namei.c (112485B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * linux/fs/ext4/namei.c 4 * 5 * Copyright (C) 1992, 1993, 1994, 1995 6 * Remy Card (card@masi.ibp.fr) 7 * Laboratoire MASI - Institut Blaise Pascal 8 * Universite Pierre et Marie Curie (Paris VI) 9 * 10 * from 11 * 12 * linux/fs/minix/namei.c 13 * 14 * Copyright (C) 1991, 1992 Linus Torvalds 15 * 16 * Big-endian to little-endian byte-swapping/bitmaps by 17 * David S. Miller (davem@caip.rutgers.edu), 1995 18 * Directory entry file type support and forward compatibility hooks 19 * for B-tree directories by Theodore Ts'o (tytso@mit.edu), 1998 20 * Hash Tree Directory indexing (c) 21 * Daniel Phillips, 2001 22 * Hash Tree Directory indexing porting 23 * Christopher Li, 2002 24 * Hash Tree Directory indexing cleanup 25 * Theodore Ts'o, 2002 26 */ 27 28#include <linux/fs.h> 29#include <linux/pagemap.h> 30#include <linux/time.h> 31#include <linux/fcntl.h> 32#include <linux/stat.h> 33#include <linux/string.h> 34#include <linux/quotaops.h> 35#include <linux/buffer_head.h> 36#include <linux/bio.h> 37#include <linux/iversion.h> 38#include <linux/unicode.h> 39#include "ext4.h" 40#include "ext4_jbd2.h" 41 42#include "xattr.h" 43#include "acl.h" 44 45#include <trace/events/ext4.h> 46/* 47 * define how far ahead to read directories while searching them. 48 */ 49#define NAMEI_RA_CHUNKS 2 50#define NAMEI_RA_BLOCKS 4 51#define NAMEI_RA_SIZE (NAMEI_RA_CHUNKS * NAMEI_RA_BLOCKS) 52 53static struct buffer_head *ext4_append(handle_t *handle, 54 struct inode *inode, 55 ext4_lblk_t *block) 56{ 57 struct buffer_head *bh; 58 int err; 59 60 if (unlikely(EXT4_SB(inode->i_sb)->s_max_dir_size_kb && 61 ((inode->i_size >> 10) >= 62 EXT4_SB(inode->i_sb)->s_max_dir_size_kb))) 63 return ERR_PTR(-ENOSPC); 64 65 *block = inode->i_size >> inode->i_sb->s_blocksize_bits; 66 67 bh = ext4_bread(handle, inode, *block, EXT4_GET_BLOCKS_CREATE); 68 if (IS_ERR(bh)) 69 return bh; 70 inode->i_size += inode->i_sb->s_blocksize; 71 EXT4_I(inode)->i_disksize = inode->i_size; 72 BUFFER_TRACE(bh, "get_write_access"); 73 err = ext4_journal_get_write_access(handle, inode->i_sb, bh, 74 EXT4_JTR_NONE); 75 if (err) { 76 brelse(bh); 77 ext4_std_error(inode->i_sb, err); 78 return ERR_PTR(err); 79 } 80 return bh; 81} 82 83static int ext4_dx_csum_verify(struct inode *inode, 84 struct ext4_dir_entry *dirent); 85 86/* 87 * Hints to ext4_read_dirblock regarding whether we expect a directory 88 * block being read to be an index block, or a block containing 89 * directory entries (and if the latter, whether it was found via a 90 * logical block in an htree index block). This is used to control 91 * what sort of sanity checkinig ext4_read_dirblock() will do on the 92 * directory block read from the storage device. EITHER will means 93 * the caller doesn't know what kind of directory block will be read, 94 * so no specific verification will be done. 95 */ 96typedef enum { 97 EITHER, INDEX, DIRENT, DIRENT_HTREE 98} dirblock_type_t; 99 100#define ext4_read_dirblock(inode, block, type) \ 101 __ext4_read_dirblock((inode), (block), (type), __func__, __LINE__) 102 103static struct buffer_head *__ext4_read_dirblock(struct inode *inode, 104 ext4_lblk_t block, 105 dirblock_type_t type, 106 const char *func, 107 unsigned int line) 108{ 109 struct buffer_head *bh; 110 struct ext4_dir_entry *dirent; 111 int is_dx_block = 0; 112 113 if (ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_EIO)) 114 bh = ERR_PTR(-EIO); 115 else 116 bh = ext4_bread(NULL, inode, block, 0); 117 if (IS_ERR(bh)) { 118 __ext4_warning(inode->i_sb, func, line, 119 "inode #%lu: lblock %lu: comm %s: " 120 "error %ld reading directory block", 121 inode->i_ino, (unsigned long)block, 122 current->comm, PTR_ERR(bh)); 123 124 return bh; 125 } 126 if (!bh && (type == INDEX || type == DIRENT_HTREE)) { 127 ext4_error_inode(inode, func, line, block, 128 "Directory hole found for htree %s block", 129 (type == INDEX) ? "index" : "leaf"); 130 return ERR_PTR(-EFSCORRUPTED); 131 } 132 if (!bh) 133 return NULL; 134 dirent = (struct ext4_dir_entry *) bh->b_data; 135 /* Determine whether or not we have an index block */ 136 if (is_dx(inode)) { 137 if (block == 0) 138 is_dx_block = 1; 139 else if (ext4_rec_len_from_disk(dirent->rec_len, 140 inode->i_sb->s_blocksize) == 141 inode->i_sb->s_blocksize) 142 is_dx_block = 1; 143 } 144 if (!is_dx_block && type == INDEX) { 145 ext4_error_inode(inode, func, line, block, 146 "directory leaf block found instead of index block"); 147 brelse(bh); 148 return ERR_PTR(-EFSCORRUPTED); 149 } 150 if (!ext4_has_metadata_csum(inode->i_sb) || 151 buffer_verified(bh)) 152 return bh; 153 154 /* 155 * An empty leaf block can get mistaken for a index block; for 156 * this reason, we can only check the index checksum when the 157 * caller is sure it should be an index block. 158 */ 159 if (is_dx_block && type == INDEX) { 160 if (ext4_dx_csum_verify(inode, dirent) && 161 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 162 set_buffer_verified(bh); 163 else { 164 ext4_error_inode_err(inode, func, line, block, 165 EFSBADCRC, 166 "Directory index failed checksum"); 167 brelse(bh); 168 return ERR_PTR(-EFSBADCRC); 169 } 170 } 171 if (!is_dx_block) { 172 if (ext4_dirblock_csum_verify(inode, bh) && 173 !ext4_simulate_fail(inode->i_sb, EXT4_SIM_DIRBLOCK_CRC)) 174 set_buffer_verified(bh); 175 else { 176 ext4_error_inode_err(inode, func, line, block, 177 EFSBADCRC, 178 "Directory block failed checksum"); 179 brelse(bh); 180 return ERR_PTR(-EFSBADCRC); 181 } 182 } 183 return bh; 184} 185 186#ifdef DX_DEBUG 187#define dxtrace(command) command 188#else 189#define dxtrace(command) 190#endif 191 192struct fake_dirent 193{ 194 __le32 inode; 195 __le16 rec_len; 196 u8 name_len; 197 u8 file_type; 198}; 199 200struct dx_countlimit 201{ 202 __le16 limit; 203 __le16 count; 204}; 205 206struct dx_entry 207{ 208 __le32 hash; 209 __le32 block; 210}; 211 212/* 213 * dx_root_info is laid out so that if it should somehow get overlaid by a 214 * dirent the two low bits of the hash version will be zero. Therefore, the 215 * hash version mod 4 should never be 0. Sincerely, the paranoia department. 216 */ 217 218struct dx_root 219{ 220 struct fake_dirent dot; 221 char dot_name[4]; 222 struct fake_dirent dotdot; 223 char dotdot_name[4]; 224 struct dx_root_info 225 { 226 __le32 reserved_zero; 227 u8 hash_version; 228 u8 info_length; /* 8 */ 229 u8 indirect_levels; 230 u8 unused_flags; 231 } 232 info; 233 struct dx_entry entries[]; 234}; 235 236struct dx_node 237{ 238 struct fake_dirent fake; 239 struct dx_entry entries[]; 240}; 241 242 243struct dx_frame 244{ 245 struct buffer_head *bh; 246 struct dx_entry *entries; 247 struct dx_entry *at; 248}; 249 250struct dx_map_entry 251{ 252 u32 hash; 253 u16 offs; 254 u16 size; 255}; 256 257/* 258 * This goes at the end of each htree block. 259 */ 260struct dx_tail { 261 u32 dt_reserved; 262 __le32 dt_checksum; /* crc32c(uuid+inum+dirblock) */ 263}; 264 265static inline ext4_lblk_t dx_get_block(struct dx_entry *entry); 266static void dx_set_block(struct dx_entry *entry, ext4_lblk_t value); 267static inline unsigned dx_get_hash(struct dx_entry *entry); 268static void dx_set_hash(struct dx_entry *entry, unsigned value); 269static unsigned dx_get_count(struct dx_entry *entries); 270static unsigned dx_get_limit(struct dx_entry *entries); 271static void dx_set_count(struct dx_entry *entries, unsigned value); 272static void dx_set_limit(struct dx_entry *entries, unsigned value); 273static unsigned dx_root_limit(struct inode *dir, unsigned infosize); 274static unsigned dx_node_limit(struct inode *dir); 275static struct dx_frame *dx_probe(struct ext4_filename *fname, 276 struct inode *dir, 277 struct dx_hash_info *hinfo, 278 struct dx_frame *frame); 279static void dx_release(struct dx_frame *frames); 280static int dx_make_map(struct inode *dir, struct buffer_head *bh, 281 struct dx_hash_info *hinfo, 282 struct dx_map_entry *map_tail); 283static void dx_sort_map(struct dx_map_entry *map, unsigned count); 284static struct ext4_dir_entry_2 *dx_move_dirents(struct inode *dir, char *from, 285 char *to, struct dx_map_entry *offsets, 286 int count, unsigned int blocksize); 287static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 288 unsigned int blocksize); 289static void dx_insert_block(struct dx_frame *frame, 290 u32 hash, ext4_lblk_t block); 291static int ext4_htree_next_block(struct inode *dir, __u32 hash, 292 struct dx_frame *frame, 293 struct dx_frame *frames, 294 __u32 *start_hash); 295static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 296 struct ext4_filename *fname, 297 struct ext4_dir_entry_2 **res_dir); 298static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 299 struct inode *dir, struct inode *inode); 300 301/* checksumming functions */ 302void ext4_initialize_dirent_tail(struct buffer_head *bh, 303 unsigned int blocksize) 304{ 305 struct ext4_dir_entry_tail *t = EXT4_DIRENT_TAIL(bh->b_data, blocksize); 306 307 memset(t, 0, sizeof(struct ext4_dir_entry_tail)); 308 t->det_rec_len = ext4_rec_len_to_disk( 309 sizeof(struct ext4_dir_entry_tail), blocksize); 310 t->det_reserved_ft = EXT4_FT_DIR_CSUM; 311} 312 313/* Walk through a dirent block to find a checksum "dirent" at the tail */ 314static struct ext4_dir_entry_tail *get_dirent_tail(struct inode *inode, 315 struct buffer_head *bh) 316{ 317 struct ext4_dir_entry_tail *t; 318 319#ifdef PARANOID 320 struct ext4_dir_entry *d, *top; 321 322 d = (struct ext4_dir_entry *)bh->b_data; 323 top = (struct ext4_dir_entry *)(bh->b_data + 324 (EXT4_BLOCK_SIZE(inode->i_sb) - 325 sizeof(struct ext4_dir_entry_tail))); 326 while (d < top && d->rec_len) 327 d = (struct ext4_dir_entry *)(((void *)d) + 328 le16_to_cpu(d->rec_len)); 329 330 if (d != top) 331 return NULL; 332 333 t = (struct ext4_dir_entry_tail *)d; 334#else 335 t = EXT4_DIRENT_TAIL(bh->b_data, EXT4_BLOCK_SIZE(inode->i_sb)); 336#endif 337 338 if (t->det_reserved_zero1 || 339 le16_to_cpu(t->det_rec_len) != sizeof(struct ext4_dir_entry_tail) || 340 t->det_reserved_zero2 || 341 t->det_reserved_ft != EXT4_FT_DIR_CSUM) 342 return NULL; 343 344 return t; 345} 346 347static __le32 ext4_dirblock_csum(struct inode *inode, void *dirent, int size) 348{ 349 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 350 struct ext4_inode_info *ei = EXT4_I(inode); 351 __u32 csum; 352 353 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 354 return cpu_to_le32(csum); 355} 356 357#define warn_no_space_for_csum(inode) \ 358 __warn_no_space_for_csum((inode), __func__, __LINE__) 359 360static void __warn_no_space_for_csum(struct inode *inode, const char *func, 361 unsigned int line) 362{ 363 __ext4_warning_inode(inode, func, line, 364 "No space for directory leaf checksum. Please run e2fsck -D."); 365} 366 367int ext4_dirblock_csum_verify(struct inode *inode, struct buffer_head *bh) 368{ 369 struct ext4_dir_entry_tail *t; 370 371 if (!ext4_has_metadata_csum(inode->i_sb)) 372 return 1; 373 374 t = get_dirent_tail(inode, bh); 375 if (!t) { 376 warn_no_space_for_csum(inode); 377 return 0; 378 } 379 380 if (t->det_checksum != ext4_dirblock_csum(inode, bh->b_data, 381 (char *)t - bh->b_data)) 382 return 0; 383 384 return 1; 385} 386 387static void ext4_dirblock_csum_set(struct inode *inode, 388 struct buffer_head *bh) 389{ 390 struct ext4_dir_entry_tail *t; 391 392 if (!ext4_has_metadata_csum(inode->i_sb)) 393 return; 394 395 t = get_dirent_tail(inode, bh); 396 if (!t) { 397 warn_no_space_for_csum(inode); 398 return; 399 } 400 401 t->det_checksum = ext4_dirblock_csum(inode, bh->b_data, 402 (char *)t - bh->b_data); 403} 404 405int ext4_handle_dirty_dirblock(handle_t *handle, 406 struct inode *inode, 407 struct buffer_head *bh) 408{ 409 ext4_dirblock_csum_set(inode, bh); 410 return ext4_handle_dirty_metadata(handle, inode, bh); 411} 412 413static struct dx_countlimit *get_dx_countlimit(struct inode *inode, 414 struct ext4_dir_entry *dirent, 415 int *offset) 416{ 417 struct ext4_dir_entry *dp; 418 struct dx_root_info *root; 419 int count_offset; 420 421 if (le16_to_cpu(dirent->rec_len) == EXT4_BLOCK_SIZE(inode->i_sb)) 422 count_offset = 8; 423 else if (le16_to_cpu(dirent->rec_len) == 12) { 424 dp = (struct ext4_dir_entry *)(((void *)dirent) + 12); 425 if (le16_to_cpu(dp->rec_len) != 426 EXT4_BLOCK_SIZE(inode->i_sb) - 12) 427 return NULL; 428 root = (struct dx_root_info *)(((void *)dp + 12)); 429 if (root->reserved_zero || 430 root->info_length != sizeof(struct dx_root_info)) 431 return NULL; 432 count_offset = 32; 433 } else 434 return NULL; 435 436 if (offset) 437 *offset = count_offset; 438 return (struct dx_countlimit *)(((void *)dirent) + count_offset); 439} 440 441static __le32 ext4_dx_csum(struct inode *inode, struct ext4_dir_entry *dirent, 442 int count_offset, int count, struct dx_tail *t) 443{ 444 struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); 445 struct ext4_inode_info *ei = EXT4_I(inode); 446 __u32 csum; 447 int size; 448 __u32 dummy_csum = 0; 449 int offset = offsetof(struct dx_tail, dt_checksum); 450 451 size = count_offset + (count * sizeof(struct dx_entry)); 452 csum = ext4_chksum(sbi, ei->i_csum_seed, (__u8 *)dirent, size); 453 csum = ext4_chksum(sbi, csum, (__u8 *)t, offset); 454 csum = ext4_chksum(sbi, csum, (__u8 *)&dummy_csum, sizeof(dummy_csum)); 455 456 return cpu_to_le32(csum); 457} 458 459static int ext4_dx_csum_verify(struct inode *inode, 460 struct ext4_dir_entry *dirent) 461{ 462 struct dx_countlimit *c; 463 struct dx_tail *t; 464 int count_offset, limit, count; 465 466 if (!ext4_has_metadata_csum(inode->i_sb)) 467 return 1; 468 469 c = get_dx_countlimit(inode, dirent, &count_offset); 470 if (!c) { 471 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 472 return 0; 473 } 474 limit = le16_to_cpu(c->limit); 475 count = le16_to_cpu(c->count); 476 if (count_offset + (limit * sizeof(struct dx_entry)) > 477 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 478 warn_no_space_for_csum(inode); 479 return 0; 480 } 481 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 482 483 if (t->dt_checksum != ext4_dx_csum(inode, dirent, count_offset, 484 count, t)) 485 return 0; 486 return 1; 487} 488 489static void ext4_dx_csum_set(struct inode *inode, struct ext4_dir_entry *dirent) 490{ 491 struct dx_countlimit *c; 492 struct dx_tail *t; 493 int count_offset, limit, count; 494 495 if (!ext4_has_metadata_csum(inode->i_sb)) 496 return; 497 498 c = get_dx_countlimit(inode, dirent, &count_offset); 499 if (!c) { 500 EXT4_ERROR_INODE(inode, "dir seems corrupt? Run e2fsck -D."); 501 return; 502 } 503 limit = le16_to_cpu(c->limit); 504 count = le16_to_cpu(c->count); 505 if (count_offset + (limit * sizeof(struct dx_entry)) > 506 EXT4_BLOCK_SIZE(inode->i_sb) - sizeof(struct dx_tail)) { 507 warn_no_space_for_csum(inode); 508 return; 509 } 510 t = (struct dx_tail *)(((struct dx_entry *)c) + limit); 511 512 t->dt_checksum = ext4_dx_csum(inode, dirent, count_offset, count, t); 513} 514 515static inline int ext4_handle_dirty_dx_node(handle_t *handle, 516 struct inode *inode, 517 struct buffer_head *bh) 518{ 519 ext4_dx_csum_set(inode, (struct ext4_dir_entry *)bh->b_data); 520 return ext4_handle_dirty_metadata(handle, inode, bh); 521} 522 523/* 524 * p is at least 6 bytes before the end of page 525 */ 526static inline struct ext4_dir_entry_2 * 527ext4_next_entry(struct ext4_dir_entry_2 *p, unsigned long blocksize) 528{ 529 return (struct ext4_dir_entry_2 *)((char *)p + 530 ext4_rec_len_from_disk(p->rec_len, blocksize)); 531} 532 533/* 534 * Future: use high four bits of block for coalesce-on-delete flags 535 * Mask them off for now. 536 */ 537 538static inline ext4_lblk_t dx_get_block(struct dx_entry *entry) 539{ 540 return le32_to_cpu(entry->block) & 0x0fffffff; 541} 542 543static inline void dx_set_block(struct dx_entry *entry, ext4_lblk_t value) 544{ 545 entry->block = cpu_to_le32(value); 546} 547 548static inline unsigned dx_get_hash(struct dx_entry *entry) 549{ 550 return le32_to_cpu(entry->hash); 551} 552 553static inline void dx_set_hash(struct dx_entry *entry, unsigned value) 554{ 555 entry->hash = cpu_to_le32(value); 556} 557 558static inline unsigned dx_get_count(struct dx_entry *entries) 559{ 560 return le16_to_cpu(((struct dx_countlimit *) entries)->count); 561} 562 563static inline unsigned dx_get_limit(struct dx_entry *entries) 564{ 565 return le16_to_cpu(((struct dx_countlimit *) entries)->limit); 566} 567 568static inline void dx_set_count(struct dx_entry *entries, unsigned value) 569{ 570 ((struct dx_countlimit *) entries)->count = cpu_to_le16(value); 571} 572 573static inline void dx_set_limit(struct dx_entry *entries, unsigned value) 574{ 575 ((struct dx_countlimit *) entries)->limit = cpu_to_le16(value); 576} 577 578static inline unsigned dx_root_limit(struct inode *dir, unsigned infosize) 579{ 580 unsigned int entry_space = dir->i_sb->s_blocksize - 581 ext4_dir_rec_len(1, NULL) - 582 ext4_dir_rec_len(2, NULL) - infosize; 583 584 if (ext4_has_metadata_csum(dir->i_sb)) 585 entry_space -= sizeof(struct dx_tail); 586 return entry_space / sizeof(struct dx_entry); 587} 588 589static inline unsigned dx_node_limit(struct inode *dir) 590{ 591 unsigned int entry_space = dir->i_sb->s_blocksize - 592 ext4_dir_rec_len(0, dir); 593 594 if (ext4_has_metadata_csum(dir->i_sb)) 595 entry_space -= sizeof(struct dx_tail); 596 return entry_space / sizeof(struct dx_entry); 597} 598 599/* 600 * Debug 601 */ 602#ifdef DX_DEBUG 603static void dx_show_index(char * label, struct dx_entry *entries) 604{ 605 int i, n = dx_get_count (entries); 606 printk(KERN_DEBUG "%s index", label); 607 for (i = 0; i < n; i++) { 608 printk(KERN_CONT " %x->%lu", 609 i ? dx_get_hash(entries + i) : 0, 610 (unsigned long)dx_get_block(entries + i)); 611 } 612 printk(KERN_CONT "\n"); 613} 614 615struct stats 616{ 617 unsigned names; 618 unsigned space; 619 unsigned bcount; 620}; 621 622static struct stats dx_show_leaf(struct inode *dir, 623 struct dx_hash_info *hinfo, 624 struct ext4_dir_entry_2 *de, 625 int size, int show_names) 626{ 627 unsigned names = 0, space = 0; 628 char *base = (char *) de; 629 struct dx_hash_info h = *hinfo; 630 631 printk("names: "); 632 while ((char *) de < base + size) 633 { 634 if (de->inode) 635 { 636 if (show_names) 637 { 638#ifdef CONFIG_FS_ENCRYPTION 639 int len; 640 char *name; 641 struct fscrypt_str fname_crypto_str = 642 FSTR_INIT(NULL, 0); 643 int res = 0; 644 645 name = de->name; 646 len = de->name_len; 647 if (!IS_ENCRYPTED(dir)) { 648 /* Directory is not encrypted */ 649 ext4fs_dirhash(dir, de->name, 650 de->name_len, &h); 651 printk("%*.s:(U)%x.%u ", len, 652 name, h.hash, 653 (unsigned) ((char *) de 654 - base)); 655 } else { 656 struct fscrypt_str de_name = 657 FSTR_INIT(name, len); 658 659 /* Directory is encrypted */ 660 res = fscrypt_fname_alloc_buffer( 661 len, &fname_crypto_str); 662 if (res) 663 printk(KERN_WARNING "Error " 664 "allocating crypto " 665 "buffer--skipping " 666 "crypto\n"); 667 res = fscrypt_fname_disk_to_usr(dir, 668 0, 0, &de_name, 669 &fname_crypto_str); 670 if (res) { 671 printk(KERN_WARNING "Error " 672 "converting filename " 673 "from disk to usr" 674 "\n"); 675 name = "??"; 676 len = 2; 677 } else { 678 name = fname_crypto_str.name; 679 len = fname_crypto_str.len; 680 } 681 if (IS_CASEFOLDED(dir)) 682 h.hash = EXT4_DIRENT_HASH(de); 683 else 684 ext4fs_dirhash(dir, de->name, 685 de->name_len, &h); 686 printk("%*.s:(E)%x.%u ", len, name, 687 h.hash, (unsigned) ((char *) de 688 - base)); 689 fscrypt_fname_free_buffer( 690 &fname_crypto_str); 691 } 692#else 693 int len = de->name_len; 694 char *name = de->name; 695 ext4fs_dirhash(dir, de->name, de->name_len, &h); 696 printk("%*.s:%x.%u ", len, name, h.hash, 697 (unsigned) ((char *) de - base)); 698#endif 699 } 700 space += ext4_dir_rec_len(de->name_len, dir); 701 names++; 702 } 703 de = ext4_next_entry(de, size); 704 } 705 printk(KERN_CONT "(%i)\n", names); 706 return (struct stats) { names, space, 1 }; 707} 708 709struct stats dx_show_entries(struct dx_hash_info *hinfo, struct inode *dir, 710 struct dx_entry *entries, int levels) 711{ 712 unsigned blocksize = dir->i_sb->s_blocksize; 713 unsigned count = dx_get_count(entries), names = 0, space = 0, i; 714 unsigned bcount = 0; 715 struct buffer_head *bh; 716 printk("%i indexed blocks...\n", count); 717 for (i = 0; i < count; i++, entries++) 718 { 719 ext4_lblk_t block = dx_get_block(entries); 720 ext4_lblk_t hash = i ? dx_get_hash(entries): 0; 721 u32 range = i < count - 1? (dx_get_hash(entries + 1) - hash): ~hash; 722 struct stats stats; 723 printk("%s%3u:%03u hash %8x/%8x ",levels?"":" ", i, block, hash, range); 724 bh = ext4_bread(NULL,dir, block, 0); 725 if (!bh || IS_ERR(bh)) 726 continue; 727 stats = levels? 728 dx_show_entries(hinfo, dir, ((struct dx_node *) bh->b_data)->entries, levels - 1): 729 dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) 730 bh->b_data, blocksize, 0); 731 names += stats.names; 732 space += stats.space; 733 bcount += stats.bcount; 734 brelse(bh); 735 } 736 if (bcount) 737 printk(KERN_DEBUG "%snames %u, fullness %u (%u%%)\n", 738 levels ? "" : " ", names, space/bcount, 739 (space/bcount)*100/blocksize); 740 return (struct stats) { names, space, bcount}; 741} 742 743/* 744 * Linear search cross check 745 */ 746static inline void htree_rep_invariant_check(struct dx_entry *at, 747 struct dx_entry *target, 748 u32 hash, unsigned int n) 749{ 750 while (n--) { 751 dxtrace(printk(KERN_CONT ",")); 752 if (dx_get_hash(++at) > hash) { 753 at--; 754 break; 755 } 756 } 757 ASSERT(at == target - 1); 758} 759#else /* DX_DEBUG */ 760static inline void htree_rep_invariant_check(struct dx_entry *at, 761 struct dx_entry *target, 762 u32 hash, unsigned int n) 763{ 764} 765#endif /* DX_DEBUG */ 766 767/* 768 * Probe for a directory leaf block to search. 769 * 770 * dx_probe can return ERR_BAD_DX_DIR, which means there was a format 771 * error in the directory index, and the caller should fall back to 772 * searching the directory normally. The callers of dx_probe **MUST** 773 * check for this error code, and make sure it never gets reflected 774 * back to userspace. 775 */ 776static struct dx_frame * 777dx_probe(struct ext4_filename *fname, struct inode *dir, 778 struct dx_hash_info *hinfo, struct dx_frame *frame_in) 779{ 780 unsigned count, indirect, level, i; 781 struct dx_entry *at, *entries, *p, *q, *m; 782 struct dx_root *root; 783 struct dx_frame *frame = frame_in; 784 struct dx_frame *ret_err = ERR_PTR(ERR_BAD_DX_DIR); 785 u32 hash; 786 ext4_lblk_t block; 787 ext4_lblk_t blocks[EXT4_HTREE_LEVEL]; 788 789 memset(frame_in, 0, EXT4_HTREE_LEVEL * sizeof(frame_in[0])); 790 frame->bh = ext4_read_dirblock(dir, 0, INDEX); 791 if (IS_ERR(frame->bh)) 792 return (struct dx_frame *) frame->bh; 793 794 root = (struct dx_root *) frame->bh->b_data; 795 if (root->info.hash_version != DX_HASH_TEA && 796 root->info.hash_version != DX_HASH_HALF_MD4 && 797 root->info.hash_version != DX_HASH_LEGACY && 798 root->info.hash_version != DX_HASH_SIPHASH) { 799 ext4_warning_inode(dir, "Unrecognised inode hash code %u", 800 root->info.hash_version); 801 goto fail; 802 } 803 if (ext4_hash_in_dirent(dir)) { 804 if (root->info.hash_version != DX_HASH_SIPHASH) { 805 ext4_warning_inode(dir, 806 "Hash in dirent, but hash is not SIPHASH"); 807 goto fail; 808 } 809 } else { 810 if (root->info.hash_version == DX_HASH_SIPHASH) { 811 ext4_warning_inode(dir, 812 "Hash code is SIPHASH, but hash not in dirent"); 813 goto fail; 814 } 815 } 816 if (fname) 817 hinfo = &fname->hinfo; 818 hinfo->hash_version = root->info.hash_version; 819 if (hinfo->hash_version <= DX_HASH_TEA) 820 hinfo->hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 821 hinfo->seed = EXT4_SB(dir->i_sb)->s_hash_seed; 822 /* hash is already computed for encrypted casefolded directory */ 823 if (fname && fname_name(fname) && 824 !(IS_ENCRYPTED(dir) && IS_CASEFOLDED(dir))) 825 ext4fs_dirhash(dir, fname_name(fname), fname_len(fname), hinfo); 826 hash = hinfo->hash; 827 828 if (root->info.unused_flags & 1) { 829 ext4_warning_inode(dir, "Unimplemented hash flags: %#06x", 830 root->info.unused_flags); 831 goto fail; 832 } 833 834 indirect = root->info.indirect_levels; 835 if (indirect >= ext4_dir_htree_level(dir->i_sb)) { 836 ext4_warning(dir->i_sb, 837 "Directory (ino: %lu) htree depth %#06x exceed" 838 "supported value", dir->i_ino, 839 ext4_dir_htree_level(dir->i_sb)); 840 if (ext4_dir_htree_level(dir->i_sb) < EXT4_HTREE_LEVEL) { 841 ext4_warning(dir->i_sb, "Enable large directory " 842 "feature to access it"); 843 } 844 goto fail; 845 } 846 847 entries = (struct dx_entry *)(((char *)&root->info) + 848 root->info.info_length); 849 850 if (dx_get_limit(entries) != dx_root_limit(dir, 851 root->info.info_length)) { 852 ext4_warning_inode(dir, "dx entry: limit %u != root limit %u", 853 dx_get_limit(entries), 854 dx_root_limit(dir, root->info.info_length)); 855 goto fail; 856 } 857 858 dxtrace(printk("Look up %x", hash)); 859 level = 0; 860 blocks[0] = 0; 861 while (1) { 862 count = dx_get_count(entries); 863 if (!count || count > dx_get_limit(entries)) { 864 ext4_warning_inode(dir, 865 "dx entry: count %u beyond limit %u", 866 count, dx_get_limit(entries)); 867 goto fail; 868 } 869 870 p = entries + 1; 871 q = entries + count - 1; 872 while (p <= q) { 873 m = p + (q - p) / 2; 874 dxtrace(printk(KERN_CONT ".")); 875 if (dx_get_hash(m) > hash) 876 q = m - 1; 877 else 878 p = m + 1; 879 } 880 881 htree_rep_invariant_check(entries, p, hash, count - 1); 882 883 at = p - 1; 884 dxtrace(printk(KERN_CONT " %x->%u\n", 885 at == entries ? 0 : dx_get_hash(at), 886 dx_get_block(at))); 887 frame->entries = entries; 888 frame->at = at; 889 890 block = dx_get_block(at); 891 for (i = 0; i <= level; i++) { 892 if (blocks[i] == block) { 893 ext4_warning_inode(dir, 894 "dx entry: tree cycle block %u points back to block %u", 895 blocks[level], block); 896 goto fail; 897 } 898 } 899 if (++level > indirect) 900 return frame; 901 blocks[level] = block; 902 frame++; 903 frame->bh = ext4_read_dirblock(dir, block, INDEX); 904 if (IS_ERR(frame->bh)) { 905 ret_err = (struct dx_frame *) frame->bh; 906 frame->bh = NULL; 907 goto fail; 908 } 909 910 entries = ((struct dx_node *) frame->bh->b_data)->entries; 911 912 if (dx_get_limit(entries) != dx_node_limit(dir)) { 913 ext4_warning_inode(dir, 914 "dx entry: limit %u != node limit %u", 915 dx_get_limit(entries), dx_node_limit(dir)); 916 goto fail; 917 } 918 } 919fail: 920 while (frame >= frame_in) { 921 brelse(frame->bh); 922 frame--; 923 } 924 925 if (ret_err == ERR_PTR(ERR_BAD_DX_DIR)) 926 ext4_warning_inode(dir, 927 "Corrupt directory, running e2fsck is recommended"); 928 return ret_err; 929} 930 931static void dx_release(struct dx_frame *frames) 932{ 933 struct dx_root_info *info; 934 int i; 935 unsigned int indirect_levels; 936 937 if (frames[0].bh == NULL) 938 return; 939 940 info = &((struct dx_root *)frames[0].bh->b_data)->info; 941 /* save local copy, "info" may be freed after brelse() */ 942 indirect_levels = info->indirect_levels; 943 for (i = 0; i <= indirect_levels; i++) { 944 if (frames[i].bh == NULL) 945 break; 946 brelse(frames[i].bh); 947 frames[i].bh = NULL; 948 } 949} 950 951/* 952 * This function increments the frame pointer to search the next leaf 953 * block, and reads in the necessary intervening nodes if the search 954 * should be necessary. Whether or not the search is necessary is 955 * controlled by the hash parameter. If the hash value is even, then 956 * the search is only continued if the next block starts with that 957 * hash value. This is used if we are searching for a specific file. 958 * 959 * If the hash value is HASH_NB_ALWAYS, then always go to the next block. 960 * 961 * This function returns 1 if the caller should continue to search, 962 * or 0 if it should not. If there is an error reading one of the 963 * index blocks, it will a negative error code. 964 * 965 * If start_hash is non-null, it will be filled in with the starting 966 * hash of the next page. 967 */ 968static int ext4_htree_next_block(struct inode *dir, __u32 hash, 969 struct dx_frame *frame, 970 struct dx_frame *frames, 971 __u32 *start_hash) 972{ 973 struct dx_frame *p; 974 struct buffer_head *bh; 975 int num_frames = 0; 976 __u32 bhash; 977 978 p = frame; 979 /* 980 * Find the next leaf page by incrementing the frame pointer. 981 * If we run out of entries in the interior node, loop around and 982 * increment pointer in the parent node. When we break out of 983 * this loop, num_frames indicates the number of interior 984 * nodes need to be read. 985 */ 986 while (1) { 987 if (++(p->at) < p->entries + dx_get_count(p->entries)) 988 break; 989 if (p == frames) 990 return 0; 991 num_frames++; 992 p--; 993 } 994 995 /* 996 * If the hash is 1, then continue only if the next page has a 997 * continuation hash of any value. This is used for readdir 998 * handling. Otherwise, check to see if the hash matches the 999 * desired continuation hash. If it doesn't, return since 1000 * there's no point to read in the successive index pages. 1001 */ 1002 bhash = dx_get_hash(p->at); 1003 if (start_hash) 1004 *start_hash = bhash; 1005 if ((hash & 1) == 0) { 1006 if ((bhash & ~1) != hash) 1007 return 0; 1008 } 1009 /* 1010 * If the hash is HASH_NB_ALWAYS, we always go to the next 1011 * block so no check is necessary 1012 */ 1013 while (num_frames--) { 1014 bh = ext4_read_dirblock(dir, dx_get_block(p->at), INDEX); 1015 if (IS_ERR(bh)) 1016 return PTR_ERR(bh); 1017 p++; 1018 brelse(p->bh); 1019 p->bh = bh; 1020 p->at = p->entries = ((struct dx_node *) bh->b_data)->entries; 1021 } 1022 return 1; 1023} 1024 1025 1026/* 1027 * This function fills a red-black tree with information from a 1028 * directory block. It returns the number directory entries loaded 1029 * into the tree. If there is an error it is returned in err. 1030 */ 1031static int htree_dirblock_to_tree(struct file *dir_file, 1032 struct inode *dir, ext4_lblk_t block, 1033 struct dx_hash_info *hinfo, 1034 __u32 start_hash, __u32 start_minor_hash) 1035{ 1036 struct buffer_head *bh; 1037 struct ext4_dir_entry_2 *de, *top; 1038 int err = 0, count = 0; 1039 struct fscrypt_str fname_crypto_str = FSTR_INIT(NULL, 0), tmp_str; 1040 int csum = ext4_has_metadata_csum(dir->i_sb); 1041 1042 dxtrace(printk(KERN_INFO "In htree dirblock_to_tree: block %lu\n", 1043 (unsigned long)block)); 1044 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1045 if (IS_ERR(bh)) 1046 return PTR_ERR(bh); 1047 1048 de = (struct ext4_dir_entry_2 *) bh->b_data; 1049 /* csum entries are not larger in the casefolded encrypted case */ 1050 top = (struct ext4_dir_entry_2 *) ((char *) de + 1051 dir->i_sb->s_blocksize - 1052 ext4_dir_rec_len(0, 1053 csum ? NULL : dir)); 1054 /* Check if the directory is encrypted */ 1055 if (IS_ENCRYPTED(dir)) { 1056 err = fscrypt_prepare_readdir(dir); 1057 if (err < 0) { 1058 brelse(bh); 1059 return err; 1060 } 1061 err = fscrypt_fname_alloc_buffer(EXT4_NAME_LEN, 1062 &fname_crypto_str); 1063 if (err < 0) { 1064 brelse(bh); 1065 return err; 1066 } 1067 } 1068 1069 for (; de < top; de = ext4_next_entry(de, dir->i_sb->s_blocksize)) { 1070 if (ext4_check_dir_entry(dir, NULL, de, bh, 1071 bh->b_data, bh->b_size, 1072 (block<<EXT4_BLOCK_SIZE_BITS(dir->i_sb)) 1073 + ((char *)de - bh->b_data))) { 1074 /* silently ignore the rest of the block */ 1075 break; 1076 } 1077 if (ext4_hash_in_dirent(dir)) { 1078 if (de->name_len && de->inode) { 1079 hinfo->hash = EXT4_DIRENT_HASH(de); 1080 hinfo->minor_hash = EXT4_DIRENT_MINOR_HASH(de); 1081 } else { 1082 hinfo->hash = 0; 1083 hinfo->minor_hash = 0; 1084 } 1085 } else { 1086 ext4fs_dirhash(dir, de->name, de->name_len, hinfo); 1087 } 1088 if ((hinfo->hash < start_hash) || 1089 ((hinfo->hash == start_hash) && 1090 (hinfo->minor_hash < start_minor_hash))) 1091 continue; 1092 if (de->inode == 0) 1093 continue; 1094 if (!IS_ENCRYPTED(dir)) { 1095 tmp_str.name = de->name; 1096 tmp_str.len = de->name_len; 1097 err = ext4_htree_store_dirent(dir_file, 1098 hinfo->hash, hinfo->minor_hash, de, 1099 &tmp_str); 1100 } else { 1101 int save_len = fname_crypto_str.len; 1102 struct fscrypt_str de_name = FSTR_INIT(de->name, 1103 de->name_len); 1104 1105 /* Directory is encrypted */ 1106 err = fscrypt_fname_disk_to_usr(dir, hinfo->hash, 1107 hinfo->minor_hash, &de_name, 1108 &fname_crypto_str); 1109 if (err) { 1110 count = err; 1111 goto errout; 1112 } 1113 err = ext4_htree_store_dirent(dir_file, 1114 hinfo->hash, hinfo->minor_hash, de, 1115 &fname_crypto_str); 1116 fname_crypto_str.len = save_len; 1117 } 1118 if (err != 0) { 1119 count = err; 1120 goto errout; 1121 } 1122 count++; 1123 } 1124errout: 1125 brelse(bh); 1126 fscrypt_fname_free_buffer(&fname_crypto_str); 1127 return count; 1128} 1129 1130 1131/* 1132 * This function fills a red-black tree with information from a 1133 * directory. We start scanning the directory in hash order, starting 1134 * at start_hash and start_minor_hash. 1135 * 1136 * This function returns the number of entries inserted into the tree, 1137 * or a negative error code. 1138 */ 1139int ext4_htree_fill_tree(struct file *dir_file, __u32 start_hash, 1140 __u32 start_minor_hash, __u32 *next_hash) 1141{ 1142 struct dx_hash_info hinfo; 1143 struct ext4_dir_entry_2 *de; 1144 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1145 struct inode *dir; 1146 ext4_lblk_t block; 1147 int count = 0; 1148 int ret, err; 1149 __u32 hashval; 1150 struct fscrypt_str tmp_str; 1151 1152 dxtrace(printk(KERN_DEBUG "In htree_fill_tree, start hash: %x:%x\n", 1153 start_hash, start_minor_hash)); 1154 dir = file_inode(dir_file); 1155 if (!(ext4_test_inode_flag(dir, EXT4_INODE_INDEX))) { 1156 if (ext4_hash_in_dirent(dir)) 1157 hinfo.hash_version = DX_HASH_SIPHASH; 1158 else 1159 hinfo.hash_version = 1160 EXT4_SB(dir->i_sb)->s_def_hash_version; 1161 if (hinfo.hash_version <= DX_HASH_TEA) 1162 hinfo.hash_version += 1163 EXT4_SB(dir->i_sb)->s_hash_unsigned; 1164 hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 1165 if (ext4_has_inline_data(dir)) { 1166 int has_inline_data = 1; 1167 count = ext4_inlinedir_to_tree(dir_file, dir, 0, 1168 &hinfo, start_hash, 1169 start_minor_hash, 1170 &has_inline_data); 1171 if (has_inline_data) { 1172 *next_hash = ~0; 1173 return count; 1174 } 1175 } 1176 count = htree_dirblock_to_tree(dir_file, dir, 0, &hinfo, 1177 start_hash, start_minor_hash); 1178 *next_hash = ~0; 1179 return count; 1180 } 1181 hinfo.hash = start_hash; 1182 hinfo.minor_hash = 0; 1183 frame = dx_probe(NULL, dir, &hinfo, frames); 1184 if (IS_ERR(frame)) 1185 return PTR_ERR(frame); 1186 1187 /* Add '.' and '..' from the htree header */ 1188 if (!start_hash && !start_minor_hash) { 1189 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1190 tmp_str.name = de->name; 1191 tmp_str.len = de->name_len; 1192 err = ext4_htree_store_dirent(dir_file, 0, 0, 1193 de, &tmp_str); 1194 if (err != 0) 1195 goto errout; 1196 count++; 1197 } 1198 if (start_hash < 2 || (start_hash ==2 && start_minor_hash==0)) { 1199 de = (struct ext4_dir_entry_2 *) frames[0].bh->b_data; 1200 de = ext4_next_entry(de, dir->i_sb->s_blocksize); 1201 tmp_str.name = de->name; 1202 tmp_str.len = de->name_len; 1203 err = ext4_htree_store_dirent(dir_file, 2, 0, 1204 de, &tmp_str); 1205 if (err != 0) 1206 goto errout; 1207 count++; 1208 } 1209 1210 while (1) { 1211 if (fatal_signal_pending(current)) { 1212 err = -ERESTARTSYS; 1213 goto errout; 1214 } 1215 cond_resched(); 1216 block = dx_get_block(frame->at); 1217 ret = htree_dirblock_to_tree(dir_file, dir, block, &hinfo, 1218 start_hash, start_minor_hash); 1219 if (ret < 0) { 1220 err = ret; 1221 goto errout; 1222 } 1223 count += ret; 1224 hashval = ~0; 1225 ret = ext4_htree_next_block(dir, HASH_NB_ALWAYS, 1226 frame, frames, &hashval); 1227 *next_hash = hashval; 1228 if (ret < 0) { 1229 err = ret; 1230 goto errout; 1231 } 1232 /* 1233 * Stop if: (a) there are no more entries, or 1234 * (b) we have inserted at least one entry and the 1235 * next hash value is not a continuation 1236 */ 1237 if ((ret == 0) || 1238 (count && ((hashval & 1) == 0))) 1239 break; 1240 } 1241 dx_release(frames); 1242 dxtrace(printk(KERN_DEBUG "Fill tree: returned %d entries, " 1243 "next hash: %x\n", count, *next_hash)); 1244 return count; 1245errout: 1246 dx_release(frames); 1247 return (err); 1248} 1249 1250static inline int search_dirblock(struct buffer_head *bh, 1251 struct inode *dir, 1252 struct ext4_filename *fname, 1253 unsigned int offset, 1254 struct ext4_dir_entry_2 **res_dir) 1255{ 1256 return ext4_search_dir(bh, bh->b_data, dir->i_sb->s_blocksize, dir, 1257 fname, offset, res_dir); 1258} 1259 1260/* 1261 * Directory block splitting, compacting 1262 */ 1263 1264/* 1265 * Create map of hash values, offsets, and sizes, stored at end of block. 1266 * Returns number of entries mapped. 1267 */ 1268static int dx_make_map(struct inode *dir, struct buffer_head *bh, 1269 struct dx_hash_info *hinfo, 1270 struct dx_map_entry *map_tail) 1271{ 1272 int count = 0; 1273 struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *)bh->b_data; 1274 unsigned int buflen = bh->b_size; 1275 char *base = bh->b_data; 1276 struct dx_hash_info h = *hinfo; 1277 1278 if (ext4_has_metadata_csum(dir->i_sb)) 1279 buflen -= sizeof(struct ext4_dir_entry_tail); 1280 1281 while ((char *) de < base + buflen) { 1282 if (ext4_check_dir_entry(dir, NULL, de, bh, base, buflen, 1283 ((char *)de) - base)) 1284 return -EFSCORRUPTED; 1285 if (de->name_len && de->inode) { 1286 if (ext4_hash_in_dirent(dir)) 1287 h.hash = EXT4_DIRENT_HASH(de); 1288 else 1289 ext4fs_dirhash(dir, de->name, de->name_len, &h); 1290 map_tail--; 1291 map_tail->hash = h.hash; 1292 map_tail->offs = ((char *) de - base)>>2; 1293 map_tail->size = le16_to_cpu(de->rec_len); 1294 count++; 1295 cond_resched(); 1296 } 1297 de = ext4_next_entry(de, dir->i_sb->s_blocksize); 1298 } 1299 return count; 1300} 1301 1302/* Sort map by hash value */ 1303static void dx_sort_map (struct dx_map_entry *map, unsigned count) 1304{ 1305 struct dx_map_entry *p, *q, *top = map + count - 1; 1306 int more; 1307 /* Combsort until bubble sort doesn't suck */ 1308 while (count > 2) { 1309 count = count*10/13; 1310 if (count - 9 < 2) /* 9, 10 -> 11 */ 1311 count = 11; 1312 for (p = top, q = p - count; q >= map; p--, q--) 1313 if (p->hash < q->hash) 1314 swap(*p, *q); 1315 } 1316 /* Garden variety bubble sort */ 1317 do { 1318 more = 0; 1319 q = top; 1320 while (q-- > map) { 1321 if (q[1].hash >= q[0].hash) 1322 continue; 1323 swap(*(q+1), *q); 1324 more = 1; 1325 } 1326 } while(more); 1327} 1328 1329static void dx_insert_block(struct dx_frame *frame, u32 hash, ext4_lblk_t block) 1330{ 1331 struct dx_entry *entries = frame->entries; 1332 struct dx_entry *old = frame->at, *new = old + 1; 1333 int count = dx_get_count(entries); 1334 1335 ASSERT(count < dx_get_limit(entries)); 1336 ASSERT(old < entries + count); 1337 memmove(new + 1, new, (char *)(entries + count) - (char *)(new)); 1338 dx_set_hash(new, hash); 1339 dx_set_block(new, block); 1340 dx_set_count(entries, count + 1); 1341} 1342 1343#if IS_ENABLED(CONFIG_UNICODE) 1344/* 1345 * Test whether a case-insensitive directory entry matches the filename 1346 * being searched for. If quick is set, assume the name being looked up 1347 * is already in the casefolded form. 1348 * 1349 * Returns: 0 if the directory entry matches, more than 0 if it 1350 * doesn't match or less than zero on error. 1351 */ 1352static int ext4_ci_compare(const struct inode *parent, const struct qstr *name, 1353 u8 *de_name, size_t de_name_len, bool quick) 1354{ 1355 const struct super_block *sb = parent->i_sb; 1356 const struct unicode_map *um = sb->s_encoding; 1357 struct fscrypt_str decrypted_name = FSTR_INIT(NULL, de_name_len); 1358 struct qstr entry = QSTR_INIT(de_name, de_name_len); 1359 int ret; 1360 1361 if (IS_ENCRYPTED(parent)) { 1362 const struct fscrypt_str encrypted_name = 1363 FSTR_INIT(de_name, de_name_len); 1364 1365 decrypted_name.name = kmalloc(de_name_len, GFP_KERNEL); 1366 if (!decrypted_name.name) 1367 return -ENOMEM; 1368 ret = fscrypt_fname_disk_to_usr(parent, 0, 0, &encrypted_name, 1369 &decrypted_name); 1370 if (ret < 0) 1371 goto out; 1372 entry.name = decrypted_name.name; 1373 entry.len = decrypted_name.len; 1374 } 1375 1376 if (quick) 1377 ret = utf8_strncasecmp_folded(um, name, &entry); 1378 else 1379 ret = utf8_strncasecmp(um, name, &entry); 1380 if (ret < 0) { 1381 /* Handle invalid character sequence as either an error 1382 * or as an opaque byte sequence. 1383 */ 1384 if (sb_has_strict_encoding(sb)) 1385 ret = -EINVAL; 1386 else if (name->len != entry.len) 1387 ret = 1; 1388 else 1389 ret = !!memcmp(name->name, entry.name, entry.len); 1390 } 1391out: 1392 kfree(decrypted_name.name); 1393 return ret; 1394} 1395 1396int ext4_fname_setup_ci_filename(struct inode *dir, const struct qstr *iname, 1397 struct ext4_filename *name) 1398{ 1399 struct fscrypt_str *cf_name = &name->cf_name; 1400 struct dx_hash_info *hinfo = &name->hinfo; 1401 int len; 1402 1403 if (!IS_CASEFOLDED(dir) || !dir->i_sb->s_encoding || 1404 (IS_ENCRYPTED(dir) && !fscrypt_has_encryption_key(dir))) { 1405 cf_name->name = NULL; 1406 return 0; 1407 } 1408 1409 cf_name->name = kmalloc(EXT4_NAME_LEN, GFP_NOFS); 1410 if (!cf_name->name) 1411 return -ENOMEM; 1412 1413 len = utf8_casefold(dir->i_sb->s_encoding, 1414 iname, cf_name->name, 1415 EXT4_NAME_LEN); 1416 if (len <= 0) { 1417 kfree(cf_name->name); 1418 cf_name->name = NULL; 1419 } 1420 cf_name->len = (unsigned) len; 1421 if (!IS_ENCRYPTED(dir)) 1422 return 0; 1423 1424 hinfo->hash_version = DX_HASH_SIPHASH; 1425 hinfo->seed = NULL; 1426 if (cf_name->name) 1427 ext4fs_dirhash(dir, cf_name->name, cf_name->len, hinfo); 1428 else 1429 ext4fs_dirhash(dir, iname->name, iname->len, hinfo); 1430 return 0; 1431} 1432#endif 1433 1434/* 1435 * Test whether a directory entry matches the filename being searched for. 1436 * 1437 * Return: %true if the directory entry matches, otherwise %false. 1438 */ 1439static bool ext4_match(struct inode *parent, 1440 const struct ext4_filename *fname, 1441 struct ext4_dir_entry_2 *de) 1442{ 1443 struct fscrypt_name f; 1444 1445 if (!de->inode) 1446 return false; 1447 1448 f.usr_fname = fname->usr_fname; 1449 f.disk_name = fname->disk_name; 1450#ifdef CONFIG_FS_ENCRYPTION 1451 f.crypto_buf = fname->crypto_buf; 1452#endif 1453 1454#if IS_ENABLED(CONFIG_UNICODE) 1455 if (parent->i_sb->s_encoding && IS_CASEFOLDED(parent) && 1456 (!IS_ENCRYPTED(parent) || fscrypt_has_encryption_key(parent))) { 1457 if (fname->cf_name.name) { 1458 struct qstr cf = {.name = fname->cf_name.name, 1459 .len = fname->cf_name.len}; 1460 if (IS_ENCRYPTED(parent)) { 1461 if (fname->hinfo.hash != EXT4_DIRENT_HASH(de) || 1462 fname->hinfo.minor_hash != 1463 EXT4_DIRENT_MINOR_HASH(de)) { 1464 1465 return false; 1466 } 1467 } 1468 return !ext4_ci_compare(parent, &cf, de->name, 1469 de->name_len, true); 1470 } 1471 return !ext4_ci_compare(parent, fname->usr_fname, de->name, 1472 de->name_len, false); 1473 } 1474#endif 1475 1476 return fscrypt_match_name(&f, de->name, de->name_len); 1477} 1478 1479/* 1480 * Returns 0 if not found, -1 on failure, and 1 on success 1481 */ 1482int ext4_search_dir(struct buffer_head *bh, char *search_buf, int buf_size, 1483 struct inode *dir, struct ext4_filename *fname, 1484 unsigned int offset, struct ext4_dir_entry_2 **res_dir) 1485{ 1486 struct ext4_dir_entry_2 * de; 1487 char * dlimit; 1488 int de_len; 1489 1490 de = (struct ext4_dir_entry_2 *)search_buf; 1491 dlimit = search_buf + buf_size; 1492 while ((char *) de < dlimit - EXT4_BASE_DIR_LEN) { 1493 /* this code is executed quadratically often */ 1494 /* do minimal checking `by hand' */ 1495 if (de->name + de->name_len <= dlimit && 1496 ext4_match(dir, fname, de)) { 1497 /* found a match - just to be sure, do 1498 * a full check */ 1499 if (ext4_check_dir_entry(dir, NULL, de, bh, search_buf, 1500 buf_size, offset)) 1501 return -1; 1502 *res_dir = de; 1503 return 1; 1504 } 1505 /* prevent looping on a bad block */ 1506 de_len = ext4_rec_len_from_disk(de->rec_len, 1507 dir->i_sb->s_blocksize); 1508 if (de_len <= 0) 1509 return -1; 1510 offset += de_len; 1511 de = (struct ext4_dir_entry_2 *) ((char *) de + de_len); 1512 } 1513 return 0; 1514} 1515 1516static int is_dx_internal_node(struct inode *dir, ext4_lblk_t block, 1517 struct ext4_dir_entry *de) 1518{ 1519 struct super_block *sb = dir->i_sb; 1520 1521 if (!is_dx(dir)) 1522 return 0; 1523 if (block == 0) 1524 return 1; 1525 if (de->inode == 0 && 1526 ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize) == 1527 sb->s_blocksize) 1528 return 1; 1529 return 0; 1530} 1531 1532/* 1533 * __ext4_find_entry() 1534 * 1535 * finds an entry in the specified directory with the wanted name. It 1536 * returns the cache buffer in which the entry was found, and the entry 1537 * itself (as a parameter - res_dir). It does NOT read the inode of the 1538 * entry - you'll have to do that yourself if you want to. 1539 * 1540 * The returned buffer_head has ->b_count elevated. The caller is expected 1541 * to brelse() it when appropriate. 1542 */ 1543static struct buffer_head *__ext4_find_entry(struct inode *dir, 1544 struct ext4_filename *fname, 1545 struct ext4_dir_entry_2 **res_dir, 1546 int *inlined) 1547{ 1548 struct super_block *sb; 1549 struct buffer_head *bh_use[NAMEI_RA_SIZE]; 1550 struct buffer_head *bh, *ret = NULL; 1551 ext4_lblk_t start, block; 1552 const u8 *name = fname->usr_fname->name; 1553 size_t ra_max = 0; /* Number of bh's in the readahead 1554 buffer, bh_use[] */ 1555 size_t ra_ptr = 0; /* Current index into readahead 1556 buffer */ 1557 ext4_lblk_t nblocks; 1558 int i, namelen, retval; 1559 1560 *res_dir = NULL; 1561 sb = dir->i_sb; 1562 namelen = fname->usr_fname->len; 1563 if (namelen > EXT4_NAME_LEN) 1564 return NULL; 1565 1566 if (ext4_has_inline_data(dir)) { 1567 int has_inline_data = 1; 1568 ret = ext4_find_inline_entry(dir, fname, res_dir, 1569 &has_inline_data); 1570 if (has_inline_data) { 1571 if (inlined) 1572 *inlined = 1; 1573 goto cleanup_and_exit; 1574 } 1575 } 1576 1577 if ((namelen <= 2) && (name[0] == '.') && 1578 (name[1] == '.' || name[1] == '\0')) { 1579 /* 1580 * "." or ".." will only be in the first block 1581 * NFS may look up ".."; "." should be handled by the VFS 1582 */ 1583 block = start = 0; 1584 nblocks = 1; 1585 goto restart; 1586 } 1587 if (is_dx(dir)) { 1588 ret = ext4_dx_find_entry(dir, fname, res_dir); 1589 /* 1590 * On success, or if the error was file not found, 1591 * return. Otherwise, fall back to doing a search the 1592 * old fashioned way. 1593 */ 1594 if (!IS_ERR(ret) || PTR_ERR(ret) != ERR_BAD_DX_DIR) 1595 goto cleanup_and_exit; 1596 dxtrace(printk(KERN_DEBUG "ext4_find_entry: dx failed, " 1597 "falling back\n")); 1598 ret = NULL; 1599 } 1600 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1601 if (!nblocks) { 1602 ret = NULL; 1603 goto cleanup_and_exit; 1604 } 1605 start = EXT4_I(dir)->i_dir_start_lookup; 1606 if (start >= nblocks) 1607 start = 0; 1608 block = start; 1609restart: 1610 do { 1611 /* 1612 * We deal with the read-ahead logic here. 1613 */ 1614 cond_resched(); 1615 if (ra_ptr >= ra_max) { 1616 /* Refill the readahead buffer */ 1617 ra_ptr = 0; 1618 if (block < start) 1619 ra_max = start - block; 1620 else 1621 ra_max = nblocks - block; 1622 ra_max = min(ra_max, ARRAY_SIZE(bh_use)); 1623 retval = ext4_bread_batch(dir, block, ra_max, 1624 false /* wait */, bh_use); 1625 if (retval) { 1626 ret = ERR_PTR(retval); 1627 ra_max = 0; 1628 goto cleanup_and_exit; 1629 } 1630 } 1631 if ((bh = bh_use[ra_ptr++]) == NULL) 1632 goto next; 1633 wait_on_buffer(bh); 1634 if (!buffer_uptodate(bh)) { 1635 EXT4_ERROR_INODE_ERR(dir, EIO, 1636 "reading directory lblock %lu", 1637 (unsigned long) block); 1638 brelse(bh); 1639 ret = ERR_PTR(-EIO); 1640 goto cleanup_and_exit; 1641 } 1642 if (!buffer_verified(bh) && 1643 !is_dx_internal_node(dir, block, 1644 (struct ext4_dir_entry *)bh->b_data) && 1645 !ext4_dirblock_csum_verify(dir, bh)) { 1646 EXT4_ERROR_INODE_ERR(dir, EFSBADCRC, 1647 "checksumming directory " 1648 "block %lu", (unsigned long)block); 1649 brelse(bh); 1650 ret = ERR_PTR(-EFSBADCRC); 1651 goto cleanup_and_exit; 1652 } 1653 set_buffer_verified(bh); 1654 i = search_dirblock(bh, dir, fname, 1655 block << EXT4_BLOCK_SIZE_BITS(sb), res_dir); 1656 if (i == 1) { 1657 EXT4_I(dir)->i_dir_start_lookup = block; 1658 ret = bh; 1659 goto cleanup_and_exit; 1660 } else { 1661 brelse(bh); 1662 if (i < 0) 1663 goto cleanup_and_exit; 1664 } 1665 next: 1666 if (++block >= nblocks) 1667 block = 0; 1668 } while (block != start); 1669 1670 /* 1671 * If the directory has grown while we were searching, then 1672 * search the last part of the directory before giving up. 1673 */ 1674 block = nblocks; 1675 nblocks = dir->i_size >> EXT4_BLOCK_SIZE_BITS(sb); 1676 if (block < nblocks) { 1677 start = 0; 1678 goto restart; 1679 } 1680 1681cleanup_and_exit: 1682 /* Clean up the read-ahead blocks */ 1683 for (; ra_ptr < ra_max; ra_ptr++) 1684 brelse(bh_use[ra_ptr]); 1685 return ret; 1686} 1687 1688static struct buffer_head *ext4_find_entry(struct inode *dir, 1689 const struct qstr *d_name, 1690 struct ext4_dir_entry_2 **res_dir, 1691 int *inlined) 1692{ 1693 int err; 1694 struct ext4_filename fname; 1695 struct buffer_head *bh; 1696 1697 err = ext4_fname_setup_filename(dir, d_name, 1, &fname); 1698 if (err == -ENOENT) 1699 return NULL; 1700 if (err) 1701 return ERR_PTR(err); 1702 1703 bh = __ext4_find_entry(dir, &fname, res_dir, inlined); 1704 1705 ext4_fname_free_filename(&fname); 1706 return bh; 1707} 1708 1709static struct buffer_head *ext4_lookup_entry(struct inode *dir, 1710 struct dentry *dentry, 1711 struct ext4_dir_entry_2 **res_dir) 1712{ 1713 int err; 1714 struct ext4_filename fname; 1715 struct buffer_head *bh; 1716 1717 err = ext4_fname_prepare_lookup(dir, dentry, &fname); 1718 generic_set_encrypted_ci_d_ops(dentry); 1719 if (err == -ENOENT) 1720 return NULL; 1721 if (err) 1722 return ERR_PTR(err); 1723 1724 bh = __ext4_find_entry(dir, &fname, res_dir, NULL); 1725 1726 ext4_fname_free_filename(&fname); 1727 return bh; 1728} 1729 1730static struct buffer_head * ext4_dx_find_entry(struct inode *dir, 1731 struct ext4_filename *fname, 1732 struct ext4_dir_entry_2 **res_dir) 1733{ 1734 struct super_block * sb = dir->i_sb; 1735 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 1736 struct buffer_head *bh; 1737 ext4_lblk_t block; 1738 int retval; 1739 1740#ifdef CONFIG_FS_ENCRYPTION 1741 *res_dir = NULL; 1742#endif 1743 frame = dx_probe(fname, dir, NULL, frames); 1744 if (IS_ERR(frame)) 1745 return (struct buffer_head *) frame; 1746 do { 1747 block = dx_get_block(frame->at); 1748 bh = ext4_read_dirblock(dir, block, DIRENT_HTREE); 1749 if (IS_ERR(bh)) 1750 goto errout; 1751 1752 retval = search_dirblock(bh, dir, fname, 1753 block << EXT4_BLOCK_SIZE_BITS(sb), 1754 res_dir); 1755 if (retval == 1) 1756 goto success; 1757 brelse(bh); 1758 if (retval == -1) { 1759 bh = ERR_PTR(ERR_BAD_DX_DIR); 1760 goto errout; 1761 } 1762 1763 /* Check to see if we should continue to search */ 1764 retval = ext4_htree_next_block(dir, fname->hinfo.hash, frame, 1765 frames, NULL); 1766 if (retval < 0) { 1767 ext4_warning_inode(dir, 1768 "error %d reading directory index block", 1769 retval); 1770 bh = ERR_PTR(retval); 1771 goto errout; 1772 } 1773 } while (retval == 1); 1774 1775 bh = NULL; 1776errout: 1777 dxtrace(printk(KERN_DEBUG "%s not found\n", fname->usr_fname->name)); 1778success: 1779 dx_release(frames); 1780 return bh; 1781} 1782 1783static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags) 1784{ 1785 struct inode *inode; 1786 struct ext4_dir_entry_2 *de; 1787 struct buffer_head *bh; 1788 1789 if (dentry->d_name.len > EXT4_NAME_LEN) 1790 return ERR_PTR(-ENAMETOOLONG); 1791 1792 bh = ext4_lookup_entry(dir, dentry, &de); 1793 if (IS_ERR(bh)) 1794 return ERR_CAST(bh); 1795 inode = NULL; 1796 if (bh) { 1797 __u32 ino = le32_to_cpu(de->inode); 1798 brelse(bh); 1799 if (!ext4_valid_inum(dir->i_sb, ino)) { 1800 EXT4_ERROR_INODE(dir, "bad inode number: %u", ino); 1801 return ERR_PTR(-EFSCORRUPTED); 1802 } 1803 if (unlikely(ino == dir->i_ino)) { 1804 EXT4_ERROR_INODE(dir, "'%pd' linked to parent dir", 1805 dentry); 1806 return ERR_PTR(-EFSCORRUPTED); 1807 } 1808 inode = ext4_iget(dir->i_sb, ino, EXT4_IGET_NORMAL); 1809 if (inode == ERR_PTR(-ESTALE)) { 1810 EXT4_ERROR_INODE(dir, 1811 "deleted inode referenced: %u", 1812 ino); 1813 return ERR_PTR(-EFSCORRUPTED); 1814 } 1815 if (!IS_ERR(inode) && IS_ENCRYPTED(dir) && 1816 (S_ISDIR(inode->i_mode) || S_ISLNK(inode->i_mode)) && 1817 !fscrypt_has_permitted_context(dir, inode)) { 1818 ext4_warning(inode->i_sb, 1819 "Inconsistent encryption contexts: %lu/%lu", 1820 dir->i_ino, inode->i_ino); 1821 iput(inode); 1822 return ERR_PTR(-EPERM); 1823 } 1824 } 1825 1826#if IS_ENABLED(CONFIG_UNICODE) 1827 if (!inode && IS_CASEFOLDED(dir)) { 1828 /* Eventually we want to call d_add_ci(dentry, NULL) 1829 * for negative dentries in the encoding case as 1830 * well. For now, prevent the negative dentry 1831 * from being cached. 1832 */ 1833 return NULL; 1834 } 1835#endif 1836 return d_splice_alias(inode, dentry); 1837} 1838 1839 1840struct dentry *ext4_get_parent(struct dentry *child) 1841{ 1842 __u32 ino; 1843 struct ext4_dir_entry_2 * de; 1844 struct buffer_head *bh; 1845 1846 bh = ext4_find_entry(d_inode(child), &dotdot_name, &de, NULL); 1847 if (IS_ERR(bh)) 1848 return ERR_CAST(bh); 1849 if (!bh) 1850 return ERR_PTR(-ENOENT); 1851 ino = le32_to_cpu(de->inode); 1852 brelse(bh); 1853 1854 if (!ext4_valid_inum(child->d_sb, ino)) { 1855 EXT4_ERROR_INODE(d_inode(child), 1856 "bad parent inode number: %u", ino); 1857 return ERR_PTR(-EFSCORRUPTED); 1858 } 1859 1860 return d_obtain_alias(ext4_iget(child->d_sb, ino, EXT4_IGET_NORMAL)); 1861} 1862 1863/* 1864 * Move count entries from end of map between two memory locations. 1865 * Returns pointer to last entry moved. 1866 */ 1867static struct ext4_dir_entry_2 * 1868dx_move_dirents(struct inode *dir, char *from, char *to, 1869 struct dx_map_entry *map, int count, 1870 unsigned blocksize) 1871{ 1872 unsigned rec_len = 0; 1873 1874 while (count--) { 1875 struct ext4_dir_entry_2 *de = (struct ext4_dir_entry_2 *) 1876 (from + (map->offs<<2)); 1877 rec_len = ext4_dir_rec_len(de->name_len, dir); 1878 1879 memcpy (to, de, rec_len); 1880 ((struct ext4_dir_entry_2 *) to)->rec_len = 1881 ext4_rec_len_to_disk(rec_len, blocksize); 1882 1883 /* wipe dir_entry excluding the rec_len field */ 1884 de->inode = 0; 1885 memset(&de->name_len, 0, ext4_rec_len_from_disk(de->rec_len, 1886 blocksize) - 1887 offsetof(struct ext4_dir_entry_2, 1888 name_len)); 1889 1890 map++; 1891 to += rec_len; 1892 } 1893 return (struct ext4_dir_entry_2 *) (to - rec_len); 1894} 1895 1896/* 1897 * Compact each dir entry in the range to the minimal rec_len. 1898 * Returns pointer to last entry in range. 1899 */ 1900static struct ext4_dir_entry_2 *dx_pack_dirents(struct inode *dir, char *base, 1901 unsigned int blocksize) 1902{ 1903 struct ext4_dir_entry_2 *next, *to, *prev, *de = (struct ext4_dir_entry_2 *) base; 1904 unsigned rec_len = 0; 1905 1906 prev = to = de; 1907 while ((char*)de < base + blocksize) { 1908 next = ext4_next_entry(de, blocksize); 1909 if (de->inode && de->name_len) { 1910 rec_len = ext4_dir_rec_len(de->name_len, dir); 1911 if (de > to) 1912 memmove(to, de, rec_len); 1913 to->rec_len = ext4_rec_len_to_disk(rec_len, blocksize); 1914 prev = to; 1915 to = (struct ext4_dir_entry_2 *) (((char *) to) + rec_len); 1916 } 1917 de = next; 1918 } 1919 return prev; 1920} 1921 1922/* 1923 * Split a full leaf block to make room for a new dir entry. 1924 * Allocate a new block, and move entries so that they are approx. equally full. 1925 * Returns pointer to de in block into which the new entry will be inserted. 1926 */ 1927static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir, 1928 struct buffer_head **bh,struct dx_frame *frame, 1929 struct dx_hash_info *hinfo) 1930{ 1931 unsigned blocksize = dir->i_sb->s_blocksize; 1932 unsigned continued; 1933 int count; 1934 struct buffer_head *bh2; 1935 ext4_lblk_t newblock; 1936 u32 hash2; 1937 struct dx_map_entry *map; 1938 char *data1 = (*bh)->b_data, *data2; 1939 unsigned split, move, size; 1940 struct ext4_dir_entry_2 *de = NULL, *de2; 1941 int csum_size = 0; 1942 int err = 0, i; 1943 1944 if (ext4_has_metadata_csum(dir->i_sb)) 1945 csum_size = sizeof(struct ext4_dir_entry_tail); 1946 1947 bh2 = ext4_append(handle, dir, &newblock); 1948 if (IS_ERR(bh2)) { 1949 brelse(*bh); 1950 *bh = NULL; 1951 return (struct ext4_dir_entry_2 *) bh2; 1952 } 1953 1954 BUFFER_TRACE(*bh, "get_write_access"); 1955 err = ext4_journal_get_write_access(handle, dir->i_sb, *bh, 1956 EXT4_JTR_NONE); 1957 if (err) 1958 goto journal_error; 1959 1960 BUFFER_TRACE(frame->bh, "get_write_access"); 1961 err = ext4_journal_get_write_access(handle, dir->i_sb, frame->bh, 1962 EXT4_JTR_NONE); 1963 if (err) 1964 goto journal_error; 1965 1966 data2 = bh2->b_data; 1967 1968 /* create map in the end of data2 block */ 1969 map = (struct dx_map_entry *) (data2 + blocksize); 1970 count = dx_make_map(dir, *bh, hinfo, map); 1971 if (count < 0) { 1972 err = count; 1973 goto journal_error; 1974 } 1975 map -= count; 1976 dx_sort_map(map, count); 1977 /* Ensure that neither split block is over half full */ 1978 size = 0; 1979 move = 0; 1980 for (i = count-1; i >= 0; i--) { 1981 /* is more than half of this entry in 2nd half of the block? */ 1982 if (size + map[i].size/2 > blocksize/2) 1983 break; 1984 size += map[i].size; 1985 move++; 1986 } 1987 /* 1988 * map index at which we will split 1989 * 1990 * If the sum of active entries didn't exceed half the block size, just 1991 * split it in half by count; each resulting block will have at least 1992 * half the space free. 1993 */ 1994 if (i > 0) 1995 split = count - move; 1996 else 1997 split = count/2; 1998 1999 hash2 = map[split].hash; 2000 continued = hash2 == map[split - 1].hash; 2001 dxtrace(printk(KERN_INFO "Split block %lu at %x, %i/%i\n", 2002 (unsigned long)dx_get_block(frame->at), 2003 hash2, split, count-split)); 2004 2005 /* Fancy dance to stay within two buffers */ 2006 de2 = dx_move_dirents(dir, data1, data2, map + split, count - split, 2007 blocksize); 2008 de = dx_pack_dirents(dir, data1, blocksize); 2009 de->rec_len = ext4_rec_len_to_disk(data1 + (blocksize - csum_size) - 2010 (char *) de, 2011 blocksize); 2012 de2->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 2013 (char *) de2, 2014 blocksize); 2015 if (csum_size) { 2016 ext4_initialize_dirent_tail(*bh, blocksize); 2017 ext4_initialize_dirent_tail(bh2, blocksize); 2018 } 2019 2020 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data1, 2021 blocksize, 1)); 2022 dxtrace(dx_show_leaf(dir, hinfo, (struct ext4_dir_entry_2 *) data2, 2023 blocksize, 1)); 2024 2025 /* Which block gets the new entry? */ 2026 if (hinfo->hash >= hash2) { 2027 swap(*bh, bh2); 2028 de = de2; 2029 } 2030 dx_insert_block(frame, hash2 + continued, newblock); 2031 err = ext4_handle_dirty_dirblock(handle, dir, bh2); 2032 if (err) 2033 goto journal_error; 2034 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2035 if (err) 2036 goto journal_error; 2037 brelse(bh2); 2038 dxtrace(dx_show_index("frame", frame->entries)); 2039 return de; 2040 2041journal_error: 2042 brelse(*bh); 2043 brelse(bh2); 2044 *bh = NULL; 2045 ext4_std_error(dir->i_sb, err); 2046 return ERR_PTR(err); 2047} 2048 2049int ext4_find_dest_de(struct inode *dir, struct inode *inode, 2050 struct buffer_head *bh, 2051 void *buf, int buf_size, 2052 struct ext4_filename *fname, 2053 struct ext4_dir_entry_2 **dest_de) 2054{ 2055 struct ext4_dir_entry_2 *de; 2056 unsigned short reclen = ext4_dir_rec_len(fname_len(fname), dir); 2057 int nlen, rlen; 2058 unsigned int offset = 0; 2059 char *top; 2060 2061 de = buf; 2062 top = buf + buf_size - reclen; 2063 while ((char *) de <= top) { 2064 if (ext4_check_dir_entry(dir, NULL, de, bh, 2065 buf, buf_size, offset)) 2066 return -EFSCORRUPTED; 2067 if (ext4_match(dir, fname, de)) 2068 return -EEXIST; 2069 nlen = ext4_dir_rec_len(de->name_len, dir); 2070 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2071 if ((de->inode ? rlen - nlen : rlen) >= reclen) 2072 break; 2073 de = (struct ext4_dir_entry_2 *)((char *)de + rlen); 2074 offset += rlen; 2075 } 2076 if ((char *) de > top) 2077 return -ENOSPC; 2078 2079 *dest_de = de; 2080 return 0; 2081} 2082 2083void ext4_insert_dentry(struct inode *dir, 2084 struct inode *inode, 2085 struct ext4_dir_entry_2 *de, 2086 int buf_size, 2087 struct ext4_filename *fname) 2088{ 2089 2090 int nlen, rlen; 2091 2092 nlen = ext4_dir_rec_len(de->name_len, dir); 2093 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size); 2094 if (de->inode) { 2095 struct ext4_dir_entry_2 *de1 = 2096 (struct ext4_dir_entry_2 *)((char *)de + nlen); 2097 de1->rec_len = ext4_rec_len_to_disk(rlen - nlen, buf_size); 2098 de->rec_len = ext4_rec_len_to_disk(nlen, buf_size); 2099 de = de1; 2100 } 2101 de->file_type = EXT4_FT_UNKNOWN; 2102 de->inode = cpu_to_le32(inode->i_ino); 2103 ext4_set_de_type(inode->i_sb, de, inode->i_mode); 2104 de->name_len = fname_len(fname); 2105 memcpy(de->name, fname_name(fname), fname_len(fname)); 2106 if (ext4_hash_in_dirent(dir)) { 2107 struct dx_hash_info *hinfo = &fname->hinfo; 2108 2109 EXT4_DIRENT_HASHES(de)->hash = cpu_to_le32(hinfo->hash); 2110 EXT4_DIRENT_HASHES(de)->minor_hash = 2111 cpu_to_le32(hinfo->minor_hash); 2112 } 2113} 2114 2115/* 2116 * Add a new entry into a directory (leaf) block. If de is non-NULL, 2117 * it points to a directory entry which is guaranteed to be large 2118 * enough for new directory entry. If de is NULL, then 2119 * add_dirent_to_buf will attempt search the directory block for 2120 * space. It will return -ENOSPC if no space is available, and -EIO 2121 * and -EEXIST if directory entry already exists. 2122 */ 2123static int add_dirent_to_buf(handle_t *handle, struct ext4_filename *fname, 2124 struct inode *dir, 2125 struct inode *inode, struct ext4_dir_entry_2 *de, 2126 struct buffer_head *bh) 2127{ 2128 unsigned int blocksize = dir->i_sb->s_blocksize; 2129 int csum_size = 0; 2130 int err, err2; 2131 2132 if (ext4_has_metadata_csum(inode->i_sb)) 2133 csum_size = sizeof(struct ext4_dir_entry_tail); 2134 2135 if (!de) { 2136 err = ext4_find_dest_de(dir, inode, bh, bh->b_data, 2137 blocksize - csum_size, fname, &de); 2138 if (err) 2139 return err; 2140 } 2141 BUFFER_TRACE(bh, "get_write_access"); 2142 err = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2143 EXT4_JTR_NONE); 2144 if (err) { 2145 ext4_std_error(dir->i_sb, err); 2146 return err; 2147 } 2148 2149 /* By now the buffer is marked for journaling */ 2150 ext4_insert_dentry(dir, inode, de, blocksize, fname); 2151 2152 /* 2153 * XXX shouldn't update any times until successful 2154 * completion of syscall, but too many callers depend 2155 * on this. 2156 * 2157 * XXX similarly, too many callers depend on 2158 * ext4_new_inode() setting the times, but error 2159 * recovery deletes the inode, so the worst that can 2160 * happen is that the times are slightly out of date 2161 * and/or different from the directory change time. 2162 */ 2163 dir->i_mtime = dir->i_ctime = current_time(dir); 2164 ext4_update_dx_flag(dir); 2165 inode_inc_iversion(dir); 2166 err2 = ext4_mark_inode_dirty(handle, dir); 2167 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2168 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2169 if (err) 2170 ext4_std_error(dir->i_sb, err); 2171 return err ? err : err2; 2172} 2173 2174/* 2175 * This converts a one block unindexed directory to a 3 block indexed 2176 * directory, and adds the dentry to the indexed directory. 2177 */ 2178static int make_indexed_dir(handle_t *handle, struct ext4_filename *fname, 2179 struct inode *dir, 2180 struct inode *inode, struct buffer_head *bh) 2181{ 2182 struct buffer_head *bh2; 2183 struct dx_root *root; 2184 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2185 struct dx_entry *entries; 2186 struct ext4_dir_entry_2 *de, *de2; 2187 char *data2, *top; 2188 unsigned len; 2189 int retval; 2190 unsigned blocksize; 2191 ext4_lblk_t block; 2192 struct fake_dirent *fde; 2193 int csum_size = 0; 2194 2195 if (ext4_has_metadata_csum(inode->i_sb)) 2196 csum_size = sizeof(struct ext4_dir_entry_tail); 2197 2198 blocksize = dir->i_sb->s_blocksize; 2199 dxtrace(printk(KERN_DEBUG "Creating index: inode %lu\n", dir->i_ino)); 2200 BUFFER_TRACE(bh, "get_write_access"); 2201 retval = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2202 EXT4_JTR_NONE); 2203 if (retval) { 2204 ext4_std_error(dir->i_sb, retval); 2205 brelse(bh); 2206 return retval; 2207 } 2208 root = (struct dx_root *) bh->b_data; 2209 2210 /* The 0th block becomes the root, move the dirents out */ 2211 fde = &root->dotdot; 2212 de = (struct ext4_dir_entry_2 *)((char *)fde + 2213 ext4_rec_len_from_disk(fde->rec_len, blocksize)); 2214 if ((char *) de >= (((char *) root) + blocksize)) { 2215 EXT4_ERROR_INODE(dir, "invalid rec_len for '..'"); 2216 brelse(bh); 2217 return -EFSCORRUPTED; 2218 } 2219 len = ((char *) root) + (blocksize - csum_size) - (char *) de; 2220 2221 /* Allocate new block for the 0th block's dirents */ 2222 bh2 = ext4_append(handle, dir, &block); 2223 if (IS_ERR(bh2)) { 2224 brelse(bh); 2225 return PTR_ERR(bh2); 2226 } 2227 ext4_set_inode_flag(dir, EXT4_INODE_INDEX); 2228 data2 = bh2->b_data; 2229 2230 memcpy(data2, de, len); 2231 memset(de, 0, len); /* wipe old data */ 2232 de = (struct ext4_dir_entry_2 *) data2; 2233 top = data2 + len; 2234 while ((char *)(de2 = ext4_next_entry(de, blocksize)) < top) 2235 de = de2; 2236 de->rec_len = ext4_rec_len_to_disk(data2 + (blocksize - csum_size) - 2237 (char *) de, blocksize); 2238 2239 if (csum_size) 2240 ext4_initialize_dirent_tail(bh2, blocksize); 2241 2242 /* Initialize the root; the dot dirents already exist */ 2243 de = (struct ext4_dir_entry_2 *) (&root->dotdot); 2244 de->rec_len = ext4_rec_len_to_disk( 2245 blocksize - ext4_dir_rec_len(2, NULL), blocksize); 2246 memset (&root->info, 0, sizeof(root->info)); 2247 root->info.info_length = sizeof(root->info); 2248 if (ext4_hash_in_dirent(dir)) 2249 root->info.hash_version = DX_HASH_SIPHASH; 2250 else 2251 root->info.hash_version = 2252 EXT4_SB(dir->i_sb)->s_def_hash_version; 2253 2254 entries = root->entries; 2255 dx_set_block(entries, 1); 2256 dx_set_count(entries, 1); 2257 dx_set_limit(entries, dx_root_limit(dir, sizeof(root->info))); 2258 2259 /* Initialize as for dx_probe */ 2260 fname->hinfo.hash_version = root->info.hash_version; 2261 if (fname->hinfo.hash_version <= DX_HASH_TEA) 2262 fname->hinfo.hash_version += EXT4_SB(dir->i_sb)->s_hash_unsigned; 2263 fname->hinfo.seed = EXT4_SB(dir->i_sb)->s_hash_seed; 2264 2265 /* casefolded encrypted hashes are computed on fname setup */ 2266 if (!ext4_hash_in_dirent(dir)) 2267 ext4fs_dirhash(dir, fname_name(fname), 2268 fname_len(fname), &fname->hinfo); 2269 2270 memset(frames, 0, sizeof(frames)); 2271 frame = frames; 2272 frame->entries = entries; 2273 frame->at = entries; 2274 frame->bh = bh; 2275 2276 retval = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2277 if (retval) 2278 goto out_frames; 2279 retval = ext4_handle_dirty_dirblock(handle, dir, bh2); 2280 if (retval) 2281 goto out_frames; 2282 2283 de = do_split(handle,dir, &bh2, frame, &fname->hinfo); 2284 if (IS_ERR(de)) { 2285 retval = PTR_ERR(de); 2286 goto out_frames; 2287 } 2288 2289 retval = add_dirent_to_buf(handle, fname, dir, inode, de, bh2); 2290out_frames: 2291 /* 2292 * Even if the block split failed, we have to properly write 2293 * out all the changes we did so far. Otherwise we can end up 2294 * with corrupted filesystem. 2295 */ 2296 if (retval) 2297 ext4_mark_inode_dirty(handle, dir); 2298 dx_release(frames); 2299 brelse(bh2); 2300 return retval; 2301} 2302 2303/* 2304 * ext4_add_entry() 2305 * 2306 * adds a file entry to the specified directory, using the same 2307 * semantics as ext4_find_entry(). It returns NULL if it failed. 2308 * 2309 * NOTE!! The inode part of 'de' is left at 0 - which means you 2310 * may not sleep between calling this and putting something into 2311 * the entry, as someone else might have used it while you slept. 2312 */ 2313static int ext4_add_entry(handle_t *handle, struct dentry *dentry, 2314 struct inode *inode) 2315{ 2316 struct inode *dir = d_inode(dentry->d_parent); 2317 struct buffer_head *bh = NULL; 2318 struct ext4_dir_entry_2 *de; 2319 struct super_block *sb; 2320 struct ext4_filename fname; 2321 int retval; 2322 int dx_fallback=0; 2323 unsigned blocksize; 2324 ext4_lblk_t block, blocks; 2325 int csum_size = 0; 2326 2327 if (ext4_has_metadata_csum(inode->i_sb)) 2328 csum_size = sizeof(struct ext4_dir_entry_tail); 2329 2330 sb = dir->i_sb; 2331 blocksize = sb->s_blocksize; 2332 if (!dentry->d_name.len) 2333 return -EINVAL; 2334 2335 if (fscrypt_is_nokey_name(dentry)) 2336 return -ENOKEY; 2337 2338#if IS_ENABLED(CONFIG_UNICODE) 2339 if (sb_has_strict_encoding(sb) && IS_CASEFOLDED(dir) && 2340 sb->s_encoding && utf8_validate(sb->s_encoding, &dentry->d_name)) 2341 return -EINVAL; 2342#endif 2343 2344 retval = ext4_fname_setup_filename(dir, &dentry->d_name, 0, &fname); 2345 if (retval) 2346 return retval; 2347 2348 if (ext4_has_inline_data(dir)) { 2349 retval = ext4_try_add_inline_entry(handle, &fname, dir, inode); 2350 if (retval < 0) 2351 goto out; 2352 if (retval == 1) { 2353 retval = 0; 2354 goto out; 2355 } 2356 } 2357 2358 if (is_dx(dir)) { 2359 retval = ext4_dx_add_entry(handle, &fname, dir, inode); 2360 if (!retval || (retval != ERR_BAD_DX_DIR)) 2361 goto out; 2362 /* Can we just ignore htree data? */ 2363 if (ext4_has_metadata_csum(sb)) { 2364 EXT4_ERROR_INODE(dir, 2365 "Directory has corrupted htree index."); 2366 retval = -EFSCORRUPTED; 2367 goto out; 2368 } 2369 ext4_clear_inode_flag(dir, EXT4_INODE_INDEX); 2370 dx_fallback++; 2371 retval = ext4_mark_inode_dirty(handle, dir); 2372 if (unlikely(retval)) 2373 goto out; 2374 } 2375 blocks = dir->i_size >> sb->s_blocksize_bits; 2376 for (block = 0; block < blocks; block++) { 2377 bh = ext4_read_dirblock(dir, block, DIRENT); 2378 if (bh == NULL) { 2379 bh = ext4_bread(handle, dir, block, 2380 EXT4_GET_BLOCKS_CREATE); 2381 goto add_to_new_block; 2382 } 2383 if (IS_ERR(bh)) { 2384 retval = PTR_ERR(bh); 2385 bh = NULL; 2386 goto out; 2387 } 2388 retval = add_dirent_to_buf(handle, &fname, dir, inode, 2389 NULL, bh); 2390 if (retval != -ENOSPC) 2391 goto out; 2392 2393 if (blocks == 1 && !dx_fallback && 2394 ext4_has_feature_dir_index(sb)) { 2395 retval = make_indexed_dir(handle, &fname, dir, 2396 inode, bh); 2397 bh = NULL; /* make_indexed_dir releases bh */ 2398 goto out; 2399 } 2400 brelse(bh); 2401 } 2402 bh = ext4_append(handle, dir, &block); 2403add_to_new_block: 2404 if (IS_ERR(bh)) { 2405 retval = PTR_ERR(bh); 2406 bh = NULL; 2407 goto out; 2408 } 2409 de = (struct ext4_dir_entry_2 *) bh->b_data; 2410 de->inode = 0; 2411 de->rec_len = ext4_rec_len_to_disk(blocksize - csum_size, blocksize); 2412 2413 if (csum_size) 2414 ext4_initialize_dirent_tail(bh, blocksize); 2415 2416 retval = add_dirent_to_buf(handle, &fname, dir, inode, de, bh); 2417out: 2418 ext4_fname_free_filename(&fname); 2419 brelse(bh); 2420 if (retval == 0) 2421 ext4_set_inode_state(inode, EXT4_STATE_NEWENTRY); 2422 return retval; 2423} 2424 2425/* 2426 * Returns 0 for success, or a negative error value 2427 */ 2428static int ext4_dx_add_entry(handle_t *handle, struct ext4_filename *fname, 2429 struct inode *dir, struct inode *inode) 2430{ 2431 struct dx_frame frames[EXT4_HTREE_LEVEL], *frame; 2432 struct dx_entry *entries, *at; 2433 struct buffer_head *bh; 2434 struct super_block *sb = dir->i_sb; 2435 struct ext4_dir_entry_2 *de; 2436 int restart; 2437 int err; 2438 2439again: 2440 restart = 0; 2441 frame = dx_probe(fname, dir, NULL, frames); 2442 if (IS_ERR(frame)) 2443 return PTR_ERR(frame); 2444 entries = frame->entries; 2445 at = frame->at; 2446 bh = ext4_read_dirblock(dir, dx_get_block(frame->at), DIRENT_HTREE); 2447 if (IS_ERR(bh)) { 2448 err = PTR_ERR(bh); 2449 bh = NULL; 2450 goto cleanup; 2451 } 2452 2453 BUFFER_TRACE(bh, "get_write_access"); 2454 err = ext4_journal_get_write_access(handle, sb, bh, EXT4_JTR_NONE); 2455 if (err) 2456 goto journal_error; 2457 2458 err = add_dirent_to_buf(handle, fname, dir, inode, NULL, bh); 2459 if (err != -ENOSPC) 2460 goto cleanup; 2461 2462 err = 0; 2463 /* Block full, should compress but for now just split */ 2464 dxtrace(printk(KERN_DEBUG "using %u of %u node entries\n", 2465 dx_get_count(entries), dx_get_limit(entries))); 2466 /* Need to split index? */ 2467 if (dx_get_count(entries) == dx_get_limit(entries)) { 2468 ext4_lblk_t newblock; 2469 int levels = frame - frames + 1; 2470 unsigned int icount; 2471 int add_level = 1; 2472 struct dx_entry *entries2; 2473 struct dx_node *node2; 2474 struct buffer_head *bh2; 2475 2476 while (frame > frames) { 2477 if (dx_get_count((frame - 1)->entries) < 2478 dx_get_limit((frame - 1)->entries)) { 2479 add_level = 0; 2480 break; 2481 } 2482 frame--; /* split higher index block */ 2483 at = frame->at; 2484 entries = frame->entries; 2485 restart = 1; 2486 } 2487 if (add_level && levels == ext4_dir_htree_level(sb)) { 2488 ext4_warning(sb, "Directory (ino: %lu) index full, " 2489 "reach max htree level :%d", 2490 dir->i_ino, levels); 2491 if (ext4_dir_htree_level(sb) < EXT4_HTREE_LEVEL) { 2492 ext4_warning(sb, "Large directory feature is " 2493 "not enabled on this " 2494 "filesystem"); 2495 } 2496 err = -ENOSPC; 2497 goto cleanup; 2498 } 2499 icount = dx_get_count(entries); 2500 bh2 = ext4_append(handle, dir, &newblock); 2501 if (IS_ERR(bh2)) { 2502 err = PTR_ERR(bh2); 2503 goto cleanup; 2504 } 2505 node2 = (struct dx_node *)(bh2->b_data); 2506 entries2 = node2->entries; 2507 memset(&node2->fake, 0, sizeof(struct fake_dirent)); 2508 node2->fake.rec_len = ext4_rec_len_to_disk(sb->s_blocksize, 2509 sb->s_blocksize); 2510 BUFFER_TRACE(frame->bh, "get_write_access"); 2511 err = ext4_journal_get_write_access(handle, sb, frame->bh, 2512 EXT4_JTR_NONE); 2513 if (err) 2514 goto journal_error; 2515 if (!add_level) { 2516 unsigned icount1 = icount/2, icount2 = icount - icount1; 2517 unsigned hash2 = dx_get_hash(entries + icount1); 2518 dxtrace(printk(KERN_DEBUG "Split index %i/%i\n", 2519 icount1, icount2)); 2520 2521 BUFFER_TRACE(frame->bh, "get_write_access"); /* index root */ 2522 err = ext4_journal_get_write_access(handle, sb, 2523 (frame - 1)->bh, 2524 EXT4_JTR_NONE); 2525 if (err) 2526 goto journal_error; 2527 2528 memcpy((char *) entries2, (char *) (entries + icount1), 2529 icount2 * sizeof(struct dx_entry)); 2530 dx_set_count(entries, icount1); 2531 dx_set_count(entries2, icount2); 2532 dx_set_limit(entries2, dx_node_limit(dir)); 2533 2534 /* Which index block gets the new entry? */ 2535 if (at - entries >= icount1) { 2536 frame->at = at - entries - icount1 + entries2; 2537 frame->entries = entries = entries2; 2538 swap(frame->bh, bh2); 2539 } 2540 dx_insert_block((frame - 1), hash2, newblock); 2541 dxtrace(dx_show_index("node", frame->entries)); 2542 dxtrace(dx_show_index("node", 2543 ((struct dx_node *) bh2->b_data)->entries)); 2544 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2545 if (err) 2546 goto journal_error; 2547 brelse (bh2); 2548 err = ext4_handle_dirty_dx_node(handle, dir, 2549 (frame - 1)->bh); 2550 if (err) 2551 goto journal_error; 2552 err = ext4_handle_dirty_dx_node(handle, dir, 2553 frame->bh); 2554 if (restart || err) 2555 goto journal_error; 2556 } else { 2557 struct dx_root *dxroot; 2558 memcpy((char *) entries2, (char *) entries, 2559 icount * sizeof(struct dx_entry)); 2560 dx_set_limit(entries2, dx_node_limit(dir)); 2561 2562 /* Set up root */ 2563 dx_set_count(entries, 1); 2564 dx_set_block(entries + 0, newblock); 2565 dxroot = (struct dx_root *)frames[0].bh->b_data; 2566 dxroot->info.indirect_levels += 1; 2567 dxtrace(printk(KERN_DEBUG 2568 "Creating %d level index...\n", 2569 dxroot->info.indirect_levels)); 2570 err = ext4_handle_dirty_dx_node(handle, dir, frame->bh); 2571 if (err) 2572 goto journal_error; 2573 err = ext4_handle_dirty_dx_node(handle, dir, bh2); 2574 brelse(bh2); 2575 restart = 1; 2576 goto journal_error; 2577 } 2578 } 2579 de = do_split(handle, dir, &bh, frame, &fname->hinfo); 2580 if (IS_ERR(de)) { 2581 err = PTR_ERR(de); 2582 goto cleanup; 2583 } 2584 err = add_dirent_to_buf(handle, fname, dir, inode, de, bh); 2585 goto cleanup; 2586 2587journal_error: 2588 ext4_std_error(dir->i_sb, err); /* this is a no-op if err == 0 */ 2589cleanup: 2590 brelse(bh); 2591 dx_release(frames); 2592 /* @restart is true means htree-path has been changed, we need to 2593 * repeat dx_probe() to find out valid htree-path 2594 */ 2595 if (restart && err == 0) 2596 goto again; 2597 return err; 2598} 2599 2600/* 2601 * ext4_generic_delete_entry deletes a directory entry by merging it 2602 * with the previous entry 2603 */ 2604int ext4_generic_delete_entry(struct inode *dir, 2605 struct ext4_dir_entry_2 *de_del, 2606 struct buffer_head *bh, 2607 void *entry_buf, 2608 int buf_size, 2609 int csum_size) 2610{ 2611 struct ext4_dir_entry_2 *de, *pde; 2612 unsigned int blocksize = dir->i_sb->s_blocksize; 2613 int i; 2614 2615 i = 0; 2616 pde = NULL; 2617 de = entry_buf; 2618 while (i < buf_size - csum_size) { 2619 if (ext4_check_dir_entry(dir, NULL, de, bh, 2620 entry_buf, buf_size, i)) 2621 return -EFSCORRUPTED; 2622 if (de == de_del) { 2623 if (pde) { 2624 pde->rec_len = ext4_rec_len_to_disk( 2625 ext4_rec_len_from_disk(pde->rec_len, 2626 blocksize) + 2627 ext4_rec_len_from_disk(de->rec_len, 2628 blocksize), 2629 blocksize); 2630 2631 /* wipe entire dir_entry */ 2632 memset(de, 0, ext4_rec_len_from_disk(de->rec_len, 2633 blocksize)); 2634 } else { 2635 /* wipe dir_entry excluding the rec_len field */ 2636 de->inode = 0; 2637 memset(&de->name_len, 0, 2638 ext4_rec_len_from_disk(de->rec_len, 2639 blocksize) - 2640 offsetof(struct ext4_dir_entry_2, 2641 name_len)); 2642 } 2643 2644 inode_inc_iversion(dir); 2645 return 0; 2646 } 2647 i += ext4_rec_len_from_disk(de->rec_len, blocksize); 2648 pde = de; 2649 de = ext4_next_entry(de, blocksize); 2650 } 2651 return -ENOENT; 2652} 2653 2654static int ext4_delete_entry(handle_t *handle, 2655 struct inode *dir, 2656 struct ext4_dir_entry_2 *de_del, 2657 struct buffer_head *bh) 2658{ 2659 int err, csum_size = 0; 2660 2661 if (ext4_has_inline_data(dir)) { 2662 int has_inline_data = 1; 2663 err = ext4_delete_inline_entry(handle, dir, de_del, bh, 2664 &has_inline_data); 2665 if (has_inline_data) 2666 return err; 2667 } 2668 2669 if (ext4_has_metadata_csum(dir->i_sb)) 2670 csum_size = sizeof(struct ext4_dir_entry_tail); 2671 2672 BUFFER_TRACE(bh, "get_write_access"); 2673 err = ext4_journal_get_write_access(handle, dir->i_sb, bh, 2674 EXT4_JTR_NONE); 2675 if (unlikely(err)) 2676 goto out; 2677 2678 err = ext4_generic_delete_entry(dir, de_del, bh, bh->b_data, 2679 dir->i_sb->s_blocksize, csum_size); 2680 if (err) 2681 goto out; 2682 2683 BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata"); 2684 err = ext4_handle_dirty_dirblock(handle, dir, bh); 2685 if (unlikely(err)) 2686 goto out; 2687 2688 return 0; 2689out: 2690 if (err != -ENOENT) 2691 ext4_std_error(dir->i_sb, err); 2692 return err; 2693} 2694 2695/* 2696 * Set directory link count to 1 if nlinks > EXT4_LINK_MAX, or if nlinks == 2 2697 * since this indicates that nlinks count was previously 1 to avoid overflowing 2698 * the 16-bit i_links_count field on disk. Directories with i_nlink == 1 mean 2699 * that subdirectory link counts are not being maintained accurately. 2700 * 2701 * The caller has already checked for i_nlink overflow in case the DIR_LINK 2702 * feature is not enabled and returned -EMLINK. The is_dx() check is a proxy 2703 * for checking S_ISDIR(inode) (since the INODE_INDEX feature will not be set 2704 * on regular files) and to avoid creating huge/slow non-HTREE directories. 2705 */ 2706static void ext4_inc_count(struct inode *inode) 2707{ 2708 inc_nlink(inode); 2709 if (is_dx(inode) && 2710 (inode->i_nlink > EXT4_LINK_MAX || inode->i_nlink == 2)) 2711 set_nlink(inode, 1); 2712} 2713 2714/* 2715 * If a directory had nlink == 1, then we should let it be 1. This indicates 2716 * directory has >EXT4_LINK_MAX subdirs. 2717 */ 2718static void ext4_dec_count(struct inode *inode) 2719{ 2720 if (!S_ISDIR(inode->i_mode) || inode->i_nlink > 2) 2721 drop_nlink(inode); 2722} 2723 2724 2725/* 2726 * Add non-directory inode to a directory. On success, the inode reference is 2727 * consumed by dentry is instantiation. This is also indicated by clearing of 2728 * *inodep pointer. On failure, the caller is responsible for dropping the 2729 * inode reference in the safe context. 2730 */ 2731static int ext4_add_nondir(handle_t *handle, 2732 struct dentry *dentry, struct inode **inodep) 2733{ 2734 struct inode *dir = d_inode(dentry->d_parent); 2735 struct inode *inode = *inodep; 2736 int err = ext4_add_entry(handle, dentry, inode); 2737 if (!err) { 2738 err = ext4_mark_inode_dirty(handle, inode); 2739 if (IS_DIRSYNC(dir)) 2740 ext4_handle_sync(handle); 2741 d_instantiate_new(dentry, inode); 2742 *inodep = NULL; 2743 return err; 2744 } 2745 drop_nlink(inode); 2746 ext4_orphan_add(handle, inode); 2747 unlock_new_inode(inode); 2748 return err; 2749} 2750 2751/* 2752 * By the time this is called, we already have created 2753 * the directory cache entry for the new file, but it 2754 * is so far negative - it has no inode. 2755 * 2756 * If the create succeeds, we fill in the inode information 2757 * with d_instantiate(). 2758 */ 2759static int ext4_create(struct user_namespace *mnt_userns, struct inode *dir, 2760 struct dentry *dentry, umode_t mode, bool excl) 2761{ 2762 handle_t *handle; 2763 struct inode *inode; 2764 int err, credits, retries = 0; 2765 2766 err = dquot_initialize(dir); 2767 if (err) 2768 return err; 2769 2770 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2771 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2772retry: 2773 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name, 2774 0, NULL, EXT4_HT_DIR, credits); 2775 handle = ext4_journal_current_handle(); 2776 err = PTR_ERR(inode); 2777 if (!IS_ERR(inode)) { 2778 inode->i_op = &ext4_file_inode_operations; 2779 inode->i_fop = &ext4_file_operations; 2780 ext4_set_aops(inode); 2781 err = ext4_add_nondir(handle, dentry, &inode); 2782 if (!err) 2783 ext4_fc_track_create(handle, dentry); 2784 } 2785 if (handle) 2786 ext4_journal_stop(handle); 2787 if (!IS_ERR_OR_NULL(inode)) 2788 iput(inode); 2789 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2790 goto retry; 2791 return err; 2792} 2793 2794static int ext4_mknod(struct user_namespace *mnt_userns, struct inode *dir, 2795 struct dentry *dentry, umode_t mode, dev_t rdev) 2796{ 2797 handle_t *handle; 2798 struct inode *inode; 2799 int err, credits, retries = 0; 2800 2801 err = dquot_initialize(dir); 2802 if (err) 2803 return err; 2804 2805 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2806 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2807retry: 2808 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, &dentry->d_name, 2809 0, NULL, EXT4_HT_DIR, credits); 2810 handle = ext4_journal_current_handle(); 2811 err = PTR_ERR(inode); 2812 if (!IS_ERR(inode)) { 2813 init_special_inode(inode, inode->i_mode, rdev); 2814 inode->i_op = &ext4_special_inode_operations; 2815 err = ext4_add_nondir(handle, dentry, &inode); 2816 if (!err) 2817 ext4_fc_track_create(handle, dentry); 2818 } 2819 if (handle) 2820 ext4_journal_stop(handle); 2821 if (!IS_ERR_OR_NULL(inode)) 2822 iput(inode); 2823 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2824 goto retry; 2825 return err; 2826} 2827 2828static int ext4_tmpfile(struct user_namespace *mnt_userns, struct inode *dir, 2829 struct dentry *dentry, umode_t mode) 2830{ 2831 handle_t *handle; 2832 struct inode *inode; 2833 int err, retries = 0; 2834 2835 err = dquot_initialize(dir); 2836 if (err) 2837 return err; 2838 2839retry: 2840 inode = ext4_new_inode_start_handle(mnt_userns, dir, mode, 2841 NULL, 0, NULL, 2842 EXT4_HT_DIR, 2843 EXT4_MAXQUOTAS_INIT_BLOCKS(dir->i_sb) + 2844 4 + EXT4_XATTR_TRANS_BLOCKS); 2845 handle = ext4_journal_current_handle(); 2846 err = PTR_ERR(inode); 2847 if (!IS_ERR(inode)) { 2848 inode->i_op = &ext4_file_inode_operations; 2849 inode->i_fop = &ext4_file_operations; 2850 ext4_set_aops(inode); 2851 d_tmpfile(dentry, inode); 2852 err = ext4_orphan_add(handle, inode); 2853 if (err) 2854 goto err_unlock_inode; 2855 mark_inode_dirty(inode); 2856 unlock_new_inode(inode); 2857 } 2858 if (handle) 2859 ext4_journal_stop(handle); 2860 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 2861 goto retry; 2862 return err; 2863err_unlock_inode: 2864 ext4_journal_stop(handle); 2865 unlock_new_inode(inode); 2866 return err; 2867} 2868 2869struct ext4_dir_entry_2 *ext4_init_dot_dotdot(struct inode *inode, 2870 struct ext4_dir_entry_2 *de, 2871 int blocksize, int csum_size, 2872 unsigned int parent_ino, int dotdot_real_len) 2873{ 2874 de->inode = cpu_to_le32(inode->i_ino); 2875 de->name_len = 1; 2876 de->rec_len = ext4_rec_len_to_disk(ext4_dir_rec_len(de->name_len, NULL), 2877 blocksize); 2878 strcpy(de->name, "."); 2879 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2880 2881 de = ext4_next_entry(de, blocksize); 2882 de->inode = cpu_to_le32(parent_ino); 2883 de->name_len = 2; 2884 if (!dotdot_real_len) 2885 de->rec_len = ext4_rec_len_to_disk(blocksize - 2886 (csum_size + ext4_dir_rec_len(1, NULL)), 2887 blocksize); 2888 else 2889 de->rec_len = ext4_rec_len_to_disk( 2890 ext4_dir_rec_len(de->name_len, NULL), 2891 blocksize); 2892 strcpy(de->name, ".."); 2893 ext4_set_de_type(inode->i_sb, de, S_IFDIR); 2894 2895 return ext4_next_entry(de, blocksize); 2896} 2897 2898int ext4_init_new_dir(handle_t *handle, struct inode *dir, 2899 struct inode *inode) 2900{ 2901 struct buffer_head *dir_block = NULL; 2902 struct ext4_dir_entry_2 *de; 2903 ext4_lblk_t block = 0; 2904 unsigned int blocksize = dir->i_sb->s_blocksize; 2905 int csum_size = 0; 2906 int err; 2907 2908 if (ext4_has_metadata_csum(dir->i_sb)) 2909 csum_size = sizeof(struct ext4_dir_entry_tail); 2910 2911 if (ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)) { 2912 err = ext4_try_create_inline_dir(handle, dir, inode); 2913 if (err < 0 && err != -ENOSPC) 2914 goto out; 2915 if (!err) 2916 goto out; 2917 } 2918 2919 inode->i_size = 0; 2920 dir_block = ext4_append(handle, inode, &block); 2921 if (IS_ERR(dir_block)) 2922 return PTR_ERR(dir_block); 2923 de = (struct ext4_dir_entry_2 *)dir_block->b_data; 2924 ext4_init_dot_dotdot(inode, de, blocksize, csum_size, dir->i_ino, 0); 2925 set_nlink(inode, 2); 2926 if (csum_size) 2927 ext4_initialize_dirent_tail(dir_block, blocksize); 2928 2929 BUFFER_TRACE(dir_block, "call ext4_handle_dirty_metadata"); 2930 err = ext4_handle_dirty_dirblock(handle, inode, dir_block); 2931 if (err) 2932 goto out; 2933 set_buffer_verified(dir_block); 2934out: 2935 brelse(dir_block); 2936 return err; 2937} 2938 2939static int ext4_mkdir(struct user_namespace *mnt_userns, struct inode *dir, 2940 struct dentry *dentry, umode_t mode) 2941{ 2942 handle_t *handle; 2943 struct inode *inode; 2944 int err, err2 = 0, credits, retries = 0; 2945 2946 if (EXT4_DIR_LINK_MAX(dir)) 2947 return -EMLINK; 2948 2949 err = dquot_initialize(dir); 2950 if (err) 2951 return err; 2952 2953 credits = (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 2954 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3); 2955retry: 2956 inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFDIR | mode, 2957 &dentry->d_name, 2958 0, NULL, EXT4_HT_DIR, credits); 2959 handle = ext4_journal_current_handle(); 2960 err = PTR_ERR(inode); 2961 if (IS_ERR(inode)) 2962 goto out_stop; 2963 2964 inode->i_op = &ext4_dir_inode_operations; 2965 inode->i_fop = &ext4_dir_operations; 2966 err = ext4_init_new_dir(handle, dir, inode); 2967 if (err) 2968 goto out_clear_inode; 2969 err = ext4_mark_inode_dirty(handle, inode); 2970 if (!err) 2971 err = ext4_add_entry(handle, dentry, inode); 2972 if (err) { 2973out_clear_inode: 2974 clear_nlink(inode); 2975 ext4_orphan_add(handle, inode); 2976 unlock_new_inode(inode); 2977 err2 = ext4_mark_inode_dirty(handle, inode); 2978 if (unlikely(err2)) 2979 err = err2; 2980 ext4_journal_stop(handle); 2981 iput(inode); 2982 goto out_retry; 2983 } 2984 ext4_inc_count(dir); 2985 2986 ext4_update_dx_flag(dir); 2987 err = ext4_mark_inode_dirty(handle, dir); 2988 if (err) 2989 goto out_clear_inode; 2990 d_instantiate_new(dentry, inode); 2991 ext4_fc_track_create(handle, dentry); 2992 if (IS_DIRSYNC(dir)) 2993 ext4_handle_sync(handle); 2994 2995out_stop: 2996 if (handle) 2997 ext4_journal_stop(handle); 2998out_retry: 2999 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3000 goto retry; 3001 return err; 3002} 3003 3004/* 3005 * routine to check that the specified directory is empty (for rmdir) 3006 */ 3007bool ext4_empty_dir(struct inode *inode) 3008{ 3009 unsigned int offset; 3010 struct buffer_head *bh; 3011 struct ext4_dir_entry_2 *de; 3012 struct super_block *sb; 3013 3014 if (ext4_has_inline_data(inode)) { 3015 int has_inline_data = 1; 3016 int ret; 3017 3018 ret = empty_inline_dir(inode, &has_inline_data); 3019 if (has_inline_data) 3020 return ret; 3021 } 3022 3023 sb = inode->i_sb; 3024 if (inode->i_size < ext4_dir_rec_len(1, NULL) + 3025 ext4_dir_rec_len(2, NULL)) { 3026 EXT4_ERROR_INODE(inode, "invalid size"); 3027 return false; 3028 } 3029 /* The first directory block must not be a hole, 3030 * so treat it as DIRENT_HTREE 3031 */ 3032 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3033 if (IS_ERR(bh)) 3034 return false; 3035 3036 de = (struct ext4_dir_entry_2 *) bh->b_data; 3037 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3038 0) || 3039 le32_to_cpu(de->inode) != inode->i_ino || strcmp(".", de->name)) { 3040 ext4_warning_inode(inode, "directory missing '.'"); 3041 brelse(bh); 3042 return false; 3043 } 3044 offset = ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3045 de = ext4_next_entry(de, sb->s_blocksize); 3046 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, bh->b_size, 3047 offset) || 3048 le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) { 3049 ext4_warning_inode(inode, "directory missing '..'"); 3050 brelse(bh); 3051 return false; 3052 } 3053 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3054 while (offset < inode->i_size) { 3055 if (!(offset & (sb->s_blocksize - 1))) { 3056 unsigned int lblock; 3057 brelse(bh); 3058 lblock = offset >> EXT4_BLOCK_SIZE_BITS(sb); 3059 bh = ext4_read_dirblock(inode, lblock, EITHER); 3060 if (bh == NULL) { 3061 offset += sb->s_blocksize; 3062 continue; 3063 } 3064 if (IS_ERR(bh)) 3065 return false; 3066 } 3067 de = (struct ext4_dir_entry_2 *) (bh->b_data + 3068 (offset & (sb->s_blocksize - 1))); 3069 if (ext4_check_dir_entry(inode, NULL, de, bh, 3070 bh->b_data, bh->b_size, offset)) { 3071 offset = (offset | (sb->s_blocksize - 1)) + 1; 3072 continue; 3073 } 3074 if (le32_to_cpu(de->inode)) { 3075 brelse(bh); 3076 return false; 3077 } 3078 offset += ext4_rec_len_from_disk(de->rec_len, sb->s_blocksize); 3079 } 3080 brelse(bh); 3081 return true; 3082} 3083 3084static int ext4_rmdir(struct inode *dir, struct dentry *dentry) 3085{ 3086 int retval; 3087 struct inode *inode; 3088 struct buffer_head *bh; 3089 struct ext4_dir_entry_2 *de; 3090 handle_t *handle = NULL; 3091 3092 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3093 return -EIO; 3094 3095 /* Initialize quotas before so that eventual writes go in 3096 * separate transaction */ 3097 retval = dquot_initialize(dir); 3098 if (retval) 3099 return retval; 3100 retval = dquot_initialize(d_inode(dentry)); 3101 if (retval) 3102 return retval; 3103 3104 retval = -ENOENT; 3105 bh = ext4_find_entry(dir, &dentry->d_name, &de, NULL); 3106 if (IS_ERR(bh)) 3107 return PTR_ERR(bh); 3108 if (!bh) 3109 goto end_rmdir; 3110 3111 inode = d_inode(dentry); 3112 3113 retval = -EFSCORRUPTED; 3114 if (le32_to_cpu(de->inode) != inode->i_ino) 3115 goto end_rmdir; 3116 3117 retval = -ENOTEMPTY; 3118 if (!ext4_empty_dir(inode)) 3119 goto end_rmdir; 3120 3121 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3122 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3123 if (IS_ERR(handle)) { 3124 retval = PTR_ERR(handle); 3125 handle = NULL; 3126 goto end_rmdir; 3127 } 3128 3129 if (IS_DIRSYNC(dir)) 3130 ext4_handle_sync(handle); 3131 3132 retval = ext4_delete_entry(handle, dir, de, bh); 3133 if (retval) 3134 goto end_rmdir; 3135 if (!EXT4_DIR_LINK_EMPTY(inode)) 3136 ext4_warning_inode(inode, 3137 "empty directory '%.*s' has too many links (%u)", 3138 dentry->d_name.len, dentry->d_name.name, 3139 inode->i_nlink); 3140 inode_inc_iversion(inode); 3141 clear_nlink(inode); 3142 /* There's no need to set i_disksize: the fact that i_nlink is 3143 * zero will ensure that the right thing happens during any 3144 * recovery. */ 3145 inode->i_size = 0; 3146 ext4_orphan_add(handle, inode); 3147 inode->i_ctime = dir->i_ctime = dir->i_mtime = current_time(inode); 3148 retval = ext4_mark_inode_dirty(handle, inode); 3149 if (retval) 3150 goto end_rmdir; 3151 ext4_dec_count(dir); 3152 ext4_update_dx_flag(dir); 3153 ext4_fc_track_unlink(handle, dentry); 3154 retval = ext4_mark_inode_dirty(handle, dir); 3155 3156#if IS_ENABLED(CONFIG_UNICODE) 3157 /* VFS negative dentries are incompatible with Encoding and 3158 * Case-insensitiveness. Eventually we'll want avoid 3159 * invalidating the dentries here, alongside with returning the 3160 * negative dentries at ext4_lookup(), when it is better 3161 * supported by the VFS for the CI case. 3162 */ 3163 if (IS_CASEFOLDED(dir)) 3164 d_invalidate(dentry); 3165#endif 3166 3167end_rmdir: 3168 brelse(bh); 3169 if (handle) 3170 ext4_journal_stop(handle); 3171 return retval; 3172} 3173 3174int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name, 3175 struct inode *inode) 3176{ 3177 int retval = -ENOENT; 3178 struct buffer_head *bh; 3179 struct ext4_dir_entry_2 *de; 3180 int skip_remove_dentry = 0; 3181 3182 bh = ext4_find_entry(dir, d_name, &de, NULL); 3183 if (IS_ERR(bh)) 3184 return PTR_ERR(bh); 3185 3186 if (!bh) 3187 return -ENOENT; 3188 3189 if (le32_to_cpu(de->inode) != inode->i_ino) { 3190 /* 3191 * It's okay if we find dont find dentry which matches 3192 * the inode. That's because it might have gotten 3193 * renamed to a different inode number 3194 */ 3195 if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY) 3196 skip_remove_dentry = 1; 3197 else 3198 goto out; 3199 } 3200 3201 if (IS_DIRSYNC(dir)) 3202 ext4_handle_sync(handle); 3203 3204 if (!skip_remove_dentry) { 3205 retval = ext4_delete_entry(handle, dir, de, bh); 3206 if (retval) 3207 goto out; 3208 dir->i_ctime = dir->i_mtime = current_time(dir); 3209 ext4_update_dx_flag(dir); 3210 retval = ext4_mark_inode_dirty(handle, dir); 3211 if (retval) 3212 goto out; 3213 } else { 3214 retval = 0; 3215 } 3216 if (inode->i_nlink == 0) 3217 ext4_warning_inode(inode, "Deleting file '%.*s' with no links", 3218 d_name->len, d_name->name); 3219 else 3220 drop_nlink(inode); 3221 if (!inode->i_nlink) 3222 ext4_orphan_add(handle, inode); 3223 inode->i_ctime = current_time(inode); 3224 retval = ext4_mark_inode_dirty(handle, inode); 3225 3226out: 3227 brelse(bh); 3228 return retval; 3229} 3230 3231static int ext4_unlink(struct inode *dir, struct dentry *dentry) 3232{ 3233 handle_t *handle; 3234 int retval; 3235 3236 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3237 return -EIO; 3238 3239 trace_ext4_unlink_enter(dir, dentry); 3240 /* 3241 * Initialize quotas before so that eventual writes go 3242 * in separate transaction 3243 */ 3244 retval = dquot_initialize(dir); 3245 if (retval) 3246 goto out_trace; 3247 retval = dquot_initialize(d_inode(dentry)); 3248 if (retval) 3249 goto out_trace; 3250 3251 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3252 EXT4_DATA_TRANS_BLOCKS(dir->i_sb)); 3253 if (IS_ERR(handle)) { 3254 retval = PTR_ERR(handle); 3255 goto out_trace; 3256 } 3257 3258 retval = __ext4_unlink(handle, dir, &dentry->d_name, d_inode(dentry)); 3259 if (!retval) 3260 ext4_fc_track_unlink(handle, dentry); 3261#if IS_ENABLED(CONFIG_UNICODE) 3262 /* VFS negative dentries are incompatible with Encoding and 3263 * Case-insensitiveness. Eventually we'll want avoid 3264 * invalidating the dentries here, alongside with returning the 3265 * negative dentries at ext4_lookup(), when it is better 3266 * supported by the VFS for the CI case. 3267 */ 3268 if (IS_CASEFOLDED(dir)) 3269 d_invalidate(dentry); 3270#endif 3271 if (handle) 3272 ext4_journal_stop(handle); 3273 3274out_trace: 3275 trace_ext4_unlink_exit(dentry, retval); 3276 return retval; 3277} 3278 3279static int ext4_init_symlink_block(handle_t *handle, struct inode *inode, 3280 struct fscrypt_str *disk_link) 3281{ 3282 struct buffer_head *bh; 3283 char *kaddr; 3284 int err = 0; 3285 3286 bh = ext4_bread(handle, inode, 0, EXT4_GET_BLOCKS_CREATE); 3287 if (IS_ERR(bh)) 3288 return PTR_ERR(bh); 3289 3290 BUFFER_TRACE(bh, "get_write_access"); 3291 err = ext4_journal_get_write_access(handle, inode->i_sb, bh, EXT4_JTR_NONE); 3292 if (err) 3293 goto out; 3294 3295 kaddr = (char *)bh->b_data; 3296 memcpy(kaddr, disk_link->name, disk_link->len); 3297 inode->i_size = disk_link->len - 1; 3298 EXT4_I(inode)->i_disksize = inode->i_size; 3299 err = ext4_handle_dirty_metadata(handle, inode, bh); 3300out: 3301 brelse(bh); 3302 return err; 3303} 3304 3305static int ext4_symlink(struct user_namespace *mnt_userns, struct inode *dir, 3306 struct dentry *dentry, const char *symname) 3307{ 3308 handle_t *handle; 3309 struct inode *inode; 3310 int err, len = strlen(symname); 3311 int credits; 3312 struct fscrypt_str disk_link; 3313 int retries = 0; 3314 3315 if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) 3316 return -EIO; 3317 3318 err = fscrypt_prepare_symlink(dir, symname, len, dir->i_sb->s_blocksize, 3319 &disk_link); 3320 if (err) 3321 return err; 3322 3323 err = dquot_initialize(dir); 3324 if (err) 3325 return err; 3326 3327 /* 3328 * EXT4_INDEX_EXTRA_TRANS_BLOCKS for addition of entry into the 3329 * directory. +3 for inode, inode bitmap, group descriptor allocation. 3330 * EXT4_DATA_TRANS_BLOCKS for the data block allocation and 3331 * modification. 3332 */ 3333 credits = EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3334 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 3; 3335retry: 3336 inode = ext4_new_inode_start_handle(mnt_userns, dir, S_IFLNK|S_IRWXUGO, 3337 &dentry->d_name, 0, NULL, 3338 EXT4_HT_DIR, credits); 3339 handle = ext4_journal_current_handle(); 3340 if (IS_ERR(inode)) { 3341 if (handle) 3342 ext4_journal_stop(handle); 3343 err = PTR_ERR(inode); 3344 goto out_retry; 3345 } 3346 3347 if (IS_ENCRYPTED(inode)) { 3348 err = fscrypt_encrypt_symlink(inode, symname, len, &disk_link); 3349 if (err) 3350 goto err_drop_inode; 3351 inode->i_op = &ext4_encrypted_symlink_inode_operations; 3352 } else { 3353 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3354 inode->i_op = &ext4_symlink_inode_operations; 3355 } else { 3356 inode->i_op = &ext4_fast_symlink_inode_operations; 3357 inode->i_link = (char *)&EXT4_I(inode)->i_data; 3358 } 3359 } 3360 3361 if ((disk_link.len > EXT4_N_BLOCKS * 4)) { 3362 /* alloc symlink block and fill it */ 3363 err = ext4_init_symlink_block(handle, inode, &disk_link); 3364 if (err) 3365 goto err_drop_inode; 3366 } else { 3367 /* clear the extent format for fast symlink */ 3368 ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS); 3369 memcpy((char *)&EXT4_I(inode)->i_data, disk_link.name, 3370 disk_link.len); 3371 inode->i_size = disk_link.len - 1; 3372 EXT4_I(inode)->i_disksize = inode->i_size; 3373 } 3374 err = ext4_add_nondir(handle, dentry, &inode); 3375 if (handle) 3376 ext4_journal_stop(handle); 3377 iput(inode); 3378 goto out_retry; 3379 3380err_drop_inode: 3381 clear_nlink(inode); 3382 ext4_orphan_add(handle, inode); 3383 unlock_new_inode(inode); 3384 if (handle) 3385 ext4_journal_stop(handle); 3386 iput(inode); 3387out_retry: 3388 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3389 goto retry; 3390 if (disk_link.name != (unsigned char *)symname) 3391 kfree(disk_link.name); 3392 return err; 3393} 3394 3395int __ext4_link(struct inode *dir, struct inode *inode, struct dentry *dentry) 3396{ 3397 handle_t *handle; 3398 int err, retries = 0; 3399retry: 3400 handle = ext4_journal_start(dir, EXT4_HT_DIR, 3401 (EXT4_DATA_TRANS_BLOCKS(dir->i_sb) + 3402 EXT4_INDEX_EXTRA_TRANS_BLOCKS) + 1); 3403 if (IS_ERR(handle)) 3404 return PTR_ERR(handle); 3405 3406 if (IS_DIRSYNC(dir)) 3407 ext4_handle_sync(handle); 3408 3409 inode->i_ctime = current_time(inode); 3410 ext4_inc_count(inode); 3411 ihold(inode); 3412 3413 err = ext4_add_entry(handle, dentry, inode); 3414 if (!err) { 3415 err = ext4_mark_inode_dirty(handle, inode); 3416 /* this can happen only for tmpfile being 3417 * linked the first time 3418 */ 3419 if (inode->i_nlink == 1) 3420 ext4_orphan_del(handle, inode); 3421 d_instantiate(dentry, inode); 3422 ext4_fc_track_link(handle, dentry); 3423 } else { 3424 drop_nlink(inode); 3425 iput(inode); 3426 } 3427 ext4_journal_stop(handle); 3428 if (err == -ENOSPC && ext4_should_retry_alloc(dir->i_sb, &retries)) 3429 goto retry; 3430 return err; 3431} 3432 3433static int ext4_link(struct dentry *old_dentry, 3434 struct inode *dir, struct dentry *dentry) 3435{ 3436 struct inode *inode = d_inode(old_dentry); 3437 int err; 3438 3439 if (inode->i_nlink >= EXT4_LINK_MAX) 3440 return -EMLINK; 3441 3442 err = fscrypt_prepare_link(old_dentry, dir, dentry); 3443 if (err) 3444 return err; 3445 3446 if ((ext4_test_inode_flag(dir, EXT4_INODE_PROJINHERIT)) && 3447 (!projid_eq(EXT4_I(dir)->i_projid, 3448 EXT4_I(old_dentry->d_inode)->i_projid))) 3449 return -EXDEV; 3450 3451 err = dquot_initialize(dir); 3452 if (err) 3453 return err; 3454 return __ext4_link(dir, inode, dentry); 3455} 3456 3457/* 3458 * Try to find buffer head where contains the parent block. 3459 * It should be the inode block if it is inlined or the 1st block 3460 * if it is a normal dir. 3461 */ 3462static struct buffer_head *ext4_get_first_dir_block(handle_t *handle, 3463 struct inode *inode, 3464 int *retval, 3465 struct ext4_dir_entry_2 **parent_de, 3466 int *inlined) 3467{ 3468 struct buffer_head *bh; 3469 3470 if (!ext4_has_inline_data(inode)) { 3471 struct ext4_dir_entry_2 *de; 3472 unsigned int offset; 3473 3474 /* The first directory block must not be a hole, so 3475 * treat it as DIRENT_HTREE 3476 */ 3477 bh = ext4_read_dirblock(inode, 0, DIRENT_HTREE); 3478 if (IS_ERR(bh)) { 3479 *retval = PTR_ERR(bh); 3480 return NULL; 3481 } 3482 3483 de = (struct ext4_dir_entry_2 *) bh->b_data; 3484 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, 3485 bh->b_size, 0) || 3486 le32_to_cpu(de->inode) != inode->i_ino || 3487 strcmp(".", de->name)) { 3488 EXT4_ERROR_INODE(inode, "directory missing '.'"); 3489 brelse(bh); 3490 *retval = -EFSCORRUPTED; 3491 return NULL; 3492 } 3493 offset = ext4_rec_len_from_disk(de->rec_len, 3494 inode->i_sb->s_blocksize); 3495 de = ext4_next_entry(de, inode->i_sb->s_blocksize); 3496 if (ext4_check_dir_entry(inode, NULL, de, bh, bh->b_data, 3497 bh->b_size, offset) || 3498 le32_to_cpu(de->inode) == 0 || strcmp("..", de->name)) { 3499 EXT4_ERROR_INODE(inode, "directory missing '..'"); 3500 brelse(bh); 3501 *retval = -EFSCORRUPTED; 3502 return NULL; 3503 } 3504 *parent_de = de; 3505 3506 return bh; 3507 } 3508 3509 *inlined = 1; 3510 return ext4_get_first_inline_block(inode, parent_de, retval); 3511} 3512 3513struct ext4_renament { 3514 struct inode *dir; 3515 struct dentry *dentry; 3516 struct inode *inode; 3517 bool is_dir; 3518 int dir_nlink_delta; 3519 3520 /* entry for "dentry" */ 3521 struct buffer_head *bh; 3522 struct ext4_dir_entry_2 *de; 3523 int inlined; 3524 3525 /* entry for ".." in inode if it's a directory */ 3526 struct buffer_head *dir_bh; 3527 struct ext4_dir_entry_2 *parent_de; 3528 int dir_inlined; 3529}; 3530 3531static int ext4_rename_dir_prepare(handle_t *handle, struct ext4_renament *ent) 3532{ 3533 int retval; 3534 3535 ent->dir_bh = ext4_get_first_dir_block(handle, ent->inode, 3536 &retval, &ent->parent_de, 3537 &ent->dir_inlined); 3538 if (!ent->dir_bh) 3539 return retval; 3540 if (le32_to_cpu(ent->parent_de->inode) != ent->dir->i_ino) 3541 return -EFSCORRUPTED; 3542 BUFFER_TRACE(ent->dir_bh, "get_write_access"); 3543 return ext4_journal_get_write_access(handle, ent->dir->i_sb, 3544 ent->dir_bh, EXT4_JTR_NONE); 3545} 3546 3547static int ext4_rename_dir_finish(handle_t *handle, struct ext4_renament *ent, 3548 unsigned dir_ino) 3549{ 3550 int retval; 3551 3552 ent->parent_de->inode = cpu_to_le32(dir_ino); 3553 BUFFER_TRACE(ent->dir_bh, "call ext4_handle_dirty_metadata"); 3554 if (!ent->dir_inlined) { 3555 if (is_dx(ent->inode)) { 3556 retval = ext4_handle_dirty_dx_node(handle, 3557 ent->inode, 3558 ent->dir_bh); 3559 } else { 3560 retval = ext4_handle_dirty_dirblock(handle, ent->inode, 3561 ent->dir_bh); 3562 } 3563 } else { 3564 retval = ext4_mark_inode_dirty(handle, ent->inode); 3565 } 3566 if (retval) { 3567 ext4_std_error(ent->dir->i_sb, retval); 3568 return retval; 3569 } 3570 return 0; 3571} 3572 3573static int ext4_setent(handle_t *handle, struct ext4_renament *ent, 3574 unsigned ino, unsigned file_type) 3575{ 3576 int retval, retval2; 3577 3578 BUFFER_TRACE(ent->bh, "get write access"); 3579 retval = ext4_journal_get_write_access(handle, ent->dir->i_sb, ent->bh, 3580 EXT4_JTR_NONE); 3581 if (retval) 3582 return retval; 3583 ent->de->inode = cpu_to_le32(ino); 3584 if (ext4_has_feature_filetype(ent->dir->i_sb)) 3585 ent->de->file_type = file_type; 3586 inode_inc_iversion(ent->dir); 3587 ent->dir->i_ctime = ent->dir->i_mtime = 3588 current_time(ent->dir); 3589 retval = ext4_mark_inode_dirty(handle, ent->dir); 3590 BUFFER_TRACE(ent->bh, "call ext4_handle_dirty_metadata"); 3591 if (!ent->inlined) { 3592 retval2 = ext4_handle_dirty_dirblock(handle, ent->dir, ent->bh); 3593 if (unlikely(retval2)) { 3594 ext4_std_error(ent->dir->i_sb, retval2); 3595 return retval2; 3596 } 3597 } 3598 return retval; 3599} 3600 3601static void ext4_resetent(handle_t *handle, struct ext4_renament *ent, 3602 unsigned ino, unsigned file_type) 3603{ 3604 struct ext4_renament old = *ent; 3605 int retval = 0; 3606 3607 /* 3608 * old->de could have moved from under us during make indexed dir, 3609 * so the old->de may no longer valid and need to find it again 3610 * before reset old inode info. 3611 */ 3612 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL); 3613 if (IS_ERR(old.bh)) 3614 retval = PTR_ERR(old.bh); 3615 if (!old.bh) 3616 retval = -ENOENT; 3617 if (retval) { 3618 ext4_std_error(old.dir->i_sb, retval); 3619 return; 3620 } 3621 3622 ext4_setent(handle, &old, ino, file_type); 3623 brelse(old.bh); 3624} 3625 3626static int ext4_find_delete_entry(handle_t *handle, struct inode *dir, 3627 const struct qstr *d_name) 3628{ 3629 int retval = -ENOENT; 3630 struct buffer_head *bh; 3631 struct ext4_dir_entry_2 *de; 3632 3633 bh = ext4_find_entry(dir, d_name, &de, NULL); 3634 if (IS_ERR(bh)) 3635 return PTR_ERR(bh); 3636 if (bh) { 3637 retval = ext4_delete_entry(handle, dir, de, bh); 3638 brelse(bh); 3639 } 3640 return retval; 3641} 3642 3643static void ext4_rename_delete(handle_t *handle, struct ext4_renament *ent, 3644 int force_reread) 3645{ 3646 int retval; 3647 /* 3648 * ent->de could have moved from under us during htree split, so make 3649 * sure that we are deleting the right entry. We might also be pointing 3650 * to a stale entry in the unused part of ent->bh so just checking inum 3651 * and the name isn't enough. 3652 */ 3653 if (le32_to_cpu(ent->de->inode) != ent->inode->i_ino || 3654 ent->de->name_len != ent->dentry->d_name.len || 3655 strncmp(ent->de->name, ent->dentry->d_name.name, 3656 ent->de->name_len) || 3657 force_reread) { 3658 retval = ext4_find_delete_entry(handle, ent->dir, 3659 &ent->dentry->d_name); 3660 } else { 3661 retval = ext4_delete_entry(handle, ent->dir, ent->de, ent->bh); 3662 if (retval == -ENOENT) { 3663 retval = ext4_find_delete_entry(handle, ent->dir, 3664 &ent->dentry->d_name); 3665 } 3666 } 3667 3668 if (retval) { 3669 ext4_warning_inode(ent->dir, 3670 "Deleting old file: nlink %d, error=%d", 3671 ent->dir->i_nlink, retval); 3672 } 3673} 3674 3675static void ext4_update_dir_count(handle_t *handle, struct ext4_renament *ent) 3676{ 3677 if (ent->dir_nlink_delta) { 3678 if (ent->dir_nlink_delta == -1) 3679 ext4_dec_count(ent->dir); 3680 else 3681 ext4_inc_count(ent->dir); 3682 ext4_mark_inode_dirty(handle, ent->dir); 3683 } 3684} 3685 3686static struct inode *ext4_whiteout_for_rename(struct user_namespace *mnt_userns, 3687 struct ext4_renament *ent, 3688 int credits, handle_t **h) 3689{ 3690 struct inode *wh; 3691 handle_t *handle; 3692 int retries = 0; 3693 3694 /* 3695 * for inode block, sb block, group summaries, 3696 * and inode bitmap 3697 */ 3698 credits += (EXT4_MAXQUOTAS_TRANS_BLOCKS(ent->dir->i_sb) + 3699 EXT4_XATTR_TRANS_BLOCKS + 4); 3700retry: 3701 wh = ext4_new_inode_start_handle(mnt_userns, ent->dir, 3702 S_IFCHR | WHITEOUT_MODE, 3703 &ent->dentry->d_name, 0, NULL, 3704 EXT4_HT_DIR, credits); 3705 3706 handle = ext4_journal_current_handle(); 3707 if (IS_ERR(wh)) { 3708 if (handle) 3709 ext4_journal_stop(handle); 3710 if (PTR_ERR(wh) == -ENOSPC && 3711 ext4_should_retry_alloc(ent->dir->i_sb, &retries)) 3712 goto retry; 3713 } else { 3714 *h = handle; 3715 init_special_inode(wh, wh->i_mode, WHITEOUT_DEV); 3716 wh->i_op = &ext4_special_inode_operations; 3717 } 3718 return wh; 3719} 3720 3721/* 3722 * Anybody can rename anything with this: the permission checks are left to the 3723 * higher-level routines. 3724 * 3725 * n.b. old_{dentry,inode) refers to the source dentry/inode 3726 * while new_{dentry,inode) refers to the destination dentry/inode 3727 * This comes from rename(const char *oldpath, const char *newpath) 3728 */ 3729static int ext4_rename(struct user_namespace *mnt_userns, struct inode *old_dir, 3730 struct dentry *old_dentry, struct inode *new_dir, 3731 struct dentry *new_dentry, unsigned int flags) 3732{ 3733 handle_t *handle = NULL; 3734 struct ext4_renament old = { 3735 .dir = old_dir, 3736 .dentry = old_dentry, 3737 .inode = d_inode(old_dentry), 3738 }; 3739 struct ext4_renament new = { 3740 .dir = new_dir, 3741 .dentry = new_dentry, 3742 .inode = d_inode(new_dentry), 3743 }; 3744 int force_reread; 3745 int retval; 3746 struct inode *whiteout = NULL; 3747 int credits; 3748 u8 old_file_type; 3749 3750 if (new.inode && new.inode->i_nlink == 0) { 3751 EXT4_ERROR_INODE(new.inode, 3752 "target of rename is already freed"); 3753 return -EFSCORRUPTED; 3754 } 3755 3756 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT)) && 3757 (!projid_eq(EXT4_I(new_dir)->i_projid, 3758 EXT4_I(old_dentry->d_inode)->i_projid))) 3759 return -EXDEV; 3760 3761 retval = dquot_initialize(old.dir); 3762 if (retval) 3763 return retval; 3764 retval = dquot_initialize(new.dir); 3765 if (retval) 3766 return retval; 3767 3768 /* Initialize quotas before so that eventual writes go 3769 * in separate transaction */ 3770 if (new.inode) { 3771 retval = dquot_initialize(new.inode); 3772 if (retval) 3773 return retval; 3774 } 3775 3776 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL); 3777 if (IS_ERR(old.bh)) 3778 return PTR_ERR(old.bh); 3779 /* 3780 * Check for inode number is _not_ due to possible IO errors. 3781 * We might rmdir the source, keep it as pwd of some process 3782 * and merrily kill the link to whatever was created under the 3783 * same name. Goodbye sticky bit ;-< 3784 */ 3785 retval = -ENOENT; 3786 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 3787 goto release_bh; 3788 3789 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 3790 &new.de, &new.inlined); 3791 if (IS_ERR(new.bh)) { 3792 retval = PTR_ERR(new.bh); 3793 new.bh = NULL; 3794 goto release_bh; 3795 } 3796 if (new.bh) { 3797 if (!new.inode) { 3798 brelse(new.bh); 3799 new.bh = NULL; 3800 } 3801 } 3802 if (new.inode && !test_opt(new.dir->i_sb, NO_AUTO_DA_ALLOC)) 3803 ext4_alloc_da_blocks(old.inode); 3804 3805 credits = (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 3806 EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2); 3807 if (!(flags & RENAME_WHITEOUT)) { 3808 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, credits); 3809 if (IS_ERR(handle)) { 3810 retval = PTR_ERR(handle); 3811 goto release_bh; 3812 } 3813 } else { 3814 whiteout = ext4_whiteout_for_rename(mnt_userns, &old, credits, &handle); 3815 if (IS_ERR(whiteout)) { 3816 retval = PTR_ERR(whiteout); 3817 goto release_bh; 3818 } 3819 } 3820 3821 old_file_type = old.de->file_type; 3822 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 3823 ext4_handle_sync(handle); 3824 3825 if (S_ISDIR(old.inode->i_mode)) { 3826 if (new.inode) { 3827 retval = -ENOTEMPTY; 3828 if (!ext4_empty_dir(new.inode)) 3829 goto end_rename; 3830 } else { 3831 retval = -EMLINK; 3832 if (new.dir != old.dir && EXT4_DIR_LINK_MAX(new.dir)) 3833 goto end_rename; 3834 } 3835 retval = ext4_rename_dir_prepare(handle, &old); 3836 if (retval) 3837 goto end_rename; 3838 } 3839 /* 3840 * If we're renaming a file within an inline_data dir and adding or 3841 * setting the new dirent causes a conversion from inline_data to 3842 * extents/blockmap, we need to force the dirent delete code to 3843 * re-read the directory, or else we end up trying to delete a dirent 3844 * from what is now the extent tree root (or a block map). 3845 */ 3846 force_reread = (new.dir->i_ino == old.dir->i_ino && 3847 ext4_test_inode_flag(new.dir, EXT4_INODE_INLINE_DATA)); 3848 3849 if (whiteout) { 3850 /* 3851 * Do this before adding a new entry, so the old entry is sure 3852 * to be still pointing to the valid old entry. 3853 */ 3854 retval = ext4_setent(handle, &old, whiteout->i_ino, 3855 EXT4_FT_CHRDEV); 3856 if (retval) 3857 goto end_rename; 3858 retval = ext4_mark_inode_dirty(handle, whiteout); 3859 if (unlikely(retval)) 3860 goto end_rename; 3861 3862 } 3863 if (!new.bh) { 3864 retval = ext4_add_entry(handle, new.dentry, old.inode); 3865 if (retval) 3866 goto end_rename; 3867 } else { 3868 retval = ext4_setent(handle, &new, 3869 old.inode->i_ino, old_file_type); 3870 if (retval) 3871 goto end_rename; 3872 } 3873 if (force_reread) 3874 force_reread = !ext4_test_inode_flag(new.dir, 3875 EXT4_INODE_INLINE_DATA); 3876 3877 /* 3878 * Like most other Unix systems, set the ctime for inodes on a 3879 * rename. 3880 */ 3881 old.inode->i_ctime = current_time(old.inode); 3882 retval = ext4_mark_inode_dirty(handle, old.inode); 3883 if (unlikely(retval)) 3884 goto end_rename; 3885 3886 if (!whiteout) { 3887 /* 3888 * ok, that's it 3889 */ 3890 ext4_rename_delete(handle, &old, force_reread); 3891 } 3892 3893 if (new.inode) { 3894 ext4_dec_count(new.inode); 3895 new.inode->i_ctime = current_time(new.inode); 3896 } 3897 old.dir->i_ctime = old.dir->i_mtime = current_time(old.dir); 3898 ext4_update_dx_flag(old.dir); 3899 if (old.dir_bh) { 3900 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 3901 if (retval) 3902 goto end_rename; 3903 3904 ext4_dec_count(old.dir); 3905 if (new.inode) { 3906 /* checked ext4_empty_dir above, can't have another 3907 * parent, ext4_dec_count() won't work for many-linked 3908 * dirs */ 3909 clear_nlink(new.inode); 3910 } else { 3911 ext4_inc_count(new.dir); 3912 ext4_update_dx_flag(new.dir); 3913 retval = ext4_mark_inode_dirty(handle, new.dir); 3914 if (unlikely(retval)) 3915 goto end_rename; 3916 } 3917 } 3918 retval = ext4_mark_inode_dirty(handle, old.dir); 3919 if (unlikely(retval)) 3920 goto end_rename; 3921 3922 if (S_ISDIR(old.inode->i_mode)) { 3923 /* 3924 * We disable fast commits here that's because the 3925 * replay code is not yet capable of changing dot dot 3926 * dirents in directories. 3927 */ 3928 ext4_fc_mark_ineligible(old.inode->i_sb, 3929 EXT4_FC_REASON_RENAME_DIR, handle); 3930 } else { 3931 struct super_block *sb = old.inode->i_sb; 3932 3933 if (new.inode) 3934 ext4_fc_track_unlink(handle, new.dentry); 3935 if (test_opt2(sb, JOURNAL_FAST_COMMIT) && 3936 !(EXT4_SB(sb)->s_mount_state & EXT4_FC_REPLAY) && 3937 !(ext4_test_mount_flag(sb, EXT4_MF_FC_INELIGIBLE))) { 3938 __ext4_fc_track_link(handle, old.inode, new.dentry); 3939 __ext4_fc_track_unlink(handle, old.inode, old.dentry); 3940 if (whiteout) 3941 __ext4_fc_track_create(handle, whiteout, 3942 old.dentry); 3943 } 3944 } 3945 3946 if (new.inode) { 3947 retval = ext4_mark_inode_dirty(handle, new.inode); 3948 if (unlikely(retval)) 3949 goto end_rename; 3950 if (!new.inode->i_nlink) 3951 ext4_orphan_add(handle, new.inode); 3952 } 3953 retval = 0; 3954 3955end_rename: 3956 if (whiteout) { 3957 if (retval) { 3958 ext4_resetent(handle, &old, 3959 old.inode->i_ino, old_file_type); 3960 drop_nlink(whiteout); 3961 ext4_orphan_add(handle, whiteout); 3962 } 3963 unlock_new_inode(whiteout); 3964 ext4_journal_stop(handle); 3965 iput(whiteout); 3966 } else { 3967 ext4_journal_stop(handle); 3968 } 3969release_bh: 3970 brelse(old.dir_bh); 3971 brelse(old.bh); 3972 brelse(new.bh); 3973 return retval; 3974} 3975 3976static int ext4_cross_rename(struct inode *old_dir, struct dentry *old_dentry, 3977 struct inode *new_dir, struct dentry *new_dentry) 3978{ 3979 handle_t *handle = NULL; 3980 struct ext4_renament old = { 3981 .dir = old_dir, 3982 .dentry = old_dentry, 3983 .inode = d_inode(old_dentry), 3984 }; 3985 struct ext4_renament new = { 3986 .dir = new_dir, 3987 .dentry = new_dentry, 3988 .inode = d_inode(new_dentry), 3989 }; 3990 u8 new_file_type; 3991 int retval; 3992 struct timespec64 ctime; 3993 3994 if ((ext4_test_inode_flag(new_dir, EXT4_INODE_PROJINHERIT) && 3995 !projid_eq(EXT4_I(new_dir)->i_projid, 3996 EXT4_I(old_dentry->d_inode)->i_projid)) || 3997 (ext4_test_inode_flag(old_dir, EXT4_INODE_PROJINHERIT) && 3998 !projid_eq(EXT4_I(old_dir)->i_projid, 3999 EXT4_I(new_dentry->d_inode)->i_projid))) 4000 return -EXDEV; 4001 4002 retval = dquot_initialize(old.dir); 4003 if (retval) 4004 return retval; 4005 retval = dquot_initialize(new.dir); 4006 if (retval) 4007 return retval; 4008 4009 old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, 4010 &old.de, &old.inlined); 4011 if (IS_ERR(old.bh)) 4012 return PTR_ERR(old.bh); 4013 /* 4014 * Check for inode number is _not_ due to possible IO errors. 4015 * We might rmdir the source, keep it as pwd of some process 4016 * and merrily kill the link to whatever was created under the 4017 * same name. Goodbye sticky bit ;-< 4018 */ 4019 retval = -ENOENT; 4020 if (!old.bh || le32_to_cpu(old.de->inode) != old.inode->i_ino) 4021 goto end_rename; 4022 4023 new.bh = ext4_find_entry(new.dir, &new.dentry->d_name, 4024 &new.de, &new.inlined); 4025 if (IS_ERR(new.bh)) { 4026 retval = PTR_ERR(new.bh); 4027 new.bh = NULL; 4028 goto end_rename; 4029 } 4030 4031 /* RENAME_EXCHANGE case: old *and* new must both exist */ 4032 if (!new.bh || le32_to_cpu(new.de->inode) != new.inode->i_ino) 4033 goto end_rename; 4034 4035 handle = ext4_journal_start(old.dir, EXT4_HT_DIR, 4036 (2 * EXT4_DATA_TRANS_BLOCKS(old.dir->i_sb) + 4037 2 * EXT4_INDEX_EXTRA_TRANS_BLOCKS + 2)); 4038 if (IS_ERR(handle)) { 4039 retval = PTR_ERR(handle); 4040 handle = NULL; 4041 goto end_rename; 4042 } 4043 4044 if (IS_DIRSYNC(old.dir) || IS_DIRSYNC(new.dir)) 4045 ext4_handle_sync(handle); 4046 4047 if (S_ISDIR(old.inode->i_mode)) { 4048 old.is_dir = true; 4049 retval = ext4_rename_dir_prepare(handle, &old); 4050 if (retval) 4051 goto end_rename; 4052 } 4053 if (S_ISDIR(new.inode->i_mode)) { 4054 new.is_dir = true; 4055 retval = ext4_rename_dir_prepare(handle, &new); 4056 if (retval) 4057 goto end_rename; 4058 } 4059 4060 /* 4061 * Other than the special case of overwriting a directory, parents' 4062 * nlink only needs to be modified if this is a cross directory rename. 4063 */ 4064 if (old.dir != new.dir && old.is_dir != new.is_dir) { 4065 old.dir_nlink_delta = old.is_dir ? -1 : 1; 4066 new.dir_nlink_delta = -old.dir_nlink_delta; 4067 retval = -EMLINK; 4068 if ((old.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(old.dir)) || 4069 (new.dir_nlink_delta > 0 && EXT4_DIR_LINK_MAX(new.dir))) 4070 goto end_rename; 4071 } 4072 4073 new_file_type = new.de->file_type; 4074 retval = ext4_setent(handle, &new, old.inode->i_ino, old.de->file_type); 4075 if (retval) 4076 goto end_rename; 4077 4078 retval = ext4_setent(handle, &old, new.inode->i_ino, new_file_type); 4079 if (retval) 4080 goto end_rename; 4081 4082 /* 4083 * Like most other Unix systems, set the ctime for inodes on a 4084 * rename. 4085 */ 4086 ctime = current_time(old.inode); 4087 old.inode->i_ctime = ctime; 4088 new.inode->i_ctime = ctime; 4089 retval = ext4_mark_inode_dirty(handle, old.inode); 4090 if (unlikely(retval)) 4091 goto end_rename; 4092 retval = ext4_mark_inode_dirty(handle, new.inode); 4093 if (unlikely(retval)) 4094 goto end_rename; 4095 ext4_fc_mark_ineligible(new.inode->i_sb, 4096 EXT4_FC_REASON_CROSS_RENAME, handle); 4097 if (old.dir_bh) { 4098 retval = ext4_rename_dir_finish(handle, &old, new.dir->i_ino); 4099 if (retval) 4100 goto end_rename; 4101 } 4102 if (new.dir_bh) { 4103 retval = ext4_rename_dir_finish(handle, &new, old.dir->i_ino); 4104 if (retval) 4105 goto end_rename; 4106 } 4107 ext4_update_dir_count(handle, &old); 4108 ext4_update_dir_count(handle, &new); 4109 retval = 0; 4110 4111end_rename: 4112 brelse(old.dir_bh); 4113 brelse(new.dir_bh); 4114 brelse(old.bh); 4115 brelse(new.bh); 4116 if (handle) 4117 ext4_journal_stop(handle); 4118 return retval; 4119} 4120 4121static int ext4_rename2(struct user_namespace *mnt_userns, 4122 struct inode *old_dir, struct dentry *old_dentry, 4123 struct inode *new_dir, struct dentry *new_dentry, 4124 unsigned int flags) 4125{ 4126 int err; 4127 4128 if (unlikely(ext4_forced_shutdown(EXT4_SB(old_dir->i_sb)))) 4129 return -EIO; 4130 4131 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 4132 return -EINVAL; 4133 4134 err = fscrypt_prepare_rename(old_dir, old_dentry, new_dir, new_dentry, 4135 flags); 4136 if (err) 4137 return err; 4138 4139 if (flags & RENAME_EXCHANGE) { 4140 return ext4_cross_rename(old_dir, old_dentry, 4141 new_dir, new_dentry); 4142 } 4143 4144 return ext4_rename(mnt_userns, old_dir, old_dentry, new_dir, new_dentry, flags); 4145} 4146 4147/* 4148 * directories can handle most operations... 4149 */ 4150const struct inode_operations ext4_dir_inode_operations = { 4151 .create = ext4_create, 4152 .lookup = ext4_lookup, 4153 .link = ext4_link, 4154 .unlink = ext4_unlink, 4155 .symlink = ext4_symlink, 4156 .mkdir = ext4_mkdir, 4157 .rmdir = ext4_rmdir, 4158 .mknod = ext4_mknod, 4159 .tmpfile = ext4_tmpfile, 4160 .rename = ext4_rename2, 4161 .setattr = ext4_setattr, 4162 .getattr = ext4_getattr, 4163 .listxattr = ext4_listxattr, 4164 .get_acl = ext4_get_acl, 4165 .set_acl = ext4_set_acl, 4166 .fiemap = ext4_fiemap, 4167 .fileattr_get = ext4_fileattr_get, 4168 .fileattr_set = ext4_fileattr_set, 4169}; 4170 4171const struct inode_operations ext4_special_inode_operations = { 4172 .setattr = ext4_setattr, 4173 .getattr = ext4_getattr, 4174 .listxattr = ext4_listxattr, 4175 .get_acl = ext4_get_acl, 4176 .set_acl = ext4_set_acl, 4177};