(dentry, inode);
423 }
424 ubifs_assert(c, ui->dirty);
425
426 instantiated = 1;
427 mutex_unlock(&ui->ui_mutex);
428
429 mutex_lock(&dir_ui->ui_mutex);
430 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
431 if (err)
432 goto out_cancel;
433 mutex_unlock(&dir_ui->ui_mutex);
434
435 ubifs_release_budget(c, &req);
436
437 return 0;
438
439 out_cancel:
440 mutex_unlock(&dir_ui->ui_mutex);
441 out_inode:
442 make_bad_inode(inode);
443 if (!instantiated)
444 iput(inode);
445 out_budg:
446 ubifs_release_budget(c, &req);
447 if (!instantiated)
448 ubifs_release_budget(c, &ino_req);
449 fscrypt_free_filename(&nm);
450 ubifs_err(c, "cannot create temporary file, error %d", err);
451 return err;
452 }
453
ubifs_tmpfile(struct inode * dir,struct dentry * dentry,umode_t mode)454 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry,
455 umode_t mode)
456 {
457 return do_tmpfile(dir, dentry, mode, NULL);
458 }
459
460 /**
461 * vfs_dent_type - get VFS directory entry type.
462 * @type: UBIFS directory entry type
463 *
464 * This function converts UBIFS directory entry type into VFS directory entry
465 * type.
466 */
vfs_dent_type(uint8_t type)467 static unsigned int vfs_dent_type(uint8_t type)
468 {
469 switch (type) {
470 case UBIFS_ITYPE_REG:
471 return DT_REG;
472 case UBIFS_ITYPE_DIR:
473 return DT_DIR;
474 case UBIFS_ITYPE_LNK:
475 return DT_LNK;
476 case UBIFS_ITYPE_BLK:
477 return DT_BLK;
478 case UBIFS_ITYPE_CHR:
479 return DT_CHR;
480 case UBIFS_ITYPE_FIFO:
481 return DT_FIFO;
482 case UBIFS_ITYPE_SOCK:
483 return DT_SOCK;
484 default:
485 BUG();
486 }
487 return 0;
488 }
489
490 /*
491 * The classical Unix view for directory is that it is a linear array of
492 * (name, inode number) entries. Linux/VFS assumes this model as well.
493 * Particularly, 'readdir()' call wants us to return a directory entry offset
494 * which later may be used to continue 'readdir()'ing the directory or to
495 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this
496 * model because directory entries are identified by keys, which may collide.
497 *
498 * UBIFS uses directory entry hash value for directory offsets, so
499 * 'seekdir()'/'telldir()' may not always work because of possible key
500 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work
501 * properly by means of saving full directory entry name in the private field
502 * of the file description object.
503 *
504 * This means that UBIFS cannot support NFS which requires full
505 * 'seekdir()'/'telldir()' support.
506 */
ubifs_readdir(struct file * file,struct dir_context * ctx)507 static int ubifs_readdir(struct file *file, struct dir_context *ctx)
508 {
509 int fstr_real_len = 0, err = 0;
510 struct fscrypt_name nm;
511 struct fscrypt_str fstr = {0};
512 union ubifs_key key;
513 struct ubifs_dent_node *dent;
514 struct inode *dir = file_inode(file);
515 struct ubifs_info *c = dir->i_sb->s_fs_info;
516 bool encrypted = ubifs_crypt_is_encrypted(dir);
517
518 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
519
520 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2)
521 /*
522 * The directory was seek'ed to a senseless position or there
523 * are no more entries.
524 */
525 return 0;
526
527 if (encrypted) {
528 err = fscrypt_get_encryption_info(dir);
529 if (err && err != -ENOKEY)
530 return err;
531
532 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr);
533 if (err)
534 return err;
535
536 fstr_real_len = fstr.len;
537 }
538
539 if (file->f_version == 0) {
540 /*
541 * The file was seek'ed, which means that @file->private_data
542 * is now invalid. This may also be just the first
543 * 'ubifs_readdir()' invocation, in which case
544 * @file->private_data is NULL, and the below code is
545 * basically a no-op.
546 */
547 kfree(file->private_data);
548 file->private_data = NULL;
549 }
550
551 /*
552 * 'generic_file_llseek()' unconditionally sets @file->f_version to
553 * zero, and we use this for detecting whether the file was seek'ed.
554 */
555 file->f_version = 1;
556
557 /* File positions 0 and 1 correspond to "." and ".." */
558 if (ctx->pos < 2) {
559 ubifs_assert(c, !file->private_data);
560 if (!dir_emit_dots(file, ctx)) {
561 if (encrypted)
562 fscrypt_fname_free_buffer(&fstr);
563 return 0;
564 }
565
566 /* Find the first entry in TNC and save it */
567 lowest_dent_key(c, &key, dir->i_ino);
568 fname_len(&nm) = 0;
569 dent = ubifs_tnc_next_ent(c, &key, &nm);
570 if (IS_ERR(dent)) {
571 err = PTR_ERR(dent);
572 goto out;
573 }
574
575 ctx->pos = key_hash_flash(c, &dent->key);
576 file->private_data = dent;
577 }
578
579 dent = file->private_data;
580 if (!dent) {
581 /*
582 * The directory was seek'ed to and is now readdir'ed.
583 * Find the entry corresponding to @ctx->pos or the closest one.
584 */
585 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos);
586 fname_len(&nm) = 0;
587 dent = ubifs_tnc_next_ent(c, &key, &nm);
588 if (IS_ERR(dent)) {
589 err = PTR_ERR(dent);
590 goto out;
591 }
592 ctx->pos = key_hash_flash(c, &dent->key);
593 file->private_data = dent;
594 }
595
596 while (1) {
597 dbg_gen("ino %llu, new f_pos %#x",
598 (unsigned long long)le64_to_cpu(dent->inum),
599 key_hash_flash(c, &dent->key));
600 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) >
601 ubifs_inode(dir)->creat_sqnum);
602
603 fname_len(&nm) = le16_to_cpu(dent->nlen);
604 fname_name(&nm) = dent->name;
605
606 if (encrypted) {
607 fstr.len = fstr_real_len;
608
609 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c,
610 &dent->key),
611 le32_to_cpu(dent->cookie),
612 &nm.disk_name, &fstr);
613 if (err)
614 goto out;
615 } else {
616 fstr.len = fname_len(&nm);
617 fstr.name = fname_name(&nm);
618 }
619
620 if (!dir_emit(ctx, fstr.name, fstr.len,
621 le64_to_cpu(dent->inum),
622 vfs_dent_type(dent->type))) {
623 if (encrypted)
624 fscrypt_fname_free_buffer(&fstr);
625 return 0;
626 }
627
628 /* Switch to the next entry */
629 key_read(c, &dent->key, &key);
630 dent = ubifs_tnc_next_ent(c, &key, &nm);
631 if (IS_ERR(dent)) {
632 err = PTR_ERR(dent);
633 goto out;
634 }
635
636 kfree(file->private_data);
637 ctx->pos = key_hash_flash(c, &dent->key);
638 file->private_data = dent;
639 cond_resched();
640 }
641
642 out:
643 kfree(file->private_data);
644 file->private_data = NULL;
645
646 if (encrypted)
647 fscrypt_fname_free_buffer(&fstr);
648
649 if (err != -ENOENT)
650 ubifs_err(c, "cannot find next direntry, error %d", err);
651 else
652 /*
653 * -ENOENT is a non-fatal error in this context, the TNC uses
654 * it to indicate that the cursor moved past the current directory
655 * and readdir() has to stop.
656 */
657 err = 0;
658
659
660 /* 2 is a special value indicating that there are no more direntries */
661 ctx->pos = 2;
662 return err;
663 }
664
665 /* Free saved readdir() state when the directory is closed */
ubifs_dir_release(struct inode * dir,struct file * file)666 static int ubifs_dir_release(struct inode *dir, struct file *file)
667 {
668 kfree(file->private_data);
669 file->private_data = NULL;
670 return 0;
671 }
672
673 /**
674 * lock_2_inodes - a wrapper for locking two UBIFS inodes.
675 * @inode1: first inode
676 * @inode2: second inode
677 *
678 * We do not implement any tricks to guarantee strict lock ordering, because
679 * VFS has already done it for us on the @i_mutex. So this is just a simple
680 * wrapper function.
681 */
lock_2_inodes(struct inode * inode1,struct inode * inode2)682 static void lock_2_inodes(struct inode *inode1, struct inode *inode2)
683 {
684 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
685 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
686 }
687
688 /**
689 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes.
690 * @inode1: first inode
691 * @inode2: second inode
692 */
unlock_2_inodes(struct inode * inode1,struct inode * inode2)693 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2)
694 {
695 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
696 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
697 }
698
ubifs_link(struct dentry * old_dentry,struct inode * dir,struct dentry * dentry)699 static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
700 struct dentry *dentry)
701 {
702 struct ubifs_info *c = dir->i_sb->s_fs_info;
703 struct inode *inode = d_inode(old_dentry);
704 struct ubifs_inode *ui = ubifs_inode(inode);
705 struct ubifs_inode *dir_ui = ubifs_inode(dir);
706 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
707 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2,
708 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
709 struct fscrypt_name nm;
710
711 /*
712 * Budget request settings: new direntry, changing the target inode,
713 * changing the parent inode.
714 */
715
716 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu",
717 dentry, inode->i_ino,
718 inode->i_nlink, dir->i_ino);
719 ubifs_assert(c, inode_is_locked(dir));
720 ubifs_assert(c, inode_is_locked(inode));
721
722 err = fscrypt_prepare_link(old_dentry, dir, dentry);
723 if (err)
724 return err;
725
726 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
727 if (err)
728 return err;
729
730 err = dbg_check_synced_i_size(c, inode);
731 if (err)
732 goto out_fname;
733
734 err = ubifs_budget_space(c, &req);
735 if (err)
736 goto out_fname;
737
738 lock_2_inodes(dir, inode);
739
740 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */
741 if (inode->i_nlink == 0)
742 ubifs_delete_orphan(c, inode->i_ino);
743
744 inc_nlink(inode);
745 ihold(inode);
746 inode->i_ctime = current_time(inode);
747 dir->i_size += sz_change;
748 dir_ui->ui_size = dir->i_size;
749 dir->i_mtime = dir->i_ctime = inode->i_ctime;
750 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
751 if (err)
752 goto out_cancel;
753 unlock_2_inodes(dir, inode);
754
755 ubifs_release_budget(c, &req);
756 d_instantiate(dentry, inode);
757 fscrypt_free_filename(&nm);
758 return 0;
759
760 out_cancel:
761 dir->i_size -= sz_change;
762 dir_ui->ui_size = dir->i_size;
763 drop_nlink(inode);
764 if (inode->i_nlink == 0)
765 ubifs_add_orphan(c, inode->i_ino);
766 unlock_2_inodes(dir, inode);
767 ubifs_release_budget(c, &req);
768 iput(inode);
769 out_fname:
770 fscrypt_free_filename(&nm);
771 return err;
772 }
773
ubifs_unlink(struct inode * dir,struct dentry * dentry)774 static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
775 {
776 struct ubifs_info *c = dir->i_sb->s_fs_info;
777 struct inode *inode = d_inode(dentry);
778 struct ubifs_inode *dir_ui = ubifs_inode(dir);
779 int err, sz_change, budgeted = 1;
780 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
781 unsigned int saved_nlink = inode->i_nlink;
782 struct fscrypt_name nm;
783
784 /*
785 * Budget request settings: deletion direntry, deletion inode (+1 for
786 * @dirtied_ino), changing the parent directory inode. If budgeting
787 * fails, go ahead anyway because we have extra space reserved for
788 * deletions.
789 */
790
791 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
792 dentry, inode->i_ino,
793 inode->i_nlink, dir->i_ino);
794
795 if (ubifs_crypt_is_encrypted(dir)) {
796 err = fscrypt_get_encryption_info(dir);
797 if (err && err != -ENOKEY)
798 return err;
799 }
800
801 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
802 if (err)
803 return err;
804
805 sz_change = CALC_DENT_SIZE(fname_len(&nm));
806
807 ubifs_assert(c, inode_is_locked(dir));
808 ubifs_assert(c, inode_is_locked(inode));
809 err = dbg_check_synced_i_size(c, inode);
810 if (err)
811 goto out_fname;
812
813 err = ubifs_budget_space(c, &req);
814 if (err) {
815 if (err != -ENOSPC)
816 goto out_fname;
817 budgeted = 0;
818 }
819
820 lock_2_inodes(dir, inode);
821 inode->i_ctime = current_time(dir);
822 drop_nlink(inode);
823 dir->i_size -= sz_change;
824 dir_ui->ui_size = dir->i_size;
825 dir->i_mtime = dir->i_ctime = inode->i_ctime;
826 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
827 if (err)
828 goto out_cancel;
829 unlock_2_inodes(dir, inode);
830
831 if (budgeted)
832 ubifs_release_budget(c, &req);
833 else {
834 /* We've deleted something - clean the "no space" flags */
835 c->bi.nospace = c->bi.nospace_rp = 0;
836 smp_wmb();
837 }
838 fscrypt_free_filename(&nm);
839 return 0;
840
841 out_cancel:
842 dir->i_size += sz_change;
843 dir_ui->ui_size = dir->i_size;
844 set_nlink(inode, saved_nlink);
845 unlock_2_inodes(dir, inode);
846 if (budgeted)
847 ubifs_release_budget(c, &req);
848 out_fname:
849 fscrypt_free_filename(&nm);
850 return err;
851 }
852
853 /**
854 * check_dir_empty - check if a directory is empty or not.
855 * @dir: VFS inode object of the directory to check
856 *
857 * This function checks if directory @dir is empty. Returns zero if the
858 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes
859 * in case of of errors.
860 */
ubifs_check_dir_empty(struct inode * dir)861 int ubifs_check_dir_empty(struct inode *dir)
862 {
863 struct ubifs_info *c = dir->i_sb->s_fs_info;
864 struct fscrypt_name nm = { 0 };
865 struct ubifs_dent_node *dent;
866 union ubifs_key key;
867 int err;
868
869 lowest_dent_key(c, &key, dir->i_ino);
870 dent = ubifs_tnc_next_ent(c, &key, &nm);
871 if (IS_ERR(dent)) {
872 err = PTR_ERR(dent);
873 if (err == -ENOENT)
874 err = 0;
875 } else {
876 kfree(dent);
877 err = -ENOTEMPTY;
878 }
879 return err;
880 }
881
ubifs_rmdir(struct inode * dir,struct dentry * dentry)882 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
883 {
884 struct ubifs_info *c = dir->i_sb->s_fs_info;
885 struct inode *inode = d_inode(dentry);
886 int err, sz_change, budgeted = 1;
887 struct ubifs_inode *dir_ui = ubifs_inode(dir);
888 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
889 struct fscrypt_name nm;
890
891 /*
892 * Budget request settings: deletion direntry, deletion inode and
893 * changing the parent inode. If budgeting fails, go ahead anyway
894 * because we have extra space reserved for deletions.
895 */
896
897 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry,
898 inode->i_ino, dir->i_ino);
899 ubifs_assert(c, inode_is_locked(dir));
900 ubifs_assert(c, inode_is_locked(inode));
901 err = ubifs_check_dir_empty(d_inode(dentry));
902 if (err)
903 return err;
904
905 if (ubifs_crypt_is_encrypted(dir)) {
906 err = fscrypt_get_encryption_info(dir);
907 if (err && err != -ENOKEY)
908 return err;
909 }
910
911 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
912 if (err)
913 return err;
914
915 sz_change = CALC_DENT_SIZE(fname_len(&nm));
916
917 err = ubifs_budget_space(c, &req);
918 if (err) {
919 if (err != -ENOSPC)
920 goto out_fname;
921 budgeted = 0;
922 }
923
924 lock_2_inodes(dir, inode);
925 inode->i_ctime = current_time(dir);
926 clear_nlink(inode);
927 drop_nlink(dir);
928 dir->i_size -= sz_change;
929 dir_ui->ui_size = dir->i_size;
930 dir->i_mtime = dir->i_ctime = inode->i_ctime;
931 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
932 if (err)
933 goto out_cancel;
934 unlock_2_inodes(dir, inode);
935
936 if (budgeted)
937 ubifs_release_budget(c, &req);
938 else {
939 /* We've deleted something - clean the "no space" flags */
940 c->bi.nospace = c->bi.nospace_rp = 0;
941 smp_wmb();
942 }
943 fscrypt_free_filename(&nm);
944 return 0;
945
946 out_cancel:
947 dir->i_size += sz_change;
948 dir_ui->ui_size = dir->i_size;
949 inc_nlink(dir);
950 set_nlink(inode, 2);
951 unlock_2_inodes(dir, inode);
952 if (budgeted)
953 ubifs_release_budget(c, &req);
954 out_fname:
955 fscrypt_free_filename(&nm);
956 return err;
957 }
958
ubifs_mkdir(struct inode * dir,struct dentry * dentry,umode_t mode)959 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
960 {
961 struct inode *inode;
962 struct ubifs_inode *dir_ui = ubifs_inode(dir);
963 struct ubifs_info *c = dir->i_sb->s_fs_info;
964 int err, sz_change;
965 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 };
966 struct fscrypt_name nm;
967
968 /*
969 * Budget request settings: new inode, new direntry and changing parent
970 * directory inode.
971 */
972
973 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
974 dentry, mode, dir->i_ino);
975
976 err = ubifs_budget_space(c, &req);
977 if (err)
978 return err;
979
980 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
981 if (err)
982 goto out_budg;
983
984 sz_change = CALC_DENT_SIZE(fname_len(&nm));
985
986 inode = ubifs_new_inode(c, dir, S_IFDIR | mode);
987 if (IS_ERR(inode)) {
988 err = PTR_ERR(inode);
989 goto out_fname;
990 }
991
992 err = ubifs_init_security(dir, inode, &dentry->d_name);
993 if (err)
994 goto out_inode;
995
996 mutex_lock(&dir_ui->ui_mutex);
997 insert_inode_hash(inode);
998 inc_nlink(inode);
999 inc_nlink(dir);
1000 dir->i_size += sz_change;
1001 dir_ui->ui_size = dir->i_size;
1002 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1003 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1004 if (err) {
1005 ubifs_err(c, "cannot create directory, error %d", err);
1006 goto out_cancel;
1007 }
1008 mutex_unlock(&dir_ui->ui_mutex);
1009
1010 ubifs_release_budget(c, &req);
1011 d_instantiate(dentry, inode);
1012 fscrypt_free_filename(&nm);
1013 return 0;
1014
1015 out_cancel:
1016 dir->i_size -= sz_change;
1017 dir_ui->ui_size = dir->i_size;
1018 drop_nlink(dir);
1019 mutex_unlock(&dir_ui->ui_mutex);
1020 out_inode:
1021 make_bad_inode(inode);
1022 iput(inode);
1023 out_fname:
1024 fscrypt_free_filename(&nm);
1025 out_budg:
1026 ubifs_release_budget(c, &req);
1027 return err;
1028 }
1029
ubifs_mknod(struct inode * dir,struct dentry * dentry,umode_t mode,dev_t rdev)1030 static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
1031 umode_t mode, dev_t rdev)
1032 {
1033 struct inode *inode;
1034 struct ubifs_inode *ui;
1035 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1036 struct ubifs_info *c = dir->i_sb->s_fs_info;
1037 union ubifs_dev_desc *dev = NULL;
1038 int sz_change;
1039 int err, devlen = 0;
1040 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1041 .dirtied_ino = 1 };
1042 struct fscrypt_name nm;
1043
1044 /*
1045 * Budget request settings: new inode, new direntry and changing parent
1046 * directory inode.
1047 */
1048
1049 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino);
1050
1051 if (S_ISBLK(mode) || S_ISCHR(mode)) {
1052 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1053 if (!dev)
1054 return -ENOMEM;
1055 devlen = ubifs_encode_dev(dev, rdev);
1056 }
1057
1058 req.new_ino_d = ALIGN(devlen, 8);
1059 err = ubifs_budget_space(c, &req);
1060 if (err) {
1061 kfree(dev);
1062 return err;
1063 }
1064
1065 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1066 if (err) {
1067 kfree(dev);
1068 goto out_budg;
1069 }
1070
1071 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1072
1073 inode = ubifs_new_inode(c, dir, mode);
1074 if (IS_ERR(inode)) {
1075 kfree(dev);
1076 err = PTR_ERR(inode);
1077 goto out_fname;
1078 }
1079
1080 init_special_inode(inode, inode->i_mode, rdev);
1081 inode->i_size = ubifs_inode(inode)->ui_size = devlen;
1082 ui = ubifs_inode(inode);
1083 ui->data = dev;
1084 ui->data_len = devlen;
1085
1086 err = ubifs_init_security(dir, inode, &dentry->d_name);
1087 if (err)
1088 goto out_inode;
1089
1090 mutex_lock(&dir_ui->ui_mutex);
1091 dir->i_size += sz_change;
1092 dir_ui->ui_size = dir->i_size;
1093 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1094 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1095 if (err)
1096 goto out_cancel;
1097 mutex_unlock(&dir_ui->ui_mutex);
1098
1099 ubifs_release_budget(c, &req);
1100 insert_inode_hash(inode);
1101 d_instantiate(dentry, inode);
1102 fscrypt_free_filename(&nm);
1103 return 0;
1104
1105 out_cancel:
1106 dir->i_size -= sz_change;
1107 dir_ui->ui_size = dir->i_size;
1108 mutex_unlock(&dir_ui->ui_mutex);
1109 out_inode:
1110 make_bad_inode(inode);
1111 iput(inode);
1112 out_fname:
1113 fscrypt_free_filename(&nm);
1114 out_budg:
1115 ubifs_release_budget(c, &req);
1116 return err;
1117 }
1118
ubifs_symlink(struct inode * dir,struct dentry * dentry,const char * symname)1119 static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
1120 const char *symname)
1121 {
1122 struct inode *inode;
1123 struct ubifs_inode *ui;
1124 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1125 struct ubifs_info *c = dir->i_sb->s_fs_info;
1126 int err, sz_change, len = strlen(symname);
1127 struct fscrypt_str disk_link;
1128 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1129 .new_ino_d = ALIGN(len, 8),
1130 .dirtied_ino = 1 };
1131 struct fscrypt_name nm;
1132
1133 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
1134 symname, dir->i_ino);
1135
1136 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA,
1137 &disk_link);
1138 if (err)
1139 return err;
1140
1141 /*
1142 * Budget request settings: new inode, new direntry and changing parent
1143 * directory inode.
1144 */
1145 err = ubifs_budget_space(c, &req);
1146 if (err)
1147 return err;
1148
1149 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1150 if (err)
1151 goto out_budg;
1152
1153 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1154
1155 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO);
1156 if (IS_ERR(inode)) {
1157 err = PTR_ERR(inode);
1158 goto out_fname;
1159 }
1160
1161 ui = ubifs_inode(inode);
1162 ui->data = kmalloc(disk_link.len, GFP_NOFS);
1163 if (!ui->data) {
1164 err = -ENOMEM;
1165 goto out_inode;
1166 }
1167
1168 if (IS_ENCRYPTED(inode)) {
1169 disk_link.name = ui->data; /* encrypt directly into ui->data */
1170 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link);
1171 if (err)
1172 goto out_inode;
1173 } else {
1174 memcpy(ui->data, disk_link.name, disk_link.len);
1175 inode->i_link = ui->data;
1176 }
1177
1178 /*
1179 * The terminating zero byte is not written to the flash media and it
1180 * is put just to make later in-memory string processing simpler. Thus,
1181 * data length is @disk_link.len - 1, not @disk_link.len.
1182 */
1183 ui->data_len = disk_link.len - 1;
1184 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1;
1185
1186 err = ubifs_init_security(dir, inode, &dentry->d_name);
1187 if (err)
1188 goto out_inode;
1189
1190 mutex_lock(&dir_ui->ui_mutex);
1191 dir->i_size += sz_change;
1192 dir_ui->ui_size = dir->i_size;
1193 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1194 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1195 if (err)
1196 goto out_cancel;
1197 mutex_unlock(&dir_ui->ui_mutex);
1198
1199 insert_inode_hash(inode);
1200 d_instantiate(dentry, inode);
1201 err = 0;
1202 goto out_fname;
1203
1204 out_cancel:
1205 dir->i_size -= sz_change;
1206 dir_ui->ui_size = dir->i_size;
1207 mutex_unlock(&dir_ui->ui_mutex);
1208 out_inode:
1209 make_bad_inode(inode);
1210 iput(inode);
1211 out_fname:
1212 fscrypt_free_filename(&nm);
1213 out_budg:
1214 ubifs_release_budget(c, &req);
1215 return err;
1216 }
1217
1218 /**
1219 * lock_4_inodes - a wrapper for locking three UBIFS inodes.
1220 * @inode1: first inode
1221 * @inode2: second inode
1222 * @inode3: third inode
1223 * @inode4: fouth inode
1224 *
1225 * This function is used for 'ubifs_rename()' and @inode1 may be the same as
1226 * @inode2 whereas @inode3 and @inode4 may be %NULL.
1227 *
1228 * We do not implement any tricks to guarantee strict lock ordering, because
1229 * VFS has already done it for us on the @i_mutex. So this is just a simple
1230 * wrapper function.
1231 */
lock_4_inodes(struct inode * inode1,struct inode * inode2,struct inode * inode3,struct inode * inode4)1232 static void lock_4_inodes(struct inode *inode1, struct inode *inode2,
1233 struct inode *inode3, struct inode *inode4)
1234 {
1235 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
1236 if (inode2 != inode1)
1237 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
1238 if (inode3)
1239 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3);
1240 if (inode4)
1241 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4);
1242 }
1243
1244 /**
1245 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename.
1246 * @inode1: first inode
1247 * @inode2: second inode
1248 * @inode3: third inode
1249 * @inode4: fouth inode
1250 */
unlock_4_inodes(struct inode * inode1,struct inode * inode2,struct inode * inode3,struct inode * inode4)1251 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2,
1252 struct inode *inode3, struct inode *inode4)
1253 {
1254 if (inode4)
1255 mutex_unlock(&ubifs_inode(inode4)->ui_mutex);
1256 if (inode3)
1257 mutex_unlock(&ubifs_inode(inode3)->ui_mutex);
1258 if (inode1 != inode2)
1259 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
1260 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
1261 }
1262
do_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1263 static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1264 struct inode *new_dir, struct dentry *new_dentry,
1265 unsigned int flags)
1266 {
1267 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1268 struct inode *old_inode = d_inode(old_dentry);
1269 struct inode *new_inode = d_inode(new_dentry);
1270 struct inode *whiteout = NULL;
1271 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode);
1272 struct ubifs_inode *whiteout_ui = NULL;
1273 int err, release, sync = 0, move = (new_dir != old_dir);
1274 int is_dir = S_ISDIR(old_inode->i_mode);
1275 int unlink = !!new_inode, new_sz, old_sz;
1276 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1277 .dirtied_ino = 3 };
1278 struct ubifs_budget_req ino_req = { .dirtied_ino = 1,
1279 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) };
1280 struct timespec64 time;
1281 unsigned int uninitialized_var(saved_nlink);
1282 struct fscrypt_name old_nm, new_nm;
1283
1284 /*
1285 * Budget request settings: deletion direntry, new direntry, removing
1286 * the old inode, and changing old and new parent directory inodes.
1287 *
1288 * However, this operation also marks the target inode as dirty and
1289 * does not write it, so we allocate budget for the target inode
1290 * separately.
1291 */
1292
1293 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x",
1294 old_dentry, old_inode->i_ino, old_dir->i_ino,
1295 new_dentry, new_dir->i_ino, flags);
1296
1297 if (unlink)
1298 ubifs_assert(c, inode_is_locked(new_inode));
1299
1300 if (unlink && is_dir) {
1301 err = ubifs_check_dir_empty(new_inode);
1302 if (err)
1303 return err;
1304 }
1305
1306 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm);
1307 if (err)
1308 return err;
1309
1310 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm);
1311 if (err) {
1312 fscrypt_free_filename(&old_nm);
1313 return err;
1314 }
1315
1316 new_sz = CALC_DENT_SIZE(fname_len(&new_nm));
1317 old_sz = CALC_DENT_SIZE(fname_len(&old_nm));
1318
1319 err = ubifs_budget_space(c, &req);
1320 if (err) {
1321 fscrypt_free_filename(&old_nm);
1322 fscrypt_free_filename(&new_nm);
1323 return err;
1324 }
1325 err = ubifs_budget_space(c, &ino_req);
1326 if (err) {
1327 fscrypt_free_filename(&old_nm);
1328 fscrypt_free_filename(&new_nm);
1329 ubifs_release_budget(c, &req);
1330 return err;
1331 }
1332
1333 if (flags & RENAME_WHITEOUT) {
1334 union ubifs_dev_desc *dev = NULL;
1335
1336 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1337 if (!dev) {
1338 err = -ENOMEM;
1339 goto out_release;
1340 }
1341
1342 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout);
1343 if (err) {
1344 kfree(dev);
1345 goto out_release;
1346 }
1347
1348 whiteout->i_state |= I_LINKABLE;
1349 whiteout_ui = ubifs_inode(whiteout);
1350 whiteout_ui->data = dev;
1351 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0));
1352 ubifs_assert(c, !whiteout_ui->dirty);
1353 }
1354
1355 lock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1356
1357 /*
1358 * Like most other Unix systems, set the @i_ctime for inodes on a
1359 * rename.
1360 */
1361 time = current_time(old_dir);
1362 old_inode->i_ctime = time;
1363
1364 /* We must adjust parent link count when renaming directories */
1365 if (is_dir) {
1366 if (move) {
1367 /*
1368 * @old_dir loses a link because we are moving
1369 * @old_inode to a different directory.
1370 */
1371 drop_nlink(old_dir);
1372 /*
1373 * @new_dir only gains a link if we are not also
1374 * overwriting an existing directory.
1375 */
1376 if (!unlink)
1377 inc_nlink(new_dir);
1378 } else {
1379 /*
1380 * @old_inode is not moving to a different directory,
1381 * but @old_dir still loses a link if we are
1382 * overwriting an existing directory.
1383 */
1384 if (unlink)
1385 drop_nlink(old_dir);
1386 }
1387 }
1388
1389 old_dir->i_size -= old_sz;
1390 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1391 old_dir->i_mtime = old_dir->i_ctime = time;
1392 new_dir->i_mtime = new_dir->i_ctime = time;
1393
1394 /*
1395 * And finally, if we unlinked a direntry which happened to have the
1396 * same name as the moved direntry, we have to decrement @i_nlink of
1397 * the unlinked inode and change its ctime.
1398 */
1399 if (unlink) {
1400 /*
1401 * Directories cannot have hard-links, so if this is a
1402 * directory, just clear @i_nlink.
1403 */
1404 saved_nlink = new_inode->i_nlink;
1405 if (is_dir)
1406 clear_nlink(new_inode);
1407 else
1408 drop_nlink(new_inode);
1409 new_inode->i_ctime = time;
1410 } else {
1411 new_dir->i_size += new_sz;
1412 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1413 }
1414
1415 /*
1416 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode
1417 * is dirty, because this will be done later on at the end of
1418 * 'ubifs_rename()'.
1419 */
1420 if (IS_SYNC(old_inode)) {
1421 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1422 if (unlink && IS_SYNC(new_inode))
1423 sync = 1;
1424 }
1425
1426 if (whiteout) {
1427 struct ubifs_budget_req wht_req = { .dirtied_ino = 1,
1428 .dirtied_ino_d = \
1429 ALIGN(ubifs_inode(whiteout)->data_len, 8) };
1430
1431 err = ubifs_budget_space(c, &wht_req);
1432 if (err) {
1433 kfree(whiteout_ui->data);
1434 whiteout_ui->data_len = 0;
1435 iput(whiteout);
1436 goto out_release;
1437 }
1438
1439 inc_nlink(whiteout);
1440 mark_inode_dirty(whiteout);
1441 whiteout->i_state &= ~I_LINKABLE;
1442 iput(whiteout);
1443 }
1444
1445 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir,
1446 new_inode, &new_nm, whiteout, sync);
1447 if (err)
1448 goto out_cancel;
1449
1450 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1451 ubifs_release_budget(c, &req);
1452
1453 mutex_lock(&old_inode_ui->ui_mutex);
1454 release = old_inode_ui->dirty;
1455 mark_inode_dirty_sync(old_inode);
1456 mutex_unlock(&old_inode_ui->ui_mutex);
1457
1458 if (release)
1459 ubifs_release_budget(c, &ino_req);
1460 if (IS_SYNC(old_inode))
1461 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL);
1462
1463 fscrypt_free_filename(&old_nm);
1464 fscrypt_free_filename(&new_nm);
1465 return err;
1466
1467 out_cancel:
1468 if (unlink) {
1469 set_nlink(new_inode, saved_nlink);
1470 } else {
1471 new_dir->i_size -= new_sz;
1472 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1473 }
1474 old_dir->i_size += old_sz;
1475 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1476 if (is_dir) {
1477 if (move) {
1478 inc_nlink(old_dir);
1479 if (!unlink)
1480 drop_nlink(new_dir);
1481 } else {
1482 if (unlink)
1483 inc_nlink(old_dir);
1484 }
1485 }
1486 if (whiteout) {
1487 drop_nlink(whiteout);
1488 iput(whiteout);
1489 }
1490 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1491 out_release:
1492 ubifs_release_budget(c, &ino_req);
1493 ubifs_release_budget(c, &req);
1494 fscrypt_free_filename(&old_nm);
1495 fscrypt_free_filename(&new_nm);
1496 return err;
1497 }
1498
ubifs_xrename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)1499 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
1500 struct inode *new_dir, struct dentry *new_dentry)
1501 {
1502 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1503 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1504 .dirtied_ino = 2 };
1505 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1506 struct inode *fst_inode = d_inode(old_dentry);
1507 struct inode *snd_inode = d_inode(new_dentry);
1508 struct timespec64 time;
1509 int err;
1510 struct fscrypt_name fst_nm, snd_nm;
1511
1512 ubifs_assert(c, fst_inode && snd_inode);
1513
1514 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm);
1515 if (err)
1516 return err;
1517
1518 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm);
1519 if (err) {
1520 fscrypt_free_filename(&fst_nm);
1521 return err;
1522 }
1523
1524 lock_4_inodes(old_dir, new_dir, NULL, NULL);
1525
1526 time = current_time(old_dir);
1527 fst_inode->i_ctime = time;
1528 snd_inode->i_ctime = time;
1529 old_dir->i_mtime = old_dir->i_ctime = time;
1530 new_dir->i_mtime = new_dir->i_ctime = time;
1531
1532 if (old_dir != new_dir) {
1533 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) {
1534 inc_nlink(new_dir);
1535 drop_nlink(old_dir);
1536 }
1537 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) {
1538 drop_nlink(new_dir);
1539 inc_nlink(old_dir);
1540 }
1541 }
1542
1543 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir,
1544 snd_inode, &snd_nm, sync);
1545
1546 unlock_4_inodes(old_dir, new_dir, NULL, NULL);
1547 ubifs_release_budget(c, &req);
1548
1549 fscrypt_free_filename(&fst_nm);
1550 fscrypt_free_filename(&snd_nm);
1551 return err;
1552 }
1553
ubifs_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1554 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry,
1555 struct inode *new_dir, struct dentry *new_dentry,
1556 unsigned int flags)
1557 {
1558 int err;
1559 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1560
1561 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE))
1562 return -EINVAL;
1563
1564 ubifs_assert(c, inode_is_locked(old_dir));
1565 ubifs_assert(c, inode_is_locked(new_dir));
1566
1567 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry,
1568 flags);
1569 if (err)
1570 return err;
1571
1572 if (flags & RENAME_EXCHANGE)
1573 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry);
1574
1575 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags);
1576 }
1577
ubifs_getattr(const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1578 int ubifs_getattr(const struct path *path, struct kstat *stat,
1579 u32 request_mask, unsigned int flags)
1580 {
1581 loff_t size;
1582 struct inode *inode = d_inode(path->dentry);
1583 struct ubifs_inode *ui = ubifs_inode(inode);
1584
1585 mutex_lock(&ui->ui_mutex);
1586
1587 if (ui->flags & UBIFS_APPEND_FL)
1588 stat->attributes |= STATX_ATTR_APPEND;
1589 if (ui->flags & UBIFS_COMPR_FL)
1590 stat->attributes |= STATX_ATTR_COMPRESSED;
1591 if (ui->flags & UBIFS_CRYPT_FL)
1592 stat->attributes |= STATX_ATTR_ENCRYPTED;
1593 if (ui->flags & UBIFS_IMMUTABLE_FL)
1594 stat->attributes |= STATX_ATTR_IMMUTABLE;
1595
1596 stat->attributes_mask |= (STATX_ATTR_APPEND |
1597 STATX_ATTR_COMPRESSED |
1598 STATX_ATTR_ENCRYPTED |
1599 STATX_ATTR_IMMUTABLE);
1600
1601 generic_fillattr(inode, stat);
1602 stat->blksize = UBIFS_BLOCK_SIZE;
1603 stat->size = ui->ui_size;
1604
1605 /*
1606 * Unfortunately, the 'stat()' system call was designed for block
1607 * device based file systems, and it is not appropriate for UBIFS,
1608 * because UBIFS does not have notion of "block". For example, it is
1609 * difficult to tell how many block a directory takes - it actually
1610 * takes less than 300 bytes, but we have to round it to block size,
1611 * which introduces large mistake. This makes utilities like 'du' to
1612 * report completely senseless numbers. This is the reason why UBIFS
1613 * goes the same way as JFFS2 - it reports zero blocks for everything
1614 * but regular files, which makes more sense than reporting completely
1615 * wrong sizes.
1616 */
1617 if (S_ISREG(inode->i_mode)) {
1618 size = ui->xattr_size;
1619 size += stat->size;
1620 size = ALIGN(size, UBIFS_BLOCK_SIZE);
1621 /*
1622 * Note, user-space expects 512-byte blocks count irrespectively
1623 * of what was reported in @stat->size.
1624 */
1625 stat->blocks = size >> 9;
1626 } else
1627 stat->blocks = 0;
1628 mutex_unlock(&ui->ui_mutex);
1629 return 0;
1630 }
1631
ubifs_dir_open(struct inode * dir,struct file * file)1632 static int ubifs_dir_open(struct inode *dir, struct file *file)
1633 {
1634 if (ubifs_crypt_is_encrypted(dir))
1635 return fscrypt_get_encryption_info(dir) ? -EACCES : 0;
1636
1637 return 0;
1638 }
1639
1640 const struct inode_operations ubifs_dir_inode_operations = {
1641 .lookup = ubifs_lookup,
1642 .create = ubifs_create,
1643 .link = ubifs_link,
1644 .symlink = ubifs_symlink,
1645 .unlink = ubifs_unlink,
1646 .mkdir = ubifs_mkdir,
1647 .rmdir = ubifs_rmdir,
1648 .mknod = ubifs_mknod,
1649 .rename = ubifs_rename,
1650 .setattr = ubifs_setattr,
1651 .getattr = ubifs_getattr,
1652 #ifdef CONFIG_UBIFS_FS_XATTR
1653 .listxattr = ubifs_listxattr,
1654 #endif
1655 #ifdef CONFIG_UBIFS_ATIME_SUPPORT
1656 .update_time = ubifs_update_time,
1657 #endif
1658 .tmpfile = ubifs_tmpfile,
1659 };
1660
1661 const struct file_operations ubifs_dir_operations = {
1662 .llseek = generic_file_llseek,
1663 .release = ubifs_dir_release,
1664 .read = generic_read_dir,
1665 .iterate_shared = ubifs_readdir,
1666 .fsync = ubifs_fsync,
1667 .unlocked_ioctl = ubifs_ioctl,
1668 .open = ubifs_dir_open,
1669 #ifdef CONFIG_COMPAT
1670 .compat_ioctl = ubifs_compat_ioctl,
1671 #endif
1672 };
1673