1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * dir.c - Operations for configfs directories.
4 *
5 * Based on sysfs:
6 * sysfs is Copyright (C) 2001, 2002, 2003 Patrick Mochel
7 *
8 * configfs Copyright (C) 2005 Oracle. All rights reserved.
9 */
10
11 #undef DEBUG
12
13 #include <linux/fs.h>
14 #include <linux/fsnotify.h>
15 #include <linux/mount.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/err.h>
19
20 #include <linux/configfs.h>
21 #include "configfs_internal.h"
22
23 /*
24 * Protects mutations of configfs_dirent linkage together with proper i_mutex
25 * Also protects mutations of symlinks linkage to target configfs_dirent
26 * Mutators of configfs_dirent linkage must *both* have the proper inode locked
27 * and configfs_dirent_lock locked, in that order.
28 * This allows one to safely traverse configfs_dirent trees and symlinks without
29 * having to lock inodes.
30 *
31 * Protects setting of CONFIGFS_USET_DROPPING: checking the flag
32 * unlocked is not reliable unless in detach_groups() called from
33 * rmdir()/unregister() and from configfs_attach_group()
34 */
35 DEFINE_SPINLOCK(configfs_dirent_lock);
36
configfs_d_iput(struct dentry * dentry,struct inode * inode)37 static void configfs_d_iput(struct dentry * dentry,
38 struct inode * inode)
39 {
40 struct configfs_dirent *sd = dentry->d_fsdata;
41
42 if (sd) {
43 /* Coordinate with configfs_readdir */
44 spin_lock(&configfs_dirent_lock);
45 /*
46 * Set sd->s_dentry to null only when this dentry is the one
47 * that is going to be killed. Otherwise configfs_d_iput may
48 * run just after configfs_attach_attr and set sd->s_dentry to
49 * NULL even it's still in use.
50 */
51 if (sd->s_dentry == dentry)
52 sd->s_dentry = NULL;
53
54 spin_unlock(&configfs_dirent_lock);
55 configfs_put(sd);
56 }
57 iput(inode);
58 }
59
60 const struct dentry_operations configfs_dentry_ops = {
61 .d_iput = configfs_d_iput,
62 .d_delete = always_delete_dentry,
63 };
64
65 #ifdef CONFIG_LOCKDEP
66
67 /*
68 * Helpers to make lockdep happy with our recursive locking of default groups'
69 * inodes (see configfs_attach_group() and configfs_detach_group()).
70 * We put default groups i_mutexes in separate classes according to their depth
71 * from the youngest non-default group ancestor.
72 *
73 * For a non-default group A having default groups A/B, A/C, and A/C/D, default
74 * groups A/B and A/C will have their inode's mutex in class
75 * default_group_class[0], and default group A/C/D will be in
76 * default_group_class[1].
77 *
78 * The lock classes are declared and assigned in inode.c, according to the
79 * s_depth value.
80 * The s_depth value is initialized to -1, adjusted to >= 0 when attaching
81 * default groups, and reset to -1 when all default groups are attached. During
82 * attachment, if configfs_create() sees s_depth > 0, the lock class of the new
83 * inode's mutex is set to default_group_class[s_depth - 1].
84 */
85
configfs_init_dirent_depth(struct configfs_dirent * sd)86 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
87 {
88 sd->s_depth = -1;
89 }
90
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)91 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
92 struct configfs_dirent *sd)
93 {
94 int parent_depth = parent_sd->s_depth;
95
96 if (parent_depth >= 0)
97 sd->s_depth = parent_depth + 1;
98 }
99
100 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)101 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
102 {
103 /*
104 * item's i_mutex class is already setup, so s_depth is now only
105 * used to set new sub-directories s_depth, which is always done
106 * with item's i_mutex locked.
107 */
108 /*
109 * sd->s_depth == -1 iff we are a non default group.
110 * else (we are a default group) sd->s_depth > 0 (see
111 * create_dir()).
112 */
113 if (sd->s_depth == -1)
114 /*
115 * We are a non default group and we are going to create
116 * default groups.
117 */
118 sd->s_depth = 0;
119 }
120
121 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)122 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
123 {
124 /* We will not create default groups anymore. */
125 sd->s_depth = -1;
126 }
127
128 #else /* CONFIG_LOCKDEP */
129
configfs_init_dirent_depth(struct configfs_dirent * sd)130 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
131 {
132 }
133
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)134 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
135 struct configfs_dirent *sd)
136 {
137 }
138
139 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)140 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
141 {
142 }
143
144 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)145 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
146 {
147 }
148
149 #endif /* CONFIG_LOCKDEP */
150
new_fragment(void)151 static struct configfs_fragment *new_fragment(void)
152 {
153 struct configfs_fragment *p;
154
155 p = kmalloc(sizeof(struct configfs_fragment), GFP_KERNEL);
156 if (p) {
157 atomic_set(&p->frag_count, 1);
158 init_rwsem(&p->frag_sem);
159 p->frag_dead = false;
160 }
161 return p;
162 }
163
put_fragment(struct configfs_fragment * frag)164 void put_fragment(struct configfs_fragment *frag)
165 {
166 if (frag && atomic_dec_and_test(&frag->frag_count))
167 kfree(frag);
168 }
169
get_fragment(struct configfs_fragment * frag)170 struct configfs_fragment *get_fragment(struct configfs_fragment *frag)
171 {
172 if (likely(frag))
173 atomic_inc(&frag->frag_count);
174 return frag;
175 }
176
177 /*
178 * Allocates a new configfs_dirent and links it to the parent configfs_dirent
179 */
configfs_new_dirent(struct configfs_dirent * parent_sd,void * element,int type,struct configfs_fragment * frag)180 static struct configfs_dirent *configfs_new_dirent(struct configfs_dirent *parent_sd,
181 void *element, int type,
182 struct configfs_fragment *frag)
183 {
184 struct configfs_dirent * sd;
185
186 sd = kmem_cache_zalloc(configfs_dir_cachep, GFP_KERNEL);
187 if (!sd)
188 return ERR_PTR(-ENOMEM);
189
190 atomic_set(&sd->s_count, 1);
191 INIT_LIST_HEAD(&sd->s_children);
192 sd->s_element = element;
193 sd->s_type = type;
194 configfs_init_dirent_depth(sd);
195 spin_lock(&configfs_dirent_lock);
196 if (parent_sd->s_type & CONFIGFS_USET_DROPPING) {
197 spin_unlock(&configfs_dirent_lock);
198 kmem_cache_free(configfs_dir_cachep, sd);
199 return ERR_PTR(-ENOENT);
200 }
201 sd->s_frag = get_fragment(frag);
202 list_add(&sd->s_sibling, &parent_sd->s_children);
203 spin_unlock(&configfs_dirent_lock);
204
205 return sd;
206 }
207
208 /*
209 *
210 * Return -EEXIST if there is already a configfs element with the same
211 * name for the same parent.
212 *
213 * called with parent inode's i_mutex held
214 */
configfs_dirent_exists(struct configfs_dirent * parent_sd,const unsigned char * new)215 static int configfs_dirent_exists(struct configfs_dirent *parent_sd,
216 const unsigned char *new)
217 {
218 struct configfs_dirent * sd;
219
220 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
221 if (sd->s_element) {
222 const unsigned char *existing = configfs_get_name(sd);
223 if (strcmp(existing, new))
224 continue;
225 else
226 return -EEXIST;
227 }
228 }
229
230 return 0;
231 }
232
233
configfs_make_dirent(struct configfs_dirent * parent_sd,struct dentry * dentry,void * element,umode_t mode,int type,struct configfs_fragment * frag)234 int configfs_make_dirent(struct configfs_dirent * parent_sd,
235 struct dentry * dentry, void * element,
236 umode_t mode, int type, struct configfs_fragment *frag)
237 {
238 struct configfs_dirent * sd;
239
240 sd = configfs_new_dirent(parent_sd, element, type, frag);
241 if (IS_ERR(sd))
242 return PTR_ERR(sd);
243
244 sd->s_mode = mode;
245 sd->s_dentry = dentry;
246 if (dentry)
247 dentry->d_fsdata = configfs_get(sd);
248
249 return 0;
250 }
251
configfs_remove_dirent(struct dentry * dentry)252 static void configfs_remove_dirent(struct dentry *dentry)
253 {
254 struct configfs_dirent *sd = dentry->d_fsdata;
255
256 if (!sd)
257 return;
258 spin_lock(&configfs_dirent_lock);
259 list_del_init(&sd->s_sibling);
260 spin_unlock(&configfs_dirent_lock);
261 configfs_put(sd);
262 }
263
264 /**
265 * configfs_create_dir - create a directory for an config_item.
266 * @item: config_itemwe're creating directory for.
267 * @dentry: config_item's dentry.
268 * @frag: config_item's fragment.
269 *
270 * Note: user-created entries won't be allowed under this new directory
271 * until it is validated by configfs_dir_set_ready()
272 */
273
configfs_create_dir(struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)274 static int configfs_create_dir(struct config_item *item, struct dentry *dentry,
275 struct configfs_fragment *frag)
276 {
277 int error;
278 umode_t mode = S_IFDIR| S_IRWXU | S_IRUGO | S_IXUGO;
279 struct dentry *p = dentry->d_parent;
280 struct inode *inode;
281
282 BUG_ON(!item);
283
284 error = configfs_dirent_exists(p->d_fsdata, dentry->d_name.name);
285 if (unlikely(error))
286 return error;
287
288 error = configfs_make_dirent(p->d_fsdata, dentry, item, mode,
289 CONFIGFS_DIR | CONFIGFS_USET_CREATING,
290 frag);
291 if (unlikely(error))
292 return error;
293
294 configfs_set_dir_dirent_depth(p->d_fsdata, dentry->d_fsdata);
295 inode = configfs_create(dentry, mode);
296 if (IS_ERR(inode))
297 goto out_remove;
298
299 inode->i_op = &configfs_dir_inode_operations;
300 inode->i_fop = &configfs_dir_operations;
301 /* directory inodes start off with i_nlink == 2 (for "." entry) */
302 inc_nlink(inode);
303 d_instantiate(dentry, inode);
304 /* already hashed */
305 dget(dentry); /* pin directory dentries in core */
306 inc_nlink(d_inode(p));
307 item->ci_dentry = dentry;
308 return 0;
309
310 out_remove:
311 configfs_remove_dirent(dentry);
312 return PTR_ERR(inode);
313 }
314
315 /*
316 * Allow userspace to create new entries under a new directory created with
317 * configfs_create_dir(), and under all of its chidlren directories recursively.
318 * @sd configfs_dirent of the new directory to validate
319 *
320 * Caller must hold configfs_dirent_lock.
321 */
configfs_dir_set_ready(struct configfs_dirent * sd)322 static void configfs_dir_set_ready(struct configfs_dirent *sd)
323 {
324 struct configfs_dirent *child_sd;
325
326 sd->s_type &= ~CONFIGFS_USET_CREATING;
327 list_for_each_entry(child_sd, &sd->s_children, s_sibling)
328 if (child_sd->s_type & CONFIGFS_USET_CREATING)
329 configfs_dir_set_ready(child_sd);
330 }
331
332 /*
333 * Check that a directory does not belong to a directory hierarchy being
334 * attached and not validated yet.
335 * @sd configfs_dirent of the directory to check
336 *
337 * @return non-zero iff the directory was validated
338 *
339 * Note: takes configfs_dirent_lock, so the result may change from false to true
340 * in two consecutive calls, but never from true to false.
341 */
configfs_dirent_is_ready(struct configfs_dirent * sd)342 int configfs_dirent_is_ready(struct configfs_dirent *sd)
343 {
344 int ret;
345
346 spin_lock(&configfs_dirent_lock);
347 ret = !(sd->s_type & CONFIGFS_USET_CREATING);
348 spin_unlock(&configfs_dirent_lock);
349
350 return ret;
351 }
352
configfs_create_link(struct configfs_dirent * target,struct dentry * parent,struct dentry * dentry,char * body)353 int configfs_create_link(struct configfs_dirent *target, struct dentry *parent,
354 struct dentry *dentry, char *body)
355 {
356 int err = 0;
357 umode_t mode = S_IFLNK | S_IRWXUGO;
358 struct configfs_dirent *p = parent->d_fsdata;
359 struct inode *inode;
360
361 err = configfs_make_dirent(p, dentry, target, mode, CONFIGFS_ITEM_LINK,
362 p->s_frag);
363 if (err)
364 return err;
365
366 inode = configfs_create(dentry, mode);
367 if (IS_ERR(inode))
368 goto out_remove;
369
370 inode->i_link = body;
371 inode->i_op = &configfs_symlink_inode_operations;
372 d_instantiate(dentry, inode);
373 dget(dentry); /* pin link dentries in core */
374 return 0;
375
376 out_remove:
377 configfs_remove_dirent(dentry);
378 return PTR_ERR(inode);
379 }
380
remove_dir(struct dentry * d)381 static void remove_dir(struct dentry * d)
382 {
383 struct dentry * parent = dget(d->d_parent);
384
385 configfs_remove_dirent(d);
386
387 if (d_really_is_positive(d))
388 simple_rmdir(d_inode(parent),d);
389
390 pr_debug(" o %pd removing done (%d)\n", d, d_count(d));
391
392 dput(parent);
393 }
394
395 /**
396 * configfs_remove_dir - remove an config_item's directory.
397 * @item: config_item we're removing.
398 *
399 * The only thing special about this is that we remove any files in
400 * the directory before we remove the directory, and we've inlined
401 * what used to be configfs_rmdir() below, instead of calling separately.
402 *
403 * Caller holds the mutex of the item's inode
404 */
405
configfs_remove_dir(struct config_item * item)406 static void configfs_remove_dir(struct config_item * item)
407 {
408 struct dentry * dentry = dget(item->ci_dentry);
409
410 if (!dentry)
411 return;
412
413 remove_dir(dentry);
414 /**
415 * Drop reference from dget() on entrance.
416 */
417 dput(dentry);
418 }
419
420
421 /* attaches attribute's configfs_dirent to the dentry corresponding to the
422 * attribute file
423 */
configfs_attach_attr(struct configfs_dirent * sd,struct dentry * dentry)424 static int configfs_attach_attr(struct configfs_dirent * sd, struct dentry * dentry)
425 {
426 struct configfs_attribute * attr = sd->s_element;
427 struct inode *inode;
428
429 spin_lock(&configfs_dirent_lock);
430 dentry->d_fsdata = configfs_get(sd);
431 sd->s_dentry = dentry;
432 spin_unlock(&configfs_dirent_lock);
433
434 inode = configfs_create(dentry, (attr->ca_mode & S_IALLUGO) | S_IFREG);
435 if (IS_ERR(inode)) {
436 configfs_put(sd);
437 return PTR_ERR(inode);
438 }
439 if (sd->s_type & CONFIGFS_ITEM_BIN_ATTR) {
440 inode->i_size = 0;
441 inode->i_fop = &configfs_bin_file_operations;
442 } else {
443 inode->i_size = PAGE_SIZE;
444 inode->i_fop = &configfs_file_operations;
445 }
446 d_add(dentry, inode);
447 return 0;
448 }
449
configfs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)450 static struct dentry * configfs_lookup(struct inode *dir,
451 struct dentry *dentry,
452 unsigned int flags)
453 {
454 struct configfs_dirent * parent_sd = dentry->d_parent->d_fsdata;
455 struct configfs_dirent * sd;
456 int found = 0;
457 int err;
458
459 /*
460 * Fake invisibility if dir belongs to a group/default groups hierarchy
461 * being attached
462 *
463 * This forbids userspace to read/write attributes of items which may
464 * not complete their initialization, since the dentries of the
465 * attributes won't be instantiated.
466 */
467 err = -ENOENT;
468 if (!configfs_dirent_is_ready(parent_sd))
469 goto out;
470
471 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
472 if (sd->s_type & CONFIGFS_NOT_PINNED) {
473 const unsigned char * name = configfs_get_name(sd);
474
475 if (strcmp(name, dentry->d_name.name))
476 continue;
477
478 found = 1;
479 err = configfs_attach_attr(sd, dentry);
480 break;
481 }
482 }
483
484 if (!found) {
485 /*
486 * If it doesn't exist and it isn't a NOT_PINNED item,
487 * it must be negative.
488 */
489 if (dentry->d_name.len > NAME_MAX)
490 return ERR_PTR(-ENAMETOOLONG);
491 d_add(dentry, NULL);
492 return NULL;
493 }
494
495 out:
496 return ERR_PTR(err);
497 }
498
499 /*
500 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
501 * attributes and are removed by rmdir(). We recurse, setting
502 * CONFIGFS_USET_DROPPING on all children that are candidates for
503 * default detach.
504 * If there is an error, the caller will reset the flags via
505 * configfs_detach_rollback().
506 */
configfs_detach_prep(struct dentry * dentry,struct dentry ** wait)507 static int configfs_detach_prep(struct dentry *dentry, struct dentry **wait)
508 {
509 struct configfs_dirent *parent_sd = dentry->d_fsdata;
510 struct configfs_dirent *sd;
511 int ret;
512
513 /* Mark that we're trying to drop the group */
514 parent_sd->s_type |= CONFIGFS_USET_DROPPING;
515
516 ret = -EBUSY;
517 if (parent_sd->s_links)
518 goto out;
519
520 ret = 0;
521 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
522 if (!sd->s_element ||
523 (sd->s_type & CONFIGFS_NOT_PINNED))
524 continue;
525 if (sd->s_type & CONFIGFS_USET_DEFAULT) {
526 /* Abort if racing with mkdir() */
527 if (sd->s_type & CONFIGFS_USET_IN_MKDIR) {
528 if (wait)
529 *wait= dget(sd->s_dentry);
530 return -EAGAIN;
531 }
532
533 /*
534 * Yup, recursive. If there's a problem, blame
535 * deep nesting of default_groups
536 */
537 ret = configfs_detach_prep(sd->s_dentry, wait);
538 if (!ret)
539 continue;
540 } else
541 ret = -ENOTEMPTY;
542
543 break;
544 }
545
546 out:
547 return ret;
548 }
549
550 /*
551 * Walk the tree, resetting CONFIGFS_USET_DROPPING wherever it was
552 * set.
553 */
configfs_detach_rollback(struct dentry * dentry)554 static void configfs_detach_rollback(struct dentry *dentry)
555 {
556 struct configfs_dirent *parent_sd = dentry->d_fsdata;
557 struct configfs_dirent *sd;
558
559 parent_sd->s_type &= ~CONFIGFS_USET_DROPPING;
560
561 list_for_each_entry(sd, &parent_sd->s_children, s_sibling)
562 if (sd->s_type & CONFIGFS_USET_DEFAULT)
563 configfs_detach_rollback(sd->s_dentry);
564 }
565
detach_attrs(struct config_item * item)566 static void detach_attrs(struct config_item * item)
567 {
568 struct dentry * dentry = dget(item->ci_dentry);
569 struct configfs_dirent * parent_sd;
570 struct configfs_dirent * sd, * tmp;
571
572 if (!dentry)
573 return;
574
575 pr_debug("configfs %s: dropping attrs for dir\n",
576 dentry->d_name.name);
577
578 parent_sd = dentry->d_fsdata;
579 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
580 if (!sd->s_element || !(sd->s_type & CONFIGFS_NOT_PINNED))
581 continue;
582 spin_lock(&configfs_dirent_lock);
583 list_del_init(&sd->s_sibling);
584 spin_unlock(&configfs_dirent_lock);
585 configfs_drop_dentry(sd, dentry);
586 configfs_put(sd);
587 }
588
589 /**
590 * Drop reference from dget() on entrance.
591 */
592 dput(dentry);
593 }
594
populate_attrs(struct config_item * item)595 static int populate_attrs(struct config_item *item)
596 {
597 const struct config_item_type *t = item->ci_type;
598 struct configfs_attribute *attr;
599 struct configfs_bin_attribute *bin_attr;
600 int error = 0;
601 int i;
602
603 if (!t)
604 return -EINVAL;
605 if (t->ct_attrs) {
606 for (i = 0; (attr = t->ct_attrs[i]) != NULL; i++) {
607 if ((error = configfs_create_file(item, attr)))
608 break;
609 }
610 }
611 if (t->ct_bin_attrs) {
612 for (i = 0; (bin_attr = t->ct_bin_attrs[i]) != NULL; i++) {
613 error = configfs_create_bin_file(item, bin_attr);
614 if (error)
615 break;
616 }
617 }
618
619 if (error)
620 detach_attrs(item);
621
622 return error;
623 }
624
625 static int configfs_attach_group(struct config_item *parent_item,
626 struct config_item *item,
627 struct dentry *dentry,
628 struct configfs_fragment *frag);
629 static void configfs_detach_group(struct config_item *item);
630
detach_groups(struct config_group * group)631 static void detach_groups(struct config_group *group)
632 {
633 struct dentry * dentry = dget(group->cg_item.ci_dentry);
634 struct dentry *child;
635 struct configfs_dirent *parent_sd;
636 struct configfs_dirent *sd, *tmp;
637
638 if (!dentry)
639 return;
640
641 parent_sd = dentry->d_fsdata;
642 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
643 if (!sd->s_element ||
644 !(sd->s_type & CONFIGFS_USET_DEFAULT))
645 continue;
646
647 child = sd->s_dentry;
648
649 inode_lock(d_inode(child));
650
651 configfs_detach_group(sd->s_element);
652 d_inode(child)->i_flags |= S_DEAD;
653 dont_mount(child);
654
655 inode_unlock(d_inode(child));
656
657 d_delete(child);
658 dput(child);
659 }
660
661 /**
662 * Drop reference from dget() on entrance.
663 */
664 dput(dentry);
665 }
666
667 /*
668 * This fakes mkdir(2) on a default_groups[] entry. It
669 * creates a dentry, attachs it, and then does fixup
670 * on the sd->s_type.
671 *
672 * We could, perhaps, tweak our parent's ->mkdir for a minute and
673 * try using vfs_mkdir. Just a thought.
674 */
create_default_group(struct config_group * parent_group,struct config_group * group,struct configfs_fragment * frag)675 static int create_default_group(struct config_group *parent_group,
676 struct config_group *group,
677 struct configfs_fragment *frag)
678 {
679 int ret;
680 struct configfs_dirent *sd;
681 /* We trust the caller holds a reference to parent */
682 struct dentry *child, *parent = parent_group->cg_item.ci_dentry;
683
684 if (!group->cg_item.ci_name)
685 group->cg_item.ci_name = group->cg_item.ci_namebuf;
686
687 ret = -ENOMEM;
688 child = d_alloc_name(parent, group->cg_item.ci_name);
689 if (child) {
690 d_add(child, NULL);
691
692 ret = configfs_attach_group(&parent_group->cg_item,
693 &group->cg_item, child, frag);
694 if (!ret) {
695 sd = child->d_fsdata;
696 sd->s_type |= CONFIGFS_USET_DEFAULT;
697 } else {
698 BUG_ON(d_inode(child));
699 d_drop(child);
700 dput(child);
701 }
702 }
703
704 return ret;
705 }
706
populate_groups(struct config_group * group,struct configfs_fragment * frag)707 static int populate_groups(struct config_group *group,
708 struct configfs_fragment *frag)
709 {
710 struct config_group *new_group;
711 int ret = 0;
712
713 list_for_each_entry(new_group, &group->default_groups, group_entry) {
714 ret = create_default_group(group, new_group, frag);
715 if (ret) {
716 detach_groups(group);
717 break;
718 }
719 }
720
721 return ret;
722 }
723
configfs_remove_default_groups(struct config_group * group)724 void configfs_remove_default_groups(struct config_group *group)
725 {
726 struct config_group *g, *n;
727
728 list_for_each_entry_safe(g, n, &group->default_groups, group_entry) {
729 list_del(&g->group_entry);
730 config_item_put(&g->cg_item);
731 }
732 }
733 EXPORT_SYMBOL(configfs_remove_default_groups);
734
735 /*
736 * All of link_obj/unlink_obj/link_group/unlink_group require that
737 * subsys->su_mutex is held.
738 */
739
unlink_obj(struct config_item * item)740 static void unlink_obj(struct config_item *item)
741 {
742 struct config_group *group;
743
744 group = item->ci_group;
745 if (group) {
746 list_del_init(&item->ci_entry);
747
748 item->ci_group = NULL;
749 item->ci_parent = NULL;
750
751 /* Drop the reference for ci_entry */
752 config_item_put(item);
753
754 /* Drop the reference for ci_parent */
755 config_group_put(group);
756 }
757 }
758
link_obj(struct config_item * parent_item,struct config_item * item)759 static void link_obj(struct config_item *parent_item, struct config_item *item)
760 {
761 /*
762 * Parent seems redundant with group, but it makes certain
763 * traversals much nicer.
764 */
765 item->ci_parent = parent_item;
766
767 /*
768 * We hold a reference on the parent for the child's ci_parent
769 * link.
770 */
771 item->ci_group = config_group_get(to_config_group(parent_item));
772 list_add_tail(&item->ci_entry, &item->ci_group->cg_children);
773
774 /*
775 * We hold a reference on the child for ci_entry on the parent's
776 * cg_children
777 */
778 config_item_get(item);
779 }
780
unlink_group(struct config_group * group)781 static void unlink_group(struct config_group *group)
782 {
783 struct config_group *new_group;
784
785 list_for_each_entry(new_group, &group->default_groups, group_entry)
786 unlink_group(new_group);
787
788 group->cg_subsys = NULL;
789 unlink_obj(&group->cg_item);
790 }
791
link_group(struct config_group * parent_group,struct config_group * group)792 static void link_group(struct config_group *parent_group, struct config_group *group)
793 {
794 struct config_group *new_group;
795 struct configfs_subsystem *subsys = NULL; /* gcc is a turd */
796
797 link_obj(&parent_group->cg_item, &group->cg_item);
798
799 if (parent_group->cg_subsys)
800 subsys = parent_group->cg_subsys;
801 else if (configfs_is_root(&parent_group->cg_item))
802 subsys = to_configfs_subsystem(group);
803 else
804 BUG();
805 group->cg_subsys = subsys;
806
807 list_for_each_entry(new_group, &group->default_groups, group_entry)
808 link_group(group, new_group);
809 }
810
811 /*
812 * The goal is that configfs_attach_item() (and
813 * configfs_attach_group()) can be called from either the VFS or this
814 * module. That is, they assume that the items have been created,
815 * the dentry allocated, and the dcache is all ready to go.
816 *
817 * If they fail, they must clean up after themselves as if they
818 * had never been called. The caller (VFS or local function) will
819 * handle cleaning up the dcache bits.
820 *
821 * configfs_detach_group() and configfs_detach_item() behave similarly on
822 * the way out. They assume that the proper semaphores are held, they
823 * clean up the configfs items, and they expect their callers will
824 * handle the dcache bits.
825 */
configfs_attach_item(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)826 static int configfs_attach_item(struct config_item *parent_item,
827 struct config_item *item,
828 struct dentry *dentry,
829 struct configfs_fragment *frag)
830 {
831 int ret;
832
833 ret = configfs_create_dir(item, dentry, frag);
834 if (!ret) {
835 ret = populate_attrs(item);
836 if (ret) {
837 /*
838 * We are going to remove an inode and its dentry but
839 * the VFS may already have hit and used them. Thus,
840 * we must lock them as rmdir() would.
841 */
842 inode_lock(d_inode(dentry));
843 configfs_remove_dir(item);
844 d_inode(dentry)->i_flags |= S_DEAD;
845 dont_mount(dentry);
846 inode_unlock(d_inode(dentry));
847 d_delete(dentry);
848 }
849 }
850
851 return ret;
852 }
853
854 /* Caller holds the mutex of the item's inode */
configfs_detach_item(struct config_item * item)855 static void configfs_detach_item(struct config_item *item)
856 {
857 detach_attrs(item);
858 configfs_remove_dir(item);
859 }
860
configfs_attach_group(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)861 static int configfs_attach_group(struct config_item *parent_item,
862 struct config_item *item,
863 struct dentry *dentry,
864 struct configfs_fragment *frag)
865 {
866 int ret;
867 struct configfs_dirent *sd;
868
869 ret = configfs_attach_item(parent_item, item, dentry, frag);
870 if (!ret) {
871 sd = dentry->d_fsdata;
872 sd->s_type |= CONFIGFS_USET_DIR;
873
874 /*
875 * FYI, we're faking mkdir in populate_groups()
876 * We must lock the group's inode to avoid races with the VFS
877 * which can already hit the inode and try to add/remove entries
878 * under it.
879 *
880 * We must also lock the inode to remove it safely in case of
881 * error, as rmdir() would.
882 */
883 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
884 configfs_adjust_dir_dirent_depth_before_populate(sd);
885 ret = populate_groups(to_config_group(item), frag);
886 if (ret) {
887 configfs_detach_item(item);
888 d_inode(dentry)->i_flags |= S_DEAD;
889 dont_mount(dentry);
890 }
891 configfs_adjust_dir_dirent_depth_after_populate(sd);
892 inode_unlock(d_inode(dentry));
893 if (ret)
894 d_delete(dentry);
895 }
896
897 return ret;
898 }
899
900 /* Caller holds the mutex of the group's inode */
configfs_detach_group(struct config_item * item)901 static void configfs_detach_group(struct config_item *item)
902 {
903 detach_groups(to_config_group(item));
904 configfs_detach_item(item);
905 }
906
907 /*
908 * After the item has been detached from the filesystem view, we are
909 * ready to tear it out of the hierarchy. Notify the client before
910 * we do that so they can perform any cleanup that requires
911 * navigating the hierarchy. A client does not need to provide this
912 * callback. The subsystem semaphore MUST be held by the caller, and
913 * references must be valid for both items. It also assumes the
914 * caller has validated ci_type.
915 */
client_disconnect_notify(struct config_item * parent_item,struct config_item * item)916 static void client_disconnect_notify(struct config_item *parent_item,
917 struct config_item *item)
918 {
919 const struct config_item_type *type;
920
921 type = parent_item->ci_type;
922 BUG_ON(!type);
923
924 if (type->ct_group_ops && type->ct_group_ops->disconnect_notify)
925 type->ct_group_ops->disconnect_notify(to_config_group(parent_item),
926 item);
927 }
928
929 /*
930 * Drop the initial reference from make_item()/make_group()
931 * This function assumes that reference is held on item
932 * and that item holds a valid reference to the parent. Also, it
933 * assumes the caller has validated ci_type.
934 */
client_drop_item(struct config_item * parent_item,struct config_item * item)935 static void client_drop_item(struct config_item *parent_item,
936 struct config_item *item)
937 {
938 const struct config_item_type *type;
939
940 type = parent_item->ci_type;
941 BUG_ON(!type);
942
943 /*
944 * If ->drop_item() exists, it is responsible for the
945 * config_item_put().
946 */
947 if (type->ct_group_ops && type->ct_group_ops->drop_item)
948 type->ct_group_ops->drop_item(to_config_group(parent_item),
949 item);
950 else
951 config_item_put(item);
952 }
953
954 #ifdef DEBUG
configfs_dump_one(struct configfs_dirent * sd,int level)955 static void configfs_dump_one(struct configfs_dirent *sd, int level)
956 {
957 pr_info("%*s\"%s\":\n", level, " ", configfs_get_name(sd));
958
959 #define type_print(_type) if (sd->s_type & _type) pr_info("%*s %s\n", level, " ", #_type);
960 type_print(CONFIGFS_ROOT);
961 type_print(CONFIGFS_DIR);
962 type_print(CONFIGFS_ITEM_ATTR);
963 type_print(CONFIGFS_ITEM_LINK);
964 type_print(CONFIGFS_USET_DIR);
965 type_print(CONFIGFS_USET_DEFAULT);
966 type_print(CONFIGFS_USET_DROPPING);
967 #undef type_print
968 }
969
configfs_dump(struct configfs_dirent * sd,int level)970 static int configfs_dump(struct configfs_dirent *sd, int level)
971 {
972 struct configfs_dirent *child_sd;
973 int ret = 0;
974
975 configfs_dump_one(sd, level);
976
977 if (!(sd->s_type & (CONFIGFS_DIR|CONFIGFS_ROOT)))
978 return 0;
979
980 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
981 ret = configfs_dump(child_sd, level + 2);
982 if (ret)
983 break;
984 }
985
986 return ret;
987 }
988 #endif
989
990
991 /*
992 * configfs_depend_item() and configfs_undepend_item()
993 *
994 * WARNING: Do not call these from a configfs callback!
995 *
996 * This describes these functions and their helpers.
997 *
998 * Allow another kernel system to depend on a config_item. If this
999 * happens, the item cannot go away until the dependent can live without
1000 * it. The idea is to give client modules as simple an interface as
1001 * possible. When a system asks them to depend on an item, they just
1002 * call configfs_depend_item(). If the item is live and the client
1003 * driver is in good shape, we'll happily do the work for them.
1004 *
1005 * Why is the locking complex? Because configfs uses the VFS to handle
1006 * all locking, but this function is called outside the normal
1007 * VFS->configfs path. So it must take VFS locks to prevent the
1008 * VFS->configfs stuff (configfs_mkdir(), configfs_rmdir(), etc). This is
1009 * why you can't call these functions underneath configfs callbacks.
1010 *
1011 * Note, btw, that this can be called at *any* time, even when a configfs
1012 * subsystem isn't registered, or when configfs is loading or unloading.
1013 * Just like configfs_register_subsystem(). So we take the same
1014 * precautions. We pin the filesystem. We lock configfs_dirent_lock.
1015 * If we can find the target item in the
1016 * configfs tree, it must be part of the subsystem tree as well, so we
1017 * do not need the subsystem semaphore. Holding configfs_dirent_lock helps
1018 * locking out mkdir() and rmdir(), who might be racing us.
1019 */
1020
1021 /*
1022 * configfs_depend_prep()
1023 *
1024 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
1025 * attributes. This is similar but not the same to configfs_detach_prep().
1026 * Note that configfs_detach_prep() expects the parent to be locked when it
1027 * is called, but we lock the parent *inside* configfs_depend_prep(). We
1028 * do that so we can unlock it if we find nothing.
1029 *
1030 * Here we do a depth-first search of the dentry hierarchy looking for
1031 * our object.
1032 * We deliberately ignore items tagged as dropping since they are virtually
1033 * dead, as well as items in the middle of attachment since they virtually
1034 * do not exist yet. This completes the locking out of racing mkdir() and
1035 * rmdir().
1036 * Note: subdirectories in the middle of attachment start with s_type =
1037 * CONFIGFS_DIR|CONFIGFS_USET_CREATING set by create_dir(). When
1038 * CONFIGFS_USET_CREATING is set, we ignore the item. The actual set of
1039 * s_type is in configfs_new_dirent(), which has configfs_dirent_lock.
1040 *
1041 * If the target is not found, -ENOENT is bubbled up.
1042 *
1043 * This adds a requirement that all config_items be unique!
1044 *
1045 * This is recursive. There isn't
1046 * much on the stack, though, so folks that need this function - be careful
1047 * about your stack! Patches will be accepted to make it iterative.
1048 */
configfs_depend_prep(struct dentry * origin,struct config_item * target)1049 static int configfs_depend_prep(struct dentry *origin,
1050 struct config_item *target)
1051 {
1052 struct configfs_dirent *child_sd, *sd;
1053 int ret = 0;
1054
1055 BUG_ON(!origin || !origin->d_fsdata);
1056 sd = origin->d_fsdata;
1057
1058 if (sd->s_element == target) /* Boo-yah */
1059 goto out;
1060
1061 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
1062 if ((child_sd->s_type & CONFIGFS_DIR) &&
1063 !(child_sd->s_type & CONFIGFS_USET_DROPPING) &&
1064 !(child_sd->s_type & CONFIGFS_USET_CREATING)) {
1065 ret = configfs_depend_prep(child_sd->s_dentry,
1066 target);
1067 if (!ret)
1068 goto out; /* Child path boo-yah */
1069 }
1070 }
1071
1072 /* We looped all our children and didn't find target */
1073 ret = -ENOENT;
1074
1075 out:
1076 return ret;
1077 }
1078
configfs_do_depend_item(struct dentry * subsys_dentry,struct config_item * target)1079 static int configfs_do_depend_item(struct dentry *subsys_dentry,
1080 struct config_item *target)
1081 {
1082 struct configfs_dirent *p;
1083 int ret;
1084
1085 spin_lock(&configfs_dirent_lock);
1086 /* Scan the tree, return 0 if found */
1087 ret = configfs_depend_prep(subsys_dentry, target);
1088 if (ret)
1089 goto out_unlock_dirent_lock;
1090
1091 /*
1092 * We are sure that the item is not about to be removed by rmdir(), and
1093 * not in the middle of attachment by mkdir().
1094 */
1095 p = target->ci_dentry->d_fsdata;
1096 p->s_dependent_count += 1;
1097
1098 out_unlock_dirent_lock:
1099 spin_unlock(&configfs_dirent_lock);
1100
1101 return ret;
1102 }
1103
1104 static inline struct configfs_dirent *
configfs_find_subsys_dentry(struct configfs_dirent * root_sd,struct config_item * subsys_item)1105 configfs_find_subsys_dentry(struct configfs_dirent *root_sd,
1106 struct config_item *subsys_item)
1107 {
1108 struct configfs_dirent *p;
1109 struct configfs_dirent *ret = NULL;
1110
1111 list_for_each_entry(p, &root_sd->s_children, s_sibling) {
1112 if (p->s_type & CONFIGFS_DIR &&
1113 p->s_element == subsys_item) {
1114 ret = p;
1115 break;
1116 }
1117 }
1118
1119 return ret;
1120 }
1121
1122
configfs_depend_item(struct configfs_subsystem * subsys,struct config_item * target)1123 int configfs_depend_item(struct configfs_subsystem *subsys,
1124 struct config_item *target)
1125 {
1126 int ret;
1127 struct configfs_dirent *subsys_sd;
1128 struct config_item *s_item = &subsys->su_group.cg_item;
1129 struct dentry *root;
1130
1131 /*
1132 * Pin the configfs filesystem. This means we can safely access
1133 * the root of the configfs filesystem.
1134 */
1135 root = configfs_pin_fs();
1136 if (IS_ERR(root))
1137 return PTR_ERR(root);
1138
1139 /*
1140 * Next, lock the root directory. We're going to check that the
1141 * subsystem is really registered, and so we need to lock out
1142 * configfs_[un]register_subsystem().
1143 */
1144 inode_lock(d_inode(root));
1145
1146 subsys_sd = configfs_find_subsys_dentry(root->d_fsdata, s_item);
1147 if (!subsys_sd) {
1148 ret = -ENOENT;
1149 goto out_unlock_fs;
1150 }
1151
1152 /* Ok, now we can trust subsys/s_item */
1153 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1154
1155 out_unlock_fs:
1156 inode_unlock(d_inode(root));
1157
1158 /*
1159 * If we succeeded, the fs is pinned via other methods. If not,
1160 * we're done with it anyway. So release_fs() is always right.
1161 */
1162 configfs_release_fs();
1163
1164 return ret;
1165 }
1166 EXPORT_SYMBOL(configfs_depend_item);
1167
1168 /*
1169 * Release the dependent linkage. This is much simpler than
1170 * configfs_depend_item() because we know that the client driver is
1171 * pinned, thus the subsystem is pinned, and therefore configfs is pinned.
1172 */
configfs_undepend_item(struct config_item * target)1173 void configfs_undepend_item(struct config_item *target)
1174 {
1175 struct configfs_dirent *sd;
1176
1177 /*
1178 * Since we can trust everything is pinned, we just need
1179 * configfs_dirent_lock.
1180 */
1181 spin_lock(&configfs_dirent_lock);
1182
1183 sd = target->ci_dentry->d_fsdata;
1184 BUG_ON(sd->s_dependent_count < 1);
1185
1186 sd->s_dependent_count -= 1;
1187
1188 /*
1189 * After this unlock, we cannot trust the item to stay alive!
1190 * DO NOT REFERENCE item after this unlock.
1191 */
1192 spin_unlock(&configfs_dirent_lock);
1193 }
1194 EXPORT_SYMBOL(configfs_undepend_item);
1195
1196 /*
1197 * caller_subsys is a caller's subsystem not target's. This is used to
1198 * determine if we should lock root and check subsys or not. When we are
1199 * in the same subsystem as our target there is no need to do locking as
1200 * we know that subsys is valid and is not unregistered during this function
1201 * as we are called from callback of one of his children and VFS holds a lock
1202 * on some inode. Otherwise we have to lock our root to ensure that target's
1203 * subsystem it is not unregistered during this function.
1204 */
configfs_depend_item_unlocked(struct configfs_subsystem * caller_subsys,struct config_item * target)1205 int configfs_depend_item_unlocked(struct configfs_subsystem *caller_subsys,
1206 struct config_item *target)
1207 {
1208 struct configfs_subsystem *target_subsys;
1209 struct config_group *root, *parent;
1210 struct configfs_dirent *subsys_sd;
1211 int ret = -ENOENT;
1212
1213 /* Disallow this function for configfs root */
1214 if (configfs_is_root(target))
1215 return -EINVAL;
1216
1217 parent = target->ci_group;
1218 /*
1219 * This may happen when someone is trying to depend root
1220 * directory of some subsystem
1221 */
1222 if (configfs_is_root(&parent->cg_item)) {
1223 target_subsys = to_configfs_subsystem(to_config_group(target));
1224 root = parent;
1225 } else {
1226 target_subsys = parent->cg_subsys;
1227 /* Find a cofnigfs root as we may need it for locking */
1228 for (root = parent; !configfs_is_root(&root->cg_item);
1229 root = root->cg_item.ci_group)
1230 ;
1231 }
1232
1233 if (target_subsys != caller_subsys) {
1234 /*
1235 * We are in other configfs subsystem, so we have to do
1236 * additional locking to prevent other subsystem from being
1237 * unregistered
1238 */
1239 inode_lock(d_inode(root->cg_item.ci_dentry));
1240
1241 /*
1242 * As we are trying to depend item from other subsystem
1243 * we have to check if this subsystem is still registered
1244 */
1245 subsys_sd = configfs_find_subsys_dentry(
1246 root->cg_item.ci_dentry->d_fsdata,
1247 &target_subsys->su_group.cg_item);
1248 if (!subsys_sd)
1249 goto out_root_unlock;
1250 } else {
1251 subsys_sd = target_subsys->su_group.cg_item.ci_dentry->d_fsdata;
1252 }
1253
1254 /* Now we can execute core of depend item */
1255 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1256
1257 if (target_subsys != caller_subsys)
1258 out_root_unlock:
1259 /*
1260 * We were called from subsystem other than our target so we
1261 * took some locks so now it's time to release them
1262 */
1263 inode_unlock(d_inode(root->cg_item.ci_dentry));
1264
1265 return ret;
1266 }
1267 EXPORT_SYMBOL(configfs_depend_item_unlocked);
1268
configfs_mkdir(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * dentry,umode_t mode)1269 static int configfs_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
1270 struct dentry *dentry, umode_t mode)
1271 {
1272 int ret = 0;
1273 int module_got = 0;
1274 struct config_group *group = NULL;
1275 struct config_item *item = NULL;
1276 struct config_item *parent_item;
1277 struct configfs_subsystem *subsys;
1278 struct configfs_dirent *sd;
1279 const struct config_item_type *type;
1280 struct module *subsys_owner = NULL, *new_item_owner = NULL;
1281 struct configfs_fragment *frag;
1282 char *name;
1283
1284 sd = dentry->d_parent->d_fsdata;
1285
1286 /*
1287 * Fake invisibility if dir belongs to a group/default groups hierarchy
1288 * being attached
1289 */
1290 if (!configfs_dirent_is_ready(sd)) {
1291 ret = -ENOENT;
1292 goto out;
1293 }
1294
1295 if (!(sd->s_type & CONFIGFS_USET_DIR)) {
1296 ret = -EPERM;
1297 goto out;
1298 }
1299
1300 frag = new_fragment();
1301 if (!frag) {
1302 ret = -ENOMEM;
1303 goto out;
1304 }
1305
1306 /* Get a working ref for the duration of this function */
1307 parent_item = configfs_get_config_item(dentry->d_parent);
1308 type = parent_item->ci_type;
1309 subsys = to_config_group(parent_item)->cg_subsys;
1310 BUG_ON(!subsys);
1311
1312 if (!type || !type->ct_group_ops ||
1313 (!type->ct_group_ops->make_group &&
1314 !type->ct_group_ops->make_item)) {
1315 ret = -EPERM; /* Lack-of-mkdir returns -EPERM */
1316 goto out_put;
1317 }
1318
1319 /*
1320 * The subsystem may belong to a different module than the item
1321 * being created. We don't want to safely pin the new item but
1322 * fail to pin the subsystem it sits under.
1323 */
1324 if (!subsys->su_group.cg_item.ci_type) {
1325 ret = -EINVAL;
1326 goto out_put;
1327 }
1328 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1329 if (!try_module_get(subsys_owner)) {
1330 ret = -EINVAL;
1331 goto out_put;
1332 }
1333
1334 name = kmalloc(dentry->d_name.len + 1, GFP_KERNEL);
1335 if (!name) {
1336 ret = -ENOMEM;
1337 goto out_subsys_put;
1338 }
1339
1340 snprintf(name, dentry->d_name.len + 1, "%s", dentry->d_name.name);
1341
1342 mutex_lock(&subsys->su_mutex);
1343 if (type->ct_group_ops->make_group) {
1344 group = type->ct_group_ops->make_group(to_config_group(parent_item), name);
1345 if (!group)
1346 group = ERR_PTR(-ENOMEM);
1347 if (!IS_ERR(group)) {
1348 link_group(to_config_group(parent_item), group);
1349 item = &group->cg_item;
1350 } else
1351 ret = PTR_ERR(group);
1352 } else {
1353 item = type->ct_group_ops->make_item(to_config_group(parent_item), name);
1354 if (!item)
1355 item = ERR_PTR(-ENOMEM);
1356 if (!IS_ERR(item))
1357 link_obj(parent_item, item);
1358 else
1359 ret = PTR_ERR(item);
1360 }
1361 mutex_unlock(&subsys->su_mutex);
1362
1363 kfree(name);
1364 if (ret) {
1365 /*
1366 * If ret != 0, then link_obj() was never called.
1367 * There are no extra references to clean up.
1368 */
1369 goto out_subsys_put;
1370 }
1371
1372 /*
1373 * link_obj() has been called (via link_group() for groups).
1374 * From here on out, errors must clean that up.
1375 */
1376
1377 type = item->ci_type;
1378 if (!type) {
1379 ret = -EINVAL;
1380 goto out_unlink;
1381 }
1382
1383 new_item_owner = type->ct_owner;
1384 if (!try_module_get(new_item_owner)) {
1385 ret = -EINVAL;
1386 goto out_unlink;
1387 }
1388
1389 /*
1390 * I hate doing it this way, but if there is
1391 * an error, module_put() probably should
1392 * happen after any cleanup.
1393 */
1394 module_got = 1;
1395
1396 /*
1397 * Make racing rmdir() fail if it did not tag parent with
1398 * CONFIGFS_USET_DROPPING
1399 * Note: if CONFIGFS_USET_DROPPING is already set, attach_group() will
1400 * fail and let rmdir() terminate correctly
1401 */
1402 spin_lock(&configfs_dirent_lock);
1403 /* This will make configfs_detach_prep() fail */
1404 sd->s_type |= CONFIGFS_USET_IN_MKDIR;
1405 spin_unlock(&configfs_dirent_lock);
1406
1407 if (group)
1408 ret = configfs_attach_group(parent_item, item, dentry, frag);
1409 else
1410 ret = configfs_attach_item(parent_item, item, dentry, frag);
1411
1412 spin_lock(&configfs_dirent_lock);
1413 sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
1414 if (!ret)
1415 configfs_dir_set_ready(dentry->d_fsdata);
1416 spin_unlock(&configfs_dirent_lock);
1417
1418 out_unlink:
1419 if (ret) {
1420 /* Tear down everything we built up */
1421 mutex_lock(&subsys->su_mutex);
1422
1423 client_disconnect_notify(parent_item, item);
1424 if (group)
1425 unlink_group(group);
1426 else
1427 unlink_obj(item);
1428 client_drop_item(parent_item, item);
1429
1430 mutex_unlock(&subsys->su_mutex);
1431
1432 if (module_got)
1433 module_put(new_item_owner);
1434 }
1435
1436 out_subsys_put:
1437 if (ret)
1438 module_put(subsys_owner);
1439
1440 out_put:
1441 /*
1442 * link_obj()/link_group() took a reference from child->parent,
1443 * so the parent is safely pinned. We can drop our working
1444 * reference.
1445 */
1446 config_item_put(parent_item);
1447 put_fragment(frag);
1448
1449 out:
1450 return ret;
1451 }
1452
configfs_rmdir(struct inode * dir,struct dentry * dentry)1453 static int configfs_rmdir(struct inode *dir, struct dentry *dentry)
1454 {
1455 struct config_item *parent_item;
1456 struct config_item *item;
1457 struct configfs_subsystem *subsys;
1458 struct configfs_dirent *sd;
1459 struct configfs_fragment *frag;
1460 struct module *subsys_owner = NULL, *dead_item_owner = NULL;
1461 int ret;
1462
1463 sd = dentry->d_fsdata;
1464 if (sd->s_type & CONFIGFS_USET_DEFAULT)
1465 return -EPERM;
1466
1467 /* Get a working ref until we have the child */
1468 parent_item = configfs_get_config_item(dentry->d_parent);
1469 subsys = to_config_group(parent_item)->cg_subsys;
1470 BUG_ON(!subsys);
1471
1472 if (!parent_item->ci_type) {
1473 config_item_put(parent_item);
1474 return -EINVAL;
1475 }
1476
1477 /* configfs_mkdir() shouldn't have allowed this */
1478 BUG_ON(!subsys->su_group.cg_item.ci_type);
1479 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1480
1481 /*
1482 * Ensure that no racing symlink() will make detach_prep() fail while
1483 * the new link is temporarily attached
1484 */
1485 do {
1486 struct dentry *wait;
1487
1488 mutex_lock(&configfs_symlink_mutex);
1489 spin_lock(&configfs_dirent_lock);
1490 /*
1491 * Here's where we check for dependents. We're protected by
1492 * configfs_dirent_lock.
1493 * If no dependent, atomically tag the item as dropping.
1494 */
1495 ret = sd->s_dependent_count ? -EBUSY : 0;
1496 if (!ret) {
1497 ret = configfs_detach_prep(dentry, &wait);
1498 if (ret)
1499 configfs_detach_rollback(dentry);
1500 }
1501 spin_unlock(&configfs_dirent_lock);
1502 mutex_unlock(&configfs_symlink_mutex);
1503
1504 if (ret) {
1505 if (ret != -EAGAIN) {
1506 config_item_put(parent_item);
1507 return ret;
1508 }
1509
1510 /* Wait until the racing operation terminates */
1511 inode_lock(d_inode(wait));
1512 inode_unlock(d_inode(wait));
1513 dput(wait);
1514 }
1515 } while (ret == -EAGAIN);
1516
1517 frag = sd->s_frag;
1518 if (down_write_killable(&frag->frag_sem)) {
1519 spin_lock(&configfs_dirent_lock);
1520 configfs_detach_rollback(dentry);
1521 spin_unlock(&configfs_dirent_lock);
1522 config_item_put(parent_item);
1523 return -EINTR;
1524 }
1525 frag->frag_dead = true;
1526 up_write(&frag->frag_sem);
1527
1528 /* Get a working ref for the duration of this function */
1529 item = configfs_get_config_item(dentry);
1530
1531 /* Drop reference from above, item already holds one. */
1532 config_item_put(parent_item);
1533
1534 if (item->ci_type)
1535 dead_item_owner = item->ci_type->ct_owner;
1536
1537 if (sd->s_type & CONFIGFS_USET_DIR) {
1538 configfs_detach_group(item);
1539
1540 mutex_lock(&subsys->su_mutex);
1541 client_disconnect_notify(parent_item, item);
1542 unlink_group(to_config_group(item));
1543 } else {
1544 configfs_detach_item(item);
1545
1546 mutex_lock(&subsys->su_mutex);
1547 client_disconnect_notify(parent_item, item);
1548 unlink_obj(item);
1549 }
1550
1551 client_drop_item(parent_item, item);
1552 mutex_unlock(&subsys->su_mutex);
1553
1554 /* Drop our reference from above */
1555 config_item_put(item);
1556
1557 module_put(dead_item_owner);
1558 module_put(subsys_owner);
1559
1560 return 0;
1561 }
1562
1563 const struct inode_operations configfs_dir_inode_operations = {
1564 .mkdir = configfs_mkdir,
1565 .rmdir = configfs_rmdir,
1566 .symlink = configfs_symlink,
1567 .unlink = configfs_unlink,
1568 .lookup = configfs_lookup,
1569 .setattr = configfs_setattr,
1570 };
1571
1572 const struct inode_operations configfs_root_inode_operations = {
1573 .lookup = configfs_lookup,
1574 .setattr = configfs_setattr,
1575 };
1576
configfs_dir_open(struct inode * inode,struct file * file)1577 static int configfs_dir_open(struct inode *inode, struct file *file)
1578 {
1579 struct dentry * dentry = file->f_path.dentry;
1580 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1581 int err;
1582
1583 inode_lock(d_inode(dentry));
1584 /*
1585 * Fake invisibility if dir belongs to a group/default groups hierarchy
1586 * being attached
1587 */
1588 err = -ENOENT;
1589 if (configfs_dirent_is_ready(parent_sd)) {
1590 file->private_data = configfs_new_dirent(parent_sd, NULL, 0, NULL);
1591 if (IS_ERR(file->private_data))
1592 err = PTR_ERR(file->private_data);
1593 else
1594 err = 0;
1595 }
1596 inode_unlock(d_inode(dentry));
1597
1598 return err;
1599 }
1600
configfs_dir_close(struct inode * inode,struct file * file)1601 static int configfs_dir_close(struct inode *inode, struct file *file)
1602 {
1603 struct dentry * dentry = file->f_path.dentry;
1604 struct configfs_dirent * cursor = file->private_data;
1605
1606 inode_lock(d_inode(dentry));
1607 spin_lock(&configfs_dirent_lock);
1608 list_del_init(&cursor->s_sibling);
1609 spin_unlock(&configfs_dirent_lock);
1610 inode_unlock(d_inode(dentry));
1611
1612 release_configfs_dirent(cursor);
1613
1614 return 0;
1615 }
1616
1617 /* Relationship between s_mode and the DT_xxx types */
dt_type(struct configfs_dirent * sd)1618 static inline unsigned char dt_type(struct configfs_dirent *sd)
1619 {
1620 return (sd->s_mode >> 12) & 15;
1621 }
1622
configfs_readdir(struct file * file,struct dir_context * ctx)1623 static int configfs_readdir(struct file *file, struct dir_context *ctx)
1624 {
1625 struct dentry *dentry = file->f_path.dentry;
1626 struct super_block *sb = dentry->d_sb;
1627 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1628 struct configfs_dirent *cursor = file->private_data;
1629 struct list_head *p, *q = &cursor->s_sibling;
1630 ino_t ino = 0;
1631
1632 if (!dir_emit_dots(file, ctx))
1633 return 0;
1634 spin_lock(&configfs_dirent_lock);
1635 if (ctx->pos == 2)
1636 list_move(q, &parent_sd->s_children);
1637 for (p = q->next; p != &parent_sd->s_children; p = p->next) {
1638 struct configfs_dirent *next;
1639 const char *name;
1640 int len;
1641 struct inode *inode = NULL;
1642
1643 next = list_entry(p, struct configfs_dirent, s_sibling);
1644 if (!next->s_element)
1645 continue;
1646
1647 /*
1648 * We'll have a dentry and an inode for
1649 * PINNED items and for open attribute
1650 * files. We lock here to prevent a race
1651 * with configfs_d_iput() clearing
1652 * s_dentry before calling iput().
1653 *
1654 * Why do we go to the trouble? If
1655 * someone has an attribute file open,
1656 * the inode number should match until
1657 * they close it. Beyond that, we don't
1658 * care.
1659 */
1660 dentry = next->s_dentry;
1661 if (dentry)
1662 inode = d_inode(dentry);
1663 if (inode)
1664 ino = inode->i_ino;
1665 spin_unlock(&configfs_dirent_lock);
1666 if (!inode)
1667 ino = iunique(sb, 2);
1668
1669 name = configfs_get_name(next);
1670 len = strlen(name);
1671
1672 if (!dir_emit(ctx, name, len, ino, dt_type(next)))
1673 return 0;
1674
1675 spin_lock(&configfs_dirent_lock);
1676 list_move(q, p);
1677 p = q;
1678 ctx->pos++;
1679 }
1680 spin_unlock(&configfs_dirent_lock);
1681 return 0;
1682 }
1683
configfs_dir_lseek(struct file * file,loff_t offset,int whence)1684 static loff_t configfs_dir_lseek(struct file *file, loff_t offset, int whence)
1685 {
1686 struct dentry * dentry = file->f_path.dentry;
1687
1688 switch (whence) {
1689 case 1:
1690 offset += file->f_pos;
1691 fallthrough;
1692 case 0:
1693 if (offset >= 0)
1694 break;
1695 fallthrough;
1696 default:
1697 return -EINVAL;
1698 }
1699 if (offset != file->f_pos) {
1700 file->f_pos = offset;
1701 if (file->f_pos >= 2) {
1702 struct configfs_dirent *sd = dentry->d_fsdata;
1703 struct configfs_dirent *cursor = file->private_data;
1704 struct list_head *p;
1705 loff_t n = file->f_pos - 2;
1706
1707 spin_lock(&configfs_dirent_lock);
1708 list_del(&cursor->s_sibling);
1709 p = sd->s_children.next;
1710 while (n && p != &sd->s_children) {
1711 struct configfs_dirent *next;
1712 next = list_entry(p, struct configfs_dirent,
1713 s_sibling);
1714 if (next->s_element)
1715 n--;
1716 p = p->next;
1717 }
1718 list_add_tail(&cursor->s_sibling, p);
1719 spin_unlock(&configfs_dirent_lock);
1720 }
1721 }
1722 return offset;
1723 }
1724
1725 const struct file_operations configfs_dir_operations = {
1726 .open = configfs_dir_open,
1727 .release = configfs_dir_close,
1728 .llseek = configfs_dir_lseek,
1729 .read = generic_read_dir,
1730 .iterate_shared = configfs_readdir,
1731 };
1732
1733 /**
1734 * configfs_register_group - creates a parent-child relation between two groups
1735 * @parent_group: parent group
1736 * @group: child group
1737 *
1738 * link groups, creates dentry for the child and attaches it to the
1739 * parent dentry.
1740 *
1741 * Return: 0 on success, negative errno code on error
1742 */
configfs_register_group(struct config_group * parent_group,struct config_group * group)1743 int configfs_register_group(struct config_group *parent_group,
1744 struct config_group *group)
1745 {
1746 struct configfs_subsystem *subsys = parent_group->cg_subsys;
1747 struct dentry *parent;
1748 struct configfs_fragment *frag;
1749 int ret;
1750
1751 frag = new_fragment();
1752 if (!frag)
1753 return -ENOMEM;
1754
1755 mutex_lock(&subsys->su_mutex);
1756 link_group(parent_group, group);
1757 mutex_unlock(&subsys->su_mutex);
1758
1759 parent = parent_group->cg_item.ci_dentry;
1760
1761 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1762 ret = create_default_group(parent_group, group, frag);
1763 if (ret)
1764 goto err_out;
1765
1766 spin_lock(&configfs_dirent_lock);
1767 configfs_dir_set_ready(group->cg_item.ci_dentry->d_fsdata);
1768 spin_unlock(&configfs_dirent_lock);
1769 inode_unlock(d_inode(parent));
1770 put_fragment(frag);
1771 return 0;
1772 err_out:
1773 inode_unlock(d_inode(parent));
1774 mutex_lock(&subsys->su_mutex);
1775 unlink_group(group);
1776 mutex_unlock(&subsys->su_mutex);
1777 put_fragment(frag);
1778 return ret;
1779 }
1780 EXPORT_SYMBOL(configfs_register_group);
1781
1782 /**
1783 * configfs_unregister_group() - unregisters a child group from its parent
1784 * @group: parent group to be unregistered
1785 *
1786 * Undoes configfs_register_group()
1787 */
configfs_unregister_group(struct config_group * group)1788 void configfs_unregister_group(struct config_group *group)
1789 {
1790 struct configfs_subsystem *subsys = group->cg_subsys;
1791 struct dentry *dentry = group->cg_item.ci_dentry;
1792 struct dentry *parent = group->cg_item.ci_parent->ci_dentry;
1793 struct configfs_dirent *sd = dentry->d_fsdata;
1794 struct configfs_fragment *frag = sd->s_frag;
1795
1796 down_write(&frag->frag_sem);
1797 frag->frag_dead = true;
1798 up_write(&frag->frag_sem);
1799
1800 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1801 spin_lock(&configfs_dirent_lock);
1802 configfs_detach_prep(dentry, NULL);
1803 spin_unlock(&configfs_dirent_lock);
1804
1805 configfs_detach_group(&group->cg_item);
1806 d_inode(dentry)->i_flags |= S_DEAD;
1807 dont_mount(dentry);
1808 fsnotify_rmdir(d_inode(parent), dentry);
1809 d_delete(dentry);
1810 inode_unlock(d_inode(parent));
1811
1812 dput(dentry);
1813
1814 mutex_lock(&subsys->su_mutex);
1815 unlink_group(group);
1816 mutex_unlock(&subsys->su_mutex);
1817 }
1818 EXPORT_SYMBOL(configfs_unregister_group);
1819
1820 /**
1821 * configfs_register_default_group() - allocates and registers a child group
1822 * @parent_group: parent group
1823 * @name: child group name
1824 * @item_type: child item type description
1825 *
1826 * boilerplate to allocate and register a child group with its parent. We need
1827 * kzalloc'ed memory because child's default_group is initially empty.
1828 *
1829 * Return: allocated config group or ERR_PTR() on error
1830 */
1831 struct config_group *
configfs_register_default_group(struct config_group * parent_group,const char * name,const struct config_item_type * item_type)1832 configfs_register_default_group(struct config_group *parent_group,
1833 const char *name,
1834 const struct config_item_type *item_type)
1835 {
1836 int ret;
1837 struct config_group *group;
1838
1839 group = kzalloc(sizeof(*group), GFP_KERNEL);
1840 if (!group)
1841 return ERR_PTR(-ENOMEM);
1842 config_group_init_type_name(group, name, item_type);
1843
1844 ret = configfs_register_group(parent_group, group);
1845 if (ret) {
1846 kfree(group);
1847 return ERR_PTR(ret);
1848 }
1849 return group;
1850 }
1851 EXPORT_SYMBOL(configfs_register_default_group);
1852
1853 /**
1854 * configfs_unregister_default_group() - unregisters and frees a child group
1855 * @group: the group to act on
1856 */
configfs_unregister_default_group(struct config_group * group)1857 void configfs_unregister_default_group(struct config_group *group)
1858 {
1859 configfs_unregister_group(group);
1860 kfree(group);
1861 }
1862 EXPORT_SYMBOL(configfs_unregister_default_group);
1863
configfs_register_subsystem(struct configfs_subsystem * subsys)1864 int configfs_register_subsystem(struct configfs_subsystem *subsys)
1865 {
1866 int err;
1867 struct config_group *group = &subsys->su_group;
1868 struct dentry *dentry;
1869 struct dentry *root;
1870 struct configfs_dirent *sd;
1871 struct configfs_fragment *frag;
1872
1873 frag = new_fragment();
1874 if (!frag)
1875 return -ENOMEM;
1876
1877 root = configfs_pin_fs();
1878 if (IS_ERR(root)) {
1879 put_fragment(frag);
1880 return PTR_ERR(root);
1881 }
1882
1883 if (!group->cg_item.ci_name)
1884 group->cg_item.ci_name = group->cg_item.ci_namebuf;
1885
1886 sd = root->d_fsdata;
1887 link_group(to_config_group(sd->s_element), group);
1888
1889 inode_lock_nested(d_inode(root), I_MUTEX_PARENT);
1890
1891 err = -ENOMEM;
1892 dentry = d_alloc_name(root, group->cg_item.ci_name);
1893 if (dentry) {
1894 d_add(dentry, NULL);
1895
1896 err = configfs_attach_group(sd->s_element, &group->cg_item,
1897 dentry, frag);
1898 if (err) {
1899 BUG_ON(d_inode(dentry));
1900 d_drop(dentry);
1901 dput(dentry);
1902 } else {
1903 spin_lock(&configfs_dirent_lock);
1904 configfs_dir_set_ready(dentry->d_fsdata);
1905 spin_unlock(&configfs_dirent_lock);
1906 }
1907 }
1908
1909 inode_unlock(d_inode(root));
1910
1911 if (err) {
1912 unlink_group(group);
1913 configfs_release_fs();
1914 }
1915 put_fragment(frag);
1916
1917 return err;
1918 }
1919
configfs_unregister_subsystem(struct configfs_subsystem * subsys)1920 void configfs_unregister_subsystem(struct configfs_subsystem *subsys)
1921 {
1922 struct config_group *group = &subsys->su_group;
1923 struct dentry *dentry = group->cg_item.ci_dentry;
1924 struct dentry *root = dentry->d_sb->s_root;
1925 struct configfs_dirent *sd = dentry->d_fsdata;
1926 struct configfs_fragment *frag = sd->s_frag;
1927
1928 if (dentry->d_parent != root) {
1929 pr_err("Tried to unregister non-subsystem!\n");
1930 return;
1931 }
1932
1933 down_write(&frag->frag_sem);
1934 frag->frag_dead = true;
1935 up_write(&frag->frag_sem);
1936
1937 inode_lock_nested(d_inode(root),
1938 I_MUTEX_PARENT);
1939 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
1940 mutex_lock(&configfs_symlink_mutex);
1941 spin_lock(&configfs_dirent_lock);
1942 if (configfs_detach_prep(dentry, NULL)) {
1943 pr_err("Tried to unregister non-empty subsystem!\n");
1944 }
1945 spin_unlock(&configfs_dirent_lock);
1946 mutex_unlock(&configfs_symlink_mutex);
1947 configfs_detach_group(&group->cg_item);
1948 d_inode(dentry)->i_flags |= S_DEAD;
1949 dont_mount(dentry);
1950 fsnotify_rmdir(d_inode(root), dentry);
1951 inode_unlock(d_inode(dentry));
1952
1953 d_delete(dentry);
1954
1955 inode_unlock(d_inode(root));
1956
1957 dput(dentry);
1958
1959 unlink_group(group);
1960 configfs_release_fs();
1961 }
1962
1963 EXPORT_SYMBOL(configfs_register_subsystem);
1964 EXPORT_SYMBOL(configfs_unregister_subsystem);
1965