1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * dir.c - Operations for configfs directories.
4 *
5 * Based on sysfs:
6 * sysfs is Copyright (C) 2001, 2002, 2003 Patrick Mochel
7 *
8 * configfs Copyright (C) 2005 Oracle. All rights reserved.
9 */
10
11 #undef DEBUG
12
13 #include <linux/fs.h>
14 #include <linux/fsnotify.h>
15 #include <linux/mount.h>
16 #include <linux/module.h>
17 #include <linux/slab.h>
18 #include <linux/err.h>
19
20 #include <linux/configfs.h>
21 #include "configfs_internal.h"
22
23 /*
24 * Protects mutations of configfs_dirent linkage together with proper i_mutex
25 * Also protects mutations of symlinks linkage to target configfs_dirent
26 * Mutators of configfs_dirent linkage must *both* have the proper inode locked
27 * and configfs_dirent_lock locked, in that order.
28 * This allows one to safely traverse configfs_dirent trees and symlinks without
29 * having to lock inodes.
30 *
31 * Protects setting of CONFIGFS_USET_DROPPING: checking the flag
32 * unlocked is not reliable unless in detach_groups() called from
33 * rmdir()/unregister() and from configfs_attach_group()
34 */
35 DEFINE_SPINLOCK(configfs_dirent_lock);
36
37 /*
38 * All of link_obj/unlink_obj/link_group/unlink_group require that
39 * subsys->su_mutex is held.
40 * But parent configfs_subsystem is NULL when config_item is root.
41 * Use this mutex when config_item is root.
42 */
43 static DEFINE_MUTEX(configfs_subsystem_mutex);
44
configfs_d_iput(struct dentry * dentry,struct inode * inode)45 static void configfs_d_iput(struct dentry * dentry,
46 struct inode * inode)
47 {
48 struct configfs_dirent *sd = dentry->d_fsdata;
49
50 if (sd) {
51 /* Coordinate with configfs_readdir */
52 spin_lock(&configfs_dirent_lock);
53 /*
54 * Set sd->s_dentry to null only when this dentry is the one
55 * that is going to be killed. Otherwise configfs_d_iput may
56 * run just after configfs_lookup and set sd->s_dentry to
57 * NULL even it's still in use.
58 */
59 if (sd->s_dentry == dentry)
60 sd->s_dentry = NULL;
61
62 spin_unlock(&configfs_dirent_lock);
63 configfs_put(sd);
64 }
65 iput(inode);
66 }
67
68 const struct dentry_operations configfs_dentry_ops = {
69 .d_iput = configfs_d_iput,
70 .d_delete = always_delete_dentry,
71 };
72
73 #ifdef CONFIG_LOCKDEP
74
75 /*
76 * Helpers to make lockdep happy with our recursive locking of default groups'
77 * inodes (see configfs_attach_group() and configfs_detach_group()).
78 * We put default groups i_mutexes in separate classes according to their depth
79 * from the youngest non-default group ancestor.
80 *
81 * For a non-default group A having default groups A/B, A/C, and A/C/D, default
82 * groups A/B and A/C will have their inode's mutex in class
83 * default_group_class[0], and default group A/C/D will be in
84 * default_group_class[1].
85 *
86 * The lock classes are declared and assigned in inode.c, according to the
87 * s_depth value.
88 * The s_depth value is initialized to -1, adjusted to >= 0 when attaching
89 * default groups, and reset to -1 when all default groups are attached. During
90 * attachment, if configfs_create() sees s_depth > 0, the lock class of the new
91 * inode's mutex is set to default_group_class[s_depth - 1].
92 */
93
configfs_init_dirent_depth(struct configfs_dirent * sd)94 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
95 {
96 sd->s_depth = -1;
97 }
98
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)99 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
100 struct configfs_dirent *sd)
101 {
102 int parent_depth = parent_sd->s_depth;
103
104 if (parent_depth >= 0)
105 sd->s_depth = parent_depth + 1;
106 }
107
108 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)109 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
110 {
111 /*
112 * item's i_mutex class is already setup, so s_depth is now only
113 * used to set new sub-directories s_depth, which is always done
114 * with item's i_mutex locked.
115 */
116 /*
117 * sd->s_depth == -1 iff we are a non default group.
118 * else (we are a default group) sd->s_depth > 0 (see
119 * create_dir()).
120 */
121 if (sd->s_depth == -1)
122 /*
123 * We are a non default group and we are going to create
124 * default groups.
125 */
126 sd->s_depth = 0;
127 }
128
129 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)130 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
131 {
132 /* We will not create default groups anymore. */
133 sd->s_depth = -1;
134 }
135
136 #else /* CONFIG_LOCKDEP */
137
configfs_init_dirent_depth(struct configfs_dirent * sd)138 static void configfs_init_dirent_depth(struct configfs_dirent *sd)
139 {
140 }
141
configfs_set_dir_dirent_depth(struct configfs_dirent * parent_sd,struct configfs_dirent * sd)142 static void configfs_set_dir_dirent_depth(struct configfs_dirent *parent_sd,
143 struct configfs_dirent *sd)
144 {
145 }
146
147 static void
configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent * sd)148 configfs_adjust_dir_dirent_depth_before_populate(struct configfs_dirent *sd)
149 {
150 }
151
152 static void
configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent * sd)153 configfs_adjust_dir_dirent_depth_after_populate(struct configfs_dirent *sd)
154 {
155 }
156
157 #endif /* CONFIG_LOCKDEP */
158
new_fragment(void)159 static struct configfs_fragment *new_fragment(void)
160 {
161 struct configfs_fragment *p;
162
163 p = kmalloc(sizeof(struct configfs_fragment), GFP_KERNEL);
164 if (p) {
165 atomic_set(&p->frag_count, 1);
166 init_rwsem(&p->frag_sem);
167 p->frag_dead = false;
168 }
169 return p;
170 }
171
put_fragment(struct configfs_fragment * frag)172 void put_fragment(struct configfs_fragment *frag)
173 {
174 if (frag && atomic_dec_and_test(&frag->frag_count))
175 kfree(frag);
176 }
177
get_fragment(struct configfs_fragment * frag)178 struct configfs_fragment *get_fragment(struct configfs_fragment *frag)
179 {
180 if (likely(frag))
181 atomic_inc(&frag->frag_count);
182 return frag;
183 }
184
185 /*
186 * Allocates a new configfs_dirent and links it to the parent configfs_dirent
187 */
configfs_new_dirent(struct configfs_dirent * parent_sd,void * element,int type,struct configfs_fragment * frag)188 static struct configfs_dirent *configfs_new_dirent(struct configfs_dirent *parent_sd,
189 void *element, int type,
190 struct configfs_fragment *frag)
191 {
192 struct configfs_dirent * sd;
193
194 sd = kmem_cache_zalloc(configfs_dir_cachep, GFP_KERNEL);
195 if (!sd)
196 return ERR_PTR(-ENOMEM);
197
198 atomic_set(&sd->s_count, 1);
199 INIT_LIST_HEAD(&sd->s_children);
200 sd->s_element = element;
201 sd->s_type = type;
202 configfs_init_dirent_depth(sd);
203 spin_lock(&configfs_dirent_lock);
204 if (parent_sd->s_type & CONFIGFS_USET_DROPPING) {
205 spin_unlock(&configfs_dirent_lock);
206 kmem_cache_free(configfs_dir_cachep, sd);
207 return ERR_PTR(-ENOENT);
208 }
209 sd->s_frag = get_fragment(frag);
210 list_add(&sd->s_sibling, &parent_sd->s_children);
211 spin_unlock(&configfs_dirent_lock);
212
213 return sd;
214 }
215
216 /*
217 *
218 * Return -EEXIST if there is already a configfs element with the same
219 * name for the same parent.
220 *
221 * called with parent inode's i_mutex held
222 */
configfs_dirent_exists(struct configfs_dirent * parent_sd,const unsigned char * new)223 static int configfs_dirent_exists(struct configfs_dirent *parent_sd,
224 const unsigned char *new)
225 {
226 struct configfs_dirent * sd;
227
228 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
229 if (sd->s_element) {
230 const unsigned char *existing = configfs_get_name(sd);
231 if (strcmp(existing, new))
232 continue;
233 else
234 return -EEXIST;
235 }
236 }
237
238 return 0;
239 }
240
241
configfs_make_dirent(struct configfs_dirent * parent_sd,struct dentry * dentry,void * element,umode_t mode,int type,struct configfs_fragment * frag)242 int configfs_make_dirent(struct configfs_dirent * parent_sd,
243 struct dentry * dentry, void * element,
244 umode_t mode, int type, struct configfs_fragment *frag)
245 {
246 struct configfs_dirent * sd;
247
248 sd = configfs_new_dirent(parent_sd, element, type, frag);
249 if (IS_ERR(sd))
250 return PTR_ERR(sd);
251
252 sd->s_mode = mode;
253 sd->s_dentry = dentry;
254 if (dentry)
255 dentry->d_fsdata = configfs_get(sd);
256
257 return 0;
258 }
259
configfs_remove_dirent(struct dentry * dentry)260 static void configfs_remove_dirent(struct dentry *dentry)
261 {
262 struct configfs_dirent *sd = dentry->d_fsdata;
263
264 if (!sd)
265 return;
266 spin_lock(&configfs_dirent_lock);
267 list_del_init(&sd->s_sibling);
268 spin_unlock(&configfs_dirent_lock);
269 configfs_put(sd);
270 }
271
272 /**
273 * configfs_create_dir - create a directory for an config_item.
274 * @item: config_itemwe're creating directory for.
275 * @dentry: config_item's dentry.
276 * @frag: config_item's fragment.
277 *
278 * Note: user-created entries won't be allowed under this new directory
279 * until it is validated by configfs_dir_set_ready()
280 */
281
configfs_create_dir(struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)282 static int configfs_create_dir(struct config_item *item, struct dentry *dentry,
283 struct configfs_fragment *frag)
284 {
285 int error;
286 umode_t mode = S_IFDIR| S_IRWXU | S_IRUGO | S_IXUGO;
287 struct dentry *p = dentry->d_parent;
288 struct inode *inode;
289
290 BUG_ON(!item);
291
292 error = configfs_dirent_exists(p->d_fsdata, dentry->d_name.name);
293 if (unlikely(error))
294 return error;
295
296 error = configfs_make_dirent(p->d_fsdata, dentry, item, mode,
297 CONFIGFS_DIR | CONFIGFS_USET_CREATING,
298 frag);
299 if (unlikely(error))
300 return error;
301
302 configfs_set_dir_dirent_depth(p->d_fsdata, dentry->d_fsdata);
303 inode = configfs_create(dentry, mode);
304 if (IS_ERR(inode))
305 goto out_remove;
306
307 inode->i_op = &configfs_dir_inode_operations;
308 inode->i_fop = &configfs_dir_operations;
309 /* directory inodes start off with i_nlink == 2 (for "." entry) */
310 inc_nlink(inode);
311 d_instantiate(dentry, inode);
312 /* already hashed */
313 dget(dentry); /* pin directory dentries in core */
314 inc_nlink(d_inode(p));
315 item->ci_dentry = dentry;
316 return 0;
317
318 out_remove:
319 configfs_remove_dirent(dentry);
320 return PTR_ERR(inode);
321 }
322
323 /*
324 * Allow userspace to create new entries under a new directory created with
325 * configfs_create_dir(), and under all of its chidlren directories recursively.
326 * @sd configfs_dirent of the new directory to validate
327 *
328 * Caller must hold configfs_dirent_lock.
329 */
configfs_dir_set_ready(struct configfs_dirent * sd)330 static void configfs_dir_set_ready(struct configfs_dirent *sd)
331 {
332 struct configfs_dirent *child_sd;
333
334 sd->s_type &= ~CONFIGFS_USET_CREATING;
335 list_for_each_entry(child_sd, &sd->s_children, s_sibling)
336 if (child_sd->s_type & CONFIGFS_USET_CREATING)
337 configfs_dir_set_ready(child_sd);
338 }
339
340 /*
341 * Check that a directory does not belong to a directory hierarchy being
342 * attached and not validated yet.
343 * @sd configfs_dirent of the directory to check
344 *
345 * @return non-zero iff the directory was validated
346 *
347 * Note: takes configfs_dirent_lock, so the result may change from false to true
348 * in two consecutive calls, but never from true to false.
349 */
configfs_dirent_is_ready(struct configfs_dirent * sd)350 int configfs_dirent_is_ready(struct configfs_dirent *sd)
351 {
352 int ret;
353
354 spin_lock(&configfs_dirent_lock);
355 ret = !(sd->s_type & CONFIGFS_USET_CREATING);
356 spin_unlock(&configfs_dirent_lock);
357
358 return ret;
359 }
360
configfs_create_link(struct configfs_dirent * target,struct dentry * parent,struct dentry * dentry,char * body)361 int configfs_create_link(struct configfs_dirent *target, struct dentry *parent,
362 struct dentry *dentry, char *body)
363 {
364 int err = 0;
365 umode_t mode = S_IFLNK | S_IRWXUGO;
366 struct configfs_dirent *p = parent->d_fsdata;
367 struct inode *inode;
368
369 err = configfs_make_dirent(p, dentry, target, mode, CONFIGFS_ITEM_LINK,
370 p->s_frag);
371 if (err)
372 return err;
373
374 inode = configfs_create(dentry, mode);
375 if (IS_ERR(inode))
376 goto out_remove;
377
378 inode->i_link = body;
379 inode->i_op = &configfs_symlink_inode_operations;
380 d_instantiate(dentry, inode);
381 dget(dentry); /* pin link dentries in core */
382 return 0;
383
384 out_remove:
385 configfs_remove_dirent(dentry);
386 return PTR_ERR(inode);
387 }
388
remove_dir(struct dentry * d)389 static void remove_dir(struct dentry * d)
390 {
391 struct dentry * parent = dget(d->d_parent);
392
393 configfs_remove_dirent(d);
394
395 if (d_really_is_positive(d))
396 simple_rmdir(d_inode(parent),d);
397
398 pr_debug(" o %pd removing done (%d)\n", d, d_count(d));
399
400 dput(parent);
401 }
402
403 /**
404 * configfs_remove_dir - remove an config_item's directory.
405 * @item: config_item we're removing.
406 *
407 * The only thing special about this is that we remove any files in
408 * the directory before we remove the directory, and we've inlined
409 * what used to be configfs_rmdir() below, instead of calling separately.
410 *
411 * Caller holds the mutex of the item's inode
412 */
413
configfs_remove_dir(struct config_item * item)414 static void configfs_remove_dir(struct config_item * item)
415 {
416 struct dentry * dentry = dget(item->ci_dentry);
417
418 if (!dentry)
419 return;
420
421 remove_dir(dentry);
422 /**
423 * Drop reference from dget() on entrance.
424 */
425 dput(dentry);
426 }
427
configfs_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)428 static struct dentry * configfs_lookup(struct inode *dir,
429 struct dentry *dentry,
430 unsigned int flags)
431 {
432 struct configfs_dirent * parent_sd = dentry->d_parent->d_fsdata;
433 struct configfs_dirent * sd;
434 struct inode *inode = NULL;
435
436 if (dentry->d_name.len > NAME_MAX)
437 return ERR_PTR(-ENAMETOOLONG);
438
439 /*
440 * Fake invisibility if dir belongs to a group/default groups hierarchy
441 * being attached
442 *
443 * This forbids userspace to read/write attributes of items which may
444 * not complete their initialization, since the dentries of the
445 * attributes won't be instantiated.
446 */
447 if (!configfs_dirent_is_ready(parent_sd))
448 return ERR_PTR(-ENOENT);
449
450 spin_lock(&configfs_dirent_lock);
451 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
452 if ((sd->s_type & CONFIGFS_NOT_PINNED) &&
453 !strcmp(configfs_get_name(sd), dentry->d_name.name)) {
454 struct configfs_attribute *attr = sd->s_element;
455 umode_t mode = (attr->ca_mode & S_IALLUGO) | S_IFREG;
456
457 dentry->d_fsdata = configfs_get(sd);
458 sd->s_dentry = dentry;
459 spin_unlock(&configfs_dirent_lock);
460
461 inode = configfs_create(dentry, mode);
462 if (IS_ERR(inode)) {
463 configfs_put(sd);
464 return ERR_CAST(inode);
465 }
466 if (sd->s_type & CONFIGFS_ITEM_BIN_ATTR) {
467 inode->i_size = 0;
468 inode->i_fop = &configfs_bin_file_operations;
469 } else {
470 inode->i_size = PAGE_SIZE;
471 inode->i_fop = &configfs_file_operations;
472 }
473 goto done;
474 }
475 }
476 spin_unlock(&configfs_dirent_lock);
477 done:
478 d_add(dentry, inode);
479 return NULL;
480 }
481
482 /*
483 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
484 * attributes and are removed by rmdir(). We recurse, setting
485 * CONFIGFS_USET_DROPPING on all children that are candidates for
486 * default detach.
487 * If there is an error, the caller will reset the flags via
488 * configfs_detach_rollback().
489 */
configfs_detach_prep(struct dentry * dentry,struct dentry ** wait)490 static int configfs_detach_prep(struct dentry *dentry, struct dentry **wait)
491 {
492 struct configfs_dirent *parent_sd = dentry->d_fsdata;
493 struct configfs_dirent *sd;
494 int ret;
495
496 /* Mark that we're trying to drop the group */
497 parent_sd->s_type |= CONFIGFS_USET_DROPPING;
498
499 ret = -EBUSY;
500 if (parent_sd->s_links)
501 goto out;
502
503 ret = 0;
504 list_for_each_entry(sd, &parent_sd->s_children, s_sibling) {
505 if (!sd->s_element ||
506 (sd->s_type & CONFIGFS_NOT_PINNED))
507 continue;
508 if (sd->s_type & CONFIGFS_USET_DEFAULT) {
509 /* Abort if racing with mkdir() */
510 if (sd->s_type & CONFIGFS_USET_IN_MKDIR) {
511 if (wait)
512 *wait= dget(sd->s_dentry);
513 return -EAGAIN;
514 }
515
516 /*
517 * Yup, recursive. If there's a problem, blame
518 * deep nesting of default_groups
519 */
520 ret = configfs_detach_prep(sd->s_dentry, wait);
521 if (!ret)
522 continue;
523 } else
524 ret = -ENOTEMPTY;
525
526 break;
527 }
528
529 out:
530 return ret;
531 }
532
533 /*
534 * Walk the tree, resetting CONFIGFS_USET_DROPPING wherever it was
535 * set.
536 */
configfs_detach_rollback(struct dentry * dentry)537 static void configfs_detach_rollback(struct dentry *dentry)
538 {
539 struct configfs_dirent *parent_sd = dentry->d_fsdata;
540 struct configfs_dirent *sd;
541
542 parent_sd->s_type &= ~CONFIGFS_USET_DROPPING;
543
544 list_for_each_entry(sd, &parent_sd->s_children, s_sibling)
545 if (sd->s_type & CONFIGFS_USET_DEFAULT)
546 configfs_detach_rollback(sd->s_dentry);
547 }
548
detach_attrs(struct config_item * item)549 static void detach_attrs(struct config_item * item)
550 {
551 struct dentry * dentry = dget(item->ci_dentry);
552 struct configfs_dirent * parent_sd;
553 struct configfs_dirent * sd, * tmp;
554
555 if (!dentry)
556 return;
557
558 pr_debug("configfs %s: dropping attrs for dir\n",
559 dentry->d_name.name);
560
561 parent_sd = dentry->d_fsdata;
562 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
563 if (!sd->s_element || !(sd->s_type & CONFIGFS_NOT_PINNED))
564 continue;
565 spin_lock(&configfs_dirent_lock);
566 list_del_init(&sd->s_sibling);
567 spin_unlock(&configfs_dirent_lock);
568 configfs_drop_dentry(sd, dentry);
569 configfs_put(sd);
570 }
571
572 /**
573 * Drop reference from dget() on entrance.
574 */
575 dput(dentry);
576 }
577
populate_attrs(struct config_item * item)578 static int populate_attrs(struct config_item *item)
579 {
580 const struct config_item_type *t = item->ci_type;
581 struct configfs_attribute *attr;
582 struct configfs_bin_attribute *bin_attr;
583 int error = 0;
584 int i;
585
586 if (!t)
587 return -EINVAL;
588 if (t->ct_attrs) {
589 for (i = 0; (attr = t->ct_attrs[i]) != NULL; i++) {
590 if ((error = configfs_create_file(item, attr)))
591 break;
592 }
593 }
594 if (t->ct_bin_attrs) {
595 for (i = 0; (bin_attr = t->ct_bin_attrs[i]) != NULL; i++) {
596 error = configfs_create_bin_file(item, bin_attr);
597 if (error)
598 break;
599 }
600 }
601
602 if (error)
603 detach_attrs(item);
604
605 return error;
606 }
607
608 static int configfs_attach_group(struct config_item *parent_item,
609 struct config_item *item,
610 struct dentry *dentry,
611 struct configfs_fragment *frag);
612 static void configfs_detach_group(struct config_item *item);
613
detach_groups(struct config_group * group)614 static void detach_groups(struct config_group *group)
615 {
616 struct dentry * dentry = dget(group->cg_item.ci_dentry);
617 struct dentry *child;
618 struct configfs_dirent *parent_sd;
619 struct configfs_dirent *sd, *tmp;
620
621 if (!dentry)
622 return;
623
624 parent_sd = dentry->d_fsdata;
625 list_for_each_entry_safe(sd, tmp, &parent_sd->s_children, s_sibling) {
626 if (!sd->s_element ||
627 !(sd->s_type & CONFIGFS_USET_DEFAULT))
628 continue;
629
630 child = sd->s_dentry;
631
632 inode_lock(d_inode(child));
633
634 configfs_detach_group(sd->s_element);
635 d_inode(child)->i_flags |= S_DEAD;
636 dont_mount(child);
637
638 inode_unlock(d_inode(child));
639
640 d_delete(child);
641 dput(child);
642 }
643
644 /**
645 * Drop reference from dget() on entrance.
646 */
647 dput(dentry);
648 }
649
650 /*
651 * This fakes mkdir(2) on a default_groups[] entry. It
652 * creates a dentry, attachs it, and then does fixup
653 * on the sd->s_type.
654 *
655 * We could, perhaps, tweak our parent's ->mkdir for a minute and
656 * try using vfs_mkdir. Just a thought.
657 */
create_default_group(struct config_group * parent_group,struct config_group * group,struct configfs_fragment * frag)658 static int create_default_group(struct config_group *parent_group,
659 struct config_group *group,
660 struct configfs_fragment *frag)
661 {
662 int ret;
663 struct configfs_dirent *sd;
664 /* We trust the caller holds a reference to parent */
665 struct dentry *child, *parent = parent_group->cg_item.ci_dentry;
666
667 if (!group->cg_item.ci_name)
668 group->cg_item.ci_name = group->cg_item.ci_namebuf;
669
670 ret = -ENOMEM;
671 child = d_alloc_name(parent, group->cg_item.ci_name);
672 if (child) {
673 d_add(child, NULL);
674
675 ret = configfs_attach_group(&parent_group->cg_item,
676 &group->cg_item, child, frag);
677 if (!ret) {
678 sd = child->d_fsdata;
679 sd->s_type |= CONFIGFS_USET_DEFAULT;
680 } else {
681 BUG_ON(d_inode(child));
682 d_drop(child);
683 dput(child);
684 }
685 }
686
687 return ret;
688 }
689
populate_groups(struct config_group * group,struct configfs_fragment * frag)690 static int populate_groups(struct config_group *group,
691 struct configfs_fragment *frag)
692 {
693 struct config_group *new_group;
694 int ret = 0;
695
696 list_for_each_entry(new_group, &group->default_groups, group_entry) {
697 ret = create_default_group(group, new_group, frag);
698 if (ret) {
699 detach_groups(group);
700 break;
701 }
702 }
703
704 return ret;
705 }
706
configfs_remove_default_groups(struct config_group * group)707 void configfs_remove_default_groups(struct config_group *group)
708 {
709 struct config_group *g, *n;
710
711 list_for_each_entry_safe(g, n, &group->default_groups, group_entry) {
712 list_del(&g->group_entry);
713 config_item_put(&g->cg_item);
714 }
715 }
716 EXPORT_SYMBOL(configfs_remove_default_groups);
717
718 /*
719 * All of link_obj/unlink_obj/link_group/unlink_group require that
720 * subsys->su_mutex is held.
721 */
722
unlink_obj(struct config_item * item)723 static void unlink_obj(struct config_item *item)
724 {
725 struct config_group *group;
726
727 group = item->ci_group;
728 if (group) {
729 list_del_init(&item->ci_entry);
730
731 item->ci_group = NULL;
732 item->ci_parent = NULL;
733
734 /* Drop the reference for ci_entry */
735 config_item_put(item);
736
737 /* Drop the reference for ci_parent */
738 config_group_put(group);
739 }
740 }
741
link_obj(struct config_item * parent_item,struct config_item * item)742 static void link_obj(struct config_item *parent_item, struct config_item *item)
743 {
744 /*
745 * Parent seems redundant with group, but it makes certain
746 * traversals much nicer.
747 */
748 item->ci_parent = parent_item;
749
750 /*
751 * We hold a reference on the parent for the child's ci_parent
752 * link.
753 */
754 item->ci_group = config_group_get(to_config_group(parent_item));
755 list_add_tail(&item->ci_entry, &item->ci_group->cg_children);
756
757 /*
758 * We hold a reference on the child for ci_entry on the parent's
759 * cg_children
760 */
761 config_item_get(item);
762 }
763
unlink_group(struct config_group * group)764 static void unlink_group(struct config_group *group)
765 {
766 struct config_group *new_group;
767
768 list_for_each_entry(new_group, &group->default_groups, group_entry)
769 unlink_group(new_group);
770
771 group->cg_subsys = NULL;
772 unlink_obj(&group->cg_item);
773 }
774
link_group(struct config_group * parent_group,struct config_group * group)775 static void link_group(struct config_group *parent_group, struct config_group *group)
776 {
777 struct config_group *new_group;
778 struct configfs_subsystem *subsys = NULL; /* gcc is a turd */
779
780 link_obj(&parent_group->cg_item, &group->cg_item);
781
782 if (parent_group->cg_subsys)
783 subsys = parent_group->cg_subsys;
784 else if (configfs_is_root(&parent_group->cg_item))
785 subsys = to_configfs_subsystem(group);
786 else
787 BUG();
788 group->cg_subsys = subsys;
789
790 list_for_each_entry(new_group, &group->default_groups, group_entry)
791 link_group(group, new_group);
792 }
793
794 /*
795 * The goal is that configfs_attach_item() (and
796 * configfs_attach_group()) can be called from either the VFS or this
797 * module. That is, they assume that the items have been created,
798 * the dentry allocated, and the dcache is all ready to go.
799 *
800 * If they fail, they must clean up after themselves as if they
801 * had never been called. The caller (VFS or local function) will
802 * handle cleaning up the dcache bits.
803 *
804 * configfs_detach_group() and configfs_detach_item() behave similarly on
805 * the way out. They assume that the proper semaphores are held, they
806 * clean up the configfs items, and they expect their callers will
807 * handle the dcache bits.
808 */
configfs_attach_item(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)809 static int configfs_attach_item(struct config_item *parent_item,
810 struct config_item *item,
811 struct dentry *dentry,
812 struct configfs_fragment *frag)
813 {
814 int ret;
815
816 ret = configfs_create_dir(item, dentry, frag);
817 if (!ret) {
818 ret = populate_attrs(item);
819 if (ret) {
820 /*
821 * We are going to remove an inode and its dentry but
822 * the VFS may already have hit and used them. Thus,
823 * we must lock them as rmdir() would.
824 */
825 inode_lock(d_inode(dentry));
826 configfs_remove_dir(item);
827 d_inode(dentry)->i_flags |= S_DEAD;
828 dont_mount(dentry);
829 inode_unlock(d_inode(dentry));
830 d_delete(dentry);
831 }
832 }
833
834 return ret;
835 }
836
837 /* Caller holds the mutex of the item's inode */
configfs_detach_item(struct config_item * item)838 static void configfs_detach_item(struct config_item *item)
839 {
840 detach_attrs(item);
841 configfs_remove_dir(item);
842 }
843
configfs_attach_group(struct config_item * parent_item,struct config_item * item,struct dentry * dentry,struct configfs_fragment * frag)844 static int configfs_attach_group(struct config_item *parent_item,
845 struct config_item *item,
846 struct dentry *dentry,
847 struct configfs_fragment *frag)
848 {
849 int ret;
850 struct configfs_dirent *sd;
851
852 ret = configfs_attach_item(parent_item, item, dentry, frag);
853 if (!ret) {
854 sd = dentry->d_fsdata;
855 sd->s_type |= CONFIGFS_USET_DIR;
856
857 /*
858 * FYI, we're faking mkdir in populate_groups()
859 * We must lock the group's inode to avoid races with the VFS
860 * which can already hit the inode and try to add/remove entries
861 * under it.
862 *
863 * We must also lock the inode to remove it safely in case of
864 * error, as rmdir() would.
865 */
866 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
867 configfs_adjust_dir_dirent_depth_before_populate(sd);
868 ret = populate_groups(to_config_group(item), frag);
869 if (ret) {
870 configfs_detach_item(item);
871 d_inode(dentry)->i_flags |= S_DEAD;
872 dont_mount(dentry);
873 }
874 configfs_adjust_dir_dirent_depth_after_populate(sd);
875 inode_unlock(d_inode(dentry));
876 if (ret)
877 d_delete(dentry);
878 }
879
880 return ret;
881 }
882
883 /* Caller holds the mutex of the group's inode */
configfs_detach_group(struct config_item * item)884 static void configfs_detach_group(struct config_item *item)
885 {
886 detach_groups(to_config_group(item));
887 configfs_detach_item(item);
888 }
889
890 /*
891 * After the item has been detached from the filesystem view, we are
892 * ready to tear it out of the hierarchy. Notify the client before
893 * we do that so they can perform any cleanup that requires
894 * navigating the hierarchy. A client does not need to provide this
895 * callback. The subsystem semaphore MUST be held by the caller, and
896 * references must be valid for both items. It also assumes the
897 * caller has validated ci_type.
898 */
client_disconnect_notify(struct config_item * parent_item,struct config_item * item)899 static void client_disconnect_notify(struct config_item *parent_item,
900 struct config_item *item)
901 {
902 const struct config_item_type *type;
903
904 type = parent_item->ci_type;
905 BUG_ON(!type);
906
907 if (type->ct_group_ops && type->ct_group_ops->disconnect_notify)
908 type->ct_group_ops->disconnect_notify(to_config_group(parent_item),
909 item);
910 }
911
912 /*
913 * Drop the initial reference from make_item()/make_group()
914 * This function assumes that reference is held on item
915 * and that item holds a valid reference to the parent. Also, it
916 * assumes the caller has validated ci_type.
917 */
client_drop_item(struct config_item * parent_item,struct config_item * item)918 static void client_drop_item(struct config_item *parent_item,
919 struct config_item *item)
920 {
921 const struct config_item_type *type;
922
923 type = parent_item->ci_type;
924 BUG_ON(!type);
925
926 /*
927 * If ->drop_item() exists, it is responsible for the
928 * config_item_put().
929 */
930 if (type->ct_group_ops && type->ct_group_ops->drop_item)
931 type->ct_group_ops->drop_item(to_config_group(parent_item),
932 item);
933 else
934 config_item_put(item);
935 }
936
937 #ifdef DEBUG
configfs_dump_one(struct configfs_dirent * sd,int level)938 static void configfs_dump_one(struct configfs_dirent *sd, int level)
939 {
940 pr_info("%*s\"%s\":\n", level, " ", configfs_get_name(sd));
941
942 #define type_print(_type) if (sd->s_type & _type) pr_info("%*s %s\n", level, " ", #_type);
943 type_print(CONFIGFS_ROOT);
944 type_print(CONFIGFS_DIR);
945 type_print(CONFIGFS_ITEM_ATTR);
946 type_print(CONFIGFS_ITEM_LINK);
947 type_print(CONFIGFS_USET_DIR);
948 type_print(CONFIGFS_USET_DEFAULT);
949 type_print(CONFIGFS_USET_DROPPING);
950 #undef type_print
951 }
952
configfs_dump(struct configfs_dirent * sd,int level)953 static int configfs_dump(struct configfs_dirent *sd, int level)
954 {
955 struct configfs_dirent *child_sd;
956 int ret = 0;
957
958 configfs_dump_one(sd, level);
959
960 if (!(sd->s_type & (CONFIGFS_DIR|CONFIGFS_ROOT)))
961 return 0;
962
963 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
964 ret = configfs_dump(child_sd, level + 2);
965 if (ret)
966 break;
967 }
968
969 return ret;
970 }
971 #endif
972
973
974 /*
975 * configfs_depend_item() and configfs_undepend_item()
976 *
977 * WARNING: Do not call these from a configfs callback!
978 *
979 * This describes these functions and their helpers.
980 *
981 * Allow another kernel system to depend on a config_item. If this
982 * happens, the item cannot go away until the dependent can live without
983 * it. The idea is to give client modules as simple an interface as
984 * possible. When a system asks them to depend on an item, they just
985 * call configfs_depend_item(). If the item is live and the client
986 * driver is in good shape, we'll happily do the work for them.
987 *
988 * Why is the locking complex? Because configfs uses the VFS to handle
989 * all locking, but this function is called outside the normal
990 * VFS->configfs path. So it must take VFS locks to prevent the
991 * VFS->configfs stuff (configfs_mkdir(), configfs_rmdir(), etc). This is
992 * why you can't call these functions underneath configfs callbacks.
993 *
994 * Note, btw, that this can be called at *any* time, even when a configfs
995 * subsystem isn't registered, or when configfs is loading or unloading.
996 * Just like configfs_register_subsystem(). So we take the same
997 * precautions. We pin the filesystem. We lock configfs_dirent_lock.
998 * If we can find the target item in the
999 * configfs tree, it must be part of the subsystem tree as well, so we
1000 * do not need the subsystem semaphore. Holding configfs_dirent_lock helps
1001 * locking out mkdir() and rmdir(), who might be racing us.
1002 */
1003
1004 /*
1005 * configfs_depend_prep()
1006 *
1007 * Only subdirectories count here. Files (CONFIGFS_NOT_PINNED) are
1008 * attributes. This is similar but not the same to configfs_detach_prep().
1009 * Note that configfs_detach_prep() expects the parent to be locked when it
1010 * is called, but we lock the parent *inside* configfs_depend_prep(). We
1011 * do that so we can unlock it if we find nothing.
1012 *
1013 * Here we do a depth-first search of the dentry hierarchy looking for
1014 * our object.
1015 * We deliberately ignore items tagged as dropping since they are virtually
1016 * dead, as well as items in the middle of attachment since they virtually
1017 * do not exist yet. This completes the locking out of racing mkdir() and
1018 * rmdir().
1019 * Note: subdirectories in the middle of attachment start with s_type =
1020 * CONFIGFS_DIR|CONFIGFS_USET_CREATING set by create_dir(). When
1021 * CONFIGFS_USET_CREATING is set, we ignore the item. The actual set of
1022 * s_type is in configfs_new_dirent(), which has configfs_dirent_lock.
1023 *
1024 * If the target is not found, -ENOENT is bubbled up.
1025 *
1026 * This adds a requirement that all config_items be unique!
1027 *
1028 * This is recursive. There isn't
1029 * much on the stack, though, so folks that need this function - be careful
1030 * about your stack! Patches will be accepted to make it iterative.
1031 */
configfs_depend_prep(struct dentry * origin,struct config_item * target)1032 static int configfs_depend_prep(struct dentry *origin,
1033 struct config_item *target)
1034 {
1035 struct configfs_dirent *child_sd, *sd;
1036 int ret = 0;
1037
1038 BUG_ON(!origin || !origin->d_fsdata);
1039 sd = origin->d_fsdata;
1040
1041 if (sd->s_element == target) /* Boo-yah */
1042 goto out;
1043
1044 list_for_each_entry(child_sd, &sd->s_children, s_sibling) {
1045 if ((child_sd->s_type & CONFIGFS_DIR) &&
1046 !(child_sd->s_type & CONFIGFS_USET_DROPPING) &&
1047 !(child_sd->s_type & CONFIGFS_USET_CREATING)) {
1048 ret = configfs_depend_prep(child_sd->s_dentry,
1049 target);
1050 if (!ret)
1051 goto out; /* Child path boo-yah */
1052 }
1053 }
1054
1055 /* We looped all our children and didn't find target */
1056 ret = -ENOENT;
1057
1058 out:
1059 return ret;
1060 }
1061
configfs_do_depend_item(struct dentry * subsys_dentry,struct config_item * target)1062 static int configfs_do_depend_item(struct dentry *subsys_dentry,
1063 struct config_item *target)
1064 {
1065 struct configfs_dirent *p;
1066 int ret;
1067
1068 spin_lock(&configfs_dirent_lock);
1069 /* Scan the tree, return 0 if found */
1070 ret = configfs_depend_prep(subsys_dentry, target);
1071 if (ret)
1072 goto out_unlock_dirent_lock;
1073
1074 /*
1075 * We are sure that the item is not about to be removed by rmdir(), and
1076 * not in the middle of attachment by mkdir().
1077 */
1078 p = target->ci_dentry->d_fsdata;
1079 p->s_dependent_count += 1;
1080
1081 out_unlock_dirent_lock:
1082 spin_unlock(&configfs_dirent_lock);
1083
1084 return ret;
1085 }
1086
1087 static inline struct configfs_dirent *
configfs_find_subsys_dentry(struct configfs_dirent * root_sd,struct config_item * subsys_item)1088 configfs_find_subsys_dentry(struct configfs_dirent *root_sd,
1089 struct config_item *subsys_item)
1090 {
1091 struct configfs_dirent *p;
1092 struct configfs_dirent *ret = NULL;
1093
1094 list_for_each_entry(p, &root_sd->s_children, s_sibling) {
1095 if (p->s_type & CONFIGFS_DIR &&
1096 p->s_element == subsys_item) {
1097 ret = p;
1098 break;
1099 }
1100 }
1101
1102 return ret;
1103 }
1104
1105
configfs_depend_item(struct configfs_subsystem * subsys,struct config_item * target)1106 int configfs_depend_item(struct configfs_subsystem *subsys,
1107 struct config_item *target)
1108 {
1109 int ret;
1110 struct configfs_dirent *subsys_sd;
1111 struct config_item *s_item = &subsys->su_group.cg_item;
1112 struct dentry *root;
1113
1114 /*
1115 * Pin the configfs filesystem. This means we can safely access
1116 * the root of the configfs filesystem.
1117 */
1118 root = configfs_pin_fs();
1119 if (IS_ERR(root))
1120 return PTR_ERR(root);
1121
1122 /*
1123 * Next, lock the root directory. We're going to check that the
1124 * subsystem is really registered, and so we need to lock out
1125 * configfs_[un]register_subsystem().
1126 */
1127 inode_lock(d_inode(root));
1128
1129 subsys_sd = configfs_find_subsys_dentry(root->d_fsdata, s_item);
1130 if (!subsys_sd) {
1131 ret = -ENOENT;
1132 goto out_unlock_fs;
1133 }
1134
1135 /* Ok, now we can trust subsys/s_item */
1136 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1137
1138 out_unlock_fs:
1139 inode_unlock(d_inode(root));
1140
1141 /*
1142 * If we succeeded, the fs is pinned via other methods. If not,
1143 * we're done with it anyway. So release_fs() is always right.
1144 */
1145 configfs_release_fs();
1146
1147 return ret;
1148 }
1149 EXPORT_SYMBOL(configfs_depend_item);
1150
1151 /*
1152 * Release the dependent linkage. This is much simpler than
1153 * configfs_depend_item() because we know that the client driver is
1154 * pinned, thus the subsystem is pinned, and therefore configfs is pinned.
1155 */
configfs_undepend_item(struct config_item * target)1156 void configfs_undepend_item(struct config_item *target)
1157 {
1158 struct configfs_dirent *sd;
1159
1160 /*
1161 * Since we can trust everything is pinned, we just need
1162 * configfs_dirent_lock.
1163 */
1164 spin_lock(&configfs_dirent_lock);
1165
1166 sd = target->ci_dentry->d_fsdata;
1167 BUG_ON(sd->s_dependent_count < 1);
1168
1169 sd->s_dependent_count -= 1;
1170
1171 /*
1172 * After this unlock, we cannot trust the item to stay alive!
1173 * DO NOT REFERENCE item after this unlock.
1174 */
1175 spin_unlock(&configfs_dirent_lock);
1176 }
1177 EXPORT_SYMBOL(configfs_undepend_item);
1178
1179 /*
1180 * caller_subsys is a caller's subsystem not target's. This is used to
1181 * determine if we should lock root and check subsys or not. When we are
1182 * in the same subsystem as our target there is no need to do locking as
1183 * we know that subsys is valid and is not unregistered during this function
1184 * as we are called from callback of one of his children and VFS holds a lock
1185 * on some inode. Otherwise we have to lock our root to ensure that target's
1186 * subsystem it is not unregistered during this function.
1187 */
configfs_depend_item_unlocked(struct configfs_subsystem * caller_subsys,struct config_item * target)1188 int configfs_depend_item_unlocked(struct configfs_subsystem *caller_subsys,
1189 struct config_item *target)
1190 {
1191 struct configfs_subsystem *target_subsys;
1192 struct config_group *root, *parent;
1193 struct configfs_dirent *subsys_sd;
1194 int ret = -ENOENT;
1195
1196 /* Disallow this function for configfs root */
1197 if (configfs_is_root(target))
1198 return -EINVAL;
1199
1200 parent = target->ci_group;
1201 /*
1202 * This may happen when someone is trying to depend root
1203 * directory of some subsystem
1204 */
1205 if (configfs_is_root(&parent->cg_item)) {
1206 target_subsys = to_configfs_subsystem(to_config_group(target));
1207 root = parent;
1208 } else {
1209 target_subsys = parent->cg_subsys;
1210 /* Find a cofnigfs root as we may need it for locking */
1211 for (root = parent; !configfs_is_root(&root->cg_item);
1212 root = root->cg_item.ci_group)
1213 ;
1214 }
1215
1216 if (target_subsys != caller_subsys) {
1217 /*
1218 * We are in other configfs subsystem, so we have to do
1219 * additional locking to prevent other subsystem from being
1220 * unregistered
1221 */
1222 inode_lock(d_inode(root->cg_item.ci_dentry));
1223
1224 /*
1225 * As we are trying to depend item from other subsystem
1226 * we have to check if this subsystem is still registered
1227 */
1228 subsys_sd = configfs_find_subsys_dentry(
1229 root->cg_item.ci_dentry->d_fsdata,
1230 &target_subsys->su_group.cg_item);
1231 if (!subsys_sd)
1232 goto out_root_unlock;
1233 } else {
1234 subsys_sd = target_subsys->su_group.cg_item.ci_dentry->d_fsdata;
1235 }
1236
1237 /* Now we can execute core of depend item */
1238 ret = configfs_do_depend_item(subsys_sd->s_dentry, target);
1239
1240 if (target_subsys != caller_subsys)
1241 out_root_unlock:
1242 /*
1243 * We were called from subsystem other than our target so we
1244 * took some locks so now it's time to release them
1245 */
1246 inode_unlock(d_inode(root->cg_item.ci_dentry));
1247
1248 return ret;
1249 }
1250 EXPORT_SYMBOL(configfs_depend_item_unlocked);
1251
configfs_mkdir(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * dentry,umode_t mode)1252 static int configfs_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
1253 struct dentry *dentry, umode_t mode)
1254 {
1255 int ret = 0;
1256 int module_got = 0;
1257 struct config_group *group = NULL;
1258 struct config_item *item = NULL;
1259 struct config_item *parent_item;
1260 struct configfs_subsystem *subsys;
1261 struct configfs_dirent *sd;
1262 const struct config_item_type *type;
1263 struct module *subsys_owner = NULL, *new_item_owner = NULL;
1264 struct configfs_fragment *frag;
1265 char *name;
1266
1267 sd = dentry->d_parent->d_fsdata;
1268
1269 /*
1270 * Fake invisibility if dir belongs to a group/default groups hierarchy
1271 * being attached
1272 */
1273 if (!configfs_dirent_is_ready(sd)) {
1274 ret = -ENOENT;
1275 goto out;
1276 }
1277
1278 if (!(sd->s_type & CONFIGFS_USET_DIR)) {
1279 ret = -EPERM;
1280 goto out;
1281 }
1282
1283 frag = new_fragment();
1284 if (!frag) {
1285 ret = -ENOMEM;
1286 goto out;
1287 }
1288
1289 /* Get a working ref for the duration of this function */
1290 parent_item = configfs_get_config_item(dentry->d_parent);
1291 type = parent_item->ci_type;
1292 subsys = to_config_group(parent_item)->cg_subsys;
1293 BUG_ON(!subsys);
1294
1295 if (!type || !type->ct_group_ops ||
1296 (!type->ct_group_ops->make_group &&
1297 !type->ct_group_ops->make_item)) {
1298 ret = -EPERM; /* Lack-of-mkdir returns -EPERM */
1299 goto out_put;
1300 }
1301
1302 /*
1303 * The subsystem may belong to a different module than the item
1304 * being created. We don't want to safely pin the new item but
1305 * fail to pin the subsystem it sits under.
1306 */
1307 if (!subsys->su_group.cg_item.ci_type) {
1308 ret = -EINVAL;
1309 goto out_put;
1310 }
1311 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1312 if (!try_module_get(subsys_owner)) {
1313 ret = -EINVAL;
1314 goto out_put;
1315 }
1316
1317 name = kmalloc(dentry->d_name.len + 1, GFP_KERNEL);
1318 if (!name) {
1319 ret = -ENOMEM;
1320 goto out_subsys_put;
1321 }
1322
1323 snprintf(name, dentry->d_name.len + 1, "%s", dentry->d_name.name);
1324
1325 mutex_lock(&subsys->su_mutex);
1326 if (type->ct_group_ops->make_group) {
1327 group = type->ct_group_ops->make_group(to_config_group(parent_item), name);
1328 if (!group)
1329 group = ERR_PTR(-ENOMEM);
1330 if (!IS_ERR(group)) {
1331 link_group(to_config_group(parent_item), group);
1332 item = &group->cg_item;
1333 } else
1334 ret = PTR_ERR(group);
1335 } else {
1336 item = type->ct_group_ops->make_item(to_config_group(parent_item), name);
1337 if (!item)
1338 item = ERR_PTR(-ENOMEM);
1339 if (!IS_ERR(item))
1340 link_obj(parent_item, item);
1341 else
1342 ret = PTR_ERR(item);
1343 }
1344 mutex_unlock(&subsys->su_mutex);
1345
1346 kfree(name);
1347 if (ret) {
1348 /*
1349 * If ret != 0, then link_obj() was never called.
1350 * There are no extra references to clean up.
1351 */
1352 goto out_subsys_put;
1353 }
1354
1355 /*
1356 * link_obj() has been called (via link_group() for groups).
1357 * From here on out, errors must clean that up.
1358 */
1359
1360 type = item->ci_type;
1361 if (!type) {
1362 ret = -EINVAL;
1363 goto out_unlink;
1364 }
1365
1366 new_item_owner = type->ct_owner;
1367 if (!try_module_get(new_item_owner)) {
1368 ret = -EINVAL;
1369 goto out_unlink;
1370 }
1371
1372 /*
1373 * I hate doing it this way, but if there is
1374 * an error, module_put() probably should
1375 * happen after any cleanup.
1376 */
1377 module_got = 1;
1378
1379 /*
1380 * Make racing rmdir() fail if it did not tag parent with
1381 * CONFIGFS_USET_DROPPING
1382 * Note: if CONFIGFS_USET_DROPPING is already set, attach_group() will
1383 * fail and let rmdir() terminate correctly
1384 */
1385 spin_lock(&configfs_dirent_lock);
1386 /* This will make configfs_detach_prep() fail */
1387 sd->s_type |= CONFIGFS_USET_IN_MKDIR;
1388 spin_unlock(&configfs_dirent_lock);
1389
1390 if (group)
1391 ret = configfs_attach_group(parent_item, item, dentry, frag);
1392 else
1393 ret = configfs_attach_item(parent_item, item, dentry, frag);
1394
1395 spin_lock(&configfs_dirent_lock);
1396 sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
1397 if (!ret)
1398 configfs_dir_set_ready(dentry->d_fsdata);
1399 spin_unlock(&configfs_dirent_lock);
1400
1401 out_unlink:
1402 if (ret) {
1403 /* Tear down everything we built up */
1404 mutex_lock(&subsys->su_mutex);
1405
1406 client_disconnect_notify(parent_item, item);
1407 if (group)
1408 unlink_group(group);
1409 else
1410 unlink_obj(item);
1411 client_drop_item(parent_item, item);
1412
1413 mutex_unlock(&subsys->su_mutex);
1414
1415 if (module_got)
1416 module_put(new_item_owner);
1417 }
1418
1419 out_subsys_put:
1420 if (ret)
1421 module_put(subsys_owner);
1422
1423 out_put:
1424 /*
1425 * link_obj()/link_group() took a reference from child->parent,
1426 * so the parent is safely pinned. We can drop our working
1427 * reference.
1428 */
1429 config_item_put(parent_item);
1430 put_fragment(frag);
1431
1432 out:
1433 return ret;
1434 }
1435
configfs_rmdir(struct inode * dir,struct dentry * dentry)1436 static int configfs_rmdir(struct inode *dir, struct dentry *dentry)
1437 {
1438 struct config_item *parent_item;
1439 struct config_item *item;
1440 struct configfs_subsystem *subsys;
1441 struct configfs_dirent *sd;
1442 struct configfs_fragment *frag;
1443 struct module *subsys_owner = NULL, *dead_item_owner = NULL;
1444 int ret;
1445
1446 sd = dentry->d_fsdata;
1447 if (sd->s_type & CONFIGFS_USET_DEFAULT)
1448 return -EPERM;
1449
1450 /* Get a working ref until we have the child */
1451 parent_item = configfs_get_config_item(dentry->d_parent);
1452 subsys = to_config_group(parent_item)->cg_subsys;
1453 BUG_ON(!subsys);
1454
1455 if (!parent_item->ci_type) {
1456 config_item_put(parent_item);
1457 return -EINVAL;
1458 }
1459
1460 /* configfs_mkdir() shouldn't have allowed this */
1461 BUG_ON(!subsys->su_group.cg_item.ci_type);
1462 subsys_owner = subsys->su_group.cg_item.ci_type->ct_owner;
1463
1464 /*
1465 * Ensure that no racing symlink() will make detach_prep() fail while
1466 * the new link is temporarily attached
1467 */
1468 do {
1469 struct dentry *wait;
1470
1471 mutex_lock(&configfs_symlink_mutex);
1472 spin_lock(&configfs_dirent_lock);
1473 /*
1474 * Here's where we check for dependents. We're protected by
1475 * configfs_dirent_lock.
1476 * If no dependent, atomically tag the item as dropping.
1477 */
1478 ret = sd->s_dependent_count ? -EBUSY : 0;
1479 if (!ret) {
1480 ret = configfs_detach_prep(dentry, &wait);
1481 if (ret)
1482 configfs_detach_rollback(dentry);
1483 }
1484 spin_unlock(&configfs_dirent_lock);
1485 mutex_unlock(&configfs_symlink_mutex);
1486
1487 if (ret) {
1488 if (ret != -EAGAIN) {
1489 config_item_put(parent_item);
1490 return ret;
1491 }
1492
1493 /* Wait until the racing operation terminates */
1494 inode_lock(d_inode(wait));
1495 inode_unlock(d_inode(wait));
1496 dput(wait);
1497 }
1498 } while (ret == -EAGAIN);
1499
1500 frag = sd->s_frag;
1501 if (down_write_killable(&frag->frag_sem)) {
1502 spin_lock(&configfs_dirent_lock);
1503 configfs_detach_rollback(dentry);
1504 spin_unlock(&configfs_dirent_lock);
1505 config_item_put(parent_item);
1506 return -EINTR;
1507 }
1508 frag->frag_dead = true;
1509 up_write(&frag->frag_sem);
1510
1511 /* Get a working ref for the duration of this function */
1512 item = configfs_get_config_item(dentry);
1513
1514 /* Drop reference from above, item already holds one. */
1515 config_item_put(parent_item);
1516
1517 if (item->ci_type)
1518 dead_item_owner = item->ci_type->ct_owner;
1519
1520 if (sd->s_type & CONFIGFS_USET_DIR) {
1521 configfs_detach_group(item);
1522
1523 mutex_lock(&subsys->su_mutex);
1524 client_disconnect_notify(parent_item, item);
1525 unlink_group(to_config_group(item));
1526 } else {
1527 configfs_detach_item(item);
1528
1529 mutex_lock(&subsys->su_mutex);
1530 client_disconnect_notify(parent_item, item);
1531 unlink_obj(item);
1532 }
1533
1534 client_drop_item(parent_item, item);
1535 mutex_unlock(&subsys->su_mutex);
1536
1537 /* Drop our reference from above */
1538 config_item_put(item);
1539
1540 module_put(dead_item_owner);
1541 module_put(subsys_owner);
1542
1543 return 0;
1544 }
1545
1546 const struct inode_operations configfs_dir_inode_operations = {
1547 .mkdir = configfs_mkdir,
1548 .rmdir = configfs_rmdir,
1549 .symlink = configfs_symlink,
1550 .unlink = configfs_unlink,
1551 .lookup = configfs_lookup,
1552 .setattr = configfs_setattr,
1553 };
1554
1555 const struct inode_operations configfs_root_inode_operations = {
1556 .lookup = configfs_lookup,
1557 .setattr = configfs_setattr,
1558 };
1559
configfs_dir_open(struct inode * inode,struct file * file)1560 static int configfs_dir_open(struct inode *inode, struct file *file)
1561 {
1562 struct dentry * dentry = file->f_path.dentry;
1563 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1564 int err;
1565
1566 inode_lock(d_inode(dentry));
1567 /*
1568 * Fake invisibility if dir belongs to a group/default groups hierarchy
1569 * being attached
1570 */
1571 err = -ENOENT;
1572 if (configfs_dirent_is_ready(parent_sd)) {
1573 file->private_data = configfs_new_dirent(parent_sd, NULL, 0, NULL);
1574 if (IS_ERR(file->private_data))
1575 err = PTR_ERR(file->private_data);
1576 else
1577 err = 0;
1578 }
1579 inode_unlock(d_inode(dentry));
1580
1581 return err;
1582 }
1583
configfs_dir_close(struct inode * inode,struct file * file)1584 static int configfs_dir_close(struct inode *inode, struct file *file)
1585 {
1586 struct dentry * dentry = file->f_path.dentry;
1587 struct configfs_dirent * cursor = file->private_data;
1588
1589 inode_lock(d_inode(dentry));
1590 spin_lock(&configfs_dirent_lock);
1591 list_del_init(&cursor->s_sibling);
1592 spin_unlock(&configfs_dirent_lock);
1593 inode_unlock(d_inode(dentry));
1594
1595 release_configfs_dirent(cursor);
1596
1597 return 0;
1598 }
1599
1600 /* Relationship between s_mode and the DT_xxx types */
dt_type(struct configfs_dirent * sd)1601 static inline unsigned char dt_type(struct configfs_dirent *sd)
1602 {
1603 return (sd->s_mode >> 12) & 15;
1604 }
1605
configfs_readdir(struct file * file,struct dir_context * ctx)1606 static int configfs_readdir(struct file *file, struct dir_context *ctx)
1607 {
1608 struct dentry *dentry = file->f_path.dentry;
1609 struct super_block *sb = dentry->d_sb;
1610 struct configfs_dirent * parent_sd = dentry->d_fsdata;
1611 struct configfs_dirent *cursor = file->private_data;
1612 struct list_head *p, *q = &cursor->s_sibling;
1613 ino_t ino = 0;
1614
1615 if (!dir_emit_dots(file, ctx))
1616 return 0;
1617 spin_lock(&configfs_dirent_lock);
1618 if (ctx->pos == 2)
1619 list_move(q, &parent_sd->s_children);
1620 for (p = q->next; p != &parent_sd->s_children; p = p->next) {
1621 struct configfs_dirent *next;
1622 const char *name;
1623 int len;
1624 struct inode *inode = NULL;
1625
1626 next = list_entry(p, struct configfs_dirent, s_sibling);
1627 if (!next->s_element)
1628 continue;
1629
1630 /*
1631 * We'll have a dentry and an inode for
1632 * PINNED items and for open attribute
1633 * files. We lock here to prevent a race
1634 * with configfs_d_iput() clearing
1635 * s_dentry before calling iput().
1636 *
1637 * Why do we go to the trouble? If
1638 * someone has an attribute file open,
1639 * the inode number should match until
1640 * they close it. Beyond that, we don't
1641 * care.
1642 */
1643 dentry = next->s_dentry;
1644 if (dentry)
1645 inode = d_inode(dentry);
1646 if (inode)
1647 ino = inode->i_ino;
1648 spin_unlock(&configfs_dirent_lock);
1649 if (!inode)
1650 ino = iunique(sb, 2);
1651
1652 name = configfs_get_name(next);
1653 len = strlen(name);
1654
1655 if (!dir_emit(ctx, name, len, ino, dt_type(next)))
1656 return 0;
1657
1658 spin_lock(&configfs_dirent_lock);
1659 list_move(q, p);
1660 p = q;
1661 ctx->pos++;
1662 }
1663 spin_unlock(&configfs_dirent_lock);
1664 return 0;
1665 }
1666
configfs_dir_lseek(struct file * file,loff_t offset,int whence)1667 static loff_t configfs_dir_lseek(struct file *file, loff_t offset, int whence)
1668 {
1669 struct dentry * dentry = file->f_path.dentry;
1670
1671 switch (whence) {
1672 case 1:
1673 offset += file->f_pos;
1674 fallthrough;
1675 case 0:
1676 if (offset >= 0)
1677 break;
1678 fallthrough;
1679 default:
1680 return -EINVAL;
1681 }
1682 if (offset != file->f_pos) {
1683 file->f_pos = offset;
1684 if (file->f_pos >= 2) {
1685 struct configfs_dirent *sd = dentry->d_fsdata;
1686 struct configfs_dirent *cursor = file->private_data;
1687 struct list_head *p;
1688 loff_t n = file->f_pos - 2;
1689
1690 spin_lock(&configfs_dirent_lock);
1691 list_del(&cursor->s_sibling);
1692 p = sd->s_children.next;
1693 while (n && p != &sd->s_children) {
1694 struct configfs_dirent *next;
1695 next = list_entry(p, struct configfs_dirent,
1696 s_sibling);
1697 if (next->s_element)
1698 n--;
1699 p = p->next;
1700 }
1701 list_add_tail(&cursor->s_sibling, p);
1702 spin_unlock(&configfs_dirent_lock);
1703 }
1704 }
1705 return offset;
1706 }
1707
1708 const struct file_operations configfs_dir_operations = {
1709 .open = configfs_dir_open,
1710 .release = configfs_dir_close,
1711 .llseek = configfs_dir_lseek,
1712 .read = generic_read_dir,
1713 .iterate_shared = configfs_readdir,
1714 };
1715
1716 /**
1717 * configfs_register_group - creates a parent-child relation between two groups
1718 * @parent_group: parent group
1719 * @group: child group
1720 *
1721 * link groups, creates dentry for the child and attaches it to the
1722 * parent dentry.
1723 *
1724 * Return: 0 on success, negative errno code on error
1725 */
configfs_register_group(struct config_group * parent_group,struct config_group * group)1726 int configfs_register_group(struct config_group *parent_group,
1727 struct config_group *group)
1728 {
1729 struct configfs_subsystem *subsys = parent_group->cg_subsys;
1730 struct dentry *parent;
1731 struct configfs_fragment *frag;
1732 int ret;
1733
1734 frag = new_fragment();
1735 if (!frag)
1736 return -ENOMEM;
1737
1738 mutex_lock(&subsys->su_mutex);
1739 link_group(parent_group, group);
1740 mutex_unlock(&subsys->su_mutex);
1741
1742 parent = parent_group->cg_item.ci_dentry;
1743
1744 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1745 ret = create_default_group(parent_group, group, frag);
1746 if (ret)
1747 goto err_out;
1748
1749 spin_lock(&configfs_dirent_lock);
1750 configfs_dir_set_ready(group->cg_item.ci_dentry->d_fsdata);
1751 spin_unlock(&configfs_dirent_lock);
1752 inode_unlock(d_inode(parent));
1753 put_fragment(frag);
1754 return 0;
1755 err_out:
1756 inode_unlock(d_inode(parent));
1757 mutex_lock(&subsys->su_mutex);
1758 unlink_group(group);
1759 mutex_unlock(&subsys->su_mutex);
1760 put_fragment(frag);
1761 return ret;
1762 }
1763 EXPORT_SYMBOL(configfs_register_group);
1764
1765 /**
1766 * configfs_unregister_group() - unregisters a child group from its parent
1767 * @group: parent group to be unregistered
1768 *
1769 * Undoes configfs_register_group()
1770 */
configfs_unregister_group(struct config_group * group)1771 void configfs_unregister_group(struct config_group *group)
1772 {
1773 struct configfs_subsystem *subsys = group->cg_subsys;
1774 struct dentry *dentry = group->cg_item.ci_dentry;
1775 struct dentry *parent = group->cg_item.ci_parent->ci_dentry;
1776 struct configfs_dirent *sd = dentry->d_fsdata;
1777 struct configfs_fragment *frag = sd->s_frag;
1778
1779 down_write(&frag->frag_sem);
1780 frag->frag_dead = true;
1781 up_write(&frag->frag_sem);
1782
1783 inode_lock_nested(d_inode(parent), I_MUTEX_PARENT);
1784 spin_lock(&configfs_dirent_lock);
1785 configfs_detach_prep(dentry, NULL);
1786 spin_unlock(&configfs_dirent_lock);
1787
1788 configfs_detach_group(&group->cg_item);
1789 d_inode(dentry)->i_flags |= S_DEAD;
1790 dont_mount(dentry);
1791 d_drop(dentry);
1792 fsnotify_rmdir(d_inode(parent), dentry);
1793 inode_unlock(d_inode(parent));
1794
1795 dput(dentry);
1796
1797 mutex_lock(&subsys->su_mutex);
1798 unlink_group(group);
1799 mutex_unlock(&subsys->su_mutex);
1800 }
1801 EXPORT_SYMBOL(configfs_unregister_group);
1802
1803 /**
1804 * configfs_register_default_group() - allocates and registers a child group
1805 * @parent_group: parent group
1806 * @name: child group name
1807 * @item_type: child item type description
1808 *
1809 * boilerplate to allocate and register a child group with its parent. We need
1810 * kzalloc'ed memory because child's default_group is initially empty.
1811 *
1812 * Return: allocated config group or ERR_PTR() on error
1813 */
1814 struct config_group *
configfs_register_default_group(struct config_group * parent_group,const char * name,const struct config_item_type * item_type)1815 configfs_register_default_group(struct config_group *parent_group,
1816 const char *name,
1817 const struct config_item_type *item_type)
1818 {
1819 int ret;
1820 struct config_group *group;
1821
1822 group = kzalloc(sizeof(*group), GFP_KERNEL);
1823 if (!group)
1824 return ERR_PTR(-ENOMEM);
1825 config_group_init_type_name(group, name, item_type);
1826
1827 ret = configfs_register_group(parent_group, group);
1828 if (ret) {
1829 kfree(group);
1830 return ERR_PTR(ret);
1831 }
1832 return group;
1833 }
1834 EXPORT_SYMBOL(configfs_register_default_group);
1835
1836 /**
1837 * configfs_unregister_default_group() - unregisters and frees a child group
1838 * @group: the group to act on
1839 */
configfs_unregister_default_group(struct config_group * group)1840 void configfs_unregister_default_group(struct config_group *group)
1841 {
1842 configfs_unregister_group(group);
1843 kfree(group);
1844 }
1845 EXPORT_SYMBOL(configfs_unregister_default_group);
1846
configfs_register_subsystem(struct configfs_subsystem * subsys)1847 int configfs_register_subsystem(struct configfs_subsystem *subsys)
1848 {
1849 int err;
1850 struct config_group *group = &subsys->su_group;
1851 struct dentry *dentry;
1852 struct dentry *root;
1853 struct configfs_dirent *sd;
1854 struct configfs_fragment *frag;
1855
1856 frag = new_fragment();
1857 if (!frag)
1858 return -ENOMEM;
1859
1860 root = configfs_pin_fs();
1861 if (IS_ERR(root)) {
1862 put_fragment(frag);
1863 return PTR_ERR(root);
1864 }
1865
1866 if (!group->cg_item.ci_name)
1867 group->cg_item.ci_name = group->cg_item.ci_namebuf;
1868
1869 sd = root->d_fsdata;
1870 mutex_lock(&configfs_subsystem_mutex);
1871 link_group(to_config_group(sd->s_element), group);
1872 mutex_unlock(&configfs_subsystem_mutex);
1873
1874 inode_lock_nested(d_inode(root), I_MUTEX_PARENT);
1875
1876 err = -ENOMEM;
1877 dentry = d_alloc_name(root, group->cg_item.ci_name);
1878 if (dentry) {
1879 d_add(dentry, NULL);
1880
1881 err = configfs_attach_group(sd->s_element, &group->cg_item,
1882 dentry, frag);
1883 if (err) {
1884 BUG_ON(d_inode(dentry));
1885 d_drop(dentry);
1886 dput(dentry);
1887 } else {
1888 spin_lock(&configfs_dirent_lock);
1889 configfs_dir_set_ready(dentry->d_fsdata);
1890 spin_unlock(&configfs_dirent_lock);
1891 }
1892 }
1893
1894 inode_unlock(d_inode(root));
1895
1896 if (err) {
1897 mutex_lock(&configfs_subsystem_mutex);
1898 unlink_group(group);
1899 mutex_unlock(&configfs_subsystem_mutex);
1900 configfs_release_fs();
1901 }
1902 put_fragment(frag);
1903
1904 return err;
1905 }
1906
configfs_unregister_subsystem(struct configfs_subsystem * subsys)1907 void configfs_unregister_subsystem(struct configfs_subsystem *subsys)
1908 {
1909 struct config_group *group = &subsys->su_group;
1910 struct dentry *dentry = group->cg_item.ci_dentry;
1911 struct dentry *root = dentry->d_sb->s_root;
1912 struct configfs_dirent *sd = dentry->d_fsdata;
1913 struct configfs_fragment *frag = sd->s_frag;
1914
1915 if (dentry->d_parent != root) {
1916 pr_err("Tried to unregister non-subsystem!\n");
1917 return;
1918 }
1919
1920 down_write(&frag->frag_sem);
1921 frag->frag_dead = true;
1922 up_write(&frag->frag_sem);
1923
1924 inode_lock_nested(d_inode(root),
1925 I_MUTEX_PARENT);
1926 inode_lock_nested(d_inode(dentry), I_MUTEX_CHILD);
1927 mutex_lock(&configfs_symlink_mutex);
1928 spin_lock(&configfs_dirent_lock);
1929 if (configfs_detach_prep(dentry, NULL)) {
1930 pr_err("Tried to unregister non-empty subsystem!\n");
1931 }
1932 spin_unlock(&configfs_dirent_lock);
1933 mutex_unlock(&configfs_symlink_mutex);
1934 configfs_detach_group(&group->cg_item);
1935 d_inode(dentry)->i_flags |= S_DEAD;
1936 dont_mount(dentry);
1937 inode_unlock(d_inode(dentry));
1938
1939 d_drop(dentry);
1940 fsnotify_rmdir(d_inode(root), dentry);
1941
1942 inode_unlock(d_inode(root));
1943
1944 dput(dentry);
1945
1946 mutex_lock(&configfs_subsystem_mutex);
1947 unlink_group(group);
1948 mutex_unlock(&configfs_subsystem_mutex);
1949 configfs_release_fs();
1950 }
1951
1952 EXPORT_SYMBOL(configfs_register_subsystem);
1953 EXPORT_SYMBOL(configfs_unregister_subsystem);
1954