1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* -*- mode: c; c-basic-offset: 8; -*-
3 * vim: noexpandtab sw=8 ts=8 sts=0:
4 *
5 * dir.c - Operations for configfs directories.
6 *
7 * Based on sysfs:
8 * sysfs is Copyright (C) 2001, 2002, 2003 Patrick Mochel
9 *
10 * configfs Copyright (C) 2005 Oracle. All rights reserved.
11 */
12
13 #undef DEBUG
14
15 #include <linux/fs.h>
16 #include <linux/fsnotify.h>
17 #include <linux/mount.h>
18 #include <linux/module.h>
19 #include <linux/slab.h>
20 #include <linux/err.h>
21
22 #include <linux/configfs.h>
23 #include "configfs_internal.h"
24
25 /*
26 * Protects mutations of configfs_dirent linkage together with proper i_mutex
27 * Also protects mutations of symlinks linkage to target configfs_dirent
28 * Mutators of configfs_dirent linkage must *both* have the proper inode locked
29 * and configfs_dirent_lock locked, in that order.
30 * This allows one to safely traverse configfs_dirent trees and symlinks without
31 * having to lock inodes.
32 *
33 * Protects setting of CONFIGFS_USET_DROPPING: checking the flag
34 * unlocked is not reliable unless in detach_groups() called from
35 * rmdir()/unregister() and from configfs_attach_group()
36 */
37 DEFINE_SPINLOCK(configfs_dirent_lock);
38
39 /*
40 * All of link_obj/unlink_obj/link_group/unlink_group require that
41 * subsys->su_mutex is held.
42 * But parent configfs_subsystem is NULL when config_item is root.
43 * Use this mutex when config_item is root.
44 */
45 static DEFINE_MUTEX(configfs_subsystem_mutex);
46
configfs_d_iput(struct dentry * dentry,struct inode * inode)47 static void configfs_d_iput(struct dentry * dentry,
48 struct inode * inode)
49 {
50 struct configfs_dirent *sd = dentry->d_fsdata;
51
52 if (sd) {
53 /* Coordinate with configfs_readdir */
54 spin_lock(&configfs_dirent_lock);
55 /*
56 * Set sd->s_dentry to null only when this dentry is the one
57 * that is going to be killed. Otherwise configfs_d_iput may
58 * run just after configfs_attach_attr and set sd->s_dentry to
59 * NULL even it's still in use.
60 */
61 if (sd->s_dentry == dentry)
62 sd->s_dentry = NULL;
63
64 spin_unlock(&configfs_dirent_lock);
65 configfs_put(sd);
66 }
67 iput(inode);
68 }
69
70 const struct dentry_operations configfs_dentry_ops = {
71 .d_iput = configfs_d_iput,
72 .d_delete = always_delete_dentry,
73 };
74
75 #ifdef CONFIG_LOCKDEP
76
77 /*
78 * Helpers to make lockdep happy with our recursive locking of default groups'
79 * inodes (see configfs_attach_group() and configfs_detach_group()).
80 * We put default groups i_mutexes in separate classes according to their depth
81 * from the youngest non-default group ancestor.
82 *
83 * For a non-default group A having default groups A/B, A/C, and A/C/D, default
84 * groups A/B and A/C will have their inode's mutex in class
85 * default_group_class[0], and default group A/C/D will be in
86 * default_group_class[1].
87 *
88 * The lock classes are declared and assigned in inode.c, according to the
89 * s_depth value.
90 * The s_depth value is initialized to -1, adjusted to >= 0 when attaching
91 * default groups, and reset to -1 when all default groups are attached. During
92 * attachment, if configfs_create() sees s_depth > 0, the lock class of the new
93 * inode's mutex is set to default_group_class[s_depth - 1].
94 */
95
configfs_init_dirent_depth(struct configfs_dirent * sd)96 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
97 {
98 sd->s_depth = -1;
99 }
100
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)101 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
102 struct configfs_dirent *sd)
103 {
104 int parent_depth = parent_sd->s_depth;
105
106 if (parent_depth >= 0)
107 sd->s_depth = parent_depth + 1;
108 }
109
110 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)111 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
112 {
113 /*
114 * item's i_mutex class is already setup, so s_depth is now only
115 * used to set new sub-directories s_depth, which is always done
116 * with item's i_mutex locked.
117 */
118 /*
119 * sd->s_depth == -1 iff we are a non default group.
120 * else (we are a default group) sd->s_depth > 0 (see
121 * create_dir()).
122 */
123 if (sd->s_depth == -1)
124 /*
125 * We are a non default group and we are going to create
126 * default groups.
127 */
128 sd->s_depth = 0;
129 }
130
131 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)132 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
133 {
134 /* We will not create default groups anymore. */
135 sd->s_depth = -1;
136 }
137
138 #else /* CONFIG_LOCKDEP */
139
configfs_init_dirent_depth(struct configfs_dirent * sd)140 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
141 {
142 }
143
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)144 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
145 struct configfs_dirent *sd)
146 {
147 }
148
149 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)150 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
151 {
152 }
153
154 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)155 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
156 {
157 }
158
159 #endif /* CONFIG_LOCKDEP */
160
new_fragment(void)161 static struct configfs_fragment *new_fragment(void)
162 {
163 struct configfs_fragment *p;
164
165 p = kmalloc(sizeof(struct configfs_fragment), GFP_KERNEL);
166 if (p) {
167 atomic_set(&p->frag_count, 1);
168 init_rwsem(&p->frag_sem);
169 p->frag_dead = false;
170 }
171 return p;
172 }
173
put_fragment(struct configfs_fragment * frag)174 void put_fragment(struct configfs_fragment *frag)
175 {
176 if (frag && atomic_dec_and_test(&frag->frag_count))
177 kfree(frag);
178 }
179
get_fragment(struct configfs_fragment * frag)180 struct configfs_fragment *get_fragment(struct configfs_fragment *frag)
181 {
182 if (likely(frag))
183 atomic_inc(&frag->frag_count);
184 return frag;
185 }
186
187 /*
188 * Allocates a new configfs_dirent and links it to the parent configfs_dirent
189 */
configfs_new_dirent(struct configfs_dirent * parent_sd,void * element,int type,struct configfs_fragment * frag)190 static struct configfs_dirent *configfs_new_dirent(struct configfs_dirent *parent_sd,
191 void *element, int type,
192 struct configfs_fragment *frag)
193 {
194 struct configfs_dirent * sd;
195
196 sd = kmem_cache_zalloc(configfs_dir_cachep, GFP_KERNEL);
197 if (!sd)
198 return ERR_PTR(-ENOMEM);
199
200 atomic_set(&sd->s_count, 1);
201 INIT_LIST_HEAD(&sd->s_children);
202 sd->s_element = element;
203 sd->s_type = type;
204 configfs_init_dirent_depth(sd);
205 spin_lock(&configfs_dirent_lock);
206 if (parent_sd->s_type & CONFIGFS_USET_DROPPING) {
207 spin_unlock(&configfs_dirent_lock);
208 kmem_cache_free(configfs_dir_cachep, sd);
209 return ERR_PTR(-ENOENT);
210 }
211 sd->s_frag = get_fragment(frag);
212 list_add(&sd->s_sibling, &parent_sd->s_children);
213 spin_unlock(&configfs_dirent_lock);
214
215 return sd;
216 }
217
218 /*
219 *
220 * Return -EEXIST if there is already a configfs element with the same
221 * name for the same parent.
222 *
223 * called with parent inode's i_mutex held
224 */
configfs_dirent_exists(struct configfs_dirent * parent_sd,const unsigned char * new)225 static int configfs_dirent_exists(struct configfs_dirent *parent_sd,
226 const unsigned char *new)
227 {
228 struct configfs_dirent * sd;
229
230 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
231 if (sd->s_element) {
232 const unsigned char *existing = configfs_get_name(sd);
233 if (strcmp(existing, new))
234 continue;
235 else
236 return -EEXIST;
237 }
238 }
239
240 return 0;
241 }
242
243
configfs_make_dirent(struct configfs_dirent * parent_sd,struct dentry * dentry,void * element,umode_t mode,int type,struct configfs_fragment * frag)244 int configfs_make_dirent(struct configfs_dirent * parent_sd,
245 struct dentry * dentry, void * element,
246 umode_t mode, int type, struct configfs_fragment *frag)
247 {
248 struct configfs_dirent * sd;
249
250 sd = configfs_new_dirent(parent_sd, element, type, frag);
251 if (IS_ERR(sd))
252 return PTR_ERR(sd);
253
254 sd->s_mode = mode;
255 sd->s_dentry = dentry;
256 if (dentry)
257 dentry->d_fsdata = configfs_get(sd);
258
259 return 0;
260 }
261
configfs_remove_dirent(struct dentry * dentry)262 static void configfs_remove_dirent(struct dentry *dentry)
263 {
264 struct configfs_dirent *sd = dentry->d_fsdata;
265
266 if (!sd)
267 return;
268 spin_lock(&configfs_dirent_lock);
269 list_del_init(&sd->s_sibling);
270 spin_unlock(&configfs_dirent_lock);
271 configfs_put(sd);
272 }
273
274 /**
275 * configfs_create_dir - create a directory for an config_item.
276 * @item: config_itemwe're creating directory for.
277 * @dentry: config_item's dentry.
278 *
279 * Note: user-created entries won't be allowed under this new directory
280 * until it is validated by configfs_dir_set_ready()
281 */
282
configfs_create_dir(struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)283 static int configfs_create_dir(struct config_item *item, struct dentry *dentry,
284 struct configfs_fragment *frag)
285 {
286 int error;
287 umode_t mode = S_IFDIR| S_IRWXU | S_IRUGO | S_IXUGO;
288 struct dentry *p = dentry->d_parent;
289 struct inode *inode;
290
291 BUG_ON(!item);
292
293 error = configfs_dirent_exists(p->d_fsdata, dentry->d_name.name);
294 if (unlikely(error))
295 return error;
296
297 error = configfs_make_dirent(p->d_fsdata, dentry, item, mode,
298 CONFIGFS_DIR | CONFIGFS_USET_CREATING,
299 frag);
300 if (unlikely(error))
301 return error;
302
303 configfs_set_dir_dirent_depth(p->d_fsdata, dentry->d_fsdata);
304 inode = configfs_create(dentry, mode);
305 if (IS_ERR(inode))
306 goto out_remove;
307
308 inode->i_op = &configfs_dir_inode_operations;
309 inode->i_fop = &configfs_dir_operations;
310 /* directory inodes start off with i_nlink == 2 (for "." entry) */
311 inc_nlink(inode);
312 d_instantiate(dentry, inode);
313 /* already hashed */
314 dget(dentry); /* pin directory dentries in core */
315 inc_nlink(d_inode(p));
316 item->ci_dentry = dentry;
317 return 0;
318
319 out_remove:
320 configfs_remove_dirent(dentry);
321 return PTR_ERR(inode);
322 }
323
324 /*
325 * Allow userspace to create new entries under a new directory created with
326 * configfs_create_dir(), and under all of its chidlren directories recursively.
327 * @sd configfs_dirent of the new directory to validate
328 *
329 * Caller must hold configfs_dirent_lock.
330 */
configfs_dir_set_ready(struct configfs_dirent * sd)331 static void configfs_dir_set_ready(struct configfs_dirent *sd)
332 {
333 struct configfs_dirent *child_sd;
334
335 sd->s_type &= ~CONFIGFS_USET_CREATING;
336 list_for_each_entry(child_sd, &sd->s_children, s_sibling)
337 if (child_sd->s_type & CONFIGFS_USET_CREATING)
338 configfs_dir_set_ready(child_sd);
339 }
340
341 /*
342 * Check that a directory does not belong to a directory hierarchy being
343 * attached and not validated yet.
344 * @sd configfs_dirent of the directory to check
345 *
346 * @return non-zero iff the directory was validated
347 *
348 * Note: takes configfs_dirent_lock, so the result may change from false to true
349 * in two consecutive calls, but never from true to false.
350 */
configfs_dirent_is_ready(struct configfs_dirent * sd)351 int configfs_dirent_is_ready(struct configfs_dirent *sd)
352 {
353 int ret;
354
355 spin_lock(&configfs_dirent_lock);
356 ret = !(sd->s_type & CONFIGFS_USET_CREATING);
357 spin_unlock(&configfs_dirent_lock);
358
359 return ret;
360 }
361
configfs_create_link(struct configfs_dirent * target,struct dentry * parent,struct dentry * dentry,char * body)362 int configfs_create_link(struct configfs_dirent *target, struct dentry *parent,
363 struct dentry *dentry, char *body)
364 {
365 int err = 0;
366 umode_t mode = S_IFLNK | S_IRWXUGO;
367 struct configfs_dirent *p = parent->d_fsdata;
368 struct inode *inode;
369
370 err = configfs_make_dirent(p, dentry, target, mode, CONFIGFS_ITEM_LINK,
371 p->s_frag);
372 if (err)
373 return err;
374
375 inode = configfs_create(dentry, mode);
376 if (IS_ERR(inode))
377 goto out_remove;
378
379 inode->i_link = body;
380 inode->i_op = &configfs_symlink_inode_operations;
381 d_instantiate(dentry, inode);
382 dget(dentry); /* pin link dentries in core */
383 return 0;
384
385 out_remove:
386 configfs_remove_dirent(dentry);
387 return PTR_ERR(inode);
388 }
389
remove_dir(struct dentry * d)390 static void remove_dir(struct dentry * d)
391 {
392 struct dentry * parent = dget(d->d_parent);
393
394 configfs_remove_dirent(d);
395
396 if (d_really_is_positive(d))
397 simple_rmdir(d_inode(parent),d);
398
399 pr_debug(" o %pd removing done (%d)\n", d, d_count(d));
400
401 dput(parent);
402 }
403
404 /**
405 * configfs_remove_dir - remove an config_item's directory.
406 * @item: config_item we're removing.
407 *
408 * The only thing special about this is that we remove any files in
409 * the directory before we remove the directory, and we've inlined
410 * what used to be configfs_rmdir() below, instead of calling separately.
411 *
412 * Caller holds the mutex of the item's inode
413 */
414
configfs_remove_dir(struct config_item * item)415 static void configfs_remove_dir(struct config_item * item)
416 {
417 struct dentry * dentry = dget(item->ci_dentry);
418
419 if (!dentry)
420 return;
421
422 remove_dir(dentry);
423 /**
424 * Drop reference from dget() on entrance.
425 */
426 dput(dentry);
427 }
428
429
430 /* attaches attribute's configfs_dirent to the dentry corresponding to the
431 * attribute file
432 */
configfs_attach_attr(struct configfs_dirent * sd,struct dentry * dentry)433 static int configfs_attach_attr(struct configfs_dirent * sd, struct dentry * dentry)
434 {
435 struct configfs_attribute * attr = sd->s_element;
436 struct inode *inode;
437
438 spin_lock(&configfs_dirent_lock);
439 dentry->d_fsdata = configfs_get(sd);
440 sd->s_dentry = dentry;
441 spin_unlock(&configfs_dirent_lock);
442
443 inode = configfs_create(dentry, (attr->ca_mode & S_IALLUGO) | S_IFREG);
444 if (IS_ERR(inode)) {
445 configfs_put(sd);
446 return PTR_ERR(inode);
447 }
448 if (sd->s_type & CONFIGFS_ITEM_BIN_ATTR) {
449 inode->i_size = 0;
450 inode->i_fop = &configfs_bin_file_operations;
451 } else {
452 inode->i_size = PAGE_SIZE;
453 inode->i_fop = &configfs_file_operations;
454 }
455 d_add(dentry, inode);
456 return 0;
457 }
458
configfs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)459 static struct dentry * configfs_lookup(struct inode *dir,
460 struct dentry *dentry,
461 unsigned int flags)
462 {
463 struct configfs_dirent * parent_sd = dentry->d_parent->d_fsdata;
464 struct configfs_dirent * sd;
465 int found = 0;
466 int err;
467
468 /*
469 * Fake invisibility if dir belongs to a group/default groups hierarchy
470 * being attached
471 *
472 * This forbids userspace to read/write attributes of items which may
473 * not complete their initialization, since the dentries of the
474 * attributes won't be instantiated.
475 */
476 err = -ENOENT;
477 if (!configfs_dirent_is_ready(parent_sd))
478 goto out;
479
480 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
481 if (sd->s_type & CONFIGFS_NOT_PINNED) {
482 const unsigned char * name = configfs_get_name(sd);
483
484 if (strcmp(name, dentry->d_name.name))
485 continue;
486
487 found = 1;
488 err = configfs_attach_attr(sd, dentry);
489 break;
490 }
491 }
492
493 if (!found) {
494 /*
495 * If it doesn't exist and it isn't a NOT_PINNED item,
496 * it must be negative.
497 */
498 if (dentry->d_name.len > NAME_MAX)
499 return ERR_PTR(-ENAMETOOLONG);
500 d_add(dentry, NULL);
501 return NULL;
502 }
503
504 out:
505 return ERR_PTR(err);
506 }
507
508 /*
509 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
510 * attributes and are removed by rmdir(). We recurse, setting
511 * CONFIGFS_USET_DROPPING on all children that are candidates for
512 * default detach.
513 * If there is an error, the caller will reset the flags via
514 * configfs_detach_rollback().
515 */
configfs_detach_prep(struct dentry * dentry,struct dentry ** wait)516 static int configfs_detach_prep(struct dentry *dentry, struct dentry **wait)
517 {
518 struct configfs_dirent *parent_sd = dentry->d_fsdata;
519 struct configfs_dirent *sd;
520 int ret;
521
522 /* Mark that we're trying to drop the group */
523 parent_sd->s_type |= CONFIGFS_USET_DROPPING;
524
525 ret = -EBUSY;
526 if (parent_sd->s_links)
527 goto out;
528
529 ret = 0;
530 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
531 if (!sd->s_element ||
532 (sd->s_type & CONFIGFS_NOT_PINNED))
533 continue;
534 if (sd->s_type & CONFIGFS_USET_DEFAULT) {
535 /* Abort if racing with mkdir() */
536 if (sd->s_type & CONFIGFS_USET_IN_MKDIR) {
537 if (wait)
538 *wait= dget(sd->s_dentry);
539 return -EAGAIN;
540 }
541
542 /*
543 * Yup, recursive. If there's a problem, blame
544 * deep nesting of default_groups
545 */
546 ret = configfs_detach_prep(sd->s_dentry, wait);
547 if (!ret)
548 continue;
549 } else
550 ret = -ENOTEMPTY;
551
552 break;
553 }
554
555 out:
556 return ret;
557 }
558
559 /*
560 * Walk the tree, resetting CONFIGFS_USET_DROPPING wherever it was
561 * set.
562 */
configfs_detach_rollback(struct dentry * dentry)563 static void configfs_detach_rollback(struct dentry *dentry)
564 {
565 struct configfs_dirent *parent_sd = dentry->d_fsdata;
566 struct configfs_dirent *sd;
567
568 parent_sd->s_type &= ~CONFIGFS_USET_DROPPING;
569
570 list_for_each_entry(sd, &parent_sd->s_children, s_sibling)
571 if (sd->s_type & CONFIGFS_USET_DEFAULT)
572 configfs_detach_rollback(sd->s_dentry);
573 }
574
detach_attrs(struct config_item * item)575 static void detach_attrs(struct config_item * item)
576 {
577 struct dentry * dentry = dget(item->ci_dentry);
578 struct configfs_dirent * parent_sd;
579 struct configfs_dirent * sd, * tmp;
580
581 if (!dentry)
582 return;
583
584 pr_debug("configfs %s: dropping attrs for dir\n",
585 dentry->d_name.name);
586
587 parent_sd = dentry->d_fsdata;
588 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
589 if (!sd->s_element || !(sd->s_type & CONFIGFS_NOT_PINNED))
590 continue;
591 spin_lock(&configfs_dirent_lock);
592 list_del_init(&sd->s_sibling);
593 spin_unlock(&configfs_dirent_lock);
594 configfs_drop_dentry(sd, dentry);
595 configfs_put(sd);
596 }
597
598 /**
599 * Drop reference from dget() on entrance.
600 */
601 dput(dentry);
602 }
603
populate_attrs(struct config_item * item)604 static int populate_attrs(struct config_item *item)
605 {
606 const struct config_item_type *t = item->ci_type;
607 struct configfs_attribute *attr;
608 struct configfs_bin_attribute *bin_attr;
609 int error = 0;
610 int i;
611
612 if (!t)
613 return -EINVAL;
614 if (t->ct_attrs) {
615 for (i = 0; (attr = t->ct_attrs[i]) != NULL; i++) {
616 if ((error = configfs_create_file(item, attr)))
617 break;
618 }
619 }
620 if (t->ct_bin_attrs) {
621 for (i = 0; (bin_attr = t->ct_bin_attrs[i]) != NULL; i++) {
622 error = configfs_create_bin_file(item, bin_attr);
623 if (error)
624 break;
625 }
626 }
627
628 if (error)
629 detach_attrs(item);
630
631 return error;
632 }
633
634 static int configfs_attach_group(struct config_item *parent_item,
635 struct config_item *item,
636 struct dentry *dentry,
637 struct configfs_fragment *frag);
638 static void configfs_detach_group(struct config_item *item);
639
detach_groups(struct config_group * group)640 static void detach_groups(struct config_group *group)
641 {
642 struct dentry * dentry = dget(group->cg_item.ci_dentry);
643 struct dentry *child;
644 struct configfs_dirent *parent_sd;
645 struct configfs_dirent *sd, *tmp;
646
647 if (!dentry)
648 return;
649
650 parent_sd = dentry->d_fsdata;
651 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
652 if (!sd->s_element ||
653 !(sd->s_type & CONFIGFS_USET_DEFAULT))
654 continue;
655
656 child = sd->s_dentry;
657
658 inode_lock(d_inode(child));
659
660 configfs_detach_group(sd->s_element);
661 d_inode(child)->i_flags |= S_DEAD;
662 dont_mount(child);
663
664 inode_unlock(d_inode(child));
665
666 d_delete(child);
667 dput(child);
668 }
669
670 /**
671 * Drop reference from dget() on entrance.
672 */
673 dput(dentry);
674 }
675
676 /*
677 * This fakes mkdir(2) on a default_groups[] entry. It
678 * creates a dentry, attachs it, and then does fixup
679 * on the sd->s_type.
680 *
681 * We could, perhaps, tweak our parent's ->mkdir for a minute and
682 * try using vfs_mkdir. Just a thought.
683 */
create_default_group(struct config_group * parent_group,struct config_group * group,struct configfs_fragment * frag)684 static int create_default_group(struct config_group *parent_group,
685 struct config_group *group,
686 struct configfs_fragment *frag)
687 {
688 int ret;
689 struct configfs_dirent *sd;
690 /* We trust the caller holds a reference to parent */
691 struct dentry *child, *parent = parent_group->cg_item.ci_dentry;
692
693 if (!group->cg_item.ci_name)
694 group->cg_item.ci_name = group->cg_item.ci_namebuf;
695
696 ret = -ENOMEM;
697 child = d_alloc_name(parent, group->cg_item.ci_name);
698 if (child) {
699 d_add(child, NULL);
700
701 ret = configfs_attach_group(&parent_group->cg_item,
702 &group->cg_item, child, frag);
703 if (!ret) {
704 sd = child->d_fsdata;
705 sd->s_type |= CONFIGFS_USET_DEFAULT;
706 } else {
707 BUG_ON(d_inode(child));
708 d_drop(child);
709 dput(child);
710 }
711 }
712
713 return ret;
714 }
715
populate_groups(struct config_group * group,struct configfs_fragment * frag)716 static int populate_groups(struct config_group *group,
717 struct configfs_fragment *frag)
718 {
719 struct config_group *new_group;
720 int ret = 0;
721
722 list_for_each_entry(new_group, &group->default_groups, group_entry) {
723 ret = create_default_group(group, new_group, frag);
724 if (ret) {
725 detach_groups(group);
726 break;
727 }
728 }
729
730 return ret;
731 }
732
configfs_remove_default_groups(struct config_group * group)733 void configfs_remove_default_groups(struct config_group *group)
734 {
735 struct config_group *g, *n;
736
737 list_for_each_entry_safe(g, n, &group->default_groups, group_entry) {
738 list_del(&g->group_entry);
739 config_item_put(&g->cg_item);
740 }
741 }
742 EXPORT_SYMBOL(configfs_remove_default_groups);
743
744 /*
745 * All of link_obj/unlink_obj/link_group/unlink_group require that
746 * subsys->su_mutex is held.
747 */
748
unlink_obj(struct config_item * item)749 static void unlink_obj(struct config_item *item)
750 {
751 struct config_group *group;
752
753 group = item->ci_group;
754 if (group) {
755 list_del_init(&item->ci_entry);
756
757 item->ci_group = NULL;
758 item->ci_parent = NULL;
759
760 /* Drop the reference for ci_entry */
761 config_item_put(item);
762
763 /* Drop the reference for ci_parent */
764 config_group_put(group);
765 }
766 }
767
link_obj(struct config_item * parent_item,struct config_item * item)768 static void link_obj(struct config_item *parent_item, struct config_item *item)
769 {
770 /*
771 * Parent seems redundant with group, but it makes certain
772 * traversals much nicer.
773 */
774 item->ci_parent = parent_item;
775
776 /*
777 * We hold a reference on the parent for the child's ci_parent
778 * link.
779 */
780 item->ci_group = config_group_get(to_config_group(parent_item));
781 list_add_tail(&item->ci_entry, &item->ci_group->cg_children);
782
783 /*
784 * We hold a reference on the child for ci_entry on the parent's
785 * cg_children
786 */
787 config_item_get(item);
788 }
789
unlink_group(struct config_group * group)790 static void unlink_group(struct config_group *group)
791 {
792 struct config_group *new_group;
793
794 list_for_each_entry(new_group, &group->default_groups, group_entry)
795 unlink_group(new_group);
796
797 group->cg_subsys = NULL;
798 unlink_obj(&group->cg_item);
799 }
800
link_group(struct config_group * parent_group,struct config_group * group)801 static void link_group(struct config_group *parent_group, struct config_group *group)
802 {
803 struct config_group *new_group;
804 struct configfs_subsystem *subsys = NULL; /* gcc is a turd */
805
806 link_obj(&parent_group->cg_item, &group->cg_item);
807
808 if (parent_group->cg_subsys)
809 subsys = parent_group->cg_subsys;
810 else if (configfs_is_root(&parent_group->cg_item))
811 subsys = to_configfs_subsystem(group);
812 else
813 BUG();
814 group->cg_subsys = subsys;
815
816 list_for_each_entry(new_group, &group->default_groups, group_entry)
817 link_group(group, new_group);
818 }
819
820 /*
821 * The goal is that configfs_attach_item() (and
822 * configfs_attach_group()) can be called from either the VFS or this
823 * module. That is, they assume that the items have been created,
824 * the dentry allocated, and the dcache is all ready to go.
825 *
826 * If they fail, they must clean up after themselves as if they
827 * had never been called. The caller (VFS or local function) will
828 * handle cleaning up the dcache bits.
829 *
830 * configfs_detach_group() and configfs_detach_item() behave similarly on
831 * the way out. They assume that the proper semaphores are held, they
832 * clean up the configfs items, and they expect their callers will
833 * handle the dcache bits.
834 */
configfs_attach_item(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)835 static int configfs_attach_item(struct config_item *parent_item,
836 struct config_item *item,
837 struct dentry *dentry,
838 struct configfs_fragment *frag)
839 {
840 int ret;
841
842 ret = configfs_create_dir(item, dentry, frag);
843 if (!ret) {
844 ret = populate_attrs(item);
845 if (ret) {
846 /*
847 * We are going to remove an inode and its dentry but
848 * the VFS may already have hit and used them. Thus,
849 * we must lock them as rmdir() would.
850 */
851 inode_lock(d_inode(dentry));
852 configfs_remove_dir(item);
853 d_inode(dentry)->i_flags |= S_DEAD;
854 dont_mount(dentry);
855 inode_unlock(d_inode(dentry));
856 d_delete(dentry);
857 }
858 }
859
860 return ret;
861 }
862
863 /* Caller holds the mutex of the item's inode */
configfs_detach_item(struct config_item * item)864 static void configfs_detach_item(struct config_item *item)
865 {
866 detach_attrs(item);
867 configfs_remove_dir(item);
868 }
869
configfs_attach_group(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)870 static int configfs_attach_group(struct config_item *parent_item,
871 struct config_item *item,
872 struct dentry *dentry,
873 struct configfs_fragment *frag)
874 {
875 int ret;
876 struct configfs_dirent *sd;
877
878 ret = configfs_attach_item(parent_item, item, dentry, frag);
879 if (!ret) {
880 sd = dentry->d_fsdata;
881 sd->s_type |= CONFIGFS_USET_DIR;
882
883 /*
884 * FYI, we're faking mkdir in populate_groups()
885 * We must lock the group's inode to avoid races with the VFS
886 * which can already hit the inode and try to add/remove entries
887 * under it.
888 *
889 * We must also lock the inode to remove it safely in case of
890 * error, as rmdir() would.
891 */
892 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
893 configfs_adjust_dir_dirent_depth_before_populate(sd);
894 ret = populate_groups(to_config_group(item), frag);
895 if (ret) {
896 configfs_detach_item(item);
897 d_inode(dentry)->i_flags |= S_DEAD;
898 dont_mount(dentry);
899 }
900 configfs_adjust_dir_dirent_depth_after_populate(sd);
901 inode_unlock(d_inode(dentry));
902 if (ret)
903 d_delete(dentry);
904 }
905
906 return ret;
907 }
908
909 /* Caller holds the mutex of the group's inode */
configfs_detach_group(struct config_item * item)910 static void configfs_detach_group(struct config_item *item)
911 {
912 detach_groups(to_config_group(item));
913 configfs_detach_item(item);
914 }
915
916 /*
917 * After the item has been detached from the filesystem view, we are
918 * ready to tear it out of the hierarchy. Notify the client before
919 * we do that so they can perform any cleanup that requires
920 * navigating the hierarchy. A client does not need to provide this
921 * callback. The subsystem semaphore MUST be held by the caller, and
922 * references must be valid for both items. It also assumes the
923 * caller has validated ci_type.
924 */
client_disconnect_notify(struct config_item * parent_item,struct config_item * item)925 static void client_disconnect_notify(struct config_item *parent_item,
926 struct config_item *item)
927 {
928 const struct config_item_type *type;
929
930 type = parent_item->ci_type;
931 BUG_ON(!type);
932
933 if (type->ct_group_ops && type->ct_group_ops->disconnect_notify)
934 type->ct_group_ops->disconnect_notify(to_config_group(parent_item),
935 item);
936 }
937
938 /*
939 * Drop the initial reference from make_item()/make_group()
940 * This function assumes that reference is held on item
941 * and that item holds a valid reference to the parent. Also, it
942 * assumes the caller has validated ci_type.
943 */
client_drop_item(struct config_item * parent_item,struct config_item * item)944 static void client_drop_item(struct config_item *parent_item,
945 struct config_item *item)
946 {
947 const struct config_item_type *type;
948
949 type = parent_item->ci_type;
950 BUG_ON(!type);
951
952 /*
953 * If ->drop_item() exists, it is responsible for the
954 * config_item_put().
955 */
956 if (type->ct_group_ops && type->ct_group_ops->drop_item)
957 type->ct_group_ops->drop_item(to_config_group(parent_item),
958 item);
959 else
960 config_item_put(item);
961 }
962
963 #ifdef DEBUG
configfs_dump_one(struct configfs_dirent * sd,int level)964 static void configfs_dump_one(struct configfs_dirent *sd, int level)
965 {
966 pr_info("%*s\"%s\":\n", level, " ", configfs_get_name(sd));
967
968 #define type_print(_type) if (sd->s_type & _type) pr_info("%*s %s\n", level, " ", #_type);
969 type_print(CONFIGFS_ROOT);
970 type_print(CONFIGFS_DIR);
971 type_print(CONFIGFS_ITEM_ATTR);
972 type_print(CONFIGFS_ITEM_LINK);
973 type_print(CONFIGFS_USET_DIR);
974 type_print(CONFIGFS_USET_DEFAULT);
975 type_print(CONFIGFS_USET_DROPPING);
976 #undef type_print
977 }
978
configfs_dump(struct configfs_dirent * sd,int level)979 static int configfs_dump(struct configfs_dirent *sd, int level)
980 {
981 struct configfs_dirent *child_sd;
982 int ret = 0;
983
984 configfs_dump_one(sd, level);
985
986 if (!(sd->s_type & (CONFIGFS_DIR|CONFIGFS_ROOT)))
987 return 0;
988
989 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
990 ret = configfs_dump(child_sd, level + 2);
991 if (ret)
992 break;
993 }
994
995 return ret;
996 }
997 #endif
998
999
1000 /*
1001 * configfs_depend_item() and configfs_undepend_item()
1002 *
1003 * WARNING: Do not call these from a configfs callback!
1004 *
1005 * This describes these functions and their helpers.
1006 *
1007 * Allow another kernel system to depend on a config_item. If this
1008 * happens, the item cannot go away until the dependent can live without
1009 * it. The idea is to give client modules as simple an interface as
1010 * possible. When a system asks them to depend on an item, they just
1011 * call configfs_depend_item(). If the item is live and the client
1012 * driver is in good shape, we'll happily do the work for them.
1013 *
1014 * Why is the locking complex? Because configfs uses the VFS to handle
1015 * all locking, but this function is called outside the normal
1016 * VFS->configfs path. So it must take VFS locks to prevent the
1017 * VFS->configfs stuff (configfs_mkdir(), configfs_rmdir(), etc). This is
1018 * why you can't call these functions underneath configfs callbacks.
1019 *
1020 * Note, btw, that this can be called at *any* time, even when a configfs
1021 * subsystem isn't registered, or when configfs is loading or unloading.
1022 * Just like configfs_register_subsystem(). So we take the same
1023 * precautions. We pin the filesystem. We lock configfs_dirent_lock.
1024 * If we can find the target item in the
1025 * configfs tree, it must be part of the subsystem tree as well, so we
1026 * do not need the subsystem semaphore. Holding configfs_dirent_lock helps
1027 * locking out mkdir() and rmdir(), who might be racing us.
1028 */
1029
1030 /*
1031 * configfs_depend_prep()
1032 *
1033 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
1034 * attributes. This is similar but not the same to configfs_detach_prep().
1035 * Note that configfs_detach_prep() expects the parent to be locked when it
1036 * is called, but we lock the parent *inside* configfs_depend_prep(). We
1037 * do that so we can unlock it if we find nothing.
1038 *
1039 * Here we do a depth-first search of the dentry hierarchy looking for
1040 * our object.
1041 * We deliberately ignore items tagged as dropping since they are virtually
1042 * dead, as well as items in the middle of attachment since they virtually
1043 * do not exist yet. This completes the locking out of racing mkdir() and
1044 * rmdir().
1045 * Note: subdirectories in the middle of attachment start with s_type =
1046 * CONFIGFS_DIR|CONFIGFS_USET_CREATING set by create_dir(). When
1047 * CONFIGFS_USET_CREATING is set, we ignore the item. The actual set of
1048 * s_type is in configfs_new_dirent(), which has configfs_dirent_lock.
1049 *
1050 * If the target is not found, -ENOENT is bubbled up.
1051 *
1052 * This adds a requirement that all config_items be unique!
1053 *
1054 * This is recursive. There isn't
1055 * much on the stack, though, so folks that need this function - be careful
1056 * about your stack! Patches will be accepted to make it iterative.
1057 */
configfs_depend_prep(struct dentry * origin,struct config_item * target)1058 static int configfs_depend_prep(struct dentry *origin,
1059 struct config_item *target)
1060 {
1061 struct configfs_dirent *child_sd, *sd;
1062 int ret = 0;
1063
1064 BUG_ON(!origin || !origin->d_fsdata);
1065 sd = origin->d_fsdata;
1066
1067 if (sd->s_element == target) /* Boo-yah */
1068 goto out;
1069
1070 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
1071 if ((child_sd->s_type & CONFIGFS_DIR) &&
1072 !(child_sd->s_type & CONFIGFS_USET_DROPPING) &&
1073 !(child_sd->s_type & CONFIGFS_USET_CREATING)) {
1074 ret = configfs_depend_prep(child_sd->s_dentry,
1075 target);
1076 if (!ret)
1077 goto out; /* Child path boo-yah */
1078 }
1079 }
1080
1081 /* We looped all our children and didn't find target */
1082 ret = -ENOENT;
1083
1084 out:
1085 return ret;
1086 }
1087
configfs_do_depend_item(struct dentry * subsys_dentry,struct config_item * target)1088 static int configfs_do_depend_item(struct dentry *subsys_dentry,
1089 struct config_item *target)
1090 {
1091 struct configfs_dirent *p;
1092 int ret;
1093
1094 spin_lock(&configfs_dirent_lock);
1095 /* Scan the tree, return 0 if found */
1096 ret = configfs_depend_prep(subsys_dentry, target);
1097 if (ret)
1098 goto out_unlock_dirent_lock;
1099
1100 /*
1101 * We are sure that the item is not about to be removed by rmdir(), and
1102 * not in the middle of attachment by mkdir().
1103 */
1104 p = target->ci_dentry->d_fsdata;
1105 p->s_dependent_count += 1;
1106
1107 out_unlock_dirent_lock:
1108 spin_unlock(&configfs_dirent_lock);
1109
1110 return ret;
1111 }
1112
1113 static inline struct configfs_dirent *
configfs_find_subsys_dentry(struct configfs_dirent * root_sd,struct config_item * subsys_item)1114 configfs_find_subsys_dentry(struct configfs_dirent *root_sd,
1115 struct config_item *subsys_item)
1116 {
1117 struct configfs_dirent *p;
1118 struct configfs_dirent *ret = NULL;
1119
1120 list_for_each_entry(p, &root_sd->s_children, s_sibling) {
1121 if (p->s_type & CONFIGFS_DIR &&
1122 p->s_element == subsys_item) {
1123 ret = p;
1124 break;
1125 }
1126 }
1127
1128 return ret;
1129 }
1130
1131
configfs_depend_item(struct configfs_subsystem * subsys,struct config_item * target)1132 int configfs_depend_item(struct configfs_subsystem *subsys,
1133 struct config_item *target)
1134 {
1135 int ret;
1136 struct configfs_dirent *subsys_sd;
1137 struct config_item *s_item = &subsys->su_group.cg_item;
1138 struct dentry *root;
1139
1140 /*
1141 * Pin the configfs filesystem. This means we can safely access
1142 * the root of the configfs filesystem.
1143 */
1144 root = configfs_pin_fs();
1145 if (IS_ERR(root))
1146 return PTR_ERR(root);
1147
1148 /*
1149 * Next, lock the root directory. We're going to check that the
1150 * subsystem is really registered, and so we need to lock out
1151 * configfs_[un]register_subsystem().
1152 */
1153 inode_lock(d_inode(root));
1154
1155 subsys_sd = configfs_find_subsys_dentry(root->d_fsdata, s_item);
1156 if (!subsys_sd) {
1157 ret = -ENOENT;
1158 goto out_unlock_fs;
1159 }
1160
1161 /* Ok, now we can trust subsys/s_item */
1162 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1163
1164 out_unlock_fs:
1165 inode_unlock(d_inode(root));
1166
1167 /*
1168 * If we succeeded, the fs is pinned via other methods. If not,
1169 * we're done with it anyway. So release_fs() is always right.
1170 */
1171 configfs_release_fs();
1172
1173 return ret;
1174 }
1175 EXPORT_SYMBOL(configfs_depend_item);
1176
1177 /*
1178 * Release the dependent linkage. This is much simpler than
1179 * configfs_depend_item() because we know that the client driver is
1180 * pinned, thus the subsystem is pinned, and therefore configfs is pinned.
1181 */
configfs_undepend_item(struct config_item * target)1182 void configfs_undepend_item(struct config_item *target)
1183 {
1184 struct configfs_dirent *sd;
1185
1186 /*
1187 * Since we can trust everything is pinned, we just need
1188 * configfs_dirent_lock.
1189 */
1190 spin_lock(&configfs_dirent_lock);
1191
1192 sd = target->ci_dentry->d_fsdata;
1193 BUG_ON(sd->s_dependent_count < 1);
1194
1195 sd->s_dependent_count -= 1;
1196
1197 /*
1198 * After this unlock, we cannot trust the item to stay alive!
1199 * DO NOT REFERENCE item after this unlock.
1200 */
1201 spin_unlock(&configfs_dirent_lock);
1202 }
1203 EXPORT_SYMBOL(configfs_undepend_item);
1204
1205 /*
1206 * caller_subsys is a caller's subsystem not target's. This is used to
1207 * determine if we should lock root and check subsys or not. When we are
1208 * in the same subsystem as our target there is no need to do locking as
1209 * we know that subsys is valid and is not unregistered during this function
1210 * as we are called from callback of one of his children and VFS holds a lock
1211 * on some inode. Otherwise we have to lock our root to ensure that target's
1212 * subsystem it is not unregistered during this function.
1213 */
configfs_depend_item_unlocked(struct configfs_subsystem * caller_subsys,struct config_item * target)1214 int configfs_depend_item_unlocked(struct configfs_subsystem *caller_subsys,
1215 struct config_item *target)
1216 {
1217 struct configfs_subsystem *target_subsys;
1218 struct config_group *root, *parent;
1219 struct configfs_dirent *subsys_sd;
1220 int ret = -ENOENT;
1221
1222 /* Disallow this function for configfs root */
1223 if (configfs_is_root(target))
1224 return -EINVAL;
1225
1226 parent = target->ci_group;
1227 /*
1228 * This may happen when someone is trying to depend root
1229 * directory of some subsystem
1230 */
1231 if (configfs_is_root(&parent->cg_item)) {
1232 target_subsys = to_configfs_subsystem(to_config_group(target));
1233 root = parent;
1234 } else {
1235 target_subsys = parent->cg_subsys;
1236 /* Find a cofnigfs root as we may need it for locking */
1237 for (root = parent; !configfs_is_root(&root->cg_item);
1238 root = root->cg_item.ci_group)
1239 ;
1240 }
1241
1242 if (target_subsys != caller_subsys) {
1243 /*
1244 * We are in other configfs subsystem, so we have to do
1245 * additional locking to prevent other subsystem from being
1246 * unregistered
1247 */
1248 inode_lock(d_inode(root->cg_item.ci_dentry));
1249
1250 /*
1251 * As we are trying to depend item from other subsystem
1252 * we have to check if this subsystem is still registered
1253 */
1254 subsys_sd = configfs_find_subsys_dentry(
1255 root->cg_item.ci_dentry->d_fsdata,
1256 &target_subsys->su_group.cg_item);
1257 if (!subsys_sd)
1258 goto out_root_unlock;
1259 } else {
1260 subsys_sd = target_subsys->su_group.cg_item.ci_dentry->d_fsdata;
1261 }
1262
1263 /* Now we can execute core of depend item */
1264 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1265
1266 if (target_subsys != caller_subsys)
1267 out_root_unlock:
1268 /*
1269 * We were called from subsystem other than our target so we
1270 * took some locks so now it's time to release them
1271 */
1272 inode_unlock(d_inode(root->cg_item.ci_dentry));
1273
1274 return ret;
1275 }
1276 EXPORT_SYMBOL(configfs_depend_item_unlocked);
1277
configfs_mkdir(struct inode * dir,struct dentry * dentry,umode_t mode)1278 static int configfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
1279 {
1280 int ret = 0;
1281 int module_got = 0;
1282 struct config_group *group = NULL;
1283 struct config_item *item = NULL;
1284 struct config_item *parent_item;
1285 struct configfs_subsystem *subsys;
1286 struct configfs_dirent *sd;
1287 const struct config_item_type *type;
1288 struct module *subsys_owner = NULL, *new_item_owner = NULL;
1289 struct configfs_fragment *frag;
1290 char *name;
1291
1292 sd = dentry->d_parent->d_fsdata;
1293
1294 /*
1295 * Fake invisibility if dir belongs to a group/default groups hierarchy
1296 * being attached
1297 */
1298 if (!configfs_dirent_is_ready(sd)) {
1299 ret = -ENOENT;
1300 goto out;
1301 }
1302
1303 if (!(sd->s_type & CONFIGFS_USET_DIR)) {
1304 ret = -EPERM;
1305 goto out;
1306 }
1307
1308 frag = new_fragment();
1309 if (!frag) {
1310 ret = -ENOMEM;
1311 goto out;
1312 }
1313
1314 /* Get a working ref for the duration of this function */
1315 parent_item = configfs_get_config_item(dentry->d_parent);
1316 type = parent_item->ci_type;
1317 subsys = to_config_group(parent_item)->cg_subsys;
1318 BUG_ON(!subsys);
1319
1320 if (!type || !type->ct_group_ops ||
1321 (!type->ct_group_ops->make_group &&
1322 !type->ct_group_ops->make_item)) {
1323 ret = -EPERM; /* Lack-of-mkdir returns -EPERM */
1324 goto out_put;
1325 }
1326
1327 /*
1328 * The subsystem may belong to a different module than the item
1329 * being created. We don't want to safely pin the new item but
1330 * fail to pin the subsystem it sits under.
1331 */
1332 if (!subsys->su_group.cg_item.ci_type) {
1333 ret = -EINVAL;
1334 goto out_put;
1335 }
1336 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1337 if (!try_module_get(subsys_owner)) {
1338 ret = -EINVAL;
1339 goto out_put;
1340 }
1341
1342 name = kmalloc(dentry->d_name.len + 1, GFP_KERNEL);
1343 if (!name) {
1344 ret = -ENOMEM;
1345 goto out_subsys_put;
1346 }
1347
1348 snprintf(name, dentry->d_name.len + 1, "%s", dentry->d_name.name);
1349
1350 mutex_lock(&subsys->su_mutex);
1351 if (type->ct_group_ops->make_group) {
1352 group = type->ct_group_ops->make_group(to_config_group(parent_item), name);
1353 if (!group)
1354 group = ERR_PTR(-ENOMEM);
1355 if (!IS_ERR(group)) {
1356 link_group(to_config_group(parent_item), group);
1357 item = &group->cg_item;
1358 } else
1359 ret = PTR_ERR(group);
1360 } else {
1361 item = type->ct_group_ops->make_item(to_config_group(parent_item), name);
1362 if (!item)
1363 item = ERR_PTR(-ENOMEM);
1364 if (!IS_ERR(item))
1365 link_obj(parent_item, item);
1366 else
1367 ret = PTR_ERR(item);
1368 }
1369 mutex_unlock(&subsys->su_mutex);
1370
1371 kfree(name);
1372 if (ret) {
1373 /*
1374 * If ret != 0, then link_obj() was never called.
1375 * There are no extra references to clean up.
1376 */
1377 goto out_subsys_put;
1378 }
1379
1380 /*
1381 * link_obj() has been called (via link_group() for groups).
1382 * From here on out, errors must clean that up.
1383 */
1384
1385 type = item->ci_type;
1386 if (!type) {
1387 ret = -EINVAL;
1388 goto out_unlink;
1389 }
1390
1391 new_item_owner = type->ct_owner;
1392 if (!try_module_get(new_item_owner)) {
1393 ret = -EINVAL;
1394 goto out_unlink;
1395 }
1396
1397 /*
1398 * I hate doing it this way, but if there is
1399 * an error, module_put() probably should
1400 * happen after any cleanup.
1401 */
1402 module_got = 1;
1403
1404 /*
1405 * Make racing rmdir() fail if it did not tag parent with
1406 * CONFIGFS_USET_DROPPING
1407 * Note: if CONFIGFS_USET_DROPPING is already set, attach_group() will
1408 * fail and let rmdir() terminate correctly
1409 */
1410 spin_lock(&configfs_dirent_lock);
1411 /* This will make configfs_detach_prep() fail */
1412 sd->s_type |= CONFIGFS_USET_IN_MKDIR;
1413 spin_unlock(&configfs_dirent_lock);
1414
1415 if (group)
1416 ret = configfs_attach_group(parent_item, item, dentry, frag);
1417 else
1418 ret = configfs_attach_item(parent_item, item, dentry, frag);
1419
1420 /* inherit uid/gid from process creating the directory */
1421 if (!uid_eq(current_fsuid(), GLOBAL_ROOT_UID) ||
1422 !gid_eq(current_fsgid(), GLOBAL_ROOT_GID)) {
1423 struct iattr ia = {
1424 .ia_uid = current_fsuid(),
1425 .ia_gid = current_fsgid(),
1426 .ia_valid = ATTR_UID | ATTR_GID,
1427 };
1428 struct inode *inode = d_inode(dentry);
1429 inode->i_uid = ia.ia_uid;
1430 inode->i_gid = ia.ia_gid;
1431 /* the above manual assignments skip the permission checks */
1432 configfs_setattr(dentry, &ia);
1433 }
1434
1435 spin_lock(&configfs_dirent_lock);
1436 sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
1437 if (!ret)
1438 configfs_dir_set_ready(dentry->d_fsdata);
1439 spin_unlock(&configfs_dirent_lock);
1440
1441 out_unlink:
1442 if (ret) {
1443 /* Tear down everything we built up */
1444 mutex_lock(&subsys->su_mutex);
1445
1446 client_disconnect_notify(parent_item, item);
1447 if (group)
1448 unlink_group(group);
1449 else
1450 unlink_obj(item);
1451 client_drop_item(parent_item, item);
1452
1453 mutex_unlock(&subsys->su_mutex);
1454
1455 if (module_got)
1456 module_put(new_item_owner);
1457 }
1458
1459 out_subsys_put:
1460 if (ret)
1461 module_put(subsys_owner);
1462
1463 out_put:
1464 /*
1465 * link_obj()/link_group() took a reference from child->parent,
1466 * so the parent is safely pinned. We can drop our working
1467 * reference.
1468 */
1469 config_item_put(parent_item);
1470 put_fragment(frag);
1471
1472 out:
1473 return ret;
1474 }
1475
configfs_rmdir(struct inode * dir,struct dentry * dentry)1476 static int configfs_rmdir(struct inode *dir, struct dentry *dentry)
1477 {
1478 struct config_item *parent_item;
1479 struct config_item *item;
1480 struct configfs_subsystem *subsys;
1481 struct configfs_dirent *sd;
1482 struct configfs_fragment *frag;
1483 struct module *subsys_owner = NULL, *dead_item_owner = NULL;
1484 int ret;
1485
1486 sd = dentry->d_fsdata;
1487 if (sd->s_type & CONFIGFS_USET_DEFAULT)
1488 return -EPERM;
1489
1490 /* Get a working ref until we have the child */
1491 parent_item = configfs_get_config_item(dentry->d_parent);
1492 subsys = to_config_group(parent_item)->cg_subsys;
1493 BUG_ON(!subsys);
1494
1495 if (!parent_item->ci_type) {
1496 config_item_put(parent_item);
1497 return -EINVAL;
1498 }
1499
1500 /* configfs_mkdir() shouldn't have allowed this */
1501 BUG_ON(!subsys->su_group.cg_item.ci_type);
1502 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1503
1504 /*
1505 * Ensure that no racing symlink() will make detach_prep() fail while
1506 * the new link is temporarily attached
1507 */
1508 do {
1509 struct dentry *wait;
1510
1511 mutex_lock(&configfs_symlink_mutex);
1512 spin_lock(&configfs_dirent_lock);
1513 /*
1514 * Here's where we check for dependents. We're protected by
1515 * configfs_dirent_lock.
1516 * If no dependent, atomically tag the item as dropping.
1517 */
1518 ret = sd->s_dependent_count ? -EBUSY : 0;
1519 if (!ret) {
1520 ret = configfs_detach_prep(dentry, &wait);
1521 if (ret)
1522 configfs_detach_rollback(dentry);
1523 }
1524 spin_unlock(&configfs_dirent_lock);
1525 mutex_unlock(&configfs_symlink_mutex);
1526
1527 if (ret) {
1528 if (ret != -EAGAIN) {
1529 config_item_put(parent_item);
1530 return ret;
1531 }
1532
1533 /* Wait until the racing operation terminates */
1534 inode_lock(d_inode(wait));
1535 inode_unlock(d_inode(wait));
1536 dput(wait);
1537 }
1538 } while (ret == -EAGAIN);
1539
1540 frag = sd->s_frag;
1541 if (down_write_killable(&frag->frag_sem)) {
1542 spin_lock(&configfs_dirent_lock);
1543 configfs_detach_rollback(dentry);
1544 spin_unlock(&configfs_dirent_lock);
1545 config_item_put(parent_item);
1546 return -EINTR;
1547 }
1548 frag->frag_dead = true;
1549 up_write(&frag->frag_sem);
1550
1551 /* Get a working ref for the duration of this function */
1552 item = configfs_get_config_item(dentry);
1553
1554 /* Drop reference from above, item already holds one. */
1555 config_item_put(parent_item);
1556
1557 if (item->ci_type)
1558 dead_item_owner = item->ci_type->ct_owner;
1559
1560 if (sd->s_type & CONFIGFS_USET_DIR) {
1561 configfs_detach_group(item);
1562
1563 mutex_lock(&subsys->su_mutex);
1564 client_disconnect_notify(parent_item, item);
1565 unlink_group(to_config_group(item));
1566 } else {
1567 configfs_detach_item(item);
1568
1569 mutex_lock(&subsys->su_mutex);
1570 client_disconnect_notify(parent_item, item);
1571 unlink_obj(item);
1572 }
1573
1574 client_drop_item(parent_item, item);
1575 mutex_unlock(&subsys->su_mutex);
1576
1577 /* Drop our reference from above */
1578 config_item_put(item);
1579
1580 module_put(dead_item_owner);
1581 module_put(subsys_owner);
1582
1583 return 0;
1584 }
1585
1586 const struct inode_operations configfs_dir_inode_operations = {
1587 .mkdir = configfs_mkdir,
1588 .rmdir = configfs_rmdir,
1589 .symlink = configfs_symlink,
1590 .unlink = configfs_unlink,
1591 .lookup = configfs_lookup,
1592 .setattr = configfs_setattr,
1593 };
1594
1595 const struct inode_operations configfs_root_inode_operations = {
1596 .lookup = configfs_lookup,
1597 .setattr = configfs_setattr,
1598 };
1599
configfs_dir_open(struct inode * inode,struct file * file)1600 static int configfs_dir_open(struct inode *inode, struct file *file)
1601 {
1602 struct dentry * dentry = file->f_path.dentry;
1603 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1604 int err;
1605
1606 inode_lock(d_inode(dentry));
1607 /*
1608 * Fake invisibility if dir belongs to a group/default groups hierarchy
1609 * being attached
1610 */
1611 err = -ENOENT;
1612 if (configfs_dirent_is_ready(parent_sd)) {
1613 file->private_data = configfs_new_dirent(parent_sd, NULL, 0, NULL);
1614 if (IS_ERR(file->private_data))
1615 err = PTR_ERR(file->private_data);
1616 else
1617 err = 0;
1618 }
1619 inode_unlock(d_inode(dentry));
1620
1621 return err;
1622 }
1623
configfs_dir_close(struct inode * inode,struct file * file)1624 static int configfs_dir_close(struct inode *inode, struct file *file)
1625 {
1626 struct dentry * dentry = file->f_path.dentry;
1627 struct configfs_dirent * cursor = file->private_data;
1628
1629 inode_lock(d_inode(dentry));
1630 spin_lock(&configfs_dirent_lock);
1631 list_del_init(&cursor->s_sibling);
1632 spin_unlock(&configfs_dirent_lock);
1633 inode_unlock(d_inode(dentry));
1634
1635 release_configfs_dirent(cursor);
1636
1637 return 0;
1638 }
1639
1640 /* Relationship between s_mode and the DT_xxx types */
dt_type(struct configfs_dirent * sd)1641 static inline unsigned char dt_type(struct configfs_dirent *sd)
1642 {
1643 return (sd->s_mode >> 12) & 15;
1644 }
1645
configfs_readdir(struct file * file,struct dir_context * ctx)1646 static int configfs_readdir(struct file *file, struct dir_context *ctx)
1647 {
1648 struct dentry *dentry = file->f_path.dentry;
1649 struct super_block *sb = dentry->d_sb;
1650 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1651 struct configfs_dirent *cursor = file->private_data;
1652 struct list_head *p, *q = &cursor->s_sibling;
1653 ino_t ino = 0;
1654
1655 if (!dir_emit_dots(file, ctx))
1656 return 0;
1657 spin_lock(&configfs_dirent_lock);
1658 if (ctx->pos == 2)
1659 list_move(q, &parent_sd->s_children);
1660 for (p = q->next; p != &parent_sd->s_children; p = p->next) {
1661 struct configfs_dirent *next;
1662 const char *name;
1663 int len;
1664 struct inode *inode = NULL;
1665
1666 next = list_entry(p, struct configfs_dirent, s_sibling);
1667 if (!next->s_element)
1668 continue;
1669
1670 /*
1671 * We'll have a dentry and an inode for
1672 * PINNED items and for open attribute
1673 * files. We lock here to prevent a race
1674 * with configfs_d_iput() clearing
1675 * s_dentry before calling iput().
1676 *
1677 * Why do we go to the trouble? If
1678 * someone has an attribute file open,
1679 * the inode number should match until
1680 * they close it. Beyond that, we don't
1681 * care.
1682 */
1683 dentry = next->s_dentry;
1684 if (dentry)
1685 inode = d_inode(dentry);
1686 if (inode)
1687 ino = inode->i_ino;
1688 spin_unlock(&configfs_dirent_lock);
1689 if (!inode)
1690 ino = iunique(sb, 2);
1691
1692 name = configfs_get_name(next);
1693 len = strlen(name);
1694
1695 if (!dir_emit(ctx, name, len, ino, dt_type(next)))
1696 return 0;
1697
1698 spin_lock(&configfs_dirent_lock);
1699 list_move(q, p);
1700 p = q;
1701 ctx->pos++;
1702 }
1703 spin_unlock(&configfs_dirent_lock);
1704 return 0;
1705 }
1706
configfs_dir_lseek(struct file * file,loff_t offset,int whence)1707 static loff_t configfs_dir_lseek(struct file *file, loff_t offset, int whence)
1708 {
1709 struct dentry * dentry = file->f_path.dentry;
1710
1711 switch (whence) {
1712 case 1:
1713 offset += file->f_pos;
1714 fallthrough;
1715 case 0:
1716 if (offset >= 0)
1717 break;
1718 fallthrough;
1719 default:
1720 return -EINVAL;
1721 }
1722 if (offset != file->f_pos) {
1723 file->f_pos = offset;
1724 if (file->f_pos >= 2) {
1725 struct configfs_dirent *sd = dentry->d_fsdata;
1726 struct configfs_dirent *cursor = file->private_data;
1727 struct list_head *p;
1728 loff_t n = file->f_pos - 2;
1729
1730 spin_lock(&configfs_dirent_lock);
1731 list_del(&cursor->s_sibling);
1732 p = sd->s_children.next;
1733 while (n && p != &sd->s_children) {
1734 struct configfs_dirent *next;
1735 next = list_entry(p, struct configfs_dirent,
1736 s_sibling);
1737 if (next->s_element)
1738 n--;
1739 p = p->next;
1740 }
1741 list_add_tail(&cursor->s_sibling, p);
1742 spin_unlock(&configfs_dirent_lock);
1743 }
1744 }
1745 return offset;
1746 }
1747
1748 const struct file_operations configfs_dir_operations = {
1749 .open = configfs_dir_open,
1750 .release = configfs_dir_close,
1751 .llseek = configfs_dir_lseek,
1752 .read = generic_read_dir,
1753 .iterate_shared = configfs_readdir,
1754 };
1755
1756 /**
1757 * configfs_register_group - creates a parent-child relation between two groups
1758 * @parent_group: parent group
1759 * @group: child group
1760 *
1761 * link groups, creates dentry for the child and attaches it to the
1762 * parent dentry.
1763 *
1764 * Return: 0 on success, negative errno code on error
1765 */
configfs_register_group(struct config_group * parent_group,struct config_group * group)1766 int configfs_register_group(struct config_group *parent_group,
1767 struct config_group *group)
1768 {
1769 struct configfs_subsystem *subsys = parent_group->cg_subsys;
1770 struct dentry *parent;
1771 struct configfs_fragment *frag;
1772 int ret;
1773
1774 frag = new_fragment();
1775 if (!frag)
1776 return -ENOMEM;
1777
1778 mutex_lock(&subsys->su_mutex);
1779 link_group(parent_group, group);
1780 mutex_unlock(&subsys->su_mutex);
1781
1782 parent = parent_group->cg_item.ci_dentry;
1783
1784 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1785 ret = create_default_group(parent_group, group, frag);
1786 if (ret)
1787 goto err_out;
1788
1789 spin_lock(&configfs_dirent_lock);
1790 configfs_dir_set_ready(group->cg_item.ci_dentry->d_fsdata);
1791 spin_unlock(&configfs_dirent_lock);
1792 inode_unlock(d_inode(parent));
1793 put_fragment(frag);
1794 return 0;
1795 err_out:
1796 inode_unlock(d_inode(parent));
1797 mutex_lock(&subsys->su_mutex);
1798 unlink_group(group);
1799 mutex_unlock(&subsys->su_mutex);
1800 put_fragment(frag);
1801 return ret;
1802 }
1803 EXPORT_SYMBOL(configfs_register_group);
1804
1805 /**
1806 * configfs_unregister_group() - unregisters a child group from its parent
1807 * @group: parent group to be unregistered
1808 *
1809 * Undoes configfs_register_group()
1810 */
configfs_unregister_group(struct config_group * group)1811 void configfs_unregister_group(struct config_group *group)
1812 {
1813 struct configfs_subsystem *subsys = group->cg_subsys;
1814 struct dentry *dentry = group->cg_item.ci_dentry;
1815 struct dentry *parent = group->cg_item.ci_parent->ci_dentry;
1816 struct configfs_dirent *sd = dentry->d_fsdata;
1817 struct configfs_fragment *frag = sd->s_frag;
1818
1819 down_write(&frag->frag_sem);
1820 frag->frag_dead = true;
1821 up_write(&frag->frag_sem);
1822
1823 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1824 spin_lock(&configfs_dirent_lock);
1825 configfs_detach_prep(dentry, NULL);
1826 spin_unlock(&configfs_dirent_lock);
1827
1828 configfs_detach_group(&group->cg_item);
1829 d_inode(dentry)->i_flags |= S_DEAD;
1830 dont_mount(dentry);
1831 d_drop(dentry);
1832 fsnotify_rmdir(d_inode(parent), dentry);
1833 inode_unlock(d_inode(parent));
1834
1835 dput(dentry);
1836
1837 mutex_lock(&subsys->su_mutex);
1838 unlink_group(group);
1839 mutex_unlock(&subsys->su_mutex);
1840 }
1841 EXPORT_SYMBOL(configfs_unregister_group);
1842
1843 /**
1844 * configfs_register_default_group() - allocates and registers a child group
1845 * @parent_group: parent group
1846 * @name: child group name
1847 * @item_type: child item type description
1848 *
1849 * boilerplate to allocate and register a child group with its parent. We need
1850 * kzalloc'ed memory because child's default_group is initially empty.
1851 *
1852 * Return: allocated config group or ERR_PTR() on error
1853 */
1854 struct config_group *
configfs_register_default_group(struct config_group * parent_group,const char * name,const struct config_item_type * item_type)1855 configfs_register_default_group(struct config_group *parent_group,
1856 const char *name,
1857 const struct config_item_type *item_type)
1858 {
1859 int ret;
1860 struct config_group *group;
1861
1862 group = kzalloc(sizeof(*group), GFP_KERNEL);
1863 if (!group)
1864 return ERR_PTR(-ENOMEM);
1865 config_group_init_type_name(group, name, item_type);
1866
1867 ret = configfs_register_group(parent_group, group);
1868 if (ret) {
1869 kfree(group);
1870 return ERR_PTR(ret);
1871 }
1872 return group;
1873 }
1874 EXPORT_SYMBOL(configfs_register_default_group);
1875
1876 /**
1877 * configfs_unregister_default_group() - unregisters and frees a child group
1878 * @group: the group to act on
1879 */
configfs_unregister_default_group(struct config_group * group)1880 void configfs_unregister_default_group(struct config_group *group)
1881 {
1882 configfs_unregister_group(group);
1883 kfree(group);
1884 }
1885 EXPORT_SYMBOL(configfs_unregister_default_group);
1886
configfs_register_subsystem(struct configfs_subsystem * subsys)1887 int configfs_register_subsystem(struct configfs_subsystem *subsys)
1888 {
1889 int err;
1890 struct config_group *group = &subsys->su_group;
1891 struct dentry *dentry;
1892 struct dentry *root;
1893 struct configfs_dirent *sd;
1894 struct configfs_fragment *frag;
1895
1896 frag = new_fragment();
1897 if (!frag)
1898 return -ENOMEM;
1899
1900 root = configfs_pin_fs();
1901 if (IS_ERR(root)) {
1902 put_fragment(frag);
1903 return PTR_ERR(root);
1904 }
1905
1906 if (!group->cg_item.ci_name)
1907 group->cg_item.ci_name = group->cg_item.ci_namebuf;
1908
1909 sd = root->d_fsdata;
1910 mutex_lock(&configfs_subsystem_mutex);
1911 link_group(to_config_group(sd->s_element), group);
1912 mutex_unlock(&configfs_subsystem_mutex);
1913
1914 inode_lock_nested(d_inode(root), I_MUTEX_PARENT);
1915
1916 err = -ENOMEM;
1917 dentry = d_alloc_name(root, group->cg_item.ci_name);
1918 if (dentry) {
1919 d_add(dentry, NULL);
1920
1921 err = configfs_attach_group(sd->s_element, &group->cg_item,
1922 dentry, frag);
1923 if (err) {
1924 BUG_ON(d_inode(dentry));
1925 d_drop(dentry);
1926 dput(dentry);
1927 } else {
1928 spin_lock(&configfs_dirent_lock);
1929 configfs_dir_set_ready(dentry->d_fsdata);
1930 spin_unlock(&configfs_dirent_lock);
1931 }
1932 }
1933
1934 inode_unlock(d_inode(root));
1935
1936 if (err) {
1937 mutex_lock(&configfs_subsystem_mutex);
1938 unlink_group(group);
1939 mutex_unlock(&configfs_subsystem_mutex);
1940 configfs_release_fs();
1941 }
1942 put_fragment(frag);
1943
1944 return err;
1945 }
1946
configfs_unregister_subsystem(struct configfs_subsystem * subsys)1947 void configfs_unregister_subsystem(struct configfs_subsystem *subsys)
1948 {
1949 struct config_group *group = &subsys->su_group;
1950 struct dentry *dentry = group->cg_item.ci_dentry;
1951 struct dentry *root = dentry->d_sb->s_root;
1952 struct configfs_dirent *sd = dentry->d_fsdata;
1953 struct configfs_fragment *frag = sd->s_frag;
1954
1955 if (dentry->d_parent != root) {
1956 pr_err("Tried to unregister non-subsystem!\n");
1957 return;
1958 }
1959
1960 down_write(&frag->frag_sem);
1961 frag->frag_dead = true;
1962 up_write(&frag->frag_sem);
1963
1964 inode_lock_nested(d_inode(root),
1965 I_MUTEX_PARENT);
1966 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
1967 mutex_lock(&configfs_symlink_mutex);
1968 spin_lock(&configfs_dirent_lock);
1969 if (configfs_detach_prep(dentry, NULL)) {
1970 pr_err("Tried to unregister non-empty subsystem!\n");
1971 }
1972 spin_unlock(&configfs_dirent_lock);
1973 mutex_unlock(&configfs_symlink_mutex);
1974 configfs_detach_group(&group->cg_item);
1975 d_inode(dentry)->i_flags |= S_DEAD;
1976 dont_mount(dentry);
1977 inode_unlock(d_inode(dentry));
1978
1979 d_drop(dentry);
1980 fsnotify_rmdir(d_inode(root), dentry);
1981
1982 inode_unlock(d_inode(root));
1983
1984 dput(dentry);
1985
1986 mutex_lock(&configfs_subsystem_mutex);
1987 unlink_group(group);
1988 mutex_unlock(&configfs_subsystem_mutex);
1989 configfs_release_fs();
1990 }
1991
1992 EXPORT_SYMBOL(configfs_register_subsystem);
1993 EXPORT_SYMBOL(configfs_unregister_subsystem);
1994