aboutsummaryrefslogtreecommitdiffstats
path: root/fs/namei.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/namei.c')
-rw-r--r--fs/namei.c486
1 files changed, 247 insertions, 239 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 87f97ba90ad1..a4855af776a8 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -35,7 +35,7 @@
35#include <linux/fs_struct.h> 35#include <linux/fs_struct.h>
36#include <asm/uaccess.h> 36#include <asm/uaccess.h>
37 37
38#define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE]) 38#include "internal.h"
39 39
40/* [Feb-1997 T. Schoebel-Theuer] 40/* [Feb-1997 T. Schoebel-Theuer]
41 * Fundamental changes in the pathname lookup mechanisms (namei) 41 * Fundamental changes in the pathname lookup mechanisms (namei)
@@ -108,8 +108,6 @@
108 * any extra contention... 108 * any extra contention...
109 */ 109 */
110 110
111static int __link_path_walk(const char *name, struct nameidata *nd);
112
113/* In order to reduce some races, while at the same time doing additional 111/* In order to reduce some races, while at the same time doing additional
114 * checking and hopefully speeding things up, we copy filenames to the 112 * checking and hopefully speeding things up, we copy filenames to the
115 * kernel data space before using them.. 113 * kernel data space before using them..
@@ -234,6 +232,7 @@ int generic_permission(struct inode *inode, int mask,
234 /* 232 /*
235 * Searching includes executable on directories, else just read. 233 * Searching includes executable on directories, else just read.
236 */ 234 */
235 mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
237 if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))) 236 if (mask == MAY_READ || (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE)))
238 if (capable(CAP_DAC_READ_SEARCH)) 237 if (capable(CAP_DAC_READ_SEARCH))
239 return 0; 238 return 0;
@@ -414,36 +413,55 @@ do_revalidate(struct dentry *dentry, struct nameidata *nd)
414} 413}
415 414
416/* 415/*
417 * Internal lookup() using the new generic dcache. 416 * force_reval_path - force revalidation of a dentry
418 * SMP-safe 417 *
418 * In some situations the path walking code will trust dentries without
419 * revalidating them. This causes problems for filesystems that depend on
420 * d_revalidate to handle file opens (e.g. NFSv4). When FS_REVAL_DOT is set
421 * (which indicates that it's possible for the dentry to go stale), force
422 * a d_revalidate call before proceeding.
423 *
424 * Returns 0 if the revalidation was successful. If the revalidation fails,
425 * either return the error returned by d_revalidate or -ESTALE if the
426 * revalidation it just returned 0. If d_revalidate returns 0, we attempt to
427 * invalidate the dentry. It's up to the caller to handle putting references
428 * to the path if necessary.
419 */ 429 */
420static struct dentry * cached_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd) 430static int
431force_reval_path(struct path *path, struct nameidata *nd)
421{ 432{
422 struct dentry * dentry = __d_lookup(parent, name); 433 int status;
434 struct dentry *dentry = path->dentry;
423 435
424 /* lockess __d_lookup may fail due to concurrent d_move() 436 /*
425 * in some unrelated directory, so try with d_lookup 437 * only check on filesystems where it's possible for the dentry to
438 * become stale. It's assumed that if this flag is set then the
439 * d_revalidate op will also be defined.
426 */ 440 */
427 if (!dentry) 441 if (!(dentry->d_sb->s_type->fs_flags & FS_REVAL_DOT))
428 dentry = d_lookup(parent, name); 442 return 0;
429 443
430 if (dentry && dentry->d_op && dentry->d_op->d_revalidate) 444 status = dentry->d_op->d_revalidate(dentry, nd);
431 dentry = do_revalidate(dentry, nd); 445 if (status > 0)
446 return 0;
432 447
433 return dentry; 448 if (!status) {
449 d_invalidate(dentry);
450 status = -ESTALE;
451 }
452 return status;
434} 453}
435 454
436/* 455/*
437 * Short-cut version of permission(), for calling by 456 * Short-cut version of permission(), for calling on directories
438 * path_walk(), when dcache lock is held. Combines parts 457 * during pathname resolution. Combines parts of permission()
439 * of permission() and generic_permission(), and tests ONLY for 458 * and generic_permission(), and tests ONLY for MAY_EXEC permission.
440 * MAY_EXEC permission.
441 * 459 *
442 * If appropriate, check DAC only. If not appropriate, or 460 * If appropriate, check DAC only. If not appropriate, or
443 * short-cut DAC fails, then call permission() to do more 461 * short-cut DAC fails, then call ->permission() to do more
444 * complete permission check. 462 * complete permission check.
445 */ 463 */
446static int exec_permission_lite(struct inode *inode) 464static int exec_permission(struct inode *inode)
447{ 465{
448 int ret; 466 int ret;
449 467
@@ -465,99 +483,6 @@ ok:
465 return security_inode_permission(inode, MAY_EXEC); 483 return security_inode_permission(inode, MAY_EXEC);
466} 484}
467 485
468/*
469 * This is called when everything else fails, and we actually have
470 * to go to the low-level filesystem to find out what we should do..
471 *
472 * We get the directory semaphore, and after getting that we also
473 * make sure that nobody added the entry to the dcache in the meantime..
474 * SMP-safe
475 */
476static struct dentry * real_lookup(struct dentry * parent, struct qstr * name, struct nameidata *nd)
477{
478 struct dentry * result;
479 struct inode *dir = parent->d_inode;
480
481 mutex_lock(&dir->i_mutex);
482 /*
483 * First re-do the cached lookup just in case it was created
484 * while we waited for the directory semaphore..
485 *
486 * FIXME! This could use version numbering or similar to
487 * avoid unnecessary cache lookups.
488 *
489 * The "dcache_lock" is purely to protect the RCU list walker
490 * from concurrent renames at this point (we mustn't get false
491 * negatives from the RCU list walk here, unlike the optimistic
492 * fast walk).
493 *
494 * so doing d_lookup() (with seqlock), instead of lockfree __d_lookup
495 */
496 result = d_lookup(parent, name);
497 if (!result) {
498 struct dentry *dentry;
499
500 /* Don't create child dentry for a dead directory. */
501 result = ERR_PTR(-ENOENT);
502 if (IS_DEADDIR(dir))
503 goto out_unlock;
504
505 dentry = d_alloc(parent, name);
506 result = ERR_PTR(-ENOMEM);
507 if (dentry) {
508 result = dir->i_op->lookup(dir, dentry, nd);
509 if (result)
510 dput(dentry);
511 else
512 result = dentry;
513 }
514out_unlock:
515 mutex_unlock(&dir->i_mutex);
516 return result;
517 }
518
519 /*
520 * Uhhuh! Nasty case: the cache was re-populated while
521 * we waited on the semaphore. Need to revalidate.
522 */
523 mutex_unlock(&dir->i_mutex);
524 if (result->d_op && result->d_op->d_revalidate) {
525 result = do_revalidate(result, nd);
526 if (!result)
527 result = ERR_PTR(-ENOENT);
528 }
529 return result;
530}
531
532/*
533 * Wrapper to retry pathname resolution whenever the underlying
534 * file system returns an ESTALE.
535 *
536 * Retry the whole path once, forcing real lookup requests
537 * instead of relying on the dcache.
538 */
539static __always_inline int link_path_walk(const char *name, struct nameidata *nd)
540{
541 struct path save = nd->path;
542 int result;
543
544 /* make sure the stuff we saved doesn't go away */
545 path_get(&save);
546
547 result = __link_path_walk(name, nd);
548 if (result == -ESTALE) {
549 /* nd->path had been dropped */
550 nd->path = save;
551 path_get(&nd->path);
552 nd->flags |= LOOKUP_REVAL;
553 result = __link_path_walk(name, nd);
554 }
555
556 path_put(&save);
557
558 return result;
559}
560
561static __always_inline void set_root(struct nameidata *nd) 486static __always_inline void set_root(struct nameidata *nd)
562{ 487{
563 if (!nd->root.mnt) { 488 if (!nd->root.mnt) {
@@ -569,6 +494,8 @@ static __always_inline void set_root(struct nameidata *nd)
569 } 494 }
570} 495}
571 496
497static int link_path_walk(const char *, struct nameidata *);
498
572static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 499static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link)
573{ 500{
574 int res = 0; 501 int res = 0;
@@ -634,6 +561,7 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
634 dget(dentry); 561 dget(dentry);
635 } 562 }
636 mntget(path->mnt); 563 mntget(path->mnt);
564 nd->last_type = LAST_BIND;
637 cookie = dentry->d_inode->i_op->follow_link(dentry, nd); 565 cookie = dentry->d_inode->i_op->follow_link(dentry, nd);
638 error = PTR_ERR(cookie); 566 error = PTR_ERR(cookie);
639 if (!IS_ERR(cookie)) { 567 if (!IS_ERR(cookie)) {
@@ -641,11 +569,14 @@ static __always_inline int __do_follow_link(struct path *path, struct nameidata
641 error = 0; 569 error = 0;
642 if (s) 570 if (s)
643 error = __vfs_follow_link(nd, s); 571 error = __vfs_follow_link(nd, s);
572 else if (nd->last_type == LAST_BIND) {
573 error = force_reval_path(&nd->path, nd);
574 if (error)
575 path_put(&nd->path);
576 }
644 if (dentry->d_inode->i_op->put_link) 577 if (dentry->d_inode->i_op->put_link)
645 dentry->d_inode->i_op->put_link(dentry, nd, cookie); 578 dentry->d_inode->i_op->put_link(dentry, nd, cookie);
646 } 579 }
647 path_put(path);
648
649 return error; 580 return error;
650} 581}
651 582
@@ -672,6 +603,7 @@ static inline int do_follow_link(struct path *path, struct nameidata *nd)
672 current->total_link_count++; 603 current->total_link_count++;
673 nd->depth++; 604 nd->depth++;
674 err = __do_follow_link(path, nd); 605 err = __do_follow_link(path, nd);
606 path_put(path);
675 current->link_count--; 607 current->link_count--;
676 nd->depth--; 608 nd->depth--;
677 return err; 609 return err;
@@ -797,8 +729,19 @@ static int do_lookup(struct nameidata *nd, struct qstr *name,
797 struct path *path) 729 struct path *path)
798{ 730{
799 struct vfsmount *mnt = nd->path.mnt; 731 struct vfsmount *mnt = nd->path.mnt;
800 struct dentry *dentry = __d_lookup(nd->path.dentry, name); 732 struct dentry *dentry, *parent;
733 struct inode *dir;
734 /*
735 * See if the low-level filesystem might want
736 * to use its own hash..
737 */
738 if (nd->path.dentry->d_op && nd->path.dentry->d_op->d_hash) {
739 int err = nd->path.dentry->d_op->d_hash(nd->path.dentry, name);
740 if (err < 0)
741 return err;
742 }
801 743
744 dentry = __d_lookup(nd->path.dentry, name);
802 if (!dentry) 745 if (!dentry)
803 goto need_lookup; 746 goto need_lookup;
804 if (dentry->d_op && dentry->d_op->d_revalidate) 747 if (dentry->d_op && dentry->d_op->d_revalidate)
@@ -810,7 +753,59 @@ done:
810 return 0; 753 return 0;
811 754
812need_lookup: 755need_lookup:
813 dentry = real_lookup(nd->path.dentry, name, nd); 756 parent = nd->path.dentry;
757 dir = parent->d_inode;
758
759 mutex_lock(&dir->i_mutex);
760 /*
761 * First re-do the cached lookup just in case it was created
762 * while we waited for the directory semaphore..
763 *
764 * FIXME! This could use version numbering or similar to
765 * avoid unnecessary cache lookups.
766 *
767 * The "dcache_lock" is purely to protect the RCU list walker
768 * from concurrent renames at this point (we mustn't get false
769 * negatives from the RCU list walk here, unlike the optimistic
770 * fast walk).
771 *
772 * so doing d_lookup() (with seqlock), instead of lockfree __d_lookup
773 */
774 dentry = d_lookup(parent, name);
775 if (!dentry) {
776 struct dentry *new;
777
778 /* Don't create child dentry for a dead directory. */
779 dentry = ERR_PTR(-ENOENT);
780 if (IS_DEADDIR(dir))
781 goto out_unlock;
782
783 new = d_alloc(parent, name);
784 dentry = ERR_PTR(-ENOMEM);
785 if (new) {
786 dentry = dir->i_op->lookup(dir, new, nd);
787 if (dentry)
788 dput(new);
789 else
790 dentry = new;
791 }
792out_unlock:
793 mutex_unlock(&dir->i_mutex);
794 if (IS_ERR(dentry))
795 goto fail;
796 goto done;
797 }
798
799 /*
800 * Uhhuh! Nasty case: the cache was re-populated while
801 * we waited on the semaphore. Need to revalidate.
802 */
803 mutex_unlock(&dir->i_mutex);
804 if (dentry->d_op && dentry->d_op->d_revalidate) {
805 dentry = do_revalidate(dentry, nd);
806 if (!dentry)
807 dentry = ERR_PTR(-ENOENT);
808 }
814 if (IS_ERR(dentry)) 809 if (IS_ERR(dentry))
815 goto fail; 810 goto fail;
816 goto done; 811 goto done;
@@ -828,6 +823,17 @@ fail:
828} 823}
829 824
830/* 825/*
826 * This is a temporary kludge to deal with "automount" symlinks; proper
827 * solution is to trigger them on follow_mount(), so that do_lookup()
828 * would DTRT. To be killed before 2.6.34-final.
829 */
830static inline int follow_on_final(struct inode *inode, unsigned lookup_flags)
831{
832 return inode && unlikely(inode->i_op->follow_link) &&
833 ((lookup_flags & LOOKUP_FOLLOW) || S_ISDIR(inode->i_mode));
834}
835
836/*
831 * Name resolution. 837 * Name resolution.
832 * This is the basic name resolution function, turning a pathname into 838 * This is the basic name resolution function, turning a pathname into
833 * the final dentry. We expect 'base' to be positive and a directory. 839 * the final dentry. We expect 'base' to be positive and a directory.
@@ -835,7 +841,7 @@ fail:
835 * Returns 0 and nd will have valid dentry and mnt on success. 841 * Returns 0 and nd will have valid dentry and mnt on success.
836 * Returns error and drops reference to input namei data on failure. 842 * Returns error and drops reference to input namei data on failure.
837 */ 843 */
838static int __link_path_walk(const char *name, struct nameidata *nd) 844static int link_path_walk(const char *name, struct nameidata *nd)
839{ 845{
840 struct path next; 846 struct path next;
841 struct inode *inode; 847 struct inode *inode;
@@ -858,7 +864,7 @@ static int __link_path_walk(const char *name, struct nameidata *nd)
858 unsigned int c; 864 unsigned int c;
859 865
860 nd->flags |= LOOKUP_CONTINUE; 866 nd->flags |= LOOKUP_CONTINUE;
861 err = exec_permission_lite(inode); 867 err = exec_permission(inode);
862 if (err) 868 if (err)
863 break; 869 break;
864 870
@@ -898,16 +904,6 @@ static int __link_path_walk(const char *name, struct nameidata *nd)
898 case 1: 904 case 1:
899 continue; 905 continue;
900 } 906 }
901 /*
902 * See if the low-level filesystem might want
903 * to use its own hash..
904 */
905 if (nd->path.dentry->d_op && nd->path.dentry->d_op->d_hash) {
906 err = nd->path.dentry->d_op->d_hash(nd->path.dentry,
907 &this);
908 if (err < 0)
909 break;
910 }
911 /* This does the actual lookups.. */ 907 /* This does the actual lookups.. */
912 err = do_lookup(nd, &this, &next); 908 err = do_lookup(nd, &this, &next);
913 if (err) 909 if (err)
@@ -953,18 +949,11 @@ last_component:
953 case 1: 949 case 1:
954 goto return_reval; 950 goto return_reval;
955 } 951 }
956 if (nd->path.dentry->d_op && nd->path.dentry->d_op->d_hash) {
957 err = nd->path.dentry->d_op->d_hash(nd->path.dentry,
958 &this);
959 if (err < 0)
960 break;
961 }
962 err = do_lookup(nd, &this, &next); 952 err = do_lookup(nd, &this, &next);
963 if (err) 953 if (err)
964 break; 954 break;
965 inode = next.dentry->d_inode; 955 inode = next.dentry->d_inode;
966 if ((lookup_flags & LOOKUP_FOLLOW) 956 if (follow_on_final(inode, lookup_flags)) {
967 && inode && inode->i_op->follow_link) {
968 err = do_follow_link(&next, nd); 957 err = do_follow_link(&next, nd);
969 if (err) 958 if (err)
970 goto return_err; 959 goto return_err;
@@ -1017,8 +1006,27 @@ return_err:
1017 1006
1018static int path_walk(const char *name, struct nameidata *nd) 1007static int path_walk(const char *name, struct nameidata *nd)
1019{ 1008{
1009 struct path save = nd->path;
1010 int result;
1011
1020 current->total_link_count = 0; 1012 current->total_link_count = 0;
1021 return link_path_walk(name, nd); 1013
1014 /* make sure the stuff we saved doesn't go away */
1015 path_get(&save);
1016
1017 result = link_path_walk(name, nd);
1018 if (result == -ESTALE) {
1019 /* nd->path had been dropped */
1020 current->total_link_count = 0;
1021 nd->path = save;
1022 path_get(&nd->path);
1023 nd->flags |= LOOKUP_REVAL;
1024 result = link_path_walk(name, nd);
1025 }
1026
1027 path_put(&save);
1028
1029 return result;
1022} 1030}
1023 1031
1024static int path_init(int dfd, const char *name, unsigned int flags, struct nameidata *nd) 1032static int path_init(int dfd, const char *name, unsigned int flags, struct nameidata *nd)
@@ -1141,36 +1149,6 @@ int vfs_path_lookup(struct dentry *dentry, struct vfsmount *mnt,
1141 return retval; 1149 return retval;
1142} 1150}
1143 1151
1144/**
1145 * path_lookup_open - lookup a file path with open intent
1146 * @dfd: the directory to use as base, or AT_FDCWD
1147 * @name: pointer to file name
1148 * @lookup_flags: lookup intent flags
1149 * @nd: pointer to nameidata
1150 * @open_flags: open intent flags
1151 */
1152static int path_lookup_open(int dfd, const char *name,
1153 unsigned int lookup_flags, struct nameidata *nd, int open_flags)
1154{
1155 struct file *filp = get_empty_filp();
1156 int err;
1157
1158 if (filp == NULL)
1159 return -ENFILE;
1160 nd->intent.open.file = filp;
1161 nd->intent.open.flags = open_flags;
1162 nd->intent.open.create_mode = 0;
1163 err = do_path_lookup(dfd, name, lookup_flags|LOOKUP_OPEN, nd);
1164 if (IS_ERR(nd->intent.open.file)) {
1165 if (err == 0) {
1166 err = PTR_ERR(nd->intent.open.file);
1167 path_put(&nd->path);
1168 }
1169 } else if (err != 0)
1170 release_open_intent(nd);
1171 return err;
1172}
1173
1174static struct dentry *__lookup_hash(struct qstr *name, 1152static struct dentry *__lookup_hash(struct qstr *name,
1175 struct dentry *base, struct nameidata *nd) 1153 struct dentry *base, struct nameidata *nd)
1176{ 1154{
@@ -1191,7 +1169,17 @@ static struct dentry *__lookup_hash(struct qstr *name,
1191 goto out; 1169 goto out;
1192 } 1170 }
1193 1171
1194 dentry = cached_lookup(base, name, nd); 1172 dentry = __d_lookup(base, name);
1173
1174 /* lockess __d_lookup may fail due to concurrent d_move()
1175 * in some unrelated directory, so try with d_lookup
1176 */
1177 if (!dentry)
1178 dentry = d_lookup(base, name);
1179
1180 if (dentry && dentry->d_op && dentry->d_op->d_revalidate)
1181 dentry = do_revalidate(dentry, nd);
1182
1195 if (!dentry) { 1183 if (!dentry) {
1196 struct dentry *new; 1184 struct dentry *new;
1197 1185
@@ -1223,7 +1211,7 @@ static struct dentry *lookup_hash(struct nameidata *nd)
1223{ 1211{
1224 int err; 1212 int err;
1225 1213
1226 err = inode_permission(nd->path.dentry->d_inode, MAY_EXEC); 1214 err = exec_permission(nd->path.dentry->d_inode);
1227 if (err) 1215 if (err)
1228 return ERR_PTR(err); 1216 return ERR_PTR(err);
1229 return __lookup_hash(&nd->last, nd->path.dentry, nd); 1217 return __lookup_hash(&nd->last, nd->path.dentry, nd);
@@ -1273,7 +1261,7 @@ struct dentry *lookup_one_len(const char *name, struct dentry *base, int len)
1273 if (err) 1261 if (err)
1274 return ERR_PTR(err); 1262 return ERR_PTR(err);
1275 1263
1276 err = inode_permission(base->d_inode, MAY_EXEC); 1264 err = exec_permission(base->d_inode);
1277 if (err) 1265 if (err)
1278 return ERR_PTR(err); 1266 return ERR_PTR(err);
1279 return __lookup_hash(&this, base, NULL); 1267 return __lookup_hash(&this, base, NULL);
@@ -1511,69 +1499,45 @@ int may_open(struct path *path, int acc_mode, int flag)
1511 if (error) 1499 if (error)
1512 return error; 1500 return error;
1513 1501
1514 error = ima_path_check(path, acc_mode ?
1515 acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC) :
1516 ACC_MODE(flag) & (MAY_READ | MAY_WRITE),
1517 IMA_COUNT_UPDATE);
1518
1519 if (error)
1520 return error;
1521 /* 1502 /*
1522 * An append-only file must be opened in append mode for writing. 1503 * An append-only file must be opened in append mode for writing.
1523 */ 1504 */
1524 if (IS_APPEND(inode)) { 1505 if (IS_APPEND(inode)) {
1525 error = -EPERM;
1526 if ((flag & FMODE_WRITE) && !(flag & O_APPEND)) 1506 if ((flag & FMODE_WRITE) && !(flag & O_APPEND))
1527 goto err_out; 1507 return -EPERM;
1528 if (flag & O_TRUNC) 1508 if (flag & O_TRUNC)
1529 goto err_out; 1509 return -EPERM;
1530 } 1510 }
1531 1511
1532 /* O_NOATIME can only be set by the owner or superuser */ 1512 /* O_NOATIME can only be set by the owner or superuser */
1533 if (flag & O_NOATIME) 1513 if (flag & O_NOATIME && !is_owner_or_cap(inode))
1534 if (!is_owner_or_cap(inode)) { 1514 return -EPERM;
1535 error = -EPERM;
1536 goto err_out;
1537 }
1538 1515
1539 /* 1516 /*
1540 * Ensure there are no outstanding leases on the file. 1517 * Ensure there are no outstanding leases on the file.
1541 */ 1518 */
1542 error = break_lease(inode, flag); 1519 return break_lease(inode, flag);
1543 if (error) 1520}
1544 goto err_out;
1545
1546 if (flag & O_TRUNC) {
1547 error = get_write_access(inode);
1548 if (error)
1549 goto err_out;
1550
1551 /*
1552 * Refuse to truncate files with mandatory locks held on them.
1553 */
1554 error = locks_verify_locked(inode);
1555 if (!error)
1556 error = security_path_truncate(path, 0,
1557 ATTR_MTIME|ATTR_CTIME|ATTR_OPEN);
1558 if (!error) {
1559 vfs_dq_init(inode);
1560
1561 error = do_truncate(dentry, 0,
1562 ATTR_MTIME|ATTR_CTIME|ATTR_OPEN,
1563 NULL);
1564 }
1565 put_write_access(inode);
1566 if (error)
1567 goto err_out;
1568 } else
1569 if (flag & FMODE_WRITE)
1570 vfs_dq_init(inode);
1571 1521
1572 return 0; 1522static int handle_truncate(struct path *path)
1573err_out: 1523{
1574 ima_counts_put(path, acc_mode ? 1524 struct inode *inode = path->dentry->d_inode;
1575 acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC) : 1525 int error = get_write_access(inode);
1576 ACC_MODE(flag) & (MAY_READ | MAY_WRITE)); 1526 if (error)
1527 return error;
1528 /*
1529 * Refuse to truncate files with mandatory locks held on them.
1530 */
1531 error = locks_verify_locked(inode);
1532 if (!error)
1533 error = security_path_truncate(path, 0,
1534 ATTR_MTIME|ATTR_CTIME|ATTR_OPEN);
1535 if (!error) {
1536 error = do_truncate(path->dentry, 0,
1537 ATTR_MTIME|ATTR_CTIME|ATTR_OPEN,
1538 NULL);
1539 }
1540 put_write_access(inode);
1577 return error; 1541 return error;
1578} 1542}
1579 1543
@@ -1628,7 +1592,7 @@ static inline int open_to_namei_flags(int flag)
1628 return flag; 1592 return flag;
1629} 1593}
1630 1594
1631static int open_will_write_to_fs(int flag, struct inode *inode) 1595static int open_will_truncate(int flag, struct inode *inode)
1632{ 1596{
1633 /* 1597 /*
1634 * We'll never write to the fs underlying 1598 * We'll never write to the fs underlying
@@ -1653,8 +1617,9 @@ struct file *do_filp_open(int dfd, const char *pathname,
1653 struct path path; 1617 struct path path;
1654 struct dentry *dir; 1618 struct dentry *dir;
1655 int count = 0; 1619 int count = 0;
1656 int will_write; 1620 int will_truncate;
1657 int flag = open_to_namei_flags(open_flag); 1621 int flag = open_to_namei_flags(open_flag);
1622 int force_reval = 0;
1658 1623
1659 /* 1624 /*
1660 * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only 1625 * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only
@@ -1666,7 +1631,7 @@ struct file *do_filp_open(int dfd, const char *pathname,
1666 open_flag |= O_DSYNC; 1631 open_flag |= O_DSYNC;
1667 1632
1668 if (!acc_mode) 1633 if (!acc_mode)
1669 acc_mode = MAY_OPEN | ACC_MODE(flag); 1634 acc_mode = MAY_OPEN | ACC_MODE(open_flag);
1670 1635
1671 /* O_TRUNC implies we need access checks for write permissions */ 1636 /* O_TRUNC implies we need access checks for write permissions */
1672 if (flag & O_TRUNC) 1637 if (flag & O_TRUNC)
@@ -1681,8 +1646,23 @@ struct file *do_filp_open(int dfd, const char *pathname,
1681 * The simplest case - just a plain lookup. 1646 * The simplest case - just a plain lookup.
1682 */ 1647 */
1683 if (!(flag & O_CREAT)) { 1648 if (!(flag & O_CREAT)) {
1684 error = path_lookup_open(dfd, pathname, lookup_flags(flag), 1649 filp = get_empty_filp();
1685 &nd, flag); 1650
1651 if (filp == NULL)
1652 return ERR_PTR(-ENFILE);
1653 nd.intent.open.file = filp;
1654 filp->f_flags = open_flag;
1655 nd.intent.open.flags = flag;
1656 nd.intent.open.create_mode = 0;
1657 error = do_path_lookup(dfd, pathname,
1658 lookup_flags(flag)|LOOKUP_OPEN, &nd);
1659 if (IS_ERR(nd.intent.open.file)) {
1660 if (error == 0) {
1661 error = PTR_ERR(nd.intent.open.file);
1662 path_put(&nd.path);
1663 }
1664 } else if (error)
1665 release_open_intent(&nd);
1686 if (error) 1666 if (error)
1687 return ERR_PTR(error); 1667 return ERR_PTR(error);
1688 goto ok; 1668 goto ok;
@@ -1691,9 +1671,12 @@ struct file *do_filp_open(int dfd, const char *pathname,
1691 /* 1671 /*
1692 * Create - we need to know the parent. 1672 * Create - we need to know the parent.
1693 */ 1673 */
1674reval:
1694 error = path_init(dfd, pathname, LOOKUP_PARENT, &nd); 1675 error = path_init(dfd, pathname, LOOKUP_PARENT, &nd);
1695 if (error) 1676 if (error)
1696 return ERR_PTR(error); 1677 return ERR_PTR(error);
1678 if (force_reval)
1679 nd.flags |= LOOKUP_REVAL;
1697 error = path_walk(pathname, &nd); 1680 error = path_walk(pathname, &nd);
1698 if (error) { 1681 if (error) {
1699 if (nd.root.mnt) 1682 if (nd.root.mnt)
@@ -1717,6 +1700,7 @@ struct file *do_filp_open(int dfd, const char *pathname,
1717 if (filp == NULL) 1700 if (filp == NULL)
1718 goto exit_parent; 1701 goto exit_parent;
1719 nd.intent.open.file = filp; 1702 nd.intent.open.file = filp;
1703 filp->f_flags = open_flag;
1720 nd.intent.open.flags = flag; 1704 nd.intent.open.flags = flag;
1721 nd.intent.open.create_mode = mode; 1705 nd.intent.open.create_mode = mode;
1722 dir = nd.path.dentry; 1706 dir = nd.path.dentry;
@@ -1757,14 +1741,17 @@ do_last:
1757 mnt_drop_write(nd.path.mnt); 1741 mnt_drop_write(nd.path.mnt);
1758 goto exit; 1742 goto exit;
1759 } 1743 }
1760 filp = nameidata_to_filp(&nd, open_flag); 1744 filp = nameidata_to_filp(&nd);
1761 if (IS_ERR(filp))
1762 ima_counts_put(&nd.path,
1763 acc_mode & (MAY_READ | MAY_WRITE |
1764 MAY_EXEC));
1765 mnt_drop_write(nd.path.mnt); 1745 mnt_drop_write(nd.path.mnt);
1766 if (nd.root.mnt) 1746 if (nd.root.mnt)
1767 path_put(&nd.root); 1747 path_put(&nd.root);
1748 if (!IS_ERR(filp)) {
1749 error = ima_file_check(filp, acc_mode);
1750 if (error) {
1751 fput(filp);
1752 filp = ERR_PTR(error);
1753 }
1754 }
1768 return filp; 1755 return filp;
1769 } 1756 }
1770 1757
@@ -1792,7 +1779,7 @@ do_last:
1792 1779
1793 path_to_nameidata(&path, &nd); 1780 path_to_nameidata(&path, &nd);
1794 error = -EISDIR; 1781 error = -EISDIR;
1795 if (path.dentry->d_inode && S_ISDIR(path.dentry->d_inode->i_mode)) 1782 if (S_ISDIR(path.dentry->d_inode->i_mode))
1796 goto exit; 1783 goto exit;
1797ok: 1784ok:
1798 /* 1785 /*
@@ -1805,28 +1792,44 @@ ok:
1805 * be avoided. Taking this mnt write here 1792 * be avoided. Taking this mnt write here
1806 * ensures that (2) can not occur. 1793 * ensures that (2) can not occur.
1807 */ 1794 */
1808 will_write = open_will_write_to_fs(flag, nd.path.dentry->d_inode); 1795 will_truncate = open_will_truncate(flag, nd.path.dentry->d_inode);
1809 if (will_write) { 1796 if (will_truncate) {
1810 error = mnt_want_write(nd.path.mnt); 1797 error = mnt_want_write(nd.path.mnt);
1811 if (error) 1798 if (error)
1812 goto exit; 1799 goto exit;
1813 } 1800 }
1814 error = may_open(&nd.path, acc_mode, flag); 1801 error = may_open(&nd.path, acc_mode, flag);
1815 if (error) { 1802 if (error) {
1816 if (will_write) 1803 if (will_truncate)
1817 mnt_drop_write(nd.path.mnt); 1804 mnt_drop_write(nd.path.mnt);
1818 goto exit; 1805 goto exit;
1819 } 1806 }
1820 filp = nameidata_to_filp(&nd, open_flag); 1807 filp = nameidata_to_filp(&nd);
1821 if (IS_ERR(filp)) 1808 if (!IS_ERR(filp)) {
1822 ima_counts_put(&nd.path, 1809 error = ima_file_check(filp, acc_mode);
1823 acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC)); 1810 if (error) {
1811 fput(filp);
1812 filp = ERR_PTR(error);
1813 }
1814 }
1815 if (!IS_ERR(filp)) {
1816 if (acc_mode & MAY_WRITE)
1817 vfs_dq_init(nd.path.dentry->d_inode);
1818
1819 if (will_truncate) {
1820 error = handle_truncate(&nd.path);
1821 if (error) {
1822 fput(filp);
1823 filp = ERR_PTR(error);
1824 }
1825 }
1826 }
1824 /* 1827 /*
1825 * It is now safe to drop the mnt write 1828 * It is now safe to drop the mnt write
1826 * because the filp has had a write taken 1829 * because the filp has had a write taken
1827 * on its behalf. 1830 * on its behalf.
1828 */ 1831 */
1829 if (will_write) 1832 if (will_truncate)
1830 mnt_drop_write(nd.path.mnt); 1833 mnt_drop_write(nd.path.mnt);
1831 if (nd.root.mnt) 1834 if (nd.root.mnt)
1832 path_put(&nd.root); 1835 path_put(&nd.root);
@@ -1864,6 +1867,7 @@ do_link:
1864 if (error) 1867 if (error)
1865 goto exit_dput; 1868 goto exit_dput;
1866 error = __do_follow_link(&path, &nd); 1869 error = __do_follow_link(&path, &nd);
1870 path_put(&path);
1867 if (error) { 1871 if (error) {
1868 /* Does someone understand code flow here? Or it is only 1872 /* Does someone understand code flow here? Or it is only
1869 * me so stupid? Anathema to whoever designed this non-sense 1873 * me so stupid? Anathema to whoever designed this non-sense
@@ -1872,6 +1876,10 @@ do_link:
1872 release_open_intent(&nd); 1876 release_open_intent(&nd);
1873 if (nd.root.mnt) 1877 if (nd.root.mnt)
1874 path_put(&nd.root); 1878 path_put(&nd.root);
1879 if (error == -ESTALE && !force_reval) {
1880 force_reval = 1;
1881 goto reval;
1882 }
1875 return ERR_PTR(error); 1883 return ERR_PTR(error);
1876 } 1884 }
1877 nd.flags &= ~LOOKUP_PARENT; 1885 nd.flags &= ~LOOKUP_PARENT;
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-28 13:18:27 -0500