1 // SPDX-License-Identifier: GPL-2.0
3 * linux/fs/nfs/unlink.c
5 * nfs sillydelete handling
9 #include <linux/slab.h>
10 #include <linux/string.h>
11 #include <linux/dcache.h>
12 #include <linux/sunrpc/sched.h>
13 #include <linux/sunrpc/clnt.h>
14 #include <linux/nfs_fs.h>
15 #include <linux/sched.h>
16 #include <linux/wait.h>
17 #include <linux/namei.h>
18 #include <linux/fsnotify.h>
23 #include "delegation.h"
28 * nfs_free_unlinkdata - release data from a sillydelete operation.
29 * @data: pointer to unlink structure.
32 nfs_free_unlinkdata(struct nfs_unlinkdata *data)
35 kfree(data->args.name.name);
40 * nfs_async_unlink_done - Sillydelete post-processing
41 * @task: rpc_task of the sillydelete
42 * @calldata: pointer to nfs_unlinkdata
44 * Do the directory attribute update.
46 static void nfs_async_unlink_done(struct rpc_task *task, void *calldata)
48 struct nfs_unlinkdata *data = calldata;
49 struct inode *dir = d_inode(data->dentry->d_parent);
51 trace_nfs_sillyrename_unlink(data, task->tk_status);
52 if (!NFS_PROTO(dir)->unlink_done(task, dir))
53 rpc_restart_call_prepare(task);
57 * nfs_async_unlink_release - Release the sillydelete data.
58 * @calldata: struct nfs_unlinkdata to release
60 * We need to call nfs_put_unlinkdata as a 'tk_release' task since the
61 * rpc_task would be freed too.
63 static void nfs_async_unlink_release(void *calldata)
65 struct nfs_unlinkdata *data = calldata;
66 struct dentry *dentry = data->dentry;
67 struct super_block *sb = dentry->d_sb;
69 up_read_non_owner(&NFS_I(d_inode(dentry->d_parent))->rmdir_sem);
70 d_lookup_done(dentry);
71 nfs_free_unlinkdata(data);
76 static void nfs_unlink_prepare(struct rpc_task *task, void *calldata)
78 struct nfs_unlinkdata *data = calldata;
79 struct inode *dir = d_inode(data->dentry->d_parent);
80 NFS_PROTO(dir)->unlink_rpc_prepare(task, data);
83 static const struct rpc_call_ops nfs_unlink_ops = {
84 .rpc_call_done = nfs_async_unlink_done,
85 .rpc_release = nfs_async_unlink_release,
86 .rpc_call_prepare = nfs_unlink_prepare,
89 static void nfs_do_call_unlink(struct inode *inode, struct nfs_unlinkdata *data)
91 struct rpc_message msg = {
92 .rpc_argp = &data->args,
93 .rpc_resp = &data->res,
94 .rpc_cred = data->cred,
96 struct rpc_task_setup task_setup_data = {
98 .callback_ops = &nfs_unlink_ops,
99 .callback_data = data,
100 .workqueue = nfsiod_workqueue,
101 .flags = RPC_TASK_ASYNC | RPC_TASK_CRED_NOREF,
103 struct rpc_task *task;
104 struct inode *dir = d_inode(data->dentry->d_parent);
106 if (nfs_server_capable(inode, NFS_CAP_MOVEABLE))
107 task_setup_data.flags |= RPC_TASK_MOVEABLE;
109 nfs_sb_active(dir->i_sb);
110 data->args.fh = NFS_FH(dir);
111 nfs_fattr_init(data->res.dir_attr);
113 NFS_PROTO(dir)->unlink_setup(&msg, data->dentry, inode);
115 task_setup_data.rpc_client = NFS_CLIENT(dir);
116 task = rpc_run_task(&task_setup_data);
118 rpc_put_task_async(task);
121 static int nfs_call_unlink(struct dentry *dentry, struct inode *inode, struct nfs_unlinkdata *data)
123 struct inode *dir = d_inode(dentry->d_parent);
124 struct dentry *alias;
126 down_read_non_owner(&NFS_I(dir)->rmdir_sem);
127 alias = d_alloc_parallel(dentry->d_parent, &data->args.name, &data->wq);
129 up_read_non_owner(&NFS_I(dir)->rmdir_sem);
132 if (!d_in_lookup(alias)) {
134 void *devname_garbage = NULL;
137 * Hey, we raced with lookup... See if we need to transfer
138 * the sillyrename information to the aliased dentry.
140 spin_lock(&alias->d_lock);
141 if (d_really_is_positive(alias) &&
142 !nfs_compare_fh(NFS_FH(inode), NFS_FH(d_inode(alias))) &&
143 !(alias->d_flags & DCACHE_NFSFS_RENAMED)) {
144 devname_garbage = alias->d_fsdata;
145 alias->d_fsdata = data;
146 alias->d_flags |= DCACHE_NFSFS_RENAMED;
150 spin_unlock(&alias->d_lock);
152 up_read_non_owner(&NFS_I(dir)->rmdir_sem);
154 * If we'd displaced old cached devname, free it. At that
155 * point dentry is definitely not a root, so we won't need
158 kfree(devname_garbage);
161 data->dentry = alias;
162 nfs_do_call_unlink(inode, data);
167 * nfs_async_unlink - asynchronous unlinking of a file
168 * @dentry: parent directory of dentry
169 * @name: name of dentry to unlink
172 nfs_async_unlink(struct dentry *dentry, const struct qstr *name)
174 struct nfs_unlinkdata *data;
175 int status = -ENOMEM;
176 void *devname_garbage = NULL;
178 data = kzalloc(sizeof(*data), GFP_KERNEL);
181 data->args.name.name = kstrdup(name->name, GFP_KERNEL);
182 if (!data->args.name.name)
184 data->args.name.len = name->len;
186 data->cred = get_current_cred();
187 data->res.dir_attr = &data->dir_attr;
188 init_waitqueue_head(&data->wq);
191 spin_lock(&dentry->d_lock);
192 if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
194 dentry->d_flags |= DCACHE_NFSFS_RENAMED;
195 devname_garbage = dentry->d_fsdata;
196 dentry->d_fsdata = data;
197 spin_unlock(&dentry->d_lock);
199 * If we'd displaced old cached devname, free it. At that
200 * point dentry is definitely not a root, so we won't need
203 kfree(devname_garbage);
206 spin_unlock(&dentry->d_lock);
207 put_cred(data->cred);
208 kfree(data->args.name.name);
216 * nfs_complete_unlink - Initialize completion of the sillydelete
217 * @dentry: dentry to delete
220 * Since we're most likely to be called by dentry_iput(), we
221 * only use the dentry to find the sillydelete. We then copy the name
225 nfs_complete_unlink(struct dentry *dentry, struct inode *inode)
227 struct nfs_unlinkdata *data;
229 spin_lock(&dentry->d_lock);
230 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
231 data = dentry->d_fsdata;
232 dentry->d_fsdata = NULL;
233 spin_unlock(&dentry->d_lock);
235 if (NFS_STALE(inode) || !nfs_call_unlink(dentry, inode, data))
236 nfs_free_unlinkdata(data);
239 /* Cancel a queued async unlink. Called when a sillyrename run fails. */
241 nfs_cancel_async_unlink(struct dentry *dentry)
243 spin_lock(&dentry->d_lock);
244 if (dentry->d_flags & DCACHE_NFSFS_RENAMED) {
245 struct nfs_unlinkdata *data = dentry->d_fsdata;
247 dentry->d_flags &= ~DCACHE_NFSFS_RENAMED;
248 dentry->d_fsdata = NULL;
249 spin_unlock(&dentry->d_lock);
250 nfs_free_unlinkdata(data);
253 spin_unlock(&dentry->d_lock);
257 * nfs_async_rename_done - Sillyrename post-processing
258 * @task: rpc_task of the sillyrename
259 * @calldata: nfs_renamedata for the sillyrename
261 * Do the directory attribute updates and the d_move
263 static void nfs_async_rename_done(struct rpc_task *task, void *calldata)
265 struct nfs_renamedata *data = calldata;
266 struct inode *old_dir = data->old_dir;
267 struct inode *new_dir = data->new_dir;
268 struct dentry *old_dentry = data->old_dentry;
270 trace_nfs_async_rename_done(old_dir, old_dentry,
271 new_dir, data->new_dentry, task->tk_status);
272 if (!NFS_PROTO(old_dir)->rename_done(task, old_dir, new_dir)) {
273 rpc_restart_call_prepare(task);
278 data->complete(task, data);
282 * nfs_async_rename_release - Release the sillyrename data.
283 * @calldata: the struct nfs_renamedata to be released
285 static void nfs_async_rename_release(void *calldata)
287 struct nfs_renamedata *data = calldata;
288 struct super_block *sb = data->old_dir->i_sb;
290 if (d_really_is_positive(data->old_dentry))
291 nfs_mark_for_revalidate(d_inode(data->old_dentry));
293 /* The result of the rename is unknown. Play it safe by
294 * forcing a new lookup */
295 if (data->cancelled) {
296 spin_lock(&data->old_dir->i_lock);
297 nfs_force_lookup_revalidate(data->old_dir);
298 spin_unlock(&data->old_dir->i_lock);
299 if (data->new_dir != data->old_dir) {
300 spin_lock(&data->new_dir->i_lock);
301 nfs_force_lookup_revalidate(data->new_dir);
302 spin_unlock(&data->new_dir->i_lock);
306 dput(data->old_dentry);
307 dput(data->new_dentry);
311 put_cred(data->cred);
315 static void nfs_rename_prepare(struct rpc_task *task, void *calldata)
317 struct nfs_renamedata *data = calldata;
318 NFS_PROTO(data->old_dir)->rename_rpc_prepare(task, data);
321 static const struct rpc_call_ops nfs_rename_ops = {
322 .rpc_call_done = nfs_async_rename_done,
323 .rpc_release = nfs_async_rename_release,
324 .rpc_call_prepare = nfs_rename_prepare,
328 * nfs_async_rename - perform an asynchronous rename operation
329 * @old_dir: directory that currently holds the dentry to be renamed
330 * @new_dir: target directory for the rename
331 * @old_dentry: original dentry to be renamed
332 * @new_dentry: dentry to which the old_dentry should be renamed
333 * @complete: Function to run on successful completion
335 * It's expected that valid references to the dentries and inodes are held
338 nfs_async_rename(struct inode *old_dir, struct inode *new_dir,
339 struct dentry *old_dentry, struct dentry *new_dentry,
340 void (*complete)(struct rpc_task *, struct nfs_renamedata *))
342 struct nfs_renamedata *data;
343 struct rpc_message msg = { };
344 struct rpc_task_setup task_setup_data = {
346 .callback_ops = &nfs_rename_ops,
347 .workqueue = nfsiod_workqueue,
348 .rpc_client = NFS_CLIENT(old_dir),
349 .flags = RPC_TASK_ASYNC | RPC_TASK_CRED_NOREF,
352 if (nfs_server_capable(old_dir, NFS_CAP_MOVEABLE) &&
353 nfs_server_capable(new_dir, NFS_CAP_MOVEABLE))
354 task_setup_data.flags |= RPC_TASK_MOVEABLE;
356 data = kzalloc(sizeof(*data), GFP_KERNEL);
358 return ERR_PTR(-ENOMEM);
359 task_setup_data.task = &data->task;
360 task_setup_data.callback_data = data;
362 data->cred = get_current_cred();
364 msg.rpc_argp = &data->args;
365 msg.rpc_resp = &data->res;
366 msg.rpc_cred = data->cred;
368 /* set up nfs_renamedata */
369 data->old_dir = old_dir;
371 data->new_dir = new_dir;
373 data->old_dentry = dget(old_dentry);
374 data->new_dentry = dget(new_dentry);
375 nfs_fattr_init(&data->old_fattr);
376 nfs_fattr_init(&data->new_fattr);
377 data->complete = complete;
379 /* set up nfs_renameargs */
380 data->args.old_dir = NFS_FH(old_dir);
381 data->args.old_name = &old_dentry->d_name;
382 data->args.new_dir = NFS_FH(new_dir);
383 data->args.new_name = &new_dentry->d_name;
385 /* set up nfs_renameres */
386 data->res.old_fattr = &data->old_fattr;
387 data->res.new_fattr = &data->new_fattr;
389 nfs_sb_active(old_dir->i_sb);
391 NFS_PROTO(data->old_dir)->rename_setup(&msg, old_dentry, new_dentry);
393 return rpc_run_task(&task_setup_data);
397 * Perform tasks needed when a sillyrename is done such as cancelling the
398 * queued async unlink if it failed.
401 nfs_complete_sillyrename(struct rpc_task *task, struct nfs_renamedata *data)
403 struct dentry *dentry = data->old_dentry;
405 if (task->tk_status != 0) {
406 nfs_cancel_async_unlink(dentry);
411 #define SILLYNAME_PREFIX ".nfs"
412 #define SILLYNAME_PREFIX_LEN ((unsigned)sizeof(SILLYNAME_PREFIX) - 1)
413 #define SILLYNAME_FILEID_LEN ((unsigned)sizeof(u64) << 1)
414 #define SILLYNAME_COUNTER_LEN ((unsigned)sizeof(unsigned int) << 1)
415 #define SILLYNAME_LEN (SILLYNAME_PREFIX_LEN + \
416 SILLYNAME_FILEID_LEN + \
417 SILLYNAME_COUNTER_LEN)
420 * nfs_sillyrename - Perform a silly-rename of a dentry
421 * @dir: inode of directory that contains dentry
422 * @dentry: dentry to be sillyrenamed
424 * NFSv2/3 is stateless and the server doesn't know when the client is
425 * holding a file open. To prevent application problems when a file is
426 * unlinked while it's still open, the client performs a "silly-rename".
427 * That is, it renames the file to a hidden file in the same directory,
428 * and only performs the unlink once the last reference to it is put.
430 * The final cleanup is done during dentry_iput.
432 * (Note: NFSv4 is stateful, and has opens, so in theory an NFSv4 server
433 * could take responsibility for keeping open files referenced. The server
434 * would also need to ensure that opened-but-deleted files were kept over
435 * reboots. However, we may not assume a server does so. (RFC 5661
436 * does provide an OPEN4_RESULT_PRESERVE_UNLINKED flag that a server can
437 * use to advertise that it does this; some day we may take advantage of
441 nfs_sillyrename(struct inode *dir, struct dentry *dentry)
443 static unsigned int sillycounter;
444 unsigned char silly[SILLYNAME_LEN + 1];
445 unsigned long long fileid;
446 struct dentry *sdentry;
447 struct inode *inode = d_inode(dentry);
448 struct rpc_task *task;
451 dfprintk(VFS, "NFS: silly-rename(%pd2, ct=%d)\n",
452 dentry, d_count(dentry));
453 nfs_inc_stats(dir, NFSIOS_SILLYRENAME);
456 * We don't allow a dentry to be silly-renamed twice.
458 if (dentry->d_flags & DCACHE_NFSFS_RENAMED)
461 fileid = NFS_FILEID(d_inode(dentry));
468 slen = scnprintf(silly, sizeof(silly),
469 SILLYNAME_PREFIX "%0*llx%0*x",
470 SILLYNAME_FILEID_LEN, fileid,
471 SILLYNAME_COUNTER_LEN, sillycounter);
473 dfprintk(VFS, "NFS: trying to rename %pd to %s\n",
476 sdentry = lookup_one_len(silly, dentry->d_parent, slen);
478 * N.B. Better to return EBUSY here ... it could be
479 * dangerous to delete the file while it's in use.
483 } while (d_inode(sdentry) != NULL); /* need negative lookup */
487 /* queue unlink first. Can't do this from rpc_release as it
488 * has to allocate memory
490 error = nfs_async_unlink(dentry, &sdentry->d_name);
494 /* run the rename task, undo unlink if it fails */
495 task = nfs_async_rename(dir, dir, dentry, sdentry,
496 nfs_complete_sillyrename);
499 nfs_cancel_async_unlink(dentry);
503 /* wait for the RPC task to complete, unless a SIGKILL intervenes */
504 error = rpc_wait_for_completion_task(task);
506 error = task->tk_status;
509 /* The rename succeeded */
510 nfs_set_verifier(dentry, nfs_save_change_attribute(dir));
511 spin_lock(&inode->i_lock);
512 NFS_I(inode)->attr_gencount = nfs_inc_attr_generation_counter();
513 nfs_set_cache_invalid(inode, NFS_INO_INVALID_CHANGE |
514 NFS_INO_INVALID_CTIME |
515 NFS_INO_REVAL_FORCED);
516 spin_unlock(&inode->i_lock);
517 d_move(dentry, sdentry);
520 /* The result of the rename is unknown. Play it safe by
521 * forcing a new lookup */