// SPDX-License-Identifier: GPL-2.0
/*
* Copyright 2020 Google LLC
*/
#include <linux/file.h>
#include <linux/fs.h>
#include <linux/fsnotify.h>
#include <linux/namei.h>
#include <linux/poll.h>
#include <linux/syscalls.h>
#include <linux/fdtable.h>
#include <uapi/linux/incrementalfs.h>
#include "pseudo_files.h"
#include "data_mgmt.h"
#include "format.h"
#include "integrity.h"
#include "vfs.h"
#define READ_WRITE_FILE_MODE 0666
static bool is_pseudo_filename(struct mem_range name);
/*******************************************************************************
* .pending_reads pseudo file definition
******************************************************************************/
#define INCFS_PENDING_READS_INODE 2
static const char pending_reads_file_name[] = INCFS_PENDING_READS_FILENAME;
/* State of an open .pending_reads file, unique for each file descriptor. */
struct pending_reads_state {
/* A serial number of the last pending read obtained from this file. */
int last_pending_read_sn;
};
static ssize_t pending_reads_read(struct file *f, char __user *buf, size_t len,
loff_t *ppos)
{
struct pending_reads_state *pr_state = f->private_data;
struct mount_info *mi = get_mount_info(file_superblock(f));
bool report_uid;
unsigned long page = 0;
struct incfs_pending_read_info *reads_buf = NULL;
struct incfs_pending_read_info2 *reads_buf2 = NULL;
size_t record_size;
size_t reads_to_collect;
int last_known_read_sn = READ_ONCE(pr_state->last_pending_read_sn);
int new_max_sn = last_known_read_sn;
int reads_collected = 0;
ssize_t result = 0;
if (!mi)
return -EFAULT;
report_uid = mi->mi_options.report_uid;
record_size = report_uid ? sizeof(*reads_buf2) : sizeof(*reads_buf);
reads_to_collect = len / record_size;
if (!incfs_fresh_pending_reads_exist(mi, last_known_read_sn))
return 0;
page = get_zeroed_page(GFP_NOFS);
if (!page)
return -ENOMEM;
if (report_uid)
reads_buf2 = (struct incfs_pending_read_info2 *) page;
else
reads_buf = (struct incfs_pending_read_info *) page;
reads_to_collect =
min_t(size_t, PAGE_SIZE / record_size, reads_to_collect);
reads_collected = incfs_collect_pending_reads(mi, last_known_read_sn,
reads_buf, reads_buf2, reads_to_collect,
&new_max_sn);
if (reads_collected < 0) {
result = reads_collected;
goto out;
}
/*
* Just to make sure that we don't accidentally copy more data
* to reads buffer than userspace can handle.
*/
reads_collected = min_t(size_t, reads_collected, reads_to_collect);
result = reads_collected * record_size;
/* Copy reads info to the userspace buffer */
if (copy_to_user(buf, (void *)page, result)) {
result = -EFAULT;
goto out;
}
WRITE_ONCE(pr_state->last_pending_read_sn, new_max_sn);
*ppos = 0;
out:
free_page(page);
return result;
}
static __poll_t pending_reads_poll(struct file *file, poll_table *wait)
{
struct pending_reads_state *state = file->private_data;
struct mount_info *mi = get_mount_info(file_superblock(file));
__poll_t ret = 0;
poll_wait(file, &mi->mi_pending_reads_notif_wq, wait);
if (incfs_fresh_pending_reads_exist(mi,
state->last_pending_read_sn))
ret = EPOLLIN | EPOLLRDNORM;
return ret;
}
static int pending_reads_open(struct inode *inode, struct file *file)
{
struct pending_reads_state *state = NULL;
state = kzalloc(sizeof(*state), GFP_NOFS);
if (!state)
return -ENOMEM;
file->private_data = state;
return 0;
}
static int pending_reads_release(struct inode *inode, struct file *file)
{
kfree(file->private_data);
return 0;
}
static long ioctl_permit_fill(struct file *f, void __user *arg)
{
struct incfs_permit_fill __user *usr_permit_fill = arg;
struct incfs_permit_fill permit_fill;
long error = 0;
struct file *file = NULL;
struct incfs_file_data *fd;
if (copy_from_user(&permit_fill, usr_permit_fill, sizeof(permit_fill)))
return -EFAULT;
file = fget(permit_fill.file_descriptor);
if (IS_ERR_OR_NULL(file)) {
if (!file)
return -ENOENT;
return PTR_ERR(file);
}
if (file->f_op != &incfs_file_ops) {
error = -EPERM;
goto out;
}
if (file->f_inode->i_sb != f->f_inode->i_sb) {
error = -EPERM;
goto out;
}
fd = file->private_data;
switch (fd->fd_fill_permission) {
case CANT_FILL:
fd->fd_fill_permission = CAN_FILL;
break;
case CAN_FILL:
pr_debug("CAN_FILL already set");
break;
default:
pr_warn("Invalid file private data");
error = -EFAULT;
goto out;
}
out:
fput(file);
return error;
}
static int chmod(struct dentry *dentry, umode_t mode)
{
struct inode *inode = dentry->d_inode;
struct inode *delegated_inode = NULL;
struct iattr newattrs;
int error;
retry_deleg:
inode_lock(inode);
newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
error = notify_change(&init_user_ns, dentry, &newattrs, &delegated_inode);
inode_unlock(inode);
if (delegated_inode) {
error = break_deleg_wait(&delegated_inode);
if (!error)
goto retry_deleg;
}
return error;
}
static bool incfs_equal_ranges(struct mem_range lhs, struct mem_range rhs)
{
if (lhs.len != rhs.len)
return false;
return memcmp(lhs.data, rhs.data, lhs.len) == 0;
}
static int validate_name(char *file_name)
{
struct mem_range name = range(file_name, strlen(file_name));
int i = 0;
if (name.len > INCFS_MAX_NAME_LEN)
return -ENAMETOOLONG;
if (is_pseudo_filename(name))
return -EINVAL;
for (i = 0; i < name.len; i++)
if (name.data[i] == '/')
return -EINVAL;
return 0;
}
static int dir_relative_path_resolve(
struct mount_info *mi,
const char __user *relative_path,
struct path *result_path,
struct path *base_path)
{
int dir_fd = get_unused_fd_flags(0);
struct file *dir_f = NULL;
int error = 0;
if (!base_path)
base_path = &mi->mi_backing_dir_path;
if (dir_fd < 0)
return dir_fd;
dir_f = dentry_open(base_path, O_RDONLY | O_NOATIME, current_cred());
if (IS_ERR(dir_f)) {
error = PTR_ERR(dir_f);
goto out;
}
fd_install(dir_fd, dir_f);
if (!relative_path) {
/* No relative path given, just return the base dir. */
*result_path = *base_path;
path_get(result_path);
goto out;
}
error = user_path_at_empty(dir_fd, relative_path,
LOOKUP_FOLLOW | LOOKUP_DIRECTORY, result_path, NULL);
out:
close_fd(dir_fd);
if (error)
pr_debug("Error: %d\n", error);
return error;
}
static struct mem_range incfs_copy_signature_info_from_user(u8 __user *original,
u64 size)
{
u8 *result;
if (!original)
return range(NULL, 0);
if (size > INCFS_MAX_SIGNATURE_SIZE)
return range(ERR_PTR(-EFAULT), 0);
result = kzalloc(size, GFP_NOFS | __GFP_COMP);
if (!result)
return range(ERR_PTR(-ENOMEM), 0);
if (copy_from_user(result, original, size)) {
kfree(result);
return range(ERR_PTR(-EFAULT), 0);
}
return range(result, size);
}
static int init_new_file(struct mount_info *mi, struct dentry *dentry,
incfs_uuid_t *uuid, u64 size, struct mem_range attr,
u8 __user *user_signature_info, u64 signature_size)
{
struct path path = {};
struct file *new_file;
int error = 0;
struct backing_file_context *bfc = NULL;
u32 block_count;
struct mem_range raw_signature = { NULL };
struct mtree *hash_tree = NULL;
if (!mi || !dentry || !uuid)
return -EFAULT;
/* Resize newly created file to its true size. */
path = (struct path) {
.mnt = mi->mi_backing_dir_path.mnt,
.dentry = dentry
};
new_file = dentry_open(&path, O_RDWR | O_NOATIME | O_LARGEFILE,
current_cred());
if (IS_ERR(new_file)) {
error = PTR_ERR(new_file);
goto out;
}
bfc = incfs_alloc_bfc(mi, new_file);
fput(new_file);
if (IS_ERR(bfc)) {
error = PTR_ERR(bfc);
bfc = NULL;
goto out;
}
mutex_lock(&bfc->bc_mutex);
error = incfs_write_fh_to_backing_file(bfc, uuid, size);
if (error)
goto out;
block_count = (u32)get_blocks_count_for_size(size);
if (user_signature_info) {
raw_signature = incfs_copy_signature_info_from_user(
user_signature_info, signature_size);
if (IS_ERR(raw_signature.data)) {
error = PTR_ERR(raw_signature.data);
raw_signature.data = NULL;
goto out;
}
hash_tree = incfs_alloc_mtree(raw_signature, block_count);
if (IS_ERR(hash_tree)) {
error = PTR_ERR(hash_tree);
hash_tree = NULL;
goto out;
}
error = incfs_write_signature_to_backing_file(bfc,
raw_signature, hash_tree->hash_tree_area_size,
NULL, NULL);
if (error)
goto out;
block_count += get_blocks_count_for_size(
hash_tree->hash_tree_area_size);
}
if (block_count)
error = incfs_write_blockmap_to_backing_file(bfc, block_count);
if (error)
goto out;
out:
if (bfc) {
mutex_unlock(&bfc->bc_mutex);
incfs_free_bfc(bfc);
}
incfs_free_mtree(hash_tree);
kfree(raw_signature.data);
if (error)
pr_debug("incfs: %s error: %d\n", __func__, error);
return error;
}
static void notify_create(struct file *pending_reads_file,
const char __user *dir_name, const char *file_name,
const char *file_id_str, bool incomplete_file)
{
struct mount_info *mi =
get_mount_info(file_superblock(pending_reads_file));
struct path base_path = {
.mnt = pending_reads_file->f_path.mnt,
.dentry = pending_reads_file->f_path.dentry->d_parent,
};
struct path dir_path = {};
struct dentry *file = NULL;
struct dentry *dir = NULL;
int error;
error = dir_relative_path_resolve(mi, dir_name, &dir_path, &base_path);
if (error)
goto out;
file = incfs_lookup_dentry(dir_path.dentry, file_name);
if (IS_ERR(file)) {
error = PTR_ERR(file);
file = NULL;
goto out;
}
fsnotify_create(d_inode(dir_path.dentry), file);
if (file_id_str) {
dir = incfs_lookup_dentry(base_path.dentry, INCFS_INDEX_NAME);
if (IS_ERR(dir)) {
error = PTR_ERR(dir);
dir = NULL;
goto out;
}
dput(file);
file = incfs_lookup_dentry(dir, file_id_str);
if (IS_ERR(file)) {
error = PTR_ERR(file);
file = NULL;
goto out;
}
fsnotify_create(d_inode(dir), file);
if (incomplete_file) {
dput(dir);
dir = incfs_lookup_dentry(base_path.dentry,
INCFS_INCOMPLETE_NAME);
if (IS_ERR(dir)) {
error = PTR_ERR(dir);
dir = NULL;
goto out;
}
dput(file);
file = incfs_lookup_dentry(dir, file_id_str);
if (IS_ERR(file)) {
error = PTR_ERR(file);
file = NULL;
goto out;
}
fsnotify_create(d_inode(dir), file);
}
}
out:
if (error)
pr_warn("%s failed with error %d\n", __func__, error);
dput(dir);
dput(file);
path_put(&dir_path);
}
static long ioctl_create_file(struct file *file,
struct incfs_new_file_args __user *usr_args)
{
struct mount_info *mi = get_mount_info(file_superblock(file));
struct incfs_new_file_args args;
char *file_id_str = NULL;
struct dentry *index_file_dentry = NULL;
struct dentry *named_file_dentry = NULL;
struct dentry *incomplete_file_dentry = NULL;
struct path parent_dir_path = {};
struct inode *index_dir_inode = NULL;
__le64 size_attr_value = 0;
char *file_name = NULL;
char *attr_value = NULL;
int error = 0;
bool locked = false;
bool index_linked = false;
bool name_linked = false;
bool incomplete_linked = false;
if (!mi || !mi->mi_index_dir || !mi->mi_incomplete_dir) {
error = -EFAULT;
goto out;
}
if (copy_from_user(&args, usr_args, sizeof(args)) > 0) {
error = -EFAULT;
goto out;
}
file_name = strndup_user(u64_to_user_ptr(args.file_name), PATH_MAX);
if (IS_ERR(file_name)) {
error = PTR_ERR(file_name);
file_name = NULL;
goto out;
}
error = validate_name(file_name);
if (error)
goto out;
file_id_str = file_id_to_str(args.file_id);
if (!file_id_str) {
error = -ENOMEM;
goto out;
}
error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
if (error)
goto out;
locked = true;
/* Find a directory to put the file into. */
error = dir_relative_path_resolve(mi,
u64_to_user_ptr(args.directory_path),
&parent_dir_path, NULL);
if (error)
goto out;
if (parent_dir_path.dentry == mi->mi_index_dir) {
/* Can't create a file directly inside .index */
error = -EBUSY;
goto out;
}
if (parent_dir_path.dentry == mi->mi_incomplete_dir) {
/* Can't create a file directly inside .incomplete */
error = -EBUSY;
goto out;
}
/* Look up a dentry in the parent dir. It should be negative. */
named_file_dentry = incfs_lookup_dentry(parent_dir_path.dentry,
file_name);
if (!named_file_dentry) {
error = -EFAULT;
goto out;
}
if (IS_ERR(named_file_dentry)) {
error = PTR_ERR(named_file_dentry);
named_file_dentry = NULL;
goto out;
}
if (d_really_is_positive(named_file_dentry)) {
/* File with this path already exists. */
error = -EEXIST;
goto out;
}
/* Look up a dentry in the incomplete dir. It should be negative. */
incomplete_file_dentry = incfs_lookup_dentry(mi->mi_incomplete_dir,
file_id_str);
if (!incomplete_file_dentry) {
error = -EFAULT;
goto out;
}
if (IS_ERR(incomplete_file_dentry)) {
error = PTR_ERR(incomplete_file_dentry);
incomplete_file_dentry = NULL;
goto out;
}
if (d_really_is_positive(incomplete_file_dentry)) {
/* File with this path already exists. */
error = -EEXIST;
goto out;
}
/* Look up a dentry in the .index dir. It should be negative. */
index_file_dentry = incfs_lookup_dentry(mi->mi_index_dir, file_id_str);
if (!index_file_dentry) {
error = -EFAULT;
goto out;
}
if (IS_ERR(index_file_dentry)) {
error = PTR_ERR(index_file_dentry);
index_file_dentry = NULL;
goto out;
}
if (d_really_is_positive(index_file_dentry)) {
/* File with this ID already exists in index. */
error = -EEXIST;
goto out;
}
/* Creating a file in the .index dir. */
index_dir_inode = d_inode(mi->mi_index_dir);
inode_lock_nested(index_dir_inode, I_MUTEX_PARENT);
error = vfs_create(&init_user_ns, index_dir_inode, index_file_dentry,
args.mode | 0222, true);
inode_unlock(index_dir_inode);
if (error)
goto out;
if (!d_really_is_positive(index_file_dentry)) {
error = -EINVAL;
goto out;
}
error = chmod(index_file_dentry, args.mode | 0222);
if (error) {
pr_debug("incfs: chmod err: %d\n", error);
goto out;
}
/* Save the file's ID as an xattr for easy fetching in future. */
error = vfs_setxattr(&init_user_ns, index_file_dentry, INCFS_XATTR_ID_NAME,
file_id_str, strlen(file_id_str), XATTR_CREATE);
if (error) {
pr_debug("incfs: vfs_setxattr err:%d\n", error);
goto out;
}
/* Save the file's size as an xattr for easy fetching in future. */
size_attr_value = cpu_to_le64(args.size);
error = vfs_setxattr(&init_user_ns, index_file_dentry, INCFS_XATTR_SIZE_NAME,
(char *)&size_attr_value, sizeof(size_attr_value),
XATTR_CREATE);
if (error) {
pr_debug("incfs: vfs_setxattr err:%d\n", error);
goto out;
}
/* Save the file's attribute as an xattr */
if (args.file_attr_len && args.file_attr) {
if (args.file_attr_len > INCFS_MAX_FILE_ATTR_SIZE) {
error = -E2BIG;
goto out;
}
attr_value = kmalloc(args.file_attr_len, GFP_NOFS);
if (!attr_value) {
error = -ENOMEM;
goto out;
}
if (copy_from_user(attr_value,
u64_to_user_ptr(args.file_attr),
args.file_attr_len) > 0) {
error = -EFAULT;
goto out;
}
error = vfs_setxattr(&init_user_ns, index_file_dentry,
INCFS_XATTR_METADATA_NAME,
attr_value, args.file_attr_len,
XATTR_CREATE);
if (error)
goto out;
}
/* Initializing a newly created file. */
error = init_new_file(mi, index_file_dentry, &args.file_id, args.size,
range(attr_value, args.file_attr_len),
u64_to_user_ptr(args.signature_info),
args.signature_size);
if (error)
goto out;
index_linked = true;
/* Linking a file with its real name from the requested dir. */
error = incfs_link(index_file_dentry, named_file_dentry);
if (error)
goto out;
name_linked = true;
if (args.size) {
/* Linking a file with its incomplete entry */
error = incfs_link(index_file_dentry, incomplete_file_dentry);
if (error)
goto out;
incomplete_linked = true;
}
notify_create(file, u64_to_user_ptr(args.directory_path), file_name,
file_id_str, args.size != 0);
out:
if (error) {
pr_debug("incfs: %s err:%d\n", __func__, error);
if (index_linked)
incfs_unlink(index_file_dentry);
if (name_linked)
incfs_unlink(named_file_dentry);
if (incomplete_linked)
incfs_unlink(incomplete_file_dentry);
}
kfree(file_id_str);
kfree(file_name);
kfree(attr_value);
dput(named_file_dentry);
dput(index_file_dentry);
dput(incomplete_file_dentry);
path_put(&parent_dir_path);
if (locked)
mutex_unlock(&mi->mi_dir_struct_mutex);
return error;
}
static int init_new_mapped_file(struct mount_info *mi, struct dentry *dentry,
incfs_uuid_t *uuid, u64 size, u64 offset)
{
struct path path = {};
struct file *new_file;
int error = 0;
struct backing_file_context *bfc = NULL;
if (!mi || !dentry || !uuid)
return -EFAULT;
/* Resize newly created file to its true size. */
path = (struct path) {
.mnt = mi->mi_backing_dir_path.mnt,
.dentry = dentry
};
new_file = dentry_open(&path, O_RDWR | O_NOATIME | O_LARGEFILE,
current_cred());
if (IS_ERR(new_file)) {
error = PTR_ERR(new_file);
goto out;
}
bfc = incfs_alloc_bfc(mi, new_file);
fput(new_file);
if (IS_ERR(bfc)) {
error = PTR_ERR(bfc);
bfc = NULL;
goto out;
}
mutex_lock(&bfc->bc_mutex);
error = incfs_write_mapping_fh_to_backing_file(bfc, uuid, size, offset);
if (error)
goto out;
out:
if (bfc) {
mutex_unlock(&bfc->bc_mutex);
incfs_free_bfc(bfc);
}
if (error)
pr_debug("incfs: %s error: %d\n", __func__, error);
return error;
}
static long ioctl_create_mapped_file(struct file *file, void __user *arg)
{
struct mount_info *mi = get_mount_info(file_superblock(file));
struct incfs_create_mapped_file_args __user *args_usr_ptr = arg;
struct incfs_create_mapped_file_args args = {};
char *file_name;
int error = 0;
struct path parent_dir_path = {};
char *source_file_name = NULL;
struct dentry *source_file_dentry = NULL;
u64 source_file_size;
struct dentry *file_dentry = NULL;
struct inode *parent_inode;
__le64 size_attr_value;
if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
return -EINVAL;
file_name = strndup_user(u64_to_user_ptr(args.file_name), PATH_MAX);
if (IS_ERR(file_name)) {
error = PTR_ERR(file_name);
file_name = NULL;
goto out;
}
error = validate_name(file_name);
if (error)
goto out;
if (args.source_offset % INCFS_DATA_FILE_BLOCK_SIZE) {
error = -EINVAL;
goto out;
}
/* Validate file mapping is in range */
source_file_name = file_id_to_str(args.source_file_id);
if (!source_file_name) {
pr_warn("Failed to alloc source_file_name\n");
error = -ENOMEM;
goto out;
}
source_file_dentry = incfs_lookup_dentry(mi->mi_index_dir,
source_file_name);
if (!source_file_dentry) {
pr_warn("Source file does not exist\n");
error = -EINVAL;
goto out;
}
if (IS_ERR(source_file_dentry)) {
pr_warn("Error opening source file\n");
error = PTR_ERR(source_file_dentry);
source_file_dentry = NULL;
goto out;
}
if (!d_really_is_positive(source_file_dentry)) {
pr_warn("Source file dentry negative\n");
error = -EINVAL;
goto out;
}
error = vfs_getxattr(&init_user_ns, source_file_dentry, INCFS_XATTR_SIZE_NAME,
(char *)&size_attr_value, sizeof(size_attr_value));
if (error < 0)
goto out;
if (error != sizeof(size_attr_value)) {
pr_warn("Mapped file has no size attr\n");
error = -EINVAL;
goto out;
}
source_file_size = le64_to_cpu(size_attr_value);
if (args.source_offset + args.size > source_file_size) {
pr_warn("Mapped file out of range\n");
error = -EINVAL;
goto out;
}
/* Find a directory to put the file into. */
error = dir_relative_path_resolve(mi,
u64_to_user_ptr(args.directory_path),
&parent_dir_path, NULL);
if (error)
goto out;
if (parent_dir_path.dentry == mi->mi_index_dir) {
/* Can't create a file directly inside .index */
error = -EBUSY;
goto out;
}
/* Look up a dentry in the parent dir. It should be negative. */
file_dentry = incfs_lookup_dentry(parent_dir_path.dentry,
file_name);
if (!file_dentry) {
error = -EFAULT;
goto out;
}
if (IS_ERR(file_dentry)) {
error = PTR_ERR(file_dentry);
file_dentry = NULL;
goto out;
}
if (d_really_is_positive(file_dentry)) {
error = -EEXIST;
goto out;
}
parent_inode = d_inode(parent_dir_path.dentry);
inode_lock_nested(parent_inode, I_MUTEX_PARENT);
error = vfs_create(&init_user_ns, parent_inode, file_dentry,
args.mode | 0222, true);
inode_unlock(parent_inode);
if (error)
goto out;
error = chmod(file_dentry, args.mode | 0222);
if (error) {
pr_debug("incfs: chmod err: %d\n", error);
goto delete_file;
}
/* Save the file's size as an xattr for easy fetching in future. */
size_attr_value = cpu_to_le64(args.size);
error = vfs_setxattr(&init_user_ns, file_dentry, INCFS_XATTR_SIZE_NAME,
(char *)&size_attr_value, sizeof(size_attr_value),
XATTR_CREATE);
if (error) {
pr_debug("incfs: vfs_setxattr err:%d\n", error);
goto delete_file;
}
error = init_new_mapped_file(mi, file_dentry, &args.source_file_id,
args.size, args.source_offset);
if (error)
goto delete_file;
notify_create(file, u64_to_user_ptr(args.directory_path), file_name,
NULL, false);
goto out;
delete_file:
incfs_unlink(file_dentry);
out:
dput(file_dentry);
dput(source_file_dentry);
path_put(&parent_dir_path);
kfree(file_name);
kfree(source_file_name);
return error;
}
static long ioctl_get_read_timeouts(struct mount_info *mi, void __user *arg)
{
struct incfs_get_read_timeouts_args __user *args_usr_ptr = arg;
struct incfs_get_read_timeouts_args args = {};
int error = 0;
struct incfs_per_uid_read_timeouts *buffer;
int size;
if (copy_from_user(&args, args_usr_ptr, sizeof(args)))
return -EINVAL;
if (args.timeouts_array_size > INCFS_DATA_FILE_BLOCK_SIZE)
return -EINVAL;
buffer = kzalloc(args.timeouts_array_size, GFP_NOFS);
if (!buffer)
return -ENOMEM;
spin_lock(&mi->mi_per_uid_read_timeouts_lock);
size = mi->mi_per_uid_read_timeouts_size;
if (args.timeouts_array_size < size)
error = -E2BIG;
else if (size)
memcpy(buffer, mi->mi_per_uid_read_timeouts, size);
spin_unlock(&mi->mi_per_uid_read_timeouts_lock);
args.timeouts_array_size_out = size;
if (!error && size)
if (copy_to_user(u64_to_user_ptr(args.timeouts_array), buffer,
size))
error = -EFAULT;
if (!error || error == -E2BIG)
if (copy_to_user(args_usr_ptr, &args, sizeof(args)) > 0)
error = -EFAULT;
kfree(buffer);
return error;
}
static long ioctl_set_read_timeouts(struct mount_info *mi, void __user *arg)
{
struct incfs_set_read_timeouts_args __user *args_usr_ptr = arg;
struct incfs_set_read_timeouts_args args = {};
int error = 0;
int size;
struct incfs_per_uid_read_timeouts *buffer = NULL, *tmp;
int i;
if (copy_from_user(&args, args_usr_ptr, sizeof(args)))
return -EINVAL;
size = args.timeouts_array_size;
if (size) {
if (size > INCFS_DATA_FILE_BLOCK_SIZE ||
size % sizeof(*buffer) != 0)
return -EINVAL;
buffer = kzalloc(size, GFP_NOFS);
if (!buffer)
return -ENOMEM;
if (copy_from_user(buffer, u64_to_user_ptr(args.timeouts_array),
size)) {
error = -EINVAL;
goto out;
}
for (i = 0; i < size / sizeof(*buffer); ++i) {
struct incfs_per_uid_read_timeouts *t = &buffer[i];
if (t->min_pending_time_us > t->max_pending_time_us) {
error = -EINVAL;
goto out;
}
}
}
spin_lock(&mi->mi_per_uid_read_timeouts_lock);
mi->mi_per_uid_read_timeouts_size = size;
tmp = mi->mi_per_uid_read_timeouts;
mi->mi_per_uid_read_timeouts = buffer;
buffer = tmp;
spin_unlock(&mi->mi_per_uid_read_timeouts_lock);
out:
kfree(buffer);
return error;
}
static long ioctl_get_last_read_error(struct mount_info *mi, void __user *arg)
{
struct incfs_get_last_read_error_args __user *args_usr_ptr = arg;
struct incfs_get_last_read_error_args args = {};
int error;
error = mutex_lock_interruptible(&mi->mi_le_mutex);
if (error)
return error;
args.file_id_out = mi->mi_le_file_id;
args.time_us_out = mi->mi_le_time_us;
args.page_out = mi->mi_le_page;
args.errno_out = mi->mi_le_errno;
args.uid_out = mi->mi_le_uid;
mutex_unlock(&mi->mi_le_mutex);
if (copy_to_user(args_usr_ptr, &args, sizeof(args)) > 0)
error = -EFAULT;
return error;
}
static long pending_reads_dispatch_ioctl(struct file *f, unsigned int req,
unsigned long arg)
{
struct mount_info *mi = get_mount_info(file_superblock(f));
switch (req) {
case INCFS_IOC_CREATE_FILE:
return ioctl_create_file(f, (void __user *)arg);
case INCFS_IOC_PERMIT_FILL:
return ioctl_permit_fill(f, (void __user *)arg);
case INCFS_IOC_CREATE_MAPPED_FILE:
return ioctl_create_mapped_file(f, (void __user *)arg);
case INCFS_IOC_GET_READ_TIMEOUTS:
return ioctl_get_read_timeouts(mi, (void __user *)arg);
case INCFS_IOC_SET_READ_TIMEOUTS:
return ioctl_set_read_timeouts(mi, (void __user *)arg);
case INCFS_IOC_GET_LAST_READ_ERROR:
return ioctl_get_last_read_error(mi, (void __user *)arg);
default:
return -EINVAL;
}
}
static const struct file_operations incfs_pending_reads_file_ops = {
.read = pending_reads_read,
.poll = pending_reads_poll,
.open = pending_reads_open,
.release = pending_reads_release,
.llseek = noop_llseek,
.unlocked_ioctl = pending_reads_dispatch_ioctl,
.compat_ioctl = pending_reads_dispatch_ioctl
};
/*******************************************************************************
* .log pseudo file definition
******************************************************************************/
#define INCFS_LOG_INODE 3
static const char log_file_name[] = INCFS_LOG_FILENAME;
/* State of an open .log file, unique for each file descriptor. */
struct log_file_state {
struct read_log_state state;
};
static ssize_t log_read(struct file *f, char __user *buf, size_t len,
loff_t *ppos)
{
struct log_file_state *log_state = f->private_data;
struct mount_info *mi = get_mount_info(file_superblock(f));
int total_reads_collected = 0;
int rl_size;
ssize_t result = 0;
bool report_uid;
unsigned long page = 0;
struct incfs_pending_read_info *reads_buf = NULL;
struct incfs_pending_read_info2 *reads_buf2 = NULL;
size_t record_size;
ssize_t reads_to_collect;
ssize_t reads_per_page;
if (!mi)
return -EFAULT;
report_uid = mi->mi_options.report_uid;
record_size = report_uid ? sizeof(*reads_buf2) : sizeof(*reads_buf);
reads_to_collect = len / record_size;
reads_per_page = PAGE_SIZE / record_size;
rl_size = READ_ONCE(mi->mi_log.rl_size);
if (rl_size == 0)
return 0;
page = __get_free_page(GFP_NOFS);
if (!page)
return -ENOMEM;
if (report_uid)
reads_buf2 = (struct incfs_pending_read_info2 *)page;
else
reads_buf = (struct incfs_pending_read_info *)page;
reads_to_collect = min_t(ssize_t, rl_size, reads_to_collect);
while (reads_to_collect > 0) {
struct read_log_state next_state;
int reads_collected;
memcpy(&next_state, &log_state->state, sizeof(next_state));
reads_collected = incfs_collect_logged_reads(
mi, &next_state, reads_buf, reads_buf2,
min_t(ssize_t, reads_to_collect, reads_per_page));
if (reads_collected <= 0) {
result = total_reads_collected ?
total_reads_collected * record_size :
reads_collected;
goto out;
}
if (copy_to_user(buf, (void *)page,
reads_collected * record_size)) {
result = total_reads_collected ?
total_reads_collected * record_size :
-EFAULT;
goto out;
}
memcpy(&log_state->state, &next_state, sizeof(next_state));
total_reads_collected += reads_collected;
buf += reads_collected * record_size;
reads_to_collect -= reads_collected;
}
result = total_reads_collected * record_size;
*ppos = 0;
out:
free_page(page);
return result;
}
static __poll_t log_poll(struct file *file, poll_table *wait)
{
struct log_file_state *log_state = file->private_data;
struct mount_info *mi = get_mount_info(file_superblock(file));
int count;
__poll_t ret = 0;
poll_wait(file, &mi->mi_log.ml_notif_wq, wait);
count = incfs_get_uncollected_logs_count(mi, &log_state->state);
if (count >= mi->mi_options.read_log_wakeup_count)
ret = EPOLLIN | EPOLLRDNORM;
return ret;
}
static int log_open(struct inode *inode, struct file *file)
{
struct log_file_state *log_state = NULL;
struct mount_info *mi = get_mount_info(file_superblock(file));
log_state = kzalloc(sizeof(*log_state), GFP_NOFS);
if (!log_state)
return -ENOMEM;
log_state->state = incfs_get_log_state(mi);
file->private_data = log_state;
return 0;
}
static int log_release(struct inode *inode, struct file *file)
{
kfree(file->private_data);
return 0;
}
static const struct file_operations incfs_log_file_ops = {
.read = log_read,
.poll = log_poll,
.open = log_open,
.release = log_release,
.llseek = noop_llseek,
};
/*******************************************************************************
* .blocks_written pseudo file definition
******************************************************************************/
#define INCFS_BLOCKS_WRITTEN_INODE 4
static const char blocks_written_file_name[] = INCFS_BLOCKS_WRITTEN_FILENAME;
/* State of an open .blocks_written file, unique for each file descriptor. */
struct blocks_written_file_state {
unsigned long blocks_written;
};
static ssize_t blocks_written_read(struct file *f, char __user *buf, size_t len,
loff_t *ppos)
{
struct mount_info *mi = get_mount_info(file_superblock(f));
struct blocks_written_file_state *state = f->private_data;
unsigned long blocks_written;
char string[21];
int result = 0;
if (!mi)
return -EFAULT;
blocks_written = atomic_read(&mi->mi_blocks_written);
if (state->blocks_written == blocks_written)
return 0;
result = snprintf(string, sizeof(string), "%lu", blocks_written);
if (result > len)
result = len;
if (copy_to_user(buf, string, result))
return -EFAULT;
state->blocks_written = blocks_written;
return result;
}
static __poll_t blocks_written_poll(struct file *f, poll_table *wait)
{
struct mount_info *mi = get_mount_info(file_superblock(f));
struct blocks_written_file_state *state = f->private_data;
unsigned long blocks_written;
if (!mi)
return 0;
poll_wait(f, &mi->mi_blocks_written_notif_wq, wait);
blocks_written = atomic_read(&mi->mi_blocks_written);
if (state->blocks_written == blocks_written)
return 0;
return EPOLLIN | EPOLLRDNORM;
}
static int blocks_written_open(struct inode *inode, struct file *file)
{
struct blocks_written_file_state *state =
kzalloc(sizeof(*state), GFP_NOFS);
if (!state)
return -ENOMEM;
state->blocks_written = -1;
file->private_data = state;
return 0;
}
static int blocks_written_release(struct inode *inode, struct file *file)
{
kfree(file->private_data);
return 0;
}
static const struct file_operations incfs_blocks_written_file_ops = {
.read = blocks_written_read,
.poll = blocks_written_poll,
.open = blocks_written_open,
.release = blocks_written_release,
.llseek = noop_llseek,
};
/*******************************************************************************
* Generic inode lookup functionality
******************************************************************************/
const struct mem_range incfs_pseudo_file_names[] = {
{ .data = (u8 *)pending_reads_file_name,
.len = ARRAY_SIZE(pending_reads_file_name) - 1 },
{ .data = (u8 *)log_file_name, .len = ARRAY_SIZE(log_file_name) - 1 },
{ .data = (u8 *)blocks_written_file_name,
.len = ARRAY_SIZE(blocks_written_file_name) - 1 }
};
const unsigned long incfs_pseudo_file_inodes[] = { INCFS_PENDING_READS_INODE,
INCFS_LOG_INODE,
INCFS_BLOCKS_WRITTEN_INODE };
static const struct file_operations *const pseudo_file_operations[] = {
&incfs_pending_reads_file_ops, &incfs_log_file_ops,
&incfs_blocks_written_file_ops
};
static bool is_pseudo_filename(struct mem_range name)
{
int i = 0;
for (; i < ARRAY_SIZE(incfs_pseudo_file_names); ++i)
if (incfs_equal_ranges(incfs_pseudo_file_names[i], name))
return true;
return false;
}
static bool get_pseudo_inode(int ino, struct inode *inode)
{
int i = 0;
for (; i < ARRAY_SIZE(incfs_pseudo_file_inodes); ++i)
if (ino == incfs_pseudo_file_inodes[i])
break;
if (i == ARRAY_SIZE(incfs_pseudo_file_inodes))
return false;
inode->i_ctime = (struct timespec64){};
inode->i_mtime = inode->i_ctime;
inode->i_atime = inode->i_ctime;
inode->i_size = 0;
inode->i_ino = ino;
inode->i_private = NULL;
inode_init_owner(&init_user_ns, inode, NULL, S_IFREG | READ_WRITE_FILE_MODE);
inode->i_op = &incfs_file_inode_ops;
inode->i_fop = pseudo_file_operations[i];
return true;
}
struct inode_search {
unsigned long ino;
};
static int inode_test(struct inode *inode, void *opaque)
{
struct inode_search *search = opaque;
return inode->i_ino == search->ino;
}
static int inode_set(struct inode *inode, void *opaque)
{
struct inode_search *search = opaque;
if (get_pseudo_inode(search->ino, inode))
return 0;
/* Unknown inode requested. */
return -EINVAL;
}
static struct inode *fetch_inode(struct super_block *sb, unsigned long ino)
{
struct inode_search search = {
.ino = ino
};
struct inode *inode = iget5_locked(sb, search.ino, inode_test,
inode_set, &search);
if (!inode)
return ERR_PTR(-ENOMEM);
if (inode->i_state & I_NEW)
unlock_new_inode(inode);
return inode;
}
int dir_lookup_pseudo_files(struct super_block *sb, struct dentry *dentry)
{
struct mem_range name_range =
range((u8 *)dentry->d_name.name, dentry->d_name.len);
unsigned long ino;
struct inode *inode;
int i = 0;
for (; i < ARRAY_SIZE(incfs_pseudo_file_names); ++i)
if (incfs_equal_ranges(incfs_pseudo_file_names[i], name_range))
break;
if (i == ARRAY_SIZE(incfs_pseudo_file_names))
return -ENOENT;
ino = incfs_pseudo_file_inodes[i];
inode = fetch_inode(sb, ino);
if (IS_ERR(inode))
return PTR_ERR(inode);
d_add(dentry, inode);
return 0;
}
int emit_pseudo_files(struct dir_context *ctx)
{
loff_t i = ctx->pos;
for (; i < ARRAY_SIZE(incfs_pseudo_file_names); ++i) {
if (!dir_emit(ctx, incfs_pseudo_file_names[i].data,
incfs_pseudo_file_names[i].len,
incfs_pseudo_file_inodes[i], DT_REG))
return -EINVAL;
ctx->pos++;
}
return 0;
}