HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / affs / namei.c
blob92448d0ad900c5c91afe2c27491f01c423e7803c
1 /*
2 * linux/fs/affs/namei.c
4 * (c) 1996 Hans-Joachim Widmaier - Rewritten
6 * (C) 1993 Ray Burr - Modified for Amiga FFS filesystem.
8 * (C) 1991 Linus Torvalds - minix filesystem
9 */
11 #include "affs.h"
13 typedef int (*toupper_t)(int);
15 static int affs_toupper(int ch);
16 static int affs_hash_dentry(const struct dentry *, struct qstr *);
17 static int affs_compare_dentry(const struct dentry *parent, const struct dentry *dentry,
18 unsigned int len, const char *str, const struct qstr *name);
19 static int affs_intl_toupper(int ch);
20 static int affs_intl_hash_dentry(const struct dentry *, struct qstr *);
21 static int affs_intl_compare_dentry(const struct dentry *parent, const struct dentry *dentry,
22 unsigned int len, const char *str, const struct qstr *name);
24 const struct dentry_operations affs_dentry_operations = {
25 .d_hash = affs_hash_dentry,
26 .d_compare = affs_compare_dentry,
29 const struct dentry_operations affs_intl_dentry_operations = {
30 .d_hash = affs_intl_hash_dentry,
31 .d_compare = affs_intl_compare_dentry,
35 /* Simple toupper() for DOS\1 */
37 static int
38 affs_toupper(int ch)
40 return ch >= 'a' && ch <= 'z' ? ch -= ('a' - 'A') : ch;
43 /* International toupper() for DOS\3 ("international") */
45 static int
46 affs_intl_toupper(int ch)
48 return (ch >= 'a' && ch <= 'z') || (ch >= 0xE0
49 && ch <= 0xFE && ch != 0xF7) ?
50 ch - ('a' - 'A') : ch;
53 static inline toupper_t
54 affs_get_toupper(struct super_block *sb)
56 return affs_test_opt(AFFS_SB(sb)->s_flags, SF_INTL) ?
57 affs_intl_toupper : affs_toupper;
61 * Note: the dentry argument is the parent dentry.
63 static inline int
64 __affs_hash_dentry(struct qstr *qstr, toupper_t toupper, bool notruncate)
66 const u8 *name = qstr->name;
67 unsigned long hash;
68 int retval;
69 u32 len;
71 retval = affs_check_name(qstr->name, qstr->len, notruncate);
72 if (retval)
73 return retval;
75 hash = init_name_hash();
76 len = min(qstr->len, AFFSNAMEMAX);
77 for (; len > 0; name++, len--)
78 hash = partial_name_hash(toupper(*name), hash);
79 qstr->hash = end_name_hash(hash);
81 return 0;
84 static int
85 affs_hash_dentry(const struct dentry *dentry, struct qstr *qstr)
87 return __affs_hash_dentry(qstr, affs_toupper,
88 affs_nofilenametruncate(dentry));
92 static int
93 affs_intl_hash_dentry(const struct dentry *dentry, struct qstr *qstr)
95 return __affs_hash_dentry(qstr, affs_intl_toupper,
96 affs_nofilenametruncate(dentry));
100 static inline int __affs_compare_dentry(unsigned int len,
101 const char *str, const struct qstr *name, toupper_t toupper,
102 bool notruncate)
104 const u8 *aname = str;
105 const u8 *bname = name->name;
108 * 'str' is the name of an already existing dentry, so the name
109 * must be valid. 'name' must be validated first.
112 if (affs_check_name(name->name, name->len, notruncate))
113 return 1;
116 * If the names are longer than the allowed 30 chars,
117 * the excess is ignored, so their length may differ.
119 if (len >= AFFSNAMEMAX) {
120 if (name->len < AFFSNAMEMAX)
121 return 1;
122 len = AFFSNAMEMAX;
123 } else if (len != name->len)
124 return 1;
126 for (; len > 0; len--)
127 if (toupper(*aname++) != toupper(*bname++))
128 return 1;
130 return 0;
133 static int
134 affs_compare_dentry(const struct dentry *parent, const struct dentry *dentry,
135 unsigned int len, const char *str, const struct qstr *name)
138 return __affs_compare_dentry(len, str, name, affs_toupper,
139 affs_nofilenametruncate(parent));
142 static int
143 affs_intl_compare_dentry(const struct dentry *parent, const struct dentry *dentry,
144 unsigned int len, const char *str, const struct qstr *name)
146 return __affs_compare_dentry(len, str, name, affs_intl_toupper,
147 affs_nofilenametruncate(parent));
152 * NOTE! unlike strncmp, affs_match returns 1 for success, 0 for failure.
155 static inline int
156 affs_match(struct dentry *dentry, const u8 *name2, toupper_t toupper)
158 const u8 *name = dentry->d_name.name;
159 int len = dentry->d_name.len;
161 if (len >= AFFSNAMEMAX) {
162 if (*name2 < AFFSNAMEMAX)
163 return 0;
164 len = AFFSNAMEMAX;
165 } else if (len != *name2)
166 return 0;
168 for (name2++; len > 0; len--)
169 if (toupper(*name++) != toupper(*name2++))
170 return 0;
171 return 1;
175 affs_hash_name(struct super_block *sb, const u8 *name, unsigned int len)
177 toupper_t toupper = affs_get_toupper(sb);
178 u32 hash;
180 hash = len = min(len, AFFSNAMEMAX);
181 for (; len > 0; len--)
182 hash = (hash * 13 + toupper(*name++)) & 0x7ff;
184 return hash % AFFS_SB(sb)->s_hashsize;
187 static struct buffer_head *
188 affs_find_entry(struct inode *dir, struct dentry *dentry)
190 struct super_block *sb = dir->i_sb;
191 struct buffer_head *bh;
192 toupper_t toupper = affs_get_toupper(sb);
193 u32 key;
195 pr_debug("%s(\"%pd\")\n", __func__, dentry);
197 bh = affs_bread(sb, dir->i_ino);
198 if (!bh)
199 return ERR_PTR(-EIO);
201 key = be32_to_cpu(AFFS_HEAD(bh)->table[affs_hash_name(sb, dentry->d_name.name, dentry->d_name.len)]);
203 for (;;) {
204 affs_brelse(bh);
205 if (key == 0)
206 return NULL;
207 bh = affs_bread(sb, key);
208 if (!bh)
209 return ERR_PTR(-EIO);
210 if (affs_match(dentry, AFFS_TAIL(sb, bh)->name, toupper))
211 return bh;
212 key = be32_to_cpu(AFFS_TAIL(sb, bh)->hash_chain);
216 struct dentry *
217 affs_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
219 struct super_block *sb = dir->i_sb;
220 struct buffer_head *bh;
221 struct inode *inode = NULL;
223 pr_debug("%s(\"%pd\")\n", __func__, dentry);
225 affs_lock_dir(dir);
226 bh = affs_find_entry(dir, dentry);
227 if (IS_ERR(bh)) {
228 affs_unlock_dir(dir);
229 return ERR_CAST(bh);
231 if (bh) {
232 u32 ino = bh->b_blocknr;
234 /* store the real header ino in d_fsdata for faster lookups */
235 dentry->d_fsdata = (void *)(long)ino;
236 switch (be32_to_cpu(AFFS_TAIL(sb, bh)->stype)) {
237 //link to dirs disabled
238 //case ST_LINKDIR:
239 case ST_LINKFILE:
240 ino = be32_to_cpu(AFFS_TAIL(sb, bh)->original);
242 affs_brelse(bh);
243 inode = affs_iget(sb, ino);
244 if (IS_ERR(inode)) {
245 affs_unlock_dir(dir);
246 return ERR_CAST(inode);
249 d_add(dentry, inode);
250 affs_unlock_dir(dir);
251 return NULL;
255 affs_unlink(struct inode *dir, struct dentry *dentry)
257 pr_debug("%s(dir=%lu, %lu \"%pd\")\n", __func__, dir->i_ino,
258 d_inode(dentry)->i_ino, dentry);
260 return affs_remove_header(dentry);
264 affs_create(struct inode *dir, struct dentry *dentry, umode_t mode, bool excl)
266 struct super_block *sb = dir->i_sb;
267 struct inode *inode;
268 int error;
270 pr_debug("%s(%lu,\"%pd\",0%ho)\n",
271 __func__, dir->i_ino, dentry, mode);
273 inode = affs_new_inode(dir);
274 if (!inode)
275 return -ENOSPC;
277 inode->i_mode = mode;
278 mode_to_prot(inode);
279 mark_inode_dirty(inode);
281 inode->i_op = &affs_file_inode_operations;
282 inode->i_fop = &affs_file_operations;
283 inode->i_mapping->a_ops = affs_test_opt(AFFS_SB(sb)->s_flags, SF_OFS) ?
284 &affs_aops_ofs : &affs_aops;
285 error = affs_add_entry(dir, inode, dentry, ST_FILE);
286 if (error) {
287 clear_nlink(inode);
288 iput(inode);
289 return error;
291 return 0;
295 affs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
297 struct inode *inode;
298 int error;
300 pr_debug("%s(%lu,\"%pd\",0%ho)\n",
301 __func__, dir->i_ino, dentry, mode);
303 inode = affs_new_inode(dir);
304 if (!inode)
305 return -ENOSPC;
307 inode->i_mode = S_IFDIR | mode;
308 mode_to_prot(inode);
310 inode->i_op = &affs_dir_inode_operations;
311 inode->i_fop = &affs_dir_operations;
313 error = affs_add_entry(dir, inode, dentry, ST_USERDIR);
314 if (error) {
315 clear_nlink(inode);
316 mark_inode_dirty(inode);
317 iput(inode);
318 return error;
320 return 0;
324 affs_rmdir(struct inode *dir, struct dentry *dentry)
326 pr_debug("%s(dir=%lu, %lu \"%pd\")\n", __func__, dir->i_ino,
327 d_inode(dentry)->i_ino, dentry);
329 return affs_remove_header(dentry);
333 affs_symlink(struct inode *dir, struct dentry *dentry, const char *symname)
335 struct super_block *sb = dir->i_sb;
336 struct buffer_head *bh;
337 struct inode *inode;
338 char *p;
339 int i, maxlen, error;
340 char c, lc;
342 pr_debug("%s(%lu,\"%pd\" -> \"%s\")\n",
343 __func__, dir->i_ino, dentry, symname);
345 maxlen = AFFS_SB(sb)->s_hashsize * sizeof(u32) - 1;
346 inode = affs_new_inode(dir);
347 if (!inode)
348 return -ENOSPC;
350 inode->i_op = &affs_symlink_inode_operations;
351 inode->i_data.a_ops = &affs_symlink_aops;
352 inode->i_mode = S_IFLNK | 0777;
353 mode_to_prot(inode);
355 error = -EIO;
356 bh = affs_bread(sb, inode->i_ino);
357 if (!bh)
358 goto err;
359 i = 0;
360 p = (char *)AFFS_HEAD(bh)->table;
361 lc = '/';
362 if (*symname == '/') {
363 struct affs_sb_info *sbi = AFFS_SB(sb);
364 while (*symname == '/')
365 symname++;
366 spin_lock(&sbi->symlink_lock);
367 while (sbi->s_volume[i]) /* Cannot overflow */
368 *p++ = sbi->s_volume[i++];
369 spin_unlock(&sbi->symlink_lock);
371 while (i < maxlen && (c = *symname++)) {
372 if (c == '.' && lc == '/' && *symname == '.' && symname[1] == '/') {
373 *p++ = '/';
374 i++;
375 symname += 2;
376 lc = '/';
377 } else if (c == '.' && lc == '/' && *symname == '/') {
378 symname++;
379 lc = '/';
380 } else {
381 *p++ = c;
382 lc = c;
383 i++;
385 if (lc == '/')
386 while (*symname == '/')
387 symname++;
389 *p = 0;
390 mark_buffer_dirty_inode(bh, inode);
391 affs_brelse(bh);
392 mark_inode_dirty(inode);
394 error = affs_add_entry(dir, inode, dentry, ST_SOFTLINK);
395 if (error)
396 goto err;
398 return 0;
400 err:
401 clear_nlink(inode);
402 mark_inode_dirty(inode);
403 iput(inode);
404 return error;
408 affs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry)
410 struct inode *inode = d_inode(old_dentry);
412 pr_debug("%s(%lu, %lu, \"%pd\")\n", __func__, inode->i_ino, dir->i_ino,
413 dentry);
415 return affs_add_entry(dir, inode, dentry, ST_LINKFILE);
419 affs_rename(struct inode *old_dir, struct dentry *old_dentry,
420 struct inode *new_dir, struct dentry *new_dentry)
422 struct super_block *sb = old_dir->i_sb;
423 struct buffer_head *bh = NULL;
424 int retval;
426 pr_debug("%s(old=%lu,\"%pd\" to new=%lu,\"%pd\")\n", __func__,
427 old_dir->i_ino, old_dentry, new_dir->i_ino, new_dentry);
429 retval = affs_check_name(new_dentry->d_name.name,
430 new_dentry->d_name.len,
431 affs_nofilenametruncate(old_dentry));
433 if (retval)
434 return retval;
436 /* Unlink destination if it already exists */
437 if (d_really_is_positive(new_dentry)) {
438 retval = affs_remove_header(new_dentry);
439 if (retval)
440 return retval;
443 bh = affs_bread(sb, d_inode(old_dentry)->i_ino);
444 if (!bh)
445 return -EIO;
447 /* Remove header from its parent directory. */
448 affs_lock_dir(old_dir);
449 retval = affs_remove_hash(old_dir, bh);
450 affs_unlock_dir(old_dir);
451 if (retval)
452 goto done;
454 /* And insert it into the new directory with the new name. */
455 affs_copy_name(AFFS_TAIL(sb, bh)->name, new_dentry);
456 affs_fix_checksum(sb, bh);
457 affs_lock_dir(new_dir);
458 retval = affs_insert_hash(new_dir, bh);
459 affs_unlock_dir(new_dir);
460 /* TODO: move it back to old_dir, if error? */
462 done:
463 mark_buffer_dirty_inode(bh, retval ? old_dir : new_dir);
464 affs_brelse(bh);
465 return retval;