aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2010-03-05 14:46:31 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2010-03-05 14:46:31 -0500
commit35c2e967d067ff02dc944f2434f024419c2fe83a (patch)
tree3fcecfe650d359f9a63a2a22c9faa3dff2b0a7a6
parent6c550ee41596798cbd873d3df9f8ea0a4ce7ad2f (diff)
parent1f36f774b22a0ceb7dd33eca626746c81a97b6a5 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: Switch !O_CREAT case to use of do_last() Get rid of symlink body copying Finish pulling of -ESTALE handling to upper level in do_filp_open() Turn do_link spaghetty into a normal loop Unify exits in O_CREAT handling Kill is_link argument of do_last() Pull handling of LAST_BIND into do_last(), clean up ok: part in do_filp_open() Leave mangled flag only for setting nd.intent.open.flag Get rid of passing mangled flag to do_last() Don't pass mangled open_flag to finish_open() pull more into do_last() bail out with ELOOP earlier in do_link loop pull the common predecessors into do_last() postpone __putname() until after do_last() unroll do_last: loop in do_filp_open() Shift releasing nd->root from do_last() to its caller gut do_filp_open() a bit more (do_last separation) beginning to untangle do_filp_open()
Diffstat
-rw-r--r--fs/namei.c521
1 files changed, 262 insertions, 259 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 0741c69b3319..9a6456099f1e 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -498,8 +498,6 @@ static int link_path_walk(const char *, struct nameidata *);
498 498
499static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 499static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link)
500{ 500{
501 int res = 0;
502 char *name;
503 if (IS_ERR(link)) 501 if (IS_ERR(link))
504 goto fail; 502 goto fail;
505 503
@@ -510,22 +508,7 @@ static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *l
510 path_get(&nd->root); 508 path_get(&nd->root);
511 } 509 }
512 510
513 res = link_path_walk(link, nd); 511 return link_path_walk(link, nd);
514 if (nd->depth || res || nd->last_type!=LAST_NORM)
515 return res;
516 /*
517 * If it is an iterative symlinks resolution in open_namei() we
518 * have to copy the last component. And all that crap because of
519 * bloody create() on broken symlinks. Furrfu...
520 */
521 name = __getname();
522 if (unlikely(!name)) {
523 path_put(&nd->path);
524 return -ENOMEM;
525 }
526 strcpy(name, nd->last.name);
527 nd->last.name = name;
528 return 0;
529fail: 512fail:
530 path_put(&nd->path); 513 path_put(&nd->path);
531 return PTR_ERR(link); 514 return PTR_ERR(link);
@@ -547,10 +530,10 @@ static inline void path_to_nameidata(struct path *path, struct nameidata *nd)
547 nd->path.dentry = path->dentry; 530 nd->path.dentry = path->dentry;
548} 531}
549 532
550static __always_inline int __do_follow_link(struct path *path, struct nameidata *nd) 533static __always_inline int
534__do_follow_link(struct path *path, struct nameidata *nd, void **p)
551{ 535{
552 int error; 536 int error;
553 void *cookie;
554 struct dentry *dentry = path->dentry; 537 struct dentry *dentry = path->dentry;
555 538
556 touch_atime(path->mnt, dentry); 539 touch_atime(path->mnt, dentry);
@@ -562,9 +545,9 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
562 } 545 }
563 mntget(path->mnt); 546 mntget(path->mnt);
564 nd->last_type = LAST_BIND; 547 nd->last_type = LAST_BIND;
565 cookie = dentry->d_inode->i_op->follow_link(dentry, nd); 548 *p = dentry->d_inode->i_op->follow_link(dentry, nd);
566 error = PTR_ERR(cookie); 549 error = PTR_ERR(*p);
567 if (!IS_ERR(cookie)) { 550 if (!IS_ERR(*p)) {
568 char *s = nd_get_link(nd); 551 char *s = nd_get_link(nd);
569 error = 0; 552 error = 0;
570 if (s) 553 if (s)
@@ -574,8 +557,6 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
574 if (error) 557 if (error)
575 path_put(&nd->path); 558 path_put(&nd->path);
576 } 559 }
577 if (dentry->d_inode->i_op->put_link)
578 dentry->d_inode->i_op->put_link(dentry, nd, cookie);
579 } 560 }
580 return error; 561 return error;
581} 562}
@@ -589,6 +570,7 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
589 */ 570 */
590static inline int do_follow_link(struct path *path, struct nameidata *nd) 571static inline int do_follow_link(struct path *path, struct nameidata *nd)
591{ 572{
573 void *cookie;
592 int err = -ELOOP; 574 int err = -ELOOP;
593 if (current->link_count >= MAX_NESTED_LINKS) 575 if (current->link_count >= MAX_NESTED_LINKS)
594 goto loop; 576 goto loop;
@@ -602,7 +584,9 @@ static inline int do_follow_link(struct path *path, struct nameidata *nd)
602 current->link_count++; 584 current->link_count++;
603 current->total_link_count++; 585 current->total_link_count++;
604 nd->depth++; 586 nd->depth++;
605 err = __do_follow_link(path, nd); 587 err = __do_follow_link(path, nd, &cookie);
588 if (!IS_ERR(cookie) && path->dentry->d_inode->i_op->put_link)
589 path->dentry->d_inode->i_op->put_link(path->dentry, nd, cookie);
606 path_put(path); 590 path_put(path);
607 current->link_count--; 591 current->link_count--;
608 nd->depth--; 592 nd->depth--;
@@ -1375,22 +1359,6 @@ static inline int may_create(struct inode *dir, struct dentry *child)
1375 return inode_permission(dir, MAY_WRITE | MAY_EXEC); 1359 return inode_permission(dir, MAY_WRITE | MAY_EXEC);
1376} 1360}
1377 1361
1378/*
1379 * O_DIRECTORY translates into forcing a directory lookup.
1380 */
1381static inline int lookup_flags(unsigned int f)
1382{
1383 unsigned long retval = LOOKUP_FOLLOW;
1384
1385 if (f & O_NOFOLLOW)
1386 retval &= ~LOOKUP_FOLLOW;
1387
1388 if (f & O_DIRECTORY)
1389 retval |= LOOKUP_DIRECTORY;
1390
1391 return retval;
1392}
1393
1394/* 1362/*
1395 * p1 and p2 should be directories on the same fs. 1363 * p1 and p2 should be directories on the same fs.
1396 */ 1364 */
@@ -1590,129 +1558,135 @@ static int open_will_truncate(int flag, struct inode *inode)
1590 return (flag & O_TRUNC); 1558 return (flag & O_TRUNC);
1591} 1559}
1592 1560
1593/* 1561static struct file *finish_open(struct nameidata *nd,
1594 * Note that the low bits of the passed in "open_flag" 1562 int open_flag, int acc_mode)
1595 * are not the same as in the local variable "flag". See
1596 * open_to_namei_flags() for more details.
1597 */
1598struct file *do_filp_open(int dfd, const char *pathname,
1599 int open_flag, int mode, int acc_mode)
1600{ 1563{
1601 struct file *filp; 1564 struct file *filp;
1602 struct nameidata nd;
1603 int error;
1604 struct path path;
1605 struct dentry *dir;
1606 int count = 0;
1607 int will_truncate; 1565 int will_truncate;
1608 int flag = open_to_namei_flags(open_flag); 1566 int error;
1609 int force_reval = 0;
1610 1567
1568 will_truncate = open_will_truncate(open_flag, nd->path.dentry->d_inode);
1569 if (will_truncate) {
1570 error = mnt_want_write(nd->path.mnt);
1571 if (error)
1572 goto exit;
1573 }
1574 error = may_open(&nd->path, acc_mode, open_flag);
1575 if (error) {
1576 if (will_truncate)
1577 mnt_drop_write(nd->path.mnt);
1578 goto exit;
1579 }
1580 filp = nameidata_to_filp(nd);
1581 if (!IS_ERR(filp)) {
1582 error = ima_file_check(filp, acc_mode);
1583 if (error) {
1584 fput(filp);
1585 filp = ERR_PTR(error);
1586 }
1587 }
1588 if (!IS_ERR(filp)) {
1589 if (acc_mode & MAY_WRITE)
1590 vfs_dq_init(nd->path.dentry->d_inode);
1591
1592 if (will_truncate) {
1593 error = handle_truncate(&nd->path);
1594 if (error) {
1595 fput(filp);
1596 filp = ERR_PTR(error);
1597 }
1598 }
1599 }
1611 /* 1600 /*
1612 * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only 1601 * It is now safe to drop the mnt write
1613 * check for O_DSYNC if the need any syncing at all we enforce it's 1602 * because the filp has had a write taken
1614 * always set instead of having to deal with possibly weird behaviour 1603 * on its behalf.
1615 * for malicious applications setting only __O_SYNC.
1616 */ 1604 */
1617 if (open_flag & __O_SYNC) 1605 if (will_truncate)
1618 open_flag |= O_DSYNC; 1606 mnt_drop_write(nd->path.mnt);
1619 1607 return filp;
1620 if (!acc_mode)
1621 acc_mode = MAY_OPEN | ACC_MODE(open_flag);
1622 1608
1623 /* O_TRUNC implies we need access checks for write permissions */ 1609exit:
1624 if (flag & O_TRUNC) 1610 if (!IS_ERR(nd->intent.open.file))
1625 acc_mode |= MAY_WRITE; 1611 release_open_intent(nd);
1612 path_put(&nd->path);
1613 return ERR_PTR(error);
1614}
1626 1615
1627 /* Allow the LSM permission hook to distinguish append 1616static struct file *do_last(struct nameidata *nd, struct path *path,
1628 access from general write access. */ 1617 int open_flag, int acc_mode,
1629 if (flag & O_APPEND) 1618 int mode, const char *pathname,
1630 acc_mode |= MAY_APPEND; 1619 int *want_dir)
1620{
1621 struct dentry *dir = nd->path.dentry;
1622 struct file *filp;
1623 int error = -EISDIR;
1631 1624
1632 /* 1625 switch (nd->last_type) {
1633 * The simplest case - just a plain lookup. 1626 case LAST_DOTDOT:
1634 */ 1627 follow_dotdot(nd);
1635 if (!(flag & O_CREAT)) { 1628 dir = nd->path.dentry;
1636 filp = get_empty_filp(); 1629 if (nd->path.mnt->mnt_sb->s_type->fs_flags & FS_REVAL_DOT) {
1637 1630 if (!dir->d_op->d_revalidate(dir, nd)) {
1638 if (filp == NULL) 1631 error = -ESTALE;
1639 return ERR_PTR(-ENFILE); 1632 goto exit;
1640 nd.intent.open.file = filp;
1641 filp->f_flags = open_flag;
1642 nd.intent.open.flags = flag;
1643 nd.intent.open.create_mode = 0;
1644 error = do_path_lookup(dfd, pathname,
1645 lookup_flags(flag)|LOOKUP_OPEN, &nd);
1646 if (IS_ERR(nd.intent.open.file)) {
1647 if (error == 0) {
1648 error = PTR_ERR(nd.intent.open.file);
1649 path_put(&nd.path);
1650 } 1633 }
1651 } else if (error) 1634 }
1652 release_open_intent(&nd); 1635 /* fallthrough */
1653 if (error) 1636 case LAST_DOT:
1654 return ERR_PTR(error); 1637 case LAST_ROOT:
1638 if (open_flag & O_CREAT)
1639 goto exit;
1640 /* fallthrough */
1641 case LAST_BIND:
1642 audit_inode(pathname, dir);
1655 goto ok; 1643 goto ok;
1656 } 1644 }
1657 1645
1658 /* 1646 /* trailing slashes? */
1659 * Create - we need to know the parent. 1647 if (nd->last.name[nd->last.len]) {
1660 */ 1648 if (open_flag & O_CREAT)
1661reval: 1649 goto exit;
1662 error = path_init(dfd, pathname, LOOKUP_PARENT, &nd); 1650 *want_dir = 1;
1663 if (error)
1664 return ERR_PTR(error);
1665 if (force_reval)
1666 nd.flags |= LOOKUP_REVAL;
1667 error = path_walk(pathname, &nd);
1668 if (error) {
1669 if (nd.root.mnt)
1670 path_put(&nd.root);
1671 return ERR_PTR(error);
1672 } 1651 }
1673 if (unlikely(!audit_dummy_context()))
1674 audit_inode(pathname, nd.path.dentry);
1675 1652
1676 /* 1653 /* just plain open? */
1677 * We have the parent and last component. First of all, check 1654 if (!(open_flag & O_CREAT)) {
1678 * that we are not asked to creat(2) an obvious directory - that 1655 error = do_lookup(nd, &nd->last, path);
1679 * will not do. 1656 if (error)
1680 */ 1657 goto exit;
1681 error = -EISDIR; 1658 error = -ENOENT;
1682 if (nd.last_type != LAST_NORM || nd.last.name[nd.last.len]) 1659 if (!path->dentry->d_inode)
1683 goto exit_parent; 1660 goto exit_dput;
1661 if (path->dentry->d_inode->i_op->follow_link)
1662 return NULL;
1663 error = -ENOTDIR;
1664 if (*want_dir & !path->dentry->d_inode->i_op->lookup)
1665 goto exit_dput;
1666 path_to_nameidata(path, nd);
1667 audit_inode(pathname, nd->path.dentry);
1668 goto ok;
1669 }
1684 1670
1685 error = -ENFILE; 1671 /* OK, it's O_CREAT */
1686 filp = get_empty_filp();
1687 if (filp == NULL)
1688 goto exit_parent;
1689 nd.intent.open.file = filp;
1690 filp->f_flags = open_flag;
1691 nd.intent.open.flags = flag;
1692 nd.intent.open.create_mode = mode;
1693 dir = nd.path.dentry;
1694 nd.flags &= ~LOOKUP_PARENT;
1695 nd.flags |= LOOKUP_CREATE | LOOKUP_OPEN;
1696 if (flag & O_EXCL)
1697 nd.flags |= LOOKUP_EXCL;
1698 mutex_lock(&dir->d_inode->i_mutex); 1672 mutex_lock(&dir->d_inode->i_mutex);
1699 path.dentry = lookup_hash(&nd);
1700 path.mnt = nd.path.mnt;
1701 1673
1702do_last: 1674 path->dentry = lookup_hash(nd);
1703 error = PTR_ERR(path.dentry); 1675 path->mnt = nd->path.mnt;
1704 if (IS_ERR(path.dentry)) { 1676
1677 error = PTR_ERR(path->dentry);
1678 if (IS_ERR(path->dentry)) {
1705 mutex_unlock(&dir->d_inode->i_mutex); 1679 mutex_unlock(&dir->d_inode->i_mutex);
1706 goto exit; 1680 goto exit;
1707 } 1681 }
1708 1682
1709 if (IS_ERR(nd.intent.open.file)) { 1683 if (IS_ERR(nd->intent.open.file)) {
1710 error = PTR_ERR(nd.intent.open.file); 1684 error = PTR_ERR(nd->intent.open.file);
1711 goto exit_mutex_unlock; 1685 goto exit_mutex_unlock;
1712 } 1686 }
1713 1687
1714 /* Negative dentry, just create the file */ 1688 /* Negative dentry, just create the file */
1715 if (!path.dentry->d_inode) { 1689 if (!path->dentry->d_inode) {
1716 /* 1690 /*
1717 * This write is needed to ensure that a 1691 * This write is needed to ensure that a
1718 * ro->rw transition does not occur between 1692 * ro->rw transition does not occur between
@@ -1720,18 +1694,16 @@ do_last:
1720 * a permanent write count is taken through 1694 * a permanent write count is taken through
1721 * the 'struct file' in nameidata_to_filp(). 1695 * the 'struct file' in nameidata_to_filp().
1722 */ 1696 */
1723 error = mnt_want_write(nd.path.mnt); 1697 error = mnt_want_write(nd->path.mnt);
1724 if (error) 1698 if (error)
1725 goto exit_mutex_unlock; 1699 goto exit_mutex_unlock;
1726 error = __open_namei_create(&nd, &path, open_flag, mode); 1700 error = __open_namei_create(nd, path, open_flag, mode);
1727 if (error) { 1701 if (error) {
1728 mnt_drop_write(nd.path.mnt); 1702 mnt_drop_write(nd->path.mnt);
1729 goto exit; 1703 goto exit;
1730 } 1704 }
1731 filp = nameidata_to_filp(&nd); 1705 filp = nameidata_to_filp(nd);
1732 mnt_drop_write(nd.path.mnt); 1706 mnt_drop_write(nd->path.mnt);
1733 if (nd.root.mnt)
1734 path_put(&nd.root);
1735 if (!IS_ERR(filp)) { 1707 if (!IS_ERR(filp)) {
1736 error = ima_file_check(filp, acc_mode); 1708 error = ima_file_check(filp, acc_mode);
1737 if (error) { 1709 if (error) {
@@ -1746,150 +1718,181 @@ do_last:
1746 * It already exists. 1718 * It already exists.
1747 */ 1719 */
1748 mutex_unlock(&dir->d_inode->i_mutex); 1720 mutex_unlock(&dir->d_inode->i_mutex);
1749 audit_inode(pathname, path.dentry); 1721 audit_inode(pathname, path->dentry);
1750 1722
1751 error = -EEXIST; 1723 error = -EEXIST;
1752 if (flag & O_EXCL) 1724 if (open_flag & O_EXCL)
1753 goto exit_dput; 1725 goto exit_dput;
1754 1726
1755 if (__follow_mount(&path)) { 1727 if (__follow_mount(path)) {
1756 error = -ELOOP; 1728 error = -ELOOP;
1757 if (flag & O_NOFOLLOW) 1729 if (open_flag & O_NOFOLLOW)
1758 goto exit_dput; 1730 goto exit_dput;
1759 } 1731 }
1760 1732
1761 error = -ENOENT; 1733 error = -ENOENT;
1762 if (!path.dentry->d_inode) 1734 if (!path->dentry->d_inode)
1763 goto exit_dput; 1735 goto exit_dput;
1764 if (path.dentry->d_inode->i_op->follow_link)
1765 goto do_link;
1766 1736
1767 path_to_nameidata(&path, &nd); 1737 if (path->dentry->d_inode->i_op->follow_link)
1738 return NULL;
1739
1740 path_to_nameidata(path, nd);
1768 error = -EISDIR; 1741 error = -EISDIR;
1769 if (S_ISDIR(path.dentry->d_inode->i_mode)) 1742 if (S_ISDIR(path->dentry->d_inode->i_mode))
1770 goto exit; 1743 goto exit;
1771ok: 1744ok:
1745 filp = finish_open(nd, open_flag, acc_mode);
1746 return filp;
1747
1748exit_mutex_unlock:
1749 mutex_unlock(&dir->d_inode->i_mutex);
1750exit_dput:
1751 path_put_conditional(path, nd);
1752exit:
1753 if (!IS_ERR(nd->intent.open.file))
1754 release_open_intent(nd);
1755 path_put(&nd->path);
1756 return ERR_PTR(error);
1757}
1758
1759/*
1760 * Note that the low bits of the passed in "open_flag"
1761 * are not the same as in the local variable "flag". See
1762 * open_to_namei_flags() for more details.
1763 */
1764struct file *do_filp_open(int dfd, const char *pathname,
1765 int open_flag, int mode, int acc_mode)
1766{
1767 struct file *filp;
1768 struct nameidata nd;
1769 int error;
1770 struct path path;
1771 int count = 0;
1772 int flag = open_to_namei_flags(open_flag);
1773 int force_reval = 0;
1774 int want_dir = open_flag & O_DIRECTORY;
1775
1776 if (!(open_flag & O_CREAT))
1777 mode = 0;
1778
1772 /* 1779 /*
1773 * Consider: 1780 * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only
1774 * 1. may_open() truncates a file 1781 * check for O_DSYNC if the need any syncing at all we enforce it's
1775 * 2. a rw->ro mount transition occurs 1782 * always set instead of having to deal with possibly weird behaviour
1776 * 3. nameidata_to_filp() fails due to 1783 * for malicious applications setting only __O_SYNC.
1777 * the ro mount.
1778 * That would be inconsistent, and should
1779 * be avoided. Taking this mnt write here
1780 * ensures that (2) can not occur.
1781 */ 1784 */
1782 will_truncate = open_will_truncate(flag, nd.path.dentry->d_inode); 1785 if (open_flag & __O_SYNC)
1783 if (will_truncate) { 1786 open_flag |= O_DSYNC;
1784 error = mnt_want_write(nd.path.mnt); 1787
1785 if (error) 1788 if (!acc_mode)
1786 goto exit; 1789 acc_mode = MAY_OPEN | ACC_MODE(open_flag);
1787 } 1790
1788 error = may_open(&nd.path, acc_mode, open_flag); 1791 /* O_TRUNC implies we need access checks for write permissions */
1792 if (open_flag & O_TRUNC)
1793 acc_mode |= MAY_WRITE;
1794
1795 /* Allow the LSM permission hook to distinguish append
1796 access from general write access. */
1797 if (open_flag & O_APPEND)
1798 acc_mode |= MAY_APPEND;
1799
1800 /* find the parent */
1801reval:
1802 error = path_init(dfd, pathname, LOOKUP_PARENT, &nd);
1803 if (error)
1804 return ERR_PTR(error);
1805 if (force_reval)
1806 nd.flags |= LOOKUP_REVAL;
1807
1808 current->total_link_count = 0;
1809 error = link_path_walk(pathname, &nd);
1789 if (error) { 1810 if (error) {
1790 if (will_truncate) 1811 filp = ERR_PTR(error);
1791 mnt_drop_write(nd.path.mnt); 1812 goto out;
1792 goto exit;
1793 }
1794 filp = nameidata_to_filp(&nd);
1795 if (!IS_ERR(filp)) {
1796 error = ima_file_check(filp, acc_mode);
1797 if (error) {
1798 fput(filp);
1799 filp = ERR_PTR(error);
1800 }
1801 } 1813 }
1802 if (!IS_ERR(filp)) { 1814 if (unlikely(!audit_dummy_context()) && (open_flag & O_CREAT))
1803 if (acc_mode & MAY_WRITE) 1815 audit_inode(pathname, nd.path.dentry);
1804 vfs_dq_init(nd.path.dentry->d_inode);
1805 1816
1806 if (will_truncate) {
1807 error = handle_truncate(&nd.path);
1808 if (error) {
1809 fput(filp);
1810 filp = ERR_PTR(error);
1811 }
1812 }
1813 }
1814 /* 1817 /*
1815 * It is now safe to drop the mnt write 1818 * We have the parent and last component.
1816 * because the filp has had a write taken
1817 * on its behalf.
1818 */ 1819 */
1819 if (will_truncate) 1820
1820 mnt_drop_write(nd.path.mnt); 1821 error = -ENFILE;
1822 filp = get_empty_filp();
1823 if (filp == NULL)
1824 goto exit_parent;
1825 nd.intent.open.file = filp;
1826 filp->f_flags = open_flag;
1827 nd.intent.open.flags = flag;
1828 nd.intent.open.create_mode = mode;
1829 nd.flags &= ~LOOKUP_PARENT;
1830 nd.flags |= LOOKUP_OPEN;
1831 if (open_flag & O_CREAT) {
1832 nd.flags |= LOOKUP_CREATE;
1833 if (open_flag & O_EXCL)
1834 nd.flags |= LOOKUP_EXCL;
1835 }
1836 filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname, &want_dir);
1837 while (unlikely(!filp)) { /* trailing symlink */
1838 struct path holder;
1839 struct inode *inode = path.dentry->d_inode;
1840 void *cookie;
1841 error = -ELOOP;
1842 /* S_ISDIR part is a temporary automount kludge */
1843 if ((open_flag & O_NOFOLLOW) && !S_ISDIR(inode->i_mode))
1844 goto exit_dput;
1845 if (count++ == 32)
1846 goto exit_dput;
1847 /*
1848 * This is subtle. Instead of calling do_follow_link() we do
1849 * the thing by hands. The reason is that this way we have zero
1850 * link_count and path_walk() (called from ->follow_link)
1851 * honoring LOOKUP_PARENT. After that we have the parent and
1852 * last component, i.e. we are in the same situation as after
1853 * the first path_walk(). Well, almost - if the last component
1854 * is normal we get its copy stored in nd->last.name and we will
1855 * have to putname() it when we are done. Procfs-like symlinks
1856 * just set LAST_BIND.
1857 */
1858 nd.flags |= LOOKUP_PARENT;
1859 error = security_inode_follow_link(path.dentry, &nd);
1860 if (error)
1861 goto exit_dput;
1862 error = __do_follow_link(&path, &nd, &cookie);
1863 if (unlikely(error)) {
1864 /* nd.path had been dropped */
1865 if (!IS_ERR(cookie) && inode->i_op->put_link)
1866 inode->i_op->put_link(path.dentry, &nd, cookie);
1867 path_put(&path);
1868 release_open_intent(&nd);
1869 filp = ERR_PTR(error);
1870 goto out;
1871 }
1872 holder = path;
1873 nd.flags &= ~LOOKUP_PARENT;
1874 filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname, &want_dir);
1875 if (inode->i_op->put_link)
1876 inode->i_op->put_link(holder.dentry, &nd, cookie);
1877 path_put(&holder);
1878 }
1879out:
1821 if (nd.root.mnt) 1880 if (nd.root.mnt)
1822 path_put(&nd.root); 1881 path_put(&nd.root);
1882 if (filp == ERR_PTR(-ESTALE) && !force_reval) {
1883 force_reval = 1;
1884 goto reval;
1885 }
1823 return filp; 1886 return filp;
1824 1887
1825exit_mutex_unlock:
1826 mutex_unlock(&dir->d_inode->i_mutex);
1827exit_dput: 1888exit_dput:
1828 path_put_conditional(&path, &nd); 1889 path_put_conditional(&path, &nd);
1829exit:
1830 if (!IS_ERR(nd.intent.open.file)) 1890 if (!IS_ERR(nd.intent.open.file))
1831 release_open_intent(&nd); 1891 release_open_intent(&nd);
1832exit_parent: 1892exit_parent:
1833 if (nd.root.mnt)
1834 path_put(&nd.root);
1835 path_put(&nd.path); 1893 path_put(&nd.path);
1836 return ERR_PTR(error); 1894 filp = ERR_PTR(error);
1837 1895 goto out;
1838do_link:
1839 error = -ELOOP;
1840 if (flag & O_NOFOLLOW)
1841 goto exit_dput;
1842 /*
1843 * This is subtle. Instead of calling do_follow_link() we do the
1844 * thing by hands. The reason is that this way we have zero link_count
1845 * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT.
1846 * After that we have the parent and last component, i.e.
1847 * we are in the same situation as after the first path_walk().
1848 * Well, almost - if the last component is normal we get its copy
1849 * stored in nd->last.name and we will have to putname() it when we
1850 * are done. Procfs-like symlinks just set LAST_BIND.
1851 */
1852 nd.flags |= LOOKUP_PARENT;
1853 error = security_inode_follow_link(path.dentry, &nd);
1854 if (error)
1855 goto exit_dput;
1856 error = __do_follow_link(&path, &nd);
1857 path_put(&path);
1858 if (error) {
1859 /* Does someone understand code flow here? Or it is only
1860 * me so stupid? Anathema to whoever designed this non-sense
1861 * with "intent.open".
1862 */
1863 release_open_intent(&nd);
1864 if (nd.root.mnt)
1865 path_put(&nd.root);
1866 if (error == -ESTALE && !force_reval) {
1867 force_reval = 1;
1868 goto reval;
1869 }
1870 return ERR_PTR(error);
1871 }
1872 nd.flags &= ~LOOKUP_PARENT;
1873 if (nd.last_type == LAST_BIND)
1874 goto ok;
1875 error = -EISDIR;
1876 if (nd.last_type != LAST_NORM)
1877 goto exit;
1878 if (nd.last.name[nd.last.len]) {
1879 __putname(nd.last.name);
1880 goto exit;
1881 }
1882 error = -ELOOP;
1883 if (count++==32) {
1884 __putname(nd.last.name);
1885 goto exit;
1886 }
1887 dir = nd.path.dentry;
1888 mutex_lock(&dir->d_inode->i_mutex);
1889 path.dentry = lookup_hash(&nd);
1890 path.mnt = nd.path.mnt;
1891 __putname(nd.last.name);
1892 goto do_last;
1893} 1896}
1894 1897
1895/** 1898/**
generated by cgit v1.2.2 (git 2.25.0) at 2026-01-05 03:08:16 -0500