LXR linux/fs/open.c

   1/*
   2 *  linux/fs/open.c
   3 *
   4 *  Copyright (C) 1991, 1992  Linus Torvalds
   5 */
   6
   7#include <linux/string.h>
   8#include <linux/mm.h>
   9#include <linux/file.h>
  10#include <linux/quotaops.h>
  11#include <linux/fsnotify.h>
  12#include <linux/module.h>
  13#include <linux/slab.h>
  14#include <linux/tty.h>
  15#include <linux/namei.h>
  16#include <linux/backing-dev.h>
  17#include <linux/capability.h>
  18#include <linux/security.h>
  19#include <linux/mount.h>
  20#include <linux/vfs.h>
  21#include <linux/fcntl.h>
  22#include <asm/uaccess.h>
  23#include <linux/fs.h>
  24#include <linux/personality.h>
  25#include <linux/pagemap.h>
  26#include <linux/syscalls.h>
  27#include <linux/rcupdate.h>
  28#include <linux/audit.h>
  29#include <linux/falloc.h>
  30
  31int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
  32{
  33        int retval = -ENODEV;
  34
  35        if (dentry) {
  36                retval = -ENOSYS;
  37                if (dentry->d_sb->s_op->statfs) {
  38                        memset(buf, 0, sizeof(*buf));
  39                        retval = security_sb_statfs(dentry);
  40                        if (retval)
  41                                return retval;
  42                        retval = dentry->d_sb->s_op->statfs(dentry, buf);
  43                        if (retval == 0 && buf->f_frsize == 0)
  44                                buf->f_frsize = buf->f_bsize;
  45                }
  46        }
  47        return retval;
  48}
  49
  50EXPORT_SYMBOL(vfs_statfs);
  51
  52static int vfs_statfs_native(struct dentry *dentry, struct statfs *buf)
  53{
  54        struct kstatfs st;
  55        int retval;
  56
  57        retval = vfs_statfs(dentry, &st);
  58        if (retval)
  59                return retval;
  60
  61        if (sizeof(*buf) == sizeof(st))
  62                memcpy(buf, &st, sizeof(st));
  63        else {
  64                if (sizeof buf->f_blocks == 4) {
  65                        if ((st.f_blocks | st.f_bfree | st.f_bavail) &
  66                            0xffffffff00000000ULL)
  67                                return -EOVERFLOW;
  68                        /*
  69                         * f_files and f_ffree may be -1; it's okay to stuff
  70                         * that into 32 bits
  71                         */
  72                        if (st.f_files != -1 &&
  73                            (st.f_files & 0xffffffff00000000ULL))
  74                                return -EOVERFLOW;
  75                        if (st.f_ffree != -1 &&
  76                            (st.f_ffree & 0xffffffff00000000ULL))
  77                                return -EOVERFLOW;
  78                }
  79
  80                buf->f_type = st.f_type;
  81                buf->f_bsize = st.f_bsize;
  82                buf->f_blocks = st.f_blocks;
  83                buf->f_bfree = st.f_bfree;
  84                buf->f_bavail = st.f_bavail;
  85                buf->f_files = st.f_files;
  86                buf->f_ffree = st.f_ffree;
  87                buf->f_fsid = st.f_fsid;
  88                buf->f_namelen = st.f_namelen;
  89                buf->f_frsize = st.f_frsize;
  90                memset(buf->f_spare, 0, sizeof(buf->f_spare));
  91        }
  92        return 0;
  93}
  94
  95static int vfs_statfs64(struct dentry *dentry, struct statfs64 *buf)
  96{
  97        struct kstatfs st;
  98        int retval;
  99
 100        retval = vfs_statfs(dentry, &st);
 101        if (retval)
 102                return retval;
 103
 104        if (sizeof(*buf) == sizeof(st))
 105                memcpy(buf, &st, sizeof(st));
 106        else {
 107                buf->f_type = st.f_type;
 108                buf->f_bsize = st.f_bsize;
 109                buf->f_blocks = st.f_blocks;
 110                buf->f_bfree = st.f_bfree;
 111                buf->f_bavail = st.f_bavail;
 112                buf->f_files = st.f_files;
 113                buf->f_ffree = st.f_ffree;
 114                buf->f_fsid = st.f_fsid;
 115                buf->f_namelen = st.f_namelen;
 116                buf->f_frsize = st.f_frsize;
 117                memset(buf->f_spare, 0, sizeof(buf->f_spare));
 118        }
 119        return 0;
 120}
 121
 122asmlinkage long sys_statfs(const char __user * path, struct statfs __user * buf)
 123{
 124        struct nameidata nd;
 125        int error;
 126
 127        error = user_path_walk(path, &nd);
 128        if (!error) {
 129                struct statfs tmp;
 130                error = vfs_statfs_native(nd.dentry, &tmp);
 131                if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
 132                        error = -EFAULT;
 133                path_release(&nd);
 134        }
 135        return error;
 136}
 137
 138
 139asmlinkage long sys_statfs64(const char __user *path, size_t sz, struct statfs64 __user *buf)
 140{
 141        struct nameidata nd;
 142        long error;
 143
 144        if (sz != sizeof(*buf))
 145                return -EINVAL;
 146        error = user_path_walk(path, &nd);
 147        if (!error) {
 148                struct statfs64 tmp;
 149                error = vfs_statfs64(nd.dentry, &tmp);
 150                if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
 151                        error = -EFAULT;
 152                path_release(&nd);
 153        }
 154        return error;
 155}
 156
 157
 158asmlinkage long sys_fstatfs(unsigned int fd, struct statfs __user * buf)
 159{
 160        struct file * file;
 161        struct statfs tmp;
 162        int error;
 163
 164        error = -EBADF;
 165        file = fget(fd);
 166        if (!file)
 167                goto out;
 168        error = vfs_statfs_native(file->f_path.dentry, &tmp);
 169        if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
 170                error = -EFAULT;
 171        fput(file);
 172out:
 173        return error;
 174}
 175
 176asmlinkage long sys_fstatfs64(unsigned int fd, size_t sz, struct statfs64 __user *buf)
 177{
 178        struct file * file;
 179        struct statfs64 tmp;
 180        int error;
 181
 182        if (sz != sizeof(*buf))
 183                return -EINVAL;
 184
 185        error = -EBADF;
 186        file = fget(fd);
 187        if (!file)
 188                goto out;
 189        error = vfs_statfs64(file->f_path.dentry, &tmp);
 190        if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
 191                error = -EFAULT;
 192        fput(file);
 193out:
 194        return error;
 195}
 196
 197int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs,
 198        struct file *filp)
 199{
 200        int err;
 201        struct iattr newattrs;
 202
 203        /* Not pretty: "inode->i_size" shouldn't really be signed. But it is. */
 204        if (length < 0)
 205                return -EINVAL;
 206
 207        newattrs.ia_size = length;
 208        newattrs.ia_valid = ATTR_SIZE | time_attrs;
 209        if (filp) {
 210                newattrs.ia_file = filp;
 211                newattrs.ia_valid |= ATTR_FILE;
 212        }
 213
 214        /* Remove suid/sgid on truncate too */
 215        newattrs.ia_valid |= should_remove_suid(dentry);
 216
 217        mutex_lock(&dentry->d_inode->i_mutex);
 218        err = notify_change(dentry, &newattrs);
 219        mutex_unlock(&dentry->d_inode->i_mutex);
 220        return err;
 221}
 222
 223static long do_sys_truncate(const char __user * path, loff_t length)
 224{
 225        struct nameidata nd;
 226        struct inode * inode;
 227        int error;
 228
 229        error = -EINVAL;
 230        if (length < 0) /* sorry, but loff_t says... */
 231                goto out;
 232
 233        error = user_path_walk(path, &nd);
 234        if (error)
 235                goto out;
 236        inode = nd.dentry->d_inode;
 237
 238        /* For directories it's -EISDIR, for other non-regulars - -EINVAL */
 239        error = -EISDIR;
 240        if (S_ISDIR(inode->i_mode))
 241                goto dput_and_out;
 242
 243        error = -EINVAL;
 244        if (!S_ISREG(inode->i_mode))
 245                goto dput_and_out;
 246
 247        error = vfs_permission(&nd, MAY_WRITE);
 248        if (error)
 249                goto dput_and_out;
 250
 251        error = -EROFS;
 252        if (IS_RDONLY(inode))
 253                goto dput_and_out;
 254
 255        error = -EPERM;
 256        if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 257                goto dput_and_out;
 258
 259        error = get_write_access(inode);
 260        if (error)
 261                goto dput_and_out;
 262
 263        /*
 264         * Make sure that there are no leases.  get_write_access() protects
 265         * against the truncate racing with a lease-granting setlease().
 266         */
 267        error = break_lease(inode, FMODE_WRITE);
 268        if (error)
 269                goto put_write_and_out;
 270
 271        error = locks_verify_truncate(inode, NULL, length);
 272        if (!error) {
 273                DQUOT_INIT(inode);
 274                error = do_truncate(nd.dentry, length, 0, NULL);
 275        }
 276
 277put_write_and_out:
 278        put_write_access(inode);
 279dput_and_out:
 280        path_release(&nd);
 281out:
 282        return error;
 283}
 284
 285asmlinkage long sys_truncate(const char __user * path, unsigned long length)
 286{
 287        /* on 32-bit boxen it will cut the range 2^31--2^32-1 off */
 288        return do_sys_truncate(path, (long)length);
 289}
 290
 291static long do_sys_ftruncate(unsigned int fd, loff_t length, int small)
 292{
 293        struct inode * inode;
 294        struct dentry *dentry;
 295        struct file * file;
 296        int error;
 297
 298        error = -EINVAL;
 299        if (length < 0)
 300                goto out;
 301        error = -EBADF;
 302        file = fget(fd);
 303        if (!file)
 304                goto out;
 305
 306        /* explicitly opened as large or we are on 64-bit box */
 307        if (file->f_flags & O_LARGEFILE)
 308                small = 0;
 309
 310        dentry = file->f_path.dentry;
 311        inode = dentry->d_inode;
 312        error = -EINVAL;
 313        if (!S_ISREG(inode->i_mode) || !(file->f_mode & FMODE_WRITE))
 314                goto out_putf;
 315
 316        error = -EINVAL;
 317        /* Cannot ftruncate over 2^31 bytes without large file support */
 318        if (small && length > MAX_NON_LFS)
 319                goto out_putf;
 320
 321        error = -EPERM;
 322        if (IS_APPEND(inode))
 323                goto out_putf;
 324
 325        error = locks_verify_truncate(inode, file, length);
 326        if (!error)
 327                error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
 328out_putf:
 329        fput(file);
 330out:
 331        return error;
 332}
 333
 334asmlinkage long sys_ftruncate(unsigned int fd, unsigned long length)
 335{
 336        long ret = do_sys_ftruncate(fd, length, 1);
 337        /* avoid REGPARM breakage on x86: */
 338        prevent_tail_call(ret);
 339        return ret;
 340}
 341
 342/* LFS versions of truncate are only needed on 32 bit machines */
 343#if BITS_PER_LONG == 32
 344asmlinkage long sys_truncate64(const char __user * path, loff_t length)
 345{
 346        return do_sys_truncate(path, length);
 347}
 348
 349asmlinkage long sys_ftruncate64(unsigned int fd, loff_t length)
 350{
 351        long ret = do_sys_ftruncate(fd, length, 0);
 352        /* avoid REGPARM breakage on x86: */
 353        prevent_tail_call(ret);
 354        return ret;
 355}
 356#endif
 357
 358asmlinkage long sys_fallocate(int fd, int mode, loff_t offset, loff_t len)
 359{
 360        struct file *file;
 361        struct inode *inode;
 362        long ret = -EINVAL;
 363
 364        if (offset < 0 || len <= 0)
 365                goto out;
 366
 367        /* Return error if mode is not supported */
 368        ret = -EOPNOTSUPP;
 369        if (mode && !(mode & FALLOC_FL_KEEP_SIZE))
 370                goto out;
 371
 372        ret = -EBADF;
 373        file = fget(fd);
 374        if (!file)
 375                goto out;
 376        if (!(file->f_mode & FMODE_WRITE))
 377                goto out_fput;
 378        /*
 379         * Revalidate the write permissions, in case security policy has
 380         * changed since the files were opened.
 381         */
 382        ret = security_file_permission(file, MAY_WRITE);
 383        if (ret)
 384                goto out_fput;
 385
 386        inode = file->f_path.dentry->d_inode;
 387
 388        ret = -ESPIPE;
 389        if (S_ISFIFO(inode->i_mode))
 390                goto out_fput;
 391
 392        ret = -ENODEV;
 393        /*
 394         * Let individual file system decide if it supports preallocation
 395         * for directories or not.
 396         */
 397        if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
 398                goto out_fput;
 399
 400        ret = -EFBIG;
 401        /* Check for wrap through zero too */
 402        if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0))
 403                goto out_fput;
 404
 405        if (inode->i_op && inode->i_op->fallocate)
 406                ret = inode->i_op->fallocate(inode, mode, offset, len);
 407        else
 408                ret = -EOPNOTSUPP;
 409
 410out_fput:
 411        fput(file);
 412out:
 413        return ret;
 414}
 415
 416/*
 417 * access() needs to use the real uid/gid, not the effective uid/gid.
 418 * We do this by temporarily clearing all FS-related capabilities and
 419 * switching the fsuid/fsgid around to the real ones.
 420 */
 421asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
 422{
 423        struct nameidata nd;
 424        int old_fsuid, old_fsgid;
 425        kernel_cap_t old_cap;
 426        int res;
 427
 428        if (mode & ~S_IRWXO)    /* where's F_OK, X_OK, W_OK, R_OK? */
 429                return -EINVAL;
 430
 431        old_fsuid = current->fsuid;
 432        old_fsgid = current->fsgid;
 433        old_cap = current->cap_effective;
 434
 435        current->fsuid = current->uid;
 436        current->fsgid = current->gid;
 437
 438        /*
 439         * Clear the capabilities if we switch to a non-root user
 440         *
 441         * FIXME: There is a race here against sys_capset.  The
 442         * capabilities can change yet we will restore the old
 443         * value below.  We should hold task_capabilities_lock,
 444         * but we cannot because user_path_walk can sleep.
 445         */
 446        if (current->uid)
 447                cap_clear(current->cap_effective);
 448        else
 449                current->cap_effective = current->cap_permitted;
 450
 451        res = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW|LOOKUP_ACCESS, &nd);
 452        if (res)
 453                goto out;
 454
 455        res = vfs_permission(&nd, mode);
 456        /* SuS v2 requires we report a read only fs too */
 457        if(res || !(mode & S_IWOTH) ||
 458           special_file(nd.dentry->d_inode->i_mode))
 459                goto out_path_release;
 460
 461        if(IS_RDONLY(nd.dentry->d_inode))
 462                res = -EROFS;
 463
 464out_path_release:
 465        path_release(&nd);
 466out:
 467        current->fsuid = old_fsuid;
 468        current->fsgid = old_fsgid;
 469        current->cap_effective = old_cap;
 470
 471        return res;
 472}
 473
 474asmlinkage long sys_access(const char __user *filename, int mode)
 475{
 476        return sys_faccessat(AT_FDCWD, filename, mode);
 477}
 478
 479asmlinkage long sys_chdir(const char __user * filename)
 480{
 481        struct nameidata nd;
 482        int error;
 483
 484        error = __user_walk(filename,
 485                            LOOKUP_FOLLOW|LOOKUP_DIRECTORY|LOOKUP_CHDIR, &nd);
 486        if (error)
 487                goto out;
 488
 489        error = vfs_permission(&nd, MAY_EXEC);
 490        if (error)
 491                goto dput_and_out;
 492
 493        set_fs_pwd(current->fs, nd.mnt, nd.dentry);
 494
 495dput_and_out:
 496        path_release(&nd);
 497out:
 498        return error;
 499}
 500
 501asmlinkage long sys_fchdir(unsigned int fd)
 502{
 503        struct file *file;
 504        struct dentry *dentry;
 505        struct inode *inode;
 506        struct vfsmount *mnt;
 507        int error;
 508
 509        error = -EBADF;
 510        file = fget(fd);
 511        if (!file)
 512                goto out;
 513
 514        dentry = file->f_path.dentry;
 515        mnt = file->f_path.mnt;
 516        inode = dentry->d_inode;
 517
 518        error = -ENOTDIR;
 519        if (!S_ISDIR(inode->i_mode))
 520                goto out_putf;
 521
 522        error = file_permission(file, MAY_EXEC);
 523        if (!error)
 524                set_fs_pwd(current->fs, mnt, dentry);
 525out_putf:
 526        fput(file);
 527out:
 528        return error;
 529}
 530
 531asmlinkage long sys_chroot(const char __user * filename)
 532{
 533        struct nameidata nd;
 534        int error;
 535
 536        error = __user_walk(filename, LOOKUP_FOLLOW | LOOKUP_DIRECTORY | LOOKUP_NOALT, &nd);
 537        if (error)
 538                goto out;
 539
 540        error = vfs_permission(&nd, MAY_EXEC);
 541        if (error)
 542                goto dput_and_out;
 543
 544        error = -EPERM;
 545        if (!capable(CAP_SYS_CHROOT))
 546                goto dput_and_out;
 547
 548        set_fs_root(current->fs, nd.mnt, nd.dentry);
 549        set_fs_altroot();
 550        error = 0;
 551dput_and_out:
 552        path_release(&nd);
 553out:
 554        return error;
 555}
 556
 557asmlinkage long sys_fchmod(unsigned int fd, mode_t mode)
 558{
 559        struct inode * inode;
 560        struct dentry * dentry;
 561        struct file * file;
 562        int err = -EBADF;
 563        struct iattr newattrs;
 564
 565        file = fget(fd);
 566        if (!file)
 567                goto out;
 568
 569        dentry = file->f_path.dentry;
 570        inode = dentry->d_inode;
 571
 572        audit_inode(NULL, dentry);
 573
 574        err = -EROFS;
 575        if (IS_RDONLY(inode))
 576                goto out_putf;
 577        err = -EPERM;
 578        if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 579                goto out_putf;
 580        mutex_lock(&inode->i_mutex);
 581        if (mode == (mode_t) -1)
 582                mode = inode->i_mode;
 583        newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
 584        newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
 585        err = notify_change(dentry, &newattrs);
 586        mutex_unlock(&inode->i_mutex);
 587
 588out_putf:
 589        fput(file);
 590out:
 591        return err;
 592}
 593
 594asmlinkage long sys_fchmodat(int dfd, const char __user *filename,
 595                             mode_t mode)
 596{
 597        struct nameidata nd;
 598        struct inode * inode;
 599        int error;
 600        struct iattr newattrs;
 601
 602        error = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW, &nd);
 603        if (error)
 604                goto out;
 605        inode = nd.dentry->d_inode;
 606
 607        error = -EROFS;
 608        if (IS_RDONLY(inode))
 609                goto dput_and_out;
 610
 611        error = -EPERM;
 612        if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 613                goto dput_and_out;
 614
 615        mutex_lock(&inode->i_mutex);
 616        if (mode == (mode_t) -1)
 617                mode = inode->i_mode;
 618        newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
 619        newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
 620        error = notify_change(nd.dentry, &newattrs);
 621        mutex_unlock(&inode->i_mutex);
 622
 623dput_and_out:
 624        path_release(&nd);
 625out:
 626        return error;
 627}
 628
 629asmlinkage long sys_chmod(const char __user *filename, mode_t mode)
 630{
 631        return sys_fchmodat(AT_FDCWD, filename, mode);
 632}
 633
 634static int chown_common(struct dentry * dentry, uid_t user, gid_t group)
 635{
 636        struct inode * inode;
 637        int error;
 638        struct iattr newattrs;
 639
 640        error = -ENOENT;
 641        if (!(inode = dentry->d_inode)) {
 642                printk(KERN_ERR "chown_common: NULL inode\n");
 643                goto out;
 644        }
 645        error = -EROFS;
 646        if (IS_RDONLY(inode))
 647                goto out;
 648        error = -EPERM;
 649        if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 650                goto out;
 651        newattrs.ia_valid =  ATTR_CTIME;
 652        if (user != (uid_t) -1) {
 653                newattrs.ia_valid |= ATTR_UID;
 654                newattrs.ia_uid = user;
 655        }
 656        if (group != (gid_t) -1) {
 657                newattrs.ia_valid |= ATTR_GID;
 658                newattrs.ia_gid = group;
 659        }
 660        if (!S_ISDIR(inode->i_mode))
 661                newattrs.ia_valid |=
 662                        ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV;
 663        mutex_lock(&inode->i_mutex);
 664        error = notify_change(dentry, &newattrs);
 665        mutex_unlock(&inode->i_mutex);
 666out:
 667        return error;
 668}
 669
 670asmlinkage long sys_chown(const char __user * filename, uid_t user, gid_t group)
 671{
 672        struct nameidata nd;
 673        int error;
 674
 675        error = user_path_walk(filename, &nd);
 676        if (error)
 677                goto out;
 678        error = chown_common(nd.dentry, user, group);
 679        path_release(&nd);
 680out:
 681        return error;
 682}
 683
 684asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
 685                             gid_t group, int flag)
 686{
 687        struct nameidata nd;
 688        int error = -EINVAL;
 689        int follow;
 690
 691        if ((flag & ~AT_SYMLINK_NOFOLLOW) != 0)
 692                goto out;
 693
 694        follow = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW;
 695        error = __user_walk_fd(dfd, filename, follow, &nd);
 696        if (error)
 697                goto out;
 698        error = chown_common(nd.dentry, user, group);
 699        path_release(&nd);
 700out:
 701        return error;
 702}
 703
 704asmlinkage long sys_lchown(const char __user * filename, uid_t user, gid_t group)
 705{
 706        struct nameidata nd;
 707        int error;
 708
 709        error = user_path_walk_link(filename, &nd);
 710        if (error)
 711                goto out;
 712        error = chown_common(nd.dentry, user, group);
 713        path_release(&nd);
 714out:
 715        return error;
 716}
 717
 718
 719asmlinkage long sys_fchown(unsigned int fd, uid_t user, gid_t group)
 720{
 721        struct file * file;
 722        int error = -EBADF;
 723        struct dentry * dentry;
 724
 725        file = fget(fd);
 726        if (!file)
 727                goto out;
 728
 729        dentry = file->f_path.dentry;
 730        audit_inode(NULL, dentry);
 731        error = chown_common(dentry, user, group);
 732        fput(file);
 733out:
 734        return error;
 735}
 736
 737static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
 738                                        int flags, struct file *f,
 739                                        int (*open)(struct inode *, struct file *))
 740{
 741        struct inode *inode;
 742        int error;
 743
 744        f->f_flags = flags;
 745        f->f_mode = ((flags+1) & O_ACCMODE) | FMODE_LSEEK |
 746                                FMODE_PREAD | FMODE_PWRITE;
 747        inode = dentry->d_inode;
 748        if (f->f_mode & FMODE_WRITE) {
 749                error = get_write_access(inode);
 750                if (error)
 751                        goto cleanup_file;
 752        }
 753
 754        f->f_mapping = inode->i_mapping;
 755        f->f_path.dentry = dentry;
 756        f->f_path.mnt = mnt;
 757        f->f_pos = 0;
 758        f->f_op = fops_get(inode->i_fop);
 759        file_move(f, &inode->i_sb->s_files);
 760
 761        error = security_dentry_open(f);
 762        if (error)
 763                goto cleanup_all;
 764
 765        if (!open && f->f_op)
 766                open = f->f_op->open;
 767        if (open) {
 768                error = open(inode, f);
 769                if (error)
 770                        goto cleanup_all;
 771        }
 772
 773        f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
 774
 775        file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping);
 776
 777        /* NB: we're sure to have correct a_ops only after f_op->open */
 778        if (f->f_flags & O_DIRECT) {
 779                if (!f->f_mapping->a_ops ||
 780                    ((!f->f_mapping->a_ops->direct_IO) &&
 781                    (!f->f_mapping->a_ops->get_xip_page))) {
 782                        fput(f);
 783                        f = ERR_PTR(-EINVAL);
 784                }
 785        }
 786
 787        return f;
 788
 789cleanup_all:
 790        fops_put(f->f_op);
 791        if (f->f_mode & FMODE_WRITE)
 792                put_write_access(inode);
 793        file_kill(f);
 794        f->f_path.dentry = NULL;
 795        f->f_path.mnt = NULL;
 796cleanup_file:
 797        put_filp(f);
 798        dput(dentry);
 799        mntput(mnt);
 800        return ERR_PTR(error);
 801}
 802
 803/*
 804 * Note that while the flag value (low two bits) for sys_open means:
 805 *      00 - read-only
 806 *      01 - write-only
 807 *      10 - read-write
 808 *      11 - special
 809 * it is changed into
 810 *      00 - no permissions needed
 811 *      01 - read-permission
 812 *      10 - write-permission
 813 *      11 - read-write
 814 * for the internal routines (ie open_namei()/follow_link() etc). 00 is
 815 * used by symlinks.
 816 */
 817static struct file *do_filp_open(int dfd, const char *filename, int flags,
 818                                 int mode)
 819{
 820        int namei_flags, error;
 821        struct nameidata nd;
 822
 823        namei_flags = flags;
 824        if ((namei_flags+1) & O_ACCMODE)
 825                namei_flags++;
 826
 827        error = open_namei(dfd, filename, namei_flags, mode, &nd);
 828        if (!error)
 829                return nameidata_to_filp(&nd, flags);
 830
 831        return ERR_PTR(error);
 832}
 833
 834struct file *filp_open(const char *filename, int flags, int mode)
 835{
 836        return do_filp_open(AT_FDCWD, filename, flags, mode);
 837}
 838EXPORT_SYMBOL(filp_open);
 839
 840/**
 841 * lookup_instantiate_filp - instantiates the open intent filp
 842 * @nd: pointer to nameidata
 843 * @dentry: pointer to dentry
 844 * @open: open callback
 845 *
 846 * Helper for filesystems that want to use lookup open intents and pass back
 847 * a fully instantiated struct file to the caller.
 848 * This function is meant to be called from within a filesystem's
 849 * lookup method.
 850 * Beware of calling it for non-regular files! Those ->open methods might block
 851 * (e.g. in fifo_open), leaving you with parent locked (and in case of fifo,
 852 * leading to a deadlock, as nobody can open that fifo anymore, because
 853 * another process to open fifo will block on locked parent when doing lookup).
 854 * Note that in case of error, nd->intent.open.file is destroyed, but the
 855 * path information remains valid.
 856 * If the open callback is set to NULL, then the standard f_op->open()
 857 * filesystem callback is substituted.
 858 */
 859struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry,
 860                int (*open)(struct inode *, struct file *))
 861{
 862        if (IS_ERR(nd->intent.open.file))
 863                goto out;
 864        if (IS_ERR(dentry))
 865                goto out_err;
 866        nd->intent.open.file = __dentry_open(dget(dentry), mntget(nd->mnt),
 867                                             nd->intent.open.flags - 1,
 868                                             nd->intent.open.file,
 869                                             open);
 870out:
 871        return nd->intent.open.file;
 872out_err:
 873        release_open_intent(nd);
 874        nd->intent.open.file = (struct file *)dentry;
 875        goto out;
 876}
 877EXPORT_SYMBOL_GPL(lookup_instantiate_filp);
 878
 879/**
 880 * nameidata_to_filp - convert a nameidata to an open filp.
 881 * @nd: pointer to nameidata
 882 * @flags: open flags
 883 *
 884 * Note that this function destroys the original nameidata
 885 */
 886struct file *nameidata_to_filp(struct nameidata *nd, int flags)
 887{
 888        struct file *filp;
 889
 890        /* Pick up the filp from the open intent */
 891        filp = nd->intent.open.file;
 892        /* Has the filesystem initialised the file for us? */
 893        if (filp->f_path.dentry == NULL)
 894                filp = __dentry_open(nd->dentry, nd->mnt, flags, filp, NULL);
 895        else
 896                path_release(nd);
 897        return filp;
 898}
 899
 900/*
 901 * dentry_open() will have done dput(dentry) and mntput(mnt) if it returns an
 902 * error.
 903 */
 904struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags)
 905{
 906        int error;
 907        struct file *f;
 908
 909        error = -ENFILE;
 910        f = get_empty_filp();
 911        if (f == NULL) {
 912                dput(dentry);
 913                mntput(mnt);
 914                return ERR_PTR(error);
 915        }
 916
 917        return __dentry_open(dentry, mnt, flags, f, NULL);
 918}
 919EXPORT_SYMBOL(dentry_open);
 920
 921/*
 922 * Find an empty file descriptor entry, and mark it busy.
 923 */
 924int get_unused_fd_flags(int flags)
 925{
 926        struct files_struct * files = current->files;
 927        int fd, error;
 928        struct fdtable *fdt;
 929
 930        error = -EMFILE;
 931        spin_lock(&files->file_lock);
 932
 933repeat:
 934        fdt = files_fdtable(files);
 935        fd = find_next_zero_bit(fdt->open_fds->fds_bits, fdt->max_fds,
 936                                files->next_fd);
 937
 938        /*
 939         * N.B. For clone tasks sharing a files structure, this test
 940         * will limit the total number of files that can be opened.
 941         */
 942        if (fd >= current->signal->rlim[RLIMIT_NOFILE].rlim_cur)
 943                goto out;
 944
 945        /* Do we need to expand the fd array or fd set?  */
 946        error = expand_files(files, fd);
 947        if (error < 0)
 948                goto out;
 949
 950        if (error) {
 951                /*
 952                 * If we needed to expand the fs array we
 953                 * might have blocked - try again.
 954                 */
 955                error = -EMFILE;
 956                goto repeat;
 957        }
 958
 959        FD_SET(fd, fdt->open_fds);
 960        if (flags & O_CLOEXEC)
 961                FD_SET(fd, fdt->close_on_exec);
 962        else
 963                FD_CLR(fd, fdt->close_on_exec);
 964        files->next_fd = fd + 1;
 965#if 1
 966        /* Sanity check */
 967        if (fdt->fd[fd] != NULL) {
 968                printk(KERN_WARNING "get_unused_fd: slot %d not NULL!\n", fd);
 969                fdt->fd[fd] = NULL;
 970        }
 971#endif
 972        error = fd;
 973
 974out:
 975        spin_unlock(&files->file_lock);
 976        return error;
 977}
 978
 979int get_unused_fd(void)
 980{
 981        return get_unused_fd_flags(0);
 982}
 983
 984EXPORT_SYMBOL(get_unused_fd);
 985
 986static void __put_unused_fd(struct files_struct *files, unsigned int fd)
 987{
 988        struct fdtable *fdt = files_fdtable(files);
 989        __FD_CLR(fd, fdt->open_fds);
 990        if (fd < files->next_fd)
 991                files->next_fd = fd;
 992}
 993
 994void fastcall put_unused_fd(unsigned int fd)
 995{
 996        struct files_struct *files = current->files;
 997        spin_lock(&files->file_lock);
 998        __put_unused_fd(files, fd);
 999        spin_unlock(&files->file_lock);
1000}

1001
1002EXPORT_SYMBOL(put_unused_fd);
1003
1004/*
1005 * Install a file pointer in the fd array.
1006 *
1007 * The VFS is full of places where we drop the files lock between
1008 * setting the open_fds bitmap and installing the file in the file
1009 * array.  At any such point, we are vulnerable to a dup2() race
1010 * installing a file in the array before us.  We need to detect this and
1011 * fput() the struct file we are about to overwrite in this case.
1012 *
1013 * It should never happen - if we allow dup2() do it, _really_ bad things
1014 * will follow.
1015 */
1016
1017void fastcall fd_install(unsigned int fd, struct file * file)
1018{
1019        struct files_struct *files = current->files;
1020        struct fdtable *fdt;
1021        spin_lock(&files->file_lock);
1022        fdt = files_fdtable(files);
1023        BUG_ON(fdt->fd[fd] != NULL);
1024        rcu_assign_pointer(fdt->fd[fd], file);
1025        spin_unlock(&files->file_lock);
1026}
1027
1028EXPORT_SYMBOL(fd_install);
1029
1030long do_sys_open(int dfd, const char __user *filename, int flags, int mode)
1031{
1032        char *tmp = getname(filename);
1033        int fd = PTR_ERR(tmp);
1034
1035        if (!IS_ERR(tmp)) {
1036                fd = get_unused_fd_flags(flags);
1037                if (fd >= 0) {
1038                        struct file *f = do_filp_open(dfd, tmp, flags, mode);
1039                        if (IS_ERR(f)) {
1040                                put_unused_fd(fd);
1041                                fd = PTR_ERR(f);
1042                        } else {
1043                                fsnotify_open(f->f_path.dentry);
1044                                fd_install(fd, f);
1045                        }
1046                }
1047                putname(tmp);
1048        }
1049        return fd;
1050}
1051
1052asmlinkage long sys_open(const char __user *filename, int flags, int mode)
1053{
1054        long ret;
1055
1056        if (force_o_largefile())
1057                flags |= O_LARGEFILE;
1058
1059        ret = do_sys_open(AT_FDCWD, filename, flags, mode);
1060        /* avoid REGPARM breakage on x86: */
1061        prevent_tail_call(ret);
1062        return ret;
1063}
1064EXPORT_UNUSED_SYMBOL_GPL(sys_open); /* To be deleted for 2.6.25 */
1065
1066asmlinkage long sys_openat(int dfd, const char __user *filename, int flags,
1067                           int mode)
1068{
1069        long ret;
1070
1071        if (force_o_largefile())
1072                flags |= O_LARGEFILE;
1073
1074        ret = do_sys_open(dfd, filename, flags, mode);
1075        /* avoid REGPARM breakage on x86: */
1076        prevent_tail_call(ret);
1077        return ret;
1078}
1079
1080#ifndef __alpha__
1081
1082/*
1083 * For backward compatibility?  Maybe this should be moved
1084 * into arch/i386 instead?
1085 */
1086asmlinkage long sys_creat(const char __user * pathname, int mode)
1087{
1088        return sys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode);
1089}
1090
1091#endif
1092
1093/*
1094 * "id" is the POSIX thread ID. We use the
1095 * files pointer for this..
1096 */
1097int filp_close(struct file *filp, fl_owner_t id)
1098{
1099        int retval = 0;
1100
1101        if (!file_count(filp)) {
1102                printk(KERN_ERR "VFS: Close: file count is 0\n");
1103                return 0;
1104        }
1105
1106        if (filp->f_op && filp->f_op->flush)
1107                retval = filp->f_op->flush(filp, id);
1108
1109        dnotify_flush(filp, id);
1110        locks_remove_posix(filp, id);
1111        fput(filp);
1112        return retval;
1113}
1114
1115EXPORT_SYMBOL(filp_close);
1116
1117/*
1118 * Careful here! We test whether the file pointer is NULL before
1119 * releasing the fd. This ensures that one clone task can't release
1120 * an fd while another clone is opening it.
1121 */
1122asmlinkage long sys_close(unsigned int fd)
1123{
1124        struct file * filp;
1125        struct files_struct *files = current->files;
1126        struct fdtable *fdt;
1127        int retval;
1128
1129        spin_lock(&files->file_lock);
1130        fdt = files_fdtable(files);
1131        if (fd >= fdt->max_fds)
1132                goto out_unlock;
1133        filp = fdt->fd[fd];
1134        if (!filp)
1135                goto out_unlock;
1136        rcu_assign_pointer(fdt->fd[fd], NULL);
1137        FD_CLR(fd, fdt->close_on_exec);
1138        __put_unused_fd(files, fd);
1139        spin_unlock(&files->file_lock);
1140        retval = filp_close(filp, files);
1141
1142        /* can't restart close syscall because file table entry was cleared */
1143        if (unlikely(retval == -ERESTARTSYS ||
1144                     retval == -ERESTARTNOINTR ||
1145                     retval == -ERESTARTNOHAND ||
1146                     retval == -ERESTART_RESTARTBLOCK))
1147                retval = -EINTR;
1148
1149        return retval;
1150
1151out_unlock:
1152        spin_unlock(&files->file_lock);
1153        return -EBADF;
1154}
1155
1156EXPORT_SYMBOL(sys_close);
1157
1158/*
1159 * This routine simulates a hangup on the tty, to arrange that users
1160 * are given clean terminals at login time.
1161 */
1162asmlinkage long sys_vhangup(void)
1163{
1164        if (capable(CAP_SYS_TTY_CONFIG)) {
1165                /* XXX: this needs locking */
1166                tty_vhangup(current->signal->tty);
1167                return 0;
1168        }
1169        return -EPERM;
1170}
1171
1172/*
1173 * Called when an inode is about to be open.
1174 * We use this to disallow opening large files on 32bit systems if
1175 * the caller didn't specify O_LARGEFILE.  On 64bit systems we force
1176 * on this flag in sys_open.
1177 */
1178int generic_file_open(struct inode * inode, struct file * filp)
1179{
1180        if (!(filp->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS)
1181                return -EOVERFLOW;
1182        return 0;
1183}
1184
1185EXPORT_SYMBOL(generic_file_open);
1186
1187/*
1188 * This is used by subsystems that don't want seekable
1189 * file descriptors
1190 */
1191int nonseekable_open(struct inode *inode, struct file *filp)
1192{
1193        filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE);
1194        return 0;
1195}
1196
1197EXPORT_SYMBOL(nonseekable_open);
1198