18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * linux/fs/namei.c 48c2ecf20Sopenharmony_ci * 58c2ecf20Sopenharmony_ci * Copyright (C) 1991, 1992 Linus Torvalds 68c2ecf20Sopenharmony_ci */ 78c2ecf20Sopenharmony_ci 88c2ecf20Sopenharmony_ci/* 98c2ecf20Sopenharmony_ci * Some corrections by tytso. 108c2ecf20Sopenharmony_ci */ 118c2ecf20Sopenharmony_ci 128c2ecf20Sopenharmony_ci/* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname 138c2ecf20Sopenharmony_ci * lookup logic. 148c2ecf20Sopenharmony_ci */ 158c2ecf20Sopenharmony_ci/* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture. 168c2ecf20Sopenharmony_ci */ 178c2ecf20Sopenharmony_ci 188c2ecf20Sopenharmony_ci#include <linux/init.h> 198c2ecf20Sopenharmony_ci#include <linux/export.h> 208c2ecf20Sopenharmony_ci#include <linux/kernel.h> 218c2ecf20Sopenharmony_ci#include <linux/slab.h> 228c2ecf20Sopenharmony_ci#include <linux/fs.h> 238c2ecf20Sopenharmony_ci#include <linux/namei.h> 248c2ecf20Sopenharmony_ci#include <linux/pagemap.h> 258c2ecf20Sopenharmony_ci#include <linux/fsnotify.h> 268c2ecf20Sopenharmony_ci#include <linux/personality.h> 278c2ecf20Sopenharmony_ci#include <linux/security.h> 288c2ecf20Sopenharmony_ci#include <linux/ima.h> 298c2ecf20Sopenharmony_ci#include <linux/syscalls.h> 308c2ecf20Sopenharmony_ci#include <linux/mount.h> 318c2ecf20Sopenharmony_ci#include <linux/audit.h> 328c2ecf20Sopenharmony_ci#include <linux/capability.h> 338c2ecf20Sopenharmony_ci#include <linux/file.h> 348c2ecf20Sopenharmony_ci#include <linux/fcntl.h> 358c2ecf20Sopenharmony_ci#include <linux/device_cgroup.h> 368c2ecf20Sopenharmony_ci#include <linux/fs_struct.h> 378c2ecf20Sopenharmony_ci#include <linux/posix_acl.h> 388c2ecf20Sopenharmony_ci#include <linux/hash.h> 398c2ecf20Sopenharmony_ci#include <linux/bitops.h> 408c2ecf20Sopenharmony_ci#include <linux/init_task.h> 418c2ecf20Sopenharmony_ci#include <linux/uaccess.h> 428c2ecf20Sopenharmony_ci 438c2ecf20Sopenharmony_ci#include "internal.h" 448c2ecf20Sopenharmony_ci#include "mount.h" 458c2ecf20Sopenharmony_ci 468c2ecf20Sopenharmony_ci/* [Feb-1997 T. Schoebel-Theuer] 478c2ecf20Sopenharmony_ci * Fundamental changes in the pathname lookup mechanisms (namei) 488c2ecf20Sopenharmony_ci * were necessary because of omirr. The reason is that omirr needs 498c2ecf20Sopenharmony_ci * to know the _real_ pathname, not the user-supplied one, in case 508c2ecf20Sopenharmony_ci * of symlinks (and also when transname replacements occur). 518c2ecf20Sopenharmony_ci * 528c2ecf20Sopenharmony_ci * The new code replaces the old recursive symlink resolution with 538c2ecf20Sopenharmony_ci * an iterative one (in case of non-nested symlink chains). It does 548c2ecf20Sopenharmony_ci * this with calls to <fs>_follow_link(). 558c2ecf20Sopenharmony_ci * As a side effect, dir_namei(), _namei() and follow_link() are now 568c2ecf20Sopenharmony_ci * replaced with a single function lookup_dentry() that can handle all 578c2ecf20Sopenharmony_ci * the special cases of the former code. 588c2ecf20Sopenharmony_ci * 598c2ecf20Sopenharmony_ci * With the new dcache, the pathname is stored at each inode, at least as 608c2ecf20Sopenharmony_ci * long as the refcount of the inode is positive. As a side effect, the 618c2ecf20Sopenharmony_ci * size of the dcache depends on the inode cache and thus is dynamic. 628c2ecf20Sopenharmony_ci * 638c2ecf20Sopenharmony_ci * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink 648c2ecf20Sopenharmony_ci * resolution to correspond with current state of the code. 658c2ecf20Sopenharmony_ci * 668c2ecf20Sopenharmony_ci * Note that the symlink resolution is not *completely* iterative. 678c2ecf20Sopenharmony_ci * There is still a significant amount of tail- and mid- recursion in 688c2ecf20Sopenharmony_ci * the algorithm. Also, note that <fs>_readlink() is not used in 698c2ecf20Sopenharmony_ci * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink() 708c2ecf20Sopenharmony_ci * may return different results than <fs>_follow_link(). Many virtual 718c2ecf20Sopenharmony_ci * filesystems (including /proc) exhibit this behavior. 728c2ecf20Sopenharmony_ci */ 738c2ecf20Sopenharmony_ci 748c2ecf20Sopenharmony_ci/* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation: 758c2ecf20Sopenharmony_ci * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL 768c2ecf20Sopenharmony_ci * and the name already exists in form of a symlink, try to create the new 778c2ecf20Sopenharmony_ci * name indicated by the symlink. The old code always complained that the 788c2ecf20Sopenharmony_ci * name already exists, due to not following the symlink even if its target 798c2ecf20Sopenharmony_ci * is nonexistent. The new semantics affects also mknod() and link() when 808c2ecf20Sopenharmony_ci * the name is a symlink pointing to a non-existent name. 818c2ecf20Sopenharmony_ci * 828c2ecf20Sopenharmony_ci * I don't know which semantics is the right one, since I have no access 838c2ecf20Sopenharmony_ci * to standards. But I found by trial that HP-UX 9.0 has the full "new" 848c2ecf20Sopenharmony_ci * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the 858c2ecf20Sopenharmony_ci * "old" one. Personally, I think the new semantics is much more logical. 868c2ecf20Sopenharmony_ci * Note that "ln old new" where "new" is a symlink pointing to a non-existing 878c2ecf20Sopenharmony_ci * file does succeed in both HP-UX and SunOs, but not in Solaris 888c2ecf20Sopenharmony_ci * and in the old Linux semantics. 898c2ecf20Sopenharmony_ci */ 908c2ecf20Sopenharmony_ci 918c2ecf20Sopenharmony_ci/* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink 928c2ecf20Sopenharmony_ci * semantics. See the comments in "open_namei" and "do_link" below. 938c2ecf20Sopenharmony_ci * 948c2ecf20Sopenharmony_ci * [10-Sep-98 Alan Modra] Another symlink change. 958c2ecf20Sopenharmony_ci */ 968c2ecf20Sopenharmony_ci 978c2ecf20Sopenharmony_ci/* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks: 988c2ecf20Sopenharmony_ci * inside the path - always follow. 998c2ecf20Sopenharmony_ci * in the last component in creation/removal/renaming - never follow. 1008c2ecf20Sopenharmony_ci * if LOOKUP_FOLLOW passed - follow. 1018c2ecf20Sopenharmony_ci * if the pathname has trailing slashes - follow. 1028c2ecf20Sopenharmony_ci * otherwise - don't follow. 1038c2ecf20Sopenharmony_ci * (applied in that order). 1048c2ecf20Sopenharmony_ci * 1058c2ecf20Sopenharmony_ci * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT 1068c2ecf20Sopenharmony_ci * restored for 2.4. This is the last surviving part of old 4.2BSD bug. 1078c2ecf20Sopenharmony_ci * During the 2.4 we need to fix the userland stuff depending on it - 1088c2ecf20Sopenharmony_ci * hopefully we will be able to get rid of that wart in 2.5. So far only 1098c2ecf20Sopenharmony_ci * XEmacs seems to be relying on it... 1108c2ecf20Sopenharmony_ci */ 1118c2ecf20Sopenharmony_ci/* 1128c2ecf20Sopenharmony_ci * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland) 1138c2ecf20Sopenharmony_ci * implemented. Let's see if raised priority of ->s_vfs_rename_mutex gives 1148c2ecf20Sopenharmony_ci * any extra contention... 1158c2ecf20Sopenharmony_ci */ 1168c2ecf20Sopenharmony_ci 1178c2ecf20Sopenharmony_ci/* In order to reduce some races, while at the same time doing additional 1188c2ecf20Sopenharmony_ci * checking and hopefully speeding things up, we copy filenames to the 1198c2ecf20Sopenharmony_ci * kernel data space before using them.. 1208c2ecf20Sopenharmony_ci * 1218c2ecf20Sopenharmony_ci * POSIX.1 2.4: an empty pathname is invalid (ENOENT). 1228c2ecf20Sopenharmony_ci * PATH_MAX includes the nul terminator --RR. 1238c2ecf20Sopenharmony_ci */ 1248c2ecf20Sopenharmony_ci 1258c2ecf20Sopenharmony_ci#define EMBEDDED_NAME_MAX (PATH_MAX - offsetof(struct filename, iname)) 1268c2ecf20Sopenharmony_ci 1278c2ecf20Sopenharmony_cistruct filename * 1288c2ecf20Sopenharmony_cigetname_flags(const char __user *filename, int flags, int *empty) 1298c2ecf20Sopenharmony_ci{ 1308c2ecf20Sopenharmony_ci struct filename *result; 1318c2ecf20Sopenharmony_ci char *kname; 1328c2ecf20Sopenharmony_ci int len; 1338c2ecf20Sopenharmony_ci 1348c2ecf20Sopenharmony_ci result = audit_reusename(filename); 1358c2ecf20Sopenharmony_ci if (result) 1368c2ecf20Sopenharmony_ci return result; 1378c2ecf20Sopenharmony_ci 1388c2ecf20Sopenharmony_ci result = __getname(); 1398c2ecf20Sopenharmony_ci if (unlikely(!result)) 1408c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 1418c2ecf20Sopenharmony_ci 1428c2ecf20Sopenharmony_ci /* 1438c2ecf20Sopenharmony_ci * First, try to embed the struct filename inside the names_cache 1448c2ecf20Sopenharmony_ci * allocation 1458c2ecf20Sopenharmony_ci */ 1468c2ecf20Sopenharmony_ci kname = (char *)result->iname; 1478c2ecf20Sopenharmony_ci result->name = kname; 1488c2ecf20Sopenharmony_ci 1498c2ecf20Sopenharmony_ci len = strncpy_from_user(kname, filename, EMBEDDED_NAME_MAX); 1508c2ecf20Sopenharmony_ci if (unlikely(len < 0)) { 1518c2ecf20Sopenharmony_ci __putname(result); 1528c2ecf20Sopenharmony_ci return ERR_PTR(len); 1538c2ecf20Sopenharmony_ci } 1548c2ecf20Sopenharmony_ci 1558c2ecf20Sopenharmony_ci /* 1568c2ecf20Sopenharmony_ci * Uh-oh. We have a name that's approaching PATH_MAX. Allocate a 1578c2ecf20Sopenharmony_ci * separate struct filename so we can dedicate the entire 1588c2ecf20Sopenharmony_ci * names_cache allocation for the pathname, and re-do the copy from 1598c2ecf20Sopenharmony_ci * userland. 1608c2ecf20Sopenharmony_ci */ 1618c2ecf20Sopenharmony_ci if (unlikely(len == EMBEDDED_NAME_MAX)) { 1628c2ecf20Sopenharmony_ci const size_t size = offsetof(struct filename, iname[1]); 1638c2ecf20Sopenharmony_ci kname = (char *)result; 1648c2ecf20Sopenharmony_ci 1658c2ecf20Sopenharmony_ci /* 1668c2ecf20Sopenharmony_ci * size is chosen that way we to guarantee that 1678c2ecf20Sopenharmony_ci * result->iname[0] is within the same object and that 1688c2ecf20Sopenharmony_ci * kname can't be equal to result->iname, no matter what. 1698c2ecf20Sopenharmony_ci */ 1708c2ecf20Sopenharmony_ci result = kzalloc(size, GFP_KERNEL); 1718c2ecf20Sopenharmony_ci if (unlikely(!result)) { 1728c2ecf20Sopenharmony_ci __putname(kname); 1738c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 1748c2ecf20Sopenharmony_ci } 1758c2ecf20Sopenharmony_ci result->name = kname; 1768c2ecf20Sopenharmony_ci len = strncpy_from_user(kname, filename, PATH_MAX); 1778c2ecf20Sopenharmony_ci if (unlikely(len < 0)) { 1788c2ecf20Sopenharmony_ci __putname(kname); 1798c2ecf20Sopenharmony_ci kfree(result); 1808c2ecf20Sopenharmony_ci return ERR_PTR(len); 1818c2ecf20Sopenharmony_ci } 1828c2ecf20Sopenharmony_ci if (unlikely(len == PATH_MAX)) { 1838c2ecf20Sopenharmony_ci __putname(kname); 1848c2ecf20Sopenharmony_ci kfree(result); 1858c2ecf20Sopenharmony_ci return ERR_PTR(-ENAMETOOLONG); 1868c2ecf20Sopenharmony_ci } 1878c2ecf20Sopenharmony_ci } 1888c2ecf20Sopenharmony_ci 1898c2ecf20Sopenharmony_ci result->refcnt = 1; 1908c2ecf20Sopenharmony_ci /* The empty path is special. */ 1918c2ecf20Sopenharmony_ci if (unlikely(!len)) { 1928c2ecf20Sopenharmony_ci if (empty) 1938c2ecf20Sopenharmony_ci *empty = 1; 1948c2ecf20Sopenharmony_ci if (!(flags & LOOKUP_EMPTY)) { 1958c2ecf20Sopenharmony_ci putname(result); 1968c2ecf20Sopenharmony_ci return ERR_PTR(-ENOENT); 1978c2ecf20Sopenharmony_ci } 1988c2ecf20Sopenharmony_ci } 1998c2ecf20Sopenharmony_ci 2008c2ecf20Sopenharmony_ci result->uptr = filename; 2018c2ecf20Sopenharmony_ci result->aname = NULL; 2028c2ecf20Sopenharmony_ci audit_getname(result); 2038c2ecf20Sopenharmony_ci return result; 2048c2ecf20Sopenharmony_ci} 2058c2ecf20Sopenharmony_ci 2068c2ecf20Sopenharmony_cistruct filename * 2078c2ecf20Sopenharmony_cigetname(const char __user * filename) 2088c2ecf20Sopenharmony_ci{ 2098c2ecf20Sopenharmony_ci return getname_flags(filename, 0, NULL); 2108c2ecf20Sopenharmony_ci} 2118c2ecf20Sopenharmony_ci 2128c2ecf20Sopenharmony_cistruct filename * 2138c2ecf20Sopenharmony_cigetname_kernel(const char * filename) 2148c2ecf20Sopenharmony_ci{ 2158c2ecf20Sopenharmony_ci struct filename *result; 2168c2ecf20Sopenharmony_ci int len = strlen(filename) + 1; 2178c2ecf20Sopenharmony_ci 2188c2ecf20Sopenharmony_ci result = __getname(); 2198c2ecf20Sopenharmony_ci if (unlikely(!result)) 2208c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 2218c2ecf20Sopenharmony_ci 2228c2ecf20Sopenharmony_ci if (len <= EMBEDDED_NAME_MAX) { 2238c2ecf20Sopenharmony_ci result->name = (char *)result->iname; 2248c2ecf20Sopenharmony_ci } else if (len <= PATH_MAX) { 2258c2ecf20Sopenharmony_ci const size_t size = offsetof(struct filename, iname[1]); 2268c2ecf20Sopenharmony_ci struct filename *tmp; 2278c2ecf20Sopenharmony_ci 2288c2ecf20Sopenharmony_ci tmp = kmalloc(size, GFP_KERNEL); 2298c2ecf20Sopenharmony_ci if (unlikely(!tmp)) { 2308c2ecf20Sopenharmony_ci __putname(result); 2318c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 2328c2ecf20Sopenharmony_ci } 2338c2ecf20Sopenharmony_ci tmp->name = (char *)result; 2348c2ecf20Sopenharmony_ci result = tmp; 2358c2ecf20Sopenharmony_ci } else { 2368c2ecf20Sopenharmony_ci __putname(result); 2378c2ecf20Sopenharmony_ci return ERR_PTR(-ENAMETOOLONG); 2388c2ecf20Sopenharmony_ci } 2398c2ecf20Sopenharmony_ci memcpy((char *)result->name, filename, len); 2408c2ecf20Sopenharmony_ci result->uptr = NULL; 2418c2ecf20Sopenharmony_ci result->aname = NULL; 2428c2ecf20Sopenharmony_ci result->refcnt = 1; 2438c2ecf20Sopenharmony_ci audit_getname(result); 2448c2ecf20Sopenharmony_ci 2458c2ecf20Sopenharmony_ci return result; 2468c2ecf20Sopenharmony_ci} 2478c2ecf20Sopenharmony_ci 2488c2ecf20Sopenharmony_civoid putname(struct filename *name) 2498c2ecf20Sopenharmony_ci{ 2508c2ecf20Sopenharmony_ci BUG_ON(name->refcnt <= 0); 2518c2ecf20Sopenharmony_ci 2528c2ecf20Sopenharmony_ci if (--name->refcnt > 0) 2538c2ecf20Sopenharmony_ci return; 2548c2ecf20Sopenharmony_ci 2558c2ecf20Sopenharmony_ci if (name->name != name->iname) { 2568c2ecf20Sopenharmony_ci __putname(name->name); 2578c2ecf20Sopenharmony_ci kfree(name); 2588c2ecf20Sopenharmony_ci } else 2598c2ecf20Sopenharmony_ci __putname(name); 2608c2ecf20Sopenharmony_ci} 2618c2ecf20Sopenharmony_ci 2628c2ecf20Sopenharmony_cistatic int check_acl(struct inode *inode, int mask) 2638c2ecf20Sopenharmony_ci{ 2648c2ecf20Sopenharmony_ci#ifdef CONFIG_FS_POSIX_ACL 2658c2ecf20Sopenharmony_ci struct posix_acl *acl; 2668c2ecf20Sopenharmony_ci 2678c2ecf20Sopenharmony_ci if (mask & MAY_NOT_BLOCK) { 2688c2ecf20Sopenharmony_ci acl = get_cached_acl_rcu(inode, ACL_TYPE_ACCESS); 2698c2ecf20Sopenharmony_ci if (!acl) 2708c2ecf20Sopenharmony_ci return -EAGAIN; 2718c2ecf20Sopenharmony_ci /* no ->get_acl() calls in RCU mode... */ 2728c2ecf20Sopenharmony_ci if (is_uncached_acl(acl)) 2738c2ecf20Sopenharmony_ci return -ECHILD; 2748c2ecf20Sopenharmony_ci return posix_acl_permission(inode, acl, mask); 2758c2ecf20Sopenharmony_ci } 2768c2ecf20Sopenharmony_ci 2778c2ecf20Sopenharmony_ci acl = get_acl(inode, ACL_TYPE_ACCESS); 2788c2ecf20Sopenharmony_ci if (IS_ERR(acl)) 2798c2ecf20Sopenharmony_ci return PTR_ERR(acl); 2808c2ecf20Sopenharmony_ci if (acl) { 2818c2ecf20Sopenharmony_ci int error = posix_acl_permission(inode, acl, mask); 2828c2ecf20Sopenharmony_ci posix_acl_release(acl); 2838c2ecf20Sopenharmony_ci return error; 2848c2ecf20Sopenharmony_ci } 2858c2ecf20Sopenharmony_ci#endif 2868c2ecf20Sopenharmony_ci 2878c2ecf20Sopenharmony_ci return -EAGAIN; 2888c2ecf20Sopenharmony_ci} 2898c2ecf20Sopenharmony_ci 2908c2ecf20Sopenharmony_ci/* 2918c2ecf20Sopenharmony_ci * This does the basic UNIX permission checking. 2928c2ecf20Sopenharmony_ci * 2938c2ecf20Sopenharmony_ci * Note that the POSIX ACL check cares about the MAY_NOT_BLOCK bit, 2948c2ecf20Sopenharmony_ci * for RCU walking. 2958c2ecf20Sopenharmony_ci */ 2968c2ecf20Sopenharmony_cistatic int acl_permission_check(struct inode *inode, int mask) 2978c2ecf20Sopenharmony_ci{ 2988c2ecf20Sopenharmony_ci unsigned int mode = inode->i_mode; 2998c2ecf20Sopenharmony_ci 3008c2ecf20Sopenharmony_ci /* Are we the owner? If so, ACL's don't matter */ 3018c2ecf20Sopenharmony_ci if (likely(uid_eq(current_fsuid(), inode->i_uid))) { 3028c2ecf20Sopenharmony_ci mask &= 7; 3038c2ecf20Sopenharmony_ci mode >>= 6; 3048c2ecf20Sopenharmony_ci return (mask & ~mode) ? -EACCES : 0; 3058c2ecf20Sopenharmony_ci } 3068c2ecf20Sopenharmony_ci 3078c2ecf20Sopenharmony_ci /* Do we have ACL's? */ 3088c2ecf20Sopenharmony_ci if (IS_POSIXACL(inode) && (mode & S_IRWXG)) { 3098c2ecf20Sopenharmony_ci int error = check_acl(inode, mask); 3108c2ecf20Sopenharmony_ci if (error != -EAGAIN) 3118c2ecf20Sopenharmony_ci return error; 3128c2ecf20Sopenharmony_ci } 3138c2ecf20Sopenharmony_ci 3148c2ecf20Sopenharmony_ci /* Only RWX matters for group/other mode bits */ 3158c2ecf20Sopenharmony_ci mask &= 7; 3168c2ecf20Sopenharmony_ci 3178c2ecf20Sopenharmony_ci /* 3188c2ecf20Sopenharmony_ci * Are the group permissions different from 3198c2ecf20Sopenharmony_ci * the other permissions in the bits we care 3208c2ecf20Sopenharmony_ci * about? Need to check group ownership if so. 3218c2ecf20Sopenharmony_ci */ 3228c2ecf20Sopenharmony_ci if (mask & (mode ^ (mode >> 3))) { 3238c2ecf20Sopenharmony_ci if (in_group_p(inode->i_gid)) 3248c2ecf20Sopenharmony_ci mode >>= 3; 3258c2ecf20Sopenharmony_ci } 3268c2ecf20Sopenharmony_ci 3278c2ecf20Sopenharmony_ci /* Bits in 'mode' clear that we require? */ 3288c2ecf20Sopenharmony_ci return (mask & ~mode) ? -EACCES : 0; 3298c2ecf20Sopenharmony_ci} 3308c2ecf20Sopenharmony_ci 3318c2ecf20Sopenharmony_ci/** 3328c2ecf20Sopenharmony_ci * generic_permission - check for access rights on a Posix-like filesystem 3338c2ecf20Sopenharmony_ci * @inode: inode to check access rights for 3348c2ecf20Sopenharmony_ci * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC, 3358c2ecf20Sopenharmony_ci * %MAY_NOT_BLOCK ...) 3368c2ecf20Sopenharmony_ci * 3378c2ecf20Sopenharmony_ci * Used to check for read/write/execute permissions on a file. 3388c2ecf20Sopenharmony_ci * We use "fsuid" for this, letting us set arbitrary permissions 3398c2ecf20Sopenharmony_ci * for filesystem access without changing the "normal" uids which 3408c2ecf20Sopenharmony_ci * are used for other things. 3418c2ecf20Sopenharmony_ci * 3428c2ecf20Sopenharmony_ci * generic_permission is rcu-walk aware. It returns -ECHILD in case an rcu-walk 3438c2ecf20Sopenharmony_ci * request cannot be satisfied (eg. requires blocking or too much complexity). 3448c2ecf20Sopenharmony_ci * It would then be called again in ref-walk mode. 3458c2ecf20Sopenharmony_ci */ 3468c2ecf20Sopenharmony_ciint generic_permission(struct inode *inode, int mask) 3478c2ecf20Sopenharmony_ci{ 3488c2ecf20Sopenharmony_ci int ret; 3498c2ecf20Sopenharmony_ci 3508c2ecf20Sopenharmony_ci /* 3518c2ecf20Sopenharmony_ci * Do the basic permission checks. 3528c2ecf20Sopenharmony_ci */ 3538c2ecf20Sopenharmony_ci ret = acl_permission_check(inode, mask); 3548c2ecf20Sopenharmony_ci if (ret != -EACCES) 3558c2ecf20Sopenharmony_ci return ret; 3568c2ecf20Sopenharmony_ci 3578c2ecf20Sopenharmony_ci if (S_ISDIR(inode->i_mode)) { 3588c2ecf20Sopenharmony_ci /* DACs are overridable for directories */ 3598c2ecf20Sopenharmony_ci if (!(mask & MAY_WRITE)) 3608c2ecf20Sopenharmony_ci if (capable_wrt_inode_uidgid(inode, 3618c2ecf20Sopenharmony_ci CAP_DAC_READ_SEARCH)) 3628c2ecf20Sopenharmony_ci return 0; 3638c2ecf20Sopenharmony_ci if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE)) 3648c2ecf20Sopenharmony_ci return 0; 3658c2ecf20Sopenharmony_ci return -EACCES; 3668c2ecf20Sopenharmony_ci } 3678c2ecf20Sopenharmony_ci 3688c2ecf20Sopenharmony_ci /* 3698c2ecf20Sopenharmony_ci * Searching includes executable on directories, else just read. 3708c2ecf20Sopenharmony_ci */ 3718c2ecf20Sopenharmony_ci mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 3728c2ecf20Sopenharmony_ci if (mask == MAY_READ) 3738c2ecf20Sopenharmony_ci if (capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH)) 3748c2ecf20Sopenharmony_ci return 0; 3758c2ecf20Sopenharmony_ci /* 3768c2ecf20Sopenharmony_ci * Read/write DACs are always overridable. 3778c2ecf20Sopenharmony_ci * Executable DACs are overridable when there is 3788c2ecf20Sopenharmony_ci * at least one exec bit set. 3798c2ecf20Sopenharmony_ci */ 3808c2ecf20Sopenharmony_ci if (!(mask & MAY_EXEC) || (inode->i_mode & S_IXUGO)) 3818c2ecf20Sopenharmony_ci if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE)) 3828c2ecf20Sopenharmony_ci return 0; 3838c2ecf20Sopenharmony_ci 3848c2ecf20Sopenharmony_ci return -EACCES; 3858c2ecf20Sopenharmony_ci} 3868c2ecf20Sopenharmony_ciEXPORT_SYMBOL(generic_permission); 3878c2ecf20Sopenharmony_ci 3888c2ecf20Sopenharmony_ci/* 3898c2ecf20Sopenharmony_ci * We _really_ want to just do "generic_permission()" without 3908c2ecf20Sopenharmony_ci * even looking at the inode->i_op values. So we keep a cache 3918c2ecf20Sopenharmony_ci * flag in inode->i_opflags, that says "this has not special 3928c2ecf20Sopenharmony_ci * permission function, use the fast case". 3938c2ecf20Sopenharmony_ci */ 3948c2ecf20Sopenharmony_cistatic inline int do_inode_permission(struct inode *inode, int mask) 3958c2ecf20Sopenharmony_ci{ 3968c2ecf20Sopenharmony_ci if (unlikely(!(inode->i_opflags & IOP_FASTPERM))) { 3978c2ecf20Sopenharmony_ci if (likely(inode->i_op->permission)) 3988c2ecf20Sopenharmony_ci return inode->i_op->permission(inode, mask); 3998c2ecf20Sopenharmony_ci 4008c2ecf20Sopenharmony_ci /* This gets set once for the inode lifetime */ 4018c2ecf20Sopenharmony_ci spin_lock(&inode->i_lock); 4028c2ecf20Sopenharmony_ci inode->i_opflags |= IOP_FASTPERM; 4038c2ecf20Sopenharmony_ci spin_unlock(&inode->i_lock); 4048c2ecf20Sopenharmony_ci } 4058c2ecf20Sopenharmony_ci return generic_permission(inode, mask); 4068c2ecf20Sopenharmony_ci} 4078c2ecf20Sopenharmony_ci 4088c2ecf20Sopenharmony_ci/** 4098c2ecf20Sopenharmony_ci * sb_permission - Check superblock-level permissions 4108c2ecf20Sopenharmony_ci * @sb: Superblock of inode to check permission on 4118c2ecf20Sopenharmony_ci * @inode: Inode to check permission on 4128c2ecf20Sopenharmony_ci * @mask: Right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 4138c2ecf20Sopenharmony_ci * 4148c2ecf20Sopenharmony_ci * Separate out file-system wide checks from inode-specific permission checks. 4158c2ecf20Sopenharmony_ci */ 4168c2ecf20Sopenharmony_cistatic int sb_permission(struct super_block *sb, struct inode *inode, int mask) 4178c2ecf20Sopenharmony_ci{ 4188c2ecf20Sopenharmony_ci if (unlikely(mask & MAY_WRITE)) { 4198c2ecf20Sopenharmony_ci umode_t mode = inode->i_mode; 4208c2ecf20Sopenharmony_ci 4218c2ecf20Sopenharmony_ci /* Nobody gets write access to a read-only fs. */ 4228c2ecf20Sopenharmony_ci if (sb_rdonly(sb) && (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 4238c2ecf20Sopenharmony_ci return -EROFS; 4248c2ecf20Sopenharmony_ci } 4258c2ecf20Sopenharmony_ci return 0; 4268c2ecf20Sopenharmony_ci} 4278c2ecf20Sopenharmony_ci 4288c2ecf20Sopenharmony_ci/** 4298c2ecf20Sopenharmony_ci * inode_permission - Check for access rights to a given inode 4308c2ecf20Sopenharmony_ci * @inode: Inode to check permission on 4318c2ecf20Sopenharmony_ci * @mask: Right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC) 4328c2ecf20Sopenharmony_ci * 4338c2ecf20Sopenharmony_ci * Check for read/write/execute permissions on an inode. We use fs[ug]id for 4348c2ecf20Sopenharmony_ci * this, letting us set arbitrary permissions for filesystem access without 4358c2ecf20Sopenharmony_ci * changing the "normal" UIDs which are used for other things. 4368c2ecf20Sopenharmony_ci * 4378c2ecf20Sopenharmony_ci * When checking for MAY_APPEND, MAY_WRITE must also be set in @mask. 4388c2ecf20Sopenharmony_ci */ 4398c2ecf20Sopenharmony_ciint inode_permission(struct inode *inode, int mask) 4408c2ecf20Sopenharmony_ci{ 4418c2ecf20Sopenharmony_ci int retval; 4428c2ecf20Sopenharmony_ci 4438c2ecf20Sopenharmony_ci retval = sb_permission(inode->i_sb, inode, mask); 4448c2ecf20Sopenharmony_ci if (retval) 4458c2ecf20Sopenharmony_ci return retval; 4468c2ecf20Sopenharmony_ci 4478c2ecf20Sopenharmony_ci if (unlikely(mask & MAY_WRITE)) { 4488c2ecf20Sopenharmony_ci /* 4498c2ecf20Sopenharmony_ci * Nobody gets write access to an immutable file. 4508c2ecf20Sopenharmony_ci */ 4518c2ecf20Sopenharmony_ci if (IS_IMMUTABLE(inode)) 4528c2ecf20Sopenharmony_ci return -EPERM; 4538c2ecf20Sopenharmony_ci 4548c2ecf20Sopenharmony_ci /* 4558c2ecf20Sopenharmony_ci * Updating mtime will likely cause i_uid and i_gid to be 4568c2ecf20Sopenharmony_ci * written back improperly if their true value is unknown 4578c2ecf20Sopenharmony_ci * to the vfs. 4588c2ecf20Sopenharmony_ci */ 4598c2ecf20Sopenharmony_ci if (HAS_UNMAPPED_ID(inode)) 4608c2ecf20Sopenharmony_ci return -EACCES; 4618c2ecf20Sopenharmony_ci } 4628c2ecf20Sopenharmony_ci 4638c2ecf20Sopenharmony_ci retval = do_inode_permission(inode, mask); 4648c2ecf20Sopenharmony_ci if (retval) 4658c2ecf20Sopenharmony_ci return retval; 4668c2ecf20Sopenharmony_ci 4678c2ecf20Sopenharmony_ci retval = devcgroup_inode_permission(inode, mask); 4688c2ecf20Sopenharmony_ci if (retval) 4698c2ecf20Sopenharmony_ci return retval; 4708c2ecf20Sopenharmony_ci 4718c2ecf20Sopenharmony_ci return security_inode_permission(inode, mask); 4728c2ecf20Sopenharmony_ci} 4738c2ecf20Sopenharmony_ciEXPORT_SYMBOL(inode_permission); 4748c2ecf20Sopenharmony_ci 4758c2ecf20Sopenharmony_ci/** 4768c2ecf20Sopenharmony_ci * path_get - get a reference to a path 4778c2ecf20Sopenharmony_ci * @path: path to get the reference to 4788c2ecf20Sopenharmony_ci * 4798c2ecf20Sopenharmony_ci * Given a path increment the reference count to the dentry and the vfsmount. 4808c2ecf20Sopenharmony_ci */ 4818c2ecf20Sopenharmony_civoid path_get(const struct path *path) 4828c2ecf20Sopenharmony_ci{ 4838c2ecf20Sopenharmony_ci mntget(path->mnt); 4848c2ecf20Sopenharmony_ci dget(path->dentry); 4858c2ecf20Sopenharmony_ci} 4868c2ecf20Sopenharmony_ciEXPORT_SYMBOL(path_get); 4878c2ecf20Sopenharmony_ci 4888c2ecf20Sopenharmony_ci/** 4898c2ecf20Sopenharmony_ci * path_put - put a reference to a path 4908c2ecf20Sopenharmony_ci * @path: path to put the reference to 4918c2ecf20Sopenharmony_ci * 4928c2ecf20Sopenharmony_ci * Given a path decrement the reference count to the dentry and the vfsmount. 4938c2ecf20Sopenharmony_ci */ 4948c2ecf20Sopenharmony_civoid path_put(const struct path *path) 4958c2ecf20Sopenharmony_ci{ 4968c2ecf20Sopenharmony_ci dput(path->dentry); 4978c2ecf20Sopenharmony_ci mntput(path->mnt); 4988c2ecf20Sopenharmony_ci} 4998c2ecf20Sopenharmony_ciEXPORT_SYMBOL(path_put); 5008c2ecf20Sopenharmony_ci 5018c2ecf20Sopenharmony_ci#define EMBEDDED_LEVELS 2 5028c2ecf20Sopenharmony_cistruct nameidata { 5038c2ecf20Sopenharmony_ci struct path path; 5048c2ecf20Sopenharmony_ci struct qstr last; 5058c2ecf20Sopenharmony_ci struct path root; 5068c2ecf20Sopenharmony_ci struct inode *inode; /* path.dentry.d_inode */ 5078c2ecf20Sopenharmony_ci unsigned int flags, state; 5088c2ecf20Sopenharmony_ci unsigned seq, m_seq, r_seq; 5098c2ecf20Sopenharmony_ci int last_type; 5108c2ecf20Sopenharmony_ci unsigned depth; 5118c2ecf20Sopenharmony_ci int total_link_count; 5128c2ecf20Sopenharmony_ci struct saved { 5138c2ecf20Sopenharmony_ci struct path link; 5148c2ecf20Sopenharmony_ci struct delayed_call done; 5158c2ecf20Sopenharmony_ci const char *name; 5168c2ecf20Sopenharmony_ci unsigned seq; 5178c2ecf20Sopenharmony_ci } *stack, internal[EMBEDDED_LEVELS]; 5188c2ecf20Sopenharmony_ci struct filename *name; 5198c2ecf20Sopenharmony_ci struct nameidata *saved; 5208c2ecf20Sopenharmony_ci unsigned root_seq; 5218c2ecf20Sopenharmony_ci int dfd; 5228c2ecf20Sopenharmony_ci kuid_t dir_uid; 5238c2ecf20Sopenharmony_ci umode_t dir_mode; 5248c2ecf20Sopenharmony_ci} __randomize_layout; 5258c2ecf20Sopenharmony_ci 5268c2ecf20Sopenharmony_ci#define ND_ROOT_PRESET 1 5278c2ecf20Sopenharmony_ci#define ND_ROOT_GRABBED 2 5288c2ecf20Sopenharmony_ci#define ND_JUMPED 4 5298c2ecf20Sopenharmony_ci 5308c2ecf20Sopenharmony_cistatic void set_nameidata(struct nameidata *p, int dfd, struct filename *name) 5318c2ecf20Sopenharmony_ci{ 5328c2ecf20Sopenharmony_ci struct nameidata *old = current->nameidata; 5338c2ecf20Sopenharmony_ci p->stack = p->internal; 5348c2ecf20Sopenharmony_ci p->dfd = dfd; 5358c2ecf20Sopenharmony_ci p->name = name; 5368c2ecf20Sopenharmony_ci p->path.mnt = NULL; 5378c2ecf20Sopenharmony_ci p->path.dentry = NULL; 5388c2ecf20Sopenharmony_ci p->total_link_count = old ? old->total_link_count : 0; 5398c2ecf20Sopenharmony_ci p->saved = old; 5408c2ecf20Sopenharmony_ci p->state = 0; 5418c2ecf20Sopenharmony_ci current->nameidata = p; 5428c2ecf20Sopenharmony_ci} 5438c2ecf20Sopenharmony_ci 5448c2ecf20Sopenharmony_cistatic void restore_nameidata(void) 5458c2ecf20Sopenharmony_ci{ 5468c2ecf20Sopenharmony_ci struct nameidata *now = current->nameidata, *old = now->saved; 5478c2ecf20Sopenharmony_ci 5488c2ecf20Sopenharmony_ci current->nameidata = old; 5498c2ecf20Sopenharmony_ci if (old) 5508c2ecf20Sopenharmony_ci old->total_link_count = now->total_link_count; 5518c2ecf20Sopenharmony_ci if (now->stack != now->internal) 5528c2ecf20Sopenharmony_ci kfree(now->stack); 5538c2ecf20Sopenharmony_ci} 5548c2ecf20Sopenharmony_ci 5558c2ecf20Sopenharmony_cistatic bool nd_alloc_stack(struct nameidata *nd) 5568c2ecf20Sopenharmony_ci{ 5578c2ecf20Sopenharmony_ci struct saved *p; 5588c2ecf20Sopenharmony_ci 5598c2ecf20Sopenharmony_ci p= kmalloc_array(MAXSYMLINKS, sizeof(struct saved), 5608c2ecf20Sopenharmony_ci nd->flags & LOOKUP_RCU ? GFP_ATOMIC : GFP_KERNEL); 5618c2ecf20Sopenharmony_ci if (unlikely(!p)) 5628c2ecf20Sopenharmony_ci return false; 5638c2ecf20Sopenharmony_ci memcpy(p, nd->internal, sizeof(nd->internal)); 5648c2ecf20Sopenharmony_ci nd->stack = p; 5658c2ecf20Sopenharmony_ci return true; 5668c2ecf20Sopenharmony_ci} 5678c2ecf20Sopenharmony_ci 5688c2ecf20Sopenharmony_ci/** 5698c2ecf20Sopenharmony_ci * path_connected - Verify that a dentry is below mnt.mnt_root 5708c2ecf20Sopenharmony_ci * 5718c2ecf20Sopenharmony_ci * Rename can sometimes move a file or directory outside of a bind 5728c2ecf20Sopenharmony_ci * mount, path_connected allows those cases to be detected. 5738c2ecf20Sopenharmony_ci */ 5748c2ecf20Sopenharmony_cistatic bool path_connected(struct vfsmount *mnt, struct dentry *dentry) 5758c2ecf20Sopenharmony_ci{ 5768c2ecf20Sopenharmony_ci struct super_block *sb = mnt->mnt_sb; 5778c2ecf20Sopenharmony_ci 5788c2ecf20Sopenharmony_ci /* Bind mounts can have disconnected paths */ 5798c2ecf20Sopenharmony_ci if (mnt->mnt_root == sb->s_root) 5808c2ecf20Sopenharmony_ci return true; 5818c2ecf20Sopenharmony_ci 5828c2ecf20Sopenharmony_ci return is_subdir(dentry, mnt->mnt_root); 5838c2ecf20Sopenharmony_ci} 5848c2ecf20Sopenharmony_ci 5858c2ecf20Sopenharmony_cistatic void drop_links(struct nameidata *nd) 5868c2ecf20Sopenharmony_ci{ 5878c2ecf20Sopenharmony_ci int i = nd->depth; 5888c2ecf20Sopenharmony_ci while (i--) { 5898c2ecf20Sopenharmony_ci struct saved *last = nd->stack + i; 5908c2ecf20Sopenharmony_ci do_delayed_call(&last->done); 5918c2ecf20Sopenharmony_ci clear_delayed_call(&last->done); 5928c2ecf20Sopenharmony_ci } 5938c2ecf20Sopenharmony_ci} 5948c2ecf20Sopenharmony_ci 5958c2ecf20Sopenharmony_cistatic void terminate_walk(struct nameidata *nd) 5968c2ecf20Sopenharmony_ci{ 5978c2ecf20Sopenharmony_ci drop_links(nd); 5988c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_RCU)) { 5998c2ecf20Sopenharmony_ci int i; 6008c2ecf20Sopenharmony_ci path_put(&nd->path); 6018c2ecf20Sopenharmony_ci for (i = 0; i < nd->depth; i++) 6028c2ecf20Sopenharmony_ci path_put(&nd->stack[i].link); 6038c2ecf20Sopenharmony_ci if (nd->state & ND_ROOT_GRABBED) { 6048c2ecf20Sopenharmony_ci path_put(&nd->root); 6058c2ecf20Sopenharmony_ci nd->state &= ~ND_ROOT_GRABBED; 6068c2ecf20Sopenharmony_ci } 6078c2ecf20Sopenharmony_ci } else { 6088c2ecf20Sopenharmony_ci nd->flags &= ~LOOKUP_RCU; 6098c2ecf20Sopenharmony_ci rcu_read_unlock(); 6108c2ecf20Sopenharmony_ci } 6118c2ecf20Sopenharmony_ci nd->depth = 0; 6128c2ecf20Sopenharmony_ci nd->path.mnt = NULL; 6138c2ecf20Sopenharmony_ci nd->path.dentry = NULL; 6148c2ecf20Sopenharmony_ci} 6158c2ecf20Sopenharmony_ci 6168c2ecf20Sopenharmony_ci/* path_put is needed afterwards regardless of success or failure */ 6178c2ecf20Sopenharmony_cistatic bool __legitimize_path(struct path *path, unsigned seq, unsigned mseq) 6188c2ecf20Sopenharmony_ci{ 6198c2ecf20Sopenharmony_ci int res = __legitimize_mnt(path->mnt, mseq); 6208c2ecf20Sopenharmony_ci if (unlikely(res)) { 6218c2ecf20Sopenharmony_ci if (res > 0) 6228c2ecf20Sopenharmony_ci path->mnt = NULL; 6238c2ecf20Sopenharmony_ci path->dentry = NULL; 6248c2ecf20Sopenharmony_ci return false; 6258c2ecf20Sopenharmony_ci } 6268c2ecf20Sopenharmony_ci if (unlikely(!lockref_get_not_dead(&path->dentry->d_lockref))) { 6278c2ecf20Sopenharmony_ci path->dentry = NULL; 6288c2ecf20Sopenharmony_ci return false; 6298c2ecf20Sopenharmony_ci } 6308c2ecf20Sopenharmony_ci return !read_seqcount_retry(&path->dentry->d_seq, seq); 6318c2ecf20Sopenharmony_ci} 6328c2ecf20Sopenharmony_ci 6338c2ecf20Sopenharmony_cistatic inline bool legitimize_path(struct nameidata *nd, 6348c2ecf20Sopenharmony_ci struct path *path, unsigned seq) 6358c2ecf20Sopenharmony_ci{ 6368c2ecf20Sopenharmony_ci return __legitimize_path(path, seq, nd->m_seq); 6378c2ecf20Sopenharmony_ci} 6388c2ecf20Sopenharmony_ci 6398c2ecf20Sopenharmony_cistatic bool legitimize_links(struct nameidata *nd) 6408c2ecf20Sopenharmony_ci{ 6418c2ecf20Sopenharmony_ci int i; 6428c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_CACHED)) { 6438c2ecf20Sopenharmony_ci drop_links(nd); 6448c2ecf20Sopenharmony_ci nd->depth = 0; 6458c2ecf20Sopenharmony_ci return false; 6468c2ecf20Sopenharmony_ci } 6478c2ecf20Sopenharmony_ci for (i = 0; i < nd->depth; i++) { 6488c2ecf20Sopenharmony_ci struct saved *last = nd->stack + i; 6498c2ecf20Sopenharmony_ci if (unlikely(!legitimize_path(nd, &last->link, last->seq))) { 6508c2ecf20Sopenharmony_ci drop_links(nd); 6518c2ecf20Sopenharmony_ci nd->depth = i + 1; 6528c2ecf20Sopenharmony_ci return false; 6538c2ecf20Sopenharmony_ci } 6548c2ecf20Sopenharmony_ci } 6558c2ecf20Sopenharmony_ci return true; 6568c2ecf20Sopenharmony_ci} 6578c2ecf20Sopenharmony_ci 6588c2ecf20Sopenharmony_cistatic bool legitimize_root(struct nameidata *nd) 6598c2ecf20Sopenharmony_ci{ 6608c2ecf20Sopenharmony_ci /* 6618c2ecf20Sopenharmony_ci * For scoped-lookups (where nd->root has been zeroed), we need to 6628c2ecf20Sopenharmony_ci * restart the whole lookup from scratch -- because set_root() is wrong 6638c2ecf20Sopenharmony_ci * for these lookups (nd->dfd is the root, not the filesystem root). 6648c2ecf20Sopenharmony_ci */ 6658c2ecf20Sopenharmony_ci if (!nd->root.mnt && (nd->flags & LOOKUP_IS_SCOPED)) 6668c2ecf20Sopenharmony_ci return false; 6678c2ecf20Sopenharmony_ci /* Nothing to do if nd->root is zero or is managed by the VFS user. */ 6688c2ecf20Sopenharmony_ci if (!nd->root.mnt || (nd->state & ND_ROOT_PRESET)) 6698c2ecf20Sopenharmony_ci return true; 6708c2ecf20Sopenharmony_ci nd->state |= ND_ROOT_GRABBED; 6718c2ecf20Sopenharmony_ci return legitimize_path(nd, &nd->root, nd->root_seq); 6728c2ecf20Sopenharmony_ci} 6738c2ecf20Sopenharmony_ci 6748c2ecf20Sopenharmony_ci/* 6758c2ecf20Sopenharmony_ci * Path walking has 2 modes, rcu-walk and ref-walk (see 6768c2ecf20Sopenharmony_ci * Documentation/filesystems/path-lookup.txt). In situations when we can't 6778c2ecf20Sopenharmony_ci * continue in RCU mode, we attempt to drop out of rcu-walk mode and grab 6788c2ecf20Sopenharmony_ci * normal reference counts on dentries and vfsmounts to transition to ref-walk 6798c2ecf20Sopenharmony_ci * mode. Refcounts are grabbed at the last known good point before rcu-walk 6808c2ecf20Sopenharmony_ci * got stuck, so ref-walk may continue from there. If this is not successful 6818c2ecf20Sopenharmony_ci * (eg. a seqcount has changed), then failure is returned and it's up to caller 6828c2ecf20Sopenharmony_ci * to restart the path walk from the beginning in ref-walk mode. 6838c2ecf20Sopenharmony_ci */ 6848c2ecf20Sopenharmony_ci 6858c2ecf20Sopenharmony_ci/** 6868c2ecf20Sopenharmony_ci * try_to_unlazy - try to switch to ref-walk mode. 6878c2ecf20Sopenharmony_ci * @nd: nameidata pathwalk data 6888c2ecf20Sopenharmony_ci * Returns: true on success, false on failure 6898c2ecf20Sopenharmony_ci * 6908c2ecf20Sopenharmony_ci * try_to_unlazy attempts to legitimize the current nd->path and nd->root 6918c2ecf20Sopenharmony_ci * for ref-walk mode. 6928c2ecf20Sopenharmony_ci * Must be called from rcu-walk context. 6938c2ecf20Sopenharmony_ci * Nothing should touch nameidata between try_to_unlazy() failure and 6948c2ecf20Sopenharmony_ci * terminate_walk(). 6958c2ecf20Sopenharmony_ci */ 6968c2ecf20Sopenharmony_cistatic bool try_to_unlazy(struct nameidata *nd) 6978c2ecf20Sopenharmony_ci{ 6988c2ecf20Sopenharmony_ci struct dentry *parent = nd->path.dentry; 6998c2ecf20Sopenharmony_ci 7008c2ecf20Sopenharmony_ci BUG_ON(!(nd->flags & LOOKUP_RCU)); 7018c2ecf20Sopenharmony_ci 7028c2ecf20Sopenharmony_ci nd->flags &= ~LOOKUP_RCU; 7038c2ecf20Sopenharmony_ci if (unlikely(!legitimize_links(nd))) 7048c2ecf20Sopenharmony_ci goto out1; 7058c2ecf20Sopenharmony_ci if (unlikely(!legitimize_path(nd, &nd->path, nd->seq))) 7068c2ecf20Sopenharmony_ci goto out; 7078c2ecf20Sopenharmony_ci if (unlikely(!legitimize_root(nd))) 7088c2ecf20Sopenharmony_ci goto out; 7098c2ecf20Sopenharmony_ci rcu_read_unlock(); 7108c2ecf20Sopenharmony_ci BUG_ON(nd->inode != parent->d_inode); 7118c2ecf20Sopenharmony_ci return true; 7128c2ecf20Sopenharmony_ci 7138c2ecf20Sopenharmony_ciout1: 7148c2ecf20Sopenharmony_ci nd->path.mnt = NULL; 7158c2ecf20Sopenharmony_ci nd->path.dentry = NULL; 7168c2ecf20Sopenharmony_ciout: 7178c2ecf20Sopenharmony_ci rcu_read_unlock(); 7188c2ecf20Sopenharmony_ci return false; 7198c2ecf20Sopenharmony_ci} 7208c2ecf20Sopenharmony_ci 7218c2ecf20Sopenharmony_ci/** 7228c2ecf20Sopenharmony_ci * try_to_unlazy_next - try to switch to ref-walk mode. 7238c2ecf20Sopenharmony_ci * @nd: nameidata pathwalk data 7248c2ecf20Sopenharmony_ci * @dentry: next dentry to step into 7258c2ecf20Sopenharmony_ci * @seq: seq number to check @dentry against 7268c2ecf20Sopenharmony_ci * Returns: true on success, false on failure 7278c2ecf20Sopenharmony_ci * 7288c2ecf20Sopenharmony_ci * Similar to to try_to_unlazy(), but here we have the next dentry already 7298c2ecf20Sopenharmony_ci * picked by rcu-walk and want to legitimize that in addition to the current 7308c2ecf20Sopenharmony_ci * nd->path and nd->root for ref-walk mode. Must be called from rcu-walk context. 7318c2ecf20Sopenharmony_ci * Nothing should touch nameidata between try_to_unlazy_next() failure and 7328c2ecf20Sopenharmony_ci * terminate_walk(). 7338c2ecf20Sopenharmony_ci */ 7348c2ecf20Sopenharmony_cistatic bool try_to_unlazy_next(struct nameidata *nd, struct dentry *dentry, unsigned seq) 7358c2ecf20Sopenharmony_ci{ 7368c2ecf20Sopenharmony_ci BUG_ON(!(nd->flags & LOOKUP_RCU)); 7378c2ecf20Sopenharmony_ci 7388c2ecf20Sopenharmony_ci nd->flags &= ~LOOKUP_RCU; 7398c2ecf20Sopenharmony_ci if (unlikely(!legitimize_links(nd))) 7408c2ecf20Sopenharmony_ci goto out2; 7418c2ecf20Sopenharmony_ci if (unlikely(!legitimize_mnt(nd->path.mnt, nd->m_seq))) 7428c2ecf20Sopenharmony_ci goto out2; 7438c2ecf20Sopenharmony_ci if (unlikely(!lockref_get_not_dead(&nd->path.dentry->d_lockref))) 7448c2ecf20Sopenharmony_ci goto out1; 7458c2ecf20Sopenharmony_ci 7468c2ecf20Sopenharmony_ci /* 7478c2ecf20Sopenharmony_ci * We need to move both the parent and the dentry from the RCU domain 7488c2ecf20Sopenharmony_ci * to be properly refcounted. And the sequence number in the dentry 7498c2ecf20Sopenharmony_ci * validates *both* dentry counters, since we checked the sequence 7508c2ecf20Sopenharmony_ci * number of the parent after we got the child sequence number. So we 7518c2ecf20Sopenharmony_ci * know the parent must still be valid if the child sequence number is 7528c2ecf20Sopenharmony_ci */ 7538c2ecf20Sopenharmony_ci if (unlikely(!lockref_get_not_dead(&dentry->d_lockref))) 7548c2ecf20Sopenharmony_ci goto out; 7558c2ecf20Sopenharmony_ci if (unlikely(read_seqcount_retry(&dentry->d_seq, seq))) 7568c2ecf20Sopenharmony_ci goto out_dput; 7578c2ecf20Sopenharmony_ci /* 7588c2ecf20Sopenharmony_ci * Sequence counts matched. Now make sure that the root is 7598c2ecf20Sopenharmony_ci * still valid and get it if required. 7608c2ecf20Sopenharmony_ci */ 7618c2ecf20Sopenharmony_ci if (unlikely(!legitimize_root(nd))) 7628c2ecf20Sopenharmony_ci goto out_dput; 7638c2ecf20Sopenharmony_ci rcu_read_unlock(); 7648c2ecf20Sopenharmony_ci return true; 7658c2ecf20Sopenharmony_ci 7668c2ecf20Sopenharmony_ciout2: 7678c2ecf20Sopenharmony_ci nd->path.mnt = NULL; 7688c2ecf20Sopenharmony_ciout1: 7698c2ecf20Sopenharmony_ci nd->path.dentry = NULL; 7708c2ecf20Sopenharmony_ciout: 7718c2ecf20Sopenharmony_ci rcu_read_unlock(); 7728c2ecf20Sopenharmony_ci return false; 7738c2ecf20Sopenharmony_ciout_dput: 7748c2ecf20Sopenharmony_ci rcu_read_unlock(); 7758c2ecf20Sopenharmony_ci dput(dentry); 7768c2ecf20Sopenharmony_ci return false; 7778c2ecf20Sopenharmony_ci} 7788c2ecf20Sopenharmony_ci 7798c2ecf20Sopenharmony_cistatic inline int d_revalidate(struct dentry *dentry, unsigned int flags) 7808c2ecf20Sopenharmony_ci{ 7818c2ecf20Sopenharmony_ci if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) 7828c2ecf20Sopenharmony_ci return dentry->d_op->d_revalidate(dentry, flags); 7838c2ecf20Sopenharmony_ci else 7848c2ecf20Sopenharmony_ci return 1; 7858c2ecf20Sopenharmony_ci} 7868c2ecf20Sopenharmony_ci 7878c2ecf20Sopenharmony_ci/** 7888c2ecf20Sopenharmony_ci * complete_walk - successful completion of path walk 7898c2ecf20Sopenharmony_ci * @nd: pointer nameidata 7908c2ecf20Sopenharmony_ci * 7918c2ecf20Sopenharmony_ci * If we had been in RCU mode, drop out of it and legitimize nd->path. 7928c2ecf20Sopenharmony_ci * Revalidate the final result, unless we'd already done that during 7938c2ecf20Sopenharmony_ci * the path walk or the filesystem doesn't ask for it. Return 0 on 7948c2ecf20Sopenharmony_ci * success, -error on failure. In case of failure caller does not 7958c2ecf20Sopenharmony_ci * need to drop nd->path. 7968c2ecf20Sopenharmony_ci */ 7978c2ecf20Sopenharmony_cistatic int complete_walk(struct nameidata *nd) 7988c2ecf20Sopenharmony_ci{ 7998c2ecf20Sopenharmony_ci struct dentry *dentry = nd->path.dentry; 8008c2ecf20Sopenharmony_ci int status; 8018c2ecf20Sopenharmony_ci 8028c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 8038c2ecf20Sopenharmony_ci /* 8048c2ecf20Sopenharmony_ci * We don't want to zero nd->root for scoped-lookups or 8058c2ecf20Sopenharmony_ci * externally-managed nd->root. 8068c2ecf20Sopenharmony_ci */ 8078c2ecf20Sopenharmony_ci if (!(nd->state & ND_ROOT_PRESET)) 8088c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_IS_SCOPED)) 8098c2ecf20Sopenharmony_ci nd->root.mnt = NULL; 8108c2ecf20Sopenharmony_ci nd->flags &= ~LOOKUP_CACHED; 8118c2ecf20Sopenharmony_ci if (!try_to_unlazy(nd)) 8128c2ecf20Sopenharmony_ci return -ECHILD; 8138c2ecf20Sopenharmony_ci } 8148c2ecf20Sopenharmony_ci 8158c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_IS_SCOPED)) { 8168c2ecf20Sopenharmony_ci /* 8178c2ecf20Sopenharmony_ci * While the guarantee of LOOKUP_IS_SCOPED is (roughly) "don't 8188c2ecf20Sopenharmony_ci * ever step outside the root during lookup" and should already 8198c2ecf20Sopenharmony_ci * be guaranteed by the rest of namei, we want to avoid a namei 8208c2ecf20Sopenharmony_ci * BUG resulting in userspace being given a path that was not 8218c2ecf20Sopenharmony_ci * scoped within the root at some point during the lookup. 8228c2ecf20Sopenharmony_ci * 8238c2ecf20Sopenharmony_ci * So, do a final sanity-check to make sure that in the 8248c2ecf20Sopenharmony_ci * worst-case scenario (a complete bypass of LOOKUP_IS_SCOPED) 8258c2ecf20Sopenharmony_ci * we won't silently return an fd completely outside of the 8268c2ecf20Sopenharmony_ci * requested root to userspace. 8278c2ecf20Sopenharmony_ci * 8288c2ecf20Sopenharmony_ci * Userspace could move the path outside the root after this 8298c2ecf20Sopenharmony_ci * check, but as discussed elsewhere this is not a concern (the 8308c2ecf20Sopenharmony_ci * resolved file was inside the root at some point). 8318c2ecf20Sopenharmony_ci */ 8328c2ecf20Sopenharmony_ci if (!path_is_under(&nd->path, &nd->root)) 8338c2ecf20Sopenharmony_ci return -EXDEV; 8348c2ecf20Sopenharmony_ci } 8358c2ecf20Sopenharmony_ci 8368c2ecf20Sopenharmony_ci if (likely(!(nd->state & ND_JUMPED))) 8378c2ecf20Sopenharmony_ci return 0; 8388c2ecf20Sopenharmony_ci 8398c2ecf20Sopenharmony_ci if (likely(!(dentry->d_flags & DCACHE_OP_WEAK_REVALIDATE))) 8408c2ecf20Sopenharmony_ci return 0; 8418c2ecf20Sopenharmony_ci 8428c2ecf20Sopenharmony_ci status = dentry->d_op->d_weak_revalidate(dentry, nd->flags); 8438c2ecf20Sopenharmony_ci if (status > 0) 8448c2ecf20Sopenharmony_ci return 0; 8458c2ecf20Sopenharmony_ci 8468c2ecf20Sopenharmony_ci if (!status) 8478c2ecf20Sopenharmony_ci status = -ESTALE; 8488c2ecf20Sopenharmony_ci 8498c2ecf20Sopenharmony_ci return status; 8508c2ecf20Sopenharmony_ci} 8518c2ecf20Sopenharmony_ci 8528c2ecf20Sopenharmony_cistatic int set_root(struct nameidata *nd) 8538c2ecf20Sopenharmony_ci{ 8548c2ecf20Sopenharmony_ci struct fs_struct *fs = current->fs; 8558c2ecf20Sopenharmony_ci 8568c2ecf20Sopenharmony_ci /* 8578c2ecf20Sopenharmony_ci * Jumping to the real root in a scoped-lookup is a BUG in namei, but we 8588c2ecf20Sopenharmony_ci * still have to ensure it doesn't happen because it will cause a breakout 8598c2ecf20Sopenharmony_ci * from the dirfd. 8608c2ecf20Sopenharmony_ci */ 8618c2ecf20Sopenharmony_ci if (WARN_ON(nd->flags & LOOKUP_IS_SCOPED)) 8628c2ecf20Sopenharmony_ci return -ENOTRECOVERABLE; 8638c2ecf20Sopenharmony_ci 8648c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 8658c2ecf20Sopenharmony_ci unsigned seq; 8668c2ecf20Sopenharmony_ci 8678c2ecf20Sopenharmony_ci do { 8688c2ecf20Sopenharmony_ci seq = read_seqcount_begin(&fs->seq); 8698c2ecf20Sopenharmony_ci nd->root = fs->root; 8708c2ecf20Sopenharmony_ci nd->root_seq = __read_seqcount_begin(&nd->root.dentry->d_seq); 8718c2ecf20Sopenharmony_ci } while (read_seqcount_retry(&fs->seq, seq)); 8728c2ecf20Sopenharmony_ci } else { 8738c2ecf20Sopenharmony_ci get_fs_root(fs, &nd->root); 8748c2ecf20Sopenharmony_ci nd->state |= ND_ROOT_GRABBED; 8758c2ecf20Sopenharmony_ci } 8768c2ecf20Sopenharmony_ci return 0; 8778c2ecf20Sopenharmony_ci} 8788c2ecf20Sopenharmony_ci 8798c2ecf20Sopenharmony_cistatic int nd_jump_root(struct nameidata *nd) 8808c2ecf20Sopenharmony_ci{ 8818c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_BENEATH)) 8828c2ecf20Sopenharmony_ci return -EXDEV; 8838c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_XDEV)) { 8848c2ecf20Sopenharmony_ci /* Absolute path arguments to path_init() are allowed. */ 8858c2ecf20Sopenharmony_ci if (nd->path.mnt != NULL && nd->path.mnt != nd->root.mnt) 8868c2ecf20Sopenharmony_ci return -EXDEV; 8878c2ecf20Sopenharmony_ci } 8888c2ecf20Sopenharmony_ci if (!nd->root.mnt) { 8898c2ecf20Sopenharmony_ci int error = set_root(nd); 8908c2ecf20Sopenharmony_ci if (error) 8918c2ecf20Sopenharmony_ci return error; 8928c2ecf20Sopenharmony_ci } 8938c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 8948c2ecf20Sopenharmony_ci struct dentry *d; 8958c2ecf20Sopenharmony_ci nd->path = nd->root; 8968c2ecf20Sopenharmony_ci d = nd->path.dentry; 8978c2ecf20Sopenharmony_ci nd->inode = d->d_inode; 8988c2ecf20Sopenharmony_ci nd->seq = nd->root_seq; 8998c2ecf20Sopenharmony_ci if (unlikely(read_seqcount_retry(&d->d_seq, nd->seq))) 9008c2ecf20Sopenharmony_ci return -ECHILD; 9018c2ecf20Sopenharmony_ci } else { 9028c2ecf20Sopenharmony_ci path_put(&nd->path); 9038c2ecf20Sopenharmony_ci nd->path = nd->root; 9048c2ecf20Sopenharmony_ci path_get(&nd->path); 9058c2ecf20Sopenharmony_ci nd->inode = nd->path.dentry->d_inode; 9068c2ecf20Sopenharmony_ci } 9078c2ecf20Sopenharmony_ci nd->state |= ND_JUMPED; 9088c2ecf20Sopenharmony_ci return 0; 9098c2ecf20Sopenharmony_ci} 9108c2ecf20Sopenharmony_ci 9118c2ecf20Sopenharmony_ci/* 9128c2ecf20Sopenharmony_ci * Helper to directly jump to a known parsed path from ->get_link, 9138c2ecf20Sopenharmony_ci * caller must have taken a reference to path beforehand. 9148c2ecf20Sopenharmony_ci */ 9158c2ecf20Sopenharmony_ciint nd_jump_link(struct path *path) 9168c2ecf20Sopenharmony_ci{ 9178c2ecf20Sopenharmony_ci int error = -ELOOP; 9188c2ecf20Sopenharmony_ci struct nameidata *nd = current->nameidata; 9198c2ecf20Sopenharmony_ci 9208c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_MAGICLINKS)) 9218c2ecf20Sopenharmony_ci goto err; 9228c2ecf20Sopenharmony_ci 9238c2ecf20Sopenharmony_ci error = -EXDEV; 9248c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_XDEV)) { 9258c2ecf20Sopenharmony_ci if (nd->path.mnt != path->mnt) 9268c2ecf20Sopenharmony_ci goto err; 9278c2ecf20Sopenharmony_ci } 9288c2ecf20Sopenharmony_ci /* Not currently safe for scoped-lookups. */ 9298c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_IS_SCOPED)) 9308c2ecf20Sopenharmony_ci goto err; 9318c2ecf20Sopenharmony_ci 9328c2ecf20Sopenharmony_ci path_put(&nd->path); 9338c2ecf20Sopenharmony_ci nd->path = *path; 9348c2ecf20Sopenharmony_ci nd->inode = nd->path.dentry->d_inode; 9358c2ecf20Sopenharmony_ci nd->state |= ND_JUMPED; 9368c2ecf20Sopenharmony_ci return 0; 9378c2ecf20Sopenharmony_ci 9388c2ecf20Sopenharmony_cierr: 9398c2ecf20Sopenharmony_ci path_put(path); 9408c2ecf20Sopenharmony_ci return error; 9418c2ecf20Sopenharmony_ci} 9428c2ecf20Sopenharmony_ci 9438c2ecf20Sopenharmony_cistatic inline void put_link(struct nameidata *nd) 9448c2ecf20Sopenharmony_ci{ 9458c2ecf20Sopenharmony_ci struct saved *last = nd->stack + --nd->depth; 9468c2ecf20Sopenharmony_ci do_delayed_call(&last->done); 9478c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_RCU)) 9488c2ecf20Sopenharmony_ci path_put(&last->link); 9498c2ecf20Sopenharmony_ci} 9508c2ecf20Sopenharmony_ci 9518c2ecf20Sopenharmony_ciint sysctl_protected_symlinks __read_mostly = 0; 9528c2ecf20Sopenharmony_ciint sysctl_protected_hardlinks __read_mostly = 0; 9538c2ecf20Sopenharmony_ciint sysctl_protected_fifos __read_mostly; 9548c2ecf20Sopenharmony_ciint sysctl_protected_regular __read_mostly; 9558c2ecf20Sopenharmony_ci 9568c2ecf20Sopenharmony_ci/** 9578c2ecf20Sopenharmony_ci * may_follow_link - Check symlink following for unsafe situations 9588c2ecf20Sopenharmony_ci * @nd: nameidata pathwalk data 9598c2ecf20Sopenharmony_ci * 9608c2ecf20Sopenharmony_ci * In the case of the sysctl_protected_symlinks sysctl being enabled, 9618c2ecf20Sopenharmony_ci * CAP_DAC_OVERRIDE needs to be specifically ignored if the symlink is 9628c2ecf20Sopenharmony_ci * in a sticky world-writable directory. This is to protect privileged 9638c2ecf20Sopenharmony_ci * processes from failing races against path names that may change out 9648c2ecf20Sopenharmony_ci * from under them by way of other users creating malicious symlinks. 9658c2ecf20Sopenharmony_ci * It will permit symlinks to be followed only when outside a sticky 9668c2ecf20Sopenharmony_ci * world-writable directory, or when the uid of the symlink and follower 9678c2ecf20Sopenharmony_ci * match, or when the directory owner matches the symlink's owner. 9688c2ecf20Sopenharmony_ci * 9698c2ecf20Sopenharmony_ci * Returns 0 if following the symlink is allowed, -ve on error. 9708c2ecf20Sopenharmony_ci */ 9718c2ecf20Sopenharmony_cistatic inline int may_follow_link(struct nameidata *nd, const struct inode *inode) 9728c2ecf20Sopenharmony_ci{ 9738c2ecf20Sopenharmony_ci if (!sysctl_protected_symlinks) 9748c2ecf20Sopenharmony_ci return 0; 9758c2ecf20Sopenharmony_ci 9768c2ecf20Sopenharmony_ci /* Allowed if owner and follower match. */ 9778c2ecf20Sopenharmony_ci if (uid_eq(current_cred()->fsuid, inode->i_uid)) 9788c2ecf20Sopenharmony_ci return 0; 9798c2ecf20Sopenharmony_ci 9808c2ecf20Sopenharmony_ci /* Allowed if parent directory not sticky and world-writable. */ 9818c2ecf20Sopenharmony_ci if ((nd->dir_mode & (S_ISVTX|S_IWOTH)) != (S_ISVTX|S_IWOTH)) 9828c2ecf20Sopenharmony_ci return 0; 9838c2ecf20Sopenharmony_ci 9848c2ecf20Sopenharmony_ci /* Allowed if parent directory and link owner match. */ 9858c2ecf20Sopenharmony_ci if (uid_valid(nd->dir_uid) && uid_eq(nd->dir_uid, inode->i_uid)) 9868c2ecf20Sopenharmony_ci return 0; 9878c2ecf20Sopenharmony_ci 9888c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) 9898c2ecf20Sopenharmony_ci return -ECHILD; 9908c2ecf20Sopenharmony_ci 9918c2ecf20Sopenharmony_ci audit_inode(nd->name, nd->stack[0].link.dentry, 0); 9928c2ecf20Sopenharmony_ci audit_log_path_denied(AUDIT_ANOM_LINK, "follow_link"); 9938c2ecf20Sopenharmony_ci return -EACCES; 9948c2ecf20Sopenharmony_ci} 9958c2ecf20Sopenharmony_ci 9968c2ecf20Sopenharmony_ci/** 9978c2ecf20Sopenharmony_ci * safe_hardlink_source - Check for safe hardlink conditions 9988c2ecf20Sopenharmony_ci * @inode: the source inode to hardlink from 9998c2ecf20Sopenharmony_ci * 10008c2ecf20Sopenharmony_ci * Return false if at least one of the following conditions: 10018c2ecf20Sopenharmony_ci * - inode is not a regular file 10028c2ecf20Sopenharmony_ci * - inode is setuid 10038c2ecf20Sopenharmony_ci * - inode is setgid and group-exec 10048c2ecf20Sopenharmony_ci * - access failure for read and write 10058c2ecf20Sopenharmony_ci * 10068c2ecf20Sopenharmony_ci * Otherwise returns true. 10078c2ecf20Sopenharmony_ci */ 10088c2ecf20Sopenharmony_cistatic bool safe_hardlink_source(struct inode *inode) 10098c2ecf20Sopenharmony_ci{ 10108c2ecf20Sopenharmony_ci umode_t mode = inode->i_mode; 10118c2ecf20Sopenharmony_ci 10128c2ecf20Sopenharmony_ci /* Special files should not get pinned to the filesystem. */ 10138c2ecf20Sopenharmony_ci if (!S_ISREG(mode)) 10148c2ecf20Sopenharmony_ci return false; 10158c2ecf20Sopenharmony_ci 10168c2ecf20Sopenharmony_ci /* Setuid files should not get pinned to the filesystem. */ 10178c2ecf20Sopenharmony_ci if (mode & S_ISUID) 10188c2ecf20Sopenharmony_ci return false; 10198c2ecf20Sopenharmony_ci 10208c2ecf20Sopenharmony_ci /* Executable setgid files should not get pinned to the filesystem. */ 10218c2ecf20Sopenharmony_ci if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) 10228c2ecf20Sopenharmony_ci return false; 10238c2ecf20Sopenharmony_ci 10248c2ecf20Sopenharmony_ci /* Hardlinking to unreadable or unwritable sources is dangerous. */ 10258c2ecf20Sopenharmony_ci if (inode_permission(inode, MAY_READ | MAY_WRITE)) 10268c2ecf20Sopenharmony_ci return false; 10278c2ecf20Sopenharmony_ci 10288c2ecf20Sopenharmony_ci return true; 10298c2ecf20Sopenharmony_ci} 10308c2ecf20Sopenharmony_ci 10318c2ecf20Sopenharmony_ci/** 10328c2ecf20Sopenharmony_ci * may_linkat - Check permissions for creating a hardlink 10338c2ecf20Sopenharmony_ci * @link: the source to hardlink from 10348c2ecf20Sopenharmony_ci * 10358c2ecf20Sopenharmony_ci * Block hardlink when all of: 10368c2ecf20Sopenharmony_ci * - sysctl_protected_hardlinks enabled 10378c2ecf20Sopenharmony_ci * - fsuid does not match inode 10388c2ecf20Sopenharmony_ci * - hardlink source is unsafe (see safe_hardlink_source() above) 10398c2ecf20Sopenharmony_ci * - not CAP_FOWNER in a namespace with the inode owner uid mapped 10408c2ecf20Sopenharmony_ci * 10418c2ecf20Sopenharmony_ci * Returns 0 if successful, -ve on error. 10428c2ecf20Sopenharmony_ci */ 10438c2ecf20Sopenharmony_ciint may_linkat(struct path *link) 10448c2ecf20Sopenharmony_ci{ 10458c2ecf20Sopenharmony_ci struct inode *inode = link->dentry->d_inode; 10468c2ecf20Sopenharmony_ci 10478c2ecf20Sopenharmony_ci /* Inode writeback is not safe when the uid or gid are invalid. */ 10488c2ecf20Sopenharmony_ci if (!uid_valid(inode->i_uid) || !gid_valid(inode->i_gid)) 10498c2ecf20Sopenharmony_ci return -EOVERFLOW; 10508c2ecf20Sopenharmony_ci 10518c2ecf20Sopenharmony_ci if (!sysctl_protected_hardlinks) 10528c2ecf20Sopenharmony_ci return 0; 10538c2ecf20Sopenharmony_ci 10548c2ecf20Sopenharmony_ci /* Source inode owner (or CAP_FOWNER) can hardlink all they like, 10558c2ecf20Sopenharmony_ci * otherwise, it must be a safe source. 10568c2ecf20Sopenharmony_ci */ 10578c2ecf20Sopenharmony_ci if (safe_hardlink_source(inode) || inode_owner_or_capable(inode)) 10588c2ecf20Sopenharmony_ci return 0; 10598c2ecf20Sopenharmony_ci 10608c2ecf20Sopenharmony_ci audit_log_path_denied(AUDIT_ANOM_LINK, "linkat"); 10618c2ecf20Sopenharmony_ci return -EPERM; 10628c2ecf20Sopenharmony_ci} 10638c2ecf20Sopenharmony_ci 10648c2ecf20Sopenharmony_ci/** 10658c2ecf20Sopenharmony_ci * may_create_in_sticky - Check whether an O_CREAT open in a sticky directory 10668c2ecf20Sopenharmony_ci * should be allowed, or not, on files that already 10678c2ecf20Sopenharmony_ci * exist. 10688c2ecf20Sopenharmony_ci * @dir_mode: mode bits of directory 10698c2ecf20Sopenharmony_ci * @dir_uid: owner of directory 10708c2ecf20Sopenharmony_ci * @inode: the inode of the file to open 10718c2ecf20Sopenharmony_ci * 10728c2ecf20Sopenharmony_ci * Block an O_CREAT open of a FIFO (or a regular file) when: 10738c2ecf20Sopenharmony_ci * - sysctl_protected_fifos (or sysctl_protected_regular) is enabled 10748c2ecf20Sopenharmony_ci * - the file already exists 10758c2ecf20Sopenharmony_ci * - we are in a sticky directory 10768c2ecf20Sopenharmony_ci * - we don't own the file 10778c2ecf20Sopenharmony_ci * - the owner of the directory doesn't own the file 10788c2ecf20Sopenharmony_ci * - the directory is world writable 10798c2ecf20Sopenharmony_ci * If the sysctl_protected_fifos (or sysctl_protected_regular) is set to 2 10808c2ecf20Sopenharmony_ci * the directory doesn't have to be world writable: being group writable will 10818c2ecf20Sopenharmony_ci * be enough. 10828c2ecf20Sopenharmony_ci * 10838c2ecf20Sopenharmony_ci * Returns 0 if the open is allowed, -ve on error. 10848c2ecf20Sopenharmony_ci */ 10858c2ecf20Sopenharmony_cistatic int may_create_in_sticky(umode_t dir_mode, kuid_t dir_uid, 10868c2ecf20Sopenharmony_ci struct inode * const inode) 10878c2ecf20Sopenharmony_ci{ 10888c2ecf20Sopenharmony_ci if ((!sysctl_protected_fifos && S_ISFIFO(inode->i_mode)) || 10898c2ecf20Sopenharmony_ci (!sysctl_protected_regular && S_ISREG(inode->i_mode)) || 10908c2ecf20Sopenharmony_ci likely(!(dir_mode & S_ISVTX)) || 10918c2ecf20Sopenharmony_ci uid_eq(inode->i_uid, dir_uid) || 10928c2ecf20Sopenharmony_ci uid_eq(current_fsuid(), inode->i_uid)) 10938c2ecf20Sopenharmony_ci return 0; 10948c2ecf20Sopenharmony_ci 10958c2ecf20Sopenharmony_ci if (likely(dir_mode & 0002) || 10968c2ecf20Sopenharmony_ci (dir_mode & 0020 && 10978c2ecf20Sopenharmony_ci ((sysctl_protected_fifos >= 2 && S_ISFIFO(inode->i_mode)) || 10988c2ecf20Sopenharmony_ci (sysctl_protected_regular >= 2 && S_ISREG(inode->i_mode))))) { 10998c2ecf20Sopenharmony_ci const char *operation = S_ISFIFO(inode->i_mode) ? 11008c2ecf20Sopenharmony_ci "sticky_create_fifo" : 11018c2ecf20Sopenharmony_ci "sticky_create_regular"; 11028c2ecf20Sopenharmony_ci audit_log_path_denied(AUDIT_ANOM_CREAT, operation); 11038c2ecf20Sopenharmony_ci return -EACCES; 11048c2ecf20Sopenharmony_ci } 11058c2ecf20Sopenharmony_ci return 0; 11068c2ecf20Sopenharmony_ci} 11078c2ecf20Sopenharmony_ci 11088c2ecf20Sopenharmony_ci/* 11098c2ecf20Sopenharmony_ci * follow_up - Find the mountpoint of path's vfsmount 11108c2ecf20Sopenharmony_ci * 11118c2ecf20Sopenharmony_ci * Given a path, find the mountpoint of its source file system. 11128c2ecf20Sopenharmony_ci * Replace @path with the path of the mountpoint in the parent mount. 11138c2ecf20Sopenharmony_ci * Up is towards /. 11148c2ecf20Sopenharmony_ci * 11158c2ecf20Sopenharmony_ci * Return 1 if we went up a level and 0 if we were already at the 11168c2ecf20Sopenharmony_ci * root. 11178c2ecf20Sopenharmony_ci */ 11188c2ecf20Sopenharmony_ciint follow_up(struct path *path) 11198c2ecf20Sopenharmony_ci{ 11208c2ecf20Sopenharmony_ci struct mount *mnt = real_mount(path->mnt); 11218c2ecf20Sopenharmony_ci struct mount *parent; 11228c2ecf20Sopenharmony_ci struct dentry *mountpoint; 11238c2ecf20Sopenharmony_ci 11248c2ecf20Sopenharmony_ci read_seqlock_excl(&mount_lock); 11258c2ecf20Sopenharmony_ci parent = mnt->mnt_parent; 11268c2ecf20Sopenharmony_ci if (parent == mnt) { 11278c2ecf20Sopenharmony_ci read_sequnlock_excl(&mount_lock); 11288c2ecf20Sopenharmony_ci return 0; 11298c2ecf20Sopenharmony_ci } 11308c2ecf20Sopenharmony_ci mntget(&parent->mnt); 11318c2ecf20Sopenharmony_ci mountpoint = dget(mnt->mnt_mountpoint); 11328c2ecf20Sopenharmony_ci read_sequnlock_excl(&mount_lock); 11338c2ecf20Sopenharmony_ci dput(path->dentry); 11348c2ecf20Sopenharmony_ci path->dentry = mountpoint; 11358c2ecf20Sopenharmony_ci mntput(path->mnt); 11368c2ecf20Sopenharmony_ci path->mnt = &parent->mnt; 11378c2ecf20Sopenharmony_ci return 1; 11388c2ecf20Sopenharmony_ci} 11398c2ecf20Sopenharmony_ciEXPORT_SYMBOL(follow_up); 11408c2ecf20Sopenharmony_ci 11418c2ecf20Sopenharmony_cistatic bool choose_mountpoint_rcu(struct mount *m, const struct path *root, 11428c2ecf20Sopenharmony_ci struct path *path, unsigned *seqp) 11438c2ecf20Sopenharmony_ci{ 11448c2ecf20Sopenharmony_ci while (mnt_has_parent(m)) { 11458c2ecf20Sopenharmony_ci struct dentry *mountpoint = m->mnt_mountpoint; 11468c2ecf20Sopenharmony_ci 11478c2ecf20Sopenharmony_ci m = m->mnt_parent; 11488c2ecf20Sopenharmony_ci if (unlikely(root->dentry == mountpoint && 11498c2ecf20Sopenharmony_ci root->mnt == &m->mnt)) 11508c2ecf20Sopenharmony_ci break; 11518c2ecf20Sopenharmony_ci if (mountpoint != m->mnt.mnt_root) { 11528c2ecf20Sopenharmony_ci path->mnt = &m->mnt; 11538c2ecf20Sopenharmony_ci path->dentry = mountpoint; 11548c2ecf20Sopenharmony_ci *seqp = read_seqcount_begin(&mountpoint->d_seq); 11558c2ecf20Sopenharmony_ci return true; 11568c2ecf20Sopenharmony_ci } 11578c2ecf20Sopenharmony_ci } 11588c2ecf20Sopenharmony_ci return false; 11598c2ecf20Sopenharmony_ci} 11608c2ecf20Sopenharmony_ci 11618c2ecf20Sopenharmony_cistatic bool choose_mountpoint(struct mount *m, const struct path *root, 11628c2ecf20Sopenharmony_ci struct path *path) 11638c2ecf20Sopenharmony_ci{ 11648c2ecf20Sopenharmony_ci bool found; 11658c2ecf20Sopenharmony_ci 11668c2ecf20Sopenharmony_ci rcu_read_lock(); 11678c2ecf20Sopenharmony_ci while (1) { 11688c2ecf20Sopenharmony_ci unsigned seq, mseq = read_seqbegin(&mount_lock); 11698c2ecf20Sopenharmony_ci 11708c2ecf20Sopenharmony_ci found = choose_mountpoint_rcu(m, root, path, &seq); 11718c2ecf20Sopenharmony_ci if (unlikely(!found)) { 11728c2ecf20Sopenharmony_ci if (!read_seqretry(&mount_lock, mseq)) 11738c2ecf20Sopenharmony_ci break; 11748c2ecf20Sopenharmony_ci } else { 11758c2ecf20Sopenharmony_ci if (likely(__legitimize_path(path, seq, mseq))) 11768c2ecf20Sopenharmony_ci break; 11778c2ecf20Sopenharmony_ci rcu_read_unlock(); 11788c2ecf20Sopenharmony_ci path_put(path); 11798c2ecf20Sopenharmony_ci rcu_read_lock(); 11808c2ecf20Sopenharmony_ci } 11818c2ecf20Sopenharmony_ci } 11828c2ecf20Sopenharmony_ci rcu_read_unlock(); 11838c2ecf20Sopenharmony_ci return found; 11848c2ecf20Sopenharmony_ci} 11858c2ecf20Sopenharmony_ci 11868c2ecf20Sopenharmony_ci/* 11878c2ecf20Sopenharmony_ci * Perform an automount 11888c2ecf20Sopenharmony_ci * - return -EISDIR to tell follow_managed() to stop and return the path we 11898c2ecf20Sopenharmony_ci * were called with. 11908c2ecf20Sopenharmony_ci */ 11918c2ecf20Sopenharmony_cistatic int follow_automount(struct path *path, int *count, unsigned lookup_flags) 11928c2ecf20Sopenharmony_ci{ 11938c2ecf20Sopenharmony_ci struct dentry *dentry = path->dentry; 11948c2ecf20Sopenharmony_ci 11958c2ecf20Sopenharmony_ci /* We don't want to mount if someone's just doing a stat - 11968c2ecf20Sopenharmony_ci * unless they're stat'ing a directory and appended a '/' to 11978c2ecf20Sopenharmony_ci * the name. 11988c2ecf20Sopenharmony_ci * 11998c2ecf20Sopenharmony_ci * We do, however, want to mount if someone wants to open or 12008c2ecf20Sopenharmony_ci * create a file of any type under the mountpoint, wants to 12018c2ecf20Sopenharmony_ci * traverse through the mountpoint or wants to open the 12028c2ecf20Sopenharmony_ci * mounted directory. Also, autofs may mark negative dentries 12038c2ecf20Sopenharmony_ci * as being automount points. These will need the attentions 12048c2ecf20Sopenharmony_ci * of the daemon to instantiate them before they can be used. 12058c2ecf20Sopenharmony_ci */ 12068c2ecf20Sopenharmony_ci if (!(lookup_flags & (LOOKUP_PARENT | LOOKUP_DIRECTORY | 12078c2ecf20Sopenharmony_ci LOOKUP_OPEN | LOOKUP_CREATE | LOOKUP_AUTOMOUNT)) && 12088c2ecf20Sopenharmony_ci dentry->d_inode) 12098c2ecf20Sopenharmony_ci return -EISDIR; 12108c2ecf20Sopenharmony_ci 12118c2ecf20Sopenharmony_ci if (count && (*count)++ >= MAXSYMLINKS) 12128c2ecf20Sopenharmony_ci return -ELOOP; 12138c2ecf20Sopenharmony_ci 12148c2ecf20Sopenharmony_ci return finish_automount(dentry->d_op->d_automount(path), path); 12158c2ecf20Sopenharmony_ci} 12168c2ecf20Sopenharmony_ci 12178c2ecf20Sopenharmony_ci/* 12188c2ecf20Sopenharmony_ci * mount traversal - out-of-line part. One note on ->d_flags accesses - 12198c2ecf20Sopenharmony_ci * dentries are pinned but not locked here, so negative dentry can go 12208c2ecf20Sopenharmony_ci * positive right under us. Use of smp_load_acquire() provides a barrier 12218c2ecf20Sopenharmony_ci * sufficient for ->d_inode and ->d_flags consistency. 12228c2ecf20Sopenharmony_ci */ 12238c2ecf20Sopenharmony_cistatic int __traverse_mounts(struct path *path, unsigned flags, bool *jumped, 12248c2ecf20Sopenharmony_ci int *count, unsigned lookup_flags) 12258c2ecf20Sopenharmony_ci{ 12268c2ecf20Sopenharmony_ci struct vfsmount *mnt = path->mnt; 12278c2ecf20Sopenharmony_ci bool need_mntput = false; 12288c2ecf20Sopenharmony_ci int ret = 0; 12298c2ecf20Sopenharmony_ci 12308c2ecf20Sopenharmony_ci while (flags & DCACHE_MANAGED_DENTRY) { 12318c2ecf20Sopenharmony_ci /* Allow the filesystem to manage the transit without i_mutex 12328c2ecf20Sopenharmony_ci * being held. */ 12338c2ecf20Sopenharmony_ci if (flags & DCACHE_MANAGE_TRANSIT) { 12348c2ecf20Sopenharmony_ci ret = path->dentry->d_op->d_manage(path, false); 12358c2ecf20Sopenharmony_ci flags = smp_load_acquire(&path->dentry->d_flags); 12368c2ecf20Sopenharmony_ci if (ret < 0) 12378c2ecf20Sopenharmony_ci break; 12388c2ecf20Sopenharmony_ci } 12398c2ecf20Sopenharmony_ci 12408c2ecf20Sopenharmony_ci if (flags & DCACHE_MOUNTED) { // something's mounted on it.. 12418c2ecf20Sopenharmony_ci struct vfsmount *mounted = lookup_mnt(path); 12428c2ecf20Sopenharmony_ci if (mounted) { // ... in our namespace 12438c2ecf20Sopenharmony_ci dput(path->dentry); 12448c2ecf20Sopenharmony_ci if (need_mntput) 12458c2ecf20Sopenharmony_ci mntput(path->mnt); 12468c2ecf20Sopenharmony_ci path->mnt = mounted; 12478c2ecf20Sopenharmony_ci path->dentry = dget(mounted->mnt_root); 12488c2ecf20Sopenharmony_ci // here we know it's positive 12498c2ecf20Sopenharmony_ci flags = path->dentry->d_flags; 12508c2ecf20Sopenharmony_ci need_mntput = true; 12518c2ecf20Sopenharmony_ci continue; 12528c2ecf20Sopenharmony_ci } 12538c2ecf20Sopenharmony_ci } 12548c2ecf20Sopenharmony_ci 12558c2ecf20Sopenharmony_ci if (!(flags & DCACHE_NEED_AUTOMOUNT)) 12568c2ecf20Sopenharmony_ci break; 12578c2ecf20Sopenharmony_ci 12588c2ecf20Sopenharmony_ci // uncovered automount point 12598c2ecf20Sopenharmony_ci ret = follow_automount(path, count, lookup_flags); 12608c2ecf20Sopenharmony_ci flags = smp_load_acquire(&path->dentry->d_flags); 12618c2ecf20Sopenharmony_ci if (ret < 0) 12628c2ecf20Sopenharmony_ci break; 12638c2ecf20Sopenharmony_ci } 12648c2ecf20Sopenharmony_ci 12658c2ecf20Sopenharmony_ci if (ret == -EISDIR) 12668c2ecf20Sopenharmony_ci ret = 0; 12678c2ecf20Sopenharmony_ci // possible if you race with several mount --move 12688c2ecf20Sopenharmony_ci if (need_mntput && path->mnt == mnt) 12698c2ecf20Sopenharmony_ci mntput(path->mnt); 12708c2ecf20Sopenharmony_ci if (!ret && unlikely(d_flags_negative(flags))) 12718c2ecf20Sopenharmony_ci ret = -ENOENT; 12728c2ecf20Sopenharmony_ci *jumped = need_mntput; 12738c2ecf20Sopenharmony_ci return ret; 12748c2ecf20Sopenharmony_ci} 12758c2ecf20Sopenharmony_ci 12768c2ecf20Sopenharmony_cistatic inline int traverse_mounts(struct path *path, bool *jumped, 12778c2ecf20Sopenharmony_ci int *count, unsigned lookup_flags) 12788c2ecf20Sopenharmony_ci{ 12798c2ecf20Sopenharmony_ci unsigned flags = smp_load_acquire(&path->dentry->d_flags); 12808c2ecf20Sopenharmony_ci 12818c2ecf20Sopenharmony_ci /* fastpath */ 12828c2ecf20Sopenharmony_ci if (likely(!(flags & DCACHE_MANAGED_DENTRY))) { 12838c2ecf20Sopenharmony_ci *jumped = false; 12848c2ecf20Sopenharmony_ci if (unlikely(d_flags_negative(flags))) 12858c2ecf20Sopenharmony_ci return -ENOENT; 12868c2ecf20Sopenharmony_ci return 0; 12878c2ecf20Sopenharmony_ci } 12888c2ecf20Sopenharmony_ci return __traverse_mounts(path, flags, jumped, count, lookup_flags); 12898c2ecf20Sopenharmony_ci} 12908c2ecf20Sopenharmony_ci 12918c2ecf20Sopenharmony_ciint follow_down_one(struct path *path) 12928c2ecf20Sopenharmony_ci{ 12938c2ecf20Sopenharmony_ci struct vfsmount *mounted; 12948c2ecf20Sopenharmony_ci 12958c2ecf20Sopenharmony_ci mounted = lookup_mnt(path); 12968c2ecf20Sopenharmony_ci if (mounted) { 12978c2ecf20Sopenharmony_ci dput(path->dentry); 12988c2ecf20Sopenharmony_ci mntput(path->mnt); 12998c2ecf20Sopenharmony_ci path->mnt = mounted; 13008c2ecf20Sopenharmony_ci path->dentry = dget(mounted->mnt_root); 13018c2ecf20Sopenharmony_ci return 1; 13028c2ecf20Sopenharmony_ci } 13038c2ecf20Sopenharmony_ci return 0; 13048c2ecf20Sopenharmony_ci} 13058c2ecf20Sopenharmony_ciEXPORT_SYMBOL(follow_down_one); 13068c2ecf20Sopenharmony_ci 13078c2ecf20Sopenharmony_ci/* 13088c2ecf20Sopenharmony_ci * Follow down to the covering mount currently visible to userspace. At each 13098c2ecf20Sopenharmony_ci * point, the filesystem owning that dentry may be queried as to whether the 13108c2ecf20Sopenharmony_ci * caller is permitted to proceed or not. 13118c2ecf20Sopenharmony_ci */ 13128c2ecf20Sopenharmony_ciint follow_down(struct path *path) 13138c2ecf20Sopenharmony_ci{ 13148c2ecf20Sopenharmony_ci struct vfsmount *mnt = path->mnt; 13158c2ecf20Sopenharmony_ci bool jumped; 13168c2ecf20Sopenharmony_ci int ret = traverse_mounts(path, &jumped, NULL, 0); 13178c2ecf20Sopenharmony_ci 13188c2ecf20Sopenharmony_ci if (path->mnt != mnt) 13198c2ecf20Sopenharmony_ci mntput(mnt); 13208c2ecf20Sopenharmony_ci return ret; 13218c2ecf20Sopenharmony_ci} 13228c2ecf20Sopenharmony_ciEXPORT_SYMBOL(follow_down); 13238c2ecf20Sopenharmony_ci 13248c2ecf20Sopenharmony_ci/* 13258c2ecf20Sopenharmony_ci * Try to skip to top of mountpoint pile in rcuwalk mode. Fail if 13268c2ecf20Sopenharmony_ci * we meet a managed dentry that would need blocking. 13278c2ecf20Sopenharmony_ci */ 13288c2ecf20Sopenharmony_cistatic bool __follow_mount_rcu(struct nameidata *nd, struct path *path, 13298c2ecf20Sopenharmony_ci struct inode **inode, unsigned *seqp) 13308c2ecf20Sopenharmony_ci{ 13318c2ecf20Sopenharmony_ci struct dentry *dentry = path->dentry; 13328c2ecf20Sopenharmony_ci unsigned int flags = dentry->d_flags; 13338c2ecf20Sopenharmony_ci 13348c2ecf20Sopenharmony_ci if (likely(!(flags & DCACHE_MANAGED_DENTRY))) 13358c2ecf20Sopenharmony_ci return true; 13368c2ecf20Sopenharmony_ci 13378c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_XDEV)) 13388c2ecf20Sopenharmony_ci return false; 13398c2ecf20Sopenharmony_ci 13408c2ecf20Sopenharmony_ci for (;;) { 13418c2ecf20Sopenharmony_ci /* 13428c2ecf20Sopenharmony_ci * Don't forget we might have a non-mountpoint managed dentry 13438c2ecf20Sopenharmony_ci * that wants to block transit. 13448c2ecf20Sopenharmony_ci */ 13458c2ecf20Sopenharmony_ci if (unlikely(flags & DCACHE_MANAGE_TRANSIT)) { 13468c2ecf20Sopenharmony_ci int res = dentry->d_op->d_manage(path, true); 13478c2ecf20Sopenharmony_ci if (res) 13488c2ecf20Sopenharmony_ci return res == -EISDIR; 13498c2ecf20Sopenharmony_ci flags = dentry->d_flags; 13508c2ecf20Sopenharmony_ci } 13518c2ecf20Sopenharmony_ci 13528c2ecf20Sopenharmony_ci if (flags & DCACHE_MOUNTED) { 13538c2ecf20Sopenharmony_ci struct mount *mounted = __lookup_mnt(path->mnt, dentry); 13548c2ecf20Sopenharmony_ci if (mounted) { 13558c2ecf20Sopenharmony_ci path->mnt = &mounted->mnt; 13568c2ecf20Sopenharmony_ci dentry = path->dentry = mounted->mnt.mnt_root; 13578c2ecf20Sopenharmony_ci nd->state |= ND_JUMPED; 13588c2ecf20Sopenharmony_ci *seqp = read_seqcount_begin(&dentry->d_seq); 13598c2ecf20Sopenharmony_ci *inode = dentry->d_inode; 13608c2ecf20Sopenharmony_ci /* 13618c2ecf20Sopenharmony_ci * We don't need to re-check ->d_seq after this 13628c2ecf20Sopenharmony_ci * ->d_inode read - there will be an RCU delay 13638c2ecf20Sopenharmony_ci * between mount hash removal and ->mnt_root 13648c2ecf20Sopenharmony_ci * becoming unpinned. 13658c2ecf20Sopenharmony_ci */ 13668c2ecf20Sopenharmony_ci flags = dentry->d_flags; 13678c2ecf20Sopenharmony_ci if (read_seqretry(&mount_lock, nd->m_seq)) 13688c2ecf20Sopenharmony_ci return false; 13698c2ecf20Sopenharmony_ci continue; 13708c2ecf20Sopenharmony_ci } 13718c2ecf20Sopenharmony_ci if (read_seqretry(&mount_lock, nd->m_seq)) 13728c2ecf20Sopenharmony_ci return false; 13738c2ecf20Sopenharmony_ci } 13748c2ecf20Sopenharmony_ci return !(flags & DCACHE_NEED_AUTOMOUNT); 13758c2ecf20Sopenharmony_ci } 13768c2ecf20Sopenharmony_ci} 13778c2ecf20Sopenharmony_ci 13788c2ecf20Sopenharmony_cistatic inline int handle_mounts(struct nameidata *nd, struct dentry *dentry, 13798c2ecf20Sopenharmony_ci struct path *path, struct inode **inode, 13808c2ecf20Sopenharmony_ci unsigned int *seqp) 13818c2ecf20Sopenharmony_ci{ 13828c2ecf20Sopenharmony_ci bool jumped; 13838c2ecf20Sopenharmony_ci int ret; 13848c2ecf20Sopenharmony_ci 13858c2ecf20Sopenharmony_ci path->mnt = nd->path.mnt; 13868c2ecf20Sopenharmony_ci path->dentry = dentry; 13878c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 13888c2ecf20Sopenharmony_ci unsigned int seq = *seqp; 13898c2ecf20Sopenharmony_ci if (unlikely(!*inode)) 13908c2ecf20Sopenharmony_ci return -ENOENT; 13918c2ecf20Sopenharmony_ci if (likely(__follow_mount_rcu(nd, path, inode, seqp))) 13928c2ecf20Sopenharmony_ci return 0; 13938c2ecf20Sopenharmony_ci if (!try_to_unlazy_next(nd, dentry, seq)) 13948c2ecf20Sopenharmony_ci return -ECHILD; 13958c2ecf20Sopenharmony_ci // *path might've been clobbered by __follow_mount_rcu() 13968c2ecf20Sopenharmony_ci path->mnt = nd->path.mnt; 13978c2ecf20Sopenharmony_ci path->dentry = dentry; 13988c2ecf20Sopenharmony_ci } 13998c2ecf20Sopenharmony_ci ret = traverse_mounts(path, &jumped, &nd->total_link_count, nd->flags); 14008c2ecf20Sopenharmony_ci if (jumped) { 14018c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_XDEV)) 14028c2ecf20Sopenharmony_ci ret = -EXDEV; 14038c2ecf20Sopenharmony_ci else 14048c2ecf20Sopenharmony_ci nd->state |= ND_JUMPED; 14058c2ecf20Sopenharmony_ci } 14068c2ecf20Sopenharmony_ci if (unlikely(ret)) { 14078c2ecf20Sopenharmony_ci dput(path->dentry); 14088c2ecf20Sopenharmony_ci if (path->mnt != nd->path.mnt) 14098c2ecf20Sopenharmony_ci mntput(path->mnt); 14108c2ecf20Sopenharmony_ci } else { 14118c2ecf20Sopenharmony_ci *inode = d_backing_inode(path->dentry); 14128c2ecf20Sopenharmony_ci *seqp = 0; /* out of RCU mode, so the value doesn't matter */ 14138c2ecf20Sopenharmony_ci } 14148c2ecf20Sopenharmony_ci return ret; 14158c2ecf20Sopenharmony_ci} 14168c2ecf20Sopenharmony_ci 14178c2ecf20Sopenharmony_ci/* 14188c2ecf20Sopenharmony_ci * This looks up the name in dcache and possibly revalidates the found dentry. 14198c2ecf20Sopenharmony_ci * NULL is returned if the dentry does not exist in the cache. 14208c2ecf20Sopenharmony_ci */ 14218c2ecf20Sopenharmony_cistatic struct dentry *lookup_dcache(const struct qstr *name, 14228c2ecf20Sopenharmony_ci struct dentry *dir, 14238c2ecf20Sopenharmony_ci unsigned int flags) 14248c2ecf20Sopenharmony_ci{ 14258c2ecf20Sopenharmony_ci struct dentry *dentry = d_lookup(dir, name); 14268c2ecf20Sopenharmony_ci if (dentry) { 14278c2ecf20Sopenharmony_ci int error = d_revalidate(dentry, flags); 14288c2ecf20Sopenharmony_ci if (unlikely(error <= 0)) { 14298c2ecf20Sopenharmony_ci if (!error) 14308c2ecf20Sopenharmony_ci d_invalidate(dentry); 14318c2ecf20Sopenharmony_ci dput(dentry); 14328c2ecf20Sopenharmony_ci return ERR_PTR(error); 14338c2ecf20Sopenharmony_ci } 14348c2ecf20Sopenharmony_ci } 14358c2ecf20Sopenharmony_ci return dentry; 14368c2ecf20Sopenharmony_ci} 14378c2ecf20Sopenharmony_ci 14388c2ecf20Sopenharmony_ci/* 14398c2ecf20Sopenharmony_ci * Parent directory has inode locked exclusive. This is one 14408c2ecf20Sopenharmony_ci * and only case when ->lookup() gets called on non in-lookup 14418c2ecf20Sopenharmony_ci * dentries - as the matter of fact, this only gets called 14428c2ecf20Sopenharmony_ci * when directory is guaranteed to have no in-lookup children 14438c2ecf20Sopenharmony_ci * at all. 14448c2ecf20Sopenharmony_ci */ 14458c2ecf20Sopenharmony_cistatic struct dentry *__lookup_hash(const struct qstr *name, 14468c2ecf20Sopenharmony_ci struct dentry *base, unsigned int flags) 14478c2ecf20Sopenharmony_ci{ 14488c2ecf20Sopenharmony_ci struct dentry *dentry = lookup_dcache(name, base, flags); 14498c2ecf20Sopenharmony_ci struct dentry *old; 14508c2ecf20Sopenharmony_ci struct inode *dir = base->d_inode; 14518c2ecf20Sopenharmony_ci 14528c2ecf20Sopenharmony_ci if (dentry) 14538c2ecf20Sopenharmony_ci return dentry; 14548c2ecf20Sopenharmony_ci 14558c2ecf20Sopenharmony_ci /* Don't create child dentry for a dead directory. */ 14568c2ecf20Sopenharmony_ci if (unlikely(IS_DEADDIR(dir))) 14578c2ecf20Sopenharmony_ci return ERR_PTR(-ENOENT); 14588c2ecf20Sopenharmony_ci 14598c2ecf20Sopenharmony_ci dentry = d_alloc(base, name); 14608c2ecf20Sopenharmony_ci if (unlikely(!dentry)) 14618c2ecf20Sopenharmony_ci return ERR_PTR(-ENOMEM); 14628c2ecf20Sopenharmony_ci 14638c2ecf20Sopenharmony_ci old = dir->i_op->lookup(dir, dentry, flags); 14648c2ecf20Sopenharmony_ci if (unlikely(old)) { 14658c2ecf20Sopenharmony_ci dput(dentry); 14668c2ecf20Sopenharmony_ci dentry = old; 14678c2ecf20Sopenharmony_ci } 14688c2ecf20Sopenharmony_ci return dentry; 14698c2ecf20Sopenharmony_ci} 14708c2ecf20Sopenharmony_ci 14718c2ecf20Sopenharmony_cistatic struct dentry *lookup_fast(struct nameidata *nd, 14728c2ecf20Sopenharmony_ci struct inode **inode, 14738c2ecf20Sopenharmony_ci unsigned *seqp) 14748c2ecf20Sopenharmony_ci{ 14758c2ecf20Sopenharmony_ci struct dentry *dentry, *parent = nd->path.dentry; 14768c2ecf20Sopenharmony_ci int status = 1; 14778c2ecf20Sopenharmony_ci 14788c2ecf20Sopenharmony_ci /* 14798c2ecf20Sopenharmony_ci * Rename seqlock is not required here because in the off chance 14808c2ecf20Sopenharmony_ci * of a false negative due to a concurrent rename, the caller is 14818c2ecf20Sopenharmony_ci * going to fall back to non-racy lookup. 14828c2ecf20Sopenharmony_ci */ 14838c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 14848c2ecf20Sopenharmony_ci unsigned seq; 14858c2ecf20Sopenharmony_ci dentry = __d_lookup_rcu(parent, &nd->last, &seq); 14868c2ecf20Sopenharmony_ci if (unlikely(!dentry)) { 14878c2ecf20Sopenharmony_ci if (!try_to_unlazy(nd)) 14888c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 14898c2ecf20Sopenharmony_ci return NULL; 14908c2ecf20Sopenharmony_ci } 14918c2ecf20Sopenharmony_ci 14928c2ecf20Sopenharmony_ci /* 14938c2ecf20Sopenharmony_ci * This sequence count validates that the inode matches 14948c2ecf20Sopenharmony_ci * the dentry name information from lookup. 14958c2ecf20Sopenharmony_ci */ 14968c2ecf20Sopenharmony_ci *inode = d_backing_inode(dentry); 14978c2ecf20Sopenharmony_ci if (unlikely(read_seqcount_retry(&dentry->d_seq, seq))) 14988c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 14998c2ecf20Sopenharmony_ci 15008c2ecf20Sopenharmony_ci /* 15018c2ecf20Sopenharmony_ci * This sequence count validates that the parent had no 15028c2ecf20Sopenharmony_ci * changes while we did the lookup of the dentry above. 15038c2ecf20Sopenharmony_ci * 15048c2ecf20Sopenharmony_ci * The memory barrier in read_seqcount_begin of child is 15058c2ecf20Sopenharmony_ci * enough, we can use __read_seqcount_retry here. 15068c2ecf20Sopenharmony_ci */ 15078c2ecf20Sopenharmony_ci if (unlikely(__read_seqcount_retry(&parent->d_seq, nd->seq))) 15088c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 15098c2ecf20Sopenharmony_ci 15108c2ecf20Sopenharmony_ci *seqp = seq; 15118c2ecf20Sopenharmony_ci status = d_revalidate(dentry, nd->flags); 15128c2ecf20Sopenharmony_ci if (likely(status > 0)) 15138c2ecf20Sopenharmony_ci return dentry; 15148c2ecf20Sopenharmony_ci if (!try_to_unlazy_next(nd, dentry, seq)) 15158c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 15168c2ecf20Sopenharmony_ci if (unlikely(status == -ECHILD)) 15178c2ecf20Sopenharmony_ci /* we'd been told to redo it in non-rcu mode */ 15188c2ecf20Sopenharmony_ci status = d_revalidate(dentry, nd->flags); 15198c2ecf20Sopenharmony_ci } else { 15208c2ecf20Sopenharmony_ci dentry = __d_lookup(parent, &nd->last); 15218c2ecf20Sopenharmony_ci if (unlikely(!dentry)) 15228c2ecf20Sopenharmony_ci return NULL; 15238c2ecf20Sopenharmony_ci status = d_revalidate(dentry, nd->flags); 15248c2ecf20Sopenharmony_ci } 15258c2ecf20Sopenharmony_ci if (unlikely(status <= 0)) { 15268c2ecf20Sopenharmony_ci if (!status) 15278c2ecf20Sopenharmony_ci d_invalidate(dentry); 15288c2ecf20Sopenharmony_ci dput(dentry); 15298c2ecf20Sopenharmony_ci return ERR_PTR(status); 15308c2ecf20Sopenharmony_ci } 15318c2ecf20Sopenharmony_ci return dentry; 15328c2ecf20Sopenharmony_ci} 15338c2ecf20Sopenharmony_ci 15348c2ecf20Sopenharmony_ci/* Fast lookup failed, do it the slow way */ 15358c2ecf20Sopenharmony_cistatic struct dentry *__lookup_slow(const struct qstr *name, 15368c2ecf20Sopenharmony_ci struct dentry *dir, 15378c2ecf20Sopenharmony_ci unsigned int flags) 15388c2ecf20Sopenharmony_ci{ 15398c2ecf20Sopenharmony_ci struct dentry *dentry, *old; 15408c2ecf20Sopenharmony_ci struct inode *inode = dir->d_inode; 15418c2ecf20Sopenharmony_ci DECLARE_WAIT_QUEUE_HEAD_ONSTACK(wq); 15428c2ecf20Sopenharmony_ci 15438c2ecf20Sopenharmony_ci /* Don't go there if it's already dead */ 15448c2ecf20Sopenharmony_ci if (unlikely(IS_DEADDIR(inode))) 15458c2ecf20Sopenharmony_ci return ERR_PTR(-ENOENT); 15468c2ecf20Sopenharmony_ciagain: 15478c2ecf20Sopenharmony_ci dentry = d_alloc_parallel(dir, name, &wq); 15488c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 15498c2ecf20Sopenharmony_ci return dentry; 15508c2ecf20Sopenharmony_ci if (unlikely(!d_in_lookup(dentry))) { 15518c2ecf20Sopenharmony_ci int error = d_revalidate(dentry, flags); 15528c2ecf20Sopenharmony_ci if (unlikely(error <= 0)) { 15538c2ecf20Sopenharmony_ci if (!error) { 15548c2ecf20Sopenharmony_ci d_invalidate(dentry); 15558c2ecf20Sopenharmony_ci dput(dentry); 15568c2ecf20Sopenharmony_ci goto again; 15578c2ecf20Sopenharmony_ci } 15588c2ecf20Sopenharmony_ci dput(dentry); 15598c2ecf20Sopenharmony_ci dentry = ERR_PTR(error); 15608c2ecf20Sopenharmony_ci } 15618c2ecf20Sopenharmony_ci } else { 15628c2ecf20Sopenharmony_ci old = inode->i_op->lookup(inode, dentry, flags); 15638c2ecf20Sopenharmony_ci d_lookup_done(dentry); 15648c2ecf20Sopenharmony_ci if (unlikely(old)) { 15658c2ecf20Sopenharmony_ci dput(dentry); 15668c2ecf20Sopenharmony_ci dentry = old; 15678c2ecf20Sopenharmony_ci } 15688c2ecf20Sopenharmony_ci } 15698c2ecf20Sopenharmony_ci return dentry; 15708c2ecf20Sopenharmony_ci} 15718c2ecf20Sopenharmony_ci 15728c2ecf20Sopenharmony_cistatic struct dentry *lookup_slow(const struct qstr *name, 15738c2ecf20Sopenharmony_ci struct dentry *dir, 15748c2ecf20Sopenharmony_ci unsigned int flags) 15758c2ecf20Sopenharmony_ci{ 15768c2ecf20Sopenharmony_ci struct inode *inode = dir->d_inode; 15778c2ecf20Sopenharmony_ci struct dentry *res; 15788c2ecf20Sopenharmony_ci inode_lock_shared(inode); 15798c2ecf20Sopenharmony_ci res = __lookup_slow(name, dir, flags); 15808c2ecf20Sopenharmony_ci inode_unlock_shared(inode); 15818c2ecf20Sopenharmony_ci return res; 15828c2ecf20Sopenharmony_ci} 15838c2ecf20Sopenharmony_ci 15848c2ecf20Sopenharmony_cistatic inline int may_lookup(struct nameidata *nd) 15858c2ecf20Sopenharmony_ci{ 15868c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 15878c2ecf20Sopenharmony_ci int err = inode_permission(nd->inode, MAY_EXEC|MAY_NOT_BLOCK); 15888c2ecf20Sopenharmony_ci if (err != -ECHILD || !try_to_unlazy(nd)) 15898c2ecf20Sopenharmony_ci return err; 15908c2ecf20Sopenharmony_ci } 15918c2ecf20Sopenharmony_ci return inode_permission(nd->inode, MAY_EXEC); 15928c2ecf20Sopenharmony_ci} 15938c2ecf20Sopenharmony_ci 15948c2ecf20Sopenharmony_cistatic int reserve_stack(struct nameidata *nd, struct path *link, unsigned seq) 15958c2ecf20Sopenharmony_ci{ 15968c2ecf20Sopenharmony_ci if (unlikely(nd->total_link_count++ >= MAXSYMLINKS)) 15978c2ecf20Sopenharmony_ci return -ELOOP; 15988c2ecf20Sopenharmony_ci 15998c2ecf20Sopenharmony_ci if (likely(nd->depth != EMBEDDED_LEVELS)) 16008c2ecf20Sopenharmony_ci return 0; 16018c2ecf20Sopenharmony_ci if (likely(nd->stack != nd->internal)) 16028c2ecf20Sopenharmony_ci return 0; 16038c2ecf20Sopenharmony_ci if (likely(nd_alloc_stack(nd))) 16048c2ecf20Sopenharmony_ci return 0; 16058c2ecf20Sopenharmony_ci 16068c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 16078c2ecf20Sopenharmony_ci // we need to grab link before we do unlazy. And we can't skip 16088c2ecf20Sopenharmony_ci // unlazy even if we fail to grab the link - cleanup needs it 16098c2ecf20Sopenharmony_ci bool grabbed_link = legitimize_path(nd, link, seq); 16108c2ecf20Sopenharmony_ci 16118c2ecf20Sopenharmony_ci if (!try_to_unlazy(nd) != 0 || !grabbed_link) 16128c2ecf20Sopenharmony_ci return -ECHILD; 16138c2ecf20Sopenharmony_ci 16148c2ecf20Sopenharmony_ci if (nd_alloc_stack(nd)) 16158c2ecf20Sopenharmony_ci return 0; 16168c2ecf20Sopenharmony_ci } 16178c2ecf20Sopenharmony_ci return -ENOMEM; 16188c2ecf20Sopenharmony_ci} 16198c2ecf20Sopenharmony_ci 16208c2ecf20Sopenharmony_cienum {WALK_TRAILING = 1, WALK_MORE = 2, WALK_NOFOLLOW = 4}; 16218c2ecf20Sopenharmony_ci 16228c2ecf20Sopenharmony_cistatic const char *pick_link(struct nameidata *nd, struct path *link, 16238c2ecf20Sopenharmony_ci struct inode *inode, unsigned seq, int flags) 16248c2ecf20Sopenharmony_ci{ 16258c2ecf20Sopenharmony_ci struct saved *last; 16268c2ecf20Sopenharmony_ci const char *res; 16278c2ecf20Sopenharmony_ci int error = reserve_stack(nd, link, seq); 16288c2ecf20Sopenharmony_ci 16298c2ecf20Sopenharmony_ci if (unlikely(error)) { 16308c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_RCU)) 16318c2ecf20Sopenharmony_ci path_put(link); 16328c2ecf20Sopenharmony_ci return ERR_PTR(error); 16338c2ecf20Sopenharmony_ci } 16348c2ecf20Sopenharmony_ci last = nd->stack + nd->depth++; 16358c2ecf20Sopenharmony_ci last->link = *link; 16368c2ecf20Sopenharmony_ci clear_delayed_call(&last->done); 16378c2ecf20Sopenharmony_ci last->seq = seq; 16388c2ecf20Sopenharmony_ci 16398c2ecf20Sopenharmony_ci if (flags & WALK_TRAILING) { 16408c2ecf20Sopenharmony_ci error = may_follow_link(nd, inode); 16418c2ecf20Sopenharmony_ci if (unlikely(error)) 16428c2ecf20Sopenharmony_ci return ERR_PTR(error); 16438c2ecf20Sopenharmony_ci } 16448c2ecf20Sopenharmony_ci 16458c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_SYMLINKS) || 16468c2ecf20Sopenharmony_ci unlikely(link->mnt->mnt_flags & MNT_NOSYMFOLLOW)) 16478c2ecf20Sopenharmony_ci return ERR_PTR(-ELOOP); 16488c2ecf20Sopenharmony_ci 16498c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_RCU)) { 16508c2ecf20Sopenharmony_ci touch_atime(&last->link); 16518c2ecf20Sopenharmony_ci cond_resched(); 16528c2ecf20Sopenharmony_ci } else if (atime_needs_update(&last->link, inode)) { 16538c2ecf20Sopenharmony_ci if (!try_to_unlazy(nd)) 16548c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 16558c2ecf20Sopenharmony_ci touch_atime(&last->link); 16568c2ecf20Sopenharmony_ci } 16578c2ecf20Sopenharmony_ci 16588c2ecf20Sopenharmony_ci error = security_inode_follow_link(link->dentry, inode, 16598c2ecf20Sopenharmony_ci nd->flags & LOOKUP_RCU); 16608c2ecf20Sopenharmony_ci if (unlikely(error)) 16618c2ecf20Sopenharmony_ci return ERR_PTR(error); 16628c2ecf20Sopenharmony_ci 16638c2ecf20Sopenharmony_ci res = READ_ONCE(inode->i_link); 16648c2ecf20Sopenharmony_ci if (!res) { 16658c2ecf20Sopenharmony_ci const char * (*get)(struct dentry *, struct inode *, 16668c2ecf20Sopenharmony_ci struct delayed_call *); 16678c2ecf20Sopenharmony_ci get = inode->i_op->get_link; 16688c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 16698c2ecf20Sopenharmony_ci res = get(NULL, inode, &last->done); 16708c2ecf20Sopenharmony_ci if (res == ERR_PTR(-ECHILD) && try_to_unlazy(nd)) 16718c2ecf20Sopenharmony_ci res = get(link->dentry, inode, &last->done); 16728c2ecf20Sopenharmony_ci } else { 16738c2ecf20Sopenharmony_ci res = get(link->dentry, inode, &last->done); 16748c2ecf20Sopenharmony_ci } 16758c2ecf20Sopenharmony_ci if (!res) 16768c2ecf20Sopenharmony_ci goto all_done; 16778c2ecf20Sopenharmony_ci if (IS_ERR(res)) 16788c2ecf20Sopenharmony_ci return res; 16798c2ecf20Sopenharmony_ci } 16808c2ecf20Sopenharmony_ci if (*res == '/') { 16818c2ecf20Sopenharmony_ci error = nd_jump_root(nd); 16828c2ecf20Sopenharmony_ci if (unlikely(error)) 16838c2ecf20Sopenharmony_ci return ERR_PTR(error); 16848c2ecf20Sopenharmony_ci while (unlikely(*++res == '/')) 16858c2ecf20Sopenharmony_ci ; 16868c2ecf20Sopenharmony_ci } 16878c2ecf20Sopenharmony_ci if (*res) 16888c2ecf20Sopenharmony_ci return res; 16898c2ecf20Sopenharmony_ciall_done: // pure jump 16908c2ecf20Sopenharmony_ci put_link(nd); 16918c2ecf20Sopenharmony_ci return NULL; 16928c2ecf20Sopenharmony_ci} 16938c2ecf20Sopenharmony_ci 16948c2ecf20Sopenharmony_ci/* 16958c2ecf20Sopenharmony_ci * Do we need to follow links? We _really_ want to be able 16968c2ecf20Sopenharmony_ci * to do this check without having to look at inode->i_op, 16978c2ecf20Sopenharmony_ci * so we keep a cache of "no, this doesn't need follow_link" 16988c2ecf20Sopenharmony_ci * for the common case. 16998c2ecf20Sopenharmony_ci */ 17008c2ecf20Sopenharmony_cistatic const char *step_into(struct nameidata *nd, int flags, 17018c2ecf20Sopenharmony_ci struct dentry *dentry, struct inode *inode, unsigned seq) 17028c2ecf20Sopenharmony_ci{ 17038c2ecf20Sopenharmony_ci struct path path; 17048c2ecf20Sopenharmony_ci int err = handle_mounts(nd, dentry, &path, &inode, &seq); 17058c2ecf20Sopenharmony_ci 17068c2ecf20Sopenharmony_ci if (err < 0) 17078c2ecf20Sopenharmony_ci return ERR_PTR(err); 17088c2ecf20Sopenharmony_ci if (likely(!d_is_symlink(path.dentry)) || 17098c2ecf20Sopenharmony_ci ((flags & WALK_TRAILING) && !(nd->flags & LOOKUP_FOLLOW)) || 17108c2ecf20Sopenharmony_ci (flags & WALK_NOFOLLOW)) { 17118c2ecf20Sopenharmony_ci /* not a symlink or should not follow */ 17128c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_RCU)) { 17138c2ecf20Sopenharmony_ci dput(nd->path.dentry); 17148c2ecf20Sopenharmony_ci if (nd->path.mnt != path.mnt) 17158c2ecf20Sopenharmony_ci mntput(nd->path.mnt); 17168c2ecf20Sopenharmony_ci } 17178c2ecf20Sopenharmony_ci nd->path = path; 17188c2ecf20Sopenharmony_ci nd->inode = inode; 17198c2ecf20Sopenharmony_ci nd->seq = seq; 17208c2ecf20Sopenharmony_ci return NULL; 17218c2ecf20Sopenharmony_ci } 17228c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 17238c2ecf20Sopenharmony_ci /* make sure that d_is_symlink above matches inode */ 17248c2ecf20Sopenharmony_ci if (read_seqcount_retry(&path.dentry->d_seq, seq)) 17258c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17268c2ecf20Sopenharmony_ci } else { 17278c2ecf20Sopenharmony_ci if (path.mnt == nd->path.mnt) 17288c2ecf20Sopenharmony_ci mntget(path.mnt); 17298c2ecf20Sopenharmony_ci } 17308c2ecf20Sopenharmony_ci return pick_link(nd, &path, inode, seq, flags); 17318c2ecf20Sopenharmony_ci} 17328c2ecf20Sopenharmony_ci 17338c2ecf20Sopenharmony_cistatic struct dentry *follow_dotdot_rcu(struct nameidata *nd, 17348c2ecf20Sopenharmony_ci struct inode **inodep, 17358c2ecf20Sopenharmony_ci unsigned *seqp) 17368c2ecf20Sopenharmony_ci{ 17378c2ecf20Sopenharmony_ci struct dentry *parent, *old; 17388c2ecf20Sopenharmony_ci 17398c2ecf20Sopenharmony_ci if (path_equal(&nd->path, &nd->root)) 17408c2ecf20Sopenharmony_ci goto in_root; 17418c2ecf20Sopenharmony_ci if (unlikely(nd->path.dentry == nd->path.mnt->mnt_root)) { 17428c2ecf20Sopenharmony_ci struct path path; 17438c2ecf20Sopenharmony_ci unsigned seq; 17448c2ecf20Sopenharmony_ci if (!choose_mountpoint_rcu(real_mount(nd->path.mnt), 17458c2ecf20Sopenharmony_ci &nd->root, &path, &seq)) 17468c2ecf20Sopenharmony_ci goto in_root; 17478c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_XDEV)) 17488c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17498c2ecf20Sopenharmony_ci nd->path = path; 17508c2ecf20Sopenharmony_ci nd->inode = path.dentry->d_inode; 17518c2ecf20Sopenharmony_ci nd->seq = seq; 17528c2ecf20Sopenharmony_ci if (unlikely(read_seqretry(&mount_lock, nd->m_seq))) 17538c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17548c2ecf20Sopenharmony_ci /* we know that mountpoint was pinned */ 17558c2ecf20Sopenharmony_ci } 17568c2ecf20Sopenharmony_ci old = nd->path.dentry; 17578c2ecf20Sopenharmony_ci parent = old->d_parent; 17588c2ecf20Sopenharmony_ci *inodep = parent->d_inode; 17598c2ecf20Sopenharmony_ci *seqp = read_seqcount_begin(&parent->d_seq); 17608c2ecf20Sopenharmony_ci if (unlikely(read_seqcount_retry(&old->d_seq, nd->seq))) 17618c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17628c2ecf20Sopenharmony_ci if (unlikely(!path_connected(nd->path.mnt, parent))) 17638c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17648c2ecf20Sopenharmony_ci return parent; 17658c2ecf20Sopenharmony_ciin_root: 17668c2ecf20Sopenharmony_ci if (unlikely(read_seqretry(&mount_lock, nd->m_seq))) 17678c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17688c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_BENEATH)) 17698c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 17708c2ecf20Sopenharmony_ci return NULL; 17718c2ecf20Sopenharmony_ci} 17728c2ecf20Sopenharmony_ci 17738c2ecf20Sopenharmony_cistatic struct dentry *follow_dotdot(struct nameidata *nd, 17748c2ecf20Sopenharmony_ci struct inode **inodep, 17758c2ecf20Sopenharmony_ci unsigned *seqp) 17768c2ecf20Sopenharmony_ci{ 17778c2ecf20Sopenharmony_ci struct dentry *parent; 17788c2ecf20Sopenharmony_ci 17798c2ecf20Sopenharmony_ci if (path_equal(&nd->path, &nd->root)) 17808c2ecf20Sopenharmony_ci goto in_root; 17818c2ecf20Sopenharmony_ci if (unlikely(nd->path.dentry == nd->path.mnt->mnt_root)) { 17828c2ecf20Sopenharmony_ci struct path path; 17838c2ecf20Sopenharmony_ci 17848c2ecf20Sopenharmony_ci if (!choose_mountpoint(real_mount(nd->path.mnt), 17858c2ecf20Sopenharmony_ci &nd->root, &path)) 17868c2ecf20Sopenharmony_ci goto in_root; 17878c2ecf20Sopenharmony_ci path_put(&nd->path); 17888c2ecf20Sopenharmony_ci nd->path = path; 17898c2ecf20Sopenharmony_ci nd->inode = path.dentry->d_inode; 17908c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_NO_XDEV)) 17918c2ecf20Sopenharmony_ci return ERR_PTR(-EXDEV); 17928c2ecf20Sopenharmony_ci } 17938c2ecf20Sopenharmony_ci /* rare case of legitimate dget_parent()... */ 17948c2ecf20Sopenharmony_ci parent = dget_parent(nd->path.dentry); 17958c2ecf20Sopenharmony_ci if (unlikely(!path_connected(nd->path.mnt, parent))) { 17968c2ecf20Sopenharmony_ci dput(parent); 17978c2ecf20Sopenharmony_ci return ERR_PTR(-ENOENT); 17988c2ecf20Sopenharmony_ci } 17998c2ecf20Sopenharmony_ci *seqp = 0; 18008c2ecf20Sopenharmony_ci *inodep = parent->d_inode; 18018c2ecf20Sopenharmony_ci return parent; 18028c2ecf20Sopenharmony_ci 18038c2ecf20Sopenharmony_ciin_root: 18048c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_BENEATH)) 18058c2ecf20Sopenharmony_ci return ERR_PTR(-EXDEV); 18068c2ecf20Sopenharmony_ci dget(nd->path.dentry); 18078c2ecf20Sopenharmony_ci return NULL; 18088c2ecf20Sopenharmony_ci} 18098c2ecf20Sopenharmony_ci 18108c2ecf20Sopenharmony_cistatic const char *handle_dots(struct nameidata *nd, int type) 18118c2ecf20Sopenharmony_ci{ 18128c2ecf20Sopenharmony_ci if (type == LAST_DOTDOT) { 18138c2ecf20Sopenharmony_ci const char *error = NULL; 18148c2ecf20Sopenharmony_ci struct dentry *parent; 18158c2ecf20Sopenharmony_ci struct inode *inode; 18168c2ecf20Sopenharmony_ci unsigned seq; 18178c2ecf20Sopenharmony_ci 18188c2ecf20Sopenharmony_ci if (!nd->root.mnt) { 18198c2ecf20Sopenharmony_ci error = ERR_PTR(set_root(nd)); 18208c2ecf20Sopenharmony_ci if (error) 18218c2ecf20Sopenharmony_ci return error; 18228c2ecf20Sopenharmony_ci } 18238c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) 18248c2ecf20Sopenharmony_ci parent = follow_dotdot_rcu(nd, &inode, &seq); 18258c2ecf20Sopenharmony_ci else 18268c2ecf20Sopenharmony_ci parent = follow_dotdot(nd, &inode, &seq); 18278c2ecf20Sopenharmony_ci if (IS_ERR(parent)) 18288c2ecf20Sopenharmony_ci return ERR_CAST(parent); 18298c2ecf20Sopenharmony_ci if (unlikely(!parent)) 18308c2ecf20Sopenharmony_ci error = step_into(nd, WALK_NOFOLLOW, 18318c2ecf20Sopenharmony_ci nd->path.dentry, nd->inode, nd->seq); 18328c2ecf20Sopenharmony_ci else 18338c2ecf20Sopenharmony_ci error = step_into(nd, WALK_NOFOLLOW, 18348c2ecf20Sopenharmony_ci parent, inode, seq); 18358c2ecf20Sopenharmony_ci if (unlikely(error)) 18368c2ecf20Sopenharmony_ci return error; 18378c2ecf20Sopenharmony_ci 18388c2ecf20Sopenharmony_ci if (unlikely(nd->flags & LOOKUP_IS_SCOPED)) { 18398c2ecf20Sopenharmony_ci /* 18408c2ecf20Sopenharmony_ci * If there was a racing rename or mount along our 18418c2ecf20Sopenharmony_ci * path, then we can't be sure that ".." hasn't jumped 18428c2ecf20Sopenharmony_ci * above nd->root (and so userspace should retry or use 18438c2ecf20Sopenharmony_ci * some fallback). 18448c2ecf20Sopenharmony_ci */ 18458c2ecf20Sopenharmony_ci smp_rmb(); 18468c2ecf20Sopenharmony_ci if (unlikely(__read_seqcount_retry(&mount_lock.seqcount, nd->m_seq))) 18478c2ecf20Sopenharmony_ci return ERR_PTR(-EAGAIN); 18488c2ecf20Sopenharmony_ci if (unlikely(__read_seqcount_retry(&rename_lock.seqcount, nd->r_seq))) 18498c2ecf20Sopenharmony_ci return ERR_PTR(-EAGAIN); 18508c2ecf20Sopenharmony_ci } 18518c2ecf20Sopenharmony_ci } 18528c2ecf20Sopenharmony_ci return NULL; 18538c2ecf20Sopenharmony_ci} 18548c2ecf20Sopenharmony_ci 18558c2ecf20Sopenharmony_cistatic const char *walk_component(struct nameidata *nd, int flags) 18568c2ecf20Sopenharmony_ci{ 18578c2ecf20Sopenharmony_ci struct dentry *dentry; 18588c2ecf20Sopenharmony_ci struct inode *inode; 18598c2ecf20Sopenharmony_ci unsigned seq; 18608c2ecf20Sopenharmony_ci /* 18618c2ecf20Sopenharmony_ci * "." and ".." are special - ".." especially so because it has 18628c2ecf20Sopenharmony_ci * to be able to know about the current root directory and 18638c2ecf20Sopenharmony_ci * parent relationships. 18648c2ecf20Sopenharmony_ci */ 18658c2ecf20Sopenharmony_ci if (unlikely(nd->last_type != LAST_NORM)) { 18668c2ecf20Sopenharmony_ci if (!(flags & WALK_MORE) && nd->depth) 18678c2ecf20Sopenharmony_ci put_link(nd); 18688c2ecf20Sopenharmony_ci return handle_dots(nd, nd->last_type); 18698c2ecf20Sopenharmony_ci } 18708c2ecf20Sopenharmony_ci dentry = lookup_fast(nd, &inode, &seq); 18718c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 18728c2ecf20Sopenharmony_ci return ERR_CAST(dentry); 18738c2ecf20Sopenharmony_ci if (unlikely(!dentry)) { 18748c2ecf20Sopenharmony_ci dentry = lookup_slow(&nd->last, nd->path.dentry, nd->flags); 18758c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 18768c2ecf20Sopenharmony_ci return ERR_CAST(dentry); 18778c2ecf20Sopenharmony_ci } 18788c2ecf20Sopenharmony_ci if (!(flags & WALK_MORE) && nd->depth) 18798c2ecf20Sopenharmony_ci put_link(nd); 18808c2ecf20Sopenharmony_ci return step_into(nd, flags, dentry, inode, seq); 18818c2ecf20Sopenharmony_ci} 18828c2ecf20Sopenharmony_ci 18838c2ecf20Sopenharmony_ci/* 18848c2ecf20Sopenharmony_ci * We can do the critical dentry name comparison and hashing 18858c2ecf20Sopenharmony_ci * operations one word at a time, but we are limited to: 18868c2ecf20Sopenharmony_ci * 18878c2ecf20Sopenharmony_ci * - Architectures with fast unaligned word accesses. We could 18888c2ecf20Sopenharmony_ci * do a "get_unaligned()" if this helps and is sufficiently 18898c2ecf20Sopenharmony_ci * fast. 18908c2ecf20Sopenharmony_ci * 18918c2ecf20Sopenharmony_ci * - non-CONFIG_DEBUG_PAGEALLOC configurations (so that we 18928c2ecf20Sopenharmony_ci * do not trap on the (extremely unlikely) case of a page 18938c2ecf20Sopenharmony_ci * crossing operation. 18948c2ecf20Sopenharmony_ci * 18958c2ecf20Sopenharmony_ci * - Furthermore, we need an efficient 64-bit compile for the 18968c2ecf20Sopenharmony_ci * 64-bit case in order to generate the "number of bytes in 18978c2ecf20Sopenharmony_ci * the final mask". Again, that could be replaced with a 18988c2ecf20Sopenharmony_ci * efficient population count instruction or similar. 18998c2ecf20Sopenharmony_ci */ 19008c2ecf20Sopenharmony_ci#ifdef CONFIG_DCACHE_WORD_ACCESS 19018c2ecf20Sopenharmony_ci 19028c2ecf20Sopenharmony_ci#include <asm/word-at-a-time.h> 19038c2ecf20Sopenharmony_ci 19048c2ecf20Sopenharmony_ci#ifdef HASH_MIX 19058c2ecf20Sopenharmony_ci 19068c2ecf20Sopenharmony_ci/* Architecture provides HASH_MIX and fold_hash() in <asm/hash.h> */ 19078c2ecf20Sopenharmony_ci 19088c2ecf20Sopenharmony_ci#elif defined(CONFIG_64BIT) 19098c2ecf20Sopenharmony_ci/* 19108c2ecf20Sopenharmony_ci * Register pressure in the mixing function is an issue, particularly 19118c2ecf20Sopenharmony_ci * on 32-bit x86, but almost any function requires one state value and 19128c2ecf20Sopenharmony_ci * one temporary. Instead, use a function designed for two state values 19138c2ecf20Sopenharmony_ci * and no temporaries. 19148c2ecf20Sopenharmony_ci * 19158c2ecf20Sopenharmony_ci * This function cannot create a collision in only two iterations, so 19168c2ecf20Sopenharmony_ci * we have two iterations to achieve avalanche. In those two iterations, 19178c2ecf20Sopenharmony_ci * we have six layers of mixing, which is enough to spread one bit's 19188c2ecf20Sopenharmony_ci * influence out to 2^6 = 64 state bits. 19198c2ecf20Sopenharmony_ci * 19208c2ecf20Sopenharmony_ci * Rotate constants are scored by considering either 64 one-bit input 19218c2ecf20Sopenharmony_ci * deltas or 64*63/2 = 2016 two-bit input deltas, and finding the 19228c2ecf20Sopenharmony_ci * probability of that delta causing a change to each of the 128 output 19238c2ecf20Sopenharmony_ci * bits, using a sample of random initial states. 19248c2ecf20Sopenharmony_ci * 19258c2ecf20Sopenharmony_ci * The Shannon entropy of the computed probabilities is then summed 19268c2ecf20Sopenharmony_ci * to produce a score. Ideally, any input change has a 50% chance of 19278c2ecf20Sopenharmony_ci * toggling any given output bit. 19288c2ecf20Sopenharmony_ci * 19298c2ecf20Sopenharmony_ci * Mixing scores (in bits) for (12,45): 19308c2ecf20Sopenharmony_ci * Input delta: 1-bit 2-bit 19318c2ecf20Sopenharmony_ci * 1 round: 713.3 42542.6 19328c2ecf20Sopenharmony_ci * 2 rounds: 2753.7 140389.8 19338c2ecf20Sopenharmony_ci * 3 rounds: 5954.1 233458.2 19348c2ecf20Sopenharmony_ci * 4 rounds: 7862.6 256672.2 19358c2ecf20Sopenharmony_ci * Perfect: 8192 258048 19368c2ecf20Sopenharmony_ci * (64*128) (64*63/2 * 128) 19378c2ecf20Sopenharmony_ci */ 19388c2ecf20Sopenharmony_ci#define HASH_MIX(x, y, a) \ 19398c2ecf20Sopenharmony_ci ( x ^= (a), \ 19408c2ecf20Sopenharmony_ci y ^= x, x = rol64(x,12),\ 19418c2ecf20Sopenharmony_ci x += y, y = rol64(y,45),\ 19428c2ecf20Sopenharmony_ci y *= 9 ) 19438c2ecf20Sopenharmony_ci 19448c2ecf20Sopenharmony_ci/* 19458c2ecf20Sopenharmony_ci * Fold two longs into one 32-bit hash value. This must be fast, but 19468c2ecf20Sopenharmony_ci * latency isn't quite as critical, as there is a fair bit of additional 19478c2ecf20Sopenharmony_ci * work done before the hash value is used. 19488c2ecf20Sopenharmony_ci */ 19498c2ecf20Sopenharmony_cistatic inline unsigned int fold_hash(unsigned long x, unsigned long y) 19508c2ecf20Sopenharmony_ci{ 19518c2ecf20Sopenharmony_ci y ^= x * GOLDEN_RATIO_64; 19528c2ecf20Sopenharmony_ci y *= GOLDEN_RATIO_64; 19538c2ecf20Sopenharmony_ci return y >> 32; 19548c2ecf20Sopenharmony_ci} 19558c2ecf20Sopenharmony_ci 19568c2ecf20Sopenharmony_ci#else /* 32-bit case */ 19578c2ecf20Sopenharmony_ci 19588c2ecf20Sopenharmony_ci/* 19598c2ecf20Sopenharmony_ci * Mixing scores (in bits) for (7,20): 19608c2ecf20Sopenharmony_ci * Input delta: 1-bit 2-bit 19618c2ecf20Sopenharmony_ci * 1 round: 330.3 9201.6 19628c2ecf20Sopenharmony_ci * 2 rounds: 1246.4 25475.4 19638c2ecf20Sopenharmony_ci * 3 rounds: 1907.1 31295.1 19648c2ecf20Sopenharmony_ci * 4 rounds: 2042.3 31718.6 19658c2ecf20Sopenharmony_ci * Perfect: 2048 31744 19668c2ecf20Sopenharmony_ci * (32*64) (32*31/2 * 64) 19678c2ecf20Sopenharmony_ci */ 19688c2ecf20Sopenharmony_ci#define HASH_MIX(x, y, a) \ 19698c2ecf20Sopenharmony_ci ( x ^= (a), \ 19708c2ecf20Sopenharmony_ci y ^= x, x = rol32(x, 7),\ 19718c2ecf20Sopenharmony_ci x += y, y = rol32(y,20),\ 19728c2ecf20Sopenharmony_ci y *= 9 ) 19738c2ecf20Sopenharmony_ci 19748c2ecf20Sopenharmony_cistatic inline unsigned int fold_hash(unsigned long x, unsigned long y) 19758c2ecf20Sopenharmony_ci{ 19768c2ecf20Sopenharmony_ci /* Use arch-optimized multiply if one exists */ 19778c2ecf20Sopenharmony_ci return __hash_32(y ^ __hash_32(x)); 19788c2ecf20Sopenharmony_ci} 19798c2ecf20Sopenharmony_ci 19808c2ecf20Sopenharmony_ci#endif 19818c2ecf20Sopenharmony_ci 19828c2ecf20Sopenharmony_ci/* 19838c2ecf20Sopenharmony_ci * Return the hash of a string of known length. This is carfully 19848c2ecf20Sopenharmony_ci * designed to match hash_name(), which is the more critical function. 19858c2ecf20Sopenharmony_ci * In particular, we must end by hashing a final word containing 0..7 19868c2ecf20Sopenharmony_ci * payload bytes, to match the way that hash_name() iterates until it 19878c2ecf20Sopenharmony_ci * finds the delimiter after the name. 19888c2ecf20Sopenharmony_ci */ 19898c2ecf20Sopenharmony_ciunsigned int full_name_hash(const void *salt, const char *name, unsigned int len) 19908c2ecf20Sopenharmony_ci{ 19918c2ecf20Sopenharmony_ci unsigned long a, x = 0, y = (unsigned long)salt; 19928c2ecf20Sopenharmony_ci 19938c2ecf20Sopenharmony_ci for (;;) { 19948c2ecf20Sopenharmony_ci if (!len) 19958c2ecf20Sopenharmony_ci goto done; 19968c2ecf20Sopenharmony_ci a = load_unaligned_zeropad(name); 19978c2ecf20Sopenharmony_ci if (len < sizeof(unsigned long)) 19988c2ecf20Sopenharmony_ci break; 19998c2ecf20Sopenharmony_ci HASH_MIX(x, y, a); 20008c2ecf20Sopenharmony_ci name += sizeof(unsigned long); 20018c2ecf20Sopenharmony_ci len -= sizeof(unsigned long); 20028c2ecf20Sopenharmony_ci } 20038c2ecf20Sopenharmony_ci x ^= a & bytemask_from_count(len); 20048c2ecf20Sopenharmony_cidone: 20058c2ecf20Sopenharmony_ci return fold_hash(x, y); 20068c2ecf20Sopenharmony_ci} 20078c2ecf20Sopenharmony_ciEXPORT_SYMBOL(full_name_hash); 20088c2ecf20Sopenharmony_ci 20098c2ecf20Sopenharmony_ci/* Return the "hash_len" (hash and length) of a null-terminated string */ 20108c2ecf20Sopenharmony_ciu64 hashlen_string(const void *salt, const char *name) 20118c2ecf20Sopenharmony_ci{ 20128c2ecf20Sopenharmony_ci unsigned long a = 0, x = 0, y = (unsigned long)salt; 20138c2ecf20Sopenharmony_ci unsigned long adata, mask, len; 20148c2ecf20Sopenharmony_ci const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS; 20158c2ecf20Sopenharmony_ci 20168c2ecf20Sopenharmony_ci len = 0; 20178c2ecf20Sopenharmony_ci goto inside; 20188c2ecf20Sopenharmony_ci 20198c2ecf20Sopenharmony_ci do { 20208c2ecf20Sopenharmony_ci HASH_MIX(x, y, a); 20218c2ecf20Sopenharmony_ci len += sizeof(unsigned long); 20228c2ecf20Sopenharmony_ciinside: 20238c2ecf20Sopenharmony_ci a = load_unaligned_zeropad(name+len); 20248c2ecf20Sopenharmony_ci } while (!has_zero(a, &adata, &constants)); 20258c2ecf20Sopenharmony_ci 20268c2ecf20Sopenharmony_ci adata = prep_zero_mask(a, adata, &constants); 20278c2ecf20Sopenharmony_ci mask = create_zero_mask(adata); 20288c2ecf20Sopenharmony_ci x ^= a & zero_bytemask(mask); 20298c2ecf20Sopenharmony_ci 20308c2ecf20Sopenharmony_ci return hashlen_create(fold_hash(x, y), len + find_zero(mask)); 20318c2ecf20Sopenharmony_ci} 20328c2ecf20Sopenharmony_ciEXPORT_SYMBOL(hashlen_string); 20338c2ecf20Sopenharmony_ci 20348c2ecf20Sopenharmony_ci/* 20358c2ecf20Sopenharmony_ci * Calculate the length and hash of the path component, and 20368c2ecf20Sopenharmony_ci * return the "hash_len" as the result. 20378c2ecf20Sopenharmony_ci */ 20388c2ecf20Sopenharmony_cistatic inline u64 hash_name(const void *salt, const char *name) 20398c2ecf20Sopenharmony_ci{ 20408c2ecf20Sopenharmony_ci unsigned long a = 0, b, x = 0, y = (unsigned long)salt; 20418c2ecf20Sopenharmony_ci unsigned long adata, bdata, mask, len; 20428c2ecf20Sopenharmony_ci const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS; 20438c2ecf20Sopenharmony_ci 20448c2ecf20Sopenharmony_ci len = 0; 20458c2ecf20Sopenharmony_ci goto inside; 20468c2ecf20Sopenharmony_ci 20478c2ecf20Sopenharmony_ci do { 20488c2ecf20Sopenharmony_ci HASH_MIX(x, y, a); 20498c2ecf20Sopenharmony_ci len += sizeof(unsigned long); 20508c2ecf20Sopenharmony_ciinside: 20518c2ecf20Sopenharmony_ci a = load_unaligned_zeropad(name+len); 20528c2ecf20Sopenharmony_ci b = a ^ REPEAT_BYTE('/'); 20538c2ecf20Sopenharmony_ci } while (!(has_zero(a, &adata, &constants) | has_zero(b, &bdata, &constants))); 20548c2ecf20Sopenharmony_ci 20558c2ecf20Sopenharmony_ci adata = prep_zero_mask(a, adata, &constants); 20568c2ecf20Sopenharmony_ci bdata = prep_zero_mask(b, bdata, &constants); 20578c2ecf20Sopenharmony_ci mask = create_zero_mask(adata | bdata); 20588c2ecf20Sopenharmony_ci x ^= a & zero_bytemask(mask); 20598c2ecf20Sopenharmony_ci 20608c2ecf20Sopenharmony_ci return hashlen_create(fold_hash(x, y), len + find_zero(mask)); 20618c2ecf20Sopenharmony_ci} 20628c2ecf20Sopenharmony_ci 20638c2ecf20Sopenharmony_ci#else /* !CONFIG_DCACHE_WORD_ACCESS: Slow, byte-at-a-time version */ 20648c2ecf20Sopenharmony_ci 20658c2ecf20Sopenharmony_ci/* Return the hash of a string of known length */ 20668c2ecf20Sopenharmony_ciunsigned int full_name_hash(const void *salt, const char *name, unsigned int len) 20678c2ecf20Sopenharmony_ci{ 20688c2ecf20Sopenharmony_ci unsigned long hash = init_name_hash(salt); 20698c2ecf20Sopenharmony_ci while (len--) 20708c2ecf20Sopenharmony_ci hash = partial_name_hash((unsigned char)*name++, hash); 20718c2ecf20Sopenharmony_ci return end_name_hash(hash); 20728c2ecf20Sopenharmony_ci} 20738c2ecf20Sopenharmony_ciEXPORT_SYMBOL(full_name_hash); 20748c2ecf20Sopenharmony_ci 20758c2ecf20Sopenharmony_ci/* Return the "hash_len" (hash and length) of a null-terminated string */ 20768c2ecf20Sopenharmony_ciu64 hashlen_string(const void *salt, const char *name) 20778c2ecf20Sopenharmony_ci{ 20788c2ecf20Sopenharmony_ci unsigned long hash = init_name_hash(salt); 20798c2ecf20Sopenharmony_ci unsigned long len = 0, c; 20808c2ecf20Sopenharmony_ci 20818c2ecf20Sopenharmony_ci c = (unsigned char)*name; 20828c2ecf20Sopenharmony_ci while (c) { 20838c2ecf20Sopenharmony_ci len++; 20848c2ecf20Sopenharmony_ci hash = partial_name_hash(c, hash); 20858c2ecf20Sopenharmony_ci c = (unsigned char)name[len]; 20868c2ecf20Sopenharmony_ci } 20878c2ecf20Sopenharmony_ci return hashlen_create(end_name_hash(hash), len); 20888c2ecf20Sopenharmony_ci} 20898c2ecf20Sopenharmony_ciEXPORT_SYMBOL(hashlen_string); 20908c2ecf20Sopenharmony_ci 20918c2ecf20Sopenharmony_ci/* 20928c2ecf20Sopenharmony_ci * We know there's a real path component here of at least 20938c2ecf20Sopenharmony_ci * one character. 20948c2ecf20Sopenharmony_ci */ 20958c2ecf20Sopenharmony_cistatic inline u64 hash_name(const void *salt, const char *name) 20968c2ecf20Sopenharmony_ci{ 20978c2ecf20Sopenharmony_ci unsigned long hash = init_name_hash(salt); 20988c2ecf20Sopenharmony_ci unsigned long len = 0, c; 20998c2ecf20Sopenharmony_ci 21008c2ecf20Sopenharmony_ci c = (unsigned char)*name; 21018c2ecf20Sopenharmony_ci do { 21028c2ecf20Sopenharmony_ci len++; 21038c2ecf20Sopenharmony_ci hash = partial_name_hash(c, hash); 21048c2ecf20Sopenharmony_ci c = (unsigned char)name[len]; 21058c2ecf20Sopenharmony_ci } while (c && c != '/'); 21068c2ecf20Sopenharmony_ci return hashlen_create(end_name_hash(hash), len); 21078c2ecf20Sopenharmony_ci} 21088c2ecf20Sopenharmony_ci 21098c2ecf20Sopenharmony_ci#endif 21108c2ecf20Sopenharmony_ci 21118c2ecf20Sopenharmony_ci/* 21128c2ecf20Sopenharmony_ci * Name resolution. 21138c2ecf20Sopenharmony_ci * This is the basic name resolution function, turning a pathname into 21148c2ecf20Sopenharmony_ci * the final dentry. We expect 'base' to be positive and a directory. 21158c2ecf20Sopenharmony_ci * 21168c2ecf20Sopenharmony_ci * Returns 0 and nd will have valid dentry and mnt on success. 21178c2ecf20Sopenharmony_ci * Returns error and drops reference to input namei data on failure. 21188c2ecf20Sopenharmony_ci */ 21198c2ecf20Sopenharmony_cistatic int link_path_walk(const char *name, struct nameidata *nd) 21208c2ecf20Sopenharmony_ci{ 21218c2ecf20Sopenharmony_ci int depth = 0; // depth <= nd->depth 21228c2ecf20Sopenharmony_ci int err; 21238c2ecf20Sopenharmony_ci 21248c2ecf20Sopenharmony_ci nd->last_type = LAST_ROOT; 21258c2ecf20Sopenharmony_ci nd->flags |= LOOKUP_PARENT; 21268c2ecf20Sopenharmony_ci if (IS_ERR(name)) 21278c2ecf20Sopenharmony_ci return PTR_ERR(name); 21288c2ecf20Sopenharmony_ci while (*name=='/') 21298c2ecf20Sopenharmony_ci name++; 21308c2ecf20Sopenharmony_ci if (!*name) 21318c2ecf20Sopenharmony_ci return 0; 21328c2ecf20Sopenharmony_ci 21338c2ecf20Sopenharmony_ci /* At this point we know we have a real path component. */ 21348c2ecf20Sopenharmony_ci for(;;) { 21358c2ecf20Sopenharmony_ci const char *link; 21368c2ecf20Sopenharmony_ci u64 hash_len; 21378c2ecf20Sopenharmony_ci int type; 21388c2ecf20Sopenharmony_ci 21398c2ecf20Sopenharmony_ci err = may_lookup(nd); 21408c2ecf20Sopenharmony_ci if (err) 21418c2ecf20Sopenharmony_ci return err; 21428c2ecf20Sopenharmony_ci 21438c2ecf20Sopenharmony_ci hash_len = hash_name(nd->path.dentry, name); 21448c2ecf20Sopenharmony_ci 21458c2ecf20Sopenharmony_ci type = LAST_NORM; 21468c2ecf20Sopenharmony_ci if (name[0] == '.') switch (hashlen_len(hash_len)) { 21478c2ecf20Sopenharmony_ci case 2: 21488c2ecf20Sopenharmony_ci if (name[1] == '.') { 21498c2ecf20Sopenharmony_ci type = LAST_DOTDOT; 21508c2ecf20Sopenharmony_ci nd->state |= ND_JUMPED; 21518c2ecf20Sopenharmony_ci } 21528c2ecf20Sopenharmony_ci break; 21538c2ecf20Sopenharmony_ci case 1: 21548c2ecf20Sopenharmony_ci type = LAST_DOT; 21558c2ecf20Sopenharmony_ci } 21568c2ecf20Sopenharmony_ci if (likely(type == LAST_NORM)) { 21578c2ecf20Sopenharmony_ci struct dentry *parent = nd->path.dentry; 21588c2ecf20Sopenharmony_ci nd->state &= ~ND_JUMPED; 21598c2ecf20Sopenharmony_ci if (unlikely(parent->d_flags & DCACHE_OP_HASH)) { 21608c2ecf20Sopenharmony_ci struct qstr this = { { .hash_len = hash_len }, .name = name }; 21618c2ecf20Sopenharmony_ci err = parent->d_op->d_hash(parent, &this); 21628c2ecf20Sopenharmony_ci if (err < 0) 21638c2ecf20Sopenharmony_ci return err; 21648c2ecf20Sopenharmony_ci hash_len = this.hash_len; 21658c2ecf20Sopenharmony_ci name = this.name; 21668c2ecf20Sopenharmony_ci } 21678c2ecf20Sopenharmony_ci } 21688c2ecf20Sopenharmony_ci 21698c2ecf20Sopenharmony_ci nd->last.hash_len = hash_len; 21708c2ecf20Sopenharmony_ci nd->last.name = name; 21718c2ecf20Sopenharmony_ci nd->last_type = type; 21728c2ecf20Sopenharmony_ci 21738c2ecf20Sopenharmony_ci name += hashlen_len(hash_len); 21748c2ecf20Sopenharmony_ci if (!*name) 21758c2ecf20Sopenharmony_ci goto OK; 21768c2ecf20Sopenharmony_ci /* 21778c2ecf20Sopenharmony_ci * If it wasn't NUL, we know it was '/'. Skip that 21788c2ecf20Sopenharmony_ci * slash, and continue until no more slashes. 21798c2ecf20Sopenharmony_ci */ 21808c2ecf20Sopenharmony_ci do { 21818c2ecf20Sopenharmony_ci name++; 21828c2ecf20Sopenharmony_ci } while (unlikely(*name == '/')); 21838c2ecf20Sopenharmony_ci if (unlikely(!*name)) { 21848c2ecf20Sopenharmony_ciOK: 21858c2ecf20Sopenharmony_ci /* pathname or trailing symlink, done */ 21868c2ecf20Sopenharmony_ci if (!depth) { 21878c2ecf20Sopenharmony_ci nd->dir_uid = nd->inode->i_uid; 21888c2ecf20Sopenharmony_ci nd->dir_mode = nd->inode->i_mode; 21898c2ecf20Sopenharmony_ci nd->flags &= ~LOOKUP_PARENT; 21908c2ecf20Sopenharmony_ci return 0; 21918c2ecf20Sopenharmony_ci } 21928c2ecf20Sopenharmony_ci /* last component of nested symlink */ 21938c2ecf20Sopenharmony_ci name = nd->stack[--depth].name; 21948c2ecf20Sopenharmony_ci link = walk_component(nd, 0); 21958c2ecf20Sopenharmony_ci } else { 21968c2ecf20Sopenharmony_ci /* not the last component */ 21978c2ecf20Sopenharmony_ci link = walk_component(nd, WALK_MORE); 21988c2ecf20Sopenharmony_ci } 21998c2ecf20Sopenharmony_ci if (unlikely(link)) { 22008c2ecf20Sopenharmony_ci if (IS_ERR(link)) 22018c2ecf20Sopenharmony_ci return PTR_ERR(link); 22028c2ecf20Sopenharmony_ci /* a symlink to follow */ 22038c2ecf20Sopenharmony_ci nd->stack[depth++].name = name; 22048c2ecf20Sopenharmony_ci name = link; 22058c2ecf20Sopenharmony_ci continue; 22068c2ecf20Sopenharmony_ci } 22078c2ecf20Sopenharmony_ci if (unlikely(!d_can_lookup(nd->path.dentry))) { 22088c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 22098c2ecf20Sopenharmony_ci if (!try_to_unlazy(nd)) 22108c2ecf20Sopenharmony_ci return -ECHILD; 22118c2ecf20Sopenharmony_ci } 22128c2ecf20Sopenharmony_ci return -ENOTDIR; 22138c2ecf20Sopenharmony_ci } 22148c2ecf20Sopenharmony_ci } 22158c2ecf20Sopenharmony_ci} 22168c2ecf20Sopenharmony_ci 22178c2ecf20Sopenharmony_ci/* must be paired with terminate_walk() */ 22188c2ecf20Sopenharmony_cistatic const char *path_init(struct nameidata *nd, unsigned flags) 22198c2ecf20Sopenharmony_ci{ 22208c2ecf20Sopenharmony_ci int error; 22218c2ecf20Sopenharmony_ci const char *s = nd->name->name; 22228c2ecf20Sopenharmony_ci 22238c2ecf20Sopenharmony_ci /* LOOKUP_CACHED requires RCU, ask caller to retry */ 22248c2ecf20Sopenharmony_ci if ((flags & (LOOKUP_RCU | LOOKUP_CACHED)) == LOOKUP_CACHED) 22258c2ecf20Sopenharmony_ci return ERR_PTR(-EAGAIN); 22268c2ecf20Sopenharmony_ci 22278c2ecf20Sopenharmony_ci if (!*s) 22288c2ecf20Sopenharmony_ci flags &= ~LOOKUP_RCU; 22298c2ecf20Sopenharmony_ci if (flags & LOOKUP_RCU) 22308c2ecf20Sopenharmony_ci rcu_read_lock(); 22318c2ecf20Sopenharmony_ci 22328c2ecf20Sopenharmony_ci nd->flags = flags; 22338c2ecf20Sopenharmony_ci nd->state |= ND_JUMPED; 22348c2ecf20Sopenharmony_ci nd->depth = 0; 22358c2ecf20Sopenharmony_ci 22368c2ecf20Sopenharmony_ci nd->m_seq = __read_seqcount_begin(&mount_lock.seqcount); 22378c2ecf20Sopenharmony_ci nd->r_seq = __read_seqcount_begin(&rename_lock.seqcount); 22388c2ecf20Sopenharmony_ci smp_rmb(); 22398c2ecf20Sopenharmony_ci 22408c2ecf20Sopenharmony_ci if (nd->state & ND_ROOT_PRESET) { 22418c2ecf20Sopenharmony_ci struct dentry *root = nd->root.dentry; 22428c2ecf20Sopenharmony_ci struct inode *inode = root->d_inode; 22438c2ecf20Sopenharmony_ci if (*s && unlikely(!d_can_lookup(root))) 22448c2ecf20Sopenharmony_ci return ERR_PTR(-ENOTDIR); 22458c2ecf20Sopenharmony_ci nd->path = nd->root; 22468c2ecf20Sopenharmony_ci nd->inode = inode; 22478c2ecf20Sopenharmony_ci if (flags & LOOKUP_RCU) { 22488c2ecf20Sopenharmony_ci nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); 22498c2ecf20Sopenharmony_ci nd->root_seq = nd->seq; 22508c2ecf20Sopenharmony_ci } else { 22518c2ecf20Sopenharmony_ci path_get(&nd->path); 22528c2ecf20Sopenharmony_ci } 22538c2ecf20Sopenharmony_ci return s; 22548c2ecf20Sopenharmony_ci } 22558c2ecf20Sopenharmony_ci 22568c2ecf20Sopenharmony_ci nd->root.mnt = NULL; 22578c2ecf20Sopenharmony_ci 22588c2ecf20Sopenharmony_ci /* Absolute pathname -- fetch the root (LOOKUP_IN_ROOT uses nd->dfd). */ 22598c2ecf20Sopenharmony_ci if (*s == '/' && !(flags & LOOKUP_IN_ROOT)) { 22608c2ecf20Sopenharmony_ci error = nd_jump_root(nd); 22618c2ecf20Sopenharmony_ci if (unlikely(error)) 22628c2ecf20Sopenharmony_ci return ERR_PTR(error); 22638c2ecf20Sopenharmony_ci return s; 22648c2ecf20Sopenharmony_ci } 22658c2ecf20Sopenharmony_ci 22668c2ecf20Sopenharmony_ci /* Relative pathname -- get the starting-point it is relative to. */ 22678c2ecf20Sopenharmony_ci if (nd->dfd == AT_FDCWD) { 22688c2ecf20Sopenharmony_ci if (flags & LOOKUP_RCU) { 22698c2ecf20Sopenharmony_ci struct fs_struct *fs = current->fs; 22708c2ecf20Sopenharmony_ci unsigned seq; 22718c2ecf20Sopenharmony_ci 22728c2ecf20Sopenharmony_ci do { 22738c2ecf20Sopenharmony_ci seq = read_seqcount_begin(&fs->seq); 22748c2ecf20Sopenharmony_ci nd->path = fs->pwd; 22758c2ecf20Sopenharmony_ci nd->inode = nd->path.dentry->d_inode; 22768c2ecf20Sopenharmony_ci nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 22778c2ecf20Sopenharmony_ci } while (read_seqcount_retry(&fs->seq, seq)); 22788c2ecf20Sopenharmony_ci } else { 22798c2ecf20Sopenharmony_ci get_fs_pwd(current->fs, &nd->path); 22808c2ecf20Sopenharmony_ci nd->inode = nd->path.dentry->d_inode; 22818c2ecf20Sopenharmony_ci } 22828c2ecf20Sopenharmony_ci } else { 22838c2ecf20Sopenharmony_ci /* Caller must check execute permissions on the starting path component */ 22848c2ecf20Sopenharmony_ci struct fd f = fdget_raw(nd->dfd); 22858c2ecf20Sopenharmony_ci struct dentry *dentry; 22868c2ecf20Sopenharmony_ci 22878c2ecf20Sopenharmony_ci if (!f.file) 22888c2ecf20Sopenharmony_ci return ERR_PTR(-EBADF); 22898c2ecf20Sopenharmony_ci 22908c2ecf20Sopenharmony_ci dentry = f.file->f_path.dentry; 22918c2ecf20Sopenharmony_ci 22928c2ecf20Sopenharmony_ci if (*s && unlikely(!d_can_lookup(dentry))) { 22938c2ecf20Sopenharmony_ci fdput(f); 22948c2ecf20Sopenharmony_ci return ERR_PTR(-ENOTDIR); 22958c2ecf20Sopenharmony_ci } 22968c2ecf20Sopenharmony_ci 22978c2ecf20Sopenharmony_ci nd->path = f.file->f_path; 22988c2ecf20Sopenharmony_ci if (flags & LOOKUP_RCU) { 22998c2ecf20Sopenharmony_ci nd->inode = nd->path.dentry->d_inode; 23008c2ecf20Sopenharmony_ci nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq); 23018c2ecf20Sopenharmony_ci } else { 23028c2ecf20Sopenharmony_ci path_get(&nd->path); 23038c2ecf20Sopenharmony_ci nd->inode = nd->path.dentry->d_inode; 23048c2ecf20Sopenharmony_ci } 23058c2ecf20Sopenharmony_ci fdput(f); 23068c2ecf20Sopenharmony_ci } 23078c2ecf20Sopenharmony_ci 23088c2ecf20Sopenharmony_ci /* For scoped-lookups we need to set the root to the dirfd as well. */ 23098c2ecf20Sopenharmony_ci if (flags & LOOKUP_IS_SCOPED) { 23108c2ecf20Sopenharmony_ci nd->root = nd->path; 23118c2ecf20Sopenharmony_ci if (flags & LOOKUP_RCU) { 23128c2ecf20Sopenharmony_ci nd->root_seq = nd->seq; 23138c2ecf20Sopenharmony_ci } else { 23148c2ecf20Sopenharmony_ci path_get(&nd->root); 23158c2ecf20Sopenharmony_ci nd->state |= ND_ROOT_GRABBED; 23168c2ecf20Sopenharmony_ci } 23178c2ecf20Sopenharmony_ci } 23188c2ecf20Sopenharmony_ci return s; 23198c2ecf20Sopenharmony_ci} 23208c2ecf20Sopenharmony_ci 23218c2ecf20Sopenharmony_cistatic inline const char *lookup_last(struct nameidata *nd) 23228c2ecf20Sopenharmony_ci{ 23238c2ecf20Sopenharmony_ci if (nd->last_type == LAST_NORM && nd->last.name[nd->last.len]) 23248c2ecf20Sopenharmony_ci nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 23258c2ecf20Sopenharmony_ci 23268c2ecf20Sopenharmony_ci return walk_component(nd, WALK_TRAILING); 23278c2ecf20Sopenharmony_ci} 23288c2ecf20Sopenharmony_ci 23298c2ecf20Sopenharmony_cistatic int handle_lookup_down(struct nameidata *nd) 23308c2ecf20Sopenharmony_ci{ 23318c2ecf20Sopenharmony_ci if (!(nd->flags & LOOKUP_RCU)) 23328c2ecf20Sopenharmony_ci dget(nd->path.dentry); 23338c2ecf20Sopenharmony_ci return PTR_ERR(step_into(nd, WALK_NOFOLLOW, 23348c2ecf20Sopenharmony_ci nd->path.dentry, nd->inode, nd->seq)); 23358c2ecf20Sopenharmony_ci} 23368c2ecf20Sopenharmony_ci 23378c2ecf20Sopenharmony_ci/* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 23388c2ecf20Sopenharmony_cistatic int path_lookupat(struct nameidata *nd, unsigned flags, struct path *path) 23398c2ecf20Sopenharmony_ci{ 23408c2ecf20Sopenharmony_ci const char *s = path_init(nd, flags); 23418c2ecf20Sopenharmony_ci int err; 23428c2ecf20Sopenharmony_ci 23438c2ecf20Sopenharmony_ci if (unlikely(flags & LOOKUP_DOWN) && !IS_ERR(s)) { 23448c2ecf20Sopenharmony_ci err = handle_lookup_down(nd); 23458c2ecf20Sopenharmony_ci if (unlikely(err < 0)) 23468c2ecf20Sopenharmony_ci s = ERR_PTR(err); 23478c2ecf20Sopenharmony_ci } 23488c2ecf20Sopenharmony_ci 23498c2ecf20Sopenharmony_ci while (!(err = link_path_walk(s, nd)) && 23508c2ecf20Sopenharmony_ci (s = lookup_last(nd)) != NULL) 23518c2ecf20Sopenharmony_ci ; 23528c2ecf20Sopenharmony_ci if (!err && unlikely(nd->flags & LOOKUP_MOUNTPOINT)) { 23538c2ecf20Sopenharmony_ci err = handle_lookup_down(nd); 23548c2ecf20Sopenharmony_ci nd->state &= ~ND_JUMPED; // no d_weak_revalidate(), please... 23558c2ecf20Sopenharmony_ci } 23568c2ecf20Sopenharmony_ci if (!err) 23578c2ecf20Sopenharmony_ci err = complete_walk(nd); 23588c2ecf20Sopenharmony_ci 23598c2ecf20Sopenharmony_ci if (!err && nd->flags & LOOKUP_DIRECTORY) 23608c2ecf20Sopenharmony_ci if (!d_can_lookup(nd->path.dentry)) 23618c2ecf20Sopenharmony_ci err = -ENOTDIR; 23628c2ecf20Sopenharmony_ci if (!err) { 23638c2ecf20Sopenharmony_ci *path = nd->path; 23648c2ecf20Sopenharmony_ci nd->path.mnt = NULL; 23658c2ecf20Sopenharmony_ci nd->path.dentry = NULL; 23668c2ecf20Sopenharmony_ci } 23678c2ecf20Sopenharmony_ci terminate_walk(nd); 23688c2ecf20Sopenharmony_ci return err; 23698c2ecf20Sopenharmony_ci} 23708c2ecf20Sopenharmony_ci 23718c2ecf20Sopenharmony_ciint filename_lookup(int dfd, struct filename *name, unsigned flags, 23728c2ecf20Sopenharmony_ci struct path *path, struct path *root) 23738c2ecf20Sopenharmony_ci{ 23748c2ecf20Sopenharmony_ci int retval; 23758c2ecf20Sopenharmony_ci struct nameidata nd; 23768c2ecf20Sopenharmony_ci if (IS_ERR(name)) 23778c2ecf20Sopenharmony_ci return PTR_ERR(name); 23788c2ecf20Sopenharmony_ci set_nameidata(&nd, dfd, name); 23798c2ecf20Sopenharmony_ci if (unlikely(root)) { 23808c2ecf20Sopenharmony_ci nd.root = *root; 23818c2ecf20Sopenharmony_ci nd.state = ND_ROOT_PRESET; 23828c2ecf20Sopenharmony_ci } 23838c2ecf20Sopenharmony_ci retval = path_lookupat(&nd, flags | LOOKUP_RCU, path); 23848c2ecf20Sopenharmony_ci if (unlikely(retval == -ECHILD)) 23858c2ecf20Sopenharmony_ci retval = path_lookupat(&nd, flags, path); 23868c2ecf20Sopenharmony_ci if (unlikely(retval == -ESTALE)) 23878c2ecf20Sopenharmony_ci retval = path_lookupat(&nd, flags | LOOKUP_REVAL, path); 23888c2ecf20Sopenharmony_ci 23898c2ecf20Sopenharmony_ci if (likely(!retval)) 23908c2ecf20Sopenharmony_ci audit_inode(name, path->dentry, 23918c2ecf20Sopenharmony_ci flags & LOOKUP_MOUNTPOINT ? AUDIT_INODE_NOEVAL : 0); 23928c2ecf20Sopenharmony_ci restore_nameidata(); 23938c2ecf20Sopenharmony_ci putname(name); 23948c2ecf20Sopenharmony_ci return retval; 23958c2ecf20Sopenharmony_ci} 23968c2ecf20Sopenharmony_ci 23978c2ecf20Sopenharmony_ci/* Returns 0 and nd will be valid on success; Retuns error, otherwise. */ 23988c2ecf20Sopenharmony_cistatic int path_parentat(struct nameidata *nd, unsigned flags, 23998c2ecf20Sopenharmony_ci struct path *parent) 24008c2ecf20Sopenharmony_ci{ 24018c2ecf20Sopenharmony_ci const char *s = path_init(nd, flags); 24028c2ecf20Sopenharmony_ci int err = link_path_walk(s, nd); 24038c2ecf20Sopenharmony_ci if (!err) 24048c2ecf20Sopenharmony_ci err = complete_walk(nd); 24058c2ecf20Sopenharmony_ci if (!err) { 24068c2ecf20Sopenharmony_ci *parent = nd->path; 24078c2ecf20Sopenharmony_ci nd->path.mnt = NULL; 24088c2ecf20Sopenharmony_ci nd->path.dentry = NULL; 24098c2ecf20Sopenharmony_ci } 24108c2ecf20Sopenharmony_ci terminate_walk(nd); 24118c2ecf20Sopenharmony_ci return err; 24128c2ecf20Sopenharmony_ci} 24138c2ecf20Sopenharmony_ci 24148c2ecf20Sopenharmony_cistatic struct filename *filename_parentat(int dfd, struct filename *name, 24158c2ecf20Sopenharmony_ci unsigned int flags, struct path *parent, 24168c2ecf20Sopenharmony_ci struct qstr *last, int *type) 24178c2ecf20Sopenharmony_ci{ 24188c2ecf20Sopenharmony_ci int retval; 24198c2ecf20Sopenharmony_ci struct nameidata nd; 24208c2ecf20Sopenharmony_ci 24218c2ecf20Sopenharmony_ci if (IS_ERR(name)) 24228c2ecf20Sopenharmony_ci return name; 24238c2ecf20Sopenharmony_ci set_nameidata(&nd, dfd, name); 24248c2ecf20Sopenharmony_ci retval = path_parentat(&nd, flags | LOOKUP_RCU, parent); 24258c2ecf20Sopenharmony_ci if (unlikely(retval == -ECHILD)) 24268c2ecf20Sopenharmony_ci retval = path_parentat(&nd, flags, parent); 24278c2ecf20Sopenharmony_ci if (unlikely(retval == -ESTALE)) 24288c2ecf20Sopenharmony_ci retval = path_parentat(&nd, flags | LOOKUP_REVAL, parent); 24298c2ecf20Sopenharmony_ci if (likely(!retval)) { 24308c2ecf20Sopenharmony_ci *last = nd.last; 24318c2ecf20Sopenharmony_ci *type = nd.last_type; 24328c2ecf20Sopenharmony_ci audit_inode(name, parent->dentry, AUDIT_INODE_PARENT); 24338c2ecf20Sopenharmony_ci } else { 24348c2ecf20Sopenharmony_ci putname(name); 24358c2ecf20Sopenharmony_ci name = ERR_PTR(retval); 24368c2ecf20Sopenharmony_ci } 24378c2ecf20Sopenharmony_ci restore_nameidata(); 24388c2ecf20Sopenharmony_ci return name; 24398c2ecf20Sopenharmony_ci} 24408c2ecf20Sopenharmony_ci 24418c2ecf20Sopenharmony_ci/* does lookup, returns the object with parent locked */ 24428c2ecf20Sopenharmony_cistruct dentry *kern_path_locked(const char *name, struct path *path) 24438c2ecf20Sopenharmony_ci{ 24448c2ecf20Sopenharmony_ci struct filename *filename; 24458c2ecf20Sopenharmony_ci struct dentry *d; 24468c2ecf20Sopenharmony_ci struct qstr last; 24478c2ecf20Sopenharmony_ci int type; 24488c2ecf20Sopenharmony_ci 24498c2ecf20Sopenharmony_ci filename = filename_parentat(AT_FDCWD, getname_kernel(name), 0, path, 24508c2ecf20Sopenharmony_ci &last, &type); 24518c2ecf20Sopenharmony_ci if (IS_ERR(filename)) 24528c2ecf20Sopenharmony_ci return ERR_CAST(filename); 24538c2ecf20Sopenharmony_ci if (unlikely(type != LAST_NORM)) { 24548c2ecf20Sopenharmony_ci path_put(path); 24558c2ecf20Sopenharmony_ci putname(filename); 24568c2ecf20Sopenharmony_ci return ERR_PTR(-EINVAL); 24578c2ecf20Sopenharmony_ci } 24588c2ecf20Sopenharmony_ci inode_lock_nested(path->dentry->d_inode, I_MUTEX_PARENT); 24598c2ecf20Sopenharmony_ci d = __lookup_hash(&last, path->dentry, 0); 24608c2ecf20Sopenharmony_ci if (IS_ERR(d)) { 24618c2ecf20Sopenharmony_ci inode_unlock(path->dentry->d_inode); 24628c2ecf20Sopenharmony_ci path_put(path); 24638c2ecf20Sopenharmony_ci } 24648c2ecf20Sopenharmony_ci putname(filename); 24658c2ecf20Sopenharmony_ci return d; 24668c2ecf20Sopenharmony_ci} 24678c2ecf20Sopenharmony_ci 24688c2ecf20Sopenharmony_ciint kern_path(const char *name, unsigned int flags, struct path *path) 24698c2ecf20Sopenharmony_ci{ 24708c2ecf20Sopenharmony_ci return filename_lookup(AT_FDCWD, getname_kernel(name), 24718c2ecf20Sopenharmony_ci flags, path, NULL); 24728c2ecf20Sopenharmony_ci} 24738c2ecf20Sopenharmony_ciEXPORT_SYMBOL(kern_path); 24748c2ecf20Sopenharmony_ci 24758c2ecf20Sopenharmony_ci/** 24768c2ecf20Sopenharmony_ci * vfs_path_lookup - lookup a file path relative to a dentry-vfsmount pair 24778c2ecf20Sopenharmony_ci * @dentry: pointer to dentry of the base directory 24788c2ecf20Sopenharmony_ci * @mnt: pointer to vfs mount of the base directory 24798c2ecf20Sopenharmony_ci * @name: pointer to file name 24808c2ecf20Sopenharmony_ci * @flags: lookup flags 24818c2ecf20Sopenharmony_ci * @path: pointer to struct path to fill 24828c2ecf20Sopenharmony_ci */ 24838c2ecf20Sopenharmony_ciint vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt, 24848c2ecf20Sopenharmony_ci const char *name, unsigned int flags, 24858c2ecf20Sopenharmony_ci struct path *path) 24868c2ecf20Sopenharmony_ci{ 24878c2ecf20Sopenharmony_ci struct path root = {.mnt = mnt, .dentry = dentry}; 24888c2ecf20Sopenharmony_ci /* the first argument of filename_lookup() is ignored with root */ 24898c2ecf20Sopenharmony_ci return filename_lookup(AT_FDCWD, getname_kernel(name), 24908c2ecf20Sopenharmony_ci flags , path, &root); 24918c2ecf20Sopenharmony_ci} 24928c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_path_lookup); 24938c2ecf20Sopenharmony_ci 24948c2ecf20Sopenharmony_cistatic int lookup_one_len_common(const char *name, struct dentry *base, 24958c2ecf20Sopenharmony_ci int len, struct qstr *this) 24968c2ecf20Sopenharmony_ci{ 24978c2ecf20Sopenharmony_ci this->name = name; 24988c2ecf20Sopenharmony_ci this->len = len; 24998c2ecf20Sopenharmony_ci this->hash = full_name_hash(base, name, len); 25008c2ecf20Sopenharmony_ci if (!len) 25018c2ecf20Sopenharmony_ci return -EACCES; 25028c2ecf20Sopenharmony_ci 25038c2ecf20Sopenharmony_ci if (unlikely(name[0] == '.')) { 25048c2ecf20Sopenharmony_ci if (len < 2 || (len == 2 && name[1] == '.')) 25058c2ecf20Sopenharmony_ci return -EACCES; 25068c2ecf20Sopenharmony_ci } 25078c2ecf20Sopenharmony_ci 25088c2ecf20Sopenharmony_ci while (len--) { 25098c2ecf20Sopenharmony_ci unsigned int c = *(const unsigned char *)name++; 25108c2ecf20Sopenharmony_ci if (c == '/' || c == '\0') 25118c2ecf20Sopenharmony_ci return -EACCES; 25128c2ecf20Sopenharmony_ci } 25138c2ecf20Sopenharmony_ci /* 25148c2ecf20Sopenharmony_ci * See if the low-level filesystem might want 25158c2ecf20Sopenharmony_ci * to use its own hash.. 25168c2ecf20Sopenharmony_ci */ 25178c2ecf20Sopenharmony_ci if (base->d_flags & DCACHE_OP_HASH) { 25188c2ecf20Sopenharmony_ci int err = base->d_op->d_hash(base, this); 25198c2ecf20Sopenharmony_ci if (err < 0) 25208c2ecf20Sopenharmony_ci return err; 25218c2ecf20Sopenharmony_ci } 25228c2ecf20Sopenharmony_ci 25238c2ecf20Sopenharmony_ci return inode_permission(base->d_inode, MAY_EXEC); 25248c2ecf20Sopenharmony_ci} 25258c2ecf20Sopenharmony_ci 25268c2ecf20Sopenharmony_ci/** 25278c2ecf20Sopenharmony_ci * try_lookup_one_len - filesystem helper to lookup single pathname component 25288c2ecf20Sopenharmony_ci * @name: pathname component to lookup 25298c2ecf20Sopenharmony_ci * @base: base directory to lookup from 25308c2ecf20Sopenharmony_ci * @len: maximum length @len should be interpreted to 25318c2ecf20Sopenharmony_ci * 25328c2ecf20Sopenharmony_ci * Look up a dentry by name in the dcache, returning NULL if it does not 25338c2ecf20Sopenharmony_ci * currently exist. The function does not try to create a dentry. 25348c2ecf20Sopenharmony_ci * 25358c2ecf20Sopenharmony_ci * Note that this routine is purely a helper for filesystem usage and should 25368c2ecf20Sopenharmony_ci * not be called by generic code. 25378c2ecf20Sopenharmony_ci * 25388c2ecf20Sopenharmony_ci * The caller must hold base->i_mutex. 25398c2ecf20Sopenharmony_ci */ 25408c2ecf20Sopenharmony_cistruct dentry *try_lookup_one_len(const char *name, struct dentry *base, int len) 25418c2ecf20Sopenharmony_ci{ 25428c2ecf20Sopenharmony_ci struct qstr this; 25438c2ecf20Sopenharmony_ci int err; 25448c2ecf20Sopenharmony_ci 25458c2ecf20Sopenharmony_ci WARN_ON_ONCE(!inode_is_locked(base->d_inode)); 25468c2ecf20Sopenharmony_ci 25478c2ecf20Sopenharmony_ci err = lookup_one_len_common(name, base, len, &this); 25488c2ecf20Sopenharmony_ci if (err) 25498c2ecf20Sopenharmony_ci return ERR_PTR(err); 25508c2ecf20Sopenharmony_ci 25518c2ecf20Sopenharmony_ci return lookup_dcache(&this, base, 0); 25528c2ecf20Sopenharmony_ci} 25538c2ecf20Sopenharmony_ciEXPORT_SYMBOL(try_lookup_one_len); 25548c2ecf20Sopenharmony_ci 25558c2ecf20Sopenharmony_ci/** 25568c2ecf20Sopenharmony_ci * lookup_one_len - filesystem helper to lookup single pathname component 25578c2ecf20Sopenharmony_ci * @name: pathname component to lookup 25588c2ecf20Sopenharmony_ci * @base: base directory to lookup from 25598c2ecf20Sopenharmony_ci * @len: maximum length @len should be interpreted to 25608c2ecf20Sopenharmony_ci * 25618c2ecf20Sopenharmony_ci * Note that this routine is purely a helper for filesystem usage and should 25628c2ecf20Sopenharmony_ci * not be called by generic code. 25638c2ecf20Sopenharmony_ci * 25648c2ecf20Sopenharmony_ci * The caller must hold base->i_mutex. 25658c2ecf20Sopenharmony_ci */ 25668c2ecf20Sopenharmony_cistruct dentry *lookup_one_len(const char *name, struct dentry *base, int len) 25678c2ecf20Sopenharmony_ci{ 25688c2ecf20Sopenharmony_ci struct dentry *dentry; 25698c2ecf20Sopenharmony_ci struct qstr this; 25708c2ecf20Sopenharmony_ci int err; 25718c2ecf20Sopenharmony_ci 25728c2ecf20Sopenharmony_ci WARN_ON_ONCE(!inode_is_locked(base->d_inode)); 25738c2ecf20Sopenharmony_ci 25748c2ecf20Sopenharmony_ci err = lookup_one_len_common(name, base, len, &this); 25758c2ecf20Sopenharmony_ci if (err) 25768c2ecf20Sopenharmony_ci return ERR_PTR(err); 25778c2ecf20Sopenharmony_ci 25788c2ecf20Sopenharmony_ci dentry = lookup_dcache(&this, base, 0); 25798c2ecf20Sopenharmony_ci return dentry ? dentry : __lookup_slow(&this, base, 0); 25808c2ecf20Sopenharmony_ci} 25818c2ecf20Sopenharmony_ciEXPORT_SYMBOL(lookup_one_len); 25828c2ecf20Sopenharmony_ci 25838c2ecf20Sopenharmony_ci/** 25848c2ecf20Sopenharmony_ci * lookup_one_len_unlocked - filesystem helper to lookup single pathname component 25858c2ecf20Sopenharmony_ci * @name: pathname component to lookup 25868c2ecf20Sopenharmony_ci * @base: base directory to lookup from 25878c2ecf20Sopenharmony_ci * @len: maximum length @len should be interpreted to 25888c2ecf20Sopenharmony_ci * 25898c2ecf20Sopenharmony_ci * Note that this routine is purely a helper for filesystem usage and should 25908c2ecf20Sopenharmony_ci * not be called by generic code. 25918c2ecf20Sopenharmony_ci * 25928c2ecf20Sopenharmony_ci * Unlike lookup_one_len, it should be called without the parent 25938c2ecf20Sopenharmony_ci * i_mutex held, and will take the i_mutex itself if necessary. 25948c2ecf20Sopenharmony_ci */ 25958c2ecf20Sopenharmony_cistruct dentry *lookup_one_len_unlocked(const char *name, 25968c2ecf20Sopenharmony_ci struct dentry *base, int len) 25978c2ecf20Sopenharmony_ci{ 25988c2ecf20Sopenharmony_ci struct qstr this; 25998c2ecf20Sopenharmony_ci int err; 26008c2ecf20Sopenharmony_ci struct dentry *ret; 26018c2ecf20Sopenharmony_ci 26028c2ecf20Sopenharmony_ci err = lookup_one_len_common(name, base, len, &this); 26038c2ecf20Sopenharmony_ci if (err) 26048c2ecf20Sopenharmony_ci return ERR_PTR(err); 26058c2ecf20Sopenharmony_ci 26068c2ecf20Sopenharmony_ci ret = lookup_dcache(&this, base, 0); 26078c2ecf20Sopenharmony_ci if (!ret) 26088c2ecf20Sopenharmony_ci ret = lookup_slow(&this, base, 0); 26098c2ecf20Sopenharmony_ci return ret; 26108c2ecf20Sopenharmony_ci} 26118c2ecf20Sopenharmony_ciEXPORT_SYMBOL(lookup_one_len_unlocked); 26128c2ecf20Sopenharmony_ci 26138c2ecf20Sopenharmony_ci/* 26148c2ecf20Sopenharmony_ci * Like lookup_one_len_unlocked(), except that it yields ERR_PTR(-ENOENT) 26158c2ecf20Sopenharmony_ci * on negatives. Returns known positive or ERR_PTR(); that's what 26168c2ecf20Sopenharmony_ci * most of the users want. Note that pinned negative with unlocked parent 26178c2ecf20Sopenharmony_ci * _can_ become positive at any time, so callers of lookup_one_len_unlocked() 26188c2ecf20Sopenharmony_ci * need to be very careful; pinned positives have ->d_inode stable, so 26198c2ecf20Sopenharmony_ci * this one avoids such problems. 26208c2ecf20Sopenharmony_ci */ 26218c2ecf20Sopenharmony_cistruct dentry *lookup_positive_unlocked(const char *name, 26228c2ecf20Sopenharmony_ci struct dentry *base, int len) 26238c2ecf20Sopenharmony_ci{ 26248c2ecf20Sopenharmony_ci struct dentry *ret = lookup_one_len_unlocked(name, base, len); 26258c2ecf20Sopenharmony_ci if (!IS_ERR(ret) && d_flags_negative(smp_load_acquire(&ret->d_flags))) { 26268c2ecf20Sopenharmony_ci dput(ret); 26278c2ecf20Sopenharmony_ci ret = ERR_PTR(-ENOENT); 26288c2ecf20Sopenharmony_ci } 26298c2ecf20Sopenharmony_ci return ret; 26308c2ecf20Sopenharmony_ci} 26318c2ecf20Sopenharmony_ciEXPORT_SYMBOL(lookup_positive_unlocked); 26328c2ecf20Sopenharmony_ci 26338c2ecf20Sopenharmony_ci#ifdef CONFIG_UNIX98_PTYS 26348c2ecf20Sopenharmony_ciint path_pts(struct path *path) 26358c2ecf20Sopenharmony_ci{ 26368c2ecf20Sopenharmony_ci /* Find something mounted on "pts" in the same directory as 26378c2ecf20Sopenharmony_ci * the input path. 26388c2ecf20Sopenharmony_ci */ 26398c2ecf20Sopenharmony_ci struct dentry *parent = dget_parent(path->dentry); 26408c2ecf20Sopenharmony_ci struct dentry *child; 26418c2ecf20Sopenharmony_ci struct qstr this = QSTR_INIT("pts", 3); 26428c2ecf20Sopenharmony_ci 26438c2ecf20Sopenharmony_ci if (unlikely(!path_connected(path->mnt, parent))) { 26448c2ecf20Sopenharmony_ci dput(parent); 26458c2ecf20Sopenharmony_ci return -ENOENT; 26468c2ecf20Sopenharmony_ci } 26478c2ecf20Sopenharmony_ci dput(path->dentry); 26488c2ecf20Sopenharmony_ci path->dentry = parent; 26498c2ecf20Sopenharmony_ci child = d_hash_and_lookup(parent, &this); 26508c2ecf20Sopenharmony_ci if (IS_ERR_OR_NULL(child)) 26518c2ecf20Sopenharmony_ci return -ENOENT; 26528c2ecf20Sopenharmony_ci 26538c2ecf20Sopenharmony_ci path->dentry = child; 26548c2ecf20Sopenharmony_ci dput(parent); 26558c2ecf20Sopenharmony_ci follow_down(path); 26568c2ecf20Sopenharmony_ci return 0; 26578c2ecf20Sopenharmony_ci} 26588c2ecf20Sopenharmony_ci#endif 26598c2ecf20Sopenharmony_ci 26608c2ecf20Sopenharmony_ciint user_path_at_empty(int dfd, const char __user *name, unsigned flags, 26618c2ecf20Sopenharmony_ci struct path *path, int *empty) 26628c2ecf20Sopenharmony_ci{ 26638c2ecf20Sopenharmony_ci return filename_lookup(dfd, getname_flags(name, flags, empty), 26648c2ecf20Sopenharmony_ci flags, path, NULL); 26658c2ecf20Sopenharmony_ci} 26668c2ecf20Sopenharmony_ciEXPORT_SYMBOL(user_path_at_empty); 26678c2ecf20Sopenharmony_ci 26688c2ecf20Sopenharmony_ciint __check_sticky(struct inode *dir, struct inode *inode) 26698c2ecf20Sopenharmony_ci{ 26708c2ecf20Sopenharmony_ci kuid_t fsuid = current_fsuid(); 26718c2ecf20Sopenharmony_ci 26728c2ecf20Sopenharmony_ci if (uid_eq(inode->i_uid, fsuid)) 26738c2ecf20Sopenharmony_ci return 0; 26748c2ecf20Sopenharmony_ci if (uid_eq(dir->i_uid, fsuid)) 26758c2ecf20Sopenharmony_ci return 0; 26768c2ecf20Sopenharmony_ci return !capable_wrt_inode_uidgid(inode, CAP_FOWNER); 26778c2ecf20Sopenharmony_ci} 26788c2ecf20Sopenharmony_ciEXPORT_SYMBOL(__check_sticky); 26798c2ecf20Sopenharmony_ci 26808c2ecf20Sopenharmony_ci/* 26818c2ecf20Sopenharmony_ci * Check whether we can remove a link victim from directory dir, check 26828c2ecf20Sopenharmony_ci * whether the type of victim is right. 26838c2ecf20Sopenharmony_ci * 1. We can't do it if dir is read-only (done in permission()) 26848c2ecf20Sopenharmony_ci * 2. We should have write and exec permissions on dir 26858c2ecf20Sopenharmony_ci * 3. We can't remove anything from append-only dir 26868c2ecf20Sopenharmony_ci * 4. We can't do anything with immutable dir (done in permission()) 26878c2ecf20Sopenharmony_ci * 5. If the sticky bit on dir is set we should either 26888c2ecf20Sopenharmony_ci * a. be owner of dir, or 26898c2ecf20Sopenharmony_ci * b. be owner of victim, or 26908c2ecf20Sopenharmony_ci * c. have CAP_FOWNER capability 26918c2ecf20Sopenharmony_ci * 6. If the victim is append-only or immutable we can't do antyhing with 26928c2ecf20Sopenharmony_ci * links pointing to it. 26938c2ecf20Sopenharmony_ci * 7. If the victim has an unknown uid or gid we can't change the inode. 26948c2ecf20Sopenharmony_ci * 8. If we were asked to remove a directory and victim isn't one - ENOTDIR. 26958c2ecf20Sopenharmony_ci * 9. If we were asked to remove a non-directory and victim isn't one - EISDIR. 26968c2ecf20Sopenharmony_ci * 10. We can't remove a root or mountpoint. 26978c2ecf20Sopenharmony_ci * 11. We don't allow removal of NFS sillyrenamed files; it's handled by 26988c2ecf20Sopenharmony_ci * nfs_async_unlink(). 26998c2ecf20Sopenharmony_ci */ 27008c2ecf20Sopenharmony_cistatic int may_delete(struct inode *dir, struct dentry *victim, bool isdir) 27018c2ecf20Sopenharmony_ci{ 27028c2ecf20Sopenharmony_ci struct inode *inode = d_backing_inode(victim); 27038c2ecf20Sopenharmony_ci int error; 27048c2ecf20Sopenharmony_ci 27058c2ecf20Sopenharmony_ci if (d_is_negative(victim)) 27068c2ecf20Sopenharmony_ci return -ENOENT; 27078c2ecf20Sopenharmony_ci BUG_ON(!inode); 27088c2ecf20Sopenharmony_ci 27098c2ecf20Sopenharmony_ci BUG_ON(victim->d_parent->d_inode != dir); 27108c2ecf20Sopenharmony_ci 27118c2ecf20Sopenharmony_ci /* Inode writeback is not safe when the uid or gid are invalid. */ 27128c2ecf20Sopenharmony_ci if (!uid_valid(inode->i_uid) || !gid_valid(inode->i_gid)) 27138c2ecf20Sopenharmony_ci return -EOVERFLOW; 27148c2ecf20Sopenharmony_ci 27158c2ecf20Sopenharmony_ci audit_inode_child(dir, victim, AUDIT_TYPE_CHILD_DELETE); 27168c2ecf20Sopenharmony_ci 27178c2ecf20Sopenharmony_ci error = inode_permission(dir, MAY_WRITE | MAY_EXEC); 27188c2ecf20Sopenharmony_ci if (error) 27198c2ecf20Sopenharmony_ci return error; 27208c2ecf20Sopenharmony_ci if (IS_APPEND(dir)) 27218c2ecf20Sopenharmony_ci return -EPERM; 27228c2ecf20Sopenharmony_ci 27238c2ecf20Sopenharmony_ci if (check_sticky(dir, inode) || IS_APPEND(inode) || 27248c2ecf20Sopenharmony_ci IS_IMMUTABLE(inode) || IS_SWAPFILE(inode) || HAS_UNMAPPED_ID(inode)) 27258c2ecf20Sopenharmony_ci return -EPERM; 27268c2ecf20Sopenharmony_ci if (isdir) { 27278c2ecf20Sopenharmony_ci if (!d_is_dir(victim)) 27288c2ecf20Sopenharmony_ci return -ENOTDIR; 27298c2ecf20Sopenharmony_ci if (IS_ROOT(victim)) 27308c2ecf20Sopenharmony_ci return -EBUSY; 27318c2ecf20Sopenharmony_ci } else if (d_is_dir(victim)) 27328c2ecf20Sopenharmony_ci return -EISDIR; 27338c2ecf20Sopenharmony_ci if (IS_DEADDIR(dir)) 27348c2ecf20Sopenharmony_ci return -ENOENT; 27358c2ecf20Sopenharmony_ci if (victim->d_flags & DCACHE_NFSFS_RENAMED) 27368c2ecf20Sopenharmony_ci return -EBUSY; 27378c2ecf20Sopenharmony_ci return 0; 27388c2ecf20Sopenharmony_ci} 27398c2ecf20Sopenharmony_ci 27408c2ecf20Sopenharmony_ci/* Check whether we can create an object with dentry child in directory 27418c2ecf20Sopenharmony_ci * dir. 27428c2ecf20Sopenharmony_ci * 1. We can't do it if child already exists (open has special treatment for 27438c2ecf20Sopenharmony_ci * this case, but since we are inlined it's OK) 27448c2ecf20Sopenharmony_ci * 2. We can't do it if dir is read-only (done in permission()) 27458c2ecf20Sopenharmony_ci * 3. We can't do it if the fs can't represent the fsuid or fsgid. 27468c2ecf20Sopenharmony_ci * 4. We should have write and exec permissions on dir 27478c2ecf20Sopenharmony_ci * 5. We can't do it if dir is immutable (done in permission()) 27488c2ecf20Sopenharmony_ci */ 27498c2ecf20Sopenharmony_cistatic inline int may_create(struct inode *dir, struct dentry *child) 27508c2ecf20Sopenharmony_ci{ 27518c2ecf20Sopenharmony_ci struct user_namespace *s_user_ns; 27528c2ecf20Sopenharmony_ci audit_inode_child(dir, child, AUDIT_TYPE_CHILD_CREATE); 27538c2ecf20Sopenharmony_ci if (child->d_inode) 27548c2ecf20Sopenharmony_ci return -EEXIST; 27558c2ecf20Sopenharmony_ci if (IS_DEADDIR(dir)) 27568c2ecf20Sopenharmony_ci return -ENOENT; 27578c2ecf20Sopenharmony_ci s_user_ns = dir->i_sb->s_user_ns; 27588c2ecf20Sopenharmony_ci if (!kuid_has_mapping(s_user_ns, current_fsuid()) || 27598c2ecf20Sopenharmony_ci !kgid_has_mapping(s_user_ns, current_fsgid())) 27608c2ecf20Sopenharmony_ci return -EOVERFLOW; 27618c2ecf20Sopenharmony_ci return inode_permission(dir, MAY_WRITE | MAY_EXEC); 27628c2ecf20Sopenharmony_ci} 27638c2ecf20Sopenharmony_ci 27648c2ecf20Sopenharmony_ci/* 27658c2ecf20Sopenharmony_ci * p1 and p2 should be directories on the same fs. 27668c2ecf20Sopenharmony_ci */ 27678c2ecf20Sopenharmony_cistruct dentry *lock_rename(struct dentry *p1, struct dentry *p2) 27688c2ecf20Sopenharmony_ci{ 27698c2ecf20Sopenharmony_ci struct dentry *p; 27708c2ecf20Sopenharmony_ci 27718c2ecf20Sopenharmony_ci if (p1 == p2) { 27728c2ecf20Sopenharmony_ci inode_lock_nested(p1->d_inode, I_MUTEX_PARENT); 27738c2ecf20Sopenharmony_ci return NULL; 27748c2ecf20Sopenharmony_ci } 27758c2ecf20Sopenharmony_ci 27768c2ecf20Sopenharmony_ci mutex_lock(&p1->d_sb->s_vfs_rename_mutex); 27778c2ecf20Sopenharmony_ci 27788c2ecf20Sopenharmony_ci p = d_ancestor(p2, p1); 27798c2ecf20Sopenharmony_ci if (p) { 27808c2ecf20Sopenharmony_ci inode_lock_nested(p2->d_inode, I_MUTEX_PARENT); 27818c2ecf20Sopenharmony_ci inode_lock_nested(p1->d_inode, I_MUTEX_PARENT2); 27828c2ecf20Sopenharmony_ci return p; 27838c2ecf20Sopenharmony_ci } 27848c2ecf20Sopenharmony_ci 27858c2ecf20Sopenharmony_ci p = d_ancestor(p1, p2); 27868c2ecf20Sopenharmony_ci inode_lock_nested(p1->d_inode, I_MUTEX_PARENT); 27878c2ecf20Sopenharmony_ci inode_lock_nested(p2->d_inode, I_MUTEX_PARENT2); 27888c2ecf20Sopenharmony_ci return p; 27898c2ecf20Sopenharmony_ci} 27908c2ecf20Sopenharmony_ciEXPORT_SYMBOL(lock_rename); 27918c2ecf20Sopenharmony_ci 27928c2ecf20Sopenharmony_civoid unlock_rename(struct dentry *p1, struct dentry *p2) 27938c2ecf20Sopenharmony_ci{ 27948c2ecf20Sopenharmony_ci inode_unlock(p1->d_inode); 27958c2ecf20Sopenharmony_ci if (p1 != p2) { 27968c2ecf20Sopenharmony_ci inode_unlock(p2->d_inode); 27978c2ecf20Sopenharmony_ci mutex_unlock(&p1->d_sb->s_vfs_rename_mutex); 27988c2ecf20Sopenharmony_ci } 27998c2ecf20Sopenharmony_ci} 28008c2ecf20Sopenharmony_ciEXPORT_SYMBOL(unlock_rename); 28018c2ecf20Sopenharmony_ci 28028c2ecf20Sopenharmony_ci/** 28038c2ecf20Sopenharmony_ci * mode_strip_umask - handle vfs umask stripping 28048c2ecf20Sopenharmony_ci * @dir: parent directory of the new inode 28058c2ecf20Sopenharmony_ci * @mode: mode of the new inode to be created in @dir 28068c2ecf20Sopenharmony_ci * 28078c2ecf20Sopenharmony_ci * Umask stripping depends on whether or not the filesystem supports POSIX 28088c2ecf20Sopenharmony_ci * ACLs. If the filesystem doesn't support it umask stripping is done directly 28098c2ecf20Sopenharmony_ci * in here. If the filesystem does support POSIX ACLs umask stripping is 28108c2ecf20Sopenharmony_ci * deferred until the filesystem calls posix_acl_create(). 28118c2ecf20Sopenharmony_ci * 28128c2ecf20Sopenharmony_ci * Returns: mode 28138c2ecf20Sopenharmony_ci */ 28148c2ecf20Sopenharmony_cistatic inline umode_t mode_strip_umask(const struct inode *dir, umode_t mode) 28158c2ecf20Sopenharmony_ci{ 28168c2ecf20Sopenharmony_ci if (!IS_POSIXACL(dir)) 28178c2ecf20Sopenharmony_ci mode &= ~current_umask(); 28188c2ecf20Sopenharmony_ci return mode; 28198c2ecf20Sopenharmony_ci} 28208c2ecf20Sopenharmony_ci 28218c2ecf20Sopenharmony_ci/** 28228c2ecf20Sopenharmony_ci * vfs_prepare_mode - prepare the mode to be used for a new inode 28238c2ecf20Sopenharmony_ci * @dir: parent directory of the new inode 28248c2ecf20Sopenharmony_ci * @mode: mode of the new inode 28258c2ecf20Sopenharmony_ci * @mask_perms: allowed permission by the vfs 28268c2ecf20Sopenharmony_ci * @type: type of file to be created 28278c2ecf20Sopenharmony_ci * 28288c2ecf20Sopenharmony_ci * This helper consolidates and enforces vfs restrictions on the @mode of a new 28298c2ecf20Sopenharmony_ci * object to be created. 28308c2ecf20Sopenharmony_ci * 28318c2ecf20Sopenharmony_ci * Umask stripping depends on whether the filesystem supports POSIX ACLs (see 28328c2ecf20Sopenharmony_ci * the kernel documentation for mode_strip_umask()). Moving umask stripping 28338c2ecf20Sopenharmony_ci * after setgid stripping allows the same ordering for both non-POSIX ACL and 28348c2ecf20Sopenharmony_ci * POSIX ACL supporting filesystems. 28358c2ecf20Sopenharmony_ci * 28368c2ecf20Sopenharmony_ci * Note that it's currently valid for @type to be 0 if a directory is created. 28378c2ecf20Sopenharmony_ci * Filesystems raise that flag individually and we need to check whether each 28388c2ecf20Sopenharmony_ci * filesystem can deal with receiving S_IFDIR from the vfs before we enforce a 28398c2ecf20Sopenharmony_ci * non-zero type. 28408c2ecf20Sopenharmony_ci * 28418c2ecf20Sopenharmony_ci * Returns: mode to be passed to the filesystem 28428c2ecf20Sopenharmony_ci */ 28438c2ecf20Sopenharmony_cistatic inline umode_t vfs_prepare_mode(const struct inode *dir, umode_t mode, 28448c2ecf20Sopenharmony_ci umode_t mask_perms, umode_t type) 28458c2ecf20Sopenharmony_ci{ 28468c2ecf20Sopenharmony_ci mode = mode_strip_sgid(dir, mode); 28478c2ecf20Sopenharmony_ci mode = mode_strip_umask(dir, mode); 28488c2ecf20Sopenharmony_ci 28498c2ecf20Sopenharmony_ci /* 28508c2ecf20Sopenharmony_ci * Apply the vfs mandated allowed permission mask and set the type of 28518c2ecf20Sopenharmony_ci * file to be created before we call into the filesystem. 28528c2ecf20Sopenharmony_ci */ 28538c2ecf20Sopenharmony_ci mode &= (mask_perms & ~S_IFMT); 28548c2ecf20Sopenharmony_ci mode |= (type & S_IFMT); 28558c2ecf20Sopenharmony_ci 28568c2ecf20Sopenharmony_ci return mode; 28578c2ecf20Sopenharmony_ci} 28588c2ecf20Sopenharmony_ci 28598c2ecf20Sopenharmony_ciint vfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, 28608c2ecf20Sopenharmony_ci bool want_excl) 28618c2ecf20Sopenharmony_ci{ 28628c2ecf20Sopenharmony_ci int error = may_create(dir, dentry); 28638c2ecf20Sopenharmony_ci if (error) 28648c2ecf20Sopenharmony_ci return error; 28658c2ecf20Sopenharmony_ci 28668c2ecf20Sopenharmony_ci if (!dir->i_op->create) 28678c2ecf20Sopenharmony_ci return -EACCES; /* shouldn't it be ENOSYS? */ 28688c2ecf20Sopenharmony_ci 28698c2ecf20Sopenharmony_ci mode = vfs_prepare_mode(dir, mode, S_IALLUGO, S_IFREG); 28708c2ecf20Sopenharmony_ci error = security_inode_create(dir, dentry, mode); 28718c2ecf20Sopenharmony_ci if (error) 28728c2ecf20Sopenharmony_ci return error; 28738c2ecf20Sopenharmony_ci error = dir->i_op->create(dir, dentry, mode, want_excl); 28748c2ecf20Sopenharmony_ci if (!error) 28758c2ecf20Sopenharmony_ci fsnotify_create(dir, dentry); 28768c2ecf20Sopenharmony_ci return error; 28778c2ecf20Sopenharmony_ci} 28788c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_create); 28798c2ecf20Sopenharmony_ci 28808c2ecf20Sopenharmony_ciint vfs_mkobj(struct dentry *dentry, umode_t mode, 28818c2ecf20Sopenharmony_ci int (*f)(struct dentry *, umode_t, void *), 28828c2ecf20Sopenharmony_ci void *arg) 28838c2ecf20Sopenharmony_ci{ 28848c2ecf20Sopenharmony_ci struct inode *dir = dentry->d_parent->d_inode; 28858c2ecf20Sopenharmony_ci int error = may_create(dir, dentry); 28868c2ecf20Sopenharmony_ci if (error) 28878c2ecf20Sopenharmony_ci return error; 28888c2ecf20Sopenharmony_ci 28898c2ecf20Sopenharmony_ci mode &= S_IALLUGO; 28908c2ecf20Sopenharmony_ci mode |= S_IFREG; 28918c2ecf20Sopenharmony_ci error = security_inode_create(dir, dentry, mode); 28928c2ecf20Sopenharmony_ci if (error) 28938c2ecf20Sopenharmony_ci return error; 28948c2ecf20Sopenharmony_ci error = f(dentry, mode, arg); 28958c2ecf20Sopenharmony_ci if (!error) 28968c2ecf20Sopenharmony_ci fsnotify_create(dir, dentry); 28978c2ecf20Sopenharmony_ci return error; 28988c2ecf20Sopenharmony_ci} 28998c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_mkobj); 29008c2ecf20Sopenharmony_ci 29018c2ecf20Sopenharmony_cibool may_open_dev(const struct path *path) 29028c2ecf20Sopenharmony_ci{ 29038c2ecf20Sopenharmony_ci return !(path->mnt->mnt_flags & MNT_NODEV) && 29048c2ecf20Sopenharmony_ci !(path->mnt->mnt_sb->s_iflags & SB_I_NODEV); 29058c2ecf20Sopenharmony_ci} 29068c2ecf20Sopenharmony_ci 29078c2ecf20Sopenharmony_cistatic int may_open(const struct path *path, int acc_mode, int flag) 29088c2ecf20Sopenharmony_ci{ 29098c2ecf20Sopenharmony_ci struct dentry *dentry = path->dentry; 29108c2ecf20Sopenharmony_ci struct inode *inode = dentry->d_inode; 29118c2ecf20Sopenharmony_ci int error; 29128c2ecf20Sopenharmony_ci 29138c2ecf20Sopenharmony_ci if (!inode) 29148c2ecf20Sopenharmony_ci return -ENOENT; 29158c2ecf20Sopenharmony_ci 29168c2ecf20Sopenharmony_ci switch (inode->i_mode & S_IFMT) { 29178c2ecf20Sopenharmony_ci case S_IFLNK: 29188c2ecf20Sopenharmony_ci return -ELOOP; 29198c2ecf20Sopenharmony_ci case S_IFDIR: 29208c2ecf20Sopenharmony_ci if (acc_mode & MAY_WRITE) 29218c2ecf20Sopenharmony_ci return -EISDIR; 29228c2ecf20Sopenharmony_ci if (acc_mode & MAY_EXEC) 29238c2ecf20Sopenharmony_ci return -EACCES; 29248c2ecf20Sopenharmony_ci break; 29258c2ecf20Sopenharmony_ci case S_IFBLK: 29268c2ecf20Sopenharmony_ci case S_IFCHR: 29278c2ecf20Sopenharmony_ci if (!may_open_dev(path)) 29288c2ecf20Sopenharmony_ci return -EACCES; 29298c2ecf20Sopenharmony_ci fallthrough; 29308c2ecf20Sopenharmony_ci case S_IFIFO: 29318c2ecf20Sopenharmony_ci case S_IFSOCK: 29328c2ecf20Sopenharmony_ci if (acc_mode & MAY_EXEC) 29338c2ecf20Sopenharmony_ci return -EACCES; 29348c2ecf20Sopenharmony_ci flag &= ~O_TRUNC; 29358c2ecf20Sopenharmony_ci break; 29368c2ecf20Sopenharmony_ci case S_IFREG: 29378c2ecf20Sopenharmony_ci if ((acc_mode & MAY_EXEC) && path_noexec(path)) 29388c2ecf20Sopenharmony_ci return -EACCES; 29398c2ecf20Sopenharmony_ci break; 29408c2ecf20Sopenharmony_ci } 29418c2ecf20Sopenharmony_ci 29428c2ecf20Sopenharmony_ci error = inode_permission(inode, MAY_OPEN | acc_mode); 29438c2ecf20Sopenharmony_ci if (error) 29448c2ecf20Sopenharmony_ci return error; 29458c2ecf20Sopenharmony_ci 29468c2ecf20Sopenharmony_ci /* 29478c2ecf20Sopenharmony_ci * An append-only file must be opened in append mode for writing. 29488c2ecf20Sopenharmony_ci */ 29498c2ecf20Sopenharmony_ci if (IS_APPEND(inode)) { 29508c2ecf20Sopenharmony_ci if ((flag & O_ACCMODE) != O_RDONLY && !(flag & O_APPEND)) 29518c2ecf20Sopenharmony_ci return -EPERM; 29528c2ecf20Sopenharmony_ci if (flag & O_TRUNC) 29538c2ecf20Sopenharmony_ci return -EPERM; 29548c2ecf20Sopenharmony_ci } 29558c2ecf20Sopenharmony_ci 29568c2ecf20Sopenharmony_ci /* O_NOATIME can only be set by the owner or superuser */ 29578c2ecf20Sopenharmony_ci if (flag & O_NOATIME && !inode_owner_or_capable(inode)) 29588c2ecf20Sopenharmony_ci return -EPERM; 29598c2ecf20Sopenharmony_ci 29608c2ecf20Sopenharmony_ci return 0; 29618c2ecf20Sopenharmony_ci} 29628c2ecf20Sopenharmony_ci 29638c2ecf20Sopenharmony_cistatic int handle_truncate(struct file *filp) 29648c2ecf20Sopenharmony_ci{ 29658c2ecf20Sopenharmony_ci const struct path *path = &filp->f_path; 29668c2ecf20Sopenharmony_ci struct inode *inode = path->dentry->d_inode; 29678c2ecf20Sopenharmony_ci int error = get_write_access(inode); 29688c2ecf20Sopenharmony_ci if (error) 29698c2ecf20Sopenharmony_ci return error; 29708c2ecf20Sopenharmony_ci /* 29718c2ecf20Sopenharmony_ci * Refuse to truncate files with mandatory locks held on them. 29728c2ecf20Sopenharmony_ci */ 29738c2ecf20Sopenharmony_ci error = locks_verify_locked(filp); 29748c2ecf20Sopenharmony_ci if (!error) 29758c2ecf20Sopenharmony_ci error = security_path_truncate(path); 29768c2ecf20Sopenharmony_ci if (!error) { 29778c2ecf20Sopenharmony_ci error = do_truncate(path->dentry, 0, 29788c2ecf20Sopenharmony_ci ATTR_MTIME|ATTR_CTIME|ATTR_OPEN, 29798c2ecf20Sopenharmony_ci filp); 29808c2ecf20Sopenharmony_ci } 29818c2ecf20Sopenharmony_ci put_write_access(inode); 29828c2ecf20Sopenharmony_ci return error; 29838c2ecf20Sopenharmony_ci} 29848c2ecf20Sopenharmony_ci 29858c2ecf20Sopenharmony_cistatic inline int open_to_namei_flags(int flag) 29868c2ecf20Sopenharmony_ci{ 29878c2ecf20Sopenharmony_ci if ((flag & O_ACCMODE) == 3) 29888c2ecf20Sopenharmony_ci flag--; 29898c2ecf20Sopenharmony_ci return flag; 29908c2ecf20Sopenharmony_ci} 29918c2ecf20Sopenharmony_ci 29928c2ecf20Sopenharmony_cistatic int may_o_create(const struct path *dir, struct dentry *dentry, umode_t mode) 29938c2ecf20Sopenharmony_ci{ 29948c2ecf20Sopenharmony_ci struct user_namespace *s_user_ns; 29958c2ecf20Sopenharmony_ci int error = security_path_mknod(dir, dentry, mode, 0); 29968c2ecf20Sopenharmony_ci if (error) 29978c2ecf20Sopenharmony_ci return error; 29988c2ecf20Sopenharmony_ci 29998c2ecf20Sopenharmony_ci s_user_ns = dir->dentry->d_sb->s_user_ns; 30008c2ecf20Sopenharmony_ci if (!kuid_has_mapping(s_user_ns, current_fsuid()) || 30018c2ecf20Sopenharmony_ci !kgid_has_mapping(s_user_ns, current_fsgid())) 30028c2ecf20Sopenharmony_ci return -EOVERFLOW; 30038c2ecf20Sopenharmony_ci 30048c2ecf20Sopenharmony_ci error = inode_permission(dir->dentry->d_inode, MAY_WRITE | MAY_EXEC); 30058c2ecf20Sopenharmony_ci if (error) 30068c2ecf20Sopenharmony_ci return error; 30078c2ecf20Sopenharmony_ci 30088c2ecf20Sopenharmony_ci return security_inode_create(dir->dentry->d_inode, dentry, mode); 30098c2ecf20Sopenharmony_ci} 30108c2ecf20Sopenharmony_ci 30118c2ecf20Sopenharmony_ci/* 30128c2ecf20Sopenharmony_ci * Attempt to atomically look up, create and open a file from a negative 30138c2ecf20Sopenharmony_ci * dentry. 30148c2ecf20Sopenharmony_ci * 30158c2ecf20Sopenharmony_ci * Returns 0 if successful. The file will have been created and attached to 30168c2ecf20Sopenharmony_ci * @file by the filesystem calling finish_open(). 30178c2ecf20Sopenharmony_ci * 30188c2ecf20Sopenharmony_ci * If the file was looked up only or didn't need creating, FMODE_OPENED won't 30198c2ecf20Sopenharmony_ci * be set. The caller will need to perform the open themselves. @path will 30208c2ecf20Sopenharmony_ci * have been updated to point to the new dentry. This may be negative. 30218c2ecf20Sopenharmony_ci * 30228c2ecf20Sopenharmony_ci * Returns an error code otherwise. 30238c2ecf20Sopenharmony_ci */ 30248c2ecf20Sopenharmony_cistatic struct dentry *atomic_open(struct nameidata *nd, struct dentry *dentry, 30258c2ecf20Sopenharmony_ci struct file *file, 30268c2ecf20Sopenharmony_ci int open_flag, umode_t mode) 30278c2ecf20Sopenharmony_ci{ 30288c2ecf20Sopenharmony_ci struct dentry *const DENTRY_NOT_SET = (void *) -1UL; 30298c2ecf20Sopenharmony_ci struct inode *dir = nd->path.dentry->d_inode; 30308c2ecf20Sopenharmony_ci int error; 30318c2ecf20Sopenharmony_ci 30328c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_DIRECTORY) 30338c2ecf20Sopenharmony_ci open_flag |= O_DIRECTORY; 30348c2ecf20Sopenharmony_ci 30358c2ecf20Sopenharmony_ci file->f_path.dentry = DENTRY_NOT_SET; 30368c2ecf20Sopenharmony_ci file->f_path.mnt = nd->path.mnt; 30378c2ecf20Sopenharmony_ci error = dir->i_op->atomic_open(dir, dentry, file, 30388c2ecf20Sopenharmony_ci open_to_namei_flags(open_flag), mode); 30398c2ecf20Sopenharmony_ci d_lookup_done(dentry); 30408c2ecf20Sopenharmony_ci if (!error) { 30418c2ecf20Sopenharmony_ci if (file->f_mode & FMODE_OPENED) { 30428c2ecf20Sopenharmony_ci if (unlikely(dentry != file->f_path.dentry)) { 30438c2ecf20Sopenharmony_ci dput(dentry); 30448c2ecf20Sopenharmony_ci dentry = dget(file->f_path.dentry); 30458c2ecf20Sopenharmony_ci } 30468c2ecf20Sopenharmony_ci } else if (WARN_ON(file->f_path.dentry == DENTRY_NOT_SET)) { 30478c2ecf20Sopenharmony_ci error = -EIO; 30488c2ecf20Sopenharmony_ci } else { 30498c2ecf20Sopenharmony_ci if (file->f_path.dentry) { 30508c2ecf20Sopenharmony_ci dput(dentry); 30518c2ecf20Sopenharmony_ci dentry = file->f_path.dentry; 30528c2ecf20Sopenharmony_ci } 30538c2ecf20Sopenharmony_ci if (unlikely(d_is_negative(dentry))) 30548c2ecf20Sopenharmony_ci error = -ENOENT; 30558c2ecf20Sopenharmony_ci } 30568c2ecf20Sopenharmony_ci } 30578c2ecf20Sopenharmony_ci if (error) { 30588c2ecf20Sopenharmony_ci dput(dentry); 30598c2ecf20Sopenharmony_ci dentry = ERR_PTR(error); 30608c2ecf20Sopenharmony_ci } 30618c2ecf20Sopenharmony_ci return dentry; 30628c2ecf20Sopenharmony_ci} 30638c2ecf20Sopenharmony_ci 30648c2ecf20Sopenharmony_ci/* 30658c2ecf20Sopenharmony_ci * Look up and maybe create and open the last component. 30668c2ecf20Sopenharmony_ci * 30678c2ecf20Sopenharmony_ci * Must be called with parent locked (exclusive in O_CREAT case). 30688c2ecf20Sopenharmony_ci * 30698c2ecf20Sopenharmony_ci * Returns 0 on success, that is, if 30708c2ecf20Sopenharmony_ci * the file was successfully atomically created (if necessary) and opened, or 30718c2ecf20Sopenharmony_ci * the file was not completely opened at this time, though lookups and 30728c2ecf20Sopenharmony_ci * creations were performed. 30738c2ecf20Sopenharmony_ci * These case are distinguished by presence of FMODE_OPENED on file->f_mode. 30748c2ecf20Sopenharmony_ci * In the latter case dentry returned in @path might be negative if O_CREAT 30758c2ecf20Sopenharmony_ci * hadn't been specified. 30768c2ecf20Sopenharmony_ci * 30778c2ecf20Sopenharmony_ci * An error code is returned on failure. 30788c2ecf20Sopenharmony_ci */ 30798c2ecf20Sopenharmony_cistatic struct dentry *lookup_open(struct nameidata *nd, struct file *file, 30808c2ecf20Sopenharmony_ci const struct open_flags *op, 30818c2ecf20Sopenharmony_ci bool got_write) 30828c2ecf20Sopenharmony_ci{ 30838c2ecf20Sopenharmony_ci struct dentry *dir = nd->path.dentry; 30848c2ecf20Sopenharmony_ci struct inode *dir_inode = dir->d_inode; 30858c2ecf20Sopenharmony_ci int open_flag = op->open_flag; 30868c2ecf20Sopenharmony_ci struct dentry *dentry; 30878c2ecf20Sopenharmony_ci int error, create_error = 0; 30888c2ecf20Sopenharmony_ci umode_t mode = op->mode; 30898c2ecf20Sopenharmony_ci DECLARE_WAIT_QUEUE_HEAD_ONSTACK(wq); 30908c2ecf20Sopenharmony_ci 30918c2ecf20Sopenharmony_ci if (unlikely(IS_DEADDIR(dir_inode))) 30928c2ecf20Sopenharmony_ci return ERR_PTR(-ENOENT); 30938c2ecf20Sopenharmony_ci 30948c2ecf20Sopenharmony_ci file->f_mode &= ~FMODE_CREATED; 30958c2ecf20Sopenharmony_ci dentry = d_lookup(dir, &nd->last); 30968c2ecf20Sopenharmony_ci for (;;) { 30978c2ecf20Sopenharmony_ci if (!dentry) { 30988c2ecf20Sopenharmony_ci dentry = d_alloc_parallel(dir, &nd->last, &wq); 30998c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 31008c2ecf20Sopenharmony_ci return dentry; 31018c2ecf20Sopenharmony_ci } 31028c2ecf20Sopenharmony_ci if (d_in_lookup(dentry)) 31038c2ecf20Sopenharmony_ci break; 31048c2ecf20Sopenharmony_ci 31058c2ecf20Sopenharmony_ci error = d_revalidate(dentry, nd->flags); 31068c2ecf20Sopenharmony_ci if (likely(error > 0)) 31078c2ecf20Sopenharmony_ci break; 31088c2ecf20Sopenharmony_ci if (error) 31098c2ecf20Sopenharmony_ci goto out_dput; 31108c2ecf20Sopenharmony_ci d_invalidate(dentry); 31118c2ecf20Sopenharmony_ci dput(dentry); 31128c2ecf20Sopenharmony_ci dentry = NULL; 31138c2ecf20Sopenharmony_ci } 31148c2ecf20Sopenharmony_ci if (dentry->d_inode) { 31158c2ecf20Sopenharmony_ci /* Cached positive dentry: will open in f_op->open */ 31168c2ecf20Sopenharmony_ci return dentry; 31178c2ecf20Sopenharmony_ci } 31188c2ecf20Sopenharmony_ci 31198c2ecf20Sopenharmony_ci /* 31208c2ecf20Sopenharmony_ci * Checking write permission is tricky, bacuse we don't know if we are 31218c2ecf20Sopenharmony_ci * going to actually need it: O_CREAT opens should work as long as the 31228c2ecf20Sopenharmony_ci * file exists. But checking existence breaks atomicity. The trick is 31238c2ecf20Sopenharmony_ci * to check access and if not granted clear O_CREAT from the flags. 31248c2ecf20Sopenharmony_ci * 31258c2ecf20Sopenharmony_ci * Another problem is returing the "right" error value (e.g. for an 31268c2ecf20Sopenharmony_ci * O_EXCL open we want to return EEXIST not EROFS). 31278c2ecf20Sopenharmony_ci */ 31288c2ecf20Sopenharmony_ci if (unlikely(!got_write)) 31298c2ecf20Sopenharmony_ci open_flag &= ~O_TRUNC; 31308c2ecf20Sopenharmony_ci if (open_flag & O_CREAT) { 31318c2ecf20Sopenharmony_ci if (open_flag & O_EXCL) 31328c2ecf20Sopenharmony_ci open_flag &= ~O_TRUNC; 31338c2ecf20Sopenharmony_ci mode = vfs_prepare_mode(dir->d_inode, mode, mode, mode); 31348c2ecf20Sopenharmony_ci if (likely(got_write)) 31358c2ecf20Sopenharmony_ci create_error = may_o_create(&nd->path, dentry, mode); 31368c2ecf20Sopenharmony_ci else 31378c2ecf20Sopenharmony_ci create_error = -EROFS; 31388c2ecf20Sopenharmony_ci } 31398c2ecf20Sopenharmony_ci if (create_error) 31408c2ecf20Sopenharmony_ci open_flag &= ~O_CREAT; 31418c2ecf20Sopenharmony_ci if (dir_inode->i_op->atomic_open) { 31428c2ecf20Sopenharmony_ci dentry = atomic_open(nd, dentry, file, open_flag, mode); 31438c2ecf20Sopenharmony_ci if (unlikely(create_error) && dentry == ERR_PTR(-ENOENT)) 31448c2ecf20Sopenharmony_ci dentry = ERR_PTR(create_error); 31458c2ecf20Sopenharmony_ci return dentry; 31468c2ecf20Sopenharmony_ci } 31478c2ecf20Sopenharmony_ci 31488c2ecf20Sopenharmony_ci if (d_in_lookup(dentry)) { 31498c2ecf20Sopenharmony_ci struct dentry *res = dir_inode->i_op->lookup(dir_inode, dentry, 31508c2ecf20Sopenharmony_ci nd->flags); 31518c2ecf20Sopenharmony_ci d_lookup_done(dentry); 31528c2ecf20Sopenharmony_ci if (unlikely(res)) { 31538c2ecf20Sopenharmony_ci if (IS_ERR(res)) { 31548c2ecf20Sopenharmony_ci error = PTR_ERR(res); 31558c2ecf20Sopenharmony_ci goto out_dput; 31568c2ecf20Sopenharmony_ci } 31578c2ecf20Sopenharmony_ci dput(dentry); 31588c2ecf20Sopenharmony_ci dentry = res; 31598c2ecf20Sopenharmony_ci } 31608c2ecf20Sopenharmony_ci } 31618c2ecf20Sopenharmony_ci 31628c2ecf20Sopenharmony_ci /* Negative dentry, just create the file */ 31638c2ecf20Sopenharmony_ci if (!dentry->d_inode && (open_flag & O_CREAT)) { 31648c2ecf20Sopenharmony_ci file->f_mode |= FMODE_CREATED; 31658c2ecf20Sopenharmony_ci audit_inode_child(dir_inode, dentry, AUDIT_TYPE_CHILD_CREATE); 31668c2ecf20Sopenharmony_ci if (!dir_inode->i_op->create) { 31678c2ecf20Sopenharmony_ci error = -EACCES; 31688c2ecf20Sopenharmony_ci goto out_dput; 31698c2ecf20Sopenharmony_ci } 31708c2ecf20Sopenharmony_ci error = dir_inode->i_op->create(dir_inode, dentry, mode, 31718c2ecf20Sopenharmony_ci open_flag & O_EXCL); 31728c2ecf20Sopenharmony_ci if (error) 31738c2ecf20Sopenharmony_ci goto out_dput; 31748c2ecf20Sopenharmony_ci } 31758c2ecf20Sopenharmony_ci if (unlikely(create_error) && !dentry->d_inode) { 31768c2ecf20Sopenharmony_ci error = create_error; 31778c2ecf20Sopenharmony_ci goto out_dput; 31788c2ecf20Sopenharmony_ci } 31798c2ecf20Sopenharmony_ci return dentry; 31808c2ecf20Sopenharmony_ci 31818c2ecf20Sopenharmony_ciout_dput: 31828c2ecf20Sopenharmony_ci dput(dentry); 31838c2ecf20Sopenharmony_ci return ERR_PTR(error); 31848c2ecf20Sopenharmony_ci} 31858c2ecf20Sopenharmony_ci 31868c2ecf20Sopenharmony_cistatic const char *open_last_lookups(struct nameidata *nd, 31878c2ecf20Sopenharmony_ci struct file *file, const struct open_flags *op) 31888c2ecf20Sopenharmony_ci{ 31898c2ecf20Sopenharmony_ci struct dentry *dir = nd->path.dentry; 31908c2ecf20Sopenharmony_ci int open_flag = op->open_flag; 31918c2ecf20Sopenharmony_ci bool got_write = false; 31928c2ecf20Sopenharmony_ci unsigned seq; 31938c2ecf20Sopenharmony_ci struct inode *inode; 31948c2ecf20Sopenharmony_ci struct dentry *dentry; 31958c2ecf20Sopenharmony_ci const char *res; 31968c2ecf20Sopenharmony_ci 31978c2ecf20Sopenharmony_ci nd->flags |= op->intent; 31988c2ecf20Sopenharmony_ci 31998c2ecf20Sopenharmony_ci if (nd->last_type != LAST_NORM) { 32008c2ecf20Sopenharmony_ci if (nd->depth) 32018c2ecf20Sopenharmony_ci put_link(nd); 32028c2ecf20Sopenharmony_ci return handle_dots(nd, nd->last_type); 32038c2ecf20Sopenharmony_ci } 32048c2ecf20Sopenharmony_ci 32058c2ecf20Sopenharmony_ci if (!(open_flag & O_CREAT)) { 32068c2ecf20Sopenharmony_ci if (nd->last.name[nd->last.len]) 32078c2ecf20Sopenharmony_ci nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 32088c2ecf20Sopenharmony_ci /* we _can_ be in RCU mode here */ 32098c2ecf20Sopenharmony_ci dentry = lookup_fast(nd, &inode, &seq); 32108c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 32118c2ecf20Sopenharmony_ci return ERR_CAST(dentry); 32128c2ecf20Sopenharmony_ci if (likely(dentry)) 32138c2ecf20Sopenharmony_ci goto finish_lookup; 32148c2ecf20Sopenharmony_ci 32158c2ecf20Sopenharmony_ci BUG_ON(nd->flags & LOOKUP_RCU); 32168c2ecf20Sopenharmony_ci } else { 32178c2ecf20Sopenharmony_ci /* create side of things */ 32188c2ecf20Sopenharmony_ci if (nd->flags & LOOKUP_RCU) { 32198c2ecf20Sopenharmony_ci if (!try_to_unlazy(nd)) 32208c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 32218c2ecf20Sopenharmony_ci } 32228c2ecf20Sopenharmony_ci audit_inode(nd->name, dir, AUDIT_INODE_PARENT); 32238c2ecf20Sopenharmony_ci /* trailing slashes? */ 32248c2ecf20Sopenharmony_ci if (unlikely(nd->last.name[nd->last.len])) 32258c2ecf20Sopenharmony_ci return ERR_PTR(-EISDIR); 32268c2ecf20Sopenharmony_ci } 32278c2ecf20Sopenharmony_ci 32288c2ecf20Sopenharmony_ci if (open_flag & (O_CREAT | O_TRUNC | O_WRONLY | O_RDWR)) { 32298c2ecf20Sopenharmony_ci got_write = !mnt_want_write(nd->path.mnt); 32308c2ecf20Sopenharmony_ci /* 32318c2ecf20Sopenharmony_ci * do _not_ fail yet - we might not need that or fail with 32328c2ecf20Sopenharmony_ci * a different error; let lookup_open() decide; we'll be 32338c2ecf20Sopenharmony_ci * dropping this one anyway. 32348c2ecf20Sopenharmony_ci */ 32358c2ecf20Sopenharmony_ci } 32368c2ecf20Sopenharmony_ci if (open_flag & O_CREAT) 32378c2ecf20Sopenharmony_ci inode_lock(dir->d_inode); 32388c2ecf20Sopenharmony_ci else 32398c2ecf20Sopenharmony_ci inode_lock_shared(dir->d_inode); 32408c2ecf20Sopenharmony_ci dentry = lookup_open(nd, file, op, got_write); 32418c2ecf20Sopenharmony_ci if (!IS_ERR(dentry) && (file->f_mode & FMODE_CREATED)) 32428c2ecf20Sopenharmony_ci fsnotify_create(dir->d_inode, dentry); 32438c2ecf20Sopenharmony_ci if (open_flag & O_CREAT) 32448c2ecf20Sopenharmony_ci inode_unlock(dir->d_inode); 32458c2ecf20Sopenharmony_ci else 32468c2ecf20Sopenharmony_ci inode_unlock_shared(dir->d_inode); 32478c2ecf20Sopenharmony_ci 32488c2ecf20Sopenharmony_ci if (got_write) 32498c2ecf20Sopenharmony_ci mnt_drop_write(nd->path.mnt); 32508c2ecf20Sopenharmony_ci 32518c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 32528c2ecf20Sopenharmony_ci return ERR_CAST(dentry); 32538c2ecf20Sopenharmony_ci 32548c2ecf20Sopenharmony_ci if (file->f_mode & (FMODE_OPENED | FMODE_CREATED)) { 32558c2ecf20Sopenharmony_ci dput(nd->path.dentry); 32568c2ecf20Sopenharmony_ci nd->path.dentry = dentry; 32578c2ecf20Sopenharmony_ci return NULL; 32588c2ecf20Sopenharmony_ci } 32598c2ecf20Sopenharmony_ci 32608c2ecf20Sopenharmony_cifinish_lookup: 32618c2ecf20Sopenharmony_ci if (nd->depth) 32628c2ecf20Sopenharmony_ci put_link(nd); 32638c2ecf20Sopenharmony_ci res = step_into(nd, WALK_TRAILING, dentry, inode, seq); 32648c2ecf20Sopenharmony_ci if (unlikely(res)) 32658c2ecf20Sopenharmony_ci nd->flags &= ~(LOOKUP_OPEN|LOOKUP_CREATE|LOOKUP_EXCL); 32668c2ecf20Sopenharmony_ci return res; 32678c2ecf20Sopenharmony_ci} 32688c2ecf20Sopenharmony_ci 32698c2ecf20Sopenharmony_ci/* 32708c2ecf20Sopenharmony_ci * Handle the last step of open() 32718c2ecf20Sopenharmony_ci */ 32728c2ecf20Sopenharmony_cistatic int do_open(struct nameidata *nd, 32738c2ecf20Sopenharmony_ci struct file *file, const struct open_flags *op) 32748c2ecf20Sopenharmony_ci{ 32758c2ecf20Sopenharmony_ci int open_flag = op->open_flag; 32768c2ecf20Sopenharmony_ci bool do_truncate; 32778c2ecf20Sopenharmony_ci int acc_mode; 32788c2ecf20Sopenharmony_ci int error; 32798c2ecf20Sopenharmony_ci 32808c2ecf20Sopenharmony_ci if (!(file->f_mode & (FMODE_OPENED | FMODE_CREATED))) { 32818c2ecf20Sopenharmony_ci error = complete_walk(nd); 32828c2ecf20Sopenharmony_ci if (error) 32838c2ecf20Sopenharmony_ci return error; 32848c2ecf20Sopenharmony_ci } 32858c2ecf20Sopenharmony_ci if (!(file->f_mode & FMODE_CREATED)) 32868c2ecf20Sopenharmony_ci audit_inode(nd->name, nd->path.dentry, 0); 32878c2ecf20Sopenharmony_ci if (open_flag & O_CREAT) { 32888c2ecf20Sopenharmony_ci if ((open_flag & O_EXCL) && !(file->f_mode & FMODE_CREATED)) 32898c2ecf20Sopenharmony_ci return -EEXIST; 32908c2ecf20Sopenharmony_ci if (d_is_dir(nd->path.dentry)) 32918c2ecf20Sopenharmony_ci return -EISDIR; 32928c2ecf20Sopenharmony_ci error = may_create_in_sticky(nd->dir_mode, nd->dir_uid, 32938c2ecf20Sopenharmony_ci d_backing_inode(nd->path.dentry)); 32948c2ecf20Sopenharmony_ci if (unlikely(error)) 32958c2ecf20Sopenharmony_ci return error; 32968c2ecf20Sopenharmony_ci } 32978c2ecf20Sopenharmony_ci if ((nd->flags & LOOKUP_DIRECTORY) && !d_can_lookup(nd->path.dentry)) 32988c2ecf20Sopenharmony_ci return -ENOTDIR; 32998c2ecf20Sopenharmony_ci 33008c2ecf20Sopenharmony_ci do_truncate = false; 33018c2ecf20Sopenharmony_ci acc_mode = op->acc_mode; 33028c2ecf20Sopenharmony_ci if (file->f_mode & FMODE_CREATED) { 33038c2ecf20Sopenharmony_ci /* Don't check for write permission, don't truncate */ 33048c2ecf20Sopenharmony_ci open_flag &= ~O_TRUNC; 33058c2ecf20Sopenharmony_ci acc_mode = 0; 33068c2ecf20Sopenharmony_ci } else if (d_is_reg(nd->path.dentry) && open_flag & O_TRUNC) { 33078c2ecf20Sopenharmony_ci error = mnt_want_write(nd->path.mnt); 33088c2ecf20Sopenharmony_ci if (error) 33098c2ecf20Sopenharmony_ci return error; 33108c2ecf20Sopenharmony_ci do_truncate = true; 33118c2ecf20Sopenharmony_ci } 33128c2ecf20Sopenharmony_ci error = may_open(&nd->path, acc_mode, open_flag); 33138c2ecf20Sopenharmony_ci if (!error && !(file->f_mode & FMODE_OPENED)) 33148c2ecf20Sopenharmony_ci error = vfs_open(&nd->path, file); 33158c2ecf20Sopenharmony_ci if (!error) 33168c2ecf20Sopenharmony_ci error = ima_file_check(file, op->acc_mode); 33178c2ecf20Sopenharmony_ci if (!error && do_truncate) 33188c2ecf20Sopenharmony_ci error = handle_truncate(file); 33198c2ecf20Sopenharmony_ci if (unlikely(error > 0)) { 33208c2ecf20Sopenharmony_ci WARN_ON(1); 33218c2ecf20Sopenharmony_ci error = -EINVAL; 33228c2ecf20Sopenharmony_ci } 33238c2ecf20Sopenharmony_ci if (do_truncate) 33248c2ecf20Sopenharmony_ci mnt_drop_write(nd->path.mnt); 33258c2ecf20Sopenharmony_ci return error; 33268c2ecf20Sopenharmony_ci} 33278c2ecf20Sopenharmony_ci 33288c2ecf20Sopenharmony_cistruct dentry *vfs_tmpfile(struct dentry *dentry, umode_t mode, int open_flag) 33298c2ecf20Sopenharmony_ci{ 33308c2ecf20Sopenharmony_ci struct dentry *child = NULL; 33318c2ecf20Sopenharmony_ci struct inode *dir = dentry->d_inode; 33328c2ecf20Sopenharmony_ci struct inode *inode; 33338c2ecf20Sopenharmony_ci int error; 33348c2ecf20Sopenharmony_ci 33358c2ecf20Sopenharmony_ci /* we want directory to be writable */ 33368c2ecf20Sopenharmony_ci error = inode_permission(dir, MAY_WRITE | MAY_EXEC); 33378c2ecf20Sopenharmony_ci if (error) 33388c2ecf20Sopenharmony_ci goto out_err; 33398c2ecf20Sopenharmony_ci error = -EOPNOTSUPP; 33408c2ecf20Sopenharmony_ci if (!dir->i_op->tmpfile) 33418c2ecf20Sopenharmony_ci goto out_err; 33428c2ecf20Sopenharmony_ci error = -ENOMEM; 33438c2ecf20Sopenharmony_ci child = d_alloc(dentry, &slash_name); 33448c2ecf20Sopenharmony_ci if (unlikely(!child)) 33458c2ecf20Sopenharmony_ci goto out_err; 33468c2ecf20Sopenharmony_ci mode = vfs_prepare_mode(dir, mode, mode, mode); 33478c2ecf20Sopenharmony_ci error = dir->i_op->tmpfile(dir, child, mode); 33488c2ecf20Sopenharmony_ci if (error) 33498c2ecf20Sopenharmony_ci goto out_err; 33508c2ecf20Sopenharmony_ci error = -ENOENT; 33518c2ecf20Sopenharmony_ci inode = child->d_inode; 33528c2ecf20Sopenharmony_ci if (unlikely(!inode)) 33538c2ecf20Sopenharmony_ci goto out_err; 33548c2ecf20Sopenharmony_ci if (!(open_flag & O_EXCL)) { 33558c2ecf20Sopenharmony_ci spin_lock(&inode->i_lock); 33568c2ecf20Sopenharmony_ci inode->i_state |= I_LINKABLE; 33578c2ecf20Sopenharmony_ci spin_unlock(&inode->i_lock); 33588c2ecf20Sopenharmony_ci } 33598c2ecf20Sopenharmony_ci ima_post_create_tmpfile(inode); 33608c2ecf20Sopenharmony_ci return child; 33618c2ecf20Sopenharmony_ci 33628c2ecf20Sopenharmony_ciout_err: 33638c2ecf20Sopenharmony_ci dput(child); 33648c2ecf20Sopenharmony_ci return ERR_PTR(error); 33658c2ecf20Sopenharmony_ci} 33668c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_tmpfile); 33678c2ecf20Sopenharmony_ci 33688c2ecf20Sopenharmony_cistatic int do_tmpfile(struct nameidata *nd, unsigned flags, 33698c2ecf20Sopenharmony_ci const struct open_flags *op, 33708c2ecf20Sopenharmony_ci struct file *file) 33718c2ecf20Sopenharmony_ci{ 33728c2ecf20Sopenharmony_ci struct dentry *child; 33738c2ecf20Sopenharmony_ci struct path path; 33748c2ecf20Sopenharmony_ci int error = path_lookupat(nd, flags | LOOKUP_DIRECTORY, &path); 33758c2ecf20Sopenharmony_ci if (unlikely(error)) 33768c2ecf20Sopenharmony_ci return error; 33778c2ecf20Sopenharmony_ci error = mnt_want_write(path.mnt); 33788c2ecf20Sopenharmony_ci if (unlikely(error)) 33798c2ecf20Sopenharmony_ci goto out; 33808c2ecf20Sopenharmony_ci child = vfs_tmpfile(path.dentry, op->mode, op->open_flag); 33818c2ecf20Sopenharmony_ci error = PTR_ERR(child); 33828c2ecf20Sopenharmony_ci if (IS_ERR(child)) 33838c2ecf20Sopenharmony_ci goto out2; 33848c2ecf20Sopenharmony_ci dput(path.dentry); 33858c2ecf20Sopenharmony_ci path.dentry = child; 33868c2ecf20Sopenharmony_ci audit_inode(nd->name, child, 0); 33878c2ecf20Sopenharmony_ci /* Don't check for other permissions, the inode was just created */ 33888c2ecf20Sopenharmony_ci error = may_open(&path, 0, op->open_flag); 33898c2ecf20Sopenharmony_ci if (error) 33908c2ecf20Sopenharmony_ci goto out2; 33918c2ecf20Sopenharmony_ci file->f_path.mnt = path.mnt; 33928c2ecf20Sopenharmony_ci error = finish_open(file, child, NULL); 33938c2ecf20Sopenharmony_ciout2: 33948c2ecf20Sopenharmony_ci mnt_drop_write(path.mnt); 33958c2ecf20Sopenharmony_ciout: 33968c2ecf20Sopenharmony_ci path_put(&path); 33978c2ecf20Sopenharmony_ci return error; 33988c2ecf20Sopenharmony_ci} 33998c2ecf20Sopenharmony_ci 34008c2ecf20Sopenharmony_cistatic int do_o_path(struct nameidata *nd, unsigned flags, struct file *file) 34018c2ecf20Sopenharmony_ci{ 34028c2ecf20Sopenharmony_ci struct path path; 34038c2ecf20Sopenharmony_ci int error = path_lookupat(nd, flags, &path); 34048c2ecf20Sopenharmony_ci if (!error) { 34058c2ecf20Sopenharmony_ci audit_inode(nd->name, path.dentry, 0); 34068c2ecf20Sopenharmony_ci error = vfs_open(&path, file); 34078c2ecf20Sopenharmony_ci path_put(&path); 34088c2ecf20Sopenharmony_ci } 34098c2ecf20Sopenharmony_ci return error; 34108c2ecf20Sopenharmony_ci} 34118c2ecf20Sopenharmony_ci 34128c2ecf20Sopenharmony_cistatic struct file *path_openat(struct nameidata *nd, 34138c2ecf20Sopenharmony_ci const struct open_flags *op, unsigned flags) 34148c2ecf20Sopenharmony_ci{ 34158c2ecf20Sopenharmony_ci struct file *file; 34168c2ecf20Sopenharmony_ci int error; 34178c2ecf20Sopenharmony_ci 34188c2ecf20Sopenharmony_ci file = alloc_empty_file(op->open_flag, current_cred()); 34198c2ecf20Sopenharmony_ci if (IS_ERR(file)) 34208c2ecf20Sopenharmony_ci return file; 34218c2ecf20Sopenharmony_ci 34228c2ecf20Sopenharmony_ci if (unlikely(file->f_flags & __O_TMPFILE)) { 34238c2ecf20Sopenharmony_ci error = do_tmpfile(nd, flags, op, file); 34248c2ecf20Sopenharmony_ci } else if (unlikely(file->f_flags & O_PATH)) { 34258c2ecf20Sopenharmony_ci error = do_o_path(nd, flags, file); 34268c2ecf20Sopenharmony_ci } else { 34278c2ecf20Sopenharmony_ci const char *s = path_init(nd, flags); 34288c2ecf20Sopenharmony_ci while (!(error = link_path_walk(s, nd)) && 34298c2ecf20Sopenharmony_ci (s = open_last_lookups(nd, file, op)) != NULL) 34308c2ecf20Sopenharmony_ci ; 34318c2ecf20Sopenharmony_ci if (!error) 34328c2ecf20Sopenharmony_ci error = do_open(nd, file, op); 34338c2ecf20Sopenharmony_ci terminate_walk(nd); 34348c2ecf20Sopenharmony_ci } 34358c2ecf20Sopenharmony_ci if (likely(!error)) { 34368c2ecf20Sopenharmony_ci if (likely(file->f_mode & FMODE_OPENED)) 34378c2ecf20Sopenharmony_ci return file; 34388c2ecf20Sopenharmony_ci WARN_ON(1); 34398c2ecf20Sopenharmony_ci error = -EINVAL; 34408c2ecf20Sopenharmony_ci } 34418c2ecf20Sopenharmony_ci fput(file); 34428c2ecf20Sopenharmony_ci if (error == -EOPENSTALE) { 34438c2ecf20Sopenharmony_ci if (flags & LOOKUP_RCU) 34448c2ecf20Sopenharmony_ci error = -ECHILD; 34458c2ecf20Sopenharmony_ci else 34468c2ecf20Sopenharmony_ci error = -ESTALE; 34478c2ecf20Sopenharmony_ci } 34488c2ecf20Sopenharmony_ci return ERR_PTR(error); 34498c2ecf20Sopenharmony_ci} 34508c2ecf20Sopenharmony_ci 34518c2ecf20Sopenharmony_cistruct file *do_filp_open(int dfd, struct filename *pathname, 34528c2ecf20Sopenharmony_ci const struct open_flags *op) 34538c2ecf20Sopenharmony_ci{ 34548c2ecf20Sopenharmony_ci struct nameidata nd; 34558c2ecf20Sopenharmony_ci int flags = op->lookup_flags; 34568c2ecf20Sopenharmony_ci struct file *filp; 34578c2ecf20Sopenharmony_ci 34588c2ecf20Sopenharmony_ci set_nameidata(&nd, dfd, pathname); 34598c2ecf20Sopenharmony_ci filp = path_openat(&nd, op, flags | LOOKUP_RCU); 34608c2ecf20Sopenharmony_ci if (unlikely(filp == ERR_PTR(-ECHILD))) 34618c2ecf20Sopenharmony_ci filp = path_openat(&nd, op, flags); 34628c2ecf20Sopenharmony_ci if (unlikely(filp == ERR_PTR(-ESTALE))) 34638c2ecf20Sopenharmony_ci filp = path_openat(&nd, op, flags | LOOKUP_REVAL); 34648c2ecf20Sopenharmony_ci restore_nameidata(); 34658c2ecf20Sopenharmony_ci return filp; 34668c2ecf20Sopenharmony_ci} 34678c2ecf20Sopenharmony_ci 34688c2ecf20Sopenharmony_cistruct file *do_file_open_root(const struct path *root, 34698c2ecf20Sopenharmony_ci const char *name, const struct open_flags *op) 34708c2ecf20Sopenharmony_ci{ 34718c2ecf20Sopenharmony_ci struct nameidata nd; 34728c2ecf20Sopenharmony_ci struct file *file; 34738c2ecf20Sopenharmony_ci struct filename *filename; 34748c2ecf20Sopenharmony_ci int flags = op->lookup_flags; 34758c2ecf20Sopenharmony_ci 34768c2ecf20Sopenharmony_ci if (d_is_symlink(root->dentry) && op->intent & LOOKUP_OPEN) 34778c2ecf20Sopenharmony_ci return ERR_PTR(-ELOOP); 34788c2ecf20Sopenharmony_ci 34798c2ecf20Sopenharmony_ci filename = getname_kernel(name); 34808c2ecf20Sopenharmony_ci if (IS_ERR(filename)) 34818c2ecf20Sopenharmony_ci return ERR_CAST(filename); 34828c2ecf20Sopenharmony_ci 34838c2ecf20Sopenharmony_ci set_nameidata(&nd, -1, filename); 34848c2ecf20Sopenharmony_ci nd.root = *root; 34858c2ecf20Sopenharmony_ci nd.state = ND_ROOT_PRESET; 34868c2ecf20Sopenharmony_ci file = path_openat(&nd, op, flags | LOOKUP_RCU); 34878c2ecf20Sopenharmony_ci if (unlikely(file == ERR_PTR(-ECHILD))) 34888c2ecf20Sopenharmony_ci file = path_openat(&nd, op, flags); 34898c2ecf20Sopenharmony_ci if (unlikely(file == ERR_PTR(-ESTALE))) 34908c2ecf20Sopenharmony_ci file = path_openat(&nd, op, flags | LOOKUP_REVAL); 34918c2ecf20Sopenharmony_ci restore_nameidata(); 34928c2ecf20Sopenharmony_ci putname(filename); 34938c2ecf20Sopenharmony_ci return file; 34948c2ecf20Sopenharmony_ci} 34958c2ecf20Sopenharmony_ci 34968c2ecf20Sopenharmony_cistatic struct dentry *filename_create(int dfd, struct filename *name, 34978c2ecf20Sopenharmony_ci struct path *path, unsigned int lookup_flags) 34988c2ecf20Sopenharmony_ci{ 34998c2ecf20Sopenharmony_ci struct dentry *dentry = ERR_PTR(-EEXIST); 35008c2ecf20Sopenharmony_ci struct qstr last; 35018c2ecf20Sopenharmony_ci int type; 35028c2ecf20Sopenharmony_ci int err2; 35038c2ecf20Sopenharmony_ci int error; 35048c2ecf20Sopenharmony_ci bool is_dir = (lookup_flags & LOOKUP_DIRECTORY); 35058c2ecf20Sopenharmony_ci 35068c2ecf20Sopenharmony_ci /* 35078c2ecf20Sopenharmony_ci * Note that only LOOKUP_REVAL and LOOKUP_DIRECTORY matter here. Any 35088c2ecf20Sopenharmony_ci * other flags passed in are ignored! 35098c2ecf20Sopenharmony_ci */ 35108c2ecf20Sopenharmony_ci lookup_flags &= LOOKUP_REVAL; 35118c2ecf20Sopenharmony_ci 35128c2ecf20Sopenharmony_ci name = filename_parentat(dfd, name, lookup_flags, path, &last, &type); 35138c2ecf20Sopenharmony_ci if (IS_ERR(name)) 35148c2ecf20Sopenharmony_ci return ERR_CAST(name); 35158c2ecf20Sopenharmony_ci 35168c2ecf20Sopenharmony_ci /* 35178c2ecf20Sopenharmony_ci * Yucky last component or no last component at all? 35188c2ecf20Sopenharmony_ci * (foo/., foo/.., /////) 35198c2ecf20Sopenharmony_ci */ 35208c2ecf20Sopenharmony_ci if (unlikely(type != LAST_NORM)) 35218c2ecf20Sopenharmony_ci goto out; 35228c2ecf20Sopenharmony_ci 35238c2ecf20Sopenharmony_ci /* don't fail immediately if it's r/o, at least try to report other errors */ 35248c2ecf20Sopenharmony_ci err2 = mnt_want_write(path->mnt); 35258c2ecf20Sopenharmony_ci /* 35268c2ecf20Sopenharmony_ci * Do the final lookup. 35278c2ecf20Sopenharmony_ci */ 35288c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_CREATE | LOOKUP_EXCL; 35298c2ecf20Sopenharmony_ci inode_lock_nested(path->dentry->d_inode, I_MUTEX_PARENT); 35308c2ecf20Sopenharmony_ci dentry = __lookup_hash(&last, path->dentry, lookup_flags); 35318c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 35328c2ecf20Sopenharmony_ci goto unlock; 35338c2ecf20Sopenharmony_ci 35348c2ecf20Sopenharmony_ci error = -EEXIST; 35358c2ecf20Sopenharmony_ci if (d_is_positive(dentry)) 35368c2ecf20Sopenharmony_ci goto fail; 35378c2ecf20Sopenharmony_ci 35388c2ecf20Sopenharmony_ci /* 35398c2ecf20Sopenharmony_ci * Special case - lookup gave negative, but... we had foo/bar/ 35408c2ecf20Sopenharmony_ci * From the vfs_mknod() POV we just have a negative dentry - 35418c2ecf20Sopenharmony_ci * all is fine. Let's be bastards - you had / on the end, you've 35428c2ecf20Sopenharmony_ci * been asking for (non-existent) directory. -ENOENT for you. 35438c2ecf20Sopenharmony_ci */ 35448c2ecf20Sopenharmony_ci if (unlikely(!is_dir && last.name[last.len])) { 35458c2ecf20Sopenharmony_ci error = -ENOENT; 35468c2ecf20Sopenharmony_ci goto fail; 35478c2ecf20Sopenharmony_ci } 35488c2ecf20Sopenharmony_ci if (unlikely(err2)) { 35498c2ecf20Sopenharmony_ci error = err2; 35508c2ecf20Sopenharmony_ci goto fail; 35518c2ecf20Sopenharmony_ci } 35528c2ecf20Sopenharmony_ci putname(name); 35538c2ecf20Sopenharmony_ci return dentry; 35548c2ecf20Sopenharmony_cifail: 35558c2ecf20Sopenharmony_ci dput(dentry); 35568c2ecf20Sopenharmony_ci dentry = ERR_PTR(error); 35578c2ecf20Sopenharmony_ciunlock: 35588c2ecf20Sopenharmony_ci inode_unlock(path->dentry->d_inode); 35598c2ecf20Sopenharmony_ci if (!err2) 35608c2ecf20Sopenharmony_ci mnt_drop_write(path->mnt); 35618c2ecf20Sopenharmony_ciout: 35628c2ecf20Sopenharmony_ci path_put(path); 35638c2ecf20Sopenharmony_ci putname(name); 35648c2ecf20Sopenharmony_ci return dentry; 35658c2ecf20Sopenharmony_ci} 35668c2ecf20Sopenharmony_ci 35678c2ecf20Sopenharmony_cistruct dentry *kern_path_create(int dfd, const char *pathname, 35688c2ecf20Sopenharmony_ci struct path *path, unsigned int lookup_flags) 35698c2ecf20Sopenharmony_ci{ 35708c2ecf20Sopenharmony_ci return filename_create(dfd, getname_kernel(pathname), 35718c2ecf20Sopenharmony_ci path, lookup_flags); 35728c2ecf20Sopenharmony_ci} 35738c2ecf20Sopenharmony_ciEXPORT_SYMBOL(kern_path_create); 35748c2ecf20Sopenharmony_ci 35758c2ecf20Sopenharmony_civoid done_path_create(struct path *path, struct dentry *dentry) 35768c2ecf20Sopenharmony_ci{ 35778c2ecf20Sopenharmony_ci dput(dentry); 35788c2ecf20Sopenharmony_ci inode_unlock(path->dentry->d_inode); 35798c2ecf20Sopenharmony_ci mnt_drop_write(path->mnt); 35808c2ecf20Sopenharmony_ci path_put(path); 35818c2ecf20Sopenharmony_ci} 35828c2ecf20Sopenharmony_ciEXPORT_SYMBOL(done_path_create); 35838c2ecf20Sopenharmony_ci 35848c2ecf20Sopenharmony_ciinline struct dentry *user_path_create(int dfd, const char __user *pathname, 35858c2ecf20Sopenharmony_ci struct path *path, unsigned int lookup_flags) 35868c2ecf20Sopenharmony_ci{ 35878c2ecf20Sopenharmony_ci return filename_create(dfd, getname(pathname), path, lookup_flags); 35888c2ecf20Sopenharmony_ci} 35898c2ecf20Sopenharmony_ciEXPORT_SYMBOL(user_path_create); 35908c2ecf20Sopenharmony_ci 35918c2ecf20Sopenharmony_ciint vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) 35928c2ecf20Sopenharmony_ci{ 35938c2ecf20Sopenharmony_ci bool is_whiteout = S_ISCHR(mode) && dev == WHITEOUT_DEV; 35948c2ecf20Sopenharmony_ci int error = may_create(dir, dentry); 35958c2ecf20Sopenharmony_ci 35968c2ecf20Sopenharmony_ci if (error) 35978c2ecf20Sopenharmony_ci return error; 35988c2ecf20Sopenharmony_ci 35998c2ecf20Sopenharmony_ci if ((S_ISCHR(mode) || S_ISBLK(mode)) && !is_whiteout && 36008c2ecf20Sopenharmony_ci !capable(CAP_MKNOD)) 36018c2ecf20Sopenharmony_ci return -EPERM; 36028c2ecf20Sopenharmony_ci 36038c2ecf20Sopenharmony_ci if (!dir->i_op->mknod) 36048c2ecf20Sopenharmony_ci return -EPERM; 36058c2ecf20Sopenharmony_ci 36068c2ecf20Sopenharmony_ci mode = vfs_prepare_mode(dir, mode, mode, mode); 36078c2ecf20Sopenharmony_ci error = devcgroup_inode_mknod(mode, dev); 36088c2ecf20Sopenharmony_ci if (error) 36098c2ecf20Sopenharmony_ci return error; 36108c2ecf20Sopenharmony_ci 36118c2ecf20Sopenharmony_ci error = security_inode_mknod(dir, dentry, mode, dev); 36128c2ecf20Sopenharmony_ci if (error) 36138c2ecf20Sopenharmony_ci return error; 36148c2ecf20Sopenharmony_ci 36158c2ecf20Sopenharmony_ci error = dir->i_op->mknod(dir, dentry, mode, dev); 36168c2ecf20Sopenharmony_ci if (!error) 36178c2ecf20Sopenharmony_ci fsnotify_create(dir, dentry); 36188c2ecf20Sopenharmony_ci return error; 36198c2ecf20Sopenharmony_ci} 36208c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_mknod); 36218c2ecf20Sopenharmony_ci 36228c2ecf20Sopenharmony_cistatic int may_mknod(umode_t mode) 36238c2ecf20Sopenharmony_ci{ 36248c2ecf20Sopenharmony_ci switch (mode & S_IFMT) { 36258c2ecf20Sopenharmony_ci case S_IFREG: 36268c2ecf20Sopenharmony_ci case S_IFCHR: 36278c2ecf20Sopenharmony_ci case S_IFBLK: 36288c2ecf20Sopenharmony_ci case S_IFIFO: 36298c2ecf20Sopenharmony_ci case S_IFSOCK: 36308c2ecf20Sopenharmony_ci case 0: /* zero mode translates to S_IFREG */ 36318c2ecf20Sopenharmony_ci return 0; 36328c2ecf20Sopenharmony_ci case S_IFDIR: 36338c2ecf20Sopenharmony_ci return -EPERM; 36348c2ecf20Sopenharmony_ci default: 36358c2ecf20Sopenharmony_ci return -EINVAL; 36368c2ecf20Sopenharmony_ci } 36378c2ecf20Sopenharmony_ci} 36388c2ecf20Sopenharmony_ci 36398c2ecf20Sopenharmony_cistatic long do_mknodat(int dfd, const char __user *filename, umode_t mode, 36408c2ecf20Sopenharmony_ci unsigned int dev) 36418c2ecf20Sopenharmony_ci{ 36428c2ecf20Sopenharmony_ci struct dentry *dentry; 36438c2ecf20Sopenharmony_ci struct path path; 36448c2ecf20Sopenharmony_ci int error; 36458c2ecf20Sopenharmony_ci unsigned int lookup_flags = 0; 36468c2ecf20Sopenharmony_ci 36478c2ecf20Sopenharmony_ci error = may_mknod(mode); 36488c2ecf20Sopenharmony_ci if (error) 36498c2ecf20Sopenharmony_ci return error; 36508c2ecf20Sopenharmony_ciretry: 36518c2ecf20Sopenharmony_ci dentry = user_path_create(dfd, filename, &path, lookup_flags); 36528c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 36538c2ecf20Sopenharmony_ci return PTR_ERR(dentry); 36548c2ecf20Sopenharmony_ci 36558c2ecf20Sopenharmony_ci error = security_path_mknod(&path, dentry, 36568c2ecf20Sopenharmony_ci mode_strip_umask(path.dentry->d_inode, mode), dev); 36578c2ecf20Sopenharmony_ci if (error) 36588c2ecf20Sopenharmony_ci goto out; 36598c2ecf20Sopenharmony_ci switch (mode & S_IFMT) { 36608c2ecf20Sopenharmony_ci case 0: case S_IFREG: 36618c2ecf20Sopenharmony_ci error = vfs_create(path.dentry->d_inode,dentry,mode,true); 36628c2ecf20Sopenharmony_ci if (!error) 36638c2ecf20Sopenharmony_ci ima_post_path_mknod(dentry); 36648c2ecf20Sopenharmony_ci break; 36658c2ecf20Sopenharmony_ci case S_IFCHR: case S_IFBLK: 36668c2ecf20Sopenharmony_ci error = vfs_mknod(path.dentry->d_inode,dentry,mode, 36678c2ecf20Sopenharmony_ci new_decode_dev(dev)); 36688c2ecf20Sopenharmony_ci break; 36698c2ecf20Sopenharmony_ci case S_IFIFO: case S_IFSOCK: 36708c2ecf20Sopenharmony_ci error = vfs_mknod(path.dentry->d_inode,dentry,mode,0); 36718c2ecf20Sopenharmony_ci break; 36728c2ecf20Sopenharmony_ci } 36738c2ecf20Sopenharmony_ciout: 36748c2ecf20Sopenharmony_ci done_path_create(&path, dentry); 36758c2ecf20Sopenharmony_ci if (retry_estale(error, lookup_flags)) { 36768c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_REVAL; 36778c2ecf20Sopenharmony_ci goto retry; 36788c2ecf20Sopenharmony_ci } 36798c2ecf20Sopenharmony_ci return error; 36808c2ecf20Sopenharmony_ci} 36818c2ecf20Sopenharmony_ci 36828c2ecf20Sopenharmony_ciSYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, umode_t, mode, 36838c2ecf20Sopenharmony_ci unsigned int, dev) 36848c2ecf20Sopenharmony_ci{ 36858c2ecf20Sopenharmony_ci return do_mknodat(dfd, filename, mode, dev); 36868c2ecf20Sopenharmony_ci} 36878c2ecf20Sopenharmony_ci 36888c2ecf20Sopenharmony_ciSYSCALL_DEFINE3(mknod, const char __user *, filename, umode_t, mode, unsigned, dev) 36898c2ecf20Sopenharmony_ci{ 36908c2ecf20Sopenharmony_ci return do_mknodat(AT_FDCWD, filename, mode, dev); 36918c2ecf20Sopenharmony_ci} 36928c2ecf20Sopenharmony_ci 36938c2ecf20Sopenharmony_ciint vfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 36948c2ecf20Sopenharmony_ci{ 36958c2ecf20Sopenharmony_ci int error = may_create(dir, dentry); 36968c2ecf20Sopenharmony_ci unsigned max_links = dir->i_sb->s_max_links; 36978c2ecf20Sopenharmony_ci 36988c2ecf20Sopenharmony_ci if (error) 36998c2ecf20Sopenharmony_ci return error; 37008c2ecf20Sopenharmony_ci 37018c2ecf20Sopenharmony_ci if (!dir->i_op->mkdir) 37028c2ecf20Sopenharmony_ci return -EPERM; 37038c2ecf20Sopenharmony_ci 37048c2ecf20Sopenharmony_ci mode = vfs_prepare_mode(dir, mode, S_IRWXUGO | S_ISVTX, 0); 37058c2ecf20Sopenharmony_ci error = security_inode_mkdir(dir, dentry, mode); 37068c2ecf20Sopenharmony_ci if (error) 37078c2ecf20Sopenharmony_ci return error; 37088c2ecf20Sopenharmony_ci 37098c2ecf20Sopenharmony_ci if (max_links && dir->i_nlink >= max_links) 37108c2ecf20Sopenharmony_ci return -EMLINK; 37118c2ecf20Sopenharmony_ci 37128c2ecf20Sopenharmony_ci error = dir->i_op->mkdir(dir, dentry, mode); 37138c2ecf20Sopenharmony_ci if (!error) 37148c2ecf20Sopenharmony_ci fsnotify_mkdir(dir, dentry); 37158c2ecf20Sopenharmony_ci return error; 37168c2ecf20Sopenharmony_ci} 37178c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_mkdir); 37188c2ecf20Sopenharmony_ci 37198c2ecf20Sopenharmony_cistatic long do_mkdirat(int dfd, const char __user *pathname, umode_t mode) 37208c2ecf20Sopenharmony_ci{ 37218c2ecf20Sopenharmony_ci struct dentry *dentry; 37228c2ecf20Sopenharmony_ci struct path path; 37238c2ecf20Sopenharmony_ci int error; 37248c2ecf20Sopenharmony_ci unsigned int lookup_flags = LOOKUP_DIRECTORY; 37258c2ecf20Sopenharmony_ci 37268c2ecf20Sopenharmony_ciretry: 37278c2ecf20Sopenharmony_ci dentry = user_path_create(dfd, pathname, &path, lookup_flags); 37288c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 37298c2ecf20Sopenharmony_ci return PTR_ERR(dentry); 37308c2ecf20Sopenharmony_ci 37318c2ecf20Sopenharmony_ci error = security_path_mkdir(&path, dentry, 37328c2ecf20Sopenharmony_ci mode_strip_umask(path.dentry->d_inode, mode)); 37338c2ecf20Sopenharmony_ci if (!error) 37348c2ecf20Sopenharmony_ci error = vfs_mkdir(path.dentry->d_inode, dentry, mode); 37358c2ecf20Sopenharmony_ci done_path_create(&path, dentry); 37368c2ecf20Sopenharmony_ci if (retry_estale(error, lookup_flags)) { 37378c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_REVAL; 37388c2ecf20Sopenharmony_ci goto retry; 37398c2ecf20Sopenharmony_ci } 37408c2ecf20Sopenharmony_ci return error; 37418c2ecf20Sopenharmony_ci} 37428c2ecf20Sopenharmony_ci 37438c2ecf20Sopenharmony_ciSYSCALL_DEFINE3(mkdirat, int, dfd, const char __user *, pathname, umode_t, mode) 37448c2ecf20Sopenharmony_ci{ 37458c2ecf20Sopenharmony_ci return do_mkdirat(dfd, pathname, mode); 37468c2ecf20Sopenharmony_ci} 37478c2ecf20Sopenharmony_ci 37488c2ecf20Sopenharmony_ciSYSCALL_DEFINE2(mkdir, const char __user *, pathname, umode_t, mode) 37498c2ecf20Sopenharmony_ci{ 37508c2ecf20Sopenharmony_ci return do_mkdirat(AT_FDCWD, pathname, mode); 37518c2ecf20Sopenharmony_ci} 37528c2ecf20Sopenharmony_ci 37538c2ecf20Sopenharmony_ciint vfs_rmdir(struct inode *dir, struct dentry *dentry) 37548c2ecf20Sopenharmony_ci{ 37558c2ecf20Sopenharmony_ci int error = may_delete(dir, dentry, 1); 37568c2ecf20Sopenharmony_ci 37578c2ecf20Sopenharmony_ci if (error) 37588c2ecf20Sopenharmony_ci return error; 37598c2ecf20Sopenharmony_ci 37608c2ecf20Sopenharmony_ci if (!dir->i_op->rmdir) 37618c2ecf20Sopenharmony_ci return -EPERM; 37628c2ecf20Sopenharmony_ci 37638c2ecf20Sopenharmony_ci dget(dentry); 37648c2ecf20Sopenharmony_ci inode_lock(dentry->d_inode); 37658c2ecf20Sopenharmony_ci 37668c2ecf20Sopenharmony_ci error = -EBUSY; 37678c2ecf20Sopenharmony_ci if (is_local_mountpoint(dentry)) 37688c2ecf20Sopenharmony_ci goto out; 37698c2ecf20Sopenharmony_ci 37708c2ecf20Sopenharmony_ci error = security_inode_rmdir(dir, dentry); 37718c2ecf20Sopenharmony_ci if (error) 37728c2ecf20Sopenharmony_ci goto out; 37738c2ecf20Sopenharmony_ci 37748c2ecf20Sopenharmony_ci error = dir->i_op->rmdir(dir, dentry); 37758c2ecf20Sopenharmony_ci if (error) 37768c2ecf20Sopenharmony_ci goto out; 37778c2ecf20Sopenharmony_ci 37788c2ecf20Sopenharmony_ci shrink_dcache_parent(dentry); 37798c2ecf20Sopenharmony_ci dentry->d_inode->i_flags |= S_DEAD; 37808c2ecf20Sopenharmony_ci dont_mount(dentry); 37818c2ecf20Sopenharmony_ci detach_mounts(dentry); 37828c2ecf20Sopenharmony_ci 37838c2ecf20Sopenharmony_ciout: 37848c2ecf20Sopenharmony_ci inode_unlock(dentry->d_inode); 37858c2ecf20Sopenharmony_ci dput(dentry); 37868c2ecf20Sopenharmony_ci if (!error) 37878c2ecf20Sopenharmony_ci d_delete_notify(dir, dentry); 37888c2ecf20Sopenharmony_ci return error; 37898c2ecf20Sopenharmony_ci} 37908c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_rmdir); 37918c2ecf20Sopenharmony_ci 37928c2ecf20Sopenharmony_cilong do_rmdir(int dfd, struct filename *name) 37938c2ecf20Sopenharmony_ci{ 37948c2ecf20Sopenharmony_ci int error = 0; 37958c2ecf20Sopenharmony_ci struct dentry *dentry; 37968c2ecf20Sopenharmony_ci struct path path; 37978c2ecf20Sopenharmony_ci struct qstr last; 37988c2ecf20Sopenharmony_ci int type; 37998c2ecf20Sopenharmony_ci unsigned int lookup_flags = 0; 38008c2ecf20Sopenharmony_ciretry: 38018c2ecf20Sopenharmony_ci name = filename_parentat(dfd, name, lookup_flags, 38028c2ecf20Sopenharmony_ci &path, &last, &type); 38038c2ecf20Sopenharmony_ci if (IS_ERR(name)) 38048c2ecf20Sopenharmony_ci return PTR_ERR(name); 38058c2ecf20Sopenharmony_ci 38068c2ecf20Sopenharmony_ci switch (type) { 38078c2ecf20Sopenharmony_ci case LAST_DOTDOT: 38088c2ecf20Sopenharmony_ci error = -ENOTEMPTY; 38098c2ecf20Sopenharmony_ci goto exit1; 38108c2ecf20Sopenharmony_ci case LAST_DOT: 38118c2ecf20Sopenharmony_ci error = -EINVAL; 38128c2ecf20Sopenharmony_ci goto exit1; 38138c2ecf20Sopenharmony_ci case LAST_ROOT: 38148c2ecf20Sopenharmony_ci error = -EBUSY; 38158c2ecf20Sopenharmony_ci goto exit1; 38168c2ecf20Sopenharmony_ci } 38178c2ecf20Sopenharmony_ci 38188c2ecf20Sopenharmony_ci error = mnt_want_write(path.mnt); 38198c2ecf20Sopenharmony_ci if (error) 38208c2ecf20Sopenharmony_ci goto exit1; 38218c2ecf20Sopenharmony_ci 38228c2ecf20Sopenharmony_ci inode_lock_nested(path.dentry->d_inode, I_MUTEX_PARENT); 38238c2ecf20Sopenharmony_ci dentry = __lookup_hash(&last, path.dentry, lookup_flags); 38248c2ecf20Sopenharmony_ci error = PTR_ERR(dentry); 38258c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 38268c2ecf20Sopenharmony_ci goto exit2; 38278c2ecf20Sopenharmony_ci if (!dentry->d_inode) { 38288c2ecf20Sopenharmony_ci error = -ENOENT; 38298c2ecf20Sopenharmony_ci goto exit3; 38308c2ecf20Sopenharmony_ci } 38318c2ecf20Sopenharmony_ci error = security_path_rmdir(&path, dentry); 38328c2ecf20Sopenharmony_ci if (error) 38338c2ecf20Sopenharmony_ci goto exit3; 38348c2ecf20Sopenharmony_ci error = vfs_rmdir(path.dentry->d_inode, dentry); 38358c2ecf20Sopenharmony_ciexit3: 38368c2ecf20Sopenharmony_ci dput(dentry); 38378c2ecf20Sopenharmony_ciexit2: 38388c2ecf20Sopenharmony_ci inode_unlock(path.dentry->d_inode); 38398c2ecf20Sopenharmony_ci mnt_drop_write(path.mnt); 38408c2ecf20Sopenharmony_ciexit1: 38418c2ecf20Sopenharmony_ci path_put(&path); 38428c2ecf20Sopenharmony_ci if (retry_estale(error, lookup_flags)) { 38438c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_REVAL; 38448c2ecf20Sopenharmony_ci goto retry; 38458c2ecf20Sopenharmony_ci } 38468c2ecf20Sopenharmony_ci putname(name); 38478c2ecf20Sopenharmony_ci return error; 38488c2ecf20Sopenharmony_ci} 38498c2ecf20Sopenharmony_ci 38508c2ecf20Sopenharmony_ciSYSCALL_DEFINE1(rmdir, const char __user *, pathname) 38518c2ecf20Sopenharmony_ci{ 38528c2ecf20Sopenharmony_ci return do_rmdir(AT_FDCWD, getname(pathname)); 38538c2ecf20Sopenharmony_ci} 38548c2ecf20Sopenharmony_ci 38558c2ecf20Sopenharmony_ci/** 38568c2ecf20Sopenharmony_ci * vfs_unlink - unlink a filesystem object 38578c2ecf20Sopenharmony_ci * @dir: parent directory 38588c2ecf20Sopenharmony_ci * @dentry: victim 38598c2ecf20Sopenharmony_ci * @delegated_inode: returns victim inode, if the inode is delegated. 38608c2ecf20Sopenharmony_ci * 38618c2ecf20Sopenharmony_ci * The caller must hold dir->i_mutex. 38628c2ecf20Sopenharmony_ci * 38638c2ecf20Sopenharmony_ci * If vfs_unlink discovers a delegation, it will return -EWOULDBLOCK and 38648c2ecf20Sopenharmony_ci * return a reference to the inode in delegated_inode. The caller 38658c2ecf20Sopenharmony_ci * should then break the delegation on that inode and retry. Because 38668c2ecf20Sopenharmony_ci * breaking a delegation may take a long time, the caller should drop 38678c2ecf20Sopenharmony_ci * dir->i_mutex before doing so. 38688c2ecf20Sopenharmony_ci * 38698c2ecf20Sopenharmony_ci * Alternatively, a caller may pass NULL for delegated_inode. This may 38708c2ecf20Sopenharmony_ci * be appropriate for callers that expect the underlying filesystem not 38718c2ecf20Sopenharmony_ci * to be NFS exported. 38728c2ecf20Sopenharmony_ci */ 38738c2ecf20Sopenharmony_ciint vfs_unlink(struct inode *dir, struct dentry *dentry, struct inode **delegated_inode) 38748c2ecf20Sopenharmony_ci{ 38758c2ecf20Sopenharmony_ci struct inode *target = dentry->d_inode; 38768c2ecf20Sopenharmony_ci int error = may_delete(dir, dentry, 0); 38778c2ecf20Sopenharmony_ci 38788c2ecf20Sopenharmony_ci if (error) 38798c2ecf20Sopenharmony_ci return error; 38808c2ecf20Sopenharmony_ci 38818c2ecf20Sopenharmony_ci if (!dir->i_op->unlink) 38828c2ecf20Sopenharmony_ci return -EPERM; 38838c2ecf20Sopenharmony_ci 38848c2ecf20Sopenharmony_ci inode_lock(target); 38858c2ecf20Sopenharmony_ci if (is_local_mountpoint(dentry)) 38868c2ecf20Sopenharmony_ci error = -EBUSY; 38878c2ecf20Sopenharmony_ci else { 38888c2ecf20Sopenharmony_ci error = security_inode_unlink(dir, dentry); 38898c2ecf20Sopenharmony_ci if (!error) { 38908c2ecf20Sopenharmony_ci error = try_break_deleg(target, delegated_inode); 38918c2ecf20Sopenharmony_ci if (error) 38928c2ecf20Sopenharmony_ci goto out; 38938c2ecf20Sopenharmony_ci error = dir->i_op->unlink(dir, dentry); 38948c2ecf20Sopenharmony_ci if (!error) { 38958c2ecf20Sopenharmony_ci dont_mount(dentry); 38968c2ecf20Sopenharmony_ci detach_mounts(dentry); 38978c2ecf20Sopenharmony_ci } 38988c2ecf20Sopenharmony_ci } 38998c2ecf20Sopenharmony_ci } 39008c2ecf20Sopenharmony_ciout: 39018c2ecf20Sopenharmony_ci inode_unlock(target); 39028c2ecf20Sopenharmony_ci 39038c2ecf20Sopenharmony_ci /* We don't d_delete() NFS sillyrenamed files--they still exist. */ 39048c2ecf20Sopenharmony_ci if (!error && dentry->d_flags & DCACHE_NFSFS_RENAMED) { 39058c2ecf20Sopenharmony_ci fsnotify_unlink(dir, dentry); 39068c2ecf20Sopenharmony_ci } else if (!error) { 39078c2ecf20Sopenharmony_ci fsnotify_link_count(target); 39088c2ecf20Sopenharmony_ci d_delete_notify(dir, dentry); 39098c2ecf20Sopenharmony_ci } 39108c2ecf20Sopenharmony_ci 39118c2ecf20Sopenharmony_ci return error; 39128c2ecf20Sopenharmony_ci} 39138c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_unlink); 39148c2ecf20Sopenharmony_ci 39158c2ecf20Sopenharmony_ci/* 39168c2ecf20Sopenharmony_ci * Make sure that the actual truncation of the file will occur outside its 39178c2ecf20Sopenharmony_ci * directory's i_mutex. Truncate can take a long time if there is a lot of 39188c2ecf20Sopenharmony_ci * writeout happening, and we don't want to prevent access to the directory 39198c2ecf20Sopenharmony_ci * while waiting on the I/O. 39208c2ecf20Sopenharmony_ci */ 39218c2ecf20Sopenharmony_cilong do_unlinkat(int dfd, struct filename *name) 39228c2ecf20Sopenharmony_ci{ 39238c2ecf20Sopenharmony_ci int error; 39248c2ecf20Sopenharmony_ci struct dentry *dentry; 39258c2ecf20Sopenharmony_ci struct path path; 39268c2ecf20Sopenharmony_ci struct qstr last; 39278c2ecf20Sopenharmony_ci int type; 39288c2ecf20Sopenharmony_ci struct inode *inode = NULL; 39298c2ecf20Sopenharmony_ci struct inode *delegated_inode = NULL; 39308c2ecf20Sopenharmony_ci unsigned int lookup_flags = 0; 39318c2ecf20Sopenharmony_ciretry: 39328c2ecf20Sopenharmony_ci name = filename_parentat(dfd, name, lookup_flags, &path, &last, &type); 39338c2ecf20Sopenharmony_ci if (IS_ERR(name)) 39348c2ecf20Sopenharmony_ci return PTR_ERR(name); 39358c2ecf20Sopenharmony_ci 39368c2ecf20Sopenharmony_ci error = -EISDIR; 39378c2ecf20Sopenharmony_ci if (type != LAST_NORM) 39388c2ecf20Sopenharmony_ci goto exit1; 39398c2ecf20Sopenharmony_ci 39408c2ecf20Sopenharmony_ci error = mnt_want_write(path.mnt); 39418c2ecf20Sopenharmony_ci if (error) 39428c2ecf20Sopenharmony_ci goto exit1; 39438c2ecf20Sopenharmony_ciretry_deleg: 39448c2ecf20Sopenharmony_ci inode_lock_nested(path.dentry->d_inode, I_MUTEX_PARENT); 39458c2ecf20Sopenharmony_ci dentry = __lookup_hash(&last, path.dentry, lookup_flags); 39468c2ecf20Sopenharmony_ci error = PTR_ERR(dentry); 39478c2ecf20Sopenharmony_ci if (!IS_ERR(dentry)) { 39488c2ecf20Sopenharmony_ci /* Why not before? Because we want correct error value */ 39498c2ecf20Sopenharmony_ci if (last.name[last.len]) 39508c2ecf20Sopenharmony_ci goto slashes; 39518c2ecf20Sopenharmony_ci inode = dentry->d_inode; 39528c2ecf20Sopenharmony_ci if (d_is_negative(dentry)) 39538c2ecf20Sopenharmony_ci goto slashes; 39548c2ecf20Sopenharmony_ci ihold(inode); 39558c2ecf20Sopenharmony_ci error = security_path_unlink(&path, dentry); 39568c2ecf20Sopenharmony_ci if (error) 39578c2ecf20Sopenharmony_ci goto exit2; 39588c2ecf20Sopenharmony_ci error = vfs_unlink(path.dentry->d_inode, dentry, &delegated_inode); 39598c2ecf20Sopenharmony_ciexit2: 39608c2ecf20Sopenharmony_ci dput(dentry); 39618c2ecf20Sopenharmony_ci } 39628c2ecf20Sopenharmony_ci inode_unlock(path.dentry->d_inode); 39638c2ecf20Sopenharmony_ci if (inode) 39648c2ecf20Sopenharmony_ci iput(inode); /* truncate the inode here */ 39658c2ecf20Sopenharmony_ci inode = NULL; 39668c2ecf20Sopenharmony_ci if (delegated_inode) { 39678c2ecf20Sopenharmony_ci error = break_deleg_wait(&delegated_inode); 39688c2ecf20Sopenharmony_ci if (!error) 39698c2ecf20Sopenharmony_ci goto retry_deleg; 39708c2ecf20Sopenharmony_ci } 39718c2ecf20Sopenharmony_ci mnt_drop_write(path.mnt); 39728c2ecf20Sopenharmony_ciexit1: 39738c2ecf20Sopenharmony_ci path_put(&path); 39748c2ecf20Sopenharmony_ci if (retry_estale(error, lookup_flags)) { 39758c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_REVAL; 39768c2ecf20Sopenharmony_ci inode = NULL; 39778c2ecf20Sopenharmony_ci goto retry; 39788c2ecf20Sopenharmony_ci } 39798c2ecf20Sopenharmony_ci putname(name); 39808c2ecf20Sopenharmony_ci return error; 39818c2ecf20Sopenharmony_ci 39828c2ecf20Sopenharmony_cislashes: 39838c2ecf20Sopenharmony_ci if (d_is_negative(dentry)) 39848c2ecf20Sopenharmony_ci error = -ENOENT; 39858c2ecf20Sopenharmony_ci else if (d_is_dir(dentry)) 39868c2ecf20Sopenharmony_ci error = -EISDIR; 39878c2ecf20Sopenharmony_ci else 39888c2ecf20Sopenharmony_ci error = -ENOTDIR; 39898c2ecf20Sopenharmony_ci goto exit2; 39908c2ecf20Sopenharmony_ci} 39918c2ecf20Sopenharmony_ci 39928c2ecf20Sopenharmony_ciSYSCALL_DEFINE3(unlinkat, int, dfd, const char __user *, pathname, int, flag) 39938c2ecf20Sopenharmony_ci{ 39948c2ecf20Sopenharmony_ci if ((flag & ~AT_REMOVEDIR) != 0) 39958c2ecf20Sopenharmony_ci return -EINVAL; 39968c2ecf20Sopenharmony_ci 39978c2ecf20Sopenharmony_ci if (flag & AT_REMOVEDIR) 39988c2ecf20Sopenharmony_ci return do_rmdir(dfd, getname(pathname)); 39998c2ecf20Sopenharmony_ci return do_unlinkat(dfd, getname(pathname)); 40008c2ecf20Sopenharmony_ci} 40018c2ecf20Sopenharmony_ci 40028c2ecf20Sopenharmony_ciSYSCALL_DEFINE1(unlink, const char __user *, pathname) 40038c2ecf20Sopenharmony_ci{ 40048c2ecf20Sopenharmony_ci return do_unlinkat(AT_FDCWD, getname(pathname)); 40058c2ecf20Sopenharmony_ci} 40068c2ecf20Sopenharmony_ci 40078c2ecf20Sopenharmony_ciint vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname) 40088c2ecf20Sopenharmony_ci{ 40098c2ecf20Sopenharmony_ci int error = may_create(dir, dentry); 40108c2ecf20Sopenharmony_ci 40118c2ecf20Sopenharmony_ci if (error) 40128c2ecf20Sopenharmony_ci return error; 40138c2ecf20Sopenharmony_ci 40148c2ecf20Sopenharmony_ci if (!dir->i_op->symlink) 40158c2ecf20Sopenharmony_ci return -EPERM; 40168c2ecf20Sopenharmony_ci 40178c2ecf20Sopenharmony_ci error = security_inode_symlink(dir, dentry, oldname); 40188c2ecf20Sopenharmony_ci if (error) 40198c2ecf20Sopenharmony_ci return error; 40208c2ecf20Sopenharmony_ci 40218c2ecf20Sopenharmony_ci error = dir->i_op->symlink(dir, dentry, oldname); 40228c2ecf20Sopenharmony_ci if (!error) 40238c2ecf20Sopenharmony_ci fsnotify_create(dir, dentry); 40248c2ecf20Sopenharmony_ci return error; 40258c2ecf20Sopenharmony_ci} 40268c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_symlink); 40278c2ecf20Sopenharmony_ci 40288c2ecf20Sopenharmony_cistatic long do_symlinkat(const char __user *oldname, int newdfd, 40298c2ecf20Sopenharmony_ci const char __user *newname) 40308c2ecf20Sopenharmony_ci{ 40318c2ecf20Sopenharmony_ci int error; 40328c2ecf20Sopenharmony_ci struct filename *from; 40338c2ecf20Sopenharmony_ci struct dentry *dentry; 40348c2ecf20Sopenharmony_ci struct path path; 40358c2ecf20Sopenharmony_ci unsigned int lookup_flags = 0; 40368c2ecf20Sopenharmony_ci 40378c2ecf20Sopenharmony_ci from = getname(oldname); 40388c2ecf20Sopenharmony_ci if (IS_ERR(from)) 40398c2ecf20Sopenharmony_ci return PTR_ERR(from); 40408c2ecf20Sopenharmony_ciretry: 40418c2ecf20Sopenharmony_ci dentry = user_path_create(newdfd, newname, &path, lookup_flags); 40428c2ecf20Sopenharmony_ci error = PTR_ERR(dentry); 40438c2ecf20Sopenharmony_ci if (IS_ERR(dentry)) 40448c2ecf20Sopenharmony_ci goto out_putname; 40458c2ecf20Sopenharmony_ci 40468c2ecf20Sopenharmony_ci error = security_path_symlink(&path, dentry, from->name); 40478c2ecf20Sopenharmony_ci if (!error) 40488c2ecf20Sopenharmony_ci error = vfs_symlink(path.dentry->d_inode, dentry, from->name); 40498c2ecf20Sopenharmony_ci done_path_create(&path, dentry); 40508c2ecf20Sopenharmony_ci if (retry_estale(error, lookup_flags)) { 40518c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_REVAL; 40528c2ecf20Sopenharmony_ci goto retry; 40538c2ecf20Sopenharmony_ci } 40548c2ecf20Sopenharmony_ciout_putname: 40558c2ecf20Sopenharmony_ci putname(from); 40568c2ecf20Sopenharmony_ci return error; 40578c2ecf20Sopenharmony_ci} 40588c2ecf20Sopenharmony_ci 40598c2ecf20Sopenharmony_ciSYSCALL_DEFINE3(symlinkat, const char __user *, oldname, 40608c2ecf20Sopenharmony_ci int, newdfd, const char __user *, newname) 40618c2ecf20Sopenharmony_ci{ 40628c2ecf20Sopenharmony_ci return do_symlinkat(oldname, newdfd, newname); 40638c2ecf20Sopenharmony_ci} 40648c2ecf20Sopenharmony_ci 40658c2ecf20Sopenharmony_ciSYSCALL_DEFINE2(symlink, const char __user *, oldname, const char __user *, newname) 40668c2ecf20Sopenharmony_ci{ 40678c2ecf20Sopenharmony_ci return do_symlinkat(oldname, AT_FDCWD, newname); 40688c2ecf20Sopenharmony_ci} 40698c2ecf20Sopenharmony_ci 40708c2ecf20Sopenharmony_ci/** 40718c2ecf20Sopenharmony_ci * vfs_link - create a new link 40728c2ecf20Sopenharmony_ci * @old_dentry: object to be linked 40738c2ecf20Sopenharmony_ci * @dir: new parent 40748c2ecf20Sopenharmony_ci * @new_dentry: where to create the new link 40758c2ecf20Sopenharmony_ci * @delegated_inode: returns inode needing a delegation break 40768c2ecf20Sopenharmony_ci * 40778c2ecf20Sopenharmony_ci * The caller must hold dir->i_mutex 40788c2ecf20Sopenharmony_ci * 40798c2ecf20Sopenharmony_ci * If vfs_link discovers a delegation on the to-be-linked file in need 40808c2ecf20Sopenharmony_ci * of breaking, it will return -EWOULDBLOCK and return a reference to the 40818c2ecf20Sopenharmony_ci * inode in delegated_inode. The caller should then break the delegation 40828c2ecf20Sopenharmony_ci * and retry. Because breaking a delegation may take a long time, the 40838c2ecf20Sopenharmony_ci * caller should drop the i_mutex before doing so. 40848c2ecf20Sopenharmony_ci * 40858c2ecf20Sopenharmony_ci * Alternatively, a caller may pass NULL for delegated_inode. This may 40868c2ecf20Sopenharmony_ci * be appropriate for callers that expect the underlying filesystem not 40878c2ecf20Sopenharmony_ci * to be NFS exported. 40888c2ecf20Sopenharmony_ci */ 40898c2ecf20Sopenharmony_ciint vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry, struct inode **delegated_inode) 40908c2ecf20Sopenharmony_ci{ 40918c2ecf20Sopenharmony_ci struct inode *inode = old_dentry->d_inode; 40928c2ecf20Sopenharmony_ci unsigned max_links = dir->i_sb->s_max_links; 40938c2ecf20Sopenharmony_ci int error; 40948c2ecf20Sopenharmony_ci 40958c2ecf20Sopenharmony_ci if (!inode) 40968c2ecf20Sopenharmony_ci return -ENOENT; 40978c2ecf20Sopenharmony_ci 40988c2ecf20Sopenharmony_ci error = may_create(dir, new_dentry); 40998c2ecf20Sopenharmony_ci if (error) 41008c2ecf20Sopenharmony_ci return error; 41018c2ecf20Sopenharmony_ci 41028c2ecf20Sopenharmony_ci if (dir->i_sb != inode->i_sb) 41038c2ecf20Sopenharmony_ci return -EXDEV; 41048c2ecf20Sopenharmony_ci 41058c2ecf20Sopenharmony_ci /* 41068c2ecf20Sopenharmony_ci * A link to an append-only or immutable file cannot be created. 41078c2ecf20Sopenharmony_ci */ 41088c2ecf20Sopenharmony_ci if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) 41098c2ecf20Sopenharmony_ci return -EPERM; 41108c2ecf20Sopenharmony_ci /* 41118c2ecf20Sopenharmony_ci * Updating the link count will likely cause i_uid and i_gid to 41128c2ecf20Sopenharmony_ci * be writen back improperly if their true value is unknown to 41138c2ecf20Sopenharmony_ci * the vfs. 41148c2ecf20Sopenharmony_ci */ 41158c2ecf20Sopenharmony_ci if (HAS_UNMAPPED_ID(inode)) 41168c2ecf20Sopenharmony_ci return -EPERM; 41178c2ecf20Sopenharmony_ci if (!dir->i_op->link) 41188c2ecf20Sopenharmony_ci return -EPERM; 41198c2ecf20Sopenharmony_ci if (S_ISDIR(inode->i_mode)) 41208c2ecf20Sopenharmony_ci return -EPERM; 41218c2ecf20Sopenharmony_ci 41228c2ecf20Sopenharmony_ci error = security_inode_link(old_dentry, dir, new_dentry); 41238c2ecf20Sopenharmony_ci if (error) 41248c2ecf20Sopenharmony_ci return error; 41258c2ecf20Sopenharmony_ci 41268c2ecf20Sopenharmony_ci inode_lock(inode); 41278c2ecf20Sopenharmony_ci /* Make sure we don't allow creating hardlink to an unlinked file */ 41288c2ecf20Sopenharmony_ci if (inode->i_nlink == 0 && !(inode->i_state & I_LINKABLE)) 41298c2ecf20Sopenharmony_ci error = -ENOENT; 41308c2ecf20Sopenharmony_ci else if (max_links && inode->i_nlink >= max_links) 41318c2ecf20Sopenharmony_ci error = -EMLINK; 41328c2ecf20Sopenharmony_ci else { 41338c2ecf20Sopenharmony_ci error = try_break_deleg(inode, delegated_inode); 41348c2ecf20Sopenharmony_ci if (!error) 41358c2ecf20Sopenharmony_ci error = dir->i_op->link(old_dentry, dir, new_dentry); 41368c2ecf20Sopenharmony_ci } 41378c2ecf20Sopenharmony_ci 41388c2ecf20Sopenharmony_ci if (!error && (inode->i_state & I_LINKABLE)) { 41398c2ecf20Sopenharmony_ci spin_lock(&inode->i_lock); 41408c2ecf20Sopenharmony_ci inode->i_state &= ~I_LINKABLE; 41418c2ecf20Sopenharmony_ci spin_unlock(&inode->i_lock); 41428c2ecf20Sopenharmony_ci } 41438c2ecf20Sopenharmony_ci inode_unlock(inode); 41448c2ecf20Sopenharmony_ci if (!error) 41458c2ecf20Sopenharmony_ci fsnotify_link(dir, inode, new_dentry); 41468c2ecf20Sopenharmony_ci return error; 41478c2ecf20Sopenharmony_ci} 41488c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_link); 41498c2ecf20Sopenharmony_ci 41508c2ecf20Sopenharmony_ci/* 41518c2ecf20Sopenharmony_ci * Hardlinks are often used in delicate situations. We avoid 41528c2ecf20Sopenharmony_ci * security-related surprises by not following symlinks on the 41538c2ecf20Sopenharmony_ci * newname. --KAB 41548c2ecf20Sopenharmony_ci * 41558c2ecf20Sopenharmony_ci * We don't follow them on the oldname either to be compatible 41568c2ecf20Sopenharmony_ci * with linux 2.0, and to avoid hard-linking to directories 41578c2ecf20Sopenharmony_ci * and other special files. --ADM 41588c2ecf20Sopenharmony_ci */ 41598c2ecf20Sopenharmony_cistatic int do_linkat(int olddfd, const char __user *oldname, int newdfd, 41608c2ecf20Sopenharmony_ci const char __user *newname, int flags) 41618c2ecf20Sopenharmony_ci{ 41628c2ecf20Sopenharmony_ci struct dentry *new_dentry; 41638c2ecf20Sopenharmony_ci struct path old_path, new_path; 41648c2ecf20Sopenharmony_ci struct inode *delegated_inode = NULL; 41658c2ecf20Sopenharmony_ci int how = 0; 41668c2ecf20Sopenharmony_ci int error; 41678c2ecf20Sopenharmony_ci 41688c2ecf20Sopenharmony_ci if ((flags & ~(AT_SYMLINK_FOLLOW | AT_EMPTY_PATH)) != 0) 41698c2ecf20Sopenharmony_ci return -EINVAL; 41708c2ecf20Sopenharmony_ci /* 41718c2ecf20Sopenharmony_ci * To use null names we require CAP_DAC_READ_SEARCH 41728c2ecf20Sopenharmony_ci * This ensures that not everyone will be able to create 41738c2ecf20Sopenharmony_ci * handlink using the passed filedescriptor. 41748c2ecf20Sopenharmony_ci */ 41758c2ecf20Sopenharmony_ci if (flags & AT_EMPTY_PATH) { 41768c2ecf20Sopenharmony_ci if (!capable(CAP_DAC_READ_SEARCH)) 41778c2ecf20Sopenharmony_ci return -ENOENT; 41788c2ecf20Sopenharmony_ci how = LOOKUP_EMPTY; 41798c2ecf20Sopenharmony_ci } 41808c2ecf20Sopenharmony_ci 41818c2ecf20Sopenharmony_ci if (flags & AT_SYMLINK_FOLLOW) 41828c2ecf20Sopenharmony_ci how |= LOOKUP_FOLLOW; 41838c2ecf20Sopenharmony_ciretry: 41848c2ecf20Sopenharmony_ci error = user_path_at(olddfd, oldname, how, &old_path); 41858c2ecf20Sopenharmony_ci if (error) 41868c2ecf20Sopenharmony_ci return error; 41878c2ecf20Sopenharmony_ci 41888c2ecf20Sopenharmony_ci new_dentry = user_path_create(newdfd, newname, &new_path, 41898c2ecf20Sopenharmony_ci (how & LOOKUP_REVAL)); 41908c2ecf20Sopenharmony_ci error = PTR_ERR(new_dentry); 41918c2ecf20Sopenharmony_ci if (IS_ERR(new_dentry)) 41928c2ecf20Sopenharmony_ci goto out; 41938c2ecf20Sopenharmony_ci 41948c2ecf20Sopenharmony_ci error = -EXDEV; 41958c2ecf20Sopenharmony_ci if (old_path.mnt != new_path.mnt) 41968c2ecf20Sopenharmony_ci goto out_dput; 41978c2ecf20Sopenharmony_ci error = may_linkat(&old_path); 41988c2ecf20Sopenharmony_ci if (unlikely(error)) 41998c2ecf20Sopenharmony_ci goto out_dput; 42008c2ecf20Sopenharmony_ci error = security_path_link(old_path.dentry, &new_path, new_dentry); 42018c2ecf20Sopenharmony_ci if (error) 42028c2ecf20Sopenharmony_ci goto out_dput; 42038c2ecf20Sopenharmony_ci error = vfs_link(old_path.dentry, new_path.dentry->d_inode, new_dentry, &delegated_inode); 42048c2ecf20Sopenharmony_ciout_dput: 42058c2ecf20Sopenharmony_ci done_path_create(&new_path, new_dentry); 42068c2ecf20Sopenharmony_ci if (delegated_inode) { 42078c2ecf20Sopenharmony_ci error = break_deleg_wait(&delegated_inode); 42088c2ecf20Sopenharmony_ci if (!error) { 42098c2ecf20Sopenharmony_ci path_put(&old_path); 42108c2ecf20Sopenharmony_ci goto retry; 42118c2ecf20Sopenharmony_ci } 42128c2ecf20Sopenharmony_ci } 42138c2ecf20Sopenharmony_ci if (retry_estale(error, how)) { 42148c2ecf20Sopenharmony_ci path_put(&old_path); 42158c2ecf20Sopenharmony_ci how |= LOOKUP_REVAL; 42168c2ecf20Sopenharmony_ci goto retry; 42178c2ecf20Sopenharmony_ci } 42188c2ecf20Sopenharmony_ciout: 42198c2ecf20Sopenharmony_ci path_put(&old_path); 42208c2ecf20Sopenharmony_ci 42218c2ecf20Sopenharmony_ci return error; 42228c2ecf20Sopenharmony_ci} 42238c2ecf20Sopenharmony_ci 42248c2ecf20Sopenharmony_ciSYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, 42258c2ecf20Sopenharmony_ci int, newdfd, const char __user *, newname, int, flags) 42268c2ecf20Sopenharmony_ci{ 42278c2ecf20Sopenharmony_ci return do_linkat(olddfd, oldname, newdfd, newname, flags); 42288c2ecf20Sopenharmony_ci} 42298c2ecf20Sopenharmony_ci 42308c2ecf20Sopenharmony_ciSYSCALL_DEFINE2(link, const char __user *, oldname, const char __user *, newname) 42318c2ecf20Sopenharmony_ci{ 42328c2ecf20Sopenharmony_ci return do_linkat(AT_FDCWD, oldname, AT_FDCWD, newname, 0); 42338c2ecf20Sopenharmony_ci} 42348c2ecf20Sopenharmony_ci 42358c2ecf20Sopenharmony_ci/** 42368c2ecf20Sopenharmony_ci * vfs_rename - rename a filesystem object 42378c2ecf20Sopenharmony_ci * @old_dir: parent of source 42388c2ecf20Sopenharmony_ci * @old_dentry: source 42398c2ecf20Sopenharmony_ci * @new_dir: parent of destination 42408c2ecf20Sopenharmony_ci * @new_dentry: destination 42418c2ecf20Sopenharmony_ci * @delegated_inode: returns an inode needing a delegation break 42428c2ecf20Sopenharmony_ci * @flags: rename flags 42438c2ecf20Sopenharmony_ci * 42448c2ecf20Sopenharmony_ci * The caller must hold multiple mutexes--see lock_rename()). 42458c2ecf20Sopenharmony_ci * 42468c2ecf20Sopenharmony_ci * If vfs_rename discovers a delegation in need of breaking at either 42478c2ecf20Sopenharmony_ci * the source or destination, it will return -EWOULDBLOCK and return a 42488c2ecf20Sopenharmony_ci * reference to the inode in delegated_inode. The caller should then 42498c2ecf20Sopenharmony_ci * break the delegation and retry. Because breaking a delegation may 42508c2ecf20Sopenharmony_ci * take a long time, the caller should drop all locks before doing 42518c2ecf20Sopenharmony_ci * so. 42528c2ecf20Sopenharmony_ci * 42538c2ecf20Sopenharmony_ci * Alternatively, a caller may pass NULL for delegated_inode. This may 42548c2ecf20Sopenharmony_ci * be appropriate for callers that expect the underlying filesystem not 42558c2ecf20Sopenharmony_ci * to be NFS exported. 42568c2ecf20Sopenharmony_ci * 42578c2ecf20Sopenharmony_ci * The worst of all namespace operations - renaming directory. "Perverted" 42588c2ecf20Sopenharmony_ci * doesn't even start to describe it. Somebody in UCB had a heck of a trip... 42598c2ecf20Sopenharmony_ci * Problems: 42608c2ecf20Sopenharmony_ci * 42618c2ecf20Sopenharmony_ci * a) we can get into loop creation. 42628c2ecf20Sopenharmony_ci * b) race potential - two innocent renames can create a loop together. 42638c2ecf20Sopenharmony_ci * That's where 4.4BSD screws up. Current fix: serialization on 42648c2ecf20Sopenharmony_ci * sb->s_vfs_rename_mutex. We might be more accurate, but that's another 42658c2ecf20Sopenharmony_ci * story. 42668c2ecf20Sopenharmony_ci * c) we may have to lock up to _four_ objects - parents and victim (if it exists), 42678c2ecf20Sopenharmony_ci * and source (if it's a non-directory or a subdirectory that moves to 42688c2ecf20Sopenharmony_ci * different parent). 42698c2ecf20Sopenharmony_ci * And that - after we got ->i_mutex on parents (until then we don't know 42708c2ecf20Sopenharmony_ci * whether the target exists). Solution: try to be smart with locking 42718c2ecf20Sopenharmony_ci * order for inodes. We rely on the fact that tree topology may change 42728c2ecf20Sopenharmony_ci * only under ->s_vfs_rename_mutex _and_ that parent of the object we 42738c2ecf20Sopenharmony_ci * move will be locked. Thus we can rank directories by the tree 42748c2ecf20Sopenharmony_ci * (ancestors first) and rank all non-directories after them. 42758c2ecf20Sopenharmony_ci * That works since everybody except rename does "lock parent, lookup, 42768c2ecf20Sopenharmony_ci * lock child" and rename is under ->s_vfs_rename_mutex. 42778c2ecf20Sopenharmony_ci * HOWEVER, it relies on the assumption that any object with ->lookup() 42788c2ecf20Sopenharmony_ci * has no more than 1 dentry. If "hybrid" objects will ever appear, 42798c2ecf20Sopenharmony_ci * we'd better make sure that there's no link(2) for them. 42808c2ecf20Sopenharmony_ci * d) conversion from fhandle to dentry may come in the wrong moment - when 42818c2ecf20Sopenharmony_ci * we are removing the target. Solution: we will have to grab ->i_mutex 42828c2ecf20Sopenharmony_ci * in the fhandle_to_dentry code. [FIXME - current nfsfh.c relies on 42838c2ecf20Sopenharmony_ci * ->i_mutex on parents, which works but leads to some truly excessive 42848c2ecf20Sopenharmony_ci * locking]. 42858c2ecf20Sopenharmony_ci */ 42868c2ecf20Sopenharmony_ciint vfs_rename(struct inode *old_dir, struct dentry *old_dentry, 42878c2ecf20Sopenharmony_ci struct inode *new_dir, struct dentry *new_dentry, 42888c2ecf20Sopenharmony_ci struct inode **delegated_inode, unsigned int flags) 42898c2ecf20Sopenharmony_ci{ 42908c2ecf20Sopenharmony_ci int error; 42918c2ecf20Sopenharmony_ci bool is_dir = d_is_dir(old_dentry); 42928c2ecf20Sopenharmony_ci struct inode *source = old_dentry->d_inode; 42938c2ecf20Sopenharmony_ci struct inode *target = new_dentry->d_inode; 42948c2ecf20Sopenharmony_ci bool new_is_dir = false; 42958c2ecf20Sopenharmony_ci unsigned max_links = new_dir->i_sb->s_max_links; 42968c2ecf20Sopenharmony_ci struct name_snapshot old_name; 42978c2ecf20Sopenharmony_ci bool lock_old_subdir, lock_new_subdir; 42988c2ecf20Sopenharmony_ci 42998c2ecf20Sopenharmony_ci if (source == target) 43008c2ecf20Sopenharmony_ci return 0; 43018c2ecf20Sopenharmony_ci 43028c2ecf20Sopenharmony_ci error = may_delete(old_dir, old_dentry, is_dir); 43038c2ecf20Sopenharmony_ci if (error) 43048c2ecf20Sopenharmony_ci return error; 43058c2ecf20Sopenharmony_ci 43068c2ecf20Sopenharmony_ci if (!target) { 43078c2ecf20Sopenharmony_ci error = may_create(new_dir, new_dentry); 43088c2ecf20Sopenharmony_ci } else { 43098c2ecf20Sopenharmony_ci new_is_dir = d_is_dir(new_dentry); 43108c2ecf20Sopenharmony_ci 43118c2ecf20Sopenharmony_ci if (!(flags & RENAME_EXCHANGE)) 43128c2ecf20Sopenharmony_ci error = may_delete(new_dir, new_dentry, is_dir); 43138c2ecf20Sopenharmony_ci else 43148c2ecf20Sopenharmony_ci error = may_delete(new_dir, new_dentry, new_is_dir); 43158c2ecf20Sopenharmony_ci } 43168c2ecf20Sopenharmony_ci if (error) 43178c2ecf20Sopenharmony_ci return error; 43188c2ecf20Sopenharmony_ci 43198c2ecf20Sopenharmony_ci if (!old_dir->i_op->rename) 43208c2ecf20Sopenharmony_ci return -EPERM; 43218c2ecf20Sopenharmony_ci 43228c2ecf20Sopenharmony_ci /* 43238c2ecf20Sopenharmony_ci * If we are going to change the parent - check write permissions, 43248c2ecf20Sopenharmony_ci * we'll need to flip '..'. 43258c2ecf20Sopenharmony_ci */ 43268c2ecf20Sopenharmony_ci if (new_dir != old_dir) { 43278c2ecf20Sopenharmony_ci if (is_dir) { 43288c2ecf20Sopenharmony_ci error = inode_permission(source, MAY_WRITE); 43298c2ecf20Sopenharmony_ci if (error) 43308c2ecf20Sopenharmony_ci return error; 43318c2ecf20Sopenharmony_ci } 43328c2ecf20Sopenharmony_ci if ((flags & RENAME_EXCHANGE) && new_is_dir) { 43338c2ecf20Sopenharmony_ci error = inode_permission(target, MAY_WRITE); 43348c2ecf20Sopenharmony_ci if (error) 43358c2ecf20Sopenharmony_ci return error; 43368c2ecf20Sopenharmony_ci } 43378c2ecf20Sopenharmony_ci } 43388c2ecf20Sopenharmony_ci 43398c2ecf20Sopenharmony_ci error = security_inode_rename(old_dir, old_dentry, new_dir, new_dentry, 43408c2ecf20Sopenharmony_ci flags); 43418c2ecf20Sopenharmony_ci if (error) 43428c2ecf20Sopenharmony_ci return error; 43438c2ecf20Sopenharmony_ci 43448c2ecf20Sopenharmony_ci take_dentry_name_snapshot(&old_name, old_dentry); 43458c2ecf20Sopenharmony_ci dget(new_dentry); 43468c2ecf20Sopenharmony_ci /* 43478c2ecf20Sopenharmony_ci * Lock children. 43488c2ecf20Sopenharmony_ci * The source subdirectory needs to be locked on cross-directory 43498c2ecf20Sopenharmony_ci * rename or cross-directory exchange since its parent changes. 43508c2ecf20Sopenharmony_ci * The target subdirectory needs to be locked on cross-directory 43518c2ecf20Sopenharmony_ci * exchange due to parent change and on any rename due to becoming 43528c2ecf20Sopenharmony_ci * a victim. 43538c2ecf20Sopenharmony_ci * Non-directories need locking in all cases (for NFS reasons); 43548c2ecf20Sopenharmony_ci * they get locked after any subdirectories (in inode address order). 43558c2ecf20Sopenharmony_ci * 43568c2ecf20Sopenharmony_ci * NOTE: WE ONLY LOCK UNRELATED DIRECTORIES IN CROSS-DIRECTORY CASE. 43578c2ecf20Sopenharmony_ci * NEVER, EVER DO THAT WITHOUT ->s_vfs_rename_mutex. 43588c2ecf20Sopenharmony_ci */ 43598c2ecf20Sopenharmony_ci lock_old_subdir = new_dir != old_dir; 43608c2ecf20Sopenharmony_ci lock_new_subdir = new_dir != old_dir || !(flags & RENAME_EXCHANGE); 43618c2ecf20Sopenharmony_ci if (is_dir) { 43628c2ecf20Sopenharmony_ci if (lock_old_subdir) 43638c2ecf20Sopenharmony_ci inode_lock_nested(source, I_MUTEX_CHILD); 43648c2ecf20Sopenharmony_ci if (target && (!new_is_dir || lock_new_subdir)) 43658c2ecf20Sopenharmony_ci inode_lock(target); 43668c2ecf20Sopenharmony_ci } else if (new_is_dir) { 43678c2ecf20Sopenharmony_ci if (lock_new_subdir) 43688c2ecf20Sopenharmony_ci inode_lock_nested(target, I_MUTEX_CHILD); 43698c2ecf20Sopenharmony_ci inode_lock(source); 43708c2ecf20Sopenharmony_ci } else { 43718c2ecf20Sopenharmony_ci lock_two_nondirectories(source, target); 43728c2ecf20Sopenharmony_ci } 43738c2ecf20Sopenharmony_ci 43748c2ecf20Sopenharmony_ci error = -EBUSY; 43758c2ecf20Sopenharmony_ci if (is_local_mountpoint(old_dentry) || is_local_mountpoint(new_dentry)) 43768c2ecf20Sopenharmony_ci goto out; 43778c2ecf20Sopenharmony_ci 43788c2ecf20Sopenharmony_ci if (max_links && new_dir != old_dir) { 43798c2ecf20Sopenharmony_ci error = -EMLINK; 43808c2ecf20Sopenharmony_ci if (is_dir && !new_is_dir && new_dir->i_nlink >= max_links) 43818c2ecf20Sopenharmony_ci goto out; 43828c2ecf20Sopenharmony_ci if ((flags & RENAME_EXCHANGE) && !is_dir && new_is_dir && 43838c2ecf20Sopenharmony_ci old_dir->i_nlink >= max_links) 43848c2ecf20Sopenharmony_ci goto out; 43858c2ecf20Sopenharmony_ci } 43868c2ecf20Sopenharmony_ci if (!is_dir) { 43878c2ecf20Sopenharmony_ci error = try_break_deleg(source, delegated_inode); 43888c2ecf20Sopenharmony_ci if (error) 43898c2ecf20Sopenharmony_ci goto out; 43908c2ecf20Sopenharmony_ci } 43918c2ecf20Sopenharmony_ci if (target && !new_is_dir) { 43928c2ecf20Sopenharmony_ci error = try_break_deleg(target, delegated_inode); 43938c2ecf20Sopenharmony_ci if (error) 43948c2ecf20Sopenharmony_ci goto out; 43958c2ecf20Sopenharmony_ci } 43968c2ecf20Sopenharmony_ci error = old_dir->i_op->rename(old_dir, old_dentry, 43978c2ecf20Sopenharmony_ci new_dir, new_dentry, flags); 43988c2ecf20Sopenharmony_ci if (error) 43998c2ecf20Sopenharmony_ci goto out; 44008c2ecf20Sopenharmony_ci 44018c2ecf20Sopenharmony_ci if (!(flags & RENAME_EXCHANGE) && target) { 44028c2ecf20Sopenharmony_ci if (is_dir) { 44038c2ecf20Sopenharmony_ci shrink_dcache_parent(new_dentry); 44048c2ecf20Sopenharmony_ci target->i_flags |= S_DEAD; 44058c2ecf20Sopenharmony_ci } 44068c2ecf20Sopenharmony_ci dont_mount(new_dentry); 44078c2ecf20Sopenharmony_ci detach_mounts(new_dentry); 44088c2ecf20Sopenharmony_ci } 44098c2ecf20Sopenharmony_ci if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) { 44108c2ecf20Sopenharmony_ci if (!(flags & RENAME_EXCHANGE)) 44118c2ecf20Sopenharmony_ci d_move(old_dentry, new_dentry); 44128c2ecf20Sopenharmony_ci else 44138c2ecf20Sopenharmony_ci d_exchange(old_dentry, new_dentry); 44148c2ecf20Sopenharmony_ci } 44158c2ecf20Sopenharmony_ciout: 44168c2ecf20Sopenharmony_ci if (!is_dir || lock_old_subdir) 44178c2ecf20Sopenharmony_ci inode_unlock(source); 44188c2ecf20Sopenharmony_ci if (target && (!new_is_dir || lock_new_subdir)) 44198c2ecf20Sopenharmony_ci inode_unlock(target); 44208c2ecf20Sopenharmony_ci dput(new_dentry); 44218c2ecf20Sopenharmony_ci if (!error) { 44228c2ecf20Sopenharmony_ci fsnotify_move(old_dir, new_dir, &old_name.name, is_dir, 44238c2ecf20Sopenharmony_ci !(flags & RENAME_EXCHANGE) ? target : NULL, old_dentry); 44248c2ecf20Sopenharmony_ci if (flags & RENAME_EXCHANGE) { 44258c2ecf20Sopenharmony_ci fsnotify_move(new_dir, old_dir, &old_dentry->d_name, 44268c2ecf20Sopenharmony_ci new_is_dir, NULL, new_dentry); 44278c2ecf20Sopenharmony_ci } 44288c2ecf20Sopenharmony_ci } 44298c2ecf20Sopenharmony_ci release_dentry_name_snapshot(&old_name); 44308c2ecf20Sopenharmony_ci 44318c2ecf20Sopenharmony_ci return error; 44328c2ecf20Sopenharmony_ci} 44338c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_rename); 44348c2ecf20Sopenharmony_ci 44358c2ecf20Sopenharmony_ciint do_renameat2(int olddfd, struct filename *from, int newdfd, 44368c2ecf20Sopenharmony_ci struct filename *to, unsigned int flags) 44378c2ecf20Sopenharmony_ci{ 44388c2ecf20Sopenharmony_ci struct dentry *old_dentry, *new_dentry; 44398c2ecf20Sopenharmony_ci struct dentry *trap; 44408c2ecf20Sopenharmony_ci struct path old_path, new_path; 44418c2ecf20Sopenharmony_ci struct qstr old_last, new_last; 44428c2ecf20Sopenharmony_ci int old_type, new_type; 44438c2ecf20Sopenharmony_ci struct inode *delegated_inode = NULL; 44448c2ecf20Sopenharmony_ci unsigned int lookup_flags = 0, target_flags = LOOKUP_RENAME_TARGET; 44458c2ecf20Sopenharmony_ci bool should_retry = false; 44468c2ecf20Sopenharmony_ci int error = -EINVAL; 44478c2ecf20Sopenharmony_ci 44488c2ecf20Sopenharmony_ci if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 44498c2ecf20Sopenharmony_ci goto put_both; 44508c2ecf20Sopenharmony_ci 44518c2ecf20Sopenharmony_ci if ((flags & (RENAME_NOREPLACE | RENAME_WHITEOUT)) && 44528c2ecf20Sopenharmony_ci (flags & RENAME_EXCHANGE)) 44538c2ecf20Sopenharmony_ci goto put_both; 44548c2ecf20Sopenharmony_ci 44558c2ecf20Sopenharmony_ci if (flags & RENAME_EXCHANGE) 44568c2ecf20Sopenharmony_ci target_flags = 0; 44578c2ecf20Sopenharmony_ci 44588c2ecf20Sopenharmony_ciretry: 44598c2ecf20Sopenharmony_ci from = filename_parentat(olddfd, from, lookup_flags, &old_path, 44608c2ecf20Sopenharmony_ci &old_last, &old_type); 44618c2ecf20Sopenharmony_ci if (IS_ERR(from)) { 44628c2ecf20Sopenharmony_ci error = PTR_ERR(from); 44638c2ecf20Sopenharmony_ci goto put_new; 44648c2ecf20Sopenharmony_ci } 44658c2ecf20Sopenharmony_ci 44668c2ecf20Sopenharmony_ci to = filename_parentat(newdfd, to, lookup_flags, &new_path, &new_last, 44678c2ecf20Sopenharmony_ci &new_type); 44688c2ecf20Sopenharmony_ci if (IS_ERR(to)) { 44698c2ecf20Sopenharmony_ci error = PTR_ERR(to); 44708c2ecf20Sopenharmony_ci goto exit1; 44718c2ecf20Sopenharmony_ci } 44728c2ecf20Sopenharmony_ci 44738c2ecf20Sopenharmony_ci error = -EXDEV; 44748c2ecf20Sopenharmony_ci if (old_path.mnt != new_path.mnt) 44758c2ecf20Sopenharmony_ci goto exit2; 44768c2ecf20Sopenharmony_ci 44778c2ecf20Sopenharmony_ci error = -EBUSY; 44788c2ecf20Sopenharmony_ci if (old_type != LAST_NORM) 44798c2ecf20Sopenharmony_ci goto exit2; 44808c2ecf20Sopenharmony_ci 44818c2ecf20Sopenharmony_ci if (flags & RENAME_NOREPLACE) 44828c2ecf20Sopenharmony_ci error = -EEXIST; 44838c2ecf20Sopenharmony_ci if (new_type != LAST_NORM) 44848c2ecf20Sopenharmony_ci goto exit2; 44858c2ecf20Sopenharmony_ci 44868c2ecf20Sopenharmony_ci error = mnt_want_write(old_path.mnt); 44878c2ecf20Sopenharmony_ci if (error) 44888c2ecf20Sopenharmony_ci goto exit2; 44898c2ecf20Sopenharmony_ci 44908c2ecf20Sopenharmony_ciretry_deleg: 44918c2ecf20Sopenharmony_ci trap = lock_rename(new_path.dentry, old_path.dentry); 44928c2ecf20Sopenharmony_ci 44938c2ecf20Sopenharmony_ci old_dentry = __lookup_hash(&old_last, old_path.dentry, lookup_flags); 44948c2ecf20Sopenharmony_ci error = PTR_ERR(old_dentry); 44958c2ecf20Sopenharmony_ci if (IS_ERR(old_dentry)) 44968c2ecf20Sopenharmony_ci goto exit3; 44978c2ecf20Sopenharmony_ci /* source must exist */ 44988c2ecf20Sopenharmony_ci error = -ENOENT; 44998c2ecf20Sopenharmony_ci if (d_is_negative(old_dentry)) 45008c2ecf20Sopenharmony_ci goto exit4; 45018c2ecf20Sopenharmony_ci new_dentry = __lookup_hash(&new_last, new_path.dentry, lookup_flags | target_flags); 45028c2ecf20Sopenharmony_ci error = PTR_ERR(new_dentry); 45038c2ecf20Sopenharmony_ci if (IS_ERR(new_dentry)) 45048c2ecf20Sopenharmony_ci goto exit4; 45058c2ecf20Sopenharmony_ci error = -EEXIST; 45068c2ecf20Sopenharmony_ci if ((flags & RENAME_NOREPLACE) && d_is_positive(new_dentry)) 45078c2ecf20Sopenharmony_ci goto exit5; 45088c2ecf20Sopenharmony_ci if (flags & RENAME_EXCHANGE) { 45098c2ecf20Sopenharmony_ci error = -ENOENT; 45108c2ecf20Sopenharmony_ci if (d_is_negative(new_dentry)) 45118c2ecf20Sopenharmony_ci goto exit5; 45128c2ecf20Sopenharmony_ci 45138c2ecf20Sopenharmony_ci if (!d_is_dir(new_dentry)) { 45148c2ecf20Sopenharmony_ci error = -ENOTDIR; 45158c2ecf20Sopenharmony_ci if (new_last.name[new_last.len]) 45168c2ecf20Sopenharmony_ci goto exit5; 45178c2ecf20Sopenharmony_ci } 45188c2ecf20Sopenharmony_ci } 45198c2ecf20Sopenharmony_ci /* unless the source is a directory trailing slashes give -ENOTDIR */ 45208c2ecf20Sopenharmony_ci if (!d_is_dir(old_dentry)) { 45218c2ecf20Sopenharmony_ci error = -ENOTDIR; 45228c2ecf20Sopenharmony_ci if (old_last.name[old_last.len]) 45238c2ecf20Sopenharmony_ci goto exit5; 45248c2ecf20Sopenharmony_ci if (!(flags & RENAME_EXCHANGE) && new_last.name[new_last.len]) 45258c2ecf20Sopenharmony_ci goto exit5; 45268c2ecf20Sopenharmony_ci } 45278c2ecf20Sopenharmony_ci /* source should not be ancestor of target */ 45288c2ecf20Sopenharmony_ci error = -EINVAL; 45298c2ecf20Sopenharmony_ci if (old_dentry == trap) 45308c2ecf20Sopenharmony_ci goto exit5; 45318c2ecf20Sopenharmony_ci /* target should not be an ancestor of source */ 45328c2ecf20Sopenharmony_ci if (!(flags & RENAME_EXCHANGE)) 45338c2ecf20Sopenharmony_ci error = -ENOTEMPTY; 45348c2ecf20Sopenharmony_ci if (new_dentry == trap) 45358c2ecf20Sopenharmony_ci goto exit5; 45368c2ecf20Sopenharmony_ci 45378c2ecf20Sopenharmony_ci error = security_path_rename(&old_path, old_dentry, 45388c2ecf20Sopenharmony_ci &new_path, new_dentry, flags); 45398c2ecf20Sopenharmony_ci if (error) 45408c2ecf20Sopenharmony_ci goto exit5; 45418c2ecf20Sopenharmony_ci error = vfs_rename(old_path.dentry->d_inode, old_dentry, 45428c2ecf20Sopenharmony_ci new_path.dentry->d_inode, new_dentry, 45438c2ecf20Sopenharmony_ci &delegated_inode, flags); 45448c2ecf20Sopenharmony_ciexit5: 45458c2ecf20Sopenharmony_ci dput(new_dentry); 45468c2ecf20Sopenharmony_ciexit4: 45478c2ecf20Sopenharmony_ci dput(old_dentry); 45488c2ecf20Sopenharmony_ciexit3: 45498c2ecf20Sopenharmony_ci unlock_rename(new_path.dentry, old_path.dentry); 45508c2ecf20Sopenharmony_ci if (delegated_inode) { 45518c2ecf20Sopenharmony_ci error = break_deleg_wait(&delegated_inode); 45528c2ecf20Sopenharmony_ci if (!error) 45538c2ecf20Sopenharmony_ci goto retry_deleg; 45548c2ecf20Sopenharmony_ci } 45558c2ecf20Sopenharmony_ci mnt_drop_write(old_path.mnt); 45568c2ecf20Sopenharmony_ciexit2: 45578c2ecf20Sopenharmony_ci if (retry_estale(error, lookup_flags)) 45588c2ecf20Sopenharmony_ci should_retry = true; 45598c2ecf20Sopenharmony_ci path_put(&new_path); 45608c2ecf20Sopenharmony_ciexit1: 45618c2ecf20Sopenharmony_ci path_put(&old_path); 45628c2ecf20Sopenharmony_ci if (should_retry) { 45638c2ecf20Sopenharmony_ci should_retry = false; 45648c2ecf20Sopenharmony_ci lookup_flags |= LOOKUP_REVAL; 45658c2ecf20Sopenharmony_ci goto retry; 45668c2ecf20Sopenharmony_ci } 45678c2ecf20Sopenharmony_ciput_both: 45688c2ecf20Sopenharmony_ci if (!IS_ERR(from)) 45698c2ecf20Sopenharmony_ci putname(from); 45708c2ecf20Sopenharmony_ciput_new: 45718c2ecf20Sopenharmony_ci if (!IS_ERR(to)) 45728c2ecf20Sopenharmony_ci putname(to); 45738c2ecf20Sopenharmony_ci return error; 45748c2ecf20Sopenharmony_ci} 45758c2ecf20Sopenharmony_ci 45768c2ecf20Sopenharmony_ciSYSCALL_DEFINE5(renameat2, int, olddfd, const char __user *, oldname, 45778c2ecf20Sopenharmony_ci int, newdfd, const char __user *, newname, unsigned int, flags) 45788c2ecf20Sopenharmony_ci{ 45798c2ecf20Sopenharmony_ci return do_renameat2(olddfd, getname(oldname), newdfd, getname(newname), 45808c2ecf20Sopenharmony_ci flags); 45818c2ecf20Sopenharmony_ci} 45828c2ecf20Sopenharmony_ci 45838c2ecf20Sopenharmony_ciSYSCALL_DEFINE4(renameat, int, olddfd, const char __user *, oldname, 45848c2ecf20Sopenharmony_ci int, newdfd, const char __user *, newname) 45858c2ecf20Sopenharmony_ci{ 45868c2ecf20Sopenharmony_ci return do_renameat2(olddfd, getname(oldname), newdfd, getname(newname), 45878c2ecf20Sopenharmony_ci 0); 45888c2ecf20Sopenharmony_ci} 45898c2ecf20Sopenharmony_ci 45908c2ecf20Sopenharmony_ciSYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newname) 45918c2ecf20Sopenharmony_ci{ 45928c2ecf20Sopenharmony_ci return do_renameat2(AT_FDCWD, getname(oldname), AT_FDCWD, 45938c2ecf20Sopenharmony_ci getname(newname), 0); 45948c2ecf20Sopenharmony_ci} 45958c2ecf20Sopenharmony_ci 45968c2ecf20Sopenharmony_ciint readlink_copy(char __user *buffer, int buflen, const char *link) 45978c2ecf20Sopenharmony_ci{ 45988c2ecf20Sopenharmony_ci int len = PTR_ERR(link); 45998c2ecf20Sopenharmony_ci if (IS_ERR(link)) 46008c2ecf20Sopenharmony_ci goto out; 46018c2ecf20Sopenharmony_ci 46028c2ecf20Sopenharmony_ci len = strlen(link); 46038c2ecf20Sopenharmony_ci if (len > (unsigned) buflen) 46048c2ecf20Sopenharmony_ci len = buflen; 46058c2ecf20Sopenharmony_ci if (copy_to_user(buffer, link, len)) 46068c2ecf20Sopenharmony_ci len = -EFAULT; 46078c2ecf20Sopenharmony_ciout: 46088c2ecf20Sopenharmony_ci return len; 46098c2ecf20Sopenharmony_ci} 46108c2ecf20Sopenharmony_ci 46118c2ecf20Sopenharmony_ci/** 46128c2ecf20Sopenharmony_ci * vfs_readlink - copy symlink body into userspace buffer 46138c2ecf20Sopenharmony_ci * @dentry: dentry on which to get symbolic link 46148c2ecf20Sopenharmony_ci * @buffer: user memory pointer 46158c2ecf20Sopenharmony_ci * @buflen: size of buffer 46168c2ecf20Sopenharmony_ci * 46178c2ecf20Sopenharmony_ci * Does not touch atime. That's up to the caller if necessary 46188c2ecf20Sopenharmony_ci * 46198c2ecf20Sopenharmony_ci * Does not call security hook. 46208c2ecf20Sopenharmony_ci */ 46218c2ecf20Sopenharmony_ciint vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen) 46228c2ecf20Sopenharmony_ci{ 46238c2ecf20Sopenharmony_ci struct inode *inode = d_inode(dentry); 46248c2ecf20Sopenharmony_ci DEFINE_DELAYED_CALL(done); 46258c2ecf20Sopenharmony_ci const char *link; 46268c2ecf20Sopenharmony_ci int res; 46278c2ecf20Sopenharmony_ci 46288c2ecf20Sopenharmony_ci if (unlikely(!(inode->i_opflags & IOP_DEFAULT_READLINK))) { 46298c2ecf20Sopenharmony_ci if (unlikely(inode->i_op->readlink)) 46308c2ecf20Sopenharmony_ci return inode->i_op->readlink(dentry, buffer, buflen); 46318c2ecf20Sopenharmony_ci 46328c2ecf20Sopenharmony_ci if (!d_is_symlink(dentry)) 46338c2ecf20Sopenharmony_ci return -EINVAL; 46348c2ecf20Sopenharmony_ci 46358c2ecf20Sopenharmony_ci spin_lock(&inode->i_lock); 46368c2ecf20Sopenharmony_ci inode->i_opflags |= IOP_DEFAULT_READLINK; 46378c2ecf20Sopenharmony_ci spin_unlock(&inode->i_lock); 46388c2ecf20Sopenharmony_ci } 46398c2ecf20Sopenharmony_ci 46408c2ecf20Sopenharmony_ci link = READ_ONCE(inode->i_link); 46418c2ecf20Sopenharmony_ci if (!link) { 46428c2ecf20Sopenharmony_ci link = inode->i_op->get_link(dentry, inode, &done); 46438c2ecf20Sopenharmony_ci if (IS_ERR(link)) 46448c2ecf20Sopenharmony_ci return PTR_ERR(link); 46458c2ecf20Sopenharmony_ci } 46468c2ecf20Sopenharmony_ci res = readlink_copy(buffer, buflen, link); 46478c2ecf20Sopenharmony_ci do_delayed_call(&done); 46488c2ecf20Sopenharmony_ci return res; 46498c2ecf20Sopenharmony_ci} 46508c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_readlink); 46518c2ecf20Sopenharmony_ci 46528c2ecf20Sopenharmony_ci/** 46538c2ecf20Sopenharmony_ci * vfs_get_link - get symlink body 46548c2ecf20Sopenharmony_ci * @dentry: dentry on which to get symbolic link 46558c2ecf20Sopenharmony_ci * @done: caller needs to free returned data with this 46568c2ecf20Sopenharmony_ci * 46578c2ecf20Sopenharmony_ci * Calls security hook and i_op->get_link() on the supplied inode. 46588c2ecf20Sopenharmony_ci * 46598c2ecf20Sopenharmony_ci * It does not touch atime. That's up to the caller if necessary. 46608c2ecf20Sopenharmony_ci * 46618c2ecf20Sopenharmony_ci * Does not work on "special" symlinks like /proc/$$/fd/N 46628c2ecf20Sopenharmony_ci */ 46638c2ecf20Sopenharmony_ciconst char *vfs_get_link(struct dentry *dentry, struct delayed_call *done) 46648c2ecf20Sopenharmony_ci{ 46658c2ecf20Sopenharmony_ci const char *res = ERR_PTR(-EINVAL); 46668c2ecf20Sopenharmony_ci struct inode *inode = d_inode(dentry); 46678c2ecf20Sopenharmony_ci 46688c2ecf20Sopenharmony_ci if (d_is_symlink(dentry)) { 46698c2ecf20Sopenharmony_ci res = ERR_PTR(security_inode_readlink(dentry)); 46708c2ecf20Sopenharmony_ci if (!res) 46718c2ecf20Sopenharmony_ci res = inode->i_op->get_link(dentry, inode, done); 46728c2ecf20Sopenharmony_ci } 46738c2ecf20Sopenharmony_ci return res; 46748c2ecf20Sopenharmony_ci} 46758c2ecf20Sopenharmony_ciEXPORT_SYMBOL(vfs_get_link); 46768c2ecf20Sopenharmony_ci 46778c2ecf20Sopenharmony_ci/* get the link contents into pagecache */ 46788c2ecf20Sopenharmony_ciconst char *page_get_link(struct dentry *dentry, struct inode *inode, 46798c2ecf20Sopenharmony_ci struct delayed_call *callback) 46808c2ecf20Sopenharmony_ci{ 46818c2ecf20Sopenharmony_ci char *kaddr; 46828c2ecf20Sopenharmony_ci struct page *page; 46838c2ecf20Sopenharmony_ci struct address_space *mapping = inode->i_mapping; 46848c2ecf20Sopenharmony_ci 46858c2ecf20Sopenharmony_ci if (!dentry) { 46868c2ecf20Sopenharmony_ci page = find_get_page(mapping, 0); 46878c2ecf20Sopenharmony_ci if (!page) 46888c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 46898c2ecf20Sopenharmony_ci if (!PageUptodate(page)) { 46908c2ecf20Sopenharmony_ci put_page(page); 46918c2ecf20Sopenharmony_ci return ERR_PTR(-ECHILD); 46928c2ecf20Sopenharmony_ci } 46938c2ecf20Sopenharmony_ci } else { 46948c2ecf20Sopenharmony_ci page = read_mapping_page(mapping, 0, NULL); 46958c2ecf20Sopenharmony_ci if (IS_ERR(page)) 46968c2ecf20Sopenharmony_ci return (char*)page; 46978c2ecf20Sopenharmony_ci } 46988c2ecf20Sopenharmony_ci set_delayed_call(callback, page_put_link, page); 46998c2ecf20Sopenharmony_ci BUG_ON(mapping_gfp_mask(mapping) & __GFP_HIGHMEM); 47008c2ecf20Sopenharmony_ci kaddr = page_address(page); 47018c2ecf20Sopenharmony_ci nd_terminate_link(kaddr, inode->i_size, PAGE_SIZE - 1); 47028c2ecf20Sopenharmony_ci return kaddr; 47038c2ecf20Sopenharmony_ci} 47048c2ecf20Sopenharmony_ci 47058c2ecf20Sopenharmony_ciEXPORT_SYMBOL(page_get_link); 47068c2ecf20Sopenharmony_ci 47078c2ecf20Sopenharmony_civoid page_put_link(void *arg) 47088c2ecf20Sopenharmony_ci{ 47098c2ecf20Sopenharmony_ci put_page(arg); 47108c2ecf20Sopenharmony_ci} 47118c2ecf20Sopenharmony_ciEXPORT_SYMBOL(page_put_link); 47128c2ecf20Sopenharmony_ci 47138c2ecf20Sopenharmony_ciint page_readlink(struct dentry *dentry, char __user *buffer, int buflen) 47148c2ecf20Sopenharmony_ci{ 47158c2ecf20Sopenharmony_ci DEFINE_DELAYED_CALL(done); 47168c2ecf20Sopenharmony_ci int res = readlink_copy(buffer, buflen, 47178c2ecf20Sopenharmony_ci page_get_link(dentry, d_inode(dentry), 47188c2ecf20Sopenharmony_ci &done)); 47198c2ecf20Sopenharmony_ci do_delayed_call(&done); 47208c2ecf20Sopenharmony_ci return res; 47218c2ecf20Sopenharmony_ci} 47228c2ecf20Sopenharmony_ciEXPORT_SYMBOL(page_readlink); 47238c2ecf20Sopenharmony_ci 47248c2ecf20Sopenharmony_ci/* 47258c2ecf20Sopenharmony_ci * The nofs argument instructs pagecache_write_begin to pass AOP_FLAG_NOFS 47268c2ecf20Sopenharmony_ci */ 47278c2ecf20Sopenharmony_ciint __page_symlink(struct inode *inode, const char *symname, int len, int nofs) 47288c2ecf20Sopenharmony_ci{ 47298c2ecf20Sopenharmony_ci struct address_space *mapping = inode->i_mapping; 47308c2ecf20Sopenharmony_ci struct page *page; 47318c2ecf20Sopenharmony_ci void *fsdata = NULL; 47328c2ecf20Sopenharmony_ci int err; 47338c2ecf20Sopenharmony_ci unsigned int flags = 0; 47348c2ecf20Sopenharmony_ci if (nofs) 47358c2ecf20Sopenharmony_ci flags |= AOP_FLAG_NOFS; 47368c2ecf20Sopenharmony_ci 47378c2ecf20Sopenharmony_ciretry: 47388c2ecf20Sopenharmony_ci err = pagecache_write_begin(NULL, mapping, 0, len-1, 47398c2ecf20Sopenharmony_ci flags, &page, &fsdata); 47408c2ecf20Sopenharmony_ci if (err) 47418c2ecf20Sopenharmony_ci goto fail; 47428c2ecf20Sopenharmony_ci 47438c2ecf20Sopenharmony_ci memcpy(page_address(page), symname, len-1); 47448c2ecf20Sopenharmony_ci 47458c2ecf20Sopenharmony_ci err = pagecache_write_end(NULL, mapping, 0, len-1, len-1, 47468c2ecf20Sopenharmony_ci page, fsdata); 47478c2ecf20Sopenharmony_ci if (err < 0) 47488c2ecf20Sopenharmony_ci goto fail; 47498c2ecf20Sopenharmony_ci if (err < len-1) 47508c2ecf20Sopenharmony_ci goto retry; 47518c2ecf20Sopenharmony_ci 47528c2ecf20Sopenharmony_ci mark_inode_dirty(inode); 47538c2ecf20Sopenharmony_ci return 0; 47548c2ecf20Sopenharmony_cifail: 47558c2ecf20Sopenharmony_ci return err; 47568c2ecf20Sopenharmony_ci} 47578c2ecf20Sopenharmony_ciEXPORT_SYMBOL(__page_symlink); 47588c2ecf20Sopenharmony_ci 47598c2ecf20Sopenharmony_ciint page_symlink(struct inode *inode, const char *symname, int len) 47608c2ecf20Sopenharmony_ci{ 47618c2ecf20Sopenharmony_ci return __page_symlink(inode, symname, len, 47628c2ecf20Sopenharmony_ci !mapping_gfp_constraint(inode->i_mapping, __GFP_FS)); 47638c2ecf20Sopenharmony_ci} 47648c2ecf20Sopenharmony_ciEXPORT_SYMBOL(page_symlink); 47658c2ecf20Sopenharmony_ci 47668c2ecf20Sopenharmony_ciconst struct inode_operations page_symlink_inode_operations = { 47678c2ecf20Sopenharmony_ci .get_link = page_get_link, 47688c2ecf20Sopenharmony_ci}; 47698c2ecf20Sopenharmony_ciEXPORT_SYMBOL(page_symlink_inode_operations); 4770