PageRenderTime 50ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 1ms

/fs/namei.c

https://bitbucket.org/evzijst/gittest
C | 2454 lines | 1730 code | 261 blank | 463 comment | 448 complexity | c119db45b6d614e4b8154620dc28cf65 MD5 | raw file
Possible License(s): CC-BY-SA-3.0, GPL-2.0, LGPL-2.0

Large files files are truncated, but you can click here to view the full file

  1. /*
  2. * linux/fs/namei.c
  3. *
  4. * Copyright (C) 1991, 1992 Linus Torvalds
  5. */
  6. /*
  7. * Some corrections by tytso.
  8. */
  9. /* [Feb 1997 T. Schoebel-Theuer] Complete rewrite of the pathname
  10. * lookup logic.
  11. */
  12. /* [Feb-Apr 2000, AV] Rewrite to the new namespace architecture.
  13. */
  14. #include <linux/init.h>
  15. #include <linux/module.h>
  16. #include <linux/slab.h>
  17. #include <linux/fs.h>
  18. #include <linux/namei.h>
  19. #include <linux/quotaops.h>
  20. #include <linux/pagemap.h>
  21. #include <linux/dnotify.h>
  22. #include <linux/smp_lock.h>
  23. #include <linux/personality.h>
  24. #include <linux/security.h>
  25. #include <linux/syscalls.h>
  26. #include <linux/mount.h>
  27. #include <linux/audit.h>
  28. #include <asm/namei.h>
  29. #include <asm/uaccess.h>
  30. #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
  31. /* [Feb-1997 T. Schoebel-Theuer]
  32. * Fundamental changes in the pathname lookup mechanisms (namei)
  33. * were necessary because of omirr. The reason is that omirr needs
  34. * to know the _real_ pathname, not the user-supplied one, in case
  35. * of symlinks (and also when transname replacements occur).
  36. *
  37. * The new code replaces the old recursive symlink resolution with
  38. * an iterative one (in case of non-nested symlink chains). It does
  39. * this with calls to <fs>_follow_link().
  40. * As a side effect, dir_namei(), _namei() and follow_link() are now
  41. * replaced with a single function lookup_dentry() that can handle all
  42. * the special cases of the former code.
  43. *
  44. * With the new dcache, the pathname is stored at each inode, at least as
  45. * long as the refcount of the inode is positive. As a side effect, the
  46. * size of the dcache depends on the inode cache and thus is dynamic.
  47. *
  48. * [29-Apr-1998 C. Scott Ananian] Updated above description of symlink
  49. * resolution to correspond with current state of the code.
  50. *
  51. * Note that the symlink resolution is not *completely* iterative.
  52. * There is still a significant amount of tail- and mid- recursion in
  53. * the algorithm. Also, note that <fs>_readlink() is not used in
  54. * lookup_dentry(): lookup_dentry() on the result of <fs>_readlink()
  55. * may return different results than <fs>_follow_link(). Many virtual
  56. * filesystems (including /proc) exhibit this behavior.
  57. */
  58. /* [24-Feb-97 T. Schoebel-Theuer] Side effects caused by new implementation:
  59. * New symlink semantics: when open() is called with flags O_CREAT | O_EXCL
  60. * and the name already exists in form of a symlink, try to create the new
  61. * name indicated by the symlink. The old code always complained that the
  62. * name already exists, due to not following the symlink even if its target
  63. * is nonexistent. The new semantics affects also mknod() and link() when
  64. * the name is a symlink pointing to a non-existant name.
  65. *
  66. * I don't know which semantics is the right one, since I have no access
  67. * to standards. But I found by trial that HP-UX 9.0 has the full "new"
  68. * semantics implemented, while SunOS 4.1.1 and Solaris (SunOS 5.4) have the
  69. * "old" one. Personally, I think the new semantics is much more logical.
  70. * Note that "ln old new" where "new" is a symlink pointing to a non-existing
  71. * file does succeed in both HP-UX and SunOs, but not in Solaris
  72. * and in the old Linux semantics.
  73. */
  74. /* [16-Dec-97 Kevin Buhr] For security reasons, we change some symlink
  75. * semantics. See the comments in "open_namei" and "do_link" below.
  76. *
  77. * [10-Sep-98 Alan Modra] Another symlink change.
  78. */
  79. /* [Feb-Apr 2000 AV] Complete rewrite. Rules for symlinks:
  80. * inside the path - always follow.
  81. * in the last component in creation/removal/renaming - never follow.
  82. * if LOOKUP_FOLLOW passed - follow.
  83. * if the pathname has trailing slashes - follow.
  84. * otherwise - don't follow.
  85. * (applied in that order).
  86. *
  87. * [Jun 2000 AV] Inconsistent behaviour of open() in case if flags==O_CREAT
  88. * restored for 2.4. This is the last surviving part of old 4.2BSD bug.
  89. * During the 2.4 we need to fix the userland stuff depending on it -
  90. * hopefully we will be able to get rid of that wart in 2.5. So far only
  91. * XEmacs seems to be relying on it...
  92. */
  93. /*
  94. * [Sep 2001 AV] Single-semaphore locking scheme (kudos to David Holland)
  95. * implemented. Let's see if raised priority of ->s_vfs_rename_sem gives
  96. * any extra contention...
  97. */
  98. /* In order to reduce some races, while at the same time doing additional
  99. * checking and hopefully speeding things up, we copy filenames to the
  100. * kernel data space before using them..
  101. *
  102. * POSIX.1 2.4: an empty pathname is invalid (ENOENT).
  103. * PATH_MAX includes the nul terminator --RR.
  104. */
  105. static inline int do_getname(const char __user *filename, char *page)
  106. {
  107. int retval;
  108. unsigned long len = PATH_MAX;
  109. if (!segment_eq(get_fs(), KERNEL_DS)) {
  110. if ((unsigned long) filename >= TASK_SIZE)
  111. return -EFAULT;
  112. if (TASK_SIZE - (unsigned long) filename < PATH_MAX)
  113. len = TASK_SIZE - (unsigned long) filename;
  114. }
  115. retval = strncpy_from_user(page, filename, len);
  116. if (retval > 0) {
  117. if (retval < len)
  118. return 0;
  119. return -ENAMETOOLONG;
  120. } else if (!retval)
  121. retval = -ENOENT;
  122. return retval;
  123. }
  124. char * getname(const char __user * filename)
  125. {
  126. char *tmp, *result;
  127. result = ERR_PTR(-ENOMEM);
  128. tmp = __getname();
  129. if (tmp) {
  130. int retval = do_getname(filename, tmp);
  131. result = tmp;
  132. if (retval < 0) {
  133. __putname(tmp);
  134. result = ERR_PTR(retval);
  135. }
  136. }
  137. audit_getname(result);
  138. return result;
  139. }
  140. #ifdef CONFIG_AUDITSYSCALL
  141. void putname(const char *name)
  142. {
  143. if (unlikely(current->audit_context))
  144. audit_putname(name);
  145. else
  146. __putname(name);
  147. }
  148. EXPORT_SYMBOL(putname);
  149. #endif
  150. /**
  151. * generic_permission - check for access rights on a Posix-like filesystem
  152. * @inode: inode to check access rights for
  153. * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
  154. * @check_acl: optional callback to check for Posix ACLs
  155. *
  156. * Used to check for read/write/execute permissions on a file.
  157. * We use "fsuid" for this, letting us set arbitrary permissions
  158. * for filesystem access without changing the "normal" uids which
  159. * are used for other things..
  160. */
  161. int generic_permission(struct inode *inode, int mask,
  162. int (*check_acl)(struct inode *inode, int mask))
  163. {
  164. umode_t mode = inode->i_mode;
  165. if (current->fsuid == inode->i_uid)
  166. mode >>= 6;
  167. else {
  168. if (IS_POSIXACL(inode) && (mode & S_IRWXG) && check_acl) {
  169. int error = check_acl(inode, mask);
  170. if (error == -EACCES)
  171. goto check_capabilities;
  172. else if (error != -EAGAIN)
  173. return error;
  174. }
  175. if (in_group_p(inode->i_gid))
  176. mode >>= 3;
  177. }
  178. /*
  179. * If the DACs are ok we don't need any capability check.
  180. */
  181. if (((mode & mask & (MAY_READ|MAY_WRITE|MAY_EXEC)) == mask))
  182. return 0;
  183. check_capabilities:
  184. /*
  185. * Read/write DACs are always overridable.
  186. * Executable DACs are overridable if at least one exec bit is set.
  187. */
  188. if (!(mask & MAY_EXEC) ||
  189. (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode))
  190. if (capable(CAP_DAC_OVERRIDE))
  191. return 0;
  192. /*
  193. * Searching includes executable on directories, else just read.
  194. */
  195. if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE)))
  196. if (capable(CAP_DAC_READ_SEARCH))
  197. return 0;
  198. return -EACCES;
  199. }
  200. int permission(struct inode *inode, int mask, struct nameidata *nd)
  201. {
  202. int retval, submask;
  203. if (mask & MAY_WRITE) {
  204. umode_t mode = inode->i_mode;
  205. /*
  206. * Nobody gets write access to a read-only fs.
  207. */
  208. if (IS_RDONLY(inode) &&
  209. (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
  210. return -EROFS;
  211. /*
  212. * Nobody gets write access to an immutable file.
  213. */
  214. if (IS_IMMUTABLE(inode))
  215. return -EACCES;
  216. }
  217. /* Ordinary permission routines do not understand MAY_APPEND. */
  218. submask = mask & ~MAY_APPEND;
  219. if (inode->i_op && inode->i_op->permission)
  220. retval = inode->i_op->permission(inode, submask, nd);
  221. else
  222. retval = generic_permission(inode, submask, NULL);
  223. if (retval)
  224. return retval;
  225. return security_inode_permission(inode, mask, nd);
  226. }
  227. /*
  228. * get_write_access() gets write permission for a file.
  229. * put_write_access() releases this write permission.
  230. * This is used for regular files.
  231. * We cannot support write (and maybe mmap read-write shared) accesses and
  232. * MAP_DENYWRITE mmappings simultaneously. The i_writecount field of an inode
  233. * can have the following values:
  234. * 0: no writers, no VM_DENYWRITE mappings
  235. * < 0: (-i_writecount) vm_area_structs with VM_DENYWRITE set exist
  236. * > 0: (i_writecount) users are writing to the file.
  237. *
  238. * Normally we operate on that counter with atomic_{inc,dec} and it's safe
  239. * except for the cases where we don't hold i_writecount yet. Then we need to
  240. * use {get,deny}_write_access() - these functions check the sign and refuse
  241. * to do the change if sign is wrong. Exclusion between them is provided by
  242. * the inode->i_lock spinlock.
  243. */
  244. int get_write_access(struct inode * inode)
  245. {
  246. spin_lock(&inode->i_lock);
  247. if (atomic_read(&inode->i_writecount) < 0) {
  248. spin_unlock(&inode->i_lock);
  249. return -ETXTBSY;
  250. }
  251. atomic_inc(&inode->i_writecount);
  252. spin_unlock(&inode->i_lock);
  253. return 0;
  254. }
  255. int deny_write_access(struct file * file)
  256. {
  257. struct inode *inode = file->f_dentry->d_inode;
  258. spin_lock(&inode->i_lock);
  259. if (atomic_read(&inode->i_writecount) > 0) {
  260. spin_unlock(&inode->i_lock);
  261. return -ETXTBSY;
  262. }
  263. atomic_dec(&inode->i_writecount);
  264. spin_unlock(&inode->i_lock);
  265. return 0;
  266. }
  267. void path_release(struct nameidata *nd)
  268. {
  269. dput(nd->dentry);
  270. mntput(nd->mnt);
  271. }
  272. /*
  273. * umount() mustn't call path_release()/mntput() as that would clear
  274. * mnt_expiry_mark
  275. */
  276. void path_release_on_umount(struct nameidata *nd)
  277. {
  278. dput(nd->dentry);
  279. _mntput(nd->mnt);
  280. }
  281. /*
  282. * Internal lookup() using the new generic dcache.
  283. * SMP-safe
  284. */
  285. static struct dentry * cached_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd)
  286. {
  287. struct dentry * dentry = __d_lookup(parent, name);
  288. /* lockess __d_lookup may fail due to concurrent d_move()
  289. * in some unrelated directory, so try with d_lookup
  290. */
  291. if (!dentry)
  292. dentry = d_lookup(parent, name);
  293. if (dentry && dentry->d_op && dentry->d_op->d_revalidate) {
  294. if (!dentry->d_op->d_revalidate(dentry, nd) && !d_invalidate(dentry)) {
  295. dput(dentry);
  296. dentry = NULL;
  297. }
  298. }
  299. return dentry;
  300. }
  301. /*
  302. * Short-cut version of permission(), for calling by
  303. * path_walk(), when dcache lock is held. Combines parts
  304. * of permission() and generic_permission(), and tests ONLY for
  305. * MAY_EXEC permission.
  306. *
  307. * If appropriate, check DAC only. If not appropriate, or
  308. * short-cut DAC fails, then call permission() to do more
  309. * complete permission check.
  310. */
  311. static inline int exec_permission_lite(struct inode *inode,
  312. struct nameidata *nd)
  313. {
  314. umode_t mode = inode->i_mode;
  315. if (inode->i_op && inode->i_op->permission)
  316. return -EAGAIN;
  317. if (current->fsuid == inode->i_uid)
  318. mode >>= 6;
  319. else if (in_group_p(inode->i_gid))
  320. mode >>= 3;
  321. if (mode & MAY_EXEC)
  322. goto ok;
  323. if ((inode->i_mode & S_IXUGO) && capable(CAP_DAC_OVERRIDE))
  324. goto ok;
  325. if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_OVERRIDE))
  326. goto ok;
  327. if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_READ_SEARCH))
  328. goto ok;
  329. return -EACCES;
  330. ok:
  331. return security_inode_permission(inode, MAY_EXEC, nd);
  332. }
  333. /*
  334. * This is called when everything else fails, and we actually have
  335. * to go to the low-level filesystem to find out what we should do..
  336. *
  337. * We get the directory semaphore, and after getting that we also
  338. * make sure that nobody added the entry to the dcache in the meantime..
  339. * SMP-safe
  340. */
  341. static struct dentry * real_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd)
  342. {
  343. struct dentry * result;
  344. struct inode *dir = parent->d_inode;
  345. down(&dir->i_sem);
  346. /*
  347. * First re-do the cached lookup just in case it was created
  348. * while we waited for the directory semaphore..
  349. *
  350. * FIXME! This could use version numbering or similar to
  351. * avoid unnecessary cache lookups.
  352. *
  353. * The "dcache_lock" is purely to protect the RCU list walker
  354. * from concurrent renames at this point (we mustn't get false
  355. * negatives from the RCU list walk here, unlike the optimistic
  356. * fast walk).
  357. *
  358. * so doing d_lookup() (with seqlock), instead of lockfree __d_lookup
  359. */
  360. result = d_lookup(parent, name);
  361. if (!result) {
  362. struct dentry * dentry = d_alloc(parent, name);
  363. result = ERR_PTR(-ENOMEM);
  364. if (dentry) {
  365. result = dir->i_op->lookup(dir, dentry, nd);
  366. if (result)
  367. dput(dentry);
  368. else
  369. result = dentry;
  370. }
  371. up(&dir->i_sem);
  372. return result;
  373. }
  374. /*
  375. * Uhhuh! Nasty case: the cache was re-populated while
  376. * we waited on the semaphore. Need to revalidate.
  377. */
  378. up(&dir->i_sem);
  379. if (result->d_op && result->d_op->d_revalidate) {
  380. if (!result->d_op->d_revalidate(result, nd) && !d_invalidate(result)) {
  381. dput(result);
  382. result = ERR_PTR(-ENOENT);
  383. }
  384. }
  385. return result;
  386. }
  387. static int __emul_lookup_dentry(const char *, struct nameidata *);
  388. /* SMP-safe */
  389. static inline int
  390. walk_init_root(const char *name, struct nameidata *nd)
  391. {
  392. read_lock(&current->fs->lock);
  393. if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) {
  394. nd->mnt = mntget(current->fs->altrootmnt);
  395. nd->dentry = dget(current->fs->altroot);
  396. read_unlock(&current->fs->lock);
  397. if (__emul_lookup_dentry(name,nd))
  398. return 0;
  399. read_lock(&current->fs->lock);
  400. }
  401. nd->mnt = mntget(current->fs->rootmnt);
  402. nd->dentry = dget(current->fs->root);
  403. read_unlock(&current->fs->lock);
  404. return 1;
  405. }
  406. static inline int __vfs_follow_link(struct nameidata *nd, const char *link)
  407. {
  408. int res = 0;
  409. char *name;
  410. if (IS_ERR(link))
  411. goto fail;
  412. if (*link == '/') {
  413. path_release(nd);
  414. if (!walk_init_root(link, nd))
  415. /* weird __emul_prefix() stuff did it */
  416. goto out;
  417. }
  418. res = link_path_walk(link, nd);
  419. out:
  420. if (nd->depth || res || nd->last_type!=LAST_NORM)
  421. return res;
  422. /*
  423. * If it is an iterative symlinks resolution in open_namei() we
  424. * have to copy the last component. And all that crap because of
  425. * bloody create() on broken symlinks. Furrfu...
  426. */
  427. name = __getname();
  428. if (unlikely(!name)) {
  429. path_release(nd);
  430. return -ENOMEM;
  431. }
  432. strcpy(name, nd->last.name);
  433. nd->last.name = name;
  434. return 0;
  435. fail:
  436. path_release(nd);
  437. return PTR_ERR(link);
  438. }
  439. static inline int __do_follow_link(struct dentry *dentry, struct nameidata *nd)
  440. {
  441. int error;
  442. touch_atime(nd->mnt, dentry);
  443. nd_set_link(nd, NULL);
  444. error = dentry->d_inode->i_op->follow_link(dentry, nd);
  445. if (!error) {
  446. char *s = nd_get_link(nd);
  447. if (s)
  448. error = __vfs_follow_link(nd, s);
  449. if (dentry->d_inode->i_op->put_link)
  450. dentry->d_inode->i_op->put_link(dentry, nd);
  451. }
  452. return error;
  453. }
  454. /*
  455. * This limits recursive symlink follows to 8, while
  456. * limiting consecutive symlinks to 40.
  457. *
  458. * Without that kind of total limit, nasty chains of consecutive
  459. * symlinks can cause almost arbitrarily long lookups.
  460. */
  461. static inline int do_follow_link(struct dentry *dentry, struct nameidata *nd)
  462. {
  463. int err = -ELOOP;
  464. if (current->link_count >= MAX_NESTED_LINKS)
  465. goto loop;
  466. if (current->total_link_count >= 40)
  467. goto loop;
  468. BUG_ON(nd->depth >= MAX_NESTED_LINKS);
  469. cond_resched();
  470. err = security_inode_follow_link(dentry, nd);
  471. if (err)
  472. goto loop;
  473. current->link_count++;
  474. current->total_link_count++;
  475. nd->depth++;
  476. err = __do_follow_link(dentry, nd);
  477. current->link_count--;
  478. nd->depth--;
  479. return err;
  480. loop:
  481. path_release(nd);
  482. return err;
  483. }
  484. int follow_up(struct vfsmount **mnt, struct dentry **dentry)
  485. {
  486. struct vfsmount *parent;
  487. struct dentry *mountpoint;
  488. spin_lock(&vfsmount_lock);
  489. parent=(*mnt)->mnt_parent;
  490. if (parent == *mnt) {
  491. spin_unlock(&vfsmount_lock);
  492. return 0;
  493. }
  494. mntget(parent);
  495. mountpoint=dget((*mnt)->mnt_mountpoint);
  496. spin_unlock(&vfsmount_lock);
  497. dput(*dentry);
  498. *dentry = mountpoint;
  499. mntput(*mnt);
  500. *mnt = parent;
  501. return 1;
  502. }
  503. /* no need for dcache_lock, as serialization is taken care in
  504. * namespace.c
  505. */
  506. static int follow_mount(struct vfsmount **mnt, struct dentry **dentry)
  507. {
  508. int res = 0;
  509. while (d_mountpoint(*dentry)) {
  510. struct vfsmount *mounted = lookup_mnt(*mnt, *dentry);
  511. if (!mounted)
  512. break;
  513. mntput(*mnt);
  514. *mnt = mounted;
  515. dput(*dentry);
  516. *dentry = dget(mounted->mnt_root);
  517. res = 1;
  518. }
  519. return res;
  520. }
  521. /* no need for dcache_lock, as serialization is taken care in
  522. * namespace.c
  523. */
  524. static inline int __follow_down(struct vfsmount **mnt, struct dentry **dentry)
  525. {
  526. struct vfsmount *mounted;
  527. mounted = lookup_mnt(*mnt, *dentry);
  528. if (mounted) {
  529. mntput(*mnt);
  530. *mnt = mounted;
  531. dput(*dentry);
  532. *dentry = dget(mounted->mnt_root);
  533. return 1;
  534. }
  535. return 0;
  536. }
  537. int follow_down(struct vfsmount **mnt, struct dentry **dentry)
  538. {
  539. return __follow_down(mnt,dentry);
  540. }
  541. static inline void follow_dotdot(struct vfsmount **mnt, struct dentry **dentry)
  542. {
  543. while(1) {
  544. struct vfsmount *parent;
  545. struct dentry *old = *dentry;
  546. read_lock(&current->fs->lock);
  547. if (*dentry == current->fs->root &&
  548. *mnt == current->fs->rootmnt) {
  549. read_unlock(&current->fs->lock);
  550. break;
  551. }
  552. read_unlock(&current->fs->lock);
  553. spin_lock(&dcache_lock);
  554. if (*dentry != (*mnt)->mnt_root) {
  555. *dentry = dget((*dentry)->d_parent);
  556. spin_unlock(&dcache_lock);
  557. dput(old);
  558. break;
  559. }
  560. spin_unlock(&dcache_lock);
  561. spin_lock(&vfsmount_lock);
  562. parent = (*mnt)->mnt_parent;
  563. if (parent == *mnt) {
  564. spin_unlock(&vfsmount_lock);
  565. break;
  566. }
  567. mntget(parent);
  568. *dentry = dget((*mnt)->mnt_mountpoint);
  569. spin_unlock(&vfsmount_lock);
  570. dput(old);
  571. mntput(*mnt);
  572. *mnt = parent;
  573. }
  574. follow_mount(mnt, dentry);
  575. }
  576. struct path {
  577. struct vfsmount *mnt;
  578. struct dentry *dentry;
  579. };
  580. /*
  581. * It's more convoluted than I'd like it to be, but... it's still fairly
  582. * small and for now I'd prefer to have fast path as straight as possible.
  583. * It _is_ time-critical.
  584. */
  585. static int do_lookup(struct nameidata *nd, struct qstr *name,
  586. struct path *path)
  587. {
  588. struct vfsmount *mnt = nd->mnt;
  589. struct dentry *dentry = __d_lookup(nd->dentry, name);
  590. if (!dentry)
  591. goto need_lookup;
  592. if (dentry->d_op && dentry->d_op->d_revalidate)
  593. goto need_revalidate;
  594. done:
  595. path->mnt = mnt;
  596. path->dentry = dentry;
  597. return 0;
  598. need_lookup:
  599. dentry = real_lookup(nd->dentry, name, nd);
  600. if (IS_ERR(dentry))
  601. goto fail;
  602. goto done;
  603. need_revalidate:
  604. if (dentry->d_op->d_revalidate(dentry, nd))
  605. goto done;
  606. if (d_invalidate(dentry))
  607. goto done;
  608. dput(dentry);
  609. goto need_lookup;
  610. fail:
  611. return PTR_ERR(dentry);
  612. }
  613. /*
  614. * Name resolution.
  615. *
  616. * This is the basic name resolution function, turning a pathname
  617. * into the final dentry.
  618. *
  619. * We expect 'base' to be positive and a directory.
  620. */
  621. static fastcall int __link_path_walk(const char * name, struct nameidata *nd)
  622. {
  623. struct path next;
  624. struct inode *inode;
  625. int err;
  626. unsigned int lookup_flags = nd->flags;
  627. while (*name=='/')
  628. name++;
  629. if (!*name)
  630. goto return_reval;
  631. inode = nd->dentry->d_inode;
  632. if (nd->depth)
  633. lookup_flags = LOOKUP_FOLLOW;
  634. /* At this point we know we have a real path component. */
  635. for(;;) {
  636. unsigned long hash;
  637. struct qstr this;
  638. unsigned int c;
  639. err = exec_permission_lite(inode, nd);
  640. if (err == -EAGAIN) {
  641. err = permission(inode, MAY_EXEC, nd);
  642. }
  643. if (err)
  644. break;
  645. this.name = name;
  646. c = *(const unsigned char *)name;
  647. hash = init_name_hash();
  648. do {
  649. name++;
  650. hash = partial_name_hash(c, hash);
  651. c = *(const unsigned char *)name;
  652. } while (c && (c != '/'));
  653. this.len = name - (const char *) this.name;
  654. this.hash = end_name_hash(hash);
  655. /* remove trailing slashes? */
  656. if (!c)
  657. goto last_component;
  658. while (*++name == '/');
  659. if (!*name)
  660. goto last_with_slashes;
  661. /*
  662. * "." and ".." are special - ".." especially so because it has
  663. * to be able to know about the current root directory and
  664. * parent relationships.
  665. */
  666. if (this.name[0] == '.') switch (this.len) {
  667. default:
  668. break;
  669. case 2:
  670. if (this.name[1] != '.')
  671. break;
  672. follow_dotdot(&nd->mnt, &nd->dentry);
  673. inode = nd->dentry->d_inode;
  674. /* fallthrough */
  675. case 1:
  676. continue;
  677. }
  678. /*
  679. * See if the low-level filesystem might want
  680. * to use its own hash..
  681. */
  682. if (nd->dentry->d_op && nd->dentry->d_op->d_hash) {
  683. err = nd->dentry->d_op->d_hash(nd->dentry, &this);
  684. if (err < 0)
  685. break;
  686. }
  687. nd->flags |= LOOKUP_CONTINUE;
  688. /* This does the actual lookups.. */
  689. err = do_lookup(nd, &this, &next);
  690. if (err)
  691. break;
  692. /* Check mountpoints.. */
  693. follow_mount(&next.mnt, &next.dentry);
  694. err = -ENOENT;
  695. inode = next.dentry->d_inode;
  696. if (!inode)
  697. goto out_dput;
  698. err = -ENOTDIR;
  699. if (!inode->i_op)
  700. goto out_dput;
  701. if (inode->i_op->follow_link) {
  702. mntget(next.mnt);
  703. err = do_follow_link(next.dentry, nd);
  704. dput(next.dentry);
  705. mntput(next.mnt);
  706. if (err)
  707. goto return_err;
  708. err = -ENOENT;
  709. inode = nd->dentry->d_inode;
  710. if (!inode)
  711. break;
  712. err = -ENOTDIR;
  713. if (!inode->i_op)
  714. break;
  715. } else {
  716. dput(nd->dentry);
  717. nd->mnt = next.mnt;
  718. nd->dentry = next.dentry;
  719. }
  720. err = -ENOTDIR;
  721. if (!inode->i_op->lookup)
  722. break;
  723. continue;
  724. /* here ends the main loop */
  725. last_with_slashes:
  726. lookup_flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY;
  727. last_component:
  728. nd->flags &= ~LOOKUP_CONTINUE;
  729. if (lookup_flags & LOOKUP_PARENT)
  730. goto lookup_parent;
  731. if (this.name[0] == '.') switch (this.len) {
  732. default:
  733. break;
  734. case 2:
  735. if (this.name[1] != '.')
  736. break;
  737. follow_dotdot(&nd->mnt, &nd->dentry);
  738. inode = nd->dentry->d_inode;
  739. /* fallthrough */
  740. case 1:
  741. goto return_reval;
  742. }
  743. if (nd->dentry->d_op && nd->dentry->d_op->d_hash) {
  744. err = nd->dentry->d_op->d_hash(nd->dentry, &this);
  745. if (err < 0)
  746. break;
  747. }
  748. err = do_lookup(nd, &this, &next);
  749. if (err)
  750. break;
  751. follow_mount(&next.mnt, &next.dentry);
  752. inode = next.dentry->d_inode;
  753. if ((lookup_flags & LOOKUP_FOLLOW)
  754. && inode && inode->i_op && inode->i_op->follow_link) {
  755. mntget(next.mnt);
  756. err = do_follow_link(next.dentry, nd);
  757. dput(next.dentry);
  758. mntput(next.mnt);
  759. if (err)
  760. goto return_err;
  761. inode = nd->dentry->d_inode;
  762. } else {
  763. dput(nd->dentry);
  764. nd->mnt = next.mnt;
  765. nd->dentry = next.dentry;
  766. }
  767. err = -ENOENT;
  768. if (!inode)
  769. break;
  770. if (lookup_flags & LOOKUP_DIRECTORY) {
  771. err = -ENOTDIR;
  772. if (!inode->i_op || !inode->i_op->lookup)
  773. break;
  774. }
  775. goto return_base;
  776. lookup_parent:
  777. nd->last = this;
  778. nd->last_type = LAST_NORM;
  779. if (this.name[0] != '.')
  780. goto return_base;
  781. if (this.len == 1)
  782. nd->last_type = LAST_DOT;
  783. else if (this.len == 2 && this.name[1] == '.')
  784. nd->last_type = LAST_DOTDOT;
  785. else
  786. goto return_base;
  787. return_reval:
  788. /*
  789. * We bypassed the ordinary revalidation routines.
  790. * We may need to check the cached dentry for staleness.
  791. */
  792. if (nd->dentry && nd->dentry->d_sb &&
  793. (nd->dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT)) {
  794. err = -ESTALE;
  795. /* Note: we do not d_invalidate() */
  796. if (!nd->dentry->d_op->d_revalidate(nd->dentry, nd))
  797. break;
  798. }
  799. return_base:
  800. return 0;
  801. out_dput:
  802. dput(next.dentry);
  803. break;
  804. }
  805. path_release(nd);
  806. return_err:
  807. return err;
  808. }
  809. /*
  810. * Wrapper to retry pathname resolution whenever the underlying
  811. * file system returns an ESTALE.
  812. *
  813. * Retry the whole path once, forcing real lookup requests
  814. * instead of relying on the dcache.
  815. */
  816. int fastcall link_path_walk(const char *name, struct nameidata *nd)
  817. {
  818. struct nameidata save = *nd;
  819. int result;
  820. /* make sure the stuff we saved doesn't go away */
  821. dget(save.dentry);
  822. mntget(save.mnt);
  823. result = __link_path_walk(name, nd);
  824. if (result == -ESTALE) {
  825. *nd = save;
  826. dget(nd->dentry);
  827. mntget(nd->mnt);
  828. nd->flags |= LOOKUP_REVAL;
  829. result = __link_path_walk(name, nd);
  830. }
  831. dput(save.dentry);
  832. mntput(save.mnt);
  833. return result;
  834. }
  835. int fastcall path_walk(const char * name, struct nameidata *nd)
  836. {
  837. current->total_link_count = 0;
  838. return link_path_walk(name, nd);
  839. }
  840. /* SMP-safe */
  841. /* returns 1 if everything is done */
  842. static int __emul_lookup_dentry(const char *name, struct nameidata *nd)
  843. {
  844. if (path_walk(name, nd))
  845. return 0; /* something went wrong... */
  846. if (!nd->dentry->d_inode || S_ISDIR(nd->dentry->d_inode->i_mode)) {
  847. struct dentry *old_dentry = nd->dentry;
  848. struct vfsmount *old_mnt = nd->mnt;
  849. struct qstr last = nd->last;
  850. int last_type = nd->last_type;
  851. /*
  852. * NAME was not found in alternate root or it's a directory. Try to find
  853. * it in the normal root:
  854. */
  855. nd->last_type = LAST_ROOT;
  856. read_lock(&current->fs->lock);
  857. nd->mnt = mntget(current->fs->rootmnt);
  858. nd->dentry = dget(current->fs->root);
  859. read_unlock(&current->fs->lock);
  860. if (path_walk(name, nd) == 0) {
  861. if (nd->dentry->d_inode) {
  862. dput(old_dentry);
  863. mntput(old_mnt);
  864. return 1;
  865. }
  866. path_release(nd);
  867. }
  868. nd->dentry = old_dentry;
  869. nd->mnt = old_mnt;
  870. nd->last = last;
  871. nd->last_type = last_type;
  872. }
  873. return 1;
  874. }
  875. void set_fs_altroot(void)
  876. {
  877. char *emul = __emul_prefix();
  878. struct nameidata nd;
  879. struct vfsmount *mnt = NULL, *oldmnt;
  880. struct dentry *dentry = NULL, *olddentry;
  881. int err;
  882. if (!emul)
  883. goto set_it;
  884. err = path_lookup(emul, LOOKUP_FOLLOW|LOOKUP_DIRECTORY|LOOKUP_NOALT, &nd);
  885. if (!err) {
  886. mnt = nd.mnt;
  887. dentry = nd.dentry;
  888. }
  889. set_it:
  890. write_lock(&current->fs->lock);
  891. oldmnt = current->fs->altrootmnt;
  892. olddentry = current->fs->altroot;
  893. current->fs->altrootmnt = mnt;
  894. current->fs->altroot = dentry;
  895. write_unlock(&current->fs->lock);
  896. if (olddentry) {
  897. dput(olddentry);
  898. mntput(oldmnt);
  899. }
  900. }
  901. int fastcall path_lookup(const char *name, unsigned int flags, struct nameidata *nd)
  902. {
  903. int retval;
  904. nd->last_type = LAST_ROOT; /* if there are only slashes... */
  905. nd->flags = flags;
  906. nd->depth = 0;
  907. read_lock(&current->fs->lock);
  908. if (*name=='/') {
  909. if (current->fs->altroot && !(nd->flags & LOOKUP_NOALT)) {
  910. nd->mnt = mntget(current->fs->altrootmnt);
  911. nd->dentry = dget(current->fs->altroot);
  912. read_unlock(&current->fs->lock);
  913. if (__emul_lookup_dentry(name,nd))
  914. return 0;
  915. read_lock(&current->fs->lock);
  916. }
  917. nd->mnt = mntget(current->fs->rootmnt);
  918. nd->dentry = dget(current->fs->root);
  919. } else {
  920. nd->mnt = mntget(current->fs->pwdmnt);
  921. nd->dentry = dget(current->fs->pwd);
  922. }
  923. read_unlock(&current->fs->lock);
  924. current->total_link_count = 0;
  925. retval = link_path_walk(name, nd);
  926. if (unlikely(current->audit_context
  927. && nd && nd->dentry && nd->dentry->d_inode))
  928. audit_inode(name, nd->dentry->d_inode);
  929. return retval;
  930. }
  931. /*
  932. * Restricted form of lookup. Doesn't follow links, single-component only,
  933. * needs parent already locked. Doesn't follow mounts.
  934. * SMP-safe.
  935. */
  936. static struct dentry * __lookup_hash(struct qstr *name, struct dentry * base, struct nameidata *nd)
  937. {
  938. struct dentry * dentry;
  939. struct inode *inode;
  940. int err;
  941. inode = base->d_inode;
  942. err = permission(inode, MAY_EXEC, nd);
  943. dentry = ERR_PTR(err);
  944. if (err)
  945. goto out;
  946. /*
  947. * See if the low-level filesystem might want
  948. * to use its own hash..
  949. */
  950. if (base->d_op && base->d_op->d_hash) {
  951. err = base->d_op->d_hash(base, name);
  952. dentry = ERR_PTR(err);
  953. if (err < 0)
  954. goto out;
  955. }
  956. dentry = cached_lookup(base, name, nd);
  957. if (!dentry) {
  958. struct dentry *new = d_alloc(base, name);
  959. dentry = ERR_PTR(-ENOMEM);
  960. if (!new)
  961. goto out;
  962. dentry = inode->i_op->lookup(inode, new, nd);
  963. if (!dentry)
  964. dentry = new;
  965. else
  966. dput(new);
  967. }
  968. out:
  969. return dentry;
  970. }
  971. struct dentry * lookup_hash(struct qstr *name, struct dentry * base)
  972. {
  973. return __lookup_hash(name, base, NULL);
  974. }
  975. /* SMP-safe */
  976. struct dentry * lookup_one_len(const char * name, struct dentry * base, int len)
  977. {
  978. unsigned long hash;
  979. struct qstr this;
  980. unsigned int c;
  981. this.name = name;
  982. this.len = len;
  983. if (!len)
  984. goto access;
  985. hash = init_name_hash();
  986. while (len--) {
  987. c = *(const unsigned char *)name++;
  988. if (c == '/' || c == '\0')
  989. goto access;
  990. hash = partial_name_hash(c, hash);
  991. }
  992. this.hash = end_name_hash(hash);
  993. return lookup_hash(&this, base);
  994. access:
  995. return ERR_PTR(-EACCES);
  996. }
  997. /*
  998. * namei()
  999. *
  1000. * is used by most simple commands to get the inode of a specified name.
  1001. * Open, link etc use their own routines, but this is enough for things
  1002. * like 'chmod' etc.
  1003. *
  1004. * namei exists in two versions: namei/lnamei. The only difference is
  1005. * that namei follows links, while lnamei does not.
  1006. * SMP-safe
  1007. */
  1008. int fastcall __user_walk(const char __user *name, unsigned flags, struct nameidata *nd)
  1009. {
  1010. char *tmp = getname(name);
  1011. int err = PTR_ERR(tmp);
  1012. if (!IS_ERR(tmp)) {
  1013. err = path_lookup(tmp, flags, nd);
  1014. putname(tmp);
  1015. }
  1016. return err;
  1017. }
  1018. /*
  1019. * It's inline, so penalty for filesystems that don't use sticky bit is
  1020. * minimal.
  1021. */
  1022. static inline int check_sticky(struct inode *dir, struct inode *inode)
  1023. {
  1024. if (!(dir->i_mode & S_ISVTX))
  1025. return 0;
  1026. if (inode->i_uid == current->fsuid)
  1027. return 0;
  1028. if (dir->i_uid == current->fsuid)
  1029. return 0;
  1030. return !capable(CAP_FOWNER);
  1031. }
  1032. /*
  1033. * Check whether we can remove a link victim from directory dir, check
  1034. * whether the type of victim is right.
  1035. * 1. We can't do it if dir is read-only (done in permission())
  1036. * 2. We should have write and exec permissions on dir
  1037. * 3. We can't remove anything from append-only dir
  1038. * 4. We can't do anything with immutable dir (done in permission())
  1039. * 5. If the sticky bit on dir is set we should either
  1040. * a. be owner of dir, or
  1041. * b. be owner of victim, or
  1042. * c. have CAP_FOWNER capability
  1043. * 6. If the victim is append-only or immutable we can't do antyhing with
  1044. * links pointing to it.
  1045. * 7. If we were asked to remove a directory and victim isn't one - ENOTDIR.
  1046. * 8. If we were asked to remove a non-directory and victim isn't one - EISDIR.
  1047. * 9. We can't remove a root or mountpoint.
  1048. * 10. We don't allow removal of NFS sillyrenamed files; it's handled by
  1049. * nfs_async_unlink().
  1050. */
  1051. static inline int may_delete(struct inode *dir,struct dentry *victim,int isdir)
  1052. {
  1053. int error;
  1054. if (!victim->d_inode)
  1055. return -ENOENT;
  1056. BUG_ON(victim->d_parent->d_inode != dir);
  1057. error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
  1058. if (error)
  1059. return error;
  1060. if (IS_APPEND(dir))
  1061. return -EPERM;
  1062. if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)||
  1063. IS_IMMUTABLE(victim->d_inode))
  1064. return -EPERM;
  1065. if (isdir) {
  1066. if (!S_ISDIR(victim->d_inode->i_mode))
  1067. return -ENOTDIR;
  1068. if (IS_ROOT(victim))
  1069. return -EBUSY;
  1070. } else if (S_ISDIR(victim->d_inode->i_mode))
  1071. return -EISDIR;
  1072. if (IS_DEADDIR(dir))
  1073. return -ENOENT;
  1074. if (victim->d_flags & DCACHE_NFSFS_RENAMED)
  1075. return -EBUSY;
  1076. return 0;
  1077. }
  1078. /* Check whether we can create an object with dentry child in directory
  1079. * dir.
  1080. * 1. We can't do it if child already exists (open has special treatment for
  1081. * this case, but since we are inlined it's OK)
  1082. * 2. We can't do it if dir is read-only (done in permission())
  1083. * 3. We should have write and exec permissions on dir
  1084. * 4. We can't do it if dir is immutable (done in permission())
  1085. */
  1086. static inline int may_create(struct inode *dir, struct dentry *child,
  1087. struct nameidata *nd)
  1088. {
  1089. if (child->d_inode)
  1090. return -EEXIST;
  1091. if (IS_DEADDIR(dir))
  1092. return -ENOENT;
  1093. return permission(dir,MAY_WRITE | MAY_EXEC, nd);
  1094. }
  1095. /*
  1096. * Special case: O_CREAT|O_EXCL implies O_NOFOLLOW for security
  1097. * reasons.
  1098. *
  1099. * O_DIRECTORY translates into forcing a directory lookup.
  1100. */
  1101. static inline int lookup_flags(unsigned int f)
  1102. {
  1103. unsigned long retval = LOOKUP_FOLLOW;
  1104. if (f & O_NOFOLLOW)
  1105. retval &= ~LOOKUP_FOLLOW;
  1106. if ((f & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL))
  1107. retval &= ~LOOKUP_FOLLOW;
  1108. if (f & O_DIRECTORY)
  1109. retval |= LOOKUP_DIRECTORY;
  1110. return retval;
  1111. }
  1112. /*
  1113. * p1 and p2 should be directories on the same fs.
  1114. */
  1115. struct dentry *lock_rename(struct dentry *p1, struct dentry *p2)
  1116. {
  1117. struct dentry *p;
  1118. if (p1 == p2) {
  1119. down(&p1->d_inode->i_sem);
  1120. return NULL;
  1121. }
  1122. down(&p1->d_inode->i_sb->s_vfs_rename_sem);
  1123. for (p = p1; p->d_parent != p; p = p->d_parent) {
  1124. if (p->d_parent == p2) {
  1125. down(&p2->d_inode->i_sem);
  1126. down(&p1->d_inode->i_sem);
  1127. return p;
  1128. }
  1129. }
  1130. for (p = p2; p->d_parent != p; p = p->d_parent) {
  1131. if (p->d_parent == p1) {
  1132. down(&p1->d_inode->i_sem);
  1133. down(&p2->d_inode->i_sem);
  1134. return p;
  1135. }
  1136. }
  1137. down(&p1->d_inode->i_sem);
  1138. down(&p2->d_inode->i_sem);
  1139. return NULL;
  1140. }
  1141. void unlock_rename(struct dentry *p1, struct dentry *p2)
  1142. {
  1143. up(&p1->d_inode->i_sem);
  1144. if (p1 != p2) {
  1145. up(&p2->d_inode->i_sem);
  1146. up(&p1->d_inode->i_sb->s_vfs_rename_sem);
  1147. }
  1148. }
  1149. int vfs_create(struct inode *dir, struct dentry *dentry, int mode,
  1150. struct nameidata *nd)
  1151. {
  1152. int error = may_create(dir, dentry, nd);
  1153. if (error)
  1154. return error;
  1155. if (!dir->i_op || !dir->i_op->create)
  1156. return -EACCES; /* shouldn't it be ENOSYS? */
  1157. mode &= S_IALLUGO;
  1158. mode |= S_IFREG;
  1159. error = security_inode_create(dir, dentry, mode);
  1160. if (error)
  1161. return error;
  1162. DQUOT_INIT(dir);
  1163. error = dir->i_op->create(dir, dentry, mode, nd);
  1164. if (!error) {
  1165. inode_dir_notify(dir, DN_CREATE);
  1166. security_inode_post_create(dir, dentry, mode);
  1167. }
  1168. return error;
  1169. }
  1170. int may_open(struct nameidata *nd, int acc_mode, int flag)
  1171. {
  1172. struct dentry *dentry = nd->dentry;
  1173. struct inode *inode = dentry->d_inode;
  1174. int error;
  1175. if (!inode)
  1176. return -ENOENT;
  1177. if (S_ISLNK(inode->i_mode))
  1178. return -ELOOP;
  1179. if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
  1180. return -EISDIR;
  1181. error = permission(inode, acc_mode, nd);
  1182. if (error)
  1183. return error;
  1184. /*
  1185. * FIFO's, sockets and device files are special: they don't
  1186. * actually live on the filesystem itself, and as such you
  1187. * can write to them even if the filesystem is read-only.
  1188. */
  1189. if (S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) {
  1190. flag &= ~O_TRUNC;
  1191. } else if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode)) {
  1192. if (nd->mnt->mnt_flags & MNT_NODEV)
  1193. return -EACCES;
  1194. flag &= ~O_TRUNC;
  1195. } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
  1196. return -EROFS;
  1197. /*
  1198. * An append-only file must be opened in append mode for writing.
  1199. */
  1200. if (IS_APPEND(inode)) {
  1201. if ((flag & FMODE_WRITE) && !(flag & O_APPEND))
  1202. return -EPERM;
  1203. if (flag & O_TRUNC)
  1204. return -EPERM;
  1205. }
  1206. /* O_NOATIME can only be set by the owner or superuser */
  1207. if (flag & O_NOATIME)
  1208. if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
  1209. return -EPERM;
  1210. /*
  1211. * Ensure there are no outstanding leases on the file.
  1212. */
  1213. error = break_lease(inode, flag);
  1214. if (error)
  1215. return error;
  1216. if (flag & O_TRUNC) {
  1217. error = get_write_access(inode);
  1218. if (error)
  1219. return error;
  1220. /*
  1221. * Refuse to truncate files with mandatory locks held on them.
  1222. */
  1223. error = locks_verify_locked(inode);
  1224. if (!error) {
  1225. DQUOT_INIT(inode);
  1226. error = do_truncate(dentry, 0);
  1227. }
  1228. put_write_access(inode);
  1229. if (error)
  1230. return error;
  1231. } else
  1232. if (flag & FMODE_WRITE)
  1233. DQUOT_INIT(inode);
  1234. return 0;
  1235. }
  1236. /*
  1237. * open_namei()
  1238. *
  1239. * namei for open - this is in fact almost the whole open-routine.
  1240. *
  1241. * Note that the low bits of "flag" aren't the same as in the open
  1242. * system call - they are 00 - no permissions needed
  1243. * 01 - read permission needed
  1244. * 10 - write permission needed
  1245. * 11 - read/write permissions needed
  1246. * which is a lot more logical, and also allows the "no perm" needed
  1247. * for symlinks (where the permissions are checked later).
  1248. * SMP-safe
  1249. */
  1250. int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd)
  1251. {
  1252. int acc_mode, error = 0;
  1253. struct dentry *dentry;
  1254. struct dentry *dir;
  1255. int count = 0;
  1256. acc_mode = ACC_MODE(flag);
  1257. /* Allow the LSM permission hook to distinguish append
  1258. access from general write access. */
  1259. if (flag & O_APPEND)
  1260. acc_mode |= MAY_APPEND;
  1261. /* Fill in the open() intent data */
  1262. nd->intent.open.flags = flag;
  1263. nd->intent.open.create_mode = mode;
  1264. /*
  1265. * The simplest case - just a plain lookup.
  1266. */
  1267. if (!(flag & O_CREAT)) {
  1268. error = path_lookup(pathname, lookup_flags(flag)|LOOKUP_OPEN, nd);
  1269. if (error)
  1270. return error;
  1271. goto ok;
  1272. }
  1273. /*
  1274. * Create - we need to know the parent.
  1275. */
  1276. error = path_lookup(pathname, LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE, nd);
  1277. if (error)
  1278. return error;
  1279. /*
  1280. * We have the parent and last component. First of all, check
  1281. * that we are not asked to creat(2) an obvious directory - that
  1282. * will not do.
  1283. */
  1284. error = -EISDIR;
  1285. if (nd->last_type != LAST_NORM || nd->last.name[nd->last.len])
  1286. goto exit;
  1287. dir = nd->dentry;
  1288. nd->flags &= ~LOOKUP_PARENT;
  1289. down(&dir->d_inode->i_sem);
  1290. dentry = __lookup_hash(&nd->last, nd->dentry, nd);
  1291. do_last:
  1292. error = PTR_ERR(dentry);
  1293. if (IS_ERR(dentry)) {
  1294. up(&dir->d_inode->i_sem);
  1295. goto exit;
  1296. }
  1297. /* Negative dentry, just create the file */
  1298. if (!dentry->d_inode) {
  1299. if (!IS_POSIXACL(dir->d_inode))
  1300. mode &= ~current->fs->umask;
  1301. error = vfs_create(dir->d_inode, dentry, mode, nd);
  1302. up(&dir->d_inode->i_sem);
  1303. dput(nd->dentry);
  1304. nd->dentry = dentry;
  1305. if (error)
  1306. goto exit;
  1307. /* Don't check for write permission, don't truncate */
  1308. acc_mode = 0;
  1309. flag &= ~O_TRUNC;
  1310. goto ok;
  1311. }
  1312. /*
  1313. * It already exists.
  1314. */
  1315. up(&dir->d_inode->i_sem);
  1316. error = -EEXIST;
  1317. if (flag & O_EXCL)
  1318. goto exit_dput;
  1319. if (d_mountpoint(dentry)) {
  1320. error = -ELOOP;
  1321. if (flag & O_NOFOLLOW)
  1322. goto exit_dput;
  1323. while (__follow_down(&nd->mnt,&dentry) && d_mountpoint(dentry));
  1324. }
  1325. error = -ENOENT;
  1326. if (!dentry->d_inode)
  1327. goto exit_dput;
  1328. if (dentry->d_inode->i_op && dentry->d_inode->i_op->follow_link)
  1329. goto do_link;
  1330. dput(nd->dentry);
  1331. nd->dentry = dentry;
  1332. error = -EISDIR;
  1333. if (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode))
  1334. goto exit;
  1335. ok:
  1336. error = may_open(nd, acc_mode, flag);
  1337. if (error)
  1338. goto exit;
  1339. return 0;
  1340. exit_dput:
  1341. dput(dentry);
  1342. exit:
  1343. path_release(nd);
  1344. return error;
  1345. do_link:
  1346. error = -ELOOP;
  1347. if (flag & O_NOFOLLOW)
  1348. goto exit_dput;
  1349. /*
  1350. * This is subtle. Instead of calling do_follow_link() we do the
  1351. * thing by hands. The reason is that this way we have zero link_count
  1352. * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT.
  1353. * After that we have the parent and last component, i.e.
  1354. * we are in the same situation as after the first path_walk().
  1355. * Well, almost - if the last component is normal we get its copy
  1356. * stored in nd->last.name and we will have to putname() it when we
  1357. * are done. Procfs-like symlinks just set LAST_BIND.
  1358. */
  1359. nd->flags |= LOOKUP_PARENT;
  1360. error = security_inode_follow_link(dentry, nd);
  1361. if (error)
  1362. goto exit_dput;
  1363. error = __do_follow_link(dentry, nd);
  1364. dput(dentry);
  1365. if (error)
  1366. return error;
  1367. nd->flags &= ~LOOKUP_PARENT;
  1368. if (nd->last_type == LAST_BIND) {
  1369. dentry = nd->dentry;
  1370. goto ok;
  1371. }
  1372. error = -EISDIR;
  1373. if (nd->last_type != LAST_NORM)
  1374. goto exit;
  1375. if (nd->last.name[nd->last.len]) {
  1376. putname(nd->last.name);
  1377. goto exit;
  1378. }
  1379. error = -ELOOP;
  1380. if (count++==32) {
  1381. putname(nd->last.name);
  1382. goto exit;
  1383. }
  1384. dir = nd->dentry;
  1385. down(&dir->d_inode->i_sem);
  1386. dentry = __lookup_hash(&nd->last, nd->dentry, nd);
  1387. putname(nd->last.name);
  1388. goto do_last;
  1389. }
  1390. /**
  1391. * lookup_create - lookup a dentry, creating it if it doesn't exist
  1392. * @nd: nameidata info
  1393. * @is_dir: directory flag
  1394. *
  1395. * Simple function to lookup and return a dentry and create it
  1396. * if it doesn't exist. Is SMP-safe.
  1397. */
  1398. struct dentry *lookup_create(struct nameidata *nd, int is_dir)
  1399. {
  1400. struct dentry *dentry;
  1401. down(&nd->dentry->d_inode->i_sem);
  1402. dentry = ERR_PTR(-EEXIST);
  1403. if (nd->last_type != LAST_NORM)
  1404. goto fail;
  1405. nd->flags &= ~LOOKUP_PARENT;
  1406. dentry = lookup_hash(&nd->last, nd->dentry);
  1407. if (IS_ERR(dentry))
  1408. goto fail;
  1409. if (!is_dir && nd->last.name[nd->last.len] && !dentry->d_inode)
  1410. goto enoent;
  1411. return dentry;
  1412. enoent:
  1413. dput(dentry);
  1414. dentry = ERR_PTR(-ENOENT);
  1415. fail:
  1416. return dentry;
  1417. }
  1418. int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
  1419. {
  1420. int error = may_create(dir, dentry, NULL);
  1421. if (error)
  1422. return error;
  1423. if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD))
  1424. return -EPERM;
  1425. if (!dir->i_op || !dir->i_op->mknod)
  1426. return -EPERM;
  1427. error = security_inode_mknod(dir, dentry, mode, dev);
  1428. if (error)
  1429. return error;
  1430. DQUOT_INIT(dir);
  1431. error = dir->i_op->mknod(dir, dentry, mode, dev);
  1432. if (!error) {
  1433. inode_dir_notify(dir, DN_CREATE);
  1434. security_inode_post_mknod(dir, dentry, mode, dev);
  1435. }
  1436. return error;
  1437. }
  1438. asmlinkage long sys_mknod(const char __user * filename, int mode, unsigned dev)
  1439. {
  1440. int error = 0;
  1441. char * tmp;
  1442. struct dentry * dentry;
  1443. struct nameidata nd;
  1444. if (S_ISDIR(mode))
  1445. return -EPERM;
  1446. tmp = getname(filename);
  1447. if (IS_ERR(tmp))
  1448. return PTR_ERR(tmp);
  1449. error = path_lookup(tmp, LOOKUP_PARENT, &nd);
  1450. if (error)
  1451. goto out;
  1452. dentry = lookup_create(&nd, 0);
  1453. error = PTR_ERR(dentry);
  1454. if (!IS_POSIXACL(nd.dentry->d_inode))
  1455. mode &= ~current->fs->umask;
  1456. if (!IS_ERR(dentry)) {
  1457. switch (mode & S_IFMT) {
  1458. case 0: case S_IFREG:
  1459. error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
  1460. break;
  1461. case S_IFCHR: case S_IFBLK:
  1462. error = vfs_mknod(nd.dentry->d_inode,dentry,mode,
  1463. new_decode_dev(dev));
  1464. break;
  1465. case S_IFIFO: case S_IFSOCK:
  1466. error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0);
  1467. break;
  1468. case S_IFDIR:
  1469. error = -EPERM;
  1470. break;
  1471. default:
  1472. error = -EINVAL;
  1473. }
  1474. dput(dentry);
  1475. }
  1476. up(&nd.dentry->d_inode->i_sem);
  1477. path_release(&nd);
  1478. out:
  1479. putname(tmp);
  1480. return error;
  1481. }
  1482. int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
  1483. {
  1484. int error = may_create(dir, dentry, NULL);
  1485. if (error)
  1486. return error;
  1487. if (!dir->i_op || !dir->i_op->mkdir)
  1488. return -EPERM;
  1489. mode &= (S_IRWXUGO|S_ISVTX);
  1490. error = security_inode_mkdir(dir, dentry, mode);
  1491. if (error)
  1492. return error;
  1493. DQUOT_INIT(dir);
  1494. error = dir->i_op->mkdir(dir, dentry, mode);
  1495. if (!error) {
  1496. inode_dir_notify(dir, DN_CREATE);
  1497. security_inode_post_mkdir(dir,dentry, mode);
  1498. }
  1499. return error;
  1500. }
  1501. asmlinkage long sys_mkdir(const char __user * pathname, int mode)
  1502. {
  1503. int error = 0;
  1504. char * tmp;
  1505. tmp = getname(pathname);
  1506. error = PTR_ERR(tmp);
  1507. if (!IS_ERR(tmp)) {
  1508. struct dentry *dentry;
  1509. struct nameidata nd;
  1510. error = path_lookup(tmp, LOOKUP_PARENT, &nd);
  1511. if (error)
  1512. goto out;
  1513. dentry = lookup_create(&nd, 1);
  1514. error = PTR_ERR(dentry);
  1515. if (!IS_ERR(dentry)) {
  1516. if (!IS_POSIXACL(nd.dentry->d_inode))
  1517. mode &= ~current->fs->umask;
  1518. error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
  1519. dput(dentry);
  1520. }
  1521. up(&nd.dentry->d_inode->i_sem);
  1522. path_release(&nd);
  1523. out:
  1524. putname(tmp);
  1525. }
  1526. return error;
  1527. }
  1528. /*
  1529. * We try to drop the dentry early: we should have
  1530. * a usage count of 2 if we're the only user of this
  1531. * dentry, and if that is true (possibly after pruning
  1532. * the dcache), then we drop the dentry now.
  1533. *
  1534. * A low-level filesystem can, if it choses, legally
  1535. * do a
  1536. *
  1537. * if (!d_unhashed(dentry))
  1538. * return -EBUSY;
  1539. *
  1540. * if it cannot handle the case of removing a directory
  1541. * that is still in use by something else..
  1542. */
  1543. void dentry_unhash(struct dentry *dentry)
  1544. {
  1545. dget(dentry);
  1546. if (atomic_read(&dentry->d_count))
  1547. shrink_dcache_parent(dentry);
  1548. spin_lock(&dcache_lock);
  1549. spin_lock(&dentry->d_lock);
  1550. if (atomic_read(&dentry->d_count) == 2)
  1551. __d_drop(dentry);
  1552. spin_unlock(&dentry->d_lock);
  1553. spin_unlock(&dcache_lock);
  1554. }
  1555. int vfs_rmdir(struct inode *dir, struct dentry *dentry)
  1556. {
  1557. int error = may_delete(dir, dentry, 1);
  1558. if (error)
  1559. return error;
  1560. if (!dir->i_op || !dir->i_op->rmdir)
  1561. return -EPERM;
  1562. DQUOT_INIT(dir);
  1563. down(&dentry->d_inode->i_sem);
  1564. dentry_unhash(dentry);
  1565. if (d_mountpoint(dentry))
  1566. error = -EBUSY;
  1567. else {
  1568. error = security_inode_rmdir(dir, dentry);
  1569. if (!error) {
  1570. error = dir->i_op->rmdir(dir, dentry);
  1571. if (!error)
  1572. dentry->d_inode->i_flags |= S_DEAD;
  1573. }
  1574. }
  1575. up(&dentry->d_inode->i_sem);
  1576. if (!error) {
  1577. inode_dir_notify(dir, DN_DELETE);
  1578. d_delete(dentry);
  1579. }
  1580. dput(dentry);
  1581. return error;
  1582. }
  1583. asmlinkage long sys_rmdir(const char __user * pathname)
  1584. {
  1585. int error = 0;
  1586. char * name;
  1587. struct dentry *dentry;
  1588. struct nameidata nd;
  1589. name = getname(pathname);
  1590. if(IS_ERR(name))
  1591. return PTR_ERR(name);
  1592. error = path_lookup(name, LOOKUP_PARENT, &nd);
  1593. if (error)
  1594. goto exit;
  1595. switch(nd.last_type) {
  1596. case LAST_DOTDOT:
  1597. error = -ENOTEMPTY;
  1598. goto exit1;
  1599. case LAST_DOT:
  1600. error = -EINVAL;
  1601. goto exit1;
  1602. case LAST_ROOT:
  1603. error = -EBUSY;
  1604. goto exit1;
  1605. }
  1606. down(&nd.dentry->d_inode->i_sem);
  1607. dentry = lookup_hash(&nd.last, nd.dentry);
  1608. error = PTR_ERR(dentry);
  1609. if (!IS_ERR(dentry)) {
  1610. error = vfs_rmdir(nd.dentry->d_inode, dentry);
  1611. dput(dentry);
  1612. }
  1613. up(&nd.dentry->d_inode->i_sem);
  1614. exit1:
  1615. path_release(&nd);
  1616. exit:
  1617. putname(name);
  1618. return error;
  1619. }
  1620. int vfs_unlink(struct inode *dir, struct dentry *dentry)
  1621. {
  1622. int error = may_delete(dir, dentry, 0);
  1623. if (error)
  1624. return error;
  1625. if (!dir->i_op || !dir->i_op->unlink)
  1626. return -EPERM;
  1627. DQUOT_INIT(dir);
  1628. down(&dentry->d_inode->i_sem);
  1629. if (d_mountpoint(dentry))
  1630. error = -EBUSY;
  1631. else {
  1632. error = security_inode_unlink(dir, dentry);
  1633. if (!error)
  1634. error = dir->i_op->unlink(dir, dentry);
  1635. }
  1636. up(&dentry->d_inode->i_sem);
  1637. /* We don't d_delete() NFS sillyrenamed files--they still exist. */
  1638. if (!error && !(dentry->d_flags & DCACHE_NFSFS_RENAMED)) {
  1639. d_delete(dentry);
  1640. inode_dir_notify(dir, DN_DELETE);
  1641. }
  1642. return error;
  1643. }
  1644. /*
  1645. * Make sure that the actual truncation of the file will occur outside its
  1646. * directory's i_sem. Truncate can take a long time if there is a lot of
  1647. * writeout happening, and we don't want to prevent access to the directory
  1648. * while waiting on the I/O.
  1649. */
  1650. asmlinkage long sys_unlink(const char __user * pathname)
  1651. {
  1652. int error = 0;
  1653. char * name;
  1654. struct dentry *dentry;
  1655. struct nameidata nd;
  1656. struct inode *inode = NULL;
  1657. name = getname(pathname);
  1658. if(IS_ERR(name))
  1659. return PTR_ERR(name);
  1660. error = path_lookup(name, LOOKUP_PARENT, &nd);
  1661. if (error)
  1662. goto exit;
  1663. error = -EISDIR;
  1664. if (nd.last_type != LAST_NORM)
  1665. goto exit1;
  1666. down(&nd.dentry->d_inode->i_sem);
  1667. dentry = lookup_hash(&nd.last, nd.dentry);
  1668. error = PTR_ERR(dentry);
  1669. if (!IS_ERR(dentry)) {
  1670. /* Why not before? Because we want correct error value */
  1671. if (nd.last.name[nd.last.len])
  1672. goto slashes;
  1673. inode = dentry->d_inode;
  1674. if (inode)
  1675. atomic_inc(&inode->i_count);
  1676. error = vfs_unlink(nd.dentry->d_inode, dentry);
  1677. exit2:
  1678. dput(dentry);
  1679. }
  1680. up(&nd.dentry->d_inode->i_sem);
  1681. if (inode)
  1682. iput(inode); /* truncate the inode here */
  1683. exit1:
  1684. path_release(&nd);
  1685. exit:
  1686. putname(name);
  1687. return error;
  1688. slashes:
  1689. error = !dentry->d_inode ? -ENOENT :
  1690. S_ISDIR(dentry->d_inode->i_mode) ? -EISDIR : -ENOTDIR;
  1691. goto exit2;
  1692. }
  1693. int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode)
  1694. {
  1695. int error = may_create(dir, dentry, NULL);
  1696. if (error)
  1697. return error;
  1698. if (!dir->i_op || !dir->i_op->symlink)
  1699. return -EPERM;
  1700. error = security_inode_symlink(dir, dentry, oldname);
  1701. if (error)
  1702. return error;
  1703. DQUOT_INIT(dir);
  1704. error = dir->i_op->symlink(dir, dentry, oldname);
  1705. if (!error) {
  1706. inode_dir_notify(dir, DN_CREATE);
  1707. security_inode_post_symlink(dir, dentry, oldname);
  1708. }
  1709. return error;
  1710. }
  1711. asmlinkage long sys_symlink(const char __user * oldname, const char __user * newname)
  1712. {
  1713. int error = 0;
  1714. char * from;
  1715. char * to;
  1716. from = getname(oldname);
  1717. if(IS_ERR(from))
  1718. return PTR_ERR(from);
  1719. to = getname(newname);
  1720. error = PTR_ERR(to);
  1721. if (!IS_ERR(to)) {
  1722. struct dentry *dentry;
  1723. struct nameidata nd;
  1724. error = path_lookup(to, LOOKUP_PARENT, &nd);
  1725. if (error)
  1726. goto out;
  1727. dentry = lookup_create(&nd, 0);
  1728. error = PTR_ERR(dentry);
  1729. if (!IS_ERR(dentry)) {
  1730. error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
  1731. dput(dentry);
  1732. }
  1733. up(&nd.dentry->d_inode->i_sem);
  1734. path_release(&nd);
  1735. out:
  1736. putname(to);
  1737. }
  1738. putname(from);
  1739. return error;
  1740. }
  1741. int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry)
  1742. {
  1743. struct inode *inode = old_dentry->d_inode;
  1744. int error;
  1745. if (!inode)
  1746. return -ENOENT;
  1747. error = may_create(dir, new_dentry, NULL);
  1748. if (error)
  1749. return error;
  1750. if (dir->i_sb != inode->i_sb)
  1751. return -EXDEV;
  1752. /*
  1753. * A link to an append-only or immutable file cannot be created.
  1754. */
  1755. if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
  1756. return -EPERM;
  1757. if (!dir->i_op || !dir->i_op->link)
  1758. return -EPERM;
  1759. if (S_ISDIR(old_dentry->d_inode->i_mode))
  1760. return -EPERM;
  1761. error = security_inode_link(old_dentry, dir, new_dentry);
  1762. if (error)
  1763. return error;
  1764. down(&old_dentry->d_inode->i_sem);
  1765. DQUOT_INIT(dir);
  1766. error = dir->i_op->link(old_dentry, dir, new_dentry);
  1767. up(&old_dentry->d_inode->i_sem);
  1768. if (!error) {
  1769. inode_dir_notify(dir, DN_CREATE);
  1770. security_inode_post_link(old_dentry, dir, new_dentry);
  1771. }
  1772. return error;
  1773. }
  1774. /*
  1775. * Hardlinks are often used in delicate situations. We avoid
  1776. * security-related surprises by not following symlinks on the
  1777. * newname. --KAB
  1778. *
  1779. * We don't follow them on the oldname either to be compatible
  1780. * with linux 2.0, and to avoid hard-linking to directories
  1781. * and other special files. --ADM
  1782. */
  1783. asmlinkage long sys_link(const char __user * oldname, const char __user * newname)
  1784. {
  1785. struct dentry *new_dentry;
  1786. struct nameidata nd, old_nd;
  1787. int error;
  1788. char * to;
  1789. to = getname(newname);
  1790. if (IS_ERR(to))
  1791. return PTR_ERR(to);
  1792. error = __user_walk(oldname, 0, &old_nd);
  1793. if (error)
  1794. goto exit;
  1795. error = path_lookup(to, LOOKUP_PARENT, &nd);
  1796. if (error)
  1797. goto out;
  1798. error = -EXDEV;
  1799. if (old_nd.mnt != nd.mnt)
  1800. goto out_release;
  1801. new_dentry = lookup_create(&nd, 0);
  1802. error = PTR_ERR(new_dentry);
  1803. if (!IS_ERR(new_dentry)) {
  1804. error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
  1805. dput(new_dentry);
  1806. }
  1807. up(&nd.dentry->d_inode->i_sem);
  1808. out_release:
  1809. path_release(&nd);
  1810. out:
  1811. path_release(&old_nd);
  1812. exit:
  1813. putname(to);
  1814. return error;
  1815. }
  1816. /*
  1817. * The worst of all namespace operations - renaming directory. "Perverted"
  1818. * doesn't even start to describe it. Somebody in UCB had a heck of a trip...
  1819. * Problems:
  1820. * a) we can get into loop creation. Check is done in is_subdir().
  1821. * b) race potential - two innocent renames can create a loop together.
  1822. * That's where 4.4 screws up. Current fix: serialization on
  1823. * sb->s_vfs_rename_sem. We might be more accurate, but that's another
  1824. * story.
  1825. * c) we have to lock _three_ objects - parents and victim (if it exists).
  1826. * And that - after we got ->i_sem on parents (until then we don't know
  1827. * whether the target exists). Solution: try to be smart with locking
  1828. * order for inodes. We rely on the fact that tree topology may change
  1829. * …

Large files files are truncated, but you can click here to view the full file