fs/nfs/unlink.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 /*
   3  *  linux/fs/nfs/unlink.c
   4  *
   5  * nfs sillydelete handling
   6  *
   7  */
   8
   9 #include <linux/slab.h>
  10 #include <linux/string.h>
  11 #include <linux/dcache.h>
  12 #include <linux/sunrpc/sched.h>
  13 #include <linux/sunrpc/clnt.h>
  14 #include <linux/nfs_fs.h>
  15 #include <linux/sched.h>
  16 #include <linux/wait.h>
  17 #include <linux/namei.h>
  18 #include <linux/fsnotify.h>
  19
  20 #include "internal.h"
  21 #include "nfs4_fs.h"
  22 #include "iostat.h"
  23 #include "delegation.h"
  24
  25 #include "nfstrace.h"
  26
  27 /**
  28  * nfs_free_unlinkdata - release data from a sillydelete operation.
  29  * @data: pointer to unlink structure.
  30  */
  31 static void
  32 nfs_free_unlinkdata(struct nfs_unlinkdata *data)
  33 {
  34         put_rpccred(data->cred);
  35         kfree(data->args.name.name);
  36         kfree(data);
  37 }
  38
  39 /**
  40  * nfs_async_unlink_done - Sillydelete post-processing
  41  * @task: rpc_task of the sillydelete
  42  *
  43  * Do the directory attribute update.
  44  */
  45 static void nfs_async_unlink_done(struct rpc_task *task, void *calldata)
  46 {
  47         struct nfs_unlinkdata *data = calldata;
  48         struct inode *dir = d_inode(data->dentry->d_parent);
  49
  50         trace_nfs_sillyrename_unlink(data, task->tk_status);
  51         if (!NFS_PROTO(dir)->unlink_done(task, dir))
  52                 rpc_restart_call_prepare(task);
  53 }
  54
  55 /**
  56  * nfs_async_unlink_release - Release the sillydelete data.
  57  * @task: rpc_task of the sillydelete
  58  *
  59  * We need to call nfs_put_unlinkdata as a 'tk_release' task since the
  60  * rpc_task would be freed too.
  61  */
  62 static void nfs_async_unlink_release(void *calldata)
  63 {
  64         struct nfs_unlinkdata   *data = calldata;
  65         struct dentry *dentry = data->dentry;
  66         struct super_block *sb = dentry->d_sb;
  67
  68         up_read_non_owner(&NFS_I(d_inode(dentry->d_parent))->rmdir_sem);
  69         d_lookup_done(dentry);
  70         nfs_free_unlinkdata(data);
  71         dput(dentry);
  72         nfs_sb_deactive(sb);
  73 }
  74
  75 static void nfs_unlink_prepare(struct rpc_task *task, void *calldata)
  76 {
  77         struct nfs_unlinkdata *data = calldata;
  78         struct inode *dir = d_inode(data->dentry->d_parent);
  79         NFS_PROTO(dir)->unlink_rpc_prepare(task, data);
  80 }
  81
  82 static const struct rpc_call_ops nfs_unlink_ops = {
  83         .rpc_call_done = nfs_async_unlink_done,
  84         .rpc_release = nfs_async_unlink_release,
  85         .rpc_call_prepare = nfs_unlink_prepare,
  86 };
  87
  88 static void nfs_do_call_unlink(struct nfs_unlinkdata *data)
  89 {
  90         struct rpc_message msg = {
  91                 .rpc_argp = &data->args,
  92                 .rpc_resp = &data->res,
  93                 .rpc_cred = data->cred,
  94         };
  95         struct rpc_task_setup task_setup_data = {
  96                 .rpc_message = &msg,
  97                 .callback_ops = &nfs_unlink_ops,
  98                 .callback_data = data,
  99                 .workqueue = nfsiod_workqueue,
 100                 .flags = RPC_TASK_ASYNC,
 101         };
 102         struct rpc_task *task;
 103         struct inode *dir = d_inode(data->dentry->d_parent);
 104         nfs_sb_active(dir->i_sb);
 105         data->args.fh = NFS_FH(dir);
 106         nfs_fattr_init(data->res.dir_attr);
 107
 108         NFS_PROTO(dir)->unlink_setup(&msg, dir);
 109
 110         task_setup_data.rpc_client = NFS_CLIENT(dir);
 111         task = rpc_run_task(&task_setup_data);
 112         if (!IS_ERR(task))
 113                 rpc_put_task_async(task);
 114 }
 115
 116 static int nfs_call_unlink(struct dentry *dentry, struct nfs_unlinkdata *data)
 117 {
 118         struct inode *dir = d_inode(dentry->d_parent);
 119         struct dentry *alias;
 120
 121         down_read_non_owner(&NFS_I(dir)->rmdir_sem);
 122         alias = d_alloc_parallel(dentry->d_parent, &data->args.name, &data->wq);
 123         if (IS_ERR(alias)) {
 124                 up_read_non_owner(&NFS_I(dir)->rmdir_sem);
 125                 return 0;
 126         }
 127         if (!d_in_lookup(alias)) {
 128                 int ret;
 129                 void *devname_garbage = NULL;
 130
 131                 /*
 132                  * Hey, we raced with lookup... See if we need to transfer
 133                  * the sillyrename information to the aliased dentry.
 134                  */
 135                 spin_lock(&alias->d_lock);
 136                 if (d_really_is_positive(alias) &&
 137                     !(alias->d_flags & DCACHE_NFSFS_RENAMED)) {
 138                         devname_garbage = alias->d_fsdata;
 139                         alias->d_fsdata = data;
 140                         alias->d_flags |= DCACHE_NFSFS_RENAMED;
 141                         ret = 1;
 142                 } else
 143                         ret = 0;
 144                 spin_unlock(&alias->d_lock);
 145                 dput(alias);
 146                 up_read_non_owner(&NFS_I(dir)->rmdir_sem);
 147                 /*
 148                  * If we'd displaced old cached devname, free it.  At that
 149                  * point dentry is definitely not a root, so we won't need
 150                  * that anymore.
 151                  */
 152                 kfree(devname_garbage);
 153                 return ret;
 154         }
 155         data->dentry = alias;
 156         nfs_do_call_unlink(data);
 157         return 1;
 158 }
 159
 160 /**
 161  * nfs_async_unlink - asynchronous unlinking of a file
 162  * @dir: parent directory of dentry
 163  * @dentry: dentry to unlink
 164  */
 165 static int
 166 nfs_async_unlink(struct dentry *dentry, const struct qstr *name)
 167 {
 168         struct nfs_unlinkdata *data;
 169         int status = -ENOMEM;
 170         void *devname_garbage = NULL;
 171
 172         data = kzalloc(sizeof(*data), GFP_KERNEL);
 173         if (data == NULL)
 174                 goto out;
 175         data->args.name.name = kstrdup(name->name, GFP_KERNEL);
 176         if (!data->args.name.name)
 177                 goto out_free;
 178         data->args.name.len = name->len;
 179
 180         data->cred = rpc_lookup_cred();
 181         if (IS_ERR(data->cred)) {
 182                 status = PTR_ERR(data->cred);
 183                 goto out_free_name;
 184         }
 185         data->res.dir_attr = &data->dir_attr;
 186         init_waitqueue_head(&data->wq);
 187
 188         status = -EBUSY;
 189         spin_lock(&dentry->d_lock);
 190         if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
 191                 goto out_unlock;
 192         dentry->d_flags |= DCACHE_NFSFS_RENAMED;
 193         devname_garbage = dentry->d_fsdata;
 194         dentry->d_fsdata = data;
 195         spin_unlock(&dentry->d_lock);
 196         /*
 197          * If we'd displaced old cached devname, free it.  At that
 198          * point dentry is definitely not a root, so we won't need
 199          * that anymore.
 200          */
 201         kfree(devname_garbage);
 202         return 0;
 203 out_unlock:
 204         spin_unlock(&dentry->d_lock);
 205         put_rpccred(data->cred);
 206 out_free_name:
 207         kfree(data->args.name.name);
 208 out_free:
 209         kfree(data);
 210 out:
 211         return status;
 212 }
 213
 214 /**
 215  * nfs_complete_unlink - Initialize completion of the sillydelete
 216  * @dentry: dentry to delete
 217  * @inode: inode
 218  *
 219  * Since we're most likely to be called by dentry_iput(), we
 220  * only use the dentry to find the sillydelete. We then copy the name
 221  * into the qstr.
 222  */
 223 void
 224 nfs_complete_unlink(struct dentry *dentry, struct inode *inode)
 225 {
 226         struct nfs_unlinkdata   *data;
 227
 228         spin_lock(&dentry->d_lock);
 229         dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
 230         data = dentry->d_fsdata;
 231         dentry->d_fsdata = NULL;
 232         spin_unlock(&dentry->d_lock);
 233
 234         if (NFS_STALE(inode) || !nfs_call_unlink(dentry, data))
 235                 nfs_free_unlinkdata(data);
 236 }
 237
 238 /* Cancel a queued async unlink. Called when a sillyrename run fails. */
 239 static void
 240 nfs_cancel_async_unlink(struct dentry *dentry)
 241 {
 242         spin_lock(&dentry->d_lock);
 243         if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
 244                 struct nfs_unlinkdata *data = dentry->d_fsdata;
 245
 246                 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
 247                 dentry->d_fsdata = NULL;
 248                 spin_unlock(&dentry->d_lock);
 249                 nfs_free_unlinkdata(data);
 250                 return;
 251         }
 252         spin_unlock(&dentry->d_lock);
 253 }
 254
 255 /**
 256  * nfs_async_rename_done - Sillyrename post-processing
 257  * @task: rpc_task of the sillyrename
 258  * @calldata: nfs_renamedata for the sillyrename
 259  *
 260  * Do the directory attribute updates and the d_move
 261  */
 262 static void nfs_async_rename_done(struct rpc_task *task, void *calldata)
 263 {
 264         struct nfs_renamedata *data = calldata;
 265         struct inode *old_dir = data->old_dir;
 266         struct inode *new_dir = data->new_dir;
 267         struct dentry *old_dentry = data->old_dentry;
 268
 269         trace_nfs_sillyrename_rename(old_dir, old_dentry,
 270                         new_dir, data->new_dentry, task->tk_status);
 271         if (!NFS_PROTO(old_dir)->rename_done(task, old_dir, new_dir)) {
 272                 rpc_restart_call_prepare(task);
 273                 return;
 274         }
 275
 276         if (data->complete)
 277                 data->complete(task, data);
 278 }
 279
 280 /**
 281  * nfs_async_rename_release - Release the sillyrename data.
 282  * @calldata: the struct nfs_renamedata to be released
 283  */
 284 static void nfs_async_rename_release(void *calldata)
 285 {
 286         struct nfs_renamedata   *data = calldata;
 287         struct super_block *sb = data->old_dir->i_sb;
 288
 289         if (d_really_is_positive(data->old_dentry))
 290                 nfs_mark_for_revalidate(d_inode(data->old_dentry));
 291
 292         /* The result of the rename is unknown. Play it safe by
 293          * forcing a new lookup */
 294         if (data->cancelled) {
 295                 spin_lock(&data->old_dir->i_lock);
 296                 nfs_force_lookup_revalidate(data->old_dir);
 297                 spin_unlock(&data->old_dir->i_lock);
 298                 if (data->new_dir != data->old_dir) {
 299                         spin_lock(&data->new_dir->i_lock);
 300                         nfs_force_lookup_revalidate(data->new_dir);
 301                         spin_unlock(&data->new_dir->i_lock);
 302                 }
 303         }
 304
 305         dput(data->old_dentry);
 306         dput(data->new_dentry);
 307         iput(data->old_dir);
 308         iput(data->new_dir);
 309         nfs_sb_deactive(sb);
 310         put_rpccred(data->cred);
 311         kfree(data);
 312 }
 313
 314 static void nfs_rename_prepare(struct rpc_task *task, void *calldata)
 315 {
 316         struct nfs_renamedata *data = calldata;
 317         NFS_PROTO(data->old_dir)->rename_rpc_prepare(task, data);
 318 }
 319
 320 static const struct rpc_call_ops nfs_rename_ops = {
 321         .rpc_call_done = nfs_async_rename_done,
 322         .rpc_release = nfs_async_rename_release,
 323         .rpc_call_prepare = nfs_rename_prepare,
 324 };
 325
 326 /**
 327  * nfs_async_rename - perform an asynchronous rename operation
 328  * @old_dir: directory that currently holds the dentry to be renamed
 329  * @new_dir: target directory for the rename
 330  * @old_dentry: original dentry to be renamed
 331  * @new_dentry: dentry to which the old_dentry should be renamed
 332  *
 333  * It's expected that valid references to the dentries and inodes are held
 334  */
 335 struct rpc_task *
 336 nfs_async_rename(struct inode *old_dir, struct inode *new_dir,
 337                  struct dentry *old_dentry, struct dentry *new_dentry,
 338                  void (*complete)(struct rpc_task *, struct nfs_renamedata *))
 339 {
 340         struct nfs_renamedata *data;
 341         struct rpc_message msg = { };
 342         struct rpc_task_setup task_setup_data = {
 343                 .rpc_message = &msg,
 344                 .callback_ops = &nfs_rename_ops,
 345                 .workqueue = nfsiod_workqueue,
 346                 .rpc_client = NFS_CLIENT(old_dir),
 347                 .flags = RPC_TASK_ASYNC,
 348         };
 349
 350         data = kzalloc(sizeof(*data), GFP_KERNEL);
 351         if (data == NULL)
 352                 return ERR_PTR(-ENOMEM);
 353         task_setup_data.callback_data = data;
 354
 355         data->cred = rpc_lookup_cred();
 356         if (IS_ERR(data->cred)) {
 357                 struct rpc_task *task = ERR_CAST(data->cred);
 358                 kfree(data);
 359                 return task;
 360         }
 361
 362         msg.rpc_argp = &data->args;
 363         msg.rpc_resp = &data->res;
 364         msg.rpc_cred = data->cred;
 365
 366         /* set up nfs_renamedata */
 367         data->old_dir = old_dir;
 368         ihold(old_dir);
 369         data->new_dir = new_dir;
 370         ihold(new_dir);
 371         data->old_dentry = dget(old_dentry);
 372         data->new_dentry = dget(new_dentry);
 373         nfs_fattr_init(&data->old_fattr);
 374         nfs_fattr_init(&data->new_fattr);
 375         data->complete = complete;
 376
 377         /* set up nfs_renameargs */
 378         data->args.old_dir = NFS_FH(old_dir);
 379         data->args.old_name = &old_dentry->d_name;
 380         data->args.new_dir = NFS_FH(new_dir);
 381         data->args.new_name = &new_dentry->d_name;
 382
 383         /* set up nfs_renameres */
 384         data->res.old_fattr = &data->old_fattr;
 385         data->res.new_fattr = &data->new_fattr;
 386
 387         nfs_sb_active(old_dir->i_sb);
 388
 389         NFS_PROTO(data->old_dir)->rename_setup(&msg, old_dir);
 390
 391         return rpc_run_task(&task_setup_data);
 392 }
 393
 394 /*
 395  * Perform tasks needed when a sillyrename is done such as cancelling the
 396  * queued async unlink if it failed.
 397  */
 398 static void
 399 nfs_complete_sillyrename(struct rpc_task *task, struct nfs_renamedata *data)
 400 {
 401         struct dentry *dentry = data->old_dentry;
 402
 403         if (task->tk_status != 0) {
 404                 nfs_cancel_async_unlink(dentry);
 405                 return;
 406         }
 407
 408         /*
 409          * vfs_unlink and the like do not issue this when a file is
 410          * sillyrenamed, so do it here.
 411          */
 412         fsnotify_nameremove(dentry, 0);
 413 }
 414
 415 #define SILLYNAME_PREFIX ".nfs"
 416 #define SILLYNAME_PREFIX_LEN ((unsigned)sizeof(SILLYNAME_PREFIX) - 1)
 417 #define SILLYNAME_FILEID_LEN ((unsigned)sizeof(u64) << 1)
 418 #define SILLYNAME_COUNTER_LEN ((unsigned)sizeof(unsigned int) << 1)
 419 #define SILLYNAME_LEN (SILLYNAME_PREFIX_LEN + \
 420                 SILLYNAME_FILEID_LEN + \
 421                 SILLYNAME_COUNTER_LEN)
 422
 423 /**
 424  * nfs_sillyrename - Perform a silly-rename of a dentry
 425  * @dir: inode of directory that contains dentry
 426  * @dentry: dentry to be sillyrenamed
 427  *
 428  * NFSv2/3 is stateless and the server doesn't know when the client is
 429  * holding a file open. To prevent application problems when a file is
 430  * unlinked while it's still open, the client performs a "silly-rename".
 431  * That is, it renames the file to a hidden file in the same directory,
 432  * and only performs the unlink once the last reference to it is put.
 433  *
 434  * The final cleanup is done during dentry_iput.
 435  *
 436  * (Note: NFSv4 is stateful, and has opens, so in theory an NFSv4 server
 437  * could take responsibility for keeping open files referenced.  The server
 438  * would also need to ensure that opened-but-deleted files were kept over
 439  * reboots.  However, we may not assume a server does so.  (RFC 5661
 440  * does provide an OPEN4_RESULT_PRESERVE_UNLINKED flag that a server can
 441  * use to advertise that it does this; some day we may take advantage of
 442  * it.))
 443  */
 444 int
 445 nfs_sillyrename(struct inode *dir, struct dentry *dentry)
 446 {
 447         static unsigned int sillycounter;
 448         unsigned char silly[SILLYNAME_LEN + 1];
 449         unsigned long long fileid;
 450         struct dentry *sdentry;
 451         struct rpc_task *task;
 452         int            error = -EBUSY;
 453
 454         dfprintk(VFS, "NFS: silly-rename(%pd2, ct=%d)\n",
 455                 dentry, d_count(dentry));
 456         nfs_inc_stats(dir, NFSIOS_SILLYRENAME);
 457
 458         /*
 459          * We don't allow a dentry to be silly-renamed twice.
 460          */
 461         if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
 462                 goto out;
 463
 464         fileid = NFS_FILEID(d_inode(dentry));
 465
 466         /* Return delegation in anticipation of the rename */
 467         NFS_PROTO(d_inode(dentry))->return_delegation(d_inode(dentry));
 468
 469         sdentry = NULL;
 470         do {
 471                 int slen;
 472                 dput(sdentry);
 473                 sillycounter++;
 474                 slen = scnprintf(silly, sizeof(silly),
 475                                 SILLYNAME_PREFIX "%0*llx%0*x",
 476                                 SILLYNAME_FILEID_LEN, fileid,
 477                                 SILLYNAME_COUNTER_LEN, sillycounter);
 478
 479                 dfprintk(VFS, "NFS: trying to rename %pd to %s\n",
 480                                 dentry, silly);
 481
 482                 sdentry = lookup_one_len(silly, dentry->d_parent, slen);
 483                 /*
 484                  * N.B. Better to return EBUSY here ... it could be
 485                  * dangerous to delete the file while it's in use.
 486                  */
 487                 if (IS_ERR(sdentry))
 488                         goto out;
 489         } while (d_inode(sdentry) != NULL); /* need negative lookup */
 490
 491         /* queue unlink first. Can't do this from rpc_release as it
 492          * has to allocate memory
 493          */
 494         error = nfs_async_unlink(dentry, &sdentry->d_name);
 495         if (error)
 496                 goto out_dput;
 497
 498         /* run the rename task, undo unlink if it fails */
 499         task = nfs_async_rename(dir, dir, dentry, sdentry,
 500                                         nfs_complete_sillyrename);
 501         if (IS_ERR(task)) {
 502                 error = -EBUSY;
 503                 nfs_cancel_async_unlink(dentry);
 504                 goto out_dput;
 505         }
 506
 507         /* wait for the RPC task to complete, unless a SIGKILL intervenes */
 508         error = rpc_wait_for_completion_task(task);
 509         if (error == 0)
 510                 error = task->tk_status;
 511         switch (error) {
 512         case 0:
 513                 /* The rename succeeded */
 514                 nfs_set_verifier(dentry, nfs_save_change_attribute(dir));
 515                 d_move(dentry, sdentry);
 516                 break;
 517         case -ERESTARTSYS:
 518                 /* The result of the rename is unknown. Play it safe by
 519                  * forcing a new lookup */
 520                 d_drop(dentry);
 521                 d_drop(sdentry);
 522         }
 523         rpc_put_task(task);
 524 out_dput:
 525         dput(sdentry);
 526 out:
 527         return error;
 528 }