1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  linux/fs/vfat/namei.c
4  *
5  *  Written 1992,1993 by Werner Almesberger
6  *
7  *  Windows95/Windows NT compatible extended MSDOS filesystem
8  *    by Gordon Chaffee Copyright (C) 1995.  Send bug reports for the
9  *    VFAT filesystem to <chaffee@cs.berkeley.edu>.  Specify
10  *    what file operation caused you trouble and if you can duplicate
11  *    the problem, send a script that demonstrates it.
12  *
13  *  Short name translation 1999, 2001 by Wolfram Pienkoss <wp@bszh.de>
14  *
15  *  Support Multibyte characters and cleanup by
16  *				OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
17  */
18 
19 #include <linux/module.h>
20 #include <linux/ctype.h>
21 #include <linux/slab.h>
22 #include <linux/namei.h>
23 #include <linux/kernel.h>
24 #include <linux/iversion.h>
25 #include "fat.h"
26 
vfat_d_version(struct dentry * dentry)27 static inline unsigned long vfat_d_version(struct dentry *dentry)
28 {
29 	return (unsigned long) dentry->d_fsdata;
30 }
31 
vfat_d_version_set(struct dentry * dentry,unsigned long version)32 static inline void vfat_d_version_set(struct dentry *dentry,
33 				      unsigned long version)
34 {
35 	dentry->d_fsdata = (void *) version;
36 }
37 
38 /*
39  * If new entry was created in the parent, it could create the 8.3
40  * alias (the shortname of logname).  So, the parent may have the
41  * negative-dentry which matches the created 8.3 alias.
42  *
43  * If it happened, the negative dentry isn't actually negative
44  * anymore.  So, drop it.
45  */
vfat_revalidate_shortname(struct dentry * dentry)46 static int vfat_revalidate_shortname(struct dentry *dentry)
47 {
48 	int ret = 1;
49 	spin_lock(&dentry->d_lock);
50 	if (!inode_eq_iversion(d_inode(dentry->d_parent), vfat_d_version(dentry)))
51 		ret = 0;
52 	spin_unlock(&dentry->d_lock);
53 	return ret;
54 }
55 
vfat_revalidate(struct dentry * dentry,unsigned int flags)56 static int vfat_revalidate(struct dentry *dentry, unsigned int flags)
57 {
58 	if (flags & LOOKUP_RCU)
59 		return -ECHILD;
60 
61 	/* This is not negative dentry. Always valid. */
62 	if (d_really_is_positive(dentry))
63 		return 1;
64 	return vfat_revalidate_shortname(dentry);
65 }
66 
vfat_revalidate_ci(struct dentry * dentry,unsigned int flags)67 static int vfat_revalidate_ci(struct dentry *dentry, unsigned int flags)
68 {
69 	if (flags & LOOKUP_RCU)
70 		return -ECHILD;
71 
72 	/*
73 	 * This is not negative dentry. Always valid.
74 	 *
75 	 * Note, rename() to existing directory entry will have ->d_inode,
76 	 * and will use existing name which isn't specified name by user.
77 	 *
78 	 * We may be able to drop this positive dentry here. But dropping
79 	 * positive dentry isn't good idea. So it's unsupported like
80 	 * rename("filename", "FILENAME") for now.
81 	 */
82 	if (d_really_is_positive(dentry))
83 		return 1;
84 
85 	/*
86 	 * This may be nfsd (or something), anyway, we can't see the
87 	 * intent of this. So, since this can be for creation, drop it.
88 	 */
89 	if (!flags)
90 		return 0;
91 
92 	/*
93 	 * Drop the negative dentry, in order to make sure to use the
94 	 * case sensitive name which is specified by user if this is
95 	 * for creation.
96 	 */
97 	if (flags & (LOOKUP_CREATE | LOOKUP_RENAME_TARGET))
98 		return 0;
99 
100 	return vfat_revalidate_shortname(dentry);
101 }
102 
103 /* returns the length of a struct qstr, ignoring trailing dots */
__vfat_striptail_len(unsigned int len,const char * name)104 static unsigned int __vfat_striptail_len(unsigned int len, const char *name)
105 {
106 	while (len && name[len - 1] == '.')
107 		len--;
108 	return len;
109 }
110 
vfat_striptail_len(const struct qstr * qstr)111 static unsigned int vfat_striptail_len(const struct qstr *qstr)
112 {
113 	return __vfat_striptail_len(qstr->len, qstr->name);
114 }
115 
116 /*
117  * Compute the hash for the vfat name corresponding to the dentry.
118  * Note: if the name is invalid, we leave the hash code unchanged so
119  * that the existing dentry can be used. The vfat fs routines will
120  * return ENOENT or EINVAL as appropriate.
121  */
vfat_hash(const struct dentry * dentry,struct qstr * qstr)122 static int vfat_hash(const struct dentry *dentry, struct qstr *qstr)
123 {
124 	qstr->hash = full_name_hash(dentry, qstr->name, vfat_striptail_len(qstr));
125 	return 0;
126 }
127 
128 /*
129  * Compute the hash for the vfat name corresponding to the dentry.
130  * Note: if the name is invalid, we leave the hash code unchanged so
131  * that the existing dentry can be used. The vfat fs routines will
132  * return ENOENT or EINVAL as appropriate.
133  */
vfat_hashi(const struct dentry * dentry,struct qstr * qstr)134 static int vfat_hashi(const struct dentry *dentry, struct qstr *qstr)
135 {
136 	struct nls_table *t = MSDOS_SB(dentry->d_sb)->nls_io;
137 	const unsigned char *name;
138 	unsigned int len;
139 	unsigned long hash;
140 
141 	name = qstr->name;
142 	len = vfat_striptail_len(qstr);
143 
144 	hash = init_name_hash(dentry);
145 	while (len--)
146 		hash = partial_name_hash(nls_tolower(t, *name++), hash);
147 	qstr->hash = end_name_hash(hash);
148 
149 	return 0;
150 }
151 
152 /*
153  * Case insensitive compare of two vfat names.
154  */
vfat_cmpi(const struct dentry * dentry,unsigned int len,const char * str,const struct qstr * name)155 static int vfat_cmpi(const struct dentry *dentry,
156 		unsigned int len, const char *str, const struct qstr *name)
157 {
158 	struct nls_table *t = MSDOS_SB(dentry->d_sb)->nls_io;
159 	unsigned int alen, blen;
160 
161 	/* A filename cannot end in '.' or we treat it like it has none */
162 	alen = vfat_striptail_len(name);
163 	blen = __vfat_striptail_len(len, str);
164 	if (alen == blen) {
165 		if (nls_strnicmp(t, name->name, str, alen) == 0)
166 			return 0;
167 	}
168 	return 1;
169 }
170 
171 /*
172  * Case sensitive compare of two vfat names.
173  */
vfat_cmp(const struct dentry * dentry,unsigned int len,const char * str,const struct qstr * name)174 static int vfat_cmp(const struct dentry *dentry,
175 		unsigned int len, const char *str, const struct qstr *name)
176 {
177 	unsigned int alen, blen;
178 
179 	/* A filename cannot end in '.' or we treat it like it has none */
180 	alen = vfat_striptail_len(name);
181 	blen = __vfat_striptail_len(len, str);
182 	if (alen == blen) {
183 		if (strncmp(name->name, str, alen) == 0)
184 			return 0;
185 	}
186 	return 1;
187 }
188 
189 static const struct dentry_operations vfat_ci_dentry_ops = {
190 	.d_revalidate	= vfat_revalidate_ci,
191 	.d_hash		= vfat_hashi,
192 	.d_compare	= vfat_cmpi,
193 };
194 
195 static const struct dentry_operations vfat_dentry_ops = {
196 	.d_revalidate	= vfat_revalidate,
197 	.d_hash		= vfat_hash,
198 	.d_compare	= vfat_cmp,
199 };
200 
201 /* Characters that are undesirable in an MS-DOS file name */
202 
vfat_bad_char(wchar_t w)203 static inline wchar_t vfat_bad_char(wchar_t w)
204 {
205 	return (w < 0x0020)
206 	    || (w == '*') || (w == '?') || (w == '<') || (w == '>')
207 	    || (w == '|') || (w == '"') || (w == ':') || (w == '/')
208 	    || (w == '\\');
209 }
210 
vfat_replace_char(wchar_t w)211 static inline wchar_t vfat_replace_char(wchar_t w)
212 {
213 	return (w == '[') || (w == ']') || (w == ';') || (w == ',')
214 	    || (w == '+') || (w == '=');
215 }
216 
vfat_skip_char(wchar_t w)217 static wchar_t vfat_skip_char(wchar_t w)
218 {
219 	return (w == '.') || (w == ' ');
220 }
221 
vfat_is_used_badchars(const wchar_t * s,int len)222 static inline int vfat_is_used_badchars(const wchar_t *s, int len)
223 {
224 	int i;
225 
226 	for (i = 0; i < len; i++)
227 		if (vfat_bad_char(s[i]))
228 			return -EINVAL;
229 
230 	if (s[i - 1] == ' ') /* last character cannot be space */
231 		return -EINVAL;
232 
233 	return 0;
234 }
235 
vfat_find_form(struct inode * dir,unsigned char * name)236 static int vfat_find_form(struct inode *dir, unsigned char *name)
237 {
238 	struct fat_slot_info sinfo;
239 	int err = fat_scan(dir, name, &sinfo);
240 	if (err)
241 		return -ENOENT;
242 	brelse(sinfo.bh);
243 	return 0;
244 }
245 
246 /*
247  * 1) Valid characters for the 8.3 format alias are any combination of
248  * letters, uppercase alphabets, digits, any of the
249  * following special characters:
250  *     $ % ' ` - @ { } ~ ! # ( ) & _ ^
251  * In this case Longfilename is not stored in disk.
252  *
253  * WinNT's Extension:
254  * File name and extension name is contain uppercase/lowercase
255  * only. And it is expressed by CASE_LOWER_BASE and CASE_LOWER_EXT.
256  *
257  * 2) File name is 8.3 format, but it contain the uppercase and
258  * lowercase char, muliti bytes char, etc. In this case numtail is not
259  * added, but Longfilename is stored.
260  *
261  * 3) When the one except for the above, or the following special
262  * character are contained:
263  *        .   [ ] ; , + =
264  * numtail is added, and Longfilename must be stored in disk .
265  */
266 struct shortname_info {
267 	unsigned char lower:1,
268 		      upper:1,
269 		      valid:1;
270 };
271 #define INIT_SHORTNAME_INFO(x)	do {		\
272 	(x)->lower = 1;				\
273 	(x)->upper = 1;				\
274 	(x)->valid = 1;				\
275 } while (0)
276 
to_shortname_char(struct nls_table * nls,unsigned char * buf,int buf_size,wchar_t * src,struct shortname_info * info)277 static inline int to_shortname_char(struct nls_table *nls,
278 				    unsigned char *buf, int buf_size,
279 				    wchar_t *src, struct shortname_info *info)
280 {
281 	int len;
282 
283 	if (vfat_skip_char(*src)) {
284 		info->valid = 0;
285 		return 0;
286 	}
287 	if (vfat_replace_char(*src)) {
288 		info->valid = 0;
289 		buf[0] = '_';
290 		return 1;
291 	}
292 
293 	len = nls->uni2char(*src, buf, buf_size);
294 	if (len <= 0) {
295 		info->valid = 0;
296 		buf[0] = '_';
297 		len = 1;
298 	} else if (len == 1) {
299 		unsigned char prev = buf[0];
300 
301 		if (buf[0] >= 0x7F) {
302 			info->lower = 0;
303 			info->upper = 0;
304 		}
305 
306 		buf[0] = nls_toupper(nls, buf[0]);
307 		if (isalpha(buf[0])) {
308 			if (buf[0] == prev)
309 				info->lower = 0;
310 			else
311 				info->upper = 0;
312 		}
313 	} else {
314 		info->lower = 0;
315 		info->upper = 0;
316 	}
317 
318 	return len;
319 }
320 
321 /*
322  * Given a valid longname, create a unique shortname.  Make sure the
323  * shortname does not exist
324  * Returns negative number on error, 0 for a normal
325  * return, and 1 for valid shortname
326  */
vfat_create_shortname(struct inode * dir,struct nls_table * nls,wchar_t * uname,int ulen,unsigned char * name_res,unsigned char * lcase)327 static int vfat_create_shortname(struct inode *dir, struct nls_table *nls,
328 				 wchar_t *uname, int ulen,
329 				 unsigned char *name_res, unsigned char *lcase)
330 {
331 	struct fat_mount_options *opts = &MSDOS_SB(dir->i_sb)->options;
332 	wchar_t *ip, *ext_start, *end, *name_start;
333 	unsigned char base[9], ext[4], buf[5], *p;
334 	unsigned char charbuf[NLS_MAX_CHARSET_SIZE];
335 	int chl, chi;
336 	int sz = 0, extlen, baselen, i, numtail_baselen, numtail2_baselen;
337 	int is_shortname;
338 	struct shortname_info base_info, ext_info;
339 
340 	is_shortname = 1;
341 	INIT_SHORTNAME_INFO(&base_info);
342 	INIT_SHORTNAME_INFO(&ext_info);
343 
344 	/* Now, we need to create a shortname from the long name */
345 	ext_start = end = &uname[ulen];
346 	while (--ext_start >= uname) {
347 		if (*ext_start == 0x002E) {	/* is `.' */
348 			if (ext_start == end - 1) {
349 				sz = ulen;
350 				ext_start = NULL;
351 			}
352 			break;
353 		}
354 	}
355 
356 	if (ext_start == uname - 1) {
357 		sz = ulen;
358 		ext_start = NULL;
359 	} else if (ext_start) {
360 		/*
361 		 * Names which start with a dot could be just
362 		 * an extension eg. "...test".  In this case Win95
363 		 * uses the extension as the name and sets no extension.
364 		 */
365 		name_start = &uname[0];
366 		while (name_start < ext_start) {
367 			if (!vfat_skip_char(*name_start))
368 				break;
369 			name_start++;
370 		}
371 		if (name_start != ext_start) {
372 			sz = ext_start - uname;
373 			ext_start++;
374 		} else {
375 			sz = ulen;
376 			ext_start = NULL;
377 		}
378 	}
379 
380 	numtail_baselen = 6;
381 	numtail2_baselen = 2;
382 	for (baselen = i = 0, p = base, ip = uname; i < sz; i++, ip++) {
383 		chl = to_shortname_char(nls, charbuf, sizeof(charbuf),
384 					ip, &base_info);
385 		if (chl == 0)
386 			continue;
387 
388 		if (baselen < 2 && (baselen + chl) > 2)
389 			numtail2_baselen = baselen;
390 		if (baselen < 6 && (baselen + chl) > 6)
391 			numtail_baselen = baselen;
392 		for (chi = 0; chi < chl; chi++) {
393 			*p++ = charbuf[chi];
394 			baselen++;
395 			if (baselen >= 8)
396 				break;
397 		}
398 		if (baselen >= 8) {
399 			if ((chi < chl - 1) || (ip + 1) - uname < sz)
400 				is_shortname = 0;
401 			break;
402 		}
403 	}
404 	if (baselen == 0) {
405 		return -EINVAL;
406 	}
407 
408 	extlen = 0;
409 	if (ext_start) {
410 		for (p = ext, ip = ext_start; extlen < 3 && ip < end; ip++) {
411 			chl = to_shortname_char(nls, charbuf, sizeof(charbuf),
412 						ip, &ext_info);
413 			if (chl == 0)
414 				continue;
415 
416 			if ((extlen + chl) > 3) {
417 				is_shortname = 0;
418 				break;
419 			}
420 			for (chi = 0; chi < chl; chi++) {
421 				*p++ = charbuf[chi];
422 				extlen++;
423 			}
424 			if (extlen >= 3) {
425 				if (ip + 1 != end)
426 					is_shortname = 0;
427 				break;
428 			}
429 		}
430 	}
431 	ext[extlen] = '\0';
432 	base[baselen] = '\0';
433 
434 	/* Yes, it can happen. ".\xe5" would do it. */
435 	if (base[0] == DELETED_FLAG)
436 		base[0] = 0x05;
437 
438 	/* OK, at this point we know that base is not longer than 8 symbols,
439 	 * ext is not longer than 3, base is nonempty, both don't contain
440 	 * any bad symbols (lowercase transformed to uppercase).
441 	 */
442 
443 	memset(name_res, ' ', MSDOS_NAME);
444 	memcpy(name_res, base, baselen);
445 	memcpy(name_res + 8, ext, extlen);
446 	*lcase = 0;
447 	if (is_shortname && base_info.valid && ext_info.valid) {
448 		if (vfat_find_form(dir, name_res) == 0)
449 			return -EEXIST;
450 
451 		if (opts->shortname & VFAT_SFN_CREATE_WIN95) {
452 			return (base_info.upper && ext_info.upper);
453 		} else if (opts->shortname & VFAT_SFN_CREATE_WINNT) {
454 			if ((base_info.upper || base_info.lower) &&
455 			    (ext_info.upper || ext_info.lower)) {
456 				if (!base_info.upper && base_info.lower)
457 					*lcase |= CASE_LOWER_BASE;
458 				if (!ext_info.upper && ext_info.lower)
459 					*lcase |= CASE_LOWER_EXT;
460 				return 1;
461 			}
462 			return 0;
463 		} else {
464 			BUG();
465 		}
466 	}
467 
468 	if (opts->numtail == 0)
469 		if (vfat_find_form(dir, name_res) < 0)
470 			return 0;
471 
472 	/*
473 	 * Try to find a unique extension.  This used to
474 	 * iterate through all possibilities sequentially,
475 	 * but that gave extremely bad performance.  Windows
476 	 * only tries a few cases before using random
477 	 * values for part of the base.
478 	 */
479 
480 	if (baselen > 6) {
481 		baselen = numtail_baselen;
482 		name_res[7] = ' ';
483 	}
484 	name_res[baselen] = '~';
485 	for (i = 1; i < 10; i++) {
486 		name_res[baselen + 1] = i + '0';
487 		if (vfat_find_form(dir, name_res) < 0)
488 			return 0;
489 	}
490 
491 	i = jiffies;
492 	sz = (jiffies >> 16) & 0x7;
493 	if (baselen > 2) {
494 		baselen = numtail2_baselen;
495 		name_res[7] = ' ';
496 	}
497 	name_res[baselen + 4] = '~';
498 	name_res[baselen + 5] = '1' + sz;
499 	while (1) {
500 		snprintf(buf, sizeof(buf), "%04X", i & 0xffff);
501 		memcpy(&name_res[baselen], buf, 4);
502 		if (vfat_find_form(dir, name_res) < 0)
503 			break;
504 		i -= 11;
505 	}
506 	return 0;
507 }
508 
509 /* Translate a string, including coded sequences into Unicode */
510 static int
xlate_to_uni(const unsigned char * name,int len,unsigned char * outname,int * longlen,int * outlen,int escape,int utf8,struct nls_table * nls)511 xlate_to_uni(const unsigned char *name, int len, unsigned char *outname,
512 	     int *longlen, int *outlen, int escape, int utf8,
513 	     struct nls_table *nls)
514 {
515 	const unsigned char *ip;
516 	unsigned char *op;
517 	int i, fill;
518 	int charlen;
519 
520 	if (utf8) {
521 		*outlen = utf8s_to_utf16s(name, len, UTF16_HOST_ENDIAN,
522 				(wchar_t *) outname, FAT_LFN_LEN + 2);
523 		if (*outlen < 0)
524 			return *outlen;
525 		else if (*outlen > FAT_LFN_LEN)
526 			return -ENAMETOOLONG;
527 
528 		op = &outname[*outlen * sizeof(wchar_t)];
529 	} else {
530 		for (i = 0, ip = name, op = outname, *outlen = 0;
531 			 i < len && *outlen < FAT_LFN_LEN;
532 			 *outlen += 1) {
533 			if (escape && (*ip == ':')) {
534 				u8 uc[2];
535 
536 				if (i > len - 5)
537 					return -EINVAL;
538 
539 				if (hex2bin(uc, ip + 1, 2) < 0)
540 					return -EINVAL;
541 
542 				*(wchar_t *)op = uc[0] << 8 | uc[1];
543 
544 				op += 2;
545 				ip += 5;
546 				i += 5;
547 			} else {
548 				charlen = nls->char2uni(ip, len - i,
549 							(wchar_t *)op);
550 				if (charlen < 0)
551 					return -EINVAL;
552 				ip += charlen;
553 				i += charlen;
554 				op += 2;
555 			}
556 		}
557 		if (i < len)
558 			return -ENAMETOOLONG;
559 	}
560 
561 	*longlen = *outlen;
562 	if (*outlen % 13) {
563 		*op++ = 0;
564 		*op++ = 0;
565 		*outlen += 1;
566 		if (*outlen % 13) {
567 			fill = 13 - (*outlen % 13);
568 			for (i = 0; i < fill; i++) {
569 				*op++ = 0xff;
570 				*op++ = 0xff;
571 			}
572 			*outlen += fill;
573 		}
574 	}
575 
576 	return 0;
577 }
578 
vfat_build_slots(struct inode * dir,const unsigned char * name,int len,int is_dir,int cluster,struct timespec64 * ts,struct msdos_dir_slot * slots,int * nr_slots)579 static int vfat_build_slots(struct inode *dir, const unsigned char *name,
580 			    int len, int is_dir, int cluster,
581 			    struct timespec64 *ts,
582 			    struct msdos_dir_slot *slots, int *nr_slots)
583 {
584 	struct msdos_sb_info *sbi = MSDOS_SB(dir->i_sb);
585 	struct fat_mount_options *opts = &sbi->options;
586 	struct msdos_dir_slot *ps;
587 	struct msdos_dir_entry *de;
588 	unsigned char cksum, lcase;
589 	unsigned char msdos_name[MSDOS_NAME];
590 	wchar_t *uname;
591 	__le16 time, date;
592 	u8 time_cs;
593 	int err, ulen, usize, i;
594 	loff_t offset;
595 
596 	*nr_slots = 0;
597 
598 	uname = __getname();
599 	if (!uname)
600 		return -ENOMEM;
601 
602 	err = xlate_to_uni(name, len, (unsigned char *)uname, &ulen, &usize,
603 			   opts->unicode_xlate, opts->utf8, sbi->nls_io);
604 	if (err)
605 		goto out_free;
606 
607 	err = vfat_is_used_badchars(uname, ulen);
608 	if (err)
609 		goto out_free;
610 
611 	err = vfat_create_shortname(dir, sbi->nls_disk, uname, ulen,
612 				    msdos_name, &lcase);
613 	if (err < 0)
614 		goto out_free;
615 	else if (err == 1) {
616 		de = (struct msdos_dir_entry *)slots;
617 		err = 0;
618 		goto shortname;
619 	}
620 
621 	/* build the entry of long file name */
622 	cksum = fat_checksum(msdos_name);
623 
624 	*nr_slots = usize / 13;
625 	for (ps = slots, i = *nr_slots; i > 0; i--, ps++) {
626 		ps->id = i;
627 		ps->attr = ATTR_EXT;
628 		ps->reserved = 0;
629 		ps->alias_checksum = cksum;
630 		ps->start = 0;
631 		offset = (i - 1) * 13;
632 		fatwchar_to16(ps->name0_4, uname + offset, 5);
633 		fatwchar_to16(ps->name5_10, uname + offset + 5, 6);
634 		fatwchar_to16(ps->name11_12, uname + offset + 11, 2);
635 	}
636 	slots[0].id |= 0x40;
637 	de = (struct msdos_dir_entry *)ps;
638 
639 shortname:
640 	/* build the entry of 8.3 alias name */
641 	(*nr_slots)++;
642 	memcpy(de->name, msdos_name, MSDOS_NAME);
643 	de->attr = is_dir ? ATTR_DIR : ATTR_ARCH;
644 	de->lcase = lcase;
645 	fat_time_unix2fat(sbi, ts, &time, &date, &time_cs);
646 	de->time = de->ctime = time;
647 	de->date = de->cdate = de->adate = date;
648 	de->ctime_cs = time_cs;
649 	fat_set_start(de, cluster);
650 	de->size = 0;
651 out_free:
652 	__putname(uname);
653 	return err;
654 }
655 
vfat_add_entry(struct inode * dir,const struct qstr * qname,int is_dir,int cluster,struct timespec64 * ts,struct fat_slot_info * sinfo)656 static int vfat_add_entry(struct inode *dir, const struct qstr *qname,
657 			  int is_dir, int cluster, struct timespec64 *ts,
658 			  struct fat_slot_info *sinfo)
659 {
660 	struct msdos_dir_slot *slots;
661 	unsigned int len;
662 	int err, nr_slots;
663 
664 	len = vfat_striptail_len(qname);
665 	if (len == 0)
666 		return -ENOENT;
667 
668 	slots = kmalloc_array(MSDOS_SLOTS, sizeof(*slots), GFP_NOFS);
669 	if (slots == NULL)
670 		return -ENOMEM;
671 
672 	err = vfat_build_slots(dir, qname->name, len, is_dir, cluster, ts,
673 			       slots, &nr_slots);
674 	if (err)
675 		goto cleanup;
676 
677 	err = fat_add_entries(dir, slots, nr_slots, sinfo);
678 	if (err)
679 		goto cleanup;
680 
681 	/* update timestamp */
682 	fat_truncate_time(dir, ts, S_CTIME|S_MTIME);
683 	if (IS_DIRSYNC(dir))
684 		(void)fat_sync_inode(dir);
685 	else
686 		mark_inode_dirty(dir);
687 cleanup:
688 	kfree(slots);
689 	return err;
690 }
691 
vfat_find(struct inode * dir,const struct qstr * qname,struct fat_slot_info * sinfo)692 static int vfat_find(struct inode *dir, const struct qstr *qname,
693 		     struct fat_slot_info *sinfo)
694 {
695 	unsigned int len = vfat_striptail_len(qname);
696 	if (len == 0)
697 		return -ENOENT;
698 	return fat_search_long(dir, qname->name, len, sinfo);
699 }
700 
vfat_lookup(struct inode * dir,struct dentry * dentry,unsigned int flags)701 static struct dentry *vfat_lookup(struct inode *dir, struct dentry *dentry,
702 				  unsigned int flags)
703 {
704 	struct super_block *sb = dir->i_sb;
705 	struct fat_slot_info sinfo;
706 	struct inode *inode;
707 	struct dentry *alias;
708 	int err;
709 
710 	mutex_lock(&MSDOS_SB(sb)->s_lock);
711 
712 	err = vfat_find(dir, &dentry->d_name, &sinfo);
713 	if (err) {
714 		if (err == -ENOENT) {
715 			inode = NULL;
716 			goto out;
717 		}
718 		goto error;
719 	}
720 
721 	inode = fat_build_inode(sb, sinfo.de, sinfo.i_pos);
722 	brelse(sinfo.bh);
723 	if (IS_ERR(inode)) {
724 		err = PTR_ERR(inode);
725 		goto error;
726 	}
727 
728 	alias = d_find_alias(inode);
729 	/*
730 	 * Checking "alias->d_parent == dentry->d_parent" to make sure
731 	 * FS is not corrupted (especially double linked dir).
732 	 */
733 	if (alias && alias->d_parent == dentry->d_parent) {
734 		/*
735 		 * This inode has non anonymous-DCACHE_DISCONNECTED
736 		 * dentry. This means, the user did ->lookup() by an
737 		 * another name (longname vs 8.3 alias of it) in past.
738 		 *
739 		 * Switch to new one for reason of locality if possible.
740 		 */
741 		if (!S_ISDIR(inode->i_mode))
742 			d_move(alias, dentry);
743 		iput(inode);
744 		mutex_unlock(&MSDOS_SB(sb)->s_lock);
745 		return alias;
746 	} else
747 		dput(alias);
748 
749 out:
750 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
751 	if (!inode)
752 		vfat_d_version_set(dentry, inode_query_iversion(dir));
753 	return d_splice_alias(inode, dentry);
754 error:
755 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
756 	return ERR_PTR(err);
757 }
758 
vfat_create(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * dentry,umode_t mode,bool excl)759 static int vfat_create(struct user_namespace *mnt_userns, struct inode *dir,
760 		       struct dentry *dentry, umode_t mode, bool excl)
761 {
762 	struct super_block *sb = dir->i_sb;
763 	struct inode *inode;
764 	struct fat_slot_info sinfo;
765 	struct timespec64 ts;
766 	int err;
767 
768 	mutex_lock(&MSDOS_SB(sb)->s_lock);
769 
770 	ts = current_time(dir);
771 	err = vfat_add_entry(dir, &dentry->d_name, 0, 0, &ts, &sinfo);
772 	if (err)
773 		goto out;
774 	inode_inc_iversion(dir);
775 
776 	inode = fat_build_inode(sb, sinfo.de, sinfo.i_pos);
777 	brelse(sinfo.bh);
778 	if (IS_ERR(inode)) {
779 		err = PTR_ERR(inode);
780 		goto out;
781 	}
782 	inode_inc_iversion(inode);
783 
784 	d_instantiate(dentry, inode);
785 out:
786 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
787 	return err;
788 }
789 
vfat_rmdir(struct inode * dir,struct dentry * dentry)790 static int vfat_rmdir(struct inode *dir, struct dentry *dentry)
791 {
792 	struct inode *inode = d_inode(dentry);
793 	struct super_block *sb = dir->i_sb;
794 	struct fat_slot_info sinfo;
795 	int err;
796 
797 	mutex_lock(&MSDOS_SB(sb)->s_lock);
798 
799 	err = fat_dir_empty(inode);
800 	if (err)
801 		goto out;
802 	err = vfat_find(dir, &dentry->d_name, &sinfo);
803 	if (err)
804 		goto out;
805 
806 	err = fat_remove_entries(dir, &sinfo);	/* and releases bh */
807 	if (err)
808 		goto out;
809 	drop_nlink(dir);
810 
811 	clear_nlink(inode);
812 	fat_truncate_time(inode, NULL, S_ATIME|S_MTIME);
813 	fat_detach(inode);
814 	vfat_d_version_set(dentry, inode_query_iversion(dir));
815 out:
816 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
817 
818 	return err;
819 }
820 
vfat_unlink(struct inode * dir,struct dentry * dentry)821 static int vfat_unlink(struct inode *dir, struct dentry *dentry)
822 {
823 	struct inode *inode = d_inode(dentry);
824 	struct super_block *sb = dir->i_sb;
825 	struct fat_slot_info sinfo;
826 	int err;
827 
828 	mutex_lock(&MSDOS_SB(sb)->s_lock);
829 
830 	err = vfat_find(dir, &dentry->d_name, &sinfo);
831 	if (err)
832 		goto out;
833 
834 	err = fat_remove_entries(dir, &sinfo);	/* and releases bh */
835 	if (err)
836 		goto out;
837 	clear_nlink(inode);
838 	fat_truncate_time(inode, NULL, S_ATIME|S_MTIME);
839 	fat_detach(inode);
840 	vfat_d_version_set(dentry, inode_query_iversion(dir));
841 out:
842 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
843 
844 	return err;
845 }
846 
vfat_mkdir(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * dentry,umode_t mode)847 static int vfat_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
848 		      struct dentry *dentry, umode_t mode)
849 {
850 	struct super_block *sb = dir->i_sb;
851 	struct inode *inode;
852 	struct fat_slot_info sinfo;
853 	struct timespec64 ts;
854 	int err, cluster;
855 
856 	mutex_lock(&MSDOS_SB(sb)->s_lock);
857 
858 	ts = current_time(dir);
859 	cluster = fat_alloc_new_dir(dir, &ts);
860 	if (cluster < 0) {
861 		err = cluster;
862 		goto out;
863 	}
864 	err = vfat_add_entry(dir, &dentry->d_name, 1, cluster, &ts, &sinfo);
865 	if (err)
866 		goto out_free;
867 	inode_inc_iversion(dir);
868 	inc_nlink(dir);
869 
870 	inode = fat_build_inode(sb, sinfo.de, sinfo.i_pos);
871 	brelse(sinfo.bh);
872 	if (IS_ERR(inode)) {
873 		err = PTR_ERR(inode);
874 		/* the directory was completed, just return a error */
875 		goto out;
876 	}
877 	inode_inc_iversion(inode);
878 	set_nlink(inode, 2);
879 
880 	d_instantiate(dentry, inode);
881 
882 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
883 	return 0;
884 
885 out_free:
886 	fat_free_clusters(dir, cluster);
887 out:
888 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
889 	return err;
890 }
891 
vfat_get_dotdot_de(struct inode * inode,struct buffer_head ** bh,struct msdos_dir_entry ** de)892 static int vfat_get_dotdot_de(struct inode *inode, struct buffer_head **bh,
893 			      struct msdos_dir_entry **de)
894 {
895 	if (S_ISDIR(inode->i_mode)) {
896 		if (fat_get_dotdot_entry(inode, bh, de))
897 			return -EIO;
898 	}
899 	return 0;
900 }
901 
vfat_sync_ipos(struct inode * dir,struct inode * inode)902 static int vfat_sync_ipos(struct inode *dir, struct inode *inode)
903 {
904 	if (IS_DIRSYNC(dir))
905 		return fat_sync_inode(inode);
906 	mark_inode_dirty(inode);
907 	return 0;
908 }
909 
vfat_update_dotdot_de(struct inode * dir,struct inode * inode,struct buffer_head * dotdot_bh,struct msdos_dir_entry * dotdot_de)910 static int vfat_update_dotdot_de(struct inode *dir, struct inode *inode,
911 				 struct buffer_head *dotdot_bh,
912 				 struct msdos_dir_entry *dotdot_de)
913 {
914 	fat_set_start(dotdot_de, MSDOS_I(dir)->i_logstart);
915 	mark_buffer_dirty_inode(dotdot_bh, inode);
916 	if (IS_DIRSYNC(dir))
917 		return sync_dirty_buffer(dotdot_bh);
918 	return 0;
919 }
920 
vfat_update_dir_metadata(struct inode * dir,struct timespec64 * ts)921 static void vfat_update_dir_metadata(struct inode *dir, struct timespec64 *ts)
922 {
923 	inode_inc_iversion(dir);
924 	fat_truncate_time(dir, ts, S_CTIME | S_MTIME);
925 	if (IS_DIRSYNC(dir))
926 		(void)fat_sync_inode(dir);
927 	else
928 		mark_inode_dirty(dir);
929 }
930 
vfat_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)931 static int vfat_rename(struct inode *old_dir, struct dentry *old_dentry,
932 		       struct inode *new_dir, struct dentry *new_dentry)
933 {
934 	struct buffer_head *dotdot_bh;
935 	struct msdos_dir_entry *dotdot_de = NULL;
936 	struct inode *old_inode, *new_inode;
937 	struct fat_slot_info old_sinfo, sinfo;
938 	struct timespec64 ts;
939 	loff_t new_i_pos;
940 	int err, is_dir, corrupt = 0;
941 	struct super_block *sb = old_dir->i_sb;
942 
943 	old_sinfo.bh = sinfo.bh = dotdot_bh = NULL;
944 	old_inode = d_inode(old_dentry);
945 	new_inode = d_inode(new_dentry);
946 	mutex_lock(&MSDOS_SB(sb)->s_lock);
947 	err = vfat_find(old_dir, &old_dentry->d_name, &old_sinfo);
948 	if (err)
949 		goto out;
950 
951 	if (old_dir != new_dir) {
952 		err = vfat_get_dotdot_de(old_inode, &dotdot_bh, &dotdot_de);
953 		if (err)
954 			goto out;
955 	}
956 
957 	is_dir = S_ISDIR(old_inode->i_mode);
958 	ts = current_time(old_dir);
959 	if (new_inode) {
960 		if (is_dir) {
961 			err = fat_dir_empty(new_inode);
962 			if (err)
963 				goto out;
964 		}
965 		new_i_pos = MSDOS_I(new_inode)->i_pos;
966 		fat_detach(new_inode);
967 	} else {
968 		err = vfat_add_entry(new_dir, &new_dentry->d_name, is_dir, 0,
969 				     &ts, &sinfo);
970 		if (err)
971 			goto out;
972 		new_i_pos = sinfo.i_pos;
973 	}
974 	inode_inc_iversion(new_dir);
975 
976 	fat_detach(old_inode);
977 	fat_attach(old_inode, new_i_pos);
978 	err = vfat_sync_ipos(new_dir, old_inode);
979 	if (err)
980 		goto error_inode;
981 
982 	if (dotdot_de) {
983 		err = vfat_update_dotdot_de(new_dir, old_inode, dotdot_bh,
984 					    dotdot_de);
985 		if (err)
986 			goto error_dotdot;
987 		drop_nlink(old_dir);
988 		if (!new_inode)
989  			inc_nlink(new_dir);
990 	}
991 
992 	err = fat_remove_entries(old_dir, &old_sinfo);	/* and releases bh */
993 	old_sinfo.bh = NULL;
994 	if (err)
995 		goto error_dotdot;
996 	vfat_update_dir_metadata(old_dir, &ts);
997 
998 	if (new_inode) {
999 		drop_nlink(new_inode);
1000 		if (is_dir)
1001 			drop_nlink(new_inode);
1002 		fat_truncate_time(new_inode, &ts, S_CTIME);
1003 	}
1004 out:
1005 	brelse(sinfo.bh);
1006 	brelse(dotdot_bh);
1007 	brelse(old_sinfo.bh);
1008 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
1009 
1010 	return err;
1011 
1012 error_dotdot:
1013 	/* data cluster is shared, serious corruption */
1014 	corrupt = 1;
1015 
1016 	if (dotdot_de) {
1017 		corrupt |= vfat_update_dotdot_de(old_dir, old_inode, dotdot_bh,
1018 						 dotdot_de);
1019 	}
1020 error_inode:
1021 	fat_detach(old_inode);
1022 	fat_attach(old_inode, old_sinfo.i_pos);
1023 	if (new_inode) {
1024 		fat_attach(new_inode, new_i_pos);
1025 		if (corrupt)
1026 			corrupt |= fat_sync_inode(new_inode);
1027 	} else {
1028 		/*
1029 		 * If new entry was not sharing the data cluster, it
1030 		 * shouldn't be serious corruption.
1031 		 */
1032 		int err2 = fat_remove_entries(new_dir, &sinfo);
1033 		if (corrupt)
1034 			corrupt |= err2;
1035 		sinfo.bh = NULL;
1036 	}
1037 	if (corrupt < 0) {
1038 		fat_fs_error(new_dir->i_sb,
1039 			     "%s: Filesystem corrupted (i_pos %lld)",
1040 			     __func__, sinfo.i_pos);
1041 	}
1042 	goto out;
1043 }
1044 
vfat_exchange_ipos(struct inode * old_inode,struct inode * new_inode,loff_t old_i_pos,loff_t new_i_pos)1045 static void vfat_exchange_ipos(struct inode *old_inode, struct inode *new_inode,
1046 			       loff_t old_i_pos, loff_t new_i_pos)
1047 {
1048 	fat_detach(old_inode);
1049 	fat_detach(new_inode);
1050 	fat_attach(old_inode, new_i_pos);
1051 	fat_attach(new_inode, old_i_pos);
1052 }
1053 
vfat_move_nlink(struct inode * src,struct inode * dst)1054 static void vfat_move_nlink(struct inode *src, struct inode *dst)
1055 {
1056 	drop_nlink(src);
1057 	inc_nlink(dst);
1058 }
1059 
vfat_rename_exchange(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)1060 static int vfat_rename_exchange(struct inode *old_dir, struct dentry *old_dentry,
1061 				struct inode *new_dir, struct dentry *new_dentry)
1062 {
1063 	struct buffer_head *old_dotdot_bh = NULL, *new_dotdot_bh = NULL;
1064 	struct msdos_dir_entry *old_dotdot_de = NULL, *new_dotdot_de = NULL;
1065 	struct inode *old_inode, *new_inode;
1066 	struct timespec64 ts = current_time(old_dir);
1067 	loff_t old_i_pos, new_i_pos;
1068 	int err, corrupt = 0;
1069 	struct super_block *sb = old_dir->i_sb;
1070 
1071 	old_inode = d_inode(old_dentry);
1072 	new_inode = d_inode(new_dentry);
1073 
1074 	/* Acquire super block lock for the operation to be atomic */
1075 	mutex_lock(&MSDOS_SB(sb)->s_lock);
1076 
1077 	/* if directories are not the same, get ".." info to update */
1078 	if (old_dir != new_dir) {
1079 		err = vfat_get_dotdot_de(old_inode, &old_dotdot_bh,
1080 					 &old_dotdot_de);
1081 		if (err)
1082 			goto out;
1083 
1084 		err = vfat_get_dotdot_de(new_inode, &new_dotdot_bh,
1085 					 &new_dotdot_de);
1086 		if (err)
1087 			goto out;
1088 	}
1089 
1090 	old_i_pos = MSDOS_I(old_inode)->i_pos;
1091 	new_i_pos = MSDOS_I(new_inode)->i_pos;
1092 
1093 	vfat_exchange_ipos(old_inode, new_inode, old_i_pos, new_i_pos);
1094 
1095 	err = vfat_sync_ipos(old_dir, new_inode);
1096 	if (err)
1097 		goto error_exchange;
1098 	err = vfat_sync_ipos(new_dir, old_inode);
1099 	if (err)
1100 		goto error_exchange;
1101 
1102 	/* update ".." directory entry info */
1103 	if (old_dotdot_de) {
1104 		err = vfat_update_dotdot_de(new_dir, old_inode, old_dotdot_bh,
1105 					    old_dotdot_de);
1106 		if (err)
1107 			goto error_old_dotdot;
1108 	}
1109 	if (new_dotdot_de) {
1110 		err = vfat_update_dotdot_de(old_dir, new_inode, new_dotdot_bh,
1111 					    new_dotdot_de);
1112 		if (err)
1113 			goto error_new_dotdot;
1114 	}
1115 
1116 	/* if cross directory and only one is a directory, adjust nlink */
1117 	if (!old_dotdot_de != !new_dotdot_de) {
1118 		if (old_dotdot_de)
1119 			vfat_move_nlink(old_dir, new_dir);
1120 		else
1121 			vfat_move_nlink(new_dir, old_dir);
1122 	}
1123 
1124 	vfat_update_dir_metadata(old_dir, &ts);
1125 	/* if directories are not the same, update new_dir as well */
1126 	if (old_dir != new_dir)
1127 		vfat_update_dir_metadata(new_dir, &ts);
1128 
1129 out:
1130 	brelse(old_dotdot_bh);
1131 	brelse(new_dotdot_bh);
1132 	mutex_unlock(&MSDOS_SB(sb)->s_lock);
1133 
1134 	return err;
1135 
1136 error_new_dotdot:
1137 	if (new_dotdot_de) {
1138 		corrupt |= vfat_update_dotdot_de(new_dir, new_inode,
1139 						 new_dotdot_bh, new_dotdot_de);
1140 	}
1141 
1142 error_old_dotdot:
1143 	if (old_dotdot_de) {
1144 		corrupt |= vfat_update_dotdot_de(old_dir, old_inode,
1145 						 old_dotdot_bh, old_dotdot_de);
1146 	}
1147 
1148 error_exchange:
1149 	vfat_exchange_ipos(old_inode, new_inode, new_i_pos, old_i_pos);
1150 	corrupt |= vfat_sync_ipos(new_dir, new_inode);
1151 	corrupt |= vfat_sync_ipos(old_dir, old_inode);
1152 
1153 	if (corrupt < 0) {
1154 		fat_fs_error(new_dir->i_sb,
1155 			     "%s: Filesystem corrupted (i_pos %lld, %lld)",
1156 			     __func__, old_i_pos, new_i_pos);
1157 	}
1158 	goto out;
1159 }
1160 
vfat_rename2(struct user_namespace * mnt_userns,struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1161 static int vfat_rename2(struct user_namespace *mnt_userns, struct inode *old_dir,
1162 			struct dentry *old_dentry, struct inode *new_dir,
1163 			struct dentry *new_dentry, unsigned int flags)
1164 {
1165 	if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
1166 		return -EINVAL;
1167 
1168 	if (flags & RENAME_EXCHANGE) {
1169 		return vfat_rename_exchange(old_dir, old_dentry,
1170 					    new_dir, new_dentry);
1171 	}
1172 
1173 	/* VFS already handled RENAME_NOREPLACE, handle it as a normal rename */
1174 	return vfat_rename(old_dir, old_dentry, new_dir, new_dentry);
1175 }
1176 
1177 static const struct inode_operations vfat_dir_inode_operations = {
1178 	.create		= vfat_create,
1179 	.lookup		= vfat_lookup,
1180 	.unlink		= vfat_unlink,
1181 	.mkdir		= vfat_mkdir,
1182 	.rmdir		= vfat_rmdir,
1183 	.rename		= vfat_rename2,
1184 	.setattr	= fat_setattr,
1185 	.getattr	= fat_getattr,
1186 	.update_time	= fat_update_time,
1187 };
1188 
setup(struct super_block * sb)1189 static void setup(struct super_block *sb)
1190 {
1191 	MSDOS_SB(sb)->dir_ops = &vfat_dir_inode_operations;
1192 	if (MSDOS_SB(sb)->options.name_check != 's')
1193 		sb->s_d_op = &vfat_ci_dentry_ops;
1194 	else
1195 		sb->s_d_op = &vfat_dentry_ops;
1196 }
1197 
vfat_fill_super(struct super_block * sb,void * data,int silent)1198 static int vfat_fill_super(struct super_block *sb, void *data, int silent)
1199 {
1200 	return fat_fill_super(sb, data, silent, 1, setup);
1201 }
1202 
vfat_mount(struct file_system_type * fs_type,int flags,const char * dev_name,void * data)1203 static struct dentry *vfat_mount(struct file_system_type *fs_type,
1204 		       int flags, const char *dev_name,
1205 		       void *data)
1206 {
1207 	return mount_bdev(fs_type, flags, dev_name, data, vfat_fill_super);
1208 }
1209 
1210 static struct file_system_type vfat_fs_type = {
1211 	.owner		= THIS_MODULE,
1212 	.name		= "vfat",
1213 	.mount		= vfat_mount,
1214 	.kill_sb	= kill_block_super,
1215 	.fs_flags	= FS_REQUIRES_DEV | FS_ALLOW_IDMAP,
1216 };
1217 MODULE_ALIAS_FS("vfat");
1218 
init_vfat_fs(void)1219 static int __init init_vfat_fs(void)
1220 {
1221 	return register_filesystem(&vfat_fs_type);
1222 }
1223 
exit_vfat_fs(void)1224 static void __exit exit_vfat_fs(void)
1225 {
1226 	unregister_filesystem(&vfat_fs_type);
1227 }
1228 
1229 MODULE_LICENSE("GPL");
1230 MODULE_DESCRIPTION("VFAT filesystem support");
1231 MODULE_AUTHOR("Gordon Chaffee");
1232 
1233 module_init(init_vfat_fs)
1234 module_exit(exit_vfat_fs)
1235