aboutsummaryrefslogtreecommitdiffstats
path: root/fs/namei.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/namei.c')
-rw-r--r--fs/namei.c575
1 files changed, 289 insertions, 286 deletions
diff --git a/fs/namei.c b/fs/namei.c
index d62fdc875f22..9a6456099f1e 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -498,8 +498,6 @@ static int link_path_walk(const char *, struct nameidata *);
498 498
499static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 499static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link)
500{ 500{
501 int res = 0;
502 char *name;
503 if (IS_ERR(link)) 501 if (IS_ERR(link))
504 goto fail; 502 goto fail;
505 503
@@ -510,22 +508,7 @@ static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *l
510 path_get(&nd->root); 508 path_get(&nd->root);
511 } 509 }
512 510
513 res = link_path_walk(link, nd); 511 return link_path_walk(link, nd);
514 if (nd->depth || res || nd->last_type!=LAST_NORM)
515 return res;
516 /*
517 * If it is an iterative symlinks resolution in open_namei() we
518 * have to copy the last component. And all that crap because of
519 * bloody create() on broken symlinks. Furrfu...
520 */
521 name = __getname();
522 if (unlikely(!name)) {
523 path_put(&nd->path);
524 return -ENOMEM;
525 }
526 strcpy(name, nd->last.name);
527 nd->last.name = name;
528 return 0;
529fail: 512fail:
530 path_put(&nd->path); 513 path_put(&nd->path);
531 return PTR_ERR(link); 514 return PTR_ERR(link);
@@ -547,10 +530,10 @@ static inline void path_to_nameidata(struct path *path, struct nameidata *nd)
547 nd->path.dentry = path->dentry; 530 nd->path.dentry = path->dentry;
548} 531}
549 532
550static __always_inline int __do_follow_link(struct path *path, struct nameidata *nd) 533static __always_inline int
534__do_follow_link(struct path *path, struct nameidata *nd, void **p)
551{ 535{
552 int error; 536 int error;
553 void *cookie;
554 struct dentry *dentry = path->dentry; 537 struct dentry *dentry = path->dentry;
555 538
556 touch_atime(path->mnt, dentry); 539 touch_atime(path->mnt, dentry);
@@ -562,9 +545,9 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
562 } 545 }
563 mntget(path->mnt); 546 mntget(path->mnt);
564 nd->last_type = LAST_BIND; 547 nd->last_type = LAST_BIND;
565 cookie = dentry->d_inode->i_op->follow_link(dentry, nd); 548 *p = dentry->d_inode->i_op->follow_link(dentry, nd);
566 error = PTR_ERR(cookie); 549 error = PTR_ERR(*p);
567 if (!IS_ERR(cookie)) { 550 if (!IS_ERR(*p)) {
568 char *s = nd_get_link(nd); 551 char *s = nd_get_link(nd);
569 error = 0; 552 error = 0;
570 if (s) 553 if (s)
@@ -574,8 +557,6 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
574 if (error) 557 if (error)
575 path_put(&nd->path); 558 path_put(&nd->path);
576 } 559 }
577 if (dentry->d_inode->i_op->put_link)
578 dentry->d_inode->i_op->put_link(dentry, nd, cookie);
579 } 560 }
580 return error; 561 return error;
581} 562}
@@ -589,6 +570,7 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
589 */ 570 */
590static inline int do_follow_link(struct path *path, struct nameidata *nd) 571static inline int do_follow_link(struct path *path, struct nameidata *nd)
591{ 572{
573 void *cookie;
592 int err = -ELOOP; 574 int err = -ELOOP;
593 if (current->link_count >= MAX_NESTED_LINKS) 575 if (current->link_count >= MAX_NESTED_LINKS)
594 goto loop; 576 goto loop;
@@ -602,7 +584,9 @@ static inline int do_follow_link(struct path *path, struct nameidata *nd)
602 current->link_count++; 584 current->link_count++;
603 current->total_link_count++; 585 current->total_link_count++;
604 nd->depth++; 586 nd->depth++;
605 err = __do_follow_link(path, nd); 587 err = __do_follow_link(path, nd, &cookie);
588 if (!IS_ERR(cookie) && path->dentry->d_inode->i_op->put_link)
589 path->dentry->d_inode->i_op->put_link(path->dentry, nd, cookie);
606 path_put(path); 590 path_put(path);
607 current->link_count--; 591 current->link_count--;
608 nd->depth--; 592 nd->depth--;
@@ -689,33 +673,20 @@ static __always_inline void follow_dotdot(struct nameidata *nd)
689 set_root(nd); 673 set_root(nd);
690 674
691 while(1) { 675 while(1) {
692 struct vfsmount *parent;
693 struct dentry *old = nd->path.dentry; 676 struct dentry *old = nd->path.dentry;
694 677
695 if (nd->path.dentry == nd->root.dentry && 678 if (nd->path.dentry == nd->root.dentry &&
696 nd->path.mnt == nd->root.mnt) { 679 nd->path.mnt == nd->root.mnt) {
697 break; 680 break;
698 } 681 }
699 spin_lock(&dcache_lock);
700 if (nd->path.dentry != nd->path.mnt->mnt_root) { 682 if (nd->path.dentry != nd->path.mnt->mnt_root) {
701 nd->path.dentry = dget(nd->path.dentry->d_parent); 683 /* rare case of legitimate dget_parent()... */
702 spin_unlock(&dcache_lock); 684 nd->path.dentry = dget_parent(nd->path.dentry);
703 dput(old); 685 dput(old);
704 break; 686 break;
705 } 687 }
706 spin_unlock(&dcache_lock); 688 if (!follow_up(&nd->path))
707 spin_lock(&vfsmount_lock);
708 parent = nd->path.mnt->mnt_parent;
709 if (parent == nd->path.mnt) {
710 spin_unlock(&vfsmount_lock);
711 break; 689 break;
712 }
713 mntget(parent);
714 nd->path.dentry = dget(nd->path.mnt->mnt_mountpoint);
715 spin_unlock(&vfsmount_lock);
716 dput(old);
717 mntput(nd->path.mnt);
718 nd->path.mnt = parent;
719 } 690 }
720 follow_mount(&nd->path); 691 follow_mount(&nd->path);
721} 692}
@@ -823,6 +794,17 @@ fail:
823} 794}
824 795
825/* 796/*
797 * This is a temporary kludge to deal with "automount" symlinks; proper
798 * solution is to trigger them on follow_mount(), so that do_lookup()
799 * would DTRT. To be killed before 2.6.34-final.
800 */
801static inline int follow_on_final(struct inode *inode, unsigned lookup_flags)
802{
803 return inode && unlikely(inode->i_op->follow_link) &&
804 ((lookup_flags & LOOKUP_FOLLOW) || S_ISDIR(inode->i_mode));
805}
806
807/*
826 * Name resolution. 808 * Name resolution.
827 * This is the basic name resolution function, turning a pathname into 809 * This is the basic name resolution function, turning a pathname into
828 * the final dentry. We expect 'base' to be positive and a directory. 810 * the final dentry. We expect 'base' to be positive and a directory.
@@ -942,8 +924,7 @@ last_component:
942 if (err) 924 if (err)
943 break; 925 break;
944 inode = next.dentry->d_inode; 926 inode = next.dentry->d_inode;
945 if ((lookup_flags & LOOKUP_FOLLOW) 927 if (follow_on_final(inode, lookup_flags)) {
946 && inode && inode->i_op->follow_link) {
947 err = do_follow_link(&next, nd); 928 err = do_follow_link(&next, nd);
948 if (err) 929 if (err)
949 goto return_err; 930 goto return_err;
@@ -1337,7 +1318,7 @@ static int may_delete(struct inode *dir,struct dentry *victim,int isdir)
1337 return -ENOENT; 1318 return -ENOENT;
1338 1319
1339 BUG_ON(victim->d_parent->d_inode != dir); 1320 BUG_ON(victim->d_parent->d_inode != dir);
1340 audit_inode_child(victim->d_name.name, victim, dir); 1321 audit_inode_child(victim, dir);
1341 1322
1342 error = inode_permission(dir, MAY_WRITE | MAY_EXEC); 1323 error = inode_permission(dir, MAY_WRITE | MAY_EXEC);
1343 if (error) 1324 if (error)
@@ -1378,22 +1359,6 @@ static inline int may_create(struct inode *dir, struct dentry *child)
1378 return inode_permission(dir, MAY_WRITE | MAY_EXEC); 1359 return inode_permission(dir, MAY_WRITE | MAY_EXEC);
1379} 1360}
1380 1361
1381/*
1382 * O_DIRECTORY translates into forcing a directory lookup.
1383 */
1384static inline int lookup_flags(unsigned int f)
1385{
1386 unsigned long retval = LOOKUP_FOLLOW;
1387
1388 if (f & O_NOFOLLOW)
1389 retval &= ~LOOKUP_FOLLOW;
1390
1391 if (f & O_DIRECTORY)
1392 retval |= LOOKUP_DIRECTORY;
1393
1394 return retval;
1395}
1396
1397/* 1362/*
1398 * p1 and p2 should be directories on the same fs. 1363 * p1 and p2 should be directories on the same fs.
1399 */ 1364 */
@@ -1493,7 +1458,7 @@ int may_open(struct path *path, int acc_mode, int flag)
1493 * An append-only file must be opened in append mode for writing. 1458 * An append-only file must be opened in append mode for writing.
1494 */ 1459 */
1495 if (IS_APPEND(inode)) { 1460 if (IS_APPEND(inode)) {
1496 if ((flag & FMODE_WRITE) && !(flag & O_APPEND)) 1461 if ((flag & O_ACCMODE) != O_RDONLY && !(flag & O_APPEND))
1497 return -EPERM; 1462 return -EPERM;
1498 if (flag & O_TRUNC) 1463 if (flag & O_TRUNC)
1499 return -EPERM; 1464 return -EPERM;
@@ -1537,7 +1502,7 @@ static int handle_truncate(struct path *path)
1537 * what get passed to sys_open(). 1502 * what get passed to sys_open().
1538 */ 1503 */
1539static int __open_namei_create(struct nameidata *nd, struct path *path, 1504static int __open_namei_create(struct nameidata *nd, struct path *path,
1540 int flag, int mode) 1505 int open_flag, int mode)
1541{ 1506{
1542 int error; 1507 int error;
1543 struct dentry *dir = nd->path.dentry; 1508 struct dentry *dir = nd->path.dentry;
@@ -1555,7 +1520,7 @@ out_unlock:
1555 if (error) 1520 if (error)
1556 return error; 1521 return error;
1557 /* Don't check for write permission, don't truncate */ 1522 /* Don't check for write permission, don't truncate */
1558 return may_open(&nd->path, 0, flag & ~O_TRUNC); 1523 return may_open(&nd->path, 0, open_flag & ~O_TRUNC);
1559} 1524}
1560 1525
1561/* 1526/*
@@ -1593,129 +1558,135 @@ static int open_will_truncate(int flag, struct inode *inode)
1593 return (flag & O_TRUNC); 1558 return (flag & O_TRUNC);
1594} 1559}
1595 1560
1596/* 1561static struct file *finish_open(struct nameidata *nd,
1597 * Note that the low bits of the passed in "open_flag" 1562 int open_flag, int acc_mode)
1598 * are not the same as in the local variable "flag". See
1599 * open_to_namei_flags() for more details.
1600 */
1601struct file *do_filp_open(int dfd, const char *pathname,
1602 int open_flag, int mode, int acc_mode)
1603{ 1563{
1604 struct file *filp; 1564 struct file *filp;
1605 struct nameidata nd;
1606 int error;
1607 struct path path;
1608 struct dentry *dir;
1609 int count = 0;
1610 int will_truncate; 1565 int will_truncate;
1611 int flag = open_to_namei_flags(open_flag); 1566 int error;
1612 int force_reval = 0;
1613 1567
1568 will_truncate = open_will_truncate(open_flag, nd->path.dentry->d_inode);
1569 if (will_truncate) {
1570 error = mnt_want_write(nd->path.mnt);
1571 if (error)
1572 goto exit;
1573 }
1574 error = may_open(&nd->path, acc_mode, open_flag);
1575 if (error) {
1576 if (will_truncate)
1577 mnt_drop_write(nd->path.mnt);
1578 goto exit;
1579 }
1580 filp = nameidata_to_filp(nd);
1581 if (!IS_ERR(filp)) {
1582 error = ima_file_check(filp, acc_mode);
1583 if (error) {
1584 fput(filp);
1585 filp = ERR_PTR(error);
1586 }
1587 }
1588 if (!IS_ERR(filp)) {
1589 if (acc_mode & MAY_WRITE)
1590 vfs_dq_init(nd->path.dentry->d_inode);
1591
1592 if (will_truncate) {
1593 error = handle_truncate(&nd->path);
1594 if (error) {
1595 fput(filp);
1596 filp = ERR_PTR(error);
1597 }
1598 }
1599 }
1614 /* 1600 /*
1615 * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only 1601 * It is now safe to drop the mnt write
1616 * check for O_DSYNC if the need any syncing at all we enforce it's 1602 * because the filp has had a write taken
1617 * always set instead of having to deal with possibly weird behaviour 1603 * on its behalf.
1618 * for malicious applications setting only __O_SYNC.
1619 */ 1604 */
1620 if (open_flag & __O_SYNC) 1605 if (will_truncate)
1621 open_flag |= O_DSYNC; 1606 mnt_drop_write(nd->path.mnt);
1622 1607 return filp;
1623 if (!acc_mode)
1624 acc_mode = MAY_OPEN | ACC_MODE(open_flag);
1625 1608
1626 /* O_TRUNC implies we need access checks for write permissions */ 1609exit:
1627 if (flag & O_TRUNC) 1610 if (!IS_ERR(nd->intent.open.file))
1628 acc_mode |= MAY_WRITE; 1611 release_open_intent(nd);
1612 path_put(&nd->path);
1613 return ERR_PTR(error);
1614}
1629 1615
1630 /* Allow the LSM permission hook to distinguish append 1616static struct file *do_last(struct nameidata *nd, struct path *path,
1631 access from general write access. */ 1617 int open_flag, int acc_mode,
1632 if (flag & O_APPEND) 1618 int mode, const char *pathname,
1633 acc_mode |= MAY_APPEND; 1619 int *want_dir)
1620{
1621 struct dentry *dir = nd->path.dentry;
1622 struct file *filp;
1623 int error = -EISDIR;
1634 1624
1635 /* 1625 switch (nd->last_type) {
1636 * The simplest case - just a plain lookup. 1626 case LAST_DOTDOT:
1637 */ 1627 follow_dotdot(nd);
1638 if (!(flag & O_CREAT)) { 1628 dir = nd->path.dentry;
1639 filp = get_empty_filp(); 1629 if (nd->path.mnt->mnt_sb->s_type->fs_flags & FS_REVAL_DOT) {
1640 1630 if (!dir->d_op->d_revalidate(dir, nd)) {
1641 if (filp == NULL) 1631 error = -ESTALE;
1642 return ERR_PTR(-ENFILE); 1632 goto exit;
1643 nd.intent.open.file = filp;
1644 filp->f_flags = open_flag;
1645 nd.intent.open.flags = flag;
1646 nd.intent.open.create_mode = 0;
1647 error = do_path_lookup(dfd, pathname,
1648 lookup_flags(flag)|LOOKUP_OPEN, &nd);
1649 if (IS_ERR(nd.intent.open.file)) {
1650 if (error == 0) {
1651 error = PTR_ERR(nd.intent.open.file);
1652 path_put(&nd.path);
1653 } 1633 }
1654 } else if (error) 1634 }
1655 release_open_intent(&nd); 1635 /* fallthrough */
1656 if (error) 1636 case LAST_DOT:
1657 return ERR_PTR(error); 1637 case LAST_ROOT:
1638 if (open_flag & O_CREAT)
1639 goto exit;
1640 /* fallthrough */
1641 case LAST_BIND:
1642 audit_inode(pathname, dir);
1658 goto ok; 1643 goto ok;
1659 } 1644 }
1660 1645
1661 /* 1646 /* trailing slashes? */
1662 * Create - we need to know the parent. 1647 if (nd->last.name[nd->last.len]) {
1663 */ 1648 if (open_flag & O_CREAT)
1664reval: 1649 goto exit;
1665 error = path_init(dfd, pathname, LOOKUP_PARENT, &nd); 1650 *want_dir = 1;
1666 if (error)
1667 return ERR_PTR(error);
1668 if (force_reval)
1669 nd.flags |= LOOKUP_REVAL;
1670 error = path_walk(pathname, &nd);
1671 if (error) {
1672 if (nd.root.mnt)
1673 path_put(&nd.root);
1674 return ERR_PTR(error);
1675 } 1651 }
1676 if (unlikely(!audit_dummy_context()))
1677 audit_inode(pathname, nd.path.dentry);
1678 1652
1679 /* 1653 /* just plain open? */
1680 * We have the parent and last component. First of all, check 1654 if (!(open_flag & O_CREAT)) {
1681 * that we are not asked to creat(2) an obvious directory - that 1655 error = do_lookup(nd, &nd->last, path);
1682 * will not do. 1656 if (error)
1683 */ 1657 goto exit;
1684 error = -EISDIR; 1658 error = -ENOENT;
1685 if (nd.last_type != LAST_NORM || nd.last.name[nd.last.len]) 1659 if (!path->dentry->d_inode)
1686 goto exit_parent; 1660 goto exit_dput;
1661 if (path->dentry->d_inode->i_op->follow_link)
1662 return NULL;
1663 error = -ENOTDIR;
1664 if (*want_dir & !path->dentry->d_inode->i_op->lookup)
1665 goto exit_dput;
1666 path_to_nameidata(path, nd);
1667 audit_inode(pathname, nd->path.dentry);
1668 goto ok;
1669 }
1687 1670
1688 error = -ENFILE; 1671 /* OK, it's O_CREAT */
1689 filp = get_empty_filp();
1690 if (filp == NULL)
1691 goto exit_parent;
1692 nd.intent.open.file = filp;
1693 filp->f_flags = open_flag;
1694 nd.intent.open.flags = flag;
1695 nd.intent.open.create_mode = mode;
1696 dir = nd.path.dentry;
1697 nd.flags &= ~LOOKUP_PARENT;
1698 nd.flags |= LOOKUP_CREATE | LOOKUP_OPEN;
1699 if (flag & O_EXCL)
1700 nd.flags |= LOOKUP_EXCL;
1701 mutex_lock(&dir->d_inode->i_mutex); 1672 mutex_lock(&dir->d_inode->i_mutex);
1702 path.dentry = lookup_hash(&nd);
1703 path.mnt = nd.path.mnt;
1704 1673
1705do_last: 1674 path->dentry = lookup_hash(nd);
1706 error = PTR_ERR(path.dentry); 1675 path->mnt = nd->path.mnt;
1707 if (IS_ERR(path.dentry)) { 1676
1677 error = PTR_ERR(path->dentry);
1678 if (IS_ERR(path->dentry)) {
1708 mutex_unlock(&dir->d_inode->i_mutex); 1679 mutex_unlock(&dir->d_inode->i_mutex);
1709 goto exit; 1680 goto exit;
1710 } 1681 }
1711 1682
1712 if (IS_ERR(nd.intent.open.file)) { 1683 if (IS_ERR(nd->intent.open.file)) {
1713 error = PTR_ERR(nd.intent.open.file); 1684 error = PTR_ERR(nd->intent.open.file);
1714 goto exit_mutex_unlock; 1685 goto exit_mutex_unlock;
1715 } 1686 }
1716 1687
1717 /* Negative dentry, just create the file */ 1688 /* Negative dentry, just create the file */
1718 if (!path.dentry->d_inode) { 1689 if (!path->dentry->d_inode) {
1719 /* 1690 /*
1720 * This write is needed to ensure that a 1691 * This write is needed to ensure that a
1721 * ro->rw transition does not occur between 1692 * ro->rw transition does not occur between
@@ -1723,18 +1694,16 @@ do_last:
1723 * a permanent write count is taken through 1694 * a permanent write count is taken through
1724 * the 'struct file' in nameidata_to_filp(). 1695 * the 'struct file' in nameidata_to_filp().
1725 */ 1696 */
1726 error = mnt_want_write(nd.path.mnt); 1697 error = mnt_want_write(nd->path.mnt);
1727 if (error) 1698 if (error)
1728 goto exit_mutex_unlock; 1699 goto exit_mutex_unlock;
1729 error = __open_namei_create(&nd, &path, flag, mode); 1700 error = __open_namei_create(nd, path, open_flag, mode);
1730 if (error) { 1701 if (error) {
1731 mnt_drop_write(nd.path.mnt); 1702 mnt_drop_write(nd->path.mnt);
1732 goto exit; 1703 goto exit;
1733 } 1704 }
1734 filp = nameidata_to_filp(&nd); 1705 filp = nameidata_to_filp(nd);
1735 mnt_drop_write(nd.path.mnt); 1706 mnt_drop_write(nd->path.mnt);
1736 if (nd.root.mnt)
1737 path_put(&nd.root);
1738 if (!IS_ERR(filp)) { 1707 if (!IS_ERR(filp)) {
1739 error = ima_file_check(filp, acc_mode); 1708 error = ima_file_check(filp, acc_mode);
1740 if (error) { 1709 if (error) {
@@ -1749,150 +1718,181 @@ do_last:
1749 * It already exists. 1718 * It already exists.
1750 */ 1719 */
1751 mutex_unlock(&dir->d_inode->i_mutex); 1720 mutex_unlock(&dir->d_inode->i_mutex);
1752 audit_inode(pathname, path.dentry); 1721 audit_inode(pathname, path->dentry);
1753 1722
1754 error = -EEXIST; 1723 error = -EEXIST;
1755 if (flag & O_EXCL) 1724 if (open_flag & O_EXCL)
1756 goto exit_dput; 1725 goto exit_dput;
1757 1726
1758 if (__follow_mount(&path)) { 1727 if (__follow_mount(path)) {
1759 error = -ELOOP; 1728 error = -ELOOP;
1760 if (flag & O_NOFOLLOW) 1729 if (open_flag & O_NOFOLLOW)
1761 goto exit_dput; 1730 goto exit_dput;
1762 } 1731 }
1763 1732
1764 error = -ENOENT; 1733 error = -ENOENT;
1765 if (!path.dentry->d_inode) 1734 if (!path->dentry->d_inode)
1766 goto exit_dput; 1735 goto exit_dput;
1767 if (path.dentry->d_inode->i_op->follow_link)
1768 goto do_link;
1769 1736
1770 path_to_nameidata(&path, &nd); 1737 if (path->dentry->d_inode->i_op->follow_link)
1738 return NULL;
1739
1740 path_to_nameidata(path, nd);
1771 error = -EISDIR; 1741 error = -EISDIR;
1772 if (S_ISDIR(path.dentry->d_inode->i_mode)) 1742 if (S_ISDIR(path->dentry->d_inode->i_mode))
1773 goto exit; 1743 goto exit;
1774ok: 1744ok:
1745 filp = finish_open(nd, open_flag, acc_mode);
1746 return filp;
1747
1748exit_mutex_unlock:
1749 mutex_unlock(&dir->d_inode->i_mutex);
1750exit_dput:
1751 path_put_conditional(path, nd);
1752exit:
1753 if (!IS_ERR(nd->intent.open.file))
1754 release_open_intent(nd);
1755 path_put(&nd->path);
1756 return ERR_PTR(error);
1757}
1758
1759/*
1760 * Note that the low bits of the passed in "open_flag"
1761 * are not the same as in the local variable "flag". See
1762 * open_to_namei_flags() for more details.
1763 */
1764struct file *do_filp_open(int dfd, const char *pathname,
1765 int open_flag, int mode, int acc_mode)
1766{
1767 struct file *filp;
1768 struct nameidata nd;
1769 int error;
1770 struct path path;
1771 int count = 0;
1772 int flag = open_to_namei_flags(open_flag);
1773 int force_reval = 0;
1774 int want_dir = open_flag & O_DIRECTORY;
1775
1776 if (!(open_flag & O_CREAT))
1777 mode = 0;
1778
1775 /* 1779 /*
1776 * Consider: 1780 * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only
1777 * 1. may_open() truncates a file 1781 * check for O_DSYNC if the need any syncing at all we enforce it's
1778 * 2. a rw->ro mount transition occurs 1782 * always set instead of having to deal with possibly weird behaviour
1779 * 3. nameidata_to_filp() fails due to 1783 * for malicious applications setting only __O_SYNC.
1780 * the ro mount.
1781 * That would be inconsistent, and should
1782 * be avoided. Taking this mnt write here
1783 * ensures that (2) can not occur.
1784 */ 1784 */
1785 will_truncate = open_will_truncate(flag, nd.path.dentry->d_inode); 1785 if (open_flag & __O_SYNC)
1786 if (will_truncate) { 1786 open_flag |= O_DSYNC;
1787 error = mnt_want_write(nd.path.mnt); 1787
1788 if (error) 1788 if (!acc_mode)
1789 goto exit; 1789 acc_mode = MAY_OPEN | ACC_MODE(open_flag);
1790 } 1790
1791 error = may_open(&nd.path, acc_mode, flag); 1791 /* O_TRUNC implies we need access checks for write permissions */
1792 if (open_flag & O_TRUNC)
1793 acc_mode |= MAY_WRITE;
1794
1795 /* Allow the LSM permission hook to distinguish append
1796 access from general write access. */
1797 if (open_flag & O_APPEND)
1798 acc_mode |= MAY_APPEND;
1799
1800 /* find the parent */
1801reval:
1802 error = path_init(dfd, pathname, LOOKUP_PARENT, &nd);
1803 if (error)
1804 return ERR_PTR(error);
1805 if (force_reval)
1806 nd.flags |= LOOKUP_REVAL;
1807
1808 current->total_link_count = 0;
1809 error = link_path_walk(pathname, &nd);
1792 if (error) { 1810 if (error) {
1793 if (will_truncate) 1811 filp = ERR_PTR(error);
1794 mnt_drop_write(nd.path.mnt); 1812 goto out;
1795 goto exit;
1796 }
1797 filp = nameidata_to_filp(&nd);
1798 if (!IS_ERR(filp)) {
1799 error = ima_file_check(filp, acc_mode);
1800 if (error) {
1801 fput(filp);
1802 filp = ERR_PTR(error);
1803 }
1804 } 1813 }
1805 if (!IS_ERR(filp)) { 1814 if (unlikely(!audit_dummy_context()) && (open_flag & O_CREAT))
1806 if (acc_mode & MAY_WRITE) 1815 audit_inode(pathname, nd.path.dentry);
1807 vfs_dq_init(nd.path.dentry->d_inode);
1808 1816
1809 if (will_truncate) {
1810 error = handle_truncate(&nd.path);
1811 if (error) {
1812 fput(filp);
1813 filp = ERR_PTR(error);
1814 }
1815 }
1816 }
1817 /* 1817 /*
1818 * It is now safe to drop the mnt write 1818 * We have the parent and last component.
1819 * because the filp has had a write taken
1820 * on its behalf.
1821 */ 1819 */
1822 if (will_truncate) 1820
1823 mnt_drop_write(nd.path.mnt); 1821 error = -ENFILE;
1822 filp = get_empty_filp();
1823 if (filp == NULL)
1824 goto exit_parent;
1825 nd.intent.open.file = filp;
1826 filp->f_flags = open_flag;
1827 nd.intent.open.flags = flag;
1828 nd.intent.open.create_mode = mode;
1829 nd.flags &= ~LOOKUP_PARENT;
1830 nd.flags |= LOOKUP_OPEN;
1831 if (open_flag & O_CREAT) {
1832 nd.flags |= LOOKUP_CREATE;
1833 if (open_flag & O_EXCL)
1834 nd.flags |= LOOKUP_EXCL;
1835 }
1836 filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname, &want_dir);
1837 while (unlikely(!filp)) { /* trailing symlink */
1838 struct path holder;
1839 struct inode *inode = path.dentry->d_inode;
1840 void *cookie;
1841 error = -ELOOP;
1842 /* S_ISDIR part is a temporary automount kludge */
1843 if ((open_flag & O_NOFOLLOW) && !S_ISDIR(inode->i_mode))
1844 goto exit_dput;
1845 if (count++ == 32)
1846 goto exit_dput;
1847 /*
1848 * This is subtle. Instead of calling do_follow_link() we do
1849 * the thing by hands. The reason is that this way we have zero
1850 * link_count and path_walk() (called from ->follow_link)
1851 * honoring LOOKUP_PARENT. After that we have the parent and
1852 * last component, i.e. we are in the same situation as after
1853 * the first path_walk(). Well, almost - if the last component
1854 * is normal we get its copy stored in nd->last.name and we will
1855 * have to putname() it when we are done. Procfs-like symlinks
1856 * just set LAST_BIND.
1857 */
1858 nd.flags |= LOOKUP_PARENT;
1859 error = security_inode_follow_link(path.dentry, &nd);
1860 if (error)
1861 goto exit_dput;
1862 error = __do_follow_link(&path, &nd, &cookie);
1863 if (unlikely(error)) {
1864 /* nd.path had been dropped */
1865 if (!IS_ERR(cookie) && inode->i_op->put_link)
1866 inode->i_op->put_link(path.dentry, &nd, cookie);
1867 path_put(&path);
1868 release_open_intent(&nd);
1869 filp = ERR_PTR(error);
1870 goto out;
1871 }
1872 holder = path;
1873 nd.flags &= ~LOOKUP_PARENT;
1874 filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname, &want_dir);
1875 if (inode->i_op->put_link)
1876 inode->i_op->put_link(holder.dentry, &nd, cookie);
1877 path_put(&holder);
1878 }
1879out:
1824 if (nd.root.mnt) 1880 if (nd.root.mnt)
1825 path_put(&nd.root); 1881 path_put(&nd.root);
1882 if (filp == ERR_PTR(-ESTALE) && !force_reval) {
1883 force_reval = 1;
1884 goto reval;
1885 }
1826 return filp; 1886 return filp;
1827 1887
1828exit_mutex_unlock:
1829 mutex_unlock(&dir->d_inode->i_mutex);
1830exit_dput: 1888exit_dput:
1831 path_put_conditional(&path, &nd); 1889 path_put_conditional(&path, &nd);
1832exit:
1833 if (!IS_ERR(nd.intent.open.file)) 1890 if (!IS_ERR(nd.intent.open.file))
1834 release_open_intent(&nd); 1891 release_open_intent(&nd);
1835exit_parent: 1892exit_parent:
1836 if (nd.root.mnt)
1837 path_put(&nd.root);
1838 path_put(&nd.path); 1893 path_put(&nd.path);
1839 return ERR_PTR(error); 1894 filp = ERR_PTR(error);
1840 1895 goto out;
1841do_link:
1842 error = -ELOOP;
1843 if (flag & O_NOFOLLOW)
1844 goto exit_dput;
1845 /*
1846 * This is subtle. Instead of calling do_follow_link() we do the
1847 * thing by hands. The reason is that this way we have zero link_count
1848 * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT.
1849 * After that we have the parent and last component, i.e.
1850 * we are in the same situation as after the first path_walk().
1851 * Well, almost - if the last component is normal we get its copy
1852 * stored in nd->last.name and we will have to putname() it when we
1853 * are done. Procfs-like symlinks just set LAST_BIND.
1854 */
1855 nd.flags |= LOOKUP_PARENT;
1856 error = security_inode_follow_link(path.dentry, &nd);
1857 if (error)
1858 goto exit_dput;
1859 error = __do_follow_link(&path, &nd);
1860 path_put(&path);
1861 if (error) {
1862 /* Does someone understand code flow here? Or it is only
1863 * me so stupid? Anathema to whoever designed this non-sense
1864 * with "intent.open".
1865 */
1866 release_open_intent(&nd);
1867 if (nd.root.mnt)
1868 path_put(&nd.root);
1869 if (error == -ESTALE && !force_reval) {
1870 force_reval = 1;
1871 goto reval;
1872 }
1873 return ERR_PTR(error);
1874 }
1875 nd.flags &= ~LOOKUP_PARENT;
1876 if (nd.last_type == LAST_BIND)
1877 goto ok;
1878 error = -EISDIR;
1879 if (nd.last_type != LAST_NORM)
1880 goto exit;
1881 if (nd.last.name[nd.last.len]) {
1882 __putname(nd.last.name);
1883 goto exit;
1884 }
1885 error = -ELOOP;
1886 if (count++==32) {
1887 __putname(nd.last.name);
1888 goto exit;
1889 }
1890 dir = nd.path.dentry;
1891 mutex_lock(&dir->d_inode->i_mutex);
1892 path.dentry = lookup_hash(&nd);
1893 path.mnt = nd.path.mnt;
1894 __putname(nd.last.name);
1895 goto do_last;
1896} 1896}
1897 1897
1898/** 1898/**
@@ -2265,8 +2265,11 @@ int vfs_unlink(struct inode *dir, struct dentry *dentry)
2265 error = -EBUSY; 2265 error = -EBUSY;
2266 else { 2266 else {
2267 error = security_inode_unlink(dir, dentry); 2267 error = security_inode_unlink(dir, dentry);
2268 if (!error) 2268 if (!error) {
2269 error = dir->i_op->unlink(dir, dentry); 2269 error = dir->i_op->unlink(dir, dentry);
2270 if (!error)
2271 dentry->d_inode->i_flags |= S_DEAD;
2272 }
2270 } 2273 }
2271 mutex_unlock(&dentry->d_inode->i_mutex); 2274 mutex_unlock(&dentry->d_inode->i_mutex);
2272 2275
@@ -2619,6 +2622,8 @@ static int vfs_rename_other(struct inode *old_dir, struct dentry *old_dentry,
2619 else 2622 else
2620 error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry); 2623 error = old_dir->i_op->rename(old_dir, old_dentry, new_dir, new_dentry);
2621 if (!error) { 2624 if (!error) {
2625 if (target)
2626 target->i_flags |= S_DEAD;
2622 if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE)) 2627 if (!(old_dir->i_sb->s_type->fs_flags & FS_RENAME_DOES_D_MOVE))
2623 d_move(old_dentry, new_dentry); 2628 d_move(old_dentry, new_dentry);
2624 } 2629 }
@@ -2661,11 +2666,9 @@ int vfs_rename(struct inode *old_dir, struct dentry *old_dentry,
2661 error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry); 2666 error = vfs_rename_dir(old_dir,old_dentry,new_dir,new_dentry);
2662 else 2667 else
2663 error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry); 2668 error = vfs_rename_other(old_dir,old_dentry,new_dir,new_dentry);
2664 if (!error) { 2669 if (!error)
2665 const char *new_name = old_dentry->d_name.name; 2670 fsnotify_move(old_dir, new_dir, old_name, is_dir,
2666 fsnotify_move(old_dir, new_dir, old_name, new_name, is_dir,
2667 new_dentry->d_inode, old_dentry); 2671 new_dentry->d_inode, old_dentry);
2668 }
2669 fsnotify_oldname_free(old_name); 2672 fsnotify_oldname_free(old_name);
2670 2673
2671 return error; 2674 return error;
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-27 21:37:24 -0500