commit 35c2e967d067ff02dc944f2434f024419c2fe83a · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
Switch !O_CREAT case to use of do_last()
Get rid of symlink body copying
Finish pulling of -ESTALE handling to upper level in do_filp_open()
Turn do_link spaghetty into a normal loop
Unify exits in O_CREAT handling
Kill is_link argument of do_last()
Pull handling of LAST_BIND into do_last(), clean up ok: part in do_filp_open()
Leave mangled flag only for setting nd.intent.open.flag
Get rid of passing mangled flag to do_last()
Don't pass mangled open_flag to finish_open()
pull more into do_last()
bail out with ELOOP earlier in do_link loop
pull the common predecessors into do_last()
postpone __putname() until after do_last()
unroll do_last: loop in do_filp_open()
Shift releasing nd->root from do_last() to its caller
gut do_filp_open() a bit more (do_last separation)
beginning to untangle do_filp_open()

Linus Torvalds 16 years ago 35c2e967 6c550ee4

+274 -271

1 changed file

expand all

unified split

namei.c

+274 -271

fs/namei.c

··· 498 499 static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 500 { 501 - int res = 0; 502 - char *name; 503 if (IS_ERR(link)) 504 goto fail; 505 ··· 508 path_get(&nd->root); 509 } 510 511 - res = link_path_walk(link, nd); 512 - if (nd->depth || res || nd->last_type!=LAST_NORM) 513 - return res; 514 - /* 515 - * If it is an iterative symlinks resolution in open_namei() we 516 - * have to copy the last component. And all that crap because of 517 - * bloody create() on broken symlinks. Furrfu... 518 - */ 519 - name = __getname(); 520 - if (unlikely(!name)) { 521 - path_put(&nd->path); 522 - return -ENOMEM; 523 - } 524 - strcpy(name, nd->last.name); 525 - nd->last.name = name; 526 - return 0; 527 fail: 528 path_put(&nd->path); 529 return PTR_ERR(link); ··· 530 nd->path.dentry = path->dentry; 531 } 532 533 - static __always_inline int __do_follow_link(struct path *path, struct nameidata *nd) 534 { 535 int error; 536 - void *cookie; 537 struct dentry *dentry = path->dentry; 538 539 touch_atime(path->mnt, dentry); ··· 545 } 546 mntget(path->mnt); 547 nd->last_type = LAST_BIND; 548 - cookie = dentry->d_inode->i_op->follow_link(dentry, nd); 549 - error = PTR_ERR(cookie); 550 - if (!IS_ERR(cookie)) { 551 char *s = nd_get_link(nd); 552 error = 0; 553 if (s) ··· 557 if (error) 558 path_put(&nd->path); 559 } 560 - if (dentry->d_inode->i_op->put_link) 561 - dentry->d_inode->i_op->put_link(dentry, nd, cookie); 562 } 563 return error; 564 } ··· 570 */ 571 static inline int do_follow_link(struct path *path, struct nameidata *nd) 572 { 573 int err = -ELOOP; 574 if (current->link_count >= MAX_NESTED_LINKS) 575 goto loop; ··· 584 current->link_count++; 585 current->total_link_count++; 586 nd->depth++; 587 - err = __do_follow_link(path, nd); 588 path_put(path); 589 current->link_count--; 590 nd->depth--; ··· 1359 return inode_permission(dir, MAY_WRITE | MAY_EXEC); 1360 } 1361 1362 - /* 1363 - * O_DIRECTORY translates into forcing a directory lookup. 1364 - */ 1365 - static inline int lookup_flags(unsigned int f) 1366 - { 1367 - unsigned long retval = LOOKUP_FOLLOW; 1368 - 1369 - if (f & O_NOFOLLOW) 1370 - retval &= ~LOOKUP_FOLLOW; 1371 - 1372 - if (f & O_DIRECTORY) 1373 - retval |= LOOKUP_DIRECTORY; 1374 - 1375 - return retval; 1376 - } 1377 - 1378 /* 1379 * p1 and p2 should be directories on the same fs. 1380 */ ··· 1558 return (flag & O_TRUNC); 1559 } 1560 1561 - /* 1562 - * Note that the low bits of the passed in "open_flag" 1563 - * are not the same as in the local variable "flag". See 1564 - * open_to_namei_flags() for more details. 1565 - */ 1566 - struct file *do_filp_open(int dfd, const char *pathname, 1567 - int open_flag, int mode, int acc_mode) 1568 { 1569 struct file *filp; 1570 - struct nameidata nd; 1571 - int error; 1572 - struct path path; 1573 - struct dentry *dir; 1574 - int count = 0; 1575 int will_truncate; 1576 - int flag = open_to_namei_flags(open_flag); 1577 - int force_reval = 0; 1578 1579 - /* 1580 - * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only 1581 - * check for O_DSYNC if the need any syncing at all we enforce it's 1582 - * always set instead of having to deal with possibly weird behaviour 1583 - * for malicious applications setting only __O_SYNC. 1584 - */ 1585 - if (open_flag & __O_SYNC) 1586 - open_flag |= O_DSYNC; 1587 - 1588 - if (!acc_mode) 1589 - acc_mode = MAY_OPEN | ACC_MODE(open_flag); 1590 - 1591 - /* O_TRUNC implies we need access checks for write permissions */ 1592 - if (flag & O_TRUNC) 1593 - acc_mode |= MAY_WRITE; 1594 - 1595 - /* Allow the LSM permission hook to distinguish append 1596 - access from general write access. */ 1597 - if (flag & O_APPEND) 1598 - acc_mode |= MAY_APPEND; 1599 - 1600 - /* 1601 - * The simplest case - just a plain lookup. 1602 - */ 1603 - if (!(flag & O_CREAT)) { 1604 - filp = get_empty_filp(); 1605 - 1606 - if (filp == NULL) 1607 - return ERR_PTR(-ENFILE); 1608 - nd.intent.open.file = filp; 1609 - filp->f_flags = open_flag; 1610 - nd.intent.open.flags = flag; 1611 - nd.intent.open.create_mode = 0; 1612 - error = do_path_lookup(dfd, pathname, 1613 - lookup_flags(flag)|LOOKUP_OPEN, &nd); 1614 - if (IS_ERR(nd.intent.open.file)) { 1615 - if (error == 0) { 1616 - error = PTR_ERR(nd.intent.open.file); 1617 - path_put(&nd.path); 1618 - } 1619 - } else if (error) 1620 - release_open_intent(&nd); 1621 if (error) 1622 - return ERR_PTR(error); 1623 goto ok; 1624 } 1625 1626 - /* 1627 - * Create - we need to know the parent. 1628 - */ 1629 - reval: 1630 - error = path_init(dfd, pathname, LOOKUP_PARENT, &nd); 1631 - if (error) 1632 - return ERR_PTR(error); 1633 - if (force_reval) 1634 - nd.flags |= LOOKUP_REVAL; 1635 - error = path_walk(pathname, &nd); 1636 - if (error) { 1637 - if (nd.root.mnt) 1638 - path_put(&nd.root); 1639 - return ERR_PTR(error); 1640 } 1641 - if (unlikely(!audit_dummy_context())) 1642 - audit_inode(pathname, nd.path.dentry); 1643 1644 - /* 1645 - * We have the parent and last component. First of all, check 1646 - * that we are not asked to creat(2) an obvious directory - that 1647 - * will not do. 1648 - */ 1649 - error = -EISDIR; 1650 - if (nd.last_type != LAST_NORM || nd.last.name[nd.last.len]) 1651 - goto exit_parent; 1652 1653 - error = -ENFILE; 1654 - filp = get_empty_filp(); 1655 - if (filp == NULL) 1656 - goto exit_parent; 1657 - nd.intent.open.file = filp; 1658 - filp->f_flags = open_flag; 1659 - nd.intent.open.flags = flag; 1660 - nd.intent.open.create_mode = mode; 1661 - dir = nd.path.dentry; 1662 - nd.flags &= ~LOOKUP_PARENT; 1663 - nd.flags |= LOOKUP_CREATE | LOOKUP_OPEN; 1664 - if (flag & O_EXCL) 1665 - nd.flags |= LOOKUP_EXCL; 1666 mutex_lock(&dir->d_inode->i_mutex); 1667 - path.dentry = lookup_hash(&nd); 1668 - path.mnt = nd.path.mnt; 1669 1670 - do_last: 1671 - error = PTR_ERR(path.dentry); 1672 - if (IS_ERR(path.dentry)) { 1673 mutex_unlock(&dir->d_inode->i_mutex); 1674 goto exit; 1675 } 1676 1677 - if (IS_ERR(nd.intent.open.file)) { 1678 - error = PTR_ERR(nd.intent.open.file); 1679 goto exit_mutex_unlock; 1680 } 1681 1682 /* Negative dentry, just create the file */ 1683 - if (!path.dentry->d_inode) { 1684 /* 1685 * This write is needed to ensure that a 1686 * ro->rw transition does not occur between ··· 1694 * a permanent write count is taken through 1695 * the 'struct file' in nameidata_to_filp(). 1696 */ 1697 - error = mnt_want_write(nd.path.mnt); 1698 if (error) 1699 goto exit_mutex_unlock; 1700 - error = __open_namei_create(&nd, &path, open_flag, mode); 1701 if (error) { 1702 - mnt_drop_write(nd.path.mnt); 1703 goto exit; 1704 } 1705 - filp = nameidata_to_filp(&nd); 1706 - mnt_drop_write(nd.path.mnt); 1707 - if (nd.root.mnt) 1708 - path_put(&nd.root); 1709 if (!IS_ERR(filp)) { 1710 error = ima_file_check(filp, acc_mode); 1711 if (error) { ··· 1718 * It already exists. 1719 */ 1720 mutex_unlock(&dir->d_inode->i_mutex); 1721 - audit_inode(pathname, path.dentry); 1722 1723 error = -EEXIST; 1724 - if (flag & O_EXCL) 1725 goto exit_dput; 1726 1727 - if (__follow_mount(&path)) { 1728 error = -ELOOP; 1729 - if (flag & O_NOFOLLOW) 1730 goto exit_dput; 1731 } 1732 1733 error = -ENOENT; 1734 - if (!path.dentry->d_inode) 1735 goto exit_dput; 1736 - if (path.dentry->d_inode->i_op->follow_link) 1737 - goto do_link; 1738 1739 - path_to_nameidata(&path, &nd); 1740 error = -EISDIR; 1741 - if (S_ISDIR(path.dentry->d_inode->i_mode)) 1742 goto exit; 1743 ok: 1744 - /* 1745 - * Consider: 1746 - * 1. may_open() truncates a file 1747 - * 2. a rw->ro mount transition occurs 1748 - * 3. nameidata_to_filp() fails due to 1749 - * the ro mount. 1750 - * That would be inconsistent, and should 1751 - * be avoided. Taking this mnt write here 1752 - * ensures that (2) can not occur. 1753 - */ 1754 - will_truncate = open_will_truncate(flag, nd.path.dentry->d_inode); 1755 - if (will_truncate) { 1756 - error = mnt_want_write(nd.path.mnt); 1757 - if (error) 1758 - goto exit; 1759 - } 1760 - error = may_open(&nd.path, acc_mode, open_flag); 1761 - if (error) { 1762 - if (will_truncate) 1763 - mnt_drop_write(nd.path.mnt); 1764 - goto exit; 1765 - } 1766 - filp = nameidata_to_filp(&nd); 1767 - if (!IS_ERR(filp)) { 1768 - error = ima_file_check(filp, acc_mode); 1769 - if (error) { 1770 - fput(filp); 1771 - filp = ERR_PTR(error); 1772 - } 1773 - } 1774 - if (!IS_ERR(filp)) { 1775 - if (acc_mode & MAY_WRITE) 1776 - vfs_dq_init(nd.path.dentry->d_inode); 1777 - 1778 - if (will_truncate) { 1779 - error = handle_truncate(&nd.path); 1780 - if (error) { 1781 - fput(filp); 1782 - filp = ERR_PTR(error); 1783 - } 1784 - } 1785 - } 1786 - /* 1787 - * It is now safe to drop the mnt write 1788 - * because the filp has had a write taken 1789 - * on its behalf. 1790 - */ 1791 - if (will_truncate) 1792 - mnt_drop_write(nd.path.mnt); 1793 - if (nd.root.mnt) 1794 - path_put(&nd.root); 1795 return filp; 1796 1797 exit_mutex_unlock: 1798 mutex_unlock(&dir->d_inode->i_mutex); 1799 exit_dput: 1800 - path_put_conditional(&path, &nd); 1801 exit: 1802 if (!IS_ERR(nd.intent.open.file)) 1803 release_open_intent(&nd); 1804 exit_parent: 1805 - if (nd.root.mnt) 1806 - path_put(&nd.root); 1807 path_put(&nd.path); 1808 - return ERR_PTR(error); 1809 - 1810 - do_link: 1811 - error = -ELOOP; 1812 - if (flag & O_NOFOLLOW) 1813 - goto exit_dput; 1814 - /* 1815 - * This is subtle. Instead of calling do_follow_link() we do the 1816 - * thing by hands. The reason is that this way we have zero link_count 1817 - * and path_walk() (called from ->follow_link) honoring LOOKUP_PARENT. 1818 - * After that we have the parent and last component, i.e. 1819 - * we are in the same situation as after the first path_walk(). 1820 - * Well, almost - if the last component is normal we get its copy 1821 - * stored in nd->last.name and we will have to putname() it when we 1822 - * are done. Procfs-like symlinks just set LAST_BIND. 1823 - */ 1824 - nd.flags |= LOOKUP_PARENT; 1825 - error = security_inode_follow_link(path.dentry, &nd); 1826 - if (error) 1827 - goto exit_dput; 1828 - error = __do_follow_link(&path, &nd); 1829 - path_put(&path); 1830 - if (error) { 1831 - /* Does someone understand code flow here? Or it is only 1832 - * me so stupid? Anathema to whoever designed this non-sense 1833 - * with "intent.open". 1834 - */ 1835 - release_open_intent(&nd); 1836 - if (nd.root.mnt) 1837 - path_put(&nd.root); 1838 - if (error == -ESTALE && !force_reval) { 1839 - force_reval = 1; 1840 - goto reval; 1841 - } 1842 - return ERR_PTR(error); 1843 - } 1844 - nd.flags &= ~LOOKUP_PARENT; 1845 - if (nd.last_type == LAST_BIND) 1846 - goto ok; 1847 - error = -EISDIR; 1848 - if (nd.last_type != LAST_NORM) 1849 - goto exit; 1850 - if (nd.last.name[nd.last.len]) { 1851 - __putname(nd.last.name); 1852 - goto exit; 1853 - } 1854 - error = -ELOOP; 1855 - if (count++==32) { 1856 - __putname(nd.last.name); 1857 - goto exit; 1858 - } 1859 - dir = nd.path.dentry; 1860 - mutex_lock(&dir->d_inode->i_mutex); 1861 - path.dentry = lookup_hash(&nd); 1862 - path.mnt = nd.path.mnt; 1863 - __putname(nd.last.name); 1864 - goto do_last; 1865 } 1866 1867 /**

··· 498 499 static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link) 500 { 501 if (IS_ERR(link)) 502 goto fail; 503 ··· 510 path_get(&nd->root); 511 } 512 513 + return link_path_walk(link, nd); 514 fail: 515 path_put(&nd->path); 516 return PTR_ERR(link); ··· 547 nd->path.dentry = path->dentry; 548 } 549 550 + static __always_inline int 551 + __do_follow_link(struct path *path, struct nameidata *nd, void **p) 552 { 553 int error; 554 struct dentry *dentry = path->dentry; 555 556 touch_atime(path->mnt, dentry); ··· 562 } 563 mntget(path->mnt); 564 nd->last_type = LAST_BIND; 565 + *p = dentry->d_inode->i_op->follow_link(dentry, nd); 566 + error = PTR_ERR(*p); 567 + if (!IS_ERR(*p)) { 568 char *s = nd_get_link(nd); 569 error = 0; 570 if (s) ··· 574 if (error) 575 path_put(&nd->path); 576 } 577 } 578 return error; 579 } ··· 589 */ 590 static inline int do_follow_link(struct path *path, struct nameidata *nd) 591 { 592 + void *cookie; 593 int err = -ELOOP; 594 if (current->link_count >= MAX_NESTED_LINKS) 595 goto loop; ··· 602 current->link_count++; 603 current->total_link_count++; 604 nd->depth++; 605 + err = __do_follow_link(path, nd, &cookie); 606 + if (!IS_ERR(cookie) && path->dentry->d_inode->i_op->put_link) 607 + path->dentry->d_inode->i_op->put_link(path->dentry, nd, cookie); 608 path_put(path); 609 current->link_count--; 610 nd->depth--; ··· 1375 return inode_permission(dir, MAY_WRITE | MAY_EXEC); 1376 } 1377 1378 /* 1379 * p1 and p2 should be directories on the same fs. 1380 */ ··· 1590 return (flag & O_TRUNC); 1591 } 1592 1593 + static struct file *finish_open(struct nameidata *nd, 1594 + int open_flag, int acc_mode) 1595 { 1596 struct file *filp; 1597 int will_truncate; 1598 + int error; 1599 1600 + will_truncate = open_will_truncate(open_flag, nd->path.dentry->d_inode); 1601 + if (will_truncate) { 1602 + error = mnt_want_write(nd->path.mnt); 1603 if (error) 1604 + goto exit; 1605 + } 1606 + error = may_open(&nd->path, acc_mode, open_flag); 1607 + if (error) { 1608 + if (will_truncate) 1609 + mnt_drop_write(nd->path.mnt); 1610 + goto exit; 1611 + } 1612 + filp = nameidata_to_filp(nd); 1613 + if (!IS_ERR(filp)) { 1614 + error = ima_file_check(filp, acc_mode); 1615 + if (error) { 1616 + fput(filp); 1617 + filp = ERR_PTR(error); 1618 + } 1619 + } 1620 + if (!IS_ERR(filp)) { 1621 + if (acc_mode & MAY_WRITE) 1622 + vfs_dq_init(nd->path.dentry->d_inode); 1623 + 1624 + if (will_truncate) { 1625 + error = handle_truncate(&nd->path); 1626 + if (error) { 1627 + fput(filp); 1628 + filp = ERR_PTR(error); 1629 + } 1630 + } 1631 + } 1632 + /* 1633 + * It is now safe to drop the mnt write 1634 + * because the filp has had a write taken 1635 + * on its behalf. 1636 + */ 1637 + if (will_truncate) 1638 + mnt_drop_write(nd->path.mnt); 1639 + return filp; 1640 + 1641 + exit: 1642 + if (!IS_ERR(nd->intent.open.file)) 1643 + release_open_intent(nd); 1644 + path_put(&nd->path); 1645 + return ERR_PTR(error); 1646 + } 1647 + 1648 + static struct file *do_last(struct nameidata *nd, struct path *path, 1649 + int open_flag, int acc_mode, 1650 + int mode, const char *pathname, 1651 + int *want_dir) 1652 + { 1653 + struct dentry *dir = nd->path.dentry; 1654 + struct file *filp; 1655 + int error = -EISDIR; 1656 + 1657 + switch (nd->last_type) { 1658 + case LAST_DOTDOT: 1659 + follow_dotdot(nd); 1660 + dir = nd->path.dentry; 1661 + if (nd->path.mnt->mnt_sb->s_type->fs_flags & FS_REVAL_DOT) { 1662 + if (!dir->d_op->d_revalidate(dir, nd)) { 1663 + error = -ESTALE; 1664 + goto exit; 1665 + } 1666 + } 1667 + /* fallthrough */ 1668 + case LAST_DOT: 1669 + case LAST_ROOT: 1670 + if (open_flag & O_CREAT) 1671 + goto exit; 1672 + /* fallthrough */ 1673 + case LAST_BIND: 1674 + audit_inode(pathname, dir); 1675 goto ok; 1676 } 1677 1678 + /* trailing slashes? */ 1679 + if (nd->last.name[nd->last.len]) { 1680 + if (open_flag & O_CREAT) 1681 + goto exit; 1682 + *want_dir = 1; 1683 } 1684 1685 + /* just plain open? */ 1686 + if (!(open_flag & O_CREAT)) { 1687 + error = do_lookup(nd, &nd->last, path); 1688 + if (error) 1689 + goto exit; 1690 + error = -ENOENT; 1691 + if (!path->dentry->d_inode) 1692 + goto exit_dput; 1693 + if (path->dentry->d_inode->i_op->follow_link) 1694 + return NULL; 1695 + error = -ENOTDIR; 1696 + if (*want_dir & !path->dentry->d_inode->i_op->lookup) 1697 + goto exit_dput; 1698 + path_to_nameidata(path, nd); 1699 + audit_inode(pathname, nd->path.dentry); 1700 + goto ok; 1701 + } 1702 1703 + /* OK, it's O_CREAT */ 1704 mutex_lock(&dir->d_inode->i_mutex); 1705 1706 + path->dentry = lookup_hash(nd); 1707 + path->mnt = nd->path.mnt; 1708 + 1709 + error = PTR_ERR(path->dentry); 1710 + if (IS_ERR(path->dentry)) { 1711 mutex_unlock(&dir->d_inode->i_mutex); 1712 goto exit; 1713 } 1714 1715 + if (IS_ERR(nd->intent.open.file)) { 1716 + error = PTR_ERR(nd->intent.open.file); 1717 goto exit_mutex_unlock; 1718 } 1719 1720 /* Negative dentry, just create the file */ 1721 + if (!path->dentry->d_inode) { 1722 /* 1723 * This write is needed to ensure that a 1724 * ro->rw transition does not occur between ··· 1720 * a permanent write count is taken through 1721 * the 'struct file' in nameidata_to_filp(). 1722 */ 1723 + error = mnt_want_write(nd->path.mnt); 1724 if (error) 1725 goto exit_mutex_unlock; 1726 + error = __open_namei_create(nd, path, open_flag, mode); 1727 if (error) { 1728 + mnt_drop_write(nd->path.mnt); 1729 goto exit; 1730 } 1731 + filp = nameidata_to_filp(nd); 1732 + mnt_drop_write(nd->path.mnt); 1733 if (!IS_ERR(filp)) { 1734 error = ima_file_check(filp, acc_mode); 1735 if (error) { ··· 1746 * It already exists. 1747 */ 1748 mutex_unlock(&dir->d_inode->i_mutex); 1749 + audit_inode(pathname, path->dentry); 1750 1751 error = -EEXIST; 1752 + if (open_flag & O_EXCL) 1753 goto exit_dput; 1754 1755 + if (__follow_mount(path)) { 1756 error = -ELOOP; 1757 + if (open_flag & O_NOFOLLOW) 1758 goto exit_dput; 1759 } 1760 1761 error = -ENOENT; 1762 + if (!path->dentry->d_inode) 1763 goto exit_dput; 1764 1765 + if (path->dentry->d_inode->i_op->follow_link) 1766 + return NULL; 1767 + 1768 + path_to_nameidata(path, nd); 1769 error = -EISDIR; 1770 + if (S_ISDIR(path->dentry->d_inode->i_mode)) 1771 goto exit; 1772 ok: 1773 + filp = finish_open(nd, open_flag, acc_mode); 1774 return filp; 1775 1776 exit_mutex_unlock: 1777 mutex_unlock(&dir->d_inode->i_mutex); 1778 exit_dput: 1779 + path_put_conditional(path, nd); 1780 exit: 1781 + if (!IS_ERR(nd->intent.open.file)) 1782 + release_open_intent(nd); 1783 + path_put(&nd->path); 1784 + return ERR_PTR(error); 1785 + } 1786 + 1787 + /* 1788 + * Note that the low bits of the passed in "open_flag" 1789 + * are not the same as in the local variable "flag". See 1790 + * open_to_namei_flags() for more details. 1791 + */ 1792 + struct file *do_filp_open(int dfd, const char *pathname, 1793 + int open_flag, int mode, int acc_mode) 1794 + { 1795 + struct file *filp; 1796 + struct nameidata nd; 1797 + int error; 1798 + struct path path; 1799 + int count = 0; 1800 + int flag = open_to_namei_flags(open_flag); 1801 + int force_reval = 0; 1802 + int want_dir = open_flag & O_DIRECTORY; 1803 + 1804 + if (!(open_flag & O_CREAT)) 1805 + mode = 0; 1806 + 1807 + /* 1808 + * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only 1809 + * check for O_DSYNC if the need any syncing at all we enforce it's 1810 + * always set instead of having to deal with possibly weird behaviour 1811 + * for malicious applications setting only __O_SYNC. 1812 + */ 1813 + if (open_flag & __O_SYNC) 1814 + open_flag |= O_DSYNC; 1815 + 1816 + if (!acc_mode) 1817 + acc_mode = MAY_OPEN | ACC_MODE(open_flag); 1818 + 1819 + /* O_TRUNC implies we need access checks for write permissions */ 1820 + if (open_flag & O_TRUNC) 1821 + acc_mode |= MAY_WRITE; 1822 + 1823 + /* Allow the LSM permission hook to distinguish append 1824 + access from general write access. */ 1825 + if (open_flag & O_APPEND) 1826 + acc_mode |= MAY_APPEND; 1827 + 1828 + /* find the parent */ 1829 + reval: 1830 + error = path_init(dfd, pathname, LOOKUP_PARENT, &nd); 1831 + if (error) 1832 + return ERR_PTR(error); 1833 + if (force_reval) 1834 + nd.flags |= LOOKUP_REVAL; 1835 + 1836 + current->total_link_count = 0; 1837 + error = link_path_walk(pathname, &nd); 1838 + if (error) { 1839 + filp = ERR_PTR(error); 1840 + goto out; 1841 + } 1842 + if (unlikely(!audit_dummy_context()) && (open_flag & O_CREAT)) 1843 + audit_inode(pathname, nd.path.dentry); 1844 + 1845 + /* 1846 + * We have the parent and last component. 1847 + */ 1848 + 1849 + error = -ENFILE; 1850 + filp = get_empty_filp(); 1851 + if (filp == NULL) 1852 + goto exit_parent; 1853 + nd.intent.open.file = filp; 1854 + filp->f_flags = open_flag; 1855 + nd.intent.open.flags = flag; 1856 + nd.intent.open.create_mode = mode; 1857 + nd.flags &= ~LOOKUP_PARENT; 1858 + nd.flags |= LOOKUP_OPEN; 1859 + if (open_flag & O_CREAT) { 1860 + nd.flags |= LOOKUP_CREATE; 1861 + if (open_flag & O_EXCL) 1862 + nd.flags |= LOOKUP_EXCL; 1863 + } 1864 + filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname, &want_dir); 1865 + while (unlikely(!filp)) { /* trailing symlink */ 1866 + struct path holder; 1867 + struct inode *inode = path.dentry->d_inode; 1868 + void *cookie; 1869 + error = -ELOOP; 1870 + /* S_ISDIR part is a temporary automount kludge */ 1871 + if ((open_flag & O_NOFOLLOW) && !S_ISDIR(inode->i_mode)) 1872 + goto exit_dput; 1873 + if (count++ == 32) 1874 + goto exit_dput; 1875 + /* 1876 + * This is subtle. Instead of calling do_follow_link() we do 1877 + * the thing by hands. The reason is that this way we have zero 1878 + * link_count and path_walk() (called from ->follow_link) 1879 + * honoring LOOKUP_PARENT. After that we have the parent and 1880 + * last component, i.e. we are in the same situation as after 1881 + * the first path_walk(). Well, almost - if the last component 1882 + * is normal we get its copy stored in nd->last.name and we will 1883 + * have to putname() it when we are done. Procfs-like symlinks 1884 + * just set LAST_BIND. 1885 + */ 1886 + nd.flags |= LOOKUP_PARENT; 1887 + error = security_inode_follow_link(path.dentry, &nd); 1888 + if (error) 1889 + goto exit_dput; 1890 + error = __do_follow_link(&path, &nd, &cookie); 1891 + if (unlikely(error)) { 1892 + /* nd.path had been dropped */ 1893 + if (!IS_ERR(cookie) && inode->i_op->put_link) 1894 + inode->i_op->put_link(path.dentry, &nd, cookie); 1895 + path_put(&path); 1896 + release_open_intent(&nd); 1897 + filp = ERR_PTR(error); 1898 + goto out; 1899 + } 1900 + holder = path; 1901 + nd.flags &= ~LOOKUP_PARENT; 1902 + filp = do_last(&nd, &path, open_flag, acc_mode, mode, pathname, &want_dir); 1903 + if (inode->i_op->put_link) 1904 + inode->i_op->put_link(holder.dentry, &nd, cookie); 1905 + path_put(&holder); 1906 + } 1907 + out: 1908 + if (nd.root.mnt) 1909 + path_put(&nd.root); 1910 + if (filp == ERR_PTR(-ESTALE) && !force_reval) { 1911 + force_reval = 1; 1912 + goto reval; 1913 + } 1914 + return filp; 1915 + 1916 + exit_dput: 1917 + path_put_conditional(&path, &nd); 1918 if (!IS_ERR(nd.intent.open.file)) 1919 release_open_intent(&nd); 1920 exit_parent: 1921 path_put(&nd.path); 1922 + filp = ERR_PTR(error); 1923 + goto out; 1924 } 1925 1926 /**