1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/fdtable.h>
12 #include <linux/pagemap.h>
13 #include <linux/file.h>
14 #include <linux/filter.h>
15 #include <linux/fs_context.h>
16 #include <linux/sched.h>
17 #include <linux/namei.h>
18 #include <linux/slab.h>
19 #include <linux/xattr.h>
20 #include <linux/iversion.h>
21 #include <linux/posix_acl.h>
22
23 #include "../internal.h"
24
fuse_advise_use_readdirplus(struct inode * dir)25 static void fuse_advise_use_readdirplus(struct inode *dir)
26 {
27 struct fuse_inode *fi = get_fuse_inode(dir);
28
29 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
30 }
31
32 #if BITS_PER_LONG >= 64 && !defined(CONFIG_FUSE_BPF)
__fuse_dentry_settime(struct dentry * entry,u64 time)33 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
34 {
35 entry->d_fsdata = (void *) time;
36 }
37
fuse_dentry_time(const struct dentry * entry)38 static inline u64 fuse_dentry_time(const struct dentry *entry)
39 {
40 return (u64)entry->d_fsdata;
41 }
42
43 #else
44
__fuse_dentry_settime(struct dentry * dentry,u64 time)45 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
46 {
47 ((struct fuse_dentry *) dentry->d_fsdata)->time = time;
48 }
49
fuse_dentry_time(const struct dentry * entry)50 static inline u64 fuse_dentry_time(const struct dentry *entry)
51 {
52 return ((struct fuse_dentry *) entry->d_fsdata)->time;
53 }
54 #endif
55
fuse_dentry_settime(struct dentry * dentry,u64 time)56 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
57 {
58 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
59 bool delete = !time && fc->delete_stale;
60 /*
61 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
62 * Don't care about races, either way it's just an optimization
63 */
64 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
65 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
66 spin_lock(&dentry->d_lock);
67 if (!delete)
68 dentry->d_flags &= ~DCACHE_OP_DELETE;
69 else
70 dentry->d_flags |= DCACHE_OP_DELETE;
71 spin_unlock(&dentry->d_lock);
72 }
73
74 __fuse_dentry_settime(dentry, time);
75 }
76
fuse_init_dentry_root(struct dentry * root,struct file * backing_dir)77 void fuse_init_dentry_root(struct dentry *root, struct file *backing_dir)
78 {
79 #ifdef CONFIG_FUSE_BPF
80 struct fuse_dentry *fuse_dentry = root->d_fsdata;
81
82 if (backing_dir) {
83 fuse_dentry->backing_path = backing_dir->f_path;
84 path_get(&fuse_dentry->backing_path);
85 }
86 #endif
87 }
88
89 /*
90 * Set dentry and possibly attribute timeouts from the lookup/mk*
91 * replies
92 */
fuse_change_entry_timeout(struct dentry * entry,struct fuse_entry_out * o)93 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
94 {
95 fuse_dentry_settime(entry,
96 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
97 }
98
entry_attr_timeout(struct fuse_entry_out * o)99 u64 entry_attr_timeout(struct fuse_entry_out *o)
100 {
101 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
102 }
103
fuse_invalidate_attr_mask(struct inode * inode,u32 mask)104 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
105 {
106 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
107 }
108
109 /*
110 * Mark the attributes as stale, so that at the next call to
111 * ->getattr() they will be fetched from userspace
112 */
fuse_invalidate_attr(struct inode * inode)113 void fuse_invalidate_attr(struct inode *inode)
114 {
115 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
116 }
117
fuse_dir_changed(struct inode * dir)118 static void fuse_dir_changed(struct inode *dir)
119 {
120 fuse_invalidate_attr(dir);
121 inode_maybe_inc_iversion(dir, false);
122 }
123
124 /**
125 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
126 * atime is not used.
127 */
fuse_invalidate_atime(struct inode * inode)128 void fuse_invalidate_atime(struct inode *inode)
129 {
130 if (!IS_RDONLY(inode))
131 fuse_invalidate_attr_mask(inode, STATX_ATIME);
132 }
133
134 /*
135 * Just mark the entry as stale, so that a next attempt to look it up
136 * will result in a new lookup call to userspace
137 *
138 * This is called when a dentry is about to become negative and the
139 * timeout is unknown (unlink, rmdir, rename and in some cases
140 * lookup)
141 */
fuse_invalidate_entry_cache(struct dentry * entry)142 void fuse_invalidate_entry_cache(struct dentry *entry)
143 {
144 fuse_dentry_settime(entry, 0);
145 }
146
147 /*
148 * Same as fuse_invalidate_entry_cache(), but also try to remove the
149 * dentry from the hash
150 */
fuse_invalidate_entry(struct dentry * entry)151 static void fuse_invalidate_entry(struct dentry *entry)
152 {
153 d_invalidate(entry);
154 fuse_invalidate_entry_cache(entry);
155 }
156
fuse_lookup_init(struct fuse_conn * fc,struct fuse_args * args,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg,struct fuse_entry_bpf_out * bpf_outarg)157 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
158 u64 nodeid, const struct qstr *name,
159 struct fuse_entry_out *outarg,
160 struct fuse_entry_bpf_out *bpf_outarg)
161 {
162 memset(outarg, 0, sizeof(struct fuse_entry_out));
163 args->opcode = FUSE_LOOKUP;
164 args->nodeid = nodeid;
165 args->in_numargs = 1;
166 args->in_args[0].size = name->len + 1;
167 args->in_args[0].value = name->name;
168 args->out_argvar = true;
169 args->out_numargs = 2;
170 args->out_args[0].size = sizeof(struct fuse_entry_out);
171 args->out_args[0].value = outarg;
172 args->out_args[1].size = sizeof(struct fuse_entry_bpf_out);
173 args->out_args[1].value = bpf_outarg;
174 }
175
176 #ifdef CONFIG_FUSE_BPF
backing_data_changed(struct fuse_inode * fi,struct dentry * entry,struct fuse_entry_bpf * bpf_arg)177 static bool backing_data_changed(struct fuse_inode *fi, struct dentry *entry,
178 struct fuse_entry_bpf *bpf_arg)
179 {
180 struct path new_backing_path;
181 struct inode *new_backing_inode;
182 struct bpf_prog *bpf = NULL;
183 int err;
184 bool ret = true;
185
186 if (!entry || !fi->backing_inode) {
187 ret = false;
188 goto put_backing_file;
189 }
190
191 get_fuse_backing_path(entry, &new_backing_path);
192 new_backing_inode = fi->backing_inode;
193 ihold(new_backing_inode);
194
195 err = fuse_handle_backing(bpf_arg, &new_backing_inode, &new_backing_path);
196
197 if (err)
198 goto put_inode;
199
200 err = fuse_handle_bpf_prog(bpf_arg, entry->d_parent->d_inode, &bpf);
201 if (err)
202 goto put_bpf;
203
204 ret = (bpf != fi->bpf || fi->backing_inode != new_backing_inode ||
205 !path_equal(&get_fuse_dentry(entry)->backing_path, &new_backing_path));
206 put_bpf:
207 if (bpf)
208 bpf_prog_put(bpf);
209 put_inode:
210 iput(new_backing_inode);
211 path_put(&new_backing_path);
212 put_backing_file:
213 if (bpf_arg->backing_file)
214 fput(bpf_arg->backing_file);
215 return ret;
216 }
217 #endif
218
219 /*
220 * Check whether the dentry is still valid
221 *
222 * If the entry validity timeout has expired and the dentry is
223 * positive, try to redo the lookup. If the lookup results in a
224 * different inode, then let the VFS invalidate the dentry and redo
225 * the lookup once more. If the lookup results in the same inode,
226 * then refresh the attributes, timeouts and mark the dentry valid.
227 */
fuse_dentry_revalidate(struct dentry * entry,unsigned int flags)228 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
229 {
230 struct inode *inode;
231 struct dentry *parent;
232 struct fuse_mount *fm;
233 struct fuse_inode *fi;
234 int ret;
235
236 inode = d_inode_rcu(entry);
237 if (inode && fuse_is_bad(inode))
238 goto invalid;
239
240 #ifdef CONFIG_FUSE_BPF
241 /* TODO: Do we need bpf support for revalidate?
242 * If the lower filesystem says the entry is invalid, FUSE probably shouldn't
243 * try to fix that without going through the normal lookup path...
244 */
245 if (get_fuse_dentry(entry)->backing_path.dentry) {
246 ret = fuse_revalidate_backing(entry, flags);
247 if (ret <= 0) {
248 goto out;
249 }
250 }
251 #endif
252 if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
253 (flags & (LOOKUP_EXCL | LOOKUP_REVAL | LOOKUP_RENAME_TARGET))) {
254 struct fuse_entry_out outarg;
255 struct fuse_entry_bpf bpf_arg;
256 FUSE_ARGS(args);
257 struct fuse_forget_link *forget;
258 u64 attr_version;
259
260 /* For negative dentries, always do a fresh lookup */
261 if (!inode)
262 goto invalid;
263
264 ret = -ECHILD;
265 if (flags & LOOKUP_RCU)
266 goto out;
267 fm = get_fuse_mount(inode);
268
269 parent = dget_parent(entry);
270
271 #ifdef CONFIG_FUSE_BPF
272 /* TODO: Once we're handling timeouts for backing inodes, do a
273 * bpf based lookup_revalidate here.
274 */
275 if (get_fuse_inode(parent->d_inode)->backing_inode) {
276 dput(parent);
277 ret = 1;
278 goto out;
279 }
280 #endif
281 forget = fuse_alloc_forget();
282 ret = -ENOMEM;
283 if (!forget) {
284 dput(parent);
285 goto out;
286 }
287
288 attr_version = fuse_get_attr_version(fm->fc);
289
290 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
291 &entry->d_name, &outarg, &bpf_arg.out);
292 ret = fuse_simple_request(fm, &args);
293 dput(parent);
294
295 /* Zero nodeid is same as -ENOENT */
296 if (!ret && !outarg.nodeid)
297 ret = -ENOENT;
298 if (!ret || ret == sizeof(bpf_arg.out)) {
299 fi = get_fuse_inode(inode);
300 if (outarg.nodeid != get_node_id(inode) ||
301 #ifdef CONFIG_FUSE_BPF
302 (ret == sizeof(bpf_arg.out) &&
303 backing_data_changed(fi, entry, &bpf_arg)) ||
304 #endif
305 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
306 fuse_queue_forget(fm->fc, forget,
307 outarg.nodeid, 1);
308 goto invalid;
309 }
310 spin_lock(&fi->lock);
311 fi->nlookup++;
312 spin_unlock(&fi->lock);
313 }
314 kfree(forget);
315 if (ret == -ENOMEM || ret == -EINTR)
316 goto out;
317 if (ret || fuse_invalid_attr(&outarg.attr) ||
318 fuse_stale_inode(inode, outarg.generation, &outarg.attr))
319 goto invalid;
320
321 forget_all_cached_acls(inode);
322 fuse_change_attributes(inode, &outarg.attr,
323 entry_attr_timeout(&outarg),
324 attr_version);
325 fuse_change_entry_timeout(entry, &outarg);
326 } else if (inode) {
327 fi = get_fuse_inode(inode);
328 if (flags & LOOKUP_RCU) {
329 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
330 return -ECHILD;
331 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
332 parent = dget_parent(entry);
333 fuse_advise_use_readdirplus(d_inode(parent));
334 dput(parent);
335 }
336 }
337 ret = 1;
338 out:
339 return ret;
340
341 invalid:
342 ret = 0;
343 goto out;
344 }
345
346 #if BITS_PER_LONG < 64 || defined(CONFIG_FUSE_BPF)
fuse_dentry_init(struct dentry * dentry)347 static int fuse_dentry_init(struct dentry *dentry)
348 {
349 dentry->d_fsdata = kzalloc(sizeof(struct fuse_dentry),
350 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
351
352 return dentry->d_fsdata ? 0 : -ENOMEM;
353 }
fuse_dentry_release(struct dentry * dentry)354 static void fuse_dentry_release(struct dentry *dentry)
355 {
356 struct fuse_dentry *fd = dentry->d_fsdata;
357
358 #ifdef CONFIG_FUSE_BPF
359 if (fd && fd->backing_path.dentry)
360 path_put(&fd->backing_path);
361
362 if (fd && fd->bpf)
363 bpf_prog_put(fd->bpf);
364 #endif
365
366 kfree_rcu(fd, rcu);
367 }
368 #endif
369
fuse_dentry_delete(const struct dentry * dentry)370 static int fuse_dentry_delete(const struct dentry *dentry)
371 {
372 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
373 }
374
375 /*
376 * Create a fuse_mount object with a new superblock (with path->dentry
377 * as the root), and return that mount so it can be auto-mounted on
378 * @path.
379 */
fuse_dentry_automount(struct path * path)380 static struct vfsmount *fuse_dentry_automount(struct path *path)
381 {
382 struct fs_context *fsc;
383 struct vfsmount *mnt;
384 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
385
386 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
387 if (IS_ERR(fsc))
388 return ERR_CAST(fsc);
389
390 /* Pass the FUSE inode of the mount for fuse_get_tree_submount() */
391 fsc->fs_private = mp_fi;
392
393 /* Create the submount */
394 mnt = fc_mount(fsc);
395 if (!IS_ERR(mnt))
396 mntget(mnt);
397
398 put_fs_context(fsc);
399 return mnt;
400 }
401
402 /*
403 * Get the canonical path. Since we must translate to a path, this must be done
404 * in the context of the userspace daemon, however, the userspace daemon cannot
405 * look up paths on its own. Instead, we handle the lookup as a special case
406 * inside of the write request.
407 */
fuse_dentry_canonical_path(const struct path * path,struct path * canonical_path)408 static int fuse_dentry_canonical_path(const struct path *path,
409 struct path *canonical_path)
410 {
411 struct inode *inode = d_inode(path->dentry);
412 //struct fuse_conn *fc = get_fuse_conn(inode);
413 struct fuse_mount *fm = get_fuse_mount_super(path->mnt->mnt_sb);
414 FUSE_ARGS(args);
415 char *path_name;
416 int err;
417
418 #ifdef CONFIG_FUSE_BPF
419 struct fuse_err_ret fer;
420
421 fer = fuse_bpf_backing(inode, struct fuse_dummy_io,
422 fuse_canonical_path_initialize,
423 fuse_canonical_path_backing,
424 fuse_canonical_path_finalize, path,
425 canonical_path);
426 if (fer.ret)
427 return PTR_ERR(fer.result);
428 #endif
429
430 path_name = (char *)get_zeroed_page(GFP_KERNEL);
431 if (!path_name)
432 return -ENOMEM;
433
434 args.opcode = FUSE_CANONICAL_PATH;
435 args.nodeid = get_node_id(inode);
436 args.in_numargs = 0;
437 args.out_numargs = 1;
438 args.out_args[0].size = PATH_MAX;
439 args.out_args[0].value = path_name;
440 args.canonical_path = canonical_path;
441 args.out_argvar = 1;
442
443 err = fuse_simple_request(fm, &args);
444 free_page((unsigned long)path_name);
445 if (err > 0)
446 return 0;
447 if (err < 0)
448 return err;
449
450 canonical_path->dentry = path->dentry;
451 canonical_path->mnt = path->mnt;
452 path_get(canonical_path);
453 return 0;
454 }
455
456 const struct dentry_operations fuse_dentry_operations = {
457 .d_revalidate = fuse_dentry_revalidate,
458 .d_delete = fuse_dentry_delete,
459 #if BITS_PER_LONG < 64 || defined(CONFIG_FUSE_BPF)
460 .d_init = fuse_dentry_init,
461 .d_release = fuse_dentry_release,
462 #endif
463 .d_automount = fuse_dentry_automount,
464 .d_canonical_path = fuse_dentry_canonical_path,
465 };
466
467 const struct dentry_operations fuse_root_dentry_operations = {
468 #if BITS_PER_LONG < 64 || defined(CONFIG_FUSE_BPF)
469 .d_init = fuse_dentry_init,
470 .d_release = fuse_dentry_release,
471 #endif
472 };
473
fuse_valid_type(int m)474 int fuse_valid_type(int m)
475 {
476 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
477 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
478 }
479
fuse_invalid_attr(struct fuse_attr * attr)480 bool fuse_invalid_attr(struct fuse_attr *attr)
481 {
482 return !fuse_valid_type(attr->mode) ||
483 attr->size > LLONG_MAX;
484 }
485
fuse_lookup_name(struct super_block * sb,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg,struct dentry * entry,struct inode ** inode)486 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
487 struct fuse_entry_out *outarg,
488 struct dentry *entry,
489 struct inode **inode)
490 {
491 struct fuse_mount *fm = get_fuse_mount_super(sb);
492 FUSE_ARGS(args);
493 struct fuse_entry_bpf bpf_arg = {0};
494 struct fuse_forget_link *forget;
495 u64 attr_version;
496 int err;
497
498 *inode = NULL;
499 err = -ENAMETOOLONG;
500 if (name->len > FUSE_NAME_MAX)
501 goto out;
502
503 forget = fuse_alloc_forget();
504 err = -ENOMEM;
505 if (!forget)
506 goto out;
507
508 attr_version = fuse_get_attr_version(fm->fc);
509
510 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg, &bpf_arg.out);
511 err = fuse_simple_request(fm, &args);
512
513 #ifdef CONFIG_FUSE_BPF
514 if (err == sizeof(bpf_arg.out)) {
515 /* TODO Make sure this handles invalid handles */
516 struct file *backing_file;
517 struct inode *backing_inode;
518
519 err = -ENOENT;
520 if (!entry)
521 goto out_put_forget;
522
523 err = -EINVAL;
524 backing_file = bpf_arg.backing_file;
525 if (!backing_file)
526 goto out_put_forget;
527
528 if (IS_ERR(backing_file)) {
529 err = PTR_ERR(backing_file);
530 goto out_put_forget;
531 }
532
533 backing_inode = backing_file->f_inode;
534 *inode = fuse_iget_backing(sb, outarg->nodeid, backing_inode);
535 if (!*inode)
536 goto out_put_forget;
537
538 err = fuse_handle_backing(&bpf_arg,
539 &get_fuse_inode(*inode)->backing_inode,
540 &get_fuse_dentry(entry)->backing_path);
541 if (!err)
542 err = fuse_handle_bpf_prog(&bpf_arg, NULL,
543 &get_fuse_inode(*inode)->bpf);
544 if (err) {
545 iput(*inode);
546 *inode = NULL;
547 goto out_put_forget;
548 }
549 } else
550 #endif
551 {
552 /* Zero nodeid is same as -ENOENT, but with valid timeout */
553 if (err || !outarg->nodeid)
554 goto out_put_forget;
555
556 err = -EIO;
557 if (!outarg->nodeid)
558 goto out_put_forget;
559 if (fuse_invalid_attr(&outarg->attr))
560 goto out_put_forget;
561
562 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
563 &outarg->attr, entry_attr_timeout(outarg),
564 attr_version);
565 }
566
567 err = -ENOMEM;
568 if (!*inode && outarg->nodeid) {
569 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
570 goto out;
571 }
572 err = 0;
573
574 out_put_forget:
575 kfree(forget);
576 out:
577 if (bpf_arg.backing_file)
578 fput(bpf_arg.backing_file);
579 return err;
580 }
581
fuse_lookup(struct inode * dir,struct dentry * entry,unsigned int flags)582 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
583 unsigned int flags)
584 {
585 int err;
586 struct fuse_entry_out outarg;
587 struct inode *inode;
588 struct dentry *newent;
589 bool outarg_valid = true;
590 bool locked;
591
592 #ifdef CONFIG_FUSE_BPF
593 struct fuse_err_ret fer;
594
595 fer = fuse_bpf_backing(dir, struct fuse_lookup_io,
596 fuse_lookup_initialize, fuse_lookup_backing,
597 fuse_lookup_finalize,
598 dir, entry, flags);
599 if (fer.ret)
600 return fer.result;
601 #endif
602
603 if (fuse_is_bad(dir))
604 return ERR_PTR(-EIO);
605
606 locked = fuse_lock_inode(dir);
607 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
608 &outarg, entry, &inode);
609 fuse_unlock_inode(dir, locked);
610 if (err == -ENOENT) {
611 outarg_valid = false;
612 err = 0;
613 }
614 if (err)
615 goto out_err;
616
617 err = -EIO;
618 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
619 goto out_iput;
620
621 newent = d_splice_alias(inode, entry);
622 err = PTR_ERR(newent);
623 if (IS_ERR(newent))
624 goto out_err;
625
626 entry = newent ? newent : entry;
627 if (outarg_valid)
628 fuse_change_entry_timeout(entry, &outarg);
629 else
630 fuse_invalidate_entry_cache(entry);
631
632 if (inode)
633 fuse_advise_use_readdirplus(dir);
634 return newent;
635
636 out_iput:
637 iput(inode);
638 out_err:
639 return ERR_PTR(err);
640 }
641
642 /*
643 * Atomic create+open operation
644 *
645 * If the filesystem doesn't support this, then fall back to separate
646 * 'mknod' + 'open' requests.
647 */
fuse_create_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned int flags,umode_t mode)648 static int fuse_create_open(struct inode *dir, struct dentry *entry,
649 struct file *file, unsigned int flags,
650 umode_t mode)
651 {
652 int err;
653 struct inode *inode;
654 struct fuse_conn *fc = get_fuse_conn(dir);
655 struct fuse_mount *fm = get_fuse_mount(dir);
656 FUSE_ARGS(args);
657 struct fuse_forget_link *forget;
658 struct fuse_create_in inarg;
659 struct fuse_open_out outopen;
660 struct fuse_entry_out outentry;
661 struct fuse_inode *fi;
662 struct fuse_file *ff;
663 bool trunc = flags & O_TRUNC;
664
665 /* Userspace expects S_IFREG in create mode */
666 BUG_ON((mode & S_IFMT) != S_IFREG);
667
668 #ifdef CONFIG_FUSE_BPF
669 {
670 struct fuse_err_ret fer;
671
672 fer = fuse_bpf_backing(dir, struct fuse_create_open_io,
673 fuse_create_open_initialize,
674 fuse_create_open_backing,
675 fuse_create_open_finalize,
676 dir, entry, file, flags, mode);
677 if (fer.ret)
678 return PTR_ERR(fer.result);
679 }
680 #endif
681
682 forget = fuse_alloc_forget();
683 err = -ENOMEM;
684 if (!forget)
685 goto out_err;
686
687 err = -ENOMEM;
688 ff = fuse_file_alloc(fm);
689 if (!ff)
690 goto out_put_forget_req;
691
692 if (!fm->fc->dont_mask)
693 mode &= ~current_umask();
694
695 flags &= ~O_NOCTTY;
696 memset(&inarg, 0, sizeof(inarg));
697 memset(&outentry, 0, sizeof(outentry));
698 inarg.flags = flags;
699 inarg.mode = mode;
700 inarg.umask = current_umask();
701
702 if (fm->fc->handle_killpriv_v2 && trunc &&
703 !(flags & O_EXCL) && !capable(CAP_FSETID)) {
704 inarg.open_flags |= FUSE_OPEN_KILL_SUIDGID;
705 }
706
707 args.opcode = FUSE_CREATE;
708 args.nodeid = get_node_id(dir);
709 args.in_numargs = 2;
710 args.in_args[0].size = sizeof(inarg);
711 args.in_args[0].value = &inarg;
712 args.in_args[1].size = entry->d_name.len + 1;
713 args.in_args[1].value = entry->d_name.name;
714 args.out_numargs = 2;
715 args.out_args[0].size = sizeof(outentry);
716 args.out_args[0].value = &outentry;
717 args.out_args[1].size = sizeof(outopen);
718 args.out_args[1].value = &outopen;
719 err = fuse_simple_request(fm, &args);
720 if (err)
721 goto out_free_ff;
722
723 err = -EIO;
724 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
725 fuse_invalid_attr(&outentry.attr))
726 goto out_free_ff;
727
728 ff->fh = outopen.fh;
729 ff->nodeid = outentry.nodeid;
730 ff->open_flags = outopen.open_flags;
731 fuse_passthrough_setup(fc, ff, &outopen);
732 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
733 &outentry.attr, entry_attr_timeout(&outentry), 0);
734 if (!inode) {
735 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
736 fuse_sync_release(NULL, ff, flags);
737 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
738 err = -ENOMEM;
739 goto out_err;
740 }
741 kfree(forget);
742 d_instantiate(entry, inode);
743 fuse_change_entry_timeout(entry, &outentry);
744 fuse_dir_changed(dir);
745 err = finish_open(file, entry, generic_file_open);
746 if (err) {
747 fi = get_fuse_inode(inode);
748 fuse_sync_release(fi, ff, flags);
749 } else {
750 file->private_data = ff;
751 fuse_finish_open(inode, file);
752 if (fm->fc->atomic_o_trunc && trunc)
753 truncate_pagecache(inode, 0);
754 else if (!(ff->open_flags & FOPEN_KEEP_CACHE))
755 invalidate_inode_pages2(inode->i_mapping);
756 }
757 return err;
758
759 out_free_ff:
760 fuse_file_free(ff);
761 out_put_forget_req:
762 kfree(forget);
763 out_err:
764 return err;
765 }
766
767 static int fuse_mknod(struct user_namespace *, struct inode *, struct dentry *,
768 umode_t, dev_t);
fuse_atomic_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode)769 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
770 struct file *file, unsigned flags,
771 umode_t mode)
772 {
773 int err;
774 struct fuse_conn *fc = get_fuse_conn(dir);
775 struct dentry *res = NULL;
776
777 if (fuse_is_bad(dir))
778 return -EIO;
779
780 if (d_in_lookup(entry)) {
781 res = fuse_lookup(dir, entry, 0);
782 if (IS_ERR(res))
783 return PTR_ERR(res);
784
785 if (res)
786 entry = res;
787 }
788
789 if (!(flags & O_CREAT) || d_really_is_positive(entry))
790 goto no_open;
791
792 /* Only creates */
793 file->f_mode |= FMODE_CREATED;
794
795 if (fc->no_create)
796 goto mknod;
797
798 err = fuse_create_open(dir, entry, file, flags, mode);
799 if (err == -ENOSYS) {
800 fc->no_create = 1;
801 goto mknod;
802 }
803 out_dput:
804 dput(res);
805 return err;
806
807 mknod:
808 err = fuse_mknod(&init_user_ns, dir, entry, mode, 0);
809 if (err)
810 goto out_dput;
811 no_open:
812 return finish_no_open(file, res);
813 }
814
815 /*
816 * Code shared between mknod, mkdir, symlink and link
817 */
create_new_entry(struct fuse_mount * fm,struct fuse_args * args,struct inode * dir,struct dentry * entry,umode_t mode)818 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args,
819 struct inode *dir, struct dentry *entry,
820 umode_t mode)
821 {
822 struct fuse_entry_out outarg;
823 struct inode *inode;
824 struct dentry *d;
825 int err;
826 struct fuse_forget_link *forget;
827
828 if (fuse_is_bad(dir))
829 return -EIO;
830
831 forget = fuse_alloc_forget();
832 if (!forget)
833 return -ENOMEM;
834
835 memset(&outarg, 0, sizeof(outarg));
836 args->nodeid = get_node_id(dir);
837 args->out_numargs = 1;
838 args->out_args[0].size = sizeof(outarg);
839 args->out_args[0].value = &outarg;
840 err = fuse_simple_request(fm, args);
841 if (err)
842 goto out_put_forget_req;
843
844 err = -EIO;
845 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
846 goto out_put_forget_req;
847
848 if ((outarg.attr.mode ^ mode) & S_IFMT)
849 goto out_put_forget_req;
850
851 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
852 &outarg.attr, entry_attr_timeout(&outarg), 0);
853 if (!inode) {
854 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
855 return -ENOMEM;
856 }
857 kfree(forget);
858
859 d_drop(entry);
860 d = d_splice_alias(inode, entry);
861 if (IS_ERR(d))
862 return PTR_ERR(d);
863
864 if (d) {
865 fuse_change_entry_timeout(d, &outarg);
866 dput(d);
867 } else {
868 fuse_change_entry_timeout(entry, &outarg);
869 }
870 fuse_dir_changed(dir);
871 return 0;
872
873 out_put_forget_req:
874 kfree(forget);
875 return err;
876 }
877
fuse_mknod(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,umode_t mode,dev_t rdev)878 static int fuse_mknod(struct user_namespace *mnt_userns, struct inode *dir,
879 struct dentry *entry, umode_t mode, dev_t rdev)
880 {
881 struct fuse_mknod_in inarg;
882 struct fuse_mount *fm = get_fuse_mount(dir);
883 FUSE_ARGS(args);
884
885 #ifdef CONFIG_FUSE_BPF
886 struct fuse_err_ret fer;
887
888 fer = fuse_bpf_backing(dir, struct fuse_mknod_in,
889 fuse_mknod_initialize, fuse_mknod_backing,
890 fuse_mknod_finalize,
891 dir, entry, mode, rdev);
892 if (fer.ret)
893 return PTR_ERR(fer.result);
894 #endif
895
896 if (!fm->fc->dont_mask)
897 mode &= ~current_umask();
898
899 memset(&inarg, 0, sizeof(inarg));
900 inarg.mode = mode;
901 inarg.rdev = new_encode_dev(rdev);
902 inarg.umask = current_umask();
903 args.opcode = FUSE_MKNOD;
904 args.in_numargs = 2;
905 args.in_args[0].size = sizeof(inarg);
906 args.in_args[0].value = &inarg;
907 args.in_args[1].size = entry->d_name.len + 1;
908 args.in_args[1].value = entry->d_name.name;
909 return create_new_entry(fm, &args, dir, entry, mode);
910 }
911
fuse_create(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,umode_t mode,bool excl)912 static int fuse_create(struct user_namespace *mnt_userns, struct inode *dir,
913 struct dentry *entry, umode_t mode, bool excl)
914 {
915 return fuse_mknod(&init_user_ns, dir, entry, mode, 0);
916 }
917
fuse_mkdir(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,umode_t mode)918 static int fuse_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
919 struct dentry *entry, umode_t mode)
920 {
921 struct fuse_mkdir_in inarg;
922 struct fuse_mount *fm = get_fuse_mount(dir);
923 FUSE_ARGS(args);
924
925 #ifdef CONFIG_FUSE_BPF
926 struct fuse_err_ret fer;
927
928 fer = fuse_bpf_backing(dir, struct fuse_mkdir_in,
929 fuse_mkdir_initialize, fuse_mkdir_backing,
930 fuse_mkdir_finalize,
931 dir, entry, mode);
932 if (fer.ret)
933 return PTR_ERR(fer.result);
934 #endif
935
936 if (!fm->fc->dont_mask)
937 mode &= ~current_umask();
938
939 memset(&inarg, 0, sizeof(inarg));
940 inarg.mode = mode;
941 inarg.umask = current_umask();
942 args.opcode = FUSE_MKDIR;
943 args.in_numargs = 2;
944 args.in_args[0].size = sizeof(inarg);
945 args.in_args[0].value = &inarg;
946 args.in_args[1].size = entry->d_name.len + 1;
947 args.in_args[1].value = entry->d_name.name;
948 return create_new_entry(fm, &args, dir, entry, S_IFDIR);
949 }
950
fuse_symlink(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,const char * link)951 static int fuse_symlink(struct user_namespace *mnt_userns, struct inode *dir,
952 struct dentry *entry, const char *link)
953 {
954 struct fuse_mount *fm = get_fuse_mount(dir);
955 unsigned len = strlen(link) + 1;
956 FUSE_ARGS(args);
957
958 #ifdef CONFIG_FUSE_BPF
959 struct fuse_err_ret fer;
960
961 fer = fuse_bpf_backing(dir, struct fuse_dummy_io,
962 fuse_symlink_initialize, fuse_symlink_backing,
963 fuse_symlink_finalize,
964 dir, entry, link, len);
965 if (fer.ret)
966 return PTR_ERR(fer.result);
967 #endif
968
969 args.opcode = FUSE_SYMLINK;
970 args.in_numargs = 2;
971 args.in_args[0].size = entry->d_name.len + 1;
972 args.in_args[0].value = entry->d_name.name;
973 args.in_args[1].size = len;
974 args.in_args[1].value = link;
975 return create_new_entry(fm, &args, dir, entry, S_IFLNK);
976 }
977
fuse_flush_time_update(struct inode * inode)978 void fuse_flush_time_update(struct inode *inode)
979 {
980 int err = sync_inode_metadata(inode, 1);
981
982 mapping_set_error(inode->i_mapping, err);
983 }
984
fuse_update_ctime(struct inode * inode)985 void fuse_update_ctime(struct inode *inode)
986 {
987 if (!IS_NOCMTIME(inode)) {
988 inode->i_ctime = current_time(inode);
989 mark_inode_dirty_sync(inode);
990 fuse_flush_time_update(inode);
991 }
992 }
993
fuse_unlink(struct inode * dir,struct dentry * entry)994 static int fuse_unlink(struct inode *dir, struct dentry *entry)
995 {
996 int err;
997 struct fuse_mount *fm = get_fuse_mount(dir);
998 FUSE_ARGS(args);
999
1000 if (fuse_is_bad(dir))
1001 return -EIO;
1002
1003 #ifdef CONFIG_FUSE_BPF
1004 {
1005 struct fuse_err_ret fer;
1006
1007 fer = fuse_bpf_backing(dir, struct fuse_dummy_io,
1008 fuse_unlink_initialize,
1009 fuse_unlink_backing,
1010 fuse_unlink_finalize,
1011 dir, entry);
1012 if (fer.ret)
1013 return PTR_ERR(fer.result);
1014 }
1015 #endif
1016
1017 args.opcode = FUSE_UNLINK;
1018 args.nodeid = get_node_id(dir);
1019 args.in_numargs = 1;
1020 args.in_args[0].size = entry->d_name.len + 1;
1021 args.in_args[0].value = entry->d_name.name;
1022 err = fuse_simple_request(fm, &args);
1023 if (!err) {
1024 struct inode *inode = d_inode(entry);
1025 struct fuse_inode *fi = get_fuse_inode(inode);
1026
1027 spin_lock(&fi->lock);
1028 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version);
1029 /*
1030 * If i_nlink == 0 then unlink doesn't make sense, yet this can
1031 * happen if userspace filesystem is careless. It would be
1032 * difficult to enforce correct nlink usage so just ignore this
1033 * condition here
1034 */
1035 if (inode->i_nlink > 0)
1036 drop_nlink(inode);
1037 spin_unlock(&fi->lock);
1038 fuse_invalidate_attr(inode);
1039 fuse_dir_changed(dir);
1040 fuse_invalidate_entry_cache(entry);
1041 fuse_update_ctime(inode);
1042 } else if (err == -EINTR)
1043 fuse_invalidate_entry(entry);
1044 return err;
1045 }
1046
fuse_rmdir(struct inode * dir,struct dentry * entry)1047 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
1048 {
1049 int err;
1050 struct fuse_mount *fm = get_fuse_mount(dir);
1051 FUSE_ARGS(args);
1052
1053 if (fuse_is_bad(dir))
1054 return -EIO;
1055
1056 #ifdef CONFIG_FUSE_BPF
1057 {
1058 struct fuse_err_ret fer;
1059
1060 fer = fuse_bpf_backing(dir, struct fuse_dummy_io,
1061 fuse_rmdir_initialize,
1062 fuse_rmdir_backing,
1063 fuse_rmdir_finalize,
1064 dir, entry);
1065 if (fer.ret)
1066 return PTR_ERR(fer.result);
1067 }
1068 #endif
1069
1070 args.opcode = FUSE_RMDIR;
1071 args.nodeid = get_node_id(dir);
1072 args.in_numargs = 1;
1073 args.in_args[0].size = entry->d_name.len + 1;
1074 args.in_args[0].value = entry->d_name.name;
1075 err = fuse_simple_request(fm, &args);
1076 if (!err) {
1077 clear_nlink(d_inode(entry));
1078 fuse_dir_changed(dir);
1079 fuse_invalidate_entry_cache(entry);
1080 } else if (err == -EINTR)
1081 fuse_invalidate_entry(entry);
1082 return err;
1083 }
1084
fuse_rename_common(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags,int opcode,size_t argsize)1085 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
1086 struct inode *newdir, struct dentry *newent,
1087 unsigned int flags, int opcode, size_t argsize)
1088 {
1089 int err;
1090 struct fuse_rename2_in inarg;
1091 struct fuse_mount *fm = get_fuse_mount(olddir);
1092 FUSE_ARGS(args);
1093
1094 memset(&inarg, 0, argsize);
1095 inarg.newdir = get_node_id(newdir);
1096 inarg.flags = flags;
1097 args.opcode = opcode;
1098 args.nodeid = get_node_id(olddir);
1099 args.in_numargs = 3;
1100 args.in_args[0].size = argsize;
1101 args.in_args[0].value = &inarg;
1102 args.in_args[1].size = oldent->d_name.len + 1;
1103 args.in_args[1].value = oldent->d_name.name;
1104 args.in_args[2].size = newent->d_name.len + 1;
1105 args.in_args[2].value = newent->d_name.name;
1106 err = fuse_simple_request(fm, &args);
1107 if (!err) {
1108 /* ctime changes */
1109 fuse_invalidate_attr(d_inode(oldent));
1110 fuse_update_ctime(d_inode(oldent));
1111
1112 if (flags & RENAME_EXCHANGE) {
1113 fuse_invalidate_attr(d_inode(newent));
1114 fuse_update_ctime(d_inode(newent));
1115 }
1116
1117 fuse_dir_changed(olddir);
1118 if (olddir != newdir)
1119 fuse_dir_changed(newdir);
1120
1121 /* newent will end up negative */
1122 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
1123 fuse_invalidate_attr(d_inode(newent));
1124 fuse_invalidate_entry_cache(newent);
1125 fuse_update_ctime(d_inode(newent));
1126 }
1127 } else if (err == -EINTR) {
1128 /* If request was interrupted, DEITY only knows if the
1129 rename actually took place. If the invalidation
1130 fails (e.g. some process has CWD under the renamed
1131 directory), then there can be inconsistency between
1132 the dcache and the real filesystem. Tough luck. */
1133 fuse_invalidate_entry(oldent);
1134 if (d_really_is_positive(newent))
1135 fuse_invalidate_entry(newent);
1136 }
1137
1138 return err;
1139 }
1140
fuse_rename2(struct user_namespace * mnt_userns,struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags)1141 static int fuse_rename2(struct user_namespace *mnt_userns, struct inode *olddir,
1142 struct dentry *oldent, struct inode *newdir,
1143 struct dentry *newent, unsigned int flags)
1144 {
1145 struct fuse_conn *fc = get_fuse_conn(olddir);
1146 int err;
1147
1148 if (fuse_is_bad(olddir))
1149 return -EIO;
1150
1151 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
1152 return -EINVAL;
1153
1154 if (flags) {
1155 #ifdef CONFIG_FUSE_BPF
1156 struct fuse_err_ret fer;
1157
1158 fer = fuse_bpf_backing(olddir, struct fuse_rename2_in,
1159 fuse_rename2_initialize, fuse_rename2_backing,
1160 fuse_rename2_finalize,
1161 olddir, oldent, newdir, newent, flags);
1162 if (fer.ret)
1163 return PTR_ERR(fer.result);
1164 #endif
1165
1166 /* TODO: how should this go with bpfs involved? */
1167 if (fc->no_rename2 || fc->minor < 23)
1168 return -EINVAL;
1169
1170 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
1171 FUSE_RENAME2,
1172 sizeof(struct fuse_rename2_in));
1173 if (err == -ENOSYS) {
1174 fc->no_rename2 = 1;
1175 err = -EINVAL;
1176 }
1177 } else {
1178 #ifdef CONFIG_FUSE_BPF
1179 struct fuse_err_ret fer;
1180
1181 fer = fuse_bpf_backing(olddir, struct fuse_rename_in,
1182 fuse_rename_initialize, fuse_rename_backing,
1183 fuse_rename_finalize,
1184 olddir, oldent, newdir, newent);
1185 if (fer.ret)
1186 return PTR_ERR(fer.result);
1187 #endif
1188
1189 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
1190 FUSE_RENAME,
1191 sizeof(struct fuse_rename_in));
1192 }
1193
1194 return err;
1195 }
1196
fuse_link(struct dentry * entry,struct inode * newdir,struct dentry * newent)1197 static int fuse_link(struct dentry *entry, struct inode *newdir,
1198 struct dentry *newent)
1199 {
1200 int err;
1201 struct fuse_link_in inarg;
1202 struct inode *inode = d_inode(entry);
1203 struct fuse_mount *fm = get_fuse_mount(inode);
1204 FUSE_ARGS(args);
1205
1206 #ifdef CONFIG_FUSE_BPF
1207 struct fuse_err_ret fer;
1208
1209 fer = fuse_bpf_backing(inode, struct fuse_link_in, fuse_link_initialize,
1210 fuse_link_backing, fuse_link_finalize, entry,
1211 newdir, newent);
1212 if (fer.ret)
1213 return PTR_ERR(fer.result);
1214 #endif
1215
1216 memset(&inarg, 0, sizeof(inarg));
1217 inarg.oldnodeid = get_node_id(inode);
1218 args.opcode = FUSE_LINK;
1219 args.in_numargs = 2;
1220 args.in_args[0].size = sizeof(inarg);
1221 args.in_args[0].value = &inarg;
1222 args.in_args[1].size = newent->d_name.len + 1;
1223 args.in_args[1].value = newent->d_name.name;
1224 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode);
1225 /* Contrary to "normal" filesystems it can happen that link
1226 makes two "logical" inodes point to the same "physical"
1227 inode. We invalidate the attributes of the old one, so it
1228 will reflect changes in the backing inode (link count,
1229 etc.)
1230 */
1231 if (!err) {
1232 struct fuse_inode *fi = get_fuse_inode(inode);
1233
1234 spin_lock(&fi->lock);
1235 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version);
1236 if (likely(inode->i_nlink < UINT_MAX))
1237 inc_nlink(inode);
1238 spin_unlock(&fi->lock);
1239 fuse_invalidate_attr(inode);
1240 fuse_update_ctime(inode);
1241 } else if (err == -EINTR) {
1242 fuse_invalidate_attr(inode);
1243 }
1244 return err;
1245 }
1246
fuse_fillattr(struct inode * inode,struct fuse_attr * attr,struct kstat * stat)1247 void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
1248 struct kstat *stat)
1249 {
1250 unsigned int blkbits;
1251 struct fuse_conn *fc = get_fuse_conn(inode);
1252
1253 /* see the comment in fuse_change_attributes() */
1254 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
1255 attr->size = i_size_read(inode);
1256 attr->mtime = inode->i_mtime.tv_sec;
1257 attr->mtimensec = inode->i_mtime.tv_nsec;
1258 attr->ctime = inode->i_ctime.tv_sec;
1259 attr->ctimensec = inode->i_ctime.tv_nsec;
1260 }
1261
1262 stat->dev = inode->i_sb->s_dev;
1263 stat->ino = attr->ino;
1264 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
1265 stat->nlink = attr->nlink;
1266 stat->uid = make_kuid(fc->user_ns, attr->uid);
1267 stat->gid = make_kgid(fc->user_ns, attr->gid);
1268 stat->rdev = inode->i_rdev;
1269 stat->atime.tv_sec = attr->atime;
1270 stat->atime.tv_nsec = attr->atimensec;
1271 stat->mtime.tv_sec = attr->mtime;
1272 stat->mtime.tv_nsec = attr->mtimensec;
1273 stat->ctime.tv_sec = attr->ctime;
1274 stat->ctime.tv_nsec = attr->ctimensec;
1275 stat->size = attr->size;
1276 stat->blocks = attr->blocks;
1277
1278 if (attr->blksize != 0)
1279 blkbits = ilog2(attr->blksize);
1280 else
1281 blkbits = inode->i_sb->s_blocksize_bits;
1282
1283 stat->blksize = 1 << blkbits;
1284 }
1285
fuse_do_getattr(struct inode * inode,struct kstat * stat,struct file * file)1286 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
1287 struct file *file)
1288 {
1289 int err;
1290 struct fuse_getattr_in inarg;
1291 struct fuse_attr_out outarg;
1292 struct fuse_mount *fm = get_fuse_mount(inode);
1293 FUSE_ARGS(args);
1294 u64 attr_version;
1295
1296 attr_version = fuse_get_attr_version(fm->fc);
1297
1298 memset(&inarg, 0, sizeof(inarg));
1299 memset(&outarg, 0, sizeof(outarg));
1300 /* Directories have separate file-handle space */
1301 if (file && S_ISREG(inode->i_mode)) {
1302 struct fuse_file *ff = file->private_data;
1303
1304 inarg.getattr_flags |= FUSE_GETATTR_FH;
1305 inarg.fh = ff->fh;
1306 }
1307 args.opcode = FUSE_GETATTR;
1308 args.nodeid = get_node_id(inode);
1309 args.in_numargs = 1;
1310 args.in_args[0].size = sizeof(inarg);
1311 args.in_args[0].value = &inarg;
1312 args.out_numargs = 1;
1313 args.out_args[0].size = sizeof(outarg);
1314 args.out_args[0].value = &outarg;
1315 err = fuse_simple_request(fm, &args);
1316 if (!err)
1317 err = finalize_attr(inode, &outarg, attr_version, stat);
1318 return err;
1319 }
1320
fuse_update_get_attr(struct inode * inode,struct file * file,const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1321 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1322 const struct path *path,
1323 struct kstat *stat, u32 request_mask,
1324 unsigned int flags)
1325 {
1326 struct fuse_inode *fi = get_fuse_inode(inode);
1327 int err = 0;
1328 bool sync;
1329
1330 #ifdef CONFIG_FUSE_BPF
1331 struct fuse_err_ret fer;
1332
1333 fer = fuse_bpf_backing(inode, struct fuse_getattr_io,
1334 fuse_getattr_initialize, fuse_getattr_backing,
1335 fuse_getattr_finalize,
1336 path->dentry, stat, request_mask, flags);
1337 if (fer.ret)
1338 return PTR_ERR(fer.result);
1339 #endif
1340
1341 if (flags & AT_STATX_FORCE_SYNC)
1342 sync = true;
1343 else if (flags & AT_STATX_DONT_SYNC)
1344 sync = false;
1345 else if (request_mask & READ_ONCE(fi->inval_mask))
1346 sync = true;
1347 else
1348 sync = time_before64(fi->i_time, get_jiffies_64());
1349
1350 if (sync) {
1351 forget_all_cached_acls(inode);
1352 err = fuse_do_getattr(inode, stat, file);
1353 } else if (stat) {
1354 generic_fillattr(&init_user_ns, inode, stat);
1355 stat->mode = fi->orig_i_mode;
1356 stat->ino = fi->orig_ino;
1357 }
1358
1359 return err;
1360 }
1361
fuse_update_attributes(struct inode * inode,struct file * file)1362 int fuse_update_attributes(struct inode *inode, struct file *file)
1363 {
1364 /* Do *not* need to get atime for internal purposes */
1365 return fuse_update_get_attr(inode, file, &file->f_path, NULL,
1366 STATX_BASIC_STATS & ~STATX_ATIME, 0);
1367 }
1368
fuse_reverse_inval_entry(struct fuse_conn * fc,u64 parent_nodeid,u64 child_nodeid,struct qstr * name)1369 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1370 u64 child_nodeid, struct qstr *name)
1371 {
1372 int err = -ENOTDIR;
1373 struct inode *parent;
1374 struct dentry *dir;
1375 struct dentry *entry;
1376
1377 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1378 if (!parent)
1379 return -ENOENT;
1380
1381 inode_lock_nested(parent, I_MUTEX_PARENT);
1382 if (!S_ISDIR(parent->i_mode))
1383 goto unlock;
1384
1385 err = -ENOENT;
1386 dir = d_find_alias(parent);
1387 if (!dir)
1388 goto unlock;
1389
1390 name->hash = full_name_hash(dir, name->name, name->len);
1391 entry = d_lookup(dir, name);
1392 dput(dir);
1393 if (!entry)
1394 goto unlock;
1395
1396 fuse_dir_changed(parent);
1397 fuse_invalidate_entry(entry);
1398
1399 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1400 inode_lock(d_inode(entry));
1401 if (get_node_id(d_inode(entry)) != child_nodeid) {
1402 err = -ENOENT;
1403 goto badentry;
1404 }
1405 if (d_mountpoint(entry)) {
1406 err = -EBUSY;
1407 goto badentry;
1408 }
1409 if (d_is_dir(entry)) {
1410 shrink_dcache_parent(entry);
1411 if (!simple_empty(entry)) {
1412 err = -ENOTEMPTY;
1413 goto badentry;
1414 }
1415 d_inode(entry)->i_flags |= S_DEAD;
1416 }
1417 dont_mount(entry);
1418 clear_nlink(d_inode(entry));
1419 err = 0;
1420 badentry:
1421 inode_unlock(d_inode(entry));
1422 if (!err)
1423 d_delete(entry);
1424 } else {
1425 err = 0;
1426 }
1427 dput(entry);
1428
1429 unlock:
1430 inode_unlock(parent);
1431 iput(parent);
1432 return err;
1433 }
1434
1435 /*
1436 * Calling into a user-controlled filesystem gives the filesystem
1437 * daemon ptrace-like capabilities over the current process. This
1438 * means, that the filesystem daemon is able to record the exact
1439 * filesystem operations performed, and can also control the behavior
1440 * of the requester process in otherwise impossible ways. For example
1441 * it can delay the operation for arbitrary length of time allowing
1442 * DoS against the requester.
1443 *
1444 * For this reason only those processes can call into the filesystem,
1445 * for which the owner of the mount has ptrace privilege. This
1446 * excludes processes started by other users, suid or sgid processes.
1447 */
fuse_allow_current_process(struct fuse_conn * fc)1448 int fuse_allow_current_process(struct fuse_conn *fc)
1449 {
1450 const struct cred *cred;
1451
1452 if (fc->allow_other)
1453 return current_in_userns(fc->user_ns);
1454
1455 cred = current_cred();
1456 if (uid_eq(cred->euid, fc->user_id) &&
1457 uid_eq(cred->suid, fc->user_id) &&
1458 uid_eq(cred->uid, fc->user_id) &&
1459 gid_eq(cred->egid, fc->group_id) &&
1460 gid_eq(cred->sgid, fc->group_id) &&
1461 gid_eq(cred->gid, fc->group_id))
1462 return 1;
1463
1464 return 0;
1465 }
1466
fuse_access(struct inode * inode,int mask)1467 static int fuse_access(struct inode *inode, int mask)
1468 {
1469 struct fuse_mount *fm = get_fuse_mount(inode);
1470 FUSE_ARGS(args);
1471 struct fuse_access_in inarg;
1472 int err;
1473
1474 #ifdef CONFIG_FUSE_BPF
1475 struct fuse_err_ret fer;
1476
1477 fer = fuse_bpf_backing(inode, struct fuse_access_in,
1478 fuse_access_initialize, fuse_access_backing,
1479 fuse_access_finalize, inode, mask);
1480 if (fer.ret)
1481 return PTR_ERR(fer.result);
1482 #endif
1483
1484 BUG_ON(mask & MAY_NOT_BLOCK);
1485
1486 if (fm->fc->no_access)
1487 return 0;
1488
1489 memset(&inarg, 0, sizeof(inarg));
1490 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1491 args.opcode = FUSE_ACCESS;
1492 args.nodeid = get_node_id(inode);
1493 args.in_numargs = 1;
1494 args.in_args[0].size = sizeof(inarg);
1495 args.in_args[0].value = &inarg;
1496 err = fuse_simple_request(fm, &args);
1497 if (err == -ENOSYS) {
1498 fm->fc->no_access = 1;
1499 err = 0;
1500 }
1501 return err;
1502 }
1503
fuse_perm_getattr(struct inode * inode,int mask)1504 static int fuse_perm_getattr(struct inode *inode, int mask)
1505 {
1506 if (mask & MAY_NOT_BLOCK)
1507 return -ECHILD;
1508
1509 forget_all_cached_acls(inode);
1510 return fuse_do_getattr(inode, NULL, NULL);
1511 }
1512
1513 /*
1514 * Check permission. The two basic access models of FUSE are:
1515 *
1516 * 1) Local access checking ('default_permissions' mount option) based
1517 * on file mode. This is the plain old disk filesystem permission
1518 * modell.
1519 *
1520 * 2) "Remote" access checking, where server is responsible for
1521 * checking permission in each inode operation. An exception to this
1522 * is if ->permission() was invoked from sys_access() in which case an
1523 * access request is sent. Execute permission is still checked
1524 * locally based on file mode.
1525 */
fuse_permission(struct user_namespace * mnt_userns,struct inode * inode,int mask)1526 static int fuse_permission(struct user_namespace *mnt_userns,
1527 struct inode *inode, int mask)
1528 {
1529 struct fuse_conn *fc = get_fuse_conn(inode);
1530 bool refreshed = false;
1531 int err = 0;
1532 struct fuse_inode *fi = get_fuse_inode(inode);
1533 #ifdef CONFIG_FUSE_BPF
1534 struct fuse_err_ret fer;
1535 #endif
1536
1537 if (fuse_is_bad(inode))
1538 return -EIO;
1539
1540 if (!fuse_allow_current_process(fc))
1541 return -EACCES;
1542
1543 #ifdef CONFIG_FUSE_BPF
1544 fer = fuse_bpf_backing(inode, struct fuse_access_in,
1545 fuse_access_initialize, fuse_access_backing,
1546 fuse_access_finalize, inode, mask);
1547 if (fer.ret)
1548 return PTR_ERR(fer.result);
1549 #endif
1550
1551 /*
1552 * If attributes are needed, refresh them before proceeding
1553 */
1554 if (fc->default_permissions ||
1555 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1556 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1557
1558 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1559 time_before64(fi->i_time, get_jiffies_64())) {
1560 refreshed = true;
1561
1562 err = fuse_perm_getattr(inode, mask);
1563 if (err)
1564 return err;
1565 }
1566 }
1567
1568 if (fc->default_permissions) {
1569 err = generic_permission(&init_user_ns, inode, mask);
1570
1571 /* If permission is denied, try to refresh file
1572 attributes. This is also needed, because the root
1573 node will at first have no permissions */
1574 if (err == -EACCES && !refreshed) {
1575 err = fuse_perm_getattr(inode, mask);
1576 if (!err)
1577 err = generic_permission(&init_user_ns,
1578 inode, mask);
1579 }
1580
1581 /* Note: the opposite of the above test does not
1582 exist. So if permissions are revoked this won't be
1583 noticed immediately, only after the attribute
1584 timeout has expired */
1585 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1586 err = fuse_access(inode, mask);
1587 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1588 if (!(inode->i_mode & S_IXUGO)) {
1589 if (refreshed)
1590 return -EACCES;
1591
1592 err = fuse_perm_getattr(inode, mask);
1593 if (!err && !(inode->i_mode & S_IXUGO))
1594 return -EACCES;
1595 }
1596 }
1597 return err;
1598 }
1599
fuse_readlink_page(struct inode * inode,struct page * page)1600 static int fuse_readlink_page(struct inode *inode, struct page *page)
1601 {
1602 struct fuse_mount *fm = get_fuse_mount(inode);
1603 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1604 struct fuse_args_pages ap = {
1605 .num_pages = 1,
1606 .pages = &page,
1607 .descs = &desc,
1608 };
1609 char *link;
1610 ssize_t res;
1611
1612 ap.args.opcode = FUSE_READLINK;
1613 ap.args.nodeid = get_node_id(inode);
1614 ap.args.out_pages = true;
1615 ap.args.out_argvar = true;
1616 ap.args.page_zeroing = true;
1617 ap.args.out_numargs = 1;
1618 ap.args.out_args[0].size = desc.length;
1619 res = fuse_simple_request(fm, &ap.args);
1620
1621 fuse_invalidate_atime(inode);
1622
1623 if (res < 0)
1624 return res;
1625
1626 if (WARN_ON(res >= PAGE_SIZE))
1627 return -EIO;
1628
1629 link = page_address(page);
1630 link[res] = '\0';
1631
1632 return 0;
1633 }
1634
fuse_get_link(struct dentry * dentry,struct inode * inode,struct delayed_call * callback)1635 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1636 struct delayed_call *callback)
1637 {
1638 struct fuse_conn *fc = get_fuse_conn(inode);
1639 struct page *page;
1640 int err;
1641
1642 err = -EIO;
1643 if (fuse_is_bad(inode))
1644 goto out_err;
1645
1646 #ifdef CONFIG_FUSE_BPF
1647 {
1648 struct fuse_err_ret fer;
1649 const char *out = NULL;
1650
1651 fer = fuse_bpf_backing(inode, struct fuse_dummy_io,
1652 fuse_get_link_initialize,
1653 fuse_get_link_backing,
1654 fuse_get_link_finalize,
1655 inode, dentry, callback, &out);
1656 if (fer.ret)
1657 return fer.result ?: out;
1658 }
1659 #endif
1660
1661 if (fc->cache_symlinks)
1662 return page_get_link(dentry, inode, callback);
1663
1664 err = -ECHILD;
1665 if (!dentry)
1666 goto out_err;
1667
1668 page = alloc_page(GFP_KERNEL);
1669 err = -ENOMEM;
1670 if (!page)
1671 goto out_err;
1672
1673 err = fuse_readlink_page(inode, page);
1674 if (err) {
1675 __free_page(page);
1676 goto out_err;
1677 }
1678
1679 set_delayed_call(callback, page_put_link, page);
1680
1681 return page_address(page);
1682
1683 out_err:
1684 return ERR_PTR(err);
1685 }
1686
fuse_dir_open(struct inode * inode,struct file * file)1687 static int fuse_dir_open(struct inode *inode, struct file *file)
1688 {
1689 return fuse_open_common(inode, file, true);
1690 }
1691
fuse_dir_release(struct inode * inode,struct file * file)1692 static int fuse_dir_release(struct inode *inode, struct file *file)
1693 {
1694 fuse_release_common(file, true);
1695 return 0;
1696 }
1697
fuse_dir_fsync(struct file * file,loff_t start,loff_t end,int datasync)1698 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1699 int datasync)
1700 {
1701 struct inode *inode = file->f_mapping->host;
1702 struct fuse_conn *fc = get_fuse_conn(inode);
1703 int err;
1704
1705 if (fuse_is_bad(inode))
1706 return -EIO;
1707
1708 #ifdef CONFIG_FUSE_BPF
1709 {
1710 struct fuse_err_ret fer;
1711
1712 fer = fuse_bpf_backing(inode, struct fuse_fsync_in,
1713 fuse_dir_fsync_initialize, fuse_fsync_backing,
1714 fuse_fsync_finalize,
1715 file, start, end, datasync);
1716 if (fer.ret)
1717 return PTR_ERR(fer.result);
1718 }
1719 #endif
1720
1721 if (fc->no_fsyncdir)
1722 return 0;
1723
1724 inode_lock(inode);
1725 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1726 if (err == -ENOSYS) {
1727 fc->no_fsyncdir = 1;
1728 err = 0;
1729 }
1730 inode_unlock(inode);
1731
1732 return err;
1733 }
1734
fuse_dir_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1735 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1736 unsigned long arg)
1737 {
1738 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1739
1740 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1741 if (fc->minor < 18)
1742 return -ENOTTY;
1743
1744 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1745 }
1746
fuse_dir_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1747 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1748 unsigned long arg)
1749 {
1750 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1751
1752 if (fc->minor < 18)
1753 return -ENOTTY;
1754
1755 return fuse_ioctl_common(file, cmd, arg,
1756 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1757 }
1758
1759 /*
1760 * Prevent concurrent writepages on inode
1761 *
1762 * This is done by adding a negative bias to the inode write counter
1763 * and waiting for all pending writes to finish.
1764 */
fuse_set_nowrite(struct inode * inode)1765 void fuse_set_nowrite(struct inode *inode)
1766 {
1767 struct fuse_inode *fi = get_fuse_inode(inode);
1768
1769 BUG_ON(!inode_is_locked(inode));
1770
1771 spin_lock(&fi->lock);
1772 BUG_ON(fi->writectr < 0);
1773 fi->writectr += FUSE_NOWRITE;
1774 spin_unlock(&fi->lock);
1775 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1776 }
1777
1778 /*
1779 * Allow writepages on inode
1780 *
1781 * Remove the bias from the writecounter and send any queued
1782 * writepages.
1783 */
__fuse_release_nowrite(struct inode * inode)1784 static void __fuse_release_nowrite(struct inode *inode)
1785 {
1786 struct fuse_inode *fi = get_fuse_inode(inode);
1787
1788 BUG_ON(fi->writectr != FUSE_NOWRITE);
1789 fi->writectr = 0;
1790 fuse_flush_writepages(inode);
1791 }
1792
fuse_release_nowrite(struct inode * inode)1793 void fuse_release_nowrite(struct inode *inode)
1794 {
1795 struct fuse_inode *fi = get_fuse_inode(inode);
1796
1797 spin_lock(&fi->lock);
1798 __fuse_release_nowrite(inode);
1799 spin_unlock(&fi->lock);
1800 }
1801
fuse_setattr_fill(struct fuse_conn * fc,struct fuse_args * args,struct inode * inode,struct fuse_setattr_in * inarg_p,struct fuse_attr_out * outarg_p)1802 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1803 struct inode *inode,
1804 struct fuse_setattr_in *inarg_p,
1805 struct fuse_attr_out *outarg_p)
1806 {
1807 args->opcode = FUSE_SETATTR;
1808 args->nodeid = get_node_id(inode);
1809 args->in_numargs = 1;
1810 args->in_args[0].size = sizeof(*inarg_p);
1811 args->in_args[0].value = inarg_p;
1812 args->out_numargs = 1;
1813 args->out_args[0].size = sizeof(*outarg_p);
1814 args->out_args[0].value = outarg_p;
1815 }
1816
1817 /*
1818 * Flush inode->i_mtime to the server
1819 */
fuse_flush_times(struct inode * inode,struct fuse_file * ff)1820 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1821 {
1822 struct fuse_mount *fm = get_fuse_mount(inode);
1823 FUSE_ARGS(args);
1824 struct fuse_setattr_in inarg;
1825 struct fuse_attr_out outarg;
1826
1827 memset(&inarg, 0, sizeof(inarg));
1828 memset(&outarg, 0, sizeof(outarg));
1829
1830 inarg.valid = FATTR_MTIME;
1831 inarg.mtime = inode->i_mtime.tv_sec;
1832 inarg.mtimensec = inode->i_mtime.tv_nsec;
1833 if (fm->fc->minor >= 23) {
1834 inarg.valid |= FATTR_CTIME;
1835 inarg.ctime = inode->i_ctime.tv_sec;
1836 inarg.ctimensec = inode->i_ctime.tv_nsec;
1837 }
1838 if (ff) {
1839 inarg.valid |= FATTR_FH;
1840 inarg.fh = ff->fh;
1841 }
1842 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1843
1844 return fuse_simple_request(fm, &args);
1845 }
1846
1847 /*
1848 * Set attributes, and at the same time refresh them.
1849 *
1850 * Truncation is slightly complicated, because the 'truncate' request
1851 * may fail, in which case we don't want to touch the mapping.
1852 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1853 * and the actual truncation by hand.
1854 */
fuse_do_setattr(struct dentry * dentry,struct iattr * attr,struct file * file)1855 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1856 struct file *file)
1857 {
1858 struct inode *inode = d_inode(dentry);
1859 struct fuse_mount *fm = get_fuse_mount(inode);
1860 struct fuse_conn *fc = fm->fc;
1861 struct fuse_inode *fi = get_fuse_inode(inode);
1862 struct address_space *mapping = inode->i_mapping;
1863 FUSE_ARGS(args);
1864 struct fuse_setattr_in inarg;
1865 struct fuse_attr_out outarg;
1866 bool is_truncate = false;
1867 bool is_wb = fc->writeback_cache;
1868 loff_t oldsize;
1869 int err;
1870 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1871 bool fault_blocked = false;
1872
1873 #ifdef CONFIG_FUSE_BPF
1874 struct fuse_err_ret fer;
1875
1876 fer = fuse_bpf_backing(inode, struct fuse_setattr_io,
1877 fuse_setattr_initialize, fuse_setattr_backing,
1878 fuse_setattr_finalize, dentry, attr, file);
1879 if (fer.ret)
1880 return PTR_ERR(fer.result);
1881 #endif
1882
1883 if (!fc->default_permissions)
1884 attr->ia_valid |= ATTR_FORCE;
1885
1886 err = setattr_prepare(&init_user_ns, dentry, attr);
1887 if (err)
1888 return err;
1889
1890 if (attr->ia_valid & ATTR_SIZE) {
1891 if (WARN_ON(!S_ISREG(inode->i_mode)))
1892 return -EIO;
1893 is_truncate = true;
1894 }
1895
1896 if (FUSE_IS_DAX(inode) && is_truncate) {
1897 filemap_invalidate_lock(mapping);
1898 fault_blocked = true;
1899 err = fuse_dax_break_layouts(inode, 0, 0);
1900 if (err) {
1901 filemap_invalidate_unlock(mapping);
1902 return err;
1903 }
1904 }
1905
1906 if (attr->ia_valid & ATTR_OPEN) {
1907 /* This is coming from open(..., ... | O_TRUNC); */
1908 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1909 WARN_ON(attr->ia_size != 0);
1910 if (fc->atomic_o_trunc) {
1911 /*
1912 * No need to send request to userspace, since actual
1913 * truncation has already been done by OPEN. But still
1914 * need to truncate page cache.
1915 */
1916 i_size_write(inode, 0);
1917 truncate_pagecache(inode, 0);
1918 goto out;
1919 }
1920 file = NULL;
1921 }
1922
1923 /* Flush dirty data/metadata before non-truncate SETATTR */
1924 if (is_wb && S_ISREG(inode->i_mode) &&
1925 attr->ia_valid &
1926 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1927 ATTR_TIMES_SET)) {
1928 err = write_inode_now(inode, true);
1929 if (err)
1930 return err;
1931
1932 fuse_set_nowrite(inode);
1933 fuse_release_nowrite(inode);
1934 }
1935
1936 if (is_truncate) {
1937 fuse_set_nowrite(inode);
1938 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1939 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1940 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1941 }
1942
1943 memset(&inarg, 0, sizeof(inarg));
1944 memset(&outarg, 0, sizeof(outarg));
1945 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1946 if (file) {
1947 struct fuse_file *ff = file->private_data;
1948 inarg.valid |= FATTR_FH;
1949 inarg.fh = ff->fh;
1950 }
1951
1952 /* Kill suid/sgid for non-directory chown unconditionally */
1953 if (fc->handle_killpriv_v2 && !S_ISDIR(inode->i_mode) &&
1954 attr->ia_valid & (ATTR_UID | ATTR_GID))
1955 inarg.valid |= FATTR_KILL_SUIDGID;
1956
1957 if (attr->ia_valid & ATTR_SIZE) {
1958 /* For mandatory locking in truncate */
1959 inarg.valid |= FATTR_LOCKOWNER;
1960 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1961
1962 /* Kill suid/sgid for truncate only if no CAP_FSETID */
1963 if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
1964 inarg.valid |= FATTR_KILL_SUIDGID;
1965 }
1966 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1967 err = fuse_simple_request(fm, &args);
1968 if (err) {
1969 if (err == -EINTR)
1970 fuse_invalidate_attr(inode);
1971 goto error;
1972 }
1973
1974 if (fuse_invalid_attr(&outarg.attr) ||
1975 inode_wrong_type(inode, outarg.attr.mode)) {
1976 fuse_make_bad(inode);
1977 err = -EIO;
1978 goto error;
1979 }
1980
1981 spin_lock(&fi->lock);
1982 /* the kernel maintains i_mtime locally */
1983 if (trust_local_cmtime) {
1984 if (attr->ia_valid & ATTR_MTIME)
1985 inode->i_mtime = attr->ia_mtime;
1986 if (attr->ia_valid & ATTR_CTIME)
1987 inode->i_ctime = attr->ia_ctime;
1988 /* FIXME: clear I_DIRTY_SYNC? */
1989 }
1990
1991 fuse_change_attributes_common(inode, &outarg.attr,
1992 attr_timeout(&outarg));
1993 oldsize = inode->i_size;
1994 /* see the comment in fuse_change_attributes() */
1995 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1996 i_size_write(inode, outarg.attr.size);
1997
1998 if (is_truncate) {
1999 /* NOTE: this may release/reacquire fi->lock */
2000 __fuse_release_nowrite(inode);
2001 }
2002 spin_unlock(&fi->lock);
2003
2004 /*
2005 * Only call invalidate_inode_pages2() after removing
2006 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
2007 */
2008 if ((is_truncate || !is_wb) &&
2009 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
2010 truncate_pagecache(inode, outarg.attr.size);
2011 invalidate_inode_pages2(mapping);
2012 }
2013
2014 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
2015 out:
2016 if (fault_blocked)
2017 filemap_invalidate_unlock(mapping);
2018
2019 return 0;
2020
2021 error:
2022 if (is_truncate)
2023 fuse_release_nowrite(inode);
2024
2025 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
2026
2027 if (fault_blocked)
2028 filemap_invalidate_unlock(mapping);
2029 return err;
2030 }
2031
fuse_setattr(struct user_namespace * mnt_userns,struct dentry * entry,struct iattr * attr)2032 static int fuse_setattr(struct user_namespace *mnt_userns, struct dentry *entry,
2033 struct iattr *attr)
2034 {
2035 struct inode *inode = d_inode(entry);
2036 struct fuse_conn *fc = get_fuse_conn(inode);
2037 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
2038 int ret;
2039
2040 if (fuse_is_bad(inode))
2041 return -EIO;
2042
2043 if (!fuse_allow_current_process(get_fuse_conn(inode)))
2044 return -EACCES;
2045
2046 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
2047 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
2048 ATTR_MODE);
2049
2050 /*
2051 * The only sane way to reliably kill suid/sgid is to do it in
2052 * the userspace filesystem
2053 *
2054 * This should be done on write(), truncate() and chown().
2055 */
2056 if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
2057 #ifdef CONFIG_FUSE_BPF
2058 struct fuse_err_ret fer;
2059
2060 /*
2061 * ia_mode calculation may have used stale i_mode.
2062 * Refresh and recalculate.
2063 */
2064 fer = fuse_bpf_backing(inode, struct fuse_getattr_io,
2065 fuse_getattr_initialize, fuse_getattr_backing,
2066 fuse_getattr_finalize,
2067 entry, NULL, 0, 0);
2068 if (fer.ret)
2069 ret = PTR_ERR(fer.result);
2070 else
2071 #endif
2072 ret = fuse_do_getattr(inode, NULL, file);
2073 if (ret)
2074 return ret;
2075
2076 attr->ia_mode = inode->i_mode;
2077 if (inode->i_mode & S_ISUID) {
2078 attr->ia_valid |= ATTR_MODE;
2079 attr->ia_mode &= ~S_ISUID;
2080 }
2081 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
2082 attr->ia_valid |= ATTR_MODE;
2083 attr->ia_mode &= ~S_ISGID;
2084 }
2085 }
2086 }
2087 if (!attr->ia_valid)
2088 return 0;
2089
2090 ret = fuse_do_setattr(entry, attr, file);
2091 if (!ret) {
2092 /*
2093 * If filesystem supports acls it may have updated acl xattrs in
2094 * the filesystem, so forget cached acls for the inode.
2095 */
2096 if (fc->posix_acl)
2097 forget_all_cached_acls(inode);
2098
2099 /* Directory mode changed, may need to revalidate access */
2100 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
2101 fuse_invalidate_entry_cache(entry);
2102 }
2103 return ret;
2104 }
2105
fuse_getattr(struct user_namespace * mnt_userns,const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)2106 static int fuse_getattr(struct user_namespace *mnt_userns,
2107 const struct path *path, struct kstat *stat,
2108 u32 request_mask, unsigned int flags)
2109 {
2110 struct inode *inode = d_inode(path->dentry);
2111 struct fuse_conn *fc = get_fuse_conn(inode);
2112
2113 if (fuse_is_bad(inode))
2114 return -EIO;
2115
2116 if (!fuse_allow_current_process(fc)) {
2117 if (!request_mask) {
2118 /*
2119 * If user explicitly requested *nothing* then don't
2120 * error out, but return st_dev only.
2121 */
2122 stat->result_mask = 0;
2123 stat->dev = inode->i_sb->s_dev;
2124 return 0;
2125 }
2126 return -EACCES;
2127 }
2128
2129 return fuse_update_get_attr(inode, NULL, path, stat, request_mask,
2130 flags);
2131 }
2132
2133 static const struct inode_operations fuse_dir_inode_operations = {
2134 .lookup = fuse_lookup,
2135 .mkdir = fuse_mkdir,
2136 .symlink = fuse_symlink,
2137 .unlink = fuse_unlink,
2138 .rmdir = fuse_rmdir,
2139 .rename = fuse_rename2,
2140 .link = fuse_link,
2141 .setattr = fuse_setattr,
2142 .create = fuse_create,
2143 .atomic_open = fuse_atomic_open,
2144 .mknod = fuse_mknod,
2145 .permission = fuse_permission,
2146 .getattr = fuse_getattr,
2147 .listxattr = fuse_listxattr,
2148 .get_acl = fuse_get_acl,
2149 .set_acl = fuse_set_acl,
2150 .fileattr_get = fuse_fileattr_get,
2151 .fileattr_set = fuse_fileattr_set,
2152 };
2153
2154 static const struct file_operations fuse_dir_operations = {
2155 .llseek = generic_file_llseek,
2156 .read = generic_read_dir,
2157 .iterate_shared = fuse_readdir,
2158 .open = fuse_dir_open,
2159 .release = fuse_dir_release,
2160 .fsync = fuse_dir_fsync,
2161 .unlocked_ioctl = fuse_dir_ioctl,
2162 .compat_ioctl = fuse_dir_compat_ioctl,
2163 };
2164
2165 static const struct inode_operations fuse_common_inode_operations = {
2166 .setattr = fuse_setattr,
2167 .permission = fuse_permission,
2168 .getattr = fuse_getattr,
2169 .listxattr = fuse_listxattr,
2170 .get_acl = fuse_get_acl,
2171 .set_acl = fuse_set_acl,
2172 .fileattr_get = fuse_fileattr_get,
2173 .fileattr_set = fuse_fileattr_set,
2174 };
2175
2176 static const struct inode_operations fuse_symlink_inode_operations = {
2177 .setattr = fuse_setattr,
2178 .get_link = fuse_get_link,
2179 .getattr = fuse_getattr,
2180 .listxattr = fuse_listxattr,
2181 };
2182
fuse_init_common(struct inode * inode)2183 void fuse_init_common(struct inode *inode)
2184 {
2185 inode->i_op = &fuse_common_inode_operations;
2186 }
2187
fuse_init_dir(struct inode * inode)2188 void fuse_init_dir(struct inode *inode)
2189 {
2190 struct fuse_inode *fi = get_fuse_inode(inode);
2191
2192 inode->i_op = &fuse_dir_inode_operations;
2193 inode->i_fop = &fuse_dir_operations;
2194
2195 spin_lock_init(&fi->rdc.lock);
2196 fi->rdc.cached = false;
2197 fi->rdc.size = 0;
2198 fi->rdc.pos = 0;
2199 fi->rdc.version = 0;
2200 }
2201
fuse_symlink_readpage(struct file * null,struct page * page)2202 static int fuse_symlink_readpage(struct file *null, struct page *page)
2203 {
2204 int err = fuse_readlink_page(page->mapping->host, page);
2205
2206 if (!err)
2207 SetPageUptodate(page);
2208
2209 unlock_page(page);
2210
2211 return err;
2212 }
2213
2214 static const struct address_space_operations fuse_symlink_aops = {
2215 .readpage = fuse_symlink_readpage,
2216 };
2217
fuse_init_symlink(struct inode * inode)2218 void fuse_init_symlink(struct inode *inode)
2219 {
2220 inode->i_op = &fuse_symlink_inode_operations;
2221 inode->i_data.a_ops = &fuse_symlink_aops;
2222 inode_nohighmem(inode);
2223 }
2224