1// SPDX-License-Identifier: GPL-2.0
2/*
3 * linux/fs/nfs/unlink.c
4 *
5 * nfs sillydelete handling
6 *
7 */
8
9#include <linux/slab.h>
10#include <linux/string.h>
11#include <linux/dcache.h>
12#include <linux/sunrpc/sched.h>
13#include <linux/sunrpc/clnt.h>
14#include <linux/nfs_fs.h>
15#include <linux/sched.h>
16#include <linux/wait.h>
17#include <linux/namei.h>
18#include <linux/fsnotify.h>
19
20#include "internal.h"
21#include "nfs4_fs.h"
22#include "iostat.h"
23#include "delegation.h"
24
25#include "nfstrace.h"
26
27/**
28 * nfs_free_unlinkdata - release data from a sillydelete operation.
29 * @data: pointer to unlink structure.
30 */
31static void
32nfs_free_unlinkdata(struct nfs_unlinkdata *data)
33{
34 put_cred(cred: data->cred);
35 kfree(objp: data->args.name.name);
36 kfree(objp: data);
37}
38
39/**
40 * nfs_async_unlink_done - Sillydelete post-processing
41 * @task: rpc_task of the sillydelete
42 * @calldata: pointer to nfs_unlinkdata
43 *
44 * Do the directory attribute update.
45 */
46static void nfs_async_unlink_done(struct rpc_task *task, void *calldata)
47{
48 struct nfs_unlinkdata *data = calldata;
49 struct inode *dir = d_inode(dentry: data->dentry->d_parent);
50
51 trace_nfs_sillyrename_unlink(data, error: task->tk_status);
52 if (!NFS_PROTO(inode: dir)->unlink_done(task, dir))
53 rpc_restart_call_prepare(task);
54}
55
56/**
57 * nfs_async_unlink_release - Release the sillydelete data.
58 * @calldata: struct nfs_unlinkdata to release
59 *
60 * We need to call nfs_put_unlinkdata as a 'tk_release' task since the
61 * rpc_task would be freed too.
62 */
63static void nfs_async_unlink_release(void *calldata)
64{
65 struct nfs_unlinkdata *data = calldata;
66 struct dentry *dentry = data->dentry;
67 struct super_block *sb = dentry->d_sb;
68
69 up_read_non_owner(sem: &NFS_I(inode: d_inode(dentry: dentry->d_parent))->rmdir_sem);
70 d_lookup_done(dentry);
71 nfs_free_unlinkdata(data);
72 dput(dentry);
73 nfs_sb_deactive(sb);
74}
75
76static void nfs_unlink_prepare(struct rpc_task *task, void *calldata)
77{
78 struct nfs_unlinkdata *data = calldata;
79 struct inode *dir = d_inode(dentry: data->dentry->d_parent);
80 NFS_PROTO(inode: dir)->unlink_rpc_prepare(task, data);
81}
82
83static const struct rpc_call_ops nfs_unlink_ops = {
84 .rpc_call_done = nfs_async_unlink_done,
85 .rpc_release = nfs_async_unlink_release,
86 .rpc_call_prepare = nfs_unlink_prepare,
87};
88
89static void nfs_do_call_unlink(struct inode *inode, struct nfs_unlinkdata *data)
90{
91 struct rpc_message msg = {
92 .rpc_argp = &data->args,
93 .rpc_resp = &data->res,
94 .rpc_cred = data->cred,
95 };
96 struct rpc_task_setup task_setup_data = {
97 .rpc_message = &msg,
98 .callback_ops = &nfs_unlink_ops,
99 .callback_data = data,
100 .workqueue = nfsiod_workqueue,
101 .flags = RPC_TASK_ASYNC | RPC_TASK_CRED_NOREF,
102 };
103 struct rpc_task *task;
104 struct inode *dir = d_inode(dentry: data->dentry->d_parent);
105
106 if (nfs_server_capable(inode, NFS_CAP_MOVEABLE))
107 task_setup_data.flags |= RPC_TASK_MOVEABLE;
108
109 nfs_sb_active(sb: dir->i_sb);
110 data->args.fh = NFS_FH(inode: dir);
111 nfs_fattr_init(fattr: data->res.dir_attr);
112
113 NFS_PROTO(inode: dir)->unlink_setup(&msg, data->dentry, inode);
114
115 task_setup_data.rpc_client = NFS_CLIENT(inode: dir);
116 task = rpc_run_task(&task_setup_data);
117 if (!IS_ERR(ptr: task))
118 rpc_put_task_async(task);
119}
120
121static int nfs_call_unlink(struct dentry *dentry, struct inode *inode, struct nfs_unlinkdata *data)
122{
123 struct inode *dir = d_inode(dentry: dentry->d_parent);
124 struct dentry *alias;
125
126 down_read_non_owner(sem: &NFS_I(inode: dir)->rmdir_sem);
127 alias = d_alloc_parallel(dentry->d_parent, &data->args.name, &data->wq);
128 if (IS_ERR(ptr: alias)) {
129 up_read_non_owner(sem: &NFS_I(inode: dir)->rmdir_sem);
130 return 0;
131 }
132 if (!d_in_lookup(dentry: alias)) {
133 int ret;
134 void *devname_garbage = NULL;
135
136 /*
137 * Hey, we raced with lookup... See if we need to transfer
138 * the sillyrename information to the aliased dentry.
139 */
140 spin_lock(lock: &alias->d_lock);
141 if (d_really_is_positive(dentry: alias) &&
142 !nfs_compare_fh(a: NFS_FH(inode), b: NFS_FH(inode: d_inode(dentry: alias))) &&
143 !(alias->d_flags & DCACHE_NFSFS_RENAMED)) {
144 devname_garbage = alias->d_fsdata;
145 alias->d_fsdata = data;
146 alias->d_flags |= DCACHE_NFSFS_RENAMED;
147 ret = 1;
148 } else
149 ret = 0;
150 spin_unlock(lock: &alias->d_lock);
151 dput(alias);
152 up_read_non_owner(sem: &NFS_I(inode: dir)->rmdir_sem);
153 /*
154 * If we'd displaced old cached devname, free it. At that
155 * point dentry is definitely not a root, so we won't need
156 * that anymore.
157 */
158 kfree(objp: devname_garbage);
159 return ret;
160 }
161 data->dentry = alias;
162 nfs_do_call_unlink(inode, data);
163 return 1;
164}
165
166/**
167 * nfs_async_unlink - asynchronous unlinking of a file
168 * @dentry: parent directory of dentry
169 * @name: name of dentry to unlink
170 */
171static int
172nfs_async_unlink(struct dentry *dentry, const struct qstr *name)
173{
174 struct nfs_unlinkdata *data;
175 int status = -ENOMEM;
176 void *devname_garbage = NULL;
177
178 data = kzalloc(size: sizeof(*data), GFP_KERNEL);
179 if (data == NULL)
180 goto out;
181 data->args.name.name = kstrdup(s: name->name, GFP_KERNEL);
182 if (!data->args.name.name)
183 goto out_free;
184 data->args.name.len = name->len;
185
186 data->cred = get_current_cred();
187 data->res.dir_attr = &data->dir_attr;
188 init_waitqueue_head(&data->wq);
189
190 status = -EBUSY;
191 spin_lock(lock: &dentry->d_lock);
192 if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
193 goto out_unlock;
194 dentry->d_flags |= DCACHE_NFSFS_RENAMED;
195 devname_garbage = dentry->d_fsdata;
196 dentry->d_fsdata = data;
197 spin_unlock(lock: &dentry->d_lock);
198 /*
199 * If we'd displaced old cached devname, free it. At that
200 * point dentry is definitely not a root, so we won't need
201 * that anymore.
202 */
203 kfree(objp: devname_garbage);
204 return 0;
205out_unlock:
206 spin_unlock(lock: &dentry->d_lock);
207 put_cred(cred: data->cred);
208 kfree(objp: data->args.name.name);
209out_free:
210 kfree(objp: data);
211out:
212 return status;
213}
214
215/**
216 * nfs_complete_unlink - Initialize completion of the sillydelete
217 * @dentry: dentry to delete
218 * @inode: inode
219 *
220 * Since we're most likely to be called by dentry_iput(), we
221 * only use the dentry to find the sillydelete. We then copy the name
222 * into the qstr.
223 */
224void
225nfs_complete_unlink(struct dentry *dentry, struct inode *inode)
226{
227 struct nfs_unlinkdata *data;
228
229 spin_lock(lock: &dentry->d_lock);
230 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
231 data = dentry->d_fsdata;
232 dentry->d_fsdata = NULL;
233 spin_unlock(lock: &dentry->d_lock);
234
235 if (NFS_STALE(inode) || !nfs_call_unlink(dentry, inode, data))
236 nfs_free_unlinkdata(data);
237}
238
239/* Cancel a queued async unlink. Called when a sillyrename run fails. */
240static void
241nfs_cancel_async_unlink(struct dentry *dentry)
242{
243 spin_lock(lock: &dentry->d_lock);
244 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
245 struct nfs_unlinkdata *data = dentry->d_fsdata;
246
247 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
248 dentry->d_fsdata = NULL;
249 spin_unlock(lock: &dentry->d_lock);
250 nfs_free_unlinkdata(data);
251 return;
252 }
253 spin_unlock(lock: &dentry->d_lock);
254}
255
256/**
257 * nfs_async_rename_done - Sillyrename post-processing
258 * @task: rpc_task of the sillyrename
259 * @calldata: nfs_renamedata for the sillyrename
260 *
261 * Do the directory attribute updates and the d_move
262 */
263static void nfs_async_rename_done(struct rpc_task *task, void *calldata)
264{
265 struct nfs_renamedata *data = calldata;
266 struct inode *old_dir = data->old_dir;
267 struct inode *new_dir = data->new_dir;
268 struct dentry *old_dentry = data->old_dentry;
269
270 trace_nfs_sillyrename_rename(old_dir, old_dentry,
271 new_dir, new_dentry: data->new_dentry, error: task->tk_status);
272 if (!NFS_PROTO(inode: old_dir)->rename_done(task, old_dir, new_dir)) {
273 rpc_restart_call_prepare(task);
274 return;
275 }
276
277 if (data->complete)
278 data->complete(task, data);
279}
280
281/**
282 * nfs_async_rename_release - Release the sillyrename data.
283 * @calldata: the struct nfs_renamedata to be released
284 */
285static void nfs_async_rename_release(void *calldata)
286{
287 struct nfs_renamedata *data = calldata;
288 struct super_block *sb = data->old_dir->i_sb;
289
290 if (d_really_is_positive(dentry: data->old_dentry))
291 nfs_mark_for_revalidate(inode: d_inode(dentry: data->old_dentry));
292
293 /* The result of the rename is unknown. Play it safe by
294 * forcing a new lookup */
295 if (data->cancelled) {
296 spin_lock(lock: &data->old_dir->i_lock);
297 nfs_force_lookup_revalidate(dir: data->old_dir);
298 spin_unlock(lock: &data->old_dir->i_lock);
299 if (data->new_dir != data->old_dir) {
300 spin_lock(lock: &data->new_dir->i_lock);
301 nfs_force_lookup_revalidate(dir: data->new_dir);
302 spin_unlock(lock: &data->new_dir->i_lock);
303 }
304 }
305
306 dput(data->old_dentry);
307 dput(data->new_dentry);
308 iput(data->old_dir);
309 iput(data->new_dir);
310 nfs_sb_deactive(sb);
311 put_cred(cred: data->cred);
312 kfree(objp: data);
313}
314
315static void nfs_rename_prepare(struct rpc_task *task, void *calldata)
316{
317 struct nfs_renamedata *data = calldata;
318 NFS_PROTO(inode: data->old_dir)->rename_rpc_prepare(task, data);
319}
320
321static const struct rpc_call_ops nfs_rename_ops = {
322 .rpc_call_done = nfs_async_rename_done,
323 .rpc_release = nfs_async_rename_release,
324 .rpc_call_prepare = nfs_rename_prepare,
325};
326
327/**
328 * nfs_async_rename - perform an asynchronous rename operation
329 * @old_dir: directory that currently holds the dentry to be renamed
330 * @new_dir: target directory for the rename
331 * @old_dentry: original dentry to be renamed
332 * @new_dentry: dentry to which the old_dentry should be renamed
333 * @complete: Function to run on successful completion
334 *
335 * It's expected that valid references to the dentries and inodes are held
336 */
337struct rpc_task *
338nfs_async_rename(struct inode *old_dir, struct inode *new_dir,
339 struct dentry *old_dentry, struct dentry *new_dentry,
340 void (*complete)(struct rpc_task *, struct nfs_renamedata *))
341{
342 struct nfs_renamedata *data;
343 struct rpc_message msg = { };
344 struct rpc_task_setup task_setup_data = {
345 .rpc_message = &msg,
346 .callback_ops = &nfs_rename_ops,
347 .workqueue = nfsiod_workqueue,
348 .rpc_client = NFS_CLIENT(inode: old_dir),
349 .flags = RPC_TASK_ASYNC | RPC_TASK_CRED_NOREF,
350 };
351
352 if (nfs_server_capable(inode: old_dir, NFS_CAP_MOVEABLE) &&
353 nfs_server_capable(inode: new_dir, NFS_CAP_MOVEABLE))
354 task_setup_data.flags |= RPC_TASK_MOVEABLE;
355
356 data = kzalloc(size: sizeof(*data), GFP_KERNEL);
357 if (data == NULL)
358 return ERR_PTR(error: -ENOMEM);
359 task_setup_data.task = &data->task;
360 task_setup_data.callback_data = data;
361
362 data->cred = get_current_cred();
363
364 msg.rpc_argp = &data->args;
365 msg.rpc_resp = &data->res;
366 msg.rpc_cred = data->cred;
367
368 /* set up nfs_renamedata */
369 data->old_dir = old_dir;
370 ihold(inode: old_dir);
371 data->new_dir = new_dir;
372 ihold(inode: new_dir);
373 data->old_dentry = dget(dentry: old_dentry);
374 data->new_dentry = dget(dentry: new_dentry);
375 nfs_fattr_init(fattr: &data->old_fattr);
376 nfs_fattr_init(fattr: &data->new_fattr);
377 data->complete = complete;
378
379 /* set up nfs_renameargs */
380 data->args.old_dir = NFS_FH(inode: old_dir);
381 data->args.old_name = &old_dentry->d_name;
382 data->args.new_dir = NFS_FH(inode: new_dir);
383 data->args.new_name = &new_dentry->d_name;
384
385 /* set up nfs_renameres */
386 data->res.old_fattr = &data->old_fattr;
387 data->res.new_fattr = &data->new_fattr;
388
389 nfs_sb_active(sb: old_dir->i_sb);
390
391 NFS_PROTO(inode: data->old_dir)->rename_setup(&msg, old_dentry, new_dentry);
392
393 return rpc_run_task(&task_setup_data);
394}
395
396/*
397 * Perform tasks needed when a sillyrename is done such as cancelling the
398 * queued async unlink if it failed.
399 */
400static void
401nfs_complete_sillyrename(struct rpc_task *task, struct nfs_renamedata *data)
402{
403 struct dentry *dentry = data->old_dentry;
404
405 if (task->tk_status != 0) {
406 nfs_cancel_async_unlink(dentry);
407 return;
408 }
409}
410
411#define SILLYNAME_PREFIX ".nfs"
412#define SILLYNAME_PREFIX_LEN ((unsigned)sizeof(SILLYNAME_PREFIX) - 1)
413#define SILLYNAME_FILEID_LEN ((unsigned)sizeof(u64) << 1)
414#define SILLYNAME_COUNTER_LEN ((unsigned)sizeof(unsigned int) << 1)
415#define SILLYNAME_LEN (SILLYNAME_PREFIX_LEN + \
416 SILLYNAME_FILEID_LEN + \
417 SILLYNAME_COUNTER_LEN)
418
419/**
420 * nfs_sillyrename - Perform a silly-rename of a dentry
421 * @dir: inode of directory that contains dentry
422 * @dentry: dentry to be sillyrenamed
423 *
424 * NFSv2/3 is stateless and the server doesn't know when the client is
425 * holding a file open. To prevent application problems when a file is
426 * unlinked while it's still open, the client performs a "silly-rename".
427 * That is, it renames the file to a hidden file in the same directory,
428 * and only performs the unlink once the last reference to it is put.
429 *
430 * The final cleanup is done during dentry_iput.
431 *
432 * (Note: NFSv4 is stateful, and has opens, so in theory an NFSv4 server
433 * could take responsibility for keeping open files referenced. The server
434 * would also need to ensure that opened-but-deleted files were kept over
435 * reboots. However, we may not assume a server does so. (RFC 5661
436 * does provide an OPEN4_RESULT_PRESERVE_UNLINKED flag that a server can
437 * use to advertise that it does this; some day we may take advantage of
438 * it.))
439 */
440int
441nfs_sillyrename(struct inode *dir, struct dentry *dentry)
442{
443 static unsigned int sillycounter;
444 unsigned char silly[SILLYNAME_LEN + 1];
445 unsigned long long fileid;
446 struct dentry *sdentry;
447 struct inode *inode = d_inode(dentry);
448 struct rpc_task *task;
449 int error = -EBUSY;
450
451 dfprintk(VFS, "NFS: silly-rename(%pd2, ct=%d)\n",
452 dentry, d_count(dentry));
453 nfs_inc_stats(inode: dir, stat: NFSIOS_SILLYRENAME);
454
455 /*
456 * We don't allow a dentry to be silly-renamed twice.
457 */
458 if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
459 goto out;
460
461 fileid = NFS_FILEID(inode: d_inode(dentry));
462
463 sdentry = NULL;
464 do {
465 int slen;
466 dput(sdentry);
467 sillycounter++;
468 slen = scnprintf(buf: silly, size: sizeof(silly),
469 SILLYNAME_PREFIX "%0*llx%0*x",
470 SILLYNAME_FILEID_LEN, fileid,
471 SILLYNAME_COUNTER_LEN, sillycounter);
472
473 dfprintk(VFS, "NFS: trying to rename %pd to %s\n",
474 dentry, silly);
475
476 sdentry = lookup_one_len(silly, dentry->d_parent, slen);
477 /*
478 * N.B. Better to return EBUSY here ... it could be
479 * dangerous to delete the file while it's in use.
480 */
481 if (IS_ERR(ptr: sdentry))
482 goto out;
483 } while (d_inode(dentry: sdentry) != NULL); /* need negative lookup */
484
485 ihold(inode);
486
487 /* queue unlink first. Can't do this from rpc_release as it
488 * has to allocate memory
489 */
490 error = nfs_async_unlink(dentry, name: &sdentry->d_name);
491 if (error)
492 goto out_dput;
493
494 /* run the rename task, undo unlink if it fails */
495 task = nfs_async_rename(old_dir: dir, new_dir: dir, old_dentry: dentry, new_dentry: sdentry,
496 complete: nfs_complete_sillyrename);
497 if (IS_ERR(ptr: task)) {
498 error = -EBUSY;
499 nfs_cancel_async_unlink(dentry);
500 goto out_dput;
501 }
502
503 /* wait for the RPC task to complete, unless a SIGKILL intervenes */
504 error = rpc_wait_for_completion_task(task);
505 if (error == 0)
506 error = task->tk_status;
507 switch (error) {
508 case 0:
509 /* The rename succeeded */
510 nfs_set_verifier(dentry, verf: nfs_save_change_attribute(dir));
511 spin_lock(lock: &inode->i_lock);
512 NFS_I(inode)->attr_gencount = nfs_inc_attr_generation_counter();
513 nfs_set_cache_invalid(inode, NFS_INO_INVALID_CHANGE |
514 NFS_INO_INVALID_CTIME |
515 NFS_INO_REVAL_FORCED);
516 spin_unlock(lock: &inode->i_lock);
517 d_move(dentry, sdentry);
518 break;
519 case -ERESTARTSYS:
520 /* The result of the rename is unknown. Play it safe by
521 * forcing a new lookup */
522 d_drop(dentry);
523 d_drop(dentry: sdentry);
524 }
525 rpc_put_task(task);
526out_dput:
527 iput(inode);
528 dput(sdentry);
529out:
530 return error;
531}
532

source code of linux/fs/nfs/unlink.c