1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
16 #include <linux/xattr.h>
17 #include <linux/iversion.h>
18 #include <linux/posix_acl.h>
19
fuse_advise_use_readdirplus(struct inode * dir)20 static void fuse_advise_use_readdirplus(struct inode *dir)
21 {
22 struct fuse_inode *fi = get_fuse_inode(dir);
23
24 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
25 }
26
27 #if BITS_PER_LONG >= 64
__fuse_dentry_settime(struct dentry * entry,u64 time)28 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
29 {
30 entry->d_fsdata = (void *) time;
31 }
32
fuse_dentry_time(const struct dentry * entry)33 static inline u64 fuse_dentry_time(const struct dentry *entry)
34 {
35 return (u64)entry->d_fsdata;
36 }
37
38 #else
39 union fuse_dentry {
40 u64 time;
41 struct rcu_head rcu;
42 };
43
__fuse_dentry_settime(struct dentry * dentry,u64 time)44 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
45 {
46 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
47 }
48
fuse_dentry_time(const struct dentry * entry)49 static inline u64 fuse_dentry_time(const struct dentry *entry)
50 {
51 return ((union fuse_dentry *) entry->d_fsdata)->time;
52 }
53 #endif
54
fuse_dentry_settime(struct dentry * dentry,u64 time)55 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
56 {
57 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
58 bool delete = !time && fc->delete_stale;
59 /*
60 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
61 * Don't care about races, either way it's just an optimization
62 */
63 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
64 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
65 spin_lock(&dentry->d_lock);
66 if (!delete)
67 dentry->d_flags &= ~DCACHE_OP_DELETE;
68 else
69 dentry->d_flags |= DCACHE_OP_DELETE;
70 spin_unlock(&dentry->d_lock);
71 }
72
73 __fuse_dentry_settime(dentry, time);
74 }
75
76 /*
77 * FUSE caches dentries and attributes with separate timeout. The
78 * time in jiffies until the dentry/attributes are valid is stored in
79 * dentry->d_fsdata and fuse_inode->i_time respectively.
80 */
81
82 /*
83 * Calculate the time in jiffies until a dentry/attributes are valid
84 */
time_to_jiffies(u64 sec,u32 nsec)85 static u64 time_to_jiffies(u64 sec, u32 nsec)
86 {
87 if (sec || nsec) {
88 struct timespec64 ts = {
89 sec,
90 min_t(u32, nsec, NSEC_PER_SEC - 1)
91 };
92
93 return get_jiffies_64() + timespec64_to_jiffies(&ts);
94 } else
95 return 0;
96 }
97
98 /*
99 * Set dentry and possibly attribute timeouts from the lookup/mk*
100 * replies
101 */
fuse_change_entry_timeout(struct dentry * entry,struct fuse_entry_out * o)102 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
103 {
104 fuse_dentry_settime(entry,
105 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
106 }
107
attr_timeout(struct fuse_attr_out * o)108 static u64 attr_timeout(struct fuse_attr_out *o)
109 {
110 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
111 }
112
entry_attr_timeout(struct fuse_entry_out * o)113 u64 entry_attr_timeout(struct fuse_entry_out *o)
114 {
115 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
116 }
117
fuse_invalidate_attr_mask(struct inode * inode,u32 mask)118 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
119 {
120 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
121 }
122
123 /*
124 * Mark the attributes as stale, so that at the next call to
125 * ->getattr() they will be fetched from userspace
126 */
fuse_invalidate_attr(struct inode * inode)127 void fuse_invalidate_attr(struct inode *inode)
128 {
129 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
130 }
131
fuse_dir_changed(struct inode * dir)132 static void fuse_dir_changed(struct inode *dir)
133 {
134 fuse_invalidate_attr(dir);
135 inode_maybe_inc_iversion(dir, false);
136 }
137
138 /**
139 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
140 * atime is not used.
141 */
fuse_invalidate_atime(struct inode * inode)142 void fuse_invalidate_atime(struct inode *inode)
143 {
144 if (!IS_RDONLY(inode))
145 fuse_invalidate_attr_mask(inode, STATX_ATIME);
146 }
147
148 /*
149 * Just mark the entry as stale, so that a next attempt to look it up
150 * will result in a new lookup call to userspace
151 *
152 * This is called when a dentry is about to become negative and the
153 * timeout is unknown (unlink, rmdir, rename and in some cases
154 * lookup)
155 */
fuse_invalidate_entry_cache(struct dentry * entry)156 void fuse_invalidate_entry_cache(struct dentry *entry)
157 {
158 fuse_dentry_settime(entry, 0);
159 }
160
161 /*
162 * Same as fuse_invalidate_entry_cache(), but also try to remove the
163 * dentry from the hash
164 */
fuse_invalidate_entry(struct dentry * entry)165 static void fuse_invalidate_entry(struct dentry *entry)
166 {
167 d_invalidate(entry);
168 fuse_invalidate_entry_cache(entry);
169 }
170
fuse_lookup_init(struct fuse_conn * fc,struct fuse_args * args,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg)171 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
172 u64 nodeid, const struct qstr *name,
173 struct fuse_entry_out *outarg)
174 {
175 memset(outarg, 0, sizeof(struct fuse_entry_out));
176 args->opcode = FUSE_LOOKUP;
177 args->nodeid = nodeid;
178 args->in_numargs = 1;
179 args->in_args[0].size = name->len + 1;
180 args->in_args[0].value = name->name;
181 args->out_numargs = 1;
182 args->out_args[0].size = sizeof(struct fuse_entry_out);
183 args->out_args[0].value = outarg;
184 }
185
186 /*
187 * Check whether the dentry is still valid
188 *
189 * If the entry validity timeout has expired and the dentry is
190 * positive, try to redo the lookup. If the lookup results in a
191 * different inode, then let the VFS invalidate the dentry and redo
192 * the lookup once more. If the lookup results in the same inode,
193 * then refresh the attributes, timeouts and mark the dentry valid.
194 */
fuse_dentry_revalidate(struct dentry * entry,unsigned int flags)195 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
196 {
197 struct inode *inode;
198 struct dentry *parent;
199 struct fuse_conn *fc;
200 struct fuse_inode *fi;
201 int ret;
202
203 inode = d_inode_rcu(entry);
204 if (inode && fuse_is_bad(inode))
205 goto invalid;
206 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
207 (flags & LOOKUP_REVAL)) {
208 struct fuse_entry_out outarg;
209 FUSE_ARGS(args);
210 struct fuse_forget_link *forget;
211 u64 attr_version;
212
213 /* For negative dentries, always do a fresh lookup */
214 if (!inode)
215 goto invalid;
216
217 ret = -ECHILD;
218 if (flags & LOOKUP_RCU)
219 goto out;
220
221 fc = get_fuse_conn(inode);
222
223 forget = fuse_alloc_forget();
224 ret = -ENOMEM;
225 if (!forget)
226 goto out;
227
228 attr_version = fuse_get_attr_version(fc);
229
230 parent = dget_parent(entry);
231 fuse_lookup_init(fc, &args, get_node_id(d_inode(parent)),
232 &entry->d_name, &outarg);
233 ret = fuse_simple_request(fc, &args);
234 dput(parent);
235 /* Zero nodeid is same as -ENOENT */
236 if (!ret && !outarg.nodeid)
237 ret = -ENOENT;
238 if (!ret) {
239 fi = get_fuse_inode(inode);
240 if (outarg.nodeid != get_node_id(inode)) {
241 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
242 goto invalid;
243 }
244 spin_lock(&fi->lock);
245 fi->nlookup++;
246 spin_unlock(&fi->lock);
247 }
248 kfree(forget);
249 if (ret == -ENOMEM || ret == -EINTR)
250 goto out;
251 if (ret || fuse_invalid_attr(&outarg.attr) ||
252 (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
253 goto invalid;
254
255 forget_all_cached_acls(inode);
256 fuse_change_attributes(inode, &outarg.attr,
257 entry_attr_timeout(&outarg),
258 attr_version);
259 fuse_change_entry_timeout(entry, &outarg);
260 } else if (inode) {
261 fi = get_fuse_inode(inode);
262 if (flags & LOOKUP_RCU) {
263 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
264 return -ECHILD;
265 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
266 parent = dget_parent(entry);
267 fuse_advise_use_readdirplus(d_inode(parent));
268 dput(parent);
269 }
270 }
271 ret = 1;
272 out:
273 return ret;
274
275 invalid:
276 ret = 0;
277 goto out;
278 }
279
280 #if BITS_PER_LONG < 64
fuse_dentry_init(struct dentry * dentry)281 static int fuse_dentry_init(struct dentry *dentry)
282 {
283 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
284 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
285
286 return dentry->d_fsdata ? 0 : -ENOMEM;
287 }
fuse_dentry_release(struct dentry * dentry)288 static void fuse_dentry_release(struct dentry *dentry)
289 {
290 union fuse_dentry *fd = dentry->d_fsdata;
291
292 kfree_rcu(fd, rcu);
293 }
294 #endif
295
fuse_dentry_delete(const struct dentry * dentry)296 static int fuse_dentry_delete(const struct dentry *dentry)
297 {
298 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
299 }
300
301 /*
302 * Get the canonical path. Since we must translate to a path, this must be done
303 * in the context of the userspace daemon, however, the userspace daemon cannot
304 * look up paths on its own. Instead, we handle the lookup as a special case
305 * inside of the write request.
306 */
fuse_dentry_canonical_path(const struct path * path,struct path * canonical_path)307 static void fuse_dentry_canonical_path(const struct path *path, struct path *canonical_path) {
308 struct inode *inode = d_inode(path->dentry);
309 struct fuse_conn *fc = get_fuse_conn(inode);
310 FUSE_ARGS(args);
311 char *path_name;
312 int err;
313
314 path_name = (char *)get_zeroed_page(GFP_KERNEL);
315 if (!path_name)
316 goto default_path;
317
318 args.opcode = FUSE_CANONICAL_PATH;
319 args.nodeid = get_node_id(inode);
320 args.in_numargs = 0;
321 args.out_numargs = 1;
322 args.out_args[0].size = PATH_MAX;
323 args.out_args[0].value = path_name;
324 args.canonical_path = canonical_path;
325 args.out_argvar = 1;
326
327 err = fuse_simple_request(fc, &args);
328 free_page((unsigned long)path_name);
329 if (err > 0)
330 return;
331 default_path:
332 canonical_path->dentry = path->dentry;
333 canonical_path->mnt = path->mnt;
334 path_get(canonical_path);
335 }
336
337 const struct dentry_operations fuse_dentry_operations = {
338 .d_revalidate = fuse_dentry_revalidate,
339 .d_delete = fuse_dentry_delete,
340 #if BITS_PER_LONG < 64
341 .d_init = fuse_dentry_init,
342 .d_release = fuse_dentry_release,
343 #endif
344 .d_canonical_path = fuse_dentry_canonical_path,
345 };
346
347 const struct dentry_operations fuse_root_dentry_operations = {
348 #if BITS_PER_LONG < 64
349 .d_init = fuse_dentry_init,
350 .d_release = fuse_dentry_release,
351 #endif
352 };
353
fuse_valid_type(int m)354 int fuse_valid_type(int m)
355 {
356 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
357 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
358 }
359
fuse_invalid_attr(struct fuse_attr * attr)360 bool fuse_invalid_attr(struct fuse_attr *attr)
361 {
362 return !fuse_valid_type(attr->mode) ||
363 attr->size > LLONG_MAX;
364 }
365
fuse_lookup_name(struct super_block * sb,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg,struct inode ** inode)366 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
367 struct fuse_entry_out *outarg, struct inode **inode)
368 {
369 struct fuse_conn *fc = get_fuse_conn_super(sb);
370 FUSE_ARGS(args);
371 struct fuse_forget_link *forget;
372 u64 attr_version;
373 int err;
374
375 *inode = NULL;
376 err = -ENAMETOOLONG;
377 if (name->len > FUSE_NAME_MAX)
378 goto out;
379
380
381 forget = fuse_alloc_forget();
382 err = -ENOMEM;
383 if (!forget)
384 goto out;
385
386 attr_version = fuse_get_attr_version(fc);
387
388 fuse_lookup_init(fc, &args, nodeid, name, outarg);
389 err = fuse_simple_request(fc, &args);
390 /* Zero nodeid is same as -ENOENT, but with valid timeout */
391 if (err || !outarg->nodeid)
392 goto out_put_forget;
393
394 err = -EIO;
395 if (!outarg->nodeid)
396 goto out_put_forget;
397 if (fuse_invalid_attr(&outarg->attr))
398 goto out_put_forget;
399
400 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
401 &outarg->attr, entry_attr_timeout(outarg),
402 attr_version);
403 err = -ENOMEM;
404 if (!*inode) {
405 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
406 goto out;
407 }
408 err = 0;
409
410 out_put_forget:
411 kfree(forget);
412 out:
413 return err;
414 }
415
fuse_lookup(struct inode * dir,struct dentry * entry,unsigned int flags)416 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
417 unsigned int flags)
418 {
419 int err;
420 struct fuse_entry_out outarg;
421 struct inode *inode;
422 struct dentry *newent;
423 bool outarg_valid = true;
424 bool locked;
425
426 if (fuse_is_bad(dir))
427 return ERR_PTR(-EIO);
428
429 locked = fuse_lock_inode(dir);
430 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
431 &outarg, &inode);
432 fuse_unlock_inode(dir, locked);
433 if (err == -ENOENT) {
434 outarg_valid = false;
435 err = 0;
436 }
437 if (err)
438 goto out_err;
439
440 err = -EIO;
441 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
442 goto out_iput;
443
444 newent = d_splice_alias(inode, entry);
445 err = PTR_ERR(newent);
446 if (IS_ERR(newent))
447 goto out_err;
448
449 entry = newent ? newent : entry;
450 if (outarg_valid)
451 fuse_change_entry_timeout(entry, &outarg);
452 else
453 fuse_invalidate_entry_cache(entry);
454
455 if (inode)
456 fuse_advise_use_readdirplus(dir);
457 return newent;
458
459 out_iput:
460 iput(inode);
461 out_err:
462 return ERR_PTR(err);
463 }
464
465 /*
466 * Atomic create+open operation
467 *
468 * If the filesystem doesn't support this, then fall back to separate
469 * 'mknod' + 'open' requests.
470 */
fuse_create_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode)471 static int fuse_create_open(struct inode *dir, struct dentry *entry,
472 struct file *file, unsigned flags,
473 umode_t mode)
474 {
475 int err;
476 struct inode *inode;
477 struct fuse_conn *fc = get_fuse_conn(dir);
478 FUSE_ARGS(args);
479 struct fuse_forget_link *forget;
480 struct fuse_create_in inarg;
481 struct fuse_open_out outopen;
482 struct fuse_entry_out outentry;
483 struct fuse_inode *fi;
484 struct fuse_file *ff;
485
486 /* Userspace expects S_IFREG in create mode */
487 BUG_ON((mode & S_IFMT) != S_IFREG);
488
489 forget = fuse_alloc_forget();
490 err = -ENOMEM;
491 if (!forget)
492 goto out_err;
493
494 err = -ENOMEM;
495 ff = fuse_file_alloc(fc);
496 if (!ff)
497 goto out_put_forget_req;
498
499 if (!fc->dont_mask)
500 mode &= ~current_umask();
501
502 flags &= ~O_NOCTTY;
503 memset(&inarg, 0, sizeof(inarg));
504 memset(&outentry, 0, sizeof(outentry));
505 inarg.flags = flags;
506 inarg.mode = mode;
507 inarg.umask = current_umask();
508 args.opcode = FUSE_CREATE;
509 args.nodeid = get_node_id(dir);
510 args.in_numargs = 2;
511 args.in_args[0].size = sizeof(inarg);
512 args.in_args[0].value = &inarg;
513 args.in_args[1].size = entry->d_name.len + 1;
514 args.in_args[1].value = entry->d_name.name;
515 args.out_numargs = 2;
516 args.out_args[0].size = sizeof(outentry);
517 args.out_args[0].value = &outentry;
518 args.out_args[1].size = sizeof(outopen);
519 args.out_args[1].value = &outopen;
520 err = fuse_simple_request(fc, &args);
521 if (err)
522 goto out_free_ff;
523
524 err = -EIO;
525 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
526 fuse_invalid_attr(&outentry.attr))
527 goto out_free_ff;
528
529 ff->fh = outopen.fh;
530 ff->nodeid = outentry.nodeid;
531 ff->open_flags = outopen.open_flags;
532 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
533 &outentry.attr, entry_attr_timeout(&outentry), 0);
534 if (!inode) {
535 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
536 fuse_sync_release(NULL, ff, flags);
537 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
538 err = -ENOMEM;
539 goto out_err;
540 }
541 kfree(forget);
542 d_instantiate(entry, inode);
543 fuse_change_entry_timeout(entry, &outentry);
544 fuse_dir_changed(dir);
545 err = finish_open(file, entry, generic_file_open);
546 if (err) {
547 fi = get_fuse_inode(inode);
548 fuse_sync_release(fi, ff, flags);
549 } else {
550 file->private_data = ff;
551 fuse_finish_open(inode, file);
552 }
553 return err;
554
555 out_free_ff:
556 fuse_file_free(ff);
557 out_put_forget_req:
558 kfree(forget);
559 out_err:
560 return err;
561 }
562
563 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
fuse_atomic_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode)564 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
565 struct file *file, unsigned flags,
566 umode_t mode)
567 {
568 int err;
569 struct fuse_conn *fc = get_fuse_conn(dir);
570 struct dentry *res = NULL;
571
572 if (fuse_is_bad(dir))
573 return -EIO;
574
575 if (d_in_lookup(entry)) {
576 res = fuse_lookup(dir, entry, 0);
577 if (IS_ERR(res))
578 return PTR_ERR(res);
579
580 if (res)
581 entry = res;
582 }
583
584 if (!(flags & O_CREAT) || d_really_is_positive(entry))
585 goto no_open;
586
587 /* Only creates */
588 file->f_mode |= FMODE_CREATED;
589
590 if (fc->no_create)
591 goto mknod;
592
593 err = fuse_create_open(dir, entry, file, flags, mode);
594 if (err == -ENOSYS) {
595 fc->no_create = 1;
596 goto mknod;
597 }
598 out_dput:
599 dput(res);
600 return err;
601
602 mknod:
603 err = fuse_mknod(dir, entry, mode, 0);
604 if (err)
605 goto out_dput;
606 no_open:
607 return finish_no_open(file, res);
608 }
609
610 /*
611 * Code shared between mknod, mkdir, symlink and link
612 */
create_new_entry(struct fuse_conn * fc,struct fuse_args * args,struct inode * dir,struct dentry * entry,umode_t mode)613 static int create_new_entry(struct fuse_conn *fc, struct fuse_args *args,
614 struct inode *dir, struct dentry *entry,
615 umode_t mode)
616 {
617 struct fuse_entry_out outarg;
618 struct inode *inode;
619 struct dentry *d;
620 int err;
621 struct fuse_forget_link *forget;
622
623 if (fuse_is_bad(dir))
624 return -EIO;
625
626 forget = fuse_alloc_forget();
627 if (!forget)
628 return -ENOMEM;
629
630 memset(&outarg, 0, sizeof(outarg));
631 args->nodeid = get_node_id(dir);
632 args->out_numargs = 1;
633 args->out_args[0].size = sizeof(outarg);
634 args->out_args[0].value = &outarg;
635 err = fuse_simple_request(fc, args);
636 if (err)
637 goto out_put_forget_req;
638
639 err = -EIO;
640 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
641 goto out_put_forget_req;
642
643 if ((outarg.attr.mode ^ mode) & S_IFMT)
644 goto out_put_forget_req;
645
646 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
647 &outarg.attr, entry_attr_timeout(&outarg), 0);
648 if (!inode) {
649 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
650 return -ENOMEM;
651 }
652 kfree(forget);
653
654 d_drop(entry);
655 d = d_splice_alias(inode, entry);
656 if (IS_ERR(d))
657 return PTR_ERR(d);
658
659 if (d) {
660 fuse_change_entry_timeout(d, &outarg);
661 dput(d);
662 } else {
663 fuse_change_entry_timeout(entry, &outarg);
664 }
665 fuse_dir_changed(dir);
666 return 0;
667
668 out_put_forget_req:
669 kfree(forget);
670 return err;
671 }
672
fuse_mknod(struct inode * dir,struct dentry * entry,umode_t mode,dev_t rdev)673 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
674 dev_t rdev)
675 {
676 struct fuse_mknod_in inarg;
677 struct fuse_conn *fc = get_fuse_conn(dir);
678 FUSE_ARGS(args);
679
680 if (!fc->dont_mask)
681 mode &= ~current_umask();
682
683 memset(&inarg, 0, sizeof(inarg));
684 inarg.mode = mode;
685 inarg.rdev = new_encode_dev(rdev);
686 inarg.umask = current_umask();
687 args.opcode = FUSE_MKNOD;
688 args.in_numargs = 2;
689 args.in_args[0].size = sizeof(inarg);
690 args.in_args[0].value = &inarg;
691 args.in_args[1].size = entry->d_name.len + 1;
692 args.in_args[1].value = entry->d_name.name;
693 return create_new_entry(fc, &args, dir, entry, mode);
694 }
695
fuse_create(struct inode * dir,struct dentry * entry,umode_t mode,bool excl)696 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
697 bool excl)
698 {
699 return fuse_mknod(dir, entry, mode, 0);
700 }
701
fuse_mkdir(struct inode * dir,struct dentry * entry,umode_t mode)702 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
703 {
704 struct fuse_mkdir_in inarg;
705 struct fuse_conn *fc = get_fuse_conn(dir);
706 FUSE_ARGS(args);
707
708 if (!fc->dont_mask)
709 mode &= ~current_umask();
710
711 memset(&inarg, 0, sizeof(inarg));
712 inarg.mode = mode;
713 inarg.umask = current_umask();
714 args.opcode = FUSE_MKDIR;
715 args.in_numargs = 2;
716 args.in_args[0].size = sizeof(inarg);
717 args.in_args[0].value = &inarg;
718 args.in_args[1].size = entry->d_name.len + 1;
719 args.in_args[1].value = entry->d_name.name;
720 return create_new_entry(fc, &args, dir, entry, S_IFDIR);
721 }
722
fuse_symlink(struct inode * dir,struct dentry * entry,const char * link)723 static int fuse_symlink(struct inode *dir, struct dentry *entry,
724 const char *link)
725 {
726 struct fuse_conn *fc = get_fuse_conn(dir);
727 unsigned len = strlen(link) + 1;
728 FUSE_ARGS(args);
729
730 args.opcode = FUSE_SYMLINK;
731 args.in_numargs = 2;
732 args.in_args[0].size = entry->d_name.len + 1;
733 args.in_args[0].value = entry->d_name.name;
734 args.in_args[1].size = len;
735 args.in_args[1].value = link;
736 return create_new_entry(fc, &args, dir, entry, S_IFLNK);
737 }
738
fuse_update_ctime(struct inode * inode)739 void fuse_update_ctime(struct inode *inode)
740 {
741 if (!IS_NOCMTIME(inode)) {
742 inode->i_ctime = current_time(inode);
743 mark_inode_dirty_sync(inode);
744 }
745 }
746
fuse_unlink(struct inode * dir,struct dentry * entry)747 static int fuse_unlink(struct inode *dir, struct dentry *entry)
748 {
749 int err;
750 struct fuse_conn *fc = get_fuse_conn(dir);
751 FUSE_ARGS(args);
752
753 if (fuse_is_bad(dir))
754 return -EIO;
755
756 args.opcode = FUSE_UNLINK;
757 args.nodeid = get_node_id(dir);
758 args.in_numargs = 1;
759 args.in_args[0].size = entry->d_name.len + 1;
760 args.in_args[0].value = entry->d_name.name;
761 err = fuse_simple_request(fc, &args);
762 if (!err) {
763 struct inode *inode = d_inode(entry);
764 struct fuse_inode *fi = get_fuse_inode(inode);
765
766 spin_lock(&fi->lock);
767 fi->attr_version = atomic64_inc_return(&fc->attr_version);
768 /*
769 * If i_nlink == 0 then unlink doesn't make sense, yet this can
770 * happen if userspace filesystem is careless. It would be
771 * difficult to enforce correct nlink usage so just ignore this
772 * condition here
773 */
774 if (inode->i_nlink > 0)
775 drop_nlink(inode);
776 spin_unlock(&fi->lock);
777 fuse_invalidate_attr(inode);
778 fuse_dir_changed(dir);
779 fuse_invalidate_entry_cache(entry);
780 fuse_update_ctime(inode);
781 } else if (err == -EINTR)
782 fuse_invalidate_entry(entry);
783 return err;
784 }
785
fuse_rmdir(struct inode * dir,struct dentry * entry)786 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
787 {
788 int err;
789 struct fuse_conn *fc = get_fuse_conn(dir);
790 FUSE_ARGS(args);
791
792 if (fuse_is_bad(dir))
793 return -EIO;
794
795 args.opcode = FUSE_RMDIR;
796 args.nodeid = get_node_id(dir);
797 args.in_numargs = 1;
798 args.in_args[0].size = entry->d_name.len + 1;
799 args.in_args[0].value = entry->d_name.name;
800 err = fuse_simple_request(fc, &args);
801 if (!err) {
802 clear_nlink(d_inode(entry));
803 fuse_dir_changed(dir);
804 fuse_invalidate_entry_cache(entry);
805 } else if (err == -EINTR)
806 fuse_invalidate_entry(entry);
807 return err;
808 }
809
fuse_rename_common(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags,int opcode,size_t argsize)810 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
811 struct inode *newdir, struct dentry *newent,
812 unsigned int flags, int opcode, size_t argsize)
813 {
814 int err;
815 struct fuse_rename2_in inarg;
816 struct fuse_conn *fc = get_fuse_conn(olddir);
817 FUSE_ARGS(args);
818
819 memset(&inarg, 0, argsize);
820 inarg.newdir = get_node_id(newdir);
821 inarg.flags = flags;
822 args.opcode = opcode;
823 args.nodeid = get_node_id(olddir);
824 args.in_numargs = 3;
825 args.in_args[0].size = argsize;
826 args.in_args[0].value = &inarg;
827 args.in_args[1].size = oldent->d_name.len + 1;
828 args.in_args[1].value = oldent->d_name.name;
829 args.in_args[2].size = newent->d_name.len + 1;
830 args.in_args[2].value = newent->d_name.name;
831 err = fuse_simple_request(fc, &args);
832 if (!err) {
833 /* ctime changes */
834 fuse_invalidate_attr(d_inode(oldent));
835 fuse_update_ctime(d_inode(oldent));
836
837 if (flags & RENAME_EXCHANGE) {
838 fuse_invalidate_attr(d_inode(newent));
839 fuse_update_ctime(d_inode(newent));
840 }
841
842 fuse_dir_changed(olddir);
843 if (olddir != newdir)
844 fuse_dir_changed(newdir);
845
846 /* newent will end up negative */
847 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
848 fuse_invalidate_attr(d_inode(newent));
849 fuse_invalidate_entry_cache(newent);
850 fuse_update_ctime(d_inode(newent));
851 }
852 } else if (err == -EINTR) {
853 /* If request was interrupted, DEITY only knows if the
854 rename actually took place. If the invalidation
855 fails (e.g. some process has CWD under the renamed
856 directory), then there can be inconsistency between
857 the dcache and the real filesystem. Tough luck. */
858 fuse_invalidate_entry(oldent);
859 if (d_really_is_positive(newent))
860 fuse_invalidate_entry(newent);
861 }
862
863 return err;
864 }
865
fuse_rename2(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags)866 static int fuse_rename2(struct inode *olddir, struct dentry *oldent,
867 struct inode *newdir, struct dentry *newent,
868 unsigned int flags)
869 {
870 struct fuse_conn *fc = get_fuse_conn(olddir);
871 int err;
872
873 if (fuse_is_bad(olddir))
874 return -EIO;
875
876 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
877 return -EINVAL;
878
879 if (flags) {
880 if (fc->no_rename2 || fc->minor < 23)
881 return -EINVAL;
882
883 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
884 FUSE_RENAME2,
885 sizeof(struct fuse_rename2_in));
886 if (err == -ENOSYS) {
887 fc->no_rename2 = 1;
888 err = -EINVAL;
889 }
890 } else {
891 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
892 FUSE_RENAME,
893 sizeof(struct fuse_rename_in));
894 }
895
896 return err;
897 }
898
fuse_link(struct dentry * entry,struct inode * newdir,struct dentry * newent)899 static int fuse_link(struct dentry *entry, struct inode *newdir,
900 struct dentry *newent)
901 {
902 int err;
903 struct fuse_link_in inarg;
904 struct inode *inode = d_inode(entry);
905 struct fuse_conn *fc = get_fuse_conn(inode);
906 FUSE_ARGS(args);
907
908 memset(&inarg, 0, sizeof(inarg));
909 inarg.oldnodeid = get_node_id(inode);
910 args.opcode = FUSE_LINK;
911 args.in_numargs = 2;
912 args.in_args[0].size = sizeof(inarg);
913 args.in_args[0].value = &inarg;
914 args.in_args[1].size = newent->d_name.len + 1;
915 args.in_args[1].value = newent->d_name.name;
916 err = create_new_entry(fc, &args, newdir, newent, inode->i_mode);
917 /* Contrary to "normal" filesystems it can happen that link
918 makes two "logical" inodes point to the same "physical"
919 inode. We invalidate the attributes of the old one, so it
920 will reflect changes in the backing inode (link count,
921 etc.)
922 */
923 if (!err) {
924 struct fuse_inode *fi = get_fuse_inode(inode);
925
926 spin_lock(&fi->lock);
927 fi->attr_version = atomic64_inc_return(&fc->attr_version);
928 if (likely(inode->i_nlink < UINT_MAX))
929 inc_nlink(inode);
930 spin_unlock(&fi->lock);
931 fuse_invalidate_attr(inode);
932 fuse_update_ctime(inode);
933 } else if (err == -EINTR) {
934 fuse_invalidate_attr(inode);
935 }
936 return err;
937 }
938
fuse_fillattr(struct inode * inode,struct fuse_attr * attr,struct kstat * stat)939 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
940 struct kstat *stat)
941 {
942 unsigned int blkbits;
943 struct fuse_conn *fc = get_fuse_conn(inode);
944
945 /* see the comment in fuse_change_attributes() */
946 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
947 attr->size = i_size_read(inode);
948 attr->mtime = inode->i_mtime.tv_sec;
949 attr->mtimensec = inode->i_mtime.tv_nsec;
950 attr->ctime = inode->i_ctime.tv_sec;
951 attr->ctimensec = inode->i_ctime.tv_nsec;
952 }
953
954 stat->dev = inode->i_sb->s_dev;
955 stat->ino = attr->ino;
956 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
957 stat->nlink = attr->nlink;
958 stat->uid = make_kuid(fc->user_ns, attr->uid);
959 stat->gid = make_kgid(fc->user_ns, attr->gid);
960 stat->rdev = inode->i_rdev;
961 stat->atime.tv_sec = attr->atime;
962 stat->atime.tv_nsec = attr->atimensec;
963 stat->mtime.tv_sec = attr->mtime;
964 stat->mtime.tv_nsec = attr->mtimensec;
965 stat->ctime.tv_sec = attr->ctime;
966 stat->ctime.tv_nsec = attr->ctimensec;
967 stat->size = attr->size;
968 stat->blocks = attr->blocks;
969
970 if (attr->blksize != 0)
971 blkbits = ilog2(attr->blksize);
972 else
973 blkbits = inode->i_sb->s_blocksize_bits;
974
975 stat->blksize = 1 << blkbits;
976 }
977
fuse_do_getattr(struct inode * inode,struct kstat * stat,struct file * file)978 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
979 struct file *file)
980 {
981 int err;
982 struct fuse_getattr_in inarg;
983 struct fuse_attr_out outarg;
984 struct fuse_conn *fc = get_fuse_conn(inode);
985 FUSE_ARGS(args);
986 u64 attr_version;
987
988 attr_version = fuse_get_attr_version(fc);
989
990 memset(&inarg, 0, sizeof(inarg));
991 memset(&outarg, 0, sizeof(outarg));
992 /* Directories have separate file-handle space */
993 if (file && S_ISREG(inode->i_mode)) {
994 struct fuse_file *ff = file->private_data;
995
996 inarg.getattr_flags |= FUSE_GETATTR_FH;
997 inarg.fh = ff->fh;
998 }
999 args.opcode = FUSE_GETATTR;
1000 args.nodeid = get_node_id(inode);
1001 args.in_numargs = 1;
1002 args.in_args[0].size = sizeof(inarg);
1003 args.in_args[0].value = &inarg;
1004 args.out_numargs = 1;
1005 args.out_args[0].size = sizeof(outarg);
1006 args.out_args[0].value = &outarg;
1007 err = fuse_simple_request(fc, &args);
1008 if (!err) {
1009 if (fuse_invalid_attr(&outarg.attr) ||
1010 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1011 fuse_make_bad(inode);
1012 err = -EIO;
1013 } else {
1014 fuse_change_attributes(inode, &outarg.attr,
1015 attr_timeout(&outarg),
1016 attr_version);
1017 if (stat)
1018 fuse_fillattr(inode, &outarg.attr, stat);
1019 }
1020 }
1021 return err;
1022 }
1023
fuse_update_get_attr(struct inode * inode,struct file * file,struct kstat * stat,u32 request_mask,unsigned int flags)1024 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1025 struct kstat *stat, u32 request_mask,
1026 unsigned int flags)
1027 {
1028 struct fuse_inode *fi = get_fuse_inode(inode);
1029 int err = 0;
1030 bool sync;
1031
1032 if (flags & AT_STATX_FORCE_SYNC)
1033 sync = true;
1034 else if (flags & AT_STATX_DONT_SYNC)
1035 sync = false;
1036 else if (request_mask & READ_ONCE(fi->inval_mask))
1037 sync = true;
1038 else
1039 sync = time_before64(fi->i_time, get_jiffies_64());
1040
1041 if (sync) {
1042 forget_all_cached_acls(inode);
1043 err = fuse_do_getattr(inode, stat, file);
1044 } else if (stat) {
1045 generic_fillattr(inode, stat);
1046 stat->mode = fi->orig_i_mode;
1047 stat->ino = fi->orig_ino;
1048 }
1049
1050 return err;
1051 }
1052
fuse_update_attributes(struct inode * inode,struct file * file)1053 int fuse_update_attributes(struct inode *inode, struct file *file)
1054 {
1055 /* Do *not* need to get atime for internal purposes */
1056 return fuse_update_get_attr(inode, file, NULL,
1057 STATX_BASIC_STATS & ~STATX_ATIME, 0);
1058 }
1059
fuse_reverse_inval_entry(struct super_block * sb,u64 parent_nodeid,u64 child_nodeid,struct qstr * name)1060 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
1061 u64 child_nodeid, struct qstr *name)
1062 {
1063 int err = -ENOTDIR;
1064 struct inode *parent;
1065 struct dentry *dir;
1066 struct dentry *entry;
1067
1068 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
1069 if (!parent)
1070 return -ENOENT;
1071
1072 inode_lock_nested(parent, I_MUTEX_PARENT);
1073 if (!S_ISDIR(parent->i_mode))
1074 goto unlock;
1075
1076 err = -ENOENT;
1077 dir = d_find_alias(parent);
1078 if (!dir)
1079 goto unlock;
1080
1081 name->hash = full_name_hash(dir, name->name, name->len);
1082 entry = d_lookup(dir, name);
1083 dput(dir);
1084 if (!entry)
1085 goto unlock;
1086
1087 fuse_dir_changed(parent);
1088 fuse_invalidate_entry(entry);
1089
1090 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1091 inode_lock(d_inode(entry));
1092 if (get_node_id(d_inode(entry)) != child_nodeid) {
1093 err = -ENOENT;
1094 goto badentry;
1095 }
1096 if (d_mountpoint(entry)) {
1097 err = -EBUSY;
1098 goto badentry;
1099 }
1100 if (d_is_dir(entry)) {
1101 shrink_dcache_parent(entry);
1102 if (!simple_empty(entry)) {
1103 err = -ENOTEMPTY;
1104 goto badentry;
1105 }
1106 d_inode(entry)->i_flags |= S_DEAD;
1107 }
1108 dont_mount(entry);
1109 clear_nlink(d_inode(entry));
1110 err = 0;
1111 badentry:
1112 inode_unlock(d_inode(entry));
1113 if (!err)
1114 d_delete(entry);
1115 } else {
1116 err = 0;
1117 }
1118 dput(entry);
1119
1120 unlock:
1121 inode_unlock(parent);
1122 iput(parent);
1123 return err;
1124 }
1125
1126 /*
1127 * Calling into a user-controlled filesystem gives the filesystem
1128 * daemon ptrace-like capabilities over the current process. This
1129 * means, that the filesystem daemon is able to record the exact
1130 * filesystem operations performed, and can also control the behavior
1131 * of the requester process in otherwise impossible ways. For example
1132 * it can delay the operation for arbitrary length of time allowing
1133 * DoS against the requester.
1134 *
1135 * For this reason only those processes can call into the filesystem,
1136 * for which the owner of the mount has ptrace privilege. This
1137 * excludes processes started by other users, suid or sgid processes.
1138 */
fuse_allow_current_process(struct fuse_conn * fc)1139 int fuse_allow_current_process(struct fuse_conn *fc)
1140 {
1141 const struct cred *cred;
1142
1143 if (fc->allow_other)
1144 return current_in_userns(fc->user_ns);
1145
1146 cred = current_cred();
1147 if (uid_eq(cred->euid, fc->user_id) &&
1148 uid_eq(cred->suid, fc->user_id) &&
1149 uid_eq(cred->uid, fc->user_id) &&
1150 gid_eq(cred->egid, fc->group_id) &&
1151 gid_eq(cred->sgid, fc->group_id) &&
1152 gid_eq(cred->gid, fc->group_id))
1153 return 1;
1154
1155 return 0;
1156 }
1157
fuse_access(struct inode * inode,int mask)1158 static int fuse_access(struct inode *inode, int mask)
1159 {
1160 struct fuse_conn *fc = get_fuse_conn(inode);
1161 FUSE_ARGS(args);
1162 struct fuse_access_in inarg;
1163 int err;
1164
1165 BUG_ON(mask & MAY_NOT_BLOCK);
1166
1167 if (fc->no_access)
1168 return 0;
1169
1170 memset(&inarg, 0, sizeof(inarg));
1171 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1172 args.opcode = FUSE_ACCESS;
1173 args.nodeid = get_node_id(inode);
1174 args.in_numargs = 1;
1175 args.in_args[0].size = sizeof(inarg);
1176 args.in_args[0].value = &inarg;
1177 err = fuse_simple_request(fc, &args);
1178 if (err == -ENOSYS) {
1179 fc->no_access = 1;
1180 err = 0;
1181 }
1182 return err;
1183 }
1184
fuse_perm_getattr(struct inode * inode,int mask)1185 static int fuse_perm_getattr(struct inode *inode, int mask)
1186 {
1187 if (mask & MAY_NOT_BLOCK)
1188 return -ECHILD;
1189
1190 forget_all_cached_acls(inode);
1191 return fuse_do_getattr(inode, NULL, NULL);
1192 }
1193
1194 /*
1195 * Check permission. The two basic access models of FUSE are:
1196 *
1197 * 1) Local access checking ('default_permissions' mount option) based
1198 * on file mode. This is the plain old disk filesystem permission
1199 * modell.
1200 *
1201 * 2) "Remote" access checking, where server is responsible for
1202 * checking permission in each inode operation. An exception to this
1203 * is if ->permission() was invoked from sys_access() in which case an
1204 * access request is sent. Execute permission is still checked
1205 * locally based on file mode.
1206 */
fuse_permission(struct inode * inode,int mask)1207 static int fuse_permission(struct inode *inode, int mask)
1208 {
1209 struct fuse_conn *fc = get_fuse_conn(inode);
1210 bool refreshed = false;
1211 int err = 0;
1212
1213 if (fuse_is_bad(inode))
1214 return -EIO;
1215
1216 if (!fuse_allow_current_process(fc))
1217 return -EACCES;
1218
1219 /*
1220 * If attributes are needed, refresh them before proceeding
1221 */
1222 if (fc->default_permissions ||
1223 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1224 struct fuse_inode *fi = get_fuse_inode(inode);
1225 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1226
1227 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1228 time_before64(fi->i_time, get_jiffies_64())) {
1229 refreshed = true;
1230
1231 err = fuse_perm_getattr(inode, mask);
1232 if (err)
1233 return err;
1234 }
1235 }
1236
1237 if (fc->default_permissions) {
1238 err = generic_permission(inode, mask);
1239
1240 /* If permission is denied, try to refresh file
1241 attributes. This is also needed, because the root
1242 node will at first have no permissions */
1243 if (err == -EACCES && !refreshed) {
1244 err = fuse_perm_getattr(inode, mask);
1245 if (!err)
1246 err = generic_permission(inode, mask);
1247 }
1248
1249 /* Note: the opposite of the above test does not
1250 exist. So if permissions are revoked this won't be
1251 noticed immediately, only after the attribute
1252 timeout has expired */
1253 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1254 err = fuse_access(inode, mask);
1255 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1256 if (!(inode->i_mode & S_IXUGO)) {
1257 if (refreshed)
1258 return -EACCES;
1259
1260 err = fuse_perm_getattr(inode, mask);
1261 if (!err && !(inode->i_mode & S_IXUGO))
1262 return -EACCES;
1263 }
1264 }
1265 return err;
1266 }
1267
fuse_readlink_page(struct inode * inode,struct page * page)1268 static int fuse_readlink_page(struct inode *inode, struct page *page)
1269 {
1270 struct fuse_conn *fc = get_fuse_conn(inode);
1271 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1272 struct fuse_args_pages ap = {
1273 .num_pages = 1,
1274 .pages = &page,
1275 .descs = &desc,
1276 };
1277 char *link;
1278 ssize_t res;
1279
1280 ap.args.opcode = FUSE_READLINK;
1281 ap.args.nodeid = get_node_id(inode);
1282 ap.args.out_pages = true;
1283 ap.args.out_argvar = true;
1284 ap.args.page_zeroing = true;
1285 ap.args.out_numargs = 1;
1286 ap.args.out_args[0].size = desc.length;
1287 res = fuse_simple_request(fc, &ap.args);
1288
1289 fuse_invalidate_atime(inode);
1290
1291 if (res < 0)
1292 return res;
1293
1294 if (WARN_ON(res >= PAGE_SIZE))
1295 return -EIO;
1296
1297 link = page_address(page);
1298 link[res] = '\0';
1299
1300 return 0;
1301 }
1302
fuse_get_link(struct dentry * dentry,struct inode * inode,struct delayed_call * callback)1303 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1304 struct delayed_call *callback)
1305 {
1306 struct fuse_conn *fc = get_fuse_conn(inode);
1307 struct page *page;
1308 int err;
1309
1310 err = -EIO;
1311 if (fuse_is_bad(inode))
1312 goto out_err;
1313
1314 if (fc->cache_symlinks)
1315 return page_get_link(dentry, inode, callback);
1316
1317 err = -ECHILD;
1318 if (!dentry)
1319 goto out_err;
1320
1321 page = alloc_page(GFP_KERNEL);
1322 err = -ENOMEM;
1323 if (!page)
1324 goto out_err;
1325
1326 err = fuse_readlink_page(inode, page);
1327 if (err) {
1328 __free_page(page);
1329 goto out_err;
1330 }
1331
1332 set_delayed_call(callback, page_put_link, page);
1333
1334 return page_address(page);
1335
1336 out_err:
1337 return ERR_PTR(err);
1338 }
1339
fuse_dir_open(struct inode * inode,struct file * file)1340 static int fuse_dir_open(struct inode *inode, struct file *file)
1341 {
1342 return fuse_open_common(inode, file, true);
1343 }
1344
fuse_dir_release(struct inode * inode,struct file * file)1345 static int fuse_dir_release(struct inode *inode, struct file *file)
1346 {
1347 fuse_release_common(file, true);
1348
1349 return 0;
1350 }
1351
fuse_dir_fsync(struct file * file,loff_t start,loff_t end,int datasync)1352 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1353 int datasync)
1354 {
1355 struct inode *inode = file->f_mapping->host;
1356 struct fuse_conn *fc = get_fuse_conn(inode);
1357 int err;
1358
1359 if (fuse_is_bad(inode))
1360 return -EIO;
1361
1362 if (fc->no_fsyncdir)
1363 return 0;
1364
1365 inode_lock(inode);
1366 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1367 if (err == -ENOSYS) {
1368 fc->no_fsyncdir = 1;
1369 err = 0;
1370 }
1371 inode_unlock(inode);
1372
1373 return err;
1374 }
1375
fuse_dir_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1376 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1377 unsigned long arg)
1378 {
1379 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1380
1381 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1382 if (fc->minor < 18)
1383 return -ENOTTY;
1384
1385 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1386 }
1387
fuse_dir_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1388 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1389 unsigned long arg)
1390 {
1391 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1392
1393 if (fc->minor < 18)
1394 return -ENOTTY;
1395
1396 return fuse_ioctl_common(file, cmd, arg,
1397 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1398 }
1399
update_mtime(unsigned ivalid,bool trust_local_mtime)1400 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1401 {
1402 /* Always update if mtime is explicitly set */
1403 if (ivalid & ATTR_MTIME_SET)
1404 return true;
1405
1406 /* Or if kernel i_mtime is the official one */
1407 if (trust_local_mtime)
1408 return true;
1409
1410 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1411 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1412 return false;
1413
1414 /* In all other cases update */
1415 return true;
1416 }
1417
iattr_to_fattr(struct fuse_conn * fc,struct iattr * iattr,struct fuse_setattr_in * arg,bool trust_local_cmtime)1418 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1419 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1420 {
1421 unsigned ivalid = iattr->ia_valid;
1422
1423 if (ivalid & ATTR_MODE)
1424 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1425 if (ivalid & ATTR_UID)
1426 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1427 if (ivalid & ATTR_GID)
1428 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1429 if (ivalid & ATTR_SIZE)
1430 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1431 if (ivalid & ATTR_ATIME) {
1432 arg->valid |= FATTR_ATIME;
1433 arg->atime = iattr->ia_atime.tv_sec;
1434 arg->atimensec = iattr->ia_atime.tv_nsec;
1435 if (!(ivalid & ATTR_ATIME_SET))
1436 arg->valid |= FATTR_ATIME_NOW;
1437 }
1438 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1439 arg->valid |= FATTR_MTIME;
1440 arg->mtime = iattr->ia_mtime.tv_sec;
1441 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1442 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1443 arg->valid |= FATTR_MTIME_NOW;
1444 }
1445 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1446 arg->valid |= FATTR_CTIME;
1447 arg->ctime = iattr->ia_ctime.tv_sec;
1448 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1449 }
1450 }
1451
1452 /*
1453 * Prevent concurrent writepages on inode
1454 *
1455 * This is done by adding a negative bias to the inode write counter
1456 * and waiting for all pending writes to finish.
1457 */
fuse_set_nowrite(struct inode * inode)1458 void fuse_set_nowrite(struct inode *inode)
1459 {
1460 struct fuse_inode *fi = get_fuse_inode(inode);
1461
1462 BUG_ON(!inode_is_locked(inode));
1463
1464 spin_lock(&fi->lock);
1465 BUG_ON(fi->writectr < 0);
1466 fi->writectr += FUSE_NOWRITE;
1467 spin_unlock(&fi->lock);
1468 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1469 }
1470
1471 /*
1472 * Allow writepages on inode
1473 *
1474 * Remove the bias from the writecounter and send any queued
1475 * writepages.
1476 */
__fuse_release_nowrite(struct inode * inode)1477 static void __fuse_release_nowrite(struct inode *inode)
1478 {
1479 struct fuse_inode *fi = get_fuse_inode(inode);
1480
1481 BUG_ON(fi->writectr != FUSE_NOWRITE);
1482 fi->writectr = 0;
1483 fuse_flush_writepages(inode);
1484 }
1485
fuse_release_nowrite(struct inode * inode)1486 void fuse_release_nowrite(struct inode *inode)
1487 {
1488 struct fuse_inode *fi = get_fuse_inode(inode);
1489
1490 spin_lock(&fi->lock);
1491 __fuse_release_nowrite(inode);
1492 spin_unlock(&fi->lock);
1493 }
1494
fuse_setattr_fill(struct fuse_conn * fc,struct fuse_args * args,struct inode * inode,struct fuse_setattr_in * inarg_p,struct fuse_attr_out * outarg_p)1495 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1496 struct inode *inode,
1497 struct fuse_setattr_in *inarg_p,
1498 struct fuse_attr_out *outarg_p)
1499 {
1500 args->opcode = FUSE_SETATTR;
1501 args->nodeid = get_node_id(inode);
1502 args->in_numargs = 1;
1503 args->in_args[0].size = sizeof(*inarg_p);
1504 args->in_args[0].value = inarg_p;
1505 args->out_numargs = 1;
1506 args->out_args[0].size = sizeof(*outarg_p);
1507 args->out_args[0].value = outarg_p;
1508 }
1509
1510 /*
1511 * Flush inode->i_mtime to the server
1512 */
fuse_flush_times(struct inode * inode,struct fuse_file * ff)1513 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1514 {
1515 struct fuse_conn *fc = get_fuse_conn(inode);
1516 FUSE_ARGS(args);
1517 struct fuse_setattr_in inarg;
1518 struct fuse_attr_out outarg;
1519
1520 memset(&inarg, 0, sizeof(inarg));
1521 memset(&outarg, 0, sizeof(outarg));
1522
1523 inarg.valid = FATTR_MTIME;
1524 inarg.mtime = inode->i_mtime.tv_sec;
1525 inarg.mtimensec = inode->i_mtime.tv_nsec;
1526 if (fc->minor >= 23) {
1527 inarg.valid |= FATTR_CTIME;
1528 inarg.ctime = inode->i_ctime.tv_sec;
1529 inarg.ctimensec = inode->i_ctime.tv_nsec;
1530 }
1531 if (ff) {
1532 inarg.valid |= FATTR_FH;
1533 inarg.fh = ff->fh;
1534 }
1535 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1536
1537 return fuse_simple_request(fc, &args);
1538 }
1539
1540 /*
1541 * Set attributes, and at the same time refresh them.
1542 *
1543 * Truncation is slightly complicated, because the 'truncate' request
1544 * may fail, in which case we don't want to touch the mapping.
1545 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1546 * and the actual truncation by hand.
1547 */
fuse_do_setattr(struct dentry * dentry,struct iattr * attr,struct file * file)1548 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1549 struct file *file)
1550 {
1551 struct inode *inode = d_inode(dentry);
1552 struct fuse_conn *fc = get_fuse_conn(inode);
1553 struct fuse_inode *fi = get_fuse_inode(inode);
1554 FUSE_ARGS(args);
1555 struct fuse_setattr_in inarg;
1556 struct fuse_attr_out outarg;
1557 bool is_truncate = false;
1558 bool is_wb = fc->writeback_cache;
1559 loff_t oldsize;
1560 int err;
1561 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1562
1563 if (!fc->default_permissions)
1564 attr->ia_valid |= ATTR_FORCE;
1565
1566 err = setattr_prepare(dentry, attr);
1567 if (err)
1568 return err;
1569
1570 if (attr->ia_valid & ATTR_OPEN) {
1571 /* This is coming from open(..., ... | O_TRUNC); */
1572 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1573 WARN_ON(attr->ia_size != 0);
1574 if (fc->atomic_o_trunc) {
1575 /*
1576 * No need to send request to userspace, since actual
1577 * truncation has already been done by OPEN. But still
1578 * need to truncate page cache.
1579 */
1580 i_size_write(inode, 0);
1581 truncate_pagecache(inode, 0);
1582 return 0;
1583 }
1584 file = NULL;
1585 }
1586
1587 if (attr->ia_valid & ATTR_SIZE) {
1588 if (WARN_ON(!S_ISREG(inode->i_mode)))
1589 return -EIO;
1590 is_truncate = true;
1591 }
1592
1593 /* Flush dirty data/metadata before non-truncate SETATTR */
1594 if (is_wb && S_ISREG(inode->i_mode) &&
1595 attr->ia_valid &
1596 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1597 ATTR_TIMES_SET)) {
1598 err = write_inode_now(inode, true);
1599 if (err)
1600 return err;
1601
1602 fuse_set_nowrite(inode);
1603 fuse_release_nowrite(inode);
1604 }
1605
1606 if (is_truncate) {
1607 fuse_set_nowrite(inode);
1608 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1609 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1610 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1611 }
1612
1613 memset(&inarg, 0, sizeof(inarg));
1614 memset(&outarg, 0, sizeof(outarg));
1615 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1616 if (file) {
1617 struct fuse_file *ff = file->private_data;
1618 inarg.valid |= FATTR_FH;
1619 inarg.fh = ff->fh;
1620 }
1621 if (attr->ia_valid & ATTR_SIZE) {
1622 /* For mandatory locking in truncate */
1623 inarg.valid |= FATTR_LOCKOWNER;
1624 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1625 }
1626 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1627 err = fuse_simple_request(fc, &args);
1628 if (err) {
1629 if (err == -EINTR)
1630 fuse_invalidate_attr(inode);
1631 goto error;
1632 }
1633
1634 if (fuse_invalid_attr(&outarg.attr) ||
1635 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1636 fuse_make_bad(inode);
1637 err = -EIO;
1638 goto error;
1639 }
1640
1641 spin_lock(&fi->lock);
1642 /* the kernel maintains i_mtime locally */
1643 if (trust_local_cmtime) {
1644 if (attr->ia_valid & ATTR_MTIME)
1645 inode->i_mtime = attr->ia_mtime;
1646 if (attr->ia_valid & ATTR_CTIME)
1647 inode->i_ctime = attr->ia_ctime;
1648 /* FIXME: clear I_DIRTY_SYNC? */
1649 }
1650
1651 fuse_change_attributes_common(inode, &outarg.attr,
1652 attr_timeout(&outarg));
1653 oldsize = inode->i_size;
1654 /* see the comment in fuse_change_attributes() */
1655 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1656 i_size_write(inode, outarg.attr.size);
1657
1658 if (is_truncate) {
1659 /* NOTE: this may release/reacquire fi->lock */
1660 __fuse_release_nowrite(inode);
1661 }
1662 spin_unlock(&fi->lock);
1663
1664 /*
1665 * Only call invalidate_inode_pages2() after removing
1666 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1667 */
1668 if ((is_truncate || !is_wb) &&
1669 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1670 truncate_pagecache(inode, outarg.attr.size);
1671 invalidate_inode_pages2(inode->i_mapping);
1672 }
1673
1674 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1675 return 0;
1676
1677 error:
1678 if (is_truncate)
1679 fuse_release_nowrite(inode);
1680
1681 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1682 return err;
1683 }
1684
fuse_setattr(struct dentry * entry,struct iattr * attr)1685 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1686 {
1687 struct inode *inode = d_inode(entry);
1688 struct fuse_conn *fc = get_fuse_conn(inode);
1689 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1690 int ret;
1691
1692 if (fuse_is_bad(inode))
1693 return -EIO;
1694
1695 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1696 return -EACCES;
1697
1698 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1699 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1700 ATTR_MODE);
1701
1702 /*
1703 * The only sane way to reliably kill suid/sgid is to do it in
1704 * the userspace filesystem
1705 *
1706 * This should be done on write(), truncate() and chown().
1707 */
1708 if (!fc->handle_killpriv) {
1709 /*
1710 * ia_mode calculation may have used stale i_mode.
1711 * Refresh and recalculate.
1712 */
1713 ret = fuse_do_getattr(inode, NULL, file);
1714 if (ret)
1715 return ret;
1716
1717 attr->ia_mode = inode->i_mode;
1718 if (inode->i_mode & S_ISUID) {
1719 attr->ia_valid |= ATTR_MODE;
1720 attr->ia_mode &= ~S_ISUID;
1721 }
1722 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1723 attr->ia_valid |= ATTR_MODE;
1724 attr->ia_mode &= ~S_ISGID;
1725 }
1726 }
1727 }
1728 if (!attr->ia_valid)
1729 return 0;
1730
1731 ret = fuse_do_setattr(entry, attr, file);
1732 if (!ret) {
1733 /*
1734 * If filesystem supports acls it may have updated acl xattrs in
1735 * the filesystem, so forget cached acls for the inode.
1736 */
1737 if (fc->posix_acl)
1738 forget_all_cached_acls(inode);
1739
1740 /* Directory mode changed, may need to revalidate access */
1741 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1742 fuse_invalidate_entry_cache(entry);
1743 }
1744 return ret;
1745 }
1746
fuse_getattr(const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1747 static int fuse_getattr(const struct path *path, struct kstat *stat,
1748 u32 request_mask, unsigned int flags)
1749 {
1750 struct inode *inode = d_inode(path->dentry);
1751 struct fuse_conn *fc = get_fuse_conn(inode);
1752
1753 if (fuse_is_bad(inode))
1754 return -EIO;
1755
1756 if (!fuse_allow_current_process(fc))
1757 return -EACCES;
1758
1759 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
1760 }
1761
1762 static const struct inode_operations fuse_dir_inode_operations = {
1763 .lookup = fuse_lookup,
1764 .mkdir = fuse_mkdir,
1765 .symlink = fuse_symlink,
1766 .unlink = fuse_unlink,
1767 .rmdir = fuse_rmdir,
1768 .rename = fuse_rename2,
1769 .link = fuse_link,
1770 .setattr = fuse_setattr,
1771 .create = fuse_create,
1772 .atomic_open = fuse_atomic_open,
1773 .mknod = fuse_mknod,
1774 .permission = fuse_permission,
1775 .getattr = fuse_getattr,
1776 .listxattr = fuse_listxattr,
1777 .get_acl = fuse_get_acl,
1778 .set_acl = fuse_set_acl,
1779 };
1780
1781 static const struct file_operations fuse_dir_operations = {
1782 .llseek = generic_file_llseek,
1783 .read = generic_read_dir,
1784 .iterate_shared = fuse_readdir,
1785 .open = fuse_dir_open,
1786 .release = fuse_dir_release,
1787 .fsync = fuse_dir_fsync,
1788 .unlocked_ioctl = fuse_dir_ioctl,
1789 .compat_ioctl = fuse_dir_compat_ioctl,
1790 };
1791
1792 static const struct inode_operations fuse_common_inode_operations = {
1793 .setattr = fuse_setattr,
1794 .permission = fuse_permission,
1795 .getattr = fuse_getattr,
1796 .listxattr = fuse_listxattr,
1797 .get_acl = fuse_get_acl,
1798 .set_acl = fuse_set_acl,
1799 };
1800
1801 static const struct inode_operations fuse_symlink_inode_operations = {
1802 .setattr = fuse_setattr,
1803 .get_link = fuse_get_link,
1804 .getattr = fuse_getattr,
1805 .listxattr = fuse_listxattr,
1806 };
1807
fuse_init_common(struct inode * inode)1808 void fuse_init_common(struct inode *inode)
1809 {
1810 inode->i_op = &fuse_common_inode_operations;
1811 }
1812
fuse_init_dir(struct inode * inode)1813 void fuse_init_dir(struct inode *inode)
1814 {
1815 struct fuse_inode *fi = get_fuse_inode(inode);
1816
1817 inode->i_op = &fuse_dir_inode_operations;
1818 inode->i_fop = &fuse_dir_operations;
1819
1820 spin_lock_init(&fi->rdc.lock);
1821 fi->rdc.cached = false;
1822 fi->rdc.size = 0;
1823 fi->rdc.pos = 0;
1824 fi->rdc.version = 0;
1825 }
1826
fuse_symlink_readpage(struct file * null,struct page * page)1827 static int fuse_symlink_readpage(struct file *null, struct page *page)
1828 {
1829 int err = fuse_readlink_page(page->mapping->host, page);
1830
1831 if (!err)
1832 SetPageUptodate(page);
1833
1834 unlock_page(page);
1835
1836 return err;
1837 }
1838
1839 static const struct address_space_operations fuse_symlink_aops = {
1840 .readpage = fuse_symlink_readpage,
1841 };
1842
fuse_init_symlink(struct inode * inode)1843 void fuse_init_symlink(struct inode *inode)
1844 {
1845 inode->i_op = &fuse_symlink_inode_operations;
1846 inode->i_data.a_ops = &fuse_symlink_aops;
1847 inode_nohighmem(inode);
1848 }
1849