aboutsummaryrefslogtreecommitdiffstats
path: root/fs/namei.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/namei.c')
-rw-r--r--fs/namei.c808
1 files changed, 557 insertions, 251 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 7d694194024a..2ccc35c4dc24 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -315,31 +315,22 @@ static inline int do_inode_permission(struct inode *inode, int mask)
315} 315}
316 316
317/** 317/**
318 * inode_permission - check for access rights to a given inode 318 * __inode_permission - Check for access rights to a given inode
319 * @inode: inode to check permission on 319 * @inode: Inode to check permission on
320 * @mask: right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC, ...) 320 * @mask: Right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
321 * 321 *
322 * Used to check for read/write/execute permissions on an inode. 322 * Check for read/write/execute permissions on an inode.
323 * We use "fsuid" for this, letting us set arbitrary permissions
324 * for filesystem access without changing the "normal" uids which
325 * are used for other things.
326 * 323 *
327 * When checking for MAY_APPEND, MAY_WRITE must also be set in @mask. 324 * When checking for MAY_APPEND, MAY_WRITE must also be set in @mask.
325 *
326 * This does not check for a read-only file system. You probably want
327 * inode_permission().
328 */ 328 */
329int inode_permission(struct inode *inode, int mask) 329int __inode_permission(struct inode *inode, int mask)
330{ 330{
331 int retval; 331 int retval;
332 332
333 if (unlikely(mask & MAY_WRITE)) { 333 if (unlikely(mask & MAY_WRITE)) {
334 umode_t mode = inode->i_mode;
335
336 /*
337 * Nobody gets write access to a read-only fs.
338 */
339 if (IS_RDONLY(inode) &&
340 (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
341 return -EROFS;
342
343 /* 334 /*
344 * Nobody gets write access to an immutable file. 335 * Nobody gets write access to an immutable file.
345 */ 336 */
@@ -359,6 +350,47 @@ int inode_permission(struct inode *inode, int mask)
359} 350}
360 351
361/** 352/**
353 * sb_permission - Check superblock-level permissions
354 * @sb: Superblock of inode to check permission on
355 * @mask: Right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
356 *
357 * Separate out file-system wide checks from inode-specific permission checks.
358 */
359static int sb_permission(struct super_block *sb, struct inode *inode, int mask)
360{
361 if (unlikely(mask & MAY_WRITE)) {
362 umode_t mode = inode->i_mode;
363
364 /* Nobody gets write access to a read-only fs. */
365 if ((sb->s_flags & MS_RDONLY) &&
366 (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
367 return -EROFS;
368 }
369 return 0;
370}
371
372/**
373 * inode_permission - Check for access rights to a given inode
374 * @inode: Inode to check permission on
375 * @mask: Right to check for (%MAY_READ, %MAY_WRITE, %MAY_EXEC)
376 *
377 * Check for read/write/execute permissions on an inode. We use fs[ug]id for
378 * this, letting us set arbitrary permissions for filesystem access without
379 * changing the "normal" UIDs which are used for other things.
380 *
381 * When checking for MAY_APPEND, MAY_WRITE must also be set in @mask.
382 */
383int inode_permission(struct inode *inode, int mask)
384{
385 int retval;
386
387 retval = sb_permission(inode->i_sb, inode, mask);
388 if (retval)
389 return retval;
390 return __inode_permission(inode, mask);
391}
392
393/**
362 * path_get - get a reference to a path 394 * path_get - get a reference to a path
363 * @path: path to get the reference to 395 * @path: path to get the reference to
364 * 396 *
@@ -395,6 +427,18 @@ EXPORT_SYMBOL(path_put);
395 * to restart the path walk from the beginning in ref-walk mode. 427 * to restart the path walk from the beginning in ref-walk mode.
396 */ 428 */
397 429
430static inline void lock_rcu_walk(void)
431{
432 br_read_lock(&vfsmount_lock);
433 rcu_read_lock();
434}
435
436static inline void unlock_rcu_walk(void)
437{
438 rcu_read_unlock();
439 br_read_unlock(&vfsmount_lock);
440}
441
398/** 442/**
399 * unlazy_walk - try to switch to ref-walk mode. 443 * unlazy_walk - try to switch to ref-walk mode.
400 * @nd: nameidata pathwalk data 444 * @nd: nameidata pathwalk data
@@ -448,8 +492,7 @@ static int unlazy_walk(struct nameidata *nd, struct dentry *dentry)
448 } 492 }
449 mntget(nd->path.mnt); 493 mntget(nd->path.mnt);
450 494
451 rcu_read_unlock(); 495 unlock_rcu_walk();
452 br_read_unlock(&vfsmount_lock);
453 nd->flags &= ~LOOKUP_RCU; 496 nd->flags &= ~LOOKUP_RCU;
454 return 0; 497 return 0;
455 498
@@ -463,25 +506,9 @@ err_root:
463 return -ECHILD; 506 return -ECHILD;
464} 507}
465 508
466/** 509static inline int d_revalidate(struct dentry *dentry, unsigned int flags)
467 * release_open_intent - free up open intent resources
468 * @nd: pointer to nameidata
469 */
470void release_open_intent(struct nameidata *nd)
471{ 510{
472 struct file *file = nd->intent.open.file; 511 return dentry->d_op->d_revalidate(dentry, flags);
473
474 if (file && !IS_ERR(file)) {
475 if (file->f_path.dentry == NULL)
476 put_filp(file);
477 else
478 fput(file);
479 }
480}
481
482static inline int d_revalidate(struct dentry *dentry, struct nameidata *nd)
483{
484 return dentry->d_op->d_revalidate(dentry, nd);
485} 512}
486 513
487/** 514/**
@@ -506,15 +533,13 @@ static int complete_walk(struct nameidata *nd)
506 spin_lock(&dentry->d_lock); 533 spin_lock(&dentry->d_lock);
507 if (unlikely(!__d_rcu_to_refcount(dentry, nd->seq))) { 534 if (unlikely(!__d_rcu_to_refcount(dentry, nd->seq))) {
508 spin_unlock(&dentry->d_lock); 535 spin_unlock(&dentry->d_lock);
509 rcu_read_unlock(); 536 unlock_rcu_walk();
510 br_read_unlock(&vfsmount_lock);
511 return -ECHILD; 537 return -ECHILD;
512 } 538 }
513 BUG_ON(nd->inode != dentry->d_inode); 539 BUG_ON(nd->inode != dentry->d_inode);
514 spin_unlock(&dentry->d_lock); 540 spin_unlock(&dentry->d_lock);
515 mntget(nd->path.mnt); 541 mntget(nd->path.mnt);
516 rcu_read_unlock(); 542 unlock_rcu_walk();
517 br_read_unlock(&vfsmount_lock);
518 } 543 }
519 544
520 if (likely(!(nd->flags & LOOKUP_JUMPED))) 545 if (likely(!(nd->flags & LOOKUP_JUMPED)))
@@ -527,7 +552,7 @@ static int complete_walk(struct nameidata *nd)
527 return 0; 552 return 0;
528 553
529 /* Note: we do not d_invalidate() */ 554 /* Note: we do not d_invalidate() */
530 status = d_revalidate(dentry, nd); 555 status = d_revalidate(dentry, nd->flags);
531 if (status > 0) 556 if (status > 0)
532 return 0; 557 return 0;
533 558
@@ -602,10 +627,25 @@ static inline void path_to_nameidata(const struct path *path,
602 nd->path.dentry = path->dentry; 627 nd->path.dentry = path->dentry;
603} 628}
604 629
630/*
631 * Helper to directly jump to a known parsed path from ->follow_link,
632 * caller must have taken a reference to path beforehand.
633 */
634void nd_jump_link(struct nameidata *nd, struct path *path)
635{
636 path_put(&nd->path);
637
638 nd->path = *path;
639 nd->inode = nd->path.dentry->d_inode;
640 nd->flags |= LOOKUP_JUMPED;
641
642 BUG_ON(nd->inode->i_op->follow_link);
643}
644
605static inline void put_link(struct nameidata *nd, struct path *link, void *cookie) 645static inline void put_link(struct nameidata *nd, struct path *link, void *cookie)
606{ 646{
607 struct inode *inode = link->dentry->d_inode; 647 struct inode *inode = link->dentry->d_inode;
608 if (!IS_ERR(cookie) && inode->i_op->put_link) 648 if (inode->i_op->put_link)
609 inode->i_op->put_link(link->dentry, nd, cookie); 649 inode->i_op->put_link(link->dentry, nd, cookie);
610 path_put(link); 650 path_put(link);
611} 651}
@@ -613,19 +653,19 @@ static inline void put_link(struct nameidata *nd, struct path *link, void *cooki
613static __always_inline int 653static __always_inline int
614follow_link(struct path *link, struct nameidata *nd, void **p) 654follow_link(struct path *link, struct nameidata *nd, void **p)
615{ 655{
616 int error;
617 struct dentry *dentry = link->dentry; 656 struct dentry *dentry = link->dentry;
657 int error;
658 char *s;
618 659
619 BUG_ON(nd->flags & LOOKUP_RCU); 660 BUG_ON(nd->flags & LOOKUP_RCU);
620 661
621 if (link->mnt == nd->path.mnt) 662 if (link->mnt == nd->path.mnt)
622 mntget(link->mnt); 663 mntget(link->mnt);
623 664
624 if (unlikely(current->total_link_count >= 40)) { 665 error = -ELOOP;
625 *p = ERR_PTR(-ELOOP); /* no ->put_link(), please */ 666 if (unlikely(current->total_link_count >= 40))
626 path_put(&nd->path); 667 goto out_put_nd_path;
627 return -ELOOP; 668
628 }
629 cond_resched(); 669 cond_resched();
630 current->total_link_count++; 670 current->total_link_count++;
631 671
@@ -633,30 +673,28 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
633 nd_set_link(nd, NULL); 673 nd_set_link(nd, NULL);
634 674
635 error = security_inode_follow_link(link->dentry, nd); 675 error = security_inode_follow_link(link->dentry, nd);
636 if (error) { 676 if (error)
637 *p = ERR_PTR(error); /* no ->put_link(), please */ 677 goto out_put_nd_path;
638 path_put(&nd->path);
639 return error;
640 }
641 678
642 nd->last_type = LAST_BIND; 679 nd->last_type = LAST_BIND;
643 *p = dentry->d_inode->i_op->follow_link(dentry, nd); 680 *p = dentry->d_inode->i_op->follow_link(dentry, nd);
644 error = PTR_ERR(*p); 681 error = PTR_ERR(*p);
645 if (!IS_ERR(*p)) { 682 if (IS_ERR(*p))
646 char *s = nd_get_link(nd); 683 goto out_put_nd_path;
647 error = 0; 684
648 if (s) 685 error = 0;
649 error = __vfs_follow_link(nd, s); 686 s = nd_get_link(nd);
650 else if (nd->last_type == LAST_BIND) { 687 if (s) {
651 nd->flags |= LOOKUP_JUMPED; 688 error = __vfs_follow_link(nd, s);
652 nd->inode = nd->path.dentry->d_inode; 689 if (unlikely(error))
653 if (nd->inode->i_op->follow_link) { 690 put_link(nd, link, *p);
654 /* stepped on a _really_ weird one */
655 path_put(&nd->path);
656 error = -ELOOP;
657 }
658 }
659 } 691 }
692
693 return error;
694
695out_put_nd_path:
696 path_put(&nd->path);
697 path_put(link);
660 return error; 698 return error;
661} 699}
662 700
@@ -675,6 +713,16 @@ static int follow_up_rcu(struct path *path)
675 return 1; 713 return 1;
676} 714}
677 715
716/*
717 * follow_up - Find the mountpoint of path's vfsmount
718 *
719 * Given a path, find the mountpoint of its source file system.
720 * Replace @path with the path of the mountpoint in the parent mount.
721 * Up is towards /.
722 *
723 * Return 1 if we went up a level and 0 if we were already at the
724 * root.
725 */
678int follow_up(struct path *path) 726int follow_up(struct path *path)
679{ 727{
680 struct mount *mnt = real_mount(path->mnt); 728 struct mount *mnt = real_mount(path->mnt);
@@ -683,7 +731,7 @@ int follow_up(struct path *path)
683 731
684 br_read_lock(&vfsmount_lock); 732 br_read_lock(&vfsmount_lock);
685 parent = mnt->mnt_parent; 733 parent = mnt->mnt_parent;
686 if (&parent->mnt == path->mnt) { 734 if (parent == mnt) {
687 br_read_unlock(&vfsmount_lock); 735 br_read_unlock(&vfsmount_lock);
688 return 0; 736 return 0;
689 } 737 }
@@ -946,8 +994,7 @@ failed:
946 nd->flags &= ~LOOKUP_RCU; 994 nd->flags &= ~LOOKUP_RCU;
947 if (!(nd->flags & LOOKUP_ROOT)) 995 if (!(nd->flags & LOOKUP_ROOT))
948 nd->root.mnt = NULL; 996 nd->root.mnt = NULL;
949 rcu_read_unlock(); 997 unlock_rcu_walk();
950 br_read_unlock(&vfsmount_lock);
951 return -ECHILD; 998 return -ECHILD;
952} 999}
953 1000
@@ -1048,7 +1095,7 @@ static void follow_dotdot(struct nameidata *nd)
1048 * dir->d_inode->i_mutex must be held 1095 * dir->d_inode->i_mutex must be held
1049 */ 1096 */
1050static struct dentry *lookup_dcache(struct qstr *name, struct dentry *dir, 1097static struct dentry *lookup_dcache(struct qstr *name, struct dentry *dir,
1051 struct nameidata *nd, bool *need_lookup) 1098 unsigned int flags, bool *need_lookup)
1052{ 1099{
1053 struct dentry *dentry; 1100 struct dentry *dentry;
1054 int error; 1101 int error;
@@ -1059,7 +1106,7 @@ static struct dentry *lookup_dcache(struct qstr *name, struct dentry *dir,
1059 if (d_need_lookup(dentry)) { 1106 if (d_need_lookup(dentry)) {
1060 *need_lookup = true; 1107 *need_lookup = true;
1061 } else if (dentry->d_flags & DCACHE_OP_REVALIDATE) { 1108 } else if (dentry->d_flags & DCACHE_OP_REVALIDATE) {
1062 error = d_revalidate(dentry, nd); 1109 error = d_revalidate(dentry, flags);
1063 if (unlikely(error <= 0)) { 1110 if (unlikely(error <= 0)) {
1064 if (error < 0) { 1111 if (error < 0) {
1065 dput(dentry); 1112 dput(dentry);
@@ -1089,7 +1136,7 @@ static struct dentry *lookup_dcache(struct qstr *name, struct dentry *dir,
1089 * dir->d_inode->i_mutex must be held 1136 * dir->d_inode->i_mutex must be held
1090 */ 1137 */
1091static struct dentry *lookup_real(struct inode *dir, struct dentry *dentry, 1138static struct dentry *lookup_real(struct inode *dir, struct dentry *dentry,
1092 struct nameidata *nd) 1139 unsigned int flags)
1093{ 1140{
1094 struct dentry *old; 1141 struct dentry *old;
1095 1142
@@ -1099,7 +1146,7 @@ static struct dentry *lookup_real(struct inode *dir, struct dentry *dentry,
1099 return ERR_PTR(-ENOENT); 1146 return ERR_PTR(-ENOENT);
1100 } 1147 }
1101 1148
1102 old = dir->i_op->lookup(dir, dentry, nd); 1149 old = dir->i_op->lookup(dir, dentry, flags);
1103 if (unlikely(old)) { 1150 if (unlikely(old)) {
1104 dput(dentry); 1151 dput(dentry);
1105 dentry = old; 1152 dentry = old;
@@ -1108,16 +1155,16 @@ static struct dentry *lookup_real(struct inode *dir, struct dentry *dentry,
1108} 1155}
1109 1156
1110static struct dentry *__lookup_hash(struct qstr *name, 1157static struct dentry *__lookup_hash(struct qstr *name,
1111 struct dentry *base, struct nameidata *nd) 1158 struct dentry *base, unsigned int flags)
1112{ 1159{
1113 bool need_lookup; 1160 bool need_lookup;
1114 struct dentry *dentry; 1161 struct dentry *dentry;
1115 1162
1116 dentry = lookup_dcache(name, base, nd, &need_lookup); 1163 dentry = lookup_dcache(name, base, flags, &need_lookup);
1117 if (!need_lookup) 1164 if (!need_lookup)
1118 return dentry; 1165 return dentry;
1119 1166
1120 return lookup_real(base->d_inode, dentry, nd); 1167 return lookup_real(base->d_inode, dentry, flags);
1121} 1168}
1122 1169
1123/* 1170/*
@@ -1167,7 +1214,7 @@ static int lookup_fast(struct nameidata *nd, struct qstr *name,
1167 if (unlikely(d_need_lookup(dentry))) 1214 if (unlikely(d_need_lookup(dentry)))
1168 goto unlazy; 1215 goto unlazy;
1169 if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) { 1216 if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) {
1170 status = d_revalidate(dentry, nd); 1217 status = d_revalidate(dentry, nd->flags);
1171 if (unlikely(status <= 0)) { 1218 if (unlikely(status <= 0)) {
1172 if (status != -ECHILD) 1219 if (status != -ECHILD)
1173 need_reval = 0; 1220 need_reval = 0;
@@ -1197,7 +1244,7 @@ unlazy:
1197 } 1244 }
1198 1245
1199 if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE) && need_reval) 1246 if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE) && need_reval)
1200 status = d_revalidate(dentry, nd); 1247 status = d_revalidate(dentry, nd->flags);
1201 if (unlikely(status <= 0)) { 1248 if (unlikely(status <= 0)) {
1202 if (status < 0) { 1249 if (status < 0) {
1203 dput(dentry); 1250 dput(dentry);
@@ -1236,7 +1283,7 @@ static int lookup_slow(struct nameidata *nd, struct qstr *name,
1236 BUG_ON(nd->inode != parent->d_inode); 1283 BUG_ON(nd->inode != parent->d_inode);
1237 1284
1238 mutex_lock(&parent->d_inode->i_mutex); 1285 mutex_lock(&parent->d_inode->i_mutex);
1239 dentry = __lookup_hash(name, parent, nd); 1286 dentry = __lookup_hash(name, parent, nd->flags);
1240 mutex_unlock(&parent->d_inode->i_mutex); 1287 mutex_unlock(&parent->d_inode->i_mutex);
1241 if (IS_ERR(dentry)) 1288 if (IS_ERR(dentry))
1242 return PTR_ERR(dentry); 1289 return PTR_ERR(dentry);
@@ -1284,8 +1331,7 @@ static void terminate_walk(struct nameidata *nd)
1284 nd->flags &= ~LOOKUP_RCU; 1331 nd->flags &= ~LOOKUP_RCU;
1285 if (!(nd->flags & LOOKUP_ROOT)) 1332 if (!(nd->flags & LOOKUP_ROOT))
1286 nd->root.mnt = NULL; 1333 nd->root.mnt = NULL;
1287 rcu_read_unlock(); 1334 unlock_rcu_walk();
1288 br_read_unlock(&vfsmount_lock);
1289 } 1335 }
1290} 1336}
1291 1337
@@ -1383,9 +1429,10 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
1383 void *cookie; 1429 void *cookie;
1384 1430
1385 res = follow_link(&link, nd, &cookie); 1431 res = follow_link(&link, nd, &cookie);
1386 if (!res) 1432 if (res)
1387 res = walk_component(nd, path, &nd->last, 1433 break;
1388 nd->last_type, LOOKUP_FOLLOW); 1434 res = walk_component(nd, path, &nd->last,
1435 nd->last_type, LOOKUP_FOLLOW);
1389 put_link(nd, &link, cookie); 1436 put_link(nd, &link, cookie);
1390 } while (res > 0); 1437 } while (res > 0);
1391 1438
@@ -1651,8 +1698,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
1651 nd->path = nd->root; 1698 nd->path = nd->root;
1652 nd->inode = inode; 1699 nd->inode = inode;
1653 if (flags & LOOKUP_RCU) { 1700 if (flags & LOOKUP_RCU) {
1654 br_read_lock(&vfsmount_lock); 1701 lock_rcu_walk();
1655 rcu_read_lock();
1656 nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 1702 nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq);
1657 } else { 1703 } else {
1658 path_get(&nd->path); 1704 path_get(&nd->path);
@@ -1664,8 +1710,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
1664 1710
1665 if (*name=='/') { 1711 if (*name=='/') {
1666 if (flags & LOOKUP_RCU) { 1712 if (flags & LOOKUP_RCU) {
1667 br_read_lock(&vfsmount_lock); 1713 lock_rcu_walk();
1668 rcu_read_lock();
1669 set_root_rcu(nd); 1714 set_root_rcu(nd);
1670 } else { 1715 } else {
1671 set_root(nd); 1716 set_root(nd);
@@ -1677,8 +1722,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
1677 struct fs_struct *fs = current->fs; 1722 struct fs_struct *fs = current->fs;
1678 unsigned seq; 1723 unsigned seq;
1679 1724
1680 br_read_lock(&vfsmount_lock); 1725 lock_rcu_walk();
1681 rcu_read_lock();
1682 1726
1683 do { 1727 do {
1684 seq = read_seqcount_begin(&fs->seq); 1728 seq = read_seqcount_begin(&fs->seq);
@@ -1713,8 +1757,7 @@ static int path_init(int dfd, const char *name, unsigned int flags,
1713 if (fput_needed) 1757 if (fput_needed)
1714 *fp = file; 1758 *fp = file;
1715 nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq); 1759 nd->seq = __read_seqcount_begin(&nd->path.dentry->d_seq);
1716 br_read_lock(&vfsmount_lock); 1760 lock_rcu_walk();
1717 rcu_read_lock();
1718 } else { 1761 } else {
1719 path_get(&file->f_path); 1762 path_get(&file->f_path);
1720 fput_light(file, fput_needed); 1763 fput_light(file, fput_needed);
@@ -1777,8 +1820,9 @@ static int path_lookupat(int dfd, const char *name,
1777 struct path link = path; 1820 struct path link = path;
1778 nd->flags |= LOOKUP_PARENT; 1821 nd->flags |= LOOKUP_PARENT;
1779 err = follow_link(&link, nd, &cookie); 1822 err = follow_link(&link, nd, &cookie);
1780 if (!err) 1823 if (err)
1781 err = lookup_last(nd, &path); 1824 break;
1825 err = lookup_last(nd, &path);
1782 put_link(nd, &link, cookie); 1826 put_link(nd, &link, cookie);
1783 } 1827 }
1784 } 1828 }
@@ -1821,9 +1865,27 @@ static int do_path_lookup(int dfd, const char *name,
1821 return retval; 1865 return retval;
1822} 1866}
1823 1867
1824int kern_path_parent(const char *name, struct nameidata *nd) 1868/* does lookup, returns the object with parent locked */
1869struct dentry *kern_path_locked(const char *name, struct path *path)
1825{ 1870{
1826 return do_path_lookup(AT_FDCWD, name, LOOKUP_PARENT, nd); 1871 struct nameidata nd;
1872 struct dentry *d;
1873 int err = do_path_lookup(AT_FDCWD, name, LOOKUP_PARENT, &nd);
1874 if (err)
1875 return ERR_PTR(err);
1876 if (nd.last_type != LAST_NORM) {
1877 path_put(&nd.path);
1878 return ERR_PTR(-EINVAL);
1879 }
1880 mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT);
1881 d = __lookup_hash(&nd.last, nd.path.dentry, 0);
1882 if (IS_ERR(d)) {
1883 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
1884 path_put(&nd.path);
1885 return d;
1886 }
1887 *path = nd.path;
1888 return d;
1827} 1889}
1828 1890
1829int kern_path(const char *name, unsigned int flags, struct path *path) 1891int kern_path(const char *name, unsigned int flags, struct path *path)
@@ -1866,7 +1928,7 @@ int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt,
1866 */ 1928 */
1867static struct dentry *lookup_hash(struct nameidata *nd) 1929static struct dentry *lookup_hash(struct nameidata *nd)
1868{ 1930{
1869 return __lookup_hash(&nd->last, nd->path.dentry, nd); 1931 return __lookup_hash(&nd->last, nd->path.dentry, nd->flags);
1870} 1932}
1871 1933
1872/** 1934/**
@@ -1913,7 +1975,7 @@ struct dentry *lookup_one_len(const char *name, struct dentry *base, int len)
1913 if (err) 1975 if (err)
1914 return ERR_PTR(err); 1976 return ERR_PTR(err);
1915 1977
1916 return __lookup_hash(&this, base, NULL); 1978 return __lookup_hash(&this, base, 0);
1917} 1979}
1918 1980
1919int user_path_at_empty(int dfd, const char __user *name, unsigned flags, 1981int user_path_at_empty(int dfd, const char __user *name, unsigned flags,
@@ -2086,10 +2148,9 @@ void unlock_rename(struct dentry *p1, struct dentry *p2)
2086} 2148}
2087 2149
2088int vfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, 2150int vfs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
2089 struct nameidata *nd) 2151 bool want_excl)
2090{ 2152{
2091 int error = may_create(dir, dentry); 2153 int error = may_create(dir, dentry);
2092
2093 if (error) 2154 if (error)
2094 return error; 2155 return error;
2095 2156
@@ -2100,7 +2161,7 @@ int vfs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
2100 error = security_inode_create(dir, dentry, mode); 2161 error = security_inode_create(dir, dentry, mode);
2101 if (error) 2162 if (error)
2102 return error; 2163 return error;
2103 error = dir->i_op->create(dir, dentry, mode, nd); 2164 error = dir->i_op->create(dir, dentry, mode, want_excl);
2104 if (!error) 2165 if (!error)
2105 fsnotify_create(dir, dentry); 2166 fsnotify_create(dir, dentry);
2106 return error; 2167 return error;
@@ -2187,21 +2248,275 @@ static inline int open_to_namei_flags(int flag)
2187 return flag; 2248 return flag;
2188} 2249}
2189 2250
2251static int may_o_create(struct path *dir, struct dentry *dentry, umode_t mode)
2252{
2253 int error = security_path_mknod(dir, dentry, mode, 0);
2254 if (error)
2255 return error;
2256
2257 error = inode_permission(dir->dentry->d_inode, MAY_WRITE | MAY_EXEC);
2258 if (error)
2259 return error;
2260
2261 return security_inode_create(dir->dentry->d_inode, dentry, mode);
2262}
2263
2190/* 2264/*
2191 * Handle the last step of open() 2265 * Attempt to atomically look up, create and open a file from a negative
2266 * dentry.
2267 *
2268 * Returns 0 if successful. The file will have been created and attached to
2269 * @file by the filesystem calling finish_open().
2270 *
2271 * Returns 1 if the file was looked up only or didn't need creating. The
2272 * caller will need to perform the open themselves. @path will have been
2273 * updated to point to the new dentry. This may be negative.
2274 *
2275 * Returns an error code otherwise.
2276 */
2277static int atomic_open(struct nameidata *nd, struct dentry *dentry,
2278 struct path *path, struct file *file,
2279 const struct open_flags *op,
2280 bool *want_write, bool need_lookup,
2281 int *opened)
2282{
2283 struct inode *dir = nd->path.dentry->d_inode;
2284 unsigned open_flag = open_to_namei_flags(op->open_flag);
2285 umode_t mode;
2286 int error;
2287 int acc_mode;
2288 int create_error = 0;
2289 struct dentry *const DENTRY_NOT_SET = (void *) -1UL;
2290
2291 BUG_ON(dentry->d_inode);
2292
2293 /* Don't create child dentry for a dead directory. */
2294 if (unlikely(IS_DEADDIR(dir))) {
2295 error = -ENOENT;
2296 goto out;
2297 }
2298
2299 mode = op->mode & S_IALLUGO;
2300 if ((open_flag & O_CREAT) && !IS_POSIXACL(dir))
2301 mode &= ~current_umask();
2302
2303 if (open_flag & O_EXCL) {
2304 open_flag &= ~O_TRUNC;
2305 *opened |= FILE_CREATED;
2306 }
2307
2308 /*
2309 * Checking write permission is tricky, bacuse we don't know if we are
2310 * going to actually need it: O_CREAT opens should work as long as the
2311 * file exists. But checking existence breaks atomicity. The trick is
2312 * to check access and if not granted clear O_CREAT from the flags.
2313 *
2314 * Another problem is returing the "right" error value (e.g. for an
2315 * O_EXCL open we want to return EEXIST not EROFS).
2316 */
2317 if ((open_flag & (O_CREAT | O_TRUNC)) ||
2318 (open_flag & O_ACCMODE) != O_RDONLY) {
2319 error = mnt_want_write(nd->path.mnt);
2320 if (!error) {
2321 *want_write = true;
2322 } else if (!(open_flag & O_CREAT)) {
2323 /*
2324 * No O_CREATE -> atomicity not a requirement -> fall
2325 * back to lookup + open
2326 */
2327 goto no_open;
2328 } else if (open_flag & (O_EXCL | O_TRUNC)) {
2329 /* Fall back and fail with the right error */
2330 create_error = error;
2331 goto no_open;
2332 } else {
2333 /* No side effects, safe to clear O_CREAT */
2334 create_error = error;
2335 open_flag &= ~O_CREAT;
2336 }
2337 }
2338
2339 if (open_flag & O_CREAT) {
2340 error = may_o_create(&nd->path, dentry, op->mode);
2341 if (error) {
2342 create_error = error;
2343 if (open_flag & O_EXCL)
2344 goto no_open;
2345 open_flag &= ~O_CREAT;
2346 }
2347 }
2348
2349 if (nd->flags & LOOKUP_DIRECTORY)
2350 open_flag |= O_DIRECTORY;
2351
2352 file->f_path.dentry = DENTRY_NOT_SET;
2353 file->f_path.mnt = nd->path.mnt;
2354 error = dir->i_op->atomic_open(dir, dentry, file, open_flag, mode,
2355 opened);
2356 if (error < 0) {
2357 if (create_error && error == -ENOENT)
2358 error = create_error;
2359 goto out;
2360 }
2361
2362 acc_mode = op->acc_mode;
2363 if (*opened & FILE_CREATED) {
2364 fsnotify_create(dir, dentry);
2365 acc_mode = MAY_OPEN;
2366 }
2367
2368 if (error) { /* returned 1, that is */
2369 if (WARN_ON(file->f_path.dentry == DENTRY_NOT_SET)) {
2370 error = -EIO;
2371 goto out;
2372 }
2373 if (file->f_path.dentry) {
2374 dput(dentry);
2375 dentry = file->f_path.dentry;
2376 }
2377 goto looked_up;
2378 }
2379
2380 /*
2381 * We didn't have the inode before the open, so check open permission
2382 * here.
2383 */
2384 error = may_open(&file->f_path, acc_mode, open_flag);
2385 if (error)
2386 fput(file);
2387
2388out:
2389 dput(dentry);
2390 return error;
2391
2392no_open:
2393 if (need_lookup) {
2394 dentry = lookup_real(dir, dentry, nd->flags);
2395 if (IS_ERR(dentry))
2396 return PTR_ERR(dentry);
2397
2398 if (create_error) {
2399 int open_flag = op->open_flag;
2400
2401 error = create_error;
2402 if ((open_flag & O_EXCL)) {
2403 if (!dentry->d_inode)
2404 goto out;
2405 } else if (!dentry->d_inode) {
2406 goto out;
2407 } else if ((open_flag & O_TRUNC) &&
2408 S_ISREG(dentry->d_inode->i_mode)) {
2409 goto out;
2410 }
2411 /* will fail later, go on to get the right error */
2412 }
2413 }
2414looked_up:
2415 path->dentry = dentry;
2416 path->mnt = nd->path.mnt;
2417 return 1;
2418}
2419
2420/*
2421 * Look up and maybe create and open the last component.
2422 *
2423 * Must be called with i_mutex held on parent.
2424 *
2425 * Returns 0 if the file was successfully atomically created (if necessary) and
2426 * opened. In this case the file will be returned attached to @file.
2427 *
2428 * Returns 1 if the file was not completely opened at this time, though lookups
2429 * and creations will have been performed and the dentry returned in @path will
2430 * be positive upon return if O_CREAT was specified. If O_CREAT wasn't
2431 * specified then a negative dentry may be returned.
2432 *
2433 * An error code is returned otherwise.
2434 *
2435 * FILE_CREATE will be set in @*opened if the dentry was created and will be
2436 * cleared otherwise prior to returning.
2192 */ 2437 */
2193static struct file *do_last(struct nameidata *nd, struct path *path, 2438static int lookup_open(struct nameidata *nd, struct path *path,
2194 const struct open_flags *op, const char *pathname) 2439 struct file *file,
2440 const struct open_flags *op,
2441 bool *want_write, int *opened)
2195{ 2442{
2196 struct dentry *dir = nd->path.dentry; 2443 struct dentry *dir = nd->path.dentry;
2444 struct inode *dir_inode = dir->d_inode;
2197 struct dentry *dentry; 2445 struct dentry *dentry;
2446 int error;
2447 bool need_lookup;
2448
2449 *opened &= ~FILE_CREATED;
2450 dentry = lookup_dcache(&nd->last, dir, nd->flags, &need_lookup);
2451 if (IS_ERR(dentry))
2452 return PTR_ERR(dentry);
2453
2454 /* Cached positive dentry: will open in f_op->open */
2455 if (!need_lookup && dentry->d_inode)
2456 goto out_no_open;
2457
2458 if ((nd->flags & LOOKUP_OPEN) && dir_inode->i_op->atomic_open) {
2459 return atomic_open(nd, dentry, path, file, op, want_write,
2460 need_lookup, opened);
2461 }
2462
2463 if (need_lookup) {
2464 BUG_ON(dentry->d_inode);
2465
2466 dentry = lookup_real(dir_inode, dentry, nd->flags);
2467 if (IS_ERR(dentry))
2468 return PTR_ERR(dentry);
2469 }
2470
2471 /* Negative dentry, just create the file */
2472 if (!dentry->d_inode && (op->open_flag & O_CREAT)) {
2473 umode_t mode = op->mode;
2474 if (!IS_POSIXACL(dir->d_inode))
2475 mode &= ~current_umask();
2476 /*
2477 * This write is needed to ensure that a
2478 * rw->ro transition does not occur between
2479 * the time when the file is created and when
2480 * a permanent write count is taken through
2481 * the 'struct file' in finish_open().
2482 */
2483 error = mnt_want_write(nd->path.mnt);
2484 if (error)
2485 goto out_dput;
2486 *want_write = true;
2487 *opened |= FILE_CREATED;
2488 error = security_path_mknod(&nd->path, dentry, mode, 0);
2489 if (error)
2490 goto out_dput;
2491 error = vfs_create(dir->d_inode, dentry, mode,
2492 nd->flags & LOOKUP_EXCL);
2493 if (error)
2494 goto out_dput;
2495 }
2496out_no_open:
2497 path->dentry = dentry;
2498 path->mnt = nd->path.mnt;
2499 return 1;
2500
2501out_dput:
2502 dput(dentry);
2503 return error;
2504}
2505
2506/*
2507 * Handle the last step of open()
2508 */
2509static int do_last(struct nameidata *nd, struct path *path,
2510 struct file *file, const struct open_flags *op,
2511 int *opened, const char *pathname)
2512{
2513 struct dentry *dir = nd->path.dentry;
2198 int open_flag = op->open_flag; 2514 int open_flag = op->open_flag;
2199 int will_truncate = open_flag & O_TRUNC; 2515 bool will_truncate = (open_flag & O_TRUNC) != 0;
2200 int want_write = 0; 2516 bool want_write = false;
2201 int acc_mode = op->acc_mode; 2517 int acc_mode = op->acc_mode;
2202 struct file *filp;
2203 struct inode *inode; 2518 struct inode *inode;
2204 int symlink_ok = 0; 2519 bool symlink_ok = false;
2205 struct path save_parent = { .dentry = NULL, .mnt = NULL }; 2520 struct path save_parent = { .dentry = NULL, .mnt = NULL };
2206 bool retried = false; 2521 bool retried = false;
2207 int error; 2522 int error;
@@ -2214,112 +2529,99 @@ static struct file *do_last(struct nameidata *nd, struct path *path,
2214 case LAST_DOT: 2529 case LAST_DOT:
2215 error = handle_dots(nd, nd->last_type); 2530 error = handle_dots(nd, nd->last_type);
2216 if (error) 2531 if (error)
2217 return ERR_PTR(error); 2532 return error;
2218 /* fallthrough */ 2533 /* fallthrough */
2219 case LAST_ROOT: 2534 case LAST_ROOT:
2220 error = complete_walk(nd); 2535 error = complete_walk(nd);
2221 if (error) 2536 if (error)
2222 return ERR_PTR(error); 2537 return error;
2223 audit_inode(pathname, nd->path.dentry); 2538 audit_inode(pathname, nd->path.dentry);
2224 if (open_flag & O_CREAT) { 2539 if (open_flag & O_CREAT) {
2225 error = -EISDIR; 2540 error = -EISDIR;
2226 goto exit; 2541 goto out;
2227 } 2542 }
2228 goto ok; 2543 goto finish_open;
2229 case LAST_BIND: 2544 case LAST_BIND:
2230 error = complete_walk(nd); 2545 error = complete_walk(nd);
2231 if (error) 2546 if (error)
2232 return ERR_PTR(error); 2547 return error;
2233 audit_inode(pathname, dir); 2548 audit_inode(pathname, dir);
2234 goto ok; 2549 goto finish_open;
2235 } 2550 }
2236 2551
2237 if (!(open_flag & O_CREAT)) { 2552 if (!(open_flag & O_CREAT)) {
2238 if (nd->last.name[nd->last.len]) 2553 if (nd->last.name[nd->last.len])
2239 nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY; 2554 nd->flags |= LOOKUP_FOLLOW | LOOKUP_DIRECTORY;
2240 if (open_flag & O_PATH && !(nd->flags & LOOKUP_FOLLOW)) 2555 if (open_flag & O_PATH && !(nd->flags & LOOKUP_FOLLOW))
2241 symlink_ok = 1; 2556 symlink_ok = true;
2242 /* we _can_ be in RCU mode here */ 2557 /* we _can_ be in RCU mode here */
2243 error = lookup_fast(nd, &nd->last, path, &inode); 2558 error = lookup_fast(nd, &nd->last, path, &inode);
2244 if (unlikely(error)) { 2559 if (likely(!error))
2245 if (error < 0) 2560 goto finish_lookup;
2246 goto exit;
2247 2561
2248 error = lookup_slow(nd, &nd->last, path); 2562 if (error < 0)
2249 if (error < 0) 2563 goto out;
2250 goto exit;
2251 2564
2252 inode = path->dentry->d_inode; 2565 BUG_ON(nd->inode != dir->d_inode);
2253 } 2566 } else {
2254 goto finish_lookup; 2567 /* create side of things */
2255 } 2568 /*
2256 2569 * This will *only* deal with leaving RCU mode - LOOKUP_JUMPED
2257 /* create side of things */ 2570 * has been cleared when we got to the last component we are
2258 /* 2571 * about to look up
2259 * This will *only* deal with leaving RCU mode - LOOKUP_JUMPED has been 2572 */
2260 * cleared when we got to the last component we are about to look up 2573 error = complete_walk(nd);
2261 */ 2574 if (error)
2262 error = complete_walk(nd); 2575 return error;
2263 if (error)
2264 return ERR_PTR(error);
2265 2576
2266 audit_inode(pathname, dir); 2577 audit_inode(pathname, dir);
2267 error = -EISDIR; 2578 error = -EISDIR;
2268 /* trailing slashes? */ 2579 /* trailing slashes? */
2269 if (nd->last.name[nd->last.len]) 2580 if (nd->last.name[nd->last.len])
2270 goto exit; 2581 goto out;
2582 }
2271 2583
2272retry_lookup: 2584retry_lookup:
2273 mutex_lock(&dir->d_inode->i_mutex); 2585 mutex_lock(&dir->d_inode->i_mutex);
2586 error = lookup_open(nd, path, file, op, &want_write, opened);
2587 mutex_unlock(&dir->d_inode->i_mutex);
2274 2588
2275 dentry = lookup_hash(nd); 2589 if (error <= 0) {
2276 error = PTR_ERR(dentry); 2590 if (error)
2277 if (IS_ERR(dentry)) { 2591 goto out;
2278 mutex_unlock(&dir->d_inode->i_mutex);
2279 goto exit;
2280 }
2281 2592
2282 path->dentry = dentry; 2593 if ((*opened & FILE_CREATED) ||
2283 path->mnt = nd->path.mnt; 2594 !S_ISREG(file->f_path.dentry->d_inode->i_mode))
2595 will_truncate = false;
2284 2596
2285 /* Negative dentry, just create the file */ 2597 audit_inode(pathname, file->f_path.dentry);
2286 if (!dentry->d_inode) { 2598 goto opened;
2287 umode_t mode = op->mode; 2599 }
2288 if (!IS_POSIXACL(dir->d_inode)) 2600
2289 mode &= ~current_umask(); 2601 if (*opened & FILE_CREATED) {
2290 /*
2291 * This write is needed to ensure that a
2292 * rw->ro transition does not occur between
2293 * the time when the file is created and when
2294 * a permanent write count is taken through
2295 * the 'struct file' in nameidata_to_filp().
2296 */
2297 error = mnt_want_write(nd->path.mnt);
2298 if (error)
2299 goto exit_mutex_unlock;
2300 want_write = 1;
2301 /* Don't check for write permission, don't truncate */ 2602 /* Don't check for write permission, don't truncate */
2302 open_flag &= ~O_TRUNC; 2603 open_flag &= ~O_TRUNC;
2303 will_truncate = 0; 2604 will_truncate = false;
2304 acc_mode = MAY_OPEN; 2605 acc_mode = MAY_OPEN;
2305 error = security_path_mknod(&nd->path, dentry, mode, 0); 2606 path_to_nameidata(path, nd);
2306 if (error) 2607 goto finish_open_created;
2307 goto exit_mutex_unlock;
2308 error = vfs_create(dir->d_inode, dentry, mode, nd);
2309 if (error)
2310 goto exit_mutex_unlock;
2311 mutex_unlock(&dir->d_inode->i_mutex);
2312 dput(nd->path.dentry);
2313 nd->path.dentry = dentry;
2314 goto common;
2315 } 2608 }
2316 2609
2317 /* 2610 /*
2318 * It already exists. 2611 * It already exists.
2319 */ 2612 */
2320 mutex_unlock(&dir->d_inode->i_mutex);
2321 audit_inode(pathname, path->dentry); 2613 audit_inode(pathname, path->dentry);
2322 2614
2615 /*
2616 * If atomic_open() acquired write access it is dropped now due to
2617 * possible mount and symlink following (this might be optimized away if
2618 * necessary...)
2619 */
2620 if (want_write) {
2621 mnt_drop_write(nd->path.mnt);
2622 want_write = false;
2623 }
2624
2323 error = -EEXIST; 2625 error = -EEXIST;
2324 if (open_flag & O_EXCL) 2626 if (open_flag & O_EXCL)
2325 goto exit_dput; 2627 goto exit_dput;
@@ -2338,18 +2640,18 @@ finish_lookup:
2338 error = -ENOENT; 2640 error = -ENOENT;
2339 if (!inode) { 2641 if (!inode) {
2340 path_to_nameidata(path, nd); 2642 path_to_nameidata(path, nd);
2341 goto exit; 2643 goto out;
2342 } 2644 }
2343 2645
2344 if (should_follow_link(inode, !symlink_ok)) { 2646 if (should_follow_link(inode, !symlink_ok)) {
2345 if (nd->flags & LOOKUP_RCU) { 2647 if (nd->flags & LOOKUP_RCU) {
2346 if (unlikely(unlazy_walk(nd, path->dentry))) { 2648 if (unlikely(unlazy_walk(nd, path->dentry))) {
2347 error = -ECHILD; 2649 error = -ECHILD;
2348 goto exit; 2650 goto out;
2349 } 2651 }
2350 } 2652 }
2351 BUG_ON(inode != path->dentry->d_inode); 2653 BUG_ON(inode != path->dentry->d_inode);
2352 return NULL; 2654 return 1;
2353 } 2655 }
2354 2656
2355 if ((nd->flags & LOOKUP_RCU) || nd->path.mnt != path->mnt) { 2657 if ((nd->flags & LOOKUP_RCU) || nd->path.mnt != path->mnt) {
@@ -2365,119 +2667,122 @@ finish_lookup:
2365 error = complete_walk(nd); 2667 error = complete_walk(nd);
2366 if (error) { 2668 if (error) {
2367 path_put(&save_parent); 2669 path_put(&save_parent);
2368 return ERR_PTR(error); 2670 return error;
2369 } 2671 }
2370 error = -EISDIR; 2672 error = -EISDIR;
2371 if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode)) 2673 if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode))
2372 goto exit; 2674 goto out;
2373 error = -ENOTDIR; 2675 error = -ENOTDIR;
2374 if ((nd->flags & LOOKUP_DIRECTORY) && !nd->inode->i_op->lookup) 2676 if ((nd->flags & LOOKUP_DIRECTORY) && !nd->inode->i_op->lookup)
2375 goto exit; 2677 goto out;
2376 audit_inode(pathname, nd->path.dentry); 2678 audit_inode(pathname, nd->path.dentry);
2377ok: 2679finish_open:
2378 if (!S_ISREG(nd->inode->i_mode)) 2680 if (!S_ISREG(nd->inode->i_mode))
2379 will_truncate = 0; 2681 will_truncate = false;
2380 2682
2381 if (will_truncate) { 2683 if (will_truncate) {
2382 error = mnt_want_write(nd->path.mnt); 2684 error = mnt_want_write(nd->path.mnt);
2383 if (error) 2685 if (error)
2384 goto exit; 2686 goto out;
2385 want_write = 1; 2687 want_write = true;
2386 } 2688 }
2387common: 2689finish_open_created:
2388 error = may_open(&nd->path, acc_mode, open_flag); 2690 error = may_open(&nd->path, acc_mode, open_flag);
2389 if (error) 2691 if (error)
2390 goto exit; 2692 goto out;
2391 filp = nameidata_to_filp(nd); 2693 file->f_path.mnt = nd->path.mnt;
2392 if (filp == ERR_PTR(-EOPENSTALE) && save_parent.dentry && !retried) { 2694 error = finish_open(file, nd->path.dentry, NULL, opened);
2393 BUG_ON(save_parent.dentry != dir); 2695 if (error) {
2394 path_put(&nd->path); 2696 if (error == -EOPENSTALE)
2395 nd->path = save_parent; 2697 goto stale_open;
2396 nd->inode = dir->d_inode; 2698 goto out;
2397 save_parent.mnt = NULL;
2398 save_parent.dentry = NULL;
2399 if (want_write) {
2400 mnt_drop_write(nd->path.mnt);
2401 want_write = 0;
2402 }
2403 retried = true;
2404 goto retry_lookup;
2405 }
2406 if (!IS_ERR(filp)) {
2407 error = ima_file_check(filp, op->acc_mode);
2408 if (error) {
2409 fput(filp);
2410 filp = ERR_PTR(error);
2411 }
2412 } 2699 }
2413 if (!IS_ERR(filp)) { 2700opened:
2414 if (will_truncate) { 2701 error = open_check_o_direct(file);
2415 error = handle_truncate(filp); 2702 if (error)
2416 if (error) { 2703 goto exit_fput;
2417 fput(filp); 2704 error = ima_file_check(file, op->acc_mode);
2418 filp = ERR_PTR(error); 2705 if (error)
2419 } 2706 goto exit_fput;
2420 } 2707
2708 if (will_truncate) {
2709 error = handle_truncate(file);
2710 if (error)
2711 goto exit_fput;
2421 } 2712 }
2422out: 2713out:
2423 if (want_write) 2714 if (want_write)
2424 mnt_drop_write(nd->path.mnt); 2715 mnt_drop_write(nd->path.mnt);
2425 path_put(&save_parent); 2716 path_put(&save_parent);
2426 terminate_walk(nd); 2717 terminate_walk(nd);
2427 return filp; 2718 return error;
2428 2719
2429exit_mutex_unlock:
2430 mutex_unlock(&dir->d_inode->i_mutex);
2431exit_dput: 2720exit_dput:
2432 path_put_conditional(path, nd); 2721 path_put_conditional(path, nd);
2433exit:
2434 filp = ERR_PTR(error);
2435 goto out; 2722 goto out;
2723exit_fput:
2724 fput(file);
2725 goto out;
2726
2727stale_open:
2728 /* If no saved parent or already retried then can't retry */
2729 if (!save_parent.dentry || retried)
2730 goto out;
2731
2732 BUG_ON(save_parent.dentry != dir);
2733 path_put(&nd->path);
2734 nd->path = save_parent;
2735 nd->inode = dir->d_inode;
2736 save_parent.mnt = NULL;
2737 save_parent.dentry = NULL;
2738 if (want_write) {
2739 mnt_drop_write(nd->path.mnt);
2740 want_write = false;
2741 }
2742 retried = true;
2743 goto retry_lookup;
2436} 2744}
2437 2745
2438static struct file *path_openat(int dfd, const char *pathname, 2746static struct file *path_openat(int dfd, const char *pathname,
2439 struct nameidata *nd, const struct open_flags *op, int flags) 2747 struct nameidata *nd, const struct open_flags *op, int flags)
2440{ 2748{
2441 struct file *base = NULL; 2749 struct file *base = NULL;
2442 struct file *filp; 2750 struct file *file;
2443 struct path path; 2751 struct path path;
2752 int opened = 0;
2444 int error; 2753 int error;
2445 2754
2446 filp = get_empty_filp(); 2755 file = get_empty_filp();
2447 if (!filp) 2756 if (!file)
2448 return ERR_PTR(-ENFILE); 2757 return ERR_PTR(-ENFILE);
2449 2758
2450 filp->f_flags = op->open_flag; 2759 file->f_flags = op->open_flag;
2451 nd->intent.open.file = filp;
2452 nd->intent.open.flags = open_to_namei_flags(op->open_flag);
2453 nd->intent.open.create_mode = op->mode;
2454 2760
2455 error = path_init(dfd, pathname, flags | LOOKUP_PARENT, nd, &base); 2761 error = path_init(dfd, pathname, flags | LOOKUP_PARENT, nd, &base);
2456 if (unlikely(error)) 2762 if (unlikely(error))
2457 goto out_filp; 2763 goto out;
2458 2764
2459 current->total_link_count = 0; 2765 current->total_link_count = 0;
2460 error = link_path_walk(pathname, nd); 2766 error = link_path_walk(pathname, nd);
2461 if (unlikely(error)) 2767 if (unlikely(error))
2462 goto out_filp; 2768 goto out;
2463 2769
2464 filp = do_last(nd, &path, op, pathname); 2770 error = do_last(nd, &path, file, op, &opened, pathname);
2465 while (unlikely(!filp)) { /* trailing symlink */ 2771 while (unlikely(error > 0)) { /* trailing symlink */
2466 struct path link = path; 2772 struct path link = path;
2467 void *cookie; 2773 void *cookie;
2468 if (!(nd->flags & LOOKUP_FOLLOW)) { 2774 if (!(nd->flags & LOOKUP_FOLLOW)) {
2469 path_put_conditional(&path, nd); 2775 path_put_conditional(&path, nd);
2470 path_put(&nd->path); 2776 path_put(&nd->path);
2471 filp = ERR_PTR(-ELOOP); 2777 error = -ELOOP;
2472 break; 2778 break;
2473 } 2779 }
2474 nd->flags |= LOOKUP_PARENT; 2780 nd->flags |= LOOKUP_PARENT;
2475 nd->flags &= ~(LOOKUP_OPEN|LOOKUP_CREATE|LOOKUP_EXCL); 2781 nd->flags &= ~(LOOKUP_OPEN|LOOKUP_CREATE|LOOKUP_EXCL);
2476 error = follow_link(&link, nd, &cookie); 2782 error = follow_link(&link, nd, &cookie);
2477 if (unlikely(error)) 2783 if (unlikely(error))
2478 filp = ERR_PTR(error); 2784 break;
2479 else 2785 error = do_last(nd, &path, file, op, &opened, pathname);
2480 filp = do_last(nd, &path, op, pathname);
2481 put_link(nd, &link, cookie); 2786 put_link(nd, &link, cookie);
2482 } 2787 }
2483out: 2788out:
@@ -2485,18 +2790,20 @@ out:
2485 path_put(&nd->root); 2790 path_put(&nd->root);
2486 if (base) 2791 if (base)
2487 fput(base); 2792 fput(base);
2488 release_open_intent(nd); 2793 if (!(opened & FILE_OPENED)) {
2489 if (filp == ERR_PTR(-EOPENSTALE)) { 2794 BUG_ON(!error);
2490 if (flags & LOOKUP_RCU) 2795 put_filp(file);
2491 filp = ERR_PTR(-ECHILD);
2492 else
2493 filp = ERR_PTR(-ESTALE);
2494 } 2796 }
2495 return filp; 2797 if (unlikely(error)) {
2496 2798 if (error == -EOPENSTALE) {
2497out_filp: 2799 if (flags & LOOKUP_RCU)
2498 filp = ERR_PTR(error); 2800 error = -ECHILD;
2499 goto out; 2801 else
2802 error = -ESTALE;
2803 }
2804 file = ERR_PTR(error);
2805 }
2806 return file;
2500} 2807}
2501 2808
2502struct file *do_filp_open(int dfd, const char *pathname, 2809struct file *do_filp_open(int dfd, const char *pathname,
@@ -2551,7 +2858,6 @@ struct dentry *kern_path_create(int dfd, const char *pathname, struct path *path
2551 goto out; 2858 goto out;
2552 nd.flags &= ~LOOKUP_PARENT; 2859 nd.flags &= ~LOOKUP_PARENT;
2553 nd.flags |= LOOKUP_CREATE | LOOKUP_EXCL; 2860 nd.flags |= LOOKUP_CREATE | LOOKUP_EXCL;
2554 nd.intent.open.flags = O_EXCL;
2555 2861
2556 /* 2862 /*
2557 * Do the final lookup. 2863 * Do the final lookup.
@@ -2670,7 +2976,7 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const char __user *, filename, umode_t, mode,
2670 goto out_drop_write; 2976 goto out_drop_write;
2671 switch (mode & S_IFMT) { 2977 switch (mode & S_IFMT) {
2672 case 0: case S_IFREG: 2978 case 0: case S_IFREG:
2673 error = vfs_create(path.dentry->d_inode,dentry,mode,NULL); 2979 error = vfs_create(path.dentry->d_inode,dentry,mode,true);
2674 break; 2980 break;
2675 case S_IFCHR: case S_IFBLK: 2981 case S_IFCHR: case S_IFBLK:
2676 error = vfs_mknod(path.dentry->d_inode,dentry,mode, 2982 error = vfs_mknod(path.dentry->d_inode,dentry,mode,
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-18 08:53:57 -0400