1 // SPDX-License-Identifier: GPL-2.0-only
2 /* * This file is part of UBIFS.
4 * Copyright (C) 2006-2008 Nokia Corporation.
5 * Copyright (C) 2006, 2007 University of Szeged, Hungary
7 * Authors: Artem Bityutskiy (Битюцкий Артём)
13 * This file implements directory operations.
15 * All FS operations in this file allocate budget before writing anything to the
16 * media. If they fail to allocate it, the error is returned. The only
17 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even
18 * if they unable to allocate the budget, because deletion %-ENOSPC failure is
19 * not what users are usually ready to get. UBIFS budgeting subsystem has some
20 * space reserved for these purposes.
22 * All operations in this file write all inodes which they change straight
23 * away, instead of marking them dirty. For example, 'ubifs_link()' changes
24 * @i_size of the parent inode and writes the parent inode together with the
25 * target inode. This was done to simplify file-system recovery which would
26 * otherwise be very difficult to do. The only exception is rename which marks
27 * the re-named inode dirty (because its @i_ctime is updated) but does not
28 * write it, but just marks it as dirty.
34 * inherit_flags - inherit flags of the parent inode.
36 * @mode: new inode mode flags
38 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the
39 * parent directory inode @dir. UBIFS inodes inherit the following flags:
40 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on
41 * sub-directory basis;
42 * o %UBIFS_SYNC_FL - useful for the same reasons;
43 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories.
45 * This function returns the inherited flags.
47 static int inherit_flags(const struct inode *dir, umode_t mode)
50 const struct ubifs_inode *ui = ubifs_inode(dir);
52 if (!S_ISDIR(dir->i_mode))
54 * The parent is not a directory, which means that an extended
55 * attribute inode is being created. No flags.
59 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL);
61 /* The "DIRSYNC" flag only applies to directories */
62 flags &= ~UBIFS_DIRSYNC_FL;
67 * ubifs_new_inode - allocate new UBIFS inode object.
68 * @c: UBIFS file-system description object
69 * @dir: parent directory inode
70 * @mode: inode mode flags
72 * This function finds an unused inode number, allocates new inode and
73 * initializes it. Returns new inode in case of success and an error code in
76 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir,
81 struct ubifs_inode *ui;
82 bool encrypted = false;
84 if (ubifs_crypt_is_encrypted(dir)) {
85 err = fscrypt_get_encryption_info(dir);
87 ubifs_err(c, "fscrypt_get_encryption_info failed: %i", err);
91 if (!fscrypt_has_encryption_key(dir))
92 return ERR_PTR(-EPERM);
97 inode = new_inode(c->vfs_sb);
98 ui = ubifs_inode(inode);
100 return ERR_PTR(-ENOMEM);
103 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and
104 * marking them dirty in file write path (see 'file_update_time()').
105 * UBIFS has to fully control "clean <-> dirty" transitions of inodes
106 * to make budgeting work.
108 inode->i_flags |= S_NOCMTIME;
110 inode_init_owner(inode, dir, mode);
111 inode->i_mtime = inode->i_atime = inode->i_ctime =
113 inode->i_mapping->nrpages = 0;
115 switch (mode & S_IFMT) {
117 inode->i_mapping->a_ops = &ubifs_file_address_operations;
118 inode->i_op = &ubifs_file_inode_operations;
119 inode->i_fop = &ubifs_file_operations;
122 inode->i_op = &ubifs_dir_inode_operations;
123 inode->i_fop = &ubifs_dir_operations;
124 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ;
127 inode->i_op = &ubifs_symlink_inode_operations;
133 inode->i_op = &ubifs_file_inode_operations;
140 ui->flags = inherit_flags(dir, mode);
141 ubifs_set_inode_flags(inode);
143 ui->compr_type = c->default_compr;
145 ui->compr_type = UBIFS_COMPR_NONE;
146 ui->synced_i_size = 0;
148 spin_lock(&c->cnt_lock);
149 /* Inode number overflow is currently not supported */
150 if (c->highest_inum >= INUM_WARN_WATERMARK) {
151 if (c->highest_inum >= INUM_WATERMARK) {
152 spin_unlock(&c->cnt_lock);
153 ubifs_err(c, "out of inode numbers");
154 make_bad_inode(inode);
156 return ERR_PTR(-EINVAL);
158 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)",
159 (unsigned long)c->highest_inum, INUM_WATERMARK);
162 inode->i_ino = ++c->highest_inum;
164 * The creation sequence number remains with this inode for its
165 * lifetime. All nodes for this inode have a greater sequence number,
166 * and so it is possible to distinguish obsolete nodes belonging to a
167 * previous incarnation of the same inode number - for example, for the
168 * purpose of rebuilding the index.
170 ui->creat_sqnum = ++c->max_sqnum;
171 spin_unlock(&c->cnt_lock);
174 err = fscrypt_inherit_context(dir, inode, &encrypted, true);
176 ubifs_err(c, "fscrypt_inherit_context failed: %i", err);
177 make_bad_inode(inode);
186 static int dbg_check_name(const struct ubifs_info *c,
187 const struct ubifs_dent_node *dent,
188 const struct fscrypt_name *nm)
190 if (!dbg_is_chk_gen(c))
192 if (le16_to_cpu(dent->nlen) != fname_len(nm))
194 if (memcmp(dent->name, fname_name(nm), fname_len(nm)))
199 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
204 struct inode *inode = NULL;
205 struct ubifs_dent_node *dent = NULL;
206 struct ubifs_info *c = dir->i_sb->s_fs_info;
207 struct fscrypt_name nm;
209 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
211 err = fscrypt_prepare_lookup(dir, dentry, &nm);
213 return d_splice_alias(NULL, dentry);
217 if (fname_len(&nm) > UBIFS_MAX_NLEN) {
218 inode = ERR_PTR(-ENAMETOOLONG);
222 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
224 inode = ERR_PTR(-ENOMEM);
229 ubifs_assert(c, fname_len(&nm) == 0);
230 ubifs_assert(c, fname_name(&nm) == NULL);
231 dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
232 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
234 dent_key_init(c, &key, dir->i_ino, &nm);
235 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm);
240 dbg_gen("not found");
242 inode = ERR_PTR(err);
246 if (dbg_check_name(c, dent, &nm)) {
247 inode = ERR_PTR(-EINVAL);
251 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum));
254 * This should not happen. Probably the file-system needs
257 err = PTR_ERR(inode);
258 ubifs_err(c, "dead directory entry '%pd', error %d",
260 ubifs_ro_mode(c, err);
264 if (ubifs_crypt_is_encrypted(dir) &&
265 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
266 !fscrypt_has_permitted_context(dir, inode)) {
267 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu",
268 dir->i_ino, inode->i_ino);
270 inode = ERR_PTR(-EPERM);
275 fscrypt_free_filename(&nm);
276 return d_splice_alias(inode, dentry);
279 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
283 struct ubifs_info *c = dir->i_sb->s_fs_info;
284 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
286 struct ubifs_inode *dir_ui = ubifs_inode(dir);
287 struct fscrypt_name nm;
291 * Budget request settings: new inode, new direntry, changing the
292 * parent directory inode.
295 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
296 dentry, mode, dir->i_ino);
298 err = ubifs_budget_space(c, &req);
302 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
306 sz_change = CALC_DENT_SIZE(fname_len(&nm));
308 inode = ubifs_new_inode(c, dir, mode);
310 err = PTR_ERR(inode);
314 err = ubifs_init_security(dir, inode, &dentry->d_name);
318 mutex_lock(&dir_ui->ui_mutex);
319 dir->i_size += sz_change;
320 dir_ui->ui_size = dir->i_size;
321 dir->i_mtime = dir->i_ctime = inode->i_ctime;
322 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
325 mutex_unlock(&dir_ui->ui_mutex);
327 ubifs_release_budget(c, &req);
328 fscrypt_free_filename(&nm);
329 insert_inode_hash(inode);
330 d_instantiate(dentry, inode);
334 dir->i_size -= sz_change;
335 dir_ui->ui_size = dir->i_size;
336 mutex_unlock(&dir_ui->ui_mutex);
338 make_bad_inode(inode);
341 fscrypt_free_filename(&nm);
343 ubifs_release_budget(c, &req);
344 ubifs_err(c, "cannot create regular file, error %d", err);
348 static int do_tmpfile(struct inode *dir, struct dentry *dentry,
349 umode_t mode, struct inode **whiteout)
352 struct ubifs_info *c = dir->i_sb->s_fs_info;
353 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1};
354 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 };
355 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir);
356 int err, instantiated = 0;
357 struct fscrypt_name nm;
360 * Budget request settings: new dirty inode, new direntry,
361 * budget for dirtied inode will be released via writeback.
364 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
365 dentry, mode, dir->i_ino);
367 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
371 err = ubifs_budget_space(c, &req);
373 fscrypt_free_filename(&nm);
377 err = ubifs_budget_space(c, &ino_req);
379 ubifs_release_budget(c, &req);
380 fscrypt_free_filename(&nm);
384 inode = ubifs_new_inode(c, dir, mode);
386 err = PTR_ERR(inode);
389 ui = ubifs_inode(inode);
392 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV);
393 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations);
396 err = ubifs_init_security(dir, inode, &dentry->d_name);
400 mutex_lock(&ui->ui_mutex);
401 insert_inode_hash(inode);
404 mark_inode_dirty(inode);
408 d_tmpfile(dentry, inode);
410 ubifs_assert(c, ui->dirty);
413 mutex_unlock(&ui->ui_mutex);
415 mutex_lock(&dir_ui->ui_mutex);
416 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
419 mutex_unlock(&dir_ui->ui_mutex);
421 ubifs_release_budget(c, &req);
426 mutex_unlock(&dir_ui->ui_mutex);
428 make_bad_inode(inode);
432 ubifs_release_budget(c, &req);
434 ubifs_release_budget(c, &ino_req);
435 fscrypt_free_filename(&nm);
436 ubifs_err(c, "cannot create temporary file, error %d", err);
440 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry,
443 return do_tmpfile(dir, dentry, mode, NULL);
447 * vfs_dent_type - get VFS directory entry type.
448 * @type: UBIFS directory entry type
450 * This function converts UBIFS directory entry type into VFS directory entry
453 static unsigned int vfs_dent_type(uint8_t type)
456 case UBIFS_ITYPE_REG:
458 case UBIFS_ITYPE_DIR:
460 case UBIFS_ITYPE_LNK:
462 case UBIFS_ITYPE_BLK:
464 case UBIFS_ITYPE_CHR:
466 case UBIFS_ITYPE_FIFO:
468 case UBIFS_ITYPE_SOCK:
477 * The classical Unix view for directory is that it is a linear array of
478 * (name, inode number) entries. Linux/VFS assumes this model as well.
479 * Particularly, 'readdir()' call wants us to return a directory entry offset
480 * which later may be used to continue 'readdir()'ing the directory or to
481 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this
482 * model because directory entries are identified by keys, which may collide.
484 * UBIFS uses directory entry hash value for directory offsets, so
485 * 'seekdir()'/'telldir()' may not always work because of possible key
486 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work
487 * properly by means of saving full directory entry name in the private field
488 * of the file description object.
490 * This means that UBIFS cannot support NFS which requires full
491 * 'seekdir()'/'telldir()' support.
493 static int ubifs_readdir(struct file *file, struct dir_context *ctx)
495 int fstr_real_len = 0, err = 0;
496 struct fscrypt_name nm;
497 struct fscrypt_str fstr = {0};
499 struct ubifs_dent_node *dent;
500 struct inode *dir = file_inode(file);
501 struct ubifs_info *c = dir->i_sb->s_fs_info;
502 bool encrypted = ubifs_crypt_is_encrypted(dir);
504 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
506 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2)
508 * The directory was seek'ed to a senseless position or there
509 * are no more entries.
514 err = fscrypt_get_encryption_info(dir);
515 if (err && err != -ENOKEY)
518 err = fscrypt_fname_alloc_buffer(dir, UBIFS_MAX_NLEN, &fstr);
522 fstr_real_len = fstr.len;
525 if (file->f_version == 0) {
527 * The file was seek'ed, which means that @file->private_data
528 * is now invalid. This may also be just the first
529 * 'ubifs_readdir()' invocation, in which case
530 * @file->private_data is NULL, and the below code is
533 kfree(file->private_data);
534 file->private_data = NULL;
538 * 'generic_file_llseek()' unconditionally sets @file->f_version to
539 * zero, and we use this for detecting whether the file was seek'ed.
543 /* File positions 0 and 1 correspond to "." and ".." */
545 ubifs_assert(c, !file->private_data);
546 if (!dir_emit_dots(file, ctx)) {
548 fscrypt_fname_free_buffer(&fstr);
552 /* Find the first entry in TNC and save it */
553 lowest_dent_key(c, &key, dir->i_ino);
555 dent = ubifs_tnc_next_ent(c, &key, &nm);
561 ctx->pos = key_hash_flash(c, &dent->key);
562 file->private_data = dent;
565 dent = file->private_data;
568 * The directory was seek'ed to and is now readdir'ed.
569 * Find the entry corresponding to @ctx->pos or the closest one.
571 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos);
573 dent = ubifs_tnc_next_ent(c, &key, &nm);
578 ctx->pos = key_hash_flash(c, &dent->key);
579 file->private_data = dent;
583 dbg_gen("ino %llu, new f_pos %#x",
584 (unsigned long long)le64_to_cpu(dent->inum),
585 key_hash_flash(c, &dent->key));
586 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) >
587 ubifs_inode(dir)->creat_sqnum);
589 fname_len(&nm) = le16_to_cpu(dent->nlen);
590 fname_name(&nm) = dent->name;
593 fstr.len = fstr_real_len;
595 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c,
597 le32_to_cpu(dent->cookie),
598 &nm.disk_name, &fstr);
602 fstr.len = fname_len(&nm);
603 fstr.name = fname_name(&nm);
606 if (!dir_emit(ctx, fstr.name, fstr.len,
607 le64_to_cpu(dent->inum),
608 vfs_dent_type(dent->type))) {
610 fscrypt_fname_free_buffer(&fstr);
614 /* Switch to the next entry */
615 key_read(c, &dent->key, &key);
616 dent = ubifs_tnc_next_ent(c, &key, &nm);
622 kfree(file->private_data);
623 ctx->pos = key_hash_flash(c, &dent->key);
624 file->private_data = dent;
629 kfree(file->private_data);
630 file->private_data = NULL;
633 fscrypt_fname_free_buffer(&fstr);
636 ubifs_err(c, "cannot find next direntry, error %d", err);
639 * -ENOENT is a non-fatal error in this context, the TNC uses
640 * it to indicate that the cursor moved past the current directory
641 * and readdir() has to stop.
646 /* 2 is a special value indicating that there are no more direntries */
651 /* Free saved readdir() state when the directory is closed */
652 static int ubifs_dir_release(struct inode *dir, struct file *file)
654 kfree(file->private_data);
655 file->private_data = NULL;
660 * lock_2_inodes - a wrapper for locking two UBIFS inodes.
661 * @inode1: first inode
662 * @inode2: second inode
664 * We do not implement any tricks to guarantee strict lock ordering, because
665 * VFS has already done it for us on the @i_mutex. So this is just a simple
668 static void lock_2_inodes(struct inode *inode1, struct inode *inode2)
670 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
671 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
675 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes.
676 * @inode1: first inode
677 * @inode2: second inode
679 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2)
681 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
682 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
685 static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
686 struct dentry *dentry)
688 struct ubifs_info *c = dir->i_sb->s_fs_info;
689 struct inode *inode = d_inode(old_dentry);
690 struct ubifs_inode *ui = ubifs_inode(inode);
691 struct ubifs_inode *dir_ui = ubifs_inode(dir);
692 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
693 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2,
694 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
695 struct fscrypt_name nm;
698 * Budget request settings: new direntry, changing the target inode,
699 * changing the parent inode.
702 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu",
703 dentry, inode->i_ino,
704 inode->i_nlink, dir->i_ino);
705 ubifs_assert(c, inode_is_locked(dir));
706 ubifs_assert(c, inode_is_locked(inode));
708 err = fscrypt_prepare_link(old_dentry, dir, dentry);
712 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
716 err = dbg_check_synced_i_size(c, inode);
720 err = ubifs_budget_space(c, &req);
724 lock_2_inodes(dir, inode);
726 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */
727 if (inode->i_nlink == 0)
728 ubifs_delete_orphan(c, inode->i_ino);
732 inode->i_ctime = current_time(inode);
733 dir->i_size += sz_change;
734 dir_ui->ui_size = dir->i_size;
735 dir->i_mtime = dir->i_ctime = inode->i_ctime;
736 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
739 unlock_2_inodes(dir, inode);
741 ubifs_release_budget(c, &req);
742 d_instantiate(dentry, inode);
743 fscrypt_free_filename(&nm);
747 dir->i_size -= sz_change;
748 dir_ui->ui_size = dir->i_size;
750 if (inode->i_nlink == 0)
751 ubifs_add_orphan(c, inode->i_ino);
752 unlock_2_inodes(dir, inode);
753 ubifs_release_budget(c, &req);
756 fscrypt_free_filename(&nm);
760 static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
762 struct ubifs_info *c = dir->i_sb->s_fs_info;
763 struct inode *inode = d_inode(dentry);
764 struct ubifs_inode *dir_ui = ubifs_inode(dir);
765 int err, sz_change, budgeted = 1;
766 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
767 unsigned int saved_nlink = inode->i_nlink;
768 struct fscrypt_name nm;
771 * Budget request settings: deletion direntry, deletion inode (+1 for
772 * @dirtied_ino), changing the parent directory inode. If budgeting
773 * fails, go ahead anyway because we have extra space reserved for
777 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
778 dentry, inode->i_ino,
779 inode->i_nlink, dir->i_ino);
781 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
785 err = ubifs_purge_xattrs(inode);
789 sz_change = CALC_DENT_SIZE(fname_len(&nm));
791 ubifs_assert(c, inode_is_locked(dir));
792 ubifs_assert(c, inode_is_locked(inode));
793 err = dbg_check_synced_i_size(c, inode);
797 err = ubifs_budget_space(c, &req);
804 lock_2_inodes(dir, inode);
805 inode->i_ctime = current_time(dir);
807 dir->i_size -= sz_change;
808 dir_ui->ui_size = dir->i_size;
809 dir->i_mtime = dir->i_ctime = inode->i_ctime;
810 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
813 unlock_2_inodes(dir, inode);
816 ubifs_release_budget(c, &req);
818 /* We've deleted something - clean the "no space" flags */
819 c->bi.nospace = c->bi.nospace_rp = 0;
822 fscrypt_free_filename(&nm);
826 dir->i_size += sz_change;
827 dir_ui->ui_size = dir->i_size;
828 set_nlink(inode, saved_nlink);
829 unlock_2_inodes(dir, inode);
831 ubifs_release_budget(c, &req);
833 fscrypt_free_filename(&nm);
838 * check_dir_empty - check if a directory is empty or not.
839 * @dir: VFS inode object of the directory to check
841 * This function checks if directory @dir is empty. Returns zero if the
842 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes
843 * in case of of errors.
845 int ubifs_check_dir_empty(struct inode *dir)
847 struct ubifs_info *c = dir->i_sb->s_fs_info;
848 struct fscrypt_name nm = { 0 };
849 struct ubifs_dent_node *dent;
853 lowest_dent_key(c, &key, dir->i_ino);
854 dent = ubifs_tnc_next_ent(c, &key, &nm);
866 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
868 struct ubifs_info *c = dir->i_sb->s_fs_info;
869 struct inode *inode = d_inode(dentry);
870 int err, sz_change, budgeted = 1;
871 struct ubifs_inode *dir_ui = ubifs_inode(dir);
872 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
873 struct fscrypt_name nm;
876 * Budget request settings: deletion direntry, deletion inode and
877 * changing the parent inode. If budgeting fails, go ahead anyway
878 * because we have extra space reserved for deletions.
881 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry,
882 inode->i_ino, dir->i_ino);
883 ubifs_assert(c, inode_is_locked(dir));
884 ubifs_assert(c, inode_is_locked(inode));
885 err = ubifs_check_dir_empty(d_inode(dentry));
889 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
893 err = ubifs_purge_xattrs(inode);
897 sz_change = CALC_DENT_SIZE(fname_len(&nm));
899 err = ubifs_budget_space(c, &req);
906 lock_2_inodes(dir, inode);
907 inode->i_ctime = current_time(dir);
910 dir->i_size -= sz_change;
911 dir_ui->ui_size = dir->i_size;
912 dir->i_mtime = dir->i_ctime = inode->i_ctime;
913 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
916 unlock_2_inodes(dir, inode);
919 ubifs_release_budget(c, &req);
921 /* We've deleted something - clean the "no space" flags */
922 c->bi.nospace = c->bi.nospace_rp = 0;
925 fscrypt_free_filename(&nm);
929 dir->i_size += sz_change;
930 dir_ui->ui_size = dir->i_size;
933 unlock_2_inodes(dir, inode);
935 ubifs_release_budget(c, &req);
937 fscrypt_free_filename(&nm);
941 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
944 struct ubifs_inode *dir_ui = ubifs_inode(dir);
945 struct ubifs_info *c = dir->i_sb->s_fs_info;
947 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1 };
948 struct fscrypt_name nm;
951 * Budget request settings: new inode, new direntry and changing parent
955 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
956 dentry, mode, dir->i_ino);
958 err = ubifs_budget_space(c, &req);
962 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
966 sz_change = CALC_DENT_SIZE(fname_len(&nm));
968 inode = ubifs_new_inode(c, dir, S_IFDIR | mode);
970 err = PTR_ERR(inode);
974 err = ubifs_init_security(dir, inode, &dentry->d_name);
978 mutex_lock(&dir_ui->ui_mutex);
979 insert_inode_hash(inode);
982 dir->i_size += sz_change;
983 dir_ui->ui_size = dir->i_size;
984 dir->i_mtime = dir->i_ctime = inode->i_ctime;
985 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
987 ubifs_err(c, "cannot create directory, error %d", err);
990 mutex_unlock(&dir_ui->ui_mutex);
992 ubifs_release_budget(c, &req);
993 d_instantiate(dentry, inode);
994 fscrypt_free_filename(&nm);
998 dir->i_size -= sz_change;
999 dir_ui->ui_size = dir->i_size;
1001 mutex_unlock(&dir_ui->ui_mutex);
1003 make_bad_inode(inode);
1006 fscrypt_free_filename(&nm);
1008 ubifs_release_budget(c, &req);
1012 static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
1013 umode_t mode, dev_t rdev)
1015 struct inode *inode;
1016 struct ubifs_inode *ui;
1017 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1018 struct ubifs_info *c = dir->i_sb->s_fs_info;
1019 union ubifs_dev_desc *dev = NULL;
1021 int err, devlen = 0;
1022 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1024 struct fscrypt_name nm;
1027 * Budget request settings: new inode, new direntry and changing parent
1031 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino);
1033 if (S_ISBLK(mode) || S_ISCHR(mode)) {
1034 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1037 devlen = ubifs_encode_dev(dev, rdev);
1040 req.new_ino_d = ALIGN(devlen, 8);
1041 err = ubifs_budget_space(c, &req);
1047 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1053 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1055 inode = ubifs_new_inode(c, dir, mode);
1056 if (IS_ERR(inode)) {
1058 err = PTR_ERR(inode);
1062 init_special_inode(inode, inode->i_mode, rdev);
1063 inode->i_size = ubifs_inode(inode)->ui_size = devlen;
1064 ui = ubifs_inode(inode);
1066 ui->data_len = devlen;
1068 err = ubifs_init_security(dir, inode, &dentry->d_name);
1072 mutex_lock(&dir_ui->ui_mutex);
1073 dir->i_size += sz_change;
1074 dir_ui->ui_size = dir->i_size;
1075 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1076 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1079 mutex_unlock(&dir_ui->ui_mutex);
1081 ubifs_release_budget(c, &req);
1082 insert_inode_hash(inode);
1083 d_instantiate(dentry, inode);
1084 fscrypt_free_filename(&nm);
1088 dir->i_size -= sz_change;
1089 dir_ui->ui_size = dir->i_size;
1090 mutex_unlock(&dir_ui->ui_mutex);
1092 make_bad_inode(inode);
1095 fscrypt_free_filename(&nm);
1097 ubifs_release_budget(c, &req);
1101 static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
1102 const char *symname)
1104 struct inode *inode;
1105 struct ubifs_inode *ui;
1106 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1107 struct ubifs_info *c = dir->i_sb->s_fs_info;
1108 int err, sz_change, len = strlen(symname);
1109 struct fscrypt_str disk_link;
1110 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1111 .new_ino_d = ALIGN(len, 8),
1113 struct fscrypt_name nm;
1115 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
1116 symname, dir->i_ino);
1118 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA,
1124 * Budget request settings: new inode, new direntry and changing parent
1127 err = ubifs_budget_space(c, &req);
1131 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
1135 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1137 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO);
1138 if (IS_ERR(inode)) {
1139 err = PTR_ERR(inode);
1143 ui = ubifs_inode(inode);
1144 ui->data = kmalloc(disk_link.len, GFP_NOFS);
1150 if (IS_ENCRYPTED(inode)) {
1151 disk_link.name = ui->data; /* encrypt directly into ui->data */
1152 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link);
1156 memcpy(ui->data, disk_link.name, disk_link.len);
1157 inode->i_link = ui->data;
1161 * The terminating zero byte is not written to the flash media and it
1162 * is put just to make later in-memory string processing simpler. Thus,
1163 * data length is @disk_link.len - 1, not @disk_link.len.
1165 ui->data_len = disk_link.len - 1;
1166 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1;
1168 err = ubifs_init_security(dir, inode, &dentry->d_name);
1172 mutex_lock(&dir_ui->ui_mutex);
1173 dir->i_size += sz_change;
1174 dir_ui->ui_size = dir->i_size;
1175 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1176 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1179 mutex_unlock(&dir_ui->ui_mutex);
1181 insert_inode_hash(inode);
1182 d_instantiate(dentry, inode);
1187 dir->i_size -= sz_change;
1188 dir_ui->ui_size = dir->i_size;
1189 mutex_unlock(&dir_ui->ui_mutex);
1191 make_bad_inode(inode);
1194 fscrypt_free_filename(&nm);
1196 ubifs_release_budget(c, &req);
1201 * lock_4_inodes - a wrapper for locking three UBIFS inodes.
1202 * @inode1: first inode
1203 * @inode2: second inode
1204 * @inode3: third inode
1205 * @inode4: fouth inode
1207 * This function is used for 'ubifs_rename()' and @inode1 may be the same as
1208 * @inode2 whereas @inode3 and @inode4 may be %NULL.
1210 * We do not implement any tricks to guarantee strict lock ordering, because
1211 * VFS has already done it for us on the @i_mutex. So this is just a simple
1214 static void lock_4_inodes(struct inode *inode1, struct inode *inode2,
1215 struct inode *inode3, struct inode *inode4)
1217 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
1218 if (inode2 != inode1)
1219 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
1221 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3);
1223 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4);
1227 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename.
1228 * @inode1: first inode
1229 * @inode2: second inode
1230 * @inode3: third inode
1231 * @inode4: fouth inode
1233 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2,
1234 struct inode *inode3, struct inode *inode4)
1237 mutex_unlock(&ubifs_inode(inode4)->ui_mutex);
1239 mutex_unlock(&ubifs_inode(inode3)->ui_mutex);
1240 if (inode1 != inode2)
1241 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
1242 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
1245 static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1246 struct inode *new_dir, struct dentry *new_dentry,
1249 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1250 struct inode *old_inode = d_inode(old_dentry);
1251 struct inode *new_inode = d_inode(new_dentry);
1252 struct inode *whiteout = NULL;
1253 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode);
1254 struct ubifs_inode *whiteout_ui = NULL;
1255 int err, release, sync = 0, move = (new_dir != old_dir);
1256 int is_dir = S_ISDIR(old_inode->i_mode);
1257 int unlink = !!new_inode, new_sz, old_sz;
1258 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1260 struct ubifs_budget_req ino_req = { .dirtied_ino = 1,
1261 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) };
1262 struct timespec64 time;
1263 unsigned int uninitialized_var(saved_nlink);
1264 struct fscrypt_name old_nm, new_nm;
1267 * Budget request settings: deletion direntry, new direntry, removing
1268 * the old inode, and changing old and new parent directory inodes.
1270 * However, this operation also marks the target inode as dirty and
1271 * does not write it, so we allocate budget for the target inode
1275 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x",
1276 old_dentry, old_inode->i_ino, old_dir->i_ino,
1277 new_dentry, new_dir->i_ino, flags);
1280 ubifs_assert(c, inode_is_locked(new_inode));
1282 err = ubifs_purge_xattrs(new_inode);
1287 if (unlink && is_dir) {
1288 err = ubifs_check_dir_empty(new_inode);
1293 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm);
1297 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm);
1299 fscrypt_free_filename(&old_nm);
1303 new_sz = CALC_DENT_SIZE(fname_len(&new_nm));
1304 old_sz = CALC_DENT_SIZE(fname_len(&old_nm));
1306 err = ubifs_budget_space(c, &req);
1308 fscrypt_free_filename(&old_nm);
1309 fscrypt_free_filename(&new_nm);
1312 err = ubifs_budget_space(c, &ino_req);
1314 fscrypt_free_filename(&old_nm);
1315 fscrypt_free_filename(&new_nm);
1316 ubifs_release_budget(c, &req);
1320 if (flags & RENAME_WHITEOUT) {
1321 union ubifs_dev_desc *dev = NULL;
1323 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1329 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout);
1335 whiteout->i_state |= I_LINKABLE;
1336 whiteout_ui = ubifs_inode(whiteout);
1337 whiteout_ui->data = dev;
1338 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0));
1339 ubifs_assert(c, !whiteout_ui->dirty);
1342 lock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1345 * Like most other Unix systems, set the @i_ctime for inodes on a
1348 time = current_time(old_dir);
1349 old_inode->i_ctime = time;
1351 /* We must adjust parent link count when renaming directories */
1355 * @old_dir loses a link because we are moving
1356 * @old_inode to a different directory.
1358 drop_nlink(old_dir);
1360 * @new_dir only gains a link if we are not also
1361 * overwriting an existing directory.
1367 * @old_inode is not moving to a different directory,
1368 * but @old_dir still loses a link if we are
1369 * overwriting an existing directory.
1372 drop_nlink(old_dir);
1376 old_dir->i_size -= old_sz;
1377 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1378 old_dir->i_mtime = old_dir->i_ctime = time;
1379 new_dir->i_mtime = new_dir->i_ctime = time;
1382 * And finally, if we unlinked a direntry which happened to have the
1383 * same name as the moved direntry, we have to decrement @i_nlink of
1384 * the unlinked inode and change its ctime.
1388 * Directories cannot have hard-links, so if this is a
1389 * directory, just clear @i_nlink.
1391 saved_nlink = new_inode->i_nlink;
1393 clear_nlink(new_inode);
1395 drop_nlink(new_inode);
1396 new_inode->i_ctime = time;
1398 new_dir->i_size += new_sz;
1399 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1403 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode
1404 * is dirty, because this will be done later on at the end of
1407 if (IS_SYNC(old_inode)) {
1408 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1409 if (unlink && IS_SYNC(new_inode))
1414 struct ubifs_budget_req wht_req = { .dirtied_ino = 1,
1416 ALIGN(ubifs_inode(whiteout)->data_len, 8) };
1418 err = ubifs_budget_space(c, &wht_req);
1420 kfree(whiteout_ui->data);
1421 whiteout_ui->data_len = 0;
1426 inc_nlink(whiteout);
1427 mark_inode_dirty(whiteout);
1428 whiteout->i_state &= ~I_LINKABLE;
1432 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir,
1433 new_inode, &new_nm, whiteout, sync);
1437 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1438 ubifs_release_budget(c, &req);
1440 mutex_lock(&old_inode_ui->ui_mutex);
1441 release = old_inode_ui->dirty;
1442 mark_inode_dirty_sync(old_inode);
1443 mutex_unlock(&old_inode_ui->ui_mutex);
1446 ubifs_release_budget(c, &ino_req);
1447 if (IS_SYNC(old_inode))
1448 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL);
1450 fscrypt_free_filename(&old_nm);
1451 fscrypt_free_filename(&new_nm);
1456 set_nlink(new_inode, saved_nlink);
1458 new_dir->i_size -= new_sz;
1459 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1461 old_dir->i_size += old_sz;
1462 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1467 drop_nlink(new_dir);
1474 drop_nlink(whiteout);
1477 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1479 ubifs_release_budget(c, &ino_req);
1480 ubifs_release_budget(c, &req);
1481 fscrypt_free_filename(&old_nm);
1482 fscrypt_free_filename(&new_nm);
1486 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
1487 struct inode *new_dir, struct dentry *new_dentry)
1489 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1490 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1492 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1493 struct inode *fst_inode = d_inode(old_dentry);
1494 struct inode *snd_inode = d_inode(new_dentry);
1495 struct timespec64 time;
1497 struct fscrypt_name fst_nm, snd_nm;
1499 ubifs_assert(c, fst_inode && snd_inode);
1501 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm);
1505 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm);
1507 fscrypt_free_filename(&fst_nm);
1511 lock_4_inodes(old_dir, new_dir, NULL, NULL);
1513 time = current_time(old_dir);
1514 fst_inode->i_ctime = time;
1515 snd_inode->i_ctime = time;
1516 old_dir->i_mtime = old_dir->i_ctime = time;
1517 new_dir->i_mtime = new_dir->i_ctime = time;
1519 if (old_dir != new_dir) {
1520 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) {
1522 drop_nlink(old_dir);
1524 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) {
1525 drop_nlink(new_dir);
1530 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir,
1531 snd_inode, &snd_nm, sync);
1533 unlock_4_inodes(old_dir, new_dir, NULL, NULL);
1534 ubifs_release_budget(c, &req);
1536 fscrypt_free_filename(&fst_nm);
1537 fscrypt_free_filename(&snd_nm);
1541 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry,
1542 struct inode *new_dir, struct dentry *new_dentry,
1546 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1548 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE))
1551 ubifs_assert(c, inode_is_locked(old_dir));
1552 ubifs_assert(c, inode_is_locked(new_dir));
1554 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry,
1559 if (flags & RENAME_EXCHANGE)
1560 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry);
1562 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags);
1565 int ubifs_getattr(const struct path *path, struct kstat *stat,
1566 u32 request_mask, unsigned int flags)
1569 struct inode *inode = d_inode(path->dentry);
1570 struct ubifs_inode *ui = ubifs_inode(inode);
1572 mutex_lock(&ui->ui_mutex);
1574 if (ui->flags & UBIFS_APPEND_FL)
1575 stat->attributes |= STATX_ATTR_APPEND;
1576 if (ui->flags & UBIFS_COMPR_FL)
1577 stat->attributes |= STATX_ATTR_COMPRESSED;
1578 if (ui->flags & UBIFS_CRYPT_FL)
1579 stat->attributes |= STATX_ATTR_ENCRYPTED;
1580 if (ui->flags & UBIFS_IMMUTABLE_FL)
1581 stat->attributes |= STATX_ATTR_IMMUTABLE;
1583 stat->attributes_mask |= (STATX_ATTR_APPEND |
1584 STATX_ATTR_COMPRESSED |
1585 STATX_ATTR_ENCRYPTED |
1586 STATX_ATTR_IMMUTABLE);
1588 generic_fillattr(inode, stat);
1589 stat->blksize = UBIFS_BLOCK_SIZE;
1590 stat->size = ui->ui_size;
1593 * Unfortunately, the 'stat()' system call was designed for block
1594 * device based file systems, and it is not appropriate for UBIFS,
1595 * because UBIFS does not have notion of "block". For example, it is
1596 * difficult to tell how many block a directory takes - it actually
1597 * takes less than 300 bytes, but we have to round it to block size,
1598 * which introduces large mistake. This makes utilities like 'du' to
1599 * report completely senseless numbers. This is the reason why UBIFS
1600 * goes the same way as JFFS2 - it reports zero blocks for everything
1601 * but regular files, which makes more sense than reporting completely
1604 if (S_ISREG(inode->i_mode)) {
1605 size = ui->xattr_size;
1607 size = ALIGN(size, UBIFS_BLOCK_SIZE);
1609 * Note, user-space expects 512-byte blocks count irrespectively
1610 * of what was reported in @stat->size.
1612 stat->blocks = size >> 9;
1615 mutex_unlock(&ui->ui_mutex);
1619 static int ubifs_dir_open(struct inode *dir, struct file *file)
1621 if (ubifs_crypt_is_encrypted(dir))
1622 return fscrypt_get_encryption_info(dir) ? -EACCES : 0;
1627 const struct inode_operations ubifs_dir_inode_operations = {
1628 .lookup = ubifs_lookup,
1629 .create = ubifs_create,
1631 .symlink = ubifs_symlink,
1632 .unlink = ubifs_unlink,
1633 .mkdir = ubifs_mkdir,
1634 .rmdir = ubifs_rmdir,
1635 .mknod = ubifs_mknod,
1636 .rename = ubifs_rename,
1637 .setattr = ubifs_setattr,
1638 .getattr = ubifs_getattr,
1639 #ifdef CONFIG_UBIFS_FS_XATTR
1640 .listxattr = ubifs_listxattr,
1642 .update_time = ubifs_update_time,
1643 .tmpfile = ubifs_tmpfile,
1646 const struct file_operations ubifs_dir_operations = {
1647 .llseek = generic_file_llseek,
1648 .release = ubifs_dir_release,
1649 .read = generic_read_dir,
1650 .iterate_shared = ubifs_readdir,
1651 .fsync = ubifs_fsync,
1652 .unlocked_ioctl = ubifs_ioctl,
1653 .open = ubifs_dir_open,
1654 #ifdef CONFIG_COMPAT
1655 .compat_ioctl = ubifs_compat_ioctl,
projects / librecmc / linux-libre.git / blob