[mirror_ubuntu-bionic-kernel.git] / fs / readdir.c

// SPDX-License-Identifier: GPL-2.0
/*
 *  linux/fs/readdir.c
 *
 *  Copyright (C) 1995  Linus Torvalds
 */

#include <linux/stddef.h>
#include <linux/kernel.h>
#include <linux/export.h>
#include <linux/time.h>
#include <linux/mm.h>
#include <linux/errno.h>
#include <linux/stat.h>
#include <linux/file.h>
#include <linux/fs.h>
#include <linux/fsnotify.h>
#include <linux/dirent.h>
#include <linux/security.h>
#include <linux/syscalls.h>
#include <linux/unistd.h>
#include <linux/compat.h>

#include <linux/uaccess.h>

int iterate_dir(struct file *file, struct dir_context *ctx)
{
	struct inode *inode = file_inode(file);
	bool shared = false;
	int res = -ENOTDIR;
	if (file->f_op->iterate_shared)
		shared = true;
	else if (!file->f_op->iterate)
		goto out;

	res = security_file_permission(file, MAY_READ);
	if (res)
		goto out;

	if (shared)
		res = down_read_killable(&inode->i_rwsem);
	else
		res = down_write_killable(&inode->i_rwsem);
	if (res)
		goto out;

	res = -ENOENT;
	if (!IS_DEADDIR(inode)) {
		ctx->pos = file->f_pos;
		if (shared)
			res = file->f_op->iterate_shared(file, ctx);
		else
			res = file->f_op->iterate(file, ctx);
		file->f_pos = ctx->pos;
		fsnotify_access(file);
		file_accessed(file);
	}
	if (shared)
		inode_unlock_shared(inode);
	else
		inode_unlock(inode);
out:
	return res;
}
EXPORT_SYMBOL(iterate_dir);

/*
 * POSIX says that a dirent name cannot contain NULL or a '/'.
 *
 * It's not 100% clear what we should really do in this case.
 * The filesystem is clearly corrupted, but returning a hard
 * error means that you now don't see any of the other names
 * either, so that isn't a perfect alternative.
 *
 * And if you return an error, what error do you use? Several
 * filesystems seem to have decided on EUCLEAN being the error
 * code for EFSCORRUPTED, and that may be the error to use. Or
 * just EIO, which is perhaps more obvious to users.
 *
 * In order to see the other file names in the directory, the
 * caller might want to make this a "soft" error: skip the
 * entry, and return the error at the end instead.
 *
 * Note that this should likely do a "memchr(name, 0, len)"
 * check too, since that would be filesystem corruption as
 * well. However, that case can't actually confuse user space,
 * which has to do a strlen() on the name anyway to find the
 * filename length, and the above "soft error" worry means
 * that it's probably better left alone until we have that
 * issue clarified.
 */
static int verify_dirent_name(const char *name, int len)
{
	if (!len)
		return -EIO;
	if (memchr(name, '/', len))
		return -EIO;
	return 0;
}

/*
 * Traditional linux readdir() handling..
 *
 * "count=1" is a special case, meaning that the buffer is one
 * dirent-structure in size and that the code can't handle more
 * anyway. Thus the special "fillonedir()" function for that
 * case (the low-level handlers don't need to care about this).
 */

#ifdef __ARCH_WANT_OLD_READDIR

struct old_linux_dirent {
	unsigned long	d_ino;
	unsigned long	d_offset;
	unsigned short	d_namlen;
	char		d_name[1];
};

struct readdir_callback {
	struct dir_context ctx;
	struct old_linux_dirent __user * dirent;
	int result;
};

static int fillonedir(struct dir_context *ctx, const char *name, int namlen,
		      loff_t offset, u64 ino, unsigned int d_type)
{
	struct readdir_callback *buf =
		container_of(ctx, struct readdir_callback, ctx);
	struct old_linux_dirent __user * dirent;
	unsigned long d_ino;

	if (buf->result)
		return -EINVAL;
	d_ino = ino;
	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
		buf->result = -EOVERFLOW;
		return -EOVERFLOW;
	}
	buf->result++;
	dirent = buf->dirent;
	if (!access_ok(VERIFY_WRITE, dirent,
			(unsigned long)(dirent->d_name + namlen + 1) -
				(unsigned long)dirent))
		goto efault;
	if (	__put_user(d_ino, &dirent->d_ino) ||
		__put_user(offset, &dirent->d_offset) ||
		__put_user(namlen, &dirent->d_namlen) ||
		__copy_to_user(dirent->d_name, name, namlen) ||
		__put_user(0, dirent->d_name + namlen))
		goto efault;
	return 0;
efault:
	buf->result = -EFAULT;
	return -EFAULT;
}

SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
		struct old_linux_dirent __user *, dirent, unsigned int, count)
{
	int error;
	struct fd f = fdget_pos(fd);
	struct readdir_callback buf = {
		.ctx.actor = fillonedir,
		.dirent = dirent
	};

	if (!f.file)
		return -EBADF;

	error = iterate_dir(f.file, &buf.ctx);
	if (buf.result)
		error = buf.result;

	fdput_pos(f);
	return error;
}

#endif /* __ARCH_WANT_OLD_READDIR */

/*
 * New, all-improved, singing, dancing, iBCS2-compliant getdents()
 * interface. 
 */
struct linux_dirent {
	unsigned long	d_ino;
	unsigned long	d_off;
	unsigned short	d_reclen;
	char		d_name[1];
};

struct getdents_callback {
	struct dir_context ctx;
	struct linux_dirent __user * current_dir;
	struct linux_dirent __user * previous;
	int count;
	int error;
};

static int filldir(struct dir_context *ctx, const char *name, int namlen,
		   loff_t offset, u64 ino, unsigned int d_type)
{
	struct linux_dirent __user * dirent;
	struct getdents_callback *buf =
		container_of(ctx, struct getdents_callback, ctx);
	unsigned long d_ino;
	int reclen = ALIGN(offsetof(struct linux_dirent, d_name) + namlen + 2,
		sizeof(long));

	buf->error = verify_dirent_name(name, namlen);
	if (unlikely(buf->error))
		return buf->error;
	buf->error = -EINVAL;	/* only used if we fail.. */
	if (reclen > buf->count)
		return -EINVAL;
	d_ino = ino;
	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
		buf->error = -EOVERFLOW;
		return -EOVERFLOW;
	}
	dirent = buf->previous;
	if (dirent) {
		if (signal_pending(current))
			return -EINTR;
		if (__put_user(offset, &dirent->d_off))
			goto efault;
	}
	dirent = buf->current_dir;
	if (__put_user(d_ino, &dirent->d_ino))
		goto efault;
	if (__put_user(reclen, &dirent->d_reclen))
		goto efault;
	if (copy_to_user(dirent->d_name, name, namlen))
		goto efault;
	if (__put_user(0, dirent->d_name + namlen))
		goto efault;
	if (__put_user(d_type, (char __user *) dirent + reclen - 1))
		goto efault;
	buf->previous = dirent;
	dirent = (void __user *)dirent + reclen;
	buf->current_dir = dirent;
	buf->count -= reclen;
	return 0;
efault:
	buf->error = -EFAULT;
	return -EFAULT;
}

SYSCALL_DEFINE3(getdents, unsigned int, fd,
		struct linux_dirent __user *, dirent, unsigned int, count)
{
	struct fd f;
	struct linux_dirent __user * lastdirent;
	struct getdents_callback buf = {
		.ctx.actor = filldir,
		.count = count,
		.current_dir = dirent
	};
	int error;

	if (!access_ok(VERIFY_WRITE, dirent, count))
		return -EFAULT;

	f = fdget_pos(fd);
	if (!f.file)
		return -EBADF;

	error = iterate_dir(f.file, &buf.ctx);
	if (error >= 0)
		error = buf.error;
	lastdirent = buf.previous;
	if (lastdirent) {
		if (put_user(buf.ctx.pos, &lastdirent->d_off))
			error = -EFAULT;
		else
			error = count - buf.count;
	}
	fdput_pos(f);
	return error;
}

struct getdents_callback64 {
	struct dir_context ctx;
	struct linux_dirent64 __user * current_dir;
	struct linux_dirent64 __user * previous;
	int count;
	int error;
};

static int filldir64(struct dir_context *ctx, const char *name, int namlen,
		     loff_t offset, u64 ino, unsigned int d_type)
{
	struct linux_dirent64 __user *dirent;
	struct getdents_callback64 *buf =
		container_of(ctx, struct getdents_callback64, ctx);
	int reclen = ALIGN(offsetof(struct linux_dirent64, d_name) + namlen + 1,
		sizeof(u64));

	buf->error = verify_dirent_name(name, namlen);
	if (unlikely(buf->error))
		return buf->error;
	buf->error = -EINVAL;	/* only used if we fail.. */
	if (reclen > buf->count)
		return -EINVAL;
	dirent = buf->previous;
	if (dirent) {
		if (signal_pending(current))
			return -EINTR;
		if (__put_user(offset, &dirent->d_off))
			goto efault;
	}
	dirent = buf->current_dir;
	if (__put_user(ino, &dirent->d_ino))
		goto efault;
	if (__put_user(0, &dirent->d_off))
		goto efault;
	if (__put_user(reclen, &dirent->d_reclen))
		goto efault;
	if (__put_user(d_type, &dirent->d_type))
		goto efault;
	if (copy_to_user(dirent->d_name, name, namlen))
		goto efault;
	if (__put_user(0, dirent->d_name + namlen))
		goto efault;
	buf->previous = dirent;
	dirent = (void __user *)dirent + reclen;
	buf->current_dir = dirent;
	buf->count -= reclen;
	return 0;
efault:
	buf->error = -EFAULT;
	return -EFAULT;
}

SYSCALL_DEFINE3(getdents64, unsigned int, fd,
		struct linux_dirent64 __user *, dirent, unsigned int, count)
{
	struct fd f;
	struct linux_dirent64 __user * lastdirent;
	struct getdents_callback64 buf = {
		.ctx.actor = filldir64,
		.count = count,
		.current_dir = dirent
	};
	int error;

	if (!access_ok(VERIFY_WRITE, dirent, count))
		return -EFAULT;

	f = fdget_pos(fd);
	if (!f.file)
		return -EBADF;

	error = iterate_dir(f.file, &buf.ctx);
	if (error >= 0)
		error = buf.error;
	lastdirent = buf.previous;
	if (lastdirent) {
		typeof(lastdirent->d_off) d_off = buf.ctx.pos;
		if (__put_user(d_off, &lastdirent->d_off))
			error = -EFAULT;
		else
			error = count - buf.count;
	}
	fdput_pos(f);
	return error;
}

#ifdef CONFIG_COMPAT
struct compat_old_linux_dirent {
	compat_ulong_t	d_ino;
	compat_ulong_t	d_offset;
	unsigned short	d_namlen;
	char		d_name[1];
};

struct compat_readdir_callback {
	struct dir_context ctx;
	struct compat_old_linux_dirent __user *dirent;
	int result;
};

static int compat_fillonedir(struct dir_context *ctx, const char *name,
			     int namlen, loff_t offset, u64 ino,
			     unsigned int d_type)
{
	struct compat_readdir_callback *buf =
		container_of(ctx, struct compat_readdir_callback, ctx);
	struct compat_old_linux_dirent __user *dirent;
	compat_ulong_t d_ino;

	if (buf->result)
		return -EINVAL;
	d_ino = ino;
	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
		buf->result = -EOVERFLOW;
		return -EOVERFLOW;
	}
	buf->result++;
	dirent = buf->dirent;
	if (!access_ok(VERIFY_WRITE, dirent,
			(unsigned long)(dirent->d_name + namlen + 1) -
				(unsigned long)dirent))
		goto efault;
	if (	__put_user(d_ino, &dirent->d_ino) ||
		__put_user(offset, &dirent->d_offset) ||
		__put_user(namlen, &dirent->d_namlen) ||
		__copy_to_user(dirent->d_name, name, namlen) ||
		__put_user(0, dirent->d_name + namlen))
		goto efault;
	return 0;
efault:
	buf->result = -EFAULT;
	return -EFAULT;
}

COMPAT_SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
		struct compat_old_linux_dirent __user *, dirent, unsigned int, count)
{
	int error;
	struct fd f = fdget_pos(fd);
	struct compat_readdir_callback buf = {
		.ctx.actor = compat_fillonedir,
		.dirent = dirent
	};

	if (!f.file)
		return -EBADF;

	error = iterate_dir(f.file, &buf.ctx);
	if (buf.result)
		error = buf.result;

	fdput_pos(f);
	return error;
}

struct compat_linux_dirent {
	compat_ulong_t	d_ino;
	compat_ulong_t	d_off;
	unsigned short	d_reclen;
	char		d_name[1];
};

struct compat_getdents_callback {
	struct dir_context ctx;
	struct compat_linux_dirent __user *current_dir;
	struct compat_linux_dirent __user *previous;
	int count;
	int error;
};

static int compat_filldir(struct dir_context *ctx, const char *name, int namlen,
		loff_t offset, u64 ino, unsigned int d_type)
{
	struct compat_linux_dirent __user * dirent;
	struct compat_getdents_callback *buf =
		container_of(ctx, struct compat_getdents_callback, ctx);
	compat_ulong_t d_ino;
	int reclen = ALIGN(offsetof(struct compat_linux_dirent, d_name) +
		namlen + 2, sizeof(compat_long_t));

	buf->error = -EINVAL;	/* only used if we fail.. */
	if (reclen > buf->count)
		return -EINVAL;
	d_ino = ino;
	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
		buf->error = -EOVERFLOW;
		return -EOVERFLOW;
	}
	dirent = buf->previous;
	if (dirent) {
		if (signal_pending(current))
			return -EINTR;
		if (__put_user(offset, &dirent->d_off))
			goto efault;
	}
	dirent = buf->current_dir;
	if (__put_user(d_ino, &dirent->d_ino))
		goto efault;
	if (__put_user(reclen, &dirent->d_reclen))
		goto efault;
	if (copy_to_user(dirent->d_name, name, namlen))
		goto efault;
	if (__put_user(0, dirent->d_name + namlen))
		goto efault;
	if (__put_user(d_type, (char  __user *) dirent + reclen - 1))
		goto efault;
	buf->previous = dirent;
	dirent = (void __user *)dirent + reclen;
	buf->current_dir = dirent;
	buf->count -= reclen;
	return 0;
efault:
	buf->error = -EFAULT;
	return -EFAULT;
}

COMPAT_SYSCALL_DEFINE3(getdents, unsigned int, fd,
		struct compat_linux_dirent __user *, dirent, unsigned int, count)
{
	struct fd f;
	struct compat_linux_dirent __user * lastdirent;
	struct compat_getdents_callback buf = {
		.ctx.actor = compat_filldir,
		.current_dir = dirent,
		.count = count
	};
	int error;

	if (!access_ok(VERIFY_WRITE, dirent, count))
		return -EFAULT;

	f = fdget_pos(fd);
	if (!f.file)
		return -EBADF;

	error = iterate_dir(f.file, &buf.ctx);
	if (error >= 0)
		error = buf.error;
	lastdirent = buf.previous;
	if (lastdirent) {
		if (put_user(buf.ctx.pos, &lastdirent->d_off))
			error = -EFAULT;
		else
			error = count - buf.count;
	}
	fdput_pos(f);
	return error;
}
#endif
Commit	Line	Data
b2441318	1	// SPDX-License-Identifier: GPL-2.0
1da177e4 LT	2	/*
	3	* linux/fs/readdir.c
	4	*
	5	* Copyright (C) 1995 Linus Torvalds
	6	*/
	7
85c9fe8f	8	#include <linux/stddef.h>
022a1692	9	#include <linux/kernel.h>
630d9c47	10	#include <linux/export.h>
1da177e4 LT	11	#include <linux/time.h>
	12	#include <linux/mm.h>
	13	#include <linux/errno.h>
	14	#include <linux/stat.h>
	15	#include <linux/file.h>
1da177e4	16	#include <linux/fs.h>
d4c7cf6c	17	#include <linux/fsnotify.h>
1da177e4 LT	18	#include <linux/dirent.h>
	19	#include <linux/security.h>
	20	#include <linux/syscalls.h>
	21	#include <linux/unistd.h>
0460b2a2	22	#include <linux/compat.h>
1da177e4	23
7c0f6ba6	24	#include <linux/uaccess.h>
1da177e4	25
5c0ba4e0	26	int iterate_dir(struct file file, struct dir_context ctx)
1da177e4	27	{
496ad9aa	28	struct inode *inode = file_inode(file);
61922694	29	bool shared = false;
1da177e4	30	int res = -ENOTDIR;
61922694 AV	31	if (file->f_op->iterate_shared)
	32	shared = true;
	33	else if (!file->f_op->iterate)
1da177e4 LT	34	goto out;
	35
	36	res = security_file_permission(file, MAY_READ);
	37	if (res)
	38	goto out;
	39
0dc208b5 KT	40	if (shared)
	41	res = down_read_killable(&inode->i_rwsem);
	42	else
00235411	43	res = down_write_killable(&inode->i_rwsem);
0dc208b5 KT	44	if (res)
0dc208b5 KT	45	goto out;
da784511	46
1da177e4 LT	47	res = -ENOENT;
1da177e4 LT	48	if (!IS_DEADDIR(inode)) {
2233f31a	49	ctx->pos = file->f_pos;
61922694 AV	50	if (shared)
	51	res = file->f_op->iterate_shared(file, ctx);
	52	else
	53	res = file->f_op->iterate(file, ctx);
2233f31a	54	file->f_pos = ctx->pos;
d4c7cf6c	55	fsnotify_access(file);
1da177e4 LT	56	file_accessed(file);
1da177e4 LT	57	}
61922694 AV	58	if (shared)
	59	inode_unlock_shared(inode);
	60	else
	61	inode_unlock(inode);
1da177e4 LT	62	out:
	63	return res;
	64	}
5c0ba4e0	65	EXPORT_SYMBOL(iterate_dir);
1da177e4	66
d8138509 LT	67	/*
	68	* POSIX says that a dirent name cannot contain NULL or a '/'.
	69	*
	70	* It's not 100% clear what we should really do in this case.
	71	* The filesystem is clearly corrupted, but returning a hard
	72	* error means that you now don't see any of the other names
	73	* either, so that isn't a perfect alternative.
	74	*
	75	* And if you return an error, what error do you use? Several
	76	* filesystems seem to have decided on EUCLEAN being the error
	77	* code for EFSCORRUPTED, and that may be the error to use. Or
	78	* just EIO, which is perhaps more obvious to users.
	79	*
	80	* In order to see the other file names in the directory, the
	81	* caller might want to make this a "soft" error: skip the
	82	* entry, and return the error at the end instead.
	83	*
	84	* Note that this should likely do a "memchr(name, 0, len)"
	85	* check too, since that would be filesystem corruption as
	86	* well. However, that case can't actually confuse user space,
	87	* which has to do a strlen() on the name anyway to find the
	88	* filename length, and the above "soft error" worry means
	89	* that it's probably better left alone until we have that
	90	* issue clarified.
	91	*/
	92	static int verify_dirent_name(const char *name, int len)
	93	{
21ebadb1	94	if (!len)
d8138509	95	return -EIO;
21ebadb1	96	if (memchr(name, '/', len))
d8138509 LT	97	return -EIO;
	98	return 0;
	99	}
	100
1da177e4 LT	101	/*
	102	* Traditional linux readdir() handling..
	103	*
	104	* "count=1" is a special case, meaning that the buffer is one
	105	* dirent-structure in size and that the code can't handle more
	106	* anyway. Thus the special "fillonedir()" function for that
	107	* case (the low-level handlers don't need to care about this).
	108	*/
1da177e4 LT	109
	110	#ifdef __ARCH_WANT_OLD_READDIR
	111
	112	struct old_linux_dirent {
	113	unsigned long d_ino;
	114	unsigned long d_offset;
	115	unsigned short d_namlen;
	116	char d_name[1];
	117	};
	118
	119	struct readdir_callback {
5c0ba4e0	120	struct dir_context ctx;
1da177e4 LT	121	struct old_linux_dirent __user * dirent;
	122	int result;
	123	};
	124
ac7576f4 MS	125	static int fillonedir(struct dir_context ctx, const char name, int namlen,
ac7576f4 MS	126	loff_t offset, u64 ino, unsigned int d_type)
1da177e4	127	{
ac7576f4 MS	128	struct readdir_callback *buf =
ac7576f4 MS	129	container_of(ctx, struct readdir_callback, ctx);
1da177e4	130	struct old_linux_dirent __user * dirent;
afefdbb2	131	unsigned long d_ino;
1da177e4 LT	132
	133	if (buf->result)
	134	return -EINVAL;
afefdbb2	135	d_ino = ino;
8f3f655d AV	136	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
8f3f655d AV	137	buf->result = -EOVERFLOW;
afefdbb2	138	return -EOVERFLOW;
8f3f655d	139	}
1da177e4 LT	140	buf->result++;
	141	dirent = buf->dirent;
	142	if (!access_ok(VERIFY_WRITE, dirent,
	143	(unsigned long)(dirent->d_name + namlen + 1) -
	144	(unsigned long)dirent))
	145	goto efault;
afefdbb2	146	if ( __put_user(d_ino, &dirent->d_ino) \|\|
1da177e4 LT	147	__put_user(offset, &dirent->d_offset) \|\|
	148	__put_user(namlen, &dirent->d_namlen) \|\|
	149	__copy_to_user(dirent->d_name, name, namlen) \|\|
	150	__put_user(0, dirent->d_name + namlen))
	151	goto efault;
	152	return 0;
	153	efault:
	154	buf->result = -EFAULT;
	155	return -EFAULT;
	156	}
	157
d4e82042 HC	158	SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
d4e82042 HC	159	struct old_linux_dirent __user *, dirent, unsigned int, count)
1da177e4 LT	160	{
1da177e4 LT	161	int error;
63b6df14	162	struct fd f = fdget_pos(fd);
ac6614b7 AV	163	struct readdir_callback buf = {
	164	.ctx.actor = fillonedir,
	165	.dirent = dirent
	166	};
1da177e4	167
2903ff01	168	if (!f.file)
863ced7f	169	return -EBADF;
1da177e4	170
5c0ba4e0	171	error = iterate_dir(f.file, &buf.ctx);
53c9c5c0	172	if (buf.result)
1da177e4 LT	173	error = buf.result;
1da177e4 LT	174
63b6df14	175	fdput_pos(f);
1da177e4 LT	176	return error;
	177	}
	178
	179	#endif /* __ARCH_WANT_OLD_READDIR */
	180
	181	/*
	182	* New, all-improved, singing, dancing, iBCS2-compliant getdents()
	183	* interface.
	184	*/
	185	struct linux_dirent {
	186	unsigned long d_ino;
	187	unsigned long d_off;
	188	unsigned short d_reclen;
	189	char d_name[1];
	190	};
	191
	192	struct getdents_callback {
5c0ba4e0	193	struct dir_context ctx;
1da177e4 LT	194	struct linux_dirent __user * current_dir;
	195	struct linux_dirent __user * previous;
	196	int count;
	197	int error;
	198	};
	199
ac7576f4 MS	200	static int filldir(struct dir_context ctx, const char name, int namlen,
ac7576f4 MS	201	loff_t offset, u64 ino, unsigned int d_type)
1da177e4 LT	202	{
1da177e4 LT	203	struct linux_dirent __user * dirent;
ac7576f4 MS	204	struct getdents_callback *buf =
ac7576f4 MS	205	container_of(ctx, struct getdents_callback, ctx);
afefdbb2	206	unsigned long d_ino;
85c9fe8f KW	207	int reclen = ALIGN(offsetof(struct linux_dirent, d_name) + namlen + 2,
85c9fe8f KW	208	sizeof(long));
1da177e4	209
d8138509 LT	210	buf->error = verify_dirent_name(name, namlen);
	211	if (unlikely(buf->error))
	212	return buf->error;
1da177e4 LT	213	buf->error = -EINVAL; /* only used if we fail.. */
	214	if (reclen > buf->count)
	215	return -EINVAL;
afefdbb2	216	d_ino = ino;
8f3f655d AV	217	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
8f3f655d AV	218	buf->error = -EOVERFLOW;
afefdbb2	219	return -EOVERFLOW;
8f3f655d	220	}
1da177e4 LT	221	dirent = buf->previous;
1da177e4 LT	222	if (dirent) {
1f60fbe7 TT	223	if (signal_pending(current))
1f60fbe7 TT	224	return -EINTR;
1da177e4 LT	225	if (__put_user(offset, &dirent->d_off))
	226	goto efault;
	227	}
	228	dirent = buf->current_dir;
afefdbb2	229	if (__put_user(d_ino, &dirent->d_ino))
1da177e4 LT	230	goto efault;
	231	if (__put_user(reclen, &dirent->d_reclen))
	232	goto efault;
	233	if (copy_to_user(dirent->d_name, name, namlen))
	234	goto efault;
	235	if (__put_user(0, dirent->d_name + namlen))
	236	goto efault;
	237	if (__put_user(d_type, (char __user *) dirent + reclen - 1))
	238	goto efault;
	239	buf->previous = dirent;
	240	dirent = (void __user *)dirent + reclen;
	241	buf->current_dir = dirent;
	242	buf->count -= reclen;
	243	return 0;
	244	efault:
	245	buf->error = -EFAULT;
	246	return -EFAULT;
	247	}
	248
20f37034 HC	249	SYSCALL_DEFINE3(getdents, unsigned int, fd,
20f37034 HC	250	struct linux_dirent __user *, dirent, unsigned int, count)
1da177e4	251	{
2903ff01	252	struct fd f;
1da177e4	253	struct linux_dirent __user * lastdirent;
ac6614b7 AV	254	struct getdents_callback buf = {
	255	.ctx.actor = filldir,
	256	.count = count,
	257	.current_dir = dirent
	258	};
1da177e4 LT	259	int error;
1da177e4 LT	260
1da177e4	261	if (!access_ok(VERIFY_WRITE, dirent, count))
863ced7f	262	return -EFAULT;
1da177e4	263
63b6df14	264	f = fdget_pos(fd);
2903ff01	265	if (!f.file)
863ced7f	266	return -EBADF;
1da177e4	267
5c0ba4e0	268	error = iterate_dir(f.file, &buf.ctx);
53c9c5c0 AV	269	if (error >= 0)
53c9c5c0 AV	270	error = buf.error;
1da177e4 LT	271	lastdirent = buf.previous;
1da177e4 LT	272	if (lastdirent) {
bb6f619b	273	if (put_user(buf.ctx.pos, &lastdirent->d_off))
1da177e4 LT	274	error = -EFAULT;
	275	else
	276	error = count - buf.count;
	277	}
63b6df14	278	fdput_pos(f);
1da177e4 LT	279	return error;
	280	}
	281
1da177e4	282	struct getdents_callback64 {
5c0ba4e0	283	struct dir_context ctx;
1da177e4 LT	284	struct linux_dirent64 __user * current_dir;
	285	struct linux_dirent64 __user * previous;
	286	int count;
	287	int error;
	288	};
	289
ac7576f4 MS	290	static int filldir64(struct dir_context ctx, const char name, int namlen,
ac7576f4 MS	291	loff_t offset, u64 ino, unsigned int d_type)
1da177e4 LT	292	{
1da177e4 LT	293	struct linux_dirent64 __user *dirent;
ac7576f4 MS	294	struct getdents_callback64 *buf =
ac7576f4 MS	295	container_of(ctx, struct getdents_callback64, ctx);
85c9fe8f KW	296	int reclen = ALIGN(offsetof(struct linux_dirent64, d_name) + namlen + 1,
85c9fe8f KW	297	sizeof(u64));
1da177e4	298
d8138509 LT	299	buf->error = verify_dirent_name(name, namlen);
	300	if (unlikely(buf->error))
	301	return buf->error;
1da177e4 LT	302	buf->error = -EINVAL; /* only used if we fail.. */
	303	if (reclen > buf->count)
	304	return -EINVAL;
	305	dirent = buf->previous;
	306	if (dirent) {
1f60fbe7 TT	307	if (signal_pending(current))
1f60fbe7 TT	308	return -EINTR;
1da177e4 LT	309	if (__put_user(offset, &dirent->d_off))
	310	goto efault;
	311	}
	312	dirent = buf->current_dir;
	313	if (__put_user(ino, &dirent->d_ino))
	314	goto efault;
	315	if (__put_user(0, &dirent->d_off))
	316	goto efault;
	317	if (__put_user(reclen, &dirent->d_reclen))
	318	goto efault;
	319	if (__put_user(d_type, &dirent->d_type))
	320	goto efault;
	321	if (copy_to_user(dirent->d_name, name, namlen))
	322	goto efault;
	323	if (__put_user(0, dirent->d_name + namlen))
	324	goto efault;
	325	buf->previous = dirent;
	326	dirent = (void __user *)dirent + reclen;
	327	buf->current_dir = dirent;
	328	buf->count -= reclen;
	329	return 0;
	330	efault:
	331	buf->error = -EFAULT;
	332	return -EFAULT;
	333	}
	334
20f37034 HC	335	SYSCALL_DEFINE3(getdents64, unsigned int, fd,
20f37034 HC	336	struct linux_dirent64 __user *, dirent, unsigned int, count)
1da177e4	337	{
2903ff01	338	struct fd f;
1da177e4	339	struct linux_dirent64 __user * lastdirent;
ac6614b7 AV	340	struct getdents_callback64 buf = {
	341	.ctx.actor = filldir64,
	342	.count = count,
	343	.current_dir = dirent
	344	};
1da177e4 LT	345	int error;
1da177e4 LT	346
1da177e4	347	if (!access_ok(VERIFY_WRITE, dirent, count))
863ced7f	348	return -EFAULT;
1da177e4	349
63b6df14	350	f = fdget_pos(fd);
2903ff01	351	if (!f.file)
863ced7f	352	return -EBADF;
1da177e4	353
5c0ba4e0	354	error = iterate_dir(f.file, &buf.ctx);
53c9c5c0 AV	355	if (error >= 0)
53c9c5c0 AV	356	error = buf.error;
1da177e4 LT	357	lastdirent = buf.previous;
1da177e4 LT	358	if (lastdirent) {
bb6f619b	359	typeof(lastdirent->d_off) d_off = buf.ctx.pos;
1da177e4	360	if (__put_user(d_off, &lastdirent->d_off))
53c9c5c0 AV	361	error = -EFAULT;
	362	else
	363	error = count - buf.count;
1da177e4	364	}
63b6df14	365	fdput_pos(f);
1da177e4 LT	366	return error;
1da177e4 LT	367	}
0460b2a2 AV	368
	369	#ifdef CONFIG_COMPAT
	370	struct compat_old_linux_dirent {
	371	compat_ulong_t d_ino;
	372	compat_ulong_t d_offset;
	373	unsigned short d_namlen;
	374	char d_name[1];
	375	};
	376
	377	struct compat_readdir_callback {
	378	struct dir_context ctx;
	379	struct compat_old_linux_dirent __user *dirent;
	380	int result;
	381	};
	382
	383	static int compat_fillonedir(struct dir_context ctx, const char name,
	384	int namlen, loff_t offset, u64 ino,
	385	unsigned int d_type)
	386	{
	387	struct compat_readdir_callback *buf =
	388	container_of(ctx, struct compat_readdir_callback, ctx);
	389	struct compat_old_linux_dirent __user *dirent;
	390	compat_ulong_t d_ino;
	391
	392	if (buf->result)
	393	return -EINVAL;
	394	d_ino = ino;
	395	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
	396	buf->result = -EOVERFLOW;
	397	return -EOVERFLOW;
	398	}
	399	buf->result++;
	400	dirent = buf->dirent;
	401	if (!access_ok(VERIFY_WRITE, dirent,
	402	(unsigned long)(dirent->d_name + namlen + 1) -
	403	(unsigned long)dirent))
	404	goto efault;
	405	if ( __put_user(d_ino, &dirent->d_ino) \|\|
	406	__put_user(offset, &dirent->d_offset) \|\|
	407	__put_user(namlen, &dirent->d_namlen) \|\|
	408	__copy_to_user(dirent->d_name, name, namlen) \|\|
	409	__put_user(0, dirent->d_name + namlen))
	410	goto efault;
	411	return 0;
	412	efault:
	413	buf->result = -EFAULT;
	414	return -EFAULT;
	415	}
	416
	417	COMPAT_SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
	418	struct compat_old_linux_dirent __user *, dirent, unsigned int, count)
	419	{
	420	int error;
	421	struct fd f = fdget_pos(fd);
	422	struct compat_readdir_callback buf = {
	423	.ctx.actor = compat_fillonedir,
	424	.dirent = dirent
	425	};
	426
	427	if (!f.file)
	428	return -EBADF;
	429
	430	error = iterate_dir(f.file, &buf.ctx);
	431	if (buf.result)
432	error = buf.result;
433
434	fdput_pos(f);
435	return error;
436	}
437
438	struct compat_linux_dirent {
439	compat_ulong_t d_ino;
440	compat_ulong_t d_off;
441	unsigned short d_reclen;
442	char d_name[1];
443	};
444
445	struct compat_getdents_callback {
446	struct dir_context ctx;
447	struct compat_linux_dirent __user *current_dir;
448	struct compat_linux_dirent __user *previous;
449	int count;
450	int error;
451	};
452
453	static int compat_filldir(struct dir_context ctx, const char name, int namlen,
454	loff_t offset, u64 ino, unsigned int d_type)
455	{
456	struct compat_linux_dirent __user * dirent;
457	struct compat_getdents_callback *buf =
458	container_of(ctx, struct compat_getdents_callback, ctx);
459	compat_ulong_t d_ino;
460	int reclen = ALIGN(offsetof(struct compat_linux_dirent, d_name) +
461	namlen + 2, sizeof(compat_long_t));
462
463	buf->error = -EINVAL; /* only used if we fail.. */
464	if (reclen > buf->count)
465	return -EINVAL;
466	d_ino = ino;
467	if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
468	buf->error = -EOVERFLOW;
469	return -EOVERFLOW;
470	}
471	dirent = buf->previous;
472	if (dirent) {
473	if (signal_pending(current))
474	return -EINTR;
475	if (__put_user(offset, &dirent->d_off))
476	goto efault;
477	}
478	dirent = buf->current_dir;
479	if (__put_user(d_ino, &dirent->d_ino))
480	goto efault;
481	if (__put_user(reclen, &dirent->d_reclen))
482	goto efault;
483	if (copy_to_user(dirent->d_name, name, namlen))
484	goto efault;
485	if (__put_user(0, dirent->d_name + namlen))
486	goto efault;
487	if (__put_user(d_type, (char __user *) dirent + reclen - 1))
488	goto efault;
489	buf->previous = dirent;
490	dirent = (void __user *)dirent + reclen;
491	buf->current_dir = dirent;
492	buf->count -= reclen;
493	return 0;
494	efault:
495	buf->error = -EFAULT;
496	return -EFAULT;
497	}
498
499	COMPAT_SYSCALL_DEFINE3(getdents, unsigned int, fd,
500	struct compat_linux_dirent __user *, dirent, unsigned int, count)
501	{
502	struct fd f;
503	struct compat_linux_dirent __user * lastdirent;
504	struct compat_getdents_callback buf = {
505	.ctx.actor = compat_filldir,
506	.current_dir = dirent,
507	.count = count
508	};
509	int error;
510
511	if (!access_ok(VERIFY_WRITE, dirent, count))
512	return -EFAULT;
513
514	f = fdget_pos(fd);
515	if (!f.file)
516	return -EBADF;
517
518	error = iterate_dir(f.file, &buf.ctx);
519	if (error >= 0)
520	error = buf.error;
521	lastdirent = buf.previous;
522	if (lastdirent) {
523	if (put_user(buf.ctx.pos, &lastdirent->d_off))
524	error = -EFAULT;
525	else
526	error = count - buf.count;
527	}
528	fdput_pos(f);
529	return error;
530	}
531	#endif