Loading...
1/*
2 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3 * All Rights Reserved.
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18#include "xfs.h"
19#include "xfs_fs.h"
20#include "xfs_shared.h"
21#include "xfs_format.h"
22#include "xfs_log_format.h"
23#include "xfs_trans_resv.h"
24#include "xfs_sb.h"
25#include "xfs_ag.h"
26#include "xfs_mount.h"
27#include "xfs_da_format.h"
28#include "xfs_inode.h"
29#include "xfs_bmap.h"
30#include "xfs_bmap_util.h"
31#include "xfs_acl.h"
32#include "xfs_quota.h"
33#include "xfs_error.h"
34#include "xfs_attr.h"
35#include "xfs_trans.h"
36#include "xfs_trace.h"
37#include "xfs_icache.h"
38#include "xfs_symlink.h"
39#include "xfs_da_btree.h"
40#include "xfs_dir2_priv.h"
41#include "xfs_dinode.h"
42#include "xfs_trans_space.h"
43
44#include <linux/capability.h>
45#include <linux/xattr.h>
46#include <linux/namei.h>
47#include <linux/posix_acl.h>
48#include <linux/security.h>
49#include <linux/fiemap.h>
50#include <linux/slab.h>
51
52/*
53 * Directories have different lock order w.r.t. mmap_sem compared to regular
54 * files. This is due to readdir potentially triggering page faults on a user
55 * buffer inside filldir(), and this happens with the ilock on the directory
56 * held. For regular files, the lock order is the other way around - the
57 * mmap_sem is taken during the page fault, and then we lock the ilock to do
58 * block mapping. Hence we need a different class for the directory ilock so
59 * that lockdep can tell them apart.
60 */
61static struct lock_class_key xfs_nondir_ilock_class;
62static struct lock_class_key xfs_dir_ilock_class;
63
64static int
65xfs_initxattrs(
66 struct inode *inode,
67 const struct xattr *xattr_array,
68 void *fs_info)
69{
70 const struct xattr *xattr;
71 struct xfs_inode *ip = XFS_I(inode);
72 int error = 0;
73
74 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
75 error = -xfs_attr_set(ip, xattr->name, xattr->value,
76 xattr->value_len, ATTR_SECURE);
77 if (error < 0)
78 break;
79 }
80 return error;
81}
82
83/*
84 * Hook in SELinux. This is not quite correct yet, what we really need
85 * here (as we do for default ACLs) is a mechanism by which creation of
86 * these attrs can be journalled at inode creation time (along with the
87 * inode, of course, such that log replay can't cause these to be lost).
88 */
89
90STATIC int
91xfs_init_security(
92 struct inode *inode,
93 struct inode *dir,
94 const struct qstr *qstr)
95{
96 return -security_inode_init_security(inode, dir, qstr,
97 &xfs_initxattrs, NULL);
98}
99
100static void
101xfs_dentry_to_name(
102 struct xfs_name *namep,
103 struct dentry *dentry,
104 int mode)
105{
106 namep->name = dentry->d_name.name;
107 namep->len = dentry->d_name.len;
108 namep->type = xfs_mode_to_ftype[(mode & S_IFMT) >> S_SHIFT];
109}
110
111STATIC void
112xfs_cleanup_inode(
113 struct inode *dir,
114 struct inode *inode,
115 struct dentry *dentry)
116{
117 struct xfs_name teardown;
118
119 /* Oh, the horror.
120 * If we can't add the ACL or we fail in
121 * xfs_init_security we must back out.
122 * ENOSPC can hit here, among other things.
123 */
124 xfs_dentry_to_name(&teardown, dentry, 0);
125
126 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode));
127}
128
129STATIC int
130xfs_generic_create(
131 struct inode *dir,
132 struct dentry *dentry,
133 umode_t mode,
134 dev_t rdev,
135 bool tmpfile) /* unnamed file */
136{
137 struct inode *inode;
138 struct xfs_inode *ip = NULL;
139 struct posix_acl *default_acl, *acl;
140 struct xfs_name name;
141 int error;
142
143 /*
144 * Irix uses Missed'em'V split, but doesn't want to see
145 * the upper 5 bits of (14bit) major.
146 */
147 if (S_ISCHR(mode) || S_ISBLK(mode)) {
148 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff))
149 return -EINVAL;
150 rdev = sysv_encode_dev(rdev);
151 } else {
152 rdev = 0;
153 }
154
155 error = posix_acl_create(dir, &mode, &default_acl, &acl);
156 if (error)
157 return error;
158
159 if (!tmpfile) {
160 xfs_dentry_to_name(&name, dentry, mode);
161 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip);
162 } else {
163 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip);
164 }
165 if (unlikely(error))
166 goto out_free_acl;
167
168 inode = VFS_I(ip);
169
170 error = xfs_init_security(inode, dir, &dentry->d_name);
171 if (unlikely(error))
172 goto out_cleanup_inode;
173
174#ifdef CONFIG_XFS_POSIX_ACL
175 if (default_acl) {
176 error = -xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT);
177 if (error)
178 goto out_cleanup_inode;
179 }
180 if (acl) {
181 error = -xfs_set_acl(inode, acl, ACL_TYPE_ACCESS);
182 if (error)
183 goto out_cleanup_inode;
184 }
185#endif
186
187 if (tmpfile)
188 d_tmpfile(dentry, inode);
189 else
190 d_instantiate(dentry, inode);
191
192 out_free_acl:
193 if (default_acl)
194 posix_acl_release(default_acl);
195 if (acl)
196 posix_acl_release(acl);
197 return -error;
198
199 out_cleanup_inode:
200 if (!tmpfile)
201 xfs_cleanup_inode(dir, inode, dentry);
202 iput(inode);
203 goto out_free_acl;
204}
205
206STATIC int
207xfs_vn_mknod(
208 struct inode *dir,
209 struct dentry *dentry,
210 umode_t mode,
211 dev_t rdev)
212{
213 return xfs_generic_create(dir, dentry, mode, rdev, false);
214}
215
216STATIC int
217xfs_vn_create(
218 struct inode *dir,
219 struct dentry *dentry,
220 umode_t mode,
221 bool flags)
222{
223 return xfs_vn_mknod(dir, dentry, mode, 0);
224}
225
226STATIC int
227xfs_vn_mkdir(
228 struct inode *dir,
229 struct dentry *dentry,
230 umode_t mode)
231{
232 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0);
233}
234
235STATIC struct dentry *
236xfs_vn_lookup(
237 struct inode *dir,
238 struct dentry *dentry,
239 unsigned int flags)
240{
241 struct xfs_inode *cip;
242 struct xfs_name name;
243 int error;
244
245 if (dentry->d_name.len >= MAXNAMELEN)
246 return ERR_PTR(-ENAMETOOLONG);
247
248 xfs_dentry_to_name(&name, dentry, 0);
249 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL);
250 if (unlikely(error)) {
251 if (unlikely(error != ENOENT))
252 return ERR_PTR(-error);
253 d_add(dentry, NULL);
254 return NULL;
255 }
256
257 return d_splice_alias(VFS_I(cip), dentry);
258}
259
260STATIC struct dentry *
261xfs_vn_ci_lookup(
262 struct inode *dir,
263 struct dentry *dentry,
264 unsigned int flags)
265{
266 struct xfs_inode *ip;
267 struct xfs_name xname;
268 struct xfs_name ci_name;
269 struct qstr dname;
270 int error;
271
272 if (dentry->d_name.len >= MAXNAMELEN)
273 return ERR_PTR(-ENAMETOOLONG);
274
275 xfs_dentry_to_name(&xname, dentry, 0);
276 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name);
277 if (unlikely(error)) {
278 if (unlikely(error != ENOENT))
279 return ERR_PTR(-error);
280 /*
281 * call d_add(dentry, NULL) here when d_drop_negative_children
282 * is called in xfs_vn_mknod (ie. allow negative dentries
283 * with CI filesystems).
284 */
285 return NULL;
286 }
287
288 /* if exact match, just splice and exit */
289 if (!ci_name.name)
290 return d_splice_alias(VFS_I(ip), dentry);
291
292 /* else case-insensitive match... */
293 dname.name = ci_name.name;
294 dname.len = ci_name.len;
295 dentry = d_add_ci(dentry, VFS_I(ip), &dname);
296 kmem_free(ci_name.name);
297 return dentry;
298}
299
300STATIC int
301xfs_vn_link(
302 struct dentry *old_dentry,
303 struct inode *dir,
304 struct dentry *dentry)
305{
306 struct inode *inode = old_dentry->d_inode;
307 struct xfs_name name;
308 int error;
309
310 xfs_dentry_to_name(&name, dentry, inode->i_mode);
311
312 error = xfs_link(XFS_I(dir), XFS_I(inode), &name);
313 if (unlikely(error))
314 return -error;
315
316 ihold(inode);
317 d_instantiate(dentry, inode);
318 return 0;
319}
320
321STATIC int
322xfs_vn_unlink(
323 struct inode *dir,
324 struct dentry *dentry)
325{
326 struct xfs_name name;
327 int error;
328
329 xfs_dentry_to_name(&name, dentry, 0);
330
331 error = -xfs_remove(XFS_I(dir), &name, XFS_I(dentry->d_inode));
332 if (error)
333 return error;
334
335 /*
336 * With unlink, the VFS makes the dentry "negative": no inode,
337 * but still hashed. This is incompatible with case-insensitive
338 * mode, so invalidate (unhash) the dentry in CI-mode.
339 */
340 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb))
341 d_invalidate(dentry);
342 return 0;
343}
344
345STATIC int
346xfs_vn_symlink(
347 struct inode *dir,
348 struct dentry *dentry,
349 const char *symname)
350{
351 struct inode *inode;
352 struct xfs_inode *cip = NULL;
353 struct xfs_name name;
354 int error;
355 umode_t mode;
356
357 mode = S_IFLNK |
358 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO);
359 xfs_dentry_to_name(&name, dentry, mode);
360
361 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip);
362 if (unlikely(error))
363 goto out;
364
365 inode = VFS_I(cip);
366
367 error = xfs_init_security(inode, dir, &dentry->d_name);
368 if (unlikely(error))
369 goto out_cleanup_inode;
370
371 d_instantiate(dentry, inode);
372 return 0;
373
374 out_cleanup_inode:
375 xfs_cleanup_inode(dir, inode, dentry);
376 iput(inode);
377 out:
378 return -error;
379}
380
381STATIC int
382xfs_vn_rename(
383 struct inode *odir,
384 struct dentry *odentry,
385 struct inode *ndir,
386 struct dentry *ndentry)
387{
388 struct inode *new_inode = ndentry->d_inode;
389 struct xfs_name oname;
390 struct xfs_name nname;
391
392 xfs_dentry_to_name(&oname, odentry, 0);
393 xfs_dentry_to_name(&nname, ndentry, odentry->d_inode->i_mode);
394
395 return -xfs_rename(XFS_I(odir), &oname, XFS_I(odentry->d_inode),
396 XFS_I(ndir), &nname, new_inode ?
397 XFS_I(new_inode) : NULL);
398}
399
400/*
401 * careful here - this function can get called recursively, so
402 * we need to be very careful about how much stack we use.
403 * uio is kmalloced for this reason...
404 */
405STATIC void *
406xfs_vn_follow_link(
407 struct dentry *dentry,
408 struct nameidata *nd)
409{
410 char *link;
411 int error = -ENOMEM;
412
413 link = kmalloc(MAXPATHLEN+1, GFP_KERNEL);
414 if (!link)
415 goto out_err;
416
417 error = -xfs_readlink(XFS_I(dentry->d_inode), link);
418 if (unlikely(error))
419 goto out_kfree;
420
421 nd_set_link(nd, link);
422 return NULL;
423
424 out_kfree:
425 kfree(link);
426 out_err:
427 nd_set_link(nd, ERR_PTR(error));
428 return NULL;
429}
430
431STATIC int
432xfs_vn_getattr(
433 struct vfsmount *mnt,
434 struct dentry *dentry,
435 struct kstat *stat)
436{
437 struct inode *inode = dentry->d_inode;
438 struct xfs_inode *ip = XFS_I(inode);
439 struct xfs_mount *mp = ip->i_mount;
440
441 trace_xfs_getattr(ip);
442
443 if (XFS_FORCED_SHUTDOWN(mp))
444 return -XFS_ERROR(EIO);
445
446 stat->size = XFS_ISIZE(ip);
447 stat->dev = inode->i_sb->s_dev;
448 stat->mode = ip->i_d.di_mode;
449 stat->nlink = ip->i_d.di_nlink;
450 stat->uid = inode->i_uid;
451 stat->gid = inode->i_gid;
452 stat->ino = ip->i_ino;
453 stat->atime = inode->i_atime;
454 stat->mtime = inode->i_mtime;
455 stat->ctime = inode->i_ctime;
456 stat->blocks =
457 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks);
458
459
460 switch (inode->i_mode & S_IFMT) {
461 case S_IFBLK:
462 case S_IFCHR:
463 stat->blksize = BLKDEV_IOSIZE;
464 stat->rdev = MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff,
465 sysv_minor(ip->i_df.if_u2.if_rdev));
466 break;
467 default:
468 if (XFS_IS_REALTIME_INODE(ip)) {
469 /*
470 * If the file blocks are being allocated from a
471 * realtime volume, then return the inode's realtime
472 * extent size or the realtime volume's extent size.
473 */
474 stat->blksize =
475 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog;
476 } else
477 stat->blksize = xfs_preferred_iosize(mp);
478 stat->rdev = 0;
479 break;
480 }
481
482 return 0;
483}
484
485static void
486xfs_setattr_mode(
487 struct xfs_inode *ip,
488 struct iattr *iattr)
489{
490 struct inode *inode = VFS_I(ip);
491 umode_t mode = iattr->ia_mode;
492
493 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
494
495 ip->i_d.di_mode &= S_IFMT;
496 ip->i_d.di_mode |= mode & ~S_IFMT;
497
498 inode->i_mode &= S_IFMT;
499 inode->i_mode |= mode & ~S_IFMT;
500}
501
502static void
503xfs_setattr_time(
504 struct xfs_inode *ip,
505 struct iattr *iattr)
506{
507 struct inode *inode = VFS_I(ip);
508
509 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
510
511 if (iattr->ia_valid & ATTR_ATIME) {
512 inode->i_atime = iattr->ia_atime;
513 ip->i_d.di_atime.t_sec = iattr->ia_atime.tv_sec;
514 ip->i_d.di_atime.t_nsec = iattr->ia_atime.tv_nsec;
515 }
516 if (iattr->ia_valid & ATTR_CTIME) {
517 inode->i_ctime = iattr->ia_ctime;
518 ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec;
519 ip->i_d.di_ctime.t_nsec = iattr->ia_ctime.tv_nsec;
520 }
521 if (iattr->ia_valid & ATTR_MTIME) {
522 inode->i_mtime = iattr->ia_mtime;
523 ip->i_d.di_mtime.t_sec = iattr->ia_mtime.tv_sec;
524 ip->i_d.di_mtime.t_nsec = iattr->ia_mtime.tv_nsec;
525 }
526}
527
528int
529xfs_setattr_nonsize(
530 struct xfs_inode *ip,
531 struct iattr *iattr,
532 int flags)
533{
534 xfs_mount_t *mp = ip->i_mount;
535 struct inode *inode = VFS_I(ip);
536 int mask = iattr->ia_valid;
537 xfs_trans_t *tp;
538 int error;
539 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID;
540 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID;
541 struct xfs_dquot *udqp = NULL, *gdqp = NULL;
542 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL;
543
544 trace_xfs_setattr(ip);
545
546 /* If acls are being inherited, we already have this checked */
547 if (!(flags & XFS_ATTR_NOACL)) {
548 if (mp->m_flags & XFS_MOUNT_RDONLY)
549 return XFS_ERROR(EROFS);
550
551 if (XFS_FORCED_SHUTDOWN(mp))
552 return XFS_ERROR(EIO);
553
554 error = -inode_change_ok(inode, iattr);
555 if (error)
556 return XFS_ERROR(error);
557 }
558
559 ASSERT((mask & ATTR_SIZE) == 0);
560
561 /*
562 * If disk quotas is on, we make sure that the dquots do exist on disk,
563 * before we start any other transactions. Trying to do this later
564 * is messy. We don't care to take a readlock to look at the ids
565 * in inode here, because we can't hold it across the trans_reserve.
566 * If the IDs do change before we take the ilock, we're covered
567 * because the i_*dquot fields will get updated anyway.
568 */
569 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) {
570 uint qflags = 0;
571
572 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) {
573 uid = iattr->ia_uid;
574 qflags |= XFS_QMOPT_UQUOTA;
575 } else {
576 uid = inode->i_uid;
577 }
578 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) {
579 gid = iattr->ia_gid;
580 qflags |= XFS_QMOPT_GQUOTA;
581 } else {
582 gid = inode->i_gid;
583 }
584
585 /*
586 * We take a reference when we initialize udqp and gdqp,
587 * so it is important that we never blindly double trip on
588 * the same variable. See xfs_create() for an example.
589 */
590 ASSERT(udqp == NULL);
591 ASSERT(gdqp == NULL);
592 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid),
593 xfs_kgid_to_gid(gid),
594 xfs_get_projid(ip),
595 qflags, &udqp, &gdqp, NULL);
596 if (error)
597 return error;
598 }
599
600 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE);
601 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_ichange, 0, 0);
602 if (error)
603 goto out_dqrele;
604
605 xfs_ilock(ip, XFS_ILOCK_EXCL);
606
607 /*
608 * Change file ownership. Must be the owner or privileged.
609 */
610 if (mask & (ATTR_UID|ATTR_GID)) {
611 /*
612 * These IDs could have changed since we last looked at them.
613 * But, we're assured that if the ownership did change
614 * while we didn't have the inode locked, inode's dquot(s)
615 * would have changed also.
616 */
617 iuid = inode->i_uid;
618 igid = inode->i_gid;
619 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid;
620 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid;
621
622 /*
623 * Do a quota reservation only if uid/gid is actually
624 * going to change.
625 */
626 if (XFS_IS_QUOTA_RUNNING(mp) &&
627 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) ||
628 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) {
629 ASSERT(tp);
630 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp,
631 NULL, capable(CAP_FOWNER) ?
632 XFS_QMOPT_FORCE_RES : 0);
633 if (error) /* out of quota */
634 goto out_trans_cancel;
635 }
636 }
637
638 xfs_trans_ijoin(tp, ip, 0);
639
640 /*
641 * Change file ownership. Must be the owner or privileged.
642 */
643 if (mask & (ATTR_UID|ATTR_GID)) {
644 /*
645 * CAP_FSETID overrides the following restrictions:
646 *
647 * The set-user-ID and set-group-ID bits of a file will be
648 * cleared upon successful return from chown()
649 */
650 if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
651 !capable(CAP_FSETID))
652 ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
653
654 /*
655 * Change the ownerships and register quota modifications
656 * in the transaction.
657 */
658 if (!uid_eq(iuid, uid)) {
659 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) {
660 ASSERT(mask & ATTR_UID);
661 ASSERT(udqp);
662 olddquot1 = xfs_qm_vop_chown(tp, ip,
663 &ip->i_udquot, udqp);
664 }
665 ip->i_d.di_uid = xfs_kuid_to_uid(uid);
666 inode->i_uid = uid;
667 }
668 if (!gid_eq(igid, gid)) {
669 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) {
670 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) ||
671 !XFS_IS_PQUOTA_ON(mp));
672 ASSERT(mask & ATTR_GID);
673 ASSERT(gdqp);
674 olddquot2 = xfs_qm_vop_chown(tp, ip,
675 &ip->i_gdquot, gdqp);
676 }
677 ip->i_d.di_gid = xfs_kgid_to_gid(gid);
678 inode->i_gid = gid;
679 }
680 }
681
682 if (mask & ATTR_MODE)
683 xfs_setattr_mode(ip, iattr);
684 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME))
685 xfs_setattr_time(ip, iattr);
686
687 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
688
689 XFS_STATS_INC(xs_ig_attrchg);
690
691 if (mp->m_flags & XFS_MOUNT_WSYNC)
692 xfs_trans_set_sync(tp);
693 error = xfs_trans_commit(tp, 0);
694
695 xfs_iunlock(ip, XFS_ILOCK_EXCL);
696
697 /*
698 * Release any dquot(s) the inode had kept before chown.
699 */
700 xfs_qm_dqrele(olddquot1);
701 xfs_qm_dqrele(olddquot2);
702 xfs_qm_dqrele(udqp);
703 xfs_qm_dqrele(gdqp);
704
705 if (error)
706 return XFS_ERROR(error);
707
708 /*
709 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode
710 * update. We could avoid this with linked transactions
711 * and passing down the transaction pointer all the way
712 * to attr_set. No previous user of the generic
713 * Posix ACL code seems to care about this issue either.
714 */
715 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) {
716 error = -posix_acl_chmod(inode, inode->i_mode);
717 if (error)
718 return XFS_ERROR(error);
719 }
720
721 return 0;
722
723out_trans_cancel:
724 xfs_trans_cancel(tp, 0);
725 xfs_iunlock(ip, XFS_ILOCK_EXCL);
726out_dqrele:
727 xfs_qm_dqrele(udqp);
728 xfs_qm_dqrele(gdqp);
729 return error;
730}
731
732/*
733 * Truncate file. Must have write permission and not be a directory.
734 */
735int
736xfs_setattr_size(
737 struct xfs_inode *ip,
738 struct iattr *iattr)
739{
740 struct xfs_mount *mp = ip->i_mount;
741 struct inode *inode = VFS_I(ip);
742 xfs_off_t oldsize, newsize;
743 struct xfs_trans *tp;
744 int error;
745 uint lock_flags = 0;
746 uint commit_flags = 0;
747
748 trace_xfs_setattr(ip);
749
750 if (mp->m_flags & XFS_MOUNT_RDONLY)
751 return XFS_ERROR(EROFS);
752
753 if (XFS_FORCED_SHUTDOWN(mp))
754 return XFS_ERROR(EIO);
755
756 error = -inode_change_ok(inode, iattr);
757 if (error)
758 return XFS_ERROR(error);
759
760 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL));
761 ASSERT(S_ISREG(ip->i_d.di_mode));
762 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET|
763 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0);
764
765 oldsize = inode->i_size;
766 newsize = iattr->ia_size;
767
768 /*
769 * Short circuit the truncate case for zero length files.
770 */
771 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) {
772 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME)))
773 return 0;
774
775 /*
776 * Use the regular setattr path to update the timestamps.
777 */
778 iattr->ia_valid &= ~ATTR_SIZE;
779 return xfs_setattr_nonsize(ip, iattr, 0);
780 }
781
782 /*
783 * Make sure that the dquots are attached to the inode.
784 */
785 error = xfs_qm_dqattach(ip, 0);
786 if (error)
787 return error;
788
789 /*
790 * Now we can make the changes. Before we join the inode to the
791 * transaction, take care of the part of the truncation that must be
792 * done without the inode lock. This needs to be done before joining
793 * the inode to the transaction, because the inode cannot be unlocked
794 * once it is a part of the transaction.
795 */
796 if (newsize > oldsize) {
797 /*
798 * Do the first part of growing a file: zero any data in the
799 * last block that is beyond the old EOF. We need to do this
800 * before the inode is joined to the transaction to modify
801 * i_size.
802 */
803 error = xfs_zero_eof(ip, newsize, oldsize);
804 if (error)
805 return error;
806 }
807
808 /*
809 * We are going to log the inode size change in this transaction so
810 * any previous writes that are beyond the on disk EOF and the new
811 * EOF that have not been written out need to be written here. If we
812 * do not write the data out, we expose ourselves to the null files
813 * problem.
814 *
815 * Only flush from the on disk size to the smaller of the in memory
816 * file size or the new size as that's the range we really care about
817 * here and prevents waiting for other data not within the range we
818 * care about here.
819 */
820 if (oldsize != ip->i_d.di_size && newsize > ip->i_d.di_size) {
821 error = -filemap_write_and_wait_range(VFS_I(ip)->i_mapping,
822 ip->i_d.di_size, newsize);
823 if (error)
824 return error;
825 }
826
827 /*
828 * Wait for all direct I/O to complete.
829 */
830 inode_dio_wait(inode);
831
832 error = -block_truncate_page(inode->i_mapping, newsize, xfs_get_blocks);
833 if (error)
834 return error;
835
836 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_SIZE);
837 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_itruncate, 0, 0);
838 if (error)
839 goto out_trans_cancel;
840
841 truncate_setsize(inode, newsize);
842
843 commit_flags = XFS_TRANS_RELEASE_LOG_RES;
844 lock_flags |= XFS_ILOCK_EXCL;
845
846 xfs_ilock(ip, XFS_ILOCK_EXCL);
847
848 xfs_trans_ijoin(tp, ip, 0);
849
850 /*
851 * Only change the c/mtime if we are changing the size or we are
852 * explicitly asked to change it. This handles the semantic difference
853 * between truncate() and ftruncate() as implemented in the VFS.
854 *
855 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a
856 * special case where we need to update the times despite not having
857 * these flags set. For all other operations the VFS set these flags
858 * explicitly if it wants a timestamp update.
859 */
860 if (newsize != oldsize &&
861 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) {
862 iattr->ia_ctime = iattr->ia_mtime =
863 current_fs_time(inode->i_sb);
864 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME;
865 }
866
867 /*
868 * The first thing we do is set the size to new_size permanently on
869 * disk. This way we don't have to worry about anyone ever being able
870 * to look at the data being freed even in the face of a crash.
871 * What we're getting around here is the case where we free a block, it
872 * is allocated to another file, it is written to, and then we crash.
873 * If the new data gets written to the file but the log buffers
874 * containing the free and reallocation don't, then we'd end up with
875 * garbage in the blocks being freed. As long as we make the new size
876 * permanent before actually freeing any blocks it doesn't matter if
877 * they get written to.
878 */
879 ip->i_d.di_size = newsize;
880 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
881
882 if (newsize <= oldsize) {
883 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize);
884 if (error)
885 goto out_trans_abort;
886
887 /*
888 * Truncated "down", so we're removing references to old data
889 * here - if we delay flushing for a long time, we expose
890 * ourselves unduly to the notorious NULL files problem. So,
891 * we mark this inode and flush it when the file is closed,
892 * and do not wait the usual (long) time for writeout.
893 */
894 xfs_iflags_set(ip, XFS_ITRUNCATED);
895
896 /* A truncate down always removes post-EOF blocks. */
897 xfs_inode_clear_eofblocks_tag(ip);
898 }
899
900 if (iattr->ia_valid & ATTR_MODE)
901 xfs_setattr_mode(ip, iattr);
902 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME))
903 xfs_setattr_time(ip, iattr);
904
905 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
906
907 XFS_STATS_INC(xs_ig_attrchg);
908
909 if (mp->m_flags & XFS_MOUNT_WSYNC)
910 xfs_trans_set_sync(tp);
911
912 error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES);
913out_unlock:
914 if (lock_flags)
915 xfs_iunlock(ip, lock_flags);
916 return error;
917
918out_trans_abort:
919 commit_flags |= XFS_TRANS_ABORT;
920out_trans_cancel:
921 xfs_trans_cancel(tp, commit_flags);
922 goto out_unlock;
923}
924
925STATIC int
926xfs_vn_setattr(
927 struct dentry *dentry,
928 struct iattr *iattr)
929{
930 struct xfs_inode *ip = XFS_I(dentry->d_inode);
931 int error;
932
933 if (iattr->ia_valid & ATTR_SIZE) {
934 xfs_ilock(ip, XFS_IOLOCK_EXCL);
935 error = xfs_setattr_size(ip, iattr);
936 xfs_iunlock(ip, XFS_IOLOCK_EXCL);
937 } else {
938 error = xfs_setattr_nonsize(ip, iattr, 0);
939 }
940
941 return -error;
942}
943
944STATIC int
945xfs_vn_update_time(
946 struct inode *inode,
947 struct timespec *now,
948 int flags)
949{
950 struct xfs_inode *ip = XFS_I(inode);
951 struct xfs_mount *mp = ip->i_mount;
952 struct xfs_trans *tp;
953 int error;
954
955 trace_xfs_update_time(ip);
956
957 tp = xfs_trans_alloc(mp, XFS_TRANS_FSYNC_TS);
958 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_fsyncts, 0, 0);
959 if (error) {
960 xfs_trans_cancel(tp, 0);
961 return -error;
962 }
963
964 xfs_ilock(ip, XFS_ILOCK_EXCL);
965 if (flags & S_CTIME) {
966 inode->i_ctime = *now;
967 ip->i_d.di_ctime.t_sec = (__int32_t)now->tv_sec;
968 ip->i_d.di_ctime.t_nsec = (__int32_t)now->tv_nsec;
969 }
970 if (flags & S_MTIME) {
971 inode->i_mtime = *now;
972 ip->i_d.di_mtime.t_sec = (__int32_t)now->tv_sec;
973 ip->i_d.di_mtime.t_nsec = (__int32_t)now->tv_nsec;
974 }
975 if (flags & S_ATIME) {
976 inode->i_atime = *now;
977 ip->i_d.di_atime.t_sec = (__int32_t)now->tv_sec;
978 ip->i_d.di_atime.t_nsec = (__int32_t)now->tv_nsec;
979 }
980 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
981 xfs_trans_log_inode(tp, ip, XFS_ILOG_TIMESTAMP);
982 return -xfs_trans_commit(tp, 0);
983}
984
985#define XFS_FIEMAP_FLAGS (FIEMAP_FLAG_SYNC|FIEMAP_FLAG_XATTR)
986
987/*
988 * Call fiemap helper to fill in user data.
989 * Returns positive errors to xfs_getbmap.
990 */
991STATIC int
992xfs_fiemap_format(
993 void **arg,
994 struct getbmapx *bmv,
995 int *full)
996{
997 int error;
998 struct fiemap_extent_info *fieinfo = *arg;
999 u32 fiemap_flags = 0;
1000 u64 logical, physical, length;
1001
1002 /* Do nothing for a hole */
1003 if (bmv->bmv_block == -1LL)
1004 return 0;
1005
1006 logical = BBTOB(bmv->bmv_offset);
1007 physical = BBTOB(bmv->bmv_block);
1008 length = BBTOB(bmv->bmv_length);
1009
1010 if (bmv->bmv_oflags & BMV_OF_PREALLOC)
1011 fiemap_flags |= FIEMAP_EXTENT_UNWRITTEN;
1012 else if (bmv->bmv_oflags & BMV_OF_DELALLOC) {
1013 fiemap_flags |= (FIEMAP_EXTENT_DELALLOC |
1014 FIEMAP_EXTENT_UNKNOWN);
1015 physical = 0; /* no block yet */
1016 }
1017 if (bmv->bmv_oflags & BMV_OF_LAST)
1018 fiemap_flags |= FIEMAP_EXTENT_LAST;
1019
1020 error = fiemap_fill_next_extent(fieinfo, logical, physical,
1021 length, fiemap_flags);
1022 if (error > 0) {
1023 error = 0;
1024 *full = 1; /* user array now full */
1025 }
1026
1027 return -error;
1028}
1029
1030STATIC int
1031xfs_vn_fiemap(
1032 struct inode *inode,
1033 struct fiemap_extent_info *fieinfo,
1034 u64 start,
1035 u64 length)
1036{
1037 xfs_inode_t *ip = XFS_I(inode);
1038 struct getbmapx bm;
1039 int error;
1040
1041 error = fiemap_check_flags(fieinfo, XFS_FIEMAP_FLAGS);
1042 if (error)
1043 return error;
1044
1045 /* Set up bmap header for xfs internal routine */
1046 bm.bmv_offset = BTOBB(start);
1047 /* Special case for whole file */
1048 if (length == FIEMAP_MAX_OFFSET)
1049 bm.bmv_length = -1LL;
1050 else
1051 bm.bmv_length = BTOBB(length);
1052
1053 /* We add one because in getbmap world count includes the header */
1054 bm.bmv_count = !fieinfo->fi_extents_max ? MAXEXTNUM :
1055 fieinfo->fi_extents_max + 1;
1056 bm.bmv_count = min_t(__s32, bm.bmv_count,
1057 (PAGE_SIZE * 16 / sizeof(struct getbmapx)));
1058 bm.bmv_iflags = BMV_IF_PREALLOC | BMV_IF_NO_HOLES;
1059 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR)
1060 bm.bmv_iflags |= BMV_IF_ATTRFORK;
1061 if (!(fieinfo->fi_flags & FIEMAP_FLAG_SYNC))
1062 bm.bmv_iflags |= BMV_IF_DELALLOC;
1063
1064 error = xfs_getbmap(ip, &bm, xfs_fiemap_format, fieinfo);
1065 if (error)
1066 return -error;
1067
1068 return 0;
1069}
1070
1071STATIC int
1072xfs_vn_tmpfile(
1073 struct inode *dir,
1074 struct dentry *dentry,
1075 umode_t mode)
1076{
1077 return xfs_generic_create(dir, dentry, mode, 0, true);
1078}
1079
1080static const struct inode_operations xfs_inode_operations = {
1081 .get_acl = xfs_get_acl,
1082 .set_acl = xfs_set_acl,
1083 .getattr = xfs_vn_getattr,
1084 .setattr = xfs_vn_setattr,
1085 .setxattr = generic_setxattr,
1086 .getxattr = generic_getxattr,
1087 .removexattr = generic_removexattr,
1088 .listxattr = xfs_vn_listxattr,
1089 .fiemap = xfs_vn_fiemap,
1090 .update_time = xfs_vn_update_time,
1091};
1092
1093static const struct inode_operations xfs_dir_inode_operations = {
1094 .create = xfs_vn_create,
1095 .lookup = xfs_vn_lookup,
1096 .link = xfs_vn_link,
1097 .unlink = xfs_vn_unlink,
1098 .symlink = xfs_vn_symlink,
1099 .mkdir = xfs_vn_mkdir,
1100 /*
1101 * Yes, XFS uses the same method for rmdir and unlink.
1102 *
1103 * There are some subtile differences deeper in the code,
1104 * but we use S_ISDIR to check for those.
1105 */
1106 .rmdir = xfs_vn_unlink,
1107 .mknod = xfs_vn_mknod,
1108 .rename = xfs_vn_rename,
1109 .get_acl = xfs_get_acl,
1110 .set_acl = xfs_set_acl,
1111 .getattr = xfs_vn_getattr,
1112 .setattr = xfs_vn_setattr,
1113 .setxattr = generic_setxattr,
1114 .getxattr = generic_getxattr,
1115 .removexattr = generic_removexattr,
1116 .listxattr = xfs_vn_listxattr,
1117 .update_time = xfs_vn_update_time,
1118 .tmpfile = xfs_vn_tmpfile,
1119};
1120
1121static const struct inode_operations xfs_dir_ci_inode_operations = {
1122 .create = xfs_vn_create,
1123 .lookup = xfs_vn_ci_lookup,
1124 .link = xfs_vn_link,
1125 .unlink = xfs_vn_unlink,
1126 .symlink = xfs_vn_symlink,
1127 .mkdir = xfs_vn_mkdir,
1128 /*
1129 * Yes, XFS uses the same method for rmdir and unlink.
1130 *
1131 * There are some subtile differences deeper in the code,
1132 * but we use S_ISDIR to check for those.
1133 */
1134 .rmdir = xfs_vn_unlink,
1135 .mknod = xfs_vn_mknod,
1136 .rename = xfs_vn_rename,
1137 .get_acl = xfs_get_acl,
1138 .set_acl = xfs_set_acl,
1139 .getattr = xfs_vn_getattr,
1140 .setattr = xfs_vn_setattr,
1141 .setxattr = generic_setxattr,
1142 .getxattr = generic_getxattr,
1143 .removexattr = generic_removexattr,
1144 .listxattr = xfs_vn_listxattr,
1145 .update_time = xfs_vn_update_time,
1146 .tmpfile = xfs_vn_tmpfile,
1147};
1148
1149static const struct inode_operations xfs_symlink_inode_operations = {
1150 .readlink = generic_readlink,
1151 .follow_link = xfs_vn_follow_link,
1152 .put_link = kfree_put_link,
1153 .getattr = xfs_vn_getattr,
1154 .setattr = xfs_vn_setattr,
1155 .setxattr = generic_setxattr,
1156 .getxattr = generic_getxattr,
1157 .removexattr = generic_removexattr,
1158 .listxattr = xfs_vn_listxattr,
1159 .update_time = xfs_vn_update_time,
1160};
1161
1162STATIC void
1163xfs_diflags_to_iflags(
1164 struct inode *inode,
1165 struct xfs_inode *ip)
1166{
1167 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE)
1168 inode->i_flags |= S_IMMUTABLE;
1169 else
1170 inode->i_flags &= ~S_IMMUTABLE;
1171 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND)
1172 inode->i_flags |= S_APPEND;
1173 else
1174 inode->i_flags &= ~S_APPEND;
1175 if (ip->i_d.di_flags & XFS_DIFLAG_SYNC)
1176 inode->i_flags |= S_SYNC;
1177 else
1178 inode->i_flags &= ~S_SYNC;
1179 if (ip->i_d.di_flags & XFS_DIFLAG_NOATIME)
1180 inode->i_flags |= S_NOATIME;
1181 else
1182 inode->i_flags &= ~S_NOATIME;
1183}
1184
1185/*
1186 * Initialize the Linux inode, set up the operation vectors and
1187 * unlock the inode.
1188 *
1189 * When reading existing inodes from disk this is called directly
1190 * from xfs_iget, when creating a new inode it is called from
1191 * xfs_ialloc after setting up the inode.
1192 *
1193 * We are always called with an uninitialised linux inode here.
1194 * We need to initialise the necessary fields and take a reference
1195 * on it.
1196 */
1197void
1198xfs_setup_inode(
1199 struct xfs_inode *ip)
1200{
1201 struct inode *inode = &ip->i_vnode;
1202 gfp_t gfp_mask;
1203
1204 inode->i_ino = ip->i_ino;
1205 inode->i_state = I_NEW;
1206
1207 inode_sb_list_add(inode);
1208 /* make the inode look hashed for the writeback code */
1209 hlist_add_fake(&inode->i_hash);
1210
1211 inode->i_mode = ip->i_d.di_mode;
1212 set_nlink(inode, ip->i_d.di_nlink);
1213 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid);
1214 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid);
1215
1216 switch (inode->i_mode & S_IFMT) {
1217 case S_IFBLK:
1218 case S_IFCHR:
1219 inode->i_rdev =
1220 MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff,
1221 sysv_minor(ip->i_df.if_u2.if_rdev));
1222 break;
1223 default:
1224 inode->i_rdev = 0;
1225 break;
1226 }
1227
1228 inode->i_generation = ip->i_d.di_gen;
1229 i_size_write(inode, ip->i_d.di_size);
1230 inode->i_atime.tv_sec = ip->i_d.di_atime.t_sec;
1231 inode->i_atime.tv_nsec = ip->i_d.di_atime.t_nsec;
1232 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec;
1233 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec;
1234 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec;
1235 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec;
1236 xfs_diflags_to_iflags(inode, ip);
1237
1238 ip->d_ops = ip->i_mount->m_nondir_inode_ops;
1239 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class);
1240 switch (inode->i_mode & S_IFMT) {
1241 case S_IFREG:
1242 inode->i_op = &xfs_inode_operations;
1243 inode->i_fop = &xfs_file_operations;
1244 inode->i_mapping->a_ops = &xfs_address_space_operations;
1245 break;
1246 case S_IFDIR:
1247 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class);
1248 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb))
1249 inode->i_op = &xfs_dir_ci_inode_operations;
1250 else
1251 inode->i_op = &xfs_dir_inode_operations;
1252 inode->i_fop = &xfs_dir_file_operations;
1253 ip->d_ops = ip->i_mount->m_dir_inode_ops;
1254 break;
1255 case S_IFLNK:
1256 inode->i_op = &xfs_symlink_inode_operations;
1257 if (!(ip->i_df.if_flags & XFS_IFINLINE))
1258 inode->i_mapping->a_ops = &xfs_address_space_operations;
1259 break;
1260 default:
1261 inode->i_op = &xfs_inode_operations;
1262 init_special_inode(inode, inode->i_mode, inode->i_rdev);
1263 break;
1264 }
1265
1266 /*
1267 * Ensure all page cache allocations are done from GFP_NOFS context to
1268 * prevent direct reclaim recursion back into the filesystem and blowing
1269 * stacks or deadlocking.
1270 */
1271 gfp_mask = mapping_gfp_mask(inode->i_mapping);
1272 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS)));
1273
1274 /*
1275 * If there is no attribute fork no ACL can exist on this inode,
1276 * and it can't have any file capabilities attached to it either.
1277 */
1278 if (!XFS_IFORK_Q(ip)) {
1279 inode_has_no_xattr(inode);
1280 cache_no_acl(inode);
1281 }
1282
1283 xfs_iflags_clear(ip, XFS_INEW);
1284 barrier();
1285
1286 unlock_new_inode(inode);
1287}
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6#include "xfs.h"
7#include "xfs_fs.h"
8#include "xfs_shared.h"
9#include "xfs_format.h"
10#include "xfs_log_format.h"
11#include "xfs_trans_resv.h"
12#include "xfs_mount.h"
13#include "xfs_inode.h"
14#include "xfs_acl.h"
15#include "xfs_quota.h"
16#include "xfs_attr.h"
17#include "xfs_trans.h"
18#include "xfs_trace.h"
19#include "xfs_icache.h"
20#include "xfs_symlink.h"
21#include "xfs_dir2.h"
22#include "xfs_iomap.h"
23
24#include <linux/xattr.h>
25#include <linux/posix_acl.h>
26#include <linux/security.h>
27#include <linux/iversion.h>
28
29/*
30 * Directories have different lock order w.r.t. mmap_sem compared to regular
31 * files. This is due to readdir potentially triggering page faults on a user
32 * buffer inside filldir(), and this happens with the ilock on the directory
33 * held. For regular files, the lock order is the other way around - the
34 * mmap_sem is taken during the page fault, and then we lock the ilock to do
35 * block mapping. Hence we need a different class for the directory ilock so
36 * that lockdep can tell them apart.
37 */
38static struct lock_class_key xfs_nondir_ilock_class;
39static struct lock_class_key xfs_dir_ilock_class;
40
41static int
42xfs_initxattrs(
43 struct inode *inode,
44 const struct xattr *xattr_array,
45 void *fs_info)
46{
47 const struct xattr *xattr;
48 struct xfs_inode *ip = XFS_I(inode);
49 int error = 0;
50
51 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
52 error = xfs_attr_set(ip, xattr->name, xattr->value,
53 xattr->value_len, ATTR_SECURE);
54 if (error < 0)
55 break;
56 }
57 return error;
58}
59
60/*
61 * Hook in SELinux. This is not quite correct yet, what we really need
62 * here (as we do for default ACLs) is a mechanism by which creation of
63 * these attrs can be journalled at inode creation time (along with the
64 * inode, of course, such that log replay can't cause these to be lost).
65 */
66
67STATIC int
68xfs_init_security(
69 struct inode *inode,
70 struct inode *dir,
71 const struct qstr *qstr)
72{
73 return security_inode_init_security(inode, dir, qstr,
74 &xfs_initxattrs, NULL);
75}
76
77static void
78xfs_dentry_to_name(
79 struct xfs_name *namep,
80 struct dentry *dentry)
81{
82 namep->name = dentry->d_name.name;
83 namep->len = dentry->d_name.len;
84 namep->type = XFS_DIR3_FT_UNKNOWN;
85}
86
87static int
88xfs_dentry_mode_to_name(
89 struct xfs_name *namep,
90 struct dentry *dentry,
91 int mode)
92{
93 namep->name = dentry->d_name.name;
94 namep->len = dentry->d_name.len;
95 namep->type = xfs_mode_to_ftype(mode);
96
97 if (unlikely(namep->type == XFS_DIR3_FT_UNKNOWN))
98 return -EFSCORRUPTED;
99
100 return 0;
101}
102
103STATIC void
104xfs_cleanup_inode(
105 struct inode *dir,
106 struct inode *inode,
107 struct dentry *dentry)
108{
109 struct xfs_name teardown;
110
111 /* Oh, the horror.
112 * If we can't add the ACL or we fail in
113 * xfs_init_security we must back out.
114 * ENOSPC can hit here, among other things.
115 */
116 xfs_dentry_to_name(&teardown, dentry);
117
118 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode));
119}
120
121STATIC int
122xfs_generic_create(
123 struct inode *dir,
124 struct dentry *dentry,
125 umode_t mode,
126 dev_t rdev,
127 bool tmpfile) /* unnamed file */
128{
129 struct inode *inode;
130 struct xfs_inode *ip = NULL;
131 struct posix_acl *default_acl, *acl;
132 struct xfs_name name;
133 int error;
134
135 /*
136 * Irix uses Missed'em'V split, but doesn't want to see
137 * the upper 5 bits of (14bit) major.
138 */
139 if (S_ISCHR(mode) || S_ISBLK(mode)) {
140 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff))
141 return -EINVAL;
142 } else {
143 rdev = 0;
144 }
145
146 error = posix_acl_create(dir, &mode, &default_acl, &acl);
147 if (error)
148 return error;
149
150 /* Verify mode is valid also for tmpfile case */
151 error = xfs_dentry_mode_to_name(&name, dentry, mode);
152 if (unlikely(error))
153 goto out_free_acl;
154
155 if (!tmpfile) {
156 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip);
157 } else {
158 error = xfs_create_tmpfile(XFS_I(dir), mode, &ip);
159 }
160 if (unlikely(error))
161 goto out_free_acl;
162
163 inode = VFS_I(ip);
164
165 error = xfs_init_security(inode, dir, &dentry->d_name);
166 if (unlikely(error))
167 goto out_cleanup_inode;
168
169#ifdef CONFIG_XFS_POSIX_ACL
170 if (default_acl) {
171 error = __xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT);
172 if (error)
173 goto out_cleanup_inode;
174 }
175 if (acl) {
176 error = __xfs_set_acl(inode, acl, ACL_TYPE_ACCESS);
177 if (error)
178 goto out_cleanup_inode;
179 }
180#endif
181
182 xfs_setup_iops(ip);
183
184 if (tmpfile) {
185 /*
186 * The VFS requires that any inode fed to d_tmpfile must have
187 * nlink == 1 so that it can decrement the nlink in d_tmpfile.
188 * However, we created the temp file with nlink == 0 because
189 * we're not allowed to put an inode with nlink > 0 on the
190 * unlinked list. Therefore we have to set nlink to 1 so that
191 * d_tmpfile can immediately set it back to zero.
192 */
193 set_nlink(inode, 1);
194 d_tmpfile(dentry, inode);
195 } else
196 d_instantiate(dentry, inode);
197
198 xfs_finish_inode_setup(ip);
199
200 out_free_acl:
201 if (default_acl)
202 posix_acl_release(default_acl);
203 if (acl)
204 posix_acl_release(acl);
205 return error;
206
207 out_cleanup_inode:
208 xfs_finish_inode_setup(ip);
209 if (!tmpfile)
210 xfs_cleanup_inode(dir, inode, dentry);
211 xfs_irele(ip);
212 goto out_free_acl;
213}
214
215STATIC int
216xfs_vn_mknod(
217 struct inode *dir,
218 struct dentry *dentry,
219 umode_t mode,
220 dev_t rdev)
221{
222 return xfs_generic_create(dir, dentry, mode, rdev, false);
223}
224
225STATIC int
226xfs_vn_create(
227 struct inode *dir,
228 struct dentry *dentry,
229 umode_t mode,
230 bool flags)
231{
232 return xfs_vn_mknod(dir, dentry, mode, 0);
233}
234
235STATIC int
236xfs_vn_mkdir(
237 struct inode *dir,
238 struct dentry *dentry,
239 umode_t mode)
240{
241 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0);
242}
243
244STATIC struct dentry *
245xfs_vn_lookup(
246 struct inode *dir,
247 struct dentry *dentry,
248 unsigned int flags)
249{
250 struct inode *inode;
251 struct xfs_inode *cip;
252 struct xfs_name name;
253 int error;
254
255 if (dentry->d_name.len >= MAXNAMELEN)
256 return ERR_PTR(-ENAMETOOLONG);
257
258 xfs_dentry_to_name(&name, dentry);
259 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL);
260 if (likely(!error))
261 inode = VFS_I(cip);
262 else if (likely(error == -ENOENT))
263 inode = NULL;
264 else
265 inode = ERR_PTR(error);
266 return d_splice_alias(inode, dentry);
267}
268
269STATIC struct dentry *
270xfs_vn_ci_lookup(
271 struct inode *dir,
272 struct dentry *dentry,
273 unsigned int flags)
274{
275 struct xfs_inode *ip;
276 struct xfs_name xname;
277 struct xfs_name ci_name;
278 struct qstr dname;
279 int error;
280
281 if (dentry->d_name.len >= MAXNAMELEN)
282 return ERR_PTR(-ENAMETOOLONG);
283
284 xfs_dentry_to_name(&xname, dentry);
285 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name);
286 if (unlikely(error)) {
287 if (unlikely(error != -ENOENT))
288 return ERR_PTR(error);
289 /*
290 * call d_add(dentry, NULL) here when d_drop_negative_children
291 * is called in xfs_vn_mknod (ie. allow negative dentries
292 * with CI filesystems).
293 */
294 return NULL;
295 }
296
297 /* if exact match, just splice and exit */
298 if (!ci_name.name)
299 return d_splice_alias(VFS_I(ip), dentry);
300
301 /* else case-insensitive match... */
302 dname.name = ci_name.name;
303 dname.len = ci_name.len;
304 dentry = d_add_ci(dentry, VFS_I(ip), &dname);
305 kmem_free(ci_name.name);
306 return dentry;
307}
308
309STATIC int
310xfs_vn_link(
311 struct dentry *old_dentry,
312 struct inode *dir,
313 struct dentry *dentry)
314{
315 struct inode *inode = d_inode(old_dentry);
316 struct xfs_name name;
317 int error;
318
319 error = xfs_dentry_mode_to_name(&name, dentry, inode->i_mode);
320 if (unlikely(error))
321 return error;
322
323 error = xfs_link(XFS_I(dir), XFS_I(inode), &name);
324 if (unlikely(error))
325 return error;
326
327 ihold(inode);
328 d_instantiate(dentry, inode);
329 return 0;
330}
331
332STATIC int
333xfs_vn_unlink(
334 struct inode *dir,
335 struct dentry *dentry)
336{
337 struct xfs_name name;
338 int error;
339
340 xfs_dentry_to_name(&name, dentry);
341
342 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry)));
343 if (error)
344 return error;
345
346 /*
347 * With unlink, the VFS makes the dentry "negative": no inode,
348 * but still hashed. This is incompatible with case-insensitive
349 * mode, so invalidate (unhash) the dentry in CI-mode.
350 */
351 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb))
352 d_invalidate(dentry);
353 return 0;
354}
355
356STATIC int
357xfs_vn_symlink(
358 struct inode *dir,
359 struct dentry *dentry,
360 const char *symname)
361{
362 struct inode *inode;
363 struct xfs_inode *cip = NULL;
364 struct xfs_name name;
365 int error;
366 umode_t mode;
367
368 mode = S_IFLNK |
369 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO);
370 error = xfs_dentry_mode_to_name(&name, dentry, mode);
371 if (unlikely(error))
372 goto out;
373
374 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip);
375 if (unlikely(error))
376 goto out;
377
378 inode = VFS_I(cip);
379
380 error = xfs_init_security(inode, dir, &dentry->d_name);
381 if (unlikely(error))
382 goto out_cleanup_inode;
383
384 xfs_setup_iops(cip);
385
386 d_instantiate(dentry, inode);
387 xfs_finish_inode_setup(cip);
388 return 0;
389
390 out_cleanup_inode:
391 xfs_finish_inode_setup(cip);
392 xfs_cleanup_inode(dir, inode, dentry);
393 xfs_irele(cip);
394 out:
395 return error;
396}
397
398STATIC int
399xfs_vn_rename(
400 struct inode *odir,
401 struct dentry *odentry,
402 struct inode *ndir,
403 struct dentry *ndentry,
404 unsigned int flags)
405{
406 struct inode *new_inode = d_inode(ndentry);
407 int omode = 0;
408 int error;
409 struct xfs_name oname;
410 struct xfs_name nname;
411
412 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
413 return -EINVAL;
414
415 /* if we are exchanging files, we need to set i_mode of both files */
416 if (flags & RENAME_EXCHANGE)
417 omode = d_inode(ndentry)->i_mode;
418
419 error = xfs_dentry_mode_to_name(&oname, odentry, omode);
420 if (omode && unlikely(error))
421 return error;
422
423 error = xfs_dentry_mode_to_name(&nname, ndentry,
424 d_inode(odentry)->i_mode);
425 if (unlikely(error))
426 return error;
427
428 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)),
429 XFS_I(ndir), &nname,
430 new_inode ? XFS_I(new_inode) : NULL, flags);
431}
432
433/*
434 * careful here - this function can get called recursively, so
435 * we need to be very careful about how much stack we use.
436 * uio is kmalloced for this reason...
437 */
438STATIC const char *
439xfs_vn_get_link(
440 struct dentry *dentry,
441 struct inode *inode,
442 struct delayed_call *done)
443{
444 char *link;
445 int error = -ENOMEM;
446
447 if (!dentry)
448 return ERR_PTR(-ECHILD);
449
450 link = kmalloc(XFS_SYMLINK_MAXLEN+1, GFP_KERNEL);
451 if (!link)
452 goto out_err;
453
454 error = xfs_readlink(XFS_I(d_inode(dentry)), link);
455 if (unlikely(error))
456 goto out_kfree;
457
458 set_delayed_call(done, kfree_link, link);
459 return link;
460
461 out_kfree:
462 kfree(link);
463 out_err:
464 return ERR_PTR(error);
465}
466
467STATIC const char *
468xfs_vn_get_link_inline(
469 struct dentry *dentry,
470 struct inode *inode,
471 struct delayed_call *done)
472{
473 char *link;
474
475 ASSERT(XFS_I(inode)->i_df.if_flags & XFS_IFINLINE);
476
477 /*
478 * The VFS crashes on a NULL pointer, so return -EFSCORRUPTED if
479 * if_data is junk.
480 */
481 link = XFS_I(inode)->i_df.if_u1.if_data;
482 if (!link)
483 return ERR_PTR(-EFSCORRUPTED);
484 return link;
485}
486
487STATIC int
488xfs_vn_getattr(
489 const struct path *path,
490 struct kstat *stat,
491 u32 request_mask,
492 unsigned int query_flags)
493{
494 struct inode *inode = d_inode(path->dentry);
495 struct xfs_inode *ip = XFS_I(inode);
496 struct xfs_mount *mp = ip->i_mount;
497
498 trace_xfs_getattr(ip);
499
500 if (XFS_FORCED_SHUTDOWN(mp))
501 return -EIO;
502
503 stat->size = XFS_ISIZE(ip);
504 stat->dev = inode->i_sb->s_dev;
505 stat->mode = inode->i_mode;
506 stat->nlink = inode->i_nlink;
507 stat->uid = inode->i_uid;
508 stat->gid = inode->i_gid;
509 stat->ino = ip->i_ino;
510 stat->atime = inode->i_atime;
511 stat->mtime = inode->i_mtime;
512 stat->ctime = inode->i_ctime;
513 stat->blocks =
514 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks);
515
516 if (ip->i_d.di_version == 3) {
517 if (request_mask & STATX_BTIME) {
518 stat->result_mask |= STATX_BTIME;
519 stat->btime.tv_sec = ip->i_d.di_crtime.t_sec;
520 stat->btime.tv_nsec = ip->i_d.di_crtime.t_nsec;
521 }
522 }
523
524 /*
525 * Note: If you add another clause to set an attribute flag, please
526 * update attributes_mask below.
527 */
528 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE)
529 stat->attributes |= STATX_ATTR_IMMUTABLE;
530 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND)
531 stat->attributes |= STATX_ATTR_APPEND;
532 if (ip->i_d.di_flags & XFS_DIFLAG_NODUMP)
533 stat->attributes |= STATX_ATTR_NODUMP;
534
535 stat->attributes_mask |= (STATX_ATTR_IMMUTABLE |
536 STATX_ATTR_APPEND |
537 STATX_ATTR_NODUMP);
538
539 switch (inode->i_mode & S_IFMT) {
540 case S_IFBLK:
541 case S_IFCHR:
542 stat->blksize = BLKDEV_IOSIZE;
543 stat->rdev = inode->i_rdev;
544 break;
545 default:
546 if (XFS_IS_REALTIME_INODE(ip)) {
547 /*
548 * If the file blocks are being allocated from a
549 * realtime volume, then return the inode's realtime
550 * extent size or the realtime volume's extent size.
551 */
552 stat->blksize =
553 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog;
554 } else
555 stat->blksize = xfs_preferred_iosize(mp);
556 stat->rdev = 0;
557 break;
558 }
559
560 return 0;
561}
562
563static void
564xfs_setattr_mode(
565 struct xfs_inode *ip,
566 struct iattr *iattr)
567{
568 struct inode *inode = VFS_I(ip);
569 umode_t mode = iattr->ia_mode;
570
571 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
572
573 inode->i_mode &= S_IFMT;
574 inode->i_mode |= mode & ~S_IFMT;
575}
576
577void
578xfs_setattr_time(
579 struct xfs_inode *ip,
580 struct iattr *iattr)
581{
582 struct inode *inode = VFS_I(ip);
583
584 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
585
586 if (iattr->ia_valid & ATTR_ATIME)
587 inode->i_atime = iattr->ia_atime;
588 if (iattr->ia_valid & ATTR_CTIME)
589 inode->i_ctime = iattr->ia_ctime;
590 if (iattr->ia_valid & ATTR_MTIME)
591 inode->i_mtime = iattr->ia_mtime;
592}
593
594static int
595xfs_vn_change_ok(
596 struct dentry *dentry,
597 struct iattr *iattr)
598{
599 struct xfs_mount *mp = XFS_I(d_inode(dentry))->i_mount;
600
601 if (mp->m_flags & XFS_MOUNT_RDONLY)
602 return -EROFS;
603
604 if (XFS_FORCED_SHUTDOWN(mp))
605 return -EIO;
606
607 return setattr_prepare(dentry, iattr);
608}
609
610/*
611 * Set non-size attributes of an inode.
612 *
613 * Caution: The caller of this function is responsible for calling
614 * setattr_prepare() or otherwise verifying the change is fine.
615 */
616int
617xfs_setattr_nonsize(
618 struct xfs_inode *ip,
619 struct iattr *iattr,
620 int flags)
621{
622 xfs_mount_t *mp = ip->i_mount;
623 struct inode *inode = VFS_I(ip);
624 int mask = iattr->ia_valid;
625 xfs_trans_t *tp;
626 int error;
627 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID;
628 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID;
629 struct xfs_dquot *udqp = NULL, *gdqp = NULL;
630 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL;
631
632 ASSERT((mask & ATTR_SIZE) == 0);
633
634 /*
635 * If disk quotas is on, we make sure that the dquots do exist on disk,
636 * before we start any other transactions. Trying to do this later
637 * is messy. We don't care to take a readlock to look at the ids
638 * in inode here, because we can't hold it across the trans_reserve.
639 * If the IDs do change before we take the ilock, we're covered
640 * because the i_*dquot fields will get updated anyway.
641 */
642 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) {
643 uint qflags = 0;
644
645 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) {
646 uid = iattr->ia_uid;
647 qflags |= XFS_QMOPT_UQUOTA;
648 } else {
649 uid = inode->i_uid;
650 }
651 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) {
652 gid = iattr->ia_gid;
653 qflags |= XFS_QMOPT_GQUOTA;
654 } else {
655 gid = inode->i_gid;
656 }
657
658 /*
659 * We take a reference when we initialize udqp and gdqp,
660 * so it is important that we never blindly double trip on
661 * the same variable. See xfs_create() for an example.
662 */
663 ASSERT(udqp == NULL);
664 ASSERT(gdqp == NULL);
665 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid),
666 xfs_kgid_to_gid(gid),
667 xfs_get_projid(ip),
668 qflags, &udqp, &gdqp, NULL);
669 if (error)
670 return error;
671 }
672
673 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_ichange, 0, 0, 0, &tp);
674 if (error)
675 goto out_dqrele;
676
677 xfs_ilock(ip, XFS_ILOCK_EXCL);
678 xfs_trans_ijoin(tp, ip, 0);
679
680 /*
681 * Change file ownership. Must be the owner or privileged.
682 */
683 if (mask & (ATTR_UID|ATTR_GID)) {
684 /*
685 * These IDs could have changed since we last looked at them.
686 * But, we're assured that if the ownership did change
687 * while we didn't have the inode locked, inode's dquot(s)
688 * would have changed also.
689 */
690 iuid = inode->i_uid;
691 igid = inode->i_gid;
692 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid;
693 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid;
694
695 /*
696 * Do a quota reservation only if uid/gid is actually
697 * going to change.
698 */
699 if (XFS_IS_QUOTA_RUNNING(mp) &&
700 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) ||
701 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) {
702 ASSERT(tp);
703 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp,
704 NULL, capable(CAP_FOWNER) ?
705 XFS_QMOPT_FORCE_RES : 0);
706 if (error) /* out of quota */
707 goto out_cancel;
708 }
709 }
710
711 /*
712 * Change file ownership. Must be the owner or privileged.
713 */
714 if (mask & (ATTR_UID|ATTR_GID)) {
715 /*
716 * CAP_FSETID overrides the following restrictions:
717 *
718 * The set-user-ID and set-group-ID bits of a file will be
719 * cleared upon successful return from chown()
720 */
721 if ((inode->i_mode & (S_ISUID|S_ISGID)) &&
722 !capable(CAP_FSETID))
723 inode->i_mode &= ~(S_ISUID|S_ISGID);
724
725 /*
726 * Change the ownerships and register quota modifications
727 * in the transaction.
728 */
729 if (!uid_eq(iuid, uid)) {
730 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) {
731 ASSERT(mask & ATTR_UID);
732 ASSERT(udqp);
733 olddquot1 = xfs_qm_vop_chown(tp, ip,
734 &ip->i_udquot, udqp);
735 }
736 ip->i_d.di_uid = xfs_kuid_to_uid(uid);
737 inode->i_uid = uid;
738 }
739 if (!gid_eq(igid, gid)) {
740 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) {
741 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) ||
742 !XFS_IS_PQUOTA_ON(mp));
743 ASSERT(mask & ATTR_GID);
744 ASSERT(gdqp);
745 olddquot2 = xfs_qm_vop_chown(tp, ip,
746 &ip->i_gdquot, gdqp);
747 }
748 ip->i_d.di_gid = xfs_kgid_to_gid(gid);
749 inode->i_gid = gid;
750 }
751 }
752
753 if (mask & ATTR_MODE)
754 xfs_setattr_mode(ip, iattr);
755 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME))
756 xfs_setattr_time(ip, iattr);
757
758 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
759
760 XFS_STATS_INC(mp, xs_ig_attrchg);
761
762 if (mp->m_flags & XFS_MOUNT_WSYNC)
763 xfs_trans_set_sync(tp);
764 error = xfs_trans_commit(tp);
765
766 xfs_iunlock(ip, XFS_ILOCK_EXCL);
767
768 /*
769 * Release any dquot(s) the inode had kept before chown.
770 */
771 xfs_qm_dqrele(olddquot1);
772 xfs_qm_dqrele(olddquot2);
773 xfs_qm_dqrele(udqp);
774 xfs_qm_dqrele(gdqp);
775
776 if (error)
777 return error;
778
779 /*
780 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode
781 * update. We could avoid this with linked transactions
782 * and passing down the transaction pointer all the way
783 * to attr_set. No previous user of the generic
784 * Posix ACL code seems to care about this issue either.
785 */
786 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) {
787 error = posix_acl_chmod(inode, inode->i_mode);
788 if (error)
789 return error;
790 }
791
792 return 0;
793
794out_cancel:
795 xfs_trans_cancel(tp);
796 xfs_iunlock(ip, XFS_ILOCK_EXCL);
797out_dqrele:
798 xfs_qm_dqrele(udqp);
799 xfs_qm_dqrele(gdqp);
800 return error;
801}
802
803int
804xfs_vn_setattr_nonsize(
805 struct dentry *dentry,
806 struct iattr *iattr)
807{
808 struct xfs_inode *ip = XFS_I(d_inode(dentry));
809 int error;
810
811 trace_xfs_setattr(ip);
812
813 error = xfs_vn_change_ok(dentry, iattr);
814 if (error)
815 return error;
816 return xfs_setattr_nonsize(ip, iattr, 0);
817}
818
819/*
820 * Truncate file. Must have write permission and not be a directory.
821 *
822 * Caution: The caller of this function is responsible for calling
823 * setattr_prepare() or otherwise verifying the change is fine.
824 */
825STATIC int
826xfs_setattr_size(
827 struct xfs_inode *ip,
828 struct iattr *iattr)
829{
830 struct xfs_mount *mp = ip->i_mount;
831 struct inode *inode = VFS_I(ip);
832 xfs_off_t oldsize, newsize;
833 struct xfs_trans *tp;
834 int error;
835 uint lock_flags = 0;
836 bool did_zeroing = false;
837
838 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL));
839 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL));
840 ASSERT(S_ISREG(inode->i_mode));
841 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET|
842 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0);
843
844 oldsize = inode->i_size;
845 newsize = iattr->ia_size;
846
847 /*
848 * Short circuit the truncate case for zero length files.
849 */
850 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) {
851 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME)))
852 return 0;
853
854 /*
855 * Use the regular setattr path to update the timestamps.
856 */
857 iattr->ia_valid &= ~ATTR_SIZE;
858 return xfs_setattr_nonsize(ip, iattr, 0);
859 }
860
861 /*
862 * Make sure that the dquots are attached to the inode.
863 */
864 error = xfs_qm_dqattach(ip);
865 if (error)
866 return error;
867
868 /*
869 * Wait for all direct I/O to complete.
870 */
871 inode_dio_wait(inode);
872
873 /*
874 * File data changes must be complete before we start the transaction to
875 * modify the inode. This needs to be done before joining the inode to
876 * the transaction because the inode cannot be unlocked once it is a
877 * part of the transaction.
878 *
879 * Start with zeroing any data beyond EOF that we may expose on file
880 * extension, or zeroing out the rest of the block on a downward
881 * truncate.
882 */
883 if (newsize > oldsize) {
884 trace_xfs_zero_eof(ip, oldsize, newsize - oldsize);
885 error = iomap_zero_range(inode, oldsize, newsize - oldsize,
886 &did_zeroing, &xfs_iomap_ops);
887 } else {
888 error = iomap_truncate_page(inode, newsize, &did_zeroing,
889 &xfs_iomap_ops);
890 }
891
892 if (error)
893 return error;
894
895 /*
896 * We've already locked out new page faults, so now we can safely remove
897 * pages from the page cache knowing they won't get refaulted until we
898 * drop the XFS_MMAP_EXCL lock after the extent manipulations are
899 * complete. The truncate_setsize() call also cleans partial EOF page
900 * PTEs on extending truncates and hence ensures sub-page block size
901 * filesystems are correctly handled, too.
902 *
903 * We have to do all the page cache truncate work outside the
904 * transaction context as the "lock" order is page lock->log space
905 * reservation as defined by extent allocation in the writeback path.
906 * Hence a truncate can fail with ENOMEM from xfs_trans_alloc(), but
907 * having already truncated the in-memory version of the file (i.e. made
908 * user visible changes). There's not much we can do about this, except
909 * to hope that the caller sees ENOMEM and retries the truncate
910 * operation.
911 *
912 * And we update in-core i_size and truncate page cache beyond newsize
913 * before writeback the [di_size, newsize] range, so we're guaranteed
914 * not to write stale data past the new EOF on truncate down.
915 */
916 truncate_setsize(inode, newsize);
917
918 /*
919 * We are going to log the inode size change in this transaction so
920 * any previous writes that are beyond the on disk EOF and the new
921 * EOF that have not been written out need to be written here. If we
922 * do not write the data out, we expose ourselves to the null files
923 * problem. Note that this includes any block zeroing we did above;
924 * otherwise those blocks may not be zeroed after a crash.
925 */
926 if (did_zeroing ||
927 (newsize > ip->i_d.di_size && oldsize != ip->i_d.di_size)) {
928 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping,
929 ip->i_d.di_size, newsize - 1);
930 if (error)
931 return error;
932 }
933
934 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate, 0, 0, 0, &tp);
935 if (error)
936 return error;
937
938 lock_flags |= XFS_ILOCK_EXCL;
939 xfs_ilock(ip, XFS_ILOCK_EXCL);
940 xfs_trans_ijoin(tp, ip, 0);
941
942 /*
943 * Only change the c/mtime if we are changing the size or we are
944 * explicitly asked to change it. This handles the semantic difference
945 * between truncate() and ftruncate() as implemented in the VFS.
946 *
947 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a
948 * special case where we need to update the times despite not having
949 * these flags set. For all other operations the VFS set these flags
950 * explicitly if it wants a timestamp update.
951 */
952 if (newsize != oldsize &&
953 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) {
954 iattr->ia_ctime = iattr->ia_mtime =
955 current_time(inode);
956 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME;
957 }
958
959 /*
960 * The first thing we do is set the size to new_size permanently on
961 * disk. This way we don't have to worry about anyone ever being able
962 * to look at the data being freed even in the face of a crash.
963 * What we're getting around here is the case where we free a block, it
964 * is allocated to another file, it is written to, and then we crash.
965 * If the new data gets written to the file but the log buffers
966 * containing the free and reallocation don't, then we'd end up with
967 * garbage in the blocks being freed. As long as we make the new size
968 * permanent before actually freeing any blocks it doesn't matter if
969 * they get written to.
970 */
971 ip->i_d.di_size = newsize;
972 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
973
974 if (newsize <= oldsize) {
975 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize);
976 if (error)
977 goto out_trans_cancel;
978
979 /*
980 * Truncated "down", so we're removing references to old data
981 * here - if we delay flushing for a long time, we expose
982 * ourselves unduly to the notorious NULL files problem. So,
983 * we mark this inode and flush it when the file is closed,
984 * and do not wait the usual (long) time for writeout.
985 */
986 xfs_iflags_set(ip, XFS_ITRUNCATED);
987
988 /* A truncate down always removes post-EOF blocks. */
989 xfs_inode_clear_eofblocks_tag(ip);
990 }
991
992 if (iattr->ia_valid & ATTR_MODE)
993 xfs_setattr_mode(ip, iattr);
994 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME))
995 xfs_setattr_time(ip, iattr);
996
997 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
998
999 XFS_STATS_INC(mp, xs_ig_attrchg);
1000
1001 if (mp->m_flags & XFS_MOUNT_WSYNC)
1002 xfs_trans_set_sync(tp);
1003
1004 error = xfs_trans_commit(tp);
1005out_unlock:
1006 if (lock_flags)
1007 xfs_iunlock(ip, lock_flags);
1008 return error;
1009
1010out_trans_cancel:
1011 xfs_trans_cancel(tp);
1012 goto out_unlock;
1013}
1014
1015int
1016xfs_vn_setattr_size(
1017 struct dentry *dentry,
1018 struct iattr *iattr)
1019{
1020 struct xfs_inode *ip = XFS_I(d_inode(dentry));
1021 int error;
1022
1023 trace_xfs_setattr(ip);
1024
1025 error = xfs_vn_change_ok(dentry, iattr);
1026 if (error)
1027 return error;
1028 return xfs_setattr_size(ip, iattr);
1029}
1030
1031STATIC int
1032xfs_vn_setattr(
1033 struct dentry *dentry,
1034 struct iattr *iattr)
1035{
1036 int error;
1037
1038 if (iattr->ia_valid & ATTR_SIZE) {
1039 struct inode *inode = d_inode(dentry);
1040 struct xfs_inode *ip = XFS_I(inode);
1041 uint iolock;
1042
1043 xfs_ilock(ip, XFS_MMAPLOCK_EXCL);
1044 iolock = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL;
1045
1046 error = xfs_break_layouts(inode, &iolock, BREAK_UNMAP);
1047 if (error) {
1048 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL);
1049 return error;
1050 }
1051
1052 error = xfs_vn_setattr_size(dentry, iattr);
1053 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL);
1054 } else {
1055 error = xfs_vn_setattr_nonsize(dentry, iattr);
1056 }
1057
1058 return error;
1059}
1060
1061STATIC int
1062xfs_vn_update_time(
1063 struct inode *inode,
1064 struct timespec64 *now,
1065 int flags)
1066{
1067 struct xfs_inode *ip = XFS_I(inode);
1068 struct xfs_mount *mp = ip->i_mount;
1069 int log_flags = XFS_ILOG_TIMESTAMP;
1070 struct xfs_trans *tp;
1071 int error;
1072
1073 trace_xfs_update_time(ip);
1074
1075 if (inode->i_sb->s_flags & SB_LAZYTIME) {
1076 if (!((flags & S_VERSION) &&
1077 inode_maybe_inc_iversion(inode, false)))
1078 return generic_update_time(inode, now, flags);
1079
1080 /* Capture the iversion update that just occurred */
1081 log_flags |= XFS_ILOG_CORE;
1082 }
1083
1084 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_fsyncts, 0, 0, 0, &tp);
1085 if (error)
1086 return error;
1087
1088 xfs_ilock(ip, XFS_ILOCK_EXCL);
1089 if (flags & S_CTIME)
1090 inode->i_ctime = *now;
1091 if (flags & S_MTIME)
1092 inode->i_mtime = *now;
1093 if (flags & S_ATIME)
1094 inode->i_atime = *now;
1095
1096 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
1097 xfs_trans_log_inode(tp, ip, log_flags);
1098 return xfs_trans_commit(tp);
1099}
1100
1101STATIC int
1102xfs_vn_fiemap(
1103 struct inode *inode,
1104 struct fiemap_extent_info *fieinfo,
1105 u64 start,
1106 u64 length)
1107{
1108 int error;
1109
1110 xfs_ilock(XFS_I(inode), XFS_IOLOCK_SHARED);
1111 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) {
1112 fieinfo->fi_flags &= ~FIEMAP_FLAG_XATTR;
1113 error = iomap_fiemap(inode, fieinfo, start, length,
1114 &xfs_xattr_iomap_ops);
1115 } else {
1116 error = iomap_fiemap(inode, fieinfo, start, length,
1117 &xfs_iomap_ops);
1118 }
1119 xfs_iunlock(XFS_I(inode), XFS_IOLOCK_SHARED);
1120
1121 return error;
1122}
1123
1124STATIC int
1125xfs_vn_tmpfile(
1126 struct inode *dir,
1127 struct dentry *dentry,
1128 umode_t mode)
1129{
1130 return xfs_generic_create(dir, dentry, mode, 0, true);
1131}
1132
1133static const struct inode_operations xfs_inode_operations = {
1134 .get_acl = xfs_get_acl,
1135 .set_acl = xfs_set_acl,
1136 .getattr = xfs_vn_getattr,
1137 .setattr = xfs_vn_setattr,
1138 .listxattr = xfs_vn_listxattr,
1139 .fiemap = xfs_vn_fiemap,
1140 .update_time = xfs_vn_update_time,
1141};
1142
1143static const struct inode_operations xfs_dir_inode_operations = {
1144 .create = xfs_vn_create,
1145 .lookup = xfs_vn_lookup,
1146 .link = xfs_vn_link,
1147 .unlink = xfs_vn_unlink,
1148 .symlink = xfs_vn_symlink,
1149 .mkdir = xfs_vn_mkdir,
1150 /*
1151 * Yes, XFS uses the same method for rmdir and unlink.
1152 *
1153 * There are some subtile differences deeper in the code,
1154 * but we use S_ISDIR to check for those.
1155 */
1156 .rmdir = xfs_vn_unlink,
1157 .mknod = xfs_vn_mknod,
1158 .rename = xfs_vn_rename,
1159 .get_acl = xfs_get_acl,
1160 .set_acl = xfs_set_acl,
1161 .getattr = xfs_vn_getattr,
1162 .setattr = xfs_vn_setattr,
1163 .listxattr = xfs_vn_listxattr,
1164 .update_time = xfs_vn_update_time,
1165 .tmpfile = xfs_vn_tmpfile,
1166};
1167
1168static const struct inode_operations xfs_dir_ci_inode_operations = {
1169 .create = xfs_vn_create,
1170 .lookup = xfs_vn_ci_lookup,
1171 .link = xfs_vn_link,
1172 .unlink = xfs_vn_unlink,
1173 .symlink = xfs_vn_symlink,
1174 .mkdir = xfs_vn_mkdir,
1175 /*
1176 * Yes, XFS uses the same method for rmdir and unlink.
1177 *
1178 * There are some subtile differences deeper in the code,
1179 * but we use S_ISDIR to check for those.
1180 */
1181 .rmdir = xfs_vn_unlink,
1182 .mknod = xfs_vn_mknod,
1183 .rename = xfs_vn_rename,
1184 .get_acl = xfs_get_acl,
1185 .set_acl = xfs_set_acl,
1186 .getattr = xfs_vn_getattr,
1187 .setattr = xfs_vn_setattr,
1188 .listxattr = xfs_vn_listxattr,
1189 .update_time = xfs_vn_update_time,
1190 .tmpfile = xfs_vn_tmpfile,
1191};
1192
1193static const struct inode_operations xfs_symlink_inode_operations = {
1194 .get_link = xfs_vn_get_link,
1195 .getattr = xfs_vn_getattr,
1196 .setattr = xfs_vn_setattr,
1197 .listxattr = xfs_vn_listxattr,
1198 .update_time = xfs_vn_update_time,
1199};
1200
1201static const struct inode_operations xfs_inline_symlink_inode_operations = {
1202 .get_link = xfs_vn_get_link_inline,
1203 .getattr = xfs_vn_getattr,
1204 .setattr = xfs_vn_setattr,
1205 .listxattr = xfs_vn_listxattr,
1206 .update_time = xfs_vn_update_time,
1207};
1208
1209/* Figure out if this file actually supports DAX. */
1210static bool
1211xfs_inode_supports_dax(
1212 struct xfs_inode *ip)
1213{
1214 struct xfs_mount *mp = ip->i_mount;
1215
1216 /* Only supported on non-reflinked files. */
1217 if (!S_ISREG(VFS_I(ip)->i_mode) || xfs_is_reflink_inode(ip))
1218 return false;
1219
1220 /* DAX mount option or DAX iflag must be set. */
1221 if (!(mp->m_flags & XFS_MOUNT_DAX) &&
1222 !(ip->i_d.di_flags2 & XFS_DIFLAG2_DAX))
1223 return false;
1224
1225 /* Block size must match page size */
1226 if (mp->m_sb.sb_blocksize != PAGE_SIZE)
1227 return false;
1228
1229 /* Device has to support DAX too. */
1230 return xfs_find_daxdev_for_inode(VFS_I(ip)) != NULL;
1231}
1232
1233STATIC void
1234xfs_diflags_to_iflags(
1235 struct inode *inode,
1236 struct xfs_inode *ip)
1237{
1238 uint16_t flags = ip->i_d.di_flags;
1239
1240 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC |
1241 S_NOATIME | S_DAX);
1242
1243 if (flags & XFS_DIFLAG_IMMUTABLE)
1244 inode->i_flags |= S_IMMUTABLE;
1245 if (flags & XFS_DIFLAG_APPEND)
1246 inode->i_flags |= S_APPEND;
1247 if (flags & XFS_DIFLAG_SYNC)
1248 inode->i_flags |= S_SYNC;
1249 if (flags & XFS_DIFLAG_NOATIME)
1250 inode->i_flags |= S_NOATIME;
1251 if (xfs_inode_supports_dax(ip))
1252 inode->i_flags |= S_DAX;
1253}
1254
1255/*
1256 * Initialize the Linux inode.
1257 *
1258 * When reading existing inodes from disk this is called directly from xfs_iget,
1259 * when creating a new inode it is called from xfs_ialloc after setting up the
1260 * inode. These callers have different criteria for clearing XFS_INEW, so leave
1261 * it up to the caller to deal with unlocking the inode appropriately.
1262 */
1263void
1264xfs_setup_inode(
1265 struct xfs_inode *ip)
1266{
1267 struct inode *inode = &ip->i_vnode;
1268 gfp_t gfp_mask;
1269
1270 inode->i_ino = ip->i_ino;
1271 inode->i_state = I_NEW;
1272
1273 inode_sb_list_add(inode);
1274 /* make the inode look hashed for the writeback code */
1275 inode_fake_hash(inode);
1276
1277 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid);
1278 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid);
1279
1280 i_size_write(inode, ip->i_d.di_size);
1281 xfs_diflags_to_iflags(inode, ip);
1282
1283 if (S_ISDIR(inode->i_mode)) {
1284 /*
1285 * We set the i_rwsem class here to avoid potential races with
1286 * lockdep_annotate_inode_mutex_key() reinitialising the lock
1287 * after a filehandle lookup has already found the inode in
1288 * cache before it has been unlocked via unlock_new_inode().
1289 */
1290 lockdep_set_class(&inode->i_rwsem,
1291 &inode->i_sb->s_type->i_mutex_dir_key);
1292 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class);
1293 ip->d_ops = ip->i_mount->m_dir_inode_ops;
1294 } else {
1295 ip->d_ops = ip->i_mount->m_nondir_inode_ops;
1296 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class);
1297 }
1298
1299 /*
1300 * Ensure all page cache allocations are done from GFP_NOFS context to
1301 * prevent direct reclaim recursion back into the filesystem and blowing
1302 * stacks or deadlocking.
1303 */
1304 gfp_mask = mapping_gfp_mask(inode->i_mapping);
1305 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS)));
1306
1307 /*
1308 * If there is no attribute fork no ACL can exist on this inode,
1309 * and it can't have any file capabilities attached to it either.
1310 */
1311 if (!XFS_IFORK_Q(ip)) {
1312 inode_has_no_xattr(inode);
1313 cache_no_acl(inode);
1314 }
1315}
1316
1317void
1318xfs_setup_iops(
1319 struct xfs_inode *ip)
1320{
1321 struct inode *inode = &ip->i_vnode;
1322
1323 switch (inode->i_mode & S_IFMT) {
1324 case S_IFREG:
1325 inode->i_op = &xfs_inode_operations;
1326 inode->i_fop = &xfs_file_operations;
1327 if (IS_DAX(inode))
1328 inode->i_mapping->a_ops = &xfs_dax_aops;
1329 else
1330 inode->i_mapping->a_ops = &xfs_address_space_operations;
1331 break;
1332 case S_IFDIR:
1333 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb))
1334 inode->i_op = &xfs_dir_ci_inode_operations;
1335 else
1336 inode->i_op = &xfs_dir_inode_operations;
1337 inode->i_fop = &xfs_dir_file_operations;
1338 break;
1339 case S_IFLNK:
1340 if (ip->i_df.if_flags & XFS_IFINLINE)
1341 inode->i_op = &xfs_inline_symlink_inode_operations;
1342 else
1343 inode->i_op = &xfs_symlink_inode_operations;
1344 break;
1345 default:
1346 inode->i_op = &xfs_inode_operations;
1347 init_special_inode(inode, inode->i_mode, inode->i_rdev);
1348 break;
1349 }
1350}