1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
16 #include <linux/xattr.h>
17 #include <linux/posix_acl.h>
18
fuse_use_readdirplus(struct inode * dir,struct dir_context * ctx)19 static bool fuse_use_readdirplus(struct inode *dir, struct dir_context *ctx)
20 {
21 struct fuse_conn *fc = get_fuse_conn(dir);
22 struct fuse_inode *fi = get_fuse_inode(dir);
23
24 if (!fc->do_readdirplus)
25 return false;
26 if (!fc->readdirplus_auto)
27 return true;
28 if (test_and_clear_bit(FUSE_I_ADVISE_RDPLUS, &fi->state))
29 return true;
30 if (ctx->pos == 0)
31 return true;
32 return false;
33 }
34
fuse_advise_use_readdirplus(struct inode * dir)35 static void fuse_advise_use_readdirplus(struct inode *dir)
36 {
37 struct fuse_inode *fi = get_fuse_inode(dir);
38
39 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
40 }
41
42 union fuse_dentry {
43 u64 time;
44 struct rcu_head rcu;
45 };
46
fuse_dentry_settime(struct dentry * entry,u64 time)47 static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
48 {
49 ((union fuse_dentry *) entry->d_fsdata)->time = time;
50 }
51
fuse_dentry_time(struct dentry * entry)52 static inline u64 fuse_dentry_time(struct dentry *entry)
53 {
54 return ((union fuse_dentry *) entry->d_fsdata)->time;
55 }
56
57 /*
58 * FUSE caches dentries and attributes with separate timeout. The
59 * time in jiffies until the dentry/attributes are valid is stored in
60 * dentry->d_fsdata and fuse_inode->i_time respectively.
61 */
62
63 /*
64 * Calculate the time in jiffies until a dentry/attributes are valid
65 */
time_to_jiffies(u64 sec,u32 nsec)66 static u64 time_to_jiffies(u64 sec, u32 nsec)
67 {
68 if (sec || nsec) {
69 struct timespec64 ts = {
70 sec,
71 min_t(u32, nsec, NSEC_PER_SEC - 1)
72 };
73
74 return get_jiffies_64() + timespec64_to_jiffies(&ts);
75 } else
76 return 0;
77 }
78
79 /*
80 * Set dentry and possibly attribute timeouts from the lookup/mk*
81 * replies
82 */
fuse_change_entry_timeout(struct dentry * entry,struct fuse_entry_out * o)83 static void fuse_change_entry_timeout(struct dentry *entry,
84 struct fuse_entry_out *o)
85 {
86 fuse_dentry_settime(entry,
87 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
88 }
89
attr_timeout(struct fuse_attr_out * o)90 static u64 attr_timeout(struct fuse_attr_out *o)
91 {
92 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
93 }
94
entry_attr_timeout(struct fuse_entry_out * o)95 static u64 entry_attr_timeout(struct fuse_entry_out *o)
96 {
97 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
98 }
99
100 /*
101 * Mark the attributes as stale, so that at the next call to
102 * ->getattr() they will be fetched from userspace
103 */
fuse_invalidate_attr(struct inode * inode)104 void fuse_invalidate_attr(struct inode *inode)
105 {
106 get_fuse_inode(inode)->i_time = 0;
107 }
108
109 /**
110 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
111 * atime is not used.
112 */
fuse_invalidate_atime(struct inode * inode)113 void fuse_invalidate_atime(struct inode *inode)
114 {
115 if (!IS_RDONLY(inode))
116 fuse_invalidate_attr(inode);
117 }
118
119 /*
120 * Just mark the entry as stale, so that a next attempt to look it up
121 * will result in a new lookup call to userspace
122 *
123 * This is called when a dentry is about to become negative and the
124 * timeout is unknown (unlink, rmdir, rename and in some cases
125 * lookup)
126 */
fuse_invalidate_entry_cache(struct dentry * entry)127 void fuse_invalidate_entry_cache(struct dentry *entry)
128 {
129 fuse_dentry_settime(entry, 0);
130 }
131
132 /*
133 * Same as fuse_invalidate_entry_cache(), but also try to remove the
134 * dentry from the hash
135 */
fuse_invalidate_entry(struct dentry * entry)136 static void fuse_invalidate_entry(struct dentry *entry)
137 {
138 d_invalidate(entry);
139 fuse_invalidate_entry_cache(entry);
140 }
141
fuse_lookup_init(struct fuse_conn * fc,struct fuse_args * args,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg)142 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
143 u64 nodeid, const struct qstr *name,
144 struct fuse_entry_out *outarg)
145 {
146 memset(outarg, 0, sizeof(struct fuse_entry_out));
147 args->in.h.opcode = FUSE_LOOKUP;
148 args->in.h.nodeid = nodeid;
149 args->in.numargs = 1;
150 args->in.args[0].size = name->len + 1;
151 args->in.args[0].value = name->name;
152 args->out.numargs = 1;
153 args->out.args[0].size = sizeof(struct fuse_entry_out);
154 args->out.args[0].value = outarg;
155 }
156
fuse_get_attr_version(struct fuse_conn * fc)157 u64 fuse_get_attr_version(struct fuse_conn *fc)
158 {
159 u64 curr_version;
160
161 /*
162 * The spin lock isn't actually needed on 64bit archs, but we
163 * don't yet care too much about such optimizations.
164 */
165 spin_lock(&fc->lock);
166 curr_version = fc->attr_version;
167 spin_unlock(&fc->lock);
168
169 return curr_version;
170 }
171
172 /*
173 * Check whether the dentry is still valid
174 *
175 * If the entry validity timeout has expired and the dentry is
176 * positive, try to redo the lookup. If the lookup results in a
177 * different inode, then let the VFS invalidate the dentry and redo
178 * the lookup once more. If the lookup results in the same inode,
179 * then refresh the attributes, timeouts and mark the dentry valid.
180 */
fuse_dentry_revalidate(struct dentry * entry,unsigned int flags)181 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
182 {
183 struct inode *inode;
184 struct dentry *parent;
185 struct fuse_conn *fc;
186 struct fuse_inode *fi;
187 int ret;
188
189 inode = d_inode_rcu(entry);
190 if (inode && is_bad_inode(inode))
191 goto invalid;
192 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
193 (flags & LOOKUP_REVAL)) {
194 struct fuse_entry_out outarg;
195 FUSE_ARGS(args);
196 struct fuse_forget_link *forget;
197 u64 attr_version;
198
199 /* For negative dentries, always do a fresh lookup */
200 if (!inode)
201 goto invalid;
202
203 ret = -ECHILD;
204 if (flags & LOOKUP_RCU)
205 goto out;
206
207 fc = get_fuse_conn(inode);
208
209 forget = fuse_alloc_forget();
210 ret = -ENOMEM;
211 if (!forget)
212 goto out;
213
214 attr_version = fuse_get_attr_version(fc);
215
216 parent = dget_parent(entry);
217 fuse_lookup_init(fc, &args, get_node_id(d_inode(parent)),
218 &entry->d_name, &outarg);
219 ret = fuse_simple_request(fc, &args);
220 dput(parent);
221 /* Zero nodeid is same as -ENOENT */
222 if (!ret && !outarg.nodeid)
223 ret = -ENOENT;
224 if (!ret) {
225 fi = get_fuse_inode(inode);
226 if (outarg.nodeid != get_node_id(inode)) {
227 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
228 goto invalid;
229 }
230 spin_lock(&fc->lock);
231 fi->nlookup++;
232 spin_unlock(&fc->lock);
233 }
234 kfree(forget);
235 if (ret == -ENOMEM)
236 goto out;
237 if (ret || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
238 goto invalid;
239
240 forget_all_cached_acls(inode);
241 fuse_change_attributes(inode, &outarg.attr,
242 entry_attr_timeout(&outarg),
243 attr_version);
244 fuse_change_entry_timeout(entry, &outarg);
245 } else if (inode) {
246 fi = get_fuse_inode(inode);
247 if (flags & LOOKUP_RCU) {
248 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
249 return -ECHILD;
250 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
251 parent = dget_parent(entry);
252 fuse_advise_use_readdirplus(d_inode(parent));
253 dput(parent);
254 }
255 }
256 ret = 1;
257 out:
258 return ret;
259
260 invalid:
261 ret = 0;
262 goto out;
263 }
264
265 /*
266 * Get the canonical path. Since we must translate to a path, this must be done
267 * in the context of the userspace daemon, however, the userspace daemon cannot
268 * look up paths on its own. Instead, we handle the lookup as a special case
269 * inside of the write request.
270 */
fuse_dentry_canonical_path(const struct path * path,struct path * canonical_path)271 static void fuse_dentry_canonical_path(const struct path *path, struct path *canonical_path) {
272 struct inode *inode = path->dentry->d_inode;
273 struct fuse_conn *fc = get_fuse_conn(inode);
274 struct fuse_req *req;
275 int err;
276 char *path_name;
277
278 req = fuse_get_req(fc, 1);
279 err = PTR_ERR(req);
280 if (IS_ERR(req))
281 goto default_path;
282
283 path_name = (char*)__get_free_page(GFP_KERNEL);
284 if (!path_name) {
285 fuse_put_request(fc, req);
286 goto default_path;
287 }
288
289 req->in.h.opcode = FUSE_CANONICAL_PATH;
290 req->in.h.nodeid = get_node_id(inode);
291 req->in.numargs = 0;
292 req->out.numargs = 1;
293 req->out.args[0].size = PATH_MAX;
294 req->out.args[0].value = path_name;
295 req->canonical_path = canonical_path;
296 req->out.argvar = 1;
297 fuse_request_send(fc, req);
298 err = req->out.h.error;
299 fuse_put_request(fc, req);
300 free_page((unsigned long)path_name);
301 if (!err)
302 return;
303 default_path:
304 canonical_path->dentry = path->dentry;
305 canonical_path->mnt = path->mnt;
306 path_get(canonical_path);
307 }
308
invalid_nodeid(u64 nodeid)309 static int invalid_nodeid(u64 nodeid)
310 {
311 return !nodeid || nodeid == FUSE_ROOT_ID;
312 }
313
fuse_dentry_init(struct dentry * dentry)314 static int fuse_dentry_init(struct dentry *dentry)
315 {
316 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry), GFP_KERNEL);
317
318 return dentry->d_fsdata ? 0 : -ENOMEM;
319 }
fuse_dentry_release(struct dentry * dentry)320 static void fuse_dentry_release(struct dentry *dentry)
321 {
322 union fuse_dentry *fd = dentry->d_fsdata;
323
324 kfree_rcu(fd, rcu);
325 }
326
327 const struct dentry_operations fuse_dentry_operations = {
328 .d_revalidate = fuse_dentry_revalidate,
329 .d_init = fuse_dentry_init,
330 .d_release = fuse_dentry_release,
331 .d_canonical_path = fuse_dentry_canonical_path,
332 };
333
334 const struct dentry_operations fuse_root_dentry_operations = {
335 .d_init = fuse_dentry_init,
336 .d_release = fuse_dentry_release,
337 .d_canonical_path = fuse_dentry_canonical_path,
338 };
339
fuse_valid_type(int m)340 int fuse_valid_type(int m)
341 {
342 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
343 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
344 }
345
fuse_lookup_name(struct super_block * sb,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg,struct inode ** inode)346 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
347 struct fuse_entry_out *outarg, struct inode **inode)
348 {
349 struct fuse_conn *fc = get_fuse_conn_super(sb);
350 FUSE_ARGS(args);
351 struct fuse_forget_link *forget;
352 u64 attr_version;
353 int err;
354
355 *inode = NULL;
356 err = -ENAMETOOLONG;
357 if (name->len > FUSE_NAME_MAX)
358 goto out;
359
360
361 forget = fuse_alloc_forget();
362 err = -ENOMEM;
363 if (!forget)
364 goto out;
365
366 attr_version = fuse_get_attr_version(fc);
367
368 fuse_lookup_init(fc, &args, nodeid, name, outarg);
369 err = fuse_simple_request(fc, &args);
370 /* Zero nodeid is same as -ENOENT, but with valid timeout */
371 if (err || !outarg->nodeid)
372 goto out_put_forget;
373
374 err = -EIO;
375 if (!outarg->nodeid)
376 goto out_put_forget;
377 if (!fuse_valid_type(outarg->attr.mode))
378 goto out_put_forget;
379
380 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
381 &outarg->attr, entry_attr_timeout(outarg),
382 attr_version);
383 err = -ENOMEM;
384 if (!*inode) {
385 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
386 goto out;
387 }
388 err = 0;
389
390 out_put_forget:
391 kfree(forget);
392 out:
393 return err;
394 }
395
fuse_lookup(struct inode * dir,struct dentry * entry,unsigned int flags)396 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
397 unsigned int flags)
398 {
399 int err;
400 struct fuse_entry_out outarg;
401 struct inode *inode;
402 struct dentry *newent;
403 bool outarg_valid = true;
404
405 fuse_lock_inode(dir);
406 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
407 &outarg, &inode);
408 fuse_unlock_inode(dir);
409 if (err == -ENOENT) {
410 outarg_valid = false;
411 err = 0;
412 }
413 if (err)
414 goto out_err;
415
416 err = -EIO;
417 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
418 goto out_iput;
419
420 newent = d_splice_alias(inode, entry);
421 err = PTR_ERR(newent);
422 if (IS_ERR(newent))
423 goto out_err;
424
425 entry = newent ? newent : entry;
426 if (outarg_valid)
427 fuse_change_entry_timeout(entry, &outarg);
428 else
429 fuse_invalidate_entry_cache(entry);
430
431 fuse_advise_use_readdirplus(dir);
432 return newent;
433
434 out_iput:
435 iput(inode);
436 out_err:
437 return ERR_PTR(err);
438 }
439
440 /*
441 * Atomic create+open operation
442 *
443 * If the filesystem doesn't support this, then fall back to separate
444 * 'mknod' + 'open' requests.
445 */
fuse_create_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode,int * opened)446 static int fuse_create_open(struct inode *dir, struct dentry *entry,
447 struct file *file, unsigned flags,
448 umode_t mode, int *opened)
449 {
450 int err;
451 struct inode *inode;
452 struct fuse_conn *fc = get_fuse_conn(dir);
453 FUSE_ARGS(args);
454 struct fuse_forget_link *forget;
455 struct fuse_create_in inarg;
456 struct fuse_open_out outopen;
457 struct fuse_entry_out outentry;
458 struct fuse_file *ff;
459
460 /* Userspace expects S_IFREG in create mode */
461 BUG_ON((mode & S_IFMT) != S_IFREG);
462
463 forget = fuse_alloc_forget();
464 err = -ENOMEM;
465 if (!forget)
466 goto out_err;
467
468 err = -ENOMEM;
469 ff = fuse_file_alloc(fc);
470 if (!ff)
471 goto out_put_forget_req;
472
473 if (!fc->dont_mask)
474 mode &= ~current_umask();
475
476 flags &= ~O_NOCTTY;
477 memset(&inarg, 0, sizeof(inarg));
478 memset(&outentry, 0, sizeof(outentry));
479 inarg.flags = flags;
480 inarg.mode = mode;
481 inarg.umask = current_umask();
482 args.in.h.opcode = FUSE_CREATE;
483 args.in.h.nodeid = get_node_id(dir);
484 args.in.numargs = 2;
485 args.in.args[0].size = sizeof(inarg);
486 args.in.args[0].value = &inarg;
487 args.in.args[1].size = entry->d_name.len + 1;
488 args.in.args[1].value = entry->d_name.name;
489 args.out.numargs = 2;
490 args.out.args[0].size = sizeof(outentry);
491 args.out.args[0].value = &outentry;
492 args.out.args[1].size = sizeof(outopen);
493 args.out.args[1].value = &outopen;
494 err = fuse_simple_request(fc, &args);
495 if (err)
496 goto out_free_ff;
497
498 err = -EIO;
499 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
500 goto out_free_ff;
501
502 ff->fh = outopen.fh;
503 ff->nodeid = outentry.nodeid;
504 ff->open_flags = outopen.open_flags;
505 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
506 &outentry.attr, entry_attr_timeout(&outentry), 0);
507 if (!inode) {
508 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
509 fuse_sync_release(ff, flags);
510 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
511 err = -ENOMEM;
512 goto out_err;
513 }
514 kfree(forget);
515 d_instantiate(entry, inode);
516 fuse_change_entry_timeout(entry, &outentry);
517 fuse_invalidate_attr(dir);
518 err = finish_open(file, entry, generic_file_open, opened);
519 if (err) {
520 fuse_sync_release(ff, flags);
521 } else {
522 file->private_data = fuse_file_get(ff);
523 fuse_finish_open(inode, file);
524 }
525 return err;
526
527 out_free_ff:
528 fuse_file_free(ff);
529 out_put_forget_req:
530 kfree(forget);
531 out_err:
532 return err;
533 }
534
535 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
fuse_atomic_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode,int * opened)536 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
537 struct file *file, unsigned flags,
538 umode_t mode, int *opened)
539 {
540 int err;
541 struct fuse_conn *fc = get_fuse_conn(dir);
542 struct dentry *res = NULL;
543
544 if (d_in_lookup(entry)) {
545 res = fuse_lookup(dir, entry, 0);
546 if (IS_ERR(res))
547 return PTR_ERR(res);
548
549 if (res)
550 entry = res;
551 }
552
553 if (!(flags & O_CREAT) || d_really_is_positive(entry))
554 goto no_open;
555
556 /* Only creates */
557 *opened |= FILE_CREATED;
558
559 if (fc->no_create)
560 goto mknod;
561
562 err = fuse_create_open(dir, entry, file, flags, mode, opened);
563 if (err == -ENOSYS) {
564 fc->no_create = 1;
565 goto mknod;
566 }
567 out_dput:
568 dput(res);
569 return err;
570
571 mknod:
572 err = fuse_mknod(dir, entry, mode, 0);
573 if (err)
574 goto out_dput;
575 no_open:
576 return finish_no_open(file, res);
577 }
578
579 /*
580 * Code shared between mknod, mkdir, symlink and link
581 */
create_new_entry(struct fuse_conn * fc,struct fuse_args * args,struct inode * dir,struct dentry * entry,umode_t mode)582 static int create_new_entry(struct fuse_conn *fc, struct fuse_args *args,
583 struct inode *dir, struct dentry *entry,
584 umode_t mode)
585 {
586 struct fuse_entry_out outarg;
587 struct inode *inode;
588 int err;
589 struct fuse_forget_link *forget;
590
591 forget = fuse_alloc_forget();
592 if (!forget)
593 return -ENOMEM;
594
595 memset(&outarg, 0, sizeof(outarg));
596 args->in.h.nodeid = get_node_id(dir);
597 args->out.numargs = 1;
598 args->out.args[0].size = sizeof(outarg);
599 args->out.args[0].value = &outarg;
600 err = fuse_simple_request(fc, args);
601 if (err)
602 goto out_put_forget_req;
603
604 err = -EIO;
605 if (invalid_nodeid(outarg.nodeid))
606 goto out_put_forget_req;
607
608 if ((outarg.attr.mode ^ mode) & S_IFMT)
609 goto out_put_forget_req;
610
611 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
612 &outarg.attr, entry_attr_timeout(&outarg), 0);
613 if (!inode) {
614 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
615 return -ENOMEM;
616 }
617 kfree(forget);
618
619 err = d_instantiate_no_diralias(entry, inode);
620 if (err)
621 return err;
622
623 fuse_change_entry_timeout(entry, &outarg);
624 fuse_invalidate_attr(dir);
625 return 0;
626
627 out_put_forget_req:
628 kfree(forget);
629 return err;
630 }
631
fuse_mknod(struct inode * dir,struct dentry * entry,umode_t mode,dev_t rdev)632 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
633 dev_t rdev)
634 {
635 struct fuse_mknod_in inarg;
636 struct fuse_conn *fc = get_fuse_conn(dir);
637 FUSE_ARGS(args);
638
639 if (!fc->dont_mask)
640 mode &= ~current_umask();
641
642 memset(&inarg, 0, sizeof(inarg));
643 inarg.mode = mode;
644 inarg.rdev = new_encode_dev(rdev);
645 inarg.umask = current_umask();
646 args.in.h.opcode = FUSE_MKNOD;
647 args.in.numargs = 2;
648 args.in.args[0].size = sizeof(inarg);
649 args.in.args[0].value = &inarg;
650 args.in.args[1].size = entry->d_name.len + 1;
651 args.in.args[1].value = entry->d_name.name;
652 return create_new_entry(fc, &args, dir, entry, mode);
653 }
654
fuse_create(struct inode * dir,struct dentry * entry,umode_t mode,bool excl)655 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
656 bool excl)
657 {
658 return fuse_mknod(dir, entry, mode, 0);
659 }
660
fuse_mkdir(struct inode * dir,struct dentry * entry,umode_t mode)661 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
662 {
663 struct fuse_mkdir_in inarg;
664 struct fuse_conn *fc = get_fuse_conn(dir);
665 FUSE_ARGS(args);
666
667 if (!fc->dont_mask)
668 mode &= ~current_umask();
669
670 memset(&inarg, 0, sizeof(inarg));
671 inarg.mode = mode;
672 inarg.umask = current_umask();
673 args.in.h.opcode = FUSE_MKDIR;
674 args.in.numargs = 2;
675 args.in.args[0].size = sizeof(inarg);
676 args.in.args[0].value = &inarg;
677 args.in.args[1].size = entry->d_name.len + 1;
678 args.in.args[1].value = entry->d_name.name;
679 return create_new_entry(fc, &args, dir, entry, S_IFDIR);
680 }
681
fuse_symlink(struct inode * dir,struct dentry * entry,const char * link)682 static int fuse_symlink(struct inode *dir, struct dentry *entry,
683 const char *link)
684 {
685 struct fuse_conn *fc = get_fuse_conn(dir);
686 unsigned len = strlen(link) + 1;
687 FUSE_ARGS(args);
688
689 args.in.h.opcode = FUSE_SYMLINK;
690 args.in.numargs = 2;
691 args.in.args[0].size = entry->d_name.len + 1;
692 args.in.args[0].value = entry->d_name.name;
693 args.in.args[1].size = len;
694 args.in.args[1].value = link;
695 return create_new_entry(fc, &args, dir, entry, S_IFLNK);
696 }
697
fuse_update_ctime(struct inode * inode)698 void fuse_update_ctime(struct inode *inode)
699 {
700 if (!IS_NOCMTIME(inode)) {
701 inode->i_ctime = current_time(inode);
702 mark_inode_dirty_sync(inode);
703 }
704 }
705
fuse_unlink(struct inode * dir,struct dentry * entry)706 static int fuse_unlink(struct inode *dir, struct dentry *entry)
707 {
708 int err;
709 struct fuse_conn *fc = get_fuse_conn(dir);
710 FUSE_ARGS(args);
711
712 args.in.h.opcode = FUSE_UNLINK;
713 args.in.h.nodeid = get_node_id(dir);
714 args.in.numargs = 1;
715 args.in.args[0].size = entry->d_name.len + 1;
716 args.in.args[0].value = entry->d_name.name;
717 err = fuse_simple_request(fc, &args);
718 if (!err) {
719 struct inode *inode = d_inode(entry);
720 struct fuse_inode *fi = get_fuse_inode(inode);
721
722 spin_lock(&fc->lock);
723 fi->attr_version = ++fc->attr_version;
724 /*
725 * If i_nlink == 0 then unlink doesn't make sense, yet this can
726 * happen if userspace filesystem is careless. It would be
727 * difficult to enforce correct nlink usage so just ignore this
728 * condition here
729 */
730 if (inode->i_nlink > 0)
731 drop_nlink(inode);
732 spin_unlock(&fc->lock);
733 fuse_invalidate_attr(inode);
734 fuse_invalidate_attr(dir);
735 fuse_invalidate_entry_cache(entry);
736 fuse_update_ctime(inode);
737 } else if (err == -EINTR)
738 fuse_invalidate_entry(entry);
739 return err;
740 }
741
fuse_rmdir(struct inode * dir,struct dentry * entry)742 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
743 {
744 int err;
745 struct fuse_conn *fc = get_fuse_conn(dir);
746 FUSE_ARGS(args);
747
748 args.in.h.opcode = FUSE_RMDIR;
749 args.in.h.nodeid = get_node_id(dir);
750 args.in.numargs = 1;
751 args.in.args[0].size = entry->d_name.len + 1;
752 args.in.args[0].value = entry->d_name.name;
753 err = fuse_simple_request(fc, &args);
754 if (!err) {
755 clear_nlink(d_inode(entry));
756 fuse_invalidate_attr(dir);
757 fuse_invalidate_entry_cache(entry);
758 } else if (err == -EINTR)
759 fuse_invalidate_entry(entry);
760 return err;
761 }
762
fuse_rename_common(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags,int opcode,size_t argsize)763 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
764 struct inode *newdir, struct dentry *newent,
765 unsigned int flags, int opcode, size_t argsize)
766 {
767 int err;
768 struct fuse_rename2_in inarg;
769 struct fuse_conn *fc = get_fuse_conn(olddir);
770 FUSE_ARGS(args);
771
772 memset(&inarg, 0, argsize);
773 inarg.newdir = get_node_id(newdir);
774 inarg.flags = flags;
775 args.in.h.opcode = opcode;
776 args.in.h.nodeid = get_node_id(olddir);
777 args.in.numargs = 3;
778 args.in.args[0].size = argsize;
779 args.in.args[0].value = &inarg;
780 args.in.args[1].size = oldent->d_name.len + 1;
781 args.in.args[1].value = oldent->d_name.name;
782 args.in.args[2].size = newent->d_name.len + 1;
783 args.in.args[2].value = newent->d_name.name;
784 err = fuse_simple_request(fc, &args);
785 if (!err) {
786 /* ctime changes */
787 fuse_invalidate_attr(d_inode(oldent));
788 fuse_update_ctime(d_inode(oldent));
789
790 if (flags & RENAME_EXCHANGE) {
791 fuse_invalidate_attr(d_inode(newent));
792 fuse_update_ctime(d_inode(newent));
793 }
794
795 fuse_invalidate_attr(olddir);
796 if (olddir != newdir)
797 fuse_invalidate_attr(newdir);
798
799 /* newent will end up negative */
800 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
801 fuse_invalidate_attr(d_inode(newent));
802 fuse_invalidate_entry_cache(newent);
803 fuse_update_ctime(d_inode(newent));
804 }
805 } else if (err == -EINTR) {
806 /* If request was interrupted, DEITY only knows if the
807 rename actually took place. If the invalidation
808 fails (e.g. some process has CWD under the renamed
809 directory), then there can be inconsistency between
810 the dcache and the real filesystem. Tough luck. */
811 fuse_invalidate_entry(oldent);
812 if (d_really_is_positive(newent))
813 fuse_invalidate_entry(newent);
814 }
815
816 return err;
817 }
818
fuse_rename2(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags)819 static int fuse_rename2(struct inode *olddir, struct dentry *oldent,
820 struct inode *newdir, struct dentry *newent,
821 unsigned int flags)
822 {
823 struct fuse_conn *fc = get_fuse_conn(olddir);
824 int err;
825
826 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
827 return -EINVAL;
828
829 if (flags) {
830 if (fc->no_rename2 || fc->minor < 23)
831 return -EINVAL;
832
833 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
834 FUSE_RENAME2,
835 sizeof(struct fuse_rename2_in));
836 if (err == -ENOSYS) {
837 fc->no_rename2 = 1;
838 err = -EINVAL;
839 }
840 } else {
841 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
842 FUSE_RENAME,
843 sizeof(struct fuse_rename_in));
844 }
845
846 return err;
847 }
848
fuse_link(struct dentry * entry,struct inode * newdir,struct dentry * newent)849 static int fuse_link(struct dentry *entry, struct inode *newdir,
850 struct dentry *newent)
851 {
852 int err;
853 struct fuse_link_in inarg;
854 struct inode *inode = d_inode(entry);
855 struct fuse_conn *fc = get_fuse_conn(inode);
856 FUSE_ARGS(args);
857
858 memset(&inarg, 0, sizeof(inarg));
859 inarg.oldnodeid = get_node_id(inode);
860 args.in.h.opcode = FUSE_LINK;
861 args.in.numargs = 2;
862 args.in.args[0].size = sizeof(inarg);
863 args.in.args[0].value = &inarg;
864 args.in.args[1].size = newent->d_name.len + 1;
865 args.in.args[1].value = newent->d_name.name;
866 err = create_new_entry(fc, &args, newdir, newent, inode->i_mode);
867 /* Contrary to "normal" filesystems it can happen that link
868 makes two "logical" inodes point to the same "physical"
869 inode. We invalidate the attributes of the old one, so it
870 will reflect changes in the backing inode (link count,
871 etc.)
872 */
873 if (!err) {
874 struct fuse_inode *fi = get_fuse_inode(inode);
875
876 spin_lock(&fc->lock);
877 fi->attr_version = ++fc->attr_version;
878 inc_nlink(inode);
879 spin_unlock(&fc->lock);
880 fuse_invalidate_attr(inode);
881 fuse_update_ctime(inode);
882 } else if (err == -EINTR) {
883 fuse_invalidate_attr(inode);
884 }
885 return err;
886 }
887
fuse_fillattr(struct inode * inode,struct fuse_attr * attr,struct kstat * stat)888 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
889 struct kstat *stat)
890 {
891 unsigned int blkbits;
892 struct fuse_conn *fc = get_fuse_conn(inode);
893
894 /* see the comment in fuse_change_attributes() */
895 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
896 attr->size = i_size_read(inode);
897 attr->mtime = inode->i_mtime.tv_sec;
898 attr->mtimensec = inode->i_mtime.tv_nsec;
899 attr->ctime = inode->i_ctime.tv_sec;
900 attr->ctimensec = inode->i_ctime.tv_nsec;
901 }
902
903 stat->dev = inode->i_sb->s_dev;
904 stat->ino = attr->ino;
905 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
906 stat->nlink = attr->nlink;
907 stat->uid = make_kuid(&init_user_ns, attr->uid);
908 stat->gid = make_kgid(&init_user_ns, attr->gid);
909 stat->rdev = inode->i_rdev;
910 stat->atime.tv_sec = attr->atime;
911 stat->atime.tv_nsec = attr->atimensec;
912 stat->mtime.tv_sec = attr->mtime;
913 stat->mtime.tv_nsec = attr->mtimensec;
914 stat->ctime.tv_sec = attr->ctime;
915 stat->ctime.tv_nsec = attr->ctimensec;
916 stat->size = attr->size;
917 stat->blocks = attr->blocks;
918
919 if (attr->blksize != 0)
920 blkbits = ilog2(attr->blksize);
921 else
922 blkbits = inode->i_sb->s_blocksize_bits;
923
924 stat->blksize = 1 << blkbits;
925 }
926
fuse_do_getattr(struct inode * inode,struct kstat * stat,struct file * file)927 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
928 struct file *file)
929 {
930 int err;
931 struct fuse_getattr_in inarg;
932 struct fuse_attr_out outarg;
933 struct fuse_conn *fc = get_fuse_conn(inode);
934 FUSE_ARGS(args);
935 u64 attr_version;
936
937 attr_version = fuse_get_attr_version(fc);
938
939 memset(&inarg, 0, sizeof(inarg));
940 memset(&outarg, 0, sizeof(outarg));
941 /* Directories have separate file-handle space */
942 if (file && S_ISREG(inode->i_mode)) {
943 struct fuse_file *ff = file->private_data;
944
945 inarg.getattr_flags |= FUSE_GETATTR_FH;
946 inarg.fh = ff->fh;
947 }
948 args.in.h.opcode = FUSE_GETATTR;
949 args.in.h.nodeid = get_node_id(inode);
950 args.in.numargs = 1;
951 args.in.args[0].size = sizeof(inarg);
952 args.in.args[0].value = &inarg;
953 args.out.numargs = 1;
954 args.out.args[0].size = sizeof(outarg);
955 args.out.args[0].value = &outarg;
956 err = fuse_simple_request(fc, &args);
957 if (!err) {
958 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
959 make_bad_inode(inode);
960 err = -EIO;
961 } else {
962 fuse_change_attributes(inode, &outarg.attr,
963 attr_timeout(&outarg),
964 attr_version);
965 if (stat)
966 fuse_fillattr(inode, &outarg.attr, stat);
967 }
968 }
969 return err;
970 }
971
fuse_update_attributes(struct inode * inode,struct kstat * stat,struct file * file,bool * refreshed)972 int fuse_update_attributes(struct inode *inode, struct kstat *stat,
973 struct file *file, bool *refreshed)
974 {
975 struct fuse_inode *fi = get_fuse_inode(inode);
976 int err;
977 bool r;
978
979 if (time_before64(fi->i_time, get_jiffies_64())) {
980 r = true;
981 forget_all_cached_acls(inode);
982 err = fuse_do_getattr(inode, stat, file);
983 } else {
984 r = false;
985 err = 0;
986 if (stat) {
987 generic_fillattr(inode, stat);
988 stat->mode = fi->orig_i_mode;
989 stat->ino = fi->orig_ino;
990 }
991 }
992
993 if (refreshed != NULL)
994 *refreshed = r;
995
996 return err;
997 }
998
fuse_reverse_inval_entry(struct super_block * sb,u64 parent_nodeid,u64 child_nodeid,struct qstr * name)999 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
1000 u64 child_nodeid, struct qstr *name)
1001 {
1002 int err = -ENOTDIR;
1003 struct inode *parent;
1004 struct dentry *dir;
1005 struct dentry *entry;
1006
1007 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
1008 if (!parent)
1009 return -ENOENT;
1010
1011 inode_lock(parent);
1012 if (!S_ISDIR(parent->i_mode))
1013 goto unlock;
1014
1015 err = -ENOENT;
1016 dir = d_find_alias(parent);
1017 if (!dir)
1018 goto unlock;
1019
1020 name->hash = full_name_hash(dir, name->name, name->len);
1021 entry = d_lookup(dir, name);
1022 dput(dir);
1023 if (!entry)
1024 goto unlock;
1025
1026 fuse_invalidate_attr(parent);
1027 fuse_invalidate_entry(entry);
1028
1029 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1030 inode_lock(d_inode(entry));
1031 if (get_node_id(d_inode(entry)) != child_nodeid) {
1032 err = -ENOENT;
1033 goto badentry;
1034 }
1035 if (d_mountpoint(entry)) {
1036 err = -EBUSY;
1037 goto badentry;
1038 }
1039 if (d_is_dir(entry)) {
1040 shrink_dcache_parent(entry);
1041 if (!simple_empty(entry)) {
1042 err = -ENOTEMPTY;
1043 goto badentry;
1044 }
1045 d_inode(entry)->i_flags |= S_DEAD;
1046 }
1047 dont_mount(entry);
1048 clear_nlink(d_inode(entry));
1049 err = 0;
1050 badentry:
1051 inode_unlock(d_inode(entry));
1052 if (!err)
1053 d_delete(entry);
1054 } else {
1055 err = 0;
1056 }
1057 dput(entry);
1058
1059 unlock:
1060 inode_unlock(parent);
1061 iput(parent);
1062 return err;
1063 }
1064
1065 /*
1066 * Calling into a user-controlled filesystem gives the filesystem
1067 * daemon ptrace-like capabilities over the current process. This
1068 * means, that the filesystem daemon is able to record the exact
1069 * filesystem operations performed, and can also control the behavior
1070 * of the requester process in otherwise impossible ways. For example
1071 * it can delay the operation for arbitrary length of time allowing
1072 * DoS against the requester.
1073 *
1074 * For this reason only those processes can call into the filesystem,
1075 * for which the owner of the mount has ptrace privilege. This
1076 * excludes processes started by other users, suid or sgid processes.
1077 */
fuse_allow_current_process(struct fuse_conn * fc)1078 int fuse_allow_current_process(struct fuse_conn *fc)
1079 {
1080 const struct cred *cred;
1081
1082 if (fc->allow_other)
1083 return 1;
1084
1085 cred = current_cred();
1086 if (uid_eq(cred->euid, fc->user_id) &&
1087 uid_eq(cred->suid, fc->user_id) &&
1088 uid_eq(cred->uid, fc->user_id) &&
1089 gid_eq(cred->egid, fc->group_id) &&
1090 gid_eq(cred->sgid, fc->group_id) &&
1091 gid_eq(cred->gid, fc->group_id))
1092 return 1;
1093
1094 return 0;
1095 }
1096
fuse_access(struct inode * inode,int mask)1097 static int fuse_access(struct inode *inode, int mask)
1098 {
1099 struct fuse_conn *fc = get_fuse_conn(inode);
1100 FUSE_ARGS(args);
1101 struct fuse_access_in inarg;
1102 int err;
1103
1104 BUG_ON(mask & MAY_NOT_BLOCK);
1105
1106 if (fc->no_access)
1107 return 0;
1108
1109 memset(&inarg, 0, sizeof(inarg));
1110 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1111 args.in.h.opcode = FUSE_ACCESS;
1112 args.in.h.nodeid = get_node_id(inode);
1113 args.in.numargs = 1;
1114 args.in.args[0].size = sizeof(inarg);
1115 args.in.args[0].value = &inarg;
1116 err = fuse_simple_request(fc, &args);
1117 if (err == -ENOSYS) {
1118 fc->no_access = 1;
1119 err = 0;
1120 }
1121 return err;
1122 }
1123
fuse_perm_getattr(struct inode * inode,int mask)1124 static int fuse_perm_getattr(struct inode *inode, int mask)
1125 {
1126 if (mask & MAY_NOT_BLOCK)
1127 return -ECHILD;
1128
1129 forget_all_cached_acls(inode);
1130 return fuse_do_getattr(inode, NULL, NULL);
1131 }
1132
1133 /*
1134 * Check permission. The two basic access models of FUSE are:
1135 *
1136 * 1) Local access checking ('default_permissions' mount option) based
1137 * on file mode. This is the plain old disk filesystem permission
1138 * modell.
1139 *
1140 * 2) "Remote" access checking, where server is responsible for
1141 * checking permission in each inode operation. An exception to this
1142 * is if ->permission() was invoked from sys_access() in which case an
1143 * access request is sent. Execute permission is still checked
1144 * locally based on file mode.
1145 */
fuse_permission(struct inode * inode,int mask)1146 static int fuse_permission(struct inode *inode, int mask)
1147 {
1148 struct fuse_conn *fc = get_fuse_conn(inode);
1149 bool refreshed = false;
1150 int err = 0;
1151
1152 if (!fuse_allow_current_process(fc))
1153 return -EACCES;
1154
1155 /*
1156 * If attributes are needed, refresh them before proceeding
1157 */
1158 if (fc->default_permissions ||
1159 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1160 struct fuse_inode *fi = get_fuse_inode(inode);
1161
1162 if (time_before64(fi->i_time, get_jiffies_64())) {
1163 refreshed = true;
1164
1165 err = fuse_perm_getattr(inode, mask);
1166 if (err)
1167 return err;
1168 }
1169 }
1170
1171 if (fc->default_permissions) {
1172 err = generic_permission(inode, mask);
1173
1174 /* If permission is denied, try to refresh file
1175 attributes. This is also needed, because the root
1176 node will at first have no permissions */
1177 if (err == -EACCES && !refreshed) {
1178 err = fuse_perm_getattr(inode, mask);
1179 if (!err)
1180 err = generic_permission(inode, mask);
1181 }
1182
1183 /* Note: the opposite of the above test does not
1184 exist. So if permissions are revoked this won't be
1185 noticed immediately, only after the attribute
1186 timeout has expired */
1187 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1188 err = fuse_access(inode, mask);
1189 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1190 if (!(inode->i_mode & S_IXUGO)) {
1191 if (refreshed)
1192 return -EACCES;
1193
1194 err = fuse_perm_getattr(inode, mask);
1195 if (!err && !(inode->i_mode & S_IXUGO))
1196 return -EACCES;
1197 }
1198 }
1199 return err;
1200 }
1201
parse_dirfile(char * buf,size_t nbytes,struct file * file,struct dir_context * ctx)1202 static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
1203 struct dir_context *ctx)
1204 {
1205 while (nbytes >= FUSE_NAME_OFFSET) {
1206 struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
1207 size_t reclen = FUSE_DIRENT_SIZE(dirent);
1208 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1209 return -EIO;
1210 if (reclen > nbytes)
1211 break;
1212 if (memchr(dirent->name, '/', dirent->namelen) != NULL)
1213 return -EIO;
1214
1215 if (!dir_emit(ctx, dirent->name, dirent->namelen,
1216 dirent->ino, dirent->type))
1217 break;
1218
1219 buf += reclen;
1220 nbytes -= reclen;
1221 ctx->pos = dirent->off;
1222 }
1223
1224 return 0;
1225 }
1226
fuse_direntplus_link(struct file * file,struct fuse_direntplus * direntplus,u64 attr_version)1227 static int fuse_direntplus_link(struct file *file,
1228 struct fuse_direntplus *direntplus,
1229 u64 attr_version)
1230 {
1231 struct fuse_entry_out *o = &direntplus->entry_out;
1232 struct fuse_dirent *dirent = &direntplus->dirent;
1233 struct dentry *parent = file->f_path.dentry;
1234 struct qstr name = QSTR_INIT(dirent->name, dirent->namelen);
1235 struct dentry *dentry;
1236 struct dentry *alias;
1237 struct inode *dir = d_inode(parent);
1238 struct fuse_conn *fc;
1239 struct inode *inode;
1240 DECLARE_WAIT_QUEUE_HEAD_ONSTACK(wq);
1241
1242 if (!o->nodeid) {
1243 /*
1244 * Unlike in the case of fuse_lookup, zero nodeid does not mean
1245 * ENOENT. Instead, it only means the userspace filesystem did
1246 * not want to return attributes/handle for this entry.
1247 *
1248 * So do nothing.
1249 */
1250 return 0;
1251 }
1252
1253 if (name.name[0] == '.') {
1254 /*
1255 * We could potentially refresh the attributes of the directory
1256 * and its parent?
1257 */
1258 if (name.len == 1)
1259 return 0;
1260 if (name.name[1] == '.' && name.len == 2)
1261 return 0;
1262 }
1263
1264 if (invalid_nodeid(o->nodeid))
1265 return -EIO;
1266 if (!fuse_valid_type(o->attr.mode))
1267 return -EIO;
1268
1269 fc = get_fuse_conn(dir);
1270
1271 name.hash = full_name_hash(parent, name.name, name.len);
1272 dentry = d_lookup(parent, &name);
1273 if (!dentry) {
1274 retry:
1275 dentry = d_alloc_parallel(parent, &name, &wq);
1276 if (IS_ERR(dentry))
1277 return PTR_ERR(dentry);
1278 }
1279 if (!d_in_lookup(dentry)) {
1280 struct fuse_inode *fi;
1281 inode = d_inode(dentry);
1282 if (!inode ||
1283 get_node_id(inode) != o->nodeid ||
1284 ((o->attr.mode ^ inode->i_mode) & S_IFMT)) {
1285 d_invalidate(dentry);
1286 dput(dentry);
1287 goto retry;
1288 }
1289 if (is_bad_inode(inode)) {
1290 dput(dentry);
1291 return -EIO;
1292 }
1293
1294 fi = get_fuse_inode(inode);
1295 spin_lock(&fc->lock);
1296 fi->nlookup++;
1297 spin_unlock(&fc->lock);
1298
1299 forget_all_cached_acls(inode);
1300 fuse_change_attributes(inode, &o->attr,
1301 entry_attr_timeout(o),
1302 attr_version);
1303 /*
1304 * The other branch comes via fuse_iget()
1305 * which bumps nlookup inside
1306 */
1307 } else {
1308 inode = fuse_iget(dir->i_sb, o->nodeid, o->generation,
1309 &o->attr, entry_attr_timeout(o),
1310 attr_version);
1311 if (!inode)
1312 inode = ERR_PTR(-ENOMEM);
1313
1314 alias = d_splice_alias(inode, dentry);
1315 d_lookup_done(dentry);
1316 if (alias) {
1317 dput(dentry);
1318 dentry = alias;
1319 }
1320 if (IS_ERR(dentry))
1321 return PTR_ERR(dentry);
1322 }
1323 if (fc->readdirplus_auto)
1324 set_bit(FUSE_I_INIT_RDPLUS, &get_fuse_inode(inode)->state);
1325 fuse_change_entry_timeout(dentry, o);
1326
1327 dput(dentry);
1328 return 0;
1329 }
1330
parse_dirplusfile(char * buf,size_t nbytes,struct file * file,struct dir_context * ctx,u64 attr_version)1331 static int parse_dirplusfile(char *buf, size_t nbytes, struct file *file,
1332 struct dir_context *ctx, u64 attr_version)
1333 {
1334 struct fuse_direntplus *direntplus;
1335 struct fuse_dirent *dirent;
1336 size_t reclen;
1337 int over = 0;
1338 int ret;
1339
1340 while (nbytes >= FUSE_NAME_OFFSET_DIRENTPLUS) {
1341 direntplus = (struct fuse_direntplus *) buf;
1342 dirent = &direntplus->dirent;
1343 reclen = FUSE_DIRENTPLUS_SIZE(direntplus);
1344
1345 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1346 return -EIO;
1347 if (reclen > nbytes)
1348 break;
1349 if (memchr(dirent->name, '/', dirent->namelen) != NULL)
1350 return -EIO;
1351
1352 if (!over) {
1353 /* We fill entries into dstbuf only as much as
1354 it can hold. But we still continue iterating
1355 over remaining entries to link them. If not,
1356 we need to send a FORGET for each of those
1357 which we did not link.
1358 */
1359 over = !dir_emit(ctx, dirent->name, dirent->namelen,
1360 dirent->ino, dirent->type);
1361 if (!over)
1362 ctx->pos = dirent->off;
1363 }
1364
1365 buf += reclen;
1366 nbytes -= reclen;
1367
1368 ret = fuse_direntplus_link(file, direntplus, attr_version);
1369 if (ret)
1370 fuse_force_forget(file, direntplus->entry_out.nodeid);
1371 }
1372
1373 return 0;
1374 }
1375
fuse_readdir(struct file * file,struct dir_context * ctx)1376 static int fuse_readdir(struct file *file, struct dir_context *ctx)
1377 {
1378 int plus, err;
1379 size_t nbytes;
1380 struct page *page;
1381 struct inode *inode = file_inode(file);
1382 struct fuse_conn *fc = get_fuse_conn(inode);
1383 struct fuse_req *req;
1384 u64 attr_version = 0;
1385
1386 if (is_bad_inode(inode))
1387 return -EIO;
1388
1389 req = fuse_get_req(fc, 1);
1390 if (IS_ERR(req))
1391 return PTR_ERR(req);
1392
1393 page = alloc_page(GFP_KERNEL);
1394 if (!page) {
1395 fuse_put_request(fc, req);
1396 return -ENOMEM;
1397 }
1398
1399 plus = fuse_use_readdirplus(inode, ctx);
1400 req->out.argpages = 1;
1401 req->num_pages = 1;
1402 req->pages[0] = page;
1403 req->page_descs[0].length = PAGE_SIZE;
1404 if (plus) {
1405 attr_version = fuse_get_attr_version(fc);
1406 fuse_read_fill(req, file, ctx->pos, PAGE_SIZE,
1407 FUSE_READDIRPLUS);
1408 } else {
1409 fuse_read_fill(req, file, ctx->pos, PAGE_SIZE,
1410 FUSE_READDIR);
1411 }
1412 fuse_lock_inode(inode);
1413 fuse_request_send(fc, req);
1414 fuse_unlock_inode(inode);
1415 nbytes = req->out.args[0].size;
1416 err = req->out.h.error;
1417 fuse_put_request(fc, req);
1418 if (!err) {
1419 if (plus) {
1420 err = parse_dirplusfile(page_address(page), nbytes,
1421 file, ctx,
1422 attr_version);
1423 } else {
1424 err = parse_dirfile(page_address(page), nbytes, file,
1425 ctx);
1426 }
1427 }
1428
1429 __free_page(page);
1430 fuse_invalidate_atime(inode);
1431 return err;
1432 }
1433
fuse_get_link(struct dentry * dentry,struct inode * inode,struct delayed_call * done)1434 static const char *fuse_get_link(struct dentry *dentry,
1435 struct inode *inode,
1436 struct delayed_call *done)
1437 {
1438 struct fuse_conn *fc = get_fuse_conn(inode);
1439 FUSE_ARGS(args);
1440 char *link;
1441 ssize_t ret;
1442
1443 if (!dentry)
1444 return ERR_PTR(-ECHILD);
1445
1446 link = kmalloc(PAGE_SIZE, GFP_KERNEL);
1447 if (!link)
1448 return ERR_PTR(-ENOMEM);
1449
1450 args.in.h.opcode = FUSE_READLINK;
1451 args.in.h.nodeid = get_node_id(inode);
1452 args.out.argvar = 1;
1453 args.out.numargs = 1;
1454 args.out.args[0].size = PAGE_SIZE - 1;
1455 args.out.args[0].value = link;
1456 ret = fuse_simple_request(fc, &args);
1457 if (ret < 0) {
1458 kfree(link);
1459 link = ERR_PTR(ret);
1460 } else {
1461 link[ret] = '\0';
1462 set_delayed_call(done, kfree_link, link);
1463 }
1464 fuse_invalidate_atime(inode);
1465 return link;
1466 }
1467
fuse_dir_open(struct inode * inode,struct file * file)1468 static int fuse_dir_open(struct inode *inode, struct file *file)
1469 {
1470 return fuse_open_common(inode, file, true);
1471 }
1472
fuse_dir_release(struct inode * inode,struct file * file)1473 static int fuse_dir_release(struct inode *inode, struct file *file)
1474 {
1475 fuse_release_common(file, FUSE_RELEASEDIR);
1476
1477 return 0;
1478 }
1479
fuse_dir_fsync(struct file * file,loff_t start,loff_t end,int datasync)1480 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1481 int datasync)
1482 {
1483 return fuse_fsync_common(file, start, end, datasync, 1);
1484 }
1485
fuse_dir_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1486 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1487 unsigned long arg)
1488 {
1489 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1490
1491 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1492 if (fc->minor < 18)
1493 return -ENOTTY;
1494
1495 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1496 }
1497
fuse_dir_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1498 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1499 unsigned long arg)
1500 {
1501 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1502
1503 if (fc->minor < 18)
1504 return -ENOTTY;
1505
1506 return fuse_ioctl_common(file, cmd, arg,
1507 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1508 }
1509
update_mtime(unsigned ivalid,bool trust_local_mtime)1510 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1511 {
1512 /* Always update if mtime is explicitly set */
1513 if (ivalid & ATTR_MTIME_SET)
1514 return true;
1515
1516 /* Or if kernel i_mtime is the official one */
1517 if (trust_local_mtime)
1518 return true;
1519
1520 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1521 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1522 return false;
1523
1524 /* In all other cases update */
1525 return true;
1526 }
1527
iattr_to_fattr(struct iattr * iattr,struct fuse_setattr_in * arg,bool trust_local_cmtime)1528 static void iattr_to_fattr(struct iattr *iattr, struct fuse_setattr_in *arg,
1529 bool trust_local_cmtime)
1530 {
1531 unsigned ivalid = iattr->ia_valid;
1532
1533 if (ivalid & ATTR_MODE)
1534 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1535 if (ivalid & ATTR_UID)
1536 arg->valid |= FATTR_UID, arg->uid = from_kuid(&init_user_ns, iattr->ia_uid);
1537 if (ivalid & ATTR_GID)
1538 arg->valid |= FATTR_GID, arg->gid = from_kgid(&init_user_ns, iattr->ia_gid);
1539 if (ivalid & ATTR_SIZE)
1540 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1541 if (ivalid & ATTR_ATIME) {
1542 arg->valid |= FATTR_ATIME;
1543 arg->atime = iattr->ia_atime.tv_sec;
1544 arg->atimensec = iattr->ia_atime.tv_nsec;
1545 if (!(ivalid & ATTR_ATIME_SET))
1546 arg->valid |= FATTR_ATIME_NOW;
1547 }
1548 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1549 arg->valid |= FATTR_MTIME;
1550 arg->mtime = iattr->ia_mtime.tv_sec;
1551 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1552 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1553 arg->valid |= FATTR_MTIME_NOW;
1554 }
1555 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1556 arg->valid |= FATTR_CTIME;
1557 arg->ctime = iattr->ia_ctime.tv_sec;
1558 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1559 }
1560 }
1561
1562 /*
1563 * Prevent concurrent writepages on inode
1564 *
1565 * This is done by adding a negative bias to the inode write counter
1566 * and waiting for all pending writes to finish.
1567 */
fuse_set_nowrite(struct inode * inode)1568 void fuse_set_nowrite(struct inode *inode)
1569 {
1570 struct fuse_conn *fc = get_fuse_conn(inode);
1571 struct fuse_inode *fi = get_fuse_inode(inode);
1572
1573 BUG_ON(!inode_is_locked(inode));
1574
1575 spin_lock(&fc->lock);
1576 BUG_ON(fi->writectr < 0);
1577 fi->writectr += FUSE_NOWRITE;
1578 spin_unlock(&fc->lock);
1579 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1580 }
1581
1582 /*
1583 * Allow writepages on inode
1584 *
1585 * Remove the bias from the writecounter and send any queued
1586 * writepages.
1587 */
__fuse_release_nowrite(struct inode * inode)1588 static void __fuse_release_nowrite(struct inode *inode)
1589 {
1590 struct fuse_inode *fi = get_fuse_inode(inode);
1591
1592 BUG_ON(fi->writectr != FUSE_NOWRITE);
1593 fi->writectr = 0;
1594 fuse_flush_writepages(inode);
1595 }
1596
fuse_release_nowrite(struct inode * inode)1597 void fuse_release_nowrite(struct inode *inode)
1598 {
1599 struct fuse_conn *fc = get_fuse_conn(inode);
1600
1601 spin_lock(&fc->lock);
1602 __fuse_release_nowrite(inode);
1603 spin_unlock(&fc->lock);
1604 }
1605
fuse_setattr_fill(struct fuse_conn * fc,struct fuse_args * args,struct inode * inode,struct fuse_setattr_in * inarg_p,struct fuse_attr_out * outarg_p)1606 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1607 struct inode *inode,
1608 struct fuse_setattr_in *inarg_p,
1609 struct fuse_attr_out *outarg_p)
1610 {
1611 args->in.h.opcode = FUSE_SETATTR;
1612 args->in.h.nodeid = get_node_id(inode);
1613 args->in.numargs = 1;
1614 args->in.args[0].size = sizeof(*inarg_p);
1615 args->in.args[0].value = inarg_p;
1616 args->out.numargs = 1;
1617 args->out.args[0].size = sizeof(*outarg_p);
1618 args->out.args[0].value = outarg_p;
1619 }
1620
1621 /*
1622 * Flush inode->i_mtime to the server
1623 */
fuse_flush_times(struct inode * inode,struct fuse_file * ff)1624 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1625 {
1626 struct fuse_conn *fc = get_fuse_conn(inode);
1627 FUSE_ARGS(args);
1628 struct fuse_setattr_in inarg;
1629 struct fuse_attr_out outarg;
1630
1631 memset(&inarg, 0, sizeof(inarg));
1632 memset(&outarg, 0, sizeof(outarg));
1633
1634 inarg.valid = FATTR_MTIME;
1635 inarg.mtime = inode->i_mtime.tv_sec;
1636 inarg.mtimensec = inode->i_mtime.tv_nsec;
1637 if (fc->minor >= 23) {
1638 inarg.valid |= FATTR_CTIME;
1639 inarg.ctime = inode->i_ctime.tv_sec;
1640 inarg.ctimensec = inode->i_ctime.tv_nsec;
1641 }
1642 if (ff) {
1643 inarg.valid |= FATTR_FH;
1644 inarg.fh = ff->fh;
1645 }
1646 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1647
1648 return fuse_simple_request(fc, &args);
1649 }
1650
1651 /*
1652 * Set attributes, and at the same time refresh them.
1653 *
1654 * Truncation is slightly complicated, because the 'truncate' request
1655 * may fail, in which case we don't want to touch the mapping.
1656 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1657 * and the actual truncation by hand.
1658 */
fuse_do_setattr(struct dentry * dentry,struct iattr * attr,struct file * file)1659 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1660 struct file *file)
1661 {
1662 struct inode *inode = d_inode(dentry);
1663 struct fuse_conn *fc = get_fuse_conn(inode);
1664 struct fuse_inode *fi = get_fuse_inode(inode);
1665 FUSE_ARGS(args);
1666 struct fuse_setattr_in inarg;
1667 struct fuse_attr_out outarg;
1668 bool is_truncate = false;
1669 bool is_wb = fc->writeback_cache;
1670 loff_t oldsize;
1671 int err;
1672 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1673
1674 if (!fc->default_permissions)
1675 attr->ia_valid |= ATTR_FORCE;
1676
1677 err = setattr_prepare(dentry, attr);
1678 if (err)
1679 return err;
1680
1681 if (attr->ia_valid & ATTR_OPEN) {
1682 if (fc->atomic_o_trunc)
1683 return 0;
1684 file = NULL;
1685 }
1686
1687 if (attr->ia_valid & ATTR_SIZE)
1688 is_truncate = true;
1689
1690 if (is_truncate) {
1691 fuse_set_nowrite(inode);
1692 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1693 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1694 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1695 }
1696
1697 memset(&inarg, 0, sizeof(inarg));
1698 memset(&outarg, 0, sizeof(outarg));
1699 iattr_to_fattr(attr, &inarg, trust_local_cmtime);
1700 if (file) {
1701 struct fuse_file *ff = file->private_data;
1702 inarg.valid |= FATTR_FH;
1703 inarg.fh = ff->fh;
1704 }
1705 if (attr->ia_valid & ATTR_SIZE) {
1706 /* For mandatory locking in truncate */
1707 inarg.valid |= FATTR_LOCKOWNER;
1708 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1709 }
1710 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1711 err = fuse_simple_request(fc, &args);
1712 if (err) {
1713 if (err == -EINTR)
1714 fuse_invalidate_attr(inode);
1715 goto error;
1716 }
1717
1718 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1719 make_bad_inode(inode);
1720 err = -EIO;
1721 goto error;
1722 }
1723
1724 spin_lock(&fc->lock);
1725 /* the kernel maintains i_mtime locally */
1726 if (trust_local_cmtime) {
1727 if (attr->ia_valid & ATTR_MTIME)
1728 inode->i_mtime = attr->ia_mtime;
1729 if (attr->ia_valid & ATTR_CTIME)
1730 inode->i_ctime = attr->ia_ctime;
1731 /* FIXME: clear I_DIRTY_SYNC? */
1732 }
1733
1734 fuse_change_attributes_common(inode, &outarg.attr,
1735 attr_timeout(&outarg));
1736 oldsize = inode->i_size;
1737 /* see the comment in fuse_change_attributes() */
1738 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1739 i_size_write(inode, outarg.attr.size);
1740
1741 if (is_truncate) {
1742 /* NOTE: this may release/reacquire fc->lock */
1743 __fuse_release_nowrite(inode);
1744 }
1745 spin_unlock(&fc->lock);
1746
1747 /*
1748 * Only call invalidate_inode_pages2() after removing
1749 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1750 */
1751 if ((is_truncate || !is_wb) &&
1752 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1753 truncate_pagecache(inode, outarg.attr.size);
1754 invalidate_inode_pages2(inode->i_mapping);
1755 }
1756
1757 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1758 return 0;
1759
1760 error:
1761 if (is_truncate)
1762 fuse_release_nowrite(inode);
1763
1764 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1765 return err;
1766 }
1767
fuse_setattr(struct dentry * entry,struct iattr * attr)1768 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1769 {
1770 struct inode *inode = d_inode(entry);
1771 struct fuse_conn *fc = get_fuse_conn(inode);
1772 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1773 int ret;
1774
1775 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1776 return -EACCES;
1777
1778 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1779 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1780 ATTR_MODE);
1781
1782 /*
1783 * The only sane way to reliably kill suid/sgid is to do it in
1784 * the userspace filesystem
1785 *
1786 * This should be done on write(), truncate() and chown().
1787 */
1788 if (!fc->handle_killpriv) {
1789 /*
1790 * ia_mode calculation may have used stale i_mode.
1791 * Refresh and recalculate.
1792 */
1793 ret = fuse_do_getattr(inode, NULL, file);
1794 if (ret)
1795 return ret;
1796
1797 attr->ia_mode = inode->i_mode;
1798 if (inode->i_mode & S_ISUID) {
1799 attr->ia_valid |= ATTR_MODE;
1800 attr->ia_mode &= ~S_ISUID;
1801 }
1802 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1803 attr->ia_valid |= ATTR_MODE;
1804 attr->ia_mode &= ~S_ISGID;
1805 }
1806 }
1807 }
1808 if (!attr->ia_valid)
1809 return 0;
1810
1811 ret = fuse_do_setattr(entry, attr, file);
1812 if (!ret) {
1813 /*
1814 * If filesystem supports acls it may have updated acl xattrs in
1815 * the filesystem, so forget cached acls for the inode.
1816 */
1817 if (fc->posix_acl)
1818 forget_all_cached_acls(inode);
1819
1820 /* Directory mode changed, may need to revalidate access */
1821 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1822 fuse_invalidate_entry_cache(entry);
1823 }
1824 return ret;
1825 }
1826
fuse_getattr(struct vfsmount * mnt,struct dentry * entry,struct kstat * stat)1827 static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry,
1828 struct kstat *stat)
1829 {
1830 struct inode *inode = d_inode(entry);
1831 struct fuse_conn *fc = get_fuse_conn(inode);
1832
1833 if (!fuse_allow_current_process(fc))
1834 return -EACCES;
1835
1836 return fuse_update_attributes(inode, stat, NULL, NULL);
1837 }
1838
1839 static const struct inode_operations fuse_dir_inode_operations = {
1840 .lookup = fuse_lookup,
1841 .mkdir = fuse_mkdir,
1842 .symlink = fuse_symlink,
1843 .unlink = fuse_unlink,
1844 .rmdir = fuse_rmdir,
1845 .rename = fuse_rename2,
1846 .link = fuse_link,
1847 .setattr = fuse_setattr,
1848 .create = fuse_create,
1849 .atomic_open = fuse_atomic_open,
1850 .mknod = fuse_mknod,
1851 .permission = fuse_permission,
1852 .getattr = fuse_getattr,
1853 .listxattr = fuse_listxattr,
1854 .get_acl = fuse_get_acl,
1855 .set_acl = fuse_set_acl,
1856 };
1857
1858 static const struct file_operations fuse_dir_operations = {
1859 .llseek = generic_file_llseek,
1860 .read = generic_read_dir,
1861 .iterate_shared = fuse_readdir,
1862 .open = fuse_dir_open,
1863 .release = fuse_dir_release,
1864 .fsync = fuse_dir_fsync,
1865 .unlocked_ioctl = fuse_dir_ioctl,
1866 .compat_ioctl = fuse_dir_compat_ioctl,
1867 };
1868
1869 static const struct inode_operations fuse_common_inode_operations = {
1870 .setattr = fuse_setattr,
1871 .permission = fuse_permission,
1872 .getattr = fuse_getattr,
1873 .listxattr = fuse_listxattr,
1874 .get_acl = fuse_get_acl,
1875 .set_acl = fuse_set_acl,
1876 };
1877
1878 static const struct inode_operations fuse_symlink_inode_operations = {
1879 .setattr = fuse_setattr,
1880 .get_link = fuse_get_link,
1881 .readlink = generic_readlink,
1882 .getattr = fuse_getattr,
1883 .listxattr = fuse_listxattr,
1884 };
1885
fuse_init_common(struct inode * inode)1886 void fuse_init_common(struct inode *inode)
1887 {
1888 inode->i_op = &fuse_common_inode_operations;
1889 }
1890
fuse_init_dir(struct inode * inode)1891 void fuse_init_dir(struct inode *inode)
1892 {
1893 inode->i_op = &fuse_dir_inode_operations;
1894 inode->i_fop = &fuse_dir_operations;
1895 }
1896
fuse_init_symlink(struct inode * inode)1897 void fuse_init_symlink(struct inode *inode)
1898 {
1899 inode->i_op = &fuse_symlink_inode_operations;
1900 }
1901