1/* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18#include "xfs.h" 19#include "xfs_fs.h" 20#include "xfs_shared.h" 21#include "xfs_format.h" 22#include "xfs_log_format.h" 23#include "xfs_trans_resv.h" 24#include "xfs_mount.h" 25#include "xfs_da_format.h" 26#include "xfs_inode.h" 27#include "xfs_bmap.h" 28#include "xfs_bmap_util.h" 29#include "xfs_acl.h" 30#include "xfs_quota.h" 31#include "xfs_error.h" 32#include "xfs_attr.h" 33#include "xfs_trans.h" 34#include "xfs_trace.h" 35#include "xfs_icache.h" 36#include "xfs_symlink.h" 37#include "xfs_da_btree.h" 38#include "xfs_dir2.h" 39#include "xfs_trans_space.h" 40#include "xfs_pnfs.h" 41 42#include <linux/capability.h> 43#include <linux/xattr.h> 44#include <linux/namei.h> 45#include <linux/posix_acl.h> 46#include <linux/security.h> 47#include <linux/fiemap.h> 48#include <linux/slab.h> 49 50/* 51 * Directories have different lock order w.r.t. mmap_sem compared to regular 52 * files. This is due to readdir potentially triggering page faults on a user 53 * buffer inside filldir(), and this happens with the ilock on the directory 54 * held. For regular files, the lock order is the other way around - the 55 * mmap_sem is taken during the page fault, and then we lock the ilock to do 56 * block mapping. Hence we need a different class for the directory ilock so 57 * that lockdep can tell them apart. 58 */ 59static struct lock_class_key xfs_nondir_ilock_class; 60static struct lock_class_key xfs_dir_ilock_class; 61 62static int 63xfs_initxattrs( 64 struct inode *inode, 65 const struct xattr *xattr_array, 66 void *fs_info) 67{ 68 const struct xattr *xattr; 69 struct xfs_inode *ip = XFS_I(inode); 70 int error = 0; 71 72 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 73 error = xfs_attr_set(ip, xattr->name, xattr->value, 74 xattr->value_len, ATTR_SECURE); 75 if (error < 0) 76 break; 77 } 78 return error; 79} 80 81/* 82 * Hook in SELinux. This is not quite correct yet, what we really need 83 * here (as we do for default ACLs) is a mechanism by which creation of 84 * these attrs can be journalled at inode creation time (along with the 85 * inode, of course, such that log replay can't cause these to be lost). 86 */ 87 88STATIC int 89xfs_init_security( 90 struct inode *inode, 91 struct inode *dir, 92 const struct qstr *qstr) 93{ 94 return security_inode_init_security(inode, dir, qstr, 95 &xfs_initxattrs, NULL); 96} 97 98static void 99xfs_dentry_to_name( 100 struct xfs_name *namep, 101 struct dentry *dentry, 102 int mode) 103{ 104 namep->name = dentry->d_name.name; 105 namep->len = dentry->d_name.len; 106 namep->type = xfs_mode_to_ftype[(mode & S_IFMT) >> S_SHIFT]; 107} 108 109STATIC void 110xfs_cleanup_inode( 111 struct inode *dir, 112 struct inode *inode, 113 struct dentry *dentry) 114{ 115 struct xfs_name teardown; 116 117 /* Oh, the horror. 118 * If we can't add the ACL or we fail in 119 * xfs_init_security we must back out. 120 * ENOSPC can hit here, among other things. 121 */ 122 xfs_dentry_to_name(&teardown, dentry, 0); 123 124 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode)); 125} 126 127STATIC int 128xfs_generic_create( 129 struct inode *dir, 130 struct dentry *dentry, 131 umode_t mode, 132 dev_t rdev, 133 bool tmpfile) /* unnamed file */ 134{ 135 struct inode *inode; 136 struct xfs_inode *ip = NULL; 137 struct posix_acl *default_acl, *acl; 138 struct xfs_name name; 139 int error; 140 141 /* 142 * Irix uses Missed'em'V split, but doesn't want to see 143 * the upper 5 bits of (14bit) major. 144 */ 145 if (S_ISCHR(mode) || S_ISBLK(mode)) { 146 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff)) 147 return -EINVAL; 148 rdev = sysv_encode_dev(rdev); 149 } else { 150 rdev = 0; 151 } 152 153 error = posix_acl_create(dir, &mode, &default_acl, &acl); 154 if (error) 155 return error; 156 157 if (!tmpfile) { 158 xfs_dentry_to_name(&name, dentry, mode); 159 error = xfs_create(XFS_I(dir), &name, mode, rdev, &ip); 160 } else { 161 error = xfs_create_tmpfile(XFS_I(dir), dentry, mode, &ip); 162 } 163 if (unlikely(error)) 164 goto out_free_acl; 165 166 inode = VFS_I(ip); 167 168 error = xfs_init_security(inode, dir, &dentry->d_name); 169 if (unlikely(error)) 170 goto out_cleanup_inode; 171 172#ifdef CONFIG_XFS_POSIX_ACL 173 if (default_acl) { 174 error = xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT); 175 if (error) 176 goto out_cleanup_inode; 177 } 178 if (acl) { 179 error = xfs_set_acl(inode, acl, ACL_TYPE_ACCESS); 180 if (error) 181 goto out_cleanup_inode; 182 } 183#endif 184 185 if (tmpfile) 186 d_tmpfile(dentry, inode); 187 else 188 d_instantiate(dentry, inode); 189 190 xfs_finish_inode_setup(ip); 191 192 out_free_acl: 193 if (default_acl) 194 posix_acl_release(default_acl); 195 if (acl) 196 posix_acl_release(acl); 197 return error; 198 199 out_cleanup_inode: 200 xfs_finish_inode_setup(ip); 201 if (!tmpfile) 202 xfs_cleanup_inode(dir, inode, dentry); 203 iput(inode); 204 goto out_free_acl; 205} 206 207STATIC int 208xfs_vn_mknod( 209 struct inode *dir, 210 struct dentry *dentry, 211 umode_t mode, 212 dev_t rdev) 213{ 214 return xfs_generic_create(dir, dentry, mode, rdev, false); 215} 216 217STATIC int 218xfs_vn_create( 219 struct inode *dir, 220 struct dentry *dentry, 221 umode_t mode, 222 bool flags) 223{ 224 return xfs_vn_mknod(dir, dentry, mode, 0); 225} 226 227STATIC int 228xfs_vn_mkdir( 229 struct inode *dir, 230 struct dentry *dentry, 231 umode_t mode) 232{ 233 return xfs_vn_mknod(dir, dentry, mode|S_IFDIR, 0); 234} 235 236STATIC struct dentry * 237xfs_vn_lookup( 238 struct inode *dir, 239 struct dentry *dentry, 240 unsigned int flags) 241{ 242 struct xfs_inode *cip; 243 struct xfs_name name; 244 int error; 245 246 if (dentry->d_name.len >= MAXNAMELEN) 247 return ERR_PTR(-ENAMETOOLONG); 248 249 xfs_dentry_to_name(&name, dentry, 0); 250 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL); 251 if (unlikely(error)) { 252 if (unlikely(error != -ENOENT)) 253 return ERR_PTR(error); 254 d_add(dentry, NULL); 255 return NULL; 256 } 257 258 return d_splice_alias(VFS_I(cip), dentry); 259} 260 261STATIC struct dentry * 262xfs_vn_ci_lookup( 263 struct inode *dir, 264 struct dentry *dentry, 265 unsigned int flags) 266{ 267 struct xfs_inode *ip; 268 struct xfs_name xname; 269 struct xfs_name ci_name; 270 struct qstr dname; 271 int error; 272 273 if (dentry->d_name.len >= MAXNAMELEN) 274 return ERR_PTR(-ENAMETOOLONG); 275 276 xfs_dentry_to_name(&xname, dentry, 0); 277 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name); 278 if (unlikely(error)) { 279 if (unlikely(error != -ENOENT)) 280 return ERR_PTR(error); 281 /* 282 * call d_add(dentry, NULL) here when d_drop_negative_children 283 * is called in xfs_vn_mknod (ie. allow negative dentries 284 * with CI filesystems). 285 */ 286 return NULL; 287 } 288 289 /* if exact match, just splice and exit */ 290 if (!ci_name.name) 291 return d_splice_alias(VFS_I(ip), dentry); 292 293 /* else case-insensitive match... */ 294 dname.name = ci_name.name; 295 dname.len = ci_name.len; 296 dentry = d_add_ci(dentry, VFS_I(ip), &dname); 297 kmem_free(ci_name.name); 298 return dentry; 299} 300 301STATIC int 302xfs_vn_link( 303 struct dentry *old_dentry, 304 struct inode *dir, 305 struct dentry *dentry) 306{ 307 struct inode *inode = d_inode(old_dentry); 308 struct xfs_name name; 309 int error; 310 311 xfs_dentry_to_name(&name, dentry, inode->i_mode); 312 313 error = xfs_link(XFS_I(dir), XFS_I(inode), &name); 314 if (unlikely(error)) 315 return error; 316 317 ihold(inode); 318 d_instantiate(dentry, inode); 319 return 0; 320} 321 322STATIC int 323xfs_vn_unlink( 324 struct inode *dir, 325 struct dentry *dentry) 326{ 327 struct xfs_name name; 328 int error; 329 330 xfs_dentry_to_name(&name, dentry, 0); 331 332 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry))); 333 if (error) 334 return error; 335 336 /* 337 * With unlink, the VFS makes the dentry "negative": no inode, 338 * but still hashed. This is incompatible with case-insensitive 339 * mode, so invalidate (unhash) the dentry in CI-mode. 340 */ 341 if (xfs_sb_version_hasasciici(&XFS_M(dir->i_sb)->m_sb)) 342 d_invalidate(dentry); 343 return 0; 344} 345 346STATIC int 347xfs_vn_symlink( 348 struct inode *dir, 349 struct dentry *dentry, 350 const char *symname) 351{ 352 struct inode *inode; 353 struct xfs_inode *cip = NULL; 354 struct xfs_name name; 355 int error; 356 umode_t mode; 357 358 mode = S_IFLNK | 359 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO); 360 xfs_dentry_to_name(&name, dentry, mode); 361 362 error = xfs_symlink(XFS_I(dir), &name, symname, mode, &cip); 363 if (unlikely(error)) 364 goto out; 365 366 inode = VFS_I(cip); 367 368 error = xfs_init_security(inode, dir, &dentry->d_name); 369 if (unlikely(error)) 370 goto out_cleanup_inode; 371 372 d_instantiate(dentry, inode); 373 xfs_finish_inode_setup(cip); 374 return 0; 375 376 out_cleanup_inode: 377 xfs_finish_inode_setup(cip); 378 xfs_cleanup_inode(dir, inode, dentry); 379 iput(inode); 380 out: 381 return error; 382} 383 384STATIC int 385xfs_vn_rename( 386 struct inode *odir, 387 struct dentry *odentry, 388 struct inode *ndir, 389 struct dentry *ndentry, 390 unsigned int flags) 391{ 392 struct inode *new_inode = d_inode(ndentry); 393 int omode = 0; 394 struct xfs_name oname; 395 struct xfs_name nname; 396 397 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 398 return -EINVAL; 399 400 /* if we are exchanging files, we need to set i_mode of both files */ 401 if (flags & RENAME_EXCHANGE) 402 omode = d_inode(ndentry)->i_mode; 403 404 xfs_dentry_to_name(&oname, odentry, omode); 405 xfs_dentry_to_name(&nname, ndentry, d_inode(odentry)->i_mode); 406 407 return xfs_rename(XFS_I(odir), &oname, XFS_I(d_inode(odentry)), 408 XFS_I(ndir), &nname, 409 new_inode ? XFS_I(new_inode) : NULL, flags); 410} 411 412/* 413 * careful here - this function can get called recursively, so 414 * we need to be very careful about how much stack we use. 415 * uio is kmalloced for this reason... 416 */ 417STATIC void * 418xfs_vn_follow_link( 419 struct dentry *dentry, 420 struct nameidata *nd) 421{ 422 char *link; 423 int error = -ENOMEM; 424 425 link = kmalloc(MAXPATHLEN+1, GFP_KERNEL); 426 if (!link) 427 goto out_err; 428 429 error = xfs_readlink(XFS_I(d_inode(dentry)), link); 430 if (unlikely(error)) 431 goto out_kfree; 432 433 nd_set_link(nd, link); 434 return NULL; 435 436 out_kfree: 437 kfree(link); 438 out_err: 439 nd_set_link(nd, ERR_PTR(error)); 440 return NULL; 441} 442 443STATIC int 444xfs_vn_getattr( 445 struct vfsmount *mnt, 446 struct dentry *dentry, 447 struct kstat *stat) 448{ 449 struct inode *inode = d_inode(dentry); 450 struct xfs_inode *ip = XFS_I(inode); 451 struct xfs_mount *mp = ip->i_mount; 452 453 trace_xfs_getattr(ip); 454 455 if (XFS_FORCED_SHUTDOWN(mp)) 456 return -EIO; 457 458 stat->size = XFS_ISIZE(ip); 459 stat->dev = inode->i_sb->s_dev; 460 stat->mode = ip->i_d.di_mode; 461 stat->nlink = ip->i_d.di_nlink; 462 stat->uid = inode->i_uid; 463 stat->gid = inode->i_gid; 464 stat->ino = ip->i_ino; 465 stat->atime = inode->i_atime; 466 stat->mtime = inode->i_mtime; 467 stat->ctime = inode->i_ctime; 468 stat->blocks = 469 XFS_FSB_TO_BB(mp, ip->i_d.di_nblocks + ip->i_delayed_blks); 470 471 472 switch (inode->i_mode & S_IFMT) { 473 case S_IFBLK: 474 case S_IFCHR: 475 stat->blksize = BLKDEV_IOSIZE; 476 stat->rdev = MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 477 sysv_minor(ip->i_df.if_u2.if_rdev)); 478 break; 479 default: 480 if (XFS_IS_REALTIME_INODE(ip)) { 481 /* 482 * If the file blocks are being allocated from a 483 * realtime volume, then return the inode's realtime 484 * extent size or the realtime volume's extent size. 485 */ 486 stat->blksize = 487 xfs_get_extsz_hint(ip) << mp->m_sb.sb_blocklog; 488 } else 489 stat->blksize = xfs_preferred_iosize(mp); 490 stat->rdev = 0; 491 break; 492 } 493 494 return 0; 495} 496 497static void 498xfs_setattr_mode( 499 struct xfs_inode *ip, 500 struct iattr *iattr) 501{ 502 struct inode *inode = VFS_I(ip); 503 umode_t mode = iattr->ia_mode; 504 505 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 506 507 ip->i_d.di_mode &= S_IFMT; 508 ip->i_d.di_mode |= mode & ~S_IFMT; 509 510 inode->i_mode &= S_IFMT; 511 inode->i_mode |= mode & ~S_IFMT; 512} 513 514void 515xfs_setattr_time( 516 struct xfs_inode *ip, 517 struct iattr *iattr) 518{ 519 struct inode *inode = VFS_I(ip); 520 521 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 522 523 if (iattr->ia_valid & ATTR_ATIME) { 524 inode->i_atime = iattr->ia_atime; 525 ip->i_d.di_atime.t_sec = iattr->ia_atime.tv_sec; 526 ip->i_d.di_atime.t_nsec = iattr->ia_atime.tv_nsec; 527 } 528 if (iattr->ia_valid & ATTR_CTIME) { 529 inode->i_ctime = iattr->ia_ctime; 530 ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec; 531 ip->i_d.di_ctime.t_nsec = iattr->ia_ctime.tv_nsec; 532 } 533 if (iattr->ia_valid & ATTR_MTIME) { 534 inode->i_mtime = iattr->ia_mtime; 535 ip->i_d.di_mtime.t_sec = iattr->ia_mtime.tv_sec; 536 ip->i_d.di_mtime.t_nsec = iattr->ia_mtime.tv_nsec; 537 } 538} 539 540int 541xfs_setattr_nonsize( 542 struct xfs_inode *ip, 543 struct iattr *iattr, 544 int flags) 545{ 546 xfs_mount_t *mp = ip->i_mount; 547 struct inode *inode = VFS_I(ip); 548 int mask = iattr->ia_valid; 549 xfs_trans_t *tp; 550 int error; 551 kuid_t uid = GLOBAL_ROOT_UID, iuid = GLOBAL_ROOT_UID; 552 kgid_t gid = GLOBAL_ROOT_GID, igid = GLOBAL_ROOT_GID; 553 struct xfs_dquot *udqp = NULL, *gdqp = NULL; 554 struct xfs_dquot *olddquot1 = NULL, *olddquot2 = NULL; 555 556 trace_xfs_setattr(ip); 557 558 /* If acls are being inherited, we already have this checked */ 559 if (!(flags & XFS_ATTR_NOACL)) { 560 if (mp->m_flags & XFS_MOUNT_RDONLY) 561 return -EROFS; 562 563 if (XFS_FORCED_SHUTDOWN(mp)) 564 return -EIO; 565 566 error = inode_change_ok(inode, iattr); 567 if (error) 568 return error; 569 } 570 571 ASSERT((mask & ATTR_SIZE) == 0); 572 573 /* 574 * If disk quotas is on, we make sure that the dquots do exist on disk, 575 * before we start any other transactions. Trying to do this later 576 * is messy. We don't care to take a readlock to look at the ids 577 * in inode here, because we can't hold it across the trans_reserve. 578 * If the IDs do change before we take the ilock, we're covered 579 * because the i_*dquot fields will get updated anyway. 580 */ 581 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) { 582 uint qflags = 0; 583 584 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) { 585 uid = iattr->ia_uid; 586 qflags |= XFS_QMOPT_UQUOTA; 587 } else { 588 uid = inode->i_uid; 589 } 590 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) { 591 gid = iattr->ia_gid; 592 qflags |= XFS_QMOPT_GQUOTA; 593 } else { 594 gid = inode->i_gid; 595 } 596 597 /* 598 * We take a reference when we initialize udqp and gdqp, 599 * so it is important that we never blindly double trip on 600 * the same variable. See xfs_create() for an example. 601 */ 602 ASSERT(udqp == NULL); 603 ASSERT(gdqp == NULL); 604 error = xfs_qm_vop_dqalloc(ip, xfs_kuid_to_uid(uid), 605 xfs_kgid_to_gid(gid), 606 xfs_get_projid(ip), 607 qflags, &udqp, &gdqp, NULL); 608 if (error) 609 return error; 610 } 611 612 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_NOT_SIZE); 613 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_ichange, 0, 0); 614 if (error) 615 goto out_dqrele; 616 617 xfs_ilock(ip, XFS_ILOCK_EXCL); 618 619 /* 620 * Change file ownership. Must be the owner or privileged. 621 */ 622 if (mask & (ATTR_UID|ATTR_GID)) { 623 /* 624 * These IDs could have changed since we last looked at them. 625 * But, we're assured that if the ownership did change 626 * while we didn't have the inode locked, inode's dquot(s) 627 * would have changed also. 628 */ 629 iuid = inode->i_uid; 630 igid = inode->i_gid; 631 gid = (mask & ATTR_GID) ? iattr->ia_gid : igid; 632 uid = (mask & ATTR_UID) ? iattr->ia_uid : iuid; 633 634 /* 635 * Do a quota reservation only if uid/gid is actually 636 * going to change. 637 */ 638 if (XFS_IS_QUOTA_RUNNING(mp) && 639 ((XFS_IS_UQUOTA_ON(mp) && !uid_eq(iuid, uid)) || 640 (XFS_IS_GQUOTA_ON(mp) && !gid_eq(igid, gid)))) { 641 ASSERT(tp); 642 error = xfs_qm_vop_chown_reserve(tp, ip, udqp, gdqp, 643 NULL, capable(CAP_FOWNER) ? 644 XFS_QMOPT_FORCE_RES : 0); 645 if (error) /* out of quota */ 646 goto out_trans_cancel; 647 } 648 } 649 650 xfs_trans_ijoin(tp, ip, 0); 651 652 /* 653 * Change file ownership. Must be the owner or privileged. 654 */ 655 if (mask & (ATTR_UID|ATTR_GID)) { 656 /* 657 * CAP_FSETID overrides the following restrictions: 658 * 659 * The set-user-ID and set-group-ID bits of a file will be 660 * cleared upon successful return from chown() 661 */ 662 if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) && 663 !capable(CAP_FSETID)) 664 ip->i_d.di_mode &= ~(S_ISUID|S_ISGID); 665 666 /* 667 * Change the ownerships and register quota modifications 668 * in the transaction. 669 */ 670 if (!uid_eq(iuid, uid)) { 671 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_UQUOTA_ON(mp)) { 672 ASSERT(mask & ATTR_UID); 673 ASSERT(udqp); 674 olddquot1 = xfs_qm_vop_chown(tp, ip, 675 &ip->i_udquot, udqp); 676 } 677 ip->i_d.di_uid = xfs_kuid_to_uid(uid); 678 inode->i_uid = uid; 679 } 680 if (!gid_eq(igid, gid)) { 681 if (XFS_IS_QUOTA_RUNNING(mp) && XFS_IS_GQUOTA_ON(mp)) { 682 ASSERT(xfs_sb_version_has_pquotino(&mp->m_sb) || 683 !XFS_IS_PQUOTA_ON(mp)); 684 ASSERT(mask & ATTR_GID); 685 ASSERT(gdqp); 686 olddquot2 = xfs_qm_vop_chown(tp, ip, 687 &ip->i_gdquot, gdqp); 688 } 689 ip->i_d.di_gid = xfs_kgid_to_gid(gid); 690 inode->i_gid = gid; 691 } 692 } 693 694 if (mask & ATTR_MODE) 695 xfs_setattr_mode(ip, iattr); 696 if (mask & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 697 xfs_setattr_time(ip, iattr); 698 699 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 700 701 XFS_STATS_INC(xs_ig_attrchg); 702 703 if (mp->m_flags & XFS_MOUNT_WSYNC) 704 xfs_trans_set_sync(tp); 705 error = xfs_trans_commit(tp, 0); 706 707 xfs_iunlock(ip, XFS_ILOCK_EXCL); 708 709 /* 710 * Release any dquot(s) the inode had kept before chown. 711 */ 712 xfs_qm_dqrele(olddquot1); 713 xfs_qm_dqrele(olddquot2); 714 xfs_qm_dqrele(udqp); 715 xfs_qm_dqrele(gdqp); 716 717 if (error) 718 return error; 719 720 /* 721 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode 722 * update. We could avoid this with linked transactions 723 * and passing down the transaction pointer all the way 724 * to attr_set. No previous user of the generic 725 * Posix ACL code seems to care about this issue either. 726 */ 727 if ((mask & ATTR_MODE) && !(flags & XFS_ATTR_NOACL)) { 728 error = posix_acl_chmod(inode, inode->i_mode); 729 if (error) 730 return error; 731 } 732 733 return 0; 734 735out_trans_cancel: 736 xfs_trans_cancel(tp, 0); 737 xfs_iunlock(ip, XFS_ILOCK_EXCL); 738out_dqrele: 739 xfs_qm_dqrele(udqp); 740 xfs_qm_dqrele(gdqp); 741 return error; 742} 743 744/* 745 * Truncate file. Must have write permission and not be a directory. 746 */ 747int 748xfs_setattr_size( 749 struct xfs_inode *ip, 750 struct iattr *iattr) 751{ 752 struct xfs_mount *mp = ip->i_mount; 753 struct inode *inode = VFS_I(ip); 754 xfs_off_t oldsize, newsize; 755 struct xfs_trans *tp; 756 int error; 757 uint lock_flags = 0; 758 uint commit_flags = 0; 759 bool did_zeroing = false; 760 761 trace_xfs_setattr(ip); 762 763 if (mp->m_flags & XFS_MOUNT_RDONLY) 764 return -EROFS; 765 766 if (XFS_FORCED_SHUTDOWN(mp)) 767 return -EIO; 768 769 error = inode_change_ok(inode, iattr); 770 if (error) 771 return error; 772 773 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL)); 774 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL)); 775 ASSERT(S_ISREG(ip->i_d.di_mode)); 776 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| 777 ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); 778 779 oldsize = inode->i_size; 780 newsize = iattr->ia_size; 781 782 /* 783 * Short circuit the truncate case for zero length files. 784 */ 785 if (newsize == 0 && oldsize == 0 && ip->i_d.di_nextents == 0) { 786 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME))) 787 return 0; 788 789 /* 790 * Use the regular setattr path to update the timestamps. 791 */ 792 iattr->ia_valid &= ~ATTR_SIZE; 793 return xfs_setattr_nonsize(ip, iattr, 0); 794 } 795 796 /* 797 * Make sure that the dquots are attached to the inode. 798 */ 799 error = xfs_qm_dqattach(ip, 0); 800 if (error) 801 return error; 802 803 /* 804 * File data changes must be complete before we start the transaction to 805 * modify the inode. This needs to be done before joining the inode to 806 * the transaction because the inode cannot be unlocked once it is a 807 * part of the transaction. 808 * 809 * Start with zeroing any data block beyond EOF that we may expose on 810 * file extension. 811 */ 812 if (newsize > oldsize) { 813 error = xfs_zero_eof(ip, newsize, oldsize, &did_zeroing); 814 if (error) 815 return error; 816 } 817 818 /* 819 * We are going to log the inode size change in this transaction so 820 * any previous writes that are beyond the on disk EOF and the new 821 * EOF that have not been written out need to be written here. If we 822 * do not write the data out, we expose ourselves to the null files 823 * problem. Note that this includes any block zeroing we did above; 824 * otherwise those blocks may not be zeroed after a crash. 825 */ 826 if (newsize > ip->i_d.di_size && 827 (oldsize != ip->i_d.di_size || did_zeroing)) { 828 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping, 829 ip->i_d.di_size, newsize); 830 if (error) 831 return error; 832 } 833 834 /* Now wait for all direct I/O to complete. */ 835 inode_dio_wait(inode); 836 837 /* 838 * We've already locked out new page faults, so now we can safely remove 839 * pages from the page cache knowing they won't get refaulted until we 840 * drop the XFS_MMAP_EXCL lock after the extent manipulations are 841 * complete. The truncate_setsize() call also cleans partial EOF page 842 * PTEs on extending truncates and hence ensures sub-page block size 843 * filesystems are correctly handled, too. 844 * 845 * We have to do all the page cache truncate work outside the 846 * transaction context as the "lock" order is page lock->log space 847 * reservation as defined by extent allocation in the writeback path. 848 * Hence a truncate can fail with ENOMEM from xfs_trans_reserve(), but 849 * having already truncated the in-memory version of the file (i.e. made 850 * user visible changes). There's not much we can do about this, except 851 * to hope that the caller sees ENOMEM and retries the truncate 852 * operation. 853 */ 854 error = block_truncate_page(inode->i_mapping, newsize, xfs_get_blocks); 855 if (error) 856 return error; 857 truncate_setsize(inode, newsize); 858 859 tp = xfs_trans_alloc(mp, XFS_TRANS_SETATTR_SIZE); 860 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_itruncate, 0, 0); 861 if (error) 862 goto out_trans_cancel; 863 864 commit_flags = XFS_TRANS_RELEASE_LOG_RES; 865 lock_flags |= XFS_ILOCK_EXCL; 866 xfs_ilock(ip, XFS_ILOCK_EXCL); 867 xfs_trans_ijoin(tp, ip, 0); 868 869 /* 870 * Only change the c/mtime if we are changing the size or we are 871 * explicitly asked to change it. This handles the semantic difference 872 * between truncate() and ftruncate() as implemented in the VFS. 873 * 874 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a 875 * special case where we need to update the times despite not having 876 * these flags set. For all other operations the VFS set these flags 877 * explicitly if it wants a timestamp update. 878 */ 879 if (newsize != oldsize && 880 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) { 881 iattr->ia_ctime = iattr->ia_mtime = 882 current_fs_time(inode->i_sb); 883 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME; 884 } 885 886 /* 887 * The first thing we do is set the size to new_size permanently on 888 * disk. This way we don't have to worry about anyone ever being able 889 * to look at the data being freed even in the face of a crash. 890 * What we're getting around here is the case where we free a block, it 891 * is allocated to another file, it is written to, and then we crash. 892 * If the new data gets written to the file but the log buffers 893 * containing the free and reallocation don't, then we'd end up with 894 * garbage in the blocks being freed. As long as we make the new size 895 * permanent before actually freeing any blocks it doesn't matter if 896 * they get written to. 897 */ 898 ip->i_d.di_size = newsize; 899 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 900 901 if (newsize <= oldsize) { 902 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize); 903 if (error) 904 goto out_trans_abort; 905 906 /* 907 * Truncated "down", so we're removing references to old data 908 * here - if we delay flushing for a long time, we expose 909 * ourselves unduly to the notorious NULL files problem. So, 910 * we mark this inode and flush it when the file is closed, 911 * and do not wait the usual (long) time for writeout. 912 */ 913 xfs_iflags_set(ip, XFS_ITRUNCATED); 914 915 /* A truncate down always removes post-EOF blocks. */ 916 xfs_inode_clear_eofblocks_tag(ip); 917 } 918 919 if (iattr->ia_valid & ATTR_MODE) 920 xfs_setattr_mode(ip, iattr); 921 if (iattr->ia_valid & (ATTR_ATIME|ATTR_CTIME|ATTR_MTIME)) 922 xfs_setattr_time(ip, iattr); 923 924 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE); 925 926 XFS_STATS_INC(xs_ig_attrchg); 927 928 if (mp->m_flags & XFS_MOUNT_WSYNC) 929 xfs_trans_set_sync(tp); 930 931 error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES); 932out_unlock: 933 if (lock_flags) 934 xfs_iunlock(ip, lock_flags); 935 return error; 936 937out_trans_abort: 938 commit_flags |= XFS_TRANS_ABORT; 939out_trans_cancel: 940 xfs_trans_cancel(tp, commit_flags); 941 goto out_unlock; 942} 943 944STATIC int 945xfs_vn_setattr( 946 struct dentry *dentry, 947 struct iattr *iattr) 948{ 949 struct xfs_inode *ip = XFS_I(d_inode(dentry)); 950 int error; 951 952 if (iattr->ia_valid & ATTR_SIZE) { 953 uint iolock = XFS_IOLOCK_EXCL; 954 955 xfs_ilock(ip, iolock); 956 error = xfs_break_layouts(d_inode(dentry), &iolock, true); 957 if (!error) { 958 xfs_ilock(ip, XFS_MMAPLOCK_EXCL); 959 iolock |= XFS_MMAPLOCK_EXCL; 960 961 error = xfs_setattr_size(ip, iattr); 962 } 963 xfs_iunlock(ip, iolock); 964 } else { 965 error = xfs_setattr_nonsize(ip, iattr, 0); 966 } 967 968 return error; 969} 970 971STATIC int 972xfs_vn_update_time( 973 struct inode *inode, 974 struct timespec *now, 975 int flags) 976{ 977 struct xfs_inode *ip = XFS_I(inode); 978 struct xfs_mount *mp = ip->i_mount; 979 struct xfs_trans *tp; 980 int error; 981 982 trace_xfs_update_time(ip); 983 984 tp = xfs_trans_alloc(mp, XFS_TRANS_FSYNC_TS); 985 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_fsyncts, 0, 0); 986 if (error) { 987 xfs_trans_cancel(tp, 0); 988 return error; 989 } 990 991 xfs_ilock(ip, XFS_ILOCK_EXCL); 992 if (flags & S_CTIME) { 993 inode->i_ctime = *now; 994 ip->i_d.di_ctime.t_sec = (__int32_t)now->tv_sec; 995 ip->i_d.di_ctime.t_nsec = (__int32_t)now->tv_nsec; 996 } 997 if (flags & S_MTIME) { 998 inode->i_mtime = *now; 999 ip->i_d.di_mtime.t_sec = (__int32_t)now->tv_sec; 1000 ip->i_d.di_mtime.t_nsec = (__int32_t)now->tv_nsec; 1001 } 1002 if (flags & S_ATIME) { 1003 inode->i_atime = *now; 1004 ip->i_d.di_atime.t_sec = (__int32_t)now->tv_sec; 1005 ip->i_d.di_atime.t_nsec = (__int32_t)now->tv_nsec; 1006 } 1007 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL); 1008 xfs_trans_log_inode(tp, ip, XFS_ILOG_TIMESTAMP); 1009 return xfs_trans_commit(tp, 0); 1010} 1011 1012#define XFS_FIEMAP_FLAGS (FIEMAP_FLAG_SYNC|FIEMAP_FLAG_XATTR) 1013 1014/* 1015 * Call fiemap helper to fill in user data. 1016 * Returns positive errors to xfs_getbmap. 1017 */ 1018STATIC int 1019xfs_fiemap_format( 1020 void **arg, 1021 struct getbmapx *bmv, 1022 int *full) 1023{ 1024 int error; 1025 struct fiemap_extent_info *fieinfo = *arg; 1026 u32 fiemap_flags = 0; 1027 u64 logical, physical, length; 1028 1029 /* Do nothing for a hole */ 1030 if (bmv->bmv_block == -1LL) 1031 return 0; 1032 1033 logical = BBTOB(bmv->bmv_offset); 1034 physical = BBTOB(bmv->bmv_block); 1035 length = BBTOB(bmv->bmv_length); 1036 1037 if (bmv->bmv_oflags & BMV_OF_PREALLOC) 1038 fiemap_flags |= FIEMAP_EXTENT_UNWRITTEN; 1039 else if (bmv->bmv_oflags & BMV_OF_DELALLOC) { 1040 fiemap_flags |= (FIEMAP_EXTENT_DELALLOC | 1041 FIEMAP_EXTENT_UNKNOWN); 1042 physical = 0; /* no block yet */ 1043 } 1044 if (bmv->bmv_oflags & BMV_OF_LAST) 1045 fiemap_flags |= FIEMAP_EXTENT_LAST; 1046 1047 error = fiemap_fill_next_extent(fieinfo, logical, physical, 1048 length, fiemap_flags); 1049 if (error > 0) { 1050 error = 0; 1051 *full = 1; /* user array now full */ 1052 } 1053 1054 return error; 1055} 1056 1057STATIC int 1058xfs_vn_fiemap( 1059 struct inode *inode, 1060 struct fiemap_extent_info *fieinfo, 1061 u64 start, 1062 u64 length) 1063{ 1064 xfs_inode_t *ip = XFS_I(inode); 1065 struct getbmapx bm; 1066 int error; 1067 1068 error = fiemap_check_flags(fieinfo, XFS_FIEMAP_FLAGS); 1069 if (error) 1070 return error; 1071 1072 /* Set up bmap header for xfs internal routine */ 1073 bm.bmv_offset = BTOBBT(start); 1074 /* Special case for whole file */ 1075 if (length == FIEMAP_MAX_OFFSET) 1076 bm.bmv_length = -1LL; 1077 else 1078 bm.bmv_length = BTOBB(start + length) - bm.bmv_offset; 1079 1080 /* We add one because in getbmap world count includes the header */ 1081 bm.bmv_count = !fieinfo->fi_extents_max ? MAXEXTNUM : 1082 fieinfo->fi_extents_max + 1; 1083 bm.bmv_count = min_t(__s32, bm.bmv_count, 1084 (PAGE_SIZE * 16 / sizeof(struct getbmapx))); 1085 bm.bmv_iflags = BMV_IF_PREALLOC | BMV_IF_NO_HOLES; 1086 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) 1087 bm.bmv_iflags |= BMV_IF_ATTRFORK; 1088 if (!(fieinfo->fi_flags & FIEMAP_FLAG_SYNC)) 1089 bm.bmv_iflags |= BMV_IF_DELALLOC; 1090 1091 error = xfs_getbmap(ip, &bm, xfs_fiemap_format, fieinfo); 1092 if (error) 1093 return error; 1094 1095 return 0; 1096} 1097 1098STATIC int 1099xfs_vn_tmpfile( 1100 struct inode *dir, 1101 struct dentry *dentry, 1102 umode_t mode) 1103{ 1104 return xfs_generic_create(dir, dentry, mode, 0, true); 1105} 1106 1107static const struct inode_operations xfs_inode_operations = { 1108 .get_acl = xfs_get_acl, 1109 .set_acl = xfs_set_acl, 1110 .getattr = xfs_vn_getattr, 1111 .setattr = xfs_vn_setattr, 1112 .setxattr = generic_setxattr, 1113 .getxattr = generic_getxattr, 1114 .removexattr = generic_removexattr, 1115 .listxattr = xfs_vn_listxattr, 1116 .fiemap = xfs_vn_fiemap, 1117 .update_time = xfs_vn_update_time, 1118}; 1119 1120static const struct inode_operations xfs_dir_inode_operations = { 1121 .create = xfs_vn_create, 1122 .lookup = xfs_vn_lookup, 1123 .link = xfs_vn_link, 1124 .unlink = xfs_vn_unlink, 1125 .symlink = xfs_vn_symlink, 1126 .mkdir = xfs_vn_mkdir, 1127 /* 1128 * Yes, XFS uses the same method for rmdir and unlink. 1129 * 1130 * There are some subtile differences deeper in the code, 1131 * but we use S_ISDIR to check for those. 1132 */ 1133 .rmdir = xfs_vn_unlink, 1134 .mknod = xfs_vn_mknod, 1135 .rename2 = xfs_vn_rename, 1136 .get_acl = xfs_get_acl, 1137 .set_acl = xfs_set_acl, 1138 .getattr = xfs_vn_getattr, 1139 .setattr = xfs_vn_setattr, 1140 .setxattr = generic_setxattr, 1141 .getxattr = generic_getxattr, 1142 .removexattr = generic_removexattr, 1143 .listxattr = xfs_vn_listxattr, 1144 .update_time = xfs_vn_update_time, 1145 .tmpfile = xfs_vn_tmpfile, 1146}; 1147 1148static const struct inode_operations xfs_dir_ci_inode_operations = { 1149 .create = xfs_vn_create, 1150 .lookup = xfs_vn_ci_lookup, 1151 .link = xfs_vn_link, 1152 .unlink = xfs_vn_unlink, 1153 .symlink = xfs_vn_symlink, 1154 .mkdir = xfs_vn_mkdir, 1155 /* 1156 * Yes, XFS uses the same method for rmdir and unlink. 1157 * 1158 * There are some subtile differences deeper in the code, 1159 * but we use S_ISDIR to check for those. 1160 */ 1161 .rmdir = xfs_vn_unlink, 1162 .mknod = xfs_vn_mknod, 1163 .rename2 = xfs_vn_rename, 1164 .get_acl = xfs_get_acl, 1165 .set_acl = xfs_set_acl, 1166 .getattr = xfs_vn_getattr, 1167 .setattr = xfs_vn_setattr, 1168 .setxattr = generic_setxattr, 1169 .getxattr = generic_getxattr, 1170 .removexattr = generic_removexattr, 1171 .listxattr = xfs_vn_listxattr, 1172 .update_time = xfs_vn_update_time, 1173 .tmpfile = xfs_vn_tmpfile, 1174}; 1175 1176static const struct inode_operations xfs_symlink_inode_operations = { 1177 .readlink = generic_readlink, 1178 .follow_link = xfs_vn_follow_link, 1179 .put_link = kfree_put_link, 1180 .getattr = xfs_vn_getattr, 1181 .setattr = xfs_vn_setattr, 1182 .setxattr = generic_setxattr, 1183 .getxattr = generic_getxattr, 1184 .removexattr = generic_removexattr, 1185 .listxattr = xfs_vn_listxattr, 1186 .update_time = xfs_vn_update_time, 1187}; 1188 1189STATIC void 1190xfs_diflags_to_iflags( 1191 struct inode *inode, 1192 struct xfs_inode *ip) 1193{ 1194 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE) 1195 inode->i_flags |= S_IMMUTABLE; 1196 else 1197 inode->i_flags &= ~S_IMMUTABLE; 1198 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND) 1199 inode->i_flags |= S_APPEND; 1200 else 1201 inode->i_flags &= ~S_APPEND; 1202 if (ip->i_d.di_flags & XFS_DIFLAG_SYNC) 1203 inode->i_flags |= S_SYNC; 1204 else 1205 inode->i_flags &= ~S_SYNC; 1206 if (ip->i_d.di_flags & XFS_DIFLAG_NOATIME) 1207 inode->i_flags |= S_NOATIME; 1208 else 1209 inode->i_flags &= ~S_NOATIME; 1210} 1211 1212/* 1213 * Initialize the Linux inode and set up the operation vectors. 1214 * 1215 * When reading existing inodes from disk this is called directly from xfs_iget, 1216 * when creating a new inode it is called from xfs_ialloc after setting up the 1217 * inode. These callers have different criteria for clearing XFS_INEW, so leave 1218 * it up to the caller to deal with unlocking the inode appropriately. 1219 */ 1220void 1221xfs_setup_inode( 1222 struct xfs_inode *ip) 1223{ 1224 struct inode *inode = &ip->i_vnode; 1225 gfp_t gfp_mask; 1226 1227 inode->i_ino = ip->i_ino; 1228 inode->i_state = I_NEW; 1229 1230 inode_sb_list_add(inode); 1231 /* make the inode look hashed for the writeback code */ 1232 hlist_add_fake(&inode->i_hash); 1233 1234 inode->i_mode = ip->i_d.di_mode; 1235 set_nlink(inode, ip->i_d.di_nlink); 1236 inode->i_uid = xfs_uid_to_kuid(ip->i_d.di_uid); 1237 inode->i_gid = xfs_gid_to_kgid(ip->i_d.di_gid); 1238 1239 switch (inode->i_mode & S_IFMT) { 1240 case S_IFBLK: 1241 case S_IFCHR: 1242 inode->i_rdev = 1243 MKDEV(sysv_major(ip->i_df.if_u2.if_rdev) & 0x1ff, 1244 sysv_minor(ip->i_df.if_u2.if_rdev)); 1245 break; 1246 default: 1247 inode->i_rdev = 0; 1248 break; 1249 } 1250 1251 inode->i_generation = ip->i_d.di_gen; 1252 i_size_write(inode, ip->i_d.di_size); 1253 inode->i_atime.tv_sec = ip->i_d.di_atime.t_sec; 1254 inode->i_atime.tv_nsec = ip->i_d.di_atime.t_nsec; 1255 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec; 1256 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec; 1257 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec; 1258 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec; 1259 xfs_diflags_to_iflags(inode, ip); 1260 1261 ip->d_ops = ip->i_mount->m_nondir_inode_ops; 1262 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class); 1263 switch (inode->i_mode & S_IFMT) { 1264 case S_IFREG: 1265 inode->i_op = &xfs_inode_operations; 1266 inode->i_fop = &xfs_file_operations; 1267 inode->i_mapping->a_ops = &xfs_address_space_operations; 1268 break; 1269 case S_IFDIR: 1270 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class); 1271 if (xfs_sb_version_hasasciici(&XFS_M(inode->i_sb)->m_sb)) 1272 inode->i_op = &xfs_dir_ci_inode_operations; 1273 else 1274 inode->i_op = &xfs_dir_inode_operations; 1275 inode->i_fop = &xfs_dir_file_operations; 1276 ip->d_ops = ip->i_mount->m_dir_inode_ops; 1277 break; 1278 case S_IFLNK: 1279 inode->i_op = &xfs_symlink_inode_operations; 1280 if (!(ip->i_df.if_flags & XFS_IFINLINE)) 1281 inode->i_mapping->a_ops = &xfs_address_space_operations; 1282 break; 1283 default: 1284 inode->i_op = &xfs_inode_operations; 1285 init_special_inode(inode, inode->i_mode, inode->i_rdev); 1286 break; 1287 } 1288 1289 /* 1290 * Ensure all page cache allocations are done from GFP_NOFS context to 1291 * prevent direct reclaim recursion back into the filesystem and blowing 1292 * stacks or deadlocking. 1293 */ 1294 gfp_mask = mapping_gfp_mask(inode->i_mapping); 1295 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS))); 1296 1297 /* 1298 * If there is no attribute fork no ACL can exist on this inode, 1299 * and it can't have any file capabilities attached to it either. 1300 */ 1301 if (!XFS_IFORK_Q(ip)) { 1302 inode_has_no_xattr(inode); 1303 cache_no_acl(inode); 1304 } 1305} 1306