]> git.ipfire.org Git - thirdparty/linux.git/blob - fs/xfs/xfs_iops.c
projects / thirdparty / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xfs: convert to new timestamp accessors
[thirdparty/linux.git] / fs / xfs / xfs_iops.c
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6 #include "xfs.h"
7 #include "xfs_fs.h"
8 #include "xfs_shared.h"
9 #include "xfs_format.h"
10 #include "xfs_log_format.h"
11 #include "xfs_trans_resv.h"
12 #include "xfs_mount.h"
13 #include "xfs_inode.h"
14 #include "xfs_acl.h"
15 #include "xfs_quota.h"
16 #include "xfs_da_format.h"
17 #include "xfs_da_btree.h"
18 #include "xfs_attr.h"
19 #include "xfs_trans.h"
20 #include "xfs_trace.h"
21 #include "xfs_icache.h"
22 #include "xfs_symlink.h"
23 #include "xfs_dir2.h"
24 #include "xfs_iomap.h"
25 #include "xfs_error.h"
26 #include "xfs_ioctl.h"
27 #include "xfs_xattr.h"
28
29 #include <linux/posix_acl.h>
30 #include <linux/security.h>
31 #include <linux/iversion.h>
32 #include <linux/fiemap.h>
33
34 /*
35 * Directories have different lock order w.r.t. mmap_lock compared to regular
36 * files. This is due to readdir potentially triggering page faults on a user
37 * buffer inside filldir(), and this happens with the ilock on the directory
38 * held. For regular files, the lock order is the other way around - the
39 * mmap_lock is taken during the page fault, and then we lock the ilock to do
40 * block mapping. Hence we need a different class for the directory ilock so
41 * that lockdep can tell them apart.
42 */
43 static struct lock_class_key xfs_nondir_ilock_class;
44 static struct lock_class_key xfs_dir_ilock_class;
45
46 static int
47 xfs_initxattrs(
48 struct inode *inode,
49 const struct xattr *xattr_array,
50 void *fs_info)
51 {
52 const struct xattr *xattr;
53 struct xfs_inode *ip = XFS_I(inode);
54 int error = 0;
55
56 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
57 struct xfs_da_args args = {
58 .dp = ip,
59 .attr_filter = XFS_ATTR_SECURE,
60 .name = xattr->name,
61 .namelen = strlen(xattr->name),
62 .value = xattr->value,
63 .valuelen = xattr->value_len,
64 };
65 error = xfs_attr_change(&args);
66 if (error < 0)
67 break;
68 }
69 return error;
70 }
71
72 /*
73 * Hook in SELinux. This is not quite correct yet, what we really need
74 * here (as we do for default ACLs) is a mechanism by which creation of
75 * these attrs can be journalled at inode creation time (along with the
76 * inode, of course, such that log replay can't cause these to be lost).
77 */
78 int
79 xfs_inode_init_security(
80 struct inode *inode,
81 struct inode *dir,
82 const struct qstr *qstr)
83 {
84 return security_inode_init_security(inode, dir, qstr,
85 &xfs_initxattrs, NULL);
86 }
87
88 static void
89 xfs_dentry_to_name(
90 struct xfs_name *namep,
91 struct dentry *dentry)
92 {
93 namep->name = dentry->d_name.name;
94 namep->len = dentry->d_name.len;
95 namep->type = XFS_DIR3_FT_UNKNOWN;
96 }
97
98 static int
99 xfs_dentry_mode_to_name(
100 struct xfs_name *namep,
101 struct dentry *dentry,
102 int mode)
103 {
104 namep->name = dentry->d_name.name;
105 namep->len = dentry->d_name.len;
106 namep->type = xfs_mode_to_ftype(mode);
107
108 if (unlikely(namep->type == XFS_DIR3_FT_UNKNOWN))
109 return -EFSCORRUPTED;
110
111 return 0;
112 }
113
114 STATIC void
115 xfs_cleanup_inode(
116 struct inode *dir,
117 struct inode *inode,
118 struct dentry *dentry)
119 {
120 struct xfs_name teardown;
121
122 /* Oh, the horror.
123 * If we can't add the ACL or we fail in
124 * xfs_inode_init_security we must back out.
125 * ENOSPC can hit here, among other things.
126 */
127 xfs_dentry_to_name(&teardown, dentry);
128
129 xfs_remove(XFS_I(dir), &teardown, XFS_I(inode));
130 }
131
132 /*
133 * Check to see if we are likely to need an extended attribute to be added to
134 * the inode we are about to allocate. This allows the attribute fork to be
135 * created during the inode allocation, reducing the number of transactions we
136 * need to do in this fast path.
137 *
138 * The security checks are optimistic, but not guaranteed. The two LSMs that
139 * require xattrs to be added here (selinux and smack) are also the only two
140 * LSMs that add a sb->s_security structure to the superblock. Hence if security
141 * is enabled and sb->s_security is set, we have a pretty good idea that we are
142 * going to be asked to add a security xattr immediately after allocating the
143 * xfs inode and instantiating the VFS inode.
144 */
145 static inline bool
146 xfs_create_need_xattr(
147 struct inode *dir,
148 struct posix_acl *default_acl,
149 struct posix_acl *acl)
150 {
151 if (acl)
152 return true;
153 if (default_acl)
154 return true;
155 #if IS_ENABLED(CONFIG_SECURITY)
156 if (dir->i_sb->s_security)
157 return true;
158 #endif
159 return false;
160 }
161
162
163 STATIC int
164 xfs_generic_create(
165 struct mnt_idmap *idmap,
166 struct inode *dir,
167 struct dentry *dentry,
168 umode_t mode,
169 dev_t rdev,
170 struct file *tmpfile) /* unnamed file */
171 {
172 struct inode *inode;
173 struct xfs_inode *ip = NULL;
174 struct posix_acl *default_acl, *acl;
175 struct xfs_name name;
176 int error;
177
178 /*
179 * Irix uses Missed'em'V split, but doesn't want to see
180 * the upper 5 bits of (14bit) major.
181 */
182 if (S_ISCHR(mode) || S_ISBLK(mode)) {
183 if (unlikely(!sysv_valid_dev(rdev) || MAJOR(rdev) & ~0x1ff))
184 return -EINVAL;
185 } else {
186 rdev = 0;
187 }
188
189 error = posix_acl_create(dir, &mode, &default_acl, &acl);
190 if (error)
191 return error;
192
193 /* Verify mode is valid also for tmpfile case */
194 error = xfs_dentry_mode_to_name(&name, dentry, mode);
195 if (unlikely(error))
196 goto out_free_acl;
197
198 if (!tmpfile) {
199 error = xfs_create(idmap, XFS_I(dir), &name, mode, rdev,
200 xfs_create_need_xattr(dir, default_acl, acl),
201 &ip);
202 } else {
203 error = xfs_create_tmpfile(idmap, XFS_I(dir), mode, &ip);
204 }
205 if (unlikely(error))
206 goto out_free_acl;
207
208 inode = VFS_I(ip);
209
210 error = xfs_inode_init_security(inode, dir, &dentry->d_name);
211 if (unlikely(error))
212 goto out_cleanup_inode;
213
214 if (default_acl) {
215 error = __xfs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT);
216 if (error)
217 goto out_cleanup_inode;
218 }
219 if (acl) {
220 error = __xfs_set_acl(inode, acl, ACL_TYPE_ACCESS);
221 if (error)
222 goto out_cleanup_inode;
223 }
224
225 xfs_setup_iops(ip);
226
227 if (tmpfile) {
228 /*
229 * The VFS requires that any inode fed to d_tmpfile must have
230 * nlink == 1 so that it can decrement the nlink in d_tmpfile.
231 * However, we created the temp file with nlink == 0 because
232 * we're not allowed to put an inode with nlink > 0 on the
233 * unlinked list. Therefore we have to set nlink to 1 so that
234 * d_tmpfile can immediately set it back to zero.
235 */
236 set_nlink(inode, 1);
237 d_tmpfile(tmpfile, inode);
238 } else
239 d_instantiate(dentry, inode);
240
241 xfs_finish_inode_setup(ip);
242
243 out_free_acl:
244 posix_acl_release(default_acl);
245 posix_acl_release(acl);
246 return error;
247
248 out_cleanup_inode:
249 xfs_finish_inode_setup(ip);
250 if (!tmpfile)
251 xfs_cleanup_inode(dir, inode, dentry);
252 xfs_irele(ip);
253 goto out_free_acl;
254 }
255
256 STATIC int
257 xfs_vn_mknod(
258 struct mnt_idmap *idmap,
259 struct inode *dir,
260 struct dentry *dentry,
261 umode_t mode,
262 dev_t rdev)
263 {
264 return xfs_generic_create(idmap, dir, dentry, mode, rdev, NULL);
265 }
266
267 STATIC int
268 xfs_vn_create(
269 struct mnt_idmap *idmap,
270 struct inode *dir,
271 struct dentry *dentry,
272 umode_t mode,
273 bool flags)
274 {
275 return xfs_generic_create(idmap, dir, dentry, mode, 0, NULL);
276 }
277
278 STATIC int
279 xfs_vn_mkdir(
280 struct mnt_idmap *idmap,
281 struct inode *dir,
282 struct dentry *dentry,
283 umode_t mode)
284 {
285 return xfs_generic_create(idmap, dir, dentry, mode | S_IFDIR, 0, NULL);
286 }
287
288 STATIC struct dentry *
289 xfs_vn_lookup(
290 struct inode *dir,
291 struct dentry *dentry,
292 unsigned int flags)
293 {
294 struct inode *inode;
295 struct xfs_inode *cip;
296 struct xfs_name name;
297 int error;
298
299 if (dentry->d_name.len >= MAXNAMELEN)
300 return ERR_PTR(-ENAMETOOLONG);
301
302 xfs_dentry_to_name(&name, dentry);
303 error = xfs_lookup(XFS_I(dir), &name, &cip, NULL);
304 if (likely(!error))
305 inode = VFS_I(cip);
306 else if (likely(error == -ENOENT))
307 inode = NULL;
308 else
309 inode = ERR_PTR(error);
310 return d_splice_alias(inode, dentry);
311 }
312
313 STATIC struct dentry *
314 xfs_vn_ci_lookup(
315 struct inode *dir,
316 struct dentry *dentry,
317 unsigned int flags)
318 {
319 struct xfs_inode *ip;
320 struct xfs_name xname;
321 struct xfs_name ci_name;
322 struct qstr dname;
323 int error;
324
325 if (dentry->d_name.len >= MAXNAMELEN)
326 return ERR_PTR(-ENAMETOOLONG);
327
328 xfs_dentry_to_name(&xname, dentry);
329 error = xfs_lookup(XFS_I(dir), &xname, &ip, &ci_name);
330 if (unlikely(error)) {
331 if (unlikely(error != -ENOENT))
332 return ERR_PTR(error);
333 /*
334 * call d_add(dentry, NULL) here when d_drop_negative_children
335 * is called in xfs_vn_mknod (ie. allow negative dentries
336 * with CI filesystems).
337 */
338 return NULL;
339 }
340
341 /* if exact match, just splice and exit */
342 if (!ci_name.name)
343 return d_splice_alias(VFS_I(ip), dentry);
344
345 /* else case-insensitive match... */
346 dname.name = ci_name.name;
347 dname.len = ci_name.len;
348 dentry = d_add_ci(dentry, VFS_I(ip), &dname);
349 kmem_free(ci_name.name);
350 return dentry;
351 }
352
353 STATIC int
354 xfs_vn_link(
355 struct dentry *old_dentry,
356 struct inode *dir,
357 struct dentry *dentry)
358 {
359 struct inode *inode = d_inode(old_dentry);
360 struct xfs_name name;
361 int error;
362
363 error = xfs_dentry_mode_to_name(&name, dentry, inode->i_mode);
364 if (unlikely(error))
365 return error;
366
367 error = xfs_link(XFS_I(dir), XFS_I(inode), &name);
368 if (unlikely(error))
369 return error;
370
371 ihold(inode);
372 d_instantiate(dentry, inode);
373 return 0;
374 }
375
376 STATIC int
377 xfs_vn_unlink(
378 struct inode *dir,
379 struct dentry *dentry)
380 {
381 struct xfs_name name;
382 int error;
383
384 xfs_dentry_to_name(&name, dentry);
385
386 error = xfs_remove(XFS_I(dir), &name, XFS_I(d_inode(dentry)));
387 if (error)
388 return error;
389
390 /*
391 * With unlink, the VFS makes the dentry "negative": no inode,
392 * but still hashed. This is incompatible with case-insensitive
393 * mode, so invalidate (unhash) the dentry in CI-mode.
394 */
395 if (xfs_has_asciici(XFS_M(dir->i_sb)))
396 d_invalidate(dentry);
397 return 0;
398 }
399
400 STATIC int
401 xfs_vn_symlink(
402 struct mnt_idmap *idmap,
403 struct inode *dir,
404 struct dentry *dentry,
405 const char *symname)
406 {
407 struct inode *inode;
408 struct xfs_inode *cip = NULL;
409 struct xfs_name name;
410 int error;
411 umode_t mode;
412
413 mode = S_IFLNK |
414 (irix_symlink_mode ? 0777 & ~current_umask() : S_IRWXUGO);
415 error = xfs_dentry_mode_to_name(&name, dentry, mode);
416 if (unlikely(error))
417 goto out;
418
419 error = xfs_symlink(idmap, XFS_I(dir), &name, symname, mode, &cip);
420 if (unlikely(error))
421 goto out;
422
423 inode = VFS_I(cip);
424
425 error = xfs_inode_init_security(inode, dir, &dentry->d_name);
426 if (unlikely(error))
427 goto out_cleanup_inode;
428
429 xfs_setup_iops(cip);
430
431 d_instantiate(dentry, inode);
432 xfs_finish_inode_setup(cip);
433 return 0;
434
435 out_cleanup_inode:
436 xfs_finish_inode_setup(cip);
437 xfs_cleanup_inode(dir, inode, dentry);
438 xfs_irele(cip);
439 out:
440 return error;
441 }
442
443 STATIC int
444 xfs_vn_rename(
445 struct mnt_idmap *idmap,
446 struct inode *odir,
447 struct dentry *odentry,
448 struct inode *ndir,
449 struct dentry *ndentry,
450 unsigned int flags)
451 {
452 struct inode *new_inode = d_inode(ndentry);
453 int omode = 0;
454 int error;
455 struct xfs_name oname;
456 struct xfs_name nname;
457
458 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
459 return -EINVAL;
460
461 /* if we are exchanging files, we need to set i_mode of both files */
462 if (flags & RENAME_EXCHANGE)
463 omode = d_inode(ndentry)->i_mode;
464
465 error = xfs_dentry_mode_to_name(&oname, odentry, omode);
466 if (omode && unlikely(error))
467 return error;
468
469 error = xfs_dentry_mode_to_name(&nname, ndentry,
470 d_inode(odentry)->i_mode);
471 if (unlikely(error))
472 return error;
473
474 return xfs_rename(idmap, XFS_I(odir), &oname,
475 XFS_I(d_inode(odentry)), XFS_I(ndir), &nname,
476 new_inode ? XFS_I(new_inode) : NULL, flags);
477 }
478
479 /*
480 * careful here - this function can get called recursively, so
481 * we need to be very careful about how much stack we use.
482 * uio is kmalloced for this reason...
483 */
484 STATIC const char *
485 xfs_vn_get_link(
486 struct dentry *dentry,
487 struct inode *inode,
488 struct delayed_call *done)
489 {
490 char *link;
491 int error = -ENOMEM;
492
493 if (!dentry)
494 return ERR_PTR(-ECHILD);
495
496 link = kmalloc(XFS_SYMLINK_MAXLEN+1, GFP_KERNEL);
497 if (!link)
498 goto out_err;
499
500 error = xfs_readlink(XFS_I(d_inode(dentry)), link);
501 if (unlikely(error))
502 goto out_kfree;
503
504 set_delayed_call(done, kfree_link, link);
505 return link;
506
507 out_kfree:
508 kfree(link);
509 out_err:
510 return ERR_PTR(error);
511 }
512
513 static uint32_t
514 xfs_stat_blksize(
515 struct xfs_inode *ip)
516 {
517 struct xfs_mount *mp = ip->i_mount;
518
519 /*
520 * If the file blocks are being allocated from a realtime volume, then
521 * always return the realtime extent size.
522 */
523 if (XFS_IS_REALTIME_INODE(ip))
524 return XFS_FSB_TO_B(mp, xfs_get_extsz_hint(ip));
525
526 /*
527 * Allow large block sizes to be reported to userspace programs if the
528 * "largeio" mount option is used.
529 *
530 * If compatibility mode is specified, simply return the basic unit of
531 * caching so that we don't get inefficient read/modify/write I/O from
532 * user apps. Otherwise....
533 *
534 * If the underlying volume is a stripe, then return the stripe width in
535 * bytes as the recommended I/O size. It is not a stripe and we've set a
536 * default buffered I/O size, return that, otherwise return the compat
537 * default.
538 */
539 if (xfs_has_large_iosize(mp)) {
540 if (mp->m_swidth)
541 return XFS_FSB_TO_B(mp, mp->m_swidth);
542 if (xfs_has_allocsize(mp))
543 return 1U << mp->m_allocsize_log;
544 }
545
546 return PAGE_SIZE;
547 }
548
549 STATIC int
550 xfs_vn_getattr(
551 struct mnt_idmap *idmap,
552 const struct path *path,
553 struct kstat *stat,
554 u32 request_mask,
555 unsigned int query_flags)
556 {
557 struct inode *inode = d_inode(path->dentry);
558 struct xfs_inode *ip = XFS_I(inode);
559 struct xfs_mount *mp = ip->i_mount;
560 vfsuid_t vfsuid = i_uid_into_vfsuid(idmap, inode);
561 vfsgid_t vfsgid = i_gid_into_vfsgid(idmap, inode);
562
563 trace_xfs_getattr(ip);
564
565 if (xfs_is_shutdown(mp))
566 return -EIO;
567
568 stat->size = XFS_ISIZE(ip);
569 stat->dev = inode->i_sb->s_dev;
570 stat->mode = inode->i_mode;
571 stat->nlink = inode->i_nlink;
572 stat->uid = vfsuid_into_kuid(vfsuid);
573 stat->gid = vfsgid_into_kgid(vfsgid);
574 stat->ino = ip->i_ino;
575 stat->atime = inode_get_atime(inode);
576 stat->mtime = inode_get_mtime(inode);
577 stat->ctime = inode_get_ctime(inode);
578 stat->blocks = XFS_FSB_TO_BB(mp, ip->i_nblocks + ip->i_delayed_blks);
579
580 if (xfs_has_v3inodes(mp)) {
581 if (request_mask & STATX_BTIME) {
582 stat->result_mask |= STATX_BTIME;
583 stat->btime = ip->i_crtime;
584 }
585 }
586
587 /*
588 * Note: If you add another clause to set an attribute flag, please
589 * update attributes_mask below.
590 */
591 if (ip->i_diflags & XFS_DIFLAG_IMMUTABLE)
592 stat->attributes |= STATX_ATTR_IMMUTABLE;
593 if (ip->i_diflags & XFS_DIFLAG_APPEND)
594 stat->attributes |= STATX_ATTR_APPEND;
595 if (ip->i_diflags & XFS_DIFLAG_NODUMP)
596 stat->attributes |= STATX_ATTR_NODUMP;
597
598 stat->attributes_mask |= (STATX_ATTR_IMMUTABLE |
599 STATX_ATTR_APPEND |
600 STATX_ATTR_NODUMP);
601
602 switch (inode->i_mode & S_IFMT) {
603 case S_IFBLK:
604 case S_IFCHR:
605 stat->blksize = BLKDEV_IOSIZE;
606 stat->rdev = inode->i_rdev;
607 break;
608 case S_IFREG:
609 if (request_mask & STATX_DIOALIGN) {
610 struct xfs_buftarg *target = xfs_inode_buftarg(ip);
611 struct block_device *bdev = target->bt_bdev;
612
613 stat->result_mask |= STATX_DIOALIGN;
614 stat->dio_mem_align = bdev_dma_alignment(bdev) + 1;
615 stat->dio_offset_align = bdev_logical_block_size(bdev);
616 }
617 fallthrough;
618 default:
619 stat->blksize = xfs_stat_blksize(ip);
620 stat->rdev = 0;
621 break;
622 }
623
624 return 0;
625 }
626
627 static int
628 xfs_vn_change_ok(
629 struct mnt_idmap *idmap,
630 struct dentry *dentry,
631 struct iattr *iattr)
632 {
633 struct xfs_mount *mp = XFS_I(d_inode(dentry))->i_mount;
634
635 if (xfs_is_readonly(mp))
636 return -EROFS;
637
638 if (xfs_is_shutdown(mp))
639 return -EIO;
640
641 return setattr_prepare(idmap, dentry, iattr);
642 }
643
644 /*
645 * Set non-size attributes of an inode.
646 *
647 * Caution: The caller of this function is responsible for calling
648 * setattr_prepare() or otherwise verifying the change is fine.
649 */
650 static int
651 xfs_setattr_nonsize(
652 struct mnt_idmap *idmap,
653 struct dentry *dentry,
654 struct xfs_inode *ip,
655 struct iattr *iattr)
656 {
657 xfs_mount_t *mp = ip->i_mount;
658 struct inode *inode = VFS_I(ip);
659 int mask = iattr->ia_valid;
660 xfs_trans_t *tp;
661 int error;
662 kuid_t uid = GLOBAL_ROOT_UID;
663 kgid_t gid = GLOBAL_ROOT_GID;
664 struct xfs_dquot *udqp = NULL, *gdqp = NULL;
665 struct xfs_dquot *old_udqp = NULL, *old_gdqp = NULL;
666
667 ASSERT((mask & ATTR_SIZE) == 0);
668
669 /*
670 * If disk quotas is on, we make sure that the dquots do exist on disk,
671 * before we start any other transactions. Trying to do this later
672 * is messy. We don't care to take a readlock to look at the ids
673 * in inode here, because we can't hold it across the trans_reserve.
674 * If the IDs do change before we take the ilock, we're covered
675 * because the i_*dquot fields will get updated anyway.
676 */
677 if (XFS_IS_QUOTA_ON(mp) && (mask & (ATTR_UID|ATTR_GID))) {
678 uint qflags = 0;
679
680 if ((mask & ATTR_UID) && XFS_IS_UQUOTA_ON(mp)) {
681 uid = from_vfsuid(idmap, i_user_ns(inode),
682 iattr->ia_vfsuid);
683 qflags |= XFS_QMOPT_UQUOTA;
684 } else {
685 uid = inode->i_uid;
686 }
687 if ((mask & ATTR_GID) && XFS_IS_GQUOTA_ON(mp)) {
688 gid = from_vfsgid(idmap, i_user_ns(inode),
689 iattr->ia_vfsgid);
690 qflags |= XFS_QMOPT_GQUOTA;
691 } else {
692 gid = inode->i_gid;
693 }
694
695 /*
696 * We take a reference when we initialize udqp and gdqp,
697 * so it is important that we never blindly double trip on
698 * the same variable. See xfs_create() for an example.
699 */
700 ASSERT(udqp == NULL);
701 ASSERT(gdqp == NULL);
702 error = xfs_qm_vop_dqalloc(ip, uid, gid, ip->i_projid,
703 qflags, &udqp, &gdqp, NULL);
704 if (error)
705 return error;
706 }
707
708 error = xfs_trans_alloc_ichange(ip, udqp, gdqp, NULL,
709 has_capability_noaudit(current, CAP_FOWNER), &tp);
710 if (error)
711 goto out_dqrele;
712
713 /*
714 * Register quota modifications in the transaction. Must be the owner
715 * or privileged. These IDs could have changed since we last looked at
716 * them. But, we're assured that if the ownership did change while we
717 * didn't have the inode locked, inode's dquot(s) would have changed
718 * also.
719 */
720 if (XFS_IS_UQUOTA_ON(mp) &&
721 i_uid_needs_update(idmap, iattr, inode)) {
722 ASSERT(udqp);
723 old_udqp = xfs_qm_vop_chown(tp, ip, &ip->i_udquot, udqp);
724 }
725 if (XFS_IS_GQUOTA_ON(mp) &&
726 i_gid_needs_update(idmap, iattr, inode)) {
727 ASSERT(xfs_has_pquotino(mp) || !XFS_IS_PQUOTA_ON(mp));
728 ASSERT(gdqp);
729 old_gdqp = xfs_qm_vop_chown(tp, ip, &ip->i_gdquot, gdqp);
730 }
731
732 setattr_copy(idmap, inode, iattr);
733 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
734
735 XFS_STATS_INC(mp, xs_ig_attrchg);
736
737 if (xfs_has_wsync(mp))
738 xfs_trans_set_sync(tp);
739 error = xfs_trans_commit(tp);
740
741 /*
742 * Release any dquot(s) the inode had kept before chown.
743 */
744 xfs_qm_dqrele(old_udqp);
745 xfs_qm_dqrele(old_gdqp);
746 xfs_qm_dqrele(udqp);
747 xfs_qm_dqrele(gdqp);
748
749 if (error)
750 return error;
751
752 /*
753 * XXX(hch): Updating the ACL entries is not atomic vs the i_mode
754 * update. We could avoid this with linked transactions
755 * and passing down the transaction pointer all the way
756 * to attr_set. No previous user of the generic
757 * Posix ACL code seems to care about this issue either.
758 */
759 if (mask & ATTR_MODE) {
760 error = posix_acl_chmod(idmap, dentry, inode->i_mode);
761 if (error)
762 return error;
763 }
764
765 return 0;
766
767 out_dqrele:
768 xfs_qm_dqrele(udqp);
769 xfs_qm_dqrele(gdqp);
770 return error;
771 }
772
773 /*
774 * Truncate file. Must have write permission and not be a directory.
775 *
776 * Caution: The caller of this function is responsible for calling
777 * setattr_prepare() or otherwise verifying the change is fine.
778 */
779 STATIC int
780 xfs_setattr_size(
781 struct mnt_idmap *idmap,
782 struct dentry *dentry,
783 struct xfs_inode *ip,
784 struct iattr *iattr)
785 {
786 struct xfs_mount *mp = ip->i_mount;
787 struct inode *inode = VFS_I(ip);
788 xfs_off_t oldsize, newsize;
789 struct xfs_trans *tp;
790 int error;
791 uint lock_flags = 0;
792 bool did_zeroing = false;
793
794 ASSERT(xfs_isilocked(ip, XFS_IOLOCK_EXCL));
795 ASSERT(xfs_isilocked(ip, XFS_MMAPLOCK_EXCL));
796 ASSERT(S_ISREG(inode->i_mode));
797 ASSERT((iattr->ia_valid & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET|
798 ATTR_MTIME_SET|ATTR_TIMES_SET)) == 0);
799
800 oldsize = inode->i_size;
801 newsize = iattr->ia_size;
802
803 /*
804 * Short circuit the truncate case for zero length files.
805 */
806 if (newsize == 0 && oldsize == 0 && ip->i_df.if_nextents == 0) {
807 if (!(iattr->ia_valid & (ATTR_CTIME|ATTR_MTIME)))
808 return 0;
809
810 /*
811 * Use the regular setattr path to update the timestamps.
812 */
813 iattr->ia_valid &= ~ATTR_SIZE;
814 return xfs_setattr_nonsize(idmap, dentry, ip, iattr);
815 }
816
817 /*
818 * Make sure that the dquots are attached to the inode.
819 */
820 error = xfs_qm_dqattach(ip);
821 if (error)
822 return error;
823
824 /*
825 * Wait for all direct I/O to complete.
826 */
827 inode_dio_wait(inode);
828
829 /*
830 * File data changes must be complete before we start the transaction to
831 * modify the inode. This needs to be done before joining the inode to
832 * the transaction because the inode cannot be unlocked once it is a
833 * part of the transaction.
834 *
835 * Start with zeroing any data beyond EOF that we may expose on file
836 * extension, or zeroing out the rest of the block on a downward
837 * truncate.
838 */
839 if (newsize > oldsize) {
840 trace_xfs_zero_eof(ip, oldsize, newsize - oldsize);
841 error = xfs_zero_range(ip, oldsize, newsize - oldsize,
842 &did_zeroing);
843 } else {
844 /*
845 * iomap won't detect a dirty page over an unwritten block (or a
846 * cow block over a hole) and subsequently skips zeroing the
847 * newly post-EOF portion of the page. Flush the new EOF to
848 * convert the block before the pagecache truncate.
849 */
850 error = filemap_write_and_wait_range(inode->i_mapping, newsize,
851 newsize);
852 if (error)
853 return error;
854 error = xfs_truncate_page(ip, newsize, &did_zeroing);
855 }
856
857 if (error)
858 return error;
859
860 /*
861 * We've already locked out new page faults, so now we can safely remove
862 * pages from the page cache knowing they won't get refaulted until we
863 * drop the XFS_MMAP_EXCL lock after the extent manipulations are
864 * complete. The truncate_setsize() call also cleans partial EOF page
865 * PTEs on extending truncates and hence ensures sub-page block size
866 * filesystems are correctly handled, too.
867 *
868 * We have to do all the page cache truncate work outside the
869 * transaction context as the "lock" order is page lock->log space
870 * reservation as defined by extent allocation in the writeback path.
871 * Hence a truncate can fail with ENOMEM from xfs_trans_alloc(), but
872 * having already truncated the in-memory version of the file (i.e. made
873 * user visible changes). There's not much we can do about this, except
874 * to hope that the caller sees ENOMEM and retries the truncate
875 * operation.
876 *
877 * And we update in-core i_size and truncate page cache beyond newsize
878 * before writeback the [i_disk_size, newsize] range, so we're
879 * guaranteed not to write stale data past the new EOF on truncate down.
880 */
881 truncate_setsize(inode, newsize);
882
883 /*
884 * We are going to log the inode size change in this transaction so
885 * any previous writes that are beyond the on disk EOF and the new
886 * EOF that have not been written out need to be written here. If we
887 * do not write the data out, we expose ourselves to the null files
888 * problem. Note that this includes any block zeroing we did above;
889 * otherwise those blocks may not be zeroed after a crash.
890 */
891 if (did_zeroing ||
892 (newsize > ip->i_disk_size && oldsize != ip->i_disk_size)) {
893 error = filemap_write_and_wait_range(VFS_I(ip)->i_mapping,
894 ip->i_disk_size, newsize - 1);
895 if (error)
896 return error;
897 }
898
899 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_itruncate, 0, 0, 0, &tp);
900 if (error)
901 return error;
902
903 lock_flags |= XFS_ILOCK_EXCL;
904 xfs_ilock(ip, XFS_ILOCK_EXCL);
905 xfs_trans_ijoin(tp, ip, 0);
906
907 /*
908 * Only change the c/mtime if we are changing the size or we are
909 * explicitly asked to change it. This handles the semantic difference
910 * between truncate() and ftruncate() as implemented in the VFS.
911 *
912 * The regular truncate() case without ATTR_CTIME and ATTR_MTIME is a
913 * special case where we need to update the times despite not having
914 * these flags set. For all other operations the VFS set these flags
915 * explicitly if it wants a timestamp update.
916 */
917 if (newsize != oldsize &&
918 !(iattr->ia_valid & (ATTR_CTIME | ATTR_MTIME))) {
919 iattr->ia_ctime = iattr->ia_mtime =
920 current_time(inode);
921 iattr->ia_valid |= ATTR_CTIME | ATTR_MTIME;
922 }
923
924 /*
925 * The first thing we do is set the size to new_size permanently on
926 * disk. This way we don't have to worry about anyone ever being able
927 * to look at the data being freed even in the face of a crash.
928 * What we're getting around here is the case where we free a block, it
929 * is allocated to another file, it is written to, and then we crash.
930 * If the new data gets written to the file but the log buffers
931 * containing the free and reallocation don't, then we'd end up with
932 * garbage in the blocks being freed. As long as we make the new size
933 * permanent before actually freeing any blocks it doesn't matter if
934 * they get written to.
935 */
936 ip->i_disk_size = newsize;
937 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
938
939 if (newsize <= oldsize) {
940 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, newsize);
941 if (error)
942 goto out_trans_cancel;
943
944 /*
945 * Truncated "down", so we're removing references to old data
946 * here - if we delay flushing for a long time, we expose
947 * ourselves unduly to the notorious NULL files problem. So,
948 * we mark this inode and flush it when the file is closed,
949 * and do not wait the usual (long) time for writeout.
950 */
951 xfs_iflags_set(ip, XFS_ITRUNCATED);
952
953 /* A truncate down always removes post-EOF blocks. */
954 xfs_inode_clear_eofblocks_tag(ip);
955 }
956
957 ASSERT(!(iattr->ia_valid & (ATTR_UID | ATTR_GID)));
958 setattr_copy(idmap, inode, iattr);
959 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
960
961 XFS_STATS_INC(mp, xs_ig_attrchg);
962
963 if (xfs_has_wsync(mp))
964 xfs_trans_set_sync(tp);
965
966 error = xfs_trans_commit(tp);
967 out_unlock:
968 if (lock_flags)
969 xfs_iunlock(ip, lock_flags);
970 return error;
971
972 out_trans_cancel:
973 xfs_trans_cancel(tp);
974 goto out_unlock;
975 }
976
977 int
978 xfs_vn_setattr_size(
979 struct mnt_idmap *idmap,
980 struct dentry *dentry,
981 struct iattr *iattr)
982 {
983 struct xfs_inode *ip = XFS_I(d_inode(dentry));
984 int error;
985
986 trace_xfs_setattr(ip);
987
988 error = xfs_vn_change_ok(idmap, dentry, iattr);
989 if (error)
990 return error;
991 return xfs_setattr_size(idmap, dentry, ip, iattr);
992 }
993
994 STATIC int
995 xfs_vn_setattr(
996 struct mnt_idmap *idmap,
997 struct dentry *dentry,
998 struct iattr *iattr)
999 {
1000 struct inode *inode = d_inode(dentry);
1001 struct xfs_inode *ip = XFS_I(inode);
1002 int error;
1003
1004 if (iattr->ia_valid & ATTR_SIZE) {
1005 uint iolock;
1006
1007 xfs_ilock(ip, XFS_MMAPLOCK_EXCL);
1008 iolock = XFS_IOLOCK_EXCL | XFS_MMAPLOCK_EXCL;
1009
1010 error = xfs_break_layouts(inode, &iolock, BREAK_UNMAP);
1011 if (error) {
1012 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL);
1013 return error;
1014 }
1015
1016 error = xfs_vn_setattr_size(idmap, dentry, iattr);
1017 xfs_iunlock(ip, XFS_MMAPLOCK_EXCL);
1018 } else {
1019 trace_xfs_setattr(ip);
1020
1021 error = xfs_vn_change_ok(idmap, dentry, iattr);
1022 if (!error)
1023 error = xfs_setattr_nonsize(idmap, dentry, ip, iattr);
1024 }
1025
1026 return error;
1027 }
1028
1029 STATIC int
1030 xfs_vn_update_time(
1031 struct inode *inode,
1032 int flags)
1033 {
1034 struct xfs_inode *ip = XFS_I(inode);
1035 struct xfs_mount *mp = ip->i_mount;
1036 int log_flags = XFS_ILOG_TIMESTAMP;
1037 struct xfs_trans *tp;
1038 int error;
1039 struct timespec64 now;
1040
1041 trace_xfs_update_time(ip);
1042
1043 if (inode->i_sb->s_flags & SB_LAZYTIME) {
1044 if (!((flags & S_VERSION) &&
1045 inode_maybe_inc_iversion(inode, false))) {
1046 generic_update_time(inode, flags);
1047 return 0;
1048 }
1049
1050 /* Capture the iversion update that just occurred */
1051 log_flags |= XFS_ILOG_CORE;
1052 }
1053
1054 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_fsyncts, 0, 0, 0, &tp);
1055 if (error)
1056 return error;
1057
1058 xfs_ilock(ip, XFS_ILOCK_EXCL);
1059 if (flags & (S_CTIME|S_MTIME))
1060 now = inode_set_ctime_current(inode);
1061 else
1062 now = current_time(inode);
1063
1064 if (flags & S_MTIME)
1065 inode_set_mtime_to_ts(inode, now);
1066 if (flags & S_ATIME)
1067 inode_set_atime_to_ts(inode, now);
1068
1069 xfs_trans_ijoin(tp, ip, XFS_ILOCK_EXCL);
1070 xfs_trans_log_inode(tp, ip, log_flags);
1071 return xfs_trans_commit(tp);
1072 }
1073
1074 STATIC int
1075 xfs_vn_fiemap(
1076 struct inode *inode,
1077 struct fiemap_extent_info *fieinfo,
1078 u64 start,
1079 u64 length)
1080 {
1081 int error;
1082
1083 xfs_ilock(XFS_I(inode), XFS_IOLOCK_SHARED);
1084 if (fieinfo->fi_flags & FIEMAP_FLAG_XATTR) {
1085 fieinfo->fi_flags &= ~FIEMAP_FLAG_XATTR;
1086 error = iomap_fiemap(inode, fieinfo, start, length,
1087 &xfs_xattr_iomap_ops);
1088 } else {
1089 error = iomap_fiemap(inode, fieinfo, start, length,
1090 &xfs_read_iomap_ops);
1091 }
1092 xfs_iunlock(XFS_I(inode), XFS_IOLOCK_SHARED);
1093
1094 return error;
1095 }
1096
1097 STATIC int
1098 xfs_vn_tmpfile(
1099 struct mnt_idmap *idmap,
1100 struct inode *dir,
1101 struct file *file,
1102 umode_t mode)
1103 {
1104 int err = xfs_generic_create(idmap, dir, file->f_path.dentry, mode, 0, file);
1105
1106 return finish_open_simple(file, err);
1107 }
1108
1109 static const struct inode_operations xfs_inode_operations = {
1110 .get_inode_acl = xfs_get_acl,
1111 .set_acl = xfs_set_acl,
1112 .getattr = xfs_vn_getattr,
1113 .setattr = xfs_vn_setattr,
1114 .listxattr = xfs_vn_listxattr,
1115 .fiemap = xfs_vn_fiemap,
1116 .update_time = xfs_vn_update_time,
1117 .fileattr_get = xfs_fileattr_get,
1118 .fileattr_set = xfs_fileattr_set,
1119 };
1120
1121 static const struct inode_operations xfs_dir_inode_operations = {
1122 .create = xfs_vn_create,
1123 .lookup = xfs_vn_lookup,
1124 .link = xfs_vn_link,
1125 .unlink = xfs_vn_unlink,
1126 .symlink = xfs_vn_symlink,
1127 .mkdir = xfs_vn_mkdir,
1128 /*
1129 * Yes, XFS uses the same method for rmdir and unlink.
1130 *
1131 * There are some subtile differences deeper in the code,
1132 * but we use S_ISDIR to check for those.
1133 */
1134 .rmdir = xfs_vn_unlink,
1135 .mknod = xfs_vn_mknod,
1136 .rename = xfs_vn_rename,
1137 .get_inode_acl = xfs_get_acl,
1138 .set_acl = xfs_set_acl,
1139 .getattr = xfs_vn_getattr,
1140 .setattr = xfs_vn_setattr,
1141 .listxattr = xfs_vn_listxattr,
1142 .update_time = xfs_vn_update_time,
1143 .tmpfile = xfs_vn_tmpfile,
1144 .fileattr_get = xfs_fileattr_get,
1145 .fileattr_set = xfs_fileattr_set,
1146 };
1147
1148 static const struct inode_operations xfs_dir_ci_inode_operations = {
1149 .create = xfs_vn_create,
1150 .lookup = xfs_vn_ci_lookup,
1151 .link = xfs_vn_link,
1152 .unlink = xfs_vn_unlink,
1153 .symlink = xfs_vn_symlink,
1154 .mkdir = xfs_vn_mkdir,
1155 /*
1156 * Yes, XFS uses the same method for rmdir and unlink.
1157 *
1158 * There are some subtile differences deeper in the code,
1159 * but we use S_ISDIR to check for those.
1160 */
1161 .rmdir = xfs_vn_unlink,
1162 .mknod = xfs_vn_mknod,
1163 .rename = xfs_vn_rename,
1164 .get_inode_acl = xfs_get_acl,
1165 .set_acl = xfs_set_acl,
1166 .getattr = xfs_vn_getattr,
1167 .setattr = xfs_vn_setattr,
1168 .listxattr = xfs_vn_listxattr,
1169 .update_time = xfs_vn_update_time,
1170 .tmpfile = xfs_vn_tmpfile,
1171 .fileattr_get = xfs_fileattr_get,
1172 .fileattr_set = xfs_fileattr_set,
1173 };
1174
1175 static const struct inode_operations xfs_symlink_inode_operations = {
1176 .get_link = xfs_vn_get_link,
1177 .getattr = xfs_vn_getattr,
1178 .setattr = xfs_vn_setattr,
1179 .listxattr = xfs_vn_listxattr,
1180 .update_time = xfs_vn_update_time,
1181 };
1182
1183 /* Figure out if this file actually supports DAX. */
1184 static bool
1185 xfs_inode_supports_dax(
1186 struct xfs_inode *ip)
1187 {
1188 struct xfs_mount *mp = ip->i_mount;
1189
1190 /* Only supported on regular files. */
1191 if (!S_ISREG(VFS_I(ip)->i_mode))
1192 return false;
1193
1194 /* Block size must match page size */
1195 if (mp->m_sb.sb_blocksize != PAGE_SIZE)
1196 return false;
1197
1198 /* Device has to support DAX too. */
1199 return xfs_inode_buftarg(ip)->bt_daxdev != NULL;
1200 }
1201
1202 static bool
1203 xfs_inode_should_enable_dax(
1204 struct xfs_inode *ip)
1205 {
1206 if (!IS_ENABLED(CONFIG_FS_DAX))
1207 return false;
1208 if (xfs_has_dax_never(ip->i_mount))
1209 return false;
1210 if (!xfs_inode_supports_dax(ip))
1211 return false;
1212 if (xfs_has_dax_always(ip->i_mount))
1213 return true;
1214 if (ip->i_diflags2 & XFS_DIFLAG2_DAX)
1215 return true;
1216 return false;
1217 }
1218
1219 void
1220 xfs_diflags_to_iflags(
1221 struct xfs_inode *ip,
1222 bool init)
1223 {
1224 struct inode *inode = VFS_I(ip);
1225 unsigned int xflags = xfs_ip2xflags(ip);
1226 unsigned int flags = 0;
1227
1228 ASSERT(!(IS_DAX(inode) && init));
1229
1230 if (xflags & FS_XFLAG_IMMUTABLE)
1231 flags |= S_IMMUTABLE;
1232 if (xflags & FS_XFLAG_APPEND)
1233 flags |= S_APPEND;
1234 if (xflags & FS_XFLAG_SYNC)
1235 flags |= S_SYNC;
1236 if (xflags & FS_XFLAG_NOATIME)
1237 flags |= S_NOATIME;
1238 if (init && xfs_inode_should_enable_dax(ip))
1239 flags |= S_DAX;
1240
1241 /*
1242 * S_DAX can only be set during inode initialization and is never set by
1243 * the VFS, so we cannot mask off S_DAX in i_flags.
1244 */
1245 inode->i_flags &= ~(S_IMMUTABLE | S_APPEND | S_SYNC | S_NOATIME);
1246 inode->i_flags |= flags;
1247 }
1248
1249 /*
1250 * Initialize the Linux inode.
1251 *
1252 * When reading existing inodes from disk this is called directly from xfs_iget,
1253 * when creating a new inode it is called from xfs_init_new_inode after setting
1254 * up the inode. These callers have different criteria for clearing XFS_INEW, so
1255 * leave it up to the caller to deal with unlocking the inode appropriately.
1256 */
1257 void
1258 xfs_setup_inode(
1259 struct xfs_inode *ip)
1260 {
1261 struct inode *inode = &ip->i_vnode;
1262 gfp_t gfp_mask;
1263
1264 inode->i_ino = ip->i_ino;
1265 inode->i_state |= I_NEW;
1266
1267 inode_sb_list_add(inode);
1268 /* make the inode look hashed for the writeback code */
1269 inode_fake_hash(inode);
1270
1271 i_size_write(inode, ip->i_disk_size);
1272 xfs_diflags_to_iflags(ip, true);
1273
1274 if (S_ISDIR(inode->i_mode)) {
1275 /*
1276 * We set the i_rwsem class here to avoid potential races with
1277 * lockdep_annotate_inode_mutex_key() reinitialising the lock
1278 * after a filehandle lookup has already found the inode in
1279 * cache before it has been unlocked via unlock_new_inode().
1280 */
1281 lockdep_set_class(&inode->i_rwsem,
1282 &inode->i_sb->s_type->i_mutex_dir_key);
1283 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_dir_ilock_class);
1284 } else {
1285 lockdep_set_class(&ip->i_lock.mr_lock, &xfs_nondir_ilock_class);
1286 }
1287
1288 /*
1289 * Ensure all page cache allocations are done from GFP_NOFS context to
1290 * prevent direct reclaim recursion back into the filesystem and blowing
1291 * stacks or deadlocking.
1292 */
1293 gfp_mask = mapping_gfp_mask(inode->i_mapping);
1294 mapping_set_gfp_mask(inode->i_mapping, (gfp_mask & ~(__GFP_FS)));
1295
1296 /*
1297 * If there is no attribute fork no ACL can exist on this inode,
1298 * and it can't have any file capabilities attached to it either.
1299 */
1300 if (!xfs_inode_has_attr_fork(ip)) {
1301 inode_has_no_xattr(inode);
1302 cache_no_acl(inode);
1303 }
1304 }
1305
1306 void
1307 xfs_setup_iops(
1308 struct xfs_inode *ip)
1309 {
1310 struct inode *inode = &ip->i_vnode;
1311
1312 switch (inode->i_mode & S_IFMT) {
1313 case S_IFREG:
1314 inode->i_op = &xfs_inode_operations;
1315 inode->i_fop = &xfs_file_operations;
1316 if (IS_DAX(inode))
1317 inode->i_mapping->a_ops = &xfs_dax_aops;
1318 else
1319 inode->i_mapping->a_ops = &xfs_address_space_operations;
1320 break;
1321 case S_IFDIR:
1322 if (xfs_has_asciici(XFS_M(inode->i_sb)))
1323 inode->i_op = &xfs_dir_ci_inode_operations;
1324 else
1325 inode->i_op = &xfs_dir_inode_operations;
1326 inode->i_fop = &xfs_dir_file_operations;
1327 break;
1328 case S_IFLNK:
1329 inode->i_op = &xfs_symlink_inode_operations;
1330 break;
1331 default:
1332 inode->i_op = &xfs_inode_operations;
1333 init_special_inode(inode, inode->i_mode, inode->i_rdev);
1334 break;
1335 }
1336 }
A mirror of Linus' kernel repository