1 // SPDX-License-Identifier: GPL-2.0
5 * Copyright (C) 1992, 1993, 1994, 1995
6 * Remy Card (card@masi.ibp.fr)
7 * Laboratoire MASI - Institut Blaise Pascal
8 * Universite Pierre et Marie Curie (Paris VI)
12 * linux/fs/minix/dir.c
14 * Copyright (C) 1991, 1992 Linus Torvalds
16 * ext4 directory handling functions
18 * Big-endian to little-endian byte-swapping/bitmaps by
19 * David S. Miller (davem@caip.rutgers.edu), 1995
21 * Hash Tree Directory indexing (c) 2001 Daniel Phillips
26 #include <linux/buffer_head.h>
27 #include <linux/slab.h>
28 #include <linux/iversion.h>
32 static int ext4_dx_readdir(struct file *, struct dir_context *);
35 * Check if the given dir-inode refers to an htree-indexed directory
36 * (or a directory which could potentially get converted to use htree
39 * Return 1 if it is a dx dir, 0 if not
41 static int is_dx_dir(struct inode *inode)
43 struct super_block *sb = inode->i_sb;
45 if (ext4_has_feature_dir_index(inode->i_sb) &&
46 ((ext4_test_inode_flag(inode, EXT4_INODE_INDEX)) ||
47 ((inode->i_size >> sb->s_blocksize_bits) == 1) ||
48 ext4_has_inline_data(inode)))
55 * Return 0 if the directory entry is OK, and 1 if there is a problem
57 * Note: this is the opposite of what ext2 and ext3 historically returned...
59 * bh passed here can be an inode block or a dir data block, depending
60 * on the inode inline data flag.
62 int __ext4_check_dir_entry(const char *function, unsigned int line,
63 struct inode *dir, struct file *filp,
64 struct ext4_dir_entry_2 *de,
65 struct buffer_head *bh, char *buf, int size,
68 const char *error_msg = NULL;
69 const int rlen = ext4_rec_len_from_disk(de->rec_len,
70 dir->i_sb->s_blocksize);
72 if (unlikely(rlen < EXT4_DIR_REC_LEN(1)))
73 error_msg = "rec_len is smaller than minimal";
74 else if (unlikely(rlen % 4 != 0))
75 error_msg = "rec_len % 4 != 0";
76 else if (unlikely(rlen < EXT4_DIR_REC_LEN(de->name_len)))
77 error_msg = "rec_len is too small for name_len";
78 else if (unlikely(((char *) de - buf) + rlen > size))
79 error_msg = "directory entry overrun";
80 else if (unlikely(((char *) de - buf) + rlen >
81 size - EXT4_DIR_REC_LEN(1) &&
82 ((char *) de - buf) + rlen != size)) {
83 error_msg = "directory entry too close to block end";
85 else if (unlikely(le32_to_cpu(de->inode) >
86 le32_to_cpu(EXT4_SB(dir->i_sb)->s_es->s_inodes_count)))
87 error_msg = "inode out of bounds";
92 ext4_error_file(filp, function, line, bh->b_blocknr,
93 "bad entry in directory: %s - offset=%u, "
94 "inode=%u, rec_len=%d, name_len=%d, size=%d",
95 error_msg, offset, le32_to_cpu(de->inode),
96 rlen, de->name_len, size);
98 ext4_error_inode(dir, function, line, bh->b_blocknr,
99 "bad entry in directory: %s - offset=%u, "
100 "inode=%u, rec_len=%d, name_len=%d, size=%d",
101 error_msg, offset, le32_to_cpu(de->inode),
102 rlen, de->name_len, size);
107 static int ext4_readdir(struct file *file, struct dir_context *ctx)
111 struct ext4_dir_entry_2 *de;
113 struct inode *inode = file_inode(file);
114 struct super_block *sb = inode->i_sb;
115 struct buffer_head *bh = NULL;
116 struct fscrypt_str fstr = FSTR_INIT(NULL, 0);
118 if (ext4_encrypted_inode(inode)) {
119 err = fscrypt_get_encryption_info(inode);
120 if (err && err != -ENOKEY)
124 if (is_dx_dir(inode)) {
125 err = ext4_dx_readdir(file, ctx);
126 if (err != ERR_BAD_DX_DIR) {
129 /* Can we just clear INDEX flag to ignore htree information? */
130 if (!ext4_has_metadata_csum(sb)) {
132 * We don't set the inode dirty flag since it's not
133 * critical that it gets flushed back to the disk.
135 ext4_clear_inode_flag(inode, EXT4_INODE_INDEX);
139 if (ext4_has_inline_data(inode)) {
140 int has_inline_data = 1;
141 err = ext4_read_inline_dir(file, ctx,
147 if (ext4_encrypted_inode(inode)) {
148 err = fscrypt_fname_alloc_buffer(inode, EXT4_NAME_LEN, &fstr);
153 while (ctx->pos < inode->i_size) {
154 struct ext4_map_blocks map;
156 if (fatal_signal_pending(current)) {
161 offset = ctx->pos & (sb->s_blocksize - 1);
162 map.m_lblk = ctx->pos >> EXT4_BLOCK_SIZE_BITS(sb);
164 err = ext4_map_blocks(NULL, inode, &map, 0);
166 /* m_len should never be zero but let's avoid
167 * an infinite loop if it somehow is */
170 ctx->pos += map.m_len * sb->s_blocksize;
174 pgoff_t index = map.m_pblk >>
175 (PAGE_SHIFT - inode->i_blkbits);
176 if (!ra_has_index(&file->f_ra, index))
177 page_cache_sync_readahead(
178 sb->s_bdev->bd_inode->i_mapping,
181 file->f_ra.prev_pos = (loff_t)index << PAGE_SHIFT;
182 bh = ext4_bread(NULL, inode, map.m_lblk, 0);
191 /* corrupt size? Maybe no more blocks to read */
192 if (ctx->pos > inode->i_blocks << 9)
194 ctx->pos += sb->s_blocksize - offset;
198 /* Check the checksum */
199 if (!buffer_verified(bh) &&
200 !ext4_dirent_csum_verify(inode,
201 (struct ext4_dir_entry *)bh->b_data)) {
202 EXT4_ERROR_FILE(file, 0, "directory fails checksum "
204 (unsigned long long)ctx->pos);
205 ctx->pos += sb->s_blocksize - offset;
210 set_buffer_verified(bh);
212 /* If the dir block has changed since the last call to
213 * readdir(2), then we might be pointing to an invalid
214 * dirent right now. Scan from the start of the block
216 if (!inode_eq_iversion(inode, file->f_version)) {
217 for (i = 0; i < sb->s_blocksize && i < offset; ) {
218 de = (struct ext4_dir_entry_2 *)
220 /* It's too expensive to do a full
221 * dirent test each time round this
222 * loop, but we do have to test at
223 * least that it is non-zero. A
224 * failure will be detected in the
225 * dirent test below. */
226 if (ext4_rec_len_from_disk(de->rec_len,
227 sb->s_blocksize) < EXT4_DIR_REC_LEN(1))
229 i += ext4_rec_len_from_disk(de->rec_len,
233 ctx->pos = (ctx->pos & ~(sb->s_blocksize - 1))
235 file->f_version = inode_query_iversion(inode);
238 while (ctx->pos < inode->i_size
239 && offset < sb->s_blocksize) {
240 de = (struct ext4_dir_entry_2 *) (bh->b_data + offset);
241 if (ext4_check_dir_entry(inode, file, de, bh,
242 bh->b_data, bh->b_size,
245 * On error, skip to the next block
247 ctx->pos = (ctx->pos |
248 (sb->s_blocksize - 1)) + 1;
251 offset += ext4_rec_len_from_disk(de->rec_len,
253 if (le32_to_cpu(de->inode)) {
254 if (!ext4_encrypted_inode(inode)) {
255 if (!dir_emit(ctx, de->name,
257 le32_to_cpu(de->inode),
258 get_dtype(sb, de->file_type)))
261 int save_len = fstr.len;
262 struct fscrypt_str de_name =
266 /* Directory is encrypted */
267 err = fscrypt_fname_disk_to_usr(inode,
268 0, 0, &de_name, &fstr);
274 de_name.name, de_name.len,
275 le32_to_cpu(de->inode),
276 get_dtype(sb, de->file_type)))
280 ctx->pos += ext4_rec_len_from_disk(de->rec_len,
283 if ((ctx->pos < inode->i_size) && !dir_relax_shared(inode))
292 #ifdef CONFIG_EXT4_FS_ENCRYPTION
293 fscrypt_fname_free_buffer(&fstr);
299 static inline int is_32bit_api(void)
302 return in_compat_syscall();
304 return (BITS_PER_LONG == 32);
309 * These functions convert from the major/minor hash to an f_pos
310 * value for dx directories
312 * Upper layer (for example NFS) should specify FMODE_32BITHASH or
313 * FMODE_64BITHASH explicitly. On the other hand, we allow ext4 to be mounted
314 * directly on both 32-bit and 64-bit nodes, under such case, neither
315 * FMODE_32BITHASH nor FMODE_64BITHASH is specified.
317 static inline loff_t hash2pos(struct file *filp, __u32 major, __u32 minor)
319 if ((filp->f_mode & FMODE_32BITHASH) ||
320 (!(filp->f_mode & FMODE_64BITHASH) && is_32bit_api()))
323 return ((__u64)(major >> 1) << 32) | (__u64)minor;
326 static inline __u32 pos2maj_hash(struct file *filp, loff_t pos)
328 if ((filp->f_mode & FMODE_32BITHASH) ||
329 (!(filp->f_mode & FMODE_64BITHASH) && is_32bit_api()))
330 return (pos << 1) & 0xffffffff;
332 return ((pos >> 32) << 1) & 0xffffffff;
335 static inline __u32 pos2min_hash(struct file *filp, loff_t pos)
337 if ((filp->f_mode & FMODE_32BITHASH) ||
338 (!(filp->f_mode & FMODE_64BITHASH) && is_32bit_api()))
341 return pos & 0xffffffff;
345 * Return 32- or 64-bit end-of-file for dx directories
347 static inline loff_t ext4_get_htree_eof(struct file *filp)
349 if ((filp->f_mode & FMODE_32BITHASH) ||
350 (!(filp->f_mode & FMODE_64BITHASH) && is_32bit_api()))
351 return EXT4_HTREE_EOF_32BIT;
353 return EXT4_HTREE_EOF_64BIT;
358 * ext4_dir_llseek() calls generic_file_llseek_size to handle htree
359 * directories, where the "offset" is in terms of the filename hash
360 * value instead of the byte offset.
362 * Because we may return a 64-bit hash that is well beyond offset limits,
363 * we need to pass the max hash as the maximum allowable offset in
364 * the htree directory case.
366 * For non-htree, ext4_llseek already chooses the proper max offset.
368 static loff_t ext4_dir_llseek(struct file *file, loff_t offset, int whence)
370 struct inode *inode = file->f_mapping->host;
371 int dx_dir = is_dx_dir(inode);
372 loff_t ret, htree_max = ext4_get_htree_eof(file);
375 ret = generic_file_llseek_size(file, offset, whence,
376 htree_max, htree_max);
378 ret = ext4_llseek(file, offset, whence);
379 file->f_version = inode_peek_iversion(inode) - 1;
384 * This structure holds the nodes of the red-black tree used to store
385 * the directory entry in hash order.
390 struct rb_node rb_hash;
399 * This functoin implements a non-recursive way of freeing all of the
400 * nodes in the red-black tree.
402 static void free_rb_tree_fname(struct rb_root *root)
404 struct fname *fname, *next;
406 rbtree_postorder_for_each_entry_safe(fname, next, root, rb_hash)
408 struct fname *old = fname;
417 static struct dir_private_info *ext4_htree_create_dir_info(struct file *filp,
420 struct dir_private_info *p;
422 p = kzalloc(sizeof(*p), GFP_KERNEL);
425 p->curr_hash = pos2maj_hash(filp, pos);
426 p->curr_minor_hash = pos2min_hash(filp, pos);
430 void ext4_htree_free_dir_info(struct dir_private_info *p)
432 free_rb_tree_fname(&p->root);
437 * Given a directory entry, enter it into the fname rb tree.
439 * When filename encryption is enabled, the dirent will hold the
440 * encrypted filename, while the htree will hold decrypted filename.
441 * The decrypted filename is passed in via ent_name. parameter.
443 int ext4_htree_store_dirent(struct file *dir_file, __u32 hash,
445 struct ext4_dir_entry_2 *dirent,
446 struct fscrypt_str *ent_name)
448 struct rb_node **p, *parent = NULL;
449 struct fname *fname, *new_fn;
450 struct dir_private_info *info;
453 info = dir_file->private_data;
454 p = &info->root.rb_node;
456 /* Create and allocate the fname structure */
457 len = sizeof(struct fname) + ent_name->len + 1;
458 new_fn = kzalloc(len, GFP_KERNEL);
462 new_fn->minor_hash = minor_hash;
463 new_fn->inode = le32_to_cpu(dirent->inode);
464 new_fn->name_len = ent_name->len;
465 new_fn->file_type = dirent->file_type;
466 memcpy(new_fn->name, ent_name->name, ent_name->len);
467 new_fn->name[ent_name->len] = 0;
471 fname = rb_entry(parent, struct fname, rb_hash);
474 * If the hash and minor hash match up, then we put
475 * them on a linked list. This rarely happens...
477 if ((new_fn->hash == fname->hash) &&
478 (new_fn->minor_hash == fname->minor_hash)) {
479 new_fn->next = fname->next;
480 fname->next = new_fn;
484 if (new_fn->hash < fname->hash)
486 else if (new_fn->hash > fname->hash)
488 else if (new_fn->minor_hash < fname->minor_hash)
490 else /* if (new_fn->minor_hash > fname->minor_hash) */
494 rb_link_node(&new_fn->rb_hash, parent, p);
495 rb_insert_color(&new_fn->rb_hash, &info->root);
502 * This is a helper function for ext4_dx_readdir. It calls filldir
503 * for all entres on the fname linked list. (Normally there is only
504 * one entry on the linked list, unless there are 62 bit hash collisions.)
506 static int call_filldir(struct file *file, struct dir_context *ctx,
509 struct dir_private_info *info = file->private_data;
510 struct inode *inode = file_inode(file);
511 struct super_block *sb = inode->i_sb;
514 ext4_msg(sb, KERN_ERR, "%s:%d: inode #%lu: comm %s: "
515 "called with null fname?!?", __func__, __LINE__,
516 inode->i_ino, current->comm);
519 ctx->pos = hash2pos(file, fname->hash, fname->minor_hash);
521 if (!dir_emit(ctx, fname->name,
524 get_dtype(sb, fname->file_type))) {
525 info->extra_fname = fname;
533 static int ext4_dx_readdir(struct file *file, struct dir_context *ctx)
535 struct dir_private_info *info = file->private_data;
536 struct inode *inode = file_inode(file);
541 info = ext4_htree_create_dir_info(file, ctx->pos);
544 file->private_data = info;
547 if (ctx->pos == ext4_get_htree_eof(file))
550 /* Some one has messed with f_pos; reset the world */
551 if (info->last_pos != ctx->pos) {
552 free_rb_tree_fname(&info->root);
553 info->curr_node = NULL;
554 info->extra_fname = NULL;
555 info->curr_hash = pos2maj_hash(file, ctx->pos);
556 info->curr_minor_hash = pos2min_hash(file, ctx->pos);
560 * If there are any leftover names on the hash collision
561 * chain, return them first.
563 if (info->extra_fname) {
564 if (call_filldir(file, ctx, info->extra_fname))
566 info->extra_fname = NULL;
568 } else if (!info->curr_node)
569 info->curr_node = rb_first(&info->root);
573 * Fill the rbtree if we have no more entries,
574 * or the inode has changed since we last read in the
577 if ((!info->curr_node) ||
578 !inode_eq_iversion(inode, file->f_version)) {
579 info->curr_node = NULL;
580 free_rb_tree_fname(&info->root);
581 file->f_version = inode_query_iversion(inode);
582 ret = ext4_htree_fill_tree(file, info->curr_hash,
583 info->curr_minor_hash,
588 ctx->pos = ext4_get_htree_eof(file);
591 info->curr_node = rb_first(&info->root);
594 fname = rb_entry(info->curr_node, struct fname, rb_hash);
595 info->curr_hash = fname->hash;
596 info->curr_minor_hash = fname->minor_hash;
597 if (call_filldir(file, ctx, fname))
600 info->curr_node = rb_next(info->curr_node);
601 if (info->curr_node) {
602 fname = rb_entry(info->curr_node, struct fname,
604 info->curr_hash = fname->hash;
605 info->curr_minor_hash = fname->minor_hash;
607 if (info->next_hash == ~0) {
608 ctx->pos = ext4_get_htree_eof(file);
611 info->curr_hash = info->next_hash;
612 info->curr_minor_hash = 0;
616 info->last_pos = ctx->pos;
617 return ret < 0 ? ret : 0;
620 static int ext4_dir_open(struct inode * inode, struct file * filp)
622 if (ext4_encrypted_inode(inode))
623 return fscrypt_get_encryption_info(inode) ? -EACCES : 0;
627 static int ext4_release_dir(struct inode *inode, struct file *filp)
629 if (filp->private_data)
630 ext4_htree_free_dir_info(filp->private_data);
635 int ext4_check_all_de(struct inode *dir, struct buffer_head *bh, void *buf,
638 struct ext4_dir_entry_2 *de;
640 unsigned int offset = 0;
643 de = (struct ext4_dir_entry_2 *)buf;
644 top = buf + buf_size;
645 while ((char *) de < top) {
646 if (ext4_check_dir_entry(dir, NULL, de, bh,
647 buf, buf_size, offset))
648 return -EFSCORRUPTED;
649 rlen = ext4_rec_len_from_disk(de->rec_len, buf_size);
650 de = (struct ext4_dir_entry_2 *)((char *)de + rlen);
653 if ((char *) de > top)
654 return -EFSCORRUPTED;
659 const struct file_operations ext4_dir_operations = {
660 .llseek = ext4_dir_llseek,
661 .read = generic_read_dir,
662 .iterate_shared = ext4_readdir,
663 .unlocked_ioctl = ext4_ioctl,
665 .compat_ioctl = ext4_compat_ioctl,
667 .fsync = ext4_sync_file,
668 .open = ext4_dir_open,
669 .release = ext4_release_dir,
projects / releases.git / blob