1 // SPDX-License-Identifier: GPL-2.0-only
2 /* * This file is part of UBIFS.
4 * Copyright (C) 2006-2008 Nokia Corporation.
5 * Copyright (C) 2006, 2007 University of Szeged, Hungary
7 * Authors: Artem Bityutskiy (Битюцкий Артём)
13 * This file implements directory operations.
15 * All FS operations in this file allocate budget before writing anything to the
16 * media. If they fail to allocate it, the error is returned. The only
17 * exceptions are 'ubifs_unlink()' and 'ubifs_rmdir()' which keep working even
18 * if they unable to allocate the budget, because deletion %-ENOSPC failure is
19 * not what users are usually ready to get. UBIFS budgeting subsystem has some
20 * space reserved for these purposes.
22 * All operations in this file write all inodes which they change straight
23 * away, instead of marking them dirty. For example, 'ubifs_link()' changes
24 * @i_size of the parent inode and writes the parent inode together with the
25 * target inode. This was done to simplify file-system recovery which would
26 * otherwise be very difficult to do. The only exception is rename which marks
27 * the re-named inode dirty (because its @i_ctime is updated) but does not
28 * write it, but just marks it as dirty.
34 * inherit_flags - inherit flags of the parent inode.
36 * @mode: new inode mode flags
38 * This is a helper function for 'ubifs_new_inode()' which inherits flag of the
39 * parent directory inode @dir. UBIFS inodes inherit the following flags:
40 * o %UBIFS_COMPR_FL, which is useful to switch compression on/of on
41 * sub-directory basis;
42 * o %UBIFS_SYNC_FL - useful for the same reasons;
43 * o %UBIFS_DIRSYNC_FL - similar, but relevant only to directories.
45 * This function returns the inherited flags.
47 static int inherit_flags(const struct inode *dir, umode_t mode)
50 const struct ubifs_inode *ui = ubifs_inode(dir);
52 if (!S_ISDIR(dir->i_mode))
54 * The parent is not a directory, which means that an extended
55 * attribute inode is being created. No flags.
59 flags = ui->flags & (UBIFS_COMPR_FL | UBIFS_SYNC_FL | UBIFS_DIRSYNC_FL);
61 /* The "DIRSYNC" flag only applies to directories */
62 flags &= ~UBIFS_DIRSYNC_FL;
67 * ubifs_new_inode - allocate new UBIFS inode object.
68 * @c: UBIFS file-system description object
69 * @dir: parent directory inode
70 * @mode: inode mode flags
72 * This function finds an unused inode number, allocates new inode and
73 * initializes it. Returns new inode in case of success and an error code in
76 struct inode *ubifs_new_inode(struct ubifs_info *c, struct inode *dir,
81 struct ubifs_inode *ui;
82 bool encrypted = false;
84 inode = new_inode(c->vfs_sb);
85 ui = ubifs_inode(inode);
87 return ERR_PTR(-ENOMEM);
90 * Set 'S_NOCMTIME' to prevent VFS form updating [mc]time of inodes and
91 * marking them dirty in file write path (see 'file_update_time()').
92 * UBIFS has to fully control "clean <-> dirty" transitions of inodes
93 * to make budgeting work.
95 inode->i_flags |= S_NOCMTIME;
97 inode_init_owner(inode, dir, mode);
98 inode->i_mtime = inode->i_atime = inode->i_ctime =
100 inode->i_mapping->nrpages = 0;
102 err = fscrypt_prepare_new_inode(dir, inode, &encrypted);
104 ubifs_err(c, "fscrypt_prepare_new_inode failed: %i", err);
108 switch (mode & S_IFMT) {
110 inode->i_mapping->a_ops = &ubifs_file_address_operations;
111 inode->i_op = &ubifs_file_inode_operations;
112 inode->i_fop = &ubifs_file_operations;
115 inode->i_op = &ubifs_dir_inode_operations;
116 inode->i_fop = &ubifs_dir_operations;
117 inode->i_size = ui->ui_size = UBIFS_INO_NODE_SZ;
120 inode->i_op = &ubifs_symlink_inode_operations;
126 inode->i_op = &ubifs_file_inode_operations;
132 ui->flags = inherit_flags(dir, mode);
133 ubifs_set_inode_flags(inode);
135 ui->compr_type = c->default_compr;
137 ui->compr_type = UBIFS_COMPR_NONE;
138 ui->synced_i_size = 0;
140 spin_lock(&c->cnt_lock);
141 /* Inode number overflow is currently not supported */
142 if (c->highest_inum >= INUM_WARN_WATERMARK) {
143 if (c->highest_inum >= INUM_WATERMARK) {
144 spin_unlock(&c->cnt_lock);
145 ubifs_err(c, "out of inode numbers");
149 ubifs_warn(c, "running out of inode numbers (current %lu, max %u)",
150 (unsigned long)c->highest_inum, INUM_WATERMARK);
153 inode->i_ino = ++c->highest_inum;
155 * The creation sequence number remains with this inode for its
156 * lifetime. All nodes for this inode have a greater sequence number,
157 * and so it is possible to distinguish obsolete nodes belonging to a
158 * previous incarnation of the same inode number - for example, for the
159 * purpose of rebuilding the index.
161 ui->creat_sqnum = ++c->max_sqnum;
162 spin_unlock(&c->cnt_lock);
165 err = fscrypt_set_context(inode, NULL);
167 ubifs_err(c, "fscrypt_set_context failed: %i", err);
175 make_bad_inode(inode);
180 static int dbg_check_name(const struct ubifs_info *c,
181 const struct ubifs_dent_node *dent,
182 const struct fscrypt_name *nm)
184 if (!dbg_is_chk_gen(c))
186 if (le16_to_cpu(dent->nlen) != fname_len(nm))
188 if (memcmp(dent->name, fname_name(nm), fname_len(nm)))
193 static struct dentry *ubifs_lookup(struct inode *dir, struct dentry *dentry,
198 struct inode *inode = NULL;
199 struct ubifs_dent_node *dent = NULL;
200 struct ubifs_info *c = dir->i_sb->s_fs_info;
201 struct fscrypt_name nm;
203 dbg_gen("'%pd' in dir ino %lu", dentry, dir->i_ino);
205 err = fscrypt_prepare_lookup(dir, dentry, &nm);
207 return d_splice_alias(NULL, dentry);
211 if (fname_len(&nm) > UBIFS_MAX_NLEN) {
212 inode = ERR_PTR(-ENAMETOOLONG);
216 dent = kmalloc(UBIFS_MAX_DENT_NODE_SZ, GFP_NOFS);
218 inode = ERR_PTR(-ENOMEM);
222 if (fname_name(&nm) == NULL) {
223 if (nm.hash & ~UBIFS_S_KEY_HASH_MASK)
224 goto done; /* ENOENT */
225 dent_key_init_hash(c, &key, dir->i_ino, nm.hash);
226 err = ubifs_tnc_lookup_dh(c, &key, dent, nm.minor_hash);
228 dent_key_init(c, &key, dir->i_ino, &nm);
229 err = ubifs_tnc_lookup_nm(c, &key, dent, &nm);
234 dbg_gen("not found");
236 inode = ERR_PTR(err);
240 if (dbg_check_name(c, dent, &nm)) {
241 inode = ERR_PTR(-EINVAL);
245 inode = ubifs_iget(dir->i_sb, le64_to_cpu(dent->inum));
248 * This should not happen. Probably the file-system needs
251 err = PTR_ERR(inode);
252 ubifs_err(c, "dead directory entry '%pd', error %d",
254 ubifs_ro_mode(c, err);
258 if (IS_ENCRYPTED(dir) &&
259 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) &&
260 !fscrypt_has_permitted_context(dir, inode)) {
261 ubifs_warn(c, "Inconsistent encryption contexts: %lu/%lu",
262 dir->i_ino, inode->i_ino);
264 inode = ERR_PTR(-EPERM);
269 fscrypt_free_filename(&nm);
270 return d_splice_alias(inode, dentry);
273 static int ubifs_prepare_create(struct inode *dir, struct dentry *dentry,
274 struct fscrypt_name *nm)
276 if (fscrypt_is_nokey_name(dentry))
279 return fscrypt_setup_filename(dir, &dentry->d_name, 0, nm);
282 static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
286 struct ubifs_info *c = dir->i_sb->s_fs_info;
287 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
289 struct ubifs_inode *dir_ui = ubifs_inode(dir);
290 struct fscrypt_name nm;
294 * Budget request settings: new inode, new direntry, changing the
295 * parent directory inode.
298 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
299 dentry, mode, dir->i_ino);
301 err = ubifs_budget_space(c, &req);
305 err = ubifs_prepare_create(dir, dentry, &nm);
309 sz_change = CALC_DENT_SIZE(fname_len(&nm));
311 inode = ubifs_new_inode(c, dir, mode);
313 err = PTR_ERR(inode);
317 err = ubifs_init_security(dir, inode, &dentry->d_name);
321 mutex_lock(&dir_ui->ui_mutex);
322 dir->i_size += sz_change;
323 dir_ui->ui_size = dir->i_size;
324 dir->i_mtime = dir->i_ctime = inode->i_ctime;
325 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
328 mutex_unlock(&dir_ui->ui_mutex);
330 ubifs_release_budget(c, &req);
331 fscrypt_free_filename(&nm);
332 insert_inode_hash(inode);
333 d_instantiate(dentry, inode);
337 dir->i_size -= sz_change;
338 dir_ui->ui_size = dir->i_size;
339 mutex_unlock(&dir_ui->ui_mutex);
341 make_bad_inode(inode);
344 fscrypt_free_filename(&nm);
346 ubifs_release_budget(c, &req);
347 ubifs_err(c, "cannot create regular file, error %d", err);
351 static int do_tmpfile(struct inode *dir, struct dentry *dentry,
352 umode_t mode, struct inode **whiteout)
355 struct ubifs_info *c = dir->i_sb->s_fs_info;
356 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
358 struct ubifs_budget_req ino_req = { .dirtied_ino = 1 };
359 struct ubifs_inode *ui, *dir_ui = ubifs_inode(dir);
360 int err, instantiated = 0;
361 struct fscrypt_name nm;
364 * Budget request settings: new inode, new direntry, changing the
365 * parent directory inode.
366 * Allocate budget separately for new dirtied inode, the budget will
367 * be released via writeback.
370 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
371 dentry, mode, dir->i_ino);
373 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
377 err = ubifs_budget_space(c, &req);
379 fscrypt_free_filename(&nm);
383 err = ubifs_budget_space(c, &ino_req);
385 ubifs_release_budget(c, &req);
386 fscrypt_free_filename(&nm);
390 inode = ubifs_new_inode(c, dir, mode);
392 err = PTR_ERR(inode);
395 ui = ubifs_inode(inode);
398 init_special_inode(inode, inode->i_mode, WHITEOUT_DEV);
399 ubifs_assert(c, inode->i_op == &ubifs_file_inode_operations);
402 err = ubifs_init_security(dir, inode, &dentry->d_name);
406 mutex_lock(&ui->ui_mutex);
407 insert_inode_hash(inode);
410 mark_inode_dirty(inode);
414 d_tmpfile(dentry, inode);
416 ubifs_assert(c, ui->dirty);
419 mutex_unlock(&ui->ui_mutex);
421 mutex_lock(&dir_ui->ui_mutex);
422 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
425 mutex_unlock(&dir_ui->ui_mutex);
427 ubifs_release_budget(c, &req);
432 mutex_unlock(&dir_ui->ui_mutex);
434 make_bad_inode(inode);
440 ubifs_release_budget(c, &req);
442 ubifs_release_budget(c, &ino_req);
443 fscrypt_free_filename(&nm);
444 ubifs_err(c, "cannot create temporary file, error %d", err);
448 static int ubifs_tmpfile(struct inode *dir, struct dentry *dentry,
451 return do_tmpfile(dir, dentry, mode, NULL);
455 * vfs_dent_type - get VFS directory entry type.
456 * @type: UBIFS directory entry type
458 * This function converts UBIFS directory entry type into VFS directory entry
461 static unsigned int vfs_dent_type(uint8_t type)
464 case UBIFS_ITYPE_REG:
466 case UBIFS_ITYPE_DIR:
468 case UBIFS_ITYPE_LNK:
470 case UBIFS_ITYPE_BLK:
472 case UBIFS_ITYPE_CHR:
474 case UBIFS_ITYPE_FIFO:
476 case UBIFS_ITYPE_SOCK:
485 * The classical Unix view for directory is that it is a linear array of
486 * (name, inode number) entries. Linux/VFS assumes this model as well.
487 * Particularly, 'readdir()' call wants us to return a directory entry offset
488 * which later may be used to continue 'readdir()'ing the directory or to
489 * 'seek()' to that specific direntry. Obviously UBIFS does not really fit this
490 * model because directory entries are identified by keys, which may collide.
492 * UBIFS uses directory entry hash value for directory offsets, so
493 * 'seekdir()'/'telldir()' may not always work because of possible key
494 * collisions. But UBIFS guarantees that consecutive 'readdir()' calls work
495 * properly by means of saving full directory entry name in the private field
496 * of the file description object.
498 * This means that UBIFS cannot support NFS which requires full
499 * 'seekdir()'/'telldir()' support.
501 static int ubifs_readdir(struct file *file, struct dir_context *ctx)
503 int fstr_real_len = 0, err = 0;
504 struct fscrypt_name nm;
505 struct fscrypt_str fstr = {0};
507 struct ubifs_dent_node *dent;
508 struct inode *dir = file_inode(file);
509 struct ubifs_info *c = dir->i_sb->s_fs_info;
510 bool encrypted = IS_ENCRYPTED(dir);
512 dbg_gen("dir ino %lu, f_pos %#llx", dir->i_ino, ctx->pos);
514 if (ctx->pos > UBIFS_S_KEY_HASH_MASK || ctx->pos == 2)
516 * The directory was seek'ed to a senseless position or there
517 * are no more entries.
522 err = fscrypt_get_encryption_info(dir);
526 err = fscrypt_fname_alloc_buffer(UBIFS_MAX_NLEN, &fstr);
530 fstr_real_len = fstr.len;
533 if (file->f_version == 0) {
535 * The file was seek'ed, which means that @file->private_data
536 * is now invalid. This may also be just the first
537 * 'ubifs_readdir()' invocation, in which case
538 * @file->private_data is NULL, and the below code is
541 kfree(file->private_data);
542 file->private_data = NULL;
546 * 'generic_file_llseek()' unconditionally sets @file->f_version to
547 * zero, and we use this for detecting whether the file was seek'ed.
551 /* File positions 0 and 1 correspond to "." and ".." */
553 ubifs_assert(c, !file->private_data);
554 if (!dir_emit_dots(file, ctx)) {
556 fscrypt_fname_free_buffer(&fstr);
560 /* Find the first entry in TNC and save it */
561 lowest_dent_key(c, &key, dir->i_ino);
563 dent = ubifs_tnc_next_ent(c, &key, &nm);
569 ctx->pos = key_hash_flash(c, &dent->key);
570 file->private_data = dent;
573 dent = file->private_data;
576 * The directory was seek'ed to and is now readdir'ed.
577 * Find the entry corresponding to @ctx->pos or the closest one.
579 dent_key_init_hash(c, &key, dir->i_ino, ctx->pos);
581 dent = ubifs_tnc_next_ent(c, &key, &nm);
586 ctx->pos = key_hash_flash(c, &dent->key);
587 file->private_data = dent;
591 dbg_gen("ino %llu, new f_pos %#x",
592 (unsigned long long)le64_to_cpu(dent->inum),
593 key_hash_flash(c, &dent->key));
594 ubifs_assert(c, le64_to_cpu(dent->ch.sqnum) >
595 ubifs_inode(dir)->creat_sqnum);
597 fname_len(&nm) = le16_to_cpu(dent->nlen);
598 fname_name(&nm) = dent->name;
601 fstr.len = fstr_real_len;
603 err = fscrypt_fname_disk_to_usr(dir, key_hash_flash(c,
605 le32_to_cpu(dent->cookie),
606 &nm.disk_name, &fstr);
610 fstr.len = fname_len(&nm);
611 fstr.name = fname_name(&nm);
614 if (!dir_emit(ctx, fstr.name, fstr.len,
615 le64_to_cpu(dent->inum),
616 vfs_dent_type(dent->type))) {
618 fscrypt_fname_free_buffer(&fstr);
622 /* Switch to the next entry */
623 key_read(c, &dent->key, &key);
624 dent = ubifs_tnc_next_ent(c, &key, &nm);
630 kfree(file->private_data);
631 ctx->pos = key_hash_flash(c, &dent->key);
632 file->private_data = dent;
637 kfree(file->private_data);
638 file->private_data = NULL;
641 fscrypt_fname_free_buffer(&fstr);
644 ubifs_err(c, "cannot find next direntry, error %d", err);
647 * -ENOENT is a non-fatal error in this context, the TNC uses
648 * it to indicate that the cursor moved past the current directory
649 * and readdir() has to stop.
654 /* 2 is a special value indicating that there are no more direntries */
659 /* Free saved readdir() state when the directory is closed */
660 static int ubifs_dir_release(struct inode *dir, struct file *file)
662 kfree(file->private_data);
663 file->private_data = NULL;
668 * lock_2_inodes - a wrapper for locking two UBIFS inodes.
669 * @inode1: first inode
670 * @inode2: second inode
672 * We do not implement any tricks to guarantee strict lock ordering, because
673 * VFS has already done it for us on the @i_mutex. So this is just a simple
676 static void lock_2_inodes(struct inode *inode1, struct inode *inode2)
678 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
679 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
683 * unlock_2_inodes - a wrapper for unlocking two UBIFS inodes.
684 * @inode1: first inode
685 * @inode2: second inode
687 static void unlock_2_inodes(struct inode *inode1, struct inode *inode2)
689 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
690 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
693 static int ubifs_link(struct dentry *old_dentry, struct inode *dir,
694 struct dentry *dentry)
696 struct ubifs_info *c = dir->i_sb->s_fs_info;
697 struct inode *inode = d_inode(old_dentry);
698 struct ubifs_inode *ui = ubifs_inode(inode);
699 struct ubifs_inode *dir_ui = ubifs_inode(dir);
700 int err, sz_change = CALC_DENT_SIZE(dentry->d_name.len);
701 struct ubifs_budget_req req = { .new_dent = 1, .dirtied_ino = 2,
702 .dirtied_ino_d = ALIGN(ui->data_len, 8) };
703 struct fscrypt_name nm;
706 * Budget request settings: new direntry, changing the target inode,
707 * changing the parent inode.
710 dbg_gen("dent '%pd' to ino %lu (nlink %d) in dir ino %lu",
711 dentry, inode->i_ino,
712 inode->i_nlink, dir->i_ino);
713 ubifs_assert(c, inode_is_locked(dir));
714 ubifs_assert(c, inode_is_locked(inode));
716 err = fscrypt_prepare_link(old_dentry, dir, dentry);
720 err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
724 err = dbg_check_synced_i_size(c, inode);
728 err = ubifs_budget_space(c, &req);
732 lock_2_inodes(dir, inode);
734 /* Handle O_TMPFILE corner case, it is allowed to link a O_TMPFILE. */
735 if (inode->i_nlink == 0)
736 ubifs_delete_orphan(c, inode->i_ino);
740 inode->i_ctime = current_time(inode);
741 dir->i_size += sz_change;
742 dir_ui->ui_size = dir->i_size;
743 dir->i_mtime = dir->i_ctime = inode->i_ctime;
744 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
747 unlock_2_inodes(dir, inode);
749 ubifs_release_budget(c, &req);
750 d_instantiate(dentry, inode);
751 fscrypt_free_filename(&nm);
755 dir->i_size -= sz_change;
756 dir_ui->ui_size = dir->i_size;
758 if (inode->i_nlink == 0)
759 ubifs_add_orphan(c, inode->i_ino);
760 unlock_2_inodes(dir, inode);
761 ubifs_release_budget(c, &req);
764 fscrypt_free_filename(&nm);
768 static int ubifs_unlink(struct inode *dir, struct dentry *dentry)
770 struct ubifs_info *c = dir->i_sb->s_fs_info;
771 struct inode *inode = d_inode(dentry);
772 struct ubifs_inode *dir_ui = ubifs_inode(dir);
773 int err, sz_change, budgeted = 1;
774 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
775 unsigned int saved_nlink = inode->i_nlink;
776 struct fscrypt_name nm;
779 * Budget request settings: deletion direntry, deletion inode (+1 for
780 * @dirtied_ino), changing the parent directory inode. If budgeting
781 * fails, go ahead anyway because we have extra space reserved for
785 dbg_gen("dent '%pd' from ino %lu (nlink %d) in dir ino %lu",
786 dentry, inode->i_ino,
787 inode->i_nlink, dir->i_ino);
789 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
793 err = ubifs_purge_xattrs(inode);
797 sz_change = CALC_DENT_SIZE(fname_len(&nm));
799 ubifs_assert(c, inode_is_locked(dir));
800 ubifs_assert(c, inode_is_locked(inode));
801 err = dbg_check_synced_i_size(c, inode);
805 err = ubifs_budget_space(c, &req);
812 lock_2_inodes(dir, inode);
813 inode->i_ctime = current_time(dir);
815 dir->i_size -= sz_change;
816 dir_ui->ui_size = dir->i_size;
817 dir->i_mtime = dir->i_ctime = inode->i_ctime;
818 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
821 unlock_2_inodes(dir, inode);
824 ubifs_release_budget(c, &req);
826 /* We've deleted something - clean the "no space" flags */
827 c->bi.nospace = c->bi.nospace_rp = 0;
830 fscrypt_free_filename(&nm);
834 dir->i_size += sz_change;
835 dir_ui->ui_size = dir->i_size;
836 set_nlink(inode, saved_nlink);
837 unlock_2_inodes(dir, inode);
839 ubifs_release_budget(c, &req);
841 fscrypt_free_filename(&nm);
846 * check_dir_empty - check if a directory is empty or not.
847 * @dir: VFS inode object of the directory to check
849 * This function checks if directory @dir is empty. Returns zero if the
850 * directory is empty, %-ENOTEMPTY if it is not, and other negative error codes
851 * in case of of errors.
853 int ubifs_check_dir_empty(struct inode *dir)
855 struct ubifs_info *c = dir->i_sb->s_fs_info;
856 struct fscrypt_name nm = { 0 };
857 struct ubifs_dent_node *dent;
861 lowest_dent_key(c, &key, dir->i_ino);
862 dent = ubifs_tnc_next_ent(c, &key, &nm);
874 static int ubifs_rmdir(struct inode *dir, struct dentry *dentry)
876 struct ubifs_info *c = dir->i_sb->s_fs_info;
877 struct inode *inode = d_inode(dentry);
878 int err, sz_change, budgeted = 1;
879 struct ubifs_inode *dir_ui = ubifs_inode(dir);
880 struct ubifs_budget_req req = { .mod_dent = 1, .dirtied_ino = 2 };
881 struct fscrypt_name nm;
884 * Budget request settings: deletion direntry, deletion inode and
885 * changing the parent inode. If budgeting fails, go ahead anyway
886 * because we have extra space reserved for deletions.
889 dbg_gen("directory '%pd', ino %lu in dir ino %lu", dentry,
890 inode->i_ino, dir->i_ino);
891 ubifs_assert(c, inode_is_locked(dir));
892 ubifs_assert(c, inode_is_locked(inode));
893 err = ubifs_check_dir_empty(d_inode(dentry));
897 err = fscrypt_setup_filename(dir, &dentry->d_name, 1, &nm);
901 err = ubifs_purge_xattrs(inode);
905 sz_change = CALC_DENT_SIZE(fname_len(&nm));
907 err = ubifs_budget_space(c, &req);
914 lock_2_inodes(dir, inode);
915 inode->i_ctime = current_time(dir);
918 dir->i_size -= sz_change;
919 dir_ui->ui_size = dir->i_size;
920 dir->i_mtime = dir->i_ctime = inode->i_ctime;
921 err = ubifs_jnl_update(c, dir, &nm, inode, 1, 0);
924 unlock_2_inodes(dir, inode);
927 ubifs_release_budget(c, &req);
929 /* We've deleted something - clean the "no space" flags */
930 c->bi.nospace = c->bi.nospace_rp = 0;
933 fscrypt_free_filename(&nm);
937 dir->i_size += sz_change;
938 dir_ui->ui_size = dir->i_size;
941 unlock_2_inodes(dir, inode);
943 ubifs_release_budget(c, &req);
945 fscrypt_free_filename(&nm);
949 static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
952 struct ubifs_inode *dir_ui = ubifs_inode(dir);
953 struct ubifs_info *c = dir->i_sb->s_fs_info;
955 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
957 struct fscrypt_name nm;
960 * Budget request settings: new inode, new direntry and changing parent
964 dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
965 dentry, mode, dir->i_ino);
967 err = ubifs_budget_space(c, &req);
971 err = ubifs_prepare_create(dir, dentry, &nm);
975 sz_change = CALC_DENT_SIZE(fname_len(&nm));
977 inode = ubifs_new_inode(c, dir, S_IFDIR | mode);
979 err = PTR_ERR(inode);
983 err = ubifs_init_security(dir, inode, &dentry->d_name);
987 mutex_lock(&dir_ui->ui_mutex);
988 insert_inode_hash(inode);
991 dir->i_size += sz_change;
992 dir_ui->ui_size = dir->i_size;
993 dir->i_mtime = dir->i_ctime = inode->i_ctime;
994 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
996 ubifs_err(c, "cannot create directory, error %d", err);
999 mutex_unlock(&dir_ui->ui_mutex);
1001 ubifs_release_budget(c, &req);
1002 d_instantiate(dentry, inode);
1003 fscrypt_free_filename(&nm);
1007 dir->i_size -= sz_change;
1008 dir_ui->ui_size = dir->i_size;
1010 mutex_unlock(&dir_ui->ui_mutex);
1012 make_bad_inode(inode);
1015 fscrypt_free_filename(&nm);
1017 ubifs_release_budget(c, &req);
1021 static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
1022 umode_t mode, dev_t rdev)
1024 struct inode *inode;
1025 struct ubifs_inode *ui;
1026 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1027 struct ubifs_info *c = dir->i_sb->s_fs_info;
1028 union ubifs_dev_desc *dev = NULL;
1030 int err, devlen = 0;
1031 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1033 struct fscrypt_name nm;
1036 * Budget request settings: new inode, new direntry and changing parent
1040 dbg_gen("dent '%pd' in dir ino %lu", dentry, dir->i_ino);
1042 if (S_ISBLK(mode) || S_ISCHR(mode)) {
1043 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1046 devlen = ubifs_encode_dev(dev, rdev);
1049 req.new_ino_d = ALIGN(devlen, 8);
1050 err = ubifs_budget_space(c, &req);
1056 err = ubifs_prepare_create(dir, dentry, &nm);
1062 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1064 inode = ubifs_new_inode(c, dir, mode);
1065 if (IS_ERR(inode)) {
1067 err = PTR_ERR(inode);
1071 init_special_inode(inode, inode->i_mode, rdev);
1072 inode->i_size = ubifs_inode(inode)->ui_size = devlen;
1073 ui = ubifs_inode(inode);
1075 ui->data_len = devlen;
1077 err = ubifs_init_security(dir, inode, &dentry->d_name);
1081 mutex_lock(&dir_ui->ui_mutex);
1082 dir->i_size += sz_change;
1083 dir_ui->ui_size = dir->i_size;
1084 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1085 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1088 mutex_unlock(&dir_ui->ui_mutex);
1090 ubifs_release_budget(c, &req);
1091 insert_inode_hash(inode);
1092 d_instantiate(dentry, inode);
1093 fscrypt_free_filename(&nm);
1097 dir->i_size -= sz_change;
1098 dir_ui->ui_size = dir->i_size;
1099 mutex_unlock(&dir_ui->ui_mutex);
1101 make_bad_inode(inode);
1104 fscrypt_free_filename(&nm);
1106 ubifs_release_budget(c, &req);
1110 static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
1111 const char *symname)
1113 struct inode *inode;
1114 struct ubifs_inode *ui;
1115 struct ubifs_inode *dir_ui = ubifs_inode(dir);
1116 struct ubifs_info *c = dir->i_sb->s_fs_info;
1117 int err, sz_change, len = strlen(symname);
1118 struct fscrypt_str disk_link;
1119 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1,
1120 .new_ino_d = ALIGN(len, 8),
1122 struct fscrypt_name nm;
1124 dbg_gen("dent '%pd', target '%s' in dir ino %lu", dentry,
1125 symname, dir->i_ino);
1127 err = fscrypt_prepare_symlink(dir, symname, len, UBIFS_MAX_INO_DATA,
1133 * Budget request settings: new inode, new direntry and changing parent
1136 err = ubifs_budget_space(c, &req);
1140 err = ubifs_prepare_create(dir, dentry, &nm);
1144 sz_change = CALC_DENT_SIZE(fname_len(&nm));
1146 inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO);
1147 if (IS_ERR(inode)) {
1148 err = PTR_ERR(inode);
1152 ui = ubifs_inode(inode);
1153 ui->data = kmalloc(disk_link.len, GFP_NOFS);
1159 if (IS_ENCRYPTED(inode)) {
1160 disk_link.name = ui->data; /* encrypt directly into ui->data */
1161 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link);
1165 memcpy(ui->data, disk_link.name, disk_link.len);
1166 inode->i_link = ui->data;
1170 * The terminating zero byte is not written to the flash media and it
1171 * is put just to make later in-memory string processing simpler. Thus,
1172 * data length is @disk_link.len - 1, not @disk_link.len.
1174 ui->data_len = disk_link.len - 1;
1175 inode->i_size = ubifs_inode(inode)->ui_size = disk_link.len - 1;
1177 err = ubifs_init_security(dir, inode, &dentry->d_name);
1181 mutex_lock(&dir_ui->ui_mutex);
1182 dir->i_size += sz_change;
1183 dir_ui->ui_size = dir->i_size;
1184 dir->i_mtime = dir->i_ctime = inode->i_ctime;
1185 err = ubifs_jnl_update(c, dir, &nm, inode, 0, 0);
1188 mutex_unlock(&dir_ui->ui_mutex);
1190 insert_inode_hash(inode);
1191 d_instantiate(dentry, inode);
1196 dir->i_size -= sz_change;
1197 dir_ui->ui_size = dir->i_size;
1198 mutex_unlock(&dir_ui->ui_mutex);
1200 make_bad_inode(inode);
1203 fscrypt_free_filename(&nm);
1205 ubifs_release_budget(c, &req);
1210 * lock_4_inodes - a wrapper for locking three UBIFS inodes.
1211 * @inode1: first inode
1212 * @inode2: second inode
1213 * @inode3: third inode
1214 * @inode4: fouth inode
1216 * This function is used for 'ubifs_rename()' and @inode1 may be the same as
1217 * @inode2 whereas @inode3 and @inode4 may be %NULL.
1219 * We do not implement any tricks to guarantee strict lock ordering, because
1220 * VFS has already done it for us on the @i_mutex. So this is just a simple
1223 static void lock_4_inodes(struct inode *inode1, struct inode *inode2,
1224 struct inode *inode3, struct inode *inode4)
1226 mutex_lock_nested(&ubifs_inode(inode1)->ui_mutex, WB_MUTEX_1);
1227 if (inode2 != inode1)
1228 mutex_lock_nested(&ubifs_inode(inode2)->ui_mutex, WB_MUTEX_2);
1230 mutex_lock_nested(&ubifs_inode(inode3)->ui_mutex, WB_MUTEX_3);
1232 mutex_lock_nested(&ubifs_inode(inode4)->ui_mutex, WB_MUTEX_4);
1236 * unlock_4_inodes - a wrapper for unlocking three UBIFS inodes for rename.
1237 * @inode1: first inode
1238 * @inode2: second inode
1239 * @inode3: third inode
1240 * @inode4: fouth inode
1242 static void unlock_4_inodes(struct inode *inode1, struct inode *inode2,
1243 struct inode *inode3, struct inode *inode4)
1246 mutex_unlock(&ubifs_inode(inode4)->ui_mutex);
1248 mutex_unlock(&ubifs_inode(inode3)->ui_mutex);
1249 if (inode1 != inode2)
1250 mutex_unlock(&ubifs_inode(inode2)->ui_mutex);
1251 mutex_unlock(&ubifs_inode(inode1)->ui_mutex);
1254 static int do_rename(struct inode *old_dir, struct dentry *old_dentry,
1255 struct inode *new_dir, struct dentry *new_dentry,
1258 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1259 struct inode *old_inode = d_inode(old_dentry);
1260 struct inode *new_inode = d_inode(new_dentry);
1261 struct inode *whiteout = NULL;
1262 struct ubifs_inode *old_inode_ui = ubifs_inode(old_inode);
1263 struct ubifs_inode *whiteout_ui = NULL;
1264 int err, release, sync = 0, move = (new_dir != old_dir);
1265 int is_dir = S_ISDIR(old_inode->i_mode);
1266 int unlink = !!new_inode, new_sz, old_sz;
1267 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1269 struct ubifs_budget_req ino_req = { .dirtied_ino = 1,
1270 .dirtied_ino_d = ALIGN(old_inode_ui->data_len, 8) };
1271 struct timespec64 time;
1272 unsigned int saved_nlink;
1273 struct fscrypt_name old_nm, new_nm;
1276 * Budget request settings: deletion direntry, new direntry, removing
1277 * the old inode, and changing old and new parent directory inodes.
1279 * However, this operation also marks the target inode as dirty and
1280 * does not write it, so we allocate budget for the target inode
1284 dbg_gen("dent '%pd' ino %lu in dir ino %lu to dent '%pd' in dir ino %lu flags 0x%x",
1285 old_dentry, old_inode->i_ino, old_dir->i_ino,
1286 new_dentry, new_dir->i_ino, flags);
1289 ubifs_assert(c, inode_is_locked(new_inode));
1291 err = ubifs_purge_xattrs(new_inode);
1296 if (unlink && is_dir) {
1297 err = ubifs_check_dir_empty(new_inode);
1302 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &old_nm);
1306 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &new_nm);
1308 fscrypt_free_filename(&old_nm);
1312 new_sz = CALC_DENT_SIZE(fname_len(&new_nm));
1313 old_sz = CALC_DENT_SIZE(fname_len(&old_nm));
1315 err = ubifs_budget_space(c, &req);
1317 fscrypt_free_filename(&old_nm);
1318 fscrypt_free_filename(&new_nm);
1321 err = ubifs_budget_space(c, &ino_req);
1323 fscrypt_free_filename(&old_nm);
1324 fscrypt_free_filename(&new_nm);
1325 ubifs_release_budget(c, &req);
1329 if (flags & RENAME_WHITEOUT) {
1330 union ubifs_dev_desc *dev = NULL;
1331 struct ubifs_budget_req wht_req;
1333 dev = kmalloc(sizeof(union ubifs_dev_desc), GFP_NOFS);
1339 err = do_tmpfile(old_dir, old_dentry, S_IFCHR | WHITEOUT_MODE, &whiteout);
1345 spin_lock(&whiteout->i_lock);
1346 whiteout->i_state |= I_LINKABLE;
1347 spin_unlock(&whiteout->i_lock);
1349 whiteout_ui = ubifs_inode(whiteout);
1350 whiteout_ui->data = dev;
1351 whiteout_ui->data_len = ubifs_encode_dev(dev, MKDEV(0, 0));
1352 ubifs_assert(c, !whiteout_ui->dirty);
1354 memset(&wht_req, 0, sizeof(struct ubifs_budget_req));
1355 wht_req.dirtied_ino = 1;
1356 wht_req.dirtied_ino_d = ALIGN(whiteout_ui->data_len, 8);
1358 * To avoid deadlock between space budget (holds ui_mutex and
1359 * waits wb work) and writeback work(waits ui_mutex), do space
1360 * budget before ubifs inodes locked.
1362 err = ubifs_budget_space(c, &wht_req);
1368 /* Add the old_dentry size to the old_dir size. */
1369 old_sz -= CALC_DENT_SIZE(fname_len(&old_nm));
1372 lock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1375 * Like most other Unix systems, set the @i_ctime for inodes on a
1378 time = current_time(old_dir);
1379 old_inode->i_ctime = time;
1381 /* We must adjust parent link count when renaming directories */
1385 * @old_dir loses a link because we are moving
1386 * @old_inode to a different directory.
1388 drop_nlink(old_dir);
1390 * @new_dir only gains a link if we are not also
1391 * overwriting an existing directory.
1397 * @old_inode is not moving to a different directory,
1398 * but @old_dir still loses a link if we are
1399 * overwriting an existing directory.
1402 drop_nlink(old_dir);
1406 old_dir->i_size -= old_sz;
1407 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1408 old_dir->i_mtime = old_dir->i_ctime = time;
1409 new_dir->i_mtime = new_dir->i_ctime = time;
1412 * And finally, if we unlinked a direntry which happened to have the
1413 * same name as the moved direntry, we have to decrement @i_nlink of
1414 * the unlinked inode and change its ctime.
1418 * Directories cannot have hard-links, so if this is a
1419 * directory, just clear @i_nlink.
1421 saved_nlink = new_inode->i_nlink;
1423 clear_nlink(new_inode);
1425 drop_nlink(new_inode);
1426 new_inode->i_ctime = time;
1428 new_dir->i_size += new_sz;
1429 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1433 * Do not ask 'ubifs_jnl_rename()' to flush write-buffer if @old_inode
1434 * is dirty, because this will be done later on at the end of
1437 if (IS_SYNC(old_inode)) {
1438 sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1439 if (unlink && IS_SYNC(new_inode))
1444 inc_nlink(whiteout);
1445 mark_inode_dirty(whiteout);
1447 spin_lock(&whiteout->i_lock);
1448 whiteout->i_state &= ~I_LINKABLE;
1449 spin_unlock(&whiteout->i_lock);
1454 err = ubifs_jnl_rename(c, old_dir, old_inode, &old_nm, new_dir,
1455 new_inode, &new_nm, whiteout, sync);
1459 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1460 ubifs_release_budget(c, &req);
1462 mutex_lock(&old_inode_ui->ui_mutex);
1463 release = old_inode_ui->dirty;
1464 mark_inode_dirty_sync(old_inode);
1465 mutex_unlock(&old_inode_ui->ui_mutex);
1468 ubifs_release_budget(c, &ino_req);
1469 if (IS_SYNC(old_inode))
1470 err = old_inode->i_sb->s_op->write_inode(old_inode, NULL);
1472 fscrypt_free_filename(&old_nm);
1473 fscrypt_free_filename(&new_nm);
1478 set_nlink(new_inode, saved_nlink);
1480 new_dir->i_size -= new_sz;
1481 ubifs_inode(new_dir)->ui_size = new_dir->i_size;
1483 old_dir->i_size += old_sz;
1484 ubifs_inode(old_dir)->ui_size = old_dir->i_size;
1489 drop_nlink(new_dir);
1496 drop_nlink(whiteout);
1499 unlock_4_inodes(old_dir, new_dir, new_inode, whiteout);
1501 ubifs_release_budget(c, &ino_req);
1502 ubifs_release_budget(c, &req);
1503 fscrypt_free_filename(&old_nm);
1504 fscrypt_free_filename(&new_nm);
1508 static int ubifs_xrename(struct inode *old_dir, struct dentry *old_dentry,
1509 struct inode *new_dir, struct dentry *new_dentry)
1511 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1512 struct ubifs_budget_req req = { .new_dent = 1, .mod_dent = 1,
1514 int sync = IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir);
1515 struct inode *fst_inode = d_inode(old_dentry);
1516 struct inode *snd_inode = d_inode(new_dentry);
1517 struct timespec64 time;
1519 struct fscrypt_name fst_nm, snd_nm;
1521 ubifs_assert(c, fst_inode && snd_inode);
1523 err = fscrypt_setup_filename(old_dir, &old_dentry->d_name, 0, &fst_nm);
1527 err = fscrypt_setup_filename(new_dir, &new_dentry->d_name, 0, &snd_nm);
1529 fscrypt_free_filename(&fst_nm);
1533 lock_4_inodes(old_dir, new_dir, NULL, NULL);
1535 time = current_time(old_dir);
1536 fst_inode->i_ctime = time;
1537 snd_inode->i_ctime = time;
1538 old_dir->i_mtime = old_dir->i_ctime = time;
1539 new_dir->i_mtime = new_dir->i_ctime = time;
1541 if (old_dir != new_dir) {
1542 if (S_ISDIR(fst_inode->i_mode) && !S_ISDIR(snd_inode->i_mode)) {
1544 drop_nlink(old_dir);
1546 else if (!S_ISDIR(fst_inode->i_mode) && S_ISDIR(snd_inode->i_mode)) {
1547 drop_nlink(new_dir);
1552 err = ubifs_jnl_xrename(c, old_dir, fst_inode, &fst_nm, new_dir,
1553 snd_inode, &snd_nm, sync);
1555 unlock_4_inodes(old_dir, new_dir, NULL, NULL);
1556 ubifs_release_budget(c, &req);
1558 fscrypt_free_filename(&fst_nm);
1559 fscrypt_free_filename(&snd_nm);
1563 static int ubifs_rename(struct inode *old_dir, struct dentry *old_dentry,
1564 struct inode *new_dir, struct dentry *new_dentry,
1568 struct ubifs_info *c = old_dir->i_sb->s_fs_info;
1570 if (flags & ~(RENAME_NOREPLACE | RENAME_WHITEOUT | RENAME_EXCHANGE))
1573 ubifs_assert(c, inode_is_locked(old_dir));
1574 ubifs_assert(c, inode_is_locked(new_dir));
1576 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry,
1581 if (flags & RENAME_EXCHANGE)
1582 return ubifs_xrename(old_dir, old_dentry, new_dir, new_dentry);
1584 return do_rename(old_dir, old_dentry, new_dir, new_dentry, flags);
1587 int ubifs_getattr(const struct path *path, struct kstat *stat,
1588 u32 request_mask, unsigned int flags)
1591 struct inode *inode = d_inode(path->dentry);
1592 struct ubifs_inode *ui = ubifs_inode(inode);
1594 mutex_lock(&ui->ui_mutex);
1596 if (ui->flags & UBIFS_APPEND_FL)
1597 stat->attributes |= STATX_ATTR_APPEND;
1598 if (ui->flags & UBIFS_COMPR_FL)
1599 stat->attributes |= STATX_ATTR_COMPRESSED;
1600 if (ui->flags & UBIFS_CRYPT_FL)
1601 stat->attributes |= STATX_ATTR_ENCRYPTED;
1602 if (ui->flags & UBIFS_IMMUTABLE_FL)
1603 stat->attributes |= STATX_ATTR_IMMUTABLE;
1605 stat->attributes_mask |= (STATX_ATTR_APPEND |
1606 STATX_ATTR_COMPRESSED |
1607 STATX_ATTR_ENCRYPTED |
1608 STATX_ATTR_IMMUTABLE);
1610 generic_fillattr(inode, stat);
1611 stat->blksize = UBIFS_BLOCK_SIZE;
1612 stat->size = ui->ui_size;
1615 * Unfortunately, the 'stat()' system call was designed for block
1616 * device based file systems, and it is not appropriate for UBIFS,
1617 * because UBIFS does not have notion of "block". For example, it is
1618 * difficult to tell how many block a directory takes - it actually
1619 * takes less than 300 bytes, but we have to round it to block size,
1620 * which introduces large mistake. This makes utilities like 'du' to
1621 * report completely senseless numbers. This is the reason why UBIFS
1622 * goes the same way as JFFS2 - it reports zero blocks for everything
1623 * but regular files, which makes more sense than reporting completely
1626 if (S_ISREG(inode->i_mode)) {
1627 size = ui->xattr_size;
1629 size = ALIGN(size, UBIFS_BLOCK_SIZE);
1631 * Note, user-space expects 512-byte blocks count irrespectively
1632 * of what was reported in @stat->size.
1634 stat->blocks = size >> 9;
1637 mutex_unlock(&ui->ui_mutex);
1641 static int ubifs_dir_open(struct inode *dir, struct file *file)
1643 if (IS_ENCRYPTED(dir))
1644 return fscrypt_get_encryption_info(dir) ? -EACCES : 0;
1649 const struct inode_operations ubifs_dir_inode_operations = {
1650 .lookup = ubifs_lookup,
1651 .create = ubifs_create,
1653 .symlink = ubifs_symlink,
1654 .unlink = ubifs_unlink,
1655 .mkdir = ubifs_mkdir,
1656 .rmdir = ubifs_rmdir,
1657 .mknod = ubifs_mknod,
1658 .rename = ubifs_rename,
1659 .setattr = ubifs_setattr,
1660 .getattr = ubifs_getattr,
1661 #ifdef CONFIG_UBIFS_FS_XATTR
1662 .listxattr = ubifs_listxattr,
1664 .update_time = ubifs_update_time,
1665 .tmpfile = ubifs_tmpfile,
1668 const struct file_operations ubifs_dir_operations = {
1669 .llseek = generic_file_llseek,
1670 .release = ubifs_dir_release,
1671 .read = generic_read_dir,
1672 .iterate_shared = ubifs_readdir,
1673 .fsync = ubifs_fsync,
1674 .unlocked_ioctl = ubifs_ioctl,
1675 .open = ubifs_dir_open,
1676 #ifdef CONFIG_COMPAT
1677 .compat_ioctl = ubifs_compat_ioctl,
projects / releases.git / blob