1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* -*- mode: c; c-basic-offset: 8; -*-
3 * vim: noexpandtab sw=8 ts=8 sts=0:
4 *
5 * dir.c - Operations for configfs directories.
6 *
7 * Based on sysfs:
8 * sysfs is Copyright (C) 2001, 2002, 2003 Patrick Mochel
9 *
10 * configfs Copyright (C) 2005 Oracle. All rights reserved.
11 */
12
13 #undef DEBUG
14
15 #include <linux/fs.h>
16 #include <linux/fsnotify.h>
17 #include <linux/mount.h>
18 #include <linux/module.h>
19 #include <linux/slab.h>
20 #include <linux/err.h>
21
22 #include <linux/configfs.h>
23 #include "configfs_internal.h"
24
25 /*
26 * Protects mutations of configfs_dirent linkage together with proper i_mutex
27 * Also protects mutations of symlinks linkage to target configfs_dirent
28 * Mutators of configfs_dirent linkage must *both* have the proper inode locked
29 * and configfs_dirent_lock locked, in that order.
30 * This allows one to safely traverse configfs_dirent trees and symlinks without
31 * having to lock inodes.
32 *
33 * Protects setting of CONFIGFS_USET_DROPPING: checking the flag
34 * unlocked is not reliable unless in detach_groups() called from
35 * rmdir()/unregister() and from configfs_attach_group()
36 */
37 DEFINE_SPINLOCK(configfs_dirent_lock);
38
39 /*
40 * All of link_obj/unlink_obj/link_group/unlink_group require that
41 * subsys->su_mutex is held.
42 * But parent configfs_subsystem is NULL when config_item is root.
43 * Use this mutex when config_item is root.
44 */
45 static DEFINE_MUTEX(configfs_subsystem_mutex);
46
configfs_d_iput(struct dentry * dentry,struct inode * inode)47 static void configfs_d_iput(struct dentry * dentry,
48 struct inode * inode)
49 {
50 struct configfs_dirent *sd = dentry->d_fsdata;
51
52 if (sd) {
53 /* Coordinate with configfs_readdir */
54 spin_lock(&configfs_dirent_lock);
55 /*
56 * Set sd->s_dentry to null only when this dentry is the one
57 * that is going to be killed. Otherwise configfs_d_iput may
58 * run just after configfs_attach_attr and set sd->s_dentry to
59 * NULL even it's still in use.
60 */
61 if (sd->s_dentry == dentry)
62 sd->s_dentry = NULL;
63
64 spin_unlock(&configfs_dirent_lock);
65 configfs_put(sd);
66 }
67 iput(inode);
68 }
69
70 const struct dentry_operations configfs_dentry_ops = {
71 .d_iput = configfs_d_iput,
72 .d_delete = always_delete_dentry,
73 };
74
75 #ifdef CONFIG_LOCKDEP
76
77 /*
78 * Helpers to make lockdep happy with our recursive locking of default groups'
79 * inodes (see configfs_attach_group() and configfs_detach_group()).
80 * We put default groups i_mutexes in separate classes according to their depth
81 * from the youngest non-default group ancestor.
82 *
83 * For a non-default group A having default groups A/B, A/C, and A/C/D, default
84 * groups A/B and A/C will have their inode's mutex in class
85 * default_group_class[0], and default group A/C/D will be in
86 * default_group_class[1].
87 *
88 * The lock classes are declared and assigned in inode.c, according to the
89 * s_depth value.
90 * The s_depth value is initialized to -1, adjusted to >= 0 when attaching
91 * default groups, and reset to -1 when all default groups are attached. During
92 * attachment, if configfs_create() sees s_depth > 0, the lock class of the new
93 * inode's mutex is set to default_group_class[s_depth - 1].
94 */
95
configfs_init_dirent_depth(struct configfs_dirent * sd)96 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
97 {
98 sd->s_depth = -1;
99 }
100
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)101 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
102 struct configfs_dirent *sd)
103 {
104 int parent_depth = parent_sd->s_depth;
105
106 if (parent_depth >= 0)
107 sd->s_depth = parent_depth + 1;
108 }
109
110 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)111 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
112 {
113 /*
114 * item's i_mutex class is already setup, so s_depth is now only
115 * used to set new sub-directories s_depth, which is always done
116 * with item's i_mutex locked.
117 */
118 /*
119 * sd->s_depth == -1 iff we are a non default group.
120 * else (we are a default group) sd->s_depth > 0 (see
121 * create_dir()).
122 */
123 if (sd->s_depth == -1)
124 /*
125 * We are a non default group and we are going to create
126 * default groups.
127 */
128 sd->s_depth = 0;
129 }
130
131 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)132 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
133 {
134 /* We will not create default groups anymore. */
135 sd->s_depth = -1;
136 }
137
138 #else /* CONFIG_LOCKDEP */
139
configfs_init_dirent_depth(struct configfs_dirent * sd)140 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
141 {
142 }
143
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)144 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
145 struct configfs_dirent *sd)
146 {
147 }
148
149 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)150 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
151 {
152 }
153
154 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)155 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
156 {
157 }
158
159 #endif /* CONFIG_LOCKDEP */
160
new_fragment(void)161 static struct configfs_fragment *new_fragment(void)
162 {
163 struct configfs_fragment *p;
164
165 p = kmalloc(sizeof(struct configfs_fragment), GFP_KERNEL);
166 if (p) {
167 atomic_set(&p->frag_count, 1);
168 init_rwsem(&p->frag_sem);
169 p->frag_dead = false;
170 }
171 return p;
172 }
173
put_fragment(struct configfs_fragment * frag)174 void put_fragment(struct configfs_fragment *frag)
175 {
176 if (frag && atomic_dec_and_test(&frag->frag_count))
177 kfree(frag);
178 }
179
get_fragment(struct configfs_fragment * frag)180 struct configfs_fragment *get_fragment(struct configfs_fragment *frag)
181 {
182 if (likely(frag))
183 atomic_inc(&frag->frag_count);
184 return frag;
185 }
186
187 /*
188 * Allocates a new configfs_dirent and links it to the parent configfs_dirent
189 */
configfs_new_dirent(struct configfs_dirent * parent_sd,void * element,int type,struct configfs_fragment * frag)190 static struct configfs_dirent *configfs_new_dirent(struct configfs_dirent *parent_sd,
191 void *element, int type,
192 struct configfs_fragment *frag)
193 {
194 struct configfs_dirent * sd;
195
196 sd = kmem_cache_zalloc(configfs_dir_cachep, GFP_KERNEL);
197 if (!sd)
198 return ERR_PTR(-ENOMEM);
199
200 atomic_set(&sd->s_count, 1);
201 INIT_LIST_HEAD(&sd->s_children);
202 sd->s_element = element;
203 sd->s_type = type;
204 configfs_init_dirent_depth(sd);
205 spin_lock(&configfs_dirent_lock);
206 if (parent_sd->s_type & CONFIGFS_USET_DROPPING) {
207 spin_unlock(&configfs_dirent_lock);
208 kmem_cache_free(configfs_dir_cachep, sd);
209 return ERR_PTR(-ENOENT);
210 }
211 sd->s_frag = get_fragment(frag);
212 list_add(&sd->s_sibling, &parent_sd->s_children);
213 spin_unlock(&configfs_dirent_lock);
214
215 return sd;
216 }
217
218 /*
219 *
220 * Return -EEXIST if there is already a configfs element with the same
221 * name for the same parent.
222 *
223 * called with parent inode's i_mutex held
224 */
configfs_dirent_exists(struct configfs_dirent * parent_sd,const unsigned char * new)225 static int configfs_dirent_exists(struct configfs_dirent *parent_sd,
226 const unsigned char *new)
227 {
228 struct configfs_dirent * sd;
229
230 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
231 if (sd->s_element) {
232 const unsigned char *existing = configfs_get_name(sd);
233 if (strcmp(existing, new))
234 continue;
235 else
236 return -EEXIST;
237 }
238 }
239
240 return 0;
241 }
242
243
configfs_make_dirent(struct configfs_dirent * parent_sd,struct dentry * dentry,void * element,umode_t mode,int type,struct configfs_fragment * frag)244 int configfs_make_dirent(struct configfs_dirent * parent_sd,
245 struct dentry * dentry, void * element,
246 umode_t mode, int type, struct configfs_fragment *frag)
247 {
248 struct configfs_dirent * sd;
249
250 sd = configfs_new_dirent(parent_sd, element, type, frag);
251 if (IS_ERR(sd))
252 return PTR_ERR(sd);
253
254 sd->s_mode = mode;
255 sd->s_dentry = dentry;
256 if (dentry)
257 dentry->d_fsdata = configfs_get(sd);
258
259 return 0;
260 }
261
configfs_remove_dirent(struct dentry * dentry)262 static void configfs_remove_dirent(struct dentry *dentry)
263 {
264 struct configfs_dirent *sd = dentry->d_fsdata;
265
266 if (!sd)
267 return;
268 spin_lock(&configfs_dirent_lock);
269 list_del_init(&sd->s_sibling);
270 spin_unlock(&configfs_dirent_lock);
271 configfs_put(sd);
272 }
273
274 /**
275 * configfs_create_dir - create a directory for an config_item.
276 * @item: config_itemwe're creating directory for.
277 * @dentry: config_item's dentry.
278 *
279 * Note: user-created entries won't be allowed under this new directory
280 * until it is validated by configfs_dir_set_ready()
281 */
282
configfs_create_dir(struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)283 static int configfs_create_dir(struct config_item *item, struct dentry *dentry,
284 struct configfs_fragment *frag)
285 {
286 int error;
287 umode_t mode = S_IFDIR| S_IRWXU | S_IRUGO | S_IXUGO;
288 struct dentry *p = dentry->d_parent;
289 struct inode *inode;
290
291 BUG_ON(!item);
292
293 error = configfs_dirent_exists(p->d_fsdata, dentry->d_name.name);
294 if (unlikely(error))
295 return error;
296
297 error = configfs_make_dirent(p->d_fsdata, dentry, item, mode,
298 CONFIGFS_DIR | CONFIGFS_USET_CREATING,
299 frag);
300 if (unlikely(error))
301 return error;
302
303 configfs_set_dir_dirent_depth(p->d_fsdata, dentry->d_fsdata);
304 inode = configfs_create(dentry, mode);
305 if (IS_ERR(inode))
306 goto out_remove;
307
308 inode->i_op = &configfs_dir_inode_operations;
309 inode->i_fop = &configfs_dir_operations;
310 /* directory inodes start off with i_nlink == 2 (for "." entry) */
311 inc_nlink(inode);
312 d_instantiate(dentry, inode);
313 /* already hashed */
314 dget(dentry); /* pin directory dentries in core */
315 inc_nlink(d_inode(p));
316 item->ci_dentry = dentry;
317 return 0;
318
319 out_remove:
320 configfs_put(dentry->d_fsdata);
321 configfs_remove_dirent(dentry);
322 return PTR_ERR(inode);
323 }
324
325 /*
326 * Allow userspace to create new entries under a new directory created with
327 * configfs_create_dir(), and under all of its chidlren directories recursively.
328 * @sd configfs_dirent of the new directory to validate
329 *
330 * Caller must hold configfs_dirent_lock.
331 */
configfs_dir_set_ready(struct configfs_dirent * sd)332 static void configfs_dir_set_ready(struct configfs_dirent *sd)
333 {
334 struct configfs_dirent *child_sd;
335
336 sd->s_type &= ~CONFIGFS_USET_CREATING;
337 list_for_each_entry(child_sd, &sd->s_children, s_sibling)
338 if (child_sd->s_type & CONFIGFS_USET_CREATING)
339 configfs_dir_set_ready(child_sd);
340 }
341
342 /*
343 * Check that a directory does not belong to a directory hierarchy being
344 * attached and not validated yet.
345 * @sd configfs_dirent of the directory to check
346 *
347 * @return non-zero iff the directory was validated
348 *
349 * Note: takes configfs_dirent_lock, so the result may change from false to true
350 * in two consecutive calls, but never from true to false.
351 */
configfs_dirent_is_ready(struct configfs_dirent * sd)352 int configfs_dirent_is_ready(struct configfs_dirent *sd)
353 {
354 int ret;
355
356 spin_lock(&configfs_dirent_lock);
357 ret = !(sd->s_type & CONFIGFS_USET_CREATING);
358 spin_unlock(&configfs_dirent_lock);
359
360 return ret;
361 }
362
configfs_create_link(struct configfs_dirent * target,struct dentry * parent,struct dentry * dentry,char * body)363 int configfs_create_link(struct configfs_dirent *target, struct dentry *parent,
364 struct dentry *dentry, char *body)
365 {
366 int err = 0;
367 umode_t mode = S_IFLNK | S_IRWXUGO;
368 struct configfs_dirent *p = parent->d_fsdata;
369 struct inode *inode;
370
371 err = configfs_make_dirent(p, dentry, target, mode, CONFIGFS_ITEM_LINK,
372 p->s_frag);
373 if (err)
374 return err;
375
376 inode = configfs_create(dentry, mode);
377 if (IS_ERR(inode))
378 goto out_remove;
379
380 inode->i_link = body;
381 inode->i_op = &configfs_symlink_inode_operations;
382 d_instantiate(dentry, inode);
383 dget(dentry); /* pin link dentries in core */
384 return 0;
385
386 out_remove:
387 configfs_put(dentry->d_fsdata);
388 configfs_remove_dirent(dentry);
389 return PTR_ERR(inode);
390 }
391
remove_dir(struct dentry * d)392 static void remove_dir(struct dentry * d)
393 {
394 struct dentry * parent = dget(d->d_parent);
395
396 configfs_remove_dirent(d);
397
398 if (d_really_is_positive(d))
399 simple_rmdir(d_inode(parent),d);
400
401 pr_debug(" o %pd removing done (%d)\n", d, d_count(d));
402
403 dput(parent);
404 }
405
406 /**
407 * configfs_remove_dir - remove an config_item's directory.
408 * @item: config_item we're removing.
409 *
410 * The only thing special about this is that we remove any files in
411 * the directory before we remove the directory, and we've inlined
412 * what used to be configfs_rmdir() below, instead of calling separately.
413 *
414 * Caller holds the mutex of the item's inode
415 */
416
configfs_remove_dir(struct config_item * item)417 static void configfs_remove_dir(struct config_item * item)
418 {
419 struct dentry * dentry = dget(item->ci_dentry);
420
421 if (!dentry)
422 return;
423
424 remove_dir(dentry);
425 /**
426 * Drop reference from dget() on entrance.
427 */
428 dput(dentry);
429 }
430
431
432 /* attaches attribute's configfs_dirent to the dentry corresponding to the
433 * attribute file
434 */
configfs_attach_attr(struct configfs_dirent * sd,struct dentry * dentry)435 static int configfs_attach_attr(struct configfs_dirent * sd, struct dentry * dentry)
436 {
437 struct configfs_attribute * attr = sd->s_element;
438 struct inode *inode;
439
440 spin_lock(&configfs_dirent_lock);
441 dentry->d_fsdata = configfs_get(sd);
442 sd->s_dentry = dentry;
443 spin_unlock(&configfs_dirent_lock);
444
445 inode = configfs_create(dentry, (attr->ca_mode & S_IALLUGO) | S_IFREG);
446 if (IS_ERR(inode)) {
447 configfs_put(sd);
448 return PTR_ERR(inode);
449 }
450 if (sd->s_type & CONFIGFS_ITEM_BIN_ATTR) {
451 inode->i_size = 0;
452 inode->i_fop = &configfs_bin_file_operations;
453 } else {
454 inode->i_size = PAGE_SIZE;
455 inode->i_fop = &configfs_file_operations;
456 }
457 d_add(dentry, inode);
458 return 0;
459 }
460
configfs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)461 static struct dentry * configfs_lookup(struct inode *dir,
462 struct dentry *dentry,
463 unsigned int flags)
464 {
465 struct configfs_dirent * parent_sd = dentry->d_parent->d_fsdata;
466 struct configfs_dirent * sd;
467 int found = 0;
468 int err;
469
470 /*
471 * Fake invisibility if dir belongs to a group/default groups hierarchy
472 * being attached
473 *
474 * This forbids userspace to read/write attributes of items which may
475 * not complete their initialization, since the dentries of the
476 * attributes won't be instantiated.
477 */
478 err = -ENOENT;
479 if (!configfs_dirent_is_ready(parent_sd))
480 goto out;
481
482 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
483 if (sd->s_type & CONFIGFS_NOT_PINNED) {
484 const unsigned char * name = configfs_get_name(sd);
485
486 if (strcmp(name, dentry->d_name.name))
487 continue;
488
489 found = 1;
490 err = configfs_attach_attr(sd, dentry);
491 break;
492 }
493 }
494
495 if (!found) {
496 /*
497 * If it doesn't exist and it isn't a NOT_PINNED item,
498 * it must be negative.
499 */
500 if (dentry->d_name.len > NAME_MAX)
501 return ERR_PTR(-ENAMETOOLONG);
502 d_add(dentry, NULL);
503 return NULL;
504 }
505
506 out:
507 return ERR_PTR(err);
508 }
509
510 /*
511 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
512 * attributes and are removed by rmdir(). We recurse, setting
513 * CONFIGFS_USET_DROPPING on all children that are candidates for
514 * default detach.
515 * If there is an error, the caller will reset the flags via
516 * configfs_detach_rollback().
517 */
configfs_detach_prep(struct dentry * dentry,struct dentry ** wait)518 static int configfs_detach_prep(struct dentry *dentry, struct dentry **wait)
519 {
520 struct configfs_dirent *parent_sd = dentry->d_fsdata;
521 struct configfs_dirent *sd;
522 int ret;
523
524 /* Mark that we're trying to drop the group */
525 parent_sd->s_type |= CONFIGFS_USET_DROPPING;
526
527 ret = -EBUSY;
528 if (parent_sd->s_links)
529 goto out;
530
531 ret = 0;
532 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
533 if (!sd->s_element ||
534 (sd->s_type & CONFIGFS_NOT_PINNED))
535 continue;
536 if (sd->s_type & CONFIGFS_USET_DEFAULT) {
537 /* Abort if racing with mkdir() */
538 if (sd->s_type & CONFIGFS_USET_IN_MKDIR) {
539 if (wait)
540 *wait= dget(sd->s_dentry);
541 return -EAGAIN;
542 }
543
544 /*
545 * Yup, recursive. If there's a problem, blame
546 * deep nesting of default_groups
547 */
548 ret = configfs_detach_prep(sd->s_dentry, wait);
549 if (!ret)
550 continue;
551 } else
552 ret = -ENOTEMPTY;
553
554 break;
555 }
556
557 out:
558 return ret;
559 }
560
561 /*
562 * Walk the tree, resetting CONFIGFS_USET_DROPPING wherever it was
563 * set.
564 */
configfs_detach_rollback(struct dentry * dentry)565 static void configfs_detach_rollback(struct dentry *dentry)
566 {
567 struct configfs_dirent *parent_sd = dentry->d_fsdata;
568 struct configfs_dirent *sd;
569
570 parent_sd->s_type &= ~CONFIGFS_USET_DROPPING;
571
572 list_for_each_entry(sd, &parent_sd->s_children, s_sibling)
573 if (sd->s_type & CONFIGFS_USET_DEFAULT)
574 configfs_detach_rollback(sd->s_dentry);
575 }
576
detach_attrs(struct config_item * item)577 static void detach_attrs(struct config_item * item)
578 {
579 struct dentry * dentry = dget(item->ci_dentry);
580 struct configfs_dirent * parent_sd;
581 struct configfs_dirent * sd, * tmp;
582
583 if (!dentry)
584 return;
585
586 pr_debug("configfs %s: dropping attrs for dir\n",
587 dentry->d_name.name);
588
589 parent_sd = dentry->d_fsdata;
590 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
591 if (!sd->s_element || !(sd->s_type & CONFIGFS_NOT_PINNED))
592 continue;
593 spin_lock(&configfs_dirent_lock);
594 list_del_init(&sd->s_sibling);
595 spin_unlock(&configfs_dirent_lock);
596 configfs_drop_dentry(sd, dentry);
597 configfs_put(sd);
598 }
599
600 /**
601 * Drop reference from dget() on entrance.
602 */
603 dput(dentry);
604 }
605
populate_attrs(struct config_item * item)606 static int populate_attrs(struct config_item *item)
607 {
608 const struct config_item_type *t = item->ci_type;
609 struct configfs_attribute *attr;
610 struct configfs_bin_attribute *bin_attr;
611 int error = 0;
612 int i;
613
614 if (!t)
615 return -EINVAL;
616 if (t->ct_attrs) {
617 for (i = 0; (attr = t->ct_attrs[i]) != NULL; i++) {
618 if ((error = configfs_create_file(item, attr)))
619 break;
620 }
621 }
622 if (t->ct_bin_attrs) {
623 for (i = 0; (bin_attr = t->ct_bin_attrs[i]) != NULL; i++) {
624 error = configfs_create_bin_file(item, bin_attr);
625 if (error)
626 break;
627 }
628 }
629
630 if (error)
631 detach_attrs(item);
632
633 return error;
634 }
635
636 static int configfs_attach_group(struct config_item *parent_item,
637 struct config_item *item,
638 struct dentry *dentry,
639 struct configfs_fragment *frag);
640 static void configfs_detach_group(struct config_item *item);
641
detach_groups(struct config_group * group)642 static void detach_groups(struct config_group *group)
643 {
644 struct dentry * dentry = dget(group->cg_item.ci_dentry);
645 struct dentry *child;
646 struct configfs_dirent *parent_sd;
647 struct configfs_dirent *sd, *tmp;
648
649 if (!dentry)
650 return;
651
652 parent_sd = dentry->d_fsdata;
653 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
654 if (!sd->s_element ||
655 !(sd->s_type & CONFIGFS_USET_DEFAULT))
656 continue;
657
658 child = sd->s_dentry;
659
660 inode_lock(d_inode(child));
661
662 configfs_detach_group(sd->s_element);
663 d_inode(child)->i_flags |= S_DEAD;
664 dont_mount(child);
665
666 inode_unlock(d_inode(child));
667
668 d_delete(child);
669 dput(child);
670 }
671
672 /**
673 * Drop reference from dget() on entrance.
674 */
675 dput(dentry);
676 }
677
678 /*
679 * This fakes mkdir(2) on a default_groups[] entry. It
680 * creates a dentry, attachs it, and then does fixup
681 * on the sd->s_type.
682 *
683 * We could, perhaps, tweak our parent's ->mkdir for a minute and
684 * try using vfs_mkdir. Just a thought.
685 */
create_default_group(struct config_group * parent_group,struct config_group * group,struct configfs_fragment * frag)686 static int create_default_group(struct config_group *parent_group,
687 struct config_group *group,
688 struct configfs_fragment *frag)
689 {
690 int ret;
691 struct configfs_dirent *sd;
692 /* We trust the caller holds a reference to parent */
693 struct dentry *child, *parent = parent_group->cg_item.ci_dentry;
694
695 if (!group->cg_item.ci_name)
696 group->cg_item.ci_name = group->cg_item.ci_namebuf;
697
698 ret = -ENOMEM;
699 child = d_alloc_name(parent, group->cg_item.ci_name);
700 if (child) {
701 d_add(child, NULL);
702
703 ret = configfs_attach_group(&parent_group->cg_item,
704 &group->cg_item, child, frag);
705 if (!ret) {
706 sd = child->d_fsdata;
707 sd->s_type |= CONFIGFS_USET_DEFAULT;
708 } else {
709 BUG_ON(d_inode(child));
710 d_drop(child);
711 dput(child);
712 }
713 }
714
715 return ret;
716 }
717
populate_groups(struct config_group * group,struct configfs_fragment * frag)718 static int populate_groups(struct config_group *group,
719 struct configfs_fragment *frag)
720 {
721 struct config_group *new_group;
722 int ret = 0;
723
724 list_for_each_entry(new_group, &group->default_groups, group_entry) {
725 ret = create_default_group(group, new_group, frag);
726 if (ret) {
727 detach_groups(group);
728 break;
729 }
730 }
731
732 return ret;
733 }
734
configfs_remove_default_groups(struct config_group * group)735 void configfs_remove_default_groups(struct config_group *group)
736 {
737 struct config_group *g, *n;
738
739 list_for_each_entry_safe(g, n, &group->default_groups, group_entry) {
740 list_del(&g->group_entry);
741 config_item_put(&g->cg_item);
742 }
743 }
744 EXPORT_SYMBOL(configfs_remove_default_groups);
745
746 /*
747 * All of link_obj/unlink_obj/link_group/unlink_group require that
748 * subsys->su_mutex is held.
749 */
750
unlink_obj(struct config_item * item)751 static void unlink_obj(struct config_item *item)
752 {
753 struct config_group *group;
754
755 group = item->ci_group;
756 if (group) {
757 list_del_init(&item->ci_entry);
758
759 item->ci_group = NULL;
760 item->ci_parent = NULL;
761
762 /* Drop the reference for ci_entry */
763 config_item_put(item);
764
765 /* Drop the reference for ci_parent */
766 config_group_put(group);
767 }
768 }
769
link_obj(struct config_item * parent_item,struct config_item * item)770 static void link_obj(struct config_item *parent_item, struct config_item *item)
771 {
772 /*
773 * Parent seems redundant with group, but it makes certain
774 * traversals much nicer.
775 */
776 item->ci_parent = parent_item;
777
778 /*
779 * We hold a reference on the parent for the child's ci_parent
780 * link.
781 */
782 item->ci_group = config_group_get(to_config_group(parent_item));
783 list_add_tail(&item->ci_entry, &item->ci_group->cg_children);
784
785 /*
786 * We hold a reference on the child for ci_entry on the parent's
787 * cg_children
788 */
789 config_item_get(item);
790 }
791
unlink_group(struct config_group * group)792 static void unlink_group(struct config_group *group)
793 {
794 struct config_group *new_group;
795
796 list_for_each_entry(new_group, &group->default_groups, group_entry)
797 unlink_group(new_group);
798
799 group->cg_subsys = NULL;
800 unlink_obj(&group->cg_item);
801 }
802
link_group(struct config_group * parent_group,struct config_group * group)803 static void link_group(struct config_group *parent_group, struct config_group *group)
804 {
805 struct config_group *new_group;
806 struct configfs_subsystem *subsys = NULL; /* gcc is a turd */
807
808 link_obj(&parent_group->cg_item, &group->cg_item);
809
810 if (parent_group->cg_subsys)
811 subsys = parent_group->cg_subsys;
812 else if (configfs_is_root(&parent_group->cg_item))
813 subsys = to_configfs_subsystem(group);
814 else
815 BUG();
816 group->cg_subsys = subsys;
817
818 list_for_each_entry(new_group, &group->default_groups, group_entry)
819 link_group(group, new_group);
820 }
821
822 /*
823 * The goal is that configfs_attach_item() (and
824 * configfs_attach_group()) can be called from either the VFS or this
825 * module. That is, they assume that the items have been created,
826 * the dentry allocated, and the dcache is all ready to go.
827 *
828 * If they fail, they must clean up after themselves as if they
829 * had never been called. The caller (VFS or local function) will
830 * handle cleaning up the dcache bits.
831 *
832 * configfs_detach_group() and configfs_detach_item() behave similarly on
833 * the way out. They assume that the proper semaphores are held, they
834 * clean up the configfs items, and they expect their callers will
835 * handle the dcache bits.
836 */
configfs_attach_item(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)837 static int configfs_attach_item(struct config_item *parent_item,
838 struct config_item *item,
839 struct dentry *dentry,
840 struct configfs_fragment *frag)
841 {
842 int ret;
843
844 ret = configfs_create_dir(item, dentry, frag);
845 if (!ret) {
846 ret = populate_attrs(item);
847 if (ret) {
848 /*
849 * We are going to remove an inode and its dentry but
850 * the VFS may already have hit and used them. Thus,
851 * we must lock them as rmdir() would.
852 */
853 inode_lock(d_inode(dentry));
854 configfs_remove_dir(item);
855 d_inode(dentry)->i_flags |= S_DEAD;
856 dont_mount(dentry);
857 inode_unlock(d_inode(dentry));
858 d_delete(dentry);
859 }
860 }
861
862 return ret;
863 }
864
865 /* Caller holds the mutex of the item's inode */
configfs_detach_item(struct config_item * item)866 static void configfs_detach_item(struct config_item *item)
867 {
868 detach_attrs(item);
869 configfs_remove_dir(item);
870 }
871
configfs_attach_group(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)872 static int configfs_attach_group(struct config_item *parent_item,
873 struct config_item *item,
874 struct dentry *dentry,
875 struct configfs_fragment *frag)
876 {
877 int ret;
878 struct configfs_dirent *sd;
879
880 ret = configfs_attach_item(parent_item, item, dentry, frag);
881 if (!ret) {
882 sd = dentry->d_fsdata;
883 sd->s_type |= CONFIGFS_USET_DIR;
884
885 /*
886 * FYI, we're faking mkdir in populate_groups()
887 * We must lock the group's inode to avoid races with the VFS
888 * which can already hit the inode and try to add/remove entries
889 * under it.
890 *
891 * We must also lock the inode to remove it safely in case of
892 * error, as rmdir() would.
893 */
894 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
895 configfs_adjust_dir_dirent_depth_before_populate(sd);
896 ret = populate_groups(to_config_group(item), frag);
897 if (ret) {
898 configfs_detach_item(item);
899 d_inode(dentry)->i_flags |= S_DEAD;
900 dont_mount(dentry);
901 }
902 configfs_adjust_dir_dirent_depth_after_populate(sd);
903 inode_unlock(d_inode(dentry));
904 if (ret)
905 d_delete(dentry);
906 }
907
908 return ret;
909 }
910
911 /* Caller holds the mutex of the group's inode */
configfs_detach_group(struct config_item * item)912 static void configfs_detach_group(struct config_item *item)
913 {
914 detach_groups(to_config_group(item));
915 configfs_detach_item(item);
916 }
917
918 /*
919 * After the item has been detached from the filesystem view, we are
920 * ready to tear it out of the hierarchy. Notify the client before
921 * we do that so they can perform any cleanup that requires
922 * navigating the hierarchy. A client does not need to provide this
923 * callback. The subsystem semaphore MUST be held by the caller, and
924 * references must be valid for both items. It also assumes the
925 * caller has validated ci_type.
926 */
client_disconnect_notify(struct config_item * parent_item,struct config_item * item)927 static void client_disconnect_notify(struct config_item *parent_item,
928 struct config_item *item)
929 {
930 const struct config_item_type *type;
931
932 type = parent_item->ci_type;
933 BUG_ON(!type);
934
935 if (type->ct_group_ops && type->ct_group_ops->disconnect_notify)
936 type->ct_group_ops->disconnect_notify(to_config_group(parent_item),
937 item);
938 }
939
940 /*
941 * Drop the initial reference from make_item()/make_group()
942 * This function assumes that reference is held on item
943 * and that item holds a valid reference to the parent. Also, it
944 * assumes the caller has validated ci_type.
945 */
client_drop_item(struct config_item * parent_item,struct config_item * item)946 static void client_drop_item(struct config_item *parent_item,
947 struct config_item *item)
948 {
949 const struct config_item_type *type;
950
951 type = parent_item->ci_type;
952 BUG_ON(!type);
953
954 /*
955 * If ->drop_item() exists, it is responsible for the
956 * config_item_put().
957 */
958 if (type->ct_group_ops && type->ct_group_ops->drop_item)
959 type->ct_group_ops->drop_item(to_config_group(parent_item),
960 item);
961 else
962 config_item_put(item);
963 }
964
965 #ifdef DEBUG
configfs_dump_one(struct configfs_dirent * sd,int level)966 static void configfs_dump_one(struct configfs_dirent *sd, int level)
967 {
968 pr_info("%*s\"%s\":\n", level, " ", configfs_get_name(sd));
969
970 #define type_print(_type) if (sd->s_type & _type) pr_info("%*s %s\n", level, " ", #_type);
971 type_print(CONFIGFS_ROOT);
972 type_print(CONFIGFS_DIR);
973 type_print(CONFIGFS_ITEM_ATTR);
974 type_print(CONFIGFS_ITEM_LINK);
975 type_print(CONFIGFS_USET_DIR);
976 type_print(CONFIGFS_USET_DEFAULT);
977 type_print(CONFIGFS_USET_DROPPING);
978 #undef type_print
979 }
980
configfs_dump(struct configfs_dirent * sd,int level)981 static int configfs_dump(struct configfs_dirent *sd, int level)
982 {
983 struct configfs_dirent *child_sd;
984 int ret = 0;
985
986 configfs_dump_one(sd, level);
987
988 if (!(sd->s_type & (CONFIGFS_DIR|CONFIGFS_ROOT)))
989 return 0;
990
991 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
992 ret = configfs_dump(child_sd, level + 2);
993 if (ret)
994 break;
995 }
996
997 return ret;
998 }
999 #endif
1000
1001
1002 /*
1003 * configfs_depend_item() and configfs_undepend_item()
1004 *
1005 * WARNING: Do not call these from a configfs callback!
1006 *
1007 * This describes these functions and their helpers.
1008 *
1009 * Allow another kernel system to depend on a config_item. If this
1010 * happens, the item cannot go away until the dependent can live without
1011 * it. The idea is to give client modules as simple an interface as
1012 * possible. When a system asks them to depend on an item, they just
1013 * call configfs_depend_item(). If the item is live and the client
1014 * driver is in good shape, we'll happily do the work for them.
1015 *
1016 * Why is the locking complex? Because configfs uses the VFS to handle
1017 * all locking, but this function is called outside the normal
1018 * VFS->configfs path. So it must take VFS locks to prevent the
1019 * VFS->configfs stuff (configfs_mkdir(), configfs_rmdir(), etc). This is
1020 * why you can't call these functions underneath configfs callbacks.
1021 *
1022 * Note, btw, that this can be called at *any* time, even when a configfs
1023 * subsystem isn't registered, or when configfs is loading or unloading.
1024 * Just like configfs_register_subsystem(). So we take the same
1025 * precautions. We pin the filesystem. We lock configfs_dirent_lock.
1026 * If we can find the target item in the
1027 * configfs tree, it must be part of the subsystem tree as well, so we
1028 * do not need the subsystem semaphore. Holding configfs_dirent_lock helps
1029 * locking out mkdir() and rmdir(), who might be racing us.
1030 */
1031
1032 /*
1033 * configfs_depend_prep()
1034 *
1035 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
1036 * attributes. This is similar but not the same to configfs_detach_prep().
1037 * Note that configfs_detach_prep() expects the parent to be locked when it
1038 * is called, but we lock the parent *inside* configfs_depend_prep(). We
1039 * do that so we can unlock it if we find nothing.
1040 *
1041 * Here we do a depth-first search of the dentry hierarchy looking for
1042 * our object.
1043 * We deliberately ignore items tagged as dropping since they are virtually
1044 * dead, as well as items in the middle of attachment since they virtually
1045 * do not exist yet. This completes the locking out of racing mkdir() and
1046 * rmdir().
1047 * Note: subdirectories in the middle of attachment start with s_type =
1048 * CONFIGFS_DIR|CONFIGFS_USET_CREATING set by create_dir(). When
1049 * CONFIGFS_USET_CREATING is set, we ignore the item. The actual set of
1050 * s_type is in configfs_new_dirent(), which has configfs_dirent_lock.
1051 *
1052 * If the target is not found, -ENOENT is bubbled up.
1053 *
1054 * This adds a requirement that all config_items be unique!
1055 *
1056 * This is recursive. There isn't
1057 * much on the stack, though, so folks that need this function - be careful
1058 * about your stack! Patches will be accepted to make it iterative.
1059 */
configfs_depend_prep(struct dentry * origin,struct config_item * target)1060 static int configfs_depend_prep(struct dentry *origin,
1061 struct config_item *target)
1062 {
1063 struct configfs_dirent *child_sd, *sd;
1064 int ret = 0;
1065
1066 BUG_ON(!origin || !origin->d_fsdata);
1067 sd = origin->d_fsdata;
1068
1069 if (sd->s_element == target) /* Boo-yah */
1070 goto out;
1071
1072 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
1073 if ((child_sd->s_type & CONFIGFS_DIR) &&
1074 !(child_sd->s_type & CONFIGFS_USET_DROPPING) &&
1075 !(child_sd->s_type & CONFIGFS_USET_CREATING)) {
1076 ret = configfs_depend_prep(child_sd->s_dentry,
1077 target);
1078 if (!ret)
1079 goto out; /* Child path boo-yah */
1080 }
1081 }
1082
1083 /* We looped all our children and didn't find target */
1084 ret = -ENOENT;
1085
1086 out:
1087 return ret;
1088 }
1089
configfs_do_depend_item(struct dentry * subsys_dentry,struct config_item * target)1090 static int configfs_do_depend_item(struct dentry *subsys_dentry,
1091 struct config_item *target)
1092 {
1093 struct configfs_dirent *p;
1094 int ret;
1095
1096 spin_lock(&configfs_dirent_lock);
1097 /* Scan the tree, return 0 if found */
1098 ret = configfs_depend_prep(subsys_dentry, target);
1099 if (ret)
1100 goto out_unlock_dirent_lock;
1101
1102 /*
1103 * We are sure that the item is not about to be removed by rmdir(), and
1104 * not in the middle of attachment by mkdir().
1105 */
1106 p = target->ci_dentry->d_fsdata;
1107 p->s_dependent_count += 1;
1108
1109 out_unlock_dirent_lock:
1110 spin_unlock(&configfs_dirent_lock);
1111
1112 return ret;
1113 }
1114
1115 static inline struct configfs_dirent *
configfs_find_subsys_dentry(struct configfs_dirent * root_sd,struct config_item * subsys_item)1116 configfs_find_subsys_dentry(struct configfs_dirent *root_sd,
1117 struct config_item *subsys_item)
1118 {
1119 struct configfs_dirent *p;
1120 struct configfs_dirent *ret = NULL;
1121
1122 list_for_each_entry(p, &root_sd->s_children, s_sibling) {
1123 if (p->s_type & CONFIGFS_DIR &&
1124 p->s_element == subsys_item) {
1125 ret = p;
1126 break;
1127 }
1128 }
1129
1130 return ret;
1131 }
1132
1133
configfs_depend_item(struct configfs_subsystem * subsys,struct config_item * target)1134 int configfs_depend_item(struct configfs_subsystem *subsys,
1135 struct config_item *target)
1136 {
1137 int ret;
1138 struct configfs_dirent *subsys_sd;
1139 struct config_item *s_item = &subsys->su_group.cg_item;
1140 struct dentry *root;
1141
1142 /*
1143 * Pin the configfs filesystem. This means we can safely access
1144 * the root of the configfs filesystem.
1145 */
1146 root = configfs_pin_fs();
1147 if (IS_ERR(root))
1148 return PTR_ERR(root);
1149
1150 /*
1151 * Next, lock the root directory. We're going to check that the
1152 * subsystem is really registered, and so we need to lock out
1153 * configfs_[un]register_subsystem().
1154 */
1155 inode_lock(d_inode(root));
1156
1157 subsys_sd = configfs_find_subsys_dentry(root->d_fsdata, s_item);
1158 if (!subsys_sd) {
1159 ret = -ENOENT;
1160 goto out_unlock_fs;
1161 }
1162
1163 /* Ok, now we can trust subsys/s_item */
1164 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1165
1166 out_unlock_fs:
1167 inode_unlock(d_inode(root));
1168
1169 /*
1170 * If we succeeded, the fs is pinned via other methods. If not,
1171 * we're done with it anyway. So release_fs() is always right.
1172 */
1173 configfs_release_fs();
1174
1175 return ret;
1176 }
1177 EXPORT_SYMBOL(configfs_depend_item);
1178
1179 /*
1180 * Release the dependent linkage. This is much simpler than
1181 * configfs_depend_item() because we know that the client driver is
1182 * pinned, thus the subsystem is pinned, and therefore configfs is pinned.
1183 */
configfs_undepend_item(struct config_item * target)1184 void configfs_undepend_item(struct config_item *target)
1185 {
1186 struct configfs_dirent *sd;
1187
1188 /*
1189 * Since we can trust everything is pinned, we just need
1190 * configfs_dirent_lock.
1191 */
1192 spin_lock(&configfs_dirent_lock);
1193
1194 sd = target->ci_dentry->d_fsdata;
1195 BUG_ON(sd->s_dependent_count < 1);
1196
1197 sd->s_dependent_count -= 1;
1198
1199 /*
1200 * After this unlock, we cannot trust the item to stay alive!
1201 * DO NOT REFERENCE item after this unlock.
1202 */
1203 spin_unlock(&configfs_dirent_lock);
1204 }
1205 EXPORT_SYMBOL(configfs_undepend_item);
1206
1207 /*
1208 * caller_subsys is a caller's subsystem not target's. This is used to
1209 * determine if we should lock root and check subsys or not. When we are
1210 * in the same subsystem as our target there is no need to do locking as
1211 * we know that subsys is valid and is not unregistered during this function
1212 * as we are called from callback of one of his children and VFS holds a lock
1213 * on some inode. Otherwise we have to lock our root to ensure that target's
1214 * subsystem it is not unregistered during this function.
1215 */
configfs_depend_item_unlocked(struct configfs_subsystem * caller_subsys,struct config_item * target)1216 int configfs_depend_item_unlocked(struct configfs_subsystem *caller_subsys,
1217 struct config_item *target)
1218 {
1219 struct configfs_subsystem *target_subsys;
1220 struct config_group *root, *parent;
1221 struct configfs_dirent *subsys_sd;
1222 int ret = -ENOENT;
1223
1224 /* Disallow this function for configfs root */
1225 if (configfs_is_root(target))
1226 return -EINVAL;
1227
1228 parent = target->ci_group;
1229 /*
1230 * This may happen when someone is trying to depend root
1231 * directory of some subsystem
1232 */
1233 if (configfs_is_root(&parent->cg_item)) {
1234 target_subsys = to_configfs_subsystem(to_config_group(target));
1235 root = parent;
1236 } else {
1237 target_subsys = parent->cg_subsys;
1238 /* Find a cofnigfs root as we may need it for locking */
1239 for (root = parent; !configfs_is_root(&root->cg_item);
1240 root = root->cg_item.ci_group)
1241 ;
1242 }
1243
1244 if (target_subsys != caller_subsys) {
1245 /*
1246 * We are in other configfs subsystem, so we have to do
1247 * additional locking to prevent other subsystem from being
1248 * unregistered
1249 */
1250 inode_lock(d_inode(root->cg_item.ci_dentry));
1251
1252 /*
1253 * As we are trying to depend item from other subsystem
1254 * we have to check if this subsystem is still registered
1255 */
1256 subsys_sd = configfs_find_subsys_dentry(
1257 root->cg_item.ci_dentry->d_fsdata,
1258 &target_subsys->su_group.cg_item);
1259 if (!subsys_sd)
1260 goto out_root_unlock;
1261 } else {
1262 subsys_sd = target_subsys->su_group.cg_item.ci_dentry->d_fsdata;
1263 }
1264
1265 /* Now we can execute core of depend item */
1266 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1267
1268 if (target_subsys != caller_subsys)
1269 out_root_unlock:
1270 /*
1271 * We were called from subsystem other than our target so we
1272 * took some locks so now it's time to release them
1273 */
1274 inode_unlock(d_inode(root->cg_item.ci_dentry));
1275
1276 return ret;
1277 }
1278 EXPORT_SYMBOL(configfs_depend_item_unlocked);
1279
configfs_mkdir(struct inode * dir,struct dentry * dentry,umode_t mode)1280 static int configfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
1281 {
1282 int ret = 0;
1283 int module_got = 0;
1284 struct config_group *group = NULL;
1285 struct config_item *item = NULL;
1286 struct config_item *parent_item;
1287 struct configfs_subsystem *subsys;
1288 struct configfs_dirent *sd;
1289 const struct config_item_type *type;
1290 struct module *subsys_owner = NULL, *new_item_owner = NULL;
1291 struct configfs_fragment *frag;
1292 char *name;
1293
1294 sd = dentry->d_parent->d_fsdata;
1295
1296 /*
1297 * Fake invisibility if dir belongs to a group/default groups hierarchy
1298 * being attached
1299 */
1300 if (!configfs_dirent_is_ready(sd)) {
1301 ret = -ENOENT;
1302 goto out;
1303 }
1304
1305 if (!(sd->s_type & CONFIGFS_USET_DIR)) {
1306 ret = -EPERM;
1307 goto out;
1308 }
1309
1310 frag = new_fragment();
1311 if (!frag) {
1312 ret = -ENOMEM;
1313 goto out;
1314 }
1315
1316 /* Get a working ref for the duration of this function */
1317 parent_item = configfs_get_config_item(dentry->d_parent);
1318 type = parent_item->ci_type;
1319 subsys = to_config_group(parent_item)->cg_subsys;
1320 BUG_ON(!subsys);
1321
1322 if (!type || !type->ct_group_ops ||
1323 (!type->ct_group_ops->make_group &&
1324 !type->ct_group_ops->make_item)) {
1325 ret = -EPERM; /* Lack-of-mkdir returns -EPERM */
1326 goto out_put;
1327 }
1328
1329 /*
1330 * The subsystem may belong to a different module than the item
1331 * being created. We don't want to safely pin the new item but
1332 * fail to pin the subsystem it sits under.
1333 */
1334 if (!subsys->su_group.cg_item.ci_type) {
1335 ret = -EINVAL;
1336 goto out_put;
1337 }
1338 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1339 if (!try_module_get(subsys_owner)) {
1340 ret = -EINVAL;
1341 goto out_put;
1342 }
1343
1344 name = kmalloc(dentry->d_name.len + 1, GFP_KERNEL);
1345 if (!name) {
1346 ret = -ENOMEM;
1347 goto out_subsys_put;
1348 }
1349
1350 snprintf(name, dentry->d_name.len + 1, "%s", dentry->d_name.name);
1351
1352 mutex_lock(&subsys->su_mutex);
1353 if (type->ct_group_ops->make_group) {
1354 group = type->ct_group_ops->make_group(to_config_group(parent_item), name);
1355 if (!group)
1356 group = ERR_PTR(-ENOMEM);
1357 if (!IS_ERR(group)) {
1358 link_group(to_config_group(parent_item), group);
1359 item = &group->cg_item;
1360 } else
1361 ret = PTR_ERR(group);
1362 } else {
1363 item = type->ct_group_ops->make_item(to_config_group(parent_item), name);
1364 if (!item)
1365 item = ERR_PTR(-ENOMEM);
1366 if (!IS_ERR(item))
1367 link_obj(parent_item, item);
1368 else
1369 ret = PTR_ERR(item);
1370 }
1371 mutex_unlock(&subsys->su_mutex);
1372
1373 kfree(name);
1374 if (ret) {
1375 /*
1376 * If ret != 0, then link_obj() was never called.
1377 * There are no extra references to clean up.
1378 */
1379 goto out_subsys_put;
1380 }
1381
1382 /*
1383 * link_obj() has been called (via link_group() for groups).
1384 * From here on out, errors must clean that up.
1385 */
1386
1387 type = item->ci_type;
1388 if (!type) {
1389 ret = -EINVAL;
1390 goto out_unlink;
1391 }
1392
1393 new_item_owner = type->ct_owner;
1394 if (!try_module_get(new_item_owner)) {
1395 ret = -EINVAL;
1396 goto out_unlink;
1397 }
1398
1399 /*
1400 * I hate doing it this way, but if there is
1401 * an error, module_put() probably should
1402 * happen after any cleanup.
1403 */
1404 module_got = 1;
1405
1406 /*
1407 * Make racing rmdir() fail if it did not tag parent with
1408 * CONFIGFS_USET_DROPPING
1409 * Note: if CONFIGFS_USET_DROPPING is already set, attach_group() will
1410 * fail and let rmdir() terminate correctly
1411 */
1412 spin_lock(&configfs_dirent_lock);
1413 /* This will make configfs_detach_prep() fail */
1414 sd->s_type |= CONFIGFS_USET_IN_MKDIR;
1415 spin_unlock(&configfs_dirent_lock);
1416
1417 if (group)
1418 ret = configfs_attach_group(parent_item, item, dentry, frag);
1419 else
1420 ret = configfs_attach_item(parent_item, item, dentry, frag);
1421
1422 /* inherit uid/gid from process creating the directory */
1423 if (!uid_eq(current_fsuid(), GLOBAL_ROOT_UID) ||
1424 !gid_eq(current_fsgid(), GLOBAL_ROOT_GID)) {
1425 struct iattr ia = {
1426 .ia_uid = current_fsuid(),
1427 .ia_gid = current_fsgid(),
1428 .ia_valid = ATTR_UID | ATTR_GID,
1429 };
1430 struct inode *inode = d_inode(dentry);
1431 inode->i_uid = ia.ia_uid;
1432 inode->i_gid = ia.ia_gid;
1433 /* the above manual assignments skip the permission checks */
1434 configfs_setattr(dentry, &ia);
1435 }
1436
1437 spin_lock(&configfs_dirent_lock);
1438 sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
1439 if (!ret)
1440 configfs_dir_set_ready(dentry->d_fsdata);
1441 spin_unlock(&configfs_dirent_lock);
1442
1443 out_unlink:
1444 if (ret) {
1445 /* Tear down everything we built up */
1446 mutex_lock(&subsys->su_mutex);
1447
1448 client_disconnect_notify(parent_item, item);
1449 if (group)
1450 unlink_group(group);
1451 else
1452 unlink_obj(item);
1453 client_drop_item(parent_item, item);
1454
1455 mutex_unlock(&subsys->su_mutex);
1456
1457 if (module_got)
1458 module_put(new_item_owner);
1459 }
1460
1461 out_subsys_put:
1462 if (ret)
1463 module_put(subsys_owner);
1464
1465 out_put:
1466 /*
1467 * link_obj()/link_group() took a reference from child->parent,
1468 * so the parent is safely pinned. We can drop our working
1469 * reference.
1470 */
1471 config_item_put(parent_item);
1472 put_fragment(frag);
1473
1474 out:
1475 return ret;
1476 }
1477
configfs_rmdir(struct inode * dir,struct dentry * dentry)1478 static int configfs_rmdir(struct inode *dir, struct dentry *dentry)
1479 {
1480 struct config_item *parent_item;
1481 struct config_item *item;
1482 struct configfs_subsystem *subsys;
1483 struct configfs_dirent *sd;
1484 struct configfs_fragment *frag;
1485 struct module *subsys_owner = NULL, *dead_item_owner = NULL;
1486 int ret;
1487
1488 sd = dentry->d_fsdata;
1489 if (sd->s_type & CONFIGFS_USET_DEFAULT)
1490 return -EPERM;
1491
1492 /* Get a working ref until we have the child */
1493 parent_item = configfs_get_config_item(dentry->d_parent);
1494 subsys = to_config_group(parent_item)->cg_subsys;
1495 BUG_ON(!subsys);
1496
1497 if (!parent_item->ci_type) {
1498 config_item_put(parent_item);
1499 return -EINVAL;
1500 }
1501
1502 /* configfs_mkdir() shouldn't have allowed this */
1503 BUG_ON(!subsys->su_group.cg_item.ci_type);
1504 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1505
1506 /*
1507 * Ensure that no racing symlink() will make detach_prep() fail while
1508 * the new link is temporarily attached
1509 */
1510 do {
1511 struct dentry *wait;
1512
1513 mutex_lock(&configfs_symlink_mutex);
1514 spin_lock(&configfs_dirent_lock);
1515 /*
1516 * Here's where we check for dependents. We're protected by
1517 * configfs_dirent_lock.
1518 * If no dependent, atomically tag the item as dropping.
1519 */
1520 ret = sd->s_dependent_count ? -EBUSY : 0;
1521 if (!ret) {
1522 ret = configfs_detach_prep(dentry, &wait);
1523 if (ret)
1524 configfs_detach_rollback(dentry);
1525 }
1526 spin_unlock(&configfs_dirent_lock);
1527 mutex_unlock(&configfs_symlink_mutex);
1528
1529 if (ret) {
1530 if (ret != -EAGAIN) {
1531 config_item_put(parent_item);
1532 return ret;
1533 }
1534
1535 /* Wait until the racing operation terminates */
1536 inode_lock(d_inode(wait));
1537 inode_unlock(d_inode(wait));
1538 dput(wait);
1539 }
1540 } while (ret == -EAGAIN);
1541
1542 frag = sd->s_frag;
1543 if (down_write_killable(&frag->frag_sem)) {
1544 spin_lock(&configfs_dirent_lock);
1545 configfs_detach_rollback(dentry);
1546 spin_unlock(&configfs_dirent_lock);
1547 config_item_put(parent_item);
1548 return -EINTR;
1549 }
1550 frag->frag_dead = true;
1551 up_write(&frag->frag_sem);
1552
1553 /* Get a working ref for the duration of this function */
1554 item = configfs_get_config_item(dentry);
1555
1556 /* Drop reference from above, item already holds one. */
1557 config_item_put(parent_item);
1558
1559 if (item->ci_type)
1560 dead_item_owner = item->ci_type->ct_owner;
1561
1562 if (sd->s_type & CONFIGFS_USET_DIR) {
1563 configfs_detach_group(item);
1564
1565 mutex_lock(&subsys->su_mutex);
1566 client_disconnect_notify(parent_item, item);
1567 unlink_group(to_config_group(item));
1568 } else {
1569 configfs_detach_item(item);
1570
1571 mutex_lock(&subsys->su_mutex);
1572 client_disconnect_notify(parent_item, item);
1573 unlink_obj(item);
1574 }
1575
1576 client_drop_item(parent_item, item);
1577 mutex_unlock(&subsys->su_mutex);
1578
1579 /* Drop our reference from above */
1580 config_item_put(item);
1581
1582 module_put(dead_item_owner);
1583 module_put(subsys_owner);
1584
1585 return 0;
1586 }
1587
1588 const struct inode_operations configfs_dir_inode_operations = {
1589 .mkdir = configfs_mkdir,
1590 .rmdir = configfs_rmdir,
1591 .symlink = configfs_symlink,
1592 .unlink = configfs_unlink,
1593 .lookup = configfs_lookup,
1594 .setattr = configfs_setattr,
1595 };
1596
1597 const struct inode_operations configfs_root_inode_operations = {
1598 .lookup = configfs_lookup,
1599 .setattr = configfs_setattr,
1600 };
1601
configfs_dir_open(struct inode * inode,struct file * file)1602 static int configfs_dir_open(struct inode *inode, struct file *file)
1603 {
1604 struct dentry * dentry = file->f_path.dentry;
1605 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1606 int err;
1607
1608 inode_lock(d_inode(dentry));
1609 /*
1610 * Fake invisibility if dir belongs to a group/default groups hierarchy
1611 * being attached
1612 */
1613 err = -ENOENT;
1614 if (configfs_dirent_is_ready(parent_sd)) {
1615 file->private_data = configfs_new_dirent(parent_sd, NULL, 0, NULL);
1616 if (IS_ERR(file->private_data))
1617 err = PTR_ERR(file->private_data);
1618 else
1619 err = 0;
1620 }
1621 inode_unlock(d_inode(dentry));
1622
1623 return err;
1624 }
1625
configfs_dir_close(struct inode * inode,struct file * file)1626 static int configfs_dir_close(struct inode *inode, struct file *file)
1627 {
1628 struct dentry * dentry = file->f_path.dentry;
1629 struct configfs_dirent * cursor = file->private_data;
1630
1631 inode_lock(d_inode(dentry));
1632 spin_lock(&configfs_dirent_lock);
1633 list_del_init(&cursor->s_sibling);
1634 spin_unlock(&configfs_dirent_lock);
1635 inode_unlock(d_inode(dentry));
1636
1637 release_configfs_dirent(cursor);
1638
1639 return 0;
1640 }
1641
1642 /* Relationship between s_mode and the DT_xxx types */
dt_type(struct configfs_dirent * sd)1643 static inline unsigned char dt_type(struct configfs_dirent *sd)
1644 {
1645 return (sd->s_mode >> 12) & 15;
1646 }
1647
configfs_readdir(struct file * file,struct dir_context * ctx)1648 static int configfs_readdir(struct file *file, struct dir_context *ctx)
1649 {
1650 struct dentry *dentry = file->f_path.dentry;
1651 struct super_block *sb = dentry->d_sb;
1652 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1653 struct configfs_dirent *cursor = file->private_data;
1654 struct list_head *p, *q = &cursor->s_sibling;
1655 ino_t ino = 0;
1656
1657 if (!dir_emit_dots(file, ctx))
1658 return 0;
1659 spin_lock(&configfs_dirent_lock);
1660 if (ctx->pos == 2)
1661 list_move(q, &parent_sd->s_children);
1662 for (p = q->next; p != &parent_sd->s_children; p = p->next) {
1663 struct configfs_dirent *next;
1664 const char *name;
1665 int len;
1666 struct inode *inode = NULL;
1667
1668 next = list_entry(p, struct configfs_dirent, s_sibling);
1669 if (!next->s_element)
1670 continue;
1671
1672 /*
1673 * We'll have a dentry and an inode for
1674 * PINNED items and for open attribute
1675 * files. We lock here to prevent a race
1676 * with configfs_d_iput() clearing
1677 * s_dentry before calling iput().
1678 *
1679 * Why do we go to the trouble? If
1680 * someone has an attribute file open,
1681 * the inode number should match until
1682 * they close it. Beyond that, we don't
1683 * care.
1684 */
1685 dentry = next->s_dentry;
1686 if (dentry)
1687 inode = d_inode(dentry);
1688 if (inode)
1689 ino = inode->i_ino;
1690 spin_unlock(&configfs_dirent_lock);
1691 if (!inode)
1692 ino = iunique(sb, 2);
1693
1694 name = configfs_get_name(next);
1695 len = strlen(name);
1696
1697 if (!dir_emit(ctx, name, len, ino, dt_type(next)))
1698 return 0;
1699
1700 spin_lock(&configfs_dirent_lock);
1701 list_move(q, p);
1702 p = q;
1703 ctx->pos++;
1704 }
1705 spin_unlock(&configfs_dirent_lock);
1706 return 0;
1707 }
1708
configfs_dir_lseek(struct file * file,loff_t offset,int whence)1709 static loff_t configfs_dir_lseek(struct file *file, loff_t offset, int whence)
1710 {
1711 struct dentry * dentry = file->f_path.dentry;
1712
1713 switch (whence) {
1714 case 1:
1715 offset += file->f_pos;
1716 fallthrough;
1717 case 0:
1718 if (offset >= 0)
1719 break;
1720 fallthrough;
1721 default:
1722 return -EINVAL;
1723 }
1724 if (offset != file->f_pos) {
1725 file->f_pos = offset;
1726 if (file->f_pos >= 2) {
1727 struct configfs_dirent *sd = dentry->d_fsdata;
1728 struct configfs_dirent *cursor = file->private_data;
1729 struct list_head *p;
1730 loff_t n = file->f_pos - 2;
1731
1732 spin_lock(&configfs_dirent_lock);
1733 list_del(&cursor->s_sibling);
1734 p = sd->s_children.next;
1735 while (n && p != &sd->s_children) {
1736 struct configfs_dirent *next;
1737 next = list_entry(p, struct configfs_dirent,
1738 s_sibling);
1739 if (next->s_element)
1740 n--;
1741 p = p->next;
1742 }
1743 list_add_tail(&cursor->s_sibling, p);
1744 spin_unlock(&configfs_dirent_lock);
1745 }
1746 }
1747 return offset;
1748 }
1749
1750 const struct file_operations configfs_dir_operations = {
1751 .open = configfs_dir_open,
1752 .release = configfs_dir_close,
1753 .llseek = configfs_dir_lseek,
1754 .read = generic_read_dir,
1755 .iterate_shared = configfs_readdir,
1756 };
1757
1758 /**
1759 * configfs_register_group - creates a parent-child relation between two groups
1760 * @parent_group: parent group
1761 * @group: child group
1762 *
1763 * link groups, creates dentry for the child and attaches it to the
1764 * parent dentry.
1765 *
1766 * Return: 0 on success, negative errno code on error
1767 */
configfs_register_group(struct config_group * parent_group,struct config_group * group)1768 int configfs_register_group(struct config_group *parent_group,
1769 struct config_group *group)
1770 {
1771 struct configfs_subsystem *subsys = parent_group->cg_subsys;
1772 struct dentry *parent;
1773 struct configfs_fragment *frag;
1774 int ret;
1775
1776 frag = new_fragment();
1777 if (!frag)
1778 return -ENOMEM;
1779
1780 mutex_lock(&subsys->su_mutex);
1781 link_group(parent_group, group);
1782 mutex_unlock(&subsys->su_mutex);
1783
1784 parent = parent_group->cg_item.ci_dentry;
1785
1786 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1787 ret = create_default_group(parent_group, group, frag);
1788 if (ret)
1789 goto err_out;
1790
1791 spin_lock(&configfs_dirent_lock);
1792 configfs_dir_set_ready(group->cg_item.ci_dentry->d_fsdata);
1793 spin_unlock(&configfs_dirent_lock);
1794 inode_unlock(d_inode(parent));
1795 put_fragment(frag);
1796 return 0;
1797 err_out:
1798 inode_unlock(d_inode(parent));
1799 mutex_lock(&subsys->su_mutex);
1800 unlink_group(group);
1801 mutex_unlock(&subsys->su_mutex);
1802 put_fragment(frag);
1803 return ret;
1804 }
1805 EXPORT_SYMBOL(configfs_register_group);
1806
1807 /**
1808 * configfs_unregister_group() - unregisters a child group from its parent
1809 * @group: parent group to be unregistered
1810 *
1811 * Undoes configfs_register_group()
1812 */
configfs_unregister_group(struct config_group * group)1813 void configfs_unregister_group(struct config_group *group)
1814 {
1815 struct configfs_subsystem *subsys = group->cg_subsys;
1816 struct dentry *dentry = group->cg_item.ci_dentry;
1817 struct dentry *parent = group->cg_item.ci_parent->ci_dentry;
1818 struct configfs_dirent *sd = dentry->d_fsdata;
1819 struct configfs_fragment *frag = sd->s_frag;
1820
1821 down_write(&frag->frag_sem);
1822 frag->frag_dead = true;
1823 up_write(&frag->frag_sem);
1824
1825 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1826 spin_lock(&configfs_dirent_lock);
1827 configfs_detach_prep(dentry, NULL);
1828 spin_unlock(&configfs_dirent_lock);
1829
1830 configfs_detach_group(&group->cg_item);
1831 d_inode(dentry)->i_flags |= S_DEAD;
1832 dont_mount(dentry);
1833 d_drop(dentry);
1834 fsnotify_rmdir(d_inode(parent), dentry);
1835 inode_unlock(d_inode(parent));
1836
1837 dput(dentry);
1838
1839 mutex_lock(&subsys->su_mutex);
1840 unlink_group(group);
1841 mutex_unlock(&subsys->su_mutex);
1842 }
1843 EXPORT_SYMBOL(configfs_unregister_group);
1844
1845 /**
1846 * configfs_register_default_group() - allocates and registers a child group
1847 * @parent_group: parent group
1848 * @name: child group name
1849 * @item_type: child item type description
1850 *
1851 * boilerplate to allocate and register a child group with its parent. We need
1852 * kzalloc'ed memory because child's default_group is initially empty.
1853 *
1854 * Return: allocated config group or ERR_PTR() on error
1855 */
1856 struct config_group *
configfs_register_default_group(struct config_group * parent_group,const char * name,const struct config_item_type * item_type)1857 configfs_register_default_group(struct config_group *parent_group,
1858 const char *name,
1859 const struct config_item_type *item_type)
1860 {
1861 int ret;
1862 struct config_group *group;
1863
1864 group = kzalloc(sizeof(*group), GFP_KERNEL);
1865 if (!group)
1866 return ERR_PTR(-ENOMEM);
1867 config_group_init_type_name(group, name, item_type);
1868
1869 ret = configfs_register_group(parent_group, group);
1870 if (ret) {
1871 kfree(group);
1872 return ERR_PTR(ret);
1873 }
1874 return group;
1875 }
1876 EXPORT_SYMBOL(configfs_register_default_group);
1877
1878 /**
1879 * configfs_unregister_default_group() - unregisters and frees a child group
1880 * @group: the group to act on
1881 */
configfs_unregister_default_group(struct config_group * group)1882 void configfs_unregister_default_group(struct config_group *group)
1883 {
1884 configfs_unregister_group(group);
1885 kfree(group);
1886 }
1887 EXPORT_SYMBOL(configfs_unregister_default_group);
1888
configfs_register_subsystem(struct configfs_subsystem * subsys)1889 int configfs_register_subsystem(struct configfs_subsystem *subsys)
1890 {
1891 int err;
1892 struct config_group *group = &subsys->su_group;
1893 struct dentry *dentry;
1894 struct dentry *root;
1895 struct configfs_dirent *sd;
1896 struct configfs_fragment *frag;
1897
1898 frag = new_fragment();
1899 if (!frag)
1900 return -ENOMEM;
1901
1902 root = configfs_pin_fs();
1903 if (IS_ERR(root)) {
1904 put_fragment(frag);
1905 return PTR_ERR(root);
1906 }
1907
1908 if (!group->cg_item.ci_name)
1909 group->cg_item.ci_name = group->cg_item.ci_namebuf;
1910
1911 sd = root->d_fsdata;
1912 mutex_lock(&configfs_subsystem_mutex);
1913 link_group(to_config_group(sd->s_element), group);
1914 mutex_unlock(&configfs_subsystem_mutex);
1915
1916 inode_lock_nested(d_inode(root), I_MUTEX_PARENT);
1917
1918 err = -ENOMEM;
1919 dentry = d_alloc_name(root, group->cg_item.ci_name);
1920 if (dentry) {
1921 d_add(dentry, NULL);
1922
1923 err = configfs_attach_group(sd->s_element, &group->cg_item,
1924 dentry, frag);
1925 if (err) {
1926 BUG_ON(d_inode(dentry));
1927 d_drop(dentry);
1928 dput(dentry);
1929 } else {
1930 spin_lock(&configfs_dirent_lock);
1931 configfs_dir_set_ready(dentry->d_fsdata);
1932 spin_unlock(&configfs_dirent_lock);
1933 }
1934 }
1935
1936 inode_unlock(d_inode(root));
1937
1938 if (err) {
1939 mutex_lock(&configfs_subsystem_mutex);
1940 unlink_group(group);
1941 mutex_unlock(&configfs_subsystem_mutex);
1942 configfs_release_fs();
1943 }
1944 put_fragment(frag);
1945
1946 return err;
1947 }
1948
configfs_unregister_subsystem(struct configfs_subsystem * subsys)1949 void configfs_unregister_subsystem(struct configfs_subsystem *subsys)
1950 {
1951 struct config_group *group = &subsys->su_group;
1952 struct dentry *dentry = group->cg_item.ci_dentry;
1953 struct dentry *root = dentry->d_sb->s_root;
1954 struct configfs_dirent *sd = dentry->d_fsdata;
1955 struct configfs_fragment *frag = sd->s_frag;
1956
1957 if (dentry->d_parent != root) {
1958 pr_err("Tried to unregister non-subsystem!\n");
1959 return;
1960 }
1961
1962 down_write(&frag->frag_sem);
1963 frag->frag_dead = true;
1964 up_write(&frag->frag_sem);
1965
1966 inode_lock_nested(d_inode(root),
1967 I_MUTEX_PARENT);
1968 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
1969 mutex_lock(&configfs_symlink_mutex);
1970 spin_lock(&configfs_dirent_lock);
1971 if (configfs_detach_prep(dentry, NULL)) {
1972 pr_err("Tried to unregister non-empty subsystem!\n");
1973 }
1974 spin_unlock(&configfs_dirent_lock);
1975 mutex_unlock(&configfs_symlink_mutex);
1976 configfs_detach_group(&group->cg_item);
1977 d_inode(dentry)->i_flags |= S_DEAD;
1978 dont_mount(dentry);
1979 inode_unlock(d_inode(dentry));
1980
1981 d_drop(dentry);
1982 fsnotify_rmdir(d_inode(root), dentry);
1983
1984 inode_unlock(d_inode(root));
1985
1986 dput(dentry);
1987
1988 mutex_lock(&configfs_subsystem_mutex);
1989 unlink_group(group);
1990 mutex_unlock(&configfs_subsystem_mutex);
1991 configfs_release_fs();
1992 }
1993
1994 EXPORT_SYMBOL(configfs_register_subsystem);
1995 EXPORT_SYMBOL(configfs_unregister_subsystem);
1996