search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / jffs2 / dir.c
blob7a3368929245d7134a6928c6fb90fa67724d892e
1 /*
2 * JFFS2 -- Journalling Flash File System, Version 2.
3 *
4 * Copyright © 2001-2007 Red Hat, Inc.
5 * Copyright © 2004-2010 David Woodhouse <dwmw2@infradead.org>
6 *
7 * Created by David Woodhouse <dwmw2@infradead.org>
8 *
9 * For licensing information, see the file 'LICENCE' in this directory.
10 *
11 */
12
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15 #include <linux/kernel.h>
16 #include <linux/slab.h>
17 #include <linux/fs.h>
18 #include <linux/crc32.h>
19 #include <linux/jffs2.h>
20 #include "jffs2_fs_i.h"
21 #include "jffs2_fs_sb.h"
22 #include <linux/time.h>
23 #include "nodelist.h"
24
25 static int jffs2_readdir (struct file *, struct dir_context *);
26
27 static int jffs2_create (struct inode *,struct dentry *,umode_t,
28 bool);
29 static struct dentry *jffs2_lookup (struct inode *,struct dentry *,
30 unsigned int);
31 static int jffs2_link (struct dentry *,struct inode *,struct dentry *);
32 static int jffs2_unlink (struct inode *,struct dentry *);
33 static int jffs2_symlink (struct inode *,struct dentry *,const char *);
34 static int jffs2_mkdir (struct inode *,struct dentry *,umode_t);
35 static int jffs2_rmdir (struct inode *,struct dentry *);
36 static int jffs2_mknod (struct inode *,struct dentry *,umode_t,dev_t);
37 static int jffs2_rename (struct inode *, struct dentry *,
38 struct inode *, struct dentry *);
39
40 const struct file_operations jffs2_dir_operations =
41 {
42 .read = generic_read_dir,
43 .iterate = jffs2_readdir,
44 .unlocked_ioctl=jffs2_ioctl,
45 .fsync = jffs2_fsync,
46 .llseek = generic_file_llseek,
47 };
48
49
50 const struct inode_operations jffs2_dir_inode_operations =
51 {
52 .create = jffs2_create,
53 .lookup = jffs2_lookup,
54 .link = jffs2_link,
55 .unlink = jffs2_unlink,
56 .symlink = jffs2_symlink,
57 .mkdir = jffs2_mkdir,
58 .rmdir = jffs2_rmdir,
59 .mknod = jffs2_mknod,
60 .rename = jffs2_rename,
61 .get_acl = jffs2_get_acl,
62 .set_acl = jffs2_set_acl,
63 .setattr = jffs2_setattr,
64 .setxattr = jffs2_setxattr,
65 .getxattr = jffs2_getxattr,
66 .listxattr = jffs2_listxattr,
67 .removexattr = jffs2_removexattr
68 };
69
70 /***********************************************************************/
71
72
73 /* We keep the dirent list sorted in increasing order of name hash,
74 and we use the same hash function as the dentries. Makes this
75 nice and simple
76 */
77 static struct dentry *jffs2_lookup(struct inode *dir_i, struct dentry *target,
78 unsigned int flags)
79 {
80 struct jffs2_inode_info *dir_f;
81 struct jffs2_full_dirent *fd = NULL, *fd_list;
82 uint32_t ino = 0;
83 struct inode *inode = NULL;
84
85 jffs2_dbg(1, "jffs2_lookup()\n");
86
87 if (target->d_name.len > JFFS2_MAX_NAME_LEN)
88 return ERR_PTR(-ENAMETOOLONG);
89
90 dir_f = JFFS2_INODE_INFO(dir_i);
91
92 mutex_lock(&dir_f->sem);
93
94 /* NB: The 2.2 backport will need to explicitly check for '.' and '..' here */
95 for (fd_list = dir_f->dents; fd_list && fd_list->nhash <= target->d_name.hash; fd_list = fd_list->next) {
96 if (fd_list->nhash == target->d_name.hash &&
97 (!fd || fd_list->version > fd->version) &&
98 strlen(fd_list->name) == target->d_name.len &&
99 !strncmp(fd_list->name, target->d_name.name, target->d_name.len)) {
100 fd = fd_list;
101 }
102 }
103 if (fd)
104 ino = fd->ino;
105 mutex_unlock(&dir_f->sem);
106 if (ino) {
107 inode = jffs2_iget(dir_i->i_sb, ino);
108 if (IS_ERR(inode))
109 pr_warn("iget() failed for ino #%u\n", ino);
110 }
111
112 return d_splice_alias(inode, target);
113 }
114
115 /***********************************************************************/
116
117
118 static int jffs2_readdir(struct file *file, struct dir_context *ctx)
119 {
120 struct inode *inode = file_inode(file);
121 struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
122 struct jffs2_full_dirent *fd;
123 unsigned long curofs = 1;
124
125 jffs2_dbg(1, "jffs2_readdir() for dir_i #%lu\n", inode->i_ino);
126
127 if (!dir_emit_dots(file, ctx))
128 return 0;
129
130 mutex_lock(&f->sem);
131 for (fd = f->dents; fd; fd = fd->next) {
132 curofs++;
133 /* First loop: curofs = 2; pos = 2 */
134 if (curofs < ctx->pos) {
135 jffs2_dbg(2, "Skipping dirent: \"%s\", ino #%u, type %d, because curofs %ld < offset %ld\n",
136 fd->name, fd->ino, fd->type, curofs, (unsigned long)ctx->pos);
137 continue;
138 }
139 if (!fd->ino) {
140 jffs2_dbg(2, "Skipping deletion dirent \"%s\"\n",
141 fd->name);
142 ctx->pos++;
143 continue;
144 }
145 jffs2_dbg(2, "Dirent %ld: \"%s\", ino #%u, type %d\n",
146 (unsigned long)ctx->pos, fd->name, fd->ino, fd->type);
147 if (!dir_emit(ctx, fd->name, strlen(fd->name), fd->ino, fd->type))
148 break;
149 ctx->pos++;
150 }
151 mutex_unlock(&f->sem);
152 return 0;
153 }
154
155 /***********************************************************************/
156
157
158 static int jffs2_create(struct inode *dir_i, struct dentry *dentry,
159 umode_t mode, bool excl)
160 {
161 struct jffs2_raw_inode *ri;
162 struct jffs2_inode_info *f, *dir_f;
163 struct jffs2_sb_info *c;
164 struct inode *inode;
165 int ret;
166
167 ri = jffs2_alloc_raw_inode();
168 if (!ri)
169 return -ENOMEM;
170
171 c = JFFS2_SB_INFO(dir_i->i_sb);
172
173 jffs2_dbg(1, "%s()\n", __func__);
174
175 inode = jffs2_new_inode(dir_i, mode, ri);
176
177 if (IS_ERR(inode)) {
178 jffs2_dbg(1, "jffs2_new_inode() failed\n");
179 jffs2_free_raw_inode(ri);
180 return PTR_ERR(inode);
181 }
182
183 inode->i_op = &jffs2_file_inode_operations;
184 inode->i_fop = &jffs2_file_operations;
185 inode->i_mapping->a_ops = &jffs2_file_address_operations;
186 inode->i_mapping->nrpages = 0;
187
188 f = JFFS2_INODE_INFO(inode);
189 dir_f = JFFS2_INODE_INFO(dir_i);
190
191 /* jffs2_do_create() will want to lock it, _after_ reserving
192 space and taking c-alloc_sem. If we keep it locked here,
193 lockdep gets unhappy (although it's a false positive;
194 nothing else will be looking at this inode yet so there's
195 no chance of AB-BA deadlock involving its f->sem). */
196 mutex_unlock(&f->sem);
197
198 ret = jffs2_do_create(c, dir_f, f, ri, &dentry->d_name);
199 if (ret)
200 goto fail;
201
202 dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(ri->ctime));
203
204 jffs2_free_raw_inode(ri);
205
206 jffs2_dbg(1, "%s(): Created ino #%lu with mode %o, nlink %d(%d). nrpages %ld\n",
207 __func__, inode->i_ino, inode->i_mode, inode->i_nlink,
208 f->inocache->pino_nlink, inode->i_mapping->nrpages);
209
210 d_instantiate_new(dentry, inode);
211 return 0;
212
213 fail:
214 iget_failed(inode);
215 jffs2_free_raw_inode(ri);
216 return ret;
217 }
218
219 /***********************************************************************/
220
221
222 static int jffs2_unlink(struct inode *dir_i, struct dentry *dentry)
223 {
224 struct jffs2_sb_info *c = JFFS2_SB_INFO(dir_i->i_sb);
225 struct jffs2_inode_info *dir_f = JFFS2_INODE_INFO(dir_i);
226 struct jffs2_inode_info *dead_f = JFFS2_INODE_INFO(d_inode(dentry));
227 int ret;
228 uint32_t now = get_seconds();
229
230 ret = jffs2_do_unlink(c, dir_f, dentry->d_name.name,
231 dentry->d_name.len, dead_f, now);
232 if (dead_f->inocache)
233 set_nlink(d_inode(dentry), dead_f->inocache->pino_nlink);
234 if (!ret)
235 dir_i->i_mtime = dir_i->i_ctime = ITIME(now);
236 return ret;
237 }
238 /***********************************************************************/
239
240
241 static int jffs2_link (struct dentry *old_dentry, struct inode *dir_i, struct dentry *dentry)
242 {
243 struct jffs2_sb_info *c = JFFS2_SB_INFO(d_inode(old_dentry)->i_sb);
244 struct jffs2_inode_info *f = JFFS2_INODE_INFO(d_inode(old_dentry));
245 struct jffs2_inode_info *dir_f = JFFS2_INODE_INFO(dir_i);
246 int ret;
247 uint8_t type;
248 uint32_t now;
249
250 /* Don't let people make hard links to bad inodes. */
251 if (!f->inocache)
252 return -EIO;
253
254 if (d_is_dir(old_dentry))
255 return -EPERM;
256
257 /* XXX: This is ugly */
258 type = (d_inode(old_dentry)->i_mode & S_IFMT) >> 12;
259 if (!type) type = DT_REG;
260
261 now = get_seconds();
262 ret = jffs2_do_link(c, dir_f, f->inocache->ino, type, dentry->d_name.name, dentry->d_name.len, now);
263
264 if (!ret) {
265 mutex_lock(&f->sem);
266 set_nlink(d_inode(old_dentry), ++f->inocache->pino_nlink);
267 mutex_unlock(&f->sem);
268 d_instantiate(dentry, d_inode(old_dentry));
269 dir_i->i_mtime = dir_i->i_ctime = ITIME(now);
270 ihold(d_inode(old_dentry));
271 }
272 return ret;
273 }
274
275 /***********************************************************************/
276
277 static int jffs2_symlink (struct inode *dir_i, struct dentry *dentry, const char *target)
278 {
279 struct jffs2_inode_info *f, *dir_f;
280 struct jffs2_sb_info *c;
281 struct inode *inode;
282 struct jffs2_raw_inode *ri;
283 struct jffs2_raw_dirent *rd;
284 struct jffs2_full_dnode *fn;
285 struct jffs2_full_dirent *fd;
286 int namelen;
287 uint32_t alloclen;
288 int ret, targetlen = strlen(target);
289
290 /* FIXME: If you care. We'd need to use frags for the target
291 if it grows much more than this */
292 if (targetlen > 254)
293 return -ENAMETOOLONG;
294
295 ri = jffs2_alloc_raw_inode();
296
297 if (!ri)
298 return -ENOMEM;
299
300 c = JFFS2_SB_INFO(dir_i->i_sb);
301
302 /* Try to reserve enough space for both node and dirent.
303 * Just the node will do for now, though
304 */
305 namelen = dentry->d_name.len;
306 ret = jffs2_reserve_space(c, sizeof(*ri) + targetlen, &alloclen,
307 ALLOC_NORMAL, JFFS2_SUMMARY_INODE_SIZE);
308
309 if (ret) {
310 jffs2_free_raw_inode(ri);
311 return ret;
312 }
313
314 inode = jffs2_new_inode(dir_i, S_IFLNK | S_IRWXUGO, ri);
315
316 if (IS_ERR(inode)) {
317 jffs2_free_raw_inode(ri);
318 jffs2_complete_reservation(c);
319 return PTR_ERR(inode);
320 }
321
322 inode->i_op = &jffs2_symlink_inode_operations;
323
324 f = JFFS2_INODE_INFO(inode);
325
326 inode->i_size = targetlen;
327 ri->isize = ri->dsize = ri->csize = cpu_to_je32(inode->i_size);
328 ri->totlen = cpu_to_je32(sizeof(*ri) + inode->i_size);
329 ri->hdr_crc = cpu_to_je32(crc32(0, ri, sizeof(struct jffs2_unknown_node)-4));
330
331 ri->compr = JFFS2_COMPR_NONE;
332 ri->data_crc = cpu_to_je32(crc32(0, target, targetlen));
333 ri->node_crc = cpu_to_je32(crc32(0, ri, sizeof(*ri)-8));
334
335 fn = jffs2_write_dnode(c, f, ri, target, targetlen, ALLOC_NORMAL);
336
337 jffs2_free_raw_inode(ri);
338
339 if (IS_ERR(fn)) {
340 /* Eeek. Wave bye bye */
341 mutex_unlock(&f->sem);
342 jffs2_complete_reservation(c);
343 ret = PTR_ERR(fn);
344 goto fail;
345 }
346
347 /* We use f->target field to store the target path. */
348 f->target = kmemdup(target, targetlen + 1, GFP_KERNEL);
349 if (!f->target) {
350 pr_warn("Can't allocate %d bytes of memory\n", targetlen + 1);
351 mutex_unlock(&f->sem);
352 jffs2_complete_reservation(c);
353 ret = -ENOMEM;
354 goto fail;
355 }
356 inode->i_link = f->target;
357
358 jffs2_dbg(1, "%s(): symlink's target '%s' cached\n",
359 __func__, (char *)f->target);
360
361 /* No data here. Only a metadata node, which will be
362 obsoleted by the first data write
363 */
364 f->metadata = fn;
365 mutex_unlock(&f->sem);
366
367 jffs2_complete_reservation(c);
368
369 ret = jffs2_init_security(inode, dir_i, &dentry->d_name);
370 if (ret)
371 goto fail;
372
373 ret = jffs2_init_acl_post(inode);
374 if (ret)
375 goto fail;
376
377 ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen,
378 ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen));
379 if (ret)
380 goto fail;
381
382 rd = jffs2_alloc_raw_dirent();
383 if (!rd) {
384 /* Argh. Now we treat it like a normal delete */
385 jffs2_complete_reservation(c);
386 ret = -ENOMEM;
387 goto fail;
388 }
389
390 dir_f = JFFS2_INODE_INFO(dir_i);
391 mutex_lock(&dir_f->sem);
392
393 rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
394 rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
395 rd->totlen = cpu_to_je32(sizeof(*rd) + namelen);
396 rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4));
397
398 rd->pino = cpu_to_je32(dir_i->i_ino);
399 rd->version = cpu_to_je32(++dir_f->highest_version);
400 rd->ino = cpu_to_je32(inode->i_ino);
401 rd->mctime = cpu_to_je32(get_seconds());
402 rd->nsize = namelen;
403 rd->type = DT_LNK;
404 rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8));
405 rd->name_crc = cpu_to_je32(crc32(0, dentry->d_name.name, namelen));
406
407 fd = jffs2_write_dirent(c, dir_f, rd, dentry->d_name.name, namelen, ALLOC_NORMAL);
408
409 if (IS_ERR(fd)) {
410 /* dirent failed to write. Delete the inode normally
411 as if it were the final unlink() */
412 jffs2_complete_reservation(c);
413 jffs2_free_raw_dirent(rd);
414 mutex_unlock(&dir_f->sem);
415 ret = PTR_ERR(fd);
416 goto fail;
417 }
418
419 dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(rd->mctime));
420
421 jffs2_free_raw_dirent(rd);
422
423 /* Link the fd into the inode's list, obsoleting an old
424 one if necessary. */
425 jffs2_add_fd_to_list(c, fd, &dir_f->dents);
426
427 mutex_unlock(&dir_f->sem);
428 jffs2_complete_reservation(c);
429
430 d_instantiate_new(dentry, inode);
431 return 0;
432
433 fail:
434 iget_failed(inode);
435 return ret;
436 }
437
438
439 static int jffs2_mkdir (struct inode *dir_i, struct dentry *dentry, umode_t mode)
440 {
441 struct jffs2_inode_info *f, *dir_f;
442 struct jffs2_sb_info *c;
443 struct inode *inode;
444 struct jffs2_raw_inode *ri;
445 struct jffs2_raw_dirent *rd;
446 struct jffs2_full_dnode *fn;
447 struct jffs2_full_dirent *fd;
448 int namelen;
449 uint32_t alloclen;
450 int ret;
451
452 mode |= S_IFDIR;
453
454 ri = jffs2_alloc_raw_inode();
455 if (!ri)
456 return -ENOMEM;
457
458 c = JFFS2_SB_INFO(dir_i->i_sb);
459
460 /* Try to reserve enough space for both node and dirent.
461 * Just the node will do for now, though
462 */
463 namelen = dentry->d_name.len;
464 ret = jffs2_reserve_space(c, sizeof(*ri), &alloclen, ALLOC_NORMAL,
465 JFFS2_SUMMARY_INODE_SIZE);
466
467 if (ret) {
468 jffs2_free_raw_inode(ri);
469 return ret;
470 }
471
472 inode = jffs2_new_inode(dir_i, mode, ri);
473
474 if (IS_ERR(inode)) {
475 jffs2_free_raw_inode(ri);
476 jffs2_complete_reservation(c);
477 return PTR_ERR(inode);
478 }
479
480 inode->i_op = &jffs2_dir_inode_operations;
481 inode->i_fop = &jffs2_dir_operations;
482
483 f = JFFS2_INODE_INFO(inode);
484
485 /* Directories get nlink 2 at start */
486 set_nlink(inode, 2);
487 /* but ic->pino_nlink is the parent ino# */
488 f->inocache->pino_nlink = dir_i->i_ino;
489
490 ri->data_crc = cpu_to_je32(0);
491 ri->node_crc = cpu_to_je32(crc32(0, ri, sizeof(*ri)-8));
492
493 fn = jffs2_write_dnode(c, f, ri, NULL, 0, ALLOC_NORMAL);
494
495 jffs2_free_raw_inode(ri);
496
497 if (IS_ERR(fn)) {
498 /* Eeek. Wave bye bye */
499 mutex_unlock(&f->sem);
500 jffs2_complete_reservation(c);
501 ret = PTR_ERR(fn);
502 goto fail;
503 }
504 /* No data here. Only a metadata node, which will be
505 obsoleted by the first data write
506 */
507 f->metadata = fn;
508 mutex_unlock(&f->sem);
509
510 jffs2_complete_reservation(c);
511
512 ret = jffs2_init_security(inode, dir_i, &dentry->d_name);
513 if (ret)
514 goto fail;
515
516 ret = jffs2_init_acl_post(inode);
517 if (ret)
518 goto fail;
519
520 ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen,
521 ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen));
522 if (ret)
523 goto fail;
524
525 rd = jffs2_alloc_raw_dirent();
526 if (!rd) {
527 /* Argh. Now we treat it like a normal delete */
528 jffs2_complete_reservation(c);
529 ret = -ENOMEM;
530 goto fail;
531 }
532
533 dir_f = JFFS2_INODE_INFO(dir_i);
534 mutex_lock(&dir_f->sem);
535
536 rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
537 rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
538 rd->totlen = cpu_to_je32(sizeof(*rd) + namelen);
539 rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4));
540
541 rd->pino = cpu_to_je32(dir_i->i_ino);
542 rd->version = cpu_to_je32(++dir_f->highest_version);
543 rd->ino = cpu_to_je32(inode->i_ino);
544 rd->mctime = cpu_to_je32(get_seconds());
545 rd->nsize = namelen;
546 rd->type = DT_DIR;
547 rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8));
548 rd->name_crc = cpu_to_je32(crc32(0, dentry->d_name.name, namelen));
549
550 fd = jffs2_write_dirent(c, dir_f, rd, dentry->d_name.name, namelen, ALLOC_NORMAL);
551
552 if (IS_ERR(fd)) {
553 /* dirent failed to write. Delete the inode normally
554 as if it were the final unlink() */
555 jffs2_complete_reservation(c);
556 jffs2_free_raw_dirent(rd);
557 mutex_unlock(&dir_f->sem);
558 ret = PTR_ERR(fd);
559 goto fail;
560 }
561
562 dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(rd->mctime));
563 inc_nlink(dir_i);
564
565 jffs2_free_raw_dirent(rd);
566
567 /* Link the fd into the inode's list, obsoleting an old
568 one if necessary. */
569 jffs2_add_fd_to_list(c, fd, &dir_f->dents);
570
571 mutex_unlock(&dir_f->sem);
572 jffs2_complete_reservation(c);
573
574 d_instantiate_new(dentry, inode);
575 return 0;
576
577 fail:
578 iget_failed(inode);
579 return ret;
580 }
581
582 static int jffs2_rmdir (struct inode *dir_i, struct dentry *dentry)
583 {
584 struct jffs2_sb_info *c = JFFS2_SB_INFO(dir_i->i_sb);
585 struct jffs2_inode_info *dir_f = JFFS2_INODE_INFO(dir_i);
586 struct jffs2_inode_info *f = JFFS2_INODE_INFO(d_inode(dentry));
587 struct jffs2_full_dirent *fd;
588 int ret;
589 uint32_t now = get_seconds();
590
591 mutex_lock(&f->sem);
592 for (fd = f->dents ; fd; fd = fd->next) {
593 if (fd->ino) {
594 mutex_unlock(&f->sem);
595 return -ENOTEMPTY;
596 }
597 }
598 mutex_unlock(&f->sem);
599
600 ret = jffs2_do_unlink(c, dir_f, dentry->d_name.name,
601 dentry->d_name.len, f, now);
602 if (!ret) {
603 dir_i->i_mtime = dir_i->i_ctime = ITIME(now);
604 clear_nlink(d_inode(dentry));
605 drop_nlink(dir_i);
606 }
607 return ret;
608 }
609
610 static int jffs2_mknod (struct inode *dir_i, struct dentry *dentry, umode_t mode, dev_t rdev)
611 {
612 struct jffs2_inode_info *f, *dir_f;
613 struct jffs2_sb_info *c;
614 struct inode *inode;
615 struct jffs2_raw_inode *ri;
616 struct jffs2_raw_dirent *rd;
617 struct jffs2_full_dnode *fn;
618 struct jffs2_full_dirent *fd;
619 int namelen;
620 union jffs2_device_node dev;
621 int devlen = 0;
622 uint32_t alloclen;
623 int ret;
624
625 ri = jffs2_alloc_raw_inode();
626 if (!ri)
627 return -ENOMEM;
628
629 c = JFFS2_SB_INFO(dir_i->i_sb);
630
631 if (S_ISBLK(mode) || S_ISCHR(mode))
632 devlen = jffs2_encode_dev(&dev, rdev);
633
634 /* Try to reserve enough space for both node and dirent.
635 * Just the node will do for now, though
636 */
637 namelen = dentry->d_name.len;
638 ret = jffs2_reserve_space(c, sizeof(*ri) + devlen, &alloclen,
639 ALLOC_NORMAL, JFFS2_SUMMARY_INODE_SIZE);
640
641 if (ret) {
642 jffs2_free_raw_inode(ri);
643 return ret;
644 }
645
646 inode = jffs2_new_inode(dir_i, mode, ri);
647
648 if (IS_ERR(inode)) {
649 jffs2_free_raw_inode(ri);
650 jffs2_complete_reservation(c);
651 return PTR_ERR(inode);
652 }
653 inode->i_op = &jffs2_file_inode_operations;
654 init_special_inode(inode, inode->i_mode, rdev);
655
656 f = JFFS2_INODE_INFO(inode);
657
658 ri->dsize = ri->csize = cpu_to_je32(devlen);
659 ri->totlen = cpu_to_je32(sizeof(*ri) + devlen);
660 ri->hdr_crc = cpu_to_je32(crc32(0, ri, sizeof(struct jffs2_unknown_node)-4));
661
662 ri->compr = JFFS2_COMPR_NONE;
663 ri->data_crc = cpu_to_je32(crc32(0, &dev, devlen));
664 ri->node_crc = cpu_to_je32(crc32(0, ri, sizeof(*ri)-8));
665
666 fn = jffs2_write_dnode(c, f, ri, (char *)&dev, devlen, ALLOC_NORMAL);
667
668 jffs2_free_raw_inode(ri);
669
670 if (IS_ERR(fn)) {
671 /* Eeek. Wave bye bye */
672 mutex_unlock(&f->sem);
673 jffs2_complete_reservation(c);
674 ret = PTR_ERR(fn);
675 goto fail;
676 }
677 /* No data here. Only a metadata node, which will be
678 obsoleted by the first data write
679 */
680 f->metadata = fn;
681 mutex_unlock(&f->sem);
682
683 jffs2_complete_reservation(c);
684
685 ret = jffs2_init_security(inode, dir_i, &dentry->d_name);
686 if (ret)
687 goto fail;
688
689 ret = jffs2_init_acl_post(inode);
690 if (ret)
691 goto fail;
692
693 ret = jffs2_reserve_space(c, sizeof(*rd)+namelen, &alloclen,
694 ALLOC_NORMAL, JFFS2_SUMMARY_DIRENT_SIZE(namelen));
695 if (ret)
696 goto fail;
697
698 rd = jffs2_alloc_raw_dirent();
699 if (!rd) {
700 /* Argh. Now we treat it like a normal delete */
701 jffs2_complete_reservation(c);
702 ret = -ENOMEM;
703 goto fail;
704 }
705
706 dir_f = JFFS2_INODE_INFO(dir_i);
707 mutex_lock(&dir_f->sem);
708
709 rd->magic = cpu_to_je16(JFFS2_MAGIC_BITMASK);
710 rd->nodetype = cpu_to_je16(JFFS2_NODETYPE_DIRENT);
711 rd->totlen = cpu_to_je32(sizeof(*rd) + namelen);
712 rd->hdr_crc = cpu_to_je32(crc32(0, rd, sizeof(struct jffs2_unknown_node)-4));
713
714 rd->pino = cpu_to_je32(dir_i->i_ino);
715 rd->version = cpu_to_je32(++dir_f->highest_version);
716 rd->ino = cpu_to_je32(inode->i_ino);
717 rd->mctime = cpu_to_je32(get_seconds());
718 rd->nsize = namelen;
719
720 /* XXX: This is ugly. */
721 rd->type = (mode & S_IFMT) >> 12;
722
723 rd->node_crc = cpu_to_je32(crc32(0, rd, sizeof(*rd)-8));
724 rd->name_crc = cpu_to_je32(crc32(0, dentry->d_name.name, namelen));
725
726 fd = jffs2_write_dirent(c, dir_f, rd, dentry->d_name.name, namelen, ALLOC_NORMAL);
727
728 if (IS_ERR(fd)) {
729 /* dirent failed to write. Delete the inode normally
730 as if it were the final unlink() */
731 jffs2_complete_reservation(c);
732 jffs2_free_raw_dirent(rd);
733 mutex_unlock(&dir_f->sem);
734 ret = PTR_ERR(fd);
735 goto fail;
736 }
737
738 dir_i->i_mtime = dir_i->i_ctime = ITIME(je32_to_cpu(rd->mctime));
739
740 jffs2_free_raw_dirent(rd);
741
742 /* Link the fd into the inode's list, obsoleting an old
743 one if necessary. */
744 jffs2_add_fd_to_list(c, fd, &dir_f->dents);
745
746 mutex_unlock(&dir_f->sem);
747 jffs2_complete_reservation(c);
748
749 d_instantiate_new(dentry, inode);
750 return 0;
751
752 fail:
753 iget_failed(inode);
754 return ret;
755 }
756
757 static int jffs2_rename (struct inode *old_dir_i, struct dentry *old_dentry,
758 struct inode *new_dir_i, struct dentry *new_dentry)
759 {
760 int ret;
761 struct jffs2_sb_info *c = JFFS2_SB_INFO(old_dir_i->i_sb);
762 struct jffs2_inode_info *victim_f = NULL;
763 uint8_t type;
764 uint32_t now;
765
766 /* The VFS will check for us and prevent trying to rename a
767 * file over a directory and vice versa, but if it's a directory,
768 * the VFS can't check whether the victim is empty. The filesystem
769 * needs to do that for itself.
770 */
771 if (d_really_is_positive(new_dentry)) {
772 victim_f = JFFS2_INODE_INFO(d_inode(new_dentry));
773 if (d_is_dir(new_dentry)) {
774 struct jffs2_full_dirent *fd;
775
776 mutex_lock(&victim_f->sem);
777 for (fd = victim_f->dents; fd; fd = fd->next) {
778 if (fd->ino) {
779 mutex_unlock(&victim_f->sem);
780 return -ENOTEMPTY;
781 }
782 }
783 mutex_unlock(&victim_f->sem);
784 }
785 }
786
787 /* XXX: We probably ought to alloc enough space for
788 both nodes at the same time. Writing the new link,
789 then getting -ENOSPC, is quite bad :)
790 */
791
792 /* Make a hard link */
793
794 /* XXX: This is ugly */
795 type = (d_inode(old_dentry)->i_mode & S_IFMT) >> 12;
796 if (!type) type = DT_REG;
797
798 now = get_seconds();
799 ret = jffs2_do_link(c, JFFS2_INODE_INFO(new_dir_i),
800 d_inode(old_dentry)->i_ino, type,
801 new_dentry->d_name.name, new_dentry->d_name.len, now);
802
803 if (ret)
804 return ret;
805
806 if (victim_f) {
807 /* There was a victim. Kill it off nicely */
808 if (d_is_dir(new_dentry))
809 clear_nlink(d_inode(new_dentry));
810 else
811 drop_nlink(d_inode(new_dentry));
812 /* Don't oops if the victim was a dirent pointing to an
813 inode which didn't exist. */
814 if (victim_f->inocache) {
815 mutex_lock(&victim_f->sem);
816 if (d_is_dir(new_dentry))
817 victim_f->inocache->pino_nlink = 0;
818 else
819 victim_f->inocache->pino_nlink--;
820 mutex_unlock(&victim_f->sem);
821 }
822 }
823
824 /* If it was a directory we moved, and there was no victim,
825 increase i_nlink on its new parent */
826 if (d_is_dir(old_dentry) && !victim_f)
827 inc_nlink(new_dir_i);
828
829 /* Unlink the original */
830 ret = jffs2_do_unlink(c, JFFS2_INODE_INFO(old_dir_i),
831 old_dentry->d_name.name, old_dentry->d_name.len, NULL, now);
832
833 /* We don't touch inode->i_nlink */
834
835 if (ret) {
836 /* Oh shit. We really ought to make a single node which can do both atomically */
837 struct jffs2_inode_info *f = JFFS2_INODE_INFO(d_inode(old_dentry));
838 mutex_lock(&f->sem);
839 inc_nlink(d_inode(old_dentry));
840 if (f->inocache && !d_is_dir(old_dentry))
841 f->inocache->pino_nlink++;
842 mutex_unlock(&f->sem);
843
844 pr_notice("%s(): Link succeeded, unlink failed (err %d). You now have a hard link\n",
845 __func__, ret);
846 /*
847 * We can't keep the target in dcache after that.
848 * For one thing, we can't afford dentry aliases for directories.
849 * For another, if there was a victim, we _can't_ set new inode
850 * for that sucker and we have to trigger mount eviction - the
851 * caller won't do it on its own since we are returning an error.
852 */
853 d_invalidate(new_dentry);
854 new_dir_i->i_mtime = new_dir_i->i_ctime = ITIME(now);
855 return ret;
856 }
857
858 if (d_is_dir(old_dentry))
859 drop_nlink(old_dir_i);
860
861 new_dir_i->i_mtime = new_dir_i->i_ctime = old_dir_i->i_mtime = old_dir_i->i_ctime = ITIME(now);
862
863 return 0;
864 }
865
Linux with added FPC-III support