Showing error 1031

User: Jiri Slaby
Error type: Leaving function in locked state
Error type description: Some lock is not unlocked on all paths of a function, so it is leaked
File location: fs/inotify.c
Line in file: 444
Project: Linux Kernel
Project version: 2.6.28
Tools: Undetermined 1
Entered: 2012-03-04 17:07:06 UTC

Source: 

  1/*
  2 * fs/inotify.c - inode-based file event notifications
  3 *
  4 * Authors:
  5 *        John McCutchan        <ttb@tentacle.dhs.org>
  6 *        Robert Love        <rml@novell.com>
  7 *
  8 * Kernel API added by: Amy Griffis <amy.griffis@hp.com>
  9 *
 10 * Copyright (C) 2005 John McCutchan
 11 * Copyright 2006 Hewlett-Packard Development Company, L.P.
 12 *
 13 * This program is free software; you can redistribute it and/or modify it
 14 * under the terms of the GNU General Public License as published by the
 15 * Free Software Foundation; either version 2, or (at your option) any
 16 * later version.
 17 *
 18 * This program is distributed in the hope that it will be useful, but
 19 * WITHOUT ANY WARRANTY; without even the implied warranty of
 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 21 * General Public License for more details.
 22 */
 23
 24#include <linux/module.h>
 25#include <linux/kernel.h>
 26#include <linux/spinlock.h>
 27#include <linux/idr.h>
 28#include <linux/slab.h>
 29#include <linux/fs.h>
 30#include <linux/sched.h>
 31#include <linux/init.h>
 32#include <linux/list.h>
 33#include <linux/writeback.h>
 34#include <linux/inotify.h>
 35
 36static atomic_t inotify_cookie;
 37
 38/*
 39 * Lock ordering:
 40 *
 41 * dentry->d_lock (used to keep d_move() away from dentry->d_parent)
 42 * iprune_mutex (synchronize shrink_icache_memory())
 43 *         inode_lock (protects the super_block->s_inodes list)
 44 *         inode->inotify_mutex (protects inode->inotify_watches and watches->i_list)
 45 *                 inotify_handle->mutex (protects inotify_handle and watches->h_list)
 46 *
 47 * The inode->inotify_mutex and inotify_handle->mutex and held during execution
 48 * of a caller's event handler.  Thus, the caller must not hold any locks
 49 * taken in their event handler while calling any of the published inotify
 50 * interfaces.
 51 */
 52
 53/*
 54 * Lifetimes of the three main data structures--inotify_handle, inode, and
 55 * inotify_watch--are managed by reference count.
 56 *
 57 * inotify_handle: Lifetime is from inotify_init() to inotify_destroy().
 58 * Additional references can bump the count via get_inotify_handle() and drop
 59 * the count via put_inotify_handle().
 60 *
 61 * inotify_watch: for inotify's purposes, lifetime is from inotify_add_watch()
 62 * to remove_watch_no_event().  Additional references can bump the count via
 63 * get_inotify_watch() and drop the count via put_inotify_watch().  The caller
 64 * is reponsible for the final put after receiving IN_IGNORED, or when using
 65 * IN_ONESHOT after receiving the first event.  Inotify does the final put if
 66 * inotify_destroy() is called.
 67 *
 68 * inode: Pinned so long as the inode is associated with a watch, from
 69 * inotify_add_watch() to the final put_inotify_watch().
 70 */
 71
 72/*
 73 * struct inotify_handle - represents an inotify instance
 74 *
 75 * This structure is protected by the mutex 'mutex'.
 76 */
 77struct inotify_handle {
 78        struct idr                idr;                /* idr mapping wd -> watch */
 79        struct mutex                mutex;                /* protects this bad boy */
 80        struct list_head        watches;        /* list of watches */
 81        atomic_t                count;                /* reference count */
 82        u32                        last_wd;        /* the last wd allocated */
 83        const struct inotify_operations *in_ops; /* inotify caller operations */
 84};
 85
 86static inline void get_inotify_handle(struct inotify_handle *ih)
 87{
 88        atomic_inc(&ih->count);
 89}
 90
 91static inline void put_inotify_handle(struct inotify_handle *ih)
 92{
 93        if (atomic_dec_and_test(&ih->count)) {
 94                idr_destroy(&ih->idr);
 95                kfree(ih);
 96        }
 97}
 98
 99/**
100 * get_inotify_watch - grab a reference to an inotify_watch
101 * @watch: watch to grab
102 */
103void get_inotify_watch(struct inotify_watch *watch)
104{
105        atomic_inc(&watch->count);
106}
107EXPORT_SYMBOL_GPL(get_inotify_watch);
108
109int pin_inotify_watch(struct inotify_watch *watch)
110{
111        struct super_block *sb = watch->inode->i_sb;
112        spin_lock(&sb_lock);
113        if (sb->s_count >= S_BIAS) {
114                atomic_inc(&sb->s_active);
115                spin_unlock(&sb_lock);
116                atomic_inc(&watch->count);
117                return 1;
118        }
119        spin_unlock(&sb_lock);
120        return 0;
121}
122
123/**
124 * put_inotify_watch - decrements the ref count on a given watch.  cleans up
125 * watch references if the count reaches zero.  inotify_watch is freed by
126 * inotify callers via the destroy_watch() op.
127 * @watch: watch to release
128 */
129void put_inotify_watch(struct inotify_watch *watch)
130{
131        if (atomic_dec_and_test(&watch->count)) {
132                struct inotify_handle *ih = watch->ih;
133
134                iput(watch->inode);
135                ih->in_ops->destroy_watch(watch);
136                put_inotify_handle(ih);
137        }
138}
139EXPORT_SYMBOL_GPL(put_inotify_watch);
140
141void unpin_inotify_watch(struct inotify_watch *watch)
142{
143        struct super_block *sb = watch->inode->i_sb;
144        put_inotify_watch(watch);
145        deactivate_super(sb);
146}
147
148/*
149 * inotify_handle_get_wd - returns the next WD for use by the given handle
150 *
151 * Callers must hold ih->mutex.  This function can sleep.
152 */
153static int inotify_handle_get_wd(struct inotify_handle *ih,
154                                 struct inotify_watch *watch)
155{
156        int ret;
157
158        do {
159                if (unlikely(!idr_pre_get(&ih->idr, GFP_KERNEL)))
160                        return -ENOSPC;
161                ret = idr_get_new_above(&ih->idr, watch, ih->last_wd+1, &watch->wd);
162        } while (ret == -EAGAIN);
163
164        if (likely(!ret))
165                ih->last_wd = watch->wd;
166
167        return ret;
168}
169
170/*
171 * inotify_inode_watched - returns nonzero if there are watches on this inode
172 * and zero otherwise.  We call this lockless, we do not care if we race.
173 */
174static inline int inotify_inode_watched(struct inode *inode)
175{
176        return !list_empty(&inode->inotify_watches);
177}
178
179/*
180 * Get child dentry flag into synch with parent inode.
181 * Flag should always be clear for negative dentrys.
182 */
183static void set_dentry_child_flags(struct inode *inode, int watched)
184{
185        struct dentry *alias;
186
187        spin_lock(&dcache_lock);
188        list_for_each_entry(alias, &inode->i_dentry, d_alias) {
189                struct dentry *child;
190
191                list_for_each_entry(child, &alias->d_subdirs, d_u.d_child) {
192                        if (!child->d_inode)
193                                continue;
194
195                        spin_lock(&child->d_lock);
196                        if (watched)
197                                child->d_flags |= DCACHE_INOTIFY_PARENT_WATCHED;
198                        else
199                                child->d_flags &=~DCACHE_INOTIFY_PARENT_WATCHED;
200                        spin_unlock(&child->d_lock);
201                }
202        }
203        spin_unlock(&dcache_lock);
204}
205
206/*
207 * inotify_find_handle - find the watch associated with the given inode and
208 * handle
209 *
210 * Callers must hold inode->inotify_mutex.
211 */
212static struct inotify_watch *inode_find_handle(struct inode *inode,
213                                               struct inotify_handle *ih)
214{
215        struct inotify_watch *watch;
216
217        list_for_each_entry(watch, &inode->inotify_watches, i_list) {
218                if (watch->ih == ih)
219                        return watch;
220        }
221
222        return NULL;
223}
224
225/*
226 * remove_watch_no_event - remove watch without the IN_IGNORED event.
227 *
228 * Callers must hold both inode->inotify_mutex and ih->mutex.
229 */
230static void remove_watch_no_event(struct inotify_watch *watch,
231                                  struct inotify_handle *ih)
232{
233        list_del(&watch->i_list);
234        list_del(&watch->h_list);
235
236        if (!inotify_inode_watched(watch->inode))
237                set_dentry_child_flags(watch->inode, 0);
238
239        idr_remove(&ih->idr, watch->wd);
240}
241
242/**
243 * inotify_remove_watch_locked - Remove a watch from both the handle and the
244 * inode.  Sends the IN_IGNORED event signifying that the inode is no longer
245 * watched.  May be invoked from a caller's event handler.
246 * @ih: inotify handle associated with watch
247 * @watch: watch to remove
248 *
249 * Callers must hold both inode->inotify_mutex and ih->mutex.
250 */
251void inotify_remove_watch_locked(struct inotify_handle *ih,
252                                 struct inotify_watch *watch)
253{
254        remove_watch_no_event(watch, ih);
255        ih->in_ops->handle_event(watch, watch->wd, IN_IGNORED, 0, NULL, NULL);
256}
257EXPORT_SYMBOL_GPL(inotify_remove_watch_locked);
258
259/* Kernel API for producing events */
260
261/*
262 * inotify_d_instantiate - instantiate dcache entry for inode
263 */
264void inotify_d_instantiate(struct dentry *entry, struct inode *inode)
265{
266        struct dentry *parent;
267
268        if (!inode)
269                return;
270
271        spin_lock(&entry->d_lock);
272        parent = entry->d_parent;
273        if (parent->d_inode && inotify_inode_watched(parent->d_inode))
274                entry->d_flags |= DCACHE_INOTIFY_PARENT_WATCHED;
275        spin_unlock(&entry->d_lock);
276}
277
278/*
279 * inotify_d_move - dcache entry has been moved
280 */
281void inotify_d_move(struct dentry *entry)
282{
283        struct dentry *parent;
284
285        parent = entry->d_parent;
286        if (inotify_inode_watched(parent->d_inode))
287                entry->d_flags |= DCACHE_INOTIFY_PARENT_WATCHED;
288        else
289                entry->d_flags &= ~DCACHE_INOTIFY_PARENT_WATCHED;
290}
291
292/**
293 * inotify_inode_queue_event - queue an event to all watches on this inode
294 * @inode: inode event is originating from
295 * @mask: event mask describing this event
296 * @cookie: cookie for synchronization, or zero
297 * @name: filename, if any
298 * @n_inode: inode associated with name
299 */
300void inotify_inode_queue_event(struct inode *inode, u32 mask, u32 cookie,
301                               const char *name, struct inode *n_inode)
302{
303        struct inotify_watch *watch, *next;
304
305        if (!inotify_inode_watched(inode))
306                return;
307
308        mutex_lock(&inode->inotify_mutex);
309        list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) {
310                u32 watch_mask = watch->mask;
311                if (watch_mask & mask) {
312                        struct inotify_handle *ih= watch->ih;
313                        mutex_lock(&ih->mutex);
314                        if (watch_mask & IN_ONESHOT)
315                                remove_watch_no_event(watch, ih);
316                        ih->in_ops->handle_event(watch, watch->wd, mask, cookie,
317                                                 name, n_inode);
318                        mutex_unlock(&ih->mutex);
319                }
320        }
321        mutex_unlock(&inode->inotify_mutex);
322}
323EXPORT_SYMBOL_GPL(inotify_inode_queue_event);
324
325/**
326 * inotify_dentry_parent_queue_event - queue an event to a dentry's parent
327 * @dentry: the dentry in question, we queue against this dentry's parent
328 * @mask: event mask describing this event
329 * @cookie: cookie for synchronization, or zero
330 * @name: filename, if any
331 */
332void inotify_dentry_parent_queue_event(struct dentry *dentry, u32 mask,
333                                       u32 cookie, const char *name)
334{
335        struct dentry *parent;
336        struct inode *inode;
337
338        if (!(dentry->d_flags & DCACHE_INOTIFY_PARENT_WATCHED))
339                return;
340
341        spin_lock(&dentry->d_lock);
342        parent = dentry->d_parent;
343        inode = parent->d_inode;
344
345        if (inotify_inode_watched(inode)) {
346                dget(parent);
347                spin_unlock(&dentry->d_lock);
348                inotify_inode_queue_event(inode, mask, cookie, name,
349                                          dentry->d_inode);
350                dput(parent);
351        } else
352                spin_unlock(&dentry->d_lock);
353}
354EXPORT_SYMBOL_GPL(inotify_dentry_parent_queue_event);
355
356/**
357 * inotify_get_cookie - return a unique cookie for use in synchronizing events.
358 */
359u32 inotify_get_cookie(void)
360{
361        return atomic_inc_return(&inotify_cookie);
362}
363EXPORT_SYMBOL_GPL(inotify_get_cookie);
364
365/**
366 * inotify_unmount_inodes - an sb is unmounting.  handle any watched inodes.
367 * @list: list of inodes being unmounted (sb->s_inodes)
368 *
369 * Called with inode_lock held, protecting the unmounting super block's list
370 * of inodes, and with iprune_mutex held, keeping shrink_icache_memory() at bay.
371 * We temporarily drop inode_lock, however, and CAN block.
372 */
373void inotify_unmount_inodes(struct list_head *list)
374{
375        struct inode *inode, *next_i, *need_iput = NULL;
376
377        list_for_each_entry_safe(inode, next_i, list, i_sb_list) {
378                struct inotify_watch *watch, *next_w;
379                struct inode *need_iput_tmp;
380                struct list_head *watches;
381
382                /*
383                 * If i_count is zero, the inode cannot have any watches and
384                 * doing an __iget/iput with MS_ACTIVE clear would actually
385                 * evict all inodes with zero i_count from icache which is
386                 * unnecessarily violent and may in fact be illegal to do.
387                 */
388                if (!atomic_read(&inode->i_count))
389                        continue;
390
391                /*
392                 * We cannot __iget() an inode in state I_CLEAR, I_FREEING, or
393                 * I_WILL_FREE which is fine because by that point the inode
394                 * cannot have any associated watches.
395                 */
396                if (inode->i_state & (I_CLEAR | I_FREEING | I_WILL_FREE))
397                        continue;
398
399                need_iput_tmp = need_iput;
400                need_iput = NULL;
401                /* In case inotify_remove_watch_locked() drops a reference. */
402                if (inode != need_iput_tmp)
403                        __iget(inode);
404                else
405                        need_iput_tmp = NULL;
406                /* In case the dropping of a reference would nuke next_i. */
407                if ((&next_i->i_sb_list != list) &&
408                                atomic_read(&next_i->i_count) &&
409                                !(next_i->i_state & (I_CLEAR | I_FREEING |
410                                        I_WILL_FREE))) {
411                        __iget(next_i);
412                        need_iput = next_i;
413                }
414
415                /*
416                 * We can safely drop inode_lock here because we hold
417                 * references on both inode and next_i.  Also no new inodes
418                 * will be added since the umount has begun.  Finally,
419                 * iprune_mutex keeps shrink_icache_memory() away.
420                 */
421                spin_unlock(&inode_lock);
422
423                if (need_iput_tmp)
424                        iput(need_iput_tmp);
425
426                /* for each watch, send IN_UNMOUNT and then remove it */
427                mutex_lock(&inode->inotify_mutex);
428                watches = &inode->inotify_watches;
429                list_for_each_entry_safe(watch, next_w, watches, i_list) {
430                        struct inotify_handle *ih= watch->ih;
431                        get_inotify_watch(watch);
432                        mutex_lock(&ih->mutex);
433                        ih->in_ops->handle_event(watch, watch->wd, IN_UNMOUNT, 0,
434                                                 NULL, NULL);
435                        inotify_remove_watch_locked(ih, watch);
436                        mutex_unlock(&ih->mutex);
437                        put_inotify_watch(watch);
438                }
439                mutex_unlock(&inode->inotify_mutex);
440                iput(inode);                
441
442                spin_lock(&inode_lock);
443        }
444}
445EXPORT_SYMBOL_GPL(inotify_unmount_inodes);
446
447/**
448 * inotify_inode_is_dead - an inode has been deleted, cleanup any watches
449 * @inode: inode that is about to be removed
450 */
451void inotify_inode_is_dead(struct inode *inode)
452{
453        struct inotify_watch *watch, *next;
454
455        mutex_lock(&inode->inotify_mutex);
456        list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) {
457                struct inotify_handle *ih = watch->ih;
458                mutex_lock(&ih->mutex);
459                inotify_remove_watch_locked(ih, watch);
460                mutex_unlock(&ih->mutex);
461        }
462        mutex_unlock(&inode->inotify_mutex);
463}
464EXPORT_SYMBOL_GPL(inotify_inode_is_dead);
465
466/* Kernel Consumer API */
467
468/**
469 * inotify_init - allocate and initialize an inotify instance
470 * @ops: caller's inotify operations
471 */
472struct inotify_handle *inotify_init(const struct inotify_operations *ops)
473{
474        struct inotify_handle *ih;
475
476        ih = kmalloc(sizeof(struct inotify_handle), GFP_KERNEL);
477        if (unlikely(!ih))
478                return ERR_PTR(-ENOMEM);
479
480        idr_init(&ih->idr);
481        INIT_LIST_HEAD(&ih->watches);
482        mutex_init(&ih->mutex);
483        ih->last_wd = 0;
484        ih->in_ops = ops;
485        atomic_set(&ih->count, 0);
486        get_inotify_handle(ih);
487
488        return ih;
489}
490EXPORT_SYMBOL_GPL(inotify_init);
491
492/**
493 * inotify_init_watch - initialize an inotify watch
494 * @watch: watch to initialize
495 */
496void inotify_init_watch(struct inotify_watch *watch)
497{
498        INIT_LIST_HEAD(&watch->h_list);
499        INIT_LIST_HEAD(&watch->i_list);
500        atomic_set(&watch->count, 0);
501        get_inotify_watch(watch); /* initial get */
502}
503EXPORT_SYMBOL_GPL(inotify_init_watch);
504
505/*
506 * Watch removals suck violently.  To kick the watch out we need (in this
507 * order) inode->inotify_mutex and ih->mutex.  That's fine if we have
508 * a hold on inode; however, for all other cases we need to make damn sure
509 * we don't race with umount.  We can *NOT* just grab a reference to a
510 * watch - inotify_unmount_inodes() will happily sail past it and we'll end
511 * with reference to inode potentially outliving its superblock.  Ideally
512 * we just want to grab an active reference to superblock if we can; that
513 * will make sure we won't go into inotify_umount_inodes() until we are
514 * done.  Cleanup is just deactivate_super().  However, that leaves a messy
515 * case - what if we *are* racing with umount() and active references to
516 * superblock can't be acquired anymore?  We can bump ->s_count, grab
517 * ->s_umount, which will almost certainly wait until the superblock is shut
518 * down and the watch in question is pining for fjords.  That's fine, but
519 * there is a problem - we might have hit the window between ->s_active
520 * getting to 0 / ->s_count - below S_BIAS (i.e. the moment when superblock
521 * is past the point of no return and is heading for shutdown) and the
522 * moment when deactivate_super() acquires ->s_umount.  We could just do
523 * drop_super() yield() and retry, but that's rather antisocial and this
524 * stuff is luser-triggerable.  OTOH, having grabbed ->s_umount and having
525 * found that we'd got there first (i.e. that ->s_root is non-NULL) we know
526 * that we won't race with inotify_umount_inodes().  So we could grab a
527 * reference to watch and do the rest as above, just with drop_super() instead
528 * of deactivate_super(), right?  Wrong.  We had to drop ih->mutex before we
529 * could grab ->s_umount.  So the watch could've been gone already.
530 *
531 * That still can be dealt with - we need to save watch->wd, do idr_find()
532 * and compare its result with our pointer.  If they match, we either have
533 * the damn thing still alive or we'd lost not one but two races at once,
534 * the watch had been killed and a new one got created with the same ->wd
535 * at the same address.  That couldn't have happened in inotify_destroy(),
536 * but inotify_rm_wd() could run into that.  Still, "new one got created"
537 * is not a problem - we have every right to kill it or leave it alone,
538 * whatever's more convenient.
539 *
540 * So we can use idr_find(...) == watch && watch->inode->i_sb == sb as
541 * "grab it and kill it" check.  If it's been our original watch, we are
542 * fine, if it's a newcomer - nevermind, just pretend that we'd won the
543 * race and kill the fscker anyway; we are safe since we know that its
544 * superblock won't be going away.
545 *
546 * And yes, this is far beyond mere "not very pretty"; so's the entire
547 * concept of inotify to start with.
548 */
549
550/**
551 * pin_to_kill - pin the watch down for removal
552 * @ih: inotify handle
553 * @watch: watch to kill
554 *
555 * Called with ih->mutex held, drops it.  Possible return values:
556 * 0 - nothing to do, it has died
557 * 1 - remove it, drop the reference and deactivate_super()
558 * 2 - remove it, drop the reference and drop_super(); we tried hard to avoid
559 * that variant, since it involved a lot of PITA, but that's the best that
560 * could've been done.
561 */
562static int pin_to_kill(struct inotify_handle *ih, struct inotify_watch *watch)
563{
564        struct super_block *sb = watch->inode->i_sb;
565        s32 wd = watch->wd;
566
567        spin_lock(&sb_lock);
568        if (sb->s_count >= S_BIAS) {
569                atomic_inc(&sb->s_active);
570                spin_unlock(&sb_lock);
571                get_inotify_watch(watch);
572                mutex_unlock(&ih->mutex);
573                return 1;        /* the best outcome */
574        }
575        sb->s_count++;
576        spin_unlock(&sb_lock);
577        mutex_unlock(&ih->mutex); /* can't grab ->s_umount under it */
578        down_read(&sb->s_umount);
579        if (likely(!sb->s_root)) {
580                /* fs is already shut down; the watch is dead */
581                drop_super(sb);
582                return 0;
583        }
584        /* raced with the final deactivate_super() */
585        mutex_lock(&ih->mutex);
586        if (idr_find(&ih->idr, wd) != watch || watch->inode->i_sb != sb) {
587                /* the watch is dead */
588                mutex_unlock(&ih->mutex);
589                drop_super(sb);
590                return 0;
591        }
592        /* still alive or freed and reused with the same sb and wd; kill */
593        get_inotify_watch(watch);
594        mutex_unlock(&ih->mutex);
595        return 2;
596}
597
598static void unpin_and_kill(struct inotify_watch *watch, int how)
599{
600        struct super_block *sb = watch->inode->i_sb;
601        put_inotify_watch(watch);
602        switch (how) {
603        case 1:
604                deactivate_super(sb);
605                break;
606        case 2:
607                drop_super(sb);
608        }
609}
610
611/**
612 * inotify_destroy - clean up and destroy an inotify instance
613 * @ih: inotify handle
614 */
615void inotify_destroy(struct inotify_handle *ih)
616{
617        /*
618         * Destroy all of the watches for this handle. Unfortunately, not very
619         * pretty.  We cannot do a simple iteration over the list, because we
620         * do not know the inode until we iterate to the watch.  But we need to
621         * hold inode->inotify_mutex before ih->mutex.  The following works.
622         *
623         * AV: it had to become even uglier to start working ;-/
624         */
625        while (1) {
626                struct inotify_watch *watch;
627                struct list_head *watches;
628                struct super_block *sb;
629                struct inode *inode;
630                int how;
631
632                mutex_lock(&ih->mutex);
633                watches = &ih->watches;
634                if (list_empty(watches)) {
635                        mutex_unlock(&ih->mutex);
636                        break;
637                }
638                watch = list_first_entry(watches, struct inotify_watch, h_list);
639                sb = watch->inode->i_sb;
640                how = pin_to_kill(ih, watch);
641                if (!how)
642                        continue;
643
644                inode = watch->inode;
645                mutex_lock(&inode->inotify_mutex);
646                mutex_lock(&ih->mutex);
647
648                /* make sure we didn't race with another list removal */
649                if (likely(idr_find(&ih->idr, watch->wd))) {
650                        remove_watch_no_event(watch, ih);
651                        put_inotify_watch(watch);
652                }
653
654                mutex_unlock(&ih->mutex);
655                mutex_unlock(&inode->inotify_mutex);
656                unpin_and_kill(watch, how);
657        }
658
659        /* free this handle: the put matching the get in inotify_init() */
660        put_inotify_handle(ih);
661}
662EXPORT_SYMBOL_GPL(inotify_destroy);
663
664/**
665 * inotify_find_watch - find an existing watch for an (ih,inode) pair
666 * @ih: inotify handle
667 * @inode: inode to watch
668 * @watchp: pointer to existing inotify_watch
669 *
670 * Caller must pin given inode (via nameidata).
671 */
672s32 inotify_find_watch(struct inotify_handle *ih, struct inode *inode,
673                       struct inotify_watch **watchp)
674{
675        struct inotify_watch *old;
676        int ret = -ENOENT;
677
678        mutex_lock(&inode->inotify_mutex);
679        mutex_lock(&ih->mutex);
680
681        old = inode_find_handle(inode, ih);
682        if (unlikely(old)) {
683                get_inotify_watch(old); /* caller must put watch */
684                *watchp = old;
685                ret = old->wd;
686        }
687
688        mutex_unlock(&ih->mutex);
689        mutex_unlock(&inode->inotify_mutex);
690
691        return ret;
692}
693EXPORT_SYMBOL_GPL(inotify_find_watch);
694
695/**
696 * inotify_find_update_watch - find and update the mask of an existing watch
697 * @ih: inotify handle
698 * @inode: inode's watch to update
699 * @mask: mask of events to watch
700 *
701 * Caller must pin given inode (via nameidata).
702 */
703s32 inotify_find_update_watch(struct inotify_handle *ih, struct inode *inode,
704                              u32 mask)
705{
706        struct inotify_watch *old;
707        int mask_add = 0;
708        int ret;
709
710        if (mask & IN_MASK_ADD)
711                mask_add = 1;
712
713        /* don't allow invalid bits: we don't want flags set */
714        mask &= IN_ALL_EVENTS | IN_ONESHOT;
715        if (unlikely(!mask))
716                return -EINVAL;
717
718        mutex_lock(&inode->inotify_mutex);
719        mutex_lock(&ih->mutex);
720
721        /*
722         * Handle the case of re-adding a watch on an (inode,ih) pair that we
723         * are already watching.  We just update the mask and return its wd.
724         */
725        old = inode_find_handle(inode, ih);
726        if (unlikely(!old)) {
727                ret = -ENOENT;
728                goto out;
729        }
730
731        if (mask_add)
732                old->mask |= mask;
733        else
734                old->mask = mask;
735        ret = old->wd;
736out:
737        mutex_unlock(&ih->mutex);
738        mutex_unlock(&inode->inotify_mutex);
739        return ret;
740}
741EXPORT_SYMBOL_GPL(inotify_find_update_watch);
742
743/**
744 * inotify_add_watch - add a watch to an inotify instance
745 * @ih: inotify handle
746 * @watch: caller allocated watch structure
747 * @inode: inode to watch
748 * @mask: mask of events to watch
749 *
750 * Caller must pin given inode (via nameidata).
751 * Caller must ensure it only calls inotify_add_watch() once per watch.
752 * Calls inotify_handle_get_wd() so may sleep.
753 */
754s32 inotify_add_watch(struct inotify_handle *ih, struct inotify_watch *watch,
755                      struct inode *inode, u32 mask)
756{
757        int ret = 0;
758        int newly_watched;
759
760        /* don't allow invalid bits: we don't want flags set */
761        mask &= IN_ALL_EVENTS | IN_ONESHOT;
762        if (unlikely(!mask))
763                return -EINVAL;
764        watch->mask = mask;
765
766        mutex_lock(&inode->inotify_mutex);
767        mutex_lock(&ih->mutex);
768
769        /* Initialize a new watch */
770        ret = inotify_handle_get_wd(ih, watch);
771        if (unlikely(ret))
772                goto out;
773        ret = watch->wd;
774
775        /* save a reference to handle and bump the count to make it official */
776        get_inotify_handle(ih);
777        watch->ih = ih;
778
779        /*
780         * Save a reference to the inode and bump the ref count to make it
781         * official.  We hold a reference to nameidata, which makes this safe.
782         */
783        watch->inode = igrab(inode);
784
785        /* Add the watch to the handle's and the inode's list */
786        newly_watched = !inotify_inode_watched(inode);
787        list_add(&watch->h_list, &ih->watches);
788        list_add(&watch->i_list, &inode->inotify_watches);
789        /*
790         * Set child flags _after_ adding the watch, so there is no race
791         * windows where newly instantiated children could miss their parent's
792         * watched flag.
793         */
794        if (newly_watched)
795                set_dentry_child_flags(inode, 1);
796
797out:
798        mutex_unlock(&ih->mutex);
799        mutex_unlock(&inode->inotify_mutex);
800        return ret;
801}
802EXPORT_SYMBOL_GPL(inotify_add_watch);
803
804/**
805 * inotify_clone_watch - put the watch next to existing one
806 * @old: already installed watch
807 * @new: new watch
808 *
809 * Caller must hold the inotify_mutex of inode we are dealing with;
810 * it is expected to remove the old watch before unlocking the inode.
811 */
812s32 inotify_clone_watch(struct inotify_watch *old, struct inotify_watch *new)
813{
814        struct inotify_handle *ih = old->ih;
815        int ret = 0;
816
817        new->mask = old->mask;
818        new->ih = ih;
819
820        mutex_lock(&ih->mutex);
821
822        /* Initialize a new watch */
823        ret = inotify_handle_get_wd(ih, new);
824        if (unlikely(ret))
825                goto out;
826        ret = new->wd;
827
828        get_inotify_handle(ih);
829
830        new->inode = igrab(old->inode);
831
832        list_add(&new->h_list, &ih->watches);
833        list_add(&new->i_list, &old->inode->inotify_watches);
834out:
835        mutex_unlock(&ih->mutex);
836        return ret;
837}
838
839void inotify_evict_watch(struct inotify_watch *watch)
840{
841        get_inotify_watch(watch);
842        mutex_lock(&watch->ih->mutex);
843        inotify_remove_watch_locked(watch->ih, watch);
844        mutex_unlock(&watch->ih->mutex);
845}
846
847/**
848 * inotify_rm_wd - remove a watch from an inotify instance
849 * @ih: inotify handle
850 * @wd: watch descriptor to remove
851 *
852 * Can sleep.
853 */
854int inotify_rm_wd(struct inotify_handle *ih, u32 wd)
855{
856        struct inotify_watch *watch;
857        struct super_block *sb;
858        struct inode *inode;
859        int how;
860
861        mutex_lock(&ih->mutex);
862        watch = idr_find(&ih->idr, wd);
863        if (unlikely(!watch)) {
864                mutex_unlock(&ih->mutex);
865                return -EINVAL;
866        }
867        sb = watch->inode->i_sb;
868        how = pin_to_kill(ih, watch);
869        if (!how)
870                return 0;
871
872        inode = watch->inode;
873
874        mutex_lock(&inode->inotify_mutex);
875        mutex_lock(&ih->mutex);
876
877        /* make sure that we did not race */
878        if (likely(idr_find(&ih->idr, wd) == watch))
879                inotify_remove_watch_locked(ih, watch);
880
881        mutex_unlock(&ih->mutex);
882        mutex_unlock(&inode->inotify_mutex);
883        unpin_and_kill(watch, how);
884
885        return 0;
886}
887EXPORT_SYMBOL_GPL(inotify_rm_wd);
888
889/**
890 * inotify_rm_watch - remove a watch from an inotify instance
891 * @ih: inotify handle
892 * @watch: watch to remove
893 *
894 * Can sleep.
895 */
896int inotify_rm_watch(struct inotify_handle *ih,
897                     struct inotify_watch *watch)
898{
899        return inotify_rm_wd(ih, watch->wd);
900}
901EXPORT_SYMBOL_GPL(inotify_rm_watch);
902
903/*
904 * inotify_setup - core initialization function
905 */
906static int __init inotify_setup(void)
907{
908        atomic_set(&inotify_cookie, 0);
909
910        return 0;
911}
912
913module_init(inotify_setup);