Avoid beyond bounds copy while caching ACL
[zen-stable.git] / fs / romfs / super.c
blobbb36ab74eb452b60025f92a0bd7b81837890ec7f
1 /* Block- or MTD-based romfs
3 * Copyright © 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
6 * Derived from: ROMFS file system, Linux implementation
8 * Copyright © 1997-1999 Janos Farkas <chexum@shadow.banki.hu>
10 * Using parts of the minix filesystem
11 * Copyright © 1991, 1992 Linus Torvalds
13 * and parts of the affs filesystem additionally
14 * Copyright © 1993 Ray Burr
15 * Copyright © 1996 Hans-Joachim Widmaier
17 * Changes
18 * Changed for 2.1.19 modules
19 * Jan 1997 Initial release
20 * Jun 1997 2.1.43+ changes
21 * Proper page locking in readpage
22 * Changed to work with 2.1.45+ fs
23 * Jul 1997 Fixed follow_link
24 * 2.1.47
25 * lookup shouldn't return -ENOENT
26 * from Horst von Brand:
27 * fail on wrong checksum
28 * double unlock_super was possible
29 * correct namelen for statfs
30 * spotted by Bill Hawes:
31 * readlink shouldn't iput()
32 * Jun 1998 2.1.106 from Avery Pennarun: glibc scandir()
33 * exposed a problem in readdir
34 * 2.1.107 code-freeze spellchecker run
35 * Aug 1998 2.1.118+ VFS changes
36 * Sep 1998 2.1.122 another VFS change (follow_link)
37 * Apr 1999 2.2.7 no more EBADF checking in
38 * lookup/readdir, use ERR_PTR
39 * Jun 1999 2.3.6 d_alloc_root use changed
40 * 2.3.9 clean up usage of ENOENT/negative
41 * dentries in lookup
42 * clean up page flags setting
43 * (error, uptodate, locking) in
44 * in readpage
45 * use init_special_inode for
46 * fifos/sockets (and streamline) in
47 * read_inode, fix _ops table order
48 * Aug 1999 2.3.16 __initfunc() => __init change
49 * Oct 1999 2.3.24 page->owner hack obsoleted
50 * Nov 1999 2.3.27 2.3.25+ page->offset => index change
53 * This program is free software; you can redistribute it and/or
54 * modify it under the terms of the GNU General Public Licence
55 * as published by the Free Software Foundation; either version
56 * 2 of the Licence, or (at your option) any later version.
59 #include <linux/module.h>
60 #include <linux/string.h>
61 #include <linux/fs.h>
62 #include <linux/time.h>
63 #include <linux/slab.h>
64 #include <linux/init.h>
65 #include <linux/blkdev.h>
66 #include <linux/parser.h>
67 #include <linux/mount.h>
68 #include <linux/namei.h>
69 #include <linux/statfs.h>
70 #include <linux/mtd/super.h>
71 #include <linux/ctype.h>
72 #include <linux/highmem.h>
73 #include <linux/pagemap.h>
74 #include <linux/uaccess.h>
75 #include "internal.h"
77 static struct kmem_cache *romfs_inode_cachep;
79 static const umode_t romfs_modemap[8] = {
80 0, /* hard link */
81 S_IFDIR | 0644, /* directory */
82 S_IFREG | 0644, /* regular file */
83 S_IFLNK | 0777, /* symlink */
84 S_IFBLK | 0600, /* blockdev */
85 S_IFCHR | 0600, /* chardev */
86 S_IFSOCK | 0644, /* socket */
87 S_IFIFO | 0644 /* FIFO */
90 static const unsigned char romfs_dtype_table[] = {
91 DT_UNKNOWN, DT_DIR, DT_REG, DT_LNK, DT_BLK, DT_CHR, DT_SOCK, DT_FIFO
94 static struct inode *romfs_iget(struct super_block *sb, unsigned long pos);
97 * read a page worth of data from the image
99 static int romfs_readpage(struct file *file, struct page *page)
101 struct inode *inode = page->mapping->host;
102 loff_t offset, size;
103 unsigned long fillsize, pos;
104 void *buf;
105 int ret;
107 buf = kmap(page);
108 if (!buf)
109 return -ENOMEM;
111 /* 32 bit warning -- but not for us :) */
112 offset = page_offset(page);
113 size = i_size_read(inode);
114 fillsize = 0;
115 ret = 0;
116 if (offset < size) {
117 size -= offset;
118 fillsize = size > PAGE_SIZE ? PAGE_SIZE : size;
120 pos = ROMFS_I(inode)->i_dataoffset + offset;
122 ret = romfs_dev_read(inode->i_sb, pos, buf, fillsize);
123 if (ret < 0) {
124 SetPageError(page);
125 fillsize = 0;
126 ret = -EIO;
130 if (fillsize < PAGE_SIZE)
131 memset(buf + fillsize, 0, PAGE_SIZE - fillsize);
132 if (ret == 0)
133 SetPageUptodate(page);
135 flush_dcache_page(page);
136 kunmap(page);
137 unlock_page(page);
138 return ret;
141 static const struct address_space_operations romfs_aops = {
142 .readpage = romfs_readpage
146 * read the entries from a directory
148 static int romfs_readdir(struct file *filp, void *dirent, filldir_t filldir)
150 struct inode *i = filp->f_dentry->d_inode;
151 struct romfs_inode ri;
152 unsigned long offset, maxoff;
153 int j, ino, nextfh;
154 int stored = 0;
155 char fsname[ROMFS_MAXFN]; /* XXX dynamic? */
156 int ret;
158 maxoff = romfs_maxsize(i->i_sb);
160 offset = filp->f_pos;
161 if (!offset) {
162 offset = i->i_ino & ROMFH_MASK;
163 ret = romfs_dev_read(i->i_sb, offset, &ri, ROMFH_SIZE);
164 if (ret < 0)
165 goto out;
166 offset = be32_to_cpu(ri.spec) & ROMFH_MASK;
169 /* Not really failsafe, but we are read-only... */
170 for (;;) {
171 if (!offset || offset >= maxoff) {
172 offset = maxoff;
173 filp->f_pos = offset;
174 goto out;
176 filp->f_pos = offset;
178 /* Fetch inode info */
179 ret = romfs_dev_read(i->i_sb, offset, &ri, ROMFH_SIZE);
180 if (ret < 0)
181 goto out;
183 j = romfs_dev_strnlen(i->i_sb, offset + ROMFH_SIZE,
184 sizeof(fsname) - 1);
185 if (j < 0)
186 goto out;
188 ret = romfs_dev_read(i->i_sb, offset + ROMFH_SIZE, fsname, j);
189 if (ret < 0)
190 goto out;
191 fsname[j] = '\0';
193 ino = offset;
194 nextfh = be32_to_cpu(ri.next);
195 if ((nextfh & ROMFH_TYPE) == ROMFH_HRD)
196 ino = be32_to_cpu(ri.spec);
197 if (filldir(dirent, fsname, j, offset, ino,
198 romfs_dtype_table[nextfh & ROMFH_TYPE]) < 0)
199 goto out;
201 stored++;
202 offset = nextfh & ROMFH_MASK;
205 out:
206 return stored;
210 * look up an entry in a directory
212 static struct dentry *romfs_lookup(struct inode *dir, struct dentry *dentry,
213 struct nameidata *nd)
215 unsigned long offset, maxoff;
216 struct inode *inode;
217 struct romfs_inode ri;
218 const char *name; /* got from dentry */
219 int len, ret;
221 offset = dir->i_ino & ROMFH_MASK;
222 ret = romfs_dev_read(dir->i_sb, offset, &ri, ROMFH_SIZE);
223 if (ret < 0)
224 goto error;
226 /* search all the file entries in the list starting from the one
227 * pointed to by the directory's special data */
228 maxoff = romfs_maxsize(dir->i_sb);
229 offset = be32_to_cpu(ri.spec) & ROMFH_MASK;
231 name = dentry->d_name.name;
232 len = dentry->d_name.len;
234 for (;;) {
235 if (!offset || offset >= maxoff)
236 goto out0;
238 ret = romfs_dev_read(dir->i_sb, offset, &ri, sizeof(ri));
239 if (ret < 0)
240 goto error;
242 /* try to match the first 16 bytes of name */
243 ret = romfs_dev_strcmp(dir->i_sb, offset + ROMFH_SIZE, name,
244 len);
245 if (ret < 0)
246 goto error;
247 if (ret == 1)
248 break;
250 /* next entry */
251 offset = be32_to_cpu(ri.next) & ROMFH_MASK;
254 /* Hard link handling */
255 if ((be32_to_cpu(ri.next) & ROMFH_TYPE) == ROMFH_HRD)
256 offset = be32_to_cpu(ri.spec) & ROMFH_MASK;
258 inode = romfs_iget(dir->i_sb, offset);
259 if (IS_ERR(inode)) {
260 ret = PTR_ERR(inode);
261 goto error;
263 goto outi;
266 * it's a bit funky, _lookup needs to return an error code
267 * (negative) or a NULL, both as a dentry. ENOENT should not
268 * be returned, instead we need to create a negative dentry by
269 * d_add(dentry, NULL); and return 0 as no error.
270 * (Although as I see, it only matters on writable file
271 * systems).
273 out0:
274 inode = NULL;
275 outi:
276 d_add(dentry, inode);
277 ret = 0;
278 error:
279 return ERR_PTR(ret);
282 static const struct file_operations romfs_dir_operations = {
283 .read = generic_read_dir,
284 .readdir = romfs_readdir,
285 .llseek = default_llseek,
288 static const struct inode_operations romfs_dir_inode_operations = {
289 .lookup = romfs_lookup,
293 * get a romfs inode based on its position in the image (which doubles as the
294 * inode number)
296 static struct inode *romfs_iget(struct super_block *sb, unsigned long pos)
298 struct romfs_inode_info *inode;
299 struct romfs_inode ri;
300 struct inode *i;
301 unsigned long nlen;
302 unsigned nextfh;
303 int ret;
304 umode_t mode;
306 /* we might have to traverse a chain of "hard link" file entries to get
307 * to the actual file */
308 for (;;) {
309 ret = romfs_dev_read(sb, pos, &ri, sizeof(ri));
310 if (ret < 0)
311 goto error;
313 /* XXX: do romfs_checksum here too (with name) */
315 nextfh = be32_to_cpu(ri.next);
316 if ((nextfh & ROMFH_TYPE) != ROMFH_HRD)
317 break;
319 pos = be32_to_cpu(ri.spec) & ROMFH_MASK;
322 /* determine the length of the filename */
323 nlen = romfs_dev_strnlen(sb, pos + ROMFH_SIZE, ROMFS_MAXFN);
324 if (IS_ERR_VALUE(nlen))
325 goto eio;
327 /* get an inode for this image position */
328 i = iget_locked(sb, pos);
329 if (!i)
330 return ERR_PTR(-ENOMEM);
332 if (!(i->i_state & I_NEW))
333 return i;
335 /* precalculate the data offset */
336 inode = ROMFS_I(i);
337 inode->i_metasize = (ROMFH_SIZE + nlen + 1 + ROMFH_PAD) & ROMFH_MASK;
338 inode->i_dataoffset = pos + inode->i_metasize;
340 set_nlink(i, 1); /* Hard to decide.. */
341 i->i_size = be32_to_cpu(ri.size);
342 i->i_mtime.tv_sec = i->i_atime.tv_sec = i->i_ctime.tv_sec = 0;
343 i->i_mtime.tv_nsec = i->i_atime.tv_nsec = i->i_ctime.tv_nsec = 0;
345 /* set up mode and ops */
346 mode = romfs_modemap[nextfh & ROMFH_TYPE];
348 switch (nextfh & ROMFH_TYPE) {
349 case ROMFH_DIR:
350 i->i_size = ROMFS_I(i)->i_metasize;
351 i->i_op = &romfs_dir_inode_operations;
352 i->i_fop = &romfs_dir_operations;
353 if (nextfh & ROMFH_EXEC)
354 mode |= S_IXUGO;
355 break;
356 case ROMFH_REG:
357 i->i_fop = &romfs_ro_fops;
358 i->i_data.a_ops = &romfs_aops;
359 if (i->i_sb->s_mtd)
360 i->i_data.backing_dev_info =
361 i->i_sb->s_mtd->backing_dev_info;
362 if (nextfh & ROMFH_EXEC)
363 mode |= S_IXUGO;
364 break;
365 case ROMFH_SYM:
366 i->i_op = &page_symlink_inode_operations;
367 i->i_data.a_ops = &romfs_aops;
368 mode |= S_IRWXUGO;
369 break;
370 default:
371 /* depending on MBZ for sock/fifos */
372 nextfh = be32_to_cpu(ri.spec);
373 init_special_inode(i, mode, MKDEV(nextfh >> 16,
374 nextfh & 0xffff));
375 break;
378 i->i_mode = mode;
380 unlock_new_inode(i);
381 return i;
383 eio:
384 ret = -EIO;
385 error:
386 printk(KERN_ERR "ROMFS: read error for inode 0x%lx\n", pos);
387 return ERR_PTR(ret);
391 * allocate a new inode
393 static struct inode *romfs_alloc_inode(struct super_block *sb)
395 struct romfs_inode_info *inode;
396 inode = kmem_cache_alloc(romfs_inode_cachep, GFP_KERNEL);
397 return inode ? &inode->vfs_inode : NULL;
401 * return a spent inode to the slab cache
403 static void romfs_i_callback(struct rcu_head *head)
405 struct inode *inode = container_of(head, struct inode, i_rcu);
406 kmem_cache_free(romfs_inode_cachep, ROMFS_I(inode));
409 static void romfs_destroy_inode(struct inode *inode)
411 call_rcu(&inode->i_rcu, romfs_i_callback);
415 * get filesystem statistics
417 static int romfs_statfs(struct dentry *dentry, struct kstatfs *buf)
419 struct super_block *sb = dentry->d_sb;
420 u64 id = huge_encode_dev(sb->s_bdev->bd_dev);
422 buf->f_type = ROMFS_MAGIC;
423 buf->f_namelen = ROMFS_MAXFN;
424 buf->f_bsize = ROMBSIZE;
425 buf->f_bfree = buf->f_bavail = buf->f_ffree;
426 buf->f_blocks =
427 (romfs_maxsize(dentry->d_sb) + ROMBSIZE - 1) >> ROMBSBITS;
428 buf->f_fsid.val[0] = (u32)id;
429 buf->f_fsid.val[1] = (u32)(id >> 32);
430 return 0;
434 * remounting must involve read-only
436 static int romfs_remount(struct super_block *sb, int *flags, char *data)
438 *flags |= MS_RDONLY;
439 return 0;
442 static const struct super_operations romfs_super_ops = {
443 .alloc_inode = romfs_alloc_inode,
444 .destroy_inode = romfs_destroy_inode,
445 .statfs = romfs_statfs,
446 .remount_fs = romfs_remount,
450 * checksum check on part of a romfs filesystem
452 static __u32 romfs_checksum(const void *data, int size)
454 const __be32 *ptr = data;
455 __u32 sum;
457 sum = 0;
458 size >>= 2;
459 while (size > 0) {
460 sum += be32_to_cpu(*ptr++);
461 size--;
463 return sum;
467 * fill in the superblock
469 static int romfs_fill_super(struct super_block *sb, void *data, int silent)
471 struct romfs_super_block *rsb;
472 struct inode *root;
473 unsigned long pos, img_size;
474 const char *storage;
475 size_t len;
476 int ret;
478 #ifdef CONFIG_BLOCK
479 if (!sb->s_mtd) {
480 sb_set_blocksize(sb, ROMBSIZE);
481 } else {
482 sb->s_blocksize = ROMBSIZE;
483 sb->s_blocksize_bits = blksize_bits(ROMBSIZE);
485 #endif
487 sb->s_maxbytes = 0xFFFFFFFF;
488 sb->s_magic = ROMFS_MAGIC;
489 sb->s_flags |= MS_RDONLY | MS_NOATIME;
490 sb->s_op = &romfs_super_ops;
492 /* read the image superblock and check it */
493 rsb = kmalloc(512, GFP_KERNEL);
494 if (!rsb)
495 return -ENOMEM;
497 sb->s_fs_info = (void *) 512;
498 ret = romfs_dev_read(sb, 0, rsb, 512);
499 if (ret < 0)
500 goto error_rsb;
502 img_size = be32_to_cpu(rsb->size);
504 if (sb->s_mtd && img_size > sb->s_mtd->size)
505 goto error_rsb_inval;
507 sb->s_fs_info = (void *) img_size;
509 if (rsb->word0 != ROMSB_WORD0 || rsb->word1 != ROMSB_WORD1 ||
510 img_size < ROMFH_SIZE) {
511 if (!silent)
512 printk(KERN_WARNING "VFS:"
513 " Can't find a romfs filesystem on dev %s.\n",
514 sb->s_id);
515 goto error_rsb_inval;
518 if (romfs_checksum(rsb, min_t(size_t, img_size, 512))) {
519 printk(KERN_ERR "ROMFS: bad initial checksum on dev %s.\n",
520 sb->s_id);
521 goto error_rsb_inval;
524 storage = sb->s_mtd ? "MTD" : "the block layer";
526 len = strnlen(rsb->name, ROMFS_MAXFN);
527 if (!silent)
528 printk(KERN_NOTICE "ROMFS: Mounting image '%*.*s' through %s\n",
529 (unsigned) len, (unsigned) len, rsb->name, storage);
531 kfree(rsb);
532 rsb = NULL;
534 /* find the root directory */
535 pos = (ROMFH_SIZE + len + 1 + ROMFH_PAD) & ROMFH_MASK;
537 root = romfs_iget(sb, pos);
538 if (IS_ERR(root))
539 goto error;
541 sb->s_root = d_alloc_root(root);
542 if (!sb->s_root)
543 goto error_i;
545 return 0;
547 error_i:
548 iput(root);
549 error:
550 return -EINVAL;
551 error_rsb_inval:
552 ret = -EINVAL;
553 error_rsb:
554 kfree(rsb);
555 return ret;
559 * get a superblock for mounting
561 static struct dentry *romfs_mount(struct file_system_type *fs_type,
562 int flags, const char *dev_name,
563 void *data)
565 struct dentry *ret = ERR_PTR(-EINVAL);
567 #ifdef CONFIG_ROMFS_ON_MTD
568 ret = mount_mtd(fs_type, flags, dev_name, data, romfs_fill_super);
569 #endif
570 #ifdef CONFIG_ROMFS_ON_BLOCK
571 if (ret == ERR_PTR(-EINVAL))
572 ret = mount_bdev(fs_type, flags, dev_name, data,
573 romfs_fill_super);
574 #endif
575 return ret;
579 * destroy a romfs superblock in the appropriate manner
581 static void romfs_kill_sb(struct super_block *sb)
583 #ifdef CONFIG_ROMFS_ON_MTD
584 if (sb->s_mtd) {
585 kill_mtd_super(sb);
586 return;
588 #endif
589 #ifdef CONFIG_ROMFS_ON_BLOCK
590 if (sb->s_bdev) {
591 kill_block_super(sb);
592 return;
594 #endif
597 static struct file_system_type romfs_fs_type = {
598 .owner = THIS_MODULE,
599 .name = "romfs",
600 .mount = romfs_mount,
601 .kill_sb = romfs_kill_sb,
602 .fs_flags = FS_REQUIRES_DEV,
606 * inode storage initialiser
608 static void romfs_i_init_once(void *_inode)
610 struct romfs_inode_info *inode = _inode;
612 inode_init_once(&inode->vfs_inode);
616 * romfs module initialisation
618 static int __init init_romfs_fs(void)
620 int ret;
622 printk(KERN_INFO "ROMFS MTD (C) 2007 Red Hat, Inc.\n");
624 romfs_inode_cachep =
625 kmem_cache_create("romfs_i",
626 sizeof(struct romfs_inode_info), 0,
627 SLAB_RECLAIM_ACCOUNT | SLAB_MEM_SPREAD,
628 romfs_i_init_once);
630 if (!romfs_inode_cachep) {
631 printk(KERN_ERR
632 "ROMFS error: Failed to initialise inode cache\n");
633 return -ENOMEM;
635 ret = register_filesystem(&romfs_fs_type);
636 if (ret) {
637 printk(KERN_ERR "ROMFS error: Failed to register filesystem\n");
638 goto error_register;
640 return 0;
642 error_register:
643 kmem_cache_destroy(romfs_inode_cachep);
644 return ret;
648 * romfs module removal
650 static void __exit exit_romfs_fs(void)
652 unregister_filesystem(&romfs_fs_type);
653 kmem_cache_destroy(romfs_inode_cachep);
656 module_init(init_romfs_fs);
657 module_exit(exit_romfs_fs);
659 MODULE_DESCRIPTION("Direct-MTD Capable RomFS");
660 MODULE_AUTHOR("Red Hat, Inc.");
661 MODULE_LICENSE("GPL"); /* Actually dual-licensed, but it doesn't matter for */