~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/fs/d_path.c

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /* SPDX-License-Identifier: GPL-2.0 */
  2 #include <linux/syscalls.h>
  3 #include <linux/export.h>
  4 #include <linux/uaccess.h>
  5 #include <linux/fs_struct.h>
  6 #include <linux/fs.h>
  7 #include <linux/slab.h>
  8 #include <linux/prefetch.h>
  9 #include "mount.h"
 10 #include "internal.h"
 11 
 12 struct prepend_buffer {
 13         char *buf;
 14         int len;
 15 };
 16 #define DECLARE_BUFFER(__name, __buf, __len) \
 17         struct prepend_buffer __name = {.buf = __buf + __len, .len = __len}
 18 
 19 static char *extract_string(struct prepend_buffer *p)
 20 {
 21         if (likely(p->len >= 0))
 22                 return p->buf;
 23         return ERR_PTR(-ENAMETOOLONG);
 24 }
 25 
 26 static bool prepend_char(struct prepend_buffer *p, unsigned char c)
 27 {
 28         if (likely(p->len > 0)) {
 29                 p->len--;
 30                 *--p->buf = c;
 31                 return true;
 32         }
 33         p->len = -1;
 34         return false;
 35 }
 36 
 37 /*
 38  * The source of the prepend data can be an optimistic load
 39  * of a dentry name and length. And because we don't hold any
 40  * locks, the length and the pointer to the name may not be
 41  * in sync if a concurrent rename happens, and the kernel
 42  * copy might fault as a result.
 43  *
 44  * The end result will correct itself when we check the
 45  * rename sequence count, but we need to be able to handle
 46  * the fault gracefully.
 47  */
 48 static bool prepend_copy(void *dst, const void *src, int len)
 49 {
 50         if (unlikely(copy_from_kernel_nofault(dst, src, len))) {
 51                 memset(dst, 'x', len);
 52                 return false;
 53         }
 54         return true;
 55 }
 56 
 57 static bool prepend(struct prepend_buffer *p, const char *str, int namelen)
 58 {
 59         // Already overflowed?
 60         if (p->len < 0)
 61                 return false;
 62 
 63         // Will overflow?
 64         if (p->len < namelen) {
 65                 // Fill as much as possible from the end of the name
 66                 str += namelen - p->len;
 67                 p->buf -= p->len;
 68                 prepend_copy(p->buf, str, p->len);
 69                 p->len = -1;
 70                 return false;
 71         }
 72 
 73         // Fits fully
 74         p->len -= namelen;
 75         p->buf -= namelen;
 76         return prepend_copy(p->buf, str, namelen);
 77 }
 78 
 79 /**
 80  * prepend_name - prepend a pathname in front of current buffer pointer
 81  * @p: prepend buffer which contains buffer pointer and allocated length
 82  * @name: name string and length qstr structure
 83  *
 84  * With RCU path tracing, it may race with d_move(). Use READ_ONCE() to
 85  * make sure that either the old or the new name pointer and length are
 86  * fetched. However, there may be mismatch between length and pointer.
 87  * But since the length cannot be trusted, we need to copy the name very
 88  * carefully when doing the prepend_copy(). It also prepends "/" at
 89  * the beginning of the name. The sequence number check at the caller will
 90  * retry it again when a d_move() does happen. So any garbage in the buffer
 91  * due to mismatched pointer and length will be discarded.
 92  *
 93  * Load acquire is needed to make sure that we see the new name data even
 94  * if we might get the length wrong.
 95  */
 96 static bool prepend_name(struct prepend_buffer *p, const struct qstr *name)
 97 {
 98         const char *dname = smp_load_acquire(&name->name); /* ^^^ */
 99         u32 dlen = READ_ONCE(name->len);
100 
101         return prepend(p, dname, dlen) && prepend_char(p, '/');
102 }
103 
104 static int __prepend_path(const struct dentry *dentry, const struct mount *mnt,
105                           const struct path *root, struct prepend_buffer *p)
106 {
107         while (dentry != root->dentry || &mnt->mnt != root->mnt) {
108                 const struct dentry *parent = READ_ONCE(dentry->d_parent);
109 
110                 if (dentry == mnt->mnt.mnt_root) {
111                         struct mount *m = READ_ONCE(mnt->mnt_parent);
112                         struct mnt_namespace *mnt_ns;
113 
114                         if (likely(mnt != m)) {
115                                 dentry = READ_ONCE(mnt->mnt_mountpoint);
116                                 mnt = m;
117                                 continue;
118                         }
119                         /* Global root */
120                         mnt_ns = READ_ONCE(mnt->mnt_ns);
121                         /* open-coded is_mounted() to use local mnt_ns */
122                         if (!IS_ERR_OR_NULL(mnt_ns) && !is_anon_ns(mnt_ns))
123                                 return 1;       // absolute root
124                         else
125                                 return 2;       // detached or not attached yet
126                 }
127 
128                 if (unlikely(dentry == parent))
129                         /* Escaped? */
130                         return 3;
131 
132                 prefetch(parent);
133                 if (!prepend_name(p, &dentry->d_name))
134                         break;
135                 dentry = parent;
136         }
137         return 0;
138 }
139 
140 /**
141  * prepend_path - Prepend path string to a buffer
142  * @path: the dentry/vfsmount to report
143  * @root: root vfsmnt/dentry
144  * @p: prepend buffer which contains buffer pointer and allocated length
145  *
146  * The function will first try to write out the pathname without taking any
147  * lock other than the RCU read lock to make sure that dentries won't go away.
148  * It only checks the sequence number of the global rename_lock as any change
149  * in the dentry's d_seq will be preceded by changes in the rename_lock
150  * sequence number. If the sequence number had been changed, it will restart
151  * the whole pathname back-tracing sequence again by taking the rename_lock.
152  * In this case, there is no need to take the RCU read lock as the recursive
153  * parent pointer references will keep the dentry chain alive as long as no
154  * rename operation is performed.
155  */
156 static int prepend_path(const struct path *path,
157                         const struct path *root,
158                         struct prepend_buffer *p)
159 {
160         unsigned seq, m_seq = 0;
161         struct prepend_buffer b;
162         int error;
163 
164         rcu_read_lock();
165 restart_mnt:
166         read_seqbegin_or_lock(&mount_lock, &m_seq);
167         seq = 0;
168         rcu_read_lock();
169 restart:
170         b = *p;
171         read_seqbegin_or_lock(&rename_lock, &seq);
172         error = __prepend_path(path->dentry, real_mount(path->mnt), root, &b);
173         if (!(seq & 1))
174                 rcu_read_unlock();
175         if (need_seqretry(&rename_lock, seq)) {
176                 seq = 1;
177                 goto restart;
178         }
179         done_seqretry(&rename_lock, seq);
180 
181         if (!(m_seq & 1))
182                 rcu_read_unlock();
183         if (need_seqretry(&mount_lock, m_seq)) {
184                 m_seq = 1;
185                 goto restart_mnt;
186         }
187         done_seqretry(&mount_lock, m_seq);
188 
189         if (unlikely(error == 3))
190                 b = *p;
191 
192         if (b.len == p->len)
193                 prepend_char(&b, '/');
194 
195         *p = b;
196         return error;
197 }
198 
199 /**
200  * __d_path - return the path of a dentry
201  * @path: the dentry/vfsmount to report
202  * @root: root vfsmnt/dentry
203  * @buf: buffer to return value in
204  * @buflen: buffer length
205  *
206  * Convert a dentry into an ASCII path name.
207  *
208  * Returns a pointer into the buffer or an error code if the
209  * path was too long.
210  *
211  * "buflen" should be positive.
212  *
213  * If the path is not reachable from the supplied root, return %NULL.
214  */
215 char *__d_path(const struct path *path,
216                const struct path *root,
217                char *buf, int buflen)
218 {
219         DECLARE_BUFFER(b, buf, buflen);
220 
221         prepend_char(&b, 0);
222         if (unlikely(prepend_path(path, root, &b) > 0))
223                 return NULL;
224         return extract_string(&b);
225 }
226 
227 char *d_absolute_path(const struct path *path,
228                char *buf, int buflen)
229 {
230         struct path root = {};
231         DECLARE_BUFFER(b, buf, buflen);
232 
233         prepend_char(&b, 0);
234         if (unlikely(prepend_path(path, &root, &b) > 1))
235                 return ERR_PTR(-EINVAL);
236         return extract_string(&b);
237 }
238 
239 static void get_fs_root_rcu(struct fs_struct *fs, struct path *root)
240 {
241         unsigned seq;
242 
243         do {
244                 seq = read_seqcount_begin(&fs->seq);
245                 *root = fs->root;
246         } while (read_seqcount_retry(&fs->seq, seq));
247 }
248 
249 /**
250  * d_path - return the path of a dentry
251  * @path: path to report
252  * @buf: buffer to return value in
253  * @buflen: buffer length
254  *
255  * Convert a dentry into an ASCII path name. If the entry has been deleted
256  * the string " (deleted)" is appended. Note that this is ambiguous.
257  *
258  * Returns a pointer into the buffer or an error code if the path was
259  * too long. Note: Callers should use the returned pointer, not the passed
260  * in buffer, to use the name! The implementation often starts at an offset
261  * into the buffer, and may leave 0 bytes at the start.
262  *
263  * "buflen" should be positive.
264  */
265 char *d_path(const struct path *path, char *buf, int buflen)
266 {
267         DECLARE_BUFFER(b, buf, buflen);
268         struct path root;
269 
270         /*
271          * We have various synthetic filesystems that never get mounted.  On
272          * these filesystems dentries are never used for lookup purposes, and
273          * thus don't need to be hashed.  They also don't need a name until a
274          * user wants to identify the object in /proc/pid/fd/.  The little hack
275          * below allows us to generate a name for these objects on demand:
276          *
277          * Some pseudo inodes are mountable.  When they are mounted
278          * path->dentry == path->mnt->mnt_root.  In that case don't call d_dname
279          * and instead have d_path return the mounted path.
280          */
281         if (path->dentry->d_op && path->dentry->d_op->d_dname &&
282             (!IS_ROOT(path->dentry) || path->dentry != path->mnt->mnt_root))
283                 return path->dentry->d_op->d_dname(path->dentry, buf, buflen);
284 
285         rcu_read_lock();
286         get_fs_root_rcu(current->fs, &root);
287         if (unlikely(d_unlinked(path->dentry)))
288                 prepend(&b, " (deleted)", 11);
289         else
290                 prepend_char(&b, 0);
291         prepend_path(path, &root, &b);
292         rcu_read_unlock();
293 
294         return extract_string(&b);
295 }
296 EXPORT_SYMBOL(d_path);
297 
298 /*
299  * Helper function for dentry_operations.d_dname() members
300  */
301 char *dynamic_dname(char *buffer, int buflen, const char *fmt, ...)
302 {
303         va_list args;
304         char temp[64];
305         int sz;
306 
307         va_start(args, fmt);
308         sz = vsnprintf(temp, sizeof(temp), fmt, args) + 1;
309         va_end(args);
310 
311         if (sz > sizeof(temp) || sz > buflen)
312                 return ERR_PTR(-ENAMETOOLONG);
313 
314         buffer += buflen - sz;
315         return memcpy(buffer, temp, sz);
316 }
317 
318 char *simple_dname(struct dentry *dentry, char *buffer, int buflen)
319 {
320         DECLARE_BUFFER(b, buffer, buflen);
321         /* these dentries are never renamed, so d_lock is not needed */
322         prepend(&b, " (deleted)", 11);
323         prepend(&b, dentry->d_name.name, dentry->d_name.len);
324         prepend_char(&b, '/');
325         return extract_string(&b);
326 }
327 
328 /*
329  * Write full pathname from the root of the filesystem into the buffer.
330  */
331 static char *__dentry_path(const struct dentry *d, struct prepend_buffer *p)
332 {
333         const struct dentry *dentry;
334         struct prepend_buffer b;
335         int seq = 0;
336 
337         rcu_read_lock();
338 restart:
339         dentry = d;
340         b = *p;
341         read_seqbegin_or_lock(&rename_lock, &seq);
342         while (!IS_ROOT(dentry)) {
343                 const struct dentry *parent = dentry->d_parent;
344 
345                 prefetch(parent);
346                 if (!prepend_name(&b, &dentry->d_name))
347                         break;
348                 dentry = parent;
349         }
350         if (!(seq & 1))
351                 rcu_read_unlock();
352         if (need_seqretry(&rename_lock, seq)) {
353                 seq = 1;
354                 goto restart;
355         }
356         done_seqretry(&rename_lock, seq);
357         if (b.len == p->len)
358                 prepend_char(&b, '/');
359         return extract_string(&b);
360 }
361 
362 char *dentry_path_raw(const struct dentry *dentry, char *buf, int buflen)
363 {
364         DECLARE_BUFFER(b, buf, buflen);
365 
366         prepend_char(&b, 0);
367         return __dentry_path(dentry, &b);
368 }
369 EXPORT_SYMBOL(dentry_path_raw);
370 
371 char *dentry_path(const struct dentry *dentry, char *buf, int buflen)
372 {
373         DECLARE_BUFFER(b, buf, buflen);
374 
375         if (unlikely(d_unlinked(dentry)))
376                 prepend(&b, "//deleted", 10);
377         else
378                 prepend_char(&b, 0);
379         return __dentry_path(dentry, &b);
380 }
381 
382 static void get_fs_root_and_pwd_rcu(struct fs_struct *fs, struct path *root,
383                                     struct path *pwd)
384 {
385         unsigned seq;
386 
387         do {
388                 seq = read_seqcount_begin(&fs->seq);
389                 *root = fs->root;
390                 *pwd = fs->pwd;
391         } while (read_seqcount_retry(&fs->seq, seq));
392 }
393 
394 /*
395  * NOTE! The user-level library version returns a
396  * character pointer. The kernel system call just
397  * returns the length of the buffer filled (which
398  * includes the ending '\0' character), or a negative
399  * error value. So libc would do something like
400  *
401  *      char *getcwd(char * buf, size_t size)
402  *      {
403  *              int retval;
404  *
405  *              retval = sys_getcwd(buf, size);
406  *              if (retval >= 0)
407  *                      return buf;
408  *              errno = -retval;
409  *              return NULL;
410  *      }
411  */
412 SYSCALL_DEFINE2(getcwd, char __user *, buf, unsigned long, size)
413 {
414         int error;
415         struct path pwd, root;
416         char *page = __getname();
417 
418         if (!page)
419                 return -ENOMEM;
420 
421         rcu_read_lock();
422         get_fs_root_and_pwd_rcu(current->fs, &root, &pwd);
423 
424         if (unlikely(d_unlinked(pwd.dentry))) {
425                 rcu_read_unlock();
426                 error = -ENOENT;
427         } else {
428                 unsigned len;
429                 DECLARE_BUFFER(b, page, PATH_MAX);
430 
431                 prepend_char(&b, 0);
432                 if (unlikely(prepend_path(&pwd, &root, &b) > 0))
433                         prepend(&b, "(unreachable)", 13);
434                 rcu_read_unlock();
435 
436                 len = PATH_MAX - b.len;
437                 if (unlikely(len > PATH_MAX))
438                         error = -ENAMETOOLONG;
439                 else if (unlikely(len > size))
440                         error = -ERANGE;
441                 else if (copy_to_user(buf, b.buf, len))
442                         error = -EFAULT;
443                 else
444                         error = len;
445         }
446         __putname(page);
447         return error;
448 }
449 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php