HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / nfs / nfs4file.c
blobc5e884585c23a9a0ef8d037d74bd26d626be4bc4
1 /*
2 * linux/fs/nfs/file.c
4 * Copyright (C) 1992 Rick Sladkey
5 */
6 #include <linux/fs.h>
7 #include <linux/file.h>
8 #include <linux/falloc.h>
9 #include <linux/nfs_fs.h>
10 #include <uapi/linux/btrfs.h> /* BTRFS_IOC_CLONE/BTRFS_IOC_CLONE_RANGE */
11 #include "delegation.h"
12 #include "internal.h"
13 #include "iostat.h"
14 #include "fscache.h"
15 #include "pnfs.h"
17 #include "nfstrace.h"
19 #ifdef CONFIG_NFS_V4_2
20 #include "nfs42.h"
21 #endif
23 #define NFSDBG_FACILITY NFSDBG_FILE
25 static int
26 nfs4_file_open(struct inode *inode, struct file *filp)
28 struct nfs_open_context *ctx;
29 struct dentry *dentry = file_dentry(filp);
30 struct dentry *parent = NULL;
31 struct inode *dir;
32 unsigned openflags = filp->f_flags;
33 struct iattr attr;
34 int err;
37 * If no cached dentry exists or if it's negative, NFSv4 handled the
38 * opens in ->lookup() or ->create().
40 * We only get this far for a cached positive dentry. We skipped
41 * revalidation, so handle it here by dropping the dentry and returning
42 * -EOPENSTALE. The VFS will retry the lookup/create/open.
45 dprintk("NFS: open file(%pd2)\n", dentry);
47 err = nfs_check_flags(openflags);
48 if (err)
49 return err;
51 if ((openflags & O_ACCMODE) == 3)
52 return nfs_open(inode, filp);
54 /* We can't create new files here */
55 openflags &= ~(O_CREAT|O_EXCL);
57 parent = dget_parent(dentry);
58 dir = d_inode(parent);
60 ctx = alloc_nfs_open_context(file_dentry(filp), filp->f_mode);
61 err = PTR_ERR(ctx);
62 if (IS_ERR(ctx))
63 goto out;
65 attr.ia_valid = ATTR_OPEN;
66 if (openflags & O_TRUNC) {
67 attr.ia_valid |= ATTR_SIZE;
68 attr.ia_size = 0;
69 nfs_sync_inode(inode);
72 inode = NFS_PROTO(dir)->open_context(dir, ctx, openflags, &attr, NULL);
73 if (IS_ERR(inode)) {
74 err = PTR_ERR(inode);
75 switch (err) {
76 default:
77 goto out_put_ctx;
78 case -ENOENT:
79 case -ESTALE:
80 case -EISDIR:
81 case -ENOTDIR:
82 case -ELOOP:
83 goto out_drop;
86 if (inode != d_inode(dentry))
87 goto out_drop;
89 nfs_set_verifier(dentry, nfs_save_change_attribute(dir));
90 nfs_file_set_open_context(filp, ctx);
91 nfs_fscache_open_file(inode, filp);
92 err = 0;
94 out_put_ctx:
95 put_nfs_open_context(ctx);
96 out:
97 dput(parent);
98 return err;
100 out_drop:
101 d_drop(dentry);
102 err = -EOPENSTALE;
103 goto out_put_ctx;
107 * Flush all dirty pages, and check for write errors.
109 static int
110 nfs4_file_flush(struct file *file, fl_owner_t id)
112 struct inode *inode = file_inode(file);
114 dprintk("NFS: flush(%pD2)\n", file);
116 nfs_inc_stats(inode, NFSIOS_VFSFLUSH);
117 if ((file->f_mode & FMODE_WRITE) == 0)
118 return 0;
121 * If we're holding a write delegation, then check if we're required
122 * to flush the i/o on close. If not, then just start the i/o now.
124 if (!nfs4_delegation_flush_on_close(inode))
125 return filemap_fdatawrite(file->f_mapping);
127 /* Flush writes to the server and return any errors */
128 return vfs_fsync(file, 0);
131 static int
132 nfs4_file_fsync(struct file *file, loff_t start, loff_t end, int datasync)
134 int ret;
135 struct inode *inode = file_inode(file);
137 trace_nfs_fsync_enter(inode);
139 nfs_inode_dio_wait(inode);
140 do {
141 ret = filemap_write_and_wait_range(inode->i_mapping, start, end);
142 if (ret != 0)
143 break;
144 mutex_lock(&inode->i_mutex);
145 ret = nfs_file_fsync_commit(file, start, end, datasync);
146 if (!ret)
147 ret = pnfs_sync_inode(inode, !!datasync);
148 mutex_unlock(&inode->i_mutex);
150 * If nfs_file_fsync_commit detected a server reboot, then
151 * resend all dirty pages that might have been covered by
152 * the NFS_CONTEXT_RESEND_WRITES flag
154 start = 0;
155 end = LLONG_MAX;
156 } while (ret == -EAGAIN);
158 trace_nfs_fsync_exit(inode, ret);
159 return ret;
162 #ifdef CONFIG_NFS_V4_2
163 static loff_t nfs4_file_llseek(struct file *filep, loff_t offset, int whence)
165 loff_t ret;
167 switch (whence) {
168 case SEEK_HOLE:
169 case SEEK_DATA:
170 ret = nfs42_proc_llseek(filep, offset, whence);
171 if (ret != -ENOTSUPP)
172 return ret;
173 default:
174 return nfs_file_llseek(filep, offset, whence);
178 static long nfs42_fallocate(struct file *filep, int mode, loff_t offset, loff_t len)
180 struct inode *inode = file_inode(filep);
181 long ret;
183 if (!S_ISREG(inode->i_mode))
184 return -EOPNOTSUPP;
186 if ((mode != 0) && (mode != (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE)))
187 return -EOPNOTSUPP;
189 ret = inode_newsize_ok(inode, offset + len);
190 if (ret < 0)
191 return ret;
193 if (mode & FALLOC_FL_PUNCH_HOLE)
194 return nfs42_proc_deallocate(filep, offset, len);
195 return nfs42_proc_allocate(filep, offset, len);
198 static noinline long
199 nfs42_ioctl_clone(struct file *dst_file, unsigned long srcfd,
200 u64 src_off, u64 dst_off, u64 count)
202 struct inode *dst_inode = file_inode(dst_file);
203 struct nfs_server *server = NFS_SERVER(dst_inode);
204 struct fd src_file;
205 struct inode *src_inode;
206 unsigned int bs = server->clone_blksize;
207 bool same_inode = false;
208 int ret;
210 /* dst file must be opened for writing */
211 if (!(dst_file->f_mode & FMODE_WRITE))
212 return -EINVAL;
214 ret = mnt_want_write_file(dst_file);
215 if (ret)
216 return ret;
218 src_file = fdget(srcfd);
219 if (!src_file.file) {
220 ret = -EBADF;
221 goto out_drop_write;
224 src_inode = file_inode(src_file.file);
226 if (src_inode == dst_inode)
227 same_inode = true;
229 /* src file must be opened for reading */
230 if (!(src_file.file->f_mode & FMODE_READ))
231 goto out_fput;
233 /* src and dst must be regular files */
234 ret = -EISDIR;
235 if (!S_ISREG(src_inode->i_mode) || !S_ISREG(dst_inode->i_mode))
236 goto out_fput;
238 ret = -EXDEV;
239 if (src_file.file->f_path.mnt != dst_file->f_path.mnt ||
240 src_inode->i_sb != dst_inode->i_sb)
241 goto out_fput;
243 /* check alignment w.r.t. clone_blksize */
244 ret = -EINVAL;
245 if (bs) {
246 if (!IS_ALIGNED(src_off, bs) || !IS_ALIGNED(dst_off, bs))
247 goto out_fput;
248 if (!IS_ALIGNED(count, bs) && i_size_read(src_inode) != (src_off + count))
249 goto out_fput;
252 /* verify if ranges are overlapped within the same file */
253 if (same_inode) {
254 if (dst_off + count > src_off && dst_off < src_off + count)
255 goto out_fput;
258 /* XXX: do we lock at all? what if server needs CB_RECALL_LAYOUT? */
259 if (same_inode) {
260 mutex_lock(&src_inode->i_mutex);
261 } else if (dst_inode < src_inode) {
262 mutex_lock_nested(&dst_inode->i_mutex, I_MUTEX_PARENT);
263 mutex_lock_nested(&src_inode->i_mutex, I_MUTEX_CHILD);
264 } else {
265 mutex_lock_nested(&src_inode->i_mutex, I_MUTEX_PARENT);
266 mutex_lock_nested(&dst_inode->i_mutex, I_MUTEX_CHILD);
269 /* flush all pending writes on both src and dst so that server
270 * has the latest data */
271 ret = nfs_sync_inode(src_inode);
272 if (ret)
273 goto out_unlock;
274 ret = nfs_sync_inode(dst_inode);
275 if (ret)
276 goto out_unlock;
278 ret = nfs42_proc_clone(src_file.file, dst_file, src_off, dst_off, count);
280 /* truncate inode page cache of the dst range so that future reads can fetch
281 * new data from server */
282 if (!ret)
283 truncate_inode_pages_range(&dst_inode->i_data, dst_off, dst_off + count - 1);
285 out_unlock:
286 if (same_inode) {
287 mutex_unlock(&src_inode->i_mutex);
288 } else if (dst_inode < src_inode) {
289 mutex_unlock(&src_inode->i_mutex);
290 mutex_unlock(&dst_inode->i_mutex);
291 } else {
292 mutex_unlock(&dst_inode->i_mutex);
293 mutex_unlock(&src_inode->i_mutex);
295 out_fput:
296 fdput(src_file);
297 out_drop_write:
298 mnt_drop_write_file(dst_file);
299 return ret;
302 static long nfs42_ioctl_clone_range(struct file *dst_file, void __user *argp)
304 struct btrfs_ioctl_clone_range_args args;
306 if (copy_from_user(&args, argp, sizeof(args)))
307 return -EFAULT;
309 return nfs42_ioctl_clone(dst_file, args.src_fd, args.src_offset,
310 args.dest_offset, args.src_length);
313 long nfs4_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
315 void __user *argp = (void __user *)arg;
317 switch (cmd) {
318 case BTRFS_IOC_CLONE:
319 return nfs42_ioctl_clone(file, arg, 0, 0, 0);
320 case BTRFS_IOC_CLONE_RANGE:
321 return nfs42_ioctl_clone_range(file, argp);
324 return -ENOTTY;
326 #endif /* CONFIG_NFS_V4_2 */
328 const struct file_operations nfs4_file_operations = {
329 .read_iter = nfs_file_read,
330 .write_iter = nfs_file_write,
331 .mmap = nfs_file_mmap,
332 .open = nfs4_file_open,
333 .flush = nfs4_file_flush,
334 .release = nfs_file_release,
335 .fsync = nfs4_file_fsync,
336 .lock = nfs_lock,
337 .flock = nfs_flock,
338 .splice_read = nfs_file_splice_read,
339 .splice_write = iter_file_splice_write,
340 .check_flags = nfs_check_flags,
341 .setlease = simple_nosetlease,
342 #ifdef CONFIG_NFS_V4_2
343 .llseek = nfs4_file_llseek,
344 .fallocate = nfs42_fallocate,
345 .unlocked_ioctl = nfs4_ioctl,
346 .compat_ioctl = nfs4_ioctl,
347 #else
348 .llseek = nfs_file_llseek,
349 #endif