Loading...
1/*
2 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3 * All Rights Reserved.
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18#include "xfs.h"
19#include "xfs_fs.h"
20#include "xfs_acl.h"
21#include "xfs_bit.h"
22#include "xfs_log.h"
23#include "xfs_inum.h"
24#include "xfs_trans.h"
25#include "xfs_sb.h"
26#include "xfs_ag.h"
27#include "xfs_alloc.h"
28#include "xfs_quota.h"
29#include "xfs_mount.h"
30#include "xfs_bmap_btree.h"
31#include "xfs_dinode.h"
32#include "xfs_inode.h"
33#include "xfs_bmap.h"
34#include "xfs_rtalloc.h"
35#include "xfs_error.h"
36#include "xfs_itable.h"
37#include "xfs_rw.h"
38#include "xfs_attr.h"
39#include "xfs_buf_item.h"
40#include "xfs_utils.h"
41#include "xfs_vnodeops.h"
42#include "xfs_inode_item.h"
43#include "xfs_trace.h"
44
45#include <linux/capability.h>
46#include <linux/xattr.h>
47#include <linux/namei.h>
48#include <linux/posix_acl.h>
49#include <linux/security.h>
50#include <linux/fiemap.h>
51#include <linux/slab.h>
52
53/*
54 * Bring the timestamps in the XFS inode uptodate.
55 *
56 * Used before writing the inode to disk.
57 */
58void
59xfs_synchronize_times(
60 xfs_inode_t *ip)
61{
62 struct inode *inode = VFS_I(ip);
63
64 ip->i_d.di_atime.t_sec = (__int32_t)inode->i_atime.tv_sec;
65 ip->i_d.di_atime.t_nsec = (__int32_t)inode->i_atime.tv_nsec;
66 ip->i_d.di_ctime.t_sec = (__int32_t)inode->i_ctime.tv_sec;
67 ip->i_d.di_ctime.t_nsec = (__int32_t)inode->i_ctime.tv_nsec;
68 ip->i_d.di_mtime.t_sec = (__int32_t)inode->i_mtime.tv_sec;
69 ip->i_d.di_mtime.t_nsec = (__int32_t)inode->i_mtime.tv_nsec;
70}
71
72/*
73 * If the linux inode is valid, mark it dirty, else mark the dirty state
74 * in the XFS inode to make sure we pick it up when reclaiming the inode.
75 */
76void
77xfs_mark_inode_dirty_sync(
78 xfs_inode_t *ip)
79{
80 struct inode *inode = VFS_I(ip);
81
82 if (!(inode->i_state & (I_WILL_FREE|I_FREEING)))
83 mark_inode_dirty_sync(inode);
84 else {
85 barrier();
86 ip->i_update_core = 1;
87 }
88}
89
90void
91xfs_mark_inode_dirty(
92 xfs_inode_t *ip)
93{
94 struct inode *inode = VFS_I(ip);
95
96 if (!(inode->i_state & (I_WILL_FREE|I_FREEING)))
97 mark_inode_dirty(inode);
98 else {
99 barrier();
100 ip->i_update_core = 1;
101 }
102
103}
104
105/*
106 * Hook in SELinux. This is not quite correct yet, what we really need
107 * here (as we do for default ACLs) is a mechanism by which creation of
108 * these attrs can be journalled at inode creation time (along with the
109 * inode, of course, such that log replay can't cause these to be lost).
110 */
111STATIC int
112xfs_init_security(
113 struct inode *inode,
114 struct inode *dir,
115 const struct qstr *qstr)
116{
117 struct xfs_inode *ip = XFS_I(inode);
118 size_t length;
119 void *value;
120 unsigned char *name;
121 int error;
122
123 error = security_inode_init_security(inode, dir, qstr, (char **)&name,
124 &value, &length);
125 if (error) {
126 if (error == -EOPNOTSUPP)
127 return 0;
128 return -error;
129 }
130
131 error = xfs_attr_set(ip, name, value, length, ATTR_SECURE);
132
133 kfree(name);
134 kfree(value);
135 return error;
136}
137
138static void
139xfs_dentry_to_name(
140 struct xfs_name *namep,
141 struct dentry *dentry)
142{
143 namep->name = dentry->d_name.name;
144 namep->len = dentry->d_name.len;
145}
146
147STATIC void
148xfs_cleanup_inode(
149 struct inode *dir,
150 struct inode *inode,
151 struct dentry *dentry)
152{
153 struct xfs_name teardown;
154
155 /* Oh, the horror.
156 * If we can't add the ACL or we fail in
157 * xfs_init_security we must back out.
158 * ENOSPC can hit here, among other things.
159 */
160 xfs_dentry_to_name(&teardown, dentry);
161
162 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode));
163 iput(inode);
164}
165
166STATIC int
167xfs_vn_mknod(
168 struct inode *dir,
169 struct dentry *dentry,
170 int mode,
171 dev_t rdev)
172{
173 struct inode *inode;
174 struct xfs_inode *ip = NULL;
175 struct posix_acl *default_acl = NULL;
176 struct xfs_name name;
177 int error;
178
179 /*
180 * Irix uses Missed'em'V split, but doesn't want to see
181 * the upper 5 bits of (14bit) major.
182 */
183 if (S_ISCHR(mode) || S_ISBLK(mode)) {
184 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff))
185 return -EINVAL;
186 rdev = sysv_encode_dev(rdev);
187 } else {
188 rdev = 0;
189 }
190
191 if (IS_POSIXACL(dir)) {
192 default_acl = xfs_get_acl(dir, ACL_TYPE_DEFAULT);
193 if (IS_ERR(default_acl))
194 return PTR_ERR(default_acl);
195
196 if (!default_acl)
197 mode &= ~current_umask();
198 }
199
200 xfs_dentry_to_name(&name, dentry);
201 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip);
202 if (unlikely(error))
203 goto out_free_acl;
204
205 inode = VFS_I(ip);
206
207 error = xfs_init_security(inode, dir, &dentry->d_name);
208 if (unlikely(error))
209 goto out_cleanup_inode;
210
211 if (default_acl) {
212 error = -xfs_inherit_acl(inode, default_acl);
213 default_acl = NULL;
214 if (unlikely(error))
215 goto out_cleanup_inode;
216 }
217
218
219 d_instantiate(dentry, inode);
220 return -error;
221
222 out_cleanup_inode:
223 xfs_cleanup_inode(dir, inode, dentry);
224 out_free_acl:
225 posix_acl_release(default_acl);
226 return -error;
227}
228
229STATIC int
230xfs_vn_create(
231 struct inode *dir,
232 struct dentry *dentry,
233 int mode,
234 struct nameidata *nd)
235{
236 return xfs_vn_mknod(dir, dentry, mode, 0);
237}
238
239STATIC int
240xfs_vn_mkdir(
241 struct inode *dir,
242 struct dentry *dentry,
243 int mode)
244{
245 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0);
246}
247
248STATIC struct dentry *
249xfs_vn_lookup(
250 struct inode *dir,
251 struct dentry *dentry,
252 struct nameidata *nd)
253{
254 struct xfs_inode *cip;
255 struct xfs_name name;
256 int error;
257
258 if (dentry->d_name.len >= MAXNAMELEN)
259 return ERR_PTR(-ENAMETOOLONG);
260
261 xfs_dentry_to_name(&name, dentry);
262 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL);
263 if (unlikely(error)) {
264 if (unlikely(error != ENOENT))
265 return ERR_PTR(-error);
266 d_add(dentry, NULL);
267 return NULL;
268 }
269
270 return d_splice_alias(VFS_I(cip), dentry);
271}
272
273STATIC struct dentry *
274xfs_vn_ci_lookup(
275 struct inode *dir,
276 struct dentry *dentry,
277 struct nameidata *nd)
278{
279 struct xfs_inode *ip;
280 struct xfs_name xname;
281 struct xfs_name ci_name;
282 struct qstr dname;
283 int error;
284
285 if (dentry->d_name.len >= MAXNAMELEN)
286 return ERR_PTR(-ENAMETOOLONG);
287
288 xfs_dentry_to_name(&xname, dentry);
289 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name);
290 if (unlikely(error)) {
291 if (unlikely(error != ENOENT))
292 return ERR_PTR(-error);
293 /*
294 * call d_add(dentry, NULL) here when d_drop_negative_children
295 * is called in xfs_vn_mknod (ie. allow negative dentries
296 * with CI filesystems).
297 */
298 return NULL;
299 }
300
301 /* if exact match, just splice and exit */
302 if (!ci_name.name)
303 return d_splice_alias(VFS_I(ip), dentry);
304
305 /* else case-insensitive match... */
306 dname.name = ci_name.name;
307 dname.len = ci_name.len;
308 dentry = d_add_ci(dentry, VFS_I(ip), &dname);
309 kmem_free(ci_name.name);
310 return dentry;
311}
312
313STATIC int
314xfs_vn_link(
315 struct dentry *old_dentry,
316 struct inode *dir,
317 struct dentry *dentry)
318{
319 struct inode *inode = old_dentry->d_inode;
320 struct xfs_name name;
321 int error;
322
323 xfs_dentry_to_name(&name, dentry);
324
325 error = xfs_link(XFS_I(dir), XFS_I(inode), &name);
326 if (unlikely(error))
327 return -error;
328
329 ihold(inode);
330 d_instantiate(dentry, inode);
331 return 0;
332}
333
334STATIC int
335xfs_vn_unlink(
336 struct inode *dir,
337 struct dentry *dentry)
338{
339 struct xfs_name name;
340 int error;
341
342 xfs_dentry_to_name(&name, dentry);
343
344 error = -xfs_remove(XFS_I(dir), &name, XFS_I(dentry->d_inode));
345 if (error)
346 return error;
347
348 /*
349 * With unlink, the VFS makes the dentry "negative": no inode,
350 * but still hashed. This is incompatible with case-insensitive
351 * mode, so invalidate (unhash) the dentry in CI-mode.
352 */
353 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb))
354 d_invalidate(dentry);
355 return 0;
356}
357
358STATIC int
359xfs_vn_symlink(
360 struct inode *dir,
361 struct dentry *dentry,
362 const char *symname)
363{
364 struct inode *inode;
365 struct xfs_inode *cip = NULL;
366 struct xfs_name name;
367 int error;
368 mode_t mode;
369
370 mode = S_IFLNK |
371 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO);
372 xfs_dentry_to_name(&name, dentry);
373
374 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip);
375 if (unlikely(error))
376 goto out;
377
378 inode = VFS_I(cip);
379
380 error = xfs_init_security(inode, dir, &dentry->d_name);
381 if (unlikely(error))
382 goto out_cleanup_inode;
383
384 d_instantiate(dentry, inode);
385 return 0;
386
387 out_cleanup_inode:
388 xfs_cleanup_inode(dir, inode, dentry);
389 out:
390 return -error;
391}
392
393STATIC int
394xfs_vn_rename(
395 struct inode *odir,
396 struct dentry *odentry,
397 struct inode *ndir,
398 struct dentry *ndentry)
399{
400 struct inode *new_inode = ndentry->d_inode;
401 struct xfs_name oname;
402 struct xfs_name nname;
403
404 xfs_dentry_to_name(&oname, odentry);
405 xfs_dentry_to_name(&nname, ndentry);
406
407 return -xfs_rename(XFS_I(odir), &oname, XFS_I(odentry->d_inode),
408 XFS_I(ndir), &nname, new_inode ?
409 XFS_I(new_inode) : NULL);
410}
411
412/*
413 * careful here - this function can get called recursively, so
414 * we need to be very careful about how much stack we use.
415 * uio is kmalloced for this reason...
416 */
417STATIC void *
418xfs_vn_follow_link(
419 struct dentry *dentry,
420 struct nameidata *nd)
421{
422 char *link;
423 int error = -ENOMEM;
424
425 link = kmalloc(MAXPATHLEN+1, GFP_KERNEL);
426 if (!link)
427 goto out_err;
428
429 error = -xfs_readlink(XFS_I(dentry->d_inode), link);
430 if (unlikely(error))
431 goto out_kfree;
432
433 nd_set_link(nd, link);
434 return NULL;
435
436 out_kfree:
437 kfree(link);
438 out_err:
439 nd_set_link(nd, ERR_PTR(error));
440 return NULL;
441}
442
443STATIC void
444xfs_vn_put_link(
445 struct dentry *dentry,
446 struct nameidata *nd,
447 void *p)
448{
449 char *s = nd_get_link(nd);
450
451 if (!IS_ERR(s))
452 kfree(s);
453}
454
455STATIC int
456xfs_vn_getattr(
457 struct vfsmount *mnt,
458 struct dentry *dentry,
459 struct kstat *stat)
460{
461 struct inode *inode = dentry->d_inode;
462 struct xfs_inode *ip = XFS_I(inode);
463 struct xfs_mount *mp = ip->i_mount;
464
465 trace_xfs_getattr(ip);
466
467 if (XFS_FORCED_SHUTDOWN(mp))
468 return XFS_ERROR(EIO);
469
470 stat->size = XFS_ISIZE(ip);
471 stat->dev = inode->i_sb->s_dev;
472 stat->mode = ip->i_d.di_mode;
473 stat->nlink = ip->i_d.di_nlink;
474 stat->uid = ip->i_d.di_uid;
475 stat->gid = ip->i_d.di_gid;
476 stat->ino = ip->i_ino;
477 stat->atime = inode->i_atime;
478 stat->mtime = inode->i_mtime;
479 stat->ctime = inode->i_ctime;
480 stat->blocks =
481 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks);
482
483
484 switch (inode->i_mode & S_IFMT) {
485 case S_IFBLK:
486 case S_IFCHR:
487 stat->blksize = BLKDEV_IOSIZE;
488 stat->rdev = MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff,
489 sysv_minor(ip->i_df.if_u2.if_rdev));
490 break;
491 default:
492 if (XFS_IS_REALTIME_INODE(ip)) {
493 /*
494 * If the file blocks are being allocated from a
495 * realtime volume, then return the inode's realtime
496 * extent size or the realtime volume's extent size.
497 */
498 stat->blksize =
499 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog;
500 } else
501 stat->blksize = xfs_preferred_iosize(mp);
502 stat->rdev = 0;
503 break;
504 }
505
506 return 0;
507}
508
509int
510xfs_setattr_nonsize(
511 struct xfs_inode *ip,
512 struct iattr *iattr,
513 int flags)
514{
515 xfs_mount_t *mp = ip->i_mount;
516 struct inode *inode = VFS_I(ip);
517 int mask = iattr->ia_valid;
518 xfs_trans_t *tp;
519 int error;
520 uid_t uid = 0, iuid = 0;
521 gid_t gid = 0, igid = 0;
522 struct xfs_dquot *udqp = NULL, *gdqp = NULL;
523 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL;
524
525 trace_xfs_setattr(ip);
526
527 if (mp->m_flags & XFS_MOUNT_RDONLY)
528 return XFS_ERROR(EROFS);
529
530 if (XFS_FORCED_SHUTDOWN(mp))
531 return XFS_ERROR(EIO);
532
533 error = -inode_change_ok(inode, iattr);
534 if (error)
535 return XFS_ERROR(error);
536
537 ASSERT((mask & ATTR_SIZE) == 0);
538
539 /*
540 * If disk quotas is on, we make sure that the dquots do exist on disk,
541 * before we start any other transactions. Trying to do this later
542 * is messy. We don't care to take a readlock to look at the ids
543 * in inode here, because we can't hold it across the trans_reserve.
544 * If the IDs do change before we take the ilock, we're covered
545 * because the i_*dquot fields will get updated anyway.
546 */
547 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) {
548 uint qflags = 0;
549
550 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) {
551 uid = iattr->ia_uid;
552 qflags |= XFS_QMOPT_UQUOTA;
553 } else {
554 uid = ip->i_d.di_uid;
555 }
556 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) {
557 gid = iattr->ia_gid;
558 qflags |= XFS_QMOPT_GQUOTA;
559 } else {
560 gid = ip->i_d.di_gid;
561 }
562
563 /*
564 * We take a reference when we initialize udqp and gdqp,
565 * so it is important that we never blindly double trip on
566 * the same variable. See xfs_create() for an example.
567 */
568 ASSERT(udqp == NULL);
569 ASSERT(gdqp == NULL);
570 error = xfs_qm_vop_dqalloc(ip, uid, gid, xfs_get_projid(ip),
571 qflags, &udqp, &gdqp);
572 if (error)
573 return error;
574 }
575
576 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE);
577 error = xfs_trans_reserve(tp, 0, XFS_ICHANGE_LOG_RES(mp), 0, 0, 0);
578 if (error)
579 goto out_dqrele;
580
581 xfs_ilock(ip, XFS_ILOCK_EXCL);
582
583 /*
584 * Change file ownership. Must be the owner or privileged.
585 */
586 if (mask & (ATTR_UID|ATTR_GID)) {
587 /*
588 * These IDs could have changed since we last looked at them.
589 * But, we're assured that if the ownership did change
590 * while we didn't have the inode locked, inode's dquot(s)
591 * would have changed also.
592 */
593 iuid = ip->i_d.di_uid;
594 igid = ip->i_d.di_gid;
595 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid;
596 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid;
597
598 /*
599 * Do a quota reservation only if uid/gid is actually
600 * going to change.
601 */
602 if (XFS_IS_QUOTA_RUNNING(mp) &&
603 ((XFS_IS_UQUOTA_ON(mp) && iuid != uid) ||
604 (XFS_IS_GQUOTA_ON(mp) && igid != gid))) {
605 ASSERT(tp);
606 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp,
607 capable(CAP_FOWNER) ?
608 XFS_QMOPT_FORCE_RES : 0);
609 if (error) /* out of quota */
610 goto out_trans_cancel;
611 }
612 }
613
614 xfs_trans_ijoin(tp, ip);
615
616 /*
617 * Change file ownership. Must be the owner or privileged.
618 */
619 if (mask & (ATTR_UID|ATTR_GID)) {
620 /*
621 * CAP_FSETID overrides the following restrictions:
622 *
623 * The set-user-ID and set-group-ID bits of a file will be
624 * cleared upon successful return from chown()
625 */
626 if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
627 !capable(CAP_FSETID))
628 ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
629
630 /*
631 * Change the ownerships and register quota modifications
632 * in the transaction.
633 */
634 if (iuid != uid) {
635 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) {
636 ASSERT(mask & ATTR_UID);
637 ASSERT(udqp);
638 olddquot1 = xfs_qm_vop_chown(tp, ip,
639 &ip->i_udquot, udqp);
640 }
641 ip->i_d.di_uid = uid;
642 inode->i_uid = uid;
643 }
644 if (igid != gid) {
645 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) {
646 ASSERT(!XFS_IS_PQUOTA_ON(mp));
647 ASSERT(mask & ATTR_GID);
648 ASSERT(gdqp);
649 olddquot2 = xfs_qm_vop_chown(tp, ip,
650 &ip->i_gdquot, gdqp);
651 }
652 ip->i_d.di_gid = gid;
653 inode->i_gid = gid;
654 }
655 }
656
657 /*
658 * Change file access modes.
659 */
660 if (mask & ATTR_MODE) {
661 umode_t mode = iattr->ia_mode;
662
663 if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID))
664 mode &= ~S_ISGID;
665
666 ip->i_d.di_mode &= S_IFMT;
667 ip->i_d.di_mode |= mode & ~S_IFMT;
668
669 inode->i_mode &= S_IFMT;
670 inode->i_mode |= mode & ~S_IFMT;
671 }
672
673 /*
674 * Change file access or modified times.
675 */
676 if (mask & ATTR_ATIME) {
677 inode->i_atime = iattr->ia_atime;
678 ip->i_d.di_atime.t_sec = iattr->ia_atime.tv_sec;
679 ip->i_d.di_atime.t_nsec = iattr->ia_atime.tv_nsec;
680 ip->i_update_core = 1;
681 }
682 if (mask & ATTR_CTIME) {
683 inode->i_ctime = iattr->ia_ctime;
684 ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec;
685 ip->i_d.di_ctime.t_nsec = iattr->ia_ctime.tv_nsec;
686 ip->i_update_core = 1;
687 }
688 if (mask & ATTR_MTIME) {
689 inode->i_mtime = iattr->ia_mtime;
690 ip->i_d.di_mtime.t_sec = iattr->ia_mtime.tv_sec;
691 ip->i_d.di_mtime.t_nsec = iattr->ia_mtime.tv_nsec;
692 ip->i_update_core = 1;
693 }
694
695 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
696
697 XFS_STATS_INC(xs_ig_attrchg);
698
699 if (mp->m_flags & XFS_MOUNT_WSYNC)
700 xfs_trans_set_sync(tp);
701 error = xfs_trans_commit(tp, 0);
702
703 xfs_iunlock(ip, XFS_ILOCK_EXCL);
704
705 /*
706 * Release any dquot(s) the inode had kept before chown.
707 */
708 xfs_qm_dqrele(olddquot1);
709 xfs_qm_dqrele(olddquot2);
710 xfs_qm_dqrele(udqp);
711 xfs_qm_dqrele(gdqp);
712
713 if (error)
714 return XFS_ERROR(error);
715
716 /*
717 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode
718 * update. We could avoid this with linked transactions
719 * and passing down the transaction pointer all the way
720 * to attr_set. No previous user of the generic
721 * Posix ACL code seems to care about this issue either.
722 */
723 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) {
724 error = -xfs_acl_chmod(inode);
725 if (error)
726 return XFS_ERROR(error);
727 }
728
729 return 0;
730
731out_trans_cancel:
732 xfs_trans_cancel(tp, 0);
733 xfs_iunlock(ip, XFS_ILOCK_EXCL);
734out_dqrele:
735 xfs_qm_dqrele(udqp);
736 xfs_qm_dqrele(gdqp);
737 return error;
738}
739
740/*
741 * Truncate file. Must have write permission and not be a directory.
742 */
743int
744xfs_setattr_size(
745 struct xfs_inode *ip,
746 struct iattr *iattr,
747 int flags)
748{
749 struct xfs_mount *mp = ip->i_mount;
750 struct inode *inode = VFS_I(ip);
751 int mask = iattr->ia_valid;
752 struct xfs_trans *tp;
753 int error;
754 uint lock_flags;
755 uint commit_flags = 0;
756
757 trace_xfs_setattr(ip);
758
759 if (mp->m_flags & XFS_MOUNT_RDONLY)
760 return XFS_ERROR(EROFS);
761
762 if (XFS_FORCED_SHUTDOWN(mp))
763 return XFS_ERROR(EIO);
764
765 error = -inode_change_ok(inode, iattr);
766 if (error)
767 return XFS_ERROR(error);
768
769 ASSERT(S_ISREG(ip->i_d.di_mode));
770 ASSERT((mask & (ATTR_MODE|ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET|
771 ATTR_MTIME_SET|ATTR_KILL_SUID|ATTR_KILL_SGID|
772 ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0);
773
774 lock_flags = XFS_ILOCK_EXCL;
775 if (!(flags & XFS_ATTR_NOLOCK))
776 lock_flags |= XFS_IOLOCK_EXCL;
777 xfs_ilock(ip, lock_flags);
778
779 /*
780 * Short circuit the truncate case for zero length files.
781 */
782 if (iattr->ia_size == 0 &&
783 ip->i_size == 0 && ip->i_d.di_nextents == 0) {
784 if (!(mask & (ATTR_CTIME|ATTR_MTIME)))
785 goto out_unlock;
786
787 /*
788 * Use the regular setattr path to update the timestamps.
789 */
790 xfs_iunlock(ip, lock_flags);
791 iattr->ia_valid &= ~ATTR_SIZE;
792 return xfs_setattr_nonsize(ip, iattr, 0);
793 }
794
795 /*
796 * Make sure that the dquots are attached to the inode.
797 */
798 error = xfs_qm_dqattach_locked(ip, 0);
799 if (error)
800 goto out_unlock;
801
802 /*
803 * Now we can make the changes. Before we join the inode to the
804 * transaction, take care of the part of the truncation that must be
805 * done without the inode lock. This needs to be done before joining
806 * the inode to the transaction, because the inode cannot be unlocked
807 * once it is a part of the transaction.
808 */
809 if (iattr->ia_size > ip->i_size) {
810 /*
811 * Do the first part of growing a file: zero any data in the
812 * last block that is beyond the old EOF. We need to do this
813 * before the inode is joined to the transaction to modify
814 * i_size.
815 */
816 error = xfs_zero_eof(ip, iattr->ia_size, ip->i_size);
817 if (error)
818 goto out_unlock;
819 }
820 xfs_iunlock(ip, XFS_ILOCK_EXCL);
821 lock_flags &= ~XFS_ILOCK_EXCL;
822
823 /*
824 * We are going to log the inode size change in this transaction so
825 * any previous writes that are beyond the on disk EOF and the new
826 * EOF that have not been written out need to be written here. If we
827 * do not write the data out, we expose ourselves to the null files
828 * problem.
829 *
830 * Only flush from the on disk size to the smaller of the in memory
831 * file size or the new size as that's the range we really care about
832 * here and prevents waiting for other data not within the range we
833 * care about here.
834 */
835 if (ip->i_size != ip->i_d.di_size && iattr->ia_size > ip->i_d.di_size) {
836 error = xfs_flush_pages(ip, ip->i_d.di_size, iattr->ia_size,
837 XBF_ASYNC, FI_NONE);
838 if (error)
839 goto out_unlock;
840 }
841
842 /*
843 * Wait for all I/O to complete.
844 */
845 xfs_ioend_wait(ip);
846
847 error = -block_truncate_page(inode->i_mapping, iattr->ia_size,
848 xfs_get_blocks);
849 if (error)
850 goto out_unlock;
851
852 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_SIZE);
853 error = xfs_trans_reserve(tp, 0, XFS_ITRUNCATE_LOG_RES(mp), 0,
854 XFS_TRANS_PERM_LOG_RES,
855 XFS_ITRUNCATE_LOG_COUNT);
856 if (error)
857 goto out_trans_cancel;
858
859 truncate_setsize(inode, iattr->ia_size);
860
861 commit_flags = XFS_TRANS_RELEASE_LOG_RES;
862 lock_flags |= XFS_ILOCK_EXCL;
863
864 xfs_ilock(ip, XFS_ILOCK_EXCL);
865
866 xfs_trans_ijoin(tp, ip);
867
868 /*
869 * Only change the c/mtime if we are changing the size or we are
870 * explicitly asked to change it. This handles the semantic difference
871 * between truncate() and ftruncate() as implemented in the VFS.
872 *
873 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a
874 * special case where we need to update the times despite not having
875 * these flags set. For all other operations the VFS set these flags
876 * explicitly if it wants a timestamp update.
877 */
878 if (iattr->ia_size != ip->i_size &&
879 (!(mask & (ATTR_CTIME | ATTR_MTIME)))) {
880 iattr->ia_ctime = iattr->ia_mtime =
881 current_fs_time(inode->i_sb);
882 mask |= ATTR_CTIME | ATTR_MTIME;
883 }
884
885 if (iattr->ia_size > ip->i_size) {
886 ip->i_d.di_size = iattr->ia_size;
887 ip->i_size = iattr->ia_size;
888 } else if (iattr->ia_size <= ip->i_size ||
889 (iattr->ia_size == 0 && ip->i_d.di_nextents)) {
890 error = xfs_itruncate_data(&tp, ip, iattr->ia_size);
891 if (error)
892 goto out_trans_abort;
893
894 /*
895 * Truncated "down", so we're removing references to old data
896 * here - if we delay flushing for a long time, we expose
897 * ourselves unduly to the notorious NULL files problem. So,
898 * we mark this inode and flush it when the file is closed,
899 * and do not wait the usual (long) time for writeout.
900 */
901 xfs_iflags_set(ip, XFS_ITRUNCATED);
902 }
903
904 if (mask & ATTR_CTIME) {
905 inode->i_ctime = iattr->ia_ctime;
906 ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec;
907 ip->i_d.di_ctime.t_nsec = iattr->ia_ctime.tv_nsec;
908 ip->i_update_core = 1;
909 }
910 if (mask & ATTR_MTIME) {
911 inode->i_mtime = iattr->ia_mtime;
912 ip->i_d.di_mtime.t_sec = iattr->ia_mtime.tv_sec;
913 ip->i_d.di_mtime.t_nsec = iattr->ia_mtime.tv_nsec;
914 ip->i_update_core = 1;
915 }
916
917 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
918
919 XFS_STATS_INC(xs_ig_attrchg);
920
921 if (mp->m_flags & XFS_MOUNT_WSYNC)
922 xfs_trans_set_sync(tp);
923
924 error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES);
925out_unlock:
926 if (lock_flags)
927 xfs_iunlock(ip, lock_flags);
928 return error;
929
930out_trans_abort:
931 commit_flags |= XFS_TRANS_ABORT;
932out_trans_cancel:
933 xfs_trans_cancel(tp, commit_flags);
934 goto out_unlock;
935}
936
937STATIC int
938xfs_vn_setattr(
939 struct dentry *dentry,
940 struct iattr *iattr)
941{
942 if (iattr->ia_valid & ATTR_SIZE)
943 return -xfs_setattr_size(XFS_I(dentry->d_inode), iattr, 0);
944 return -xfs_setattr_nonsize(XFS_I(dentry->d_inode), iattr, 0);
945}
946
947#define XFS_FIEMAP_FLAGS (FIEMAP_FLAG_SYNC|FIEMAP_FLAG_XATTR)
948
949/*
950 * Call fiemap helper to fill in user data.
951 * Returns positive errors to xfs_getbmap.
952 */
953STATIC int
954xfs_fiemap_format(
955 void **arg,
956 struct getbmapx *bmv,
957 int *full)
958{
959 int error;
960 struct fiemap_extent_info *fieinfo = *arg;
961 u32 fiemap_flags = 0;
962 u64 logical, physical, length;
963
964 /* Do nothing for a hole */
965 if (bmv->bmv_block == -1LL)
966 return 0;
967
968 logical = BBTOB(bmv->bmv_offset);
969 physical = BBTOB(bmv->bmv_block);
970 length = BBTOB(bmv->bmv_length);
971
972 if (bmv->bmv_oflags & BMV_OF_PREALLOC)
973 fiemap_flags |= FIEMAP_EXTENT_UNWRITTEN;
974 else if (bmv->bmv_oflags & BMV_OF_DELALLOC) {
975 fiemap_flags |= FIEMAP_EXTENT_DELALLOC;
976 physical = 0; /* no block yet */
977 }
978 if (bmv->bmv_oflags & BMV_OF_LAST)
979 fiemap_flags |= FIEMAP_EXTENT_LAST;
980
981 error = fiemap_fill_next_extent(fieinfo, logical, physical,
982 length, fiemap_flags);
983 if (error > 0) {
984 error = 0;
985 *full = 1; /* user array now full */
986 }
987
988 return -error;
989}
990
991STATIC int
992xfs_vn_fiemap(
993 struct inode *inode,
994 struct fiemap_extent_info *fieinfo,
995 u64 start,
996 u64 length)
997{
998 xfs_inode_t *ip = XFS_I(inode);
999 struct getbmapx bm;
1000 int error;
1001
1002 error = fiemap_check_flags(fieinfo, XFS_FIEMAP_FLAGS);
1003 if (error)
1004 return error;
1005
1006 /* Set up bmap header for xfs internal routine */
1007 bm.bmv_offset = BTOBB(start);
1008 /* Special case for whole file */
1009 if (length == FIEMAP_MAX_OFFSET)
1010 bm.bmv_length = -1LL;
1011 else
1012 bm.bmv_length = BTOBB(length);
1013
1014 /* We add one because in getbmap world count includes the header */
1015 bm.bmv_count = !fieinfo->fi_extents_max ? MAXEXTNUM :
1016 fieinfo->fi_extents_max + 1;
1017 bm.bmv_count = min_t(__s32, bm.bmv_count,
1018 (PAGE_SIZE * 16 / sizeof(struct getbmapx)));
1019 bm.bmv_iflags = BMV_IF_PREALLOC | BMV_IF_NO_HOLES;
1020 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR)
1021 bm.bmv_iflags |= BMV_IF_ATTRFORK;
1022 if (!(fieinfo->fi_flags & FIEMAP_FLAG_SYNC))
1023 bm.bmv_iflags |= BMV_IF_DELALLOC;
1024
1025 error = xfs_getbmap(ip, &bm, xfs_fiemap_format, fieinfo);
1026 if (error)
1027 return -error;
1028
1029 return 0;
1030}
1031
1032static const struct inode_operations xfs_inode_operations = {
1033 .get_acl = xfs_get_acl,
1034 .getattr = xfs_vn_getattr,
1035 .setattr = xfs_vn_setattr,
1036 .setxattr = generic_setxattr,
1037 .getxattr = generic_getxattr,
1038 .removexattr = generic_removexattr,
1039 .listxattr = xfs_vn_listxattr,
1040 .fiemap = xfs_vn_fiemap,
1041};
1042
1043static const struct inode_operations xfs_dir_inode_operations = {
1044 .create = xfs_vn_create,
1045 .lookup = xfs_vn_lookup,
1046 .link = xfs_vn_link,
1047 .unlink = xfs_vn_unlink,
1048 .symlink = xfs_vn_symlink,
1049 .mkdir = xfs_vn_mkdir,
1050 /*
1051 * Yes, XFS uses the same method for rmdir and unlink.
1052 *
1053 * There are some subtile differences deeper in the code,
1054 * but we use S_ISDIR to check for those.
1055 */
1056 .rmdir = xfs_vn_unlink,
1057 .mknod = xfs_vn_mknod,
1058 .rename = xfs_vn_rename,
1059 .get_acl = xfs_get_acl,
1060 .getattr = xfs_vn_getattr,
1061 .setattr = xfs_vn_setattr,
1062 .setxattr = generic_setxattr,
1063 .getxattr = generic_getxattr,
1064 .removexattr = generic_removexattr,
1065 .listxattr = xfs_vn_listxattr,
1066};
1067
1068static const struct inode_operations xfs_dir_ci_inode_operations = {
1069 .create = xfs_vn_create,
1070 .lookup = xfs_vn_ci_lookup,
1071 .link = xfs_vn_link,
1072 .unlink = xfs_vn_unlink,
1073 .symlink = xfs_vn_symlink,
1074 .mkdir = xfs_vn_mkdir,
1075 /*
1076 * Yes, XFS uses the same method for rmdir and unlink.
1077 *
1078 * There are some subtile differences deeper in the code,
1079 * but we use S_ISDIR to check for those.
1080 */
1081 .rmdir = xfs_vn_unlink,
1082 .mknod = xfs_vn_mknod,
1083 .rename = xfs_vn_rename,
1084 .get_acl = xfs_get_acl,
1085 .getattr = xfs_vn_getattr,
1086 .setattr = xfs_vn_setattr,
1087 .setxattr = generic_setxattr,
1088 .getxattr = generic_getxattr,
1089 .removexattr = generic_removexattr,
1090 .listxattr = xfs_vn_listxattr,
1091};
1092
1093static const struct inode_operations xfs_symlink_inode_operations = {
1094 .readlink = generic_readlink,
1095 .follow_link = xfs_vn_follow_link,
1096 .put_link = xfs_vn_put_link,
1097 .get_acl = xfs_get_acl,
1098 .getattr = xfs_vn_getattr,
1099 .setattr = xfs_vn_setattr,
1100 .setxattr = generic_setxattr,
1101 .getxattr = generic_getxattr,
1102 .removexattr = generic_removexattr,
1103 .listxattr = xfs_vn_listxattr,
1104};
1105
1106STATIC void
1107xfs_diflags_to_iflags(
1108 struct inode *inode,
1109 struct xfs_inode *ip)
1110{
1111 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE)
1112 inode->i_flags |= S_IMMUTABLE;
1113 else
1114 inode->i_flags &= ~S_IMMUTABLE;
1115 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND)
1116 inode->i_flags |= S_APPEND;
1117 else
1118 inode->i_flags &= ~S_APPEND;
1119 if (ip->i_d.di_flags & XFS_DIFLAG_SYNC)
1120 inode->i_flags |= S_SYNC;
1121 else
1122 inode->i_flags &= ~S_SYNC;
1123 if (ip->i_d.di_flags & XFS_DIFLAG_NOATIME)
1124 inode->i_flags |= S_NOATIME;
1125 else
1126 inode->i_flags &= ~S_NOATIME;
1127}
1128
1129/*
1130 * Initialize the Linux inode, set up the operation vectors and
1131 * unlock the inode.
1132 *
1133 * When reading existing inodes from disk this is called directly
1134 * from xfs_iget, when creating a new inode it is called from
1135 * xfs_ialloc after setting up the inode.
1136 *
1137 * We are always called with an uninitialised linux inode here.
1138 * We need to initialise the necessary fields and take a reference
1139 * on it.
1140 */
1141void
1142xfs_setup_inode(
1143 struct xfs_inode *ip)
1144{
1145 struct inode *inode = &ip->i_vnode;
1146
1147 inode->i_ino = ip->i_ino;
1148 inode->i_state = I_NEW;
1149
1150 inode_sb_list_add(inode);
1151 /* make the inode look hashed for the writeback code */
1152 hlist_add_fake(&inode->i_hash);
1153
1154 inode->i_mode = ip->i_d.di_mode;
1155 inode->i_nlink = ip->i_d.di_nlink;
1156 inode->i_uid = ip->i_d.di_uid;
1157 inode->i_gid = ip->i_d.di_gid;
1158
1159 switch (inode->i_mode & S_IFMT) {
1160 case S_IFBLK:
1161 case S_IFCHR:
1162 inode->i_rdev =
1163 MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff,
1164 sysv_minor(ip->i_df.if_u2.if_rdev));
1165 break;
1166 default:
1167 inode->i_rdev = 0;
1168 break;
1169 }
1170
1171 inode->i_generation = ip->i_d.di_gen;
1172 i_size_write(inode, ip->i_d.di_size);
1173 inode->i_atime.tv_sec = ip->i_d.di_atime.t_sec;
1174 inode->i_atime.tv_nsec = ip->i_d.di_atime.t_nsec;
1175 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec;
1176 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec;
1177 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec;
1178 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec;
1179 xfs_diflags_to_iflags(inode, ip);
1180
1181 switch (inode->i_mode & S_IFMT) {
1182 case S_IFREG:
1183 inode->i_op = &xfs_inode_operations;
1184 inode->i_fop = &xfs_file_operations;
1185 inode->i_mapping->a_ops = &xfs_address_space_operations;
1186 break;
1187 case S_IFDIR:
1188 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb))
1189 inode->i_op = &xfs_dir_ci_inode_operations;
1190 else
1191 inode->i_op = &xfs_dir_inode_operations;
1192 inode->i_fop = &xfs_dir_file_operations;
1193 break;
1194 case S_IFLNK:
1195 inode->i_op = &xfs_symlink_inode_operations;
1196 if (!(ip->i_df.if_flags & XFS_IFINLINE))
1197 inode->i_mapping->a_ops = &xfs_address_space_operations;
1198 break;
1199 default:
1200 inode->i_op = &xfs_inode_operations;
1201 init_special_inode(inode, inode->i_mode, inode->i_rdev);
1202 break;
1203 }
1204
1205 /*
1206 * If there is no attribute fork no ACL can exist on this inode,
1207 * and it can't have any file capabilities attached to it either.
1208 */
1209 if (!XFS_IFORK_Q(ip)) {
1210 inode_has_no_xattr(inode);
1211 cache_no_acl(inode);
1212 }
1213
1214 xfs_iflags_clear(ip, XFS_INEW);
1215 barrier();
1216
1217 unlock_new_inode(inode);
1218}
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6#include "xfs.h"
7#include "xfs_fs.h"
8#include "xfs_shared.h"
9#include "xfs_format.h"
10#include "xfs_log_format.h"
11#include "xfs_trans_resv.h"
12#include "xfs_mount.h"
13#include "xfs_inode.h"
14#include "xfs_acl.h"
15#include "xfs_quota.h"
16#include "xfs_da_format.h"
17#include "xfs_da_btree.h"
18#include "xfs_attr.h"
19#include "xfs_trans.h"
20#include "xfs_trace.h"
21#include "xfs_icache.h"
22#include "xfs_symlink.h"
23#include "xfs_dir2.h"
24#include "xfs_iomap.h"
25#include "xfs_error.h"
26#include "xfs_ioctl.h"
27#include "xfs_xattr.h"
28
29#include <linux/posix_acl.h>
30#include <linux/security.h>
31#include <linux/iversion.h>
32#include <linux/fiemap.h>
33
34/*
35 * Directories have different lock order w.r.t. mmap_lock compared to regular
36 * files. This is due to readdir potentially triggering page faults on a user
37 * buffer inside filldir(), and this happens with the ilock on the directory
38 * held. For regular files, the lock order is the other way around - the
39 * mmap_lock is taken during the page fault, and then we lock the ilock to do
40 * block mapping. Hence we need a different class for the directory ilock so
41 * that lockdep can tell them apart.
42 */
43static struct lock_class_key xfs_nondir_ilock_class;
44static struct lock_class_key xfs_dir_ilock_class;
45
46static int
47xfs_initxattrs(
48 struct inode *inode,
49 const struct xattr *xattr_array,
50 void *fs_info)
51{
52 const struct xattr *xattr;
53 struct xfs_inode *ip = XFS_I(inode);
54 int error = 0;
55
56 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
57 struct xfs_da_args args = {
58 .dp = ip,
59 .attr_filter = XFS_ATTR_SECURE,
60 .name = xattr->name,
61 .namelen = strlen(xattr->name),
62 .value = xattr->value,
63 .valuelen = xattr->value_len,
64 };
65 error = xfs_attr_change(&args);
66 if (error < 0)
67 break;
68 }
69 return error;
70}
71
72/*
73 * Hook in SELinux. This is not quite correct yet, what we really need
74 * here (as we do for default ACLs) is a mechanism by which creation of
75 * these attrs can be journalled at inode creation time (along with the
76 * inode, of course, such that log replay can't cause these to be lost).
77 */
78int
79xfs_inode_init_security(
80 struct inode *inode,
81 struct inode *dir,
82 const struct qstr *qstr)
83{
84 return security_inode_init_security(inode, dir, qstr,
85 &xfs_initxattrs, NULL);
86}
87
88static void
89xfs_dentry_to_name(
90 struct xfs_name *namep,
91 struct dentry *dentry)
92{
93 namep->name = dentry->d_name.name;
94 namep->len = dentry->d_name.len;
95 namep->type = XFS_DIR3_FT_UNKNOWN;
96}
97
98static int
99xfs_dentry_mode_to_name(
100 struct xfs_name *namep,
101 struct dentry *dentry,
102 int mode)
103{
104 namep->name = dentry->d_name.name;
105 namep->len = dentry->d_name.len;
106 namep->type = xfs_mode_to_ftype(mode);
107
108 if (unlikely(namep->type == XFS_DIR3_FT_UNKNOWN))
109 return -EFSCORRUPTED;
110
111 return 0;
112}
113
114STATIC void
115xfs_cleanup_inode(
116 struct inode *dir,
117 struct inode *inode,
118 struct dentry *dentry)
119{
120 struct xfs_name teardown;
121
122 /* Oh, the horror.
123 * If we can't add the ACL or we fail in
124 * xfs_inode_init_security we must back out.
125 * ENOSPC can hit here, among other things.
126 */
127 xfs_dentry_to_name(&teardown, dentry);
128
129 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode));
130}
131
132/*
133 * Check to see if we are likely to need an extended attribute to be added to
134 * the inode we are about to allocate. This allows the attribute fork to be
135 * created during the inode allocation, reducing the number of transactions we
136 * need to do in this fast path.
137 *
138 * The security checks are optimistic, but not guaranteed. The two LSMs that
139 * require xattrs to be added here (selinux and smack) are also the only two
140 * LSMs that add a sb->s_security structure to the superblock. Hence if security
141 * is enabled and sb->s_security is set, we have a pretty good idea that we are
142 * going to be asked to add a security xattr immediately after allocating the
143 * xfs inode and instantiating the VFS inode.
144 */
145static inline bool
146xfs_create_need_xattr(
147 struct inode *dir,
148 struct posix_acl *default_acl,
149 struct posix_acl *acl)
150{
151 if (acl)
152 return true;
153 if (default_acl)
154 return true;
155#if IS_ENABLED(CONFIG_SECURITY)
156 if (dir->i_sb->s_security)
157 return true;
158#endif
159 return false;
160}
161
162
163STATIC int
164xfs_generic_create(
165 struct user_namespace *mnt_userns,
166 struct inode *dir,
167 struct dentry *dentry,
168 umode_t mode,
169 dev_t rdev,
170 struct file *tmpfile) /* unnamed file */
171{
172 struct inode *inode;
173 struct xfs_inode *ip = NULL;
174 struct posix_acl *default_acl, *acl;
175 struct xfs_name name;
176 int error;
177
178 /*
179 * Irix uses Missed'em'V split, but doesn't want to see
180 * the upper 5 bits of (14bit) major.
181 */
182 if (S_ISCHR(mode) || S_ISBLK(mode)) {
183 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff))
184 return -EINVAL;
185 } else {
186 rdev = 0;
187 }
188
189 error = posix_acl_create(dir, &mode, &default_acl, &acl);
190 if (error)
191 return error;
192
193 /* Verify mode is valid also for tmpfile case */
194 error = xfs_dentry_mode_to_name(&name, dentry, mode);
195 if (unlikely(error))
196 goto out_free_acl;
197
198 if (!tmpfile) {
199 error = xfs_create(mnt_userns, XFS_I(dir), &name, mode, rdev,
200 xfs_create_need_xattr(dir, default_acl, acl),
201 &ip);
202 } else {
203 error = xfs_create_tmpfile(mnt_userns, XFS_I(dir), mode, &ip);
204 }
205 if (unlikely(error))
206 goto out_free_acl;
207
208 inode = VFS_I(ip);
209
210 error = xfs_inode_init_security(inode, dir, &dentry->d_name);
211 if (unlikely(error))
212 goto out_cleanup_inode;
213
214 if (default_acl) {
215 error = __xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT);
216 if (error)
217 goto out_cleanup_inode;
218 }
219 if (acl) {
220 error = __xfs_set_acl(inode, acl, ACL_TYPE_ACCESS);
221 if (error)
222 goto out_cleanup_inode;
223 }
224
225 xfs_setup_iops(ip);
226
227 if (tmpfile) {
228 /*
229 * The VFS requires that any inode fed to d_tmpfile must have
230 * nlink == 1 so that it can decrement the nlink in d_tmpfile.
231 * However, we created the temp file with nlink == 0 because
232 * we're not allowed to put an inode with nlink > 0 on the
233 * unlinked list. Therefore we have to set nlink to 1 so that
234 * d_tmpfile can immediately set it back to zero.
235 */
236 set_nlink(inode, 1);
237 d_tmpfile(tmpfile, inode);
238 } else
239 d_instantiate(dentry, inode);
240
241 xfs_finish_inode_setup(ip);
242
243 out_free_acl:
244 posix_acl_release(default_acl);
245 posix_acl_release(acl);
246 return error;
247
248 out_cleanup_inode:
249 xfs_finish_inode_setup(ip);
250 if (!tmpfile)
251 xfs_cleanup_inode(dir, inode, dentry);
252 xfs_irele(ip);
253 goto out_free_acl;
254}
255
256STATIC int
257xfs_vn_mknod(
258 struct user_namespace *mnt_userns,
259 struct inode *dir,
260 struct dentry *dentry,
261 umode_t mode,
262 dev_t rdev)
263{
264 return xfs_generic_create(mnt_userns, dir, dentry, mode, rdev, NULL);
265}
266
267STATIC int
268xfs_vn_create(
269 struct user_namespace *mnt_userns,
270 struct inode *dir,
271 struct dentry *dentry,
272 umode_t mode,
273 bool flags)
274{
275 return xfs_generic_create(mnt_userns, dir, dentry, mode, 0, NULL);
276}
277
278STATIC int
279xfs_vn_mkdir(
280 struct user_namespace *mnt_userns,
281 struct inode *dir,
282 struct dentry *dentry,
283 umode_t mode)
284{
285 return xfs_generic_create(mnt_userns, dir, dentry, mode | S_IFDIR, 0,
286 NULL);
287}
288
289STATIC struct dentry *
290xfs_vn_lookup(
291 struct inode *dir,
292 struct dentry *dentry,
293 unsigned int flags)
294{
295 struct inode *inode;
296 struct xfs_inode *cip;
297 struct xfs_name name;
298 int error;
299
300 if (dentry->d_name.len >= MAXNAMELEN)
301 return ERR_PTR(-ENAMETOOLONG);
302
303 xfs_dentry_to_name(&name, dentry);
304 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL);
305 if (likely(!error))
306 inode = VFS_I(cip);
307 else if (likely(error == -ENOENT))
308 inode = NULL;
309 else
310 inode = ERR_PTR(error);
311 return d_splice_alias(inode, dentry);
312}
313
314STATIC struct dentry *
315xfs_vn_ci_lookup(
316 struct inode *dir,
317 struct dentry *dentry,
318 unsigned int flags)
319{
320 struct xfs_inode *ip;
321 struct xfs_name xname;
322 struct xfs_name ci_name;
323 struct qstr dname;
324 int error;
325
326 if (dentry->d_name.len >= MAXNAMELEN)
327 return ERR_PTR(-ENAMETOOLONG);
328
329 xfs_dentry_to_name(&xname, dentry);
330 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name);
331 if (unlikely(error)) {
332 if (unlikely(error != -ENOENT))
333 return ERR_PTR(error);
334 /*
335 * call d_add(dentry, NULL) here when d_drop_negative_children
336 * is called in xfs_vn_mknod (ie. allow negative dentries
337 * with CI filesystems).
338 */
339 return NULL;
340 }
341
342 /* if exact match, just splice and exit */
343 if (!ci_name.name)
344 return d_splice_alias(VFS_I(ip), dentry);
345
346 /* else case-insensitive match... */
347 dname.name = ci_name.name;
348 dname.len = ci_name.len;
349 dentry = d_add_ci(dentry, VFS_I(ip), &dname);
350 kmem_free(ci_name.name);
351 return dentry;
352}
353
354STATIC int
355xfs_vn_link(
356 struct dentry *old_dentry,
357 struct inode *dir,
358 struct dentry *dentry)
359{
360 struct inode *inode = d_inode(old_dentry);
361 struct xfs_name name;
362 int error;
363
364 error = xfs_dentry_mode_to_name(&name, dentry, inode->i_mode);
365 if (unlikely(error))
366 return error;
367
368 error = xfs_link(XFS_I(dir), XFS_I(inode), &name);
369 if (unlikely(error))
370 return error;
371
372 ihold(inode);
373 d_instantiate(dentry, inode);
374 return 0;
375}
376
377STATIC int
378xfs_vn_unlink(
379 struct inode *dir,
380 struct dentry *dentry)
381{
382 struct xfs_name name;
383 int error;
384
385 xfs_dentry_to_name(&name, dentry);
386
387 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry)));
388 if (error)
389 return error;
390
391 /*
392 * With unlink, the VFS makes the dentry "negative": no inode,
393 * but still hashed. This is incompatible with case-insensitive
394 * mode, so invalidate (unhash) the dentry in CI-mode.
395 */
396 if (xfs_has_asciici(XFS_M(dir->i_sb)))
397 d_invalidate(dentry);
398 return 0;
399}
400
401STATIC int
402xfs_vn_symlink(
403 struct user_namespace *mnt_userns,
404 struct inode *dir,
405 struct dentry *dentry,
406 const char *symname)
407{
408 struct inode *inode;
409 struct xfs_inode *cip = NULL;
410 struct xfs_name name;
411 int error;
412 umode_t mode;
413
414 mode = S_IFLNK |
415 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO);
416 error = xfs_dentry_mode_to_name(&name, dentry, mode);
417 if (unlikely(error))
418 goto out;
419
420 error = xfs_symlink(mnt_userns, XFS_I(dir), &name, symname, mode, &cip);
421 if (unlikely(error))
422 goto out;
423
424 inode = VFS_I(cip);
425
426 error = xfs_inode_init_security(inode, dir, &dentry->d_name);
427 if (unlikely(error))
428 goto out_cleanup_inode;
429
430 xfs_setup_iops(cip);
431
432 d_instantiate(dentry, inode);
433 xfs_finish_inode_setup(cip);
434 return 0;
435
436 out_cleanup_inode:
437 xfs_finish_inode_setup(cip);
438 xfs_cleanup_inode(dir, inode, dentry);
439 xfs_irele(cip);
440 out:
441 return error;
442}
443
444STATIC int
445xfs_vn_rename(
446 struct user_namespace *mnt_userns,
447 struct inode *odir,
448 struct dentry *odentry,
449 struct inode *ndir,
450 struct dentry *ndentry,
451 unsigned int flags)
452{
453 struct inode *new_inode = d_inode(ndentry);
454 int omode = 0;
455 int error;
456 struct xfs_name oname;
457 struct xfs_name nname;
458
459 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
460 return -EINVAL;
461
462 /* if we are exchanging files, we need to set i_mode of both files */
463 if (flags & RENAME_EXCHANGE)
464 omode = d_inode(ndentry)->i_mode;
465
466 error = xfs_dentry_mode_to_name(&oname, odentry, omode);
467 if (omode && unlikely(error))
468 return error;
469
470 error = xfs_dentry_mode_to_name(&nname, ndentry,
471 d_inode(odentry)->i_mode);
472 if (unlikely(error))
473 return error;
474
475 return xfs_rename(mnt_userns, XFS_I(odir), &oname,
476 XFS_I(d_inode(odentry)), XFS_I(ndir), &nname,
477 new_inode ? XFS_I(new_inode) : NULL, flags);
478}
479
480/*
481 * careful here - this function can get called recursively, so
482 * we need to be very careful about how much stack we use.
483 * uio is kmalloced for this reason...
484 */
485STATIC const char *
486xfs_vn_get_link(
487 struct dentry *dentry,
488 struct inode *inode,
489 struct delayed_call *done)
490{
491 char *link;
492 int error = -ENOMEM;
493
494 if (!dentry)
495 return ERR_PTR(-ECHILD);
496
497 link = kmalloc(XFS_SYMLINK_MAXLEN+1, GFP_KERNEL);
498 if (!link)
499 goto out_err;
500
501 error = xfs_readlink(XFS_I(d_inode(dentry)), link);
502 if (unlikely(error))
503 goto out_kfree;
504
505 set_delayed_call(done, kfree_link, link);
506 return link;
507
508 out_kfree:
509 kfree(link);
510 out_err:
511 return ERR_PTR(error);
512}
513
514static uint32_t
515xfs_stat_blksize(
516 struct xfs_inode *ip)
517{
518 struct xfs_mount *mp = ip->i_mount;
519
520 /*
521 * If the file blocks are being allocated from a realtime volume, then
522 * always return the realtime extent size.
523 */
524 if (XFS_IS_REALTIME_INODE(ip))
525 return XFS_FSB_TO_B(mp, xfs_get_extsz_hint(ip));
526
527 /*
528 * Allow large block sizes to be reported to userspace programs if the
529 * "largeio" mount option is used.
530 *
531 * If compatibility mode is specified, simply return the basic unit of
532 * caching so that we don't get inefficient read/modify/write I/O from
533 * user apps. Otherwise....
534 *
535 * If the underlying volume is a stripe, then return the stripe width in
536 * bytes as the recommended I/O size. It is not a stripe and we've set a
537 * default buffered I/O size, return that, otherwise return the compat
538 * default.
539 */
540 if (xfs_has_large_iosize(mp)) {
541 if (mp->m_swidth)
542 return XFS_FSB_TO_B(mp, mp->m_swidth);
543 if (xfs_has_allocsize(mp))
544 return 1U << mp->m_allocsize_log;
545 }
546
547 return PAGE_SIZE;
548}
549
550STATIC int
551xfs_vn_getattr(
552 struct user_namespace *mnt_userns,
553 const struct path *path,
554 struct kstat *stat,
555 u32 request_mask,
556 unsigned int query_flags)
557{
558 struct inode *inode = d_inode(path->dentry);
559 struct xfs_inode *ip = XFS_I(inode);
560 struct xfs_mount *mp = ip->i_mount;
561 vfsuid_t vfsuid = i_uid_into_vfsuid(mnt_userns, inode);
562 vfsgid_t vfsgid = i_gid_into_vfsgid(mnt_userns, inode);
563
564 trace_xfs_getattr(ip);
565
566 if (xfs_is_shutdown(mp))
567 return -EIO;
568
569 stat->size = XFS_ISIZE(ip);
570 stat->dev = inode->i_sb->s_dev;
571 stat->mode = inode->i_mode;
572 stat->nlink = inode->i_nlink;
573 stat->uid = vfsuid_into_kuid(vfsuid);
574 stat->gid = vfsgid_into_kgid(vfsgid);
575 stat->ino = ip->i_ino;
576 stat->atime = inode->i_atime;
577 stat->mtime = inode->i_mtime;
578 stat->ctime = inode->i_ctime;
579 stat->blocks = XFS_FSB_TO_BB(mp, ip->i_nblocks + ip->i_delayed_blks);
580
581 if (xfs_has_v3inodes(mp)) {
582 if (request_mask & STATX_BTIME) {
583 stat->result_mask |= STATX_BTIME;
584 stat->btime = ip->i_crtime;
585 }
586 }
587
588 /*
589 * Note: If you add another clause to set an attribute flag, please
590 * update attributes_mask below.
591 */
592 if (ip->i_diflags & XFS_DIFLAG_IMMUTABLE)
593 stat->attributes |= STATX_ATTR_IMMUTABLE;
594 if (ip->i_diflags & XFS_DIFLAG_APPEND)
595 stat->attributes |= STATX_ATTR_APPEND;
596 if (ip->i_diflags & XFS_DIFLAG_NODUMP)
597 stat->attributes |= STATX_ATTR_NODUMP;
598
599 stat->attributes_mask |= (STATX_ATTR_IMMUTABLE |
600 STATX_ATTR_APPEND |
601 STATX_ATTR_NODUMP);
602
603 switch (inode->i_mode & S_IFMT) {
604 case S_IFBLK:
605 case S_IFCHR:
606 stat->blksize = BLKDEV_IOSIZE;
607 stat->rdev = inode->i_rdev;
608 break;
609 case S_IFREG:
610 if (request_mask & STATX_DIOALIGN) {
611 struct xfs_buftarg *target = xfs_inode_buftarg(ip);
612 struct block_device *bdev = target->bt_bdev;
613
614 stat->result_mask |= STATX_DIOALIGN;
615 stat->dio_mem_align = bdev_dma_alignment(bdev) + 1;
616 stat->dio_offset_align = bdev_logical_block_size(bdev);
617 }
618 fallthrough;
619 default:
620 stat->blksize = xfs_stat_blksize(ip);
621 stat->rdev = 0;
622 break;
623 }
624
625 return 0;
626}
627
628static int
629xfs_vn_change_ok(
630 struct user_namespace *mnt_userns,
631 struct dentry *dentry,
632 struct iattr *iattr)
633{
634 struct xfs_mount *mp = XFS_I(d_inode(dentry))->i_mount;
635
636 if (xfs_is_readonly(mp))
637 return -EROFS;
638
639 if (xfs_is_shutdown(mp))
640 return -EIO;
641
642 return setattr_prepare(mnt_userns, dentry, iattr);
643}
644
645/*
646 * Set non-size attributes of an inode.
647 *
648 * Caution: The caller of this function is responsible for calling
649 * setattr_prepare() or otherwise verifying the change is fine.
650 */
651static int
652xfs_setattr_nonsize(
653 struct user_namespace *mnt_userns,
654 struct dentry *dentry,
655 struct xfs_inode *ip,
656 struct iattr *iattr)
657{
658 xfs_mount_t *mp = ip->i_mount;
659 struct inode *inode = VFS_I(ip);
660 int mask = iattr->ia_valid;
661 xfs_trans_t *tp;
662 int error;
663 kuid_t uid = GLOBAL_ROOT_UID;
664 kgid_t gid = GLOBAL_ROOT_GID;
665 struct xfs_dquot *udqp = NULL, *gdqp = NULL;
666 struct xfs_dquot *old_udqp = NULL, *old_gdqp = NULL;
667
668 ASSERT((mask & ATTR_SIZE) == 0);
669
670 /*
671 * If disk quotas is on, we make sure that the dquots do exist on disk,
672 * before we start any other transactions. Trying to do this later
673 * is messy. We don't care to take a readlock to look at the ids
674 * in inode here, because we can't hold it across the trans_reserve.
675 * If the IDs do change before we take the ilock, we're covered
676 * because the i_*dquot fields will get updated anyway.
677 */
678 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) {
679 uint qflags = 0;
680
681 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) {
682 uid = from_vfsuid(mnt_userns, i_user_ns(inode),
683 iattr->ia_vfsuid);
684 qflags |= XFS_QMOPT_UQUOTA;
685 } else {
686 uid = inode->i_uid;
687 }
688 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) {
689 gid = from_vfsgid(mnt_userns, i_user_ns(inode),
690 iattr->ia_vfsgid);
691 qflags |= XFS_QMOPT_GQUOTA;
692 } else {
693 gid = inode->i_gid;
694 }
695
696 /*
697 * We take a reference when we initialize udqp and gdqp,
698 * so it is important that we never blindly double trip on
699 * the same variable. See xfs_create() for an example.
700 */
701 ASSERT(udqp == NULL);
702 ASSERT(gdqp == NULL);
703 error = xfs_qm_vop_dqalloc(ip, uid, gid, ip->i_projid,
704 qflags, &udqp, &gdqp, NULL);
705 if (error)
706 return error;
707 }
708
709 error = xfs_trans_alloc_ichange(ip, udqp, gdqp, NULL,
710 has_capability_noaudit(current, CAP_FOWNER), &tp);
711 if (error)
712 goto out_dqrele;
713
714 /*
715 * Register quota modifications in the transaction. Must be the owner
716 * or privileged. These IDs could have changed since we last looked at
717 * them. But, we're assured that if the ownership did change while we
718 * didn't have the inode locked, inode's dquot(s) would have changed
719 * also.
720 */
721 if (XFS_IS_UQUOTA_ON(mp) &&
722 i_uid_needs_update(mnt_userns, iattr, inode)) {
723 ASSERT(udqp);
724 old_udqp = xfs_qm_vop_chown(tp, ip, &ip->i_udquot, udqp);
725 }
726 if (XFS_IS_GQUOTA_ON(mp) &&
727 i_gid_needs_update(mnt_userns, iattr, inode)) {
728 ASSERT(xfs_has_pquotino(mp) || !XFS_IS_PQUOTA_ON(mp));
729 ASSERT(gdqp);
730 old_gdqp = xfs_qm_vop_chown(tp, ip, &ip->i_gdquot, gdqp);
731 }
732
733 setattr_copy(mnt_userns, inode, iattr);
734 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
735
736 XFS_STATS_INC(mp, xs_ig_attrchg);
737
738 if (xfs_has_wsync(mp))
739 xfs_trans_set_sync(tp);
740 error = xfs_trans_commit(tp);
741
742 /*
743 * Release any dquot(s) the inode had kept before chown.
744 */
745 xfs_qm_dqrele(old_udqp);
746 xfs_qm_dqrele(old_gdqp);
747 xfs_qm_dqrele(udqp);
748 xfs_qm_dqrele(gdqp);
749
750 if (error)
751 return error;
752
753 /*
754 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode
755 * update. We could avoid this with linked transactions
756 * and passing down the transaction pointer all the way
757 * to attr_set. No previous user of the generic
758 * Posix ACL code seems to care about this issue either.
759 */
760 if (mask & ATTR_MODE) {
761 error = posix_acl_chmod(mnt_userns, dentry, inode->i_mode);
762 if (error)
763 return error;
764 }
765
766 return 0;
767
768out_dqrele:
769 xfs_qm_dqrele(udqp);
770 xfs_qm_dqrele(gdqp);
771 return error;
772}
773
774/*
775 * Truncate file. Must have write permission and not be a directory.
776 *
777 * Caution: The caller of this function is responsible for calling
778 * setattr_prepare() or otherwise verifying the change is fine.
779 */
780STATIC int
781xfs_setattr_size(
782 struct user_namespace *mnt_userns,
783 struct dentry *dentry,
784 struct xfs_inode *ip,
785 struct iattr *iattr)
786{
787 struct xfs_mount *mp = ip->i_mount;
788 struct inode *inode = VFS_I(ip);
789 xfs_off_t oldsize, newsize;
790 struct xfs_trans *tp;
791 int error;
792 uint lock_flags = 0;
793 bool did_zeroing = false;
794
795 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL));
796 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL));
797 ASSERT(S_ISREG(inode->i_mode));
798 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET|
799 ATTR_MTIME_SET|ATTR_TIMES_SET)) == 0);
800
801 oldsize = inode->i_size;
802 newsize = iattr->ia_size;
803
804 /*
805 * Short circuit the truncate case for zero length files.
806 */
807 if (newsize == 0 && oldsize == 0 && ip->i_df.if_nextents == 0) {
808 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME)))
809 return 0;
810
811 /*
812 * Use the regular setattr path to update the timestamps.
813 */
814 iattr->ia_valid &= ~ATTR_SIZE;
815 return xfs_setattr_nonsize(mnt_userns, dentry, ip, iattr);
816 }
817
818 /*
819 * Make sure that the dquots are attached to the inode.
820 */
821 error = xfs_qm_dqattach(ip);
822 if (error)
823 return error;
824
825 /*
826 * Wait for all direct I/O to complete.
827 */
828 inode_dio_wait(inode);
829
830 /*
831 * File data changes must be complete before we start the transaction to
832 * modify the inode. This needs to be done before joining the inode to
833 * the transaction because the inode cannot be unlocked once it is a
834 * part of the transaction.
835 *
836 * Start with zeroing any data beyond EOF that we may expose on file
837 * extension, or zeroing out the rest of the block on a downward
838 * truncate.
839 */
840 if (newsize > oldsize) {
841 trace_xfs_zero_eof(ip, oldsize, newsize - oldsize);
842 error = xfs_zero_range(ip, oldsize, newsize - oldsize,
843 &did_zeroing);
844 } else {
845 /*
846 * iomap won't detect a dirty page over an unwritten block (or a
847 * cow block over a hole) and subsequently skips zeroing the
848 * newly post-EOF portion of the page. Flush the new EOF to
849 * convert the block before the pagecache truncate.
850 */
851 error = filemap_write_and_wait_range(inode->i_mapping, newsize,
852 newsize);
853 if (error)
854 return error;
855 error = xfs_truncate_page(ip, newsize, &did_zeroing);
856 }
857
858 if (error)
859 return error;
860
861 /*
862 * We've already locked out new page faults, so now we can safely remove
863 * pages from the page cache knowing they won't get refaulted until we
864 * drop the XFS_MMAP_EXCL lock after the extent manipulations are
865 * complete. The truncate_setsize() call also cleans partial EOF page
866 * PTEs on extending truncates and hence ensures sub-page block size
867 * filesystems are correctly handled, too.
868 *
869 * We have to do all the page cache truncate work outside the
870 * transaction context as the "lock" order is page lock->log space
871 * reservation as defined by extent allocation in the writeback path.
872 * Hence a truncate can fail with ENOMEM from xfs_trans_alloc(), but
873 * having already truncated the in-memory version of the file (i.e. made
874 * user visible changes). There's not much we can do about this, except
875 * to hope that the caller sees ENOMEM and retries the truncate
876 * operation.
877 *
878 * And we update in-core i_size and truncate page cache beyond newsize
879 * before writeback the [i_disk_size, newsize] range, so we're
880 * guaranteed not to write stale data past the new EOF on truncate down.
881 */
882 truncate_setsize(inode, newsize);
883
884 /*
885 * We are going to log the inode size change in this transaction so
886 * any previous writes that are beyond the on disk EOF and the new
887 * EOF that have not been written out need to be written here. If we
888 * do not write the data out, we expose ourselves to the null files
889 * problem. Note that this includes any block zeroing we did above;
890 * otherwise those blocks may not be zeroed after a crash.
891 */
892 if (did_zeroing ||
893 (newsize > ip->i_disk_size && oldsize != ip->i_disk_size)) {
894 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping,
895 ip->i_disk_size, newsize - 1);
896 if (error)
897 return error;
898 }
899
900 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate, 0, 0, 0, &tp);
901 if (error)
902 return error;
903
904 lock_flags |= XFS_ILOCK_EXCL;
905 xfs_ilock(ip, XFS_ILOCK_EXCL);
906 xfs_trans_ijoin(tp, ip, 0);
907
908 /*
909 * Only change the c/mtime if we are changing the size or we are
910 * explicitly asked to change it. This handles the semantic difference
911 * between truncate() and ftruncate() as implemented in the VFS.
912 *
913 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a
914 * special case where we need to update the times despite not having
915 * these flags set. For all other operations the VFS set these flags
916 * explicitly if it wants a timestamp update.
917 */
918 if (newsize != oldsize &&
919 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) {
920 iattr->ia_ctime = iattr->ia_mtime =
921 current_time(inode);
922 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME;
923 }
924
925 /*
926 * The first thing we do is set the size to new_size permanently on
927 * disk. This way we don't have to worry about anyone ever being able
928 * to look at the data being freed even in the face of a crash.
929 * What we're getting around here is the case where we free a block, it
930 * is allocated to another file, it is written to, and then we crash.
931 * If the new data gets written to the file but the log buffers
932 * containing the free and reallocation don't, then we'd end up with
933 * garbage in the blocks being freed. As long as we make the new size
934 * permanent before actually freeing any blocks it doesn't matter if
935 * they get written to.
936 */
937 ip->i_disk_size = newsize;
938 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
939
940 if (newsize <= oldsize) {
941 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize);
942 if (error)
943 goto out_trans_cancel;
944
945 /*
946 * Truncated "down", so we're removing references to old data
947 * here - if we delay flushing for a long time, we expose
948 * ourselves unduly to the notorious NULL files problem. So,
949 * we mark this inode and flush it when the file is closed,
950 * and do not wait the usual (long) time for writeout.
951 */
952 xfs_iflags_set(ip, XFS_ITRUNCATED);
953
954 /* A truncate down always removes post-EOF blocks. */
955 xfs_inode_clear_eofblocks_tag(ip);
956 }
957
958 ASSERT(!(iattr->ia_valid & (ATTR_UID | ATTR_GID)));
959 setattr_copy(mnt_userns, inode, iattr);
960 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
961
962 XFS_STATS_INC(mp, xs_ig_attrchg);
963
964 if (xfs_has_wsync(mp))
965 xfs_trans_set_sync(tp);
966
967 error = xfs_trans_commit(tp);
968out_unlock:
969 if (lock_flags)
970 xfs_iunlock(ip, lock_flags);
971 return error;
972
973out_trans_cancel:
974 xfs_trans_cancel(tp);
975 goto out_unlock;
976}
977
978int
979xfs_vn_setattr_size(
980 struct user_namespace *mnt_userns,
981 struct dentry *dentry,
982 struct iattr *iattr)
983{
984 struct xfs_inode *ip = XFS_I(d_inode(dentry));
985 int error;
986
987 trace_xfs_setattr(ip);
988
989 error = xfs_vn_change_ok(mnt_userns, dentry, iattr);
990 if (error)
991 return error;
992 return xfs_setattr_size(mnt_userns, dentry, ip, iattr);
993}
994
995STATIC int
996xfs_vn_setattr(
997 struct user_namespace *mnt_userns,
998 struct dentry *dentry,
999 struct iattr *iattr)
1000{
1001 struct inode *inode = d_inode(dentry);
1002 struct xfs_inode *ip = XFS_I(inode);
1003 int error;
1004
1005 if (iattr->ia_valid & ATTR_SIZE) {
1006 uint iolock;
1007
1008 xfs_ilock(ip, XFS_MMAPLOCK_EXCL);
1009 iolock = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL;
1010
1011 error = xfs_break_layouts(inode, &iolock, BREAK_UNMAP);
1012 if (error) {
1013 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL);
1014 return error;
1015 }
1016
1017 error = xfs_vn_setattr_size(mnt_userns, dentry, iattr);
1018 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL);
1019 } else {
1020 trace_xfs_setattr(ip);
1021
1022 error = xfs_vn_change_ok(mnt_userns, dentry, iattr);
1023 if (!error)
1024 error = xfs_setattr_nonsize(mnt_userns, dentry, ip, iattr);
1025 }
1026
1027 return error;
1028}
1029
1030STATIC int
1031xfs_vn_update_time(
1032 struct inode *inode,
1033 struct timespec64 *now,
1034 int flags)
1035{
1036 struct xfs_inode *ip = XFS_I(inode);
1037 struct xfs_mount *mp = ip->i_mount;
1038 int log_flags = XFS_ILOG_TIMESTAMP;
1039 struct xfs_trans *tp;
1040 int error;
1041
1042 trace_xfs_update_time(ip);
1043
1044 if (inode->i_sb->s_flags & SB_LAZYTIME) {
1045 if (!((flags & S_VERSION) &&
1046 inode_maybe_inc_iversion(inode, false)))
1047 return generic_update_time(inode, now, flags);
1048
1049 /* Capture the iversion update that just occurred */
1050 log_flags |= XFS_ILOG_CORE;
1051 }
1052
1053 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_fsyncts, 0, 0, 0, &tp);
1054 if (error)
1055 return error;
1056
1057 xfs_ilock(ip, XFS_ILOCK_EXCL);
1058 if (flags & S_CTIME)
1059 inode->i_ctime = *now;
1060 if (flags & S_MTIME)
1061 inode->i_mtime = *now;
1062 if (flags & S_ATIME)
1063 inode->i_atime = *now;
1064
1065 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
1066 xfs_trans_log_inode(tp, ip, log_flags);
1067 return xfs_trans_commit(tp);
1068}
1069
1070STATIC int
1071xfs_vn_fiemap(
1072 struct inode *inode,
1073 struct fiemap_extent_info *fieinfo,
1074 u64 start,
1075 u64 length)
1076{
1077 int error;
1078
1079 xfs_ilock(XFS_I(inode), XFS_IOLOCK_SHARED);
1080 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) {
1081 fieinfo->fi_flags &= ~FIEMAP_FLAG_XATTR;
1082 error = iomap_fiemap(inode, fieinfo, start, length,
1083 &xfs_xattr_iomap_ops);
1084 } else {
1085 error = iomap_fiemap(inode, fieinfo, start, length,
1086 &xfs_read_iomap_ops);
1087 }
1088 xfs_iunlock(XFS_I(inode), XFS_IOLOCK_SHARED);
1089
1090 return error;
1091}
1092
1093STATIC int
1094xfs_vn_tmpfile(
1095 struct user_namespace *mnt_userns,
1096 struct inode *dir,
1097 struct file *file,
1098 umode_t mode)
1099{
1100 int err = xfs_generic_create(mnt_userns, dir, file->f_path.dentry, mode, 0, file);
1101
1102 return finish_open_simple(file, err);
1103}
1104
1105static const struct inode_operations xfs_inode_operations = {
1106 .get_inode_acl = xfs_get_acl,
1107 .set_acl = xfs_set_acl,
1108 .getattr = xfs_vn_getattr,
1109 .setattr = xfs_vn_setattr,
1110 .listxattr = xfs_vn_listxattr,
1111 .fiemap = xfs_vn_fiemap,
1112 .update_time = xfs_vn_update_time,
1113 .fileattr_get = xfs_fileattr_get,
1114 .fileattr_set = xfs_fileattr_set,
1115};
1116
1117static const struct inode_operations xfs_dir_inode_operations = {
1118 .create = xfs_vn_create,
1119 .lookup = xfs_vn_lookup,
1120 .link = xfs_vn_link,
1121 .unlink = xfs_vn_unlink,
1122 .symlink = xfs_vn_symlink,
1123 .mkdir = xfs_vn_mkdir,
1124 /*
1125 * Yes, XFS uses the same method for rmdir and unlink.
1126 *
1127 * There are some subtile differences deeper in the code,
1128 * but we use S_ISDIR to check for those.
1129 */
1130 .rmdir = xfs_vn_unlink,
1131 .mknod = xfs_vn_mknod,
1132 .rename = xfs_vn_rename,
1133 .get_inode_acl = xfs_get_acl,
1134 .set_acl = xfs_set_acl,
1135 .getattr = xfs_vn_getattr,
1136 .setattr = xfs_vn_setattr,
1137 .listxattr = xfs_vn_listxattr,
1138 .update_time = xfs_vn_update_time,
1139 .tmpfile = xfs_vn_tmpfile,
1140 .fileattr_get = xfs_fileattr_get,
1141 .fileattr_set = xfs_fileattr_set,
1142};
1143
1144static const struct inode_operations xfs_dir_ci_inode_operations = {
1145 .create = xfs_vn_create,
1146 .lookup = xfs_vn_ci_lookup,
1147 .link = xfs_vn_link,
1148 .unlink = xfs_vn_unlink,
1149 .symlink = xfs_vn_symlink,
1150 .mkdir = xfs_vn_mkdir,
1151 /*
1152 * Yes, XFS uses the same method for rmdir and unlink.
1153 *
1154 * There are some subtile differences deeper in the code,
1155 * but we use S_ISDIR to check for those.
1156 */
1157 .rmdir = xfs_vn_unlink,
1158 .mknod = xfs_vn_mknod,
1159 .rename = xfs_vn_rename,
1160 .get_inode_acl = xfs_get_acl,
1161 .set_acl = xfs_set_acl,
1162 .getattr = xfs_vn_getattr,
1163 .setattr = xfs_vn_setattr,
1164 .listxattr = xfs_vn_listxattr,
1165 .update_time = xfs_vn_update_time,
1166 .tmpfile = xfs_vn_tmpfile,
1167 .fileattr_get = xfs_fileattr_get,
1168 .fileattr_set = xfs_fileattr_set,
1169};
1170
1171static const struct inode_operations xfs_symlink_inode_operations = {
1172 .get_link = xfs_vn_get_link,
1173 .getattr = xfs_vn_getattr,
1174 .setattr = xfs_vn_setattr,
1175 .listxattr = xfs_vn_listxattr,
1176 .update_time = xfs_vn_update_time,
1177};
1178
1179/* Figure out if this file actually supports DAX. */
1180static bool
1181xfs_inode_supports_dax(
1182 struct xfs_inode *ip)
1183{
1184 struct xfs_mount *mp = ip->i_mount;
1185
1186 /* Only supported on regular files. */
1187 if (!S_ISREG(VFS_I(ip)->i_mode))
1188 return false;
1189
1190 /* Block size must match page size */
1191 if (mp->m_sb.sb_blocksize != PAGE_SIZE)
1192 return false;
1193
1194 /* Device has to support DAX too. */
1195 return xfs_inode_buftarg(ip)->bt_daxdev != NULL;
1196}
1197
1198static bool
1199xfs_inode_should_enable_dax(
1200 struct xfs_inode *ip)
1201{
1202 if (!IS_ENABLED(CONFIG_FS_DAX))
1203 return false;
1204 if (xfs_has_dax_never(ip->i_mount))
1205 return false;
1206 if (!xfs_inode_supports_dax(ip))
1207 return false;
1208 if (xfs_has_dax_always(ip->i_mount))
1209 return true;
1210 if (ip->i_diflags2 & XFS_DIFLAG2_DAX)
1211 return true;
1212 return false;
1213}
1214
1215void
1216xfs_diflags_to_iflags(
1217 struct xfs_inode *ip,
1218 bool init)
1219{
1220 struct inode *inode = VFS_I(ip);
1221 unsigned int xflags = xfs_ip2xflags(ip);
1222 unsigned int flags = 0;
1223
1224 ASSERT(!(IS_DAX(inode) && init));
1225
1226 if (xflags & FS_XFLAG_IMMUTABLE)
1227 flags |= S_IMMUTABLE;
1228 if (xflags & FS_XFLAG_APPEND)
1229 flags |= S_APPEND;
1230 if (xflags & FS_XFLAG_SYNC)
1231 flags |= S_SYNC;
1232 if (xflags & FS_XFLAG_NOATIME)
1233 flags |= S_NOATIME;
1234 if (init && xfs_inode_should_enable_dax(ip))
1235 flags |= S_DAX;
1236
1237 /*
1238 * S_DAX can only be set during inode initialization and is never set by
1239 * the VFS, so we cannot mask off S_DAX in i_flags.
1240 */
1241 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | S_NOATIME);
1242 inode->i_flags |= flags;
1243}
1244
1245/*
1246 * Initialize the Linux inode.
1247 *
1248 * When reading existing inodes from disk this is called directly from xfs_iget,
1249 * when creating a new inode it is called from xfs_init_new_inode after setting
1250 * up the inode. These callers have different criteria for clearing XFS_INEW, so
1251 * leave it up to the caller to deal with unlocking the inode appropriately.
1252 */
1253void
1254xfs_setup_inode(
1255 struct xfs_inode *ip)
1256{
1257 struct inode *inode = &ip->i_vnode;
1258 gfp_t gfp_mask;
1259
1260 inode->i_ino = ip->i_ino;
1261 inode->i_state |= I_NEW;
1262
1263 inode_sb_list_add(inode);
1264 /* make the inode look hashed for the writeback code */
1265 inode_fake_hash(inode);
1266
1267 i_size_write(inode, ip->i_disk_size);
1268 xfs_diflags_to_iflags(ip, true);
1269
1270 if (S_ISDIR(inode->i_mode)) {
1271 /*
1272 * We set the i_rwsem class here to avoid potential races with
1273 * lockdep_annotate_inode_mutex_key() reinitialising the lock
1274 * after a filehandle lookup has already found the inode in
1275 * cache before it has been unlocked via unlock_new_inode().
1276 */
1277 lockdep_set_class(&inode->i_rwsem,
1278 &inode->i_sb->s_type->i_mutex_dir_key);
1279 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class);
1280 } else {
1281 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class);
1282 }
1283
1284 /*
1285 * Ensure all page cache allocations are done from GFP_NOFS context to
1286 * prevent direct reclaim recursion back into the filesystem and blowing
1287 * stacks or deadlocking.
1288 */
1289 gfp_mask = mapping_gfp_mask(inode->i_mapping);
1290 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS)));
1291
1292 /*
1293 * If there is no attribute fork no ACL can exist on this inode,
1294 * and it can't have any file capabilities attached to it either.
1295 */
1296 if (!xfs_inode_has_attr_fork(ip)) {
1297 inode_has_no_xattr(inode);
1298 cache_no_acl(inode);
1299 }
1300}
1301
1302void
1303xfs_setup_iops(
1304 struct xfs_inode *ip)
1305{
1306 struct inode *inode = &ip->i_vnode;
1307
1308 switch (inode->i_mode & S_IFMT) {
1309 case S_IFREG:
1310 inode->i_op = &xfs_inode_operations;
1311 inode->i_fop = &xfs_file_operations;
1312 if (IS_DAX(inode))
1313 inode->i_mapping->a_ops = &xfs_dax_aops;
1314 else
1315 inode->i_mapping->a_ops = &xfs_address_space_operations;
1316 break;
1317 case S_IFDIR:
1318 if (xfs_has_asciici(XFS_M(inode->i_sb)))
1319 inode->i_op = &xfs_dir_ci_inode_operations;
1320 else
1321 inode->i_op = &xfs_dir_inode_operations;
1322 inode->i_fop = &xfs_dir_file_operations;
1323 break;
1324 case S_IFLNK:
1325 inode->i_op = &xfs_symlink_inode_operations;
1326 break;
1327 default:
1328 inode->i_op = &xfs_inode_operations;
1329 init_special_inode(inode, inode->i_mode, inode->i_rdev);
1330 break;
1331 }
1332}