HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / autofs4 / expire.c
blob5124f06c32bcc12df9defd581f0170ab25bfbd7d
1 /* -*- c -*- --------------------------------------------------------------- *
3 * linux/fs/autofs/expire.c
5 * Copyright 1997-1998 Transmeta Corporation -- All Rights Reserved
6 * Copyright 1999-2000 Jeremy Fitzhardinge <jeremy@goop.org>
7 * Copyright 2001-2006 Ian Kent <raven@themaw.net>
9 * This file is part of the Linux kernel and is made available under
10 * the terms of the GNU General Public License, version 2, or at your
11 * option, any later version, incorporated herein by reference.
13 * ------------------------------------------------------------------------- */
15 #include "autofs_i.h"
17 static unsigned long now;
19 /* Check if a dentry can be expired */
20 static inline int autofs4_can_expire(struct dentry *dentry,
21 unsigned long timeout, int do_now)
23 struct autofs_info *ino = autofs4_dentry_ino(dentry);
25 /* dentry in the process of being deleted */
26 if (ino == NULL)
27 return 0;
29 if (!do_now) {
30 /* Too young to die */
31 if (!timeout || time_after(ino->last_used + timeout, now))
32 return 0;
34 return 1;
37 /* Check a mount point for busyness */
38 static int autofs4_mount_busy(struct vfsmount *mnt, struct dentry *dentry)
40 struct dentry *top = dentry;
41 struct path path = {.mnt = mnt, .dentry = dentry};
42 int status = 1;
44 DPRINTK("dentry %p %pd", dentry, dentry);
46 path_get(&path);
48 if (!follow_down_one(&path))
49 goto done;
51 if (is_autofs4_dentry(path.dentry)) {
52 struct autofs_sb_info *sbi = autofs4_sbi(path.dentry->d_sb);
54 /* This is an autofs submount, we can't expire it */
55 if (autofs_type_indirect(sbi->type))
56 goto done;
59 /* Update the expiry counter if fs is busy */
60 if (!may_umount_tree(path.mnt)) {
61 struct autofs_info *ino = autofs4_dentry_ino(top);
62 ino->last_used = jiffies;
63 goto done;
66 status = 0;
67 done:
68 DPRINTK("returning = %d", status);
69 path_put(&path);
70 return status;
74 * Calculate and dget next entry in the subdirs list under root.
76 static struct dentry *get_next_positive_subdir(struct dentry *prev,
77 struct dentry *root)
79 struct autofs_sb_info *sbi = autofs4_sbi(root->d_sb);
80 struct list_head *next;
81 struct dentry *q;
83 spin_lock(&sbi->lookup_lock);
84 spin_lock(&root->d_lock);
86 if (prev)
87 next = prev->d_child.next;
88 else {
89 prev = dget_dlock(root);
90 next = prev->d_subdirs.next;
93 cont:
94 if (next == &root->d_subdirs) {
95 spin_unlock(&root->d_lock);
96 spin_unlock(&sbi->lookup_lock);
97 dput(prev);
98 return NULL;
101 q = list_entry(next, struct dentry, d_child);
103 spin_lock_nested(&q->d_lock, DENTRY_D_LOCK_NESTED);
104 /* Already gone or negative dentry (under construction) - try next */
105 if (!d_count(q) || !simple_positive(q)) {
106 spin_unlock(&q->d_lock);
107 next = q->d_child.next;
108 goto cont;
110 dget_dlock(q);
111 spin_unlock(&q->d_lock);
112 spin_unlock(&root->d_lock);
113 spin_unlock(&sbi->lookup_lock);
115 dput(prev);
117 return q;
121 * Calculate and dget next entry in top down tree traversal.
123 static struct dentry *get_next_positive_dentry(struct dentry *prev,
124 struct dentry *root)
126 struct autofs_sb_info *sbi = autofs4_sbi(root->d_sb);
127 struct list_head *next;
128 struct dentry *p, *ret;
130 if (prev == NULL)
131 return dget(root);
133 spin_lock(&sbi->lookup_lock);
134 relock:
135 p = prev;
136 spin_lock(&p->d_lock);
137 again:
138 next = p->d_subdirs.next;
139 if (next == &p->d_subdirs) {
140 while (1) {
141 struct dentry *parent;
143 if (p == root) {
144 spin_unlock(&p->d_lock);
145 spin_unlock(&sbi->lookup_lock);
146 dput(prev);
147 return NULL;
150 parent = p->d_parent;
151 if (!spin_trylock(&parent->d_lock)) {
152 spin_unlock(&p->d_lock);
153 cpu_relax();
154 goto relock;
156 spin_unlock(&p->d_lock);
157 next = p->d_child.next;
158 p = parent;
159 if (next != &parent->d_subdirs)
160 break;
163 ret = list_entry(next, struct dentry, d_child);
165 spin_lock_nested(&ret->d_lock, DENTRY_D_LOCK_NESTED);
166 /* Negative dentry - try next */
167 if (!simple_positive(ret)) {
168 spin_unlock(&p->d_lock);
169 lock_set_subclass(&ret->d_lock.dep_map, 0, _RET_IP_);
170 p = ret;
171 goto again;
173 dget_dlock(ret);
174 spin_unlock(&ret->d_lock);
175 spin_unlock(&p->d_lock);
176 spin_unlock(&sbi->lookup_lock);
178 dput(prev);
180 return ret;
184 * Check a direct mount point for busyness.
185 * Direct mounts have similar expiry semantics to tree mounts.
186 * The tree is not busy iff no mountpoints are busy and there are no
187 * autofs submounts.
189 static int autofs4_direct_busy(struct vfsmount *mnt,
190 struct dentry *top,
191 unsigned long timeout,
192 int do_now)
194 DPRINTK("top %p %pd", top, top);
196 /* If it's busy update the expiry counters */
197 if (!may_umount_tree(mnt)) {
198 struct autofs_info *ino = autofs4_dentry_ino(top);
199 if (ino)
200 ino->last_used = jiffies;
201 return 1;
204 /* Timeout of a direct mount is determined by its top dentry */
205 if (!autofs4_can_expire(top, timeout, do_now))
206 return 1;
208 return 0;
211 /* Check a directory tree of mount points for busyness
212 * The tree is not busy iff no mountpoints are busy
214 static int autofs4_tree_busy(struct vfsmount *mnt,
215 struct dentry *top,
216 unsigned long timeout,
217 int do_now)
219 struct autofs_info *top_ino = autofs4_dentry_ino(top);
220 struct dentry *p;
222 DPRINTK("top %p %pd", top, top);
224 /* Negative dentry - give up */
225 if (!simple_positive(top))
226 return 1;
228 p = NULL;
229 while ((p = get_next_positive_dentry(p, top))) {
230 DPRINTK("dentry %p %pd", p, p);
233 * Is someone visiting anywhere in the subtree ?
234 * If there's no mount we need to check the usage
235 * count for the autofs dentry.
236 * If the fs is busy update the expiry counter.
238 if (d_mountpoint(p)) {
239 if (autofs4_mount_busy(mnt, p)) {
240 top_ino->last_used = jiffies;
241 dput(p);
242 return 1;
244 } else {
245 struct autofs_info *ino = autofs4_dentry_ino(p);
246 unsigned int ino_count = atomic_read(&ino->count);
248 /* allow for dget above and top is already dgot */
249 if (p == top)
250 ino_count += 2;
251 else
252 ino_count++;
254 if (d_count(p) > ino_count) {
255 top_ino->last_used = jiffies;
256 dput(p);
257 return 1;
262 /* Timeout of a tree mount is ultimately determined by its top dentry */
263 if (!autofs4_can_expire(top, timeout, do_now))
264 return 1;
266 return 0;
269 static struct dentry *autofs4_check_leaves(struct vfsmount *mnt,
270 struct dentry *parent,
271 unsigned long timeout,
272 int do_now)
274 struct dentry *p;
276 DPRINTK("parent %p %pd", parent, parent);
278 p = NULL;
279 while ((p = get_next_positive_dentry(p, parent))) {
280 DPRINTK("dentry %p %pd", p, p);
282 if (d_mountpoint(p)) {
283 /* Can we umount this guy */
284 if (autofs4_mount_busy(mnt, p))
285 continue;
287 /* Can we expire this guy */
288 if (autofs4_can_expire(p, timeout, do_now))
289 return p;
292 return NULL;
295 /* Check if we can expire a direct mount (possibly a tree) */
296 struct dentry *autofs4_expire_direct(struct super_block *sb,
297 struct vfsmount *mnt,
298 struct autofs_sb_info *sbi,
299 int how)
301 unsigned long timeout;
302 struct dentry *root = dget(sb->s_root);
303 int do_now = how & AUTOFS_EXP_IMMEDIATE;
304 struct autofs_info *ino;
306 if (!root)
307 return NULL;
309 now = jiffies;
310 timeout = sbi->exp_timeout;
312 spin_lock(&sbi->fs_lock);
313 ino = autofs4_dentry_ino(root);
314 /* No point expiring a pending mount */
315 if (ino->flags & AUTOFS_INF_PENDING)
316 goto out;
317 if (!autofs4_direct_busy(mnt, root, timeout, do_now)) {
318 ino->flags |= AUTOFS_INF_WANT_EXPIRE;
319 spin_unlock(&sbi->fs_lock);
320 synchronize_rcu();
321 spin_lock(&sbi->fs_lock);
322 if (!autofs4_direct_busy(mnt, root, timeout, do_now)) {
323 ino->flags |= AUTOFS_INF_EXPIRING;
324 init_completion(&ino->expire_complete);
325 spin_unlock(&sbi->fs_lock);
326 return root;
328 ino->flags &= ~AUTOFS_INF_WANT_EXPIRE;
330 out:
331 spin_unlock(&sbi->fs_lock);
332 dput(root);
334 return NULL;
337 /* Check if 'dentry' should expire, or return a nearby
338 * dentry that is suitable.
339 * If returned dentry is different from arg dentry,
340 * then a dget() reference was taken, else not.
342 static struct dentry *should_expire(struct dentry *dentry,
343 struct vfsmount *mnt,
344 unsigned long timeout,
345 int how)
347 int do_now = how & AUTOFS_EXP_IMMEDIATE;
348 int exp_leaves = how & AUTOFS_EXP_LEAVES;
349 struct autofs_info *ino = autofs4_dentry_ino(dentry);
350 unsigned int ino_count;
352 /* No point expiring a pending mount */
353 if (ino->flags & AUTOFS_INF_PENDING)
354 return NULL;
357 * Case 1: (i) indirect mount or top level pseudo direct mount
358 * (autofs-4.1).
359 * (ii) indirect mount with offset mount, check the "/"
360 * offset (autofs-5.0+).
362 if (d_mountpoint(dentry)) {
363 DPRINTK("checking mountpoint %p %pd", dentry, dentry);
365 /* Can we umount this guy */
366 if (autofs4_mount_busy(mnt, dentry))
367 return NULL;
369 /* Can we expire this guy */
370 if (autofs4_can_expire(dentry, timeout, do_now))
371 return dentry;
372 return NULL;
375 if (d_really_is_positive(dentry) && d_is_symlink(dentry)) {
376 DPRINTK("checking symlink %p %pd", dentry, dentry);
378 * A symlink can't be "busy" in the usual sense so
379 * just check last used for expire timeout.
381 if (autofs4_can_expire(dentry, timeout, do_now))
382 return dentry;
383 return NULL;
386 if (simple_empty(dentry))
387 return NULL;
389 /* Case 2: tree mount, expire iff entire tree is not busy */
390 if (!exp_leaves) {
391 /* Path walk currently on this dentry? */
392 ino_count = atomic_read(&ino->count) + 1;
393 if (d_count(dentry) > ino_count)
394 return NULL;
396 if (!autofs4_tree_busy(mnt, dentry, timeout, do_now))
397 return dentry;
399 * Case 3: pseudo direct mount, expire individual leaves
400 * (autofs-4.1).
402 } else {
403 /* Path walk currently on this dentry? */
404 struct dentry *expired;
405 ino_count = atomic_read(&ino->count) + 1;
406 if (d_count(dentry) > ino_count)
407 return NULL;
409 expired = autofs4_check_leaves(mnt, dentry, timeout, do_now);
410 if (expired) {
411 if (expired == dentry)
412 dput(dentry);
413 return expired;
416 return NULL;
420 * Find an eligible tree to time-out
421 * A tree is eligible if :-
422 * - it is unused by any user process
423 * - it has been unused for exp_timeout time
425 struct dentry *autofs4_expire_indirect(struct super_block *sb,
426 struct vfsmount *mnt,
427 struct autofs_sb_info *sbi,
428 int how)
430 unsigned long timeout;
431 struct dentry *root = sb->s_root;
432 struct dentry *dentry;
433 struct dentry *expired;
434 struct dentry *found;
435 struct autofs_info *ino;
437 if (!root)
438 return NULL;
440 now = jiffies;
441 timeout = sbi->exp_timeout;
443 dentry = NULL;
444 while ((dentry = get_next_positive_subdir(dentry, root))) {
445 int flags = how;
447 spin_lock(&sbi->fs_lock);
448 ino = autofs4_dentry_ino(dentry);
449 if (ino->flags & AUTOFS_INF_WANT_EXPIRE) {
450 spin_unlock(&sbi->fs_lock);
451 continue;
453 spin_unlock(&sbi->fs_lock);
455 expired = should_expire(dentry, mnt, timeout, flags);
456 if (!expired)
457 continue;
459 spin_lock(&sbi->fs_lock);
460 ino = autofs4_dentry_ino(expired);
461 ino->flags |= AUTOFS_INF_WANT_EXPIRE;
462 spin_unlock(&sbi->fs_lock);
463 synchronize_rcu();
465 /* Make sure a reference is not taken on found if
466 * things have changed.
468 flags &= ~AUTOFS_EXP_LEAVES;
469 found = should_expire(expired, mnt, timeout, how);
470 if (found != expired) { // something has changed, continue
471 dput(found);
472 goto next;
475 if (expired != dentry)
476 dput(dentry);
478 spin_lock(&sbi->fs_lock);
479 goto found;
480 next:
481 spin_lock(&sbi->fs_lock);
482 ino->flags &= ~AUTOFS_INF_WANT_EXPIRE;
483 spin_unlock(&sbi->fs_lock);
484 if (expired != dentry)
485 dput(expired);
487 return NULL;
489 found:
490 DPRINTK("returning %p %pd", expired, expired);
491 ino->flags |= AUTOFS_INF_EXPIRING;
492 init_completion(&ino->expire_complete);
493 spin_unlock(&sbi->fs_lock);
494 return expired;
497 int autofs4_expire_wait(struct dentry *dentry, int rcu_walk)
499 struct autofs_sb_info *sbi = autofs4_sbi(dentry->d_sb);
500 struct autofs_info *ino = autofs4_dentry_ino(dentry);
501 int status;
502 int state;
504 /* Block on any pending expire */
505 if (!(ino->flags & AUTOFS_INF_WANT_EXPIRE))
506 return 0;
507 if (rcu_walk)
508 return -ECHILD;
510 retry:
511 spin_lock(&sbi->fs_lock);
512 state = ino->flags & (AUTOFS_INF_WANT_EXPIRE | AUTOFS_INF_EXPIRING);
513 if (state == AUTOFS_INF_WANT_EXPIRE) {
514 spin_unlock(&sbi->fs_lock);
516 * Possibly being selected for expire, wait until
517 * it's selected or not.
519 schedule_timeout_uninterruptible(HZ/10);
520 goto retry;
522 if (state & AUTOFS_INF_EXPIRING) {
523 spin_unlock(&sbi->fs_lock);
525 DPRINTK("waiting for expire %p name=%pd", dentry, dentry);
527 status = autofs4_wait(sbi, dentry, NFY_NONE);
528 wait_for_completion(&ino->expire_complete);
530 DPRINTK("expire done status=%d", status);
532 if (d_unhashed(dentry))
533 return -EAGAIN;
535 return status;
537 spin_unlock(&sbi->fs_lock);
539 return 0;
542 /* Perform an expiry operation */
543 int autofs4_expire_run(struct super_block *sb,
544 struct vfsmount *mnt,
545 struct autofs_sb_info *sbi,
546 struct autofs_packet_expire __user *pkt_p)
548 struct autofs_packet_expire pkt;
549 struct autofs_info *ino;
550 struct dentry *dentry;
551 int ret = 0;
553 memset(&pkt,0,sizeof pkt);
555 pkt.hdr.proto_version = sbi->version;
556 pkt.hdr.type = autofs_ptype_expire;
558 if ((dentry = autofs4_expire_indirect(sb, mnt, sbi, 0)) == NULL)
559 return -EAGAIN;
561 pkt.len = dentry->d_name.len;
562 memcpy(pkt.name, dentry->d_name.name, pkt.len);
563 pkt.name[pkt.len] = '\0';
565 if ( copy_to_user(pkt_p, &pkt, sizeof(struct autofs_packet_expire)) )
566 ret = -EFAULT;
568 spin_lock(&sbi->fs_lock);
569 ino = autofs4_dentry_ino(dentry);
570 /* avoid rapid-fire expire attempts if expiry fails */
571 ino->last_used = now;
572 ino->flags &= ~(AUTOFS_INF_EXPIRING|AUTOFS_INF_WANT_EXPIRE);
573 complete_all(&ino->expire_complete);
574 spin_unlock(&sbi->fs_lock);
576 dput(dentry);
578 return ret;
581 int autofs4_do_expire_multi(struct super_block *sb, struct vfsmount *mnt,
582 struct autofs_sb_info *sbi, int when)
584 struct dentry *dentry;
585 int ret = -EAGAIN;
587 if (autofs_type_trigger(sbi->type))
588 dentry = autofs4_expire_direct(sb, mnt, sbi, when);
589 else
590 dentry = autofs4_expire_indirect(sb, mnt, sbi, when);
592 if (dentry) {
593 struct autofs_info *ino = autofs4_dentry_ino(dentry);
595 /* This is synchronous because it makes the daemon a
596 little easier */
597 ret = autofs4_wait(sbi, dentry, NFY_EXPIRE);
599 spin_lock(&sbi->fs_lock);
600 /* avoid rapid-fire expire attempts if expiry fails */
601 ino->last_used = now;
602 ino->flags &= ~(AUTOFS_INF_EXPIRING|AUTOFS_INF_WANT_EXPIRE);
603 complete_all(&ino->expire_complete);
604 spin_unlock(&sbi->fs_lock);
605 dput(dentry);
608 return ret;
611 /* Call repeatedly until it returns -EAGAIN, meaning there's nothing
612 more to be done */
613 int autofs4_expire_multi(struct super_block *sb, struct vfsmount *mnt,
614 struct autofs_sb_info *sbi, int __user *arg)
616 int do_now = 0;
618 if (arg && get_user(do_now, arg))
619 return -EFAULT;
621 return autofs4_do_expire_multi(sb, mnt, sbi, do_now);