1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * FUSE passthrough to backing file.
4 *
5 * Copyright (c) 2023 CTERA Networks.
6 */
7
8 #include "fuse_i.h"
9
10 #include <linux/file.h>
11 #include <linux/backing-file.h>
12 #include <linux/splice.h>
13 #include <linux/pagemap.h>
14
fuse_file_accessed(struct file * file)15 static void fuse_file_accessed(struct file *file)
16 {
17 struct inode *inode = file_inode(file);
18
19 fuse_invalidate_atime(inode);
20 }
21
fuse_passthrough_end_write(struct file * file,loff_t pos,ssize_t ret)22 static void fuse_passthrough_end_write(struct file *file, loff_t pos, ssize_t ret)
23 {
24 struct inode *inode = file_inode(file);
25 struct fuse_conn *fc = get_fuse_conn(inode);
26 struct fuse_file *ff = file->private_data;
27 struct file *backing_file = fuse_file_passthrough(ff);
28 struct inode *backing_inode = file_inode(backing_file);
29
30 if (!fc->writeback_cache) {
31 fuse_write_update_attr(inode, pos, ret);
32 } else {
33 inode_set_mtime_to_ts(inode, inode_get_mtime(backing_inode));
34 inode_set_ctime_to_ts(inode, inode_get_ctime(backing_inode));
35 inode->i_blocks = backing_inode->i_blocks;
36 i_size_write(inode, i_size_read(backing_inode));
37 }
38 if (ret > 0) {
39 invalidate_inode_pages2_range(inode->i_mapping,
40 (pos - ret) >> PAGE_SHIFT, pos >> PAGE_SHIFT);
41 }
42 }
43
fuse_passthrough_read_iter(struct kiocb * iocb,struct iov_iter * iter)44 ssize_t fuse_passthrough_read_iter(struct kiocb *iocb, struct iov_iter *iter)
45 {
46 struct file *file = iocb->ki_filp;
47 struct fuse_file *ff = file->private_data;
48 struct file *backing_file = fuse_file_passthrough(ff);
49 size_t count = iov_iter_count(iter);
50 ssize_t ret;
51 struct backing_file_ctx ctx = {
52 .cred = ff->cred,
53 .user_file = file,
54 .accessed = fuse_file_accessed,
55 };
56
57
58 pr_debug("%s: backing_file=0x%p, pos=%lld, len=%zu\n", __func__,
59 backing_file, iocb->ki_pos, count);
60
61 if (!count)
62 return 0;
63
64 /* Flush any dirtied cache pages from fuse cache */
65 write_inode_now(file_inode(file), 1);
66 ret = backing_file_read_iter(backing_file, iter, iocb, iocb->ki_flags,
67 &ctx);
68
69 return ret;
70 }
71
fuse_passthrough_write_iter(struct kiocb * iocb,struct iov_iter * iter)72 ssize_t fuse_passthrough_write_iter(struct kiocb *iocb,
73 struct iov_iter *iter)
74 {
75 struct file *file = iocb->ki_filp;
76 struct inode *inode = file_inode(file);
77 struct fuse_file *ff = file->private_data;
78 struct file *backing_file = fuse_file_passthrough(ff);
79 size_t count = iov_iter_count(iter);
80 ssize_t ret;
81 struct backing_file_ctx ctx = {
82 .cred = ff->cred,
83 .user_file = file,
84 .end_write = fuse_passthrough_end_write,
85 };
86
87 pr_debug("%s: backing_file=0x%p, pos=%lld, len=%zu\n", __func__,
88 backing_file, iocb->ki_pos, count);
89
90 if (!count)
91 return 0;
92
93 inode_lock(inode);
94 ret = backing_file_write_iter(backing_file, iter, iocb, iocb->ki_flags,
95 &ctx);
96 inode_unlock(inode);
97
98 return ret;
99 }
100
fuse_passthrough_splice_read(struct file * in,loff_t * ppos,struct pipe_inode_info * pipe,size_t len,unsigned int flags)101 ssize_t fuse_passthrough_splice_read(struct file *in, loff_t *ppos,
102 struct pipe_inode_info *pipe,
103 size_t len, unsigned int flags)
104 {
105 struct fuse_file *ff = in->private_data;
106 struct file *backing_file = fuse_file_passthrough(ff);
107 struct backing_file_ctx ctx = {
108 .cred = ff->cred,
109 .user_file = in,
110 .accessed = fuse_file_accessed,
111 };
112
113 pr_debug("%s: backing_file=0x%p, pos=%lld, len=%zu, flags=0x%x\n", __func__,
114 backing_file, ppos ? *ppos : 0, len, flags);
115
116 /* Flush any dirtied cache pages from fuse cache */
117 write_inode_now(file_inode(in), 1);
118 return backing_file_splice_read(backing_file, ppos, pipe, len, flags,
119 &ctx);
120 }
121
fuse_passthrough_splice_write(struct pipe_inode_info * pipe,struct file * out,loff_t * ppos,size_t len,unsigned int flags)122 ssize_t fuse_passthrough_splice_write(struct pipe_inode_info *pipe,
123 struct file *out, loff_t *ppos,
124 size_t len, unsigned int flags)
125 {
126 struct fuse_file *ff = out->private_data;
127 struct file *backing_file = fuse_file_passthrough(ff);
128 struct inode *inode = file_inode(out);
129 ssize_t ret;
130 struct backing_file_ctx ctx = {
131 .cred = ff->cred,
132 .user_file = out,
133 .end_write = fuse_passthrough_end_write,
134 };
135
136 pr_debug("%s: backing_file=0x%p, pos=%lld, len=%zu, flags=0x%x\n", __func__,
137 backing_file, ppos ? *ppos : 0, len, flags);
138
139 inode_lock(inode);
140 ret = backing_file_splice_write(pipe, backing_file, ppos, len, flags,
141 &ctx);
142 inode_unlock(inode);
143
144 return ret;
145 }
146
fuse_passthrough_mmap(struct file * file,struct vm_area_struct * vma)147 ssize_t fuse_passthrough_mmap(struct file *file, struct vm_area_struct *vma)
148 {
149 struct fuse_file *ff = file->private_data;
150 struct file *backing_file = fuse_file_passthrough(ff);
151 struct backing_file_ctx ctx = {
152 .cred = ff->cred,
153 .user_file = file,
154 .accessed = fuse_file_accessed,
155 };
156
157 pr_debug("%s: backing_file=0x%p, start=%lu, end=%lu\n", __func__,
158 backing_file, vma->vm_start, vma->vm_end);
159
160 return backing_file_mmap(backing_file, vma, &ctx);
161 }
162
fuse_backing_get(struct fuse_backing * fb)163 struct fuse_backing *fuse_backing_get(struct fuse_backing *fb)
164 {
165 if (fb && refcount_inc_not_zero(&fb->count))
166 return fb;
167 return NULL;
168 }
169
fuse_backing_free(struct fuse_backing * fb)170 static void fuse_backing_free(struct fuse_backing *fb)
171 {
172 pr_debug("%s: fb=0x%p\n", __func__, fb);
173
174 if (fb->file)
175 fput(fb->file);
176 put_cred(fb->cred);
177 kfree_rcu(fb, rcu);
178 }
179
fuse_backing_put(struct fuse_backing * fb)180 void fuse_backing_put(struct fuse_backing *fb)
181 {
182 if (fb && refcount_dec_and_test(&fb->count))
183 fuse_backing_free(fb);
184 }
185
fuse_backing_files_init(struct fuse_conn * fc)186 void fuse_backing_files_init(struct fuse_conn *fc)
187 {
188 idr_init(&fc->backing_files_map);
189 }
190
fuse_backing_id_alloc(struct fuse_conn * fc,struct fuse_backing * fb)191 static int fuse_backing_id_alloc(struct fuse_conn *fc, struct fuse_backing *fb)
192 {
193 int id;
194
195 idr_preload(GFP_KERNEL);
196 spin_lock(&fc->lock);
197 /* FIXME: xarray might be space inefficient */
198 id = idr_alloc_cyclic(&fc->backing_files_map, fb, 1, 0, GFP_ATOMIC);
199 spin_unlock(&fc->lock);
200 idr_preload_end();
201
202 WARN_ON_ONCE(id == 0);
203 return id;
204 }
205
fuse_backing_id_remove(struct fuse_conn * fc,int id)206 static struct fuse_backing *fuse_backing_id_remove(struct fuse_conn *fc,
207 int id)
208 {
209 struct fuse_backing *fb;
210
211 spin_lock(&fc->lock);
212 fb = idr_remove(&fc->backing_files_map, id);
213 spin_unlock(&fc->lock);
214
215 return fb;
216 }
217
fuse_backing_id_free(int id,void * p,void * data)218 static int fuse_backing_id_free(int id, void *p, void *data)
219 {
220 struct fuse_backing *fb = p;
221
222 WARN_ON_ONCE(refcount_read(&fb->count) != 1);
223 fuse_backing_free(fb);
224 return 0;
225 }
226
fuse_backing_files_free(struct fuse_conn * fc)227 void fuse_backing_files_free(struct fuse_conn *fc)
228 {
229 idr_for_each(&fc->backing_files_map, fuse_backing_id_free, NULL);
230 idr_destroy(&fc->backing_files_map);
231 }
232
fuse_backing_open(struct fuse_conn * fc,struct fuse_backing_map * map)233 int fuse_backing_open(struct fuse_conn *fc, struct fuse_backing_map *map)
234 {
235 struct file *file;
236 struct super_block *backing_sb;
237 struct fuse_backing *fb = NULL;
238 int res;
239
240 pr_debug("%s: fd=%d flags=0x%x\n", __func__, map->fd, map->flags);
241
242 /* TODO: relax CAP_SYS_ADMIN once backing files are visible to lsof */
243 /* Android already restricts access here, and we don't want to grant extra
244 * Permissions to the daemon */
245 #if 0
246 res = -EPERM;
247 if (!fc->passthrough || !capable(CAP_SYS_ADMIN))
248 goto out;
249 #endif
250
251 res = -EINVAL;
252 if (map->flags || map->padding)
253 goto out;
254
255 file = fget_raw(map->fd);
256 res = -EBADF;
257 if (!file)
258 goto out;
259
260 /* read/write/splice/mmap passthrough only relevant for regular files */
261 res = d_is_dir(file->f_path.dentry) ? -EISDIR : -EINVAL;
262 if (!d_is_reg(file->f_path.dentry))
263 goto out_fput;
264
265 backing_sb = file_inode(file)->i_sb;
266 res = -ELOOP;
267 if (backing_sb->s_stack_depth >= fc->max_stack_depth)
268 goto out_fput;
269
270 fb = kmalloc(sizeof(struct fuse_backing), GFP_KERNEL);
271 res = -ENOMEM;
272 if (!fb)
273 goto out_fput;
274
275 fb->file = file;
276 fb->cred = prepare_creds();
277 refcount_set(&fb->count, 1);
278
279 res = fuse_backing_id_alloc(fc, fb);
280 if (res < 0) {
281 fuse_backing_free(fb);
282 fb = NULL;
283 }
284
285 out:
286 pr_debug("%s: fb=0x%p, ret=%i\n", __func__, fb, res);
287
288 return res;
289
290 out_fput:
291 fput(file);
292 goto out;
293 }
294
fuse_backing_close(struct fuse_conn * fc,int backing_id)295 int fuse_backing_close(struct fuse_conn *fc, int backing_id)
296 {
297 struct fuse_backing *fb = NULL;
298 int err;
299
300 pr_debug("%s: backing_id=%d\n", __func__, backing_id);
301
302 /* TODO: relax CAP_SYS_ADMIN once backing files are visible to lsof */
303 /* Android already restricts access here, and we don't want to grant extra
304 * Permissions to the daemon */
305 #if 0
306 err = -EPERM;
307 if (!fc->passthrough || !capable(CAP_SYS_ADMIN))
308 goto out;
309 #endif
310
311 err = -EINVAL;
312 if (backing_id <= 0)
313 goto out;
314
315 err = -ENOENT;
316 fb = fuse_backing_id_remove(fc, backing_id);
317 if (!fb)
318 goto out;
319
320 fuse_backing_put(fb);
321 err = 0;
322 out:
323 pr_debug("%s: fb=0x%p, err=%i\n", __func__, fb, err);
324
325 return err;
326 }
327
328 /*
329 * Setup passthrough to a backing file.
330 *
331 * Returns an fb object with elevated refcount to be stored in fuse inode.
332 */
fuse_passthrough_open(struct file * file,struct inode * inode,int backing_id)333 struct fuse_backing *fuse_passthrough_open(struct file *file,
334 struct inode *inode,
335 int backing_id)
336 {
337 struct fuse_file *ff = file->private_data;
338 struct fuse_conn *fc = ff->fm->fc;
339 struct fuse_backing *fb = NULL;
340 struct file *backing_file;
341 int err;
342
343 err = -EINVAL;
344 if (backing_id <= 0)
345 goto out;
346
347 rcu_read_lock();
348 fb = idr_find(&fc->backing_files_map, backing_id);
349 fb = fuse_backing_get(fb);
350 rcu_read_unlock();
351
352 err = -ENOENT;
353 if (!fb)
354 goto out;
355
356 /* Allocate backing file per fuse file to store fuse path */
357 backing_file = backing_file_open(&file->f_path, file->f_flags,
358 &fb->file->f_path, fb->cred);
359 err = PTR_ERR(backing_file);
360 if (IS_ERR(backing_file)) {
361 fuse_backing_put(fb);
362 goto out;
363 }
364
365 err = 0;
366 ff->passthrough = backing_file;
367 ff->cred = get_cred(fb->cred);
368 out:
369 pr_debug("%s: backing_id=%d, fb=0x%p, backing_file=0x%p, err=%i\n", __func__,
370 backing_id, fb, ff->passthrough, err);
371
372 return err ? ERR_PTR(err) : fb;
373 }
374
fuse_passthrough_release(struct fuse_file * ff,struct fuse_backing * fb)375 void fuse_passthrough_release(struct fuse_file *ff, struct fuse_backing *fb)
376 {
377 pr_debug("%s: fb=0x%p, backing_file=0x%p\n", __func__,
378 fb, ff->passthrough);
379
380 fput(ff->passthrough);
381 ff->passthrough = NULL;
382 put_cred(ff->cred);
383 ff->cred = NULL;
384 }
385