Avoid beyond bounds copy while caching ACL
[zen-stable.git] / fs / nfs / unlink.c
blob4f9319a2e5674554d48a01af2189011a5e35346c
1 /*
2 * linux/fs/nfs/unlink.c
4 * nfs sillydelete handling
6 */
8 #include <linux/slab.h>
9 #include <linux/string.h>
10 #include <linux/dcache.h>
11 #include <linux/sunrpc/sched.h>
12 #include <linux/sunrpc/clnt.h>
13 #include <linux/nfs_fs.h>
14 #include <linux/sched.h>
15 #include <linux/wait.h>
16 #include <linux/namei.h>
18 #include "internal.h"
19 #include "nfs4_fs.h"
20 #include "iostat.h"
21 #include "delegation.h"
23 struct nfs_unlinkdata {
24 struct hlist_node list;
25 struct nfs_removeargs args;
26 struct nfs_removeres res;
27 struct inode *dir;
28 struct rpc_cred *cred;
29 struct nfs_fattr dir_attr;
32 /**
33 * nfs_free_unlinkdata - release data from a sillydelete operation.
34 * @data: pointer to unlink structure.
36 static void
37 nfs_free_unlinkdata(struct nfs_unlinkdata *data)
39 iput(data->dir);
40 put_rpccred(data->cred);
41 kfree(data->args.name.name);
42 kfree(data);
45 #define NAME_ALLOC_LEN(len) ((len+16) & ~15)
46 /**
47 * nfs_copy_dname - copy dentry name to data structure
48 * @dentry: pointer to dentry
49 * @data: nfs_unlinkdata
51 static int nfs_copy_dname(struct dentry *dentry, struct nfs_unlinkdata *data)
53 char *str;
54 int len = dentry->d_name.len;
56 str = kmemdup(dentry->d_name.name, NAME_ALLOC_LEN(len), GFP_KERNEL);
57 if (!str)
58 return -ENOMEM;
59 data->args.name.len = len;
60 data->args.name.name = str;
61 return 0;
64 static void nfs_free_dname(struct nfs_unlinkdata *data)
66 kfree(data->args.name.name);
67 data->args.name.name = NULL;
68 data->args.name.len = 0;
71 static void nfs_dec_sillycount(struct inode *dir)
73 struct nfs_inode *nfsi = NFS_I(dir);
74 if (atomic_dec_return(&nfsi->silly_count) == 1)
75 wake_up(&nfsi->waitqueue);
78 /**
79 * nfs_async_unlink_done - Sillydelete post-processing
80 * @task: rpc_task of the sillydelete
82 * Do the directory attribute update.
84 static void nfs_async_unlink_done(struct rpc_task *task, void *calldata)
86 struct nfs_unlinkdata *data = calldata;
87 struct inode *dir = data->dir;
89 if (!NFS_PROTO(dir)->unlink_done(task, dir))
90 rpc_restart_call_prepare(task);
93 /**
94 * nfs_async_unlink_release - Release the sillydelete data.
95 * @task: rpc_task of the sillydelete
97 * We need to call nfs_put_unlinkdata as a 'tk_release' task since the
98 * rpc_task would be freed too.
100 static void nfs_async_unlink_release(void *calldata)
102 struct nfs_unlinkdata *data = calldata;
103 struct super_block *sb = data->dir->i_sb;
105 nfs_dec_sillycount(data->dir);
106 nfs_free_unlinkdata(data);
107 nfs_sb_deactive(sb);
110 #if defined(CONFIG_NFS_V4_1)
111 void nfs_unlink_prepare(struct rpc_task *task, void *calldata)
113 struct nfs_unlinkdata *data = calldata;
114 struct nfs_server *server = NFS_SERVER(data->dir);
116 if (nfs4_setup_sequence(server, &data->args.seq_args,
117 &data->res.seq_res, 1, task))
118 return;
119 rpc_call_start(task);
121 #endif /* CONFIG_NFS_V4_1 */
123 static const struct rpc_call_ops nfs_unlink_ops = {
124 .rpc_call_done = nfs_async_unlink_done,
125 .rpc_release = nfs_async_unlink_release,
126 #if defined(CONFIG_NFS_V4_1)
127 .rpc_call_prepare = nfs_unlink_prepare,
128 #endif /* CONFIG_NFS_V4_1 */
131 static int nfs_do_call_unlink(struct dentry *parent, struct inode *dir, struct nfs_unlinkdata *data)
133 struct rpc_message msg = {
134 .rpc_argp = &data->args,
135 .rpc_resp = &data->res,
136 .rpc_cred = data->cred,
138 struct rpc_task_setup task_setup_data = {
139 .rpc_message = &msg,
140 .callback_ops = &nfs_unlink_ops,
141 .callback_data = data,
142 .workqueue = nfsiod_workqueue,
143 .flags = RPC_TASK_ASYNC,
145 struct rpc_task *task;
146 struct dentry *alias;
148 alias = d_lookup(parent, &data->args.name);
149 if (alias != NULL) {
150 int ret;
151 void *devname_garbage = NULL;
154 * Hey, we raced with lookup... See if we need to transfer
155 * the sillyrename information to the aliased dentry.
157 nfs_free_dname(data);
158 ret = nfs_copy_dname(alias, data);
159 spin_lock(&alias->d_lock);
160 if (ret == 0 && alias->d_inode != NULL &&
161 !(alias->d_flags & DCACHE_NFSFS_RENAMED)) {
162 devname_garbage = alias->d_fsdata;
163 alias->d_fsdata = data;
164 alias->d_flags |= DCACHE_NFSFS_RENAMED;
165 ret = 1;
166 } else
167 ret = 0;
168 spin_unlock(&alias->d_lock);
169 nfs_dec_sillycount(dir);
170 dput(alias);
172 * If we'd displaced old cached devname, free it. At that
173 * point dentry is definitely not a root, so we won't need
174 * that anymore.
176 kfree(devname_garbage);
177 return ret;
179 data->dir = igrab(dir);
180 if (!data->dir) {
181 nfs_dec_sillycount(dir);
182 return 0;
184 nfs_sb_active(dir->i_sb);
185 data->args.fh = NFS_FH(dir);
186 nfs_fattr_init(data->res.dir_attr);
188 NFS_PROTO(dir)->unlink_setup(&msg, dir);
190 task_setup_data.rpc_client = NFS_CLIENT(dir);
191 task = rpc_run_task(&task_setup_data);
192 if (!IS_ERR(task))
193 rpc_put_task_async(task);
194 return 1;
197 static int nfs_call_unlink(struct dentry *dentry, struct nfs_unlinkdata *data)
199 struct dentry *parent;
200 struct inode *dir;
201 int ret = 0;
204 parent = dget_parent(dentry);
205 if (parent == NULL)
206 goto out_free;
207 dir = parent->d_inode;
208 /* Non-exclusive lock protects against concurrent lookup() calls */
209 spin_lock(&dir->i_lock);
210 if (atomic_inc_not_zero(&NFS_I(dir)->silly_count) == 0) {
211 /* Deferred delete */
212 hlist_add_head(&data->list, &NFS_I(dir)->silly_list);
213 spin_unlock(&dir->i_lock);
214 ret = 1;
215 goto out_dput;
217 spin_unlock(&dir->i_lock);
218 ret = nfs_do_call_unlink(parent, dir, data);
219 out_dput:
220 dput(parent);
221 out_free:
222 return ret;
225 void nfs_block_sillyrename(struct dentry *dentry)
227 struct nfs_inode *nfsi = NFS_I(dentry->d_inode);
229 wait_event(nfsi->waitqueue, atomic_cmpxchg(&nfsi->silly_count, 1, 0) == 1);
232 void nfs_unblock_sillyrename(struct dentry *dentry)
234 struct inode *dir = dentry->d_inode;
235 struct nfs_inode *nfsi = NFS_I(dir);
236 struct nfs_unlinkdata *data;
238 atomic_inc(&nfsi->silly_count);
239 spin_lock(&dir->i_lock);
240 while (!hlist_empty(&nfsi->silly_list)) {
241 if (!atomic_inc_not_zero(&nfsi->silly_count))
242 break;
243 data = hlist_entry(nfsi->silly_list.first, struct nfs_unlinkdata, list);
244 hlist_del(&data->list);
245 spin_unlock(&dir->i_lock);
246 if (nfs_do_call_unlink(dentry, dir, data) == 0)
247 nfs_free_unlinkdata(data);
248 spin_lock(&dir->i_lock);
250 spin_unlock(&dir->i_lock);
254 * nfs_async_unlink - asynchronous unlinking of a file
255 * @dir: parent directory of dentry
256 * @dentry: dentry to unlink
258 static int
259 nfs_async_unlink(struct inode *dir, struct dentry *dentry)
261 struct nfs_unlinkdata *data;
262 int status = -ENOMEM;
263 void *devname_garbage = NULL;
265 data = kzalloc(sizeof(*data), GFP_KERNEL);
266 if (data == NULL)
267 goto out;
269 data->cred = rpc_lookup_cred();
270 if (IS_ERR(data->cred)) {
271 status = PTR_ERR(data->cred);
272 goto out_free;
274 data->res.dir_attr = &data->dir_attr;
276 status = -EBUSY;
277 spin_lock(&dentry->d_lock);
278 if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
279 goto out_unlock;
280 dentry->d_flags |= DCACHE_NFSFS_RENAMED;
281 devname_garbage = dentry->d_fsdata;
282 dentry->d_fsdata = data;
283 spin_unlock(&dentry->d_lock);
285 * If we'd displaced old cached devname, free it. At that
286 * point dentry is definitely not a root, so we won't need
287 * that anymore.
289 if (devname_garbage)
290 kfree(devname_garbage);
291 return 0;
292 out_unlock:
293 spin_unlock(&dentry->d_lock);
294 put_rpccred(data->cred);
295 out_free:
296 kfree(data);
297 out:
298 return status;
302 * nfs_complete_unlink - Initialize completion of the sillydelete
303 * @dentry: dentry to delete
304 * @inode: inode
306 * Since we're most likely to be called by dentry_iput(), we
307 * only use the dentry to find the sillydelete. We then copy the name
308 * into the qstr.
310 void
311 nfs_complete_unlink(struct dentry *dentry, struct inode *inode)
313 struct nfs_unlinkdata *data = NULL;
315 spin_lock(&dentry->d_lock);
316 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
317 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
318 data = dentry->d_fsdata;
319 dentry->d_fsdata = NULL;
321 spin_unlock(&dentry->d_lock);
323 if (data != NULL && (NFS_STALE(inode) || !nfs_call_unlink(dentry, data)))
324 nfs_free_unlinkdata(data);
327 /* Cancel a queued async unlink. Called when a sillyrename run fails. */
328 static void
329 nfs_cancel_async_unlink(struct dentry *dentry)
331 spin_lock(&dentry->d_lock);
332 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
333 struct nfs_unlinkdata *data = dentry->d_fsdata;
335 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
336 dentry->d_fsdata = NULL;
337 spin_unlock(&dentry->d_lock);
338 nfs_free_unlinkdata(data);
339 return;
341 spin_unlock(&dentry->d_lock);
344 struct nfs_renamedata {
345 struct nfs_renameargs args;
346 struct nfs_renameres res;
347 struct rpc_cred *cred;
348 struct inode *old_dir;
349 struct dentry *old_dentry;
350 struct nfs_fattr old_fattr;
351 struct inode *new_dir;
352 struct dentry *new_dentry;
353 struct nfs_fattr new_fattr;
357 * nfs_async_rename_done - Sillyrename post-processing
358 * @task: rpc_task of the sillyrename
359 * @calldata: nfs_renamedata for the sillyrename
361 * Do the directory attribute updates and the d_move
363 static void nfs_async_rename_done(struct rpc_task *task, void *calldata)
365 struct nfs_renamedata *data = calldata;
366 struct inode *old_dir = data->old_dir;
367 struct inode *new_dir = data->new_dir;
368 struct dentry *old_dentry = data->old_dentry;
369 struct dentry *new_dentry = data->new_dentry;
371 if (!NFS_PROTO(old_dir)->rename_done(task, old_dir, new_dir)) {
372 rpc_restart_call_prepare(task);
373 return;
376 if (task->tk_status != 0) {
377 nfs_cancel_async_unlink(old_dentry);
378 return;
381 d_drop(old_dentry);
382 d_drop(new_dentry);
386 * nfs_async_rename_release - Release the sillyrename data.
387 * @calldata: the struct nfs_renamedata to be released
389 static void nfs_async_rename_release(void *calldata)
391 struct nfs_renamedata *data = calldata;
392 struct super_block *sb = data->old_dir->i_sb;
394 if (data->old_dentry->d_inode)
395 nfs_mark_for_revalidate(data->old_dentry->d_inode);
397 dput(data->old_dentry);
398 dput(data->new_dentry);
399 iput(data->old_dir);
400 iput(data->new_dir);
401 nfs_sb_deactive(sb);
402 put_rpccred(data->cred);
403 kfree(data);
406 #if defined(CONFIG_NFS_V4_1)
407 static void nfs_rename_prepare(struct rpc_task *task, void *calldata)
409 struct nfs_renamedata *data = calldata;
410 struct nfs_server *server = NFS_SERVER(data->old_dir);
412 if (nfs4_setup_sequence(server, &data->args.seq_args,
413 &data->res.seq_res, 1, task))
414 return;
415 rpc_call_start(task);
417 #endif /* CONFIG_NFS_V4_1 */
419 static const struct rpc_call_ops nfs_rename_ops = {
420 .rpc_call_done = nfs_async_rename_done,
421 .rpc_release = nfs_async_rename_release,
422 #if defined(CONFIG_NFS_V4_1)
423 .rpc_call_prepare = nfs_rename_prepare,
424 #endif /* CONFIG_NFS_V4_1 */
428 * nfs_async_rename - perform an asynchronous rename operation
429 * @old_dir: directory that currently holds the dentry to be renamed
430 * @new_dir: target directory for the rename
431 * @old_dentry: original dentry to be renamed
432 * @new_dentry: dentry to which the old_dentry should be renamed
434 * It's expected that valid references to the dentries and inodes are held
436 static struct rpc_task *
437 nfs_async_rename(struct inode *old_dir, struct inode *new_dir,
438 struct dentry *old_dentry, struct dentry *new_dentry)
440 struct nfs_renamedata *data;
441 struct rpc_message msg = { };
442 struct rpc_task_setup task_setup_data = {
443 .rpc_message = &msg,
444 .callback_ops = &nfs_rename_ops,
445 .workqueue = nfsiod_workqueue,
446 .rpc_client = NFS_CLIENT(old_dir),
447 .flags = RPC_TASK_ASYNC,
450 data = kzalloc(sizeof(*data), GFP_KERNEL);
451 if (data == NULL)
452 return ERR_PTR(-ENOMEM);
453 task_setup_data.callback_data = data;
455 data->cred = rpc_lookup_cred();
456 if (IS_ERR(data->cred)) {
457 struct rpc_task *task = ERR_CAST(data->cred);
458 kfree(data);
459 return task;
462 msg.rpc_argp = &data->args;
463 msg.rpc_resp = &data->res;
464 msg.rpc_cred = data->cred;
466 /* set up nfs_renamedata */
467 data->old_dir = old_dir;
468 ihold(old_dir);
469 data->new_dir = new_dir;
470 ihold(new_dir);
471 data->old_dentry = dget(old_dentry);
472 data->new_dentry = dget(new_dentry);
473 nfs_fattr_init(&data->old_fattr);
474 nfs_fattr_init(&data->new_fattr);
476 /* set up nfs_renameargs */
477 data->args.old_dir = NFS_FH(old_dir);
478 data->args.old_name = &old_dentry->d_name;
479 data->args.new_dir = NFS_FH(new_dir);
480 data->args.new_name = &new_dentry->d_name;
482 /* set up nfs_renameres */
483 data->res.old_fattr = &data->old_fattr;
484 data->res.new_fattr = &data->new_fattr;
486 nfs_sb_active(old_dir->i_sb);
488 NFS_PROTO(data->old_dir)->rename_setup(&msg, old_dir);
490 return rpc_run_task(&task_setup_data);
494 * nfs_sillyrename - Perform a silly-rename of a dentry
495 * @dir: inode of directory that contains dentry
496 * @dentry: dentry to be sillyrenamed
498 * NFSv2/3 is stateless and the server doesn't know when the client is
499 * holding a file open. To prevent application problems when a file is
500 * unlinked while it's still open, the client performs a "silly-rename".
501 * That is, it renames the file to a hidden file in the same directory,
502 * and only performs the unlink once the last reference to it is put.
504 * The final cleanup is done during dentry_iput.
506 * (Note: NFSv4 is stateful, and has opens, so in theory an NFSv4 server
507 * could take responsibility for keeping open files referenced. The server
508 * would also need to ensure that opened-but-deleted files were kept over
509 * reboots. However, we may not assume a server does so. (RFC 5661
510 * does provide an OPEN4_RESULT_PRESERVE_UNLINKED flag that a server can
511 * use to advertise that it does this; some day we may take advantage of
512 * it.))
515 nfs_sillyrename(struct inode *dir, struct dentry *dentry)
517 static unsigned int sillycounter;
518 const int fileidsize = sizeof(NFS_FILEID(dentry->d_inode))*2;
519 const int countersize = sizeof(sillycounter)*2;
520 const int slen = sizeof(".nfs")+fileidsize+countersize-1;
521 char silly[slen+1];
522 struct dentry *sdentry;
523 struct rpc_task *task;
524 int error = -EIO;
526 dfprintk(VFS, "NFS: silly-rename(%s/%s, ct=%d)\n",
527 dentry->d_parent->d_name.name, dentry->d_name.name,
528 dentry->d_count);
529 nfs_inc_stats(dir, NFSIOS_SILLYRENAME);
532 * We don't allow a dentry to be silly-renamed twice.
534 error = -EBUSY;
535 if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
536 goto out;
538 sprintf(silly, ".nfs%*.*Lx",
539 fileidsize, fileidsize,
540 (unsigned long long)NFS_FILEID(dentry->d_inode));
542 /* Return delegation in anticipation of the rename */
543 nfs_inode_return_delegation(dentry->d_inode);
545 sdentry = NULL;
546 do {
547 char *suffix = silly + slen - countersize;
549 dput(sdentry);
550 sillycounter++;
551 sprintf(suffix, "%*.*x", countersize, countersize, sillycounter);
553 dfprintk(VFS, "NFS: trying to rename %s to %s\n",
554 dentry->d_name.name, silly);
556 sdentry = lookup_one_len(silly, dentry->d_parent, slen);
558 * N.B. Better to return EBUSY here ... it could be
559 * dangerous to delete the file while it's in use.
561 if (IS_ERR(sdentry))
562 goto out;
563 } while (sdentry->d_inode != NULL); /* need negative lookup */
565 /* queue unlink first. Can't do this from rpc_release as it
566 * has to allocate memory
568 error = nfs_async_unlink(dir, dentry);
569 if (error)
570 goto out_dput;
572 /* populate unlinkdata with the right dname */
573 error = nfs_copy_dname(sdentry,
574 (struct nfs_unlinkdata *)dentry->d_fsdata);
575 if (error) {
576 nfs_cancel_async_unlink(dentry);
577 goto out_dput;
580 /* run the rename task, undo unlink if it fails */
581 task = nfs_async_rename(dir, dir, dentry, sdentry);
582 if (IS_ERR(task)) {
583 error = -EBUSY;
584 nfs_cancel_async_unlink(dentry);
585 goto out_dput;
588 /* wait for the RPC task to complete, unless a SIGKILL intervenes */
589 error = rpc_wait_for_completion_task(task);
590 if (error == 0)
591 error = task->tk_status;
592 rpc_put_task(task);
593 out_dput:
594 dput(sdentry);
595 out:
596 return error;