fat: add renameat2 RENAME_EXCHANGE flag support

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The renameat2 RENAME_EXCHANGE flag allows to atomically exchange two paths
but is currently not supported by the Linux vfat filesystem driver.

Add a vfat_rename_exchange() helper function that implements this support.

The super block lock is acquired during the operation to ensure atomicity,
and in the error path actions made are reversed also with the mutex held.

It makes the operation as transactional as possible, within the limitation
impossed by vfat due not having a journal with logs to replay.

Link: https://lkml.kernel.org/r/20220610075721.1182745-4-javierm@redhat.com
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Acked-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Cc: Alexander Larsson <alexl@redhat.com>
Cc: Christian Kellner <ckellner@redhat.com>
Cc: Chung-Chiang Cheng <cccheng@synology.com>
Cc: Colin Walters <walters@verbum.org>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Muhammad Usama Anjum <usama.anjum@collabora.com>
Cc: Peter Jones <pjones@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Javier Martinez Canillas and committed by

akpm 3 years ago da87e172 204d0320

+122 -1

1 changed file

expand all

fat

namei_vfat.c

+122 -1

fs/fat/namei_vfat.c

··· 1042 1042 goto out; 1043 1043 } 1044 1044 1045 + static void vfat_exchange_ipos(struct inode *old_inode, struct inode *new_inode, 1046 + loff_t old_i_pos, loff_t new_i_pos) 1047 + { 1048 + fat_detach(old_inode); 1049 + fat_detach(new_inode); 1050 + fat_attach(old_inode, new_i_pos); 1051 + fat_attach(new_inode, old_i_pos); 1052 + } 1053 + 1054 + static void vfat_move_nlink(struct inode *src, struct inode *dst) 1055 + { 1056 + drop_nlink(src); 1057 + inc_nlink(dst); 1058 + } 1059 + 1060 + static int vfat_rename_exchange(struct inode *old_dir, struct dentry *old_dentry, 1061 + struct inode *new_dir, struct dentry *new_dentry) 1062 + { 1063 + struct buffer_head *old_dotdot_bh = NULL, *new_dotdot_bh = NULL; 1064 + struct msdos_dir_entry *old_dotdot_de = NULL, *new_dotdot_de = NULL; 1065 + struct inode *old_inode, *new_inode; 1066 + struct timespec64 ts = current_time(old_dir); 1067 + loff_t old_i_pos, new_i_pos; 1068 + int err, corrupt = 0; 1069 + struct super_block *sb = old_dir->i_sb; 1070 + 1071 + old_inode = d_inode(old_dentry); 1072 + new_inode = d_inode(new_dentry); 1073 + 1074 + /* Acquire super block lock for the operation to be atomic */ 1075 + mutex_lock(&MSDOS_SB(sb)->s_lock); 1076 + 1077 + /* if directories are not the same, get ".." info to update */ 1078 + if (old_dir != new_dir) { 1079 + err = vfat_get_dotdot_de(old_inode, &old_dotdot_bh, 1080 + &old_dotdot_de); 1081 + if (err) 1082 + goto out; 1083 + 1084 + err = vfat_get_dotdot_de(new_inode, &new_dotdot_bh, 1085 + &new_dotdot_de); 1086 + if (err) 1087 + goto out; 1088 + } 1089 + 1090 + old_i_pos = MSDOS_I(old_inode)->i_pos; 1091 + new_i_pos = MSDOS_I(new_inode)->i_pos; 1092 + 1093 + vfat_exchange_ipos(old_inode, new_inode, old_i_pos, new_i_pos); 1094 + 1095 + err = vfat_sync_ipos(old_dir, new_inode); 1096 + if (err) 1097 + goto error_exchange; 1098 + err = vfat_sync_ipos(new_dir, old_inode); 1099 + if (err) 1100 + goto error_exchange; 1101 + 1102 + /* update ".." directory entry info */ 1103 + if (old_dotdot_de) { 1104 + err = vfat_update_dotdot_de(new_dir, old_inode, old_dotdot_bh, 1105 + old_dotdot_de); 1106 + if (err) 1107 + goto error_old_dotdot; 1108 + } 1109 + if (new_dotdot_de) { 1110 + err = vfat_update_dotdot_de(old_dir, new_inode, new_dotdot_bh, 1111 + new_dotdot_de); 1112 + if (err) 1113 + goto error_new_dotdot; 1114 + } 1115 + 1116 + /* if cross directory and only one is a directory, adjust nlink */ 1117 + if (!old_dotdot_de != !new_dotdot_de) { 1118 + if (old_dotdot_de) 1119 + vfat_move_nlink(old_dir, new_dir); 1120 + else 1121 + vfat_move_nlink(new_dir, old_dir); 1122 + } 1123 + 1124 + vfat_update_dir_metadata(old_dir, &ts); 1125 + /* if directories are not the same, update new_dir as well */ 1126 + if (old_dir != new_dir) 1127 + vfat_update_dir_metadata(new_dir, &ts); 1128 + 1129 + out: 1130 + brelse(old_dotdot_bh); 1131 + brelse(new_dotdot_bh); 1132 + mutex_unlock(&MSDOS_SB(sb)->s_lock); 1133 + 1134 + return err; 1135 + 1136 + error_new_dotdot: 1137 + if (new_dotdot_de) { 1138 + corrupt |= vfat_update_dotdot_de(new_dir, new_inode, 1139 + new_dotdot_bh, new_dotdot_de); 1140 + } 1141 + 1142 + error_old_dotdot: 1143 + if (old_dotdot_de) { 1144 + corrupt |= vfat_update_dotdot_de(old_dir, old_inode, 1145 + old_dotdot_bh, old_dotdot_de); 1146 + } 1147 + 1148 + error_exchange: 1149 + vfat_exchange_ipos(old_inode, new_inode, new_i_pos, old_i_pos); 1150 + corrupt |= vfat_sync_ipos(new_dir, new_inode); 1151 + corrupt |= vfat_sync_ipos(old_dir, old_inode); 1152 + 1153 + if (corrupt < 0) { 1154 + fat_fs_error(new_dir->i_sb, 1155 + "%s: Filesystem corrupted (i_pos %lld, %lld)", 1156 + __func__, old_i_pos, new_i_pos); 1157 + } 1158 + goto out; 1159 + } 1160 + 1045 1161 static int vfat_rename2(struct user_namespace *mnt_userns, struct inode *old_dir, 1046 1162 struct dentry *old_dentry, struct inode *new_dir, 1047 1163 struct dentry *new_dentry, unsigned int flags) 1048 1164 { 1049 - if (flags & ~RENAME_NOREPLACE) 1165 + if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE)) 1050 1166 return -EINVAL; 1167 + 1168 + if (flags & RENAME_EXCHANGE) { 1169 + return vfat_rename_exchange(old_dir, old_dentry, 1170 + new_dir, new_dentry); 1171 + } 1051 1172 1052 1173 /* VFS already handled RENAME_NOREPLACE, handle it as a normal rename */ 1053 1174 return vfat_rename(old_dir, old_dentry, new_dir, new_dentry);