Commit 1ae78a14 authored by Linus Torvalds's avatar Linus Torvalds

Merge tag '6.4-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd

Pull ksmbd server updates from Steve French:

 - SMB3.1.1 negotiate context fixes and cleanup

 - new lock_rename_child VFS helper

 - ksmbd fix to avoid unlink race and to use the new VFS helper to avoid
   rename race

* tag '6.4-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
  ksmbd: fix racy issue from using ->d_parent and ->d_name
  ksmbd: remove unused compression negotiate ctx packing
  ksmbd: avoid duplicate negotiate ctx offset increments
  ksmbd: set NegotiateContextCount once instead of every inc
  fs: introduce lock_rename_child() helper
  ksmbd: remove internal.h include
parents 4e1c80ae 74d7970f
...@@ -59,8 +59,6 @@ extern int finish_clean_context(struct fs_context *fc); ...@@ -59,8 +59,6 @@ extern int finish_clean_context(struct fs_context *fc);
*/ */
extern int filename_lookup(int dfd, struct filename *name, unsigned flags, extern int filename_lookup(int dfd, struct filename *name, unsigned flags,
struct path *path, struct path *root); struct path *path, struct path *root);
extern int vfs_path_lookup(struct dentry *, struct vfsmount *,
const char *, unsigned int, struct path *);
int do_rmdir(int dfd, struct filename *name); int do_rmdir(int dfd, struct filename *name);
int do_unlinkat(int dfd, struct filename *name); int do_unlinkat(int dfd, struct filename *name);
int may_linkat(struct mnt_idmap *idmap, const struct path *link); int may_linkat(struct mnt_idmap *idmap, const struct path *link);
......
...@@ -756,19 +756,6 @@ static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt, ...@@ -756,19 +756,6 @@ static void build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt,
pneg_ctxt->Ciphers[0] = cipher_type; pneg_ctxt->Ciphers[0] = cipher_type;
} }
static void build_compression_ctxt(struct smb2_compression_capabilities_context *pneg_ctxt,
__le16 comp_algo)
{
pneg_ctxt->ContextType = SMB2_COMPRESSION_CAPABILITIES;
pneg_ctxt->DataLength =
cpu_to_le16(sizeof(struct smb2_compression_capabilities_context)
- sizeof(struct smb2_neg_context));
pneg_ctxt->Reserved = cpu_to_le32(0);
pneg_ctxt->CompressionAlgorithmCount = cpu_to_le16(1);
pneg_ctxt->Flags = cpu_to_le32(0);
pneg_ctxt->CompressionAlgorithms[0] = comp_algo;
}
static void build_sign_cap_ctxt(struct smb2_signing_capabilities *pneg_ctxt, static void build_sign_cap_ctxt(struct smb2_signing_capabilities *pneg_ctxt,
__le16 sign_algo) __le16 sign_algo)
{ {
...@@ -808,7 +795,7 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn, ...@@ -808,7 +795,7 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
struct smb2_negotiate_rsp *rsp, struct smb2_negotiate_rsp *rsp,
void *smb2_buf_len) void *smb2_buf_len)
{ {
char *pneg_ctxt = (char *)rsp + char * const pneg_ctxt = (char *)rsp +
le32_to_cpu(rsp->NegotiateContextOffset); le32_to_cpu(rsp->NegotiateContextOffset);
int neg_ctxt_cnt = 1; int neg_ctxt_cnt = 1;
int ctxt_size; int ctxt_size;
...@@ -817,61 +804,46 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn, ...@@ -817,61 +804,46 @@ static void assemble_neg_contexts(struct ksmbd_conn *conn,
"assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n"); "assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt, build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt,
conn->preauth_info->Preauth_HashId); conn->preauth_info->Preauth_HashId);
rsp->NegotiateContextCount = cpu_to_le16(neg_ctxt_cnt);
inc_rfc1001_len(smb2_buf_len, AUTH_GSS_PADDING); inc_rfc1001_len(smb2_buf_len, AUTH_GSS_PADDING);
ctxt_size = sizeof(struct smb2_preauth_neg_context); ctxt_size = sizeof(struct smb2_preauth_neg_context);
/* Round to 8 byte boundary */
pneg_ctxt += round_up(sizeof(struct smb2_preauth_neg_context), 8);
if (conn->cipher_type) { if (conn->cipher_type) {
/* Round to 8 byte boundary */
ctxt_size = round_up(ctxt_size, 8); ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB, ksmbd_debug(SMB,
"assemble SMB2_ENCRYPTION_CAPABILITIES context\n"); "assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt, build_encrypt_ctxt((struct smb2_encryption_neg_context *)
(pneg_ctxt + ctxt_size),
conn->cipher_type); conn->cipher_type);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt); neg_ctxt_cnt++;
ctxt_size += sizeof(struct smb2_encryption_neg_context) + 2; ctxt_size += sizeof(struct smb2_encryption_neg_context) + 2;
/* Round to 8 byte boundary */
pneg_ctxt +=
round_up(sizeof(struct smb2_encryption_neg_context) + 2,
8);
} }
if (conn->compress_algorithm) { /* compression context not yet supported */
ctxt_size = round_up(ctxt_size, 8); WARN_ON(conn->compress_algorithm != SMB3_COMPRESS_NONE);
ksmbd_debug(SMB,
"assemble SMB2_COMPRESSION_CAPABILITIES context\n");
/* Temporarily set to SMB3_COMPRESS_NONE */
build_compression_ctxt((struct smb2_compression_capabilities_context *)pneg_ctxt,
conn->compress_algorithm);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt);
ctxt_size += sizeof(struct smb2_compression_capabilities_context) + 2;
/* Round to 8 byte boundary */
pneg_ctxt += round_up(sizeof(struct smb2_compression_capabilities_context) + 2,
8);
}
if (conn->posix_ext_supported) { if (conn->posix_ext_supported) {
ctxt_size = round_up(ctxt_size, 8); ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB, ksmbd_debug(SMB,
"assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n"); "assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
build_posix_ctxt((struct smb2_posix_neg_context *)pneg_ctxt); build_posix_ctxt((struct smb2_posix_neg_context *)
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt); (pneg_ctxt + ctxt_size));
neg_ctxt_cnt++;
ctxt_size += sizeof(struct smb2_posix_neg_context); ctxt_size += sizeof(struct smb2_posix_neg_context);
/* Round to 8 byte boundary */
pneg_ctxt += round_up(sizeof(struct smb2_posix_neg_context), 8);
} }
if (conn->signing_negotiated) { if (conn->signing_negotiated) {
ctxt_size = round_up(ctxt_size, 8); ctxt_size = round_up(ctxt_size, 8);
ksmbd_debug(SMB, ksmbd_debug(SMB,
"assemble SMB2_SIGNING_CAPABILITIES context\n"); "assemble SMB2_SIGNING_CAPABILITIES context\n");
build_sign_cap_ctxt((struct smb2_signing_capabilities *)pneg_ctxt, build_sign_cap_ctxt((struct smb2_signing_capabilities *)
(pneg_ctxt + ctxt_size),
conn->signing_algorithm); conn->signing_algorithm);
rsp->NegotiateContextCount = cpu_to_le16(++neg_ctxt_cnt); neg_ctxt_cnt++;
ctxt_size += sizeof(struct smb2_signing_capabilities) + 2; ctxt_size += sizeof(struct smb2_signing_capabilities) + 2;
} }
rsp->NegotiateContextCount = cpu_to_le16(neg_ctxt_cnt);
inc_rfc1001_len(smb2_buf_len, ctxt_size); inc_rfc1001_len(smb2_buf_len, ctxt_size);
} }
...@@ -2436,7 +2408,7 @@ static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name, ...@@ -2436,7 +2408,7 @@ static int smb2_creat(struct ksmbd_work *work, struct path *path, char *name,
return rc; return rc;
} }
rc = ksmbd_vfs_kern_path(work, name, 0, path, 0); rc = ksmbd_vfs_kern_path_locked(work, name, 0, path, 0);
if (rc) { if (rc) {
pr_err("cannot get linux path (%s), err = %d\n", pr_err("cannot get linux path (%s), err = %d\n",
name, rc); name, rc);
...@@ -2727,8 +2699,10 @@ int smb2_open(struct ksmbd_work *work) ...@@ -2727,8 +2699,10 @@ int smb2_open(struct ksmbd_work *work)
goto err_out1; goto err_out1;
} }
rc = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, 1); rc = ksmbd_vfs_kern_path_locked(work, name, LOOKUP_NO_SYMLINKS, &path, 1);
if (!rc) { if (!rc) {
file_present = true;
if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) { if (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE) {
/* /*
* If file exists with under flags, return access * If file exists with under flags, return access
...@@ -2737,7 +2711,6 @@ int smb2_open(struct ksmbd_work *work) ...@@ -2737,7 +2711,6 @@ int smb2_open(struct ksmbd_work *work)
if (req->CreateDisposition == FILE_OVERWRITE_IF_LE || if (req->CreateDisposition == FILE_OVERWRITE_IF_LE ||
req->CreateDisposition == FILE_OPEN_IF_LE) { req->CreateDisposition == FILE_OPEN_IF_LE) {
rc = -EACCES; rc = -EACCES;
path_put(&path);
goto err_out; goto err_out;
} }
...@@ -2745,26 +2718,23 @@ int smb2_open(struct ksmbd_work *work) ...@@ -2745,26 +2718,23 @@ int smb2_open(struct ksmbd_work *work)
ksmbd_debug(SMB, ksmbd_debug(SMB,
"User does not have write permission\n"); "User does not have write permission\n");
rc = -EACCES; rc = -EACCES;
path_put(&path);
goto err_out; goto err_out;
} }
} else if (d_is_symlink(path.dentry)) { } else if (d_is_symlink(path.dentry)) {
rc = -EACCES; rc = -EACCES;
path_put(&path);
goto err_out; goto err_out;
} }
}
if (rc) { file_present = true;
idmap = mnt_idmap(path.mnt);
} else {
if (rc != -ENOENT) if (rc != -ENOENT)
goto err_out; goto err_out;
ksmbd_debug(SMB, "can not get linux path for %s, rc = %d\n", ksmbd_debug(SMB, "can not get linux path for %s, rc = %d\n",
name, rc); name, rc);
rc = 0; rc = 0;
} else {
file_present = true;
idmap = mnt_idmap(path.mnt);
} }
if (stream_name) { if (stream_name) {
if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) { if (req->CreateOptions & FILE_DIRECTORY_FILE_LE) {
if (s_type == DATA_STREAM) { if (s_type == DATA_STREAM) {
...@@ -2892,8 +2862,9 @@ int smb2_open(struct ksmbd_work *work) ...@@ -2892,8 +2862,9 @@ int smb2_open(struct ksmbd_work *work)
if ((daccess & FILE_DELETE_LE) || if ((daccess & FILE_DELETE_LE) ||
(req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) { (req->CreateOptions & FILE_DELETE_ON_CLOSE_LE)) {
rc = ksmbd_vfs_may_delete(idmap, rc = inode_permission(idmap,
path.dentry); d_inode(path.dentry->d_parent),
MAY_EXEC | MAY_WRITE);
if (rc) if (rc)
goto err_out; goto err_out;
} }
...@@ -3264,10 +3235,13 @@ int smb2_open(struct ksmbd_work *work) ...@@ -3264,10 +3235,13 @@ int smb2_open(struct ksmbd_work *work)
} }
err_out: err_out:
if (file_present || created) if (file_present || created) {
path_put(&path); inode_unlock(d_inode(path.dentry->d_parent));
dput(path.dentry);
}
ksmbd_revert_fsids(work); ksmbd_revert_fsids(work);
err_out1: err_out1:
if (rc) { if (rc) {
if (rc == -EINVAL) if (rc == -EINVAL)
rsp->hdr.Status = STATUS_INVALID_PARAMETER; rsp->hdr.Status = STATUS_INVALID_PARAMETER;
...@@ -5418,44 +5392,19 @@ int smb2_echo(struct ksmbd_work *work) ...@@ -5418,44 +5392,19 @@ int smb2_echo(struct ksmbd_work *work)
static int smb2_rename(struct ksmbd_work *work, static int smb2_rename(struct ksmbd_work *work,
struct ksmbd_file *fp, struct ksmbd_file *fp,
struct mnt_idmap *idmap,
struct smb2_file_rename_info *file_info, struct smb2_file_rename_info *file_info,
struct nls_table *local_nls) struct nls_table *local_nls)
{ {
struct ksmbd_share_config *share = fp->tcon->share_conf; struct ksmbd_share_config *share = fp->tcon->share_conf;
char *new_name = NULL, *abs_oldname = NULL, *old_name = NULL; char *new_name = NULL;
char *pathname = NULL; int rc, flags = 0;
struct path path;
bool file_present = true;
int rc;
ksmbd_debug(SMB, "setting FILE_RENAME_INFO\n"); ksmbd_debug(SMB, "setting FILE_RENAME_INFO\n");
pathname = kmalloc(PATH_MAX, GFP_KERNEL);
if (!pathname)
return -ENOMEM;
abs_oldname = file_path(fp->filp, pathname, PATH_MAX);
if (IS_ERR(abs_oldname)) {
rc = -EINVAL;
goto out;
}
old_name = strrchr(abs_oldname, '/');
if (old_name && old_name[1] != '\0') {
old_name++;
} else {
ksmbd_debug(SMB, "can't get last component in path %s\n",
abs_oldname);
rc = -ENOENT;
goto out;
}
new_name = smb2_get_name(file_info->FileName, new_name = smb2_get_name(file_info->FileName,
le32_to_cpu(file_info->FileNameLength), le32_to_cpu(file_info->FileNameLength),
local_nls); local_nls);
if (IS_ERR(new_name)) { if (IS_ERR(new_name))
rc = PTR_ERR(new_name); return PTR_ERR(new_name);
goto out;
}
if (strchr(new_name, ':')) { if (strchr(new_name, ':')) {
int s_type; int s_type;
...@@ -5481,7 +5430,7 @@ static int smb2_rename(struct ksmbd_work *work, ...@@ -5481,7 +5430,7 @@ static int smb2_rename(struct ksmbd_work *work,
if (rc) if (rc)
goto out; goto out;
rc = ksmbd_vfs_setxattr(idmap, rc = ksmbd_vfs_setxattr(file_mnt_idmap(fp->filp),
fp->filp->f_path.dentry, fp->filp->f_path.dentry,
xattr_stream_name, xattr_stream_name,
NULL, 0, 0); NULL, 0, 0);
...@@ -5496,46 +5445,17 @@ static int smb2_rename(struct ksmbd_work *work, ...@@ -5496,46 +5445,17 @@ static int smb2_rename(struct ksmbd_work *work,
} }
ksmbd_debug(SMB, "new name %s\n", new_name); ksmbd_debug(SMB, "new name %s\n", new_name);
rc = ksmbd_vfs_kern_path(work, new_name, LOOKUP_NO_SYMLINKS, &path, 1);
if (rc) {
if (rc != -ENOENT)
goto out;
file_present = false;
} else {
path_put(&path);
}
if (ksmbd_share_veto_filename(share, new_name)) { if (ksmbd_share_veto_filename(share, new_name)) {
rc = -ENOENT; rc = -ENOENT;
ksmbd_debug(SMB, "Can't rename vetoed file: %s\n", new_name); ksmbd_debug(SMB, "Can't rename vetoed file: %s\n", new_name);
goto out; goto out;
} }
if (file_info->ReplaceIfExists) { if (!file_info->ReplaceIfExists)
if (file_present) { flags = RENAME_NOREPLACE;
rc = ksmbd_vfs_remove_file(work, new_name);
if (rc) {
if (rc != -ENOTEMPTY)
rc = -EINVAL;
ksmbd_debug(SMB, "cannot delete %s, rc %d\n",
new_name, rc);
goto out;
}
}
} else {
if (file_present &&
strncmp(old_name, path.dentry->d_name.name, strlen(old_name))) {
rc = -EEXIST;
ksmbd_debug(SMB,
"cannot rename already existing file\n");
goto out;
}
}
rc = ksmbd_vfs_fp_rename(work, fp, new_name); rc = ksmbd_vfs_rename(work, &fp->filp->f_path, new_name, flags);
out: out:
kfree(pathname);
if (!IS_ERR(new_name))
kfree(new_name); kfree(new_name);
return rc; return rc;
} }
...@@ -5576,18 +5496,17 @@ static int smb2_create_link(struct ksmbd_work *work, ...@@ -5576,18 +5496,17 @@ static int smb2_create_link(struct ksmbd_work *work,
} }
ksmbd_debug(SMB, "target name is %s\n", target_name); ksmbd_debug(SMB, "target name is %s\n", target_name);
rc = ksmbd_vfs_kern_path(work, link_name, LOOKUP_NO_SYMLINKS, &path, 0); rc = ksmbd_vfs_kern_path_locked(work, link_name, LOOKUP_NO_SYMLINKS,
&path, 0);
if (rc) { if (rc) {
if (rc != -ENOENT) if (rc != -ENOENT)
goto out; goto out;
file_present = false; file_present = false;
} else {
path_put(&path);
} }
if (file_info->ReplaceIfExists) { if (file_info->ReplaceIfExists) {
if (file_present) { if (file_present) {
rc = ksmbd_vfs_remove_file(work, link_name); rc = ksmbd_vfs_remove_file(work, &path);
if (rc) { if (rc) {
rc = -EINVAL; rc = -EINVAL;
ksmbd_debug(SMB, "cannot delete %s\n", ksmbd_debug(SMB, "cannot delete %s\n",
...@@ -5607,6 +5526,10 @@ static int smb2_create_link(struct ksmbd_work *work, ...@@ -5607,6 +5526,10 @@ static int smb2_create_link(struct ksmbd_work *work,
if (rc) if (rc)
rc = -EINVAL; rc = -EINVAL;
out: out:
if (file_present) {
inode_unlock(d_inode(path.dentry->d_parent));
path_put(&path);
}
if (!IS_ERR(link_name)) if (!IS_ERR(link_name))
kfree(link_name); kfree(link_name);
kfree(pathname); kfree(pathname);
...@@ -5784,12 +5707,6 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp, ...@@ -5784,12 +5707,6 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
struct smb2_file_rename_info *rename_info, struct smb2_file_rename_info *rename_info,
unsigned int buf_len) unsigned int buf_len)
{ {
struct mnt_idmap *idmap;
struct ksmbd_file *parent_fp;
struct dentry *parent;
struct dentry *dentry = fp->filp->f_path.dentry;
int ret;
if (!(fp->daccess & FILE_DELETE_LE)) { if (!(fp->daccess & FILE_DELETE_LE)) {
pr_err("no right to delete : 0x%x\n", fp->daccess); pr_err("no right to delete : 0x%x\n", fp->daccess);
return -EACCES; return -EACCES;
...@@ -5799,32 +5716,10 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp, ...@@ -5799,32 +5716,10 @@ static int set_rename_info(struct ksmbd_work *work, struct ksmbd_file *fp,
le32_to_cpu(rename_info->FileNameLength)) le32_to_cpu(rename_info->FileNameLength))
return -EINVAL; return -EINVAL;
idmap = file_mnt_idmap(fp->filp); if (!le32_to_cpu(rename_info->FileNameLength))
if (ksmbd_stream_fd(fp)) return -EINVAL;
goto next;
parent = dget_parent(dentry);
ret = ksmbd_vfs_lock_parent(idmap, parent, dentry);
if (ret) {
dput(parent);
return ret;
}
parent_fp = ksmbd_lookup_fd_inode(d_inode(parent));
inode_unlock(d_inode(parent));
dput(parent);
if (parent_fp) { return smb2_rename(work, fp, rename_info, work->conn->local_nls);
if (parent_fp->daccess & FILE_DELETE_LE) {
pr_err("parent dir is opened with delete access\n");
ksmbd_fd_put(work, parent_fp);
return -ESHARE;
}
ksmbd_fd_put(work, parent_fp);
}
next:
return smb2_rename(work, fp, idmap, rename_info,
work->conn->local_nls);
} }
static int set_file_disposition_info(struct ksmbd_file *fp, static int set_file_disposition_info(struct ksmbd_file *fp,
......
...@@ -18,8 +18,7 @@ ...@@ -18,8 +18,7 @@
#include <linux/vmalloc.h> #include <linux/vmalloc.h>
#include <linux/sched/xacct.h> #include <linux/sched/xacct.h>
#include <linux/crc32c.h> #include <linux/crc32c.h>
#include <linux/namei.h>
#include "../internal.h" /* for vfs_path_lookup */
#include "glob.h" #include "glob.h"
#include "oplock.h" #include "oplock.h"
...@@ -37,19 +36,6 @@ ...@@ -37,19 +36,6 @@
#include "mgmt/user_session.h" #include "mgmt/user_session.h"
#include "mgmt/user_config.h" #include "mgmt/user_config.h"
static char *extract_last_component(char *path)
{
char *p = strrchr(path, '/');
if (p && p[1] != '\0') {
*p = '\0';
p++;
} else {
p = NULL;
}
return p;
}
static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work, static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
struct inode *parent_inode, struct inode *parent_inode,
struct inode *inode) struct inode *inode)
...@@ -63,65 +49,77 @@ static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work, ...@@ -63,65 +49,77 @@ static void ksmbd_vfs_inherit_owner(struct ksmbd_work *work,
/** /**
* ksmbd_vfs_lock_parent() - lock parent dentry if it is stable * ksmbd_vfs_lock_parent() - lock parent dentry if it is stable
*
* the parent dentry got by dget_parent or @parent could be
* unstable, we try to lock a parent inode and lookup the
* child dentry again.
*
* the reference count of @parent isn't incremented.
*/ */
int ksmbd_vfs_lock_parent(struct mnt_idmap *idmap, struct dentry *parent, int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child)
struct dentry *child)
{ {
struct dentry *dentry;
int ret = 0;
inode_lock_nested(d_inode(parent), I_MUTEX_PARENT); inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
dentry = lookup_one(idmap, child->d_name.name, parent, if (child->d_parent != parent) {
child->d_name.len); inode_unlock(d_inode(parent));
if (IS_ERR(dentry)) { return -ENOENT;
ret = PTR_ERR(dentry);
goto out_err;
}
if (dentry != child) {
ret = -ESTALE;
dput(dentry);
goto out_err;
} }
dput(dentry);
return 0; return 0;
out_err:
inode_unlock(d_inode(parent));
return ret;
} }
int ksmbd_vfs_may_delete(struct mnt_idmap *idmap, static int ksmbd_vfs_path_lookup_locked(struct ksmbd_share_config *share_conf,
struct dentry *dentry) char *pathname, unsigned int flags,
struct path *path)
{ {
struct dentry *parent; struct qstr last;
int ret; struct filename *filename;
struct path *root_share_path = &share_conf->vfs_path;
int err, type;
struct path parent_path;
struct dentry *d;
parent = dget_parent(dentry); if (pathname[0] == '\0') {
ret = ksmbd_vfs_lock_parent(idmap, parent, dentry); pathname = share_conf->path;
if (ret) { root_share_path = NULL;
dput(parent); } else {
return ret; flags |= LOOKUP_BENEATH;
} }
ret = inode_permission(idmap, d_inode(parent), filename = getname_kernel(pathname);
MAY_EXEC | MAY_WRITE); if (IS_ERR(filename))
return PTR_ERR(filename);
inode_unlock(d_inode(parent)); err = vfs_path_parent_lookup(filename, flags,
dput(parent); &parent_path, &last, &type,
return ret; root_share_path);
putname(filename);
if (err)
return err;
if (unlikely(type != LAST_NORM)) {
path_put(&parent_path);
return -ENOENT;
}
inode_lock_nested(parent_path.dentry->d_inode, I_MUTEX_PARENT);
d = lookup_one_qstr_excl(&last, parent_path.dentry, 0);
if (IS_ERR(d))
goto err_out;
if (d_is_negative(d)) {
dput(d);
goto err_out;
}
path->dentry = d;
path->mnt = share_conf->vfs_path.mnt;
path_put(&parent_path);
return 0;
err_out:
inode_unlock(parent_path.dentry->d_inode);
path_put(&parent_path);
return -ENOENT;
} }
int ksmbd_vfs_query_maximal_access(struct mnt_idmap *idmap, int ksmbd_vfs_query_maximal_access(struct mnt_idmap *idmap,
struct dentry *dentry, __le32 *daccess) struct dentry *dentry, __le32 *daccess)
{ {
struct dentry *parent;
int ret = 0; int ret = 0;
*daccess = cpu_to_le32(FILE_READ_ATTRIBUTES | READ_CONTROL); *daccess = cpu_to_le32(FILE_READ_ATTRIBUTES | READ_CONTROL);
...@@ -138,18 +136,9 @@ int ksmbd_vfs_query_maximal_access(struct mnt_idmap *idmap, ...@@ -138,18 +136,9 @@ int ksmbd_vfs_query_maximal_access(struct mnt_idmap *idmap,
if (!inode_permission(idmap, d_inode(dentry), MAY_OPEN | MAY_EXEC)) if (!inode_permission(idmap, d_inode(dentry), MAY_OPEN | MAY_EXEC))
*daccess |= FILE_EXECUTE_LE; *daccess |= FILE_EXECUTE_LE;
parent = dget_parent(dentry); if (!inode_permission(idmap, d_inode(dentry->d_parent), MAY_EXEC | MAY_WRITE))
ret = ksmbd_vfs_lock_parent(idmap, parent, dentry);
if (ret) {
dput(parent);
return ret;
}
if (!inode_permission(idmap, d_inode(parent), MAY_EXEC | MAY_WRITE))
*daccess |= FILE_DELETE_LE; *daccess |= FILE_DELETE_LE;
inode_unlock(d_inode(parent));
dput(parent);
return ret; return ret;
} }
...@@ -582,54 +571,32 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id) ...@@ -582,54 +571,32 @@ int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id)
* *
* Return: 0 on success, otherwise error * Return: 0 on success, otherwise error
*/ */
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name) int ksmbd_vfs_remove_file(struct ksmbd_work *work, const struct path *path)
{ {
struct mnt_idmap *idmap; struct mnt_idmap *idmap;
struct path path; struct dentry *parent = path->dentry->d_parent;
struct dentry *parent;
int err; int err;
if (ksmbd_override_fsids(work)) if (ksmbd_override_fsids(work))
return -ENOMEM; return -ENOMEM;
err = ksmbd_vfs_kern_path(work, name, LOOKUP_NO_SYMLINKS, &path, false); if (!d_inode(path->dentry)->i_nlink) {
if (err) {
ksmbd_debug(VFS, "can't get %s, err %d\n", name, err);
ksmbd_revert_fsids(work);
return err;
}
idmap = mnt_idmap(path.mnt);
parent = dget_parent(path.dentry);
err = ksmbd_vfs_lock_parent(idmap, parent, path.dentry);
if (err) {
dput(parent);
path_put(&path);
ksmbd_revert_fsids(work);
return err;
}
if (!d_inode(path.dentry)->i_nlink) {
err = -ENOENT; err = -ENOENT;
goto out_err; goto out_err;
} }
if (S_ISDIR(d_inode(path.dentry)->i_mode)) { idmap = mnt_idmap(path->mnt);
err = vfs_rmdir(idmap, d_inode(parent), path.dentry); if (S_ISDIR(d_inode(path->dentry)->i_mode)) {
err = vfs_rmdir(idmap, d_inode(parent), path->dentry);
if (err && err != -ENOTEMPTY) if (err && err != -ENOTEMPTY)
ksmbd_debug(VFS, "%s: rmdir failed, err %d\n", name, ksmbd_debug(VFS, "rmdir failed, err %d\n", err);
err);
} else { } else {
err = vfs_unlink(idmap, d_inode(parent), path.dentry, NULL); err = vfs_unlink(idmap, d_inode(parent), path->dentry, NULL);
if (err) if (err)
ksmbd_debug(VFS, "%s: unlink failed, err %d\n", name, ksmbd_debug(VFS, "unlink failed, err %d\n", err);
err);
} }
out_err: out_err:
inode_unlock(d_inode(parent));
dput(parent);
path_put(&path);
ksmbd_revert_fsids(work); ksmbd_revert_fsids(work);
return err; return err;
} }
...@@ -688,149 +655,114 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname, ...@@ -688,149 +655,114 @@ int ksmbd_vfs_link(struct ksmbd_work *work, const char *oldname,
return err; return err;
} }
static int ksmbd_validate_entry_in_use(struct dentry *src_dent) int ksmbd_vfs_rename(struct ksmbd_work *work, const struct path *old_path,
char *newname, int flags)
{ {
struct dentry *dst_dent; struct dentry *old_parent, *new_dentry, *trap;
struct dentry *old_child = old_path->dentry;
spin_lock(&src_dent->d_lock); struct path new_path;
list_for_each_entry(dst_dent, &src_dent->d_subdirs, d_child) { struct qstr new_last;
struct ksmbd_file *child_fp; struct renamedata rd;
struct filename *to;
struct ksmbd_share_config *share_conf = work->tcon->share_conf;
struct ksmbd_file *parent_fp;
int new_type;
int err, lookup_flags = LOOKUP_NO_SYMLINKS;
if (d_really_is_negative(dst_dent)) if (ksmbd_override_fsids(work))
continue; return -ENOMEM;
child_fp = ksmbd_lookup_fd_inode(d_inode(dst_dent)); to = getname_kernel(newname);
if (child_fp) { if (IS_ERR(to)) {
spin_unlock(&src_dent->d_lock); err = PTR_ERR(to);
ksmbd_debug(VFS, "Forbid rename, sub file/dir is in use\n"); goto revert_fsids;
return -EACCES;
} }
}
spin_unlock(&src_dent->d_lock);
return 0; retry:
} err = vfs_path_parent_lookup(to, lookup_flags | LOOKUP_BENEATH,
&new_path, &new_last, &new_type,
&share_conf->vfs_path);
if (err)
goto out1;
static int __ksmbd_vfs_rename(struct ksmbd_work *work, if (old_path->mnt != new_path.mnt) {
struct mnt_idmap *src_idmap, err = -EXDEV;
struct dentry *src_dent_parent, goto out2;
struct dentry *src_dent, }
struct mnt_idmap *dst_idmap,
struct dentry *dst_dent_parent,
struct dentry *trap_dent,
char *dst_name)
{
struct dentry *dst_dent;
int err;
if (!work->tcon->posix_extensions) { trap = lock_rename_child(old_child, new_path.dentry);
err = ksmbd_validate_entry_in_use(src_dent);
if (err) old_parent = dget(old_child->d_parent);
return err; if (d_unhashed(old_child)) {
err = -EINVAL;
goto out3;
} }
if (d_really_is_negative(src_dent_parent)) parent_fp = ksmbd_lookup_fd_inode(d_inode(old_child->d_parent));
return -ENOENT; if (parent_fp) {
if (d_really_is_negative(dst_dent_parent)) if (parent_fp->daccess & FILE_DELETE_LE) {
return -ENOENT; pr_err("parent dir is opened with delete access\n");
if (d_really_is_negative(src_dent)) err = -ESHARE;
return -ENOENT; ksmbd_fd_put(work, parent_fp);
if (src_dent == trap_dent) goto out3;
return -EINVAL; }
ksmbd_fd_put(work, parent_fp);
}
if (ksmbd_override_fsids(work)) new_dentry = lookup_one_qstr_excl(&new_last, new_path.dentry,
return -ENOMEM; lookup_flags | LOOKUP_RENAME_TARGET);
if (IS_ERR(new_dentry)) {
err = PTR_ERR(new_dentry);
goto out3;
}
dst_dent = lookup_one(dst_idmap, dst_name, if (d_is_symlink(new_dentry)) {
dst_dent_parent, strlen(dst_name)); err = -EACCES;
err = PTR_ERR(dst_dent); goto out4;
if (IS_ERR(dst_dent)) {
pr_err("lookup failed %s [%d]\n", dst_name, err);
goto out;
} }
err = -ENOTEMPTY; if ((flags & RENAME_NOREPLACE) && d_is_positive(new_dentry)) {
if (dst_dent != trap_dent && !d_really_is_positive(dst_dent)) { err = -EEXIST;
struct renamedata rd = { goto out4;
.old_mnt_idmap = src_idmap,
.old_dir = d_inode(src_dent_parent),
.old_dentry = src_dent,
.new_mnt_idmap = dst_idmap,
.new_dir = d_inode(dst_dent_parent),
.new_dentry = dst_dent,
};
err = vfs_rename(&rd);
} }
if (err)
pr_err("vfs_rename failed err %d\n", err);
if (dst_dent)
dput(dst_dent);
out:
ksmbd_revert_fsids(work);
return err;
}
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp, if (old_child == trap) {
char *newname) err = -EINVAL;
{ goto out4;
struct mnt_idmap *idmap; }
struct path dst_path;
struct dentry *src_dent_parent, *dst_dent_parent;
struct dentry *src_dent, *trap_dent, *src_child;
char *dst_name;
int err;
dst_name = extract_last_component(newname); if (new_dentry == trap) {
if (!dst_name) { err = -ENOTEMPTY;
dst_name = newname; goto out4;
newname = "";
} }
src_dent_parent = dget_parent(fp->filp->f_path.dentry); rd.old_mnt_idmap = mnt_idmap(old_path->mnt),
src_dent = fp->filp->f_path.dentry; rd.old_dir = d_inode(old_parent),
rd.old_dentry = old_child,
rd.new_mnt_idmap = mnt_idmap(new_path.mnt),
rd.new_dir = new_path.dentry->d_inode,
rd.new_dentry = new_dentry,
rd.flags = flags,
err = vfs_rename(&rd);
if (err)
ksmbd_debug(VFS, "vfs_rename failed err %d\n", err);
err = ksmbd_vfs_kern_path(work, newname, out4:
LOOKUP_NO_SYMLINKS | LOOKUP_DIRECTORY, dput(new_dentry);
&dst_path, false); out3:
if (err) { dput(old_parent);
ksmbd_debug(VFS, "Cannot get path for %s [%d]\n", newname, err); unlock_rename(old_parent, new_path.dentry);
goto out; out2:
path_put(&new_path);
if (retry_estale(err, lookup_flags)) {
lookup_flags |= LOOKUP_REVAL;
goto retry;
} }
dst_dent_parent = dst_path.dentry; out1:
putname(to);
trap_dent = lock_rename(src_dent_parent, dst_dent_parent); revert_fsids:
dget(src_dent); ksmbd_revert_fsids(work);
dget(dst_dent_parent);
idmap = file_mnt_idmap(fp->filp);
src_child = lookup_one(idmap, src_dent->d_name.name, src_dent_parent,
src_dent->d_name.len);
if (IS_ERR(src_child)) {
err = PTR_ERR(src_child);
goto out_lock;
}
if (src_child != src_dent) {
err = -ESTALE;
dput(src_child);
goto out_lock;
}
dput(src_child);
err = __ksmbd_vfs_rename(work,
idmap,
src_dent_parent,
src_dent,
mnt_idmap(dst_path.mnt),
dst_dent_parent,
trap_dent,
dst_name);
out_lock:
dput(src_dent);
dput(dst_dent_parent);
unlock_rename(src_dent_parent, dst_dent_parent);
path_put(&dst_path);
out:
dput(src_dent_parent);
return err; return err;
} }
...@@ -1081,14 +1013,16 @@ int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap, ...@@ -1081,14 +1013,16 @@ int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap,
return vfs_removexattr(idmap, dentry, attr_name); return vfs_removexattr(idmap, dentry, attr_name);
} }
int ksmbd_vfs_unlink(struct mnt_idmap *idmap, int ksmbd_vfs_unlink(struct file *filp)
struct dentry *dir, struct dentry *dentry)
{ {
int err = 0; int err = 0;
struct dentry *dir, *dentry = filp->f_path.dentry;
struct mnt_idmap *idmap = file_mnt_idmap(filp);
err = ksmbd_vfs_lock_parent(idmap, dir, dentry); dir = dget_parent(dentry);
err = ksmbd_vfs_lock_parent(dir, dentry);
if (err) if (err)
return err; goto out;
dget(dentry); dget(dentry);
if (S_ISDIR(d_inode(dentry)->i_mode)) if (S_ISDIR(d_inode(dentry)->i_mode))
...@@ -1100,6 +1034,8 @@ int ksmbd_vfs_unlink(struct mnt_idmap *idmap, ...@@ -1100,6 +1034,8 @@ int ksmbd_vfs_unlink(struct mnt_idmap *idmap,
inode_unlock(d_inode(dir)); inode_unlock(d_inode(dir));
if (err) if (err)
ksmbd_debug(VFS, "failed to delete, err %d\n", err); ksmbd_debug(VFS, "failed to delete, err %d\n", err);
out:
dput(dir);
return err; return err;
} }
...@@ -1202,7 +1138,7 @@ static int ksmbd_vfs_lookup_in_dir(const struct path *dir, char *name, ...@@ -1202,7 +1138,7 @@ static int ksmbd_vfs_lookup_in_dir(const struct path *dir, char *name,
} }
/** /**
* ksmbd_vfs_kern_path() - lookup a file and get path info * ksmbd_vfs_kern_path_locked() - lookup a file and get path info
* @name: file path that is relative to share * @name: file path that is relative to share
* @flags: lookup flags * @flags: lookup flags
* @path: if lookup succeed, return path info * @path: if lookup succeed, return path info
...@@ -1210,24 +1146,20 @@ static int ksmbd_vfs_lookup_in_dir(const struct path *dir, char *name, ...@@ -1210,24 +1146,20 @@ static int ksmbd_vfs_lookup_in_dir(const struct path *dir, char *name,
* *
* Return: 0 on success, otherwise error * Return: 0 on success, otherwise error
*/ */
int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name, int ksmbd_vfs_kern_path_locked(struct ksmbd_work *work, char *name,
unsigned int flags, struct path *path, bool caseless) unsigned int flags, struct path *path,
bool caseless)
{ {
struct ksmbd_share_config *share_conf = work->tcon->share_conf; struct ksmbd_share_config *share_conf = work->tcon->share_conf;
int err; int err;
struct path parent_path;
flags |= LOOKUP_BENEATH; err = ksmbd_vfs_path_lookup_locked(share_conf, name, flags, path);
err = vfs_path_lookup(share_conf->vfs_path.dentry,
share_conf->vfs_path.mnt,
name,
flags,
path);
if (!err) if (!err)
return 0; return err;
if (caseless) { if (caseless) {
char *filepath; char *filepath;
struct path parent;
size_t path_len, remain_len; size_t path_len, remain_len;
filepath = kstrdup(name, GFP_KERNEL); filepath = kstrdup(name, GFP_KERNEL);
...@@ -1237,10 +1169,10 @@ int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name, ...@@ -1237,10 +1169,10 @@ int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name,
path_len = strlen(filepath); path_len = strlen(filepath);
remain_len = path_len; remain_len = path_len;
parent = share_conf->vfs_path; parent_path = share_conf->vfs_path;
path_get(&parent); path_get(&parent_path);
while (d_can_lookup(parent.dentry)) { while (d_can_lookup(parent_path.dentry)) {
char *filename = filepath + path_len - remain_len; char *filename = filepath + path_len - remain_len;
char *next = strchrnul(filename, '/'); char *next = strchrnul(filename, '/');
size_t filename_len = next - filename; size_t filename_len = next - filename;
...@@ -1249,12 +1181,11 @@ int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name, ...@@ -1249,12 +1181,11 @@ int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name,
if (filename_len == 0) if (filename_len == 0)
break; break;
err = ksmbd_vfs_lookup_in_dir(&parent, filename, err = ksmbd_vfs_lookup_in_dir(&parent_path, filename,
filename_len, filename_len,
work->conn->um); work->conn->um);
path_put(&parent);
if (err) if (err)
goto out; goto out2;
next[0] = '\0'; next[0] = '\0';
...@@ -1262,23 +1193,31 @@ int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name, ...@@ -1262,23 +1193,31 @@ int ksmbd_vfs_kern_path(struct ksmbd_work *work, char *name,
share_conf->vfs_path.mnt, share_conf->vfs_path.mnt,
filepath, filepath,
flags, flags,
&parent); path);
if (err) if (err)
goto out; goto out2;
else if (is_last) { else if (is_last)
*path = parent; goto out1;
goto out; path_put(&parent_path);
} parent_path = *path;
next[0] = '/'; next[0] = '/';
remain_len -= filename_len + 1; remain_len -= filename_len + 1;
} }
path_put(&parent);
err = -EINVAL; err = -EINVAL;
out: out2:
path_put(&parent_path);
out1:
kfree(filepath); kfree(filepath);
} }
if (!err) {
err = ksmbd_vfs_lock_parent(parent_path.dentry, path->dentry);
if (err)
dput(path->dentry);
path_put(&parent_path);
}
return err; return err;
} }
......
...@@ -71,9 +71,7 @@ struct ksmbd_kstat { ...@@ -71,9 +71,7 @@ struct ksmbd_kstat {
__le32 file_attributes; __le32 file_attributes;
}; };
int ksmbd_vfs_lock_parent(struct mnt_idmap *idmap, struct dentry *parent, int ksmbd_vfs_lock_parent(struct dentry *parent, struct dentry *child);
struct dentry *child);
int ksmbd_vfs_may_delete(struct mnt_idmap *idmap, struct dentry *dentry);
int ksmbd_vfs_query_maximal_access(struct mnt_idmap *idmap, int ksmbd_vfs_query_maximal_access(struct mnt_idmap *idmap,
struct dentry *dentry, __le32 *daccess); struct dentry *dentry, __le32 *daccess);
int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode); int ksmbd_vfs_create(struct ksmbd_work *work, const char *name, umode_t mode);
...@@ -84,12 +82,12 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp, ...@@ -84,12 +82,12 @@ int ksmbd_vfs_write(struct ksmbd_work *work, struct ksmbd_file *fp,
char *buf, size_t count, loff_t *pos, bool sync, char *buf, size_t count, loff_t *pos, bool sync,
ssize_t *written); ssize_t *written);
int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id); int ksmbd_vfs_fsync(struct ksmbd_work *work, u64 fid, u64 p_id);
int ksmbd_vfs_remove_file(struct ksmbd_work *work, char *name); int ksmbd_vfs_remove_file(struct ksmbd_work *work, const struct path *path);
int ksmbd_vfs_link(struct ksmbd_work *work, int ksmbd_vfs_link(struct ksmbd_work *work,
const char *oldname, const char *newname); const char *oldname, const char *newname);
int ksmbd_vfs_getattr(const struct path *path, struct kstat *stat); int ksmbd_vfs_getattr(const struct path *path, struct kstat *stat);
int ksmbd_vfs_fp_rename(struct ksmbd_work *work, struct ksmbd_file *fp, int ksmbd_vfs_rename(struct ksmbd_work *work, const struct path *old_path,
char *newname); char *newname, int flags);
int ksmbd_vfs_truncate(struct ksmbd_work *work, int ksmbd_vfs_truncate(struct ksmbd_work *work,
struct ksmbd_file *fp, loff_t size); struct ksmbd_file *fp, loff_t size);
struct srv_copychunk; struct srv_copychunk;
...@@ -116,8 +114,8 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name, ...@@ -116,8 +114,8 @@ int ksmbd_vfs_xattr_stream_name(char *stream_name, char **xattr_stream_name,
size_t *xattr_stream_name_size, int s_type); size_t *xattr_stream_name_size, int s_type);
int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap, int ksmbd_vfs_remove_xattr(struct mnt_idmap *idmap,
struct dentry *dentry, char *attr_name); struct dentry *dentry, char *attr_name);
int ksmbd_vfs_kern_path(struct ksmbd_work *work, int ksmbd_vfs_kern_path_locked(struct ksmbd_work *work, char *name,
char *name, unsigned int flags, struct path *path, unsigned int flags, struct path *path,
bool caseless); bool caseless);
struct dentry *ksmbd_vfs_kern_path_create(struct ksmbd_work *work, struct dentry *ksmbd_vfs_kern_path_create(struct ksmbd_work *work,
const char *name, const char *name,
...@@ -131,8 +129,7 @@ struct file_allocated_range_buffer; ...@@ -131,8 +129,7 @@ struct file_allocated_range_buffer;
int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length, int ksmbd_vfs_fqar_lseek(struct ksmbd_file *fp, loff_t start, loff_t length,
struct file_allocated_range_buffer *ranges, struct file_allocated_range_buffer *ranges,
unsigned int in_count, unsigned int *out_count); unsigned int in_count, unsigned int *out_count);
int ksmbd_vfs_unlink(struct mnt_idmap *idmap, struct dentry *dir, int ksmbd_vfs_unlink(struct file *filp);
struct dentry *dentry);
void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat); void *ksmbd_vfs_init_kstat(char **p, struct ksmbd_kstat *ksmbd_kstat);
int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work, int ksmbd_vfs_fill_dentry_attrs(struct ksmbd_work *work,
struct mnt_idmap *idmap, struct mnt_idmap *idmap,
......
...@@ -244,7 +244,6 @@ void ksmbd_release_inode_hash(void) ...@@ -244,7 +244,6 @@ void ksmbd_release_inode_hash(void)
static void __ksmbd_inode_close(struct ksmbd_file *fp) static void __ksmbd_inode_close(struct ksmbd_file *fp)
{ {
struct dentry *dir, *dentry;
struct ksmbd_inode *ci = fp->f_ci; struct ksmbd_inode *ci = fp->f_ci;
int err; int err;
struct file *filp; struct file *filp;
...@@ -263,11 +262,9 @@ static void __ksmbd_inode_close(struct ksmbd_file *fp) ...@@ -263,11 +262,9 @@ static void __ksmbd_inode_close(struct ksmbd_file *fp)
if (atomic_dec_and_test(&ci->m_count)) { if (atomic_dec_and_test(&ci->m_count)) {
write_lock(&ci->m_lock); write_lock(&ci->m_lock);
if (ci->m_flags & (S_DEL_ON_CLS | S_DEL_PENDING)) { if (ci->m_flags & (S_DEL_ON_CLS | S_DEL_PENDING)) {
dentry = filp->f_path.dentry;
dir = dentry->d_parent;
ci->m_flags &= ~(S_DEL_ON_CLS | S_DEL_PENDING); ci->m_flags &= ~(S_DEL_ON_CLS | S_DEL_PENDING);
write_unlock(&ci->m_lock); write_unlock(&ci->m_lock);
ksmbd_vfs_unlink(file_mnt_idmap(filp), dir, dentry); ksmbd_vfs_unlink(filp);
write_lock(&ci->m_lock); write_lock(&ci->m_lock);
} }
write_unlock(&ci->m_lock); write_unlock(&ci->m_lock);
......
...@@ -254,6 +254,7 @@ getname_kernel(const char * filename) ...@@ -254,6 +254,7 @@ getname_kernel(const char * filename)
return result; return result;
} }
EXPORT_SYMBOL(getname_kernel);
void putname(struct filename *name) void putname(struct filename *name)
{ {
...@@ -271,6 +272,7 @@ void putname(struct filename *name) ...@@ -271,6 +272,7 @@ void putname(struct filename *name)
} else } else
__putname(name); __putname(name);
} }
EXPORT_SYMBOL(putname);
/** /**
* check_acl - perform ACL permission checking * check_acl - perform ACL permission checking
...@@ -1581,8 +1583,9 @@ static struct dentry *lookup_dcache(const struct qstr *name, ...@@ -1581,8 +1583,9 @@ static struct dentry *lookup_dcache(const struct qstr *name,
* when directory is guaranteed to have no in-lookup children * when directory is guaranteed to have no in-lookup children
* at all. * at all.
*/ */
static struct dentry *__lookup_hash(const struct qstr *name, struct dentry *lookup_one_qstr_excl(const struct qstr *name,
struct dentry *base, unsigned int flags) struct dentry *base,
unsigned int flags)
{ {
struct dentry *dentry = lookup_dcache(name, base, flags); struct dentry *dentry = lookup_dcache(name, base, flags);
struct dentry *old; struct dentry *old;
...@@ -1606,6 +1609,7 @@ static struct dentry *__lookup_hash(const struct qstr *name, ...@@ -1606,6 +1609,7 @@ static struct dentry *__lookup_hash(const struct qstr *name,
} }
return dentry; return dentry;
} }
EXPORT_SYMBOL(lookup_one_qstr_excl);
static struct dentry *lookup_fast(struct nameidata *nd) static struct dentry *lookup_fast(struct nameidata *nd)
{ {
...@@ -2532,16 +2536,17 @@ static int path_parentat(struct nameidata *nd, unsigned flags, ...@@ -2532,16 +2536,17 @@ static int path_parentat(struct nameidata *nd, unsigned flags,
} }
/* Note: this does not consume "name" */ /* Note: this does not consume "name" */
static int filename_parentat(int dfd, struct filename *name, static int __filename_parentat(int dfd, struct filename *name,
unsigned int flags, struct path *parent, unsigned int flags, struct path *parent,
struct qstr *last, int *type) struct qstr *last, int *type,
const struct path *root)
{ {
int retval; int retval;
struct nameidata nd; struct nameidata nd;
if (IS_ERR(name)) if (IS_ERR(name))
return PTR_ERR(name); return PTR_ERR(name);
set_nameidata(&nd, dfd, name, NULL); set_nameidata(&nd, dfd, name, root);
retval = path_parentat(&nd, flags | LOOKUP_RCU, parent); retval = path_parentat(&nd, flags | LOOKUP_RCU, parent);
if (unlikely(retval == -ECHILD)) if (unlikely(retval == -ECHILD))
retval = path_parentat(&nd, flags, parent); retval = path_parentat(&nd, flags, parent);
...@@ -2556,6 +2561,13 @@ static int filename_parentat(int dfd, struct filename *name, ...@@ -2556,6 +2561,13 @@ static int filename_parentat(int dfd, struct filename *name,
return retval; return retval;
} }
static int filename_parentat(int dfd, struct filename *name,
unsigned int flags, struct path *parent,
struct qstr *last, int *type)
{
return __filename_parentat(dfd, name, flags, parent, last, type, NULL);
}
/* does lookup, returns the object with parent locked */ /* does lookup, returns the object with parent locked */
static struct dentry *__kern_path_locked(struct filename *name, struct path *path) static struct dentry *__kern_path_locked(struct filename *name, struct path *path)
{ {
...@@ -2571,7 +2583,7 @@ static struct dentry *__kern_path_locked(struct filename *name, struct path *pat ...@@ -2571,7 +2583,7 @@ static struct dentry *__kern_path_locked(struct filename *name, struct path *pat
return ERR_PTR(-EINVAL); return ERR_PTR(-EINVAL);
} }
inode_lock_nested(path->dentry->d_inode, I_MUTEX_PARENT); inode_lock_nested(path->dentry->d_inode, I_MUTEX_PARENT);
d = __lookup_hash(&last, path->dentry, 0); d = lookup_one_qstr_excl(&last, path->dentry, 0);
if (IS_ERR(d)) { if (IS_ERR(d)) {
inode_unlock(path->dentry->d_inode); inode_unlock(path->dentry->d_inode);
path_put(path); path_put(path);
...@@ -2599,6 +2611,24 @@ int kern_path(const char *name, unsigned int flags, struct path *path) ...@@ -2599,6 +2611,24 @@ int kern_path(const char *name, unsigned int flags, struct path *path)
} }
EXPORT_SYMBOL(kern_path); EXPORT_SYMBOL(kern_path);
/**
* vfs_path_parent_lookup - lookup a parent path relative to a dentry-vfsmount pair
* @filename: filename structure
* @flags: lookup flags
* @parent: pointer to struct path to fill
* @last: last component
* @type: type of the last component
* @root: pointer to struct path of the base directory
*/
int vfs_path_parent_lookup(struct filename *filename, unsigned int flags,
struct path *parent, struct qstr *last, int *type,
const struct path *root)
{
return __filename_parentat(AT_FDCWD, filename, flags, parent, last,
type, root);
}
EXPORT_SYMBOL(vfs_path_parent_lookup);
/** /**
* vfs_path_lookup - lookup a file path relative to a dentry-vfsmount pair * vfs_path_lookup - lookup a file path relative to a dentry-vfsmount pair
* @dentry: pointer to dentry of the base directory * @dentry: pointer to dentry of the base directory
...@@ -2980,20 +3010,10 @@ static inline int may_create(struct mnt_idmap *idmap, ...@@ -2980,20 +3010,10 @@ static inline int may_create(struct mnt_idmap *idmap,
return inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC); return inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC);
} }
/* static struct dentry *lock_two_directories(struct dentry *p1, struct dentry *p2)
* p1 and p2 should be directories on the same fs.
*/
struct dentry *lock_rename(struct dentry *p1, struct dentry *p2)
{ {
struct dentry *p; struct dentry *p;
if (p1 == p2) {
inode_lock_nested(p1->d_inode, I_MUTEX_PARENT);
return NULL;
}
mutex_lock(&p1->d_sb->s_vfs_rename_mutex);
p = d_ancestor(p2, p1); p = d_ancestor(p2, p1);
if (p) { if (p) {
inode_lock_nested(p2->d_inode, I_MUTEX_PARENT); inode_lock_nested(p2->d_inode, I_MUTEX_PARENT);
...@@ -3012,8 +3032,64 @@ struct dentry *lock_rename(struct dentry *p1, struct dentry *p2) ...@@ -3012,8 +3032,64 @@ struct dentry *lock_rename(struct dentry *p1, struct dentry *p2)
inode_lock_nested(p2->d_inode, I_MUTEX_PARENT2); inode_lock_nested(p2->d_inode, I_MUTEX_PARENT2);
return NULL; return NULL;
} }
/*
* p1 and p2 should be directories on the same fs.
*/
struct dentry *lock_rename(struct dentry *p1, struct dentry *p2)
{
if (p1 == p2) {
inode_lock_nested(p1->d_inode, I_MUTEX_PARENT);
return NULL;
}
mutex_lock(&p1->d_sb->s_vfs_rename_mutex);
return lock_two_directories(p1, p2);
}
EXPORT_SYMBOL(lock_rename); EXPORT_SYMBOL(lock_rename);
/*
* c1 and p2 should be on the same fs.
*/
struct dentry *lock_rename_child(struct dentry *c1, struct dentry *p2)
{
if (READ_ONCE(c1->d_parent) == p2) {
/*
* hopefully won't need to touch ->s_vfs_rename_mutex at all.
*/
inode_lock_nested(p2->d_inode, I_MUTEX_PARENT);
/*
* now that p2 is locked, nobody can move in or out of it,
* so the test below is safe.
*/
if (likely(c1->d_parent == p2))
return NULL;
/*
* c1 got moved out of p2 while we'd been taking locks;
* unlock and fall back to slow case.
*/
inode_unlock(p2->d_inode);
}
mutex_lock(&c1->d_sb->s_vfs_rename_mutex);
/*
* nobody can move out of any directories on this fs.
*/
if (likely(c1->d_parent != p2))
return lock_two_directories(c1->d_parent, p2);
/*
* c1 got moved into p2 while we were taking locks;
* we need p2 locked and ->s_vfs_rename_mutex unlocked,
* for consistency with lock_rename().
*/
inode_lock_nested(p2->d_inode, I_MUTEX_PARENT);
mutex_unlock(&c1->d_sb->s_vfs_rename_mutex);
return NULL;
}
EXPORT_SYMBOL(lock_rename_child);
void unlock_rename(struct dentry *p1, struct dentry *p2) void unlock_rename(struct dentry *p1, struct dentry *p2)
{ {
inode_unlock(p1->d_inode); inode_unlock(p1->d_inode);
...@@ -3806,7 +3882,8 @@ static struct dentry *filename_create(int dfd, struct filename *name, ...@@ -3806,7 +3882,8 @@ static struct dentry *filename_create(int dfd, struct filename *name,
if (last.name[last.len] && !want_dir) if (last.name[last.len] && !want_dir)
create_flags = 0; create_flags = 0;
inode_lock_nested(path->dentry->d_inode, I_MUTEX_PARENT); inode_lock_nested(path->dentry->d_inode, I_MUTEX_PARENT);
dentry = __lookup_hash(&last, path->dentry, reval_flag | create_flags); dentry = lookup_one_qstr_excl(&last, path->dentry,
reval_flag | create_flags);
if (IS_ERR(dentry)) if (IS_ERR(dentry))
goto unlock; goto unlock;
...@@ -4166,7 +4243,7 @@ int do_rmdir(int dfd, struct filename *name) ...@@ -4166,7 +4243,7 @@ int do_rmdir(int dfd, struct filename *name)
goto exit2; goto exit2;
inode_lock_nested(path.dentry->d_inode, I_MUTEX_PARENT); inode_lock_nested(path.dentry->d_inode, I_MUTEX_PARENT);
dentry = __lookup_hash(&last, path.dentry, lookup_flags); dentry = lookup_one_qstr_excl(&last, path.dentry, lookup_flags);
error = PTR_ERR(dentry); error = PTR_ERR(dentry);
if (IS_ERR(dentry)) if (IS_ERR(dentry))
goto exit3; goto exit3;
...@@ -4299,7 +4376,7 @@ int do_unlinkat(int dfd, struct filename *name) ...@@ -4299,7 +4376,7 @@ int do_unlinkat(int dfd, struct filename *name)
goto exit2; goto exit2;
retry_deleg: retry_deleg:
inode_lock_nested(path.dentry->d_inode, I_MUTEX_PARENT); inode_lock_nested(path.dentry->d_inode, I_MUTEX_PARENT);
dentry = __lookup_hash(&last, path.dentry, lookup_flags); dentry = lookup_one_qstr_excl(&last, path.dentry, lookup_flags);
error = PTR_ERR(dentry); error = PTR_ERR(dentry);
if (!IS_ERR(dentry)) { if (!IS_ERR(dentry)) {
...@@ -4863,7 +4940,8 @@ int do_renameat2(int olddfd, struct filename *from, int newdfd, ...@@ -4863,7 +4940,8 @@ int do_renameat2(int olddfd, struct filename *from, int newdfd,
retry_deleg: retry_deleg:
trap = lock_rename(new_path.dentry, old_path.dentry); trap = lock_rename(new_path.dentry, old_path.dentry);
old_dentry = __lookup_hash(&old_last, old_path.dentry, lookup_flags); old_dentry = lookup_one_qstr_excl(&old_last, old_path.dentry,
lookup_flags);
error = PTR_ERR(old_dentry); error = PTR_ERR(old_dentry);
if (IS_ERR(old_dentry)) if (IS_ERR(old_dentry))
goto exit3; goto exit3;
...@@ -4871,7 +4949,8 @@ int do_renameat2(int olddfd, struct filename *from, int newdfd, ...@@ -4871,7 +4949,8 @@ int do_renameat2(int olddfd, struct filename *from, int newdfd,
error = -ENOENT; error = -ENOENT;
if (d_is_negative(old_dentry)) if (d_is_negative(old_dentry))
goto exit4; goto exit4;
new_dentry = __lookup_hash(&new_last, new_path.dentry, lookup_flags | target_flags); new_dentry = lookup_one_qstr_excl(&new_last, new_path.dentry,
lookup_flags | target_flags);
error = PTR_ERR(new_dentry); error = PTR_ERR(new_dentry);
if (IS_ERR(new_dentry)) if (IS_ERR(new_dentry))
goto exit4; goto exit4;
......
...@@ -57,12 +57,20 @@ static inline int user_path_at(int dfd, const char __user *name, unsigned flags, ...@@ -57,12 +57,20 @@ static inline int user_path_at(int dfd, const char __user *name, unsigned flags,
return user_path_at_empty(dfd, name, flags, path, NULL); return user_path_at_empty(dfd, name, flags, path, NULL);
} }
struct dentry *lookup_one_qstr_excl(const struct qstr *name,
struct dentry *base,
unsigned int flags);
extern int kern_path(const char *, unsigned, struct path *); extern int kern_path(const char *, unsigned, struct path *);
extern struct dentry *kern_path_create(int, const char *, struct path *, unsigned int); extern struct dentry *kern_path_create(int, const char *, struct path *, unsigned int);
extern struct dentry *user_path_create(int, const char __user *, struct path *, unsigned int); extern struct dentry *user_path_create(int, const char __user *, struct path *, unsigned int);
extern void done_path_create(struct path *, struct dentry *); extern void done_path_create(struct path *, struct dentry *);
extern struct dentry *kern_path_locked(const char *, struct path *); extern struct dentry *kern_path_locked(const char *, struct path *);
int vfs_path_parent_lookup(struct filename *filename, unsigned int flags,
struct path *parent, struct qstr *last, int *type,
const struct path *root);
int vfs_path_lookup(struct dentry *, struct vfsmount *, const char *,
unsigned int, struct path *);
extern struct dentry *try_lookup_one_len(const char *, struct dentry *, int); extern struct dentry *try_lookup_one_len(const char *, struct dentry *, int);
extern struct dentry *lookup_one_len(const char *, struct dentry *, int); extern struct dentry *lookup_one_len(const char *, struct dentry *, int);
...@@ -81,6 +89,7 @@ extern int follow_down(struct path *path, unsigned int flags); ...@@ -81,6 +89,7 @@ extern int follow_down(struct path *path, unsigned int flags);
extern int follow_up(struct path *); extern int follow_up(struct path *);
extern struct dentry *lock_rename(struct dentry *, struct dentry *); extern struct dentry *lock_rename(struct dentry *, struct dentry *);
extern struct dentry *lock_rename_child(struct dentry *, struct dentry *);
extern void unlock_rename(struct dentry *, struct dentry *); extern void unlock_rename(struct dentry *, struct dentry *);
extern int __must_check nd_jump_link(const struct path *path); extern int __must_check nd_jump_link(const struct path *path);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment