1 /*
2 * fs/dcache.c
3 *
4 * Complete reimplementation
5 * (C) 1997 Thomas Schoebel-Theuer,
6 * with heavy changes by Linus Torvalds
7 */
8
9 /*
10 * Notes on the allocation strategy:
11 *
12 * The dcache is a master of the icache - whenever a dcache entry
13 * exists, the inode will always exist. "iput()" is done either when
14 * the dcache entry is deleted or garbage collected.
15 */
16
17 #include <linux/syscalls.h>
18 #include <linux/string.h>
19 #include <linux/mm.h>
20 #include <linux/fs.h>
21 #include <linux/fsnotify.h>
22 #include <linux/slab.h>
23 #include <linux/init.h>
24 #include <linux/hash.h>
25 #include <linux/cache.h>
26 #include <linux/export.h>
27 #include <linux/mount.h>
28 #include <linux/file.h>
29 #include <linux/uaccess.h>
30 #include <linux/security.h>
31 #include <linux/seqlock.h>
32 #include <linux/swap.h>
33 #include <linux/bootmem.h>
34 #include <linux/fs_struct.h>
35 #include <linux/hardirq.h>
36 #include <linux/bit_spinlock.h>
37 #include <linux/rculist_bl.h>
38 #include <linux/prefetch.h>
39 #include <linux/ratelimit.h>
40 #include <linux/list_lru.h>
41 #include <linux/kasan.h>
42
43 #include "internal.h"
44 #include "mount.h"
45
46 /*
47 * Usage:
48 * dcache->d_inode->i_lock protects:
49 * - i_dentry, d_u.d_alias, d_inode of aliases
50 * dcache_hash_bucket lock protects:
51 * - the dcache hash table
52 * s_anon bl list spinlock protects:
53 * - the s_anon list (see __d_drop)
54 * dentry->d_sb->s_dentry_lru_lock protects:
55 * - the dcache lru lists and counters
56 * d_lock protects:
57 * - d_flags
58 * - d_name
59 * - d_lru
60 * - d_count
61 * - d_unhashed()
62 * - d_parent and d_subdirs
63 * - childrens' d_child and d_parent
64 * - d_u.d_alias, d_inode
65 *
66 * Ordering:
67 * dentry->d_inode->i_lock
68 * dentry->d_lock
69 * dentry->d_sb->s_dentry_lru_lock
70 * dcache_hash_bucket lock
71 * s_anon lock
72 *
73 * If there is an ancestor relationship:
74 * dentry->d_parent->...->d_parent->d_lock
75 * ...
76 * dentry->d_parent->d_lock
77 * dentry->d_lock
78 *
79 * If no ancestor relationship:
80 * if (dentry1 < dentry2)
81 * dentry1->d_lock
82 * dentry2->d_lock
83 */
84 int sysctl_vfs_cache_pressure __read_mostly = 100;
85 EXPORT_SYMBOL_GPL(sysctl_vfs_cache_pressure);
86
87 __cacheline_aligned_in_smp DEFINE_SEQLOCK(rename_lock);
88
89 EXPORT_SYMBOL(rename_lock);
90
91 static struct kmem_cache *dentry_cache __read_mostly;
92
93 const struct qstr empty_name = QSTR_INIT("", 0);
94 EXPORT_SYMBOL(empty_name);
95 const struct qstr slash_name = QSTR_INIT("/", 1);
96 EXPORT_SYMBOL(slash_name);
97
98 /*
99 * This is the single most critical data structure when it comes
100 * to the dcache: the hashtable for lookups. Somebody should try
101 * to make this good - I've just made it work.
102 *
103 * This hash-function tries to avoid losing too many bits of hash
104 * information, yet avoid using a prime hash-size or similar.
105 */
106
107 static unsigned int d_hash_mask __read_mostly;
108 static unsigned int d_hash_shift __read_mostly;
109
110 static struct hlist_bl_head *dentry_hashtable __read_mostly;
111
d_hash(unsigned int hash)112 static inline struct hlist_bl_head *d_hash(unsigned int hash)
113 {
114 return dentry_hashtable + (hash >> (32 - d_hash_shift));
115 }
116
117 #define IN_LOOKUP_SHIFT 10
118 static struct hlist_bl_head in_lookup_hashtable[1 << IN_LOOKUP_SHIFT];
119
in_lookup_hash(const struct dentry * parent,unsigned int hash)120 static inline struct hlist_bl_head *in_lookup_hash(const struct dentry *parent,
121 unsigned int hash)
122 {
123 hash += (unsigned long) parent / L1_CACHE_BYTES;
124 return in_lookup_hashtable + hash_32(hash, IN_LOOKUP_SHIFT);
125 }
126
127
128 /* Statistics gathering. */
129 struct dentry_stat_t dentry_stat = {
130 .age_limit = 45,
131 };
132
133 static DEFINE_PER_CPU(long, nr_dentry);
134 static DEFINE_PER_CPU(long, nr_dentry_unused);
135
136 #if defined(CONFIG_SYSCTL) && defined(CONFIG_PROC_FS)
137
138 /*
139 * Here we resort to our own counters instead of using generic per-cpu counters
140 * for consistency with what the vfs inode code does. We are expected to harvest
141 * better code and performance by having our own specialized counters.
142 *
143 * Please note that the loop is done over all possible CPUs, not over all online
144 * CPUs. The reason for this is that we don't want to play games with CPUs going
145 * on and off. If one of them goes off, we will just keep their counters.
146 *
147 * glommer: See cffbc8a for details, and if you ever intend to change this,
148 * please update all vfs counters to match.
149 */
get_nr_dentry(void)150 static long get_nr_dentry(void)
151 {
152 int i;
153 long sum = 0;
154 for_each_possible_cpu(i)
155 sum += per_cpu(nr_dentry, i);
156 return sum < 0 ? 0 : sum;
157 }
158
get_nr_dentry_unused(void)159 static long get_nr_dentry_unused(void)
160 {
161 int i;
162 long sum = 0;
163 for_each_possible_cpu(i)
164 sum += per_cpu(nr_dentry_unused, i);
165 return sum < 0 ? 0 : sum;
166 }
167
proc_nr_dentry(struct ctl_table * table,int write,void __user * buffer,size_t * lenp,loff_t * ppos)168 int proc_nr_dentry(struct ctl_table *table, int write, void __user *buffer,
169 size_t *lenp, loff_t *ppos)
170 {
171 dentry_stat.nr_dentry = get_nr_dentry();
172 dentry_stat.nr_unused = get_nr_dentry_unused();
173 return proc_doulongvec_minmax(table, write, buffer, lenp, ppos);
174 }
175 #endif
176
177 /*
178 * Compare 2 name strings, return 0 if they match, otherwise non-zero.
179 * The strings are both count bytes long, and count is non-zero.
180 */
181 #ifdef CONFIG_DCACHE_WORD_ACCESS
182
183 #include <asm/word-at-a-time.h>
184 /*
185 * NOTE! 'cs' and 'scount' come from a dentry, so it has a
186 * aligned allocation for this particular component. We don't
187 * strictly need the load_unaligned_zeropad() safety, but it
188 * doesn't hurt either.
189 *
190 * In contrast, 'ct' and 'tcount' can be from a pathname, and do
191 * need the careful unaligned handling.
192 */
dentry_string_cmp(const unsigned char * cs,const unsigned char * ct,unsigned tcount)193 static inline int dentry_string_cmp(const unsigned char *cs, const unsigned char *ct, unsigned tcount)
194 {
195 unsigned long a,b,mask;
196
197 for (;;) {
198 a = *(unsigned long *)cs;
199 b = load_unaligned_zeropad(ct);
200 if (tcount < sizeof(unsigned long))
201 break;
202 if (unlikely(a != b))
203 return 1;
204 cs += sizeof(unsigned long);
205 ct += sizeof(unsigned long);
206 tcount -= sizeof(unsigned long);
207 if (!tcount)
208 return 0;
209 }
210 mask = bytemask_from_count(tcount);
211 return unlikely(!!((a ^ b) & mask));
212 }
213
214 #else
215
dentry_string_cmp(const unsigned char * cs,const unsigned char * ct,unsigned tcount)216 static inline int dentry_string_cmp(const unsigned char *cs, const unsigned char *ct, unsigned tcount)
217 {
218 do {
219 if (*cs != *ct)
220 return 1;
221 cs++;
222 ct++;
223 tcount--;
224 } while (tcount);
225 return 0;
226 }
227
228 #endif
229
dentry_cmp(const struct dentry * dentry,const unsigned char * ct,unsigned tcount)230 static inline int dentry_cmp(const struct dentry *dentry, const unsigned char *ct, unsigned tcount)
231 {
232 /*
233 * Be careful about RCU walk racing with rename:
234 * use 'READ_ONCE' to fetch the name pointer.
235 *
236 * NOTE! Even if a rename will mean that the length
237 * was not loaded atomically, we don't care. The
238 * RCU walk will check the sequence count eventually,
239 * and catch it. And we won't overrun the buffer,
240 * because we're reading the name pointer atomically,
241 * and a dentry name is guaranteed to be properly
242 * terminated with a NUL byte.
243 *
244 * End result: even if 'len' is wrong, we'll exit
245 * early because the data cannot match (there can
246 * be no NUL in the ct/tcount data)
247 */
248 const unsigned char *cs = READ_ONCE(dentry->d_name.name);
249
250 return dentry_string_cmp(cs, ct, tcount);
251 }
252
253 struct external_name {
254 union {
255 atomic_t count;
256 struct rcu_head head;
257 } u;
258 unsigned char name[];
259 };
260
external_name(struct dentry * dentry)261 static inline struct external_name *external_name(struct dentry *dentry)
262 {
263 return container_of(dentry->d_name.name, struct external_name, name[0]);
264 }
265
__d_free(struct rcu_head * head)266 static void __d_free(struct rcu_head *head)
267 {
268 struct dentry *dentry = container_of(head, struct dentry, d_u.d_rcu);
269
270 kmem_cache_free(dentry_cache, dentry);
271 }
272
__d_free_external_name(struct rcu_head * head)273 static void __d_free_external_name(struct rcu_head *head)
274 {
275 struct external_name *name = container_of(head, struct external_name,
276 u.head);
277
278 mod_node_page_state(page_pgdat(virt_to_page(name)),
279 NR_INDIRECTLY_RECLAIMABLE_BYTES,
280 -ksize(name));
281
282 kfree(name);
283 }
284
__d_free_external(struct rcu_head * head)285 static void __d_free_external(struct rcu_head *head)
286 {
287 struct dentry *dentry = container_of(head, struct dentry, d_u.d_rcu);
288
289 __d_free_external_name(&external_name(dentry)->u.head);
290
291 kmem_cache_free(dentry_cache, dentry);
292 }
293
dname_external(const struct dentry * dentry)294 static inline int dname_external(const struct dentry *dentry)
295 {
296 return dentry->d_name.name != dentry->d_iname;
297 }
298
take_dentry_name_snapshot(struct name_snapshot * name,struct dentry * dentry)299 void take_dentry_name_snapshot(struct name_snapshot *name, struct dentry *dentry)
300 {
301 spin_lock(&dentry->d_lock);
302 if (unlikely(dname_external(dentry))) {
303 struct external_name *p = external_name(dentry);
304 atomic_inc(&p->u.count);
305 spin_unlock(&dentry->d_lock);
306 name->name = p->name;
307 } else {
308 memcpy(name->inline_name, dentry->d_iname,
309 dentry->d_name.len + 1);
310 spin_unlock(&dentry->d_lock);
311 name->name = name->inline_name;
312 }
313 }
314 EXPORT_SYMBOL(take_dentry_name_snapshot);
315
release_dentry_name_snapshot(struct name_snapshot * name)316 void release_dentry_name_snapshot(struct name_snapshot *name)
317 {
318 if (unlikely(name->name != name->inline_name)) {
319 struct external_name *p;
320 p = container_of(name->name, struct external_name, name[0]);
321 if (unlikely(atomic_dec_and_test(&p->u.count)))
322 call_rcu(&p->u.head, __d_free_external_name);
323 }
324 }
325 EXPORT_SYMBOL(release_dentry_name_snapshot);
326
__d_set_inode_and_type(struct dentry * dentry,struct inode * inode,unsigned type_flags)327 static inline void __d_set_inode_and_type(struct dentry *dentry,
328 struct inode *inode,
329 unsigned type_flags)
330 {
331 unsigned flags;
332
333 dentry->d_inode = inode;
334 flags = READ_ONCE(dentry->d_flags);
335 flags &= ~(DCACHE_ENTRY_TYPE | DCACHE_FALLTHRU);
336 flags |= type_flags;
337 WRITE_ONCE(dentry->d_flags, flags);
338 }
339
__d_clear_type_and_inode(struct dentry * dentry)340 static inline void __d_clear_type_and_inode(struct dentry *dentry)
341 {
342 unsigned flags = READ_ONCE(dentry->d_flags);
343
344 flags &= ~(DCACHE_ENTRY_TYPE | DCACHE_FALLTHRU);
345 WRITE_ONCE(dentry->d_flags, flags);
346 dentry->d_inode = NULL;
347 }
348
dentry_free(struct dentry * dentry)349 static void dentry_free(struct dentry *dentry)
350 {
351 WARN_ON(!hlist_unhashed(&dentry->d_u.d_alias));
352 if (unlikely(dname_external(dentry))) {
353 struct external_name *p = external_name(dentry);
354 if (likely(atomic_dec_and_test(&p->u.count))) {
355 call_rcu(&dentry->d_u.d_rcu, __d_free_external);
356 return;
357 }
358 }
359 /* if dentry was never visible to RCU, immediate free is OK */
360 if (!(dentry->d_flags & DCACHE_RCUACCESS))
361 __d_free(&dentry->d_u.d_rcu);
362 else
363 call_rcu(&dentry->d_u.d_rcu, __d_free);
364 }
365
366 /*
367 * Release the dentry's inode, using the filesystem
368 * d_iput() operation if defined.
369 */
dentry_unlink_inode(struct dentry * dentry)370 static void dentry_unlink_inode(struct dentry * dentry)
371 __releases(dentry->d_lock)
372 __releases(dentry->d_inode->i_lock)
373 {
374 struct inode *inode = dentry->d_inode;
375
376 raw_write_seqcount_begin(&dentry->d_seq);
377 __d_clear_type_and_inode(dentry);
378 hlist_del_init(&dentry->d_u.d_alias);
379 raw_write_seqcount_end(&dentry->d_seq);
380 spin_unlock(&dentry->d_lock);
381 spin_unlock(&inode->i_lock);
382 if (!inode->i_nlink)
383 fsnotify_inoderemove(inode);
384 if (dentry->d_op && dentry->d_op->d_iput)
385 dentry->d_op->d_iput(dentry, inode);
386 else
387 iput(inode);
388 }
389
390 /*
391 * The DCACHE_LRU_LIST bit is set whenever the 'd_lru' entry
392 * is in use - which includes both the "real" per-superblock
393 * LRU list _and_ the DCACHE_SHRINK_LIST use.
394 *
395 * The DCACHE_SHRINK_LIST bit is set whenever the dentry is
396 * on the shrink list (ie not on the superblock LRU list).
397 *
398 * The per-cpu "nr_dentry_unused" counters are updated with
399 * the DCACHE_LRU_LIST bit.
400 *
401 * These helper functions make sure we always follow the
402 * rules. d_lock must be held by the caller.
403 */
404 #define D_FLAG_VERIFY(dentry,x) WARN_ON_ONCE(((dentry)->d_flags & (DCACHE_LRU_LIST | DCACHE_SHRINK_LIST)) != (x))
d_lru_add(struct dentry * dentry)405 static void d_lru_add(struct dentry *dentry)
406 {
407 D_FLAG_VERIFY(dentry, 0);
408 dentry->d_flags |= DCACHE_LRU_LIST;
409 this_cpu_inc(nr_dentry_unused);
410 WARN_ON_ONCE(!list_lru_add(&dentry->d_sb->s_dentry_lru, &dentry->d_lru));
411 }
412
d_lru_del(struct dentry * dentry)413 static void d_lru_del(struct dentry *dentry)
414 {
415 D_FLAG_VERIFY(dentry, DCACHE_LRU_LIST);
416 dentry->d_flags &= ~DCACHE_LRU_LIST;
417 this_cpu_dec(nr_dentry_unused);
418 WARN_ON_ONCE(!list_lru_del(&dentry->d_sb->s_dentry_lru, &dentry->d_lru));
419 }
420
d_shrink_del(struct dentry * dentry)421 static void d_shrink_del(struct dentry *dentry)
422 {
423 D_FLAG_VERIFY(dentry, DCACHE_SHRINK_LIST | DCACHE_LRU_LIST);
424 list_del_init(&dentry->d_lru);
425 dentry->d_flags &= ~(DCACHE_SHRINK_LIST | DCACHE_LRU_LIST);
426 this_cpu_dec(nr_dentry_unused);
427 }
428
d_shrink_add(struct dentry * dentry,struct list_head * list)429 static void d_shrink_add(struct dentry *dentry, struct list_head *list)
430 {
431 D_FLAG_VERIFY(dentry, 0);
432 list_add(&dentry->d_lru, list);
433 dentry->d_flags |= DCACHE_SHRINK_LIST | DCACHE_LRU_LIST;
434 this_cpu_inc(nr_dentry_unused);
435 }
436
437 /*
438 * These can only be called under the global LRU lock, ie during the
439 * callback for freeing the LRU list. "isolate" removes it from the
440 * LRU lists entirely, while shrink_move moves it to the indicated
441 * private list.
442 */
d_lru_isolate(struct list_lru_one * lru,struct dentry * dentry)443 static void d_lru_isolate(struct list_lru_one *lru, struct dentry *dentry)
444 {
445 D_FLAG_VERIFY(dentry, DCACHE_LRU_LIST);
446 dentry->d_flags &= ~DCACHE_LRU_LIST;
447 this_cpu_dec(nr_dentry_unused);
448 list_lru_isolate(lru, &dentry->d_lru);
449 }
450
d_lru_shrink_move(struct list_lru_one * lru,struct dentry * dentry,struct list_head * list)451 static void d_lru_shrink_move(struct list_lru_one *lru, struct dentry *dentry,
452 struct list_head *list)
453 {
454 D_FLAG_VERIFY(dentry, DCACHE_LRU_LIST);
455 dentry->d_flags |= DCACHE_SHRINK_LIST;
456 list_lru_isolate_move(lru, &dentry->d_lru, list);
457 }
458
459 /*
460 * dentry_lru_(add|del)_list) must be called with d_lock held.
461 */
dentry_lru_add(struct dentry * dentry)462 static void dentry_lru_add(struct dentry *dentry)
463 {
464 if (unlikely(!(dentry->d_flags & DCACHE_LRU_LIST)))
465 d_lru_add(dentry);
466 else if (unlikely(!(dentry->d_flags & DCACHE_REFERENCED)))
467 dentry->d_flags |= DCACHE_REFERENCED;
468 }
469
470 /**
471 * d_drop - drop a dentry
472 * @dentry: dentry to drop
473 *
474 * d_drop() unhashes the entry from the parent dentry hashes, so that it won't
475 * be found through a VFS lookup any more. Note that this is different from
476 * deleting the dentry - d_delete will try to mark the dentry negative if
477 * possible, giving a successful _negative_ lookup, while d_drop will
478 * just make the cache lookup fail.
479 *
480 * d_drop() is used mainly for stuff that wants to invalidate a dentry for some
481 * reason (NFS timeouts or autofs deletes).
482 *
483 * __d_drop requires dentry->d_lock
484 * ___d_drop doesn't mark dentry as "unhashed"
485 * (dentry->d_hash.pprev will be LIST_POISON2, not NULL).
486 */
___d_drop(struct dentry * dentry)487 static void ___d_drop(struct dentry *dentry)
488 {
489 if (!d_unhashed(dentry)) {
490 struct hlist_bl_head *b;
491 /*
492 * Hashed dentries are normally on the dentry hashtable,
493 * with the exception of those newly allocated by
494 * d_obtain_alias, which are always IS_ROOT:
495 */
496 if (unlikely(IS_ROOT(dentry)))
497 b = &dentry->d_sb->s_anon;
498 else
499 b = d_hash(dentry->d_name.hash);
500
501 hlist_bl_lock(b);
502 __hlist_bl_del(&dentry->d_hash);
503 hlist_bl_unlock(b);
504 /* After this call, in-progress rcu-walk path lookup will fail. */
505 write_seqcount_invalidate(&dentry->d_seq);
506 }
507 }
508
__d_drop(struct dentry * dentry)509 void __d_drop(struct dentry *dentry)
510 {
511 ___d_drop(dentry);
512 dentry->d_hash.pprev = NULL;
513 }
514 EXPORT_SYMBOL(__d_drop);
515
d_drop(struct dentry * dentry)516 void d_drop(struct dentry *dentry)
517 {
518 spin_lock(&dentry->d_lock);
519 __d_drop(dentry);
520 spin_unlock(&dentry->d_lock);
521 }
522 EXPORT_SYMBOL(d_drop);
523
dentry_unlist(struct dentry * dentry,struct dentry * parent)524 static inline void dentry_unlist(struct dentry *dentry, struct dentry *parent)
525 {
526 struct dentry *next;
527 /*
528 * Inform d_walk() and shrink_dentry_list() that we are no longer
529 * attached to the dentry tree
530 */
531 dentry->d_flags |= DCACHE_DENTRY_KILLED;
532 if (unlikely(list_empty(&dentry->d_child)))
533 return;
534 __list_del_entry(&dentry->d_child);
535 /*
536 * Cursors can move around the list of children. While we'd been
537 * a normal list member, it didn't matter - ->d_child.next would've
538 * been updated. However, from now on it won't be and for the
539 * things like d_walk() it might end up with a nasty surprise.
540 * Normally d_walk() doesn't care about cursors moving around -
541 * ->d_lock on parent prevents that and since a cursor has no children
542 * of its own, we get through it without ever unlocking the parent.
543 * There is one exception, though - if we ascend from a child that
544 * gets killed as soon as we unlock it, the next sibling is found
545 * using the value left in its ->d_child.next. And if _that_
546 * pointed to a cursor, and cursor got moved (e.g. by lseek())
547 * before d_walk() regains parent->d_lock, we'll end up skipping
548 * everything the cursor had been moved past.
549 *
550 * Solution: make sure that the pointer left behind in ->d_child.next
551 * points to something that won't be moving around. I.e. skip the
552 * cursors.
553 */
554 while (dentry->d_child.next != &parent->d_subdirs) {
555 next = list_entry(dentry->d_child.next, struct dentry, d_child);
556 if (likely(!(next->d_flags & DCACHE_DENTRY_CURSOR)))
557 break;
558 dentry->d_child.next = next->d_child.next;
559 }
560 }
561
__dentry_kill(struct dentry * dentry)562 static void __dentry_kill(struct dentry *dentry)
563 {
564 struct dentry *parent = NULL;
565 bool can_free = true;
566 if (!IS_ROOT(dentry))
567 parent = dentry->d_parent;
568
569 /*
570 * The dentry is now unrecoverably dead to the world.
571 */
572 lockref_mark_dead(&dentry->d_lockref);
573
574 /*
575 * inform the fs via d_prune that this dentry is about to be
576 * unhashed and destroyed.
577 */
578 if (dentry->d_flags & DCACHE_OP_PRUNE)
579 dentry->d_op->d_prune(dentry);
580
581 if (dentry->d_flags & DCACHE_LRU_LIST) {
582 if (!(dentry->d_flags & DCACHE_SHRINK_LIST))
583 d_lru_del(dentry);
584 }
585 /* if it was on the hash then remove it */
586 __d_drop(dentry);
587 dentry_unlist(dentry, parent);
588 if (parent)
589 spin_unlock(&parent->d_lock);
590 if (dentry->d_inode)
591 dentry_unlink_inode(dentry);
592 else
593 spin_unlock(&dentry->d_lock);
594 this_cpu_dec(nr_dentry);
595 if (dentry->d_op && dentry->d_op->d_release)
596 dentry->d_op->d_release(dentry);
597
598 spin_lock(&dentry->d_lock);
599 if (dentry->d_flags & DCACHE_SHRINK_LIST) {
600 dentry->d_flags |= DCACHE_MAY_FREE;
601 can_free = false;
602 }
603 spin_unlock(&dentry->d_lock);
604 if (likely(can_free))
605 dentry_free(dentry);
606 }
607
608 /*
609 * Finish off a dentry we've decided to kill.
610 * dentry->d_lock must be held, returns with it unlocked.
611 * If ref is non-zero, then decrement the refcount too.
612 * Returns dentry requiring refcount drop, or NULL if we're done.
613 */
dentry_kill(struct dentry * dentry)614 static struct dentry *dentry_kill(struct dentry *dentry)
615 __releases(dentry->d_lock)
616 {
617 struct inode *inode = dentry->d_inode;
618 struct dentry *parent = NULL;
619
620 if (inode && unlikely(!spin_trylock(&inode->i_lock)))
621 goto failed;
622
623 if (!IS_ROOT(dentry)) {
624 parent = dentry->d_parent;
625 if (unlikely(!spin_trylock(&parent->d_lock))) {
626 if (inode)
627 spin_unlock(&inode->i_lock);
628 goto failed;
629 }
630 }
631
632 __dentry_kill(dentry);
633 return parent;
634
635 failed:
636 spin_unlock(&dentry->d_lock);
637 return dentry; /* try again with same dentry */
638 }
639
lock_parent(struct dentry * dentry)640 static inline struct dentry *lock_parent(struct dentry *dentry)
641 {
642 struct dentry *parent = dentry->d_parent;
643 if (IS_ROOT(dentry))
644 return NULL;
645 if (unlikely(dentry->d_lockref.count < 0))
646 return NULL;
647 if (likely(spin_trylock(&parent->d_lock)))
648 return parent;
649 rcu_read_lock();
650 spin_unlock(&dentry->d_lock);
651 again:
652 parent = ACCESS_ONCE(dentry->d_parent);
653 spin_lock(&parent->d_lock);
654 /*
655 * We can't blindly lock dentry until we are sure
656 * that we won't violate the locking order.
657 * Any changes of dentry->d_parent must have
658 * been done with parent->d_lock held, so
659 * spin_lock() above is enough of a barrier
660 * for checking if it's still our child.
661 */
662 if (unlikely(parent != dentry->d_parent)) {
663 spin_unlock(&parent->d_lock);
664 goto again;
665 }
666 if (parent != dentry) {
667 spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED);
668 if (unlikely(dentry->d_lockref.count < 0)) {
669 spin_unlock(&parent->d_lock);
670 parent = NULL;
671 }
672 } else {
673 parent = NULL;
674 }
675 rcu_read_unlock();
676 return parent;
677 }
678
679 /*
680 * Try to do a lockless dput(), and return whether that was successful.
681 *
682 * If unsuccessful, we return false, having already taken the dentry lock.
683 *
684 * The caller needs to hold the RCU read lock, so that the dentry is
685 * guaranteed to stay around even if the refcount goes down to zero!
686 */
fast_dput(struct dentry * dentry)687 static inline bool fast_dput(struct dentry *dentry)
688 {
689 int ret;
690 unsigned int d_flags;
691
692 /*
693 * If we have a d_op->d_delete() operation, we sould not
694 * let the dentry count go to zero, so use "put_or_lock".
695 */
696 if (unlikely(dentry->d_flags & DCACHE_OP_DELETE))
697 return lockref_put_or_lock(&dentry->d_lockref);
698
699 /*
700 * .. otherwise, we can try to just decrement the
701 * lockref optimistically.
702 */
703 ret = lockref_put_return(&dentry->d_lockref);
704
705 /*
706 * If the lockref_put_return() failed due to the lock being held
707 * by somebody else, the fast path has failed. We will need to
708 * get the lock, and then check the count again.
709 */
710 if (unlikely(ret < 0)) {
711 spin_lock(&dentry->d_lock);
712 if (dentry->d_lockref.count > 1) {
713 dentry->d_lockref.count--;
714 spin_unlock(&dentry->d_lock);
715 return 1;
716 }
717 return 0;
718 }
719
720 /*
721 * If we weren't the last ref, we're done.
722 */
723 if (ret)
724 return 1;
725
726 /*
727 * Careful, careful. The reference count went down
728 * to zero, but we don't hold the dentry lock, so
729 * somebody else could get it again, and do another
730 * dput(), and we need to not race with that.
731 *
732 * However, there is a very special and common case
733 * where we don't care, because there is nothing to
734 * do: the dentry is still hashed, it does not have
735 * a 'delete' op, and it's referenced and already on
736 * the LRU list.
737 *
738 * NOTE! Since we aren't locked, these values are
739 * not "stable". However, it is sufficient that at
740 * some point after we dropped the reference the
741 * dentry was hashed and the flags had the proper
742 * value. Other dentry users may have re-gotten
743 * a reference to the dentry and change that, but
744 * our work is done - we can leave the dentry
745 * around with a zero refcount.
746 */
747 smp_rmb();
748 d_flags = ACCESS_ONCE(dentry->d_flags);
749 d_flags &= DCACHE_REFERENCED | DCACHE_LRU_LIST | DCACHE_DISCONNECTED;
750
751 /* Nothing to do? Dropping the reference was all we needed? */
752 if (d_flags == (DCACHE_REFERENCED | DCACHE_LRU_LIST) && !d_unhashed(dentry))
753 return 1;
754
755 /*
756 * Not the fast normal case? Get the lock. We've already decremented
757 * the refcount, but we'll need to re-check the situation after
758 * getting the lock.
759 */
760 spin_lock(&dentry->d_lock);
761
762 /*
763 * Did somebody else grab a reference to it in the meantime, and
764 * we're no longer the last user after all? Alternatively, somebody
765 * else could have killed it and marked it dead. Either way, we
766 * don't need to do anything else.
767 */
768 if (dentry->d_lockref.count) {
769 spin_unlock(&dentry->d_lock);
770 return 1;
771 }
772
773 /*
774 * Re-get the reference we optimistically dropped. We hold the
775 * lock, and we just tested that it was zero, so we can just
776 * set it to 1.
777 */
778 dentry->d_lockref.count = 1;
779 return 0;
780 }
781
782
783 /*
784 * This is dput
785 *
786 * This is complicated by the fact that we do not want to put
787 * dentries that are no longer on any hash chain on the unused
788 * list: we'd much rather just get rid of them immediately.
789 *
790 * However, that implies that we have to traverse the dentry
791 * tree upwards to the parents which might _also_ now be
792 * scheduled for deletion (it may have been only waiting for
793 * its last child to go away).
794 *
795 * This tail recursion is done by hand as we don't want to depend
796 * on the compiler to always get this right (gcc generally doesn't).
797 * Real recursion would eat up our stack space.
798 */
799
800 /*
801 * dput - release a dentry
802 * @dentry: dentry to release
803 *
804 * Release a dentry. This will drop the usage count and if appropriate
805 * call the dentry unlink method as well as removing it from the queues and
806 * releasing its resources. If the parent dentries were scheduled for release
807 * they too may now get deleted.
808 */
dput(struct dentry * dentry)809 void dput(struct dentry *dentry)
810 {
811 if (unlikely(!dentry))
812 return;
813
814 repeat:
815 might_sleep();
816
817 rcu_read_lock();
818 if (likely(fast_dput(dentry))) {
819 rcu_read_unlock();
820 return;
821 }
822
823 /* Slow case: now with the dentry lock held */
824 rcu_read_unlock();
825
826 WARN_ON(d_in_lookup(dentry));
827
828 /* Unreachable? Get rid of it */
829 if (unlikely(d_unhashed(dentry)))
830 goto kill_it;
831
832 if (unlikely(dentry->d_flags & DCACHE_DISCONNECTED))
833 goto kill_it;
834
835 if (unlikely(dentry->d_flags & DCACHE_OP_DELETE)) {
836 if (dentry->d_op->d_delete(dentry))
837 goto kill_it;
838 }
839
840 dentry_lru_add(dentry);
841
842 dentry->d_lockref.count--;
843 spin_unlock(&dentry->d_lock);
844 return;
845
846 kill_it:
847 dentry = dentry_kill(dentry);
848 if (dentry) {
849 cond_resched();
850 goto repeat;
851 }
852 }
853 EXPORT_SYMBOL(dput);
854
855
856 /* This must be called with d_lock held */
__dget_dlock(struct dentry * dentry)857 static inline void __dget_dlock(struct dentry *dentry)
858 {
859 dentry->d_lockref.count++;
860 }
861
__dget(struct dentry * dentry)862 static inline void __dget(struct dentry *dentry)
863 {
864 lockref_get(&dentry->d_lockref);
865 }
866
dget_parent(struct dentry * dentry)867 struct dentry *dget_parent(struct dentry *dentry)
868 {
869 int gotref;
870 struct dentry *ret;
871
872 /*
873 * Do optimistic parent lookup without any
874 * locking.
875 */
876 rcu_read_lock();
877 ret = ACCESS_ONCE(dentry->d_parent);
878 gotref = lockref_get_not_zero(&ret->d_lockref);
879 rcu_read_unlock();
880 if (likely(gotref)) {
881 if (likely(ret == ACCESS_ONCE(dentry->d_parent)))
882 return ret;
883 dput(ret);
884 }
885
886 repeat:
887 /*
888 * Don't need rcu_dereference because we re-check it was correct under
889 * the lock.
890 */
891 rcu_read_lock();
892 ret = dentry->d_parent;
893 spin_lock(&ret->d_lock);
894 if (unlikely(ret != dentry->d_parent)) {
895 spin_unlock(&ret->d_lock);
896 rcu_read_unlock();
897 goto repeat;
898 }
899 rcu_read_unlock();
900 BUG_ON(!ret->d_lockref.count);
901 ret->d_lockref.count++;
902 spin_unlock(&ret->d_lock);
903 return ret;
904 }
905 EXPORT_SYMBOL(dget_parent);
906
907 /**
908 * d_find_alias - grab a hashed alias of inode
909 * @inode: inode in question
910 *
911 * If inode has a hashed alias, or is a directory and has any alias,
912 * acquire the reference to alias and return it. Otherwise return NULL.
913 * Notice that if inode is a directory there can be only one alias and
914 * it can be unhashed only if it has no children, or if it is the root
915 * of a filesystem, or if the directory was renamed and d_revalidate
916 * was the first vfs operation to notice.
917 *
918 * If the inode has an IS_ROOT, DCACHE_DISCONNECTED alias, then prefer
919 * any other hashed alias over that one.
920 */
__d_find_alias(struct inode * inode)921 static struct dentry *__d_find_alias(struct inode *inode)
922 {
923 struct dentry *alias, *discon_alias;
924
925 again:
926 discon_alias = NULL;
927 hlist_for_each_entry(alias, &inode->i_dentry, d_u.d_alias) {
928 spin_lock(&alias->d_lock);
929 if (S_ISDIR(inode->i_mode) || !d_unhashed(alias)) {
930 if (IS_ROOT(alias) &&
931 (alias->d_flags & DCACHE_DISCONNECTED)) {
932 discon_alias = alias;
933 } else {
934 __dget_dlock(alias);
935 spin_unlock(&alias->d_lock);
936 return alias;
937 }
938 }
939 spin_unlock(&alias->d_lock);
940 }
941 if (discon_alias) {
942 alias = discon_alias;
943 spin_lock(&alias->d_lock);
944 if (S_ISDIR(inode->i_mode) || !d_unhashed(alias)) {
945 __dget_dlock(alias);
946 spin_unlock(&alias->d_lock);
947 return alias;
948 }
949 spin_unlock(&alias->d_lock);
950 goto again;
951 }
952 return NULL;
953 }
954
d_find_alias(struct inode * inode)955 struct dentry *d_find_alias(struct inode *inode)
956 {
957 struct dentry *de = NULL;
958
959 if (!hlist_empty(&inode->i_dentry)) {
960 spin_lock(&inode->i_lock);
961 de = __d_find_alias(inode);
962 spin_unlock(&inode->i_lock);
963 }
964 return de;
965 }
966 EXPORT_SYMBOL(d_find_alias);
967
968 /*
969 * Try to kill dentries associated with this inode.
970 * WARNING: you must own a reference to inode.
971 */
d_prune_aliases(struct inode * inode)972 void d_prune_aliases(struct inode *inode)
973 {
974 struct dentry *dentry;
975 restart:
976 spin_lock(&inode->i_lock);
977 hlist_for_each_entry(dentry, &inode->i_dentry, d_u.d_alias) {
978 spin_lock(&dentry->d_lock);
979 if (!dentry->d_lockref.count) {
980 struct dentry *parent = lock_parent(dentry);
981 if (likely(!dentry->d_lockref.count)) {
982 __dentry_kill(dentry);
983 dput(parent);
984 goto restart;
985 }
986 if (parent)
987 spin_unlock(&parent->d_lock);
988 }
989 spin_unlock(&dentry->d_lock);
990 }
991 spin_unlock(&inode->i_lock);
992 }
993 EXPORT_SYMBOL(d_prune_aliases);
994
shrink_dentry_list(struct list_head * list)995 static void shrink_dentry_list(struct list_head *list)
996 {
997 struct dentry *dentry, *parent;
998
999 while (!list_empty(list)) {
1000 struct inode *inode;
1001 dentry = list_entry(list->prev, struct dentry, d_lru);
1002 spin_lock(&dentry->d_lock);
1003 parent = lock_parent(dentry);
1004
1005 /*
1006 * The dispose list is isolated and dentries are not accounted
1007 * to the LRU here, so we can simply remove it from the list
1008 * here regardless of whether it is referenced or not.
1009 */
1010 d_shrink_del(dentry);
1011
1012 /*
1013 * We found an inuse dentry which was not removed from
1014 * the LRU because of laziness during lookup. Do not free it.
1015 */
1016 if (dentry->d_lockref.count > 0) {
1017 spin_unlock(&dentry->d_lock);
1018 if (parent)
1019 spin_unlock(&parent->d_lock);
1020 continue;
1021 }
1022
1023
1024 if (unlikely(dentry->d_flags & DCACHE_DENTRY_KILLED)) {
1025 bool can_free = dentry->d_flags & DCACHE_MAY_FREE;
1026 spin_unlock(&dentry->d_lock);
1027 if (parent)
1028 spin_unlock(&parent->d_lock);
1029 if (can_free)
1030 dentry_free(dentry);
1031 continue;
1032 }
1033
1034 inode = dentry->d_inode;
1035 if (inode && unlikely(!spin_trylock(&inode->i_lock))) {
1036 d_shrink_add(dentry, list);
1037 spin_unlock(&dentry->d_lock);
1038 if (parent)
1039 spin_unlock(&parent->d_lock);
1040 continue;
1041 }
1042
1043 __dentry_kill(dentry);
1044
1045 /*
1046 * We need to prune ancestors too. This is necessary to prevent
1047 * quadratic behavior of shrink_dcache_parent(), but is also
1048 * expected to be beneficial in reducing dentry cache
1049 * fragmentation.
1050 */
1051 dentry = parent;
1052 while (dentry && !lockref_put_or_lock(&dentry->d_lockref)) {
1053 parent = lock_parent(dentry);
1054 if (dentry->d_lockref.count != 1) {
1055 dentry->d_lockref.count--;
1056 spin_unlock(&dentry->d_lock);
1057 if (parent)
1058 spin_unlock(&parent->d_lock);
1059 break;
1060 }
1061 inode = dentry->d_inode; /* can't be NULL */
1062 if (unlikely(!spin_trylock(&inode->i_lock))) {
1063 spin_unlock(&dentry->d_lock);
1064 if (parent)
1065 spin_unlock(&parent->d_lock);
1066 cpu_relax();
1067 continue;
1068 }
1069 __dentry_kill(dentry);
1070 dentry = parent;
1071 }
1072 }
1073 }
1074
dentry_lru_isolate(struct list_head * item,struct list_lru_one * lru,spinlock_t * lru_lock,void * arg)1075 static enum lru_status dentry_lru_isolate(struct list_head *item,
1076 struct list_lru_one *lru, spinlock_t *lru_lock, void *arg)
1077 {
1078 struct list_head *freeable = arg;
1079 struct dentry *dentry = container_of(item, struct dentry, d_lru);
1080
1081
1082 /*
1083 * we are inverting the lru lock/dentry->d_lock here,
1084 * so use a trylock. If we fail to get the lock, just skip
1085 * it
1086 */
1087 if (!spin_trylock(&dentry->d_lock))
1088 return LRU_SKIP;
1089
1090 /*
1091 * Referenced dentries are still in use. If they have active
1092 * counts, just remove them from the LRU. Otherwise give them
1093 * another pass through the LRU.
1094 */
1095 if (dentry->d_lockref.count) {
1096 d_lru_isolate(lru, dentry);
1097 spin_unlock(&dentry->d_lock);
1098 return LRU_REMOVED;
1099 }
1100
1101 if (dentry->d_flags & DCACHE_REFERENCED) {
1102 dentry->d_flags &= ~DCACHE_REFERENCED;
1103 spin_unlock(&dentry->d_lock);
1104
1105 /*
1106 * The list move itself will be made by the common LRU code. At
1107 * this point, we've dropped the dentry->d_lock but keep the
1108 * lru lock. This is safe to do, since every list movement is
1109 * protected by the lru lock even if both locks are held.
1110 *
1111 * This is guaranteed by the fact that all LRU management
1112 * functions are intermediated by the LRU API calls like
1113 * list_lru_add and list_lru_del. List movement in this file
1114 * only ever occur through this functions or through callbacks
1115 * like this one, that are called from the LRU API.
1116 *
1117 * The only exceptions to this are functions like
1118 * shrink_dentry_list, and code that first checks for the
1119 * DCACHE_SHRINK_LIST flag. Those are guaranteed to be
1120 * operating only with stack provided lists after they are
1121 * properly isolated from the main list. It is thus, always a
1122 * local access.
1123 */
1124 return LRU_ROTATE;
1125 }
1126
1127 d_lru_shrink_move(lru, dentry, freeable);
1128 spin_unlock(&dentry->d_lock);
1129
1130 return LRU_REMOVED;
1131 }
1132
1133 /**
1134 * prune_dcache_sb - shrink the dcache
1135 * @sb: superblock
1136 * @sc: shrink control, passed to list_lru_shrink_walk()
1137 *
1138 * Attempt to shrink the superblock dcache LRU by @sc->nr_to_scan entries. This
1139 * is done when we need more memory and called from the superblock shrinker
1140 * function.
1141 *
1142 * This function may fail to free any resources if all the dentries are in
1143 * use.
1144 */
prune_dcache_sb(struct super_block * sb,struct shrink_control * sc)1145 long prune_dcache_sb(struct super_block *sb, struct shrink_control *sc)
1146 {
1147 LIST_HEAD(dispose);
1148 long freed;
1149
1150 freed = list_lru_shrink_walk(&sb->s_dentry_lru, sc,
1151 dentry_lru_isolate, &dispose);
1152 shrink_dentry_list(&dispose);
1153 return freed;
1154 }
1155
dentry_lru_isolate_shrink(struct list_head * item,struct list_lru_one * lru,spinlock_t * lru_lock,void * arg)1156 static enum lru_status dentry_lru_isolate_shrink(struct list_head *item,
1157 struct list_lru_one *lru, spinlock_t *lru_lock, void *arg)
1158 {
1159 struct list_head *freeable = arg;
1160 struct dentry *dentry = container_of(item, struct dentry, d_lru);
1161
1162 /*
1163 * we are inverting the lru lock/dentry->d_lock here,
1164 * so use a trylock. If we fail to get the lock, just skip
1165 * it
1166 */
1167 if (!spin_trylock(&dentry->d_lock))
1168 return LRU_SKIP;
1169
1170 d_lru_shrink_move(lru, dentry, freeable);
1171 spin_unlock(&dentry->d_lock);
1172
1173 return LRU_REMOVED;
1174 }
1175
1176
1177 /**
1178 * shrink_dcache_sb - shrink dcache for a superblock
1179 * @sb: superblock
1180 *
1181 * Shrink the dcache for the specified super block. This is used to free
1182 * the dcache before unmounting a file system.
1183 */
shrink_dcache_sb(struct super_block * sb)1184 void shrink_dcache_sb(struct super_block *sb)
1185 {
1186 do {
1187 LIST_HEAD(dispose);
1188
1189 list_lru_walk(&sb->s_dentry_lru,
1190 dentry_lru_isolate_shrink, &dispose, 1024);
1191 shrink_dentry_list(&dispose);
1192 cond_resched();
1193 } while (list_lru_count(&sb->s_dentry_lru) > 0);
1194 }
1195 EXPORT_SYMBOL(shrink_dcache_sb);
1196
1197 /**
1198 * enum d_walk_ret - action to talke during tree walk
1199 * @D_WALK_CONTINUE: contrinue walk
1200 * @D_WALK_QUIT: quit walk
1201 * @D_WALK_NORETRY: quit when retry is needed
1202 * @D_WALK_SKIP: skip this dentry and its children
1203 */
1204 enum d_walk_ret {
1205 D_WALK_CONTINUE,
1206 D_WALK_QUIT,
1207 D_WALK_NORETRY,
1208 D_WALK_SKIP,
1209 };
1210
1211 /**
1212 * d_walk - walk the dentry tree
1213 * @parent: start of walk
1214 * @data: data passed to @enter() and @finish()
1215 * @enter: callback when first entering the dentry
1216 * @finish: callback when successfully finished the walk
1217 *
1218 * The @enter() and @finish() callbacks are called with d_lock held.
1219 */
d_walk(struct dentry * parent,void * data,enum d_walk_ret (* enter)(void *,struct dentry *),void (* finish)(void *))1220 static void d_walk(struct dentry *parent, void *data,
1221 enum d_walk_ret (*enter)(void *, struct dentry *),
1222 void (*finish)(void *))
1223 {
1224 struct dentry *this_parent;
1225 struct list_head *next;
1226 unsigned seq = 0;
1227 enum d_walk_ret ret;
1228 bool retry = true;
1229
1230 again:
1231 read_seqbegin_or_lock(&rename_lock, &seq);
1232 this_parent = parent;
1233 spin_lock(&this_parent->d_lock);
1234
1235 ret = enter(data, this_parent);
1236 switch (ret) {
1237 case D_WALK_CONTINUE:
1238 break;
1239 case D_WALK_QUIT:
1240 case D_WALK_SKIP:
1241 goto out_unlock;
1242 case D_WALK_NORETRY:
1243 retry = false;
1244 break;
1245 }
1246 repeat:
1247 next = this_parent->d_subdirs.next;
1248 resume:
1249 while (next != &this_parent->d_subdirs) {
1250 struct list_head *tmp = next;
1251 struct dentry *dentry = list_entry(tmp, struct dentry, d_child);
1252 next = tmp->next;
1253
1254 if (unlikely(dentry->d_flags & DCACHE_DENTRY_CURSOR))
1255 continue;
1256
1257 spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED);
1258
1259 ret = enter(data, dentry);
1260 switch (ret) {
1261 case D_WALK_CONTINUE:
1262 break;
1263 case D_WALK_QUIT:
1264 spin_unlock(&dentry->d_lock);
1265 goto out_unlock;
1266 case D_WALK_NORETRY:
1267 retry = false;
1268 break;
1269 case D_WALK_SKIP:
1270 spin_unlock(&dentry->d_lock);
1271 continue;
1272 }
1273
1274 if (!list_empty(&dentry->d_subdirs)) {
1275 spin_unlock(&this_parent->d_lock);
1276 spin_release(&dentry->d_lock.dep_map, 1, _RET_IP_);
1277 this_parent = dentry;
1278 spin_acquire(&this_parent->d_lock.dep_map, 0, 1, _RET_IP_);
1279 goto repeat;
1280 }
1281 spin_unlock(&dentry->d_lock);
1282 }
1283 /*
1284 * All done at this level ... ascend and resume the search.
1285 */
1286 rcu_read_lock();
1287 ascend:
1288 if (this_parent != parent) {
1289 struct dentry *child = this_parent;
1290 this_parent = child->d_parent;
1291
1292 spin_unlock(&child->d_lock);
1293 spin_lock(&this_parent->d_lock);
1294
1295 /* might go back up the wrong parent if we have had a rename. */
1296 if (need_seqretry(&rename_lock, seq))
1297 goto rename_retry;
1298 /* go into the first sibling still alive */
1299 do {
1300 next = child->d_child.next;
1301 if (next == &this_parent->d_subdirs)
1302 goto ascend;
1303 child = list_entry(next, struct dentry, d_child);
1304 } while (unlikely(child->d_flags & DCACHE_DENTRY_KILLED));
1305 rcu_read_unlock();
1306 goto resume;
1307 }
1308 if (need_seqretry(&rename_lock, seq))
1309 goto rename_retry;
1310 rcu_read_unlock();
1311 if (finish)
1312 finish(data);
1313
1314 out_unlock:
1315 spin_unlock(&this_parent->d_lock);
1316 done_seqretry(&rename_lock, seq);
1317 return;
1318
1319 rename_retry:
1320 spin_unlock(&this_parent->d_lock);
1321 rcu_read_unlock();
1322 BUG_ON(seq & 1);
1323 if (!retry)
1324 return;
1325 seq = 1;
1326 goto again;
1327 }
1328
1329 struct check_mount {
1330 struct vfsmount *mnt;
1331 unsigned int mounted;
1332 };
1333
path_check_mount(void * data,struct dentry * dentry)1334 static enum d_walk_ret path_check_mount(void *data, struct dentry *dentry)
1335 {
1336 struct check_mount *info = data;
1337 struct path path = { .mnt = info->mnt, .dentry = dentry };
1338
1339 if (likely(!d_mountpoint(dentry)))
1340 return D_WALK_CONTINUE;
1341 if (__path_is_mountpoint(&path)) {
1342 info->mounted = 1;
1343 return D_WALK_QUIT;
1344 }
1345 return D_WALK_CONTINUE;
1346 }
1347
1348 /**
1349 * path_has_submounts - check for mounts over a dentry in the
1350 * current namespace.
1351 * @parent: path to check.
1352 *
1353 * Return true if the parent or its subdirectories contain
1354 * a mount point in the current namespace.
1355 */
path_has_submounts(const struct path * parent)1356 int path_has_submounts(const struct path *parent)
1357 {
1358 struct check_mount data = { .mnt = parent->mnt, .mounted = 0 };
1359
1360 read_seqlock_excl(&mount_lock);
1361 d_walk(parent->dentry, &data, path_check_mount, NULL);
1362 read_sequnlock_excl(&mount_lock);
1363
1364 return data.mounted;
1365 }
1366 EXPORT_SYMBOL(path_has_submounts);
1367
1368 /*
1369 * Called by mount code to set a mountpoint and check if the mountpoint is
1370 * reachable (e.g. NFS can unhash a directory dentry and then the complete
1371 * subtree can become unreachable).
1372 *
1373 * Only one of d_invalidate() and d_set_mounted() must succeed. For
1374 * this reason take rename_lock and d_lock on dentry and ancestors.
1375 */
d_set_mounted(struct dentry * dentry)1376 int d_set_mounted(struct dentry *dentry)
1377 {
1378 struct dentry *p;
1379 int ret = -ENOENT;
1380 write_seqlock(&rename_lock);
1381 for (p = dentry->d_parent; !IS_ROOT(p); p = p->d_parent) {
1382 /* Need exclusion wrt. d_invalidate() */
1383 spin_lock(&p->d_lock);
1384 if (unlikely(d_unhashed(p))) {
1385 spin_unlock(&p->d_lock);
1386 goto out;
1387 }
1388 spin_unlock(&p->d_lock);
1389 }
1390 spin_lock(&dentry->d_lock);
1391 if (!d_unlinked(dentry)) {
1392 ret = -EBUSY;
1393 if (!d_mountpoint(dentry)) {
1394 dentry->d_flags |= DCACHE_MOUNTED;
1395 ret = 0;
1396 }
1397 }
1398 spin_unlock(&dentry->d_lock);
1399 out:
1400 write_sequnlock(&rename_lock);
1401 return ret;
1402 }
1403
1404 /*
1405 * Search the dentry child list of the specified parent,
1406 * and move any unused dentries to the end of the unused
1407 * list for prune_dcache(). We descend to the next level
1408 * whenever the d_subdirs list is non-empty and continue
1409 * searching.
1410 *
1411 * It returns zero iff there are no unused children,
1412 * otherwise it returns the number of children moved to
1413 * the end of the unused list. This may not be the total
1414 * number of unused children, because select_parent can
1415 * drop the lock and return early due to latency
1416 * constraints.
1417 */
1418
1419 struct select_data {
1420 struct dentry *start;
1421 struct list_head dispose;
1422 int found;
1423 };
1424
select_collect(void * _data,struct dentry * dentry)1425 static enum d_walk_ret select_collect(void *_data, struct dentry *dentry)
1426 {
1427 struct select_data *data = _data;
1428 enum d_walk_ret ret = D_WALK_CONTINUE;
1429
1430 if (data->start == dentry)
1431 goto out;
1432
1433 if (dentry->d_flags & DCACHE_SHRINK_LIST) {
1434 data->found++;
1435 } else {
1436 if (dentry->d_flags & DCACHE_LRU_LIST)
1437 d_lru_del(dentry);
1438 if (!dentry->d_lockref.count) {
1439 d_shrink_add(dentry, &data->dispose);
1440 data->found++;
1441 }
1442 }
1443 /*
1444 * We can return to the caller if we have found some (this
1445 * ensures forward progress). We'll be coming back to find
1446 * the rest.
1447 */
1448 if (!list_empty(&data->dispose))
1449 ret = need_resched() ? D_WALK_QUIT : D_WALK_NORETRY;
1450 out:
1451 return ret;
1452 }
1453
1454 /**
1455 * shrink_dcache_parent - prune dcache
1456 * @parent: parent of entries to prune
1457 *
1458 * Prune the dcache to remove unused children of the parent dentry.
1459 */
shrink_dcache_parent(struct dentry * parent)1460 void shrink_dcache_parent(struct dentry *parent)
1461 {
1462 for (;;) {
1463 struct select_data data;
1464
1465 INIT_LIST_HEAD(&data.dispose);
1466 data.start = parent;
1467 data.found = 0;
1468
1469 d_walk(parent, &data, select_collect, NULL);
1470 if (!data.found)
1471 break;
1472
1473 shrink_dentry_list(&data.dispose);
1474 cond_resched();
1475 }
1476 }
1477 EXPORT_SYMBOL(shrink_dcache_parent);
1478
umount_check(void * _data,struct dentry * dentry)1479 static enum d_walk_ret umount_check(void *_data, struct dentry *dentry)
1480 {
1481 /* it has busy descendents; complain about those instead */
1482 if (!list_empty(&dentry->d_subdirs))
1483 return D_WALK_CONTINUE;
1484
1485 /* root with refcount 1 is fine */
1486 if (dentry == _data && dentry->d_lockref.count == 1)
1487 return D_WALK_CONTINUE;
1488
1489 printk(KERN_ERR "BUG: Dentry %p{i=%lx,n=%pd} "
1490 " still in use (%d) [unmount of %s %s]\n",
1491 dentry,
1492 dentry->d_inode ?
1493 dentry->d_inode->i_ino : 0UL,
1494 dentry,
1495 dentry->d_lockref.count,
1496 dentry->d_sb->s_type->name,
1497 dentry->d_sb->s_id);
1498 WARN_ON(1);
1499 return D_WALK_CONTINUE;
1500 }
1501
do_one_tree(struct dentry * dentry)1502 static void do_one_tree(struct dentry *dentry)
1503 {
1504 shrink_dcache_parent(dentry);
1505 d_walk(dentry, dentry, umount_check, NULL);
1506 d_drop(dentry);
1507 dput(dentry);
1508 }
1509
1510 /*
1511 * destroy the dentries attached to a superblock on unmounting
1512 */
shrink_dcache_for_umount(struct super_block * sb)1513 void shrink_dcache_for_umount(struct super_block *sb)
1514 {
1515 struct dentry *dentry;
1516
1517 WARN(down_read_trylock(&sb->s_umount), "s_umount should've been locked");
1518
1519 dentry = sb->s_root;
1520 sb->s_root = NULL;
1521 do_one_tree(dentry);
1522
1523 while (!hlist_bl_empty(&sb->s_anon)) {
1524 dentry = dget(hlist_bl_entry(hlist_bl_first(&sb->s_anon), struct dentry, d_hash));
1525 do_one_tree(dentry);
1526 }
1527 }
1528
1529 struct detach_data {
1530 struct select_data select;
1531 struct dentry *mountpoint;
1532 };
detach_and_collect(void * _data,struct dentry * dentry)1533 static enum d_walk_ret detach_and_collect(void *_data, struct dentry *dentry)
1534 {
1535 struct detach_data *data = _data;
1536
1537 if (d_mountpoint(dentry)) {
1538 __dget_dlock(dentry);
1539 data->mountpoint = dentry;
1540 return D_WALK_QUIT;
1541 }
1542
1543 return select_collect(&data->select, dentry);
1544 }
1545
check_and_drop(void * _data)1546 static void check_and_drop(void *_data)
1547 {
1548 struct detach_data *data = _data;
1549
1550 if (!data->mountpoint && list_empty(&data->select.dispose))
1551 __d_drop(data->select.start);
1552 }
1553
1554 /**
1555 * d_invalidate - detach submounts, prune dcache, and drop
1556 * @dentry: dentry to invalidate (aka detach, prune and drop)
1557 *
1558 * no dcache lock.
1559 *
1560 * The final d_drop is done as an atomic operation relative to
1561 * rename_lock ensuring there are no races with d_set_mounted. This
1562 * ensures there are no unhashed dentries on the path to a mountpoint.
1563 */
d_invalidate(struct dentry * dentry)1564 void d_invalidate(struct dentry *dentry)
1565 {
1566 /*
1567 * If it's already been dropped, return OK.
1568 */
1569 spin_lock(&dentry->d_lock);
1570 if (d_unhashed(dentry)) {
1571 spin_unlock(&dentry->d_lock);
1572 return;
1573 }
1574 spin_unlock(&dentry->d_lock);
1575
1576 /* Negative dentries can be dropped without further checks */
1577 if (!dentry->d_inode) {
1578 d_drop(dentry);
1579 return;
1580 }
1581
1582 for (;;) {
1583 struct detach_data data;
1584
1585 data.mountpoint = NULL;
1586 INIT_LIST_HEAD(&data.select.dispose);
1587 data.select.start = dentry;
1588 data.select.found = 0;
1589
1590 d_walk(dentry, &data, detach_and_collect, check_and_drop);
1591
1592 if (!list_empty(&data.select.dispose))
1593 shrink_dentry_list(&data.select.dispose);
1594 else if (!data.mountpoint)
1595 return;
1596
1597 if (data.mountpoint) {
1598 detach_mounts(data.mountpoint);
1599 dput(data.mountpoint);
1600 }
1601 cond_resched();
1602 }
1603 }
1604 EXPORT_SYMBOL(d_invalidate);
1605
1606 /**
1607 * __d_alloc - allocate a dcache entry
1608 * @sb: filesystem it will belong to
1609 * @name: qstr of the name
1610 *
1611 * Allocates a dentry. It returns %NULL if there is insufficient memory
1612 * available. On a success the dentry is returned. The name passed in is
1613 * copied and the copy passed in may be reused after this call.
1614 */
1615
__d_alloc(struct super_block * sb,const struct qstr * name)1616 struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name)
1617 {
1618 struct external_name *ext = NULL;
1619 struct dentry *dentry;
1620 char *dname;
1621 int err;
1622
1623 dentry = kmem_cache_alloc(dentry_cache, GFP_KERNEL);
1624 if (!dentry)
1625 return NULL;
1626
1627 /*
1628 * We guarantee that the inline name is always NUL-terminated.
1629 * This way the memcpy() done by the name switching in rename
1630 * will still always have a NUL at the end, even if we might
1631 * be overwriting an internal NUL character
1632 */
1633 dentry->d_iname[DNAME_INLINE_LEN-1] = 0;
1634 if (unlikely(!name)) {
1635 name = &slash_name;
1636 dname = dentry->d_iname;
1637 } else if (name->len > DNAME_INLINE_LEN-1) {
1638 size_t size = offsetof(struct external_name, name[1]);
1639 ext = kmalloc(size + name->len, GFP_KERNEL_ACCOUNT);
1640 if (!ext) {
1641 kmem_cache_free(dentry_cache, dentry);
1642 return NULL;
1643 }
1644 atomic_set(&ext->u.count, 1);
1645 dname = ext->name;
1646 if (IS_ENABLED(CONFIG_DCACHE_WORD_ACCESS))
1647 kasan_unpoison_shadow(dname,
1648 round_up(name->len + 1, sizeof(unsigned long)));
1649 } else {
1650 dname = dentry->d_iname;
1651 }
1652
1653 dentry->d_name.len = name->len;
1654 dentry->d_name.hash = name->hash;
1655 memcpy(dname, name->name, name->len);
1656 dname[name->len] = 0;
1657
1658 /* Make sure we always see the terminating NUL character */
1659 smp_wmb();
1660 dentry->d_name.name = dname;
1661
1662 dentry->d_lockref.count = 1;
1663 dentry->d_flags = 0;
1664 spin_lock_init(&dentry->d_lock);
1665 seqcount_init(&dentry->d_seq);
1666 dentry->d_inode = NULL;
1667 dentry->d_parent = dentry;
1668 dentry->d_sb = sb;
1669 dentry->d_op = NULL;
1670 dentry->d_fsdata = NULL;
1671 INIT_HLIST_BL_NODE(&dentry->d_hash);
1672 INIT_LIST_HEAD(&dentry->d_lru);
1673 INIT_LIST_HEAD(&dentry->d_subdirs);
1674 INIT_HLIST_NODE(&dentry->d_u.d_alias);
1675 INIT_LIST_HEAD(&dentry->d_child);
1676 d_set_d_op(dentry, dentry->d_sb->s_d_op);
1677
1678 if (dentry->d_op && dentry->d_op->d_init) {
1679 err = dentry->d_op->d_init(dentry);
1680 if (err) {
1681 if (dname_external(dentry))
1682 kfree(external_name(dentry));
1683 kmem_cache_free(dentry_cache, dentry);
1684 return NULL;
1685 }
1686 }
1687
1688 if (unlikely(ext)) {
1689 pg_data_t *pgdat = page_pgdat(virt_to_page(ext));
1690 mod_node_page_state(pgdat, NR_INDIRECTLY_RECLAIMABLE_BYTES,
1691 ksize(ext));
1692 }
1693
1694 this_cpu_inc(nr_dentry);
1695
1696 return dentry;
1697 }
1698
1699 /**
1700 * d_alloc - allocate a dcache entry
1701 * @parent: parent of entry to allocate
1702 * @name: qstr of the name
1703 *
1704 * Allocates a dentry. It returns %NULL if there is insufficient memory
1705 * available. On a success the dentry is returned. The name passed in is
1706 * copied and the copy passed in may be reused after this call.
1707 */
d_alloc(struct dentry * parent,const struct qstr * name)1708 struct dentry *d_alloc(struct dentry * parent, const struct qstr *name)
1709 {
1710 struct dentry *dentry = __d_alloc(parent->d_sb, name);
1711 if (!dentry)
1712 return NULL;
1713 dentry->d_flags |= DCACHE_RCUACCESS;
1714 spin_lock(&parent->d_lock);
1715 /*
1716 * don't need child lock because it is not subject
1717 * to concurrency here
1718 */
1719 __dget_dlock(parent);
1720 dentry->d_parent = parent;
1721 list_add(&dentry->d_child, &parent->d_subdirs);
1722 spin_unlock(&parent->d_lock);
1723
1724 return dentry;
1725 }
1726 EXPORT_SYMBOL(d_alloc);
1727
d_alloc_cursor(struct dentry * parent)1728 struct dentry *d_alloc_cursor(struct dentry * parent)
1729 {
1730 struct dentry *dentry = __d_alloc(parent->d_sb, NULL);
1731 if (dentry) {
1732 dentry->d_flags |= DCACHE_RCUACCESS | DCACHE_DENTRY_CURSOR;
1733 dentry->d_parent = dget(parent);
1734 }
1735 return dentry;
1736 }
1737
1738 /**
1739 * d_alloc_pseudo - allocate a dentry (for lookup-less filesystems)
1740 * @sb: the superblock
1741 * @name: qstr of the name
1742 *
1743 * For a filesystem that just pins its dentries in memory and never
1744 * performs lookups at all, return an unhashed IS_ROOT dentry.
1745 */
d_alloc_pseudo(struct super_block * sb,const struct qstr * name)1746 struct dentry *d_alloc_pseudo(struct super_block *sb, const struct qstr *name)
1747 {
1748 return __d_alloc(sb, name);
1749 }
1750 EXPORT_SYMBOL(d_alloc_pseudo);
1751
d_alloc_name(struct dentry * parent,const char * name)1752 struct dentry *d_alloc_name(struct dentry *parent, const char *name)
1753 {
1754 struct qstr q;
1755
1756 q.name = name;
1757 q.hash_len = hashlen_string(parent, name);
1758 return d_alloc(parent, &q);
1759 }
1760 EXPORT_SYMBOL(d_alloc_name);
1761
d_set_d_op(struct dentry * dentry,const struct dentry_operations * op)1762 void d_set_d_op(struct dentry *dentry, const struct dentry_operations *op)
1763 {
1764 WARN_ON_ONCE(dentry->d_op);
1765 WARN_ON_ONCE(dentry->d_flags & (DCACHE_OP_HASH |
1766 DCACHE_OP_COMPARE |
1767 DCACHE_OP_REVALIDATE |
1768 DCACHE_OP_WEAK_REVALIDATE |
1769 DCACHE_OP_DELETE |
1770 DCACHE_OP_REAL));
1771 dentry->d_op = op;
1772 if (!op)
1773 return;
1774 if (op->d_hash)
1775 dentry->d_flags |= DCACHE_OP_HASH;
1776 if (op->d_compare)
1777 dentry->d_flags |= DCACHE_OP_COMPARE;
1778 if (op->d_revalidate)
1779 dentry->d_flags |= DCACHE_OP_REVALIDATE;
1780 if (op->d_weak_revalidate)
1781 dentry->d_flags |= DCACHE_OP_WEAK_REVALIDATE;
1782 if (op->d_delete)
1783 dentry->d_flags |= DCACHE_OP_DELETE;
1784 if (op->d_prune)
1785 dentry->d_flags |= DCACHE_OP_PRUNE;
1786 if (op->d_real)
1787 dentry->d_flags |= DCACHE_OP_REAL;
1788
1789 }
1790 EXPORT_SYMBOL(d_set_d_op);
1791
1792
1793 /*
1794 * d_set_fallthru - Mark a dentry as falling through to a lower layer
1795 * @dentry - The dentry to mark
1796 *
1797 * Mark a dentry as falling through to the lower layer (as set with
1798 * d_pin_lower()). This flag may be recorded on the medium.
1799 */
d_set_fallthru(struct dentry * dentry)1800 void d_set_fallthru(struct dentry *dentry)
1801 {
1802 spin_lock(&dentry->d_lock);
1803 dentry->d_flags |= DCACHE_FALLTHRU;
1804 spin_unlock(&dentry->d_lock);
1805 }
1806 EXPORT_SYMBOL(d_set_fallthru);
1807
d_flags_for_inode(struct inode * inode)1808 static unsigned d_flags_for_inode(struct inode *inode)
1809 {
1810 unsigned add_flags = DCACHE_REGULAR_TYPE;
1811
1812 if (!inode)
1813 return DCACHE_MISS_TYPE;
1814
1815 if (S_ISDIR(inode->i_mode)) {
1816 add_flags = DCACHE_DIRECTORY_TYPE;
1817 if (unlikely(!(inode->i_opflags & IOP_LOOKUP))) {
1818 if (unlikely(!inode->i_op->lookup))
1819 add_flags = DCACHE_AUTODIR_TYPE;
1820 else
1821 inode->i_opflags |= IOP_LOOKUP;
1822 }
1823 goto type_determined;
1824 }
1825
1826 if (unlikely(!(inode->i_opflags & IOP_NOFOLLOW))) {
1827 if (unlikely(inode->i_op->get_link)) {
1828 add_flags = DCACHE_SYMLINK_TYPE;
1829 goto type_determined;
1830 }
1831 inode->i_opflags |= IOP_NOFOLLOW;
1832 }
1833
1834 if (unlikely(!S_ISREG(inode->i_mode)))
1835 add_flags = DCACHE_SPECIAL_TYPE;
1836
1837 type_determined:
1838 if (unlikely(IS_AUTOMOUNT(inode)))
1839 add_flags |= DCACHE_NEED_AUTOMOUNT;
1840 return add_flags;
1841 }
1842
__d_instantiate(struct dentry * dentry,struct inode * inode)1843 static void __d_instantiate(struct dentry *dentry, struct inode *inode)
1844 {
1845 unsigned add_flags = d_flags_for_inode(inode);
1846 WARN_ON(d_in_lookup(dentry));
1847
1848 spin_lock(&dentry->d_lock);
1849 hlist_add_head(&dentry->d_u.d_alias, &inode->i_dentry);
1850 raw_write_seqcount_begin(&dentry->d_seq);
1851 __d_set_inode_and_type(dentry, inode, add_flags);
1852 raw_write_seqcount_end(&dentry->d_seq);
1853 fsnotify_update_flags(dentry);
1854 spin_unlock(&dentry->d_lock);
1855 }
1856
1857 /**
1858 * d_instantiate - fill in inode information for a dentry
1859 * @entry: dentry to complete
1860 * @inode: inode to attach to this dentry
1861 *
1862 * Fill in inode information in the entry.
1863 *
1864 * This turns negative dentries into productive full members
1865 * of society.
1866 *
1867 * NOTE! This assumes that the inode count has been incremented
1868 * (or otherwise set) by the caller to indicate that it is now
1869 * in use by the dcache.
1870 */
1871
d_instantiate(struct dentry * entry,struct inode * inode)1872 void d_instantiate(struct dentry *entry, struct inode * inode)
1873 {
1874 BUG_ON(!hlist_unhashed(&entry->d_u.d_alias));
1875 if (inode) {
1876 security_d_instantiate(entry, inode);
1877 spin_lock(&inode->i_lock);
1878 __d_instantiate(entry, inode);
1879 spin_unlock(&inode->i_lock);
1880 }
1881 }
1882 EXPORT_SYMBOL(d_instantiate);
1883
1884 /*
1885 * This should be equivalent to d_instantiate() + unlock_new_inode(),
1886 * with lockdep-related part of unlock_new_inode() done before
1887 * anything else. Use that instead of open-coding d_instantiate()/
1888 * unlock_new_inode() combinations.
1889 */
d_instantiate_new(struct dentry * entry,struct inode * inode)1890 void d_instantiate_new(struct dentry *entry, struct inode *inode)
1891 {
1892 BUG_ON(!hlist_unhashed(&entry->d_u.d_alias));
1893 BUG_ON(!inode);
1894 lockdep_annotate_inode_mutex_key(inode);
1895 security_d_instantiate(entry, inode);
1896 spin_lock(&inode->i_lock);
1897 __d_instantiate(entry, inode);
1898 WARN_ON(!(inode->i_state & I_NEW));
1899 inode->i_state &= ~I_NEW;
1900 smp_mb();
1901 wake_up_bit(&inode->i_state, __I_NEW);
1902 spin_unlock(&inode->i_lock);
1903 }
1904 EXPORT_SYMBOL(d_instantiate_new);
1905
1906 /**
1907 * d_instantiate_no_diralias - instantiate a non-aliased dentry
1908 * @entry: dentry to complete
1909 * @inode: inode to attach to this dentry
1910 *
1911 * Fill in inode information in the entry. If a directory alias is found, then
1912 * return an error (and drop inode). Together with d_materialise_unique() this
1913 * guarantees that a directory inode may never have more than one alias.
1914 */
d_instantiate_no_diralias(struct dentry * entry,struct inode * inode)1915 int d_instantiate_no_diralias(struct dentry *entry, struct inode *inode)
1916 {
1917 BUG_ON(!hlist_unhashed(&entry->d_u.d_alias));
1918
1919 security_d_instantiate(entry, inode);
1920 spin_lock(&inode->i_lock);
1921 if (S_ISDIR(inode->i_mode) && !hlist_empty(&inode->i_dentry)) {
1922 spin_unlock(&inode->i_lock);
1923 iput(inode);
1924 return -EBUSY;
1925 }
1926 __d_instantiate(entry, inode);
1927 spin_unlock(&inode->i_lock);
1928
1929 return 0;
1930 }
1931 EXPORT_SYMBOL(d_instantiate_no_diralias);
1932
d_make_root(struct inode * root_inode)1933 struct dentry *d_make_root(struct inode *root_inode)
1934 {
1935 struct dentry *res = NULL;
1936
1937 if (root_inode) {
1938 res = __d_alloc(root_inode->i_sb, NULL);
1939 if (res) {
1940 res->d_flags |= DCACHE_RCUACCESS;
1941 d_instantiate(res, root_inode);
1942 } else {
1943 iput(root_inode);
1944 }
1945 }
1946 return res;
1947 }
1948 EXPORT_SYMBOL(d_make_root);
1949
__d_find_any_alias(struct inode * inode)1950 static struct dentry * __d_find_any_alias(struct inode *inode)
1951 {
1952 struct dentry *alias;
1953
1954 if (hlist_empty(&inode->i_dentry))
1955 return NULL;
1956 alias = hlist_entry(inode->i_dentry.first, struct dentry, d_u.d_alias);
1957 __dget(alias);
1958 return alias;
1959 }
1960
1961 /**
1962 * d_find_any_alias - find any alias for a given inode
1963 * @inode: inode to find an alias for
1964 *
1965 * If any aliases exist for the given inode, take and return a
1966 * reference for one of them. If no aliases exist, return %NULL.
1967 */
d_find_any_alias(struct inode * inode)1968 struct dentry *d_find_any_alias(struct inode *inode)
1969 {
1970 struct dentry *de;
1971
1972 spin_lock(&inode->i_lock);
1973 de = __d_find_any_alias(inode);
1974 spin_unlock(&inode->i_lock);
1975 return de;
1976 }
1977 EXPORT_SYMBOL(d_find_any_alias);
1978
__d_obtain_alias(struct inode * inode,int disconnected)1979 static struct dentry *__d_obtain_alias(struct inode *inode, int disconnected)
1980 {
1981 struct dentry *tmp;
1982 struct dentry *res;
1983 unsigned add_flags;
1984
1985 if (!inode)
1986 return ERR_PTR(-ESTALE);
1987 if (IS_ERR(inode))
1988 return ERR_CAST(inode);
1989
1990 res = d_find_any_alias(inode);
1991 if (res)
1992 goto out_iput;
1993
1994 tmp = __d_alloc(inode->i_sb, NULL);
1995 if (!tmp) {
1996 res = ERR_PTR(-ENOMEM);
1997 goto out_iput;
1998 }
1999
2000 security_d_instantiate(tmp, inode);
2001 spin_lock(&inode->i_lock);
2002 res = __d_find_any_alias(inode);
2003 if (res) {
2004 spin_unlock(&inode->i_lock);
2005 dput(tmp);
2006 goto out_iput;
2007 }
2008
2009 /* attach a disconnected dentry */
2010 add_flags = d_flags_for_inode(inode);
2011
2012 if (disconnected)
2013 add_flags |= DCACHE_DISCONNECTED;
2014
2015 spin_lock(&tmp->d_lock);
2016 __d_set_inode_and_type(tmp, inode, add_flags);
2017 hlist_add_head(&tmp->d_u.d_alias, &inode->i_dentry);
2018 hlist_bl_lock(&tmp->d_sb->s_anon);
2019 hlist_bl_add_head(&tmp->d_hash, &tmp->d_sb->s_anon);
2020 hlist_bl_unlock(&tmp->d_sb->s_anon);
2021 spin_unlock(&tmp->d_lock);
2022 spin_unlock(&inode->i_lock);
2023
2024 return tmp;
2025
2026 out_iput:
2027 iput(inode);
2028 return res;
2029 }
2030
2031 /**
2032 * d_obtain_alias - find or allocate a DISCONNECTED dentry for a given inode
2033 * @inode: inode to allocate the dentry for
2034 *
2035 * Obtain a dentry for an inode resulting from NFS filehandle conversion or
2036 * similar open by handle operations. The returned dentry may be anonymous,
2037 * or may have a full name (if the inode was already in the cache).
2038 *
2039 * When called on a directory inode, we must ensure that the inode only ever
2040 * has one dentry. If a dentry is found, that is returned instead of
2041 * allocating a new one.
2042 *
2043 * On successful return, the reference to the inode has been transferred
2044 * to the dentry. In case of an error the reference on the inode is released.
2045 * To make it easier to use in export operations a %NULL or IS_ERR inode may
2046 * be passed in and the error will be propagated to the return value,
2047 * with a %NULL @inode replaced by ERR_PTR(-ESTALE).
2048 */
d_obtain_alias(struct inode * inode)2049 struct dentry *d_obtain_alias(struct inode *inode)
2050 {
2051 return __d_obtain_alias(inode, 1);
2052 }
2053 EXPORT_SYMBOL(d_obtain_alias);
2054
2055 /**
2056 * d_obtain_root - find or allocate a dentry for a given inode
2057 * @inode: inode to allocate the dentry for
2058 *
2059 * Obtain an IS_ROOT dentry for the root of a filesystem.
2060 *
2061 * We must ensure that directory inodes only ever have one dentry. If a
2062 * dentry is found, that is returned instead of allocating a new one.
2063 *
2064 * On successful return, the reference to the inode has been transferred
2065 * to the dentry. In case of an error the reference on the inode is
2066 * released. A %NULL or IS_ERR inode may be passed in and will be the
2067 * error will be propagate to the return value, with a %NULL @inode
2068 * replaced by ERR_PTR(-ESTALE).
2069 */
d_obtain_root(struct inode * inode)2070 struct dentry *d_obtain_root(struct inode *inode)
2071 {
2072 return __d_obtain_alias(inode, 0);
2073 }
2074 EXPORT_SYMBOL(d_obtain_root);
2075
2076 /**
2077 * d_add_ci - lookup or allocate new dentry with case-exact name
2078 * @inode: the inode case-insensitive lookup has found
2079 * @dentry: the negative dentry that was passed to the parent's lookup func
2080 * @name: the case-exact name to be associated with the returned dentry
2081 *
2082 * This is to avoid filling the dcache with case-insensitive names to the
2083 * same inode, only the actual correct case is stored in the dcache for
2084 * case-insensitive filesystems.
2085 *
2086 * For a case-insensitive lookup match and if the the case-exact dentry
2087 * already exists in in the dcache, use it and return it.
2088 *
2089 * If no entry exists with the exact case name, allocate new dentry with
2090 * the exact case, and return the spliced entry.
2091 */
d_add_ci(struct dentry * dentry,struct inode * inode,struct qstr * name)2092 struct dentry *d_add_ci(struct dentry *dentry, struct inode *inode,
2093 struct qstr *name)
2094 {
2095 struct dentry *found, *res;
2096
2097 /*
2098 * First check if a dentry matching the name already exists,
2099 * if not go ahead and create it now.
2100 */
2101 found = d_hash_and_lookup(dentry->d_parent, name);
2102 if (found) {
2103 iput(inode);
2104 return found;
2105 }
2106 if (d_in_lookup(dentry)) {
2107 found = d_alloc_parallel(dentry->d_parent, name,
2108 dentry->d_wait);
2109 if (IS_ERR(found) || !d_in_lookup(found)) {
2110 iput(inode);
2111 return found;
2112 }
2113 } else {
2114 found = d_alloc(dentry->d_parent, name);
2115 if (!found) {
2116 iput(inode);
2117 return ERR_PTR(-ENOMEM);
2118 }
2119 }
2120 res = d_splice_alias(inode, found);
2121 if (res) {
2122 dput(found);
2123 return res;
2124 }
2125 return found;
2126 }
2127 EXPORT_SYMBOL(d_add_ci);
2128
2129
d_same_name(const struct dentry * dentry,const struct dentry * parent,const struct qstr * name)2130 static inline bool d_same_name(const struct dentry *dentry,
2131 const struct dentry *parent,
2132 const struct qstr *name)
2133 {
2134 if (likely(!(parent->d_flags & DCACHE_OP_COMPARE))) {
2135 if (dentry->d_name.len != name->len)
2136 return false;
2137 return dentry_cmp(dentry, name->name, name->len) == 0;
2138 }
2139 return parent->d_op->d_compare(dentry,
2140 dentry->d_name.len, dentry->d_name.name,
2141 name) == 0;
2142 }
2143
2144 /**
2145 * __d_lookup_rcu - search for a dentry (racy, store-free)
2146 * @parent: parent dentry
2147 * @name: qstr of name we wish to find
2148 * @seqp: returns d_seq value at the point where the dentry was found
2149 * Returns: dentry, or NULL
2150 *
2151 * __d_lookup_rcu is the dcache lookup function for rcu-walk name
2152 * resolution (store-free path walking) design described in
2153 * Documentation/filesystems/path-lookup.txt.
2154 *
2155 * This is not to be used outside core vfs.
2156 *
2157 * __d_lookup_rcu must only be used in rcu-walk mode, ie. with vfsmount lock
2158 * held, and rcu_read_lock held. The returned dentry must not be stored into
2159 * without taking d_lock and checking d_seq sequence count against @seq
2160 * returned here.
2161 *
2162 * A refcount may be taken on the found dentry with the d_rcu_to_refcount
2163 * function.
2164 *
2165 * Alternatively, __d_lookup_rcu may be called again to look up the child of
2166 * the returned dentry, so long as its parent's seqlock is checked after the
2167 * child is looked up. Thus, an interlocking stepping of sequence lock checks
2168 * is formed, giving integrity down the path walk.
2169 *
2170 * NOTE! The caller *has* to check the resulting dentry against the sequence
2171 * number we've returned before using any of the resulting dentry state!
2172 */
__d_lookup_rcu(const struct dentry * parent,const struct qstr * name,unsigned * seqp)2173 struct dentry *__d_lookup_rcu(const struct dentry *parent,
2174 const struct qstr *name,
2175 unsigned *seqp)
2176 {
2177 u64 hashlen = name->hash_len;
2178 const unsigned char *str = name->name;
2179 struct hlist_bl_head *b = d_hash(hashlen_hash(hashlen));
2180 struct hlist_bl_node *node;
2181 struct dentry *dentry;
2182
2183 /*
2184 * Note: There is significant duplication with __d_lookup_rcu which is
2185 * required to prevent single threaded performance regressions
2186 * especially on architectures where smp_rmb (in seqcounts) are costly.
2187 * Keep the two functions in sync.
2188 */
2189
2190 /*
2191 * The hash list is protected using RCU.
2192 *
2193 * Carefully use d_seq when comparing a candidate dentry, to avoid
2194 * races with d_move().
2195 *
2196 * It is possible that concurrent renames can mess up our list
2197 * walk here and result in missing our dentry, resulting in the
2198 * false-negative result. d_lookup() protects against concurrent
2199 * renames using rename_lock seqlock.
2200 *
2201 * See Documentation/filesystems/path-lookup.txt for more details.
2202 */
2203 hlist_bl_for_each_entry_rcu(dentry, node, b, d_hash) {
2204 unsigned seq;
2205
2206 seqretry:
2207 /*
2208 * The dentry sequence count protects us from concurrent
2209 * renames, and thus protects parent and name fields.
2210 *
2211 * The caller must perform a seqcount check in order
2212 * to do anything useful with the returned dentry.
2213 *
2214 * NOTE! We do a "raw" seqcount_begin here. That means that
2215 * we don't wait for the sequence count to stabilize if it
2216 * is in the middle of a sequence change. If we do the slow
2217 * dentry compare, we will do seqretries until it is stable,
2218 * and if we end up with a successful lookup, we actually
2219 * want to exit RCU lookup anyway.
2220 *
2221 * Note that raw_seqcount_begin still *does* smp_rmb(), so
2222 * we are still guaranteed NUL-termination of ->d_name.name.
2223 */
2224 seq = raw_seqcount_begin(&dentry->d_seq);
2225 if (dentry->d_parent != parent)
2226 continue;
2227 if (d_unhashed(dentry))
2228 continue;
2229
2230 if (unlikely(parent->d_flags & DCACHE_OP_COMPARE)) {
2231 int tlen;
2232 const char *tname;
2233 if (dentry->d_name.hash != hashlen_hash(hashlen))
2234 continue;
2235 tlen = dentry->d_name.len;
2236 tname = dentry->d_name.name;
2237 /* we want a consistent (name,len) pair */
2238 if (read_seqcount_retry(&dentry->d_seq, seq)) {
2239 cpu_relax();
2240 goto seqretry;
2241 }
2242 if (parent->d_op->d_compare(dentry,
2243 tlen, tname, name) != 0)
2244 continue;
2245 } else {
2246 if (dentry->d_name.hash_len != hashlen)
2247 continue;
2248 if (dentry_cmp(dentry, str, hashlen_len(hashlen)) != 0)
2249 continue;
2250 }
2251 *seqp = seq;
2252 return dentry;
2253 }
2254 return NULL;
2255 }
2256
2257 /**
2258 * d_lookup - search for a dentry
2259 * @parent: parent dentry
2260 * @name: qstr of name we wish to find
2261 * Returns: dentry, or NULL
2262 *
2263 * d_lookup searches the children of the parent dentry for the name in
2264 * question. If the dentry is found its reference count is incremented and the
2265 * dentry is returned. The caller must use dput to free the entry when it has
2266 * finished using it. %NULL is returned if the dentry does not exist.
2267 */
d_lookup(const struct dentry * parent,const struct qstr * name)2268 struct dentry *d_lookup(const struct dentry *parent, const struct qstr *name)
2269 {
2270 struct dentry *dentry;
2271 unsigned seq;
2272
2273 do {
2274 seq = read_seqbegin(&rename_lock);
2275 dentry = __d_lookup(parent, name);
2276 if (dentry)
2277 break;
2278 } while (read_seqretry(&rename_lock, seq));
2279 return dentry;
2280 }
2281 EXPORT_SYMBOL(d_lookup);
2282
2283 /**
2284 * __d_lookup - search for a dentry (racy)
2285 * @parent: parent dentry
2286 * @name: qstr of name we wish to find
2287 * Returns: dentry, or NULL
2288 *
2289 * __d_lookup is like d_lookup, however it may (rarely) return a
2290 * false-negative result due to unrelated rename activity.
2291 *
2292 * __d_lookup is slightly faster by avoiding rename_lock read seqlock,
2293 * however it must be used carefully, eg. with a following d_lookup in
2294 * the case of failure.
2295 *
2296 * __d_lookup callers must be commented.
2297 */
__d_lookup(const struct dentry * parent,const struct qstr * name)2298 struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name)
2299 {
2300 unsigned int hash = name->hash;
2301 struct hlist_bl_head *b = d_hash(hash);
2302 struct hlist_bl_node *node;
2303 struct dentry *found = NULL;
2304 struct dentry *dentry;
2305
2306 /*
2307 * Note: There is significant duplication with __d_lookup_rcu which is
2308 * required to prevent single threaded performance regressions
2309 * especially on architectures where smp_rmb (in seqcounts) are costly.
2310 * Keep the two functions in sync.
2311 */
2312
2313 /*
2314 * The hash list is protected using RCU.
2315 *
2316 * Take d_lock when comparing a candidate dentry, to avoid races
2317 * with d_move().
2318 *
2319 * It is possible that concurrent renames can mess up our list
2320 * walk here and result in missing our dentry, resulting in the
2321 * false-negative result. d_lookup() protects against concurrent
2322 * renames using rename_lock seqlock.
2323 *
2324 * See Documentation/filesystems/path-lookup.txt for more details.
2325 */
2326 rcu_read_lock();
2327
2328 hlist_bl_for_each_entry_rcu(dentry, node, b, d_hash) {
2329
2330 if (dentry->d_name.hash != hash)
2331 continue;
2332
2333 spin_lock(&dentry->d_lock);
2334 if (dentry->d_parent != parent)
2335 goto next;
2336 if (d_unhashed(dentry))
2337 goto next;
2338
2339 if (!d_same_name(dentry, parent, name))
2340 goto next;
2341
2342 dentry->d_lockref.count++;
2343 found = dentry;
2344 spin_unlock(&dentry->d_lock);
2345 break;
2346 next:
2347 spin_unlock(&dentry->d_lock);
2348 }
2349 rcu_read_unlock();
2350
2351 return found;
2352 }
2353
2354 /**
2355 * d_hash_and_lookup - hash the qstr then search for a dentry
2356 * @dir: Directory to search in
2357 * @name: qstr of name we wish to find
2358 *
2359 * On lookup failure NULL is returned; on bad name - ERR_PTR(-error)
2360 */
d_hash_and_lookup(struct dentry * dir,struct qstr * name)2361 struct dentry *d_hash_and_lookup(struct dentry *dir, struct qstr *name)
2362 {
2363 /*
2364 * Check for a fs-specific hash function. Note that we must
2365 * calculate the standard hash first, as the d_op->d_hash()
2366 * routine may choose to leave the hash value unchanged.
2367 */
2368 name->hash = full_name_hash(dir, name->name, name->len);
2369 if (dir->d_flags & DCACHE_OP_HASH) {
2370 int err = dir->d_op->d_hash(dir, name);
2371 if (unlikely(err < 0))
2372 return ERR_PTR(err);
2373 }
2374 return d_lookup(dir, name);
2375 }
2376 EXPORT_SYMBOL(d_hash_and_lookup);
2377
2378 /*
2379 * When a file is deleted, we have two options:
2380 * - turn this dentry into a negative dentry
2381 * - unhash this dentry and free it.
2382 *
2383 * Usually, we want to just turn this into
2384 * a negative dentry, but if anybody else is
2385 * currently using the dentry or the inode
2386 * we can't do that and we fall back on removing
2387 * it from the hash queues and waiting for
2388 * it to be deleted later when it has no users
2389 */
2390
2391 /**
2392 * d_delete - delete a dentry
2393 * @dentry: The dentry to delete
2394 *
2395 * Turn the dentry into a negative dentry if possible, otherwise
2396 * remove it from the hash queues so it can be deleted later
2397 */
2398
d_delete(struct dentry * dentry)2399 void d_delete(struct dentry * dentry)
2400 {
2401 struct inode *inode;
2402 int isdir = 0;
2403 /*
2404 * Are we the only user?
2405 */
2406 again:
2407 spin_lock(&dentry->d_lock);
2408 inode = dentry->d_inode;
2409 isdir = S_ISDIR(inode->i_mode);
2410 if (dentry->d_lockref.count == 1) {
2411 if (!spin_trylock(&inode->i_lock)) {
2412 spin_unlock(&dentry->d_lock);
2413 cpu_relax();
2414 goto again;
2415 }
2416 dentry->d_flags &= ~DCACHE_CANT_MOUNT;
2417 dentry_unlink_inode(dentry);
2418 fsnotify_nameremove(dentry, isdir);
2419 return;
2420 }
2421
2422 if (!d_unhashed(dentry))
2423 __d_drop(dentry);
2424
2425 spin_unlock(&dentry->d_lock);
2426
2427 fsnotify_nameremove(dentry, isdir);
2428 }
2429 EXPORT_SYMBOL(d_delete);
2430
__d_rehash(struct dentry * entry)2431 static void __d_rehash(struct dentry *entry)
2432 {
2433 struct hlist_bl_head *b = d_hash(entry->d_name.hash);
2434
2435 hlist_bl_lock(b);
2436 hlist_bl_add_head_rcu(&entry->d_hash, b);
2437 hlist_bl_unlock(b);
2438 }
2439
2440 /**
2441 * d_rehash - add an entry back to the hash
2442 * @entry: dentry to add to the hash
2443 *
2444 * Adds a dentry to the hash according to its name.
2445 */
2446
d_rehash(struct dentry * entry)2447 void d_rehash(struct dentry * entry)
2448 {
2449 spin_lock(&entry->d_lock);
2450 __d_rehash(entry);
2451 spin_unlock(&entry->d_lock);
2452 }
2453 EXPORT_SYMBOL(d_rehash);
2454
start_dir_add(struct inode * dir)2455 static inline unsigned start_dir_add(struct inode *dir)
2456 {
2457
2458 for (;;) {
2459 unsigned n = dir->i_dir_seq;
2460 if (!(n & 1) && cmpxchg(&dir->i_dir_seq, n, n + 1) == n)
2461 return n;
2462 cpu_relax();
2463 }
2464 }
2465
end_dir_add(struct inode * dir,unsigned n)2466 static inline void end_dir_add(struct inode *dir, unsigned n)
2467 {
2468 smp_store_release(&dir->i_dir_seq, n + 2);
2469 }
2470
d_wait_lookup(struct dentry * dentry)2471 static void d_wait_lookup(struct dentry *dentry)
2472 {
2473 if (d_in_lookup(dentry)) {
2474 DECLARE_WAITQUEUE(wait, current);
2475 add_wait_queue(dentry->d_wait, &wait);
2476 do {
2477 set_current_state(TASK_UNINTERRUPTIBLE);
2478 spin_unlock(&dentry->d_lock);
2479 schedule();
2480 spin_lock(&dentry->d_lock);
2481 } while (d_in_lookup(dentry));
2482 }
2483 }
2484
d_alloc_parallel(struct dentry * parent,const struct qstr * name,wait_queue_head_t * wq)2485 struct dentry *d_alloc_parallel(struct dentry *parent,
2486 const struct qstr *name,
2487 wait_queue_head_t *wq)
2488 {
2489 unsigned int hash = name->hash;
2490 struct hlist_bl_head *b = in_lookup_hash(parent, hash);
2491 struct hlist_bl_node *node;
2492 struct dentry *new = d_alloc(parent, name);
2493 struct dentry *dentry;
2494 unsigned seq, r_seq, d_seq;
2495
2496 if (unlikely(!new))
2497 return ERR_PTR(-ENOMEM);
2498
2499 retry:
2500 rcu_read_lock();
2501 seq = smp_load_acquire(&parent->d_inode->i_dir_seq);
2502 r_seq = read_seqbegin(&rename_lock);
2503 dentry = __d_lookup_rcu(parent, name, &d_seq);
2504 if (unlikely(dentry)) {
2505 if (!lockref_get_not_dead(&dentry->d_lockref)) {
2506 rcu_read_unlock();
2507 goto retry;
2508 }
2509 if (read_seqcount_retry(&dentry->d_seq, d_seq)) {
2510 rcu_read_unlock();
2511 dput(dentry);
2512 goto retry;
2513 }
2514 rcu_read_unlock();
2515 dput(new);
2516 return dentry;
2517 }
2518 if (unlikely(read_seqretry(&rename_lock, r_seq))) {
2519 rcu_read_unlock();
2520 goto retry;
2521 }
2522
2523 if (unlikely(seq & 1)) {
2524 rcu_read_unlock();
2525 goto retry;
2526 }
2527
2528 hlist_bl_lock(b);
2529 if (unlikely(READ_ONCE(parent->d_inode->i_dir_seq) != seq)) {
2530 hlist_bl_unlock(b);
2531 rcu_read_unlock();
2532 goto retry;
2533 }
2534 /*
2535 * No changes for the parent since the beginning of d_lookup().
2536 * Since all removals from the chain happen with hlist_bl_lock(),
2537 * any potential in-lookup matches are going to stay here until
2538 * we unlock the chain. All fields are stable in everything
2539 * we encounter.
2540 */
2541 hlist_bl_for_each_entry(dentry, node, b, d_u.d_in_lookup_hash) {
2542 if (dentry->d_name.hash != hash)
2543 continue;
2544 if (dentry->d_parent != parent)
2545 continue;
2546 if (!d_same_name(dentry, parent, name))
2547 continue;
2548 hlist_bl_unlock(b);
2549 /* now we can try to grab a reference */
2550 if (!lockref_get_not_dead(&dentry->d_lockref)) {
2551 rcu_read_unlock();
2552 goto retry;
2553 }
2554
2555 rcu_read_unlock();
2556 /*
2557 * somebody is likely to be still doing lookup for it;
2558 * wait for them to finish
2559 */
2560 spin_lock(&dentry->d_lock);
2561 d_wait_lookup(dentry);
2562 /*
2563 * it's not in-lookup anymore; in principle we should repeat
2564 * everything from dcache lookup, but it's likely to be what
2565 * d_lookup() would've found anyway. If it is, just return it;
2566 * otherwise we really have to repeat the whole thing.
2567 */
2568 if (unlikely(dentry->d_name.hash != hash))
2569 goto mismatch;
2570 if (unlikely(dentry->d_parent != parent))
2571 goto mismatch;
2572 if (unlikely(d_unhashed(dentry)))
2573 goto mismatch;
2574 if (unlikely(!d_same_name(dentry, parent, name)))
2575 goto mismatch;
2576 /* OK, it *is* a hashed match; return it */
2577 spin_unlock(&dentry->d_lock);
2578 dput(new);
2579 return dentry;
2580 }
2581 rcu_read_unlock();
2582 /* we can't take ->d_lock here; it's OK, though. */
2583 new->d_flags |= DCACHE_PAR_LOOKUP;
2584 new->d_wait = wq;
2585 hlist_bl_add_head_rcu(&new->d_u.d_in_lookup_hash, b);
2586 hlist_bl_unlock(b);
2587 return new;
2588 mismatch:
2589 spin_unlock(&dentry->d_lock);
2590 dput(dentry);
2591 goto retry;
2592 }
2593 EXPORT_SYMBOL(d_alloc_parallel);
2594
__d_lookup_done(struct dentry * dentry)2595 void __d_lookup_done(struct dentry *dentry)
2596 {
2597 struct hlist_bl_head *b = in_lookup_hash(dentry->d_parent,
2598 dentry->d_name.hash);
2599 hlist_bl_lock(b);
2600 dentry->d_flags &= ~DCACHE_PAR_LOOKUP;
2601 __hlist_bl_del(&dentry->d_u.d_in_lookup_hash);
2602 wake_up_all(dentry->d_wait);
2603 dentry->d_wait = NULL;
2604 hlist_bl_unlock(b);
2605 INIT_HLIST_NODE(&dentry->d_u.d_alias);
2606 INIT_LIST_HEAD(&dentry->d_lru);
2607 }
2608 EXPORT_SYMBOL(__d_lookup_done);
2609
2610 /* inode->i_lock held if inode is non-NULL */
2611
__d_add(struct dentry * dentry,struct inode * inode)2612 static inline void __d_add(struct dentry *dentry, struct inode *inode)
2613 {
2614 struct inode *dir = NULL;
2615 unsigned n;
2616 spin_lock(&dentry->d_lock);
2617 if (unlikely(d_in_lookup(dentry))) {
2618 dir = dentry->d_parent->d_inode;
2619 n = start_dir_add(dir);
2620 __d_lookup_done(dentry);
2621 }
2622 if (inode) {
2623 unsigned add_flags = d_flags_for_inode(inode);
2624 hlist_add_head(&dentry->d_u.d_alias, &inode->i_dentry);
2625 raw_write_seqcount_begin(&dentry->d_seq);
2626 __d_set_inode_and_type(dentry, inode, add_flags);
2627 raw_write_seqcount_end(&dentry->d_seq);
2628 fsnotify_update_flags(dentry);
2629 }
2630 __d_rehash(dentry);
2631 if (dir)
2632 end_dir_add(dir, n);
2633 spin_unlock(&dentry->d_lock);
2634 if (inode)
2635 spin_unlock(&inode->i_lock);
2636 }
2637
2638 /**
2639 * d_add - add dentry to hash queues
2640 * @entry: dentry to add
2641 * @inode: The inode to attach to this dentry
2642 *
2643 * This adds the entry to the hash queues and initializes @inode.
2644 * The entry was actually filled in earlier during d_alloc().
2645 */
2646
d_add(struct dentry * entry,struct inode * inode)2647 void d_add(struct dentry *entry, struct inode *inode)
2648 {
2649 if (inode) {
2650 security_d_instantiate(entry, inode);
2651 spin_lock(&inode->i_lock);
2652 }
2653 __d_add(entry, inode);
2654 }
2655 EXPORT_SYMBOL(d_add);
2656
2657 /**
2658 * d_exact_alias - find and hash an exact unhashed alias
2659 * @entry: dentry to add
2660 * @inode: The inode to go with this dentry
2661 *
2662 * If an unhashed dentry with the same name/parent and desired
2663 * inode already exists, hash and return it. Otherwise, return
2664 * NULL.
2665 *
2666 * Parent directory should be locked.
2667 */
d_exact_alias(struct dentry * entry,struct inode * inode)2668 struct dentry *d_exact_alias(struct dentry *entry, struct inode *inode)
2669 {
2670 struct dentry *alias;
2671 unsigned int hash = entry->d_name.hash;
2672
2673 spin_lock(&inode->i_lock);
2674 hlist_for_each_entry(alias, &inode->i_dentry, d_u.d_alias) {
2675 /*
2676 * Don't need alias->d_lock here, because aliases with
2677 * d_parent == entry->d_parent are not subject to name or
2678 * parent changes, because the parent inode i_mutex is held.
2679 */
2680 if (alias->d_name.hash != hash)
2681 continue;
2682 if (alias->d_parent != entry->d_parent)
2683 continue;
2684 if (!d_same_name(alias, entry->d_parent, &entry->d_name))
2685 continue;
2686 spin_lock(&alias->d_lock);
2687 if (!d_unhashed(alias)) {
2688 spin_unlock(&alias->d_lock);
2689 alias = NULL;
2690 } else {
2691 __dget_dlock(alias);
2692 __d_rehash(alias);
2693 spin_unlock(&alias->d_lock);
2694 }
2695 spin_unlock(&inode->i_lock);
2696 return alias;
2697 }
2698 spin_unlock(&inode->i_lock);
2699 return NULL;
2700 }
2701 EXPORT_SYMBOL(d_exact_alias);
2702
2703 /**
2704 * dentry_update_name_case - update case insensitive dentry with a new name
2705 * @dentry: dentry to be updated
2706 * @name: new name
2707 *
2708 * Update a case insensitive dentry with new case of name.
2709 *
2710 * dentry must have been returned by d_lookup with name @name. Old and new
2711 * name lengths must match (ie. no d_compare which allows mismatched name
2712 * lengths).
2713 *
2714 * Parent inode i_mutex must be held over d_lookup and into this call (to
2715 * keep renames and concurrent inserts, and readdir(2) away).
2716 */
dentry_update_name_case(struct dentry * dentry,const struct qstr * name)2717 void dentry_update_name_case(struct dentry *dentry, const struct qstr *name)
2718 {
2719 BUG_ON(!inode_is_locked(dentry->d_parent->d_inode));
2720 BUG_ON(dentry->d_name.len != name->len); /* d_lookup gives this */
2721
2722 spin_lock(&dentry->d_lock);
2723 write_seqcount_begin(&dentry->d_seq);
2724 memcpy((unsigned char *)dentry->d_name.name, name->name, name->len);
2725 write_seqcount_end(&dentry->d_seq);
2726 spin_unlock(&dentry->d_lock);
2727 }
2728 EXPORT_SYMBOL(dentry_update_name_case);
2729
swap_names(struct dentry * dentry,struct dentry * target)2730 static void swap_names(struct dentry *dentry, struct dentry *target)
2731 {
2732 if (unlikely(dname_external(target))) {
2733 if (unlikely(dname_external(dentry))) {
2734 /*
2735 * Both external: swap the pointers
2736 */
2737 swap(target->d_name.name, dentry->d_name.name);
2738 } else {
2739 /*
2740 * dentry:internal, target:external. Steal target's
2741 * storage and make target internal.
2742 */
2743 memcpy(target->d_iname, dentry->d_name.name,
2744 dentry->d_name.len + 1);
2745 dentry->d_name.name = target->d_name.name;
2746 target->d_name.name = target->d_iname;
2747 }
2748 } else {
2749 if (unlikely(dname_external(dentry))) {
2750 /*
2751 * dentry:external, target:internal. Give dentry's
2752 * storage to target and make dentry internal
2753 */
2754 memcpy(dentry->d_iname, target->d_name.name,
2755 target->d_name.len + 1);
2756 target->d_name.name = dentry->d_name.name;
2757 dentry->d_name.name = dentry->d_iname;
2758 } else {
2759 /*
2760 * Both are internal.
2761 */
2762 unsigned int i;
2763 BUILD_BUG_ON(!IS_ALIGNED(DNAME_INLINE_LEN, sizeof(long)));
2764 for (i = 0; i < DNAME_INLINE_LEN / sizeof(long); i++) {
2765 swap(((long *) &dentry->d_iname)[i],
2766 ((long *) &target->d_iname)[i]);
2767 }
2768 }
2769 }
2770 swap(dentry->d_name.hash_len, target->d_name.hash_len);
2771 }
2772
copy_name(struct dentry * dentry,struct dentry * target)2773 static void copy_name(struct dentry *dentry, struct dentry *target)
2774 {
2775 struct external_name *old_name = NULL;
2776 if (unlikely(dname_external(dentry)))
2777 old_name = external_name(dentry);
2778 if (unlikely(dname_external(target))) {
2779 atomic_inc(&external_name(target)->u.count);
2780 dentry->d_name = target->d_name;
2781 } else {
2782 memcpy(dentry->d_iname, target->d_name.name,
2783 target->d_name.len + 1);
2784 dentry->d_name.name = dentry->d_iname;
2785 dentry->d_name.hash_len = target->d_name.hash_len;
2786 }
2787 if (old_name && likely(atomic_dec_and_test(&old_name->u.count)))
2788 call_rcu(&old_name->u.head, __d_free_external_name);
2789 }
2790
dentry_lock_for_move(struct dentry * dentry,struct dentry * target)2791 static void dentry_lock_for_move(struct dentry *dentry, struct dentry *target)
2792 {
2793 /*
2794 * XXXX: do we really need to take target->d_lock?
2795 */
2796 if (IS_ROOT(dentry) || dentry->d_parent == target->d_parent)
2797 spin_lock(&target->d_parent->d_lock);
2798 else {
2799 if (d_ancestor(dentry->d_parent, target->d_parent)) {
2800 spin_lock(&dentry->d_parent->d_lock);
2801 spin_lock_nested(&target->d_parent->d_lock,
2802 DENTRY_D_LOCK_NESTED);
2803 } else {
2804 spin_lock(&target->d_parent->d_lock);
2805 spin_lock_nested(&dentry->d_parent->d_lock,
2806 DENTRY_D_LOCK_NESTED);
2807 }
2808 }
2809 if (target < dentry) {
2810 spin_lock_nested(&target->d_lock, 2);
2811 spin_lock_nested(&dentry->d_lock, 3);
2812 } else {
2813 spin_lock_nested(&dentry->d_lock, 2);
2814 spin_lock_nested(&target->d_lock, 3);
2815 }
2816 }
2817
dentry_unlock_for_move(struct dentry * dentry,struct dentry * target)2818 static void dentry_unlock_for_move(struct dentry *dentry, struct dentry *target)
2819 {
2820 if (target->d_parent != dentry->d_parent)
2821 spin_unlock(&dentry->d_parent->d_lock);
2822 if (target->d_parent != target)
2823 spin_unlock(&target->d_parent->d_lock);
2824 spin_unlock(&target->d_lock);
2825 spin_unlock(&dentry->d_lock);
2826 }
2827
2828 /*
2829 * When switching names, the actual string doesn't strictly have to
2830 * be preserved in the target - because we're dropping the target
2831 * anyway. As such, we can just do a simple memcpy() to copy over
2832 * the new name before we switch, unless we are going to rehash
2833 * it. Note that if we *do* unhash the target, we are not allowed
2834 * to rehash it without giving it a new name/hash key - whether
2835 * we swap or overwrite the names here, resulting name won't match
2836 * the reality in filesystem; it's only there for d_path() purposes.
2837 * Note that all of this is happening under rename_lock, so the
2838 * any hash lookup seeing it in the middle of manipulations will
2839 * be discarded anyway. So we do not care what happens to the hash
2840 * key in that case.
2841 */
2842 /*
2843 * __d_move - move a dentry
2844 * @dentry: entry to move
2845 * @target: new dentry
2846 * @exchange: exchange the two dentries
2847 *
2848 * Update the dcache to reflect the move of a file name. Negative
2849 * dcache entries should not be moved in this way. Caller must hold
2850 * rename_lock, the i_mutex of the source and target directories,
2851 * and the sb->s_vfs_rename_mutex if they differ. See lock_rename().
2852 */
__d_move(struct dentry * dentry,struct dentry * target,bool exchange)2853 static void __d_move(struct dentry *dentry, struct dentry *target,
2854 bool exchange)
2855 {
2856 struct inode *dir = NULL;
2857 unsigned n;
2858 if (!dentry->d_inode)
2859 printk(KERN_WARNING "VFS: moving negative dcache entry\n");
2860
2861 BUG_ON(d_ancestor(dentry, target));
2862 BUG_ON(d_ancestor(target, dentry));
2863
2864 dentry_lock_for_move(dentry, target);
2865 if (unlikely(d_in_lookup(target))) {
2866 dir = target->d_parent->d_inode;
2867 n = start_dir_add(dir);
2868 __d_lookup_done(target);
2869 }
2870
2871 write_seqcount_begin(&dentry->d_seq);
2872 write_seqcount_begin_nested(&target->d_seq, DENTRY_D_LOCK_NESTED);
2873
2874 /* unhash both */
2875 /* ___d_drop does write_seqcount_barrier, but they're OK to nest. */
2876 ___d_drop(dentry);
2877 ___d_drop(target);
2878
2879 /* Switch the names.. */
2880 if (exchange)
2881 swap_names(dentry, target);
2882 else
2883 copy_name(dentry, target);
2884
2885 /* rehash in new place(s) */
2886 __d_rehash(dentry);
2887 if (exchange)
2888 __d_rehash(target);
2889 else
2890 target->d_hash.pprev = NULL;
2891
2892 /* ... and switch them in the tree */
2893 if (IS_ROOT(dentry)) {
2894 /* splicing a tree */
2895 dentry->d_flags |= DCACHE_RCUACCESS;
2896 dentry->d_parent = target->d_parent;
2897 target->d_parent = target;
2898 list_del_init(&target->d_child);
2899 list_move(&dentry->d_child, &dentry->d_parent->d_subdirs);
2900 } else {
2901 /* swapping two dentries */
2902 swap(dentry->d_parent, target->d_parent);
2903 list_move(&target->d_child, &target->d_parent->d_subdirs);
2904 list_move(&dentry->d_child, &dentry->d_parent->d_subdirs);
2905 if (exchange)
2906 fsnotify_update_flags(target);
2907 fsnotify_update_flags(dentry);
2908 }
2909
2910 write_seqcount_end(&target->d_seq);
2911 write_seqcount_end(&dentry->d_seq);
2912
2913 if (dir)
2914 end_dir_add(dir, n);
2915 dentry_unlock_for_move(dentry, target);
2916 }
2917
2918 /*
2919 * d_move - move a dentry
2920 * @dentry: entry to move
2921 * @target: new dentry
2922 *
2923 * Update the dcache to reflect the move of a file name. Negative
2924 * dcache entries should not be moved in this way. See the locking
2925 * requirements for __d_move.
2926 */
d_move(struct dentry * dentry,struct dentry * target)2927 void d_move(struct dentry *dentry, struct dentry *target)
2928 {
2929 write_seqlock(&rename_lock);
2930 __d_move(dentry, target, false);
2931 write_sequnlock(&rename_lock);
2932 }
2933 EXPORT_SYMBOL(d_move);
2934
2935 /*
2936 * d_exchange - exchange two dentries
2937 * @dentry1: first dentry
2938 * @dentry2: second dentry
2939 */
d_exchange(struct dentry * dentry1,struct dentry * dentry2)2940 void d_exchange(struct dentry *dentry1, struct dentry *dentry2)
2941 {
2942 write_seqlock(&rename_lock);
2943
2944 WARN_ON(!dentry1->d_inode);
2945 WARN_ON(!dentry2->d_inode);
2946 WARN_ON(IS_ROOT(dentry1));
2947 WARN_ON(IS_ROOT(dentry2));
2948
2949 __d_move(dentry1, dentry2, true);
2950
2951 write_sequnlock(&rename_lock);
2952 }
2953
2954 /**
2955 * d_ancestor - search for an ancestor
2956 * @p1: ancestor dentry
2957 * @p2: child dentry
2958 *
2959 * Returns the ancestor dentry of p2 which is a child of p1, if p1 is
2960 * an ancestor of p2, else NULL.
2961 */
d_ancestor(struct dentry * p1,struct dentry * p2)2962 struct dentry *d_ancestor(struct dentry *p1, struct dentry *p2)
2963 {
2964 struct dentry *p;
2965
2966 for (p = p2; !IS_ROOT(p); p = p->d_parent) {
2967 if (p->d_parent == p1)
2968 return p;
2969 }
2970 return NULL;
2971 }
2972
2973 /*
2974 * This helper attempts to cope with remotely renamed directories
2975 *
2976 * It assumes that the caller is already holding
2977 * dentry->d_parent->d_inode->i_mutex, and rename_lock
2978 *
2979 * Note: If ever the locking in lock_rename() changes, then please
2980 * remember to update this too...
2981 */
__d_unalias(struct inode * inode,struct dentry * dentry,struct dentry * alias)2982 static int __d_unalias(struct inode *inode,
2983 struct dentry *dentry, struct dentry *alias)
2984 {
2985 struct mutex *m1 = NULL;
2986 struct rw_semaphore *m2 = NULL;
2987 int ret = -ESTALE;
2988
2989 /* If alias and dentry share a parent, then no extra locks required */
2990 if (alias->d_parent == dentry->d_parent)
2991 goto out_unalias;
2992
2993 /* See lock_rename() */
2994 if (!mutex_trylock(&dentry->d_sb->s_vfs_rename_mutex))
2995 goto out_err;
2996 m1 = &dentry->d_sb->s_vfs_rename_mutex;
2997 if (!inode_trylock_shared(alias->d_parent->d_inode))
2998 goto out_err;
2999 m2 = &alias->d_parent->d_inode->i_rwsem;
3000 out_unalias:
3001 __d_move(alias, dentry, false);
3002 ret = 0;
3003 out_err:
3004 if (m2)
3005 up_read(m2);
3006 if (m1)
3007 mutex_unlock(m1);
3008 return ret;
3009 }
3010
3011 /**
3012 * d_splice_alias - splice a disconnected dentry into the tree if one exists
3013 * @inode: the inode which may have a disconnected dentry
3014 * @dentry: a negative dentry which we want to point to the inode.
3015 *
3016 * If inode is a directory and has an IS_ROOT alias, then d_move that in
3017 * place of the given dentry and return it, else simply d_add the inode
3018 * to the dentry and return NULL.
3019 *
3020 * If a non-IS_ROOT directory is found, the filesystem is corrupt, and
3021 * we should error out: directories can't have multiple aliases.
3022 *
3023 * This is needed in the lookup routine of any filesystem that is exportable
3024 * (via knfsd) so that we can build dcache paths to directories effectively.
3025 *
3026 * If a dentry was found and moved, then it is returned. Otherwise NULL
3027 * is returned. This matches the expected return value of ->lookup.
3028 *
3029 * Cluster filesystems may call this function with a negative, hashed dentry.
3030 * In that case, we know that the inode will be a regular file, and also this
3031 * will only occur during atomic_open. So we need to check for the dentry
3032 * being already hashed only in the final case.
3033 */
d_splice_alias(struct inode * inode,struct dentry * dentry)3034 struct dentry *d_splice_alias(struct inode *inode, struct dentry *dentry)
3035 {
3036 if (IS_ERR(inode))
3037 return ERR_CAST(inode);
3038
3039 BUG_ON(!d_unhashed(dentry));
3040
3041 if (!inode)
3042 goto out;
3043
3044 security_d_instantiate(dentry, inode);
3045 spin_lock(&inode->i_lock);
3046 if (S_ISDIR(inode->i_mode)) {
3047 struct dentry *new = __d_find_any_alias(inode);
3048 if (unlikely(new)) {
3049 /* The reference to new ensures it remains an alias */
3050 spin_unlock(&inode->i_lock);
3051 write_seqlock(&rename_lock);
3052 if (unlikely(d_ancestor(new, dentry))) {
3053 write_sequnlock(&rename_lock);
3054 dput(new);
3055 new = ERR_PTR(-ELOOP);
3056 pr_warn_ratelimited(
3057 "VFS: Lookup of '%s' in %s %s"
3058 " would have caused loop\n",
3059 dentry->d_name.name,
3060 inode->i_sb->s_type->name,
3061 inode->i_sb->s_id);
3062 } else if (!IS_ROOT(new)) {
3063 int err = __d_unalias(inode, dentry, new);
3064 write_sequnlock(&rename_lock);
3065 if (err) {
3066 dput(new);
3067 new = ERR_PTR(err);
3068 }
3069 } else {
3070 __d_move(new, dentry, false);
3071 write_sequnlock(&rename_lock);
3072 }
3073 iput(inode);
3074 return new;
3075 }
3076 }
3077 out:
3078 __d_add(dentry, inode);
3079 return NULL;
3080 }
3081 EXPORT_SYMBOL(d_splice_alias);
3082
prepend(char ** buffer,int * buflen,const char * str,int namelen)3083 static int prepend(char **buffer, int *buflen, const char *str, int namelen)
3084 {
3085 *buflen -= namelen;
3086 if (*buflen < 0)
3087 return -ENAMETOOLONG;
3088 *buffer -= namelen;
3089 memcpy(*buffer, str, namelen);
3090 return 0;
3091 }
3092
3093 /**
3094 * prepend_name - prepend a pathname in front of current buffer pointer
3095 * @buffer: buffer pointer
3096 * @buflen: allocated length of the buffer
3097 * @name: name string and length qstr structure
3098 *
3099 * With RCU path tracing, it may race with d_move(). Use ACCESS_ONCE() to
3100 * make sure that either the old or the new name pointer and length are
3101 * fetched. However, there may be mismatch between length and pointer.
3102 * The length cannot be trusted, we need to copy it byte-by-byte until
3103 * the length is reached or a null byte is found. It also prepends "/" at
3104 * the beginning of the name. The sequence number check at the caller will
3105 * retry it again when a d_move() does happen. So any garbage in the buffer
3106 * due to mismatched pointer and length will be discarded.
3107 *
3108 * Data dependency barrier is needed to make sure that we see that terminating
3109 * NUL. Alpha strikes again, film at 11...
3110 */
prepend_name(char ** buffer,int * buflen,const struct qstr * name)3111 static int prepend_name(char **buffer, int *buflen, const struct qstr *name)
3112 {
3113 const char *dname = ACCESS_ONCE(name->name);
3114 u32 dlen = ACCESS_ONCE(name->len);
3115 char *p;
3116
3117 smp_read_barrier_depends();
3118
3119 *buflen -= dlen + 1;
3120 if (*buflen < 0)
3121 return -ENAMETOOLONG;
3122 p = *buffer -= dlen + 1;
3123 *p++ = '/';
3124 while (dlen--) {
3125 char c = *dname++;
3126 if (!c)
3127 break;
3128 *p++ = c;
3129 }
3130 return 0;
3131 }
3132
3133 /**
3134 * prepend_path - Prepend path string to a buffer
3135 * @path: the dentry/vfsmount to report
3136 * @root: root vfsmnt/dentry
3137 * @buffer: pointer to the end of the buffer
3138 * @buflen: pointer to buffer length
3139 *
3140 * The function will first try to write out the pathname without taking any
3141 * lock other than the RCU read lock to make sure that dentries won't go away.
3142 * It only checks the sequence number of the global rename_lock as any change
3143 * in the dentry's d_seq will be preceded by changes in the rename_lock
3144 * sequence number. If the sequence number had been changed, it will restart
3145 * the whole pathname back-tracing sequence again by taking the rename_lock.
3146 * In this case, there is no need to take the RCU read lock as the recursive
3147 * parent pointer references will keep the dentry chain alive as long as no
3148 * rename operation is performed.
3149 */
prepend_path(const struct path * path,const struct path * root,char ** buffer,int * buflen)3150 static int prepend_path(const struct path *path,
3151 const struct path *root,
3152 char **buffer, int *buflen)
3153 {
3154 struct dentry *dentry;
3155 struct vfsmount *vfsmnt;
3156 struct mount *mnt;
3157 int error = 0;
3158 unsigned seq, m_seq = 0;
3159 char *bptr;
3160 int blen;
3161
3162 rcu_read_lock();
3163 restart_mnt:
3164 read_seqbegin_or_lock(&mount_lock, &m_seq);
3165 seq = 0;
3166 rcu_read_lock();
3167 restart:
3168 bptr = *buffer;
3169 blen = *buflen;
3170 error = 0;
3171 dentry = path->dentry;
3172 vfsmnt = path->mnt;
3173 mnt = real_mount(vfsmnt);
3174 read_seqbegin_or_lock(&rename_lock, &seq);
3175 while (dentry != root->dentry || vfsmnt != root->mnt) {
3176 struct dentry * parent;
3177
3178 if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) {
3179 struct mount *parent = ACCESS_ONCE(mnt->mnt_parent);
3180 /* Escaped? */
3181 if (dentry != vfsmnt->mnt_root) {
3182 bptr = *buffer;
3183 blen = *buflen;
3184 error = 3;
3185 break;
3186 }
3187 /* Global root? */
3188 if (mnt != parent) {
3189 dentry = ACCESS_ONCE(mnt->mnt_mountpoint);
3190 mnt = parent;
3191 vfsmnt = &mnt->mnt;
3192 continue;
3193 }
3194 if (!error)
3195 error = is_mounted(vfsmnt) ? 1 : 2;
3196 break;
3197 }
3198 parent = dentry->d_parent;
3199 prefetch(parent);
3200 error = prepend_name(&bptr, &blen, &dentry->d_name);
3201 if (error)
3202 break;
3203
3204 dentry = parent;
3205 }
3206 if (!(seq & 1))
3207 rcu_read_unlock();
3208 if (need_seqretry(&rename_lock, seq)) {
3209 seq = 1;
3210 goto restart;
3211 }
3212 done_seqretry(&rename_lock, seq);
3213
3214 if (!(m_seq & 1))
3215 rcu_read_unlock();
3216 if (need_seqretry(&mount_lock, m_seq)) {
3217 m_seq = 1;
3218 goto restart_mnt;
3219 }
3220 done_seqretry(&mount_lock, m_seq);
3221
3222 if (error >= 0 && bptr == *buffer) {
3223 if (--blen < 0)
3224 error = -ENAMETOOLONG;
3225 else
3226 *--bptr = '/';
3227 }
3228 *buffer = bptr;
3229 *buflen = blen;
3230 return error;
3231 }
3232
3233 /**
3234 * __d_path - return the path of a dentry
3235 * @path: the dentry/vfsmount to report
3236 * @root: root vfsmnt/dentry
3237 * @buf: buffer to return value in
3238 * @buflen: buffer length
3239 *
3240 * Convert a dentry into an ASCII path name.
3241 *
3242 * Returns a pointer into the buffer or an error code if the
3243 * path was too long.
3244 *
3245 * "buflen" should be positive.
3246 *
3247 * If the path is not reachable from the supplied root, return %NULL.
3248 */
__d_path(const struct path * path,const struct path * root,char * buf,int buflen)3249 char *__d_path(const struct path *path,
3250 const struct path *root,
3251 char *buf, int buflen)
3252 {
3253 char *res = buf + buflen;
3254 int error;
3255
3256 prepend(&res, &buflen, "\0", 1);
3257 error = prepend_path(path, root, &res, &buflen);
3258
3259 if (error < 0)
3260 return ERR_PTR(error);
3261 if (error > 0)
3262 return NULL;
3263 return res;
3264 }
3265
d_absolute_path(const struct path * path,char * buf,int buflen)3266 char *d_absolute_path(const struct path *path,
3267 char *buf, int buflen)
3268 {
3269 struct path root = {};
3270 char *res = buf + buflen;
3271 int error;
3272
3273 prepend(&res, &buflen, "\0", 1);
3274 error = prepend_path(path, &root, &res, &buflen);
3275
3276 if (error > 1)
3277 error = -EINVAL;
3278 if (error < 0)
3279 return ERR_PTR(error);
3280 return res;
3281 }
3282 EXPORT_SYMBOL(d_absolute_path);
3283
3284 /*
3285 * same as __d_path but appends "(deleted)" for unlinked files.
3286 */
path_with_deleted(const struct path * path,const struct path * root,char ** buf,int * buflen)3287 static int path_with_deleted(const struct path *path,
3288 const struct path *root,
3289 char **buf, int *buflen)
3290 {
3291 prepend(buf, buflen, "\0", 1);
3292 if (d_unlinked(path->dentry)) {
3293 int error = prepend(buf, buflen, " (deleted)", 10);
3294 if (error)
3295 return error;
3296 }
3297
3298 return prepend_path(path, root, buf, buflen);
3299 }
3300
prepend_unreachable(char ** buffer,int * buflen)3301 static int prepend_unreachable(char **buffer, int *buflen)
3302 {
3303 return prepend(buffer, buflen, "(unreachable)", 13);
3304 }
3305
get_fs_root_rcu(struct fs_struct * fs,struct path * root)3306 static void get_fs_root_rcu(struct fs_struct *fs, struct path *root)
3307 {
3308 unsigned seq;
3309
3310 do {
3311 seq = read_seqcount_begin(&fs->seq);
3312 *root = fs->root;
3313 } while (read_seqcount_retry(&fs->seq, seq));
3314 }
3315
3316 /**
3317 * d_path - return the path of a dentry
3318 * @path: path to report
3319 * @buf: buffer to return value in
3320 * @buflen: buffer length
3321 *
3322 * Convert a dentry into an ASCII path name. If the entry has been deleted
3323 * the string " (deleted)" is appended. Note that this is ambiguous.
3324 *
3325 * Returns a pointer into the buffer or an error code if the path was
3326 * too long. Note: Callers should use the returned pointer, not the passed
3327 * in buffer, to use the name! The implementation often starts at an offset
3328 * into the buffer, and may leave 0 bytes at the start.
3329 *
3330 * "buflen" should be positive.
3331 */
d_path(const struct path * path,char * buf,int buflen)3332 char *d_path(const struct path *path, char *buf, int buflen)
3333 {
3334 char *res = buf + buflen;
3335 struct path root;
3336 int error;
3337
3338 /*
3339 * We have various synthetic filesystems that never get mounted. On
3340 * these filesystems dentries are never used for lookup purposes, and
3341 * thus don't need to be hashed. They also don't need a name until a
3342 * user wants to identify the object in /proc/pid/fd/. The little hack
3343 * below allows us to generate a name for these objects on demand:
3344 *
3345 * Some pseudo inodes are mountable. When they are mounted
3346 * path->dentry == path->mnt->mnt_root. In that case don't call d_dname
3347 * and instead have d_path return the mounted path.
3348 */
3349 if (path->dentry->d_op && path->dentry->d_op->d_dname &&
3350 (!IS_ROOT(path->dentry) || path->dentry != path->mnt->mnt_root))
3351 return path->dentry->d_op->d_dname(path->dentry, buf, buflen);
3352
3353 rcu_read_lock();
3354 get_fs_root_rcu(current->fs, &root);
3355 error = path_with_deleted(path, &root, &res, &buflen);
3356 rcu_read_unlock();
3357
3358 if (error < 0)
3359 res = ERR_PTR(error);
3360 return res;
3361 }
3362 EXPORT_SYMBOL(d_path);
3363
3364 /*
3365 * Helper function for dentry_operations.d_dname() members
3366 */
dynamic_dname(struct dentry * dentry,char * buffer,int buflen,const char * fmt,...)3367 char *dynamic_dname(struct dentry *dentry, char *buffer, int buflen,
3368 const char *fmt, ...)
3369 {
3370 va_list args;
3371 char temp[64];
3372 int sz;
3373
3374 va_start(args, fmt);
3375 sz = vsnprintf(temp, sizeof(temp), fmt, args) + 1;
3376 va_end(args);
3377
3378 if (sz > sizeof(temp) || sz > buflen)
3379 return ERR_PTR(-ENAMETOOLONG);
3380
3381 buffer += buflen - sz;
3382 return memcpy(buffer, temp, sz);
3383 }
3384
simple_dname(struct dentry * dentry,char * buffer,int buflen)3385 char *simple_dname(struct dentry *dentry, char *buffer, int buflen)
3386 {
3387 char *end = buffer + buflen;
3388 /* these dentries are never renamed, so d_lock is not needed */
3389 if (prepend(&end, &buflen, " (deleted)", 11) ||
3390 prepend(&end, &buflen, dentry->d_name.name, dentry->d_name.len) ||
3391 prepend(&end, &buflen, "/", 1))
3392 end = ERR_PTR(-ENAMETOOLONG);
3393 return end;
3394 }
3395 EXPORT_SYMBOL(simple_dname);
3396
3397 /*
3398 * Write full pathname from the root of the filesystem into the buffer.
3399 */
__dentry_path(struct dentry * d,char * buf,int buflen)3400 static char *__dentry_path(struct dentry *d, char *buf, int buflen)
3401 {
3402 struct dentry *dentry;
3403 char *end, *retval;
3404 int len, seq = 0;
3405 int error = 0;
3406
3407 if (buflen < 2)
3408 goto Elong;
3409
3410 rcu_read_lock();
3411 restart:
3412 dentry = d;
3413 end = buf + buflen;
3414 len = buflen;
3415 prepend(&end, &len, "\0", 1);
3416 /* Get '/' right */
3417 retval = end-1;
3418 *retval = '/';
3419 read_seqbegin_or_lock(&rename_lock, &seq);
3420 while (!IS_ROOT(dentry)) {
3421 struct dentry *parent = dentry->d_parent;
3422
3423 prefetch(parent);
3424 error = prepend_name(&end, &len, &dentry->d_name);
3425 if (error)
3426 break;
3427
3428 retval = end;
3429 dentry = parent;
3430 }
3431 if (!(seq & 1))
3432 rcu_read_unlock();
3433 if (need_seqretry(&rename_lock, seq)) {
3434 seq = 1;
3435 goto restart;
3436 }
3437 done_seqretry(&rename_lock, seq);
3438 if (error)
3439 goto Elong;
3440 return retval;
3441 Elong:
3442 return ERR_PTR(-ENAMETOOLONG);
3443 }
3444
dentry_path_raw(struct dentry * dentry,char * buf,int buflen)3445 char *dentry_path_raw(struct dentry *dentry, char *buf, int buflen)
3446 {
3447 return __dentry_path(dentry, buf, buflen);
3448 }
3449 EXPORT_SYMBOL(dentry_path_raw);
3450
dentry_path(struct dentry * dentry,char * buf,int buflen)3451 char *dentry_path(struct dentry *dentry, char *buf, int buflen)
3452 {
3453 char *p = NULL;
3454 char *retval;
3455
3456 if (d_unlinked(dentry)) {
3457 p = buf + buflen;
3458 if (prepend(&p, &buflen, "//deleted", 10) != 0)
3459 goto Elong;
3460 buflen++;
3461 }
3462 retval = __dentry_path(dentry, buf, buflen);
3463 if (!IS_ERR(retval) && p)
3464 *p = '/'; /* restore '/' overriden with '\0' */
3465 return retval;
3466 Elong:
3467 return ERR_PTR(-ENAMETOOLONG);
3468 }
3469
get_fs_root_and_pwd_rcu(struct fs_struct * fs,struct path * root,struct path * pwd)3470 static void get_fs_root_and_pwd_rcu(struct fs_struct *fs, struct path *root,
3471 struct path *pwd)
3472 {
3473 unsigned seq;
3474
3475 do {
3476 seq = read_seqcount_begin(&fs->seq);
3477 *root = fs->root;
3478 *pwd = fs->pwd;
3479 } while (read_seqcount_retry(&fs->seq, seq));
3480 }
3481
3482 /*
3483 * NOTE! The user-level library version returns a
3484 * character pointer. The kernel system call just
3485 * returns the length of the buffer filled (which
3486 * includes the ending '\0' character), or a negative
3487 * error value. So libc would do something like
3488 *
3489 * char *getcwd(char * buf, size_t size)
3490 * {
3491 * int retval;
3492 *
3493 * retval = sys_getcwd(buf, size);
3494 * if (retval >= 0)
3495 * return buf;
3496 * errno = -retval;
3497 * return NULL;
3498 * }
3499 */
SYSCALL_DEFINE2(getcwd,char __user *,buf,unsigned long,size)3500 SYSCALL_DEFINE2(getcwd, char __user *, buf, unsigned long, size)
3501 {
3502 int error;
3503 struct path pwd, root;
3504 char *page = __getname();
3505
3506 if (!page)
3507 return -ENOMEM;
3508
3509 rcu_read_lock();
3510 get_fs_root_and_pwd_rcu(current->fs, &root, &pwd);
3511
3512 error = -ENOENT;
3513 if (!d_unlinked(pwd.dentry)) {
3514 unsigned long len;
3515 char *cwd = page + PATH_MAX;
3516 int buflen = PATH_MAX;
3517
3518 prepend(&cwd, &buflen, "\0", 1);
3519 error = prepend_path(&pwd, &root, &cwd, &buflen);
3520 rcu_read_unlock();
3521
3522 if (error < 0)
3523 goto out;
3524
3525 /* Unreachable from current root */
3526 if (error > 0) {
3527 error = prepend_unreachable(&cwd, &buflen);
3528 if (error)
3529 goto out;
3530 }
3531
3532 error = -ERANGE;
3533 len = PATH_MAX + page - cwd;
3534 if (len <= size) {
3535 error = len;
3536 if (copy_to_user(buf, cwd, len))
3537 error = -EFAULT;
3538 }
3539 } else {
3540 rcu_read_unlock();
3541 }
3542
3543 out:
3544 __putname(page);
3545 return error;
3546 }
3547
3548 /*
3549 * Test whether new_dentry is a subdirectory of old_dentry.
3550 *
3551 * Trivially implemented using the dcache structure
3552 */
3553
3554 /**
3555 * is_subdir - is new dentry a subdirectory of old_dentry
3556 * @new_dentry: new dentry
3557 * @old_dentry: old dentry
3558 *
3559 * Returns true if new_dentry is a subdirectory of the parent (at any depth).
3560 * Returns false otherwise.
3561 * Caller must ensure that "new_dentry" is pinned before calling is_subdir()
3562 */
3563
is_subdir(struct dentry * new_dentry,struct dentry * old_dentry)3564 bool is_subdir(struct dentry *new_dentry, struct dentry *old_dentry)
3565 {
3566 bool result;
3567 unsigned seq;
3568
3569 if (new_dentry == old_dentry)
3570 return true;
3571
3572 do {
3573 /* for restarting inner loop in case of seq retry */
3574 seq = read_seqbegin(&rename_lock);
3575 /*
3576 * Need rcu_readlock to protect against the d_parent trashing
3577 * due to d_move
3578 */
3579 rcu_read_lock();
3580 if (d_ancestor(old_dentry, new_dentry))
3581 result = true;
3582 else
3583 result = false;
3584 rcu_read_unlock();
3585 } while (read_seqretry(&rename_lock, seq));
3586
3587 return result;
3588 }
3589
d_genocide_kill(void * data,struct dentry * dentry)3590 static enum d_walk_ret d_genocide_kill(void *data, struct dentry *dentry)
3591 {
3592 struct dentry *root = data;
3593 if (dentry != root) {
3594 if (d_unhashed(dentry) || !dentry->d_inode)
3595 return D_WALK_SKIP;
3596
3597 if (!(dentry->d_flags & DCACHE_GENOCIDE)) {
3598 dentry->d_flags |= DCACHE_GENOCIDE;
3599 dentry->d_lockref.count--;
3600 }
3601 }
3602 return D_WALK_CONTINUE;
3603 }
3604
d_genocide(struct dentry * parent)3605 void d_genocide(struct dentry *parent)
3606 {
3607 d_walk(parent, parent, d_genocide_kill, NULL);
3608 }
3609
d_tmpfile(struct dentry * dentry,struct inode * inode)3610 void d_tmpfile(struct dentry *dentry, struct inode *inode)
3611 {
3612 inode_dec_link_count(inode);
3613 BUG_ON(dentry->d_name.name != dentry->d_iname ||
3614 !hlist_unhashed(&dentry->d_u.d_alias) ||
3615 !d_unlinked(dentry));
3616 spin_lock(&dentry->d_parent->d_lock);
3617 spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED);
3618 dentry->d_name.len = sprintf(dentry->d_iname, "#%llu",
3619 (unsigned long long)inode->i_ino);
3620 spin_unlock(&dentry->d_lock);
3621 spin_unlock(&dentry->d_parent->d_lock);
3622 d_instantiate(dentry, inode);
3623 }
3624 EXPORT_SYMBOL(d_tmpfile);
3625
3626 static __initdata unsigned long dhash_entries;
set_dhash_entries(char * str)3627 static int __init set_dhash_entries(char *str)
3628 {
3629 if (!str)
3630 return 0;
3631 dhash_entries = simple_strtoul(str, &str, 0);
3632 return 1;
3633 }
3634 __setup("dhash_entries=", set_dhash_entries);
3635
dcache_init_early(void)3636 static void __init dcache_init_early(void)
3637 {
3638 /* If hashes are distributed across NUMA nodes, defer
3639 * hash allocation until vmalloc space is available.
3640 */
3641 if (hashdist)
3642 return;
3643
3644 dentry_hashtable =
3645 alloc_large_system_hash("Dentry cache",
3646 sizeof(struct hlist_bl_head),
3647 dhash_entries,
3648 13,
3649 HASH_EARLY | HASH_ZERO,
3650 &d_hash_shift,
3651 &d_hash_mask,
3652 0,
3653 0);
3654 }
3655
dcache_init(void)3656 static void __init dcache_init(void)
3657 {
3658 /*
3659 * A constructor could be added for stable state like the lists,
3660 * but it is probably not worth it because of the cache nature
3661 * of the dcache.
3662 */
3663 dentry_cache = KMEM_CACHE(dentry,
3664 SLAB_RECLAIM_ACCOUNT|SLAB_PANIC|SLAB_MEM_SPREAD|SLAB_ACCOUNT);
3665
3666 /* Hash may have been set up in dcache_init_early */
3667 if (!hashdist)
3668 return;
3669
3670 dentry_hashtable =
3671 alloc_large_system_hash("Dentry cache",
3672 sizeof(struct hlist_bl_head),
3673 dhash_entries,
3674 13,
3675 HASH_ZERO,
3676 &d_hash_shift,
3677 &d_hash_mask,
3678 0,
3679 0);
3680 }
3681
3682 /* SLAB cache for __getname() consumers */
3683 struct kmem_cache *names_cachep __read_mostly;
3684 EXPORT_SYMBOL(names_cachep);
3685
3686 EXPORT_SYMBOL(d_genocide);
3687
vfs_caches_init_early(void)3688 void __init vfs_caches_init_early(void)
3689 {
3690 int i;
3691
3692 for (i = 0; i < ARRAY_SIZE(in_lookup_hashtable); i++)
3693 INIT_HLIST_BL_HEAD(&in_lookup_hashtable[i]);
3694
3695 dcache_init_early();
3696 inode_init_early();
3697 }
3698
vfs_caches_init(void)3699 void __init vfs_caches_init(void)
3700 {
3701 names_cachep = kmem_cache_create("names_cache", PATH_MAX, 0,
3702 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
3703
3704 dcache_init();
3705 inode_init();
3706 files_init();
3707 files_maxfiles_init();
3708 mnt_init();
3709 bdev_cache_init();
3710 chrdev_init();
3711 }
3712