4 * Copyright (C) 1995 Linus Torvalds
7 #include <linux/stddef.h>
8 #include <linux/kernel.h>
9 #include <linux/export.h>
10 #include <linux/time.h>
12 #include <linux/errno.h>
13 #include <linux/stat.h>
14 #include <linux/file.h>
16 #include <linux/fsnotify.h>
17 #include <linux/dirent.h>
18 #include <linux/security.h>
19 #include <linux/syscalls.h>
20 #include <linux/unistd.h>
22 #include <asm/uaccess.h>
24 int iterate_dir(struct file *file, struct dir_context *ctx)
26 struct inode *inode = file_inode(file);
28 if (!file->f_op->iterate)
31 res = security_file_permission(file, MAY_READ);
35 res = mutex_lock_killable(&inode->i_mutex);
40 if (!IS_DEADDIR(inode)) {
41 ctx->pos = file->f_pos;
42 res = file->f_op->iterate(file, ctx);
43 file->f_pos = ctx->pos;
44 fsnotify_access(file);
47 mutex_unlock(&inode->i_mutex);
51 EXPORT_SYMBOL(iterate_dir);
54 * POSIX says that a dirent name cannot contain NULL or a '/'.
56 * It's not 100% clear what we should really do in this case.
57 * The filesystem is clearly corrupted, but returning a hard
58 * error means that you now don't see any of the other names
59 * either, so that isn't a perfect alternative.
61 * And if you return an error, what error do you use? Several
62 * filesystems seem to have decided on EUCLEAN being the error
63 * code for EFSCORRUPTED, and that may be the error to use. Or
64 * just EIO, which is perhaps more obvious to users.
66 * In order to see the other file names in the directory, the
67 * caller might want to make this a "soft" error: skip the
68 * entry, and return the error at the end instead.
70 * Note that this should likely do a "memchr(name, 0, len)"
71 * check too, since that would be filesystem corruption as
72 * well. However, that case can't actually confuse user space,
73 * which has to do a strlen() on the name anyway to find the
74 * filename length, and the above "soft error" worry means
75 * that it's probably better left alone until we have that
78 static int verify_dirent_name(const char *name, int len)
82 if (memchr(name, '/', len))
88 * Traditional linux readdir() handling..
90 * "count=1" is a special case, meaning that the buffer is one
91 * dirent-structure in size and that the code can't handle more
92 * anyway. Thus the special "fillonedir()" function for that
93 * case (the low-level handlers don't need to care about this).
96 #ifdef __ARCH_WANT_OLD_READDIR
98 struct old_linux_dirent {
100 unsigned long d_offset;
101 unsigned short d_namlen;
105 struct readdir_callback {
106 struct dir_context ctx;
107 struct old_linux_dirent __user * dirent;
111 static int fillonedir(struct dir_context *ctx, const char *name, int namlen,
112 loff_t offset, u64 ino, unsigned int d_type)
114 struct readdir_callback *buf =
115 container_of(ctx, struct readdir_callback, ctx);
116 struct old_linux_dirent __user * dirent;
122 if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
123 buf->result = -EOVERFLOW;
127 dirent = buf->dirent;
128 if (!access_ok(VERIFY_WRITE, dirent,
129 (unsigned long)(dirent->d_name + namlen + 1) -
130 (unsigned long)dirent))
132 if ( __put_user(d_ino, &dirent->d_ino) ||
133 __put_user(offset, &dirent->d_offset) ||
134 __put_user(namlen, &dirent->d_namlen) ||
135 __copy_to_user(dirent->d_name, name, namlen) ||
136 __put_user(0, dirent->d_name + namlen))
140 buf->result = -EFAULT;
144 SYSCALL_DEFINE3(old_readdir, unsigned int, fd,
145 struct old_linux_dirent __user *, dirent, unsigned int, count)
148 struct fd f = fdget(fd);
149 struct readdir_callback buf = {
150 .ctx.actor = fillonedir,
157 error = iterate_dir(f.file, &buf.ctx);
165 #endif /* __ARCH_WANT_OLD_READDIR */
168 * New, all-improved, singing, dancing, iBCS2-compliant getdents()
171 struct linux_dirent {
174 unsigned short d_reclen;
178 struct getdents_callback {
179 struct dir_context ctx;
180 struct linux_dirent __user * current_dir;
181 struct linux_dirent __user * previous;
186 static int filldir(struct dir_context *ctx, const char *name, int namlen,
187 loff_t offset, u64 ino, unsigned int d_type)
189 struct linux_dirent __user * dirent;
190 struct getdents_callback *buf =
191 container_of(ctx, struct getdents_callback, ctx);
193 int reclen = ALIGN(offsetof(struct linux_dirent, d_name) + namlen + 2,
196 buf->error = verify_dirent_name(name, namlen);
197 if (unlikely(buf->error))
199 buf->error = -EINVAL; /* only used if we fail.. */
200 if (reclen > buf->count)
203 if (sizeof(d_ino) < sizeof(ino) && d_ino != ino) {
204 buf->error = -EOVERFLOW;
207 dirent = buf->previous;
209 if (__put_user(offset, &dirent->d_off))
212 dirent = buf->current_dir;
213 if (__put_user(d_ino, &dirent->d_ino))
215 if (__put_user(reclen, &dirent->d_reclen))
217 if (copy_to_user(dirent->d_name, name, namlen))
219 if (__put_user(0, dirent->d_name + namlen))
221 if (__put_user(d_type, (char __user *) dirent + reclen - 1))
223 buf->previous = dirent;
224 dirent = (void __user *)dirent + reclen;
225 buf->current_dir = dirent;
226 buf->count -= reclen;
229 buf->error = -EFAULT;
233 SYSCALL_DEFINE3(getdents, unsigned int, fd,
234 struct linux_dirent __user *, dirent, unsigned int, count)
237 struct linux_dirent __user * lastdirent;
238 struct getdents_callback buf = {
239 .ctx.actor = filldir,
241 .current_dir = dirent
245 if (!access_ok(VERIFY_WRITE, dirent, count))
252 error = iterate_dir(f.file, &buf.ctx);
255 lastdirent = buf.previous;
257 if (put_user(buf.ctx.pos, &lastdirent->d_off))
260 error = count - buf.count;
266 struct getdents_callback64 {
267 struct dir_context ctx;
268 struct linux_dirent64 __user * current_dir;
269 struct linux_dirent64 __user * previous;
274 static int filldir64(struct dir_context *ctx, const char *name, int namlen,
275 loff_t offset, u64 ino, unsigned int d_type)
277 struct linux_dirent64 __user *dirent;
278 struct getdents_callback64 *buf =
279 container_of(ctx, struct getdents_callback64, ctx);
280 int reclen = ALIGN(offsetof(struct linux_dirent64, d_name) + namlen + 1,
283 buf->error = verify_dirent_name(name, namlen);
284 if (unlikely(buf->error))
286 buf->error = -EINVAL; /* only used if we fail.. */
287 if (reclen > buf->count)
289 dirent = buf->previous;
291 if (__put_user(offset, &dirent->d_off))
294 dirent = buf->current_dir;
295 if (__put_user(ino, &dirent->d_ino))
297 if (__put_user(0, &dirent->d_off))
299 if (__put_user(reclen, &dirent->d_reclen))
301 if (__put_user(d_type, &dirent->d_type))
303 if (copy_to_user(dirent->d_name, name, namlen))
305 if (__put_user(0, dirent->d_name + namlen))
307 buf->previous = dirent;
308 dirent = (void __user *)dirent + reclen;
309 buf->current_dir = dirent;
310 buf->count -= reclen;
313 buf->error = -EFAULT;
317 SYSCALL_DEFINE3(getdents64, unsigned int, fd,
318 struct linux_dirent64 __user *, dirent, unsigned int, count)
321 struct linux_dirent64 __user * lastdirent;
322 struct getdents_callback64 buf = {
323 .ctx.actor = filldir64,
325 .current_dir = dirent
329 if (!access_ok(VERIFY_WRITE, dirent, count))
336 error = iterate_dir(f.file, &buf.ctx);
339 lastdirent = buf.previous;
341 typeof(lastdirent->d_off) d_off = buf.ctx.pos;
342 if (__put_user(d_off, &lastdirent->d_off))
345 error = count - buf.count;