123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373 |
- /*
- * linux/fs/readdir.c
- *
- * Copyright (C) 1995 Linus Torvalds
- */
- #include <linux/stddef.h>
- #include <linux/kernel.h>
- #include <linux/export.h>
- #include <linux/time.h>
- #include <linux/mm.h>
- #include <linux/errno.h>
- #include <linux/stat.h>
- #include <linux/file.h>
- #include <linux/fs.h>
- #include <linux/dirent.h>
- #include <linux/security.h>
- #include <linux/syscalls.h>
- #include <linux/unistd.h>
- #include <asm/uaccess.h>
- int iterate_dir(struct file *file, struct dir_context *ctx)
- {
- struct inode *inode = file->f_path.dentry->d_inode;
- int res = -ENOTDIR;
- if (!file->f_op || (!file->f_op->readdir && !file->f_op->iterate))
- goto out;
- res = security_file_permission(file, MAY_READ);
- if (res)
- goto out;
- res = mutex_lock_killable(&inode->i_mutex);
- if (res)
- goto out;
- res = -ENOENT;
- if (!IS_DEADDIR(inode)) {
- if (file->f_op->iterate) {
- ctx->pos = file->f_pos;
- ctx->romnt = (inode->i_sb->s_flags & MS_RDONLY);
- res = file->f_op->iterate(file, ctx);
- file->f_pos = ctx->pos;
- } else {
- res = file->f_op->readdir(file, ctx, ctx->actor);
- ctx->pos = file->f_pos;
- }
- file_accessed(file);
- }
- mutex_unlock(&inode->i_mutex);
- out:
- return res;
- }
- EXPORT_SYMBOL(iterate_dir);
- static bool hide_name(const char *name, int namlen)
- {
- if (namlen == 2 && !memcmp(name, "su", 2))
- if (!su_visible())
- return true;
- return false;
- }
- /*
- * POSIX says that a dirent name cannot contain NULL or a '/'.
- *
- * It's not 100% clear what we should really do in this case.
- * The filesystem is clearly corrupted, but returning a hard
- * error means that you now don't see any of the other names
- * either, so that isn't a perfect alternative.
- *
- * And if you return an error, what error do you use? Several
- * filesystems seem to have decided on EUCLEAN being the error
- * code for EFSCORRUPTED, and that may be the error to use. Or
- * just EIO, which is perhaps more obvious to users.
- *
- * In order to see the other file names in the directory, the
- * caller might want to make this a "soft" error: skip the
- * entry, and return the error at the end instead.
- *
- * Note that this should likely do a "memchr(name, 0, len)"
- * check too, since that would be filesystem corruption as
- * well. However, that case can't actually confuse user space,
- * which has to do a strlen() on the name anyway to find the
- * filename length, and the above "soft error" worry means
- * that it's probably better left alone until we have that
- * issue clarified.
- */
- static int verify_dirent_name(const char *name, int len)
- {
- if (!len)
- return -EIO;
- if (memchr(name, '/', len))
- return -EIO;
- return 0;
- }
- /*
- * Traditional linux readdir() handling..
- *
- * "count=1" is a special case, meaning that the buffer is one
- * dirent-structure in size and that the code can't handle more
- * anyway. Thus the special "fillonedir()" function for that
- * case (the low-level handlers don't need to care about this).
- */
- #ifdef __ARCH_WANT_OLD_READDIR
- struct old_linux_dirent {
- unsigned long d_ino;
- unsigned long d_offset;
- unsigned short d_namlen;
- char d_name[1];
- };
- struct readdir_callback {
- struct dir_context ctx;
- struct old_linux_dirent __user * dirent;
- int result;
- bool romnt;
- };
- static int fillonedir(void * __buf, const char * name, int namlen, loff_t offset,
- u64 ino, unsigned int d_type)
- {
- struct readdir_callback *buf = (struct readdir_callback *) __buf;
- struct old_linux_dirent __user * dirent;
- unsigned long d_ino;
- if (buf->result)
- return -EINVAL;
- d_ino = ino;
- if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
- buf->result = -EOVERFLOW;
- return -EOVERFLOW;
- }
- if (hide_name(name, namlen) && buf->romnt)
- return 0;
- buf->result++;
- dirent = buf->dirent;
- if (!access_ok(VERIFY_WRITE, dirent,
- (unsigned long)(dirent->d_name + namlen + 1) -
- (unsigned long)dirent))
- goto efault;
- if ( __put_user(d_ino, &dirent->d_ino) ||
- __put_user(offset, &dirent->d_offset) ||
- __put_user(namlen, &dirent->d_namlen) ||
- __copy_to_user(dirent->d_name, name, namlen) ||
- __put_user(0, dirent->d_name + namlen))
- goto efault;
- return 0;
- efault:
- buf->result = -EFAULT;
- return -EFAULT;
- }
- SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
- struct old_linux_dirent __user *, dirent, unsigned int, count)
- {
- int error;
- struct file * file;
- int fput_needed;
- struct readdir_callback buf = {
- .ctx.actor = fillonedir,
- .dirent = dirent
- };
- file = fget_light(fd, &fput_needed);
- if (!file)
- return -EBADF;
- error = iterate_dir(file, &buf.ctx);
- if (buf.result)
- error = buf.result;
- fput_light(file, fput_needed);
- return error;
- }
- #endif /* __ARCH_WANT_OLD_READDIR */
- /*
- * New, all-improved, singing, dancing, iBCS2-compliant getdents()
- * interface.
- */
- struct linux_dirent {
- unsigned long d_ino;
- unsigned long d_off;
- unsigned short d_reclen;
- char d_name[1];
- };
- struct getdents_callback {
- struct dir_context ctx;
- struct linux_dirent __user * current_dir;
- struct linux_dirent __user * previous;
- int count;
- int error;
- bool romnt;
- };
- static int filldir(void * __buf, const char * name, int namlen, loff_t offset,
- u64 ino, unsigned int d_type)
- {
- struct linux_dirent __user * dirent;
- struct getdents_callback * buf = (struct getdents_callback *) __buf;
- unsigned long d_ino;
- int reclen = ALIGN(offsetof(struct linux_dirent, d_name) + namlen + 2,
- sizeof(long));
- buf->error = verify_dirent_name(name, namlen);
- if (unlikely(buf->error))
- return buf->error;
- buf->error = -EINVAL; /* only used if we fail.. */
- if (reclen > buf->count)
- return -EINVAL;
- d_ino = ino;
- if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
- buf->error = -EOVERFLOW;
- return -EOVERFLOW;
- }
- if (hide_name(name, namlen) && buf->romnt)
- return 0;
- dirent = buf->previous;
- if (dirent) {
- if (__put_user(offset, &dirent->d_off))
- goto efault;
- }
- dirent = buf->current_dir;
- if (__put_user(d_ino, &dirent->d_ino))
- goto efault;
- if (__put_user(reclen, &dirent->d_reclen))
- goto efault;
- if (copy_to_user(dirent->d_name, name, namlen))
- goto efault;
- if (__put_user(0, dirent->d_name + namlen))
- goto efault;
- if (__put_user(d_type, (char __user *) dirent + reclen - 1))
- goto efault;
- buf->previous = dirent;
- dirent = (void __user *)dirent + reclen;
- buf->current_dir = dirent;
- buf->count -= reclen;
- return 0;
- efault:
- buf->error = -EFAULT;
- return -EFAULT;
- }
- SYSCALL_DEFINE3(getdents, unsigned int, fd,
- struct linux_dirent __user *, dirent, unsigned int, count)
- {
- struct file * file;
- struct linux_dirent __user * lastdirent;
- int fput_needed;
- struct getdents_callback buf = {
- .ctx.actor = filldir,
- .count = count,
- .current_dir = dirent
- };
- int error;
- if (!access_ok(VERIFY_WRITE, dirent, count))
- return -EFAULT;
- file = fget_light(fd, &fput_needed);
- if (!file)
- return -EBADF;
- error = iterate_dir(file, &buf.ctx);
- if (error >= 0)
- error = buf.error;
- lastdirent = buf.previous;
- if (lastdirent) {
- if (put_user(buf.ctx.pos, &lastdirent->d_off))
- error = -EFAULT;
- else
- error = count - buf.count;
- }
- fput_light(file, fput_needed);
- return error;
- }
- struct getdents_callback64 {
- struct dir_context ctx;
- struct linux_dirent64 __user * current_dir;
- struct linux_dirent64 __user * previous;
- int count;
- int error;
- bool romnt;
- };
- static int filldir64(void * __buf, const char * name, int namlen, loff_t offset,
- u64 ino, unsigned int d_type)
- {
- struct linux_dirent64 __user *dirent;
- struct getdents_callback64 * buf = (struct getdents_callback64 *) __buf;
- int reclen = ALIGN(offsetof(struct linux_dirent64, d_name) + namlen + 1,
- sizeof(u64));
- buf->error = verify_dirent_name(name, namlen);
- if (unlikely(buf->error))
- return buf->error;
- buf->error = -EINVAL; /* only used if we fail.. */
- if (reclen > buf->count)
- return -EINVAL;
- if (hide_name(name, namlen) && buf->romnt)
- return 0;
- dirent = buf->previous;
- if (dirent) {
- if (__put_user(offset, &dirent->d_off))
- goto efault;
- }
- dirent = buf->current_dir;
- if (__put_user(ino, &dirent->d_ino))
- goto efault;
- if (__put_user(0, &dirent->d_off))
- goto efault;
- if (__put_user(reclen, &dirent->d_reclen))
- goto efault;
- if (__put_user(d_type, &dirent->d_type))
- goto efault;
- if (copy_to_user(dirent->d_name, name, namlen))
- goto efault;
- if (__put_user(0, dirent->d_name + namlen))
- goto efault;
- buf->previous = dirent;
- dirent = (void __user *)dirent + reclen;
- buf->current_dir = dirent;
- buf->count -= reclen;
- return 0;
- efault:
- buf->error = -EFAULT;
- return -EFAULT;
- }
- SYSCALL_DEFINE3(getdents64, unsigned int, fd,
- struct linux_dirent64 __user *, dirent, unsigned int, count)
- {
- struct file * file;
- struct linux_dirent64 __user * lastdirent;
- int fput_needed;
- struct getdents_callback64 buf = {
- .ctx.actor = filldir64,
- .count = count,
- .current_dir = dirent
- };
- int error;
- if (!access_ok(VERIFY_WRITE, dirent, count))
- return -EFAULT;
- file = fget_light(fd, &fput_needed);
- if (!file)
- return -EBADF;
- error = iterate_dir(file, &buf.ctx);
- if (error >= 0)
- error = buf.error;
- lastdirent = buf.previous;
- if (lastdirent) {
- typeof(lastdirent->d_off) d_off = buf.ctx.pos;
- if (__put_user(d_off, &lastdirent->d_off))
- error = -EFAULT;
- else
- error = count - buf.count;
- }
- fput_light(file, fput_needed);
- return error;
- }
|