1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright 2018 Google LLC
4 */
5
6 #include <linux/blkdev.h>
7 #include <linux/compat.h>
8 #include <linux/delay.h>
9 #include <linux/file.h>
10 #include <linux/fs.h>
11 #include <linux/fs_stack.h>
12 #include <linux/fsnotify.h>
13 #include <linux/fsverity.h>
14 #include <linux/mmap_lock.h>
15 #include <linux/namei.h>
16 #include <linux/parser.h>
17 #include <linux/seq_file.h>
18
19 #include <uapi/linux/incrementalfs.h>
20
21 #include "vfs.h"
22
23 #include "data_mgmt.h"
24 #include "format.h"
25 #include "internal.h"
26 #include "pseudo_files.h"
27 #include "sysfs.h"
28 #include "verity.h"
29
30 static int incfs_remount_fs(struct super_block *sb, int *flags, char *data);
31
32 static int dentry_revalidate(struct dentry *dentry, unsigned int flags);
33 static void dentry_release(struct dentry *d);
34
35 static int iterate_incfs_dir(struct file *file, struct dir_context *ctx);
36 static struct dentry *dir_lookup(struct inode *dir_inode,
37 struct dentry *dentry, unsigned int flags);
38 static int dir_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode);
39 static int dir_unlink(struct inode *dir, struct dentry *dentry);
40 static int dir_link(struct dentry *old_dentry, struct inode *dir,
41 struct dentry *new_dentry);
42 static int dir_rmdir(struct inode *dir, struct dentry *dentry);
43 static int dir_rename(struct inode *old_dir, struct dentry *old_dentry,
44 struct inode *new_dir, struct dentry *new_dentry);
45
46 static int file_open(struct inode *inode, struct file *file);
47 static int file_release(struct inode *inode, struct file *file);
48 static int read_single_page(struct file *f, struct page *page);
49 static long dispatch_ioctl(struct file *f, unsigned int req, unsigned long arg);
50
51 #ifdef CONFIG_COMPAT
52 static long incfs_compat_ioctl(struct file *file, unsigned int cmd,
53 unsigned long arg);
54 #endif
55
56 static struct inode *alloc_inode(struct super_block *sb);
57 static void free_inode(struct inode *inode);
58 static void evict_inode(struct inode *inode);
59
60 static int incfs_setattr(struct dentry *dentry, struct iattr *ia);
61 static int incfs_getattr(const struct path *path,
62 struct kstat *stat, u32 request_mask,
63 unsigned int query_flags);
64 static ssize_t incfs_getxattr(struct dentry *d, const char *name,
65 void *value, size_t size);
66 static ssize_t incfs_setxattr(struct dentry *d, const char *name,
67 const void *value, size_t size, int flags);
68 static ssize_t incfs_listxattr(struct dentry *d, char *list, size_t size);
69
70 static int show_options(struct seq_file *, struct dentry *);
71
72 static const struct super_operations incfs_super_ops = {
73 .statfs = simple_statfs,
74 .remount_fs = incfs_remount_fs,
75 .alloc_inode = alloc_inode,
76 .destroy_inode = free_inode,
77 .evict_inode = evict_inode,
78 .show_options = show_options
79 };
80
dir_rename_wrap(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)81 static int dir_rename_wrap(struct inode *old_dir, struct dentry *old_dentry,
82 struct inode *new_dir, struct dentry *new_dentry,
83 unsigned int flags)
84 {
85 return dir_rename(old_dir, old_dentry, new_dir, new_dentry);
86 }
87
88 static const struct inode_operations incfs_dir_inode_ops = {
89 .lookup = dir_lookup,
90 .mkdir = dir_mkdir,
91 .rename = dir_rename_wrap,
92 .unlink = dir_unlink,
93 .link = dir_link,
94 .rmdir = dir_rmdir,
95 .setattr = incfs_setattr,
96 };
97
98 static const struct file_operations incfs_dir_fops = {
99 .llseek = generic_file_llseek,
100 .read = generic_read_dir,
101 .iterate = iterate_incfs_dir,
102 .open = file_open,
103 .release = file_release,
104 };
105
106 static const struct dentry_operations incfs_dentry_ops = {
107 .d_revalidate = dentry_revalidate,
108 .d_release = dentry_release
109 };
110
111 static const struct address_space_operations incfs_address_space_ops = {
112 .readpage = read_single_page,
113 /* .readpages = readpages */
114 };
115
incfs_fault(struct vm_fault * vmf)116 static vm_fault_t incfs_fault(struct vm_fault *vmf)
117 {
118 vmf->flags &= ~FAULT_FLAG_ALLOW_RETRY;
119 return filemap_fault(vmf);
120 }
121
122 static const struct vm_operations_struct incfs_file_vm_ops = {
123 .fault = incfs_fault,
124 .map_pages = filemap_map_pages,
125 .page_mkwrite = filemap_page_mkwrite,
126 };
127
128 /* This is used for a general mmap of a disk file */
129
incfs_file_mmap(struct file * file,struct vm_area_struct * vma)130 static int incfs_file_mmap(struct file *file, struct vm_area_struct *vma)
131 {
132 struct address_space *mapping = file->f_mapping;
133
134 if (!mapping->a_ops->readpage)
135 return -ENOEXEC;
136 file_accessed(file);
137 vma->vm_ops = &incfs_file_vm_ops;
138 return 0;
139 }
140
141 const struct file_operations incfs_file_ops = {
142 .open = file_open,
143 .release = file_release,
144 .read_iter = generic_file_read_iter,
145 .mmap = incfs_file_mmap,
146 .splice_read = generic_file_splice_read,
147 .llseek = generic_file_llseek,
148 .unlocked_ioctl = dispatch_ioctl,
149 #ifdef CONFIG_COMPAT
150 .compat_ioctl = incfs_compat_ioctl,
151 #endif
152 };
153
154 const struct inode_operations incfs_file_inode_ops = {
155 .setattr = incfs_setattr,
156 .getattr = incfs_getattr,
157 .listxattr = incfs_listxattr
158 };
159
incfs_handler_getxattr(const struct xattr_handler * xh,struct dentry * d,struct inode * inode,const char * name,void * buffer,size_t size,int flags)160 static int incfs_handler_getxattr(const struct xattr_handler *xh,
161 struct dentry *d, struct inode *inode,
162 const char *name, void *buffer, size_t size,
163 int flags)
164 {
165 return incfs_getxattr(d, name, buffer, size);
166 }
167
incfs_handler_setxattr(const struct xattr_handler * xh,struct dentry * d,struct inode * inode,const char * name,const void * buffer,size_t size,int flags)168 static int incfs_handler_setxattr(const struct xattr_handler *xh,
169 struct dentry *d, struct inode *inode,
170 const char *name, const void *buffer,
171 size_t size, int flags)
172 {
173 return incfs_setxattr(d, name, buffer, size, flags);
174 }
175
176 static const struct xattr_handler incfs_xattr_handler = {
177 .prefix = "", /* AKA all attributes */
178 .get = incfs_handler_getxattr,
179 .set = incfs_handler_setxattr,
180 };
181
182 static const struct xattr_handler *incfs_xattr_ops[] = {
183 &incfs_xattr_handler,
184 NULL,
185 };
186
187 struct inode_search {
188 unsigned long ino;
189
190 struct dentry *backing_dentry;
191
192 size_t size;
193
194 bool verity;
195 };
196
197 enum parse_parameter {
198 Opt_read_timeout,
199 Opt_readahead_pages,
200 Opt_rlog_pages,
201 Opt_rlog_wakeup_cnt,
202 Opt_report_uid,
203 Opt_sysfs_name,
204 Opt_err
205 };
206
207 static const match_table_t option_tokens = {
208 { Opt_read_timeout, "read_timeout_ms=%u" },
209 { Opt_readahead_pages, "readahead=%u" },
210 { Opt_rlog_pages, "rlog_pages=%u" },
211 { Opt_rlog_wakeup_cnt, "rlog_wakeup_cnt=%u" },
212 { Opt_report_uid, "report_uid" },
213 { Opt_sysfs_name, "sysfs_name=%s" },
214 { Opt_err, NULL }
215 };
216
free_options(struct mount_options * opts)217 static void free_options(struct mount_options *opts)
218 {
219 kfree(opts->sysfs_name);
220 opts->sysfs_name = NULL;
221 }
222
parse_options(struct mount_options * opts,char * str)223 static int parse_options(struct mount_options *opts, char *str)
224 {
225 substring_t args[MAX_OPT_ARGS];
226 int value;
227 char *position;
228
229 if (opts == NULL)
230 return -EFAULT;
231
232 *opts = (struct mount_options) {
233 .read_timeout_ms = 1000, /* Default: 1s */
234 .readahead_pages = 10,
235 .read_log_pages = 2,
236 .read_log_wakeup_count = 10,
237 };
238
239 if (str == NULL || *str == 0)
240 return 0;
241
242 while ((position = strsep(&str, ",")) != NULL) {
243 int token;
244
245 if (!*position)
246 continue;
247
248 token = match_token(position, option_tokens, args);
249
250 switch (token) {
251 case Opt_read_timeout:
252 if (match_int(&args[0], &value))
253 return -EINVAL;
254 if (value > 3600000)
255 return -EINVAL;
256 opts->read_timeout_ms = value;
257 break;
258 case Opt_readahead_pages:
259 if (match_int(&args[0], &value))
260 return -EINVAL;
261 opts->readahead_pages = value;
262 break;
263 case Opt_rlog_pages:
264 if (match_int(&args[0], &value))
265 return -EINVAL;
266 opts->read_log_pages = value;
267 break;
268 case Opt_rlog_wakeup_cnt:
269 if (match_int(&args[0], &value))
270 return -EINVAL;
271 opts->read_log_wakeup_count = value;
272 break;
273 case Opt_report_uid:
274 opts->report_uid = true;
275 break;
276 case Opt_sysfs_name:
277 opts->sysfs_name = match_strdup(&args[0]);
278 break;
279 default:
280 free_options(opts);
281 return -EINVAL;
282 }
283 }
284
285 return 0;
286 }
287
288 /* Read file size from the attribute. Quicker than reading the header */
read_size_attr(struct dentry * backing_dentry)289 static u64 read_size_attr(struct dentry *backing_dentry)
290 {
291 __le64 attr_value;
292 ssize_t bytes_read;
293
294 bytes_read = vfs_getxattr(backing_dentry, INCFS_XATTR_SIZE_NAME,
295 (char *)&attr_value, sizeof(attr_value));
296
297 if (bytes_read != sizeof(attr_value))
298 return 0;
299
300 return le64_to_cpu(attr_value);
301 }
302
303 /* Read verity flag from the attribute. Quicker than reading the header */
read_verity_attr(struct dentry * backing_dentry)304 static bool read_verity_attr(struct dentry *backing_dentry)
305 {
306 return vfs_getxattr(backing_dentry, INCFS_XATTR_VERITY_NAME, NULL, 0)
307 >= 0;
308 }
309
inode_test(struct inode * inode,void * opaque)310 static int inode_test(struct inode *inode, void *opaque)
311 {
312 struct inode_search *search = opaque;
313 struct inode_info *node = get_incfs_node(inode);
314 struct inode *backing_inode = d_inode(search->backing_dentry);
315
316 if (!node)
317 return 0;
318
319 return node->n_backing_inode == backing_inode &&
320 inode->i_ino == search->ino;
321 }
322
inode_set(struct inode * inode,void * opaque)323 static int inode_set(struct inode *inode, void *opaque)
324 {
325 struct inode_search *search = opaque;
326 struct inode_info *node = get_incfs_node(inode);
327 struct dentry *backing_dentry = search->backing_dentry;
328 struct inode *backing_inode = d_inode(backing_dentry);
329
330 fsstack_copy_attr_all(inode, backing_inode);
331 if (S_ISREG(inode->i_mode)) {
332 u64 size = search->size;
333
334 inode->i_size = size;
335 inode->i_blocks = get_blocks_count_for_size(size);
336 inode->i_mapping->a_ops = &incfs_address_space_ops;
337 inode->i_op = &incfs_file_inode_ops;
338 inode->i_fop = &incfs_file_ops;
339 inode->i_mode &= ~0222;
340 if (search->verity)
341 inode_set_flags(inode, S_VERITY, S_VERITY);
342 } else if (S_ISDIR(inode->i_mode)) {
343 inode->i_size = 0;
344 inode->i_blocks = 1;
345 inode->i_mapping->a_ops = &incfs_address_space_ops;
346 inode->i_op = &incfs_dir_inode_ops;
347 inode->i_fop = &incfs_dir_fops;
348 } else {
349 pr_warn_once("incfs: Unexpected inode type\n");
350 return -EBADF;
351 }
352
353 ihold(backing_inode);
354 node->n_backing_inode = backing_inode;
355 node->n_mount_info = get_mount_info(inode->i_sb);
356 inode->i_ctime = backing_inode->i_ctime;
357 inode->i_mtime = backing_inode->i_mtime;
358 inode->i_atime = backing_inode->i_atime;
359 inode->i_ino = backing_inode->i_ino;
360 if (backing_inode->i_ino < INCFS_START_INO_RANGE) {
361 pr_warn("incfs: ino conflict with backing FS %ld\n",
362 backing_inode->i_ino);
363 }
364
365 return 0;
366 }
367
fetch_regular_inode(struct super_block * sb,struct dentry * backing_dentry)368 static struct inode *fetch_regular_inode(struct super_block *sb,
369 struct dentry *backing_dentry)
370 {
371 struct inode *backing_inode = d_inode(backing_dentry);
372 struct inode_search search = {
373 .ino = backing_inode->i_ino,
374 .backing_dentry = backing_dentry,
375 .size = read_size_attr(backing_dentry),
376 .verity = read_verity_attr(backing_dentry),
377 };
378 struct inode *inode = iget5_locked(sb, search.ino, inode_test,
379 inode_set, &search);
380
381 if (!inode)
382 return ERR_PTR(-ENOMEM);
383
384 if (inode->i_state & I_NEW)
385 unlock_new_inode(inode);
386
387 return inode;
388 }
389
iterate_incfs_dir(struct file * file,struct dir_context * ctx)390 static int iterate_incfs_dir(struct file *file, struct dir_context *ctx)
391 {
392 struct dir_file *dir = get_incfs_dir_file(file);
393 int error = 0;
394 struct mount_info *mi = get_mount_info(file_superblock(file));
395 bool root;
396
397 if (!dir) {
398 error = -EBADF;
399 goto out;
400 }
401
402 root = dir->backing_dir->f_inode
403 == d_inode(mi->mi_backing_dir_path.dentry);
404
405 if (root) {
406 error = emit_pseudo_files(ctx);
407 if (error)
408 goto out;
409 }
410
411 ctx->pos -= PSEUDO_FILE_COUNT;
412 error = iterate_dir(dir->backing_dir, ctx);
413 ctx->pos += PSEUDO_FILE_COUNT;
414 file->f_pos = dir->backing_dir->f_pos;
415 out:
416 if (error)
417 pr_warn("incfs: %s %s %d\n", __func__,
418 file->f_path.dentry->d_name.name, error);
419 return error;
420 }
421
incfs_init_dentry(struct dentry * dentry,struct path * path)422 static int incfs_init_dentry(struct dentry *dentry, struct path *path)
423 {
424 struct dentry_info *d_info = NULL;
425
426 if (!dentry || !path)
427 return -EFAULT;
428
429 d_info = kzalloc(sizeof(*d_info), GFP_NOFS);
430 if (!d_info)
431 return -ENOMEM;
432
433 d_info->backing_path = *path;
434 path_get(path);
435
436 dentry->d_fsdata = d_info;
437 return 0;
438 }
439
open_or_create_special_dir(struct dentry * backing_dir,const char * name,bool * created)440 static struct dentry *open_or_create_special_dir(struct dentry *backing_dir,
441 const char *name,
442 bool *created)
443 {
444 struct dentry *index_dentry;
445 struct inode *backing_inode = d_inode(backing_dir);
446 int err = 0;
447
448 index_dentry = incfs_lookup_dentry(backing_dir, name);
449 if (!index_dentry) {
450 return ERR_PTR(-EINVAL);
451 } else if (IS_ERR(index_dentry)) {
452 return index_dentry;
453 } else if (d_really_is_positive(index_dentry)) {
454 /* Index already exists. */
455 *created = false;
456 return index_dentry;
457 }
458
459 /* Index needs to be created. */
460 inode_lock_nested(backing_inode, I_MUTEX_PARENT);
461 err = vfs_mkdir(backing_inode, index_dentry, 0777);
462 inode_unlock(backing_inode);
463
464 if (err) {
465 dput(index_dentry);
466 return ERR_PTR(err);
467 }
468
469 if (!d_really_is_positive(index_dentry) ||
470 unlikely(d_unhashed(index_dentry))) {
471 dput(index_dentry);
472 return ERR_PTR(-EINVAL);
473 }
474
475 *created = true;
476 return index_dentry;
477 }
478
read_single_page_timeouts(struct data_file * df,struct file * f,int block_index,struct mem_range range,struct mem_range tmp,unsigned int * delayed_min_us)479 static int read_single_page_timeouts(struct data_file *df, struct file *f,
480 int block_index, struct mem_range range,
481 struct mem_range tmp,
482 unsigned int *delayed_min_us)
483 {
484 struct mount_info *mi = df->df_mount_info;
485 struct incfs_read_data_file_timeouts timeouts = {
486 .max_pending_time_us = U32_MAX,
487 };
488 int uid = current_uid().val;
489 int i;
490
491 spin_lock(&mi->mi_per_uid_read_timeouts_lock);
492 for (i = 0; i < mi->mi_per_uid_read_timeouts_size /
493 sizeof(*mi->mi_per_uid_read_timeouts); ++i) {
494 struct incfs_per_uid_read_timeouts *t =
495 &mi->mi_per_uid_read_timeouts[i];
496
497 if(t->uid == uid) {
498 timeouts.min_time_us = t->min_time_us;
499 timeouts.min_pending_time_us = t->min_pending_time_us;
500 timeouts.max_pending_time_us = t->max_pending_time_us;
501 break;
502 }
503 }
504 spin_unlock(&mi->mi_per_uid_read_timeouts_lock);
505 if (timeouts.max_pending_time_us == U32_MAX) {
506 u64 read_timeout_us = (u64)mi->mi_options.read_timeout_ms *
507 1000;
508
509 timeouts.max_pending_time_us = read_timeout_us <= U32_MAX ?
510 read_timeout_us : U32_MAX;
511 }
512
513 return incfs_read_data_file_block(range, f, block_index, tmp,
514 &timeouts, delayed_min_us);
515 }
516
usleep_interruptible(u32 us)517 static int usleep_interruptible(u32 us)
518 {
519 /* See:
520 * https://www.kernel.org/doc/Documentation/timers/timers-howto.txt
521 * for explanation
522 */
523 if (us < 10) {
524 udelay(us);
525 return 0;
526 } else if (us < 20000) {
527 usleep_range(us, us + us / 10);
528 return 0;
529 } else
530 return msleep_interruptible(us / 1000);
531 }
532
read_single_page(struct file * f,struct page * page)533 static int read_single_page(struct file *f, struct page *page)
534 {
535 loff_t offset = 0;
536 loff_t size = 0;
537 ssize_t bytes_to_read = 0;
538 ssize_t read_result = 0;
539 struct data_file *df = get_incfs_data_file(f);
540 int result = 0;
541 void *page_start;
542 int block_index;
543 unsigned int delayed_min_us = 0;
544
545 if (!df) {
546 SetPageError(page);
547 unlock_page(page);
548 return -EBADF;
549 }
550
551 page_start = kmap(page);
552 offset = page_offset(page);
553 block_index = (offset + df->df_mapped_offset) /
554 INCFS_DATA_FILE_BLOCK_SIZE;
555 size = df->df_size;
556
557 if (offset < size) {
558 struct mem_range tmp = {
559 .len = 2 * INCFS_DATA_FILE_BLOCK_SIZE
560 };
561 tmp.data = (u8 *)__get_free_pages(GFP_NOFS, get_order(tmp.len));
562 if (!tmp.data) {
563 read_result = -ENOMEM;
564 goto err;
565 }
566 bytes_to_read = min_t(loff_t, size - offset, PAGE_SIZE);
567
568 read_result = read_single_page_timeouts(df, f, block_index,
569 range(page_start, bytes_to_read), tmp,
570 &delayed_min_us);
571
572 free_pages((unsigned long)tmp.data, get_order(tmp.len));
573 } else {
574 bytes_to_read = 0;
575 read_result = 0;
576 }
577
578 err:
579 if (read_result < 0)
580 result = read_result;
581 else if (read_result < PAGE_SIZE)
582 zero_user(page, read_result, PAGE_SIZE - read_result);
583
584 if (result == 0)
585 SetPageUptodate(page);
586 else
587 SetPageError(page);
588
589 flush_dcache_page(page);
590 kunmap(page);
591 unlock_page(page);
592 if (delayed_min_us)
593 usleep_interruptible(delayed_min_us);
594 return result;
595 }
596
incfs_link(struct dentry * what,struct dentry * where)597 int incfs_link(struct dentry *what, struct dentry *where)
598 {
599 struct dentry *parent_dentry = dget_parent(where);
600 struct inode *pinode = d_inode(parent_dentry);
601 int error = 0;
602
603 inode_lock_nested(pinode, I_MUTEX_PARENT);
604 error = vfs_link(what, pinode, where, NULL);
605 inode_unlock(pinode);
606
607 dput(parent_dentry);
608 return error;
609 }
610
incfs_unlink(struct dentry * dentry)611 int incfs_unlink(struct dentry *dentry)
612 {
613 struct dentry *parent_dentry = dget_parent(dentry);
614 struct inode *pinode = d_inode(parent_dentry);
615 int error = 0;
616
617 inode_lock_nested(pinode, I_MUTEX_PARENT);
618 error = vfs_unlink(pinode, dentry, NULL);
619 inode_unlock(pinode);
620
621 dput(parent_dentry);
622 return error;
623 }
624
incfs_rmdir(struct dentry * dentry)625 static int incfs_rmdir(struct dentry *dentry)
626 {
627 struct dentry *parent_dentry = dget_parent(dentry);
628 struct inode *pinode = d_inode(parent_dentry);
629 int error = 0;
630
631 inode_lock_nested(pinode, I_MUTEX_PARENT);
632 error = vfs_rmdir(pinode, dentry);
633 inode_unlock(pinode);
634
635 dput(parent_dentry);
636 return error;
637 }
638
notify_unlink(struct dentry * dentry,const char * file_id_str,const char * special_directory)639 static void notify_unlink(struct dentry *dentry, const char *file_id_str,
640 const char *special_directory)
641 {
642 struct dentry *root = dentry;
643 struct dentry *file = NULL;
644 struct dentry *dir = NULL;
645 int error = 0;
646 bool take_lock = root->d_parent != root->d_parent->d_parent;
647
648 while (root != root->d_parent)
649 root = root->d_parent;
650
651 if (take_lock)
652 dir = incfs_lookup_dentry(root, special_directory);
653 else
654 dir = lookup_one_len(special_directory, root,
655 strlen(special_directory));
656
657 if (IS_ERR(dir)) {
658 error = PTR_ERR(dir);
659 goto out;
660 }
661 if (d_is_negative(dir)) {
662 error = -ENOENT;
663 goto out;
664 }
665
666 file = incfs_lookup_dentry(dir, file_id_str);
667 if (IS_ERR(file)) {
668 error = PTR_ERR(file);
669 goto out;
670 }
671 if (d_is_negative(file)) {
672 error = -ENOENT;
673 goto out;
674 }
675
676 fsnotify_unlink(d_inode(dir), file);
677 d_delete(file);
678
679 out:
680 if (error)
681 pr_warn("%s failed with error %d\n", __func__, error);
682
683 dput(dir);
684 dput(file);
685 }
686
handle_file_completed(struct file * f,struct data_file * df)687 static void handle_file_completed(struct file *f, struct data_file *df)
688 {
689 struct backing_file_context *bfc;
690 struct mount_info *mi = df->df_mount_info;
691 char *file_id_str = NULL;
692 struct dentry *incomplete_file_dentry = NULL;
693 const struct cred *old_cred = override_creds(mi->mi_owner);
694 int error;
695
696 /* Truncate file to remove any preallocated space */
697 bfc = df->df_backing_file_context;
698 if (bfc) {
699 struct file *f = bfc->bc_file;
700
701 if (f) {
702 loff_t size = i_size_read(file_inode(f));
703
704 error = vfs_truncate(&f->f_path, size);
705 if (error)
706 /* No useful action on failure */
707 pr_warn("incfs: Failed to truncate complete file: %d\n",
708 error);
709 }
710 }
711
712 /* This is best effort - there is no useful action to take on failure */
713 file_id_str = file_id_to_str(df->df_id);
714 if (!file_id_str)
715 goto out;
716
717 incomplete_file_dentry = incfs_lookup_dentry(
718 df->df_mount_info->mi_incomplete_dir,
719 file_id_str);
720 if (!incomplete_file_dentry || IS_ERR(incomplete_file_dentry)) {
721 incomplete_file_dentry = NULL;
722 goto out;
723 }
724
725 if (!d_really_is_positive(incomplete_file_dentry))
726 goto out;
727
728 vfs_fsync(df->df_backing_file_context->bc_file, 0);
729 error = incfs_unlink(incomplete_file_dentry);
730 if (error) {
731 pr_warn("incfs: Deleting incomplete file failed: %d\n", error);
732 goto out;
733 }
734
735 notify_unlink(f->f_path.dentry, file_id_str, INCFS_INCOMPLETE_NAME);
736
737 out:
738 dput(incomplete_file_dentry);
739 kfree(file_id_str);
740 revert_creds(old_cred);
741 }
742
ioctl_fill_blocks(struct file * f,void __user * arg)743 static long ioctl_fill_blocks(struct file *f, void __user *arg)
744 {
745 struct incfs_fill_blocks __user *usr_fill_blocks = arg;
746 struct incfs_fill_blocks fill_blocks;
747 struct incfs_fill_block __user *usr_fill_block_array;
748 struct data_file *df = get_incfs_data_file(f);
749 struct incfs_file_data *fd = f->private_data;
750 const ssize_t data_buf_size = 2 * INCFS_DATA_FILE_BLOCK_SIZE;
751 u8 *data_buf = NULL;
752 ssize_t error = 0;
753 int i = 0;
754 bool complete = false;
755
756 if (!df)
757 return -EBADF;
758
759 if (!fd || fd->fd_fill_permission != CAN_FILL)
760 return -EPERM;
761
762 if (copy_from_user(&fill_blocks, usr_fill_blocks, sizeof(fill_blocks)))
763 return -EFAULT;
764
765 usr_fill_block_array = u64_to_user_ptr(fill_blocks.fill_blocks);
766 data_buf = (u8 *)__get_free_pages(GFP_NOFS | __GFP_COMP,
767 get_order(data_buf_size));
768 if (!data_buf)
769 return -ENOMEM;
770
771 for (i = 0; i < fill_blocks.count; i++) {
772 struct incfs_fill_block fill_block = {};
773
774 if (copy_from_user(&fill_block, &usr_fill_block_array[i],
775 sizeof(fill_block)) > 0) {
776 error = -EFAULT;
777 break;
778 }
779
780 if (fill_block.data_len > data_buf_size) {
781 error = -E2BIG;
782 break;
783 }
784
785 if (copy_from_user(data_buf, u64_to_user_ptr(fill_block.data),
786 fill_block.data_len) > 0) {
787 error = -EFAULT;
788 break;
789 }
790 fill_block.data = 0; /* To make sure nobody uses it. */
791 if (fill_block.flags & INCFS_BLOCK_FLAGS_HASH) {
792 error = incfs_process_new_hash_block(df, &fill_block,
793 data_buf);
794 } else {
795 error = incfs_process_new_data_block(df, &fill_block,
796 data_buf, &complete);
797 }
798 if (error)
799 break;
800 }
801
802 if (data_buf)
803 free_pages((unsigned long)data_buf, get_order(data_buf_size));
804
805 if (complete)
806 handle_file_completed(f, df);
807
808 /*
809 * Only report the error if no records were processed, otherwise
810 * just return how many were processed successfully.
811 */
812 if (i == 0)
813 return error;
814
815 return i;
816 }
817
ioctl_read_file_signature(struct file * f,void __user * arg)818 static long ioctl_read_file_signature(struct file *f, void __user *arg)
819 {
820 struct incfs_get_file_sig_args __user *args_usr_ptr = arg;
821 struct incfs_get_file_sig_args args = {};
822 u8 *sig_buffer = NULL;
823 size_t sig_buf_size = 0;
824 int error = 0;
825 int read_result = 0;
826 struct data_file *df = get_incfs_data_file(f);
827
828 if (!df)
829 return -EINVAL;
830
831 if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
832 return -EINVAL;
833
834 sig_buf_size = args.file_signature_buf_size;
835 if (sig_buf_size > INCFS_MAX_SIGNATURE_SIZE)
836 return -E2BIG;
837
838 sig_buffer = kzalloc(sig_buf_size, GFP_NOFS | __GFP_COMP);
839 if (!sig_buffer)
840 return -ENOMEM;
841
842 read_result = incfs_read_file_signature(df,
843 range(sig_buffer, sig_buf_size));
844
845 if (read_result < 0) {
846 error = read_result;
847 goto out;
848 }
849
850 if (copy_to_user(u64_to_user_ptr(args.file_signature), sig_buffer,
851 read_result)) {
852 error = -EFAULT;
853 goto out;
854 }
855
856 args.file_signature_len_out = read_result;
857 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
858 error = -EFAULT;
859
860 out:
861 kfree(sig_buffer);
862
863 return error;
864 }
865
ioctl_get_filled_blocks(struct file * f,void __user * arg)866 static long ioctl_get_filled_blocks(struct file *f, void __user *arg)
867 {
868 struct incfs_get_filled_blocks_args __user *args_usr_ptr = arg;
869 struct incfs_get_filled_blocks_args args = {};
870 struct data_file *df = get_incfs_data_file(f);
871 struct incfs_file_data *fd = f->private_data;
872 int error;
873
874 if (!df || !fd)
875 return -EINVAL;
876
877 if (fd->fd_fill_permission != CAN_FILL)
878 return -EPERM;
879
880 if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
881 return -EINVAL;
882
883 error = incfs_get_filled_blocks(df, fd, &args);
884
885 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
886 return -EFAULT;
887
888 return error;
889 }
890
ioctl_get_block_count(struct file * f,void __user * arg)891 static long ioctl_get_block_count(struct file *f, void __user *arg)
892 {
893 struct incfs_get_block_count_args __user *args_usr_ptr = arg;
894 struct incfs_get_block_count_args args = {};
895 struct data_file *df = get_incfs_data_file(f);
896
897 if (!df)
898 return -EINVAL;
899
900 args.total_data_blocks_out = df->df_data_block_count;
901 args.filled_data_blocks_out = atomic_read(&df->df_data_blocks_written);
902 args.total_hash_blocks_out = df->df_total_block_count -
903 df->df_data_block_count;
904 args.filled_hash_blocks_out = atomic_read(&df->df_hash_blocks_written);
905
906 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
907 return -EFAULT;
908
909 return 0;
910 }
911
incfs_ioctl_get_flags(struct file * f,void __user * arg)912 static int incfs_ioctl_get_flags(struct file *f, void __user *arg)
913 {
914 u32 flags = IS_VERITY(file_inode(f)) ? FS_VERITY_FL : 0;
915
916 return put_user(flags, (int __user *) arg);
917 }
918
dispatch_ioctl(struct file * f,unsigned int req,unsigned long arg)919 static long dispatch_ioctl(struct file *f, unsigned int req, unsigned long arg)
920 {
921 switch (req) {
922 case INCFS_IOC_FILL_BLOCKS:
923 return ioctl_fill_blocks(f, (void __user *)arg);
924 case INCFS_IOC_READ_FILE_SIGNATURE:
925 return ioctl_read_file_signature(f, (void __user *)arg);
926 case INCFS_IOC_GET_FILLED_BLOCKS:
927 return ioctl_get_filled_blocks(f, (void __user *)arg);
928 case INCFS_IOC_GET_BLOCK_COUNT:
929 return ioctl_get_block_count(f, (void __user *)arg);
930 case FS_IOC_ENABLE_VERITY:
931 return incfs_ioctl_enable_verity(f, (const void __user *)arg);
932 case FS_IOC_GETFLAGS:
933 return incfs_ioctl_get_flags(f, (void __user *) arg);
934 case FS_IOC_MEASURE_VERITY:
935 return incfs_ioctl_measure_verity(f, (void __user *)arg);
936 case FS_IOC_READ_VERITY_METADATA:
937 return incfs_ioctl_read_verity_metadata(f, (void __user *)arg);
938 default:
939 return -EINVAL;
940 }
941 }
942
943 #ifdef CONFIG_COMPAT
incfs_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)944 static long incfs_compat_ioctl(struct file *file, unsigned int cmd,
945 unsigned long arg)
946 {
947 switch (cmd) {
948 case FS_IOC32_GETFLAGS:
949 cmd = FS_IOC_GETFLAGS;
950 break;
951 case INCFS_IOC_FILL_BLOCKS:
952 case INCFS_IOC_READ_FILE_SIGNATURE:
953 case INCFS_IOC_GET_FILLED_BLOCKS:
954 case INCFS_IOC_GET_BLOCK_COUNT:
955 case FS_IOC_ENABLE_VERITY:
956 case FS_IOC_MEASURE_VERITY:
957 case FS_IOC_READ_VERITY_METADATA:
958 break;
959 default:
960 return -ENOIOCTLCMD;
961 }
962 return dispatch_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
963 }
964 #endif
965
dir_lookup(struct inode * dir_inode,struct dentry * dentry,unsigned int flags)966 static struct dentry *dir_lookup(struct inode *dir_inode, struct dentry *dentry,
967 unsigned int flags)
968 {
969 struct mount_info *mi = get_mount_info(dir_inode->i_sb);
970 struct dentry *dir_dentry = NULL;
971 struct dentry *backing_dentry = NULL;
972 struct path dir_backing_path = {};
973 struct inode_info *dir_info = get_incfs_node(dir_inode);
974 int err = 0;
975
976 if (!mi || !dir_info || !dir_info->n_backing_inode)
977 return ERR_PTR(-EBADF);
978
979 if (d_inode(mi->mi_backing_dir_path.dentry) ==
980 dir_info->n_backing_inode) {
981 /* We do lookup in the FS root. Show pseudo files. */
982 err = dir_lookup_pseudo_files(dir_inode->i_sb, dentry);
983 if (err != -ENOENT)
984 goto out;
985 err = 0;
986 }
987
988 dir_dentry = dget_parent(dentry);
989 get_incfs_backing_path(dir_dentry, &dir_backing_path);
990 backing_dentry = incfs_lookup_dentry(dir_backing_path.dentry,
991 dentry->d_name.name);
992
993 if (!backing_dentry || IS_ERR(backing_dentry)) {
994 err = IS_ERR(backing_dentry)
995 ? PTR_ERR(backing_dentry)
996 : -EFAULT;
997 backing_dentry = NULL;
998 goto out;
999 } else {
1000 struct inode *inode = NULL;
1001 struct path backing_path = {
1002 .mnt = dir_backing_path.mnt,
1003 .dentry = backing_dentry
1004 };
1005
1006 err = incfs_init_dentry(dentry, &backing_path);
1007 if (err)
1008 goto out;
1009
1010 if (!d_really_is_positive(backing_dentry)) {
1011 /*
1012 * No such entry found in the backing dir.
1013 * Create a negative entry.
1014 */
1015 d_add(dentry, NULL);
1016 err = 0;
1017 goto out;
1018 }
1019
1020 if (d_inode(backing_dentry)->i_sb !=
1021 dir_info->n_backing_inode->i_sb) {
1022 /*
1023 * Somehow after the path lookup we ended up in a
1024 * different fs mount. If we keep going it's going
1025 * to end badly.
1026 */
1027 err = -EXDEV;
1028 goto out;
1029 }
1030
1031 inode = fetch_regular_inode(dir_inode->i_sb, backing_dentry);
1032 if (IS_ERR(inode)) {
1033 err = PTR_ERR(inode);
1034 goto out;
1035 }
1036
1037 d_add(dentry, inode);
1038 }
1039
1040 out:
1041 dput(dir_dentry);
1042 dput(backing_dentry);
1043 path_put(&dir_backing_path);
1044 if (err)
1045 pr_debug("incfs: %s %s %d\n", __func__,
1046 dentry->d_name.name, err);
1047 return ERR_PTR(err);
1048 }
1049
dir_mkdir(struct inode * dir,struct dentry * dentry,umode_t mode)1050 static int dir_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
1051 {
1052 struct mount_info *mi = get_mount_info(dir->i_sb);
1053 struct inode_info *dir_node = get_incfs_node(dir);
1054 struct dentry *backing_dentry = NULL;
1055 struct path backing_path = {};
1056 int err = 0;
1057
1058
1059 if (!mi || !dir_node || !dir_node->n_backing_inode)
1060 return -EBADF;
1061
1062 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1063 if (err)
1064 return err;
1065
1066 get_incfs_backing_path(dentry, &backing_path);
1067 backing_dentry = backing_path.dentry;
1068
1069 if (!backing_dentry) {
1070 err = -EBADF;
1071 goto path_err;
1072 }
1073
1074 if (backing_dentry->d_parent == mi->mi_index_dir) {
1075 /* Can't create a subdir inside .index */
1076 err = -EBUSY;
1077 goto out;
1078 }
1079
1080 if (backing_dentry->d_parent == mi->mi_incomplete_dir) {
1081 /* Can't create a subdir inside .incomplete */
1082 err = -EBUSY;
1083 goto out;
1084 }
1085 inode_lock_nested(dir_node->n_backing_inode, I_MUTEX_PARENT);
1086 err = vfs_mkdir(dir_node->n_backing_inode, backing_dentry, mode | 0222);
1087 inode_unlock(dir_node->n_backing_inode);
1088 if (!err) {
1089 struct inode *inode = NULL;
1090
1091 if (d_really_is_negative(backing_dentry) ||
1092 unlikely(d_unhashed(backing_dentry))) {
1093 err = -EINVAL;
1094 goto out;
1095 }
1096
1097 inode = fetch_regular_inode(dir->i_sb, backing_dentry);
1098 if (IS_ERR(inode)) {
1099 err = PTR_ERR(inode);
1100 goto out;
1101 }
1102 d_instantiate(dentry, inode);
1103 }
1104
1105 out:
1106 if (d_really_is_negative(dentry))
1107 d_drop(dentry);
1108 path_put(&backing_path);
1109
1110 path_err:
1111 mutex_unlock(&mi->mi_dir_struct_mutex);
1112 if (err)
1113 pr_debug("incfs: %s err:%d\n", __func__, err);
1114 return err;
1115 }
1116
1117 /*
1118 * Delete file referenced by backing_dentry and if appropriate its hardlink
1119 * from .index and .incomplete
1120 */
file_delete(struct mount_info * mi,struct dentry * dentry,struct dentry * backing_dentry,int nlink)1121 static int file_delete(struct mount_info *mi, struct dentry *dentry,
1122 struct dentry *backing_dentry, int nlink)
1123 {
1124 struct dentry *index_file_dentry = NULL;
1125 struct dentry *incomplete_file_dentry = NULL;
1126 /* 2 chars per byte of file ID + 1 char for \0 */
1127 char file_id_str[2 * sizeof(incfs_uuid_t) + 1] = {0};
1128 ssize_t uuid_size = 0;
1129 int error = 0;
1130
1131 WARN_ON(!mutex_is_locked(&mi->mi_dir_struct_mutex));
1132
1133 if (nlink > 3)
1134 goto just_unlink;
1135
1136 uuid_size = vfs_getxattr(backing_dentry, INCFS_XATTR_ID_NAME,
1137 file_id_str, 2 * sizeof(incfs_uuid_t));
1138 if (uuid_size < 0) {
1139 error = uuid_size;
1140 goto out;
1141 }
1142
1143 if (uuid_size != 2 * sizeof(incfs_uuid_t)) {
1144 error = -EBADMSG;
1145 goto out;
1146 }
1147
1148 index_file_dentry = incfs_lookup_dentry(mi->mi_index_dir, file_id_str);
1149 if (IS_ERR(index_file_dentry)) {
1150 error = PTR_ERR(index_file_dentry);
1151 index_file_dentry = NULL;
1152 goto out;
1153 }
1154
1155 if (d_really_is_positive(index_file_dentry) && nlink > 0)
1156 nlink--;
1157
1158 if (nlink > 2)
1159 goto just_unlink;
1160
1161 incomplete_file_dentry = incfs_lookup_dentry(mi->mi_incomplete_dir,
1162 file_id_str);
1163 if (IS_ERR(incomplete_file_dentry)) {
1164 error = PTR_ERR(incomplete_file_dentry);
1165 incomplete_file_dentry = NULL;
1166 goto out;
1167 }
1168
1169 if (d_really_is_positive(incomplete_file_dentry) && nlink > 0)
1170 nlink--;
1171
1172 if (nlink > 1)
1173 goto just_unlink;
1174
1175 if (d_really_is_positive(index_file_dentry)) {
1176 error = incfs_unlink(index_file_dentry);
1177 if (error)
1178 goto out;
1179 notify_unlink(dentry, file_id_str, INCFS_INDEX_NAME);
1180 }
1181
1182 if (d_really_is_positive(incomplete_file_dentry)) {
1183 error = incfs_unlink(incomplete_file_dentry);
1184 if (error)
1185 goto out;
1186 notify_unlink(dentry, file_id_str, INCFS_INCOMPLETE_NAME);
1187 }
1188
1189 just_unlink:
1190 error = incfs_unlink(backing_dentry);
1191
1192 out:
1193 dput(index_file_dentry);
1194 dput(incomplete_file_dentry);
1195 if (error)
1196 pr_debug("incfs: delete_file_from_index err:%d\n", error);
1197 return error;
1198 }
1199
dir_unlink(struct inode * dir,struct dentry * dentry)1200 static int dir_unlink(struct inode *dir, struct dentry *dentry)
1201 {
1202 struct mount_info *mi = get_mount_info(dir->i_sb);
1203 struct path backing_path = {};
1204 struct kstat stat;
1205 int err = 0;
1206
1207 if (!mi)
1208 return -EBADF;
1209
1210 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1211 if (err)
1212 return err;
1213
1214 get_incfs_backing_path(dentry, &backing_path);
1215 if (!backing_path.dentry) {
1216 err = -EBADF;
1217 goto path_err;
1218 }
1219
1220 if (backing_path.dentry->d_parent == mi->mi_index_dir) {
1221 /* Direct unlink from .index are not allowed. */
1222 err = -EBUSY;
1223 goto out;
1224 }
1225
1226 if (backing_path.dentry->d_parent == mi->mi_incomplete_dir) {
1227 /* Direct unlink from .incomplete are not allowed. */
1228 err = -EBUSY;
1229 goto out;
1230 }
1231
1232 err = vfs_getattr(&backing_path, &stat, STATX_NLINK,
1233 AT_STATX_SYNC_AS_STAT);
1234 if (err)
1235 goto out;
1236
1237 err = file_delete(mi, dentry, backing_path.dentry, stat.nlink);
1238
1239 d_drop(dentry);
1240 out:
1241 path_put(&backing_path);
1242 path_err:
1243 if (err)
1244 pr_debug("incfs: %s err:%d\n", __func__, err);
1245 mutex_unlock(&mi->mi_dir_struct_mutex);
1246 return err;
1247 }
1248
dir_link(struct dentry * old_dentry,struct inode * dir,struct dentry * new_dentry)1249 static int dir_link(struct dentry *old_dentry, struct inode *dir,
1250 struct dentry *new_dentry)
1251 {
1252 struct mount_info *mi = get_mount_info(dir->i_sb);
1253 struct path backing_old_path = {};
1254 struct path backing_new_path = {};
1255 int error = 0;
1256
1257 if (!mi)
1258 return -EBADF;
1259
1260 error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1261 if (error)
1262 return error;
1263
1264 get_incfs_backing_path(old_dentry, &backing_old_path);
1265 get_incfs_backing_path(new_dentry, &backing_new_path);
1266
1267 if (backing_new_path.dentry->d_parent == mi->mi_index_dir) {
1268 /* Can't link to .index */
1269 error = -EBUSY;
1270 goto out;
1271 }
1272
1273 if (backing_new_path.dentry->d_parent == mi->mi_incomplete_dir) {
1274 /* Can't link to .incomplete */
1275 error = -EBUSY;
1276 goto out;
1277 }
1278
1279 error = incfs_link(backing_old_path.dentry, backing_new_path.dentry);
1280 if (!error) {
1281 struct inode *inode = NULL;
1282 struct dentry *bdentry = backing_new_path.dentry;
1283
1284 if (d_really_is_negative(bdentry)) {
1285 error = -EINVAL;
1286 goto out;
1287 }
1288
1289 inode = fetch_regular_inode(dir->i_sb, bdentry);
1290 if (IS_ERR(inode)) {
1291 error = PTR_ERR(inode);
1292 goto out;
1293 }
1294 d_instantiate(new_dentry, inode);
1295 }
1296
1297 out:
1298 path_put(&backing_old_path);
1299 path_put(&backing_new_path);
1300 if (error)
1301 pr_debug("incfs: %s err:%d\n", __func__, error);
1302 mutex_unlock(&mi->mi_dir_struct_mutex);
1303 return error;
1304 }
1305
dir_rmdir(struct inode * dir,struct dentry * dentry)1306 static int dir_rmdir(struct inode *dir, struct dentry *dentry)
1307 {
1308 struct mount_info *mi = get_mount_info(dir->i_sb);
1309 struct path backing_path = {};
1310 int err = 0;
1311
1312 if (!mi)
1313 return -EBADF;
1314
1315 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1316 if (err)
1317 return err;
1318
1319 get_incfs_backing_path(dentry, &backing_path);
1320 if (!backing_path.dentry) {
1321 err = -EBADF;
1322 goto path_err;
1323 }
1324
1325 if (backing_path.dentry == mi->mi_index_dir) {
1326 /* Can't delete .index */
1327 err = -EBUSY;
1328 goto out;
1329 }
1330
1331 if (backing_path.dentry == mi->mi_incomplete_dir) {
1332 /* Can't delete .incomplete */
1333 err = -EBUSY;
1334 goto out;
1335 }
1336
1337 err = incfs_rmdir(backing_path.dentry);
1338 if (!err)
1339 d_drop(dentry);
1340 out:
1341 path_put(&backing_path);
1342
1343 path_err:
1344 if (err)
1345 pr_debug("incfs: %s err:%d\n", __func__, err);
1346 mutex_unlock(&mi->mi_dir_struct_mutex);
1347 return err;
1348 }
1349
dir_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)1350 static int dir_rename(struct inode *old_dir, struct dentry *old_dentry,
1351 struct inode *new_dir, struct dentry *new_dentry)
1352 {
1353 struct mount_info *mi = get_mount_info(old_dir->i_sb);
1354 struct dentry *backing_old_dentry;
1355 struct dentry *backing_new_dentry;
1356 struct dentry *backing_old_dir_dentry;
1357 struct dentry *backing_new_dir_dentry;
1358 struct inode *target_inode;
1359 struct dentry *trap;
1360 int error = 0;
1361
1362 error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1363 if (error)
1364 return error;
1365
1366 backing_old_dentry = get_incfs_dentry(old_dentry)->backing_path.dentry;
1367
1368 if (!backing_old_dentry || backing_old_dentry == mi->mi_index_dir ||
1369 backing_old_dentry == mi->mi_incomplete_dir) {
1370 /* Renaming .index or .incomplete not allowed */
1371 error = -EBUSY;
1372 goto exit;
1373 }
1374
1375 backing_new_dentry = get_incfs_dentry(new_dentry)->backing_path.dentry;
1376 dget(backing_old_dentry);
1377 dget(backing_new_dentry);
1378
1379 backing_old_dir_dentry = dget_parent(backing_old_dentry);
1380 backing_new_dir_dentry = dget_parent(backing_new_dentry);
1381 target_inode = d_inode(new_dentry);
1382
1383 if (backing_old_dir_dentry == mi->mi_index_dir ||
1384 backing_old_dir_dentry == mi->mi_incomplete_dir) {
1385 /* Direct moves from .index or .incomplete are not allowed. */
1386 error = -EBUSY;
1387 goto out;
1388 }
1389
1390 trap = lock_rename(backing_old_dir_dentry, backing_new_dir_dentry);
1391
1392 if (trap == backing_old_dentry) {
1393 error = -EINVAL;
1394 goto unlock_out;
1395 }
1396 if (trap == backing_new_dentry) {
1397 error = -ENOTEMPTY;
1398 goto unlock_out;
1399 }
1400
1401 error = vfs_rename(d_inode(backing_old_dir_dentry), backing_old_dentry,
1402 d_inode(backing_new_dir_dentry), backing_new_dentry,
1403 NULL, 0);
1404 if (error)
1405 goto unlock_out;
1406 if (target_inode)
1407 fsstack_copy_attr_all(target_inode,
1408 get_incfs_node(target_inode)->n_backing_inode);
1409 fsstack_copy_attr_all(new_dir, d_inode(backing_new_dir_dentry));
1410 if (new_dir != old_dir)
1411 fsstack_copy_attr_all(old_dir, d_inode(backing_old_dir_dentry));
1412
1413 unlock_out:
1414 unlock_rename(backing_old_dir_dentry, backing_new_dir_dentry);
1415
1416 out:
1417 dput(backing_new_dir_dentry);
1418 dput(backing_old_dir_dentry);
1419 dput(backing_new_dentry);
1420 dput(backing_old_dentry);
1421
1422 exit:
1423 mutex_unlock(&mi->mi_dir_struct_mutex);
1424 if (error)
1425 pr_debug("incfs: %s err:%d\n", __func__, error);
1426 return error;
1427 }
1428
1429
file_open(struct inode * inode,struct file * file)1430 static int file_open(struct inode *inode, struct file *file)
1431 {
1432 struct mount_info *mi = get_mount_info(inode->i_sb);
1433 struct file *backing_file = NULL;
1434 struct path backing_path = {};
1435 int err = 0;
1436 int flags = O_NOATIME | O_LARGEFILE |
1437 (S_ISDIR(inode->i_mode) ? O_RDONLY : O_RDWR);
1438 const struct cred *old_cred;
1439
1440 WARN_ON(file->private_data);
1441
1442 if (!mi)
1443 return -EBADF;
1444
1445 get_incfs_backing_path(file->f_path.dentry, &backing_path);
1446 if (!backing_path.dentry)
1447 return -EBADF;
1448
1449 old_cred = override_creds(mi->mi_owner);
1450 backing_file = dentry_open(&backing_path, flags, current_cred());
1451 revert_creds(old_cred);
1452 path_put(&backing_path);
1453
1454 if (IS_ERR(backing_file)) {
1455 err = PTR_ERR(backing_file);
1456 backing_file = NULL;
1457 goto out;
1458 }
1459
1460 if (S_ISREG(inode->i_mode)) {
1461 struct incfs_file_data *fd = kzalloc(sizeof(*fd), GFP_NOFS);
1462
1463 if (!fd) {
1464 err = -ENOMEM;
1465 goto out;
1466 }
1467
1468 *fd = (struct incfs_file_data) {
1469 .fd_fill_permission = CANT_FILL,
1470 };
1471 file->private_data = fd;
1472
1473 err = make_inode_ready_for_data_ops(mi, inode, backing_file);
1474 if (err)
1475 goto out;
1476
1477 err = incfs_fsverity_file_open(inode, file);
1478 if (err)
1479 goto out;
1480 } else if (S_ISDIR(inode->i_mode)) {
1481 struct dir_file *dir = NULL;
1482
1483 dir = incfs_open_dir_file(mi, backing_file);
1484 if (IS_ERR(dir))
1485 err = PTR_ERR(dir);
1486 else
1487 file->private_data = dir;
1488 } else
1489 err = -EBADF;
1490
1491 out:
1492 if (err) {
1493 pr_debug("name:%s err: %d\n",
1494 file->f_path.dentry->d_name.name, err);
1495 if (S_ISREG(inode->i_mode))
1496 kfree(file->private_data);
1497 else if (S_ISDIR(inode->i_mode))
1498 incfs_free_dir_file(file->private_data);
1499
1500 file->private_data = NULL;
1501 }
1502
1503 if (backing_file)
1504 fput(backing_file);
1505 return err;
1506 }
1507
file_release(struct inode * inode,struct file * file)1508 static int file_release(struct inode *inode, struct file *file)
1509 {
1510 if (S_ISREG(inode->i_mode)) {
1511 kfree(file->private_data);
1512 file->private_data = NULL;
1513 } else if (S_ISDIR(inode->i_mode)) {
1514 struct dir_file *dir = get_incfs_dir_file(file);
1515
1516 incfs_free_dir_file(dir);
1517 }
1518
1519 return 0;
1520 }
1521
dentry_revalidate(struct dentry * d,unsigned int flags)1522 static int dentry_revalidate(struct dentry *d, unsigned int flags)
1523 {
1524 struct path backing_path = {};
1525 struct inode_info *info = get_incfs_node(d_inode(d));
1526 struct inode *binode = (info == NULL) ? NULL : info->n_backing_inode;
1527 struct dentry *backing_dentry = NULL;
1528 int result = 0;
1529
1530 if (flags & LOOKUP_RCU)
1531 return -ECHILD;
1532
1533 get_incfs_backing_path(d, &backing_path);
1534 backing_dentry = backing_path.dentry;
1535 if (!backing_dentry)
1536 goto out;
1537
1538 if (d_inode(backing_dentry) != binode) {
1539 /*
1540 * Backing inodes obtained via dentry and inode don't match.
1541 * It indicates that most likely backing dir has changed
1542 * directly bypassing Incremental FS interface.
1543 */
1544 goto out;
1545 }
1546
1547 if (backing_dentry->d_flags & DCACHE_OP_REVALIDATE) {
1548 result = backing_dentry->d_op->d_revalidate(backing_dentry,
1549 flags);
1550 } else
1551 result = 1;
1552
1553 out:
1554 path_put(&backing_path);
1555 return result;
1556 }
1557
dentry_release(struct dentry * d)1558 static void dentry_release(struct dentry *d)
1559 {
1560 struct dentry_info *di = get_incfs_dentry(d);
1561
1562 if (di)
1563 path_put(&di->backing_path);
1564 kfree(d->d_fsdata);
1565 d->d_fsdata = NULL;
1566 }
1567
alloc_inode(struct super_block * sb)1568 static struct inode *alloc_inode(struct super_block *sb)
1569 {
1570 struct inode_info *node = kzalloc(sizeof(*node), GFP_NOFS);
1571
1572 /* TODO: add a slab-based cache here. */
1573 if (!node)
1574 return NULL;
1575 inode_init_once(&node->n_vfs_inode);
1576 return &node->n_vfs_inode;
1577 }
1578
free_inode(struct inode * inode)1579 static void free_inode(struct inode *inode)
1580 {
1581 struct inode_info *node = get_incfs_node(inode);
1582
1583 kfree(node);
1584 }
1585
evict_inode(struct inode * inode)1586 static void evict_inode(struct inode *inode)
1587 {
1588 struct inode_info *node = get_incfs_node(inode);
1589
1590 if (node) {
1591 if (node->n_backing_inode) {
1592 iput(node->n_backing_inode);
1593 node->n_backing_inode = NULL;
1594 }
1595 if (node->n_file) {
1596 incfs_free_data_file(node->n_file);
1597 node->n_file = NULL;
1598 }
1599 }
1600
1601 truncate_inode_pages(&inode->i_data, 0);
1602 clear_inode(inode);
1603 }
1604
incfs_setattr(struct dentry * dentry,struct iattr * ia)1605 static int incfs_setattr(struct dentry *dentry, struct iattr *ia)
1606 {
1607 struct dentry_info *di = get_incfs_dentry(dentry);
1608 struct dentry *backing_dentry;
1609 struct inode *backing_inode;
1610 int error;
1611
1612 if (ia->ia_valid & ATTR_SIZE)
1613 return -EINVAL;
1614
1615 if ((ia->ia_valid & (ATTR_KILL_SUID|ATTR_KILL_SGID)) &&
1616 (ia->ia_valid & ATTR_MODE))
1617 return -EINVAL;
1618
1619 if (!di)
1620 return -EINVAL;
1621 backing_dentry = di->backing_path.dentry;
1622 if (!backing_dentry)
1623 return -EINVAL;
1624
1625 backing_inode = d_inode(backing_dentry);
1626
1627 /* incfs files are readonly, but the backing files must be writeable */
1628 if (S_ISREG(backing_inode->i_mode)) {
1629 if ((ia->ia_valid & ATTR_MODE) && (ia->ia_mode & 0222))
1630 return -EINVAL;
1631
1632 ia->ia_mode |= 0222;
1633 }
1634
1635 inode_lock(d_inode(backing_dentry));
1636 error = notify_change(backing_dentry, ia, NULL);
1637 inode_unlock(d_inode(backing_dentry));
1638
1639 if (error)
1640 return error;
1641
1642 if (S_ISREG(backing_inode->i_mode))
1643 ia->ia_mode &= ~0222;
1644
1645 return simple_setattr(dentry, ia);
1646 }
1647
1648
incfs_getattr(const struct path * path,struct kstat * stat,u32 request_mask,unsigned int query_flags)1649 static int incfs_getattr(const struct path *path,
1650 struct kstat *stat, u32 request_mask,
1651 unsigned int query_flags)
1652 {
1653 struct inode *inode = d_inode(path->dentry);
1654
1655 generic_fillattr(inode, stat);
1656
1657 if (inode->i_ino < INCFS_START_INO_RANGE)
1658 return 0;
1659
1660 stat->attributes &= ~STATX_ATTR_VERITY;
1661 if (IS_VERITY(inode))
1662 stat->attributes |= STATX_ATTR_VERITY;
1663 stat->attributes_mask |= STATX_ATTR_VERITY;
1664
1665 if (request_mask & STATX_BLOCKS) {
1666 struct kstat backing_kstat;
1667 struct dentry_info *di = get_incfs_dentry(path->dentry);
1668 int error = 0;
1669 struct path *backing_path;
1670
1671 if (!di)
1672 return -EFSCORRUPTED;
1673 backing_path = &di->backing_path;
1674 error = vfs_getattr(backing_path, &backing_kstat, STATX_BLOCKS,
1675 AT_STATX_SYNC_AS_STAT);
1676 if (error)
1677 return error;
1678
1679 stat->blocks = backing_kstat.blocks;
1680 }
1681
1682 return 0;
1683 }
1684
incfs_getxattr(struct dentry * d,const char * name,void * value,size_t size)1685 static ssize_t incfs_getxattr(struct dentry *d, const char *name,
1686 void *value, size_t size)
1687 {
1688 struct dentry_info *di = get_incfs_dentry(d);
1689 struct mount_info *mi = get_mount_info(d->d_sb);
1690 char *stored_value;
1691 size_t stored_size;
1692 int i;
1693
1694 if (di && di->backing_path.dentry)
1695 return vfs_getxattr(di->backing_path.dentry, name, value, size);
1696
1697 if (strcmp(name, "security.selinux"))
1698 return -ENODATA;
1699
1700 for (i = 0; i < PSEUDO_FILE_COUNT; ++i)
1701 if (!strcmp(d->d_iname, incfs_pseudo_file_names[i].data))
1702 break;
1703 if (i == PSEUDO_FILE_COUNT)
1704 return -ENODATA;
1705
1706 stored_value = mi->pseudo_file_xattr[i].data;
1707 stored_size = mi->pseudo_file_xattr[i].len;
1708 if (!stored_value)
1709 return -ENODATA;
1710
1711 if (stored_size > size)
1712 return -E2BIG;
1713
1714 memcpy(value, stored_value, stored_size);
1715 return stored_size;
1716 }
1717
1718
incfs_setxattr(struct dentry * d,const char * name,const void * value,size_t size,int flags)1719 static ssize_t incfs_setxattr(struct dentry *d, const char *name,
1720 const void *value, size_t size, int flags)
1721 {
1722 struct dentry_info *di = get_incfs_dentry(d);
1723 struct mount_info *mi = get_mount_info(d->d_sb);
1724 u8 **stored_value;
1725 size_t *stored_size;
1726 int i;
1727
1728 if (di && di->backing_path.dentry)
1729 return vfs_setxattr(di->backing_path.dentry, name, value, size,
1730 flags);
1731
1732 if (strcmp(name, "security.selinux"))
1733 return -ENODATA;
1734
1735 if (size > INCFS_MAX_FILE_ATTR_SIZE)
1736 return -E2BIG;
1737
1738 for (i = 0; i < PSEUDO_FILE_COUNT; ++i)
1739 if (!strcmp(d->d_iname, incfs_pseudo_file_names[i].data))
1740 break;
1741 if (i == PSEUDO_FILE_COUNT)
1742 return -ENODATA;
1743
1744 stored_value = &mi->pseudo_file_xattr[i].data;
1745 stored_size = &mi->pseudo_file_xattr[i].len;
1746 kfree (*stored_value);
1747 *stored_value = kzalloc(size, GFP_NOFS);
1748 if (!*stored_value)
1749 return -ENOMEM;
1750
1751 memcpy(*stored_value, value, size);
1752 *stored_size = size;
1753 return 0;
1754 }
1755
incfs_listxattr(struct dentry * d,char * list,size_t size)1756 static ssize_t incfs_listxattr(struct dentry *d, char *list, size_t size)
1757 {
1758 struct dentry_info *di = get_incfs_dentry(d);
1759
1760 if (!di || !di->backing_path.dentry)
1761 return -ENODATA;
1762
1763 return vfs_listxattr(di->backing_path.dentry, list, size);
1764 }
1765
incfs_mount_fs(struct file_system_type * type,int flags,const char * dev_name,void * data)1766 struct dentry *incfs_mount_fs(struct file_system_type *type, int flags,
1767 const char *dev_name, void *data)
1768 {
1769 struct mount_options options = {};
1770 struct mount_info *mi = NULL;
1771 struct path backing_dir_path = {};
1772 struct dentry *index_dir = NULL;
1773 struct dentry *incomplete_dir = NULL;
1774 struct super_block *src_fs_sb = NULL;
1775 struct inode *root_inode = NULL;
1776 struct super_block *sb = sget(type, NULL, set_anon_super, flags, NULL);
1777 bool dir_created = false;
1778 int error = 0;
1779
1780 if (IS_ERR(sb))
1781 return ERR_CAST(sb);
1782
1783 sb->s_op = &incfs_super_ops;
1784 sb->s_d_op = &incfs_dentry_ops;
1785 sb->s_flags |= S_NOATIME;
1786 sb->s_magic = INCFS_MAGIC_NUMBER;
1787 sb->s_time_gran = 1;
1788 sb->s_blocksize = INCFS_DATA_FILE_BLOCK_SIZE;
1789 sb->s_blocksize_bits = blksize_bits(sb->s_blocksize);
1790 sb->s_xattr = incfs_xattr_ops;
1791
1792 BUILD_BUG_ON(PAGE_SIZE != INCFS_DATA_FILE_BLOCK_SIZE);
1793
1794 if (!dev_name) {
1795 pr_err("incfs: Backing dir is not set, filesystem can't be mounted.\n");
1796 error = -ENOENT;
1797 goto err_deactivate;
1798 }
1799
1800 error = parse_options(&options, (char *)data);
1801 if (error != 0) {
1802 pr_err("incfs: Options parsing error. %d\n", error);
1803 goto err_deactivate;
1804 }
1805
1806 sb->s_bdi->ra_pages = options.readahead_pages;
1807 if (!dev_name) {
1808 pr_err("incfs: Backing dir is not set, filesystem can't be mounted.\n");
1809 error = -ENOENT;
1810 goto err_free_opts;
1811 }
1812
1813 error = kern_path(dev_name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
1814 &backing_dir_path);
1815 if (error || backing_dir_path.dentry == NULL ||
1816 !d_really_is_positive(backing_dir_path.dentry)) {
1817 pr_err("incfs: Error accessing: %s.\n",
1818 dev_name);
1819 goto err_free_opts;
1820 }
1821 src_fs_sb = backing_dir_path.dentry->d_sb;
1822 sb->s_maxbytes = src_fs_sb->s_maxbytes;
1823 sb->s_stack_depth = src_fs_sb->s_stack_depth + 1;
1824
1825 if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
1826 error = -EINVAL;
1827 goto err_put_path;
1828 }
1829
1830 mi = incfs_alloc_mount_info(sb, &options, &backing_dir_path);
1831 if (IS_ERR_OR_NULL(mi)) {
1832 error = PTR_ERR(mi);
1833 pr_err("incfs: Error allocating mount info. %d\n", error);
1834 goto err_put_path;
1835 }
1836
1837 sb->s_fs_info = mi;
1838 mi->mi_backing_dir_path = backing_dir_path;
1839 index_dir = open_or_create_special_dir(backing_dir_path.dentry,
1840 INCFS_INDEX_NAME, &dir_created);
1841 if (IS_ERR_OR_NULL(index_dir)) {
1842 error = PTR_ERR(index_dir);
1843 pr_err("incfs: Can't find or create .index dir in %s\n",
1844 dev_name);
1845 /* No need to null index_dir since we don't put it */
1846 goto err_put_path;
1847 }
1848
1849 mi->mi_index_dir = index_dir;
1850 mi->mi_index_free = dir_created;
1851
1852 incomplete_dir = open_or_create_special_dir(backing_dir_path.dentry,
1853 INCFS_INCOMPLETE_NAME,
1854 &dir_created);
1855 if (IS_ERR_OR_NULL(incomplete_dir)) {
1856 error = PTR_ERR(incomplete_dir);
1857 pr_err("incfs: Can't find or create .incomplete dir in %s\n",
1858 dev_name);
1859 /* No need to null incomplete_dir since we don't put it */
1860 goto err_put_path;
1861 }
1862 mi->mi_incomplete_dir = incomplete_dir;
1863 mi->mi_incomplete_free = dir_created;
1864
1865 root_inode = fetch_regular_inode(sb, backing_dir_path.dentry);
1866 if (IS_ERR(root_inode)) {
1867 error = PTR_ERR(root_inode);
1868 goto err_put_path;
1869 }
1870
1871 sb->s_root = d_make_root(root_inode);
1872 if (!sb->s_root) {
1873 error = -ENOMEM;
1874 goto err_put_path;
1875 }
1876 error = incfs_init_dentry(sb->s_root, &backing_dir_path);
1877 if (error)
1878 goto err_put_path;
1879
1880 path_put(&backing_dir_path);
1881 sb->s_flags |= SB_ACTIVE;
1882
1883 pr_debug("incfs: mount\n");
1884 return dget(sb->s_root);
1885
1886 err_put_path:
1887 path_put(&backing_dir_path);
1888 err_free_opts:
1889 free_options(&options);
1890 err_deactivate:
1891 deactivate_locked_super(sb);
1892 pr_err("incfs: mount failed %d\n", error);
1893 return ERR_PTR(error);
1894 }
1895
incfs_remount_fs(struct super_block * sb,int * flags,char * data)1896 static int incfs_remount_fs(struct super_block *sb, int *flags, char *data)
1897 {
1898 struct mount_options options;
1899 struct mount_info *mi = get_mount_info(sb);
1900 int err = 0;
1901
1902 sync_filesystem(sb);
1903 err = parse_options(&options, (char *)data);
1904 if (err)
1905 return err;
1906
1907 if (options.report_uid != mi->mi_options.report_uid) {
1908 pr_err("incfs: Can't change report_uid mount option on remount\n");
1909 err = -EOPNOTSUPP;
1910 goto out;
1911 }
1912
1913 err = incfs_realloc_mount_info(mi, &options);
1914 if (err)
1915 goto out;
1916
1917 pr_debug("incfs: remount\n");
1918
1919 out:
1920 free_options(&options);
1921 return err;
1922 }
1923
incfs_kill_sb(struct super_block * sb)1924 void incfs_kill_sb(struct super_block *sb)
1925 {
1926 struct mount_info *mi = sb->s_fs_info;
1927 struct inode *dinode = NULL;
1928
1929 pr_debug("incfs: unmount\n");
1930
1931 /*
1932 * We must kill the super before freeing mi, since killing the super
1933 * triggers inode eviction, which triggers the final update of the
1934 * backing file, which uses certain information for mi
1935 */
1936 kill_anon_super(sb);
1937
1938 if (mi) {
1939 if (mi->mi_backing_dir_path.dentry)
1940 dinode = d_inode(mi->mi_backing_dir_path.dentry);
1941
1942 if (dinode) {
1943 if (mi->mi_index_dir && mi->mi_index_free)
1944 vfs_rmdir(dinode, mi->mi_index_dir);
1945
1946 if (mi->mi_incomplete_dir && mi->mi_incomplete_free)
1947 vfs_rmdir(dinode, mi->mi_incomplete_dir);
1948 }
1949
1950 incfs_free_mount_info(mi);
1951 sb->s_fs_info = NULL;
1952 }
1953 }
1954
show_options(struct seq_file * m,struct dentry * root)1955 static int show_options(struct seq_file *m, struct dentry *root)
1956 {
1957 struct mount_info *mi = get_mount_info(root->d_sb);
1958
1959 seq_printf(m, ",read_timeout_ms=%u", mi->mi_options.read_timeout_ms);
1960 seq_printf(m, ",readahead=%u", mi->mi_options.readahead_pages);
1961 if (mi->mi_options.read_log_pages != 0) {
1962 seq_printf(m, ",rlog_pages=%u", mi->mi_options.read_log_pages);
1963 seq_printf(m, ",rlog_wakeup_cnt=%u",
1964 mi->mi_options.read_log_wakeup_count);
1965 }
1966 if (mi->mi_options.report_uid)
1967 seq_puts(m, ",report_uid");
1968
1969 if (mi->mi_sysfs_node)
1970 seq_printf(m, ",sysfs_name=%s",
1971 kobject_name(&mi->mi_sysfs_node->isn_sysfs_node));
1972 return 0;
1973 }
1974