Commit | Line | Data |
---|---|---|
e38f9817 CH |
1 | /* |
2 | * Copyright (C) Neil Brown 2002 | |
3 | * Copyright (C) Christoph Hellwig 2007 | |
4 | * | |
5 | * This file contains the code mapping from inodes to NFS file handles, | |
6 | * and for mapping back from file handles to dentries. | |
7 | * | |
8 | * For details on why we do all the strange and hairy things in here | |
dc7a0816 | 9 | * take a look at Documentation/filesystems/nfs/Exporting. |
e38f9817 | 10 | */ |
a5694255 | 11 | #include <linux/exportfs.h> |
1da177e4 LT |
12 | #include <linux/fs.h> |
13 | #include <linux/file.h> | |
14 | #include <linux/module.h> | |
d37065cd | 15 | #include <linux/mount.h> |
1da177e4 | 16 | #include <linux/namei.h> |
745ca247 | 17 | #include <linux/sched.h> |
1da177e4 | 18 | |
10f11c34 | 19 | #define dprintk(fmt, args...) do{}while(0) |
1da177e4 | 20 | |
1da177e4 | 21 | |
765927b2 | 22 | static int get_name(const struct path *path, char *name, struct dentry *child); |
10f11c34 CH |
23 | |
24 | ||
e38f9817 CH |
25 | static int exportfs_get_name(struct vfsmount *mnt, struct dentry *dir, |
26 | char *name, struct dentry *child) | |
10f11c34 | 27 | { |
39655164 | 28 | const struct export_operations *nop = dir->d_sb->s_export_op; |
765927b2 | 29 | struct path path = {.mnt = mnt, .dentry = dir}; |
10f11c34 CH |
30 | |
31 | if (nop->get_name) | |
32 | return nop->get_name(dir, name, child); | |
33 | else | |
765927b2 | 34 | return get_name(&path, name, child); |
10f11c34 | 35 | } |
1da177e4 | 36 | |
fb66a198 CH |
37 | /* |
38 | * Check if the dentry or any of it's aliases is acceptable. | |
39 | */ | |
e2f99018 CH |
40 | static struct dentry * |
41 | find_acceptable_alias(struct dentry *result, | |
42 | int (*acceptable)(void *context, struct dentry *dentry), | |
43 | void *context) | |
44 | { | |
45 | struct dentry *dentry, *toput = NULL; | |
873feea0 | 46 | struct inode *inode; |
e2f99018 | 47 | |
fb66a198 CH |
48 | if (acceptable(context, result)) |
49 | return result; | |
50 | ||
873feea0 NP |
51 | inode = result->d_inode; |
52 | spin_lock(&inode->i_lock); | |
b67bfe0d | 53 | hlist_for_each_entry(dentry, &inode->i_dentry, d_alias) { |
dc0474be | 54 | dget(dentry); |
873feea0 | 55 | spin_unlock(&inode->i_lock); |
e2f99018 CH |
56 | if (toput) |
57 | dput(toput); | |
58 | if (dentry != result && acceptable(context, dentry)) { | |
59 | dput(result); | |
60 | return dentry; | |
61 | } | |
873feea0 | 62 | spin_lock(&inode->i_lock); |
e2f99018 CH |
63 | toput = dentry; |
64 | } | |
873feea0 | 65 | spin_unlock(&inode->i_lock); |
e2f99018 CH |
66 | |
67 | if (toput) | |
68 | dput(toput); | |
69 | return NULL; | |
70 | } | |
71 | ||
dd90b509 CH |
72 | /* |
73 | * Find root of a disconnected subtree and return a reference to it. | |
74 | */ | |
75 | static struct dentry * | |
76 | find_disconnected_root(struct dentry *dentry) | |
77 | { | |
78 | dget(dentry); | |
0461ee26 CH |
79 | while (!IS_ROOT(dentry)) { |
80 | struct dentry *parent = dget_parent(dentry); | |
81 | ||
82 | if (!(parent->d_flags & DCACHE_DISCONNECTED)) { | |
83 | dput(parent); | |
84 | break; | |
85 | } | |
86 | ||
dd90b509 CH |
87 | dput(dentry); |
88 | dentry = parent; | |
dd90b509 | 89 | } |
dd90b509 CH |
90 | return dentry; |
91 | } | |
92 | ||
019ab801 CH |
93 | /* |
94 | * Make sure target_dir is fully connected to the dentry tree. | |
1da177e4 | 95 | * |
019ab801 | 96 | * It may already be, as the flag isn't always updated when connection happens. |
1da177e4 | 97 | */ |
019ab801 | 98 | static int |
f3f8e175 | 99 | reconnect_path(struct vfsmount *mnt, struct dentry *target_dir, char *nbuf) |
1da177e4 | 100 | { |
019ab801 CH |
101 | int noprogress = 0; |
102 | int err = -ESTALE; | |
1da177e4 LT |
103 | |
104 | /* | |
019ab801 | 105 | * It is possible that a confused file system might not let us complete |
1da177e4 LT |
106 | * the path to the root. For example, if get_parent returns a directory |
107 | * in which we cannot find a name for the child. While this implies a | |
108 | * very sick filesystem we don't want it to cause knfsd to spin. Hence | |
109 | * the noprogress counter. If we go through the loop 10 times (2 is | |
110 | * probably enough) without getting anywhere, we just give up | |
111 | */ | |
1da177e4 | 112 | while (target_dir->d_flags & DCACHE_DISCONNECTED && noprogress++ < 10) { |
dd90b509 | 113 | struct dentry *pd = find_disconnected_root(target_dir); |
1da177e4 LT |
114 | |
115 | if (!IS_ROOT(pd)) { | |
116 | /* must have found a connected parent - great */ | |
117 | spin_lock(&pd->d_lock); | |
118 | pd->d_flags &= ~DCACHE_DISCONNECTED; | |
119 | spin_unlock(&pd->d_lock); | |
120 | noprogress = 0; | |
e38f9817 | 121 | } else if (pd == mnt->mnt_sb->s_root) { |
1da177e4 LT |
122 | printk(KERN_ERR "export: Eeek filesystem root is not connected, impossible\n"); |
123 | spin_lock(&pd->d_lock); | |
124 | pd->d_flags &= ~DCACHE_DISCONNECTED; | |
125 | spin_unlock(&pd->d_lock); | |
126 | noprogress = 0; | |
127 | } else { | |
10f11c34 CH |
128 | /* |
129 | * We have hit the top of a disconnected path, try to | |
130 | * find parent and connect. | |
131 | * | |
132 | * Racing with some other process renaming a directory | |
133 | * isn't much of a problem here. If someone renames | |
134 | * the directory, it will end up properly connected, | |
135 | * which is what we want | |
136 | * | |
137 | * Getting the parent can't be supported generically, | |
138 | * the locking is too icky. | |
139 | * | |
140 | * Instead we just return EACCES. If server reboots | |
141 | * or inodes get flushed, you lose | |
1da177e4 | 142 | */ |
10f11c34 | 143 | struct dentry *ppd = ERR_PTR(-EACCES); |
1da177e4 LT |
144 | struct dentry *npd; |
145 | ||
1b1dcc1b | 146 | mutex_lock(&pd->d_inode->i_mutex); |
e38f9817 CH |
147 | if (mnt->mnt_sb->s_export_op->get_parent) |
148 | ppd = mnt->mnt_sb->s_export_op->get_parent(pd); | |
1b1dcc1b | 149 | mutex_unlock(&pd->d_inode->i_mutex); |
1da177e4 LT |
150 | |
151 | if (IS_ERR(ppd)) { | |
152 | err = PTR_ERR(ppd); | |
019ab801 | 153 | dprintk("%s: get_parent of %ld failed, err %d\n", |
8e24eea7 | 154 | __func__, pd->d_inode->i_ino, err); |
1da177e4 LT |
155 | dput(pd); |
156 | break; | |
157 | } | |
019ab801 | 158 | |
8e24eea7 | 159 | dprintk("%s: find name of %lu in %lu\n", __func__, |
019ab801 | 160 | pd->d_inode->i_ino, ppd->d_inode->i_ino); |
e38f9817 | 161 | err = exportfs_get_name(mnt, ppd, nbuf, pd); |
1da177e4 LT |
162 | if (err) { |
163 | dput(ppd); | |
164 | dput(pd); | |
165 | if (err == -ENOENT) | |
166 | /* some race between get_parent and | |
167 | * get_name? just try again | |
168 | */ | |
169 | continue; | |
170 | break; | |
171 | } | |
8e24eea7 | 172 | dprintk("%s: found name: %s\n", __func__, nbuf); |
1b1dcc1b | 173 | mutex_lock(&ppd->d_inode->i_mutex); |
1da177e4 | 174 | npd = lookup_one_len(nbuf, ppd, strlen(nbuf)); |
1b1dcc1b | 175 | mutex_unlock(&ppd->d_inode->i_mutex); |
1da177e4 LT |
176 | if (IS_ERR(npd)) { |
177 | err = PTR_ERR(npd); | |
019ab801 | 178 | dprintk("%s: lookup failed: %d\n", |
8e24eea7 | 179 | __func__, err); |
1da177e4 LT |
180 | dput(ppd); |
181 | dput(pd); | |
182 | break; | |
183 | } | |
184 | /* we didn't really want npd, we really wanted | |
185 | * a side-effect of the lookup. | |
186 | * hopefully, npd == pd, though it isn't really | |
187 | * a problem if it isn't | |
188 | */ | |
189 | if (npd == pd) | |
190 | noprogress = 0; | |
191 | else | |
8e24eea7 | 192 | printk("%s: npd != pd\n", __func__); |
1da177e4 LT |
193 | dput(npd); |
194 | dput(ppd); | |
195 | if (IS_ROOT(pd)) { | |
196 | /* something went wrong, we have to give up */ | |
197 | dput(pd); | |
198 | break; | |
199 | } | |
200 | } | |
201 | dput(pd); | |
202 | } | |
203 | ||
204 | if (target_dir->d_flags & DCACHE_DISCONNECTED) { | |
205 | /* something went wrong - oh-well */ | |
206 | if (!err) | |
207 | err = -ESTALE; | |
019ab801 | 208 | return err; |
1da177e4 | 209 | } |
019ab801 CH |
210 | |
211 | return 0; | |
212 | } | |
213 | ||
1da177e4 | 214 | struct getdents_callback { |
5c0ba4e0 | 215 | struct dir_context ctx; |
1da177e4 LT |
216 | char *name; /* name that was found. It already points to a |
217 | buffer NAME_MAX+1 is size */ | |
950ee956 | 218 | u64 ino; /* the inum we are looking for */ |
1da177e4 LT |
219 | int found; /* inode matched? */ |
220 | int sequence; /* sequence counter */ | |
221 | }; | |
222 | ||
223 | /* | |
224 | * A rather strange filldir function to capture | |
225 | * the name matching the specified inode number. | |
226 | */ | |
227 | static int filldir_one(void * __buf, const char * name, int len, | |
afefdbb2 | 228 | loff_t pos, u64 ino, unsigned int d_type) |
1da177e4 LT |
229 | { |
230 | struct getdents_callback *buf = __buf; | |
231 | int result = 0; | |
232 | ||
233 | buf->sequence++; | |
dfc59e2c | 234 | if (buf->ino == ino && len <= NAME_MAX) { |
1da177e4 LT |
235 | memcpy(buf->name, name, len); |
236 | buf->name[len] = '\0'; | |
237 | buf->found = 1; | |
238 | result = -1; | |
239 | } | |
240 | return result; | |
241 | } | |
242 | ||
243 | /** | |
244 | * get_name - default export_operations->get_name function | |
245 | * @dentry: the directory in which to find a name | |
246 | * @name: a pointer to a %NAME_MAX+1 char buffer to store the name | |
247 | * @child: the dentry for the child directory. | |
248 | * | |
249 | * calls readdir on the parent until it finds an entry with | |
250 | * the same inode number as the child, and returns that. | |
251 | */ | |
765927b2 | 252 | static int get_name(const struct path *path, char *name, struct dentry *child) |
1da177e4 | 253 | { |
745ca247 | 254 | const struct cred *cred = current_cred(); |
765927b2 | 255 | struct inode *dir = path->dentry->d_inode; |
1da177e4 LT |
256 | int error; |
257 | struct file *file; | |
950ee956 BF |
258 | struct kstat stat; |
259 | struct path child_path = { | |
260 | .mnt = path->mnt, | |
261 | .dentry = child, | |
262 | }; | |
ac6614b7 AV |
263 | struct getdents_callback buffer = { |
264 | .ctx.actor = filldir_one, | |
265 | .name = name, | |
ac6614b7 | 266 | }; |
1da177e4 LT |
267 | |
268 | error = -ENOTDIR; | |
269 | if (!dir || !S_ISDIR(dir->i_mode)) | |
270 | goto out; | |
271 | error = -EINVAL; | |
272 | if (!dir->i_fop) | |
273 | goto out; | |
950ee956 BF |
274 | /* |
275 | * inode->i_ino is unsigned long, kstat->ino is u64, so the | |
276 | * former would be insufficient on 32-bit hosts when the | |
277 | * filesystem supports 64-bit inode numbers. So we need to | |
278 | * actually call ->getattr, not just read i_ino: | |
279 | */ | |
280 | error = vfs_getattr_nosec(&child_path, &stat); | |
281 | if (error) | |
282 | return error; | |
283 | buffer.ino = stat.ino; | |
1da177e4 LT |
284 | /* |
285 | * Open the directory ... | |
286 | */ | |
765927b2 | 287 | file = dentry_open(path, O_RDONLY, cred); |
1da177e4 LT |
288 | error = PTR_ERR(file); |
289 | if (IS_ERR(file)) | |
290 | goto out; | |
291 | ||
292 | error = -EINVAL; | |
2233f31a | 293 | if (!file->f_op->iterate) |
1da177e4 LT |
294 | goto out_close; |
295 | ||
1da177e4 LT |
296 | buffer.sequence = 0; |
297 | while (1) { | |
298 | int old_seq = buffer.sequence; | |
299 | ||
5c0ba4e0 | 300 | error = iterate_dir(file, &buffer.ctx); |
53c9c5c0 AV |
301 | if (buffer.found) { |
302 | error = 0; | |
303 | break; | |
304 | } | |
1da177e4 LT |
305 | |
306 | if (error < 0) | |
307 | break; | |
308 | ||
1da177e4 LT |
309 | error = -ENOENT; |
310 | if (old_seq == buffer.sequence) | |
311 | break; | |
312 | } | |
313 | ||
314 | out_close: | |
315 | fput(file); | |
316 | out: | |
317 | return error; | |
318 | } | |
319 | ||
1da177e4 LT |
320 | /** |
321 | * export_encode_fh - default export_operations->encode_fh function | |
b0b0382b | 322 | * @inode: the object to encode |
1da177e4 LT |
323 | * @fh: where to store the file handle fragment |
324 | * @max_len: maximum length to store there | |
b0b0382b | 325 | * @parent: parent directory inode, if wanted |
1da177e4 LT |
326 | * |
327 | * This default encode_fh function assumes that the 32 inode number | |
328 | * is suitable for locating an inode, and that the generation number | |
329 | * can be used to check that it is still valid. It places them in the | |
330 | * filehandle fragment where export_decode_fh expects to find them. | |
331 | */ | |
b0b0382b AV |
332 | static int export_encode_fh(struct inode *inode, struct fid *fid, |
333 | int *max_len, struct inode *parent) | |
1da177e4 | 334 | { |
1da177e4 | 335 | int len = *max_len; |
6e91ea2b | 336 | int type = FILEID_INO32_GEN; |
5fe0c237 | 337 | |
b0b0382b | 338 | if (parent && (len < 4)) { |
5fe0c237 | 339 | *max_len = 4; |
216b6cbd | 340 | return FILEID_INVALID; |
5fe0c237 AK |
341 | } else if (len < 2) { |
342 | *max_len = 2; | |
216b6cbd | 343 | return FILEID_INVALID; |
5fe0c237 | 344 | } |
1da177e4 LT |
345 | |
346 | len = 2; | |
6e91ea2b CH |
347 | fid->i32.ino = inode->i_ino; |
348 | fid->i32.gen = inode->i_generation; | |
b0b0382b | 349 | if (parent) { |
6e91ea2b CH |
350 | fid->i32.parent_ino = parent->i_ino; |
351 | fid->i32.parent_gen = parent->i_generation; | |
1da177e4 | 352 | len = 4; |
6e91ea2b | 353 | type = FILEID_INO32_GEN_PARENT; |
1da177e4 LT |
354 | } |
355 | *max_len = len; | |
356 | return type; | |
357 | } | |
358 | ||
711c7bf9 CG |
359 | int exportfs_encode_inode_fh(struct inode *inode, struct fid *fid, |
360 | int *max_len, struct inode *parent) | |
361 | { | |
362 | const struct export_operations *nop = inode->i_sb->s_export_op; | |
363 | ||
364 | if (nop && nop->encode_fh) | |
365 | return nop->encode_fh(inode, fid->raw, max_len, parent); | |
366 | ||
367 | return export_encode_fh(inode, fid, max_len, parent); | |
368 | } | |
369 | EXPORT_SYMBOL_GPL(exportfs_encode_inode_fh); | |
370 | ||
6e91ea2b | 371 | int exportfs_encode_fh(struct dentry *dentry, struct fid *fid, int *max_len, |
d37065cd CH |
372 | int connectable) |
373 | { | |
10f11c34 | 374 | int error; |
b0b0382b AV |
375 | struct dentry *p = NULL; |
376 | struct inode *inode = dentry->d_inode, *parent = NULL; | |
d37065cd | 377 | |
b0b0382b AV |
378 | if (connectable && !S_ISDIR(inode->i_mode)) { |
379 | p = dget_parent(dentry); | |
380 | /* | |
381 | * note that while p might've ceased to be our parent already, | |
382 | * it's still pinned by and still positive. | |
383 | */ | |
384 | parent = p->d_inode; | |
385 | } | |
711c7bf9 CG |
386 | |
387 | error = exportfs_encode_inode_fh(inode, fid, max_len, parent); | |
b0b0382b | 388 | dput(p); |
10f11c34 CH |
389 | |
390 | return error; | |
d37065cd CH |
391 | } |
392 | EXPORT_SYMBOL_GPL(exportfs_encode_fh); | |
393 | ||
6e91ea2b CH |
394 | struct dentry *exportfs_decode_fh(struct vfsmount *mnt, struct fid *fid, |
395 | int fh_len, int fileid_type, | |
396 | int (*acceptable)(void *, struct dentry *), void *context) | |
d37065cd | 397 | { |
39655164 | 398 | const struct export_operations *nop = mnt->mnt_sb->s_export_op; |
2596110a | 399 | struct dentry *result, *alias; |
f3f8e175 | 400 | char nbuf[NAME_MAX+1]; |
2596110a | 401 | int err; |
d37065cd | 402 | |
2596110a CH |
403 | /* |
404 | * Try to get any dentry for the given file handle from the filesystem. | |
405 | */ | |
becfd1f3 AK |
406 | if (!nop || !nop->fh_to_dentry) |
407 | return ERR_PTR(-ESTALE); | |
2596110a | 408 | result = nop->fh_to_dentry(mnt->mnt_sb, fid, fh_len, fileid_type); |
a4f4d6df BF |
409 | if (!result) |
410 | result = ERR_PTR(-ESTALE); | |
2596110a CH |
411 | if (IS_ERR(result)) |
412 | return result; | |
413 | ||
414 | if (S_ISDIR(result->d_inode->i_mode)) { | |
415 | /* | |
416 | * This request is for a directory. | |
417 | * | |
418 | * On the positive side there is only one dentry for each | |
419 | * directory inode. On the negative side this implies that we | |
420 | * to ensure our dentry is connected all the way up to the | |
421 | * filesystem root. | |
422 | */ | |
423 | if (result->d_flags & DCACHE_DISCONNECTED) { | |
f3f8e175 | 424 | err = reconnect_path(mnt, result, nbuf); |
2596110a CH |
425 | if (err) |
426 | goto err_result; | |
427 | } | |
428 | ||
429 | if (!acceptable(context, result)) { | |
430 | err = -EACCES; | |
431 | goto err_result; | |
432 | } | |
433 | ||
434 | return result; | |
10f11c34 | 435 | } else { |
2596110a CH |
436 | /* |
437 | * It's not a directory. Life is a little more complicated. | |
438 | */ | |
439 | struct dentry *target_dir, *nresult; | |
2596110a CH |
440 | |
441 | /* | |
442 | * See if either the dentry we just got from the filesystem | |
443 | * or any alias for it is acceptable. This is always true | |
444 | * if this filesystem is exported without the subtreecheck | |
445 | * option. If the filesystem is exported with the subtree | |
446 | * check option there's a fair chance we need to look at | |
447 | * the parent directory in the file handle and make sure | |
448 | * it's connected to the filesystem root. | |
449 | */ | |
450 | alias = find_acceptable_alias(result, acceptable, context); | |
451 | if (alias) | |
452 | return alias; | |
453 | ||
454 | /* | |
455 | * Try to extract a dentry for the parent directory from the | |
456 | * file handle. If this fails we'll have to give up. | |
457 | */ | |
458 | err = -ESTALE; | |
459 | if (!nop->fh_to_parent) | |
460 | goto err_result; | |
461 | ||
462 | target_dir = nop->fh_to_parent(mnt->mnt_sb, fid, | |
463 | fh_len, fileid_type); | |
a4f4d6df BF |
464 | if (!target_dir) |
465 | goto err_result; | |
2596110a CH |
466 | err = PTR_ERR(target_dir); |
467 | if (IS_ERR(target_dir)) | |
468 | goto err_result; | |
469 | ||
470 | /* | |
471 | * And as usual we need to make sure the parent directory is | |
472 | * connected to the filesystem root. The VFS really doesn't | |
473 | * like disconnected directories.. | |
474 | */ | |
f3f8e175 | 475 | err = reconnect_path(mnt, target_dir, nbuf); |
2596110a CH |
476 | if (err) { |
477 | dput(target_dir); | |
478 | goto err_result; | |
479 | } | |
480 | ||
481 | /* | |
482 | * Now that we've got both a well-connected parent and a | |
483 | * dentry for the inode we're after, make sure that our | |
484 | * inode is actually connected to the parent. | |
485 | */ | |
e38f9817 | 486 | err = exportfs_get_name(mnt, target_dir, nbuf, result); |
2596110a CH |
487 | if (!err) { |
488 | mutex_lock(&target_dir->d_inode->i_mutex); | |
489 | nresult = lookup_one_len(nbuf, target_dir, | |
490 | strlen(nbuf)); | |
491 | mutex_unlock(&target_dir->d_inode->i_mutex); | |
492 | if (!IS_ERR(nresult)) { | |
493 | if (nresult->d_inode) { | |
494 | dput(result); | |
495 | result = nresult; | |
496 | } else | |
497 | dput(nresult); | |
498 | } | |
499 | } | |
500 | ||
501 | /* | |
502 | * At this point we are done with the parent, but it's pinned | |
503 | * by the child dentry anyway. | |
504 | */ | |
505 | dput(target_dir); | |
506 | ||
507 | /* | |
508 | * And finally make sure the dentry is actually acceptable | |
509 | * to NFSD. | |
510 | */ | |
511 | alias = find_acceptable_alias(result, acceptable, context); | |
512 | if (!alias) { | |
513 | err = -EACCES; | |
514 | goto err_result; | |
515 | } | |
516 | ||
517 | return alias; | |
10f11c34 CH |
518 | } |
519 | ||
2596110a CH |
520 | err_result: |
521 | dput(result); | |
522 | return ERR_PTR(err); | |
d37065cd CH |
523 | } |
524 | EXPORT_SYMBOL_GPL(exportfs_decode_fh); | |
525 | ||
1da177e4 | 526 | MODULE_LICENSE("GPL"); |