1/*
2 *  linux/fs/nfs/unlink.c
3 *
4 * nfs sillydelete handling
5 *
6 */
7
8#include <linux/slab.h>
9#include <linux/string.h>
10#include <linux/dcache.h>
11#include <linux/sunrpc/sched.h>
12#include <linux/sunrpc/clnt.h>
13#include <linux/nfs_fs.h>
14#include <linux/sched.h>
15#include <linux/wait.h>
16#include <linux/namei.h>
17#include <linux/fsnotify.h>
18
19#include "internal.h"
20#include "nfs4_fs.h"
21#include "iostat.h"
22#include "delegation.h"
23
24#include "nfstrace.h"
25
26/**
27 * nfs_free_unlinkdata - release data from a sillydelete operation.
28 * @data: pointer to unlink structure.
29 */
30static void
31nfs_free_unlinkdata(struct nfs_unlinkdata *data)
32{
33	iput(data->dir);
34	put_rpccred(data->cred);
35	kfree(data->args.name.name);
36	kfree(data);
37}
38
39#define NAME_ALLOC_LEN(len)	((len+16) & ~15)
40/**
41 * nfs_copy_dname - copy dentry name to data structure
42 * @dentry: pointer to dentry
43 * @data: nfs_unlinkdata
44 */
45static int nfs_copy_dname(struct dentry *dentry, struct nfs_unlinkdata *data)
46{
47	char		*str;
48	int		len = dentry->d_name.len;
49
50	str = kmemdup(dentry->d_name.name, NAME_ALLOC_LEN(len), GFP_KERNEL);
51	if (!str)
52		return -ENOMEM;
53	data->args.name.len = len;
54	data->args.name.name = str;
55	return 0;
56}
57
58static void nfs_free_dname(struct nfs_unlinkdata *data)
59{
60	kfree(data->args.name.name);
61	data->args.name.name = NULL;
62	data->args.name.len = 0;
63}
64
65static void nfs_dec_sillycount(struct inode *dir)
66{
67	struct nfs_inode *nfsi = NFS_I(dir);
68	if (atomic_dec_return(&nfsi->silly_count) == 1)
69		wake_up(&nfsi->waitqueue);
70}
71
72/**
73 * nfs_async_unlink_done - Sillydelete post-processing
74 * @task: rpc_task of the sillydelete
75 *
76 * Do the directory attribute update.
77 */
78static void nfs_async_unlink_done(struct rpc_task *task, void *calldata)
79{
80	struct nfs_unlinkdata *data = calldata;
81	struct inode *dir = data->dir;
82
83	trace_nfs_sillyrename_unlink(data, task->tk_status);
84	if (!NFS_PROTO(dir)->unlink_done(task, dir))
85		rpc_restart_call_prepare(task);
86}
87
88/**
89 * nfs_async_unlink_release - Release the sillydelete data.
90 * @task: rpc_task of the sillydelete
91 *
92 * We need to call nfs_put_unlinkdata as a 'tk_release' task since the
93 * rpc_task would be freed too.
94 */
95static void nfs_async_unlink_release(void *calldata)
96{
97	struct nfs_unlinkdata	*data = calldata;
98	struct super_block *sb = data->dir->i_sb;
99
100	nfs_dec_sillycount(data->dir);
101	nfs_free_unlinkdata(data);
102	nfs_sb_deactive(sb);
103}
104
105static void nfs_unlink_prepare(struct rpc_task *task, void *calldata)
106{
107	struct nfs_unlinkdata *data = calldata;
108	NFS_PROTO(data->dir)->unlink_rpc_prepare(task, data);
109}
110
111static const struct rpc_call_ops nfs_unlink_ops = {
112	.rpc_call_done = nfs_async_unlink_done,
113	.rpc_release = nfs_async_unlink_release,
114	.rpc_call_prepare = nfs_unlink_prepare,
115};
116
117static int nfs_do_call_unlink(struct dentry *parent, struct inode *dir, struct nfs_unlinkdata *data)
118{
119	struct rpc_message msg = {
120		.rpc_argp = &data->args,
121		.rpc_resp = &data->res,
122		.rpc_cred = data->cred,
123	};
124	struct rpc_task_setup task_setup_data = {
125		.rpc_message = &msg,
126		.callback_ops = &nfs_unlink_ops,
127		.callback_data = data,
128		.workqueue = nfsiod_workqueue,
129		.flags = RPC_TASK_ASYNC,
130	};
131	struct rpc_task *task;
132	struct dentry *alias;
133
134	alias = d_lookup(parent, &data->args.name);
135	if (alias != NULL) {
136		int ret;
137		void *devname_garbage = NULL;
138
139		/*
140		 * Hey, we raced with lookup... See if we need to transfer
141		 * the sillyrename information to the aliased dentry.
142		 */
143		nfs_free_dname(data);
144		ret = nfs_copy_dname(alias, data);
145		spin_lock(&alias->d_lock);
146		if (ret == 0 && d_really_is_positive(alias) &&
147		    !(alias->d_flags & DCACHE_NFSFS_RENAMED)) {
148			devname_garbage = alias->d_fsdata;
149			alias->d_fsdata = data;
150			alias->d_flags |= DCACHE_NFSFS_RENAMED;
151			ret = 1;
152		} else
153			ret = 0;
154		spin_unlock(&alias->d_lock);
155		nfs_dec_sillycount(dir);
156		dput(alias);
157		/*
158		 * If we'd displaced old cached devname, free it.  At that
159		 * point dentry is definitely not a root, so we won't need
160		 * that anymore.
161		 */
162		kfree(devname_garbage);
163		return ret;
164	}
165	data->dir = igrab(dir);
166	if (!data->dir) {
167		nfs_dec_sillycount(dir);
168		return 0;
169	}
170	nfs_sb_active(dir->i_sb);
171	data->args.fh = NFS_FH(dir);
172	nfs_fattr_init(data->res.dir_attr);
173
174	NFS_PROTO(dir)->unlink_setup(&msg, dir);
175
176	task_setup_data.rpc_client = NFS_CLIENT(dir);
177	task = rpc_run_task(&task_setup_data);
178	if (!IS_ERR(task))
179		rpc_put_task_async(task);
180	return 1;
181}
182
183static int nfs_call_unlink(struct dentry *dentry, struct nfs_unlinkdata *data)
184{
185	struct dentry *parent;
186	struct inode *dir;
187	int ret = 0;
188
189
190	parent = dget_parent(dentry);
191	if (parent == NULL)
192		goto out_free;
193	dir = d_inode(parent);
194	/* Non-exclusive lock protects against concurrent lookup() calls */
195	spin_lock(&dir->i_lock);
196	if (atomic_inc_not_zero(&NFS_I(dir)->silly_count) == 0) {
197		/* Deferred delete */
198		hlist_add_head(&data->list, &NFS_I(dir)->silly_list);
199		spin_unlock(&dir->i_lock);
200		ret = 1;
201		goto out_dput;
202	}
203	spin_unlock(&dir->i_lock);
204	ret = nfs_do_call_unlink(parent, dir, data);
205out_dput:
206	dput(parent);
207out_free:
208	return ret;
209}
210
211void nfs_wait_on_sillyrename(struct dentry *dentry)
212{
213	struct nfs_inode *nfsi = NFS_I(d_inode(dentry));
214
215	wait_event(nfsi->waitqueue, atomic_read(&nfsi->silly_count) <= 1);
216}
217
218void nfs_block_sillyrename(struct dentry *dentry)
219{
220	struct nfs_inode *nfsi = NFS_I(d_inode(dentry));
221
222	wait_event(nfsi->waitqueue, atomic_cmpxchg(&nfsi->silly_count, 1, 0) == 1);
223}
224
225void nfs_unblock_sillyrename(struct dentry *dentry)
226{
227	struct inode *dir = d_inode(dentry);
228	struct nfs_inode *nfsi = NFS_I(dir);
229	struct nfs_unlinkdata *data;
230
231	atomic_inc(&nfsi->silly_count);
232	spin_lock(&dir->i_lock);
233	while (!hlist_empty(&nfsi->silly_list)) {
234		if (!atomic_inc_not_zero(&nfsi->silly_count))
235			break;
236		data = hlist_entry(nfsi->silly_list.first, struct nfs_unlinkdata, list);
237		hlist_del(&data->list);
238		spin_unlock(&dir->i_lock);
239		if (nfs_do_call_unlink(dentry, dir, data) == 0)
240			nfs_free_unlinkdata(data);
241		spin_lock(&dir->i_lock);
242	}
243	spin_unlock(&dir->i_lock);
244}
245
246/**
247 * nfs_async_unlink - asynchronous unlinking of a file
248 * @dir: parent directory of dentry
249 * @dentry: dentry to unlink
250 */
251static int
252nfs_async_unlink(struct inode *dir, struct dentry *dentry)
253{
254	struct nfs_unlinkdata *data;
255	int status = -ENOMEM;
256	void *devname_garbage = NULL;
257
258	data = kzalloc(sizeof(*data), GFP_KERNEL);
259	if (data == NULL)
260		goto out;
261
262	data->cred = rpc_lookup_cred();
263	if (IS_ERR(data->cred)) {
264		status = PTR_ERR(data->cred);
265		goto out_free;
266	}
267	data->res.dir_attr = &data->dir_attr;
268
269	status = -EBUSY;
270	spin_lock(&dentry->d_lock);
271	if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
272		goto out_unlock;
273	dentry->d_flags |= DCACHE_NFSFS_RENAMED;
274	devname_garbage = dentry->d_fsdata;
275	dentry->d_fsdata = data;
276	spin_unlock(&dentry->d_lock);
277	/*
278	 * If we'd displaced old cached devname, free it.  At that
279	 * point dentry is definitely not a root, so we won't need
280	 * that anymore.
281	 */
282	kfree(devname_garbage);
283	return 0;
284out_unlock:
285	spin_unlock(&dentry->d_lock);
286	put_rpccred(data->cred);
287out_free:
288	kfree(data);
289out:
290	return status;
291}
292
293/**
294 * nfs_complete_unlink - Initialize completion of the sillydelete
295 * @dentry: dentry to delete
296 * @inode: inode
297 *
298 * Since we're most likely to be called by dentry_iput(), we
299 * only use the dentry to find the sillydelete. We then copy the name
300 * into the qstr.
301 */
302void
303nfs_complete_unlink(struct dentry *dentry, struct inode *inode)
304{
305	struct nfs_unlinkdata	*data = NULL;
306
307	spin_lock(&dentry->d_lock);
308	if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
309		dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
310		data = dentry->d_fsdata;
311		dentry->d_fsdata = NULL;
312	}
313	spin_unlock(&dentry->d_lock);
314
315	if (data != NULL && (NFS_STALE(inode) || !nfs_call_unlink(dentry, data)))
316		nfs_free_unlinkdata(data);
317}
318
319/* Cancel a queued async unlink. Called when a sillyrename run fails. */
320static void
321nfs_cancel_async_unlink(struct dentry *dentry)
322{
323	spin_lock(&dentry->d_lock);
324	if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
325		struct nfs_unlinkdata *data = dentry->d_fsdata;
326
327		dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
328		dentry->d_fsdata = NULL;
329		spin_unlock(&dentry->d_lock);
330		nfs_free_unlinkdata(data);
331		return;
332	}
333	spin_unlock(&dentry->d_lock);
334}
335
336/**
337 * nfs_async_rename_done - Sillyrename post-processing
338 * @task: rpc_task of the sillyrename
339 * @calldata: nfs_renamedata for the sillyrename
340 *
341 * Do the directory attribute updates and the d_move
342 */
343static void nfs_async_rename_done(struct rpc_task *task, void *calldata)
344{
345	struct nfs_renamedata *data = calldata;
346	struct inode *old_dir = data->old_dir;
347	struct inode *new_dir = data->new_dir;
348	struct dentry *old_dentry = data->old_dentry;
349
350	trace_nfs_sillyrename_rename(old_dir, old_dentry,
351			new_dir, data->new_dentry, task->tk_status);
352	if (!NFS_PROTO(old_dir)->rename_done(task, old_dir, new_dir)) {
353		rpc_restart_call_prepare(task);
354		return;
355	}
356
357	if (data->complete)
358		data->complete(task, data);
359}
360
361/**
362 * nfs_async_rename_release - Release the sillyrename data.
363 * @calldata: the struct nfs_renamedata to be released
364 */
365static void nfs_async_rename_release(void *calldata)
366{
367	struct nfs_renamedata	*data = calldata;
368	struct super_block *sb = data->old_dir->i_sb;
369
370	if (d_really_is_positive(data->old_dentry))
371		nfs_mark_for_revalidate(d_inode(data->old_dentry));
372
373	dput(data->old_dentry);
374	dput(data->new_dentry);
375	iput(data->old_dir);
376	iput(data->new_dir);
377	nfs_sb_deactive(sb);
378	put_rpccred(data->cred);
379	kfree(data);
380}
381
382static void nfs_rename_prepare(struct rpc_task *task, void *calldata)
383{
384	struct nfs_renamedata *data = calldata;
385	NFS_PROTO(data->old_dir)->rename_rpc_prepare(task, data);
386}
387
388static const struct rpc_call_ops nfs_rename_ops = {
389	.rpc_call_done = nfs_async_rename_done,
390	.rpc_release = nfs_async_rename_release,
391	.rpc_call_prepare = nfs_rename_prepare,
392};
393
394/**
395 * nfs_async_rename - perform an asynchronous rename operation
396 * @old_dir: directory that currently holds the dentry to be renamed
397 * @new_dir: target directory for the rename
398 * @old_dentry: original dentry to be renamed
399 * @new_dentry: dentry to which the old_dentry should be renamed
400 *
401 * It's expected that valid references to the dentries and inodes are held
402 */
403struct rpc_task *
404nfs_async_rename(struct inode *old_dir, struct inode *new_dir,
405		 struct dentry *old_dentry, struct dentry *new_dentry,
406		 void (*complete)(struct rpc_task *, struct nfs_renamedata *))
407{
408	struct nfs_renamedata *data;
409	struct rpc_message msg = { };
410	struct rpc_task_setup task_setup_data = {
411		.rpc_message = &msg,
412		.callback_ops = &nfs_rename_ops,
413		.workqueue = nfsiod_workqueue,
414		.rpc_client = NFS_CLIENT(old_dir),
415		.flags = RPC_TASK_ASYNC,
416	};
417
418	data = kzalloc(sizeof(*data), GFP_KERNEL);
419	if (data == NULL)
420		return ERR_PTR(-ENOMEM);
421	task_setup_data.callback_data = data;
422
423	data->cred = rpc_lookup_cred();
424	if (IS_ERR(data->cred)) {
425		struct rpc_task *task = ERR_CAST(data->cred);
426		kfree(data);
427		return task;
428	}
429
430	msg.rpc_argp = &data->args;
431	msg.rpc_resp = &data->res;
432	msg.rpc_cred = data->cred;
433
434	/* set up nfs_renamedata */
435	data->old_dir = old_dir;
436	ihold(old_dir);
437	data->new_dir = new_dir;
438	ihold(new_dir);
439	data->old_dentry = dget(old_dentry);
440	data->new_dentry = dget(new_dentry);
441	nfs_fattr_init(&data->old_fattr);
442	nfs_fattr_init(&data->new_fattr);
443	data->complete = complete;
444
445	/* set up nfs_renameargs */
446	data->args.old_dir = NFS_FH(old_dir);
447	data->args.old_name = &old_dentry->d_name;
448	data->args.new_dir = NFS_FH(new_dir);
449	data->args.new_name = &new_dentry->d_name;
450
451	/* set up nfs_renameres */
452	data->res.old_fattr = &data->old_fattr;
453	data->res.new_fattr = &data->new_fattr;
454
455	nfs_sb_active(old_dir->i_sb);
456
457	NFS_PROTO(data->old_dir)->rename_setup(&msg, old_dir);
458
459	return rpc_run_task(&task_setup_data);
460}
461
462/*
463 * Perform tasks needed when a sillyrename is done such as cancelling the
464 * queued async unlink if it failed.
465 */
466static void
467nfs_complete_sillyrename(struct rpc_task *task, struct nfs_renamedata *data)
468{
469	struct dentry *dentry = data->old_dentry;
470
471	if (task->tk_status != 0) {
472		nfs_cancel_async_unlink(dentry);
473		return;
474	}
475
476	/*
477	 * vfs_unlink and the like do not issue this when a file is
478	 * sillyrenamed, so do it here.
479	 */
480	fsnotify_nameremove(dentry, 0);
481}
482
483#define SILLYNAME_PREFIX ".nfs"
484#define SILLYNAME_PREFIX_LEN ((unsigned)sizeof(SILLYNAME_PREFIX) - 1)
485#define SILLYNAME_FILEID_LEN ((unsigned)sizeof(u64) << 1)
486#define SILLYNAME_COUNTER_LEN ((unsigned)sizeof(unsigned int) << 1)
487#define SILLYNAME_LEN (SILLYNAME_PREFIX_LEN + \
488		SILLYNAME_FILEID_LEN + \
489		SILLYNAME_COUNTER_LEN)
490
491/**
492 * nfs_sillyrename - Perform a silly-rename of a dentry
493 * @dir: inode of directory that contains dentry
494 * @dentry: dentry to be sillyrenamed
495 *
496 * NFSv2/3 is stateless and the server doesn't know when the client is
497 * holding a file open. To prevent application problems when a file is
498 * unlinked while it's still open, the client performs a "silly-rename".
499 * That is, it renames the file to a hidden file in the same directory,
500 * and only performs the unlink once the last reference to it is put.
501 *
502 * The final cleanup is done during dentry_iput.
503 *
504 * (Note: NFSv4 is stateful, and has opens, so in theory an NFSv4 server
505 * could take responsibility for keeping open files referenced.  The server
506 * would also need to ensure that opened-but-deleted files were kept over
507 * reboots.  However, we may not assume a server does so.  (RFC 5661
508 * does provide an OPEN4_RESULT_PRESERVE_UNLINKED flag that a server can
509 * use to advertise that it does this; some day we may take advantage of
510 * it.))
511 */
512int
513nfs_sillyrename(struct inode *dir, struct dentry *dentry)
514{
515	static unsigned int sillycounter;
516	unsigned char silly[SILLYNAME_LEN + 1];
517	unsigned long long fileid;
518	struct dentry *sdentry;
519	struct rpc_task *task;
520	int            error = -EBUSY;
521
522	dfprintk(VFS, "NFS: silly-rename(%pd2, ct=%d)\n",
523		dentry, d_count(dentry));
524	nfs_inc_stats(dir, NFSIOS_SILLYRENAME);
525
526	/*
527	 * We don't allow a dentry to be silly-renamed twice.
528	 */
529	if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
530		goto out;
531
532	fileid = NFS_FILEID(d_inode(dentry));
533
534	/* Return delegation in anticipation of the rename */
535	NFS_PROTO(d_inode(dentry))->return_delegation(d_inode(dentry));
536
537	sdentry = NULL;
538	do {
539		int slen;
540		dput(sdentry);
541		sillycounter++;
542		slen = scnprintf(silly, sizeof(silly),
543				SILLYNAME_PREFIX "%0*llx%0*x",
544				SILLYNAME_FILEID_LEN, fileid,
545				SILLYNAME_COUNTER_LEN, sillycounter);
546
547		dfprintk(VFS, "NFS: trying to rename %pd to %s\n",
548				dentry, silly);
549
550		sdentry = lookup_one_len(silly, dentry->d_parent, slen);
551		/*
552		 * N.B. Better to return EBUSY here ... it could be
553		 * dangerous to delete the file while it's in use.
554		 */
555		if (IS_ERR(sdentry))
556			goto out;
557	} while (d_inode(sdentry) != NULL); /* need negative lookup */
558
559	/* queue unlink first. Can't do this from rpc_release as it
560	 * has to allocate memory
561	 */
562	error = nfs_async_unlink(dir, dentry);
563	if (error)
564		goto out_dput;
565
566	/* populate unlinkdata with the right dname */
567	error = nfs_copy_dname(sdentry,
568				(struct nfs_unlinkdata *)dentry->d_fsdata);
569	if (error) {
570		nfs_cancel_async_unlink(dentry);
571		goto out_dput;
572	}
573
574	/* run the rename task, undo unlink if it fails */
575	task = nfs_async_rename(dir, dir, dentry, sdentry,
576					nfs_complete_sillyrename);
577	if (IS_ERR(task)) {
578		error = -EBUSY;
579		nfs_cancel_async_unlink(dentry);
580		goto out_dput;
581	}
582
583	/* wait for the RPC task to complete, unless a SIGKILL intervenes */
584	error = rpc_wait_for_completion_task(task);
585	if (error == 0)
586		error = task->tk_status;
587	switch (error) {
588	case 0:
589		/* The rename succeeded */
590		nfs_set_verifier(dentry, nfs_save_change_attribute(dir));
591		d_move(dentry, sdentry);
592		break;
593	case -ERESTARTSYS:
594		/* The result of the rename is unknown. Play it safe by
595		 * forcing a new lookup */
596		d_drop(dentry);
597		d_drop(sdentry);
598	}
599	rpc_put_task(task);
600out_dput:
601	dput(sdentry);
602out:
603	return error;
604}
605