Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / refs/tags/FP3-REL-Q-3.A.0107 / . / fs / readdir.c
blob: 1059f2a9be0b20d6cfa24c014dfd482469398f81 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
2 * linux/fs/readdir.c
3 *
4 * Copyright (C) 1995 Linus Torvalds
5 */
6
Kevin Winchester85c9fe82010-08-09 17:20:22 -0700[diff] [blame]7#include <linux/stddef.h>
Milind Arun Choudhary022a1692007-05-08 00:29:02 -0700[diff] [blame]8#include <linux/kernel.h>
Paul Gortmaker630d9c42011-11-16 23:57:37 -0500[diff] [blame]9#include <linux/export.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]10#include <linux/time.h>
11#include <linux/mm.h>
12#include <linux/errno.h>
13#include <linux/stat.h>
14#include <linux/file.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]15#include <linux/fs.h>
Heinrich Schuchardtd4c7cf62014-06-04 16:05:41 -0700[diff] [blame]16#include <linux/fsnotify.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]17#include <linux/dirent.h>
18#include <linux/security.h>
19#include <linux/syscalls.h>
20#include <linux/unistd.h>
21
22#include <asm/uaccess.h>
23
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]24int iterate_dir(struct file *file, struct dir_context *ctx)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]25{
Al Viro496ad9a2013-01-23 17:07:38 -0500[diff] [blame]26 struct inode *inode = file_inode(file);
Al Viro61922692016-04-20 23:08:32 -0400[diff] [blame]27 bool shared = false;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]28 int res = -ENOTDIR;
Al Viro61922692016-04-20 23:08:32 -0400[diff] [blame]29 if (file->f_op->iterate_shared)
30 shared = true;
31 else if (!file->f_op->iterate)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]32 goto out;
33
34 res = security_file_permission(file, MAY_READ);
35 if (res)
36 goto out;
37
Al Viro00235412016-05-26 00:05:12 -0400[diff] [blame]38 if (shared) {
Al Viro61922692016-04-20 23:08:32 -0400[diff] [blame]39 inode_lock_shared(inode);
Al Viro00235412016-05-26 00:05:12 -0400[diff] [blame]40 } else {
41 res = down_write_killable(&inode->i_rwsem);
42 if (res)
43 goto out;
44 }
Liam R. Howlettda784512007-12-06 17:39:54 -0500[diff] [blame]45
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]46 res = -ENOENT;
47 if (!IS_DEADDIR(inode)) {
Al Viro2233f312013-05-22 21:44:23 -0400[diff] [blame]48 ctx->pos = file->f_pos;
Al Viro61922692016-04-20 23:08:32 -0400[diff] [blame]49 if (shared)
50 res = file->f_op->iterate_shared(file, ctx);
51 else
52 res = file->f_op->iterate(file, ctx);
Al Viro2233f312013-05-22 21:44:23 -0400[diff] [blame]53 file->f_pos = ctx->pos;
Heinrich Schuchardtd4c7cf62014-06-04 16:05:41 -0700[diff] [blame]54 fsnotify_access(file);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]55 file_accessed(file);
56 }
Al Viro61922692016-04-20 23:08:32 -0400[diff] [blame]57 if (shared)
58 inode_unlock_shared(inode);
59 else
60 inode_unlock(inode);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]61out:
62 return res;
63}
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]64EXPORT_SYMBOL(iterate_dir);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]65
66/*
Linus Torvalds89f58402019-10-05 11:32:52 -0700[diff] [blame]67 * POSIX says that a dirent name cannot contain NULL or a '/'.
68 *
69 * It's not 100% clear what we should really do in this case.
70 * The filesystem is clearly corrupted, but returning a hard
71 * error means that you now don't see any of the other names
72 * either, so that isn't a perfect alternative.
73 *
74 * And if you return an error, what error do you use? Several
75 * filesystems seem to have decided on EUCLEAN being the error
76 * code for EFSCORRUPTED, and that may be the error to use. Or
77 * just EIO, which is perhaps more obvious to users.
78 *
79 * In order to see the other file names in the directory, the
80 * caller might want to make this a "soft" error: skip the
81 * entry, and return the error at the end instead.
82 *
83 * Note that this should likely do a "memchr(name, 0, len)"
84 * check too, since that would be filesystem corruption as
85 * well. However, that case can't actually confuse user space,
86 * which has to do a strlen() on the name anyway to find the
87 * filename length, and the above "soft error" worry means
88 * that it's probably better left alone until we have that
89 * issue clarified.
90 */
91static int verify_dirent_name(const char *name, int len)
92{
Linus Torvalds1944687182019-10-18 18:41:16 -0400[diff] [blame]93 if (!len)
Linus Torvalds89f58402019-10-05 11:32:52 -0700[diff] [blame]94 return -EIO;
Linus Torvalds1944687182019-10-18 18:41:16 -0400[diff] [blame]95 if (memchr(name, '/', len))
Linus Torvalds89f58402019-10-05 11:32:52 -0700[diff] [blame]96 return -EIO;
97 return 0;
98}
99
100/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]101 * Traditional linux readdir() handling..
102 *
103 * "count=1" is a special case, meaning that the buffer is one
104 * dirent-structure in size and that the code can't handle more
105 * anyway. Thus the special "fillonedir()" function for that
106 * case (the low-level handlers don't need to care about this).
107 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]108
109#ifdef __ARCH_WANT_OLD_READDIR
110
111struct old_linux_dirent {
112 unsigned long d_ino;
113 unsigned long d_offset;
114 unsigned short d_namlen;
115 char d_name[1];
116};
117
118struct readdir_callback {
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]119 struct dir_context ctx;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]120 struct old_linux_dirent __user * dirent;
121 int result;
122};
123
Miklos Szerediac7576f2014-10-30 17:37:34 +0100[diff] [blame]124static int fillonedir(struct dir_context *ctx, const char *name, int namlen,
125 loff_t offset, u64 ino, unsigned int d_type)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]126{
Miklos Szerediac7576f2014-10-30 17:37:34 +0100[diff] [blame]127 struct readdir_callback *buf =
128 container_of(ctx, struct readdir_callback, ctx);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]129 struct old_linux_dirent __user * dirent;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]130 unsigned long d_ino;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]131
132 if (buf->result)
133 return -EINVAL;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]134 d_ino = ino;
Al Viro8f3f6552008-08-12 00:28:24 -0400[diff] [blame]135 if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
136 buf->result = -EOVERFLOW;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]137 return -EOVERFLOW;
Al Viro8f3f6552008-08-12 00:28:24 -0400[diff] [blame]138 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]139 buf->result++;
140 dirent = buf->dirent;
141 if (!access_ok(VERIFY_WRITE, dirent,
142 (unsigned long)(dirent->d_name + namlen + 1) -
143 (unsigned long)dirent))
144 goto efault;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]145 if ( __put_user(d_ino, &dirent->d_ino) ||
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]146 __put_user(offset, &dirent->d_offset) ||
147 __put_user(namlen, &dirent->d_namlen) ||
148 __copy_to_user(dirent->d_name, name, namlen) ||
149 __put_user(0, dirent->d_name + namlen))
150 goto efault;
151 return 0;
152efault:
153 buf->result = -EFAULT;
154 return -EFAULT;
155}
156
Heiko Carstensd4e82042009-01-14 14:14:34 +0100[diff] [blame]157SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
158 struct old_linux_dirent __user *, dirent, unsigned int, count)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]159{
160 int error;
Al Viro63b6df12016-04-20 17:08:21 -0400[diff] [blame]161 struct fd f = fdget_pos(fd);
Al Viroac6614b2013-05-22 22:22:04 -0400[diff] [blame]162 struct readdir_callback buf = {
163 .ctx.actor = fillonedir,
164 .dirent = dirent
165 };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]166
Al Viro2903ff02012-08-28 12:52:22 -0400[diff] [blame]167 if (!f.file)
Al Viro863ced72012-04-21 18:40:32 -0400[diff] [blame]168 return -EBADF;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]169
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]170 error = iterate_dir(f.file, &buf.ctx);
Al Viro53c9c5c2008-08-24 07:29:52 -0400[diff] [blame]171 if (buf.result)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]172 error = buf.result;
173
Al Viro63b6df12016-04-20 17:08:21 -0400[diff] [blame]174 fdput_pos(f);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]175 return error;
176}
177
178#endif /* __ARCH_WANT_OLD_READDIR */
179
180/*
181 * New, all-improved, singing, dancing, iBCS2-compliant getdents()
182 * interface.
183 */
184struct linux_dirent {
185 unsigned long d_ino;
186 unsigned long d_off;
187 unsigned short d_reclen;
188 char d_name[1];
189};
190
191struct getdents_callback {
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]192 struct dir_context ctx;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]193 struct linux_dirent __user * current_dir;
194 struct linux_dirent __user * previous;
195 int count;
196 int error;
197};
198
Miklos Szerediac7576f2014-10-30 17:37:34 +0100[diff] [blame]199static int filldir(struct dir_context *ctx, const char *name, int namlen,
200 loff_t offset, u64 ino, unsigned int d_type)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]201{
202 struct linux_dirent __user * dirent;
Miklos Szerediac7576f2014-10-30 17:37:34 +0100[diff] [blame]203 struct getdents_callback *buf =
204 container_of(ctx, struct getdents_callback, ctx);
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]205 unsigned long d_ino;
Kevin Winchester85c9fe82010-08-09 17:20:22 -0700[diff] [blame]206 int reclen = ALIGN(offsetof(struct linux_dirent, d_name) + namlen + 2,
207 sizeof(long));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]208
Linus Torvalds89f58402019-10-05 11:32:52 -0700[diff] [blame]209 buf->error = verify_dirent_name(name, namlen);
210 if (unlikely(buf->error))
211 return buf->error;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]212 buf->error = -EINVAL; /* only used if we fail.. */
213 if (reclen > buf->count)
214 return -EINVAL;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]215 d_ino = ino;
Al Viro8f3f6552008-08-12 00:28:24 -0400[diff] [blame]216 if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
217 buf->error = -EOVERFLOW;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]218 return -EOVERFLOW;
Al Viro8f3f6552008-08-12 00:28:24 -0400[diff] [blame]219 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]220 dirent = buf->previous;
221 if (dirent) {
Theodore Ts'o1f60fbe2016-04-23 22:50:07 -0400[diff] [blame]222 if (signal_pending(current))
223 return -EINTR;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]224 if (__put_user(offset, &dirent->d_off))
225 goto efault;
226 }
227 dirent = buf->current_dir;
David Howellsafefdbb2006-10-03 01:13:46 -0700[diff] [blame]228 if (__put_user(d_ino, &dirent->d_ino))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]229 goto efault;
230 if (__put_user(reclen, &dirent->d_reclen))
231 goto efault;
232 if (copy_to_user(dirent->d_name, name, namlen))
233 goto efault;
234 if (__put_user(0, dirent->d_name + namlen))
235 goto efault;
236 if (__put_user(d_type, (char __user *) dirent + reclen - 1))
237 goto efault;
238 buf->previous = dirent;
239 dirent = (void __user *)dirent + reclen;
240 buf->current_dir = dirent;
241 buf->count -= reclen;
242 return 0;
243efault:
244 buf->error = -EFAULT;
245 return -EFAULT;
246}
247
Heiko Carstens20f37032009-01-14 14:14:23 +0100[diff] [blame]248SYSCALL_DEFINE3(getdents, unsigned int, fd,
249 struct linux_dirent __user *, dirent, unsigned int, count)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]250{
Al Viro2903ff02012-08-28 12:52:22 -0400[diff] [blame]251 struct fd f;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]252 struct linux_dirent __user * lastdirent;
Al Viroac6614b2013-05-22 22:22:04 -0400[diff] [blame]253 struct getdents_callback buf = {
254 .ctx.actor = filldir,
255 .count = count,
256 .current_dir = dirent
257 };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]258 int error;
259
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]260 if (!access_ok(VERIFY_WRITE, dirent, count))
Al Viro863ced72012-04-21 18:40:32 -0400[diff] [blame]261 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]262
Al Viro63b6df12016-04-20 17:08:21 -0400[diff] [blame]263 f = fdget_pos(fd);
Al Viro2903ff02012-08-28 12:52:22 -0400[diff] [blame]264 if (!f.file)
Al Viro863ced72012-04-21 18:40:32 -0400[diff] [blame]265 return -EBADF;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]266
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]267 error = iterate_dir(f.file, &buf.ctx);
Al Viro53c9c5c2008-08-24 07:29:52 -0400[diff] [blame]268 if (error >= 0)
269 error = buf.error;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]270 lastdirent = buf.previous;
271 if (lastdirent) {
Al Virobb6f6192013-05-15 18:49:12 -0400[diff] [blame]272 if (put_user(buf.ctx.pos, &lastdirent->d_off))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]273 error = -EFAULT;
274 else
275 error = count - buf.count;
276 }
Al Viro63b6df12016-04-20 17:08:21 -0400[diff] [blame]277 fdput_pos(f);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]278 return error;
279}
280
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]281struct getdents_callback64 {
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]282 struct dir_context ctx;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]283 struct linux_dirent64 __user * current_dir;
284 struct linux_dirent64 __user * previous;
285 int count;
286 int error;
287};
288
Miklos Szerediac7576f2014-10-30 17:37:34 +0100[diff] [blame]289static int filldir64(struct dir_context *ctx, const char *name, int namlen,
290 loff_t offset, u64 ino, unsigned int d_type)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]291{
292 struct linux_dirent64 __user *dirent;
Miklos Szerediac7576f2014-10-30 17:37:34 +0100[diff] [blame]293 struct getdents_callback64 *buf =
294 container_of(ctx, struct getdents_callback64, ctx);
Kevin Winchester85c9fe82010-08-09 17:20:22 -0700[diff] [blame]295 int reclen = ALIGN(offsetof(struct linux_dirent64, d_name) + namlen + 1,
296 sizeof(u64));
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]297
Linus Torvalds89f58402019-10-05 11:32:52 -0700[diff] [blame]298 buf->error = verify_dirent_name(name, namlen);
299 if (unlikely(buf->error))
300 return buf->error;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]301 buf->error = -EINVAL; /* only used if we fail.. */
302 if (reclen > buf->count)
303 return -EINVAL;
304 dirent = buf->previous;
305 if (dirent) {
Theodore Ts'o1f60fbe2016-04-23 22:50:07 -0400[diff] [blame]306 if (signal_pending(current))
307 return -EINTR;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]308 if (__put_user(offset, &dirent->d_off))
309 goto efault;
310 }
311 dirent = buf->current_dir;
312 if (__put_user(ino, &dirent->d_ino))
313 goto efault;
314 if (__put_user(0, &dirent->d_off))
315 goto efault;
316 if (__put_user(reclen, &dirent->d_reclen))
317 goto efault;
318 if (__put_user(d_type, &dirent->d_type))
319 goto efault;
320 if (copy_to_user(dirent->d_name, name, namlen))
321 goto efault;
322 if (__put_user(0, dirent->d_name + namlen))
323 goto efault;
324 buf->previous = dirent;
325 dirent = (void __user *)dirent + reclen;
326 buf->current_dir = dirent;
327 buf->count -= reclen;
328 return 0;
329efault:
330 buf->error = -EFAULT;
331 return -EFAULT;
332}
333
Heiko Carstens20f37032009-01-14 14:14:23 +0100[diff] [blame]334SYSCALL_DEFINE3(getdents64, unsigned int, fd,
335 struct linux_dirent64 __user *, dirent, unsigned int, count)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]336{
Al Viro2903ff02012-08-28 12:52:22 -0400[diff] [blame]337 struct fd f;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]338 struct linux_dirent64 __user * lastdirent;
Al Viroac6614b2013-05-22 22:22:04 -0400[diff] [blame]339 struct getdents_callback64 buf = {
340 .ctx.actor = filldir64,
341 .count = count,
342 .current_dir = dirent
343 };
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]344 int error;
345
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]346 if (!access_ok(VERIFY_WRITE, dirent, count))
Al Viro863ced72012-04-21 18:40:32 -0400[diff] [blame]347 return -EFAULT;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]348
Al Viro63b6df12016-04-20 17:08:21 -0400[diff] [blame]349 f = fdget_pos(fd);
Al Viro2903ff02012-08-28 12:52:22 -0400[diff] [blame]350 if (!f.file)
Al Viro863ced72012-04-21 18:40:32 -0400[diff] [blame]351 return -EBADF;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]352
Al Viro5c0ba4e2013-05-15 13:52:59 -0400[diff] [blame]353 error = iterate_dir(f.file, &buf.ctx);
Al Viro53c9c5c2008-08-24 07:29:52 -0400[diff] [blame]354 if (error >= 0)
355 error = buf.error;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]356 lastdirent = buf.previous;
357 if (lastdirent) {
Al Virobb6f6192013-05-15 18:49:12 -0400[diff] [blame]358 typeof(lastdirent->d_off) d_off = buf.ctx.pos;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]359 if (__put_user(d_off, &lastdirent->d_off))
Al Viro53c9c5c2008-08-24 07:29:52 -0400[diff] [blame]360 error = -EFAULT;
361 else
362 error = count - buf.count;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]363 }
Al Viro63b6df12016-04-20 17:08:21 -0400[diff] [blame]364 fdput_pos(f);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]365 return error;
366}