1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * devtmpfs - kernel-maintained tmpfs-based /dev
4 *
5 * Copyright (C) 2009, Kay Sievers <kay.sievers@vrfy.org>
6 *
7 * During bootup, before any driver core device is registered,
8 * devtmpfs, a tmpfs-based filesystem is created. Every driver-core
9 * device which requests a device node, will add a node in this
10 * filesystem.
11 * By default, all devices are named after the name of the device,
12 * owned by root and have a default mode of 0600. Subsystems can
13 * overwrite the default setting if needed.
14 */
15
16 #include <linux/kernel.h>
17 #include <linux/syscalls.h>
18 #include <linux/mount.h>
19 #include <linux/device.h>
20 #include <linux/genhd.h>
21 #include <linux/namei.h>
22 #include <linux/fs.h>
23 #include <linux/shmem_fs.h>
24 #include <linux/ramfs.h>
25 #include <linux/sched.h>
26 #include <linux/slab.h>
27 #include <linux/kthread.h>
28 #include <linux/init_syscalls.h>
29 #include <uapi/linux/mount.h>
30 #include "base.h"
31
32 static struct task_struct *thread;
33
34 static int __initdata mount_dev = IS_ENABLED(CONFIG_DEVTMPFS_MOUNT);
35
36 static DEFINE_SPINLOCK(req_lock);
37
38 static struct req {
39 struct req *next;
40 struct completion done;
41 int err;
42 const char *name;
43 umode_t mode; /* 0 => delete */
44 kuid_t uid;
45 kgid_t gid;
46 struct device *dev;
47 } *requests;
48
mount_param(char * str)49 static int __init mount_param(char *str)
50 {
51 mount_dev = simple_strtoul(str, NULL, 0);
52 return 1;
53 }
54 __setup("devtmpfs.mount=", mount_param);
55
56 static struct vfsmount *mnt;
57
public_dev_mount(struct file_system_type * fs_type,int flags,const char * dev_name,void * data)58 static struct dentry *public_dev_mount(struct file_system_type *fs_type, int flags,
59 const char *dev_name, void *data)
60 {
61 struct super_block *s = mnt->mnt_sb;
62 int err;
63
64 atomic_inc(&s->s_active);
65 down_write(&s->s_umount);
66 err = reconfigure_single(s, flags, data);
67 if (err < 0) {
68 deactivate_locked_super(s);
69 return ERR_PTR(err);
70 }
71 return dget(s->s_root);
72 }
73
74 static struct file_system_type internal_fs_type = {
75 .name = "devtmpfs",
76 #ifdef CONFIG_TMPFS
77 .init_fs_context = shmem_init_fs_context,
78 .parameters = shmem_fs_parameters,
79 #else
80 .init_fs_context = ramfs_init_fs_context,
81 .parameters = ramfs_fs_parameters,
82 #endif
83 .kill_sb = kill_litter_super,
84 };
85
86 static struct file_system_type dev_fs_type = {
87 .name = "devtmpfs",
88 .mount = public_dev_mount,
89 };
90
91 #ifdef CONFIG_BLOCK
is_blockdev(struct device * dev)92 static inline int is_blockdev(struct device *dev)
93 {
94 return dev->class == &block_class;
95 }
96 #else
is_blockdev(struct device * dev)97 static inline int is_blockdev(struct device *dev) { return 0; }
98 #endif
99
devtmpfs_submit_req(struct req * req,const char * tmp)100 static int devtmpfs_submit_req(struct req *req, const char *tmp)
101 {
102 init_completion(&req->done);
103
104 spin_lock(&req_lock);
105 req->next = requests;
106 requests = req;
107 spin_unlock(&req_lock);
108
109 wake_up_process(thread);
110 wait_for_completion(&req->done);
111
112 kfree(tmp);
113
114 return req->err;
115 }
116
devtmpfs_create_node(struct device * dev)117 int devtmpfs_create_node(struct device *dev)
118 {
119 const char *tmp = NULL;
120 struct req req;
121
122 if (!thread)
123 return 0;
124
125 req.mode = 0;
126 req.uid = GLOBAL_ROOT_UID;
127 req.gid = GLOBAL_ROOT_GID;
128 req.name = device_get_devnode(dev, &req.mode, &req.uid, &req.gid, &tmp);
129 if (!req.name)
130 return -ENOMEM;
131
132 if (req.mode == 0)
133 req.mode = 0600;
134 if (is_blockdev(dev))
135 req.mode |= S_IFBLK;
136 else
137 req.mode |= S_IFCHR;
138
139 req.dev = dev;
140
141 return devtmpfs_submit_req(&req, tmp);
142 }
143
devtmpfs_delete_node(struct device * dev)144 int devtmpfs_delete_node(struct device *dev)
145 {
146 const char *tmp = NULL;
147 struct req req;
148
149 if (!thread)
150 return 0;
151
152 req.name = device_get_devnode(dev, NULL, NULL, NULL, &tmp);
153 if (!req.name)
154 return -ENOMEM;
155
156 req.mode = 0;
157 req.dev = dev;
158
159 return devtmpfs_submit_req(&req, tmp);
160 }
161
dev_mkdir(const char * name,umode_t mode)162 static int dev_mkdir(const char *name, umode_t mode)
163 {
164 struct dentry *dentry;
165 struct path path;
166 int err;
167
168 dentry = kern_path_create(AT_FDCWD, name, &path, LOOKUP_DIRECTORY);
169 if (IS_ERR(dentry))
170 return PTR_ERR(dentry);
171
172 err = vfs_mkdir(&init_user_ns, d_inode(path.dentry), dentry, mode);
173 if (!err)
174 /* mark as kernel-created inode */
175 d_inode(dentry)->i_private = &thread;
176 done_path_create(&path, dentry);
177 return err;
178 }
179
create_path(const char * nodepath)180 static int create_path(const char *nodepath)
181 {
182 char *path;
183 char *s;
184 int err = 0;
185
186 /* parent directories do not exist, create them */
187 path = kstrdup(nodepath, GFP_KERNEL);
188 if (!path)
189 return -ENOMEM;
190
191 s = path;
192 for (;;) {
193 s = strchr(s, '/');
194 if (!s)
195 break;
196 s[0] = '\0';
197 err = dev_mkdir(path, 0755);
198 if (err && err != -EEXIST)
199 break;
200 s[0] = '/';
201 s++;
202 }
203 kfree(path);
204 return err;
205 }
206
handle_create(const char * nodename,umode_t mode,kuid_t uid,kgid_t gid,struct device * dev)207 static int handle_create(const char *nodename, umode_t mode, kuid_t uid,
208 kgid_t gid, struct device *dev)
209 {
210 struct dentry *dentry;
211 struct path path;
212 int err;
213
214 dentry = kern_path_create(AT_FDCWD, nodename, &path, 0);
215 if (dentry == ERR_PTR(-ENOENT)) {
216 create_path(nodename);
217 dentry = kern_path_create(AT_FDCWD, nodename, &path, 0);
218 }
219 if (IS_ERR(dentry))
220 return PTR_ERR(dentry);
221
222 err = vfs_mknod(&init_user_ns, d_inode(path.dentry), dentry, mode,
223 dev->devt);
224 if (!err) {
225 struct iattr newattrs;
226
227 newattrs.ia_mode = mode;
228 newattrs.ia_uid = uid;
229 newattrs.ia_gid = gid;
230 newattrs.ia_valid = ATTR_MODE|ATTR_UID|ATTR_GID;
231 inode_lock(d_inode(dentry));
232 notify_change(&init_user_ns, dentry, &newattrs, NULL);
233 inode_unlock(d_inode(dentry));
234
235 /* mark as kernel-created inode */
236 d_inode(dentry)->i_private = &thread;
237 }
238 done_path_create(&path, dentry);
239 return err;
240 }
241
dev_rmdir(const char * name)242 static int dev_rmdir(const char *name)
243 {
244 struct path parent;
245 struct dentry *dentry;
246 int err;
247
248 dentry = kern_path_locked(name, &parent);
249 if (IS_ERR(dentry))
250 return PTR_ERR(dentry);
251 if (d_really_is_positive(dentry)) {
252 if (d_inode(dentry)->i_private == &thread)
253 err = vfs_rmdir(&init_user_ns, d_inode(parent.dentry),
254 dentry);
255 else
256 err = -EPERM;
257 } else {
258 err = -ENOENT;
259 }
260 dput(dentry);
261 inode_unlock(d_inode(parent.dentry));
262 path_put(&parent);
263 return err;
264 }
265
delete_path(const char * nodepath)266 static int delete_path(const char *nodepath)
267 {
268 char *path;
269 int err = 0;
270
271 path = kstrdup(nodepath, GFP_KERNEL);
272 if (!path)
273 return -ENOMEM;
274
275 for (;;) {
276 char *base;
277
278 base = strrchr(path, '/');
279 if (!base)
280 break;
281 base[0] = '\0';
282 err = dev_rmdir(path);
283 if (err)
284 break;
285 }
286
287 kfree(path);
288 return err;
289 }
290
dev_mynode(struct device * dev,struct inode * inode,struct kstat * stat)291 static int dev_mynode(struct device *dev, struct inode *inode, struct kstat *stat)
292 {
293 /* did we create it */
294 if (inode->i_private != &thread)
295 return 0;
296
297 /* does the dev_t match */
298 if (is_blockdev(dev)) {
299 if (!S_ISBLK(stat->mode))
300 return 0;
301 } else {
302 if (!S_ISCHR(stat->mode))
303 return 0;
304 }
305 if (stat->rdev != dev->devt)
306 return 0;
307
308 /* ours */
309 return 1;
310 }
311
handle_remove(const char * nodename,struct device * dev)312 static int handle_remove(const char *nodename, struct device *dev)
313 {
314 struct path parent;
315 struct dentry *dentry;
316 int deleted = 0;
317 int err;
318
319 dentry = kern_path_locked(nodename, &parent);
320 if (IS_ERR(dentry))
321 return PTR_ERR(dentry);
322
323 if (d_really_is_positive(dentry)) {
324 struct kstat stat;
325 struct path p = {.mnt = parent.mnt, .dentry = dentry};
326 err = vfs_getattr(&p, &stat, STATX_TYPE | STATX_MODE,
327 AT_STATX_SYNC_AS_STAT);
328 if (!err && dev_mynode(dev, d_inode(dentry), &stat)) {
329 struct iattr newattrs;
330 /*
331 * before unlinking this node, reset permissions
332 * of possible references like hardlinks
333 */
334 newattrs.ia_uid = GLOBAL_ROOT_UID;
335 newattrs.ia_gid = GLOBAL_ROOT_GID;
336 newattrs.ia_mode = stat.mode & ~0777;
337 newattrs.ia_valid =
338 ATTR_UID|ATTR_GID|ATTR_MODE;
339 inode_lock(d_inode(dentry));
340 notify_change(&init_user_ns, dentry, &newattrs, NULL);
341 inode_unlock(d_inode(dentry));
342 err = vfs_unlink(&init_user_ns, d_inode(parent.dentry),
343 dentry, NULL);
344 if (!err || err == -ENOENT)
345 deleted = 1;
346 }
347 } else {
348 err = -ENOENT;
349 }
350 dput(dentry);
351 inode_unlock(d_inode(parent.dentry));
352
353 path_put(&parent);
354 if (deleted && strchr(nodename, '/'))
355 delete_path(nodename);
356 return err;
357 }
358
359 /*
360 * If configured, or requested by the commandline, devtmpfs will be
361 * auto-mounted after the kernel mounted the root filesystem.
362 */
devtmpfs_mount(void)363 int __init devtmpfs_mount(void)
364 {
365 int err;
366
367 if (!mount_dev)
368 return 0;
369
370 if (!thread)
371 return 0;
372
373 err = init_mount("devtmpfs", "dev", "devtmpfs", MS_SILENT, NULL);
374 if (err)
375 printk(KERN_INFO "devtmpfs: error mounting %i\n", err);
376 else
377 printk(KERN_INFO "devtmpfs: mounted\n");
378 return err;
379 }
380
381 static __initdata DECLARE_COMPLETION(setup_done);
382
handle(const char * name,umode_t mode,kuid_t uid,kgid_t gid,struct device * dev)383 static int handle(const char *name, umode_t mode, kuid_t uid, kgid_t gid,
384 struct device *dev)
385 {
386 if (mode)
387 return handle_create(name, mode, uid, gid, dev);
388 else
389 return handle_remove(name, dev);
390 }
391
devtmpfs_work_loop(void)392 static void __noreturn devtmpfs_work_loop(void)
393 {
394 while (1) {
395 spin_lock(&req_lock);
396 while (requests) {
397 struct req *req = requests;
398 requests = NULL;
399 spin_unlock(&req_lock);
400 while (req) {
401 struct req *next = req->next;
402 req->err = handle(req->name, req->mode,
403 req->uid, req->gid, req->dev);
404 complete(&req->done);
405 req = next;
406 }
407 spin_lock(&req_lock);
408 }
409 __set_current_state(TASK_INTERRUPTIBLE);
410 spin_unlock(&req_lock);
411 schedule();
412 }
413 }
414
devtmpfs_setup(void * p)415 static noinline int __init devtmpfs_setup(void *p)
416 {
417 int err;
418
419 err = ksys_unshare(CLONE_NEWNS);
420 if (err)
421 goto out;
422 err = init_mount("devtmpfs", "/", "devtmpfs", MS_SILENT, NULL);
423 if (err)
424 goto out;
425 init_chdir("/.."); /* will traverse into overmounted root */
426 init_chroot(".");
427 out:
428 *(int *)p = err;
429 return err;
430 }
431
432 /*
433 * The __ref is because devtmpfs_setup needs to be __init for the routines it
434 * calls. That call is done while devtmpfs_init, which is marked __init,
435 * synchronously waits for it to complete.
436 */
devtmpfsd(void * p)437 static int __ref devtmpfsd(void *p)
438 {
439 int err = devtmpfs_setup(p);
440
441 complete(&setup_done);
442 if (err)
443 return err;
444 devtmpfs_work_loop();
445 return 0;
446 }
447
448 /*
449 * Create devtmpfs instance, driver-core devices will add their device
450 * nodes here.
451 */
devtmpfs_init(void)452 int __init devtmpfs_init(void)
453 {
454 char opts[] = "mode=0755";
455 int err;
456
457 mnt = vfs_kern_mount(&internal_fs_type, 0, "devtmpfs", opts);
458 if (IS_ERR(mnt)) {
459 printk(KERN_ERR "devtmpfs: unable to create devtmpfs %ld\n",
460 PTR_ERR(mnt));
461 return PTR_ERR(mnt);
462 }
463 err = register_filesystem(&dev_fs_type);
464 if (err) {
465 printk(KERN_ERR "devtmpfs: unable to register devtmpfs "
466 "type %i\n", err);
467 return err;
468 }
469
470 thread = kthread_run(devtmpfsd, &err, "kdevtmpfs");
471 if (!IS_ERR(thread)) {
472 wait_for_completion(&setup_done);
473 } else {
474 err = PTR_ERR(thread);
475 thread = NULL;
476 }
477
478 if (err) {
479 printk(KERN_ERR "devtmpfs: unable to create devtmpfs %i\n", err);
480 unregister_filesystem(&dev_fs_type);
481 return err;
482 }
483
484 printk(KERN_INFO "devtmpfs: initialized\n");
485 return 0;
486 }
487