4 * Copyright (C) 1991, 1992 Linus Torvalds
7 #include <linux/string.h>
9 #include <linux/utime.h>
10 #include <linux/file.h>
11 #include <linux/smp_lock.h>
12 #include <linux/quotaops.h>
13 #include <linux/dnotify.h>
14 #include <linux/module.h>
15 #include <linux/slab.h>
16 #include <linux/tty.h>
17 #include <linux/namei.h>
18 #include <linux/backing-dev.h>
19 #include <linux/security.h>
20 #include <linux/mount.h>
21 #include <linux/vfs.h>
22 #include <asm/uaccess.h>
24 #include <linux/pagemap.h>
25 #include <linux/syscalls.h>
26 #include <linux/vs_limit.h>
27 #include <linux/vs_dlimit.h>
28 #include <linux/vserver/xid.h>
30 #include <asm/unistd.h>
32 int vfs_statfs(struct super_block *sb, struct kstatfs *buf)
38 if (sb->s_op->statfs) {
39 memset(buf, 0, sizeof(*buf));
40 retval = security_sb_statfs(sb);
43 retval = sb->s_op->statfs(sb, buf);
44 if (retval == 0 && buf->f_frsize == 0)
45 buf->f_frsize = buf->f_bsize;
47 if (!vx_check(0, VX_ADMIN|VX_WATCH))
48 vx_vsi_statfs(sb, buf);
53 EXPORT_SYMBOL(vfs_statfs);
55 static int vfs_statfs_native(struct super_block *sb, struct statfs *buf)
60 retval = vfs_statfs(sb, &st);
64 if (sizeof(*buf) == sizeof(st))
65 memcpy(buf, &st, sizeof(st));
67 if (sizeof buf->f_blocks == 4) {
68 if ((st.f_blocks | st.f_bfree | st.f_bavail) &
69 0xffffffff00000000ULL)
72 * f_files and f_ffree may be -1; it's okay to stuff
75 if (st.f_files != -1 &&
76 (st.f_files & 0xffffffff00000000ULL))
78 if (st.f_ffree != -1 &&
79 (st.f_ffree & 0xffffffff00000000ULL))
83 buf->f_type = st.f_type;
84 buf->f_bsize = st.f_bsize;
85 buf->f_blocks = st.f_blocks;
86 buf->f_bfree = st.f_bfree;
87 buf->f_bavail = st.f_bavail;
88 buf->f_files = st.f_files;
89 buf->f_ffree = st.f_ffree;
90 buf->f_fsid = st.f_fsid;
91 buf->f_namelen = st.f_namelen;
92 buf->f_frsize = st.f_frsize;
93 memset(buf->f_spare, 0, sizeof(buf->f_spare));
98 static int vfs_statfs64(struct super_block *sb, struct statfs64 *buf)
103 retval = vfs_statfs(sb, &st);
107 if (sizeof(*buf) == sizeof(st))
108 memcpy(buf, &st, sizeof(st));
110 buf->f_type = st.f_type;
111 buf->f_bsize = st.f_bsize;
112 buf->f_blocks = st.f_blocks;
113 buf->f_bfree = st.f_bfree;
114 buf->f_bavail = st.f_bavail;
115 buf->f_files = st.f_files;
116 buf->f_ffree = st.f_ffree;
117 buf->f_fsid = st.f_fsid;
118 buf->f_namelen = st.f_namelen;
119 buf->f_frsize = st.f_frsize;
120 memset(buf->f_spare, 0, sizeof(buf->f_spare));
125 asmlinkage long sys_statfs(const char __user * path, struct statfs __user * buf)
130 error = user_path_walk(path, &nd);
133 error = vfs_statfs_native(nd.dentry->d_inode->i_sb, &tmp);
134 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
142 asmlinkage long sys_statfs64(const char __user *path, size_t sz, struct statfs64 __user *buf)
147 if (sz != sizeof(*buf))
149 error = user_path_walk(path, &nd);
152 error = vfs_statfs64(nd.dentry->d_inode->i_sb, &tmp);
153 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
161 asmlinkage long sys_fstatfs(unsigned int fd, struct statfs __user * buf)
171 error = vfs_statfs_native(file->f_dentry->d_inode->i_sb, &tmp);
172 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
179 asmlinkage long sys_fstatfs64(unsigned int fd, size_t sz, struct statfs64 __user *buf)
185 if (sz != sizeof(*buf))
192 error = vfs_statfs64(file->f_dentry->d_inode->i_sb, &tmp);
193 if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
200 int do_truncate(struct dentry *dentry, loff_t length)
203 struct iattr newattrs;
205 /* Not pretty: "inode->i_size" shouldn't really be signed. But it is. */
209 newattrs.ia_size = length;
210 newattrs.ia_valid = ATTR_SIZE | ATTR_CTIME;
212 down(&dentry->d_inode->i_sem);
213 err = notify_change(dentry, &newattrs);
214 up(&dentry->d_inode->i_sem);
218 static inline long do_sys_truncate(const char __user * path, loff_t length)
221 struct inode * inode;
225 if (length < 0) /* sorry, but loff_t says... */
228 error = user_path_walk(path, &nd);
231 inode = nd.dentry->d_inode;
233 /* For directories it's -EISDIR, for other non-regulars - -EINVAL */
235 if (S_ISDIR(inode->i_mode))
239 if (!S_ISREG(inode->i_mode))
242 error = permission(inode,MAY_WRITE,&nd);
247 if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
251 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
255 * Make sure that there are no leases.
257 error = break_lease(inode, FMODE_WRITE);
261 error = get_write_access(inode);
265 error = locks_verify_truncate(inode, NULL, length);
268 error = do_truncate(nd.dentry, length);
270 put_write_access(inode);
278 asmlinkage long sys_truncate(const char __user * path, unsigned long length)
280 /* on 32-bit boxen it will cut the range 2^31--2^32-1 off */
281 return do_sys_truncate(path, (long)length);
284 static inline long do_sys_ftruncate(unsigned int fd, loff_t length, int small)
286 struct inode * inode;
287 struct dentry *dentry;
299 /* explicitly opened as large or we are on 64-bit box */
300 if (file->f_flags & O_LARGEFILE)
303 dentry = file->f_dentry;
304 inode = dentry->d_inode;
306 if (!S_ISREG(inode->i_mode) || !(file->f_mode & FMODE_WRITE))
310 /* Cannot ftruncate over 2^31 bytes without large file support */
311 if (small && length > MAX_NON_LFS)
315 if (IS_APPEND(inode))
318 error = locks_verify_truncate(inode, file, length);
320 error = do_truncate(dentry, length);
327 asmlinkage long sys_ftruncate(unsigned int fd, unsigned long length)
329 return do_sys_ftruncate(fd, length, 1);
332 /* LFS versions of truncate are only needed on 32 bit machines */
333 #if BITS_PER_LONG == 32
334 asmlinkage long sys_truncate64(const char __user * path, loff_t length)
336 return do_sys_truncate(path, length);
339 asmlinkage long sys_ftruncate64(unsigned int fd, loff_t length)
341 return do_sys_ftruncate(fd, length, 0);
345 #ifdef __ARCH_WANT_SYS_UTIME
348 * sys_utime() can be implemented in user-level using sys_utimes().
349 * Is this for backwards compatibility? If so, why not move it
350 * into the appropriate arch directory (for those architectures that
354 /* If times==NULL, set access and modification to current time,
355 * must be owner or have write permission.
356 * Else, update from *times, must be owner or super user.
358 asmlinkage long sys_utime(char __user * filename, struct utimbuf __user * times)
362 struct inode * inode;
363 struct iattr newattrs;
365 error = user_path_walk(filename, &nd);
368 inode = nd.dentry->d_inode;
371 if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
374 /* Don't worry, the checks are done in inode_change_ok() */
375 newattrs.ia_valid = ATTR_CTIME | ATTR_MTIME | ATTR_ATIME;
378 if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
381 error = get_user(newattrs.ia_atime.tv_sec, ×->actime);
382 newattrs.ia_atime.tv_nsec = 0;
384 error = get_user(newattrs.ia_mtime.tv_sec, ×->modtime);
385 newattrs.ia_mtime.tv_nsec = 0;
389 newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
392 if (IS_IMMUTABLE(inode))
395 if (current->fsuid != inode->i_uid &&
396 (error = permission(inode,MAY_WRITE,&nd)) != 0)
400 error = notify_change(nd.dentry, &newattrs);
410 /* If times==NULL, set access and modification to current time,
411 * must be owner or have write permission.
412 * Else, update from *times, must be owner or super user.
414 long do_utimes(char __user * filename, struct timeval * times)
418 struct inode * inode;
419 struct iattr newattrs;
421 error = user_path_walk(filename, &nd);
425 inode = nd.dentry->d_inode;
428 if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
431 /* Don't worry, the checks are done in inode_change_ok() */
432 newattrs.ia_valid = ATTR_CTIME | ATTR_MTIME | ATTR_ATIME;
435 if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
438 newattrs.ia_atime.tv_sec = times[0].tv_sec;
439 newattrs.ia_atime.tv_nsec = times[0].tv_usec * 1000;
440 newattrs.ia_mtime.tv_sec = times[1].tv_sec;
441 newattrs.ia_mtime.tv_nsec = times[1].tv_usec * 1000;
442 newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
445 if (IS_IMMUTABLE(inode))
448 if (current->fsuid != inode->i_uid &&
449 (error = permission(inode,MAY_WRITE,&nd)) != 0)
453 error = notify_change(nd.dentry, &newattrs);
461 asmlinkage long sys_utimes(char __user * filename, struct timeval __user * utimes)
463 struct timeval times[2];
465 if (utimes && copy_from_user(×, utimes, sizeof(times)))
467 return do_utimes(filename, utimes ? times : NULL);
472 * access() needs to use the real uid/gid, not the effective uid/gid.
473 * We do this by temporarily clearing all FS-related capabilities and
474 * switching the fsuid/fsgid around to the real ones.
476 asmlinkage long sys_access(const char __user * filename, int mode)
479 int old_fsuid, old_fsgid;
480 kernel_cap_t old_cap;
483 if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */
486 old_fsuid = current->fsuid;
487 old_fsgid = current->fsgid;
488 old_cap = current->cap_effective;
490 current->fsuid = current->uid;
491 current->fsgid = current->gid;
494 * Clear the capabilities if we switch to a non-root user
496 * FIXME: There is a race here against sys_capset. The
497 * capabilities can change yet we will restore the old
498 * value below. We should hold task_capabilities_lock,
499 * but we cannot because user_path_walk can sleep.
502 cap_clear(current->cap_effective);
504 current->cap_effective = current->cap_permitted;
506 res = __user_walk(filename, LOOKUP_FOLLOW|LOOKUP_ACCESS, &nd);
508 res = permission(nd.dentry->d_inode, mode, &nd);
509 /* SuS v2 requires we report a read only fs too */
510 if(!res && (mode & S_IWOTH)
511 && (IS_RDONLY(nd.dentry->d_inode) || MNT_IS_RDONLY(nd.mnt))
512 && !special_file(nd.dentry->d_inode->i_mode))
517 current->fsuid = old_fsuid;
518 current->fsgid = old_fsgid;
519 current->cap_effective = old_cap;
524 asmlinkage long sys_chdir(const char __user * filename)
529 error = __user_walk(filename, LOOKUP_FOLLOW|LOOKUP_DIRECTORY, &nd);
533 error = permission(nd.dentry->d_inode,MAY_EXEC,&nd);
537 set_fs_pwd(current->fs, nd.mnt, nd.dentry);
545 EXPORT_SYMBOL_GPL(sys_chdir);
547 asmlinkage long sys_fchdir(unsigned int fd)
550 struct dentry *dentry;
552 struct vfsmount *mnt;
560 dentry = file->f_dentry;
561 mnt = file->f_vfsmnt;
562 inode = dentry->d_inode;
565 if (!S_ISDIR(inode->i_mode))
568 error = permission(inode, MAY_EXEC, NULL);
570 set_fs_pwd(current->fs, mnt, dentry);
577 asmlinkage long sys_chroot(const char __user * filename)
582 error = __user_walk(filename, LOOKUP_FOLLOW | LOOKUP_DIRECTORY | LOOKUP_NOALT, &nd);
586 error = permission(nd.dentry->d_inode,MAY_EXEC,&nd);
591 if (!capable(CAP_SYS_CHROOT))
594 set_fs_root(current->fs, nd.mnt, nd.dentry);
603 EXPORT_SYMBOL_GPL(sys_chroot);
605 asmlinkage long sys_fchmod(unsigned int fd, mode_t mode)
607 struct inode * inode;
608 struct dentry * dentry;
611 struct iattr newattrs;
617 dentry = file->f_dentry;
618 inode = dentry->d_inode;
621 if (IS_RDONLY(inode) || MNT_IS_RDONLY(file->f_vfsmnt))
624 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
627 if (mode == (mode_t) -1)
628 mode = inode->i_mode;
629 newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
630 newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
631 err = notify_change(dentry, &newattrs);
640 asmlinkage long sys_chmod(const char __user * filename, mode_t mode)
643 struct inode * inode;
645 struct iattr newattrs;
647 error = user_path_walk(filename, &nd);
650 inode = nd.dentry->d_inode;
653 if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.mnt))
657 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
661 if (mode == (mode_t) -1)
662 mode = inode->i_mode;
663 newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
664 newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
665 error = notify_change(nd.dentry, &newattrs);
674 static int chown_common(struct dentry *dentry, struct vfsmount *mnt,
675 uid_t user, gid_t group)
677 struct inode * inode;
679 struct iattr newattrs;
682 if (!(inode = dentry->d_inode)) {
683 printk(KERN_ERR "chown_common: NULL inode\n");
687 if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt))
690 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
693 newattrs.ia_valid = ATTR_CTIME;
694 if (user != (uid_t) -1) {
695 newattrs.ia_valid |= ATTR_UID;
696 newattrs.ia_uid = vx_map_uid(user);
698 if (group != (gid_t) -1) {
699 newattrs.ia_valid |= ATTR_GID;
700 newattrs.ia_gid = vx_map_gid(group);
702 if (!S_ISDIR(inode->i_mode))
703 newattrs.ia_valid |= ATTR_KILL_SUID|ATTR_KILL_SGID;
705 error = notify_change(dentry, &newattrs);
711 asmlinkage long sys_chown(const char __user * filename, uid_t user, gid_t group)
716 error = user_path_walk(filename, &nd);
718 error = chown_common(nd.dentry, nd.mnt, user, group);
724 asmlinkage long sys_lchown(const char __user * filename, uid_t user, gid_t group)
729 error = user_path_walk_link(filename, &nd);
731 error = chown_common(nd.dentry, nd.mnt, user, group);
738 asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
745 error = chown_common(file->f_dentry, file->f_vfsmnt, user, group);
752 * Note that while the flag value (low two bits) for sys_open means:
758 * 00 - no permissions needed
759 * 01 - read-permission
760 * 10 - write-permission
762 * for the internal routines (ie open_namei()/follow_link() etc). 00 is
765 struct file *filp_open(const char * filename, int flags, int mode)
767 int namei_flags, error;
771 if ((namei_flags+1) & O_ACCMODE)
773 if (namei_flags & O_TRUNC)
776 error = open_namei(filename, namei_flags, mode, &nd);
778 return dentry_open(nd.dentry, nd.mnt, flags);
780 return ERR_PTR(error);
783 EXPORT_SYMBOL(filp_open);
785 struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags)
792 f = get_empty_filp();
796 f->f_mode = ((flags+1) & O_ACCMODE) | FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE;
797 inode = dentry->d_inode;
798 if (f->f_mode & FMODE_WRITE) {
799 error = get_write_access(inode);
804 f->f_mapping = inode->i_mapping;
805 f->f_dentry = dentry;
808 f->f_op = fops_get(inode->i_fop);
809 file_move(f, &inode->i_sb->s_files);
811 if (f->f_op && f->f_op->open) {
812 error = f->f_op->open(inode,f);
816 f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
818 file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping);
820 /* NB: we're sure to have correct a_ops only after f_op->open */
821 if (f->f_flags & O_DIRECT) {
822 if (!f->f_mapping->a_ops || !f->f_mapping->a_ops->direct_IO) {
824 f = ERR_PTR(-EINVAL);
832 if (f->f_mode & FMODE_WRITE)
833 put_write_access(inode);
842 return ERR_PTR(error);
845 EXPORT_SYMBOL(dentry_open);
848 * Find an empty file descriptor entry, and mark it busy.
850 int get_unused_fd(void)
852 struct files_struct * files = current->files;
856 spin_lock(&files->file_lock);
859 fd = find_next_zero_bit(files->open_fds->fds_bits,
864 * N.B. For clone tasks sharing a files structure, this test
865 * will limit the total number of files that can be opened.
867 if (fd >= current->signal->rlim[RLIMIT_NOFILE].rlim_cur)
870 /* Do we need to expand the fd array or fd set? */
871 error = expand_files(files, fd);
877 * If we needed to expand the fs array we
878 * might have blocked - try again.
884 FD_SET(fd, files->open_fds);
885 FD_CLR(fd, files->close_on_exec);
886 files->next_fd = fd + 1;
890 if (files->fd[fd] != NULL) {
891 printk(KERN_WARNING "get_unused_fd: slot %d not NULL!\n", fd);
892 files->fd[fd] = NULL;
898 spin_unlock(&files->file_lock);
902 EXPORT_SYMBOL(get_unused_fd);
904 static inline void __put_unused_fd(struct files_struct *files, unsigned int fd)
906 __FD_CLR(fd, files->open_fds);
907 if (fd < files->next_fd)
912 void fastcall put_unused_fd(unsigned int fd)
914 struct files_struct *files = current->files;
915 spin_lock(&files->file_lock);
916 __put_unused_fd(files, fd);
917 spin_unlock(&files->file_lock);
920 EXPORT_SYMBOL(put_unused_fd);
923 * Install a file pointer in the fd array.
925 * The VFS is full of places where we drop the files lock between
926 * setting the open_fds bitmap and installing the file in the file
927 * array. At any such point, we are vulnerable to a dup2() race
928 * installing a file in the array before us. We need to detect this and
929 * fput() the struct file we are about to overwrite in this case.
931 * It should never happen - if we allow dup2() do it, _really_ bad things
935 void fastcall fd_install(unsigned int fd, struct file * file)
937 struct files_struct *files = current->files;
938 spin_lock(&files->file_lock);
939 if (unlikely(files->fd[fd] != NULL))
941 files->fd[fd] = file;
942 spin_unlock(&files->file_lock);
945 EXPORT_SYMBOL(fd_install);
947 asmlinkage long sys_open(const char __user * filename, int flags, int mode)
952 #if BITS_PER_LONG != 32
953 flags |= O_LARGEFILE;
955 tmp = getname(filename);
958 fd = get_unused_fd();
960 struct file *f = filp_open(tmp, flags, mode);
980 * For backward compatibility? Maybe this should be moved
981 * into arch/i386 instead?
983 asmlinkage long sys_creat(const char __user * pathname, int mode)
985 return sys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode);
991 * "id" is the POSIX thread ID. We use the
992 * files pointer for this..
994 int filp_close(struct file *filp, fl_owner_t id)
998 /* Report and clear outstanding errors */
999 retval = filp->f_error;
1003 if (!file_count(filp)) {
1004 printk(KERN_ERR "VFS: Close: file count is 0\n");
1008 if (filp->f_op && filp->f_op->flush) {
1009 int err = filp->f_op->flush(filp);
1014 dnotify_flush(filp, id);
1015 locks_remove_posix(filp, id);
1020 EXPORT_SYMBOL(filp_close);
1023 * Careful here! We test whether the file pointer is NULL before
1024 * releasing the fd. This ensures that one clone task can't release
1025 * an fd while another clone is opening it.
1027 asmlinkage long sys_close(unsigned int fd)
1030 struct files_struct *files = current->files;
1032 spin_lock(&files->file_lock);
1033 if (fd >= files->max_fds)
1035 filp = files->fd[fd];
1038 files->fd[fd] = NULL;
1039 FD_CLR(fd, files->close_on_exec);
1040 __put_unused_fd(files, fd);
1041 spin_unlock(&files->file_lock);
1042 return filp_close(filp, files);
1045 spin_unlock(&files->file_lock);
1049 EXPORT_SYMBOL(sys_close);
1052 * This routine simulates a hangup on the tty, to arrange that users
1053 * are given clean terminals at login time.
1055 asmlinkage long sys_vhangup(void)
1057 if (capable(CAP_SYS_TTY_CONFIG)) {
1058 tty_vhangup(current->signal->tty);
1065 * Called when an inode is about to be open.
1066 * We use this to disallow opening large files on 32bit systems if
1067 * the caller didn't specify O_LARGEFILE. On 64bit systems we force
1068 * on this flag in sys_open.
1070 int generic_file_open(struct inode * inode, struct file * filp)
1072 if (!(filp->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS)
1077 EXPORT_SYMBOL(generic_file_open);
1080 * This is used by subsystems that don't want seekable
1083 int nonseekable_open(struct inode *inode, struct file *filp)
1085 filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE);
1089 EXPORT_SYMBOL(nonseekable_open);