Diff markup
1 /* 1 /*
2 * linux/fs/open.c 2 * linux/fs/open.c
3 * 3 *
4 * Copyright (C) 1991, 1992 Linus Torvalds 4 * Copyright (C) 1991, 1992 Linus Torvalds
5 */ 5 */
6 6
7 #include <linux/string.h> 7 #include <linux/string.h>
8 #include <linux/mm.h> 8 #include <linux/mm.h>
9 #include <linux/file.h> 9 #include <linux/file.h>
>> 10 #include <linux/fdtable.h>
10 #include <linux/quotaops.h> 11 #include <linux/quotaops.h>
11 #include <linux/fsnotify.h> 12 #include <linux/fsnotify.h>
12 #include <linux/module.h> 13 #include <linux/module.h>
13 #include <linux/slab.h> 14 #include <linux/slab.h>
14 #include <linux/tty.h> 15 #include <linux/tty.h>
15 #include <linux/namei.h> 16 #include <linux/namei.h>
16 #include <linux/backing-dev.h> 17 #include <linux/backing-dev.h>
17 #include <linux/capability.h> 18 #include <linux/capability.h>
>> 19 #include <linux/securebits.h>
18 #include <linux/security.h> 20 #include <linux/security.h>
19 #include <linux/mount.h> 21 #include <linux/mount.h>
20 #include <linux/vfs.h> 22 #include <linux/vfs.h>
21 #include <linux/fcntl.h> 23 #include <linux/fcntl.h>
22 #include <asm/uaccess.h> 24 #include <asm/uaccess.h>
23 #include <linux/fs.h> 25 #include <linux/fs.h>
24 #include <linux/personality.h> 26 #include <linux/personality.h>
25 #include <linux/pagemap.h> 27 #include <linux/pagemap.h>
26 #include <linux/syscalls.h> 28 #include <linux/syscalls.h>
27 #include <linux/rcupdate.h> 29 #include <linux/rcupdate.h>
28 #include <linux/audit.h> 30 #include <linux/audit.h>
29 #include <linux/falloc.h> 31 #include <linux/falloc.h>
>> 32 #include <linux/fs_struct.h>
30 33
31 int vfs_statfs(struct dentry *dentry, struct k 34 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
32 { 35 {
33 int retval = -ENODEV; 36 int retval = -ENODEV;
34 37
35 if (dentry) { 38 if (dentry) {
36 retval = -ENOSYS; 39 retval = -ENOSYS;
37 if (dentry->d_sb->s_op->statfs 40 if (dentry->d_sb->s_op->statfs) {
38 memset(buf, 0, sizeof( 41 memset(buf, 0, sizeof(*buf));
39 retval = security_sb_s 42 retval = security_sb_statfs(dentry);
40 if (retval) 43 if (retval)
41 return retval; 44 return retval;
42 retval = dentry->d_sb- 45 retval = dentry->d_sb->s_op->statfs(dentry, buf);
43 if (retval == 0 && buf 46 if (retval == 0 && buf->f_frsize == 0)
44 buf->f_frsize 47 buf->f_frsize = buf->f_bsize;
45 } 48 }
46 } 49 }
47 return retval; 50 return retval;
48 } 51 }
49 52
50 EXPORT_SYMBOL(vfs_statfs); 53 EXPORT_SYMBOL(vfs_statfs);
51 54
52 static int vfs_statfs_native(struct dentry *de 55 static int vfs_statfs_native(struct dentry *dentry, struct statfs *buf)
53 { 56 {
54 struct kstatfs st; 57 struct kstatfs st;
55 int retval; 58 int retval;
56 59
57 retval = vfs_statfs(dentry, &st); 60 retval = vfs_statfs(dentry, &st);
58 if (retval) 61 if (retval)
59 return retval; 62 return retval;
60 63
61 if (sizeof(*buf) == sizeof(st)) 64 if (sizeof(*buf) == sizeof(st))
62 memcpy(buf, &st, sizeof(st)); 65 memcpy(buf, &st, sizeof(st));
63 else { 66 else {
64 if (sizeof buf->f_blocks == 4) 67 if (sizeof buf->f_blocks == 4) {
65 if ((st.f_blocks | st. !! 68 if ((st.f_blocks | st.f_bfree | st.f_bavail |
>> 69 st.f_bsize | st.f_frsize) &
66 0xffffffff00000000 70 0xffffffff00000000ULL)
67 return -EOVERF 71 return -EOVERFLOW;
68 /* 72 /*
69 * f_files and f_ffree 73 * f_files and f_ffree may be -1; it's okay to stuff
70 * that into 32 bits 74 * that into 32 bits
71 */ 75 */
72 if (st.f_files != -1 & 76 if (st.f_files != -1 &&
73 (st.f_files & 0xff 77 (st.f_files & 0xffffffff00000000ULL))
74 return -EOVERF 78 return -EOVERFLOW;
75 if (st.f_ffree != -1 & 79 if (st.f_ffree != -1 &&
76 (st.f_ffree & 0xff 80 (st.f_ffree & 0xffffffff00000000ULL))
77 return -EOVERF 81 return -EOVERFLOW;
78 } 82 }
79 83
80 buf->f_type = st.f_type; 84 buf->f_type = st.f_type;
81 buf->f_bsize = st.f_bsize; 85 buf->f_bsize = st.f_bsize;
82 buf->f_blocks = st.f_blocks; 86 buf->f_blocks = st.f_blocks;
83 buf->f_bfree = st.f_bfree; 87 buf->f_bfree = st.f_bfree;
84 buf->f_bavail = st.f_bavail; 88 buf->f_bavail = st.f_bavail;
85 buf->f_files = st.f_files; 89 buf->f_files = st.f_files;
86 buf->f_ffree = st.f_ffree; 90 buf->f_ffree = st.f_ffree;
87 buf->f_fsid = st.f_fsid; 91 buf->f_fsid = st.f_fsid;
88 buf->f_namelen = st.f_namelen; 92 buf->f_namelen = st.f_namelen;
89 buf->f_frsize = st.f_frsize; 93 buf->f_frsize = st.f_frsize;
90 memset(buf->f_spare, 0, sizeof 94 memset(buf->f_spare, 0, sizeof(buf->f_spare));
91 } 95 }
92 return 0; 96 return 0;
93 } 97 }
94 98
95 static int vfs_statfs64(struct dentry *dentry, 99 static int vfs_statfs64(struct dentry *dentry, struct statfs64 *buf)
96 { 100 {
97 struct kstatfs st; 101 struct kstatfs st;
98 int retval; 102 int retval;
99 103
100 retval = vfs_statfs(dentry, &st); 104 retval = vfs_statfs(dentry, &st);
101 if (retval) 105 if (retval)
102 return retval; 106 return retval;
103 107
104 if (sizeof(*buf) == sizeof(st)) 108 if (sizeof(*buf) == sizeof(st))
105 memcpy(buf, &st, sizeof(st)); 109 memcpy(buf, &st, sizeof(st));
106 else { 110 else {
107 buf->f_type = st.f_type; 111 buf->f_type = st.f_type;
108 buf->f_bsize = st.f_bsize; 112 buf->f_bsize = st.f_bsize;
109 buf->f_blocks = st.f_blocks; 113 buf->f_blocks = st.f_blocks;
110 buf->f_bfree = st.f_bfree; 114 buf->f_bfree = st.f_bfree;
111 buf->f_bavail = st.f_bavail; 115 buf->f_bavail = st.f_bavail;
112 buf->f_files = st.f_files; 116 buf->f_files = st.f_files;
113 buf->f_ffree = st.f_ffree; 117 buf->f_ffree = st.f_ffree;
114 buf->f_fsid = st.f_fsid; 118 buf->f_fsid = st.f_fsid;
115 buf->f_namelen = st.f_namelen; 119 buf->f_namelen = st.f_namelen;
116 buf->f_frsize = st.f_frsize; 120 buf->f_frsize = st.f_frsize;
117 memset(buf->f_spare, 0, sizeof 121 memset(buf->f_spare, 0, sizeof(buf->f_spare));
118 } 122 }
119 return 0; 123 return 0;
120 } 124 }
121 125
122 asmlinkage long sys_statfs(const char __user * !! 126 SYSCALL_DEFINE2(statfs, const char __user *, pathname, struct statfs __user *, buf)
123 { 127 {
124 struct nameidata nd; !! 128 struct path path;
125 int error; 129 int error;
126 130
127 error = user_path_walk(path, &nd); !! 131 error = user_path(pathname, &path);
128 if (!error) { 132 if (!error) {
129 struct statfs tmp; 133 struct statfs tmp;
130 error = vfs_statfs_native(nd.p !! 134 error = vfs_statfs_native(path.dentry, &tmp);
131 if (!error && copy_to_user(buf 135 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
132 error = -EFAULT; 136 error = -EFAULT;
133 path_put(&nd.path); !! 137 path_put(&path);
134 } 138 }
135 return error; 139 return error;
136 } 140 }
137 141
138 !! 142 SYSCALL_DEFINE3(statfs64, const char __user *, pathname, size_t, sz, struct statfs64 __user *, buf)
139 asmlinkage long sys_statfs64(const char __user <<
140 { 143 {
141 struct nameidata nd; !! 144 struct path path;
142 long error; 145 long error;
143 146
144 if (sz != sizeof(*buf)) 147 if (sz != sizeof(*buf))
145 return -EINVAL; 148 return -EINVAL;
146 error = user_path_walk(path, &nd); !! 149 error = user_path(pathname, &path);
147 if (!error) { 150 if (!error) {
148 struct statfs64 tmp; 151 struct statfs64 tmp;
149 error = vfs_statfs64(nd.path.d !! 152 error = vfs_statfs64(path.dentry, &tmp);
150 if (!error && copy_to_user(buf 153 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
151 error = -EFAULT; 154 error = -EFAULT;
152 path_put(&nd.path); !! 155 path_put(&path);
153 } 156 }
154 return error; 157 return error;
155 } 158 }
156 159
157 !! 160 SYSCALL_DEFINE2(fstatfs, unsigned int, fd, struct statfs __user *, buf)
158 asmlinkage long sys_fstatfs(unsigned int fd, s <<
159 { 161 {
160 struct file * file; 162 struct file * file;
161 struct statfs tmp; 163 struct statfs tmp;
162 int error; 164 int error;
163 165
164 error = -EBADF; 166 error = -EBADF;
165 file = fget(fd); 167 file = fget(fd);
166 if (!file) 168 if (!file)
167 goto out; 169 goto out;
168 error = vfs_statfs_native(file->f_path 170 error = vfs_statfs_native(file->f_path.dentry, &tmp);
169 if (!error && copy_to_user(buf, &tmp, 171 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
170 error = -EFAULT; 172 error = -EFAULT;
171 fput(file); 173 fput(file);
172 out: 174 out:
173 return error; 175 return error;
174 } 176 }
175 177
176 asmlinkage long sys_fstatfs64(unsigned int fd, !! 178 SYSCALL_DEFINE3(fstatfs64, unsigned int, fd, size_t, sz, struct statfs64 __user *, buf)
177 { 179 {
178 struct file * file; 180 struct file * file;
179 struct statfs64 tmp; 181 struct statfs64 tmp;
180 int error; 182 int error;
181 183
182 if (sz != sizeof(*buf)) 184 if (sz != sizeof(*buf))
183 return -EINVAL; 185 return -EINVAL;
184 186
185 error = -EBADF; 187 error = -EBADF;
186 file = fget(fd); 188 file = fget(fd);
187 if (!file) 189 if (!file)
188 goto out; 190 goto out;
189 error = vfs_statfs64(file->f_path.dent 191 error = vfs_statfs64(file->f_path.dentry, &tmp);
190 if (!error && copy_to_user(buf, &tmp, 192 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
191 error = -EFAULT; 193 error = -EFAULT;
192 fput(file); 194 fput(file);
193 out: 195 out:
194 return error; 196 return error;
195 } 197 }
196 198
197 int do_truncate(struct dentry *dentry, loff_t 199 int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs,
198 struct file *filp) 200 struct file *filp)
199 { 201 {
200 int err; 202 int err;
201 struct iattr newattrs; 203 struct iattr newattrs;
202 204
203 /* Not pretty: "inode->i_size" shouldn 205 /* Not pretty: "inode->i_size" shouldn't really be signed. But it is. */
204 if (length < 0) 206 if (length < 0)
205 return -EINVAL; 207 return -EINVAL;
206 208
207 newattrs.ia_size = length; 209 newattrs.ia_size = length;
208 newattrs.ia_valid = ATTR_SIZE | time_a 210 newattrs.ia_valid = ATTR_SIZE | time_attrs;
209 if (filp) { 211 if (filp) {
210 newattrs.ia_file = filp; 212 newattrs.ia_file = filp;
211 newattrs.ia_valid |= ATTR_FILE 213 newattrs.ia_valid |= ATTR_FILE;
212 } 214 }
213 215
214 /* Remove suid/sgid on truncate too */ 216 /* Remove suid/sgid on truncate too */
215 newattrs.ia_valid |= should_remove_sui 217 newattrs.ia_valid |= should_remove_suid(dentry);
216 218
217 mutex_lock(&dentry->d_inode->i_mutex); 219 mutex_lock(&dentry->d_inode->i_mutex);
218 err = notify_change(dentry, &newattrs) 220 err = notify_change(dentry, &newattrs);
219 mutex_unlock(&dentry->d_inode->i_mutex 221 mutex_unlock(&dentry->d_inode->i_mutex);
220 return err; 222 return err;
221 } 223 }
222 224
223 static long do_sys_truncate(const char __user !! 225 static long do_sys_truncate(const char __user *pathname, loff_t length)
224 { 226 {
225 struct nameidata nd; !! 227 struct path path;
226 struct inode * inode; !! 228 struct inode *inode;
227 int error; 229 int error;
228 230
229 error = -EINVAL; 231 error = -EINVAL;
230 if (length < 0) /* sorry, but loff_t s 232 if (length < 0) /* sorry, but loff_t says... */
231 goto out; 233 goto out;
232 234
233 error = user_path_walk(path, &nd); !! 235 error = user_path(pathname, &path);
234 if (error) 236 if (error)
235 goto out; 237 goto out;
236 inode = nd.path.dentry->d_inode; !! 238 inode = path.dentry->d_inode;
237 239
238 /* For directories it's -EISDIR, for o 240 /* For directories it's -EISDIR, for other non-regulars - -EINVAL */
239 error = -EISDIR; 241 error = -EISDIR;
240 if (S_ISDIR(inode->i_mode)) 242 if (S_ISDIR(inode->i_mode))
241 goto dput_and_out; 243 goto dput_and_out;
242 244
243 error = -EINVAL; 245 error = -EINVAL;
244 if (!S_ISREG(inode->i_mode)) 246 if (!S_ISREG(inode->i_mode))
245 goto dput_and_out; 247 goto dput_and_out;
246 248
247 error = vfs_permission(&nd, MAY_WRITE) !! 249 error = mnt_want_write(path.mnt);
248 if (error) 250 if (error)
249 goto dput_and_out; 251 goto dput_and_out;
250 252
251 error = -EROFS; !! 253 error = inode_permission(inode, MAY_WRITE);
252 if (IS_RDONLY(inode)) !! 254 if (error)
253 goto dput_and_out; !! 255 goto mnt_drop_write_and_out;
254 256
255 error = -EPERM; 257 error = -EPERM;
256 if (IS_IMMUTABLE(inode) || IS_APPEND(i !! 258 if (IS_APPEND(inode))
257 goto dput_and_out; !! 259 goto mnt_drop_write_and_out;
258 260
259 error = get_write_access(inode); 261 error = get_write_access(inode);
260 if (error) 262 if (error)
261 goto dput_and_out; !! 263 goto mnt_drop_write_and_out;
262 264
263 /* 265 /*
264 * Make sure that there are no leases. 266 * Make sure that there are no leases. get_write_access() protects
265 * against the truncate racing with a 267 * against the truncate racing with a lease-granting setlease().
266 */ 268 */
267 error = break_lease(inode, FMODE_WRITE 269 error = break_lease(inode, FMODE_WRITE);
268 if (error) 270 if (error)
269 goto put_write_and_out; 271 goto put_write_and_out;
270 272
271 error = locks_verify_truncate(inode, N 273 error = locks_verify_truncate(inode, NULL, length);
>> 274 if (!error)
>> 275 error = security_path_truncate(&path, length, 0);
272 if (!error) { 276 if (!error) {
273 DQUOT_INIT(inode); !! 277 vfs_dq_init(inode);
274 error = do_truncate(nd.path.de !! 278 error = do_truncate(path.dentry, length, 0, NULL);
275 } 279 }
276 280
277 put_write_and_out: 281 put_write_and_out:
278 put_write_access(inode); 282 put_write_access(inode);
>> 283 mnt_drop_write_and_out:
>> 284 mnt_drop_write(path.mnt);
279 dput_and_out: 285 dput_and_out:
280 path_put(&nd.path); !! 286 path_put(&path);
281 out: 287 out:
282 return error; 288 return error;
283 } 289 }
284 290
285 asmlinkage long sys_truncate(const char __user !! 291 SYSCALL_DEFINE2(truncate, const char __user *, path, unsigned long, length)
286 { 292 {
287 /* on 32-bit boxen it will cut the ran 293 /* on 32-bit boxen it will cut the range 2^31--2^32-1 off */
288 return do_sys_truncate(path, (long)len 294 return do_sys_truncate(path, (long)length);
289 } 295 }
290 296
291 static long do_sys_ftruncate(unsigned int fd, 297 static long do_sys_ftruncate(unsigned int fd, loff_t length, int small)
292 { 298 {
293 struct inode * inode; 299 struct inode * inode;
294 struct dentry *dentry; 300 struct dentry *dentry;
295 struct file * file; 301 struct file * file;
296 int error; 302 int error;
297 303
298 error = -EINVAL; 304 error = -EINVAL;
299 if (length < 0) 305 if (length < 0)
300 goto out; 306 goto out;
301 error = -EBADF; 307 error = -EBADF;
302 file = fget(fd); 308 file = fget(fd);
303 if (!file) 309 if (!file)
304 goto out; 310 goto out;
305 311
306 /* explicitly opened as large or we ar 312 /* explicitly opened as large or we are on 64-bit box */
307 if (file->f_flags & O_LARGEFILE) 313 if (file->f_flags & O_LARGEFILE)
308 small = 0; 314 small = 0;
309 315
310 dentry = file->f_path.dentry; 316 dentry = file->f_path.dentry;
311 inode = dentry->d_inode; 317 inode = dentry->d_inode;
312 error = -EINVAL; 318 error = -EINVAL;
313 if (!S_ISREG(inode->i_mode) || !(file- 319 if (!S_ISREG(inode->i_mode) || !(file->f_mode & FMODE_WRITE))
314 goto out_putf; 320 goto out_putf;
315 321
316 error = -EINVAL; 322 error = -EINVAL;
317 /* Cannot ftruncate over 2^31 bytes wi 323 /* Cannot ftruncate over 2^31 bytes without large file support */
318 if (small && length > MAX_NON_LFS) 324 if (small && length > MAX_NON_LFS)
319 goto out_putf; 325 goto out_putf;
320 326
321 error = -EPERM; 327 error = -EPERM;
322 if (IS_APPEND(inode)) 328 if (IS_APPEND(inode))
323 goto out_putf; 329 goto out_putf;
324 330
325 error = locks_verify_truncate(inode, f 331 error = locks_verify_truncate(inode, file, length);
326 if (!error) 332 if (!error)
>> 333 error = security_path_truncate(&file->f_path, length,
>> 334 ATTR_MTIME|ATTR_CTIME);
>> 335 if (!error)
327 error = do_truncate(dentry, le 336 error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
328 out_putf: 337 out_putf:
329 fput(file); 338 fput(file);
330 out: 339 out:
331 return error; 340 return error;
332 } 341 }
333 342
334 asmlinkage long sys_ftruncate(unsigned int fd, !! 343 SYSCALL_DEFINE2(ftruncate, unsigned int, fd, unsigned long, length)
335 { 344 {
336 long ret = do_sys_ftruncate(fd, length 345 long ret = do_sys_ftruncate(fd, length, 1);
337 /* avoid REGPARM breakage on x86: */ 346 /* avoid REGPARM breakage on x86: */
338 asmlinkage_protect(2, ret, fd, length) 347 asmlinkage_protect(2, ret, fd, length);
339 return ret; 348 return ret;
340 } 349 }
341 350
342 /* LFS versions of truncate are only needed on 351 /* LFS versions of truncate are only needed on 32 bit machines */
343 #if BITS_PER_LONG == 32 352 #if BITS_PER_LONG == 32
344 asmlinkage long sys_truncate64(const char __us !! 353 SYSCALL_DEFINE(truncate64)(const char __user * path, loff_t length)
345 { 354 {
346 return do_sys_truncate(path, length); 355 return do_sys_truncate(path, length);
347 } 356 }
>> 357 #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
>> 358 asmlinkage long SyS_truncate64(long path, loff_t length)
>> 359 {
>> 360 return SYSC_truncate64((const char __user *) path, length);
>> 361 }
>> 362 SYSCALL_ALIAS(sys_truncate64, SyS_truncate64);
>> 363 #endif
348 364
349 asmlinkage long sys_ftruncate64(unsigned int f !! 365 SYSCALL_DEFINE(ftruncate64)(unsigned int fd, loff_t length)
350 { 366 {
351 long ret = do_sys_ftruncate(fd, length 367 long ret = do_sys_ftruncate(fd, length, 0);
352 /* avoid REGPARM breakage on x86: */ 368 /* avoid REGPARM breakage on x86: */
353 asmlinkage_protect(2, ret, fd, length) 369 asmlinkage_protect(2, ret, fd, length);
354 return ret; 370 return ret;
355 } 371 }
>> 372 #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
>> 373 asmlinkage long SyS_ftruncate64(long fd, loff_t length)
>> 374 {
>> 375 return SYSC_ftruncate64((unsigned int) fd, length);
>> 376 }
>> 377 SYSCALL_ALIAS(sys_ftruncate64, SyS_ftruncate64);
356 #endif 378 #endif
>> 379 #endif /* BITS_PER_LONG == 32 */
357 380
358 asmlinkage long sys_fallocate(int fd, int mode !! 381
>> 382 int do_fallocate(struct file *file, int mode, loff_t offset, loff_t len)
359 { 383 {
360 struct file *file; !! 384 struct inode *inode = file->f_path.dentry->d_inode;
361 struct inode *inode; !! 385 long ret;
362 long ret = -EINVAL; <<
363 386
364 if (offset < 0 || len <= 0) 387 if (offset < 0 || len <= 0)
365 goto out; !! 388 return -EINVAL;
366 389
367 /* Return error if mode is not support 390 /* Return error if mode is not supported */
368 ret = -EOPNOTSUPP; <<
369 if (mode && !(mode & FALLOC_FL_KEEP_SI 391 if (mode && !(mode & FALLOC_FL_KEEP_SIZE))
370 goto out; !! 392 return -EOPNOTSUPP;
371 393
372 ret = -EBADF; <<
373 file = fget(fd); <<
374 if (!file) <<
375 goto out; <<
376 if (!(file->f_mode & FMODE_WRITE)) 394 if (!(file->f_mode & FMODE_WRITE))
377 goto out_fput; !! 395 return -EBADF;
378 /* 396 /*
379 * Revalidate the write permissions, i 397 * Revalidate the write permissions, in case security policy has
380 * changed since the files were opened 398 * changed since the files were opened.
381 */ 399 */
382 ret = security_file_permission(file, M 400 ret = security_file_permission(file, MAY_WRITE);
383 if (ret) 401 if (ret)
384 goto out_fput; !! 402 return ret;
385 403
386 inode = file->f_path.dentry->d_inode; <<
387 <<
388 ret = -ESPIPE; <<
389 if (S_ISFIFO(inode->i_mode)) 404 if (S_ISFIFO(inode->i_mode))
390 goto out_fput; !! 405 return -ESPIPE;
391 406
392 ret = -ENODEV; <<
393 /* 407 /*
394 * Let individual file system decide i 408 * Let individual file system decide if it supports preallocation
395 * for directories or not. 409 * for directories or not.
396 */ 410 */
397 if (!S_ISREG(inode->i_mode) && !S_ISDI 411 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
398 goto out_fput; !! 412 return -ENODEV;
399 413
400 ret = -EFBIG; <<
401 /* Check for wrap through zero too */ 414 /* Check for wrap through zero too */
402 if (((offset + len) > inode->i_sb->s_m 415 if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0))
403 goto out_fput; !! 416 return -EFBIG;
404 417
405 if (inode->i_op && inode->i_op->falloc !! 418 if (!inode->i_op->fallocate)
406 ret = inode->i_op->fallocate(i !! 419 return -EOPNOTSUPP;
407 else <<
408 ret = -EOPNOTSUPP; <<
409 420
410 out_fput: !! 421 return inode->i_op->fallocate(inode, mode, offset, len);
411 fput(file); <<
412 out: <<
413 return ret; <<
414 } 422 }
415 423
>> 424 SYSCALL_DEFINE(fallocate)(int fd, int mode, loff_t offset, loff_t len)
>> 425 {
>> 426 struct file *file;
>> 427 int error = -EBADF;
>> 428
>> 429 file = fget(fd);
>> 430 if (file) {
>> 431 error = do_fallocate(file, mode, offset, len);
>> 432 fput(file);
>> 433 }
>> 434
>> 435 return error;
>> 436 }
>> 437
>> 438 #ifdef CONFIG_HAVE_SYSCALL_WRAPPERS
>> 439 asmlinkage long SyS_fallocate(long fd, long mode, loff_t offset, loff_t len)
>> 440 {
>> 441 return SYSC_fallocate((int)fd, (int)mode, offset, len);
>> 442 }
>> 443 SYSCALL_ALIAS(sys_fallocate, SyS_fallocate);
>> 444 #endif
>> 445
416 /* 446 /*
417 * access() needs to use the real uid/gid, not 447 * access() needs to use the real uid/gid, not the effective uid/gid.
418 * We do this by temporarily clearing all FS-r 448 * We do this by temporarily clearing all FS-related capabilities and
419 * switching the fsuid/fsgid around to the rea 449 * switching the fsuid/fsgid around to the real ones.
420 */ 450 */
421 asmlinkage long sys_faccessat(int dfd, const c !! 451 SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode)
422 { 452 {
423 struct nameidata nd; !! 453 const struct cred *old_cred;
424 int old_fsuid, old_fsgid; !! 454 struct cred *override_cred;
425 kernel_cap_t old_cap; !! 455 struct path path;
>> 456 struct inode *inode;
426 int res; 457 int res;
427 458
428 if (mode & ~S_IRWXO) /* where's F_O 459 if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */
429 return -EINVAL; 460 return -EINVAL;
430 461
431 old_fsuid = current->fsuid; !! 462 override_cred = prepare_creds();
432 old_fsgid = current->fsgid; !! 463 if (!override_cred)
433 old_cap = current->cap_effective; !! 464 return -ENOMEM;
434 !! 465
435 current->fsuid = current->uid; !! 466 override_cred->fsuid = override_cred->uid;
436 current->fsgid = current->gid; !! 467 override_cred->fsgid = override_cred->gid;
>> 468
>> 469 if (!issecure(SECURE_NO_SETUID_FIXUP)) {
>> 470 /* Clear the capabilities if we switch to a non-root user */
>> 471 if (override_cred->uid)
>> 472 cap_clear(override_cred->cap_effective);
>> 473 else
>> 474 override_cred->cap_effective =
>> 475 override_cred->cap_permitted;
>> 476 }
437 477
438 /* !! 478 old_cred = override_creds(override_cred);
439 * Clear the capabilities if we switch <<
440 * <<
441 * FIXME: There is a race here against <<
442 * capabilities can change yet we will <<
443 * value below. We should hold task_c <<
444 * but we cannot because user_path_wal <<
445 */ <<
446 if (current->uid) <<
447 cap_clear(current->cap_effecti <<
448 else <<
449 current->cap_effective = curre <<
450 479
451 res = __user_walk_fd(dfd, filename, LO !! 480 res = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
452 if (res) 481 if (res)
453 goto out; 482 goto out;
454 483
455 res = vfs_permission(&nd, mode); !! 484 inode = path.dentry->d_inode;
>> 485
>> 486 if ((mode & MAY_EXEC) && S_ISREG(inode->i_mode)) {
>> 487 /*
>> 488 * MAY_EXEC on regular files is denied if the fs is mounted
>> 489 * with the "noexec" flag.
>> 490 */
>> 491 res = -EACCES;
>> 492 if (path.mnt->mnt_flags & MNT_NOEXEC)
>> 493 goto out_path_release;
>> 494 }
>> 495
>> 496 res = inode_permission(inode, mode | MAY_ACCESS);
456 /* SuS v2 requires we report a read on 497 /* SuS v2 requires we report a read only fs too */
457 if(res || !(mode & S_IWOTH) || !! 498 if (res || !(mode & S_IWOTH) || special_file(inode->i_mode))
458 special_file(nd.path.dentry->d_inod <<
459 goto out_path_release; 499 goto out_path_release;
460 !! 500 /*
461 if(IS_RDONLY(nd.path.dentry->d_inode)) !! 501 * This is a rare case where using __mnt_is_readonly()
>> 502 * is OK without a mnt_want/drop_write() pair. Since
>> 503 * no actual write to the fs is performed here, we do
>> 504 * not need to telegraph to that to anyone.
>> 505 *
>> 506 * By doing this, we accept that this access is
>> 507 * inherently racy and know that the fs may change
>> 508 * state before we even see this result.
>> 509 */
>> 510 if (__mnt_is_readonly(path.mnt))
462 res = -EROFS; 511 res = -EROFS;
463 512
464 out_path_release: 513 out_path_release:
465 path_put(&nd.path); !! 514 path_put(&path);
466 out: 515 out:
467 current->fsuid = old_fsuid; !! 516 revert_creds(old_cred);
468 current->fsgid = old_fsgid; !! 517 put_cred(override_cred);
469 current->cap_effective = old_cap; <<
470 <<
471 return res; 518 return res;
472 } 519 }
473 520
474 asmlinkage long sys_access(const char __user * !! 521 SYSCALL_DEFINE2(access, const char __user *, filename, int, mode)
475 { 522 {
476 return sys_faccessat(AT_FDCWD, filenam 523 return sys_faccessat(AT_FDCWD, filename, mode);
477 } 524 }
478 525
479 asmlinkage long sys_chdir(const char __user * !! 526 SYSCALL_DEFINE1(chdir, const char __user *, filename)
480 { 527 {
481 struct nameidata nd; !! 528 struct path path;
482 int error; 529 int error;
483 530
484 error = __user_walk(filename, !! 531 error = user_path_dir(filename, &path);
485 LOOKUP_FOLLOW|LOOK <<
486 if (error) 532 if (error)
487 goto out; 533 goto out;
488 534
489 error = vfs_permission(&nd, MAY_EXEC); !! 535 error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_ACCESS);
490 if (error) 536 if (error)
491 goto dput_and_out; 537 goto dput_and_out;
492 538
493 set_fs_pwd(current->fs, &nd.path); !! 539 set_fs_pwd(current->fs, &path);
494 540
495 dput_and_out: 541 dput_and_out:
496 path_put(&nd.path); !! 542 path_put(&path);
497 out: 543 out:
498 return error; 544 return error;
499 } 545 }
500 546
501 asmlinkage long sys_fchdir(unsigned int fd) !! 547 SYSCALL_DEFINE1(fchdir, unsigned int, fd)
502 { 548 {
503 struct file *file; 549 struct file *file;
504 struct inode *inode; 550 struct inode *inode;
505 int error; 551 int error;
506 552
507 error = -EBADF; 553 error = -EBADF;
508 file = fget(fd); 554 file = fget(fd);
509 if (!file) 555 if (!file)
510 goto out; 556 goto out;
511 557
512 inode = file->f_path.dentry->d_inode; 558 inode = file->f_path.dentry->d_inode;
513 559
514 error = -ENOTDIR; 560 error = -ENOTDIR;
515 if (!S_ISDIR(inode->i_mode)) 561 if (!S_ISDIR(inode->i_mode))
516 goto out_putf; 562 goto out_putf;
517 563
518 error = file_permission(file, MAY_EXEC !! 564 error = inode_permission(inode, MAY_EXEC | MAY_ACCESS);
519 if (!error) 565 if (!error)
520 set_fs_pwd(current->fs, &file- 566 set_fs_pwd(current->fs, &file->f_path);
521 out_putf: 567 out_putf:
522 fput(file); 568 fput(file);
523 out: 569 out:
524 return error; 570 return error;
525 } 571 }
526 572
527 asmlinkage long sys_chroot(const char __user * !! 573 SYSCALL_DEFINE1(chroot, const char __user *, filename)
528 { 574 {
529 struct nameidata nd; !! 575 struct path path;
530 int error; 576 int error;
531 577
532 error = __user_walk(filename, LOOKUP_F !! 578 error = user_path_dir(filename, &path);
533 if (error) 579 if (error)
534 goto out; 580 goto out;
535 581
536 error = vfs_permission(&nd, MAY_EXEC); !! 582 error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_ACCESS);
537 if (error) 583 if (error)
538 goto dput_and_out; 584 goto dput_and_out;
539 585
540 error = -EPERM; 586 error = -EPERM;
541 if (!capable(CAP_SYS_CHROOT)) 587 if (!capable(CAP_SYS_CHROOT))
542 goto dput_and_out; 588 goto dput_and_out;
543 589
544 set_fs_root(current->fs, &nd.path); !! 590 set_fs_root(current->fs, &path);
545 set_fs_altroot(); <<
546 error = 0; 591 error = 0;
547 dput_and_out: 592 dput_and_out:
548 path_put(&nd.path); !! 593 path_put(&path);
549 out: 594 out:
550 return error; 595 return error;
551 } 596 }
552 597
553 asmlinkage long sys_fchmod(unsigned int fd, mo !! 598 SYSCALL_DEFINE2(fchmod, unsigned int, fd, mode_t, mode)
554 { 599 {
555 struct inode * inode; 600 struct inode * inode;
556 struct dentry * dentry; 601 struct dentry * dentry;
557 struct file * file; 602 struct file * file;
558 int err = -EBADF; 603 int err = -EBADF;
559 struct iattr newattrs; 604 struct iattr newattrs;
560 605
561 file = fget(fd); 606 file = fget(fd);
562 if (!file) 607 if (!file)
563 goto out; 608 goto out;
564 609
565 dentry = file->f_path.dentry; 610 dentry = file->f_path.dentry;
566 inode = dentry->d_inode; 611 inode = dentry->d_inode;
567 612
568 audit_inode(NULL, dentry); 613 audit_inode(NULL, dentry);
569 614
570 err = -EROFS; !! 615 err = mnt_want_write_file(file);
571 if (IS_RDONLY(inode)) !! 616 if (err)
572 goto out_putf; <<
573 err = -EPERM; <<
574 if (IS_IMMUTABLE(inode) || IS_APPEND(i <<
575 goto out_putf; 617 goto out_putf;
576 mutex_lock(&inode->i_mutex); 618 mutex_lock(&inode->i_mutex);
577 if (mode == (mode_t) -1) 619 if (mode == (mode_t) -1)
578 mode = inode->i_mode; 620 mode = inode->i_mode;
579 newattrs.ia_mode = (mode & S_IALLUGO) 621 newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
580 newattrs.ia_valid = ATTR_MODE | ATTR_C 622 newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
581 err = notify_change(dentry, &newattrs) 623 err = notify_change(dentry, &newattrs);
582 mutex_unlock(&inode->i_mutex); 624 mutex_unlock(&inode->i_mutex);
583 !! 625 mnt_drop_write(file->f_path.mnt);
584 out_putf: 626 out_putf:
585 fput(file); 627 fput(file);
586 out: 628 out:
587 return err; 629 return err;
588 } 630 }
589 631
590 asmlinkage long sys_fchmodat(int dfd, const ch !! 632 SYSCALL_DEFINE3(fchmodat, int, dfd, const char __user *, filename, mode_t, mode)
591 mode_t mode) <<
592 { 633 {
593 struct nameidata nd; !! 634 struct path path;
594 struct inode * inode; !! 635 struct inode *inode;
595 int error; 636 int error;
596 struct iattr newattrs; 637 struct iattr newattrs;
597 638
598 error = __user_walk_fd(dfd, filename, !! 639 error = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
599 if (error) 640 if (error)
600 goto out; 641 goto out;
601 inode = nd.path.dentry->d_inode; !! 642 inode = path.dentry->d_inode;
602 643
603 error = -EROFS; !! 644 error = mnt_want_write(path.mnt);
604 if (IS_RDONLY(inode)) !! 645 if (error)
605 goto dput_and_out; <<
606 <<
607 error = -EPERM; <<
608 if (IS_IMMUTABLE(inode) || IS_APPEND(i <<
609 goto dput_and_out; 646 goto dput_and_out;
610 <<
611 mutex_lock(&inode->i_mutex); 647 mutex_lock(&inode->i_mutex);
612 if (mode == (mode_t) -1) 648 if (mode == (mode_t) -1)
613 mode = inode->i_mode; 649 mode = inode->i_mode;
614 newattrs.ia_mode = (mode & S_IALLUGO) 650 newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
615 newattrs.ia_valid = ATTR_MODE | ATTR_C 651 newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
616 error = notify_change(nd.path.dentry, !! 652 error = notify_change(path.dentry, &newattrs);
617 mutex_unlock(&inode->i_mutex); 653 mutex_unlock(&inode->i_mutex);
618 !! 654 mnt_drop_write(path.mnt);
619 dput_and_out: 655 dput_and_out:
620 path_put(&nd.path); !! 656 path_put(&path);
621 out: 657 out:
622 return error; 658 return error;
623 } 659 }
624 660
625 asmlinkage long sys_chmod(const char __user *f !! 661 SYSCALL_DEFINE2(chmod, const char __user *, filename, mode_t, mode)
626 { 662 {
627 return sys_fchmodat(AT_FDCWD, filename 663 return sys_fchmodat(AT_FDCWD, filename, mode);
628 } 664 }
629 665
630 static int chown_common(struct dentry * dentry 666 static int chown_common(struct dentry * dentry, uid_t user, gid_t group)
631 { 667 {
632 struct inode * inode; !! 668 struct inode *inode = dentry->d_inode;
633 int error; 669 int error;
634 struct iattr newattrs; 670 struct iattr newattrs;
635 671
636 error = -ENOENT; <<
637 if (!(inode = dentry->d_inode)) { <<
638 printk(KERN_ERR "chown_common: <<
639 goto out; <<
640 } <<
641 error = -EROFS; <<
642 if (IS_RDONLY(inode)) <<
643 goto out; <<
644 error = -EPERM; <<
645 if (IS_IMMUTABLE(inode) || IS_APPEND(i <<
646 goto out; <<
647 newattrs.ia_valid = ATTR_CTIME; 672 newattrs.ia_valid = ATTR_CTIME;
648 if (user != (uid_t) -1) { 673 if (user != (uid_t) -1) {
649 newattrs.ia_valid |= ATTR_UID; 674 newattrs.ia_valid |= ATTR_UID;
650 newattrs.ia_uid = user; 675 newattrs.ia_uid = user;
651 } 676 }
652 if (group != (gid_t) -1) { 677 if (group != (gid_t) -1) {
653 newattrs.ia_valid |= ATTR_GID; 678 newattrs.ia_valid |= ATTR_GID;
654 newattrs.ia_gid = group; 679 newattrs.ia_gid = group;
655 } 680 }
656 if (!S_ISDIR(inode->i_mode)) 681 if (!S_ISDIR(inode->i_mode))
657 newattrs.ia_valid |= 682 newattrs.ia_valid |=
658 ATTR_KILL_SUID | ATTR_ 683 ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV;
659 mutex_lock(&inode->i_mutex); 684 mutex_lock(&inode->i_mutex);
660 error = notify_change(dentry, &newattr 685 error = notify_change(dentry, &newattrs);
661 mutex_unlock(&inode->i_mutex); 686 mutex_unlock(&inode->i_mutex);
662 out: !! 687
663 return error; 688 return error;
664 } 689 }
665 690
666 asmlinkage long sys_chown(const char __user * !! 691 SYSCALL_DEFINE3(chown, const char __user *, filename, uid_t, user, gid_t, group)
667 { 692 {
668 struct nameidata nd; !! 693 struct path path;
669 int error; 694 int error;
670 695
671 error = user_path_walk(filename, &nd); !! 696 error = user_path(filename, &path);
672 if (error) 697 if (error)
673 goto out; 698 goto out;
674 error = chown_common(nd.path.dentry, u !! 699 error = mnt_want_write(path.mnt);
675 path_put(&nd.path); !! 700 if (error)
>> 701 goto out_release;
>> 702 error = chown_common(path.dentry, user, group);
>> 703 mnt_drop_write(path.mnt);
>> 704 out_release:
>> 705 path_put(&path);
676 out: 706 out:
677 return error; 707 return error;
678 } 708 }
679 709
680 asmlinkage long sys_fchownat(int dfd, const ch !! 710 SYSCALL_DEFINE5(fchownat, int, dfd, const char __user *, filename, uid_t, user,
681 gid_t group, int !! 711 gid_t, group, int, flag)
682 { 712 {
683 struct nameidata nd; !! 713 struct path path;
684 int error = -EINVAL; 714 int error = -EINVAL;
685 int follow; 715 int follow;
686 716
687 if ((flag & ~AT_SYMLINK_NOFOLLOW) != 0 717 if ((flag & ~AT_SYMLINK_NOFOLLOW) != 0)
688 goto out; 718 goto out;
689 719
690 follow = (flag & AT_SYMLINK_NOFOLLOW) 720 follow = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW;
691 error = __user_walk_fd(dfd, filename, !! 721 error = user_path_at(dfd, filename, follow, &path);
692 if (error) 722 if (error)
693 goto out; 723 goto out;
694 error = chown_common(nd.path.dentry, u !! 724 error = mnt_want_write(path.mnt);
695 path_put(&nd.path); !! 725 if (error)
>> 726 goto out_release;
>> 727 error = chown_common(path.dentry, user, group);
>> 728 mnt_drop_write(path.mnt);
>> 729 out_release:
>> 730 path_put(&path);
696 out: 731 out:
697 return error; 732 return error;
698 } 733 }
699 734
700 asmlinkage long sys_lchown(const char __user * !! 735 SYSCALL_DEFINE3(lchown, const char __user *, filename, uid_t, user, gid_t, group)
701 { 736 {
702 struct nameidata nd; !! 737 struct path path;
703 int error; 738 int error;
704 739
705 error = user_path_walk_link(filename, !! 740 error = user_lpath(filename, &path);
706 if (error) 741 if (error)
707 goto out; 742 goto out;
708 error = chown_common(nd.path.dentry, u !! 743 error = mnt_want_write(path.mnt);
709 path_put(&nd.path); !! 744 if (error)
>> 745 goto out_release;
>> 746 error = chown_common(path.dentry, user, group);
>> 747 mnt_drop_write(path.mnt);
>> 748 out_release:
>> 749 path_put(&path);
710 out: 750 out:
711 return error; 751 return error;
712 } 752 }
713 753
714 !! 754 SYSCALL_DEFINE3(fchown, unsigned int, fd, uid_t, user, gid_t, group)
715 asmlinkage long sys_fchown(unsigned int fd, ui <<
716 { 755 {
717 struct file * file; 756 struct file * file;
718 int error = -EBADF; 757 int error = -EBADF;
719 struct dentry * dentry; 758 struct dentry * dentry;
720 759
721 file = fget(fd); 760 file = fget(fd);
722 if (!file) 761 if (!file)
723 goto out; 762 goto out;
724 763
>> 764 error = mnt_want_write_file(file);
>> 765 if (error)
>> 766 goto out_fput;
725 dentry = file->f_path.dentry; 767 dentry = file->f_path.dentry;
726 audit_inode(NULL, dentry); 768 audit_inode(NULL, dentry);
727 error = chown_common(dentry, user, gro 769 error = chown_common(dentry, user, group);
>> 770 mnt_drop_write(file->f_path.mnt);
>> 771 out_fput:
728 fput(file); 772 fput(file);
729 out: 773 out:
730 return error; 774 return error;
731 } 775 }
732 776
>> 777 /*
>> 778 * You have to be very careful that these write
>> 779 * counts get cleaned up in error cases and
>> 780 * upon __fput(). This should probably never
>> 781 * be called outside of __dentry_open().
>> 782 */
>> 783 static inline int __get_file_write_access(struct inode *inode,
>> 784 struct vfsmount *mnt)
>> 785 {
>> 786 int error;
>> 787 error = get_write_access(inode);
>> 788 if (error)
>> 789 return error;
>> 790 /*
>> 791 * Do not take mount writer counts on
>> 792 * special files since no writes to
>> 793 * the mount itself will occur.
>> 794 */
>> 795 if (!special_file(inode->i_mode)) {
>> 796 /*
>> 797 * Balanced in __fput()
>> 798 */
>> 799 error = mnt_want_write(mnt);
>> 800 if (error)
>> 801 put_write_access(inode);
>> 802 }
>> 803 return error;
>> 804 }
>> 805
733 static struct file *__dentry_open(struct dentr 806 static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
734 int fl 807 int flags, struct file *f,
735 int (* !! 808 int (*open)(struct inode *, struct file *),
>> 809 const struct cred *cred)
736 { 810 {
737 struct inode *inode; 811 struct inode *inode;
738 int error; 812 int error;
739 813
740 f->f_flags = flags; 814 f->f_flags = flags;
741 f->f_mode = ((flags+1) & O_ACCMODE) | !! 815 f->f_mode = (__force fmode_t)((flags+1) & O_ACCMODE) | FMODE_LSEEK |
742 FMODE_PREAD | 816 FMODE_PREAD | FMODE_PWRITE;
743 inode = dentry->d_inode; 817 inode = dentry->d_inode;
744 if (f->f_mode & FMODE_WRITE) { 818 if (f->f_mode & FMODE_WRITE) {
745 error = get_write_access(inode !! 819 error = __get_file_write_access(inode, mnt);
746 if (error) 820 if (error)
747 goto cleanup_file; 821 goto cleanup_file;
>> 822 if (!special_file(inode->i_mode))
>> 823 file_take_write(f);
748 } 824 }
749 825
750 f->f_mapping = inode->i_mapping; 826 f->f_mapping = inode->i_mapping;
751 f->f_path.dentry = dentry; 827 f->f_path.dentry = dentry;
752 f->f_path.mnt = mnt; 828 f->f_path.mnt = mnt;
753 f->f_pos = 0; 829 f->f_pos = 0;
754 f->f_op = fops_get(inode->i_fop); 830 f->f_op = fops_get(inode->i_fop);
755 file_move(f, &inode->i_sb->s_files); 831 file_move(f, &inode->i_sb->s_files);
756 832
757 error = security_dentry_open(f); !! 833 error = security_dentry_open(f, cred);
758 if (error) 834 if (error)
759 goto cleanup_all; 835 goto cleanup_all;
760 836
761 if (!open && f->f_op) 837 if (!open && f->f_op)
762 open = f->f_op->open; 838 open = f->f_op->open;
763 if (open) { 839 if (open) {
764 error = open(inode, f); 840 error = open(inode, f);
765 if (error) 841 if (error)
766 goto cleanup_all; 842 goto cleanup_all;
767 } 843 }
768 844
769 f->f_flags &= ~(O_CREAT | O_EXCL | O_N 845 f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
770 846
771 file_ra_state_init(&f->f_ra, f->f_mapp 847 file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping);
772 848
773 /* NB: we're sure to have correct a_op 849 /* NB: we're sure to have correct a_ops only after f_op->open */
774 if (f->f_flags & O_DIRECT) { 850 if (f->f_flags & O_DIRECT) {
775 if (!f->f_mapping->a_ops || 851 if (!f->f_mapping->a_ops ||
776 ((!f->f_mapping->a_ops->di 852 ((!f->f_mapping->a_ops->direct_IO) &&
777 (!f->f_mapping->a_ops->get !! 853 (!f->f_mapping->a_ops->get_xip_mem))) {
778 fput(f); 854 fput(f);
779 f = ERR_PTR(-EINVAL); 855 f = ERR_PTR(-EINVAL);
780 } 856 }
781 } 857 }
782 858
783 return f; 859 return f;
784 860
785 cleanup_all: 861 cleanup_all:
786 fops_put(f->f_op); 862 fops_put(f->f_op);
787 if (f->f_mode & FMODE_WRITE) !! 863 if (f->f_mode & FMODE_WRITE) {
788 put_write_access(inode); 864 put_write_access(inode);
>> 865 if (!special_file(inode->i_mode)) {
>> 866 /*
>> 867 * We don't consider this a real
>> 868 * mnt_want/drop_write() pair
>> 869 * because it all happenend right
>> 870 * here, so just reset the state.
>> 871 */
>> 872 file_reset_write(f);
>> 873 mnt_drop_write(mnt);
>> 874 }
>> 875 }
789 file_kill(f); 876 file_kill(f);
790 f->f_path.dentry = NULL; 877 f->f_path.dentry = NULL;
791 f->f_path.mnt = NULL; 878 f->f_path.mnt = NULL;
792 cleanup_file: 879 cleanup_file:
793 put_filp(f); 880 put_filp(f);
794 dput(dentry); 881 dput(dentry);
795 mntput(mnt); 882 mntput(mnt);
796 return ERR_PTR(error); 883 return ERR_PTR(error);
797 } 884 }
798 885
799 /* <<
800 * Note that while the flag value (low two bit <<
801 * 00 - read-only <<
802 * 01 - write-only <<
803 * 10 - read-write <<
804 * 11 - special <<
805 * it is changed into <<
806 * 00 - no permissions needed <<
807 * 01 - read-permission <<
808 * 10 - write-permission <<
809 * 11 - read-write <<
810 * for the internal routines (ie open_namei()/ <<
811 * used by symlinks. <<
812 */ <<
813 static struct file *do_filp_open(int dfd, cons <<
814 int mode) <<
815 { <<
816 int namei_flags, error; <<
817 struct nameidata nd; <<
818 <<
819 namei_flags = flags; <<
820 if ((namei_flags+1) & O_ACCMODE) <<
821 namei_flags++; <<
822 <<
823 error = open_namei(dfd, filename, name <<
824 if (!error) <<
825 return nameidata_to_filp(&nd, <<
826 <<
827 return ERR_PTR(error); <<
828 } <<
829 <<
830 struct file *filp_open(const char *filename, i <<
831 { <<
832 return do_filp_open(AT_FDCWD, filename <<
833 } <<
834 EXPORT_SYMBOL(filp_open); <<
835 <<
836 /** 886 /**
837 * lookup_instantiate_filp - instantiates the 887 * lookup_instantiate_filp - instantiates the open intent filp
838 * @nd: pointer to nameidata 888 * @nd: pointer to nameidata
839 * @dentry: pointer to dentry 889 * @dentry: pointer to dentry
840 * @open: open callback 890 * @open: open callback
841 * 891 *
842 * Helper for filesystems that want to use loo 892 * Helper for filesystems that want to use lookup open intents and pass back
843 * a fully instantiated struct file to the cal 893 * a fully instantiated struct file to the caller.
844 * This function is meant to be called from wi 894 * This function is meant to be called from within a filesystem's
845 * lookup method. 895 * lookup method.
846 * Beware of calling it for non-regular files! 896 * Beware of calling it for non-regular files! Those ->open methods might block
847 * (e.g. in fifo_open), leaving you with paren 897 * (e.g. in fifo_open), leaving you with parent locked (and in case of fifo,
848 * leading to a deadlock, as nobody can open t 898 * leading to a deadlock, as nobody can open that fifo anymore, because
849 * another process to open fifo will block on 899 * another process to open fifo will block on locked parent when doing lookup).
850 * Note that in case of error, nd->intent.open 900 * Note that in case of error, nd->intent.open.file is destroyed, but the
851 * path information remains valid. 901 * path information remains valid.
852 * If the open callback is set to NULL, then t 902 * If the open callback is set to NULL, then the standard f_op->open()
853 * filesystem callback is substituted. 903 * filesystem callback is substituted.
854 */ 904 */
855 struct file *lookup_instantiate_filp(struct na 905 struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry,
856 int (*open)(struct inode *, st 906 int (*open)(struct inode *, struct file *))
857 { 907 {
>> 908 const struct cred *cred = current_cred();
>> 909
858 if (IS_ERR(nd->intent.open.file)) 910 if (IS_ERR(nd->intent.open.file))
859 goto out; 911 goto out;
860 if (IS_ERR(dentry)) 912 if (IS_ERR(dentry))
861 goto out_err; 913 goto out_err;
862 nd->intent.open.file = __dentry_open(d 914 nd->intent.open.file = __dentry_open(dget(dentry), mntget(nd->path.mnt),
863 n 915 nd->intent.open.flags - 1,
864 n 916 nd->intent.open.file,
865 o !! 917 open, cred);
866 out: 918 out:
867 return nd->intent.open.file; 919 return nd->intent.open.file;
868 out_err: 920 out_err:
869 release_open_intent(nd); 921 release_open_intent(nd);
870 nd->intent.open.file = (struct file *) 922 nd->intent.open.file = (struct file *)dentry;
871 goto out; 923 goto out;
872 } 924 }
873 EXPORT_SYMBOL_GPL(lookup_instantiate_filp); 925 EXPORT_SYMBOL_GPL(lookup_instantiate_filp);
874 926
875 /** 927 /**
876 * nameidata_to_filp - convert a nameidata to 928 * nameidata_to_filp - convert a nameidata to an open filp.
877 * @nd: pointer to nameidata 929 * @nd: pointer to nameidata
878 * @flags: open flags 930 * @flags: open flags
879 * 931 *
880 * Note that this function destroys the origin 932 * Note that this function destroys the original nameidata
881 */ 933 */
882 struct file *nameidata_to_filp(struct nameidat 934 struct file *nameidata_to_filp(struct nameidata *nd, int flags)
883 { 935 {
>> 936 const struct cred *cred = current_cred();
884 struct file *filp; 937 struct file *filp;
885 938
886 /* Pick up the filp from the open inte 939 /* Pick up the filp from the open intent */
887 filp = nd->intent.open.file; 940 filp = nd->intent.open.file;
888 /* Has the filesystem initialised the 941 /* Has the filesystem initialised the file for us? */
889 if (filp->f_path.dentry == NULL) 942 if (filp->f_path.dentry == NULL)
890 filp = __dentry_open(nd->path. 943 filp = __dentry_open(nd->path.dentry, nd->path.mnt, flags, filp,
891 NULL); !! 944 NULL, cred);
892 else 945 else
893 path_put(&nd->path); 946 path_put(&nd->path);
894 return filp; 947 return filp;
895 } 948 }
896 949
897 /* 950 /*
898 * dentry_open() will have done dput(dentry) a 951 * dentry_open() will have done dput(dentry) and mntput(mnt) if it returns an
899 * error. 952 * error.
900 */ 953 */
901 struct file *dentry_open(struct dentry *dentry !! 954 struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags,
>> 955 const struct cred *cred)
902 { 956 {
903 int error; 957 int error;
904 struct file *f; 958 struct file *f;
905 959
906 /* 960 /*
907 * We must always pass in a valid moun 961 * We must always pass in a valid mount pointer. Historically
908 * callers got away with not passing i 962 * callers got away with not passing it, but we must enforce this at
909 * the earliest possible point now to 963 * the earliest possible point now to avoid strange problems deep in the
910 * filesystem stack. 964 * filesystem stack.
911 */ 965 */
912 if (!mnt) { 966 if (!mnt) {
913 printk(KERN_WARNING "%s called 967 printk(KERN_WARNING "%s called with NULL vfsmount\n", __func__);
914 dump_stack(); 968 dump_stack();
915 return ERR_PTR(-EINVAL); 969 return ERR_PTR(-EINVAL);
916 } 970 }
917 971
918 error = -ENFILE; 972 error = -ENFILE;
919 f = get_empty_filp(); 973 f = get_empty_filp();
920 if (f == NULL) { 974 if (f == NULL) {
921 dput(dentry); 975 dput(dentry);
922 mntput(mnt); 976 mntput(mnt);
923 return ERR_PTR(error); 977 return ERR_PTR(error);
924 } 978 }
925 979
926 return __dentry_open(dentry, mnt, flag !! 980 return __dentry_open(dentry, mnt, flags, f, NULL, cred);
927 } 981 }
928 EXPORT_SYMBOL(dentry_open); 982 EXPORT_SYMBOL(dentry_open);
929 983
930 /* <<
931 * Find an empty file descriptor entry, and ma <<
932 */ <<
933 int get_unused_fd_flags(int flags) <<
934 { <<
935 struct files_struct * files = current- <<
936 int fd, error; <<
937 struct fdtable *fdt; <<
938 <<
939 error = -EMFILE; <<
940 spin_lock(&files->file_lock); <<
941 <<
942 repeat: <<
943 fdt = files_fdtable(files); <<
944 fd = find_next_zero_bit(fdt->open_fds- <<
945 files->next_fd <<
946 <<
947 /* <<
948 * N.B. For clone tasks sharing a file <<
949 * will limit the total number of file <<
950 */ <<
951 if (fd >= current->signal->rlim[RLIMIT <<
952 goto out; <<
953 <<
954 /* Do we need to expand the fd array o <<
955 error = expand_files(files, fd); <<
956 if (error < 0) <<
957 goto out; <<
958 <<
959 if (error) { <<
960 /* <<
961 * If we needed to expand the <<
962 * might have blocked - try ag <<
963 */ <<
964 error = -EMFILE; <<
965 goto repeat; <<
966 } <<
967 <<
968 FD_SET(fd, fdt->open_fds); <<
969 if (flags & O_CLOEXEC) <<
970 FD_SET(fd, fdt->close_on_exec) <<
971 else <<
972 FD_CLR(fd, fdt->close_on_exec) <<
973 files->next_fd = fd + 1; <<
974 #if 1 <<
975 /* Sanity check */ <<
976 if (fdt->fd[fd] != NULL) { <<
977 printk(KERN_WARNING "get_unuse <<
978 fdt->fd[fd] = NULL; <<
979 } <<
980 #endif <<
981 error = fd; <<
982 <<
983 out: <<
984 spin_unlock(&files->file_lock); <<
985 return error; <<
986 } <<
987 <<
988 int get_unused_fd(void) <<
989 { <<
990 return get_unused_fd_flags(0); <<
991 } <<
992 <<
993 EXPORT_SYMBOL(get_unused_fd); <<
994 <<
995 static void __put_unused_fd(struct files_struc 984 static void __put_unused_fd(struct files_struct *files, unsigned int fd)
996 { 985 {
997 struct fdtable *fdt = files_fdtable(fi 986 struct fdtable *fdt = files_fdtable(files);
998 __FD_CLR(fd, fdt->open_fds); 987 __FD_CLR(fd, fdt->open_fds);
999 if (fd < files->next_fd) 988 if (fd < files->next_fd)
1000 files->next_fd = fd; 989 files->next_fd = fd;
1001 } 990 }
1002 991
1003 void put_unused_fd(unsigned int fd) 992 void put_unused_fd(unsigned int fd)
1004 { 993 {
1005 struct files_struct *files = current- 994 struct files_struct *files = current->files;
1006 spin_lock(&files->file_lock); 995 spin_lock(&files->file_lock);
1007 __put_unused_fd(files, fd); 996 __put_unused_fd(files, fd);
1008 spin_unlock(&files->file_lock); 997 spin_unlock(&files->file_lock);
1009 } 998 }
1010 999
1011 EXPORT_SYMBOL(put_unused_fd); 1000 EXPORT_SYMBOL(put_unused_fd);
1012 1001
1013 /* 1002 /*
1014 * Install a file pointer in the fd array. 1003 * Install a file pointer in the fd array.
1015 * 1004 *
1016 * The VFS is full of places where we drop th 1005 * The VFS is full of places where we drop the files lock between
1017 * setting the open_fds bitmap and installing 1006 * setting the open_fds bitmap and installing the file in the file
1018 * array. At any such point, we are vulnerab 1007 * array. At any such point, we are vulnerable to a dup2() race
1019 * installing a file in the array before us. 1008 * installing a file in the array before us. We need to detect this and
1020 * fput() the struct file we are about to ove 1009 * fput() the struct file we are about to overwrite in this case.
1021 * 1010 *
1022 * It should never happen - if we allow dup2( 1011 * It should never happen - if we allow dup2() do it, _really_ bad things
1023 * will follow. 1012 * will follow.
1024 */ 1013 */
1025 1014
1026 void fd_install(unsigned int fd, struct file 1015 void fd_install(unsigned int fd, struct file *file)
1027 { 1016 {
1028 struct files_struct *files = current- 1017 struct files_struct *files = current->files;
1029 struct fdtable *fdt; 1018 struct fdtable *fdt;
1030 spin_lock(&files->file_lock); 1019 spin_lock(&files->file_lock);
1031 fdt = files_fdtable(files); 1020 fdt = files_fdtable(files);
1032 BUG_ON(fdt->fd[fd] != NULL); 1021 BUG_ON(fdt->fd[fd] != NULL);
1033 rcu_assign_pointer(fdt->fd[fd], file) 1022 rcu_assign_pointer(fdt->fd[fd], file);
1034 spin_unlock(&files->file_lock); 1023 spin_unlock(&files->file_lock);
1035 } 1024 }
1036 1025
1037 EXPORT_SYMBOL(fd_install); 1026 EXPORT_SYMBOL(fd_install);
1038 1027
1039 long do_sys_open(int dfd, const char __user * 1028 long do_sys_open(int dfd, const char __user *filename, int flags, int mode)
1040 { 1029 {
1041 char *tmp = getname(filename); 1030 char *tmp = getname(filename);
1042 int fd = PTR_ERR(tmp); 1031 int fd = PTR_ERR(tmp);
1043 1032
1044 if (!IS_ERR(tmp)) { 1033 if (!IS_ERR(tmp)) {
1045 fd = get_unused_fd_flags(flag 1034 fd = get_unused_fd_flags(flags);
1046 if (fd >= 0) { 1035 if (fd >= 0) {
1047 struct file *f = do_f !! 1036 struct file *f = do_filp_open(dfd, tmp, flags, mode, 0);
1048 if (IS_ERR(f)) { 1037 if (IS_ERR(f)) {
1049 put_unused_fd 1038 put_unused_fd(fd);
1050 fd = PTR_ERR( 1039 fd = PTR_ERR(f);
1051 } else { 1040 } else {
1052 fsnotify_open 1041 fsnotify_open(f->f_path.dentry);
1053 fd_install(fd 1042 fd_install(fd, f);
1054 } 1043 }
1055 } 1044 }
1056 putname(tmp); 1045 putname(tmp);
1057 } 1046 }
1058 return fd; 1047 return fd;
1059 } 1048 }
1060 1049
1061 asmlinkage long sys_open(const char __user *f !! 1050 SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, int, mode)
1062 { 1051 {
1063 long ret; 1052 long ret;
1064 1053
1065 if (force_o_largefile()) 1054 if (force_o_largefile())
1066 flags |= O_LARGEFILE; 1055 flags |= O_LARGEFILE;
1067 1056
1068 ret = do_sys_open(AT_FDCWD, filename, 1057 ret = do_sys_open(AT_FDCWD, filename, flags, mode);
1069 /* avoid REGPARM breakage on x86: */ 1058 /* avoid REGPARM breakage on x86: */
1070 asmlinkage_protect(3, ret, filename, 1059 asmlinkage_protect(3, ret, filename, flags, mode);
1071 return ret; 1060 return ret;
1072 } 1061 }
1073 1062
1074 asmlinkage long sys_openat(int dfd, const cha !! 1063 SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags,
1075 int mode) !! 1064 int, mode)
1076 { 1065 {
1077 long ret; 1066 long ret;
1078 1067
1079 if (force_o_largefile()) 1068 if (force_o_largefile())
1080 flags |= O_LARGEFILE; 1069 flags |= O_LARGEFILE;
1081 1070
1082 ret = do_sys_open(dfd, filename, flag 1071 ret = do_sys_open(dfd, filename, flags, mode);
1083 /* avoid REGPARM breakage on x86: */ 1072 /* avoid REGPARM breakage on x86: */
1084 asmlinkage_protect(4, ret, dfd, filen 1073 asmlinkage_protect(4, ret, dfd, filename, flags, mode);
1085 return ret; 1074 return ret;
1086 } 1075 }
1087 1076
1088 #ifndef __alpha__ 1077 #ifndef __alpha__
1089 1078
1090 /* 1079 /*
1091 * For backward compatibility? Maybe this sh 1080 * For backward compatibility? Maybe this should be moved
1092 * into arch/i386 instead? 1081 * into arch/i386 instead?
1093 */ 1082 */
1094 asmlinkage long sys_creat(const char __user * !! 1083 SYSCALL_DEFINE2(creat, const char __user *, pathname, int, mode)
1095 { 1084 {
1096 return sys_open(pathname, O_CREAT | O 1085 return sys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode);
1097 } 1086 }
1098 1087
1099 #endif 1088 #endif
1100 1089
1101 /* 1090 /*
1102 * "id" is the POSIX thread ID. We use the 1091 * "id" is the POSIX thread ID. We use the
1103 * files pointer for this.. 1092 * files pointer for this..
1104 */ 1093 */
1105 int filp_close(struct file *filp, fl_owner_t 1094 int filp_close(struct file *filp, fl_owner_t id)
1106 { 1095 {
1107 int retval = 0; 1096 int retval = 0;
1108 1097
1109 if (!file_count(filp)) { 1098 if (!file_count(filp)) {
1110 printk(KERN_ERR "VFS: Close: 1099 printk(KERN_ERR "VFS: Close: file count is 0\n");
1111 return 0; 1100 return 0;
1112 } 1101 }
1113 1102
1114 if (filp->f_op && filp->f_op->flush) 1103 if (filp->f_op && filp->f_op->flush)
1115 retval = filp->f_op->flush(fi 1104 retval = filp->f_op->flush(filp, id);
1116 1105
1117 dnotify_flush(filp, id); 1106 dnotify_flush(filp, id);
1118 locks_remove_posix(filp, id); 1107 locks_remove_posix(filp, id);
1119 fput(filp); 1108 fput(filp);
1120 return retval; 1109 return retval;
1121 } 1110 }
1122 1111
1123 EXPORT_SYMBOL(filp_close); 1112 EXPORT_SYMBOL(filp_close);
1124 1113
1125 /* 1114 /*
1126 * Careful here! We test whether the file poi 1115 * Careful here! We test whether the file pointer is NULL before
1127 * releasing the fd. This ensures that one cl 1116 * releasing the fd. This ensures that one clone task can't release
1128 * an fd while another clone is opening it. 1117 * an fd while another clone is opening it.
1129 */ 1118 */
1130 asmlinkage long sys_close(unsigned int fd) !! 1119 SYSCALL_DEFINE1(close, unsigned int, fd)
1131 { 1120 {
1132 struct file * filp; 1121 struct file * filp;
1133 struct files_struct *files = current- 1122 struct files_struct *files = current->files;
1134 struct fdtable *fdt; 1123 struct fdtable *fdt;
1135 int retval; 1124 int retval;
1136 1125
1137 spin_lock(&files->file_lock); 1126 spin_lock(&files->file_lock);
1138 fdt = files_fdtable(files); 1127 fdt = files_fdtable(files);
1139 if (fd >= fdt->max_fds) 1128 if (fd >= fdt->max_fds)
1140 goto out_unlock; 1129 goto out_unlock;
1141 filp = fdt->fd[fd]; 1130 filp = fdt->fd[fd];
1142 if (!filp) 1131 if (!filp)
1143 goto out_unlock; 1132 goto out_unlock;
1144 rcu_assign_pointer(fdt->fd[fd], NULL) 1133 rcu_assign_pointer(fdt->fd[fd], NULL);
1145 FD_CLR(fd, fdt->close_on_exec); 1134 FD_CLR(fd, fdt->close_on_exec);
1146 __put_unused_fd(files, fd); 1135 __put_unused_fd(files, fd);
1147 spin_unlock(&files->file_lock); 1136 spin_unlock(&files->file_lock);
1148 retval = filp_close(filp, files); 1137 retval = filp_close(filp, files);
1149 1138
1150 /* can't restart close syscall becaus 1139 /* can't restart close syscall because file table entry was cleared */
1151 if (unlikely(retval == -ERESTARTSYS | 1140 if (unlikely(retval == -ERESTARTSYS ||
1152 retval == -ERESTARTNOINT 1141 retval == -ERESTARTNOINTR ||
1153 retval == -ERESTARTNOHAN 1142 retval == -ERESTARTNOHAND ||
1154 retval == -ERESTART_REST 1143 retval == -ERESTART_RESTARTBLOCK))
1155 retval = -EINTR; 1144 retval = -EINTR;
1156 1145
1157 return retval; 1146 return retval;
1158 1147
1159 out_unlock: 1148 out_unlock:
1160 spin_unlock(&files->file_lock); 1149 spin_unlock(&files->file_lock);
1161 return -EBADF; 1150 return -EBADF;
1162 } 1151 }
1163 <<
1164 EXPORT_SYMBOL(sys_close); 1152 EXPORT_SYMBOL(sys_close);
1165 1153
1166 /* 1154 /*
1167 * This routine simulates a hangup on the tty 1155 * This routine simulates a hangup on the tty, to arrange that users
1168 * are given clean terminals at login time. 1156 * are given clean terminals at login time.
1169 */ 1157 */
1170 asmlinkage long sys_vhangup(void) !! 1158 SYSCALL_DEFINE0(vhangup)
1171 { 1159 {
1172 if (capable(CAP_SYS_TTY_CONFIG)) { 1160 if (capable(CAP_SYS_TTY_CONFIG)) {
1173 /* XXX: this needs locking */ !! 1161 tty_vhangup_self();
1174 tty_vhangup(current->signal-> <<
1175 return 0; 1162 return 0;
1176 } 1163 }
1177 return -EPERM; 1164 return -EPERM;
1178 } 1165 }
1179 1166
1180 /* 1167 /*
1181 * Called when an inode is about to be open. 1168 * Called when an inode is about to be open.
1182 * We use this to disallow opening large file 1169 * We use this to disallow opening large files on 32bit systems if
1183 * the caller didn't specify O_LARGEFILE. On 1170 * the caller didn't specify O_LARGEFILE. On 64bit systems we force
1184 * on this flag in sys_open. 1171 * on this flag in sys_open.
1185 */ 1172 */
1186 int generic_file_open(struct inode * inode, s 1173 int generic_file_open(struct inode * inode, struct file * filp)
1187 { 1174 {
1188 if (!(filp->f_flags & O_LARGEFILE) && 1175 if (!(filp->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS)
1189 return -EOVERFLOW; 1176 return -EOVERFLOW;
1190 return 0; 1177 return 0;
1191 } 1178 }
1192 1179
1193 EXPORT_SYMBOL(generic_file_open); 1180 EXPORT_SYMBOL(generic_file_open);
1194 1181
1195 /* 1182 /*
1196 * This is used by subsystems that don't want 1183 * This is used by subsystems that don't want seekable
1197 * file descriptors 1184 * file descriptors
1198 */ 1185 */
1199 int nonseekable_open(struct inode *inode, str 1186 int nonseekable_open(struct inode *inode, struct file *filp)
1200 { 1187 {
1201 filp->f_mode &= ~(FMODE_LSEEK | FMODE 1188 filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE);
1202 return 0; 1189 return 0;
1203 } 1190 }
1204 1191
1205 EXPORT_SYMBOL(nonseekable_open); 1192 EXPORT_SYMBOL(nonseekable_open);
1206 1193
|
This page was automatically generated by the
LXR engine.
|