1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright 2018 Google LLC
4 */
5
6 #include <linux/blkdev.h>
7 #include <linux/compat.h>
8 #include <linux/delay.h>
9 #include <linux/file.h>
10 #include <linux/fs.h>
11 #include <linux/fs_stack.h>
12 #include <linux/fsnotify.h>
13 #include <linux/fsverity.h>
14 #include <linux/mmap_lock.h>
15 #include <linux/namei.h>
16 #include <linux/pagemap.h>
17 #include <linux/parser.h>
18 #include <linux/seq_file.h>
19 #include <linux/backing-dev-defs.h>
20
21 #include <uapi/linux/incrementalfs.h>
22
23 #include "vfs.h"
24
25 #include "data_mgmt.h"
26 #include "format.h"
27 #include "internal.h"
28 #include "pseudo_files.h"
29 #include "sysfs.h"
30 #include "verity.h"
31
32 static int incfs_remount_fs(struct super_block *sb, int *flags, char *data);
33
34 static int dentry_revalidate(struct dentry *dentry, unsigned int flags);
35 static void dentry_release(struct dentry *d);
36
37 static int iterate_incfs_dir(struct file *file, struct dir_context *ctx);
38 static struct dentry *dir_lookup(struct inode *dir_inode,
39 struct dentry *dentry, unsigned int flags);
40 static int dir_mkdir(struct mnt_idmap *idmap, struct inode *dir,
41 struct dentry *dentry, umode_t mode);
42 static int dir_unlink(struct inode *dir, struct dentry *dentry);
43 static int dir_link(struct dentry *old_dentry, struct inode *dir,
44 struct dentry *new_dentry);
45 static int dir_rmdir(struct inode *dir, struct dentry *dentry);
46 static int dir_rename(struct inode *old_dir, struct dentry *old_dentry,
47 struct inode *new_dir, struct dentry *new_dentry,
48 unsigned int flags);
49
50 static int file_open(struct inode *inode, struct file *file);
51 static int file_release(struct inode *inode, struct file *file);
52 static int read_folio(struct file *f, struct folio *folio);
53 static long dispatch_ioctl(struct file *f, unsigned int req, unsigned long arg);
54
55 #ifdef CONFIG_COMPAT
56 static long incfs_compat_ioctl(struct file *file, unsigned int cmd,
57 unsigned long arg);
58 #endif
59
60 static struct inode *alloc_inode(struct super_block *sb);
61 static void free_inode(struct inode *inode);
62 static void evict_inode(struct inode *inode);
63
64 static int incfs_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
65 struct iattr *ia);
66 static int incfs_getattr(struct mnt_idmap *idmap, const struct path *path,
67 struct kstat *stat, u32 request_mask,
68 unsigned int query_flags);
69 static ssize_t incfs_getxattr(struct dentry *d, const char *name,
70 void *value, size_t size);
71 static ssize_t incfs_setxattr(struct mnt_idmap *idmap, struct dentry *d,
72 const char *name, void *value, size_t size,
73 int flags);
74 static ssize_t incfs_listxattr(struct dentry *d, char *list, size_t size);
75
76 static int show_options(struct seq_file *, struct dentry *);
77
78 static const struct super_operations incfs_super_ops = {
79 .statfs = simple_statfs,
80 .remount_fs = incfs_remount_fs,
81 .alloc_inode = alloc_inode,
82 .destroy_inode = free_inode,
83 .evict_inode = evict_inode,
84 .show_options = show_options
85 };
86
dir_rename_wrap(struct mnt_idmap * idmap,struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)87 static int dir_rename_wrap(struct mnt_idmap *idmap, struct inode *old_dir,
88 struct dentry *old_dentry, struct inode *new_dir,
89 struct dentry *new_dentry, unsigned int flags)
90 {
91 return dir_rename(old_dir, old_dentry, new_dir, new_dentry, flags);
92 }
93
94 static const struct inode_operations incfs_dir_inode_ops = {
95 .lookup = dir_lookup,
96 .mkdir = dir_mkdir,
97 .rename = dir_rename_wrap,
98 .unlink = dir_unlink,
99 .link = dir_link,
100 .rmdir = dir_rmdir,
101 .setattr = incfs_setattr,
102 };
103
104 WRAP_DIR_ITER(iterate_incfs_dir) // FIXME!
105 static const struct file_operations incfs_dir_fops = {
106 .llseek = generic_file_llseek,
107 .read = generic_read_dir,
108 .iterate_shared = shared_iterate_incfs_dir,
109 .open = file_open,
110 .release = file_release,
111 };
112
113 static const struct dentry_operations incfs_dentry_ops = {
114 .d_revalidate = dentry_revalidate,
115 .d_release = dentry_release
116 };
117
118 static const struct address_space_operations incfs_address_space_ops = {
119 .read_folio = read_folio,
120 /* .readpages = readpages */
121 };
122
incfs_fault(struct vm_fault * vmf)123 static vm_fault_t incfs_fault(struct vm_fault *vmf)
124 {
125 vmf->flags &= ~FAULT_FLAG_ALLOW_RETRY;
126 return filemap_fault(vmf);
127 }
128
129 static const struct vm_operations_struct incfs_file_vm_ops = {
130 .fault = incfs_fault,
131 .map_pages = filemap_map_pages,
132 .page_mkwrite = filemap_page_mkwrite,
133 };
134
135 /* This is used for a general mmap of a disk file */
136
incfs_file_mmap(struct file * file,struct vm_area_struct * vma)137 static int incfs_file_mmap(struct file *file, struct vm_area_struct *vma)
138 {
139 struct address_space *mapping = file->f_mapping;
140
141 if (!mapping->a_ops->read_folio)
142 return -ENOEXEC;
143 file_accessed(file);
144 vma->vm_ops = &incfs_file_vm_ops;
145 return 0;
146 }
147
148 const struct file_operations incfs_file_ops = {
149 .open = file_open,
150 .release = file_release,
151 .read_iter = generic_file_read_iter,
152 .mmap = incfs_file_mmap,
153 .splice_read = filemap_splice_read,
154 .llseek = generic_file_llseek,
155 .unlocked_ioctl = dispatch_ioctl,
156 #ifdef CONFIG_COMPAT
157 .compat_ioctl = incfs_compat_ioctl,
158 #endif
159 };
160
161 const struct inode_operations incfs_file_inode_ops = {
162 .setattr = incfs_setattr,
163 .getattr = incfs_getattr,
164 .listxattr = incfs_listxattr
165 };
166
incfs_handler_getxattr(const struct xattr_handler * xh,struct dentry * d,struct inode * inode,const char * name,void * buffer,size_t size)167 static int incfs_handler_getxattr(const struct xattr_handler *xh,
168 struct dentry *d, struct inode *inode,
169 const char *name, void *buffer, size_t size)
170 {
171 return incfs_getxattr(d, name, buffer, size);
172 }
173
incfs_handler_setxattr(const struct xattr_handler * xh,struct mnt_idmap * idmap,struct dentry * d,struct inode * inode,const char * name,const void * buffer,size_t size,int flags)174 static int incfs_handler_setxattr(const struct xattr_handler *xh,
175 struct mnt_idmap *idmap,
176 struct dentry *d, struct inode *inode,
177 const char *name, const void *buffer,
178 size_t size, int flags)
179 {
180 return incfs_setxattr(idmap, d, name, (void *)buffer, size, flags);
181 }
182
183 static const struct xattr_handler incfs_xattr_handler = {
184 .prefix = "", /* AKA all attributes */
185 .get = incfs_handler_getxattr,
186 .set = incfs_handler_setxattr,
187 };
188
189 static const struct xattr_handler *incfs_xattr_ops[] = {
190 &incfs_xattr_handler,
191 NULL,
192 };
193
194 struct inode_search {
195 unsigned long ino;
196
197 struct dentry *backing_dentry;
198
199 size_t size;
200
201 bool verity;
202 };
203
204 enum parse_parameter {
205 Opt_read_timeout,
206 Opt_readahead_pages,
207 Opt_rlog_pages,
208 Opt_rlog_wakeup_cnt,
209 Opt_report_uid,
210 Opt_sysfs_name,
211 Opt_err
212 };
213
214 static const match_table_t option_tokens = {
215 { Opt_read_timeout, "read_timeout_ms=%u" },
216 { Opt_readahead_pages, "readahead=%u" },
217 { Opt_rlog_pages, "rlog_pages=%u" },
218 { Opt_rlog_wakeup_cnt, "rlog_wakeup_cnt=%u" },
219 { Opt_report_uid, "report_uid" },
220 { Opt_sysfs_name, "sysfs_name=%s" },
221 { Opt_err, NULL }
222 };
223
free_options(struct mount_options * opts)224 static void free_options(struct mount_options *opts)
225 {
226 kfree(opts->sysfs_name);
227 opts->sysfs_name = NULL;
228 }
229
parse_options(struct mount_options * opts,char * str)230 static int parse_options(struct mount_options *opts, char *str)
231 {
232 substring_t args[MAX_OPT_ARGS];
233 int value;
234 char *position;
235
236 if (opts == NULL)
237 return -EFAULT;
238
239 *opts = (struct mount_options) {
240 .read_timeout_ms = 1000, /* Default: 1s */
241 .readahead_pages = 10,
242 .read_log_pages = 2,
243 .read_log_wakeup_count = 10,
244 };
245
246 if (str == NULL || *str == 0)
247 return 0;
248
249 while ((position = strsep(&str, ",")) != NULL) {
250 int token;
251
252 if (!*position)
253 continue;
254
255 token = match_token(position, option_tokens, args);
256
257 switch (token) {
258 case Opt_read_timeout:
259 if (match_int(&args[0], &value))
260 return -EINVAL;
261 if (value > 3600000)
262 return -EINVAL;
263 opts->read_timeout_ms = value;
264 break;
265 case Opt_readahead_pages:
266 if (match_int(&args[0], &value))
267 return -EINVAL;
268 opts->readahead_pages = value;
269 break;
270 case Opt_rlog_pages:
271 if (match_int(&args[0], &value))
272 return -EINVAL;
273 opts->read_log_pages = value;
274 break;
275 case Opt_rlog_wakeup_cnt:
276 if (match_int(&args[0], &value))
277 return -EINVAL;
278 opts->read_log_wakeup_count = value;
279 break;
280 case Opt_report_uid:
281 opts->report_uid = true;
282 break;
283 case Opt_sysfs_name:
284 opts->sysfs_name = match_strdup(&args[0]);
285 break;
286 default:
287 free_options(opts);
288 return -EINVAL;
289 }
290 }
291
292 return 0;
293 }
294
295 /* Read file size from the attribute. Quicker than reading the header */
read_size_attr(struct dentry * backing_dentry)296 static u64 read_size_attr(struct dentry *backing_dentry)
297 {
298 __le64 attr_value;
299 ssize_t bytes_read;
300
301 bytes_read = vfs_getxattr(&nop_mnt_idmap, backing_dentry, INCFS_XATTR_SIZE_NAME,
302 (char *)&attr_value, sizeof(attr_value));
303
304 if (bytes_read != sizeof(attr_value))
305 return 0;
306
307 return le64_to_cpu(attr_value);
308 }
309
310 /* Read verity flag from the attribute. Quicker than reading the header */
read_verity_attr(struct dentry * backing_dentry)311 static bool read_verity_attr(struct dentry *backing_dentry)
312 {
313 return vfs_getxattr(&nop_mnt_idmap, backing_dentry, INCFS_XATTR_VERITY_NAME, NULL, 0)
314 >= 0;
315 }
316
inode_test(struct inode * inode,void * opaque)317 static int inode_test(struct inode *inode, void *opaque)
318 {
319 struct inode_search *search = opaque;
320 struct inode_info *node = get_incfs_node(inode);
321 struct inode *backing_inode = d_inode(search->backing_dentry);
322
323 if (!node)
324 return 0;
325
326 return node->n_backing_inode == backing_inode &&
327 inode->i_ino == search->ino;
328 }
329
inode_set(struct inode * inode,void * opaque)330 static int inode_set(struct inode *inode, void *opaque)
331 {
332 struct inode_search *search = opaque;
333 struct inode_info *node = get_incfs_node(inode);
334 struct dentry *backing_dentry = search->backing_dentry;
335 struct inode *backing_inode = d_inode(backing_dentry);
336
337 fsstack_copy_attr_all(inode, backing_inode);
338 if (S_ISREG(inode->i_mode)) {
339 u64 size = search->size;
340
341 inode->i_size = size;
342 inode->i_blocks = get_blocks_count_for_size(size);
343 inode->i_mapping->a_ops = &incfs_address_space_ops;
344 inode->i_op = &incfs_file_inode_ops;
345 inode->i_fop = &incfs_file_ops;
346 inode->i_mode &= ~0222;
347 if (search->verity)
348 inode_set_flags(inode, S_VERITY, S_VERITY);
349 } else if (S_ISDIR(inode->i_mode)) {
350 inode->i_size = 0;
351 inode->i_blocks = 1;
352 inode->i_mapping->a_ops = &incfs_address_space_ops;
353 inode->i_op = &incfs_dir_inode_ops;
354 inode->i_fop = &incfs_dir_fops;
355 } else {
356 pr_warn_once("incfs: Unexpected inode type\n");
357 return -EBADF;
358 }
359
360 ihold(backing_inode);
361 node->n_backing_inode = backing_inode;
362 node->n_mount_info = get_mount_info(inode->i_sb);
363 inode_set_ctime_to_ts(inode, inode_get_ctime(backing_inode));
364 inode_set_mtime_to_ts(inode, inode_get_mtime(backing_inode));
365 inode_set_atime_to_ts(inode, inode_get_atime(backing_inode));
366 inode->i_ino = backing_inode->i_ino;
367 if (backing_inode->i_ino < INCFS_START_INO_RANGE) {
368 pr_warn("incfs: ino conflict with backing FS %ld\n",
369 backing_inode->i_ino);
370 }
371
372 return 0;
373 }
374
fetch_regular_inode(struct super_block * sb,struct dentry * backing_dentry)375 static struct inode *fetch_regular_inode(struct super_block *sb,
376 struct dentry *backing_dentry)
377 {
378 struct inode *backing_inode = d_inode(backing_dentry);
379 struct inode_search search = {
380 .ino = backing_inode->i_ino,
381 .backing_dentry = backing_dentry,
382 .size = read_size_attr(backing_dentry),
383 .verity = read_verity_attr(backing_dentry),
384 };
385 struct inode *inode = iget5_locked(sb, search.ino, inode_test,
386 inode_set, &search);
387
388 if (!inode)
389 return ERR_PTR(-ENOMEM);
390
391 if (inode->i_state & I_NEW)
392 unlock_new_inode(inode);
393
394 return inode;
395 }
396
iterate_incfs_dir(struct file * file,struct dir_context * ctx)397 static int iterate_incfs_dir(struct file *file, struct dir_context *ctx)
398 {
399 struct dir_file *dir = get_incfs_dir_file(file);
400 int error = 0;
401 struct mount_info *mi = get_mount_info(file_superblock(file));
402 bool root;
403
404 if (!dir) {
405 error = -EBADF;
406 goto out;
407 }
408
409 root = dir->backing_dir->f_inode
410 == d_inode(mi->mi_backing_dir_path.dentry);
411
412 if (root) {
413 error = emit_pseudo_files(ctx);
414 if (error)
415 goto out;
416 }
417
418 ctx->pos -= PSEUDO_FILE_COUNT;
419 error = iterate_dir(dir->backing_dir, ctx);
420 ctx->pos += PSEUDO_FILE_COUNT;
421 file->f_pos = dir->backing_dir->f_pos;
422 out:
423 if (error)
424 pr_warn("incfs: %s %s %d\n", __func__,
425 file->f_path.dentry->d_name.name, error);
426 return error;
427 }
428
incfs_init_dentry(struct dentry * dentry,struct path * path)429 static int incfs_init_dentry(struct dentry *dentry, struct path *path)
430 {
431 struct dentry_info *d_info = NULL;
432
433 if (!dentry || !path)
434 return -EFAULT;
435
436 d_info = kzalloc(sizeof(*d_info), GFP_NOFS);
437 if (!d_info)
438 return -ENOMEM;
439
440 d_info->backing_path = *path;
441 path_get(path);
442
443 dentry->d_fsdata = d_info;
444 return 0;
445 }
446
open_or_create_special_dir(struct dentry * backing_dir,const char * name,bool * created)447 static struct dentry *open_or_create_special_dir(struct dentry *backing_dir,
448 const char *name,
449 bool *created)
450 {
451 struct dentry *index_dentry;
452 struct inode *backing_inode = d_inode(backing_dir);
453 int err = 0;
454
455 index_dentry = incfs_lookup_dentry(backing_dir, name);
456 if (!index_dentry) {
457 return ERR_PTR(-EINVAL);
458 } else if (IS_ERR(index_dentry)) {
459 return index_dentry;
460 } else if (d_really_is_positive(index_dentry)) {
461 /* Index already exists. */
462 *created = false;
463 return index_dentry;
464 }
465
466 /* Index needs to be created. */
467 inode_lock_nested(backing_inode, I_MUTEX_PARENT);
468 err = vfs_mkdir(&nop_mnt_idmap, backing_inode, index_dentry, 0777);
469 inode_unlock(backing_inode);
470
471 if (err) {
472 dput(index_dentry);
473 return ERR_PTR(err);
474 }
475
476 if (!d_really_is_positive(index_dentry) ||
477 unlikely(d_unhashed(index_dentry))) {
478 dput(index_dentry);
479 return ERR_PTR(-EINVAL);
480 }
481
482 *created = true;
483 return index_dentry;
484 }
485
read_single_page_timeouts(struct data_file * df,struct file * f,int block_index,struct mem_range range,struct mem_range tmp,unsigned int * delayed_min_us)486 static int read_single_page_timeouts(struct data_file *df, struct file *f,
487 int block_index, struct mem_range range,
488 struct mem_range tmp,
489 unsigned int *delayed_min_us)
490 {
491 struct mount_info *mi = df->df_mount_info;
492 struct incfs_read_data_file_timeouts timeouts = {
493 .max_pending_time_us = U32_MAX,
494 };
495 int uid = current_uid().val;
496 int i;
497
498 spin_lock(&mi->mi_per_uid_read_timeouts_lock);
499 for (i = 0; i < mi->mi_per_uid_read_timeouts_size /
500 sizeof(*mi->mi_per_uid_read_timeouts); ++i) {
501 struct incfs_per_uid_read_timeouts *t =
502 &mi->mi_per_uid_read_timeouts[i];
503
504 if(t->uid == uid) {
505 timeouts.min_time_us = t->min_time_us;
506 timeouts.min_pending_time_us = t->min_pending_time_us;
507 timeouts.max_pending_time_us = t->max_pending_time_us;
508 break;
509 }
510 }
511 spin_unlock(&mi->mi_per_uid_read_timeouts_lock);
512 if (timeouts.max_pending_time_us == U32_MAX) {
513 u64 read_timeout_us = (u64)mi->mi_options.read_timeout_ms *
514 1000;
515
516 timeouts.max_pending_time_us = read_timeout_us <= U32_MAX ?
517 read_timeout_us : U32_MAX;
518 }
519
520 return incfs_read_data_file_block(range, f, block_index, tmp,
521 &timeouts, delayed_min_us);
522 }
523
usleep_interruptible(u32 us)524 static int usleep_interruptible(u32 us)
525 {
526 /* See:
527 * https://www.kernel.org/doc/Documentation/timers/timers-howto.txt
528 * for explanation
529 */
530 if (us < 10) {
531 udelay(us);
532 return 0;
533 } else if (us < 20000) {
534 usleep_range(us, us + us / 10);
535 return 0;
536 } else
537 return msleep_interruptible(us / 1000);
538 }
539
read_folio(struct file * f,struct folio * folio)540 static int read_folio(struct file *f, struct folio *folio)
541 {
542 struct page *page = &folio->page;
543 loff_t offset = 0;
544 loff_t size = 0;
545 ssize_t total_read = 0;
546 struct data_file *df = get_incfs_data_file(f);
547 int result = 0;
548 void *page_start;
549 int block_index;
550 unsigned int delayed_min_us = 0;
551 struct mem_range tmp = {
552 .len = 2 * INCFS_DATA_FILE_BLOCK_SIZE
553 };
554
555 if (!df) {
556 SetPageError(page);
557 unlock_page(page);
558 return -EBADF;
559 }
560
561 page_start = kmap(page);
562 offset = page_offset(page);
563 block_index = (offset + df->df_mapped_offset) /
564 INCFS_DATA_FILE_BLOCK_SIZE;
565 size = df->df_size;
566
567 tmp.data = kzalloc(tmp.len, GFP_NOFS);
568 if (!tmp.data) {
569 result = -ENOMEM;
570 goto err;
571 }
572
573 while (offset + total_read < size) {
574 ssize_t bytes_to_read = min_t(loff_t,
575 size - offset - total_read,
576 INCFS_DATA_FILE_BLOCK_SIZE);
577
578 result = read_single_page_timeouts(df, f, block_index,
579 range(page_start + total_read, bytes_to_read),
580 tmp, &delayed_min_us);
581 if (result < 0)
582 break;
583
584 total_read += result;
585 block_index++;
586
587 if (result < INCFS_DATA_FILE_BLOCK_SIZE)
588 break;
589 if (total_read == PAGE_SIZE)
590 break;
591 }
592 kfree(tmp.data);
593 err:
594 if (result < 0)
595 total_read = 0;
596 else
597 result = 0;
598 if (total_read < PAGE_SIZE)
599 zero_user(page, total_read, PAGE_SIZE - total_read);
600
601 if (result == 0)
602 SetPageUptodate(page);
603 else
604 SetPageError(page);
605
606 flush_dcache_page(page);
607 kunmap(page);
608 unlock_page(page);
609 if (delayed_min_us)
610 usleep_interruptible(delayed_min_us);
611 return result;
612 }
613
incfs_link(struct dentry * what,struct dentry * where)614 int incfs_link(struct dentry *what, struct dentry *where)
615 {
616 struct dentry *parent_dentry = dget_parent(where);
617 struct inode *pinode = d_inode(parent_dentry);
618 int error = 0;
619
620 inode_lock_nested(pinode, I_MUTEX_PARENT);
621 error = vfs_link(what, &nop_mnt_idmap, pinode, where, NULL);
622 inode_unlock(pinode);
623
624 dput(parent_dentry);
625 return error;
626 }
627
incfs_unlink(struct dentry * dentry)628 int incfs_unlink(struct dentry *dentry)
629 {
630 struct dentry *parent_dentry = dget_parent(dentry);
631 struct inode *pinode = d_inode(parent_dentry);
632 int error = 0;
633
634 inode_lock_nested(pinode, I_MUTEX_PARENT);
635 error = vfs_unlink(&nop_mnt_idmap, pinode, dentry, NULL);
636 inode_unlock(pinode);
637
638 dput(parent_dentry);
639 return error;
640 }
641
incfs_rmdir(struct dentry * dentry)642 static int incfs_rmdir(struct dentry *dentry)
643 {
644 struct dentry *parent_dentry = dget_parent(dentry);
645 struct inode *pinode = d_inode(parent_dentry);
646 int error = 0;
647
648 inode_lock_nested(pinode, I_MUTEX_PARENT);
649 error = vfs_rmdir(&nop_mnt_idmap, pinode, dentry);
650 inode_unlock(pinode);
651
652 dput(parent_dentry);
653 return error;
654 }
655
notify_unlink(struct dentry * dentry,const char * file_id_str,const char * special_directory)656 static void notify_unlink(struct dentry *dentry, const char *file_id_str,
657 const char *special_directory)
658 {
659 struct dentry *root = dentry;
660 struct dentry *file = NULL;
661 struct dentry *dir = NULL;
662 int error = 0;
663 bool take_lock = root->d_parent != root->d_parent->d_parent;
664
665 while (root != root->d_parent)
666 root = root->d_parent;
667
668 if (take_lock)
669 dir = incfs_lookup_dentry(root, special_directory);
670 else
671 dir = lookup_one_len(special_directory, root,
672 strlen(special_directory));
673
674 if (IS_ERR(dir)) {
675 error = PTR_ERR(dir);
676 goto out;
677 }
678 if (d_is_negative(dir)) {
679 error = -ENOENT;
680 goto out;
681 }
682
683 file = incfs_lookup_dentry(dir, file_id_str);
684 if (IS_ERR(file)) {
685 error = PTR_ERR(file);
686 goto out;
687 }
688 if (d_is_negative(file)) {
689 error = -ENOENT;
690 goto out;
691 }
692
693 fsnotify_unlink(d_inode(dir), file);
694 d_delete(file);
695
696 out:
697 if (error)
698 pr_warn("%s failed with error %d\n", __func__, error);
699
700 dput(dir);
701 dput(file);
702 }
703
handle_file_completed(struct file * f,struct data_file * df)704 static void handle_file_completed(struct file *f, struct data_file *df)
705 {
706 struct backing_file_context *bfc;
707 struct mount_info *mi = df->df_mount_info;
708 char *file_id_str = NULL;
709 struct dentry *incomplete_file_dentry = NULL;
710 const struct cred *old_cred = override_creds(mi->mi_owner);
711 int error;
712
713 /* Truncate file to remove any preallocated space */
714 bfc = df->df_backing_file_context;
715 if (bfc) {
716 struct file *f = bfc->bc_file;
717
718 if (f) {
719 loff_t size = i_size_read(file_inode(f));
720
721 error = vfs_truncate(&f->f_path, size);
722 if (error)
723 /* No useful action on failure */
724 pr_warn("incfs: Failed to truncate complete file: %d\n",
725 error);
726 }
727 }
728
729 /* This is best effort - there is no useful action to take on failure */
730 file_id_str = file_id_to_str(df->df_id);
731 if (!file_id_str)
732 goto out;
733
734 incomplete_file_dentry = incfs_lookup_dentry(
735 df->df_mount_info->mi_incomplete_dir,
736 file_id_str);
737 if (!incomplete_file_dentry || IS_ERR(incomplete_file_dentry)) {
738 incomplete_file_dentry = NULL;
739 goto out;
740 }
741
742 if (!d_really_is_positive(incomplete_file_dentry))
743 goto out;
744
745 vfs_fsync(df->df_backing_file_context->bc_file, 0);
746 error = incfs_unlink(incomplete_file_dentry);
747 if (error) {
748 pr_warn("incfs: Deleting incomplete file failed: %d\n", error);
749 goto out;
750 }
751
752 notify_unlink(f->f_path.dentry, file_id_str, INCFS_INCOMPLETE_NAME);
753
754 out:
755 dput(incomplete_file_dentry);
756 kfree(file_id_str);
757 revert_creds(old_cred);
758 }
759
ioctl_fill_blocks(struct file * f,void __user * arg)760 static long ioctl_fill_blocks(struct file *f, void __user *arg)
761 {
762 struct incfs_fill_blocks __user *usr_fill_blocks = arg;
763 struct incfs_fill_blocks fill_blocks;
764 struct incfs_fill_block __user *usr_fill_block_array;
765 struct data_file *df = get_incfs_data_file(f);
766 struct incfs_file_data *fd = f->private_data;
767 const ssize_t data_buf_size = 2 * INCFS_DATA_FILE_BLOCK_SIZE;
768 u8 *data_buf = NULL;
769 ssize_t error = 0;
770 int i = 0;
771 bool complete = false;
772
773 if (!df)
774 return -EBADF;
775
776 if (!fd || fd->fd_fill_permission != CAN_FILL)
777 return -EPERM;
778
779 if (copy_from_user(&fill_blocks, usr_fill_blocks, sizeof(fill_blocks)))
780 return -EFAULT;
781
782 usr_fill_block_array = u64_to_user_ptr(fill_blocks.fill_blocks);
783 data_buf = (u8 *)kzalloc(data_buf_size, GFP_NOFS);
784 if (!data_buf)
785 return -ENOMEM;
786
787 for (i = 0; i < fill_blocks.count; i++) {
788 struct incfs_fill_block fill_block = {};
789
790 if (copy_from_user(&fill_block, &usr_fill_block_array[i],
791 sizeof(fill_block)) > 0) {
792 error = -EFAULT;
793 break;
794 }
795
796 if (fill_block.data_len > data_buf_size) {
797 error = -E2BIG;
798 break;
799 }
800
801 if (copy_from_user(data_buf, u64_to_user_ptr(fill_block.data),
802 fill_block.data_len) > 0) {
803 error = -EFAULT;
804 break;
805 }
806 fill_block.data = 0; /* To make sure nobody uses it. */
807 if (fill_block.flags & INCFS_BLOCK_FLAGS_HASH) {
808 error = incfs_process_new_hash_block(df, &fill_block,
809 data_buf);
810 } else {
811 error = incfs_process_new_data_block(df, &fill_block,
812 data_buf, &complete);
813 }
814 if (error)
815 break;
816 }
817
818 kfree(data_buf);
819
820 if (complete)
821 handle_file_completed(f, df);
822
823 /*
824 * Only report the error if no records were processed, otherwise
825 * just return how many were processed successfully.
826 */
827 if (i == 0)
828 return error;
829
830 return i;
831 }
832
ioctl_read_file_signature(struct file * f,void __user * arg)833 static long ioctl_read_file_signature(struct file *f, void __user *arg)
834 {
835 struct incfs_get_file_sig_args __user *args_usr_ptr = arg;
836 struct incfs_get_file_sig_args args = {};
837 u8 *sig_buffer = NULL;
838 size_t sig_buf_size = 0;
839 int error = 0;
840 int read_result = 0;
841 struct data_file *df = get_incfs_data_file(f);
842
843 if (!df)
844 return -EINVAL;
845
846 if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
847 return -EINVAL;
848
849 sig_buf_size = args.file_signature_buf_size;
850 if (sig_buf_size > INCFS_MAX_SIGNATURE_SIZE)
851 return -E2BIG;
852
853 sig_buffer = kzalloc(sig_buf_size, GFP_NOFS | __GFP_COMP);
854 if (!sig_buffer)
855 return -ENOMEM;
856
857 read_result = incfs_read_file_signature(df,
858 range(sig_buffer, sig_buf_size));
859
860 if (read_result < 0) {
861 error = read_result;
862 goto out;
863 }
864
865 if (copy_to_user(u64_to_user_ptr(args.file_signature), sig_buffer,
866 read_result)) {
867 error = -EFAULT;
868 goto out;
869 }
870
871 args.file_signature_len_out = read_result;
872 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
873 error = -EFAULT;
874
875 out:
876 kfree(sig_buffer);
877
878 return error;
879 }
880
ioctl_get_filled_blocks(struct file * f,void __user * arg)881 static long ioctl_get_filled_blocks(struct file *f, void __user *arg)
882 {
883 struct incfs_get_filled_blocks_args __user *args_usr_ptr = arg;
884 struct incfs_get_filled_blocks_args args = {};
885 struct data_file *df = get_incfs_data_file(f);
886 struct incfs_file_data *fd = f->private_data;
887 int error;
888
889 if (!df || !fd)
890 return -EINVAL;
891
892 if (fd->fd_fill_permission != CAN_FILL)
893 return -EPERM;
894
895 if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
896 return -EINVAL;
897
898 error = incfs_get_filled_blocks(df, fd, &args);
899
900 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
901 return -EFAULT;
902
903 return error;
904 }
905
ioctl_get_block_count(struct file * f,void __user * arg)906 static long ioctl_get_block_count(struct file *f, void __user *arg)
907 {
908 struct incfs_get_block_count_args __user *args_usr_ptr = arg;
909 struct incfs_get_block_count_args args = {};
910 struct data_file *df = get_incfs_data_file(f);
911
912 if (!df)
913 return -EINVAL;
914
915 args.total_data_blocks_out = df->df_data_block_count;
916 args.filled_data_blocks_out = atomic_read(&df->df_data_blocks_written);
917 args.total_hash_blocks_out = df->df_total_block_count -
918 df->df_data_block_count;
919 args.filled_hash_blocks_out = atomic_read(&df->df_hash_blocks_written);
920
921 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
922 return -EFAULT;
923
924 return 0;
925 }
926
incfs_ioctl_get_flags(struct file * f,void __user * arg)927 static int incfs_ioctl_get_flags(struct file *f, void __user *arg)
928 {
929 u32 flags = IS_VERITY(file_inode(f)) ? FS_VERITY_FL : 0;
930
931 return put_user(flags, (int __user *) arg);
932 }
933
dispatch_ioctl(struct file * f,unsigned int req,unsigned long arg)934 static long dispatch_ioctl(struct file *f, unsigned int req, unsigned long arg)
935 {
936 switch (req) {
937 case INCFS_IOC_FILL_BLOCKS:
938 return ioctl_fill_blocks(f, (void __user *)arg);
939 case INCFS_IOC_READ_FILE_SIGNATURE:
940 return ioctl_read_file_signature(f, (void __user *)arg);
941 case INCFS_IOC_GET_FILLED_BLOCKS:
942 return ioctl_get_filled_blocks(f, (void __user *)arg);
943 case INCFS_IOC_GET_BLOCK_COUNT:
944 return ioctl_get_block_count(f, (void __user *)arg);
945 case FS_IOC_ENABLE_VERITY:
946 return incfs_ioctl_enable_verity(f, (const void __user *)arg);
947 case FS_IOC_GETFLAGS:
948 return incfs_ioctl_get_flags(f, (void __user *) arg);
949 case FS_IOC_MEASURE_VERITY:
950 return incfs_ioctl_measure_verity(f, (void __user *)arg);
951 case FS_IOC_READ_VERITY_METADATA:
952 return incfs_ioctl_read_verity_metadata(f, (void __user *)arg);
953 default:
954 return -EINVAL;
955 }
956 }
957
958 #ifdef CONFIG_COMPAT
incfs_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)959 static long incfs_compat_ioctl(struct file *file, unsigned int cmd,
960 unsigned long arg)
961 {
962 switch (cmd) {
963 case FS_IOC32_GETFLAGS:
964 cmd = FS_IOC_GETFLAGS;
965 break;
966 case INCFS_IOC_FILL_BLOCKS:
967 case INCFS_IOC_READ_FILE_SIGNATURE:
968 case INCFS_IOC_GET_FILLED_BLOCKS:
969 case INCFS_IOC_GET_BLOCK_COUNT:
970 case FS_IOC_ENABLE_VERITY:
971 case FS_IOC_MEASURE_VERITY:
972 case FS_IOC_READ_VERITY_METADATA:
973 break;
974 default:
975 return -ENOIOCTLCMD;
976 }
977 return dispatch_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
978 }
979 #endif
980
dir_lookup(struct inode * dir_inode,struct dentry * dentry,unsigned int flags)981 static struct dentry *dir_lookup(struct inode *dir_inode, struct dentry *dentry,
982 unsigned int flags)
983 {
984 struct mount_info *mi = get_mount_info(dir_inode->i_sb);
985 struct dentry *dir_dentry = NULL;
986 struct dentry *backing_dentry = NULL;
987 struct path dir_backing_path = {};
988 struct inode_info *dir_info = get_incfs_node(dir_inode);
989 int err = 0;
990
991 if (!mi || !dir_info || !dir_info->n_backing_inode)
992 return ERR_PTR(-EBADF);
993
994 if (d_inode(mi->mi_backing_dir_path.dentry) ==
995 dir_info->n_backing_inode) {
996 /* We do lookup in the FS root. Show pseudo files. */
997 err = dir_lookup_pseudo_files(dir_inode->i_sb, dentry);
998 if (err != -ENOENT)
999 goto out;
1000 err = 0;
1001 }
1002
1003 dir_dentry = dget_parent(dentry);
1004 get_incfs_backing_path(dir_dentry, &dir_backing_path);
1005 backing_dentry = incfs_lookup_dentry(dir_backing_path.dentry,
1006 dentry->d_name.name);
1007
1008 if (!backing_dentry || IS_ERR(backing_dentry)) {
1009 err = IS_ERR(backing_dentry)
1010 ? PTR_ERR(backing_dentry)
1011 : -EFAULT;
1012 backing_dentry = NULL;
1013 goto out;
1014 } else {
1015 struct inode *inode = NULL;
1016 struct path backing_path = {
1017 .mnt = dir_backing_path.mnt,
1018 .dentry = backing_dentry
1019 };
1020
1021 err = incfs_init_dentry(dentry, &backing_path);
1022 if (err)
1023 goto out;
1024
1025 if (!d_really_is_positive(backing_dentry)) {
1026 /*
1027 * No such entry found in the backing dir.
1028 * Create a negative entry.
1029 */
1030 d_add(dentry, NULL);
1031 err = 0;
1032 goto out;
1033 }
1034
1035 if (d_inode(backing_dentry)->i_sb !=
1036 dir_info->n_backing_inode->i_sb) {
1037 /*
1038 * Somehow after the path lookup we ended up in a
1039 * different fs mount. If we keep going it's going
1040 * to end badly.
1041 */
1042 err = -EXDEV;
1043 goto out;
1044 }
1045
1046 inode = fetch_regular_inode(dir_inode->i_sb, backing_dentry);
1047 if (IS_ERR(inode)) {
1048 err = PTR_ERR(inode);
1049 goto out;
1050 }
1051
1052 d_add(dentry, inode);
1053 }
1054
1055 out:
1056 dput(dir_dentry);
1057 dput(backing_dentry);
1058 path_put(&dir_backing_path);
1059 if (err)
1060 pr_debug("incfs: %s %s %d\n", __func__,
1061 dentry->d_name.name, err);
1062 return ERR_PTR(err);
1063 }
1064
dir_mkdir(struct mnt_idmap * idmap,struct inode * dir,struct dentry * dentry,umode_t mode)1065 static int dir_mkdir(struct mnt_idmap *idmap, struct inode *dir, struct dentry *dentry, umode_t mode)
1066 {
1067 struct mount_info *mi = get_mount_info(dir->i_sb);
1068 struct inode_info *dir_node = get_incfs_node(dir);
1069 struct dentry *backing_dentry = NULL;
1070 struct path backing_path = {};
1071 int err = 0;
1072
1073
1074 if (!mi || !dir_node || !dir_node->n_backing_inode)
1075 return -EBADF;
1076
1077 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1078 if (err)
1079 return err;
1080
1081 get_incfs_backing_path(dentry, &backing_path);
1082 backing_dentry = backing_path.dentry;
1083
1084 if (!backing_dentry) {
1085 err = -EBADF;
1086 goto path_err;
1087 }
1088
1089 if (backing_dentry->d_parent == mi->mi_index_dir) {
1090 /* Can't create a subdir inside .index */
1091 err = -EBUSY;
1092 goto out;
1093 }
1094
1095 if (backing_dentry->d_parent == mi->mi_incomplete_dir) {
1096 /* Can't create a subdir inside .incomplete */
1097 err = -EBUSY;
1098 goto out;
1099 }
1100 inode_lock_nested(dir_node->n_backing_inode, I_MUTEX_PARENT);
1101 err = vfs_mkdir(idmap, dir_node->n_backing_inode, backing_dentry, mode | 0222);
1102 inode_unlock(dir_node->n_backing_inode);
1103 if (!err) {
1104 struct inode *inode = NULL;
1105
1106 if (d_really_is_negative(backing_dentry) ||
1107 unlikely(d_unhashed(backing_dentry))) {
1108 err = -EINVAL;
1109 goto out;
1110 }
1111
1112 inode = fetch_regular_inode(dir->i_sb, backing_dentry);
1113 if (IS_ERR(inode)) {
1114 err = PTR_ERR(inode);
1115 goto out;
1116 }
1117 d_instantiate(dentry, inode);
1118 }
1119
1120 out:
1121 if (d_really_is_negative(dentry))
1122 d_drop(dentry);
1123 path_put(&backing_path);
1124
1125 path_err:
1126 mutex_unlock(&mi->mi_dir_struct_mutex);
1127 if (err)
1128 pr_debug("incfs: %s err:%d\n", __func__, err);
1129 return err;
1130 }
1131
1132 /*
1133 * Delete file referenced by backing_dentry and if appropriate its hardlink
1134 * from .index and .incomplete
1135 */
file_delete(struct mount_info * mi,struct dentry * dentry,struct dentry * backing_dentry,int nlink)1136 static int file_delete(struct mount_info *mi, struct dentry *dentry,
1137 struct dentry *backing_dentry, int nlink)
1138 {
1139 struct dentry *index_file_dentry = NULL;
1140 struct dentry *incomplete_file_dentry = NULL;
1141 /* 2 chars per byte of file ID + 1 char for \0 */
1142 char file_id_str[2 * sizeof(incfs_uuid_t) + 1] = {0};
1143 ssize_t uuid_size = 0;
1144 int error = 0;
1145
1146 WARN_ON(!mutex_is_locked(&mi->mi_dir_struct_mutex));
1147
1148 if (nlink > 3)
1149 goto just_unlink;
1150
1151 uuid_size = vfs_getxattr(&nop_mnt_idmap, backing_dentry, INCFS_XATTR_ID_NAME,
1152 file_id_str, 2 * sizeof(incfs_uuid_t));
1153 if (uuid_size < 0) {
1154 error = uuid_size;
1155 goto out;
1156 }
1157
1158 if (uuid_size != 2 * sizeof(incfs_uuid_t)) {
1159 error = -EBADMSG;
1160 goto out;
1161 }
1162
1163 index_file_dentry = incfs_lookup_dentry(mi->mi_index_dir, file_id_str);
1164 if (IS_ERR(index_file_dentry)) {
1165 error = PTR_ERR(index_file_dentry);
1166 index_file_dentry = NULL;
1167 goto out;
1168 }
1169
1170 if (d_really_is_positive(index_file_dentry) && nlink > 0)
1171 nlink--;
1172
1173 if (nlink > 2)
1174 goto just_unlink;
1175
1176 incomplete_file_dentry = incfs_lookup_dentry(mi->mi_incomplete_dir,
1177 file_id_str);
1178 if (IS_ERR(incomplete_file_dentry)) {
1179 error = PTR_ERR(incomplete_file_dentry);
1180 incomplete_file_dentry = NULL;
1181 goto out;
1182 }
1183
1184 if (d_really_is_positive(incomplete_file_dentry) && nlink > 0)
1185 nlink--;
1186
1187 if (nlink > 1)
1188 goto just_unlink;
1189
1190 if (d_really_is_positive(index_file_dentry)) {
1191 error = incfs_unlink(index_file_dentry);
1192 if (error)
1193 goto out;
1194 notify_unlink(dentry, file_id_str, INCFS_INDEX_NAME);
1195 }
1196
1197 if (d_really_is_positive(incomplete_file_dentry)) {
1198 error = incfs_unlink(incomplete_file_dentry);
1199 if (error)
1200 goto out;
1201 notify_unlink(dentry, file_id_str, INCFS_INCOMPLETE_NAME);
1202 }
1203
1204 just_unlink:
1205 error = incfs_unlink(backing_dentry);
1206
1207 out:
1208 dput(index_file_dentry);
1209 dput(incomplete_file_dentry);
1210 if (error)
1211 pr_debug("incfs: delete_file_from_index err:%d\n", error);
1212 return error;
1213 }
1214
dir_unlink(struct inode * dir,struct dentry * dentry)1215 static int dir_unlink(struct inode *dir, struct dentry *dentry)
1216 {
1217 struct mount_info *mi = get_mount_info(dir->i_sb);
1218 struct path backing_path = {};
1219 struct kstat stat;
1220 int err = 0;
1221
1222 if (!mi)
1223 return -EBADF;
1224
1225 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1226 if (err)
1227 return err;
1228
1229 get_incfs_backing_path(dentry, &backing_path);
1230 if (!backing_path.dentry) {
1231 err = -EBADF;
1232 goto path_err;
1233 }
1234
1235 if (backing_path.dentry->d_parent == mi->mi_index_dir) {
1236 /* Direct unlink from .index are not allowed. */
1237 err = -EBUSY;
1238 goto out;
1239 }
1240
1241 if (backing_path.dentry->d_parent == mi->mi_incomplete_dir) {
1242 /* Direct unlink from .incomplete are not allowed. */
1243 err = -EBUSY;
1244 goto out;
1245 }
1246
1247 err = vfs_getattr(&backing_path, &stat, STATX_NLINK,
1248 AT_STATX_SYNC_AS_STAT);
1249 if (err)
1250 goto out;
1251
1252 err = file_delete(mi, dentry, backing_path.dentry, stat.nlink);
1253
1254 d_drop(dentry);
1255 out:
1256 path_put(&backing_path);
1257 path_err:
1258 if (err)
1259 pr_debug("incfs: %s err:%d\n", __func__, err);
1260 mutex_unlock(&mi->mi_dir_struct_mutex);
1261 return err;
1262 }
1263
dir_link(struct dentry * old_dentry,struct inode * dir,struct dentry * new_dentry)1264 static int dir_link(struct dentry *old_dentry, struct inode *dir,
1265 struct dentry *new_dentry)
1266 {
1267 struct mount_info *mi = get_mount_info(dir->i_sb);
1268 struct path backing_old_path = {};
1269 struct path backing_new_path = {};
1270 int error = 0;
1271
1272 if (!mi)
1273 return -EBADF;
1274
1275 error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1276 if (error)
1277 return error;
1278
1279 get_incfs_backing_path(old_dentry, &backing_old_path);
1280 get_incfs_backing_path(new_dentry, &backing_new_path);
1281
1282 if (backing_new_path.dentry->d_parent == mi->mi_index_dir) {
1283 /* Can't link to .index */
1284 error = -EBUSY;
1285 goto out;
1286 }
1287
1288 if (backing_new_path.dentry->d_parent == mi->mi_incomplete_dir) {
1289 /* Can't link to .incomplete */
1290 error = -EBUSY;
1291 goto out;
1292 }
1293
1294 error = incfs_link(backing_old_path.dentry, backing_new_path.dentry);
1295 if (!error) {
1296 struct inode *inode = NULL;
1297 struct dentry *bdentry = backing_new_path.dentry;
1298
1299 if (d_really_is_negative(bdentry)) {
1300 error = -EINVAL;
1301 goto out;
1302 }
1303
1304 inode = fetch_regular_inode(dir->i_sb, bdentry);
1305 if (IS_ERR(inode)) {
1306 error = PTR_ERR(inode);
1307 goto out;
1308 }
1309 d_instantiate(new_dentry, inode);
1310 }
1311
1312 out:
1313 path_put(&backing_old_path);
1314 path_put(&backing_new_path);
1315 if (error)
1316 pr_debug("incfs: %s err:%d\n", __func__, error);
1317 mutex_unlock(&mi->mi_dir_struct_mutex);
1318 return error;
1319 }
1320
dir_rmdir(struct inode * dir,struct dentry * dentry)1321 static int dir_rmdir(struct inode *dir, struct dentry *dentry)
1322 {
1323 struct mount_info *mi = get_mount_info(dir->i_sb);
1324 struct path backing_path = {};
1325 int err = 0;
1326
1327 if (!mi)
1328 return -EBADF;
1329
1330 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1331 if (err)
1332 return err;
1333
1334 get_incfs_backing_path(dentry, &backing_path);
1335 if (!backing_path.dentry) {
1336 err = -EBADF;
1337 goto path_err;
1338 }
1339
1340 if (backing_path.dentry == mi->mi_index_dir) {
1341 /* Can't delete .index */
1342 err = -EBUSY;
1343 goto out;
1344 }
1345
1346 if (backing_path.dentry == mi->mi_incomplete_dir) {
1347 /* Can't delete .incomplete */
1348 err = -EBUSY;
1349 goto out;
1350 }
1351
1352 err = incfs_rmdir(backing_path.dentry);
1353 if (!err)
1354 d_drop(dentry);
1355 out:
1356 path_put(&backing_path);
1357
1358 path_err:
1359 if (err)
1360 pr_debug("incfs: %s err:%d\n", __func__, err);
1361 mutex_unlock(&mi->mi_dir_struct_mutex);
1362 return err;
1363 }
1364
dir_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)1365 static int dir_rename(struct inode *old_dir, struct dentry *old_dentry,
1366 struct inode *new_dir, struct dentry *new_dentry,
1367 unsigned int flags)
1368 {
1369 struct mount_info *mi = get_mount_info(old_dir->i_sb);
1370 struct dentry *backing_old_dentry;
1371 struct dentry *backing_new_dentry;
1372 struct dentry *backing_old_dir_dentry;
1373 struct dentry *backing_new_dir_dentry;
1374 struct inode *target_inode;
1375 struct dentry *trap;
1376 struct renamedata rd = {};
1377 int error = 0;
1378
1379 error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1380 if (error)
1381 return error;
1382
1383 backing_old_dentry = get_incfs_dentry(old_dentry)->backing_path.dentry;
1384
1385 if (!backing_old_dentry || backing_old_dentry == mi->mi_index_dir ||
1386 backing_old_dentry == mi->mi_incomplete_dir) {
1387 /* Renaming .index or .incomplete not allowed */
1388 error = -EBUSY;
1389 goto exit;
1390 }
1391
1392 backing_new_dentry = get_incfs_dentry(new_dentry)->backing_path.dentry;
1393 dget(backing_old_dentry);
1394 dget(backing_new_dentry);
1395
1396 backing_old_dir_dentry = dget_parent(backing_old_dentry);
1397 backing_new_dir_dentry = dget_parent(backing_new_dentry);
1398 target_inode = d_inode(new_dentry);
1399
1400 if (backing_old_dir_dentry == mi->mi_index_dir ||
1401 backing_old_dir_dentry == mi->mi_incomplete_dir) {
1402 /* Direct moves from .index or .incomplete are not allowed. */
1403 error = -EBUSY;
1404 goto out;
1405 }
1406
1407 trap = lock_rename(backing_old_dir_dentry, backing_new_dir_dentry);
1408
1409 if (trap == backing_old_dentry) {
1410 error = -EINVAL;
1411 goto unlock_out;
1412 }
1413 if (trap == backing_new_dentry) {
1414 error = -ENOTEMPTY;
1415 goto unlock_out;
1416 }
1417
1418 rd.old_dir = d_inode(backing_old_dir_dentry);
1419 rd.old_dentry = backing_old_dentry;
1420 rd.new_dir = d_inode(backing_new_dir_dentry);
1421 rd.new_dentry = backing_new_dentry;
1422 rd.flags = flags;
1423 rd.old_mnt_idmap = &nop_mnt_idmap;
1424 rd.new_mnt_idmap = &nop_mnt_idmap;
1425 rd.delegated_inode = NULL;
1426
1427 error = vfs_rename(&rd);
1428 if (error)
1429 goto unlock_out;
1430 if (target_inode)
1431 fsstack_copy_attr_all(target_inode,
1432 get_incfs_node(target_inode)->n_backing_inode);
1433 fsstack_copy_attr_all(new_dir, d_inode(backing_new_dir_dentry));
1434 if (new_dir != old_dir)
1435 fsstack_copy_attr_all(old_dir, d_inode(backing_old_dir_dentry));
1436
1437 unlock_out:
1438 unlock_rename(backing_old_dir_dentry, backing_new_dir_dentry);
1439
1440 out:
1441 dput(backing_new_dir_dentry);
1442 dput(backing_old_dir_dentry);
1443 dput(backing_new_dentry);
1444 dput(backing_old_dentry);
1445
1446 exit:
1447 mutex_unlock(&mi->mi_dir_struct_mutex);
1448 if (error)
1449 pr_debug("incfs: %s err:%d\n", __func__, error);
1450 return error;
1451 }
1452
1453
file_open(struct inode * inode,struct file * file)1454 static int file_open(struct inode *inode, struct file *file)
1455 {
1456 struct mount_info *mi = get_mount_info(inode->i_sb);
1457 struct file *backing_file = NULL;
1458 struct path backing_path = {};
1459 int err = 0;
1460 int flags = O_NOATIME | O_LARGEFILE |
1461 (S_ISDIR(inode->i_mode) ? O_RDONLY : O_RDWR);
1462 const struct cred *old_cred;
1463
1464 WARN_ON(file->private_data);
1465
1466 if (!mi)
1467 return -EBADF;
1468
1469 get_incfs_backing_path(file->f_path.dentry, &backing_path);
1470 if (!backing_path.dentry)
1471 return -EBADF;
1472
1473 old_cred = override_creds(mi->mi_owner);
1474 backing_file = dentry_open(&backing_path, flags, current_cred());
1475 revert_creds(old_cred);
1476 path_put(&backing_path);
1477
1478 if (IS_ERR(backing_file)) {
1479 err = PTR_ERR(backing_file);
1480 backing_file = NULL;
1481 goto out;
1482 }
1483
1484 if (S_ISREG(inode->i_mode)) {
1485 struct incfs_file_data *fd = kzalloc(sizeof(*fd), GFP_NOFS);
1486
1487 if (!fd) {
1488 err = -ENOMEM;
1489 goto out;
1490 }
1491
1492 *fd = (struct incfs_file_data) {
1493 .fd_fill_permission = CANT_FILL,
1494 };
1495 file->private_data = fd;
1496
1497 err = make_inode_ready_for_data_ops(mi, inode, backing_file);
1498 if (err)
1499 goto out;
1500
1501 err = incfs_fsverity_file_open(inode, file);
1502 if (err)
1503 goto out;
1504 } else if (S_ISDIR(inode->i_mode)) {
1505 struct dir_file *dir = NULL;
1506
1507 dir = incfs_open_dir_file(mi, backing_file);
1508 if (IS_ERR(dir))
1509 err = PTR_ERR(dir);
1510 else
1511 file->private_data = dir;
1512 } else
1513 err = -EBADF;
1514
1515 out:
1516 if (err) {
1517 pr_debug("name:%s err: %d\n",
1518 file->f_path.dentry->d_name.name, err);
1519 if (S_ISREG(inode->i_mode))
1520 kfree(file->private_data);
1521 else if (S_ISDIR(inode->i_mode))
1522 incfs_free_dir_file(file->private_data);
1523
1524 file->private_data = NULL;
1525 }
1526
1527 if (backing_file)
1528 fput(backing_file);
1529 return err;
1530 }
1531
file_release(struct inode * inode,struct file * file)1532 static int file_release(struct inode *inode, struct file *file)
1533 {
1534 if (S_ISREG(inode->i_mode)) {
1535 kfree(file->private_data);
1536 file->private_data = NULL;
1537 } else if (S_ISDIR(inode->i_mode)) {
1538 struct dir_file *dir = get_incfs_dir_file(file);
1539
1540 incfs_free_dir_file(dir);
1541 }
1542
1543 return 0;
1544 }
1545
dentry_revalidate(struct dentry * d,unsigned int flags)1546 static int dentry_revalidate(struct dentry *d, unsigned int flags)
1547 {
1548 struct path backing_path = {};
1549 struct inode_info *info = get_incfs_node(d_inode(d));
1550 struct inode *binode = (info == NULL) ? NULL : info->n_backing_inode;
1551 struct dentry *backing_dentry = NULL;
1552 int result = 0;
1553
1554 if (flags & LOOKUP_RCU)
1555 return -ECHILD;
1556
1557 get_incfs_backing_path(d, &backing_path);
1558 backing_dentry = backing_path.dentry;
1559 if (!backing_dentry)
1560 goto out;
1561
1562 if (d_inode(backing_dentry) != binode) {
1563 /*
1564 * Backing inodes obtained via dentry and inode don't match.
1565 * It indicates that most likely backing dir has changed
1566 * directly bypassing Incremental FS interface.
1567 */
1568 goto out;
1569 }
1570
1571 if (backing_dentry->d_flags & DCACHE_OP_REVALIDATE) {
1572 result = backing_dentry->d_op->d_revalidate(backing_dentry,
1573 flags);
1574 } else
1575 result = 1;
1576
1577 out:
1578 path_put(&backing_path);
1579 return result;
1580 }
1581
dentry_release(struct dentry * d)1582 static void dentry_release(struct dentry *d)
1583 {
1584 struct dentry_info *di = get_incfs_dentry(d);
1585
1586 if (di)
1587 path_put(&di->backing_path);
1588 kfree(d->d_fsdata);
1589 d->d_fsdata = NULL;
1590 }
1591
alloc_inode(struct super_block * sb)1592 static struct inode *alloc_inode(struct super_block *sb)
1593 {
1594 struct inode_info *node = kzalloc(sizeof(*node), GFP_NOFS);
1595
1596 /* TODO: add a slab-based cache here. */
1597 if (!node)
1598 return NULL;
1599 inode_init_once(&node->n_vfs_inode);
1600 return &node->n_vfs_inode;
1601 }
1602
free_inode(struct inode * inode)1603 static void free_inode(struct inode *inode)
1604 {
1605 struct inode_info *node = get_incfs_node(inode);
1606
1607 kfree(node);
1608 }
1609
evict_inode(struct inode * inode)1610 static void evict_inode(struct inode *inode)
1611 {
1612 struct inode_info *node = get_incfs_node(inode);
1613
1614 if (node) {
1615 if (node->n_backing_inode) {
1616 iput(node->n_backing_inode);
1617 node->n_backing_inode = NULL;
1618 }
1619 if (node->n_file) {
1620 incfs_free_data_file(node->n_file);
1621 node->n_file = NULL;
1622 }
1623 }
1624
1625 truncate_inode_pages(&inode->i_data, 0);
1626 clear_inode(inode);
1627 }
1628
incfs_setattr(struct mnt_idmap * idmap,struct dentry * dentry,struct iattr * ia)1629 static int incfs_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
1630 struct iattr *ia)
1631 {
1632 struct dentry_info *di = get_incfs_dentry(dentry);
1633 struct dentry *backing_dentry;
1634 struct inode *backing_inode;
1635 int error;
1636
1637 if (ia->ia_valid & ATTR_SIZE)
1638 return -EINVAL;
1639
1640 if ((ia->ia_valid & (ATTR_KILL_SUID|ATTR_KILL_SGID)) &&
1641 (ia->ia_valid & ATTR_MODE))
1642 return -EINVAL;
1643
1644 if (!di)
1645 return -EINVAL;
1646 backing_dentry = di->backing_path.dentry;
1647 if (!backing_dentry)
1648 return -EINVAL;
1649
1650 backing_inode = d_inode(backing_dentry);
1651
1652 /* incfs files are readonly, but the backing files must be writeable */
1653 if (S_ISREG(backing_inode->i_mode)) {
1654 if ((ia->ia_valid & ATTR_MODE) && (ia->ia_mode & 0222))
1655 return -EINVAL;
1656
1657 ia->ia_mode |= 0222;
1658 }
1659
1660 inode_lock(d_inode(backing_dentry));
1661 error = notify_change(idmap, backing_dentry, ia, NULL);
1662 inode_unlock(d_inode(backing_dentry));
1663
1664 if (error)
1665 return error;
1666
1667 if (S_ISREG(backing_inode->i_mode))
1668 ia->ia_mode &= ~0222;
1669
1670 return simple_setattr(idmap, dentry, ia);
1671 }
1672
1673
incfs_getattr(struct mnt_idmap * idmap,const struct path * path,struct kstat * stat,u32 request_mask,unsigned int query_flags)1674 static int incfs_getattr(struct mnt_idmap *idmap, const struct path *path,
1675 struct kstat *stat, u32 request_mask,
1676 unsigned int query_flags)
1677 {
1678 struct inode *inode = d_inode(path->dentry);
1679
1680 generic_fillattr(idmap, request_mask, inode, stat);
1681
1682 if (inode->i_ino < INCFS_START_INO_RANGE)
1683 return 0;
1684
1685 stat->attributes &= ~STATX_ATTR_VERITY;
1686 if (IS_VERITY(inode))
1687 stat->attributes |= STATX_ATTR_VERITY;
1688 stat->attributes_mask |= STATX_ATTR_VERITY;
1689
1690 if (request_mask & STATX_BLOCKS) {
1691 struct kstat backing_kstat;
1692 struct dentry_info *di = get_incfs_dentry(path->dentry);
1693 int error = 0;
1694 struct path *backing_path;
1695
1696 if (!di)
1697 return -EFSCORRUPTED;
1698 backing_path = &di->backing_path;
1699 error = vfs_getattr(backing_path, &backing_kstat, STATX_BLOCKS,
1700 AT_STATX_SYNC_AS_STAT);
1701 if (error)
1702 return error;
1703
1704 stat->blocks = backing_kstat.blocks;
1705 }
1706
1707 return 0;
1708 }
1709
incfs_getxattr(struct dentry * d,const char * name,void * value,size_t size)1710 static ssize_t incfs_getxattr(struct dentry *d, const char *name,
1711 void *value, size_t size)
1712 {
1713 struct dentry_info *di = get_incfs_dentry(d);
1714 struct mount_info *mi = get_mount_info(d->d_sb);
1715 char *stored_value;
1716 size_t stored_size;
1717 int i;
1718
1719 if (di && di->backing_path.dentry)
1720 return vfs_getxattr(&nop_mnt_idmap, di->backing_path.dentry, name, value, size);
1721
1722 if (strcmp(name, "security.selinux"))
1723 return -ENODATA;
1724
1725 for (i = 0; i < PSEUDO_FILE_COUNT; ++i)
1726 if (!strcmp(d->d_iname, incfs_pseudo_file_names[i].data))
1727 break;
1728 if (i == PSEUDO_FILE_COUNT)
1729 return -ENODATA;
1730
1731 stored_value = mi->pseudo_file_xattr[i].data;
1732 stored_size = mi->pseudo_file_xattr[i].len;
1733 if (!stored_value)
1734 return -ENODATA;
1735
1736 if (stored_size > size)
1737 return -E2BIG;
1738
1739 memcpy(value, stored_value, stored_size);
1740 return stored_size;
1741 }
1742
1743
incfs_setxattr(struct mnt_idmap * idmap,struct dentry * d,const char * name,void * value,size_t size,int flags)1744 static ssize_t incfs_setxattr(struct mnt_idmap *idmap, struct dentry *d,
1745 const char *name, void *value, size_t size,
1746 int flags)
1747 {
1748 struct dentry_info *di = get_incfs_dentry(d);
1749 struct mount_info *mi = get_mount_info(d->d_sb);
1750 u8 **stored_value;
1751 size_t *stored_size;
1752 int i;
1753
1754 if (di && di->backing_path.dentry)
1755 return vfs_setxattr(idmap, di->backing_path.dentry, name, value,
1756 size, flags);
1757
1758 if (strcmp(name, "security.selinux"))
1759 return -ENODATA;
1760
1761 if (size > INCFS_MAX_FILE_ATTR_SIZE)
1762 return -E2BIG;
1763
1764 for (i = 0; i < PSEUDO_FILE_COUNT; ++i)
1765 if (!strcmp(d->d_iname, incfs_pseudo_file_names[i].data))
1766 break;
1767 if (i == PSEUDO_FILE_COUNT)
1768 return -ENODATA;
1769
1770 stored_value = &mi->pseudo_file_xattr[i].data;
1771 stored_size = &mi->pseudo_file_xattr[i].len;
1772 kfree (*stored_value);
1773 *stored_value = kzalloc(size, GFP_NOFS);
1774 if (!*stored_value)
1775 return -ENOMEM;
1776
1777 memcpy(*stored_value, value, size);
1778 *stored_size = size;
1779 return 0;
1780 }
1781
incfs_listxattr(struct dentry * d,char * list,size_t size)1782 static ssize_t incfs_listxattr(struct dentry *d, char *list, size_t size)
1783 {
1784 struct dentry_info *di = get_incfs_dentry(d);
1785
1786 if (!di || !di->backing_path.dentry)
1787 return -ENODATA;
1788
1789 return vfs_listxattr(di->backing_path.dentry, list, size);
1790 }
1791
incfs_mount_fs(struct file_system_type * type,int flags,const char * dev_name,void * data)1792 struct dentry *incfs_mount_fs(struct file_system_type *type, int flags,
1793 const char *dev_name, void *data)
1794 {
1795 struct mount_options options = {};
1796 struct mount_info *mi = NULL;
1797 struct path backing_dir_path = {};
1798 struct dentry *index_dir = NULL;
1799 struct dentry *incomplete_dir = NULL;
1800 struct super_block *src_fs_sb = NULL;
1801 struct inode *root_inode = NULL;
1802 struct super_block *sb = sget(type, NULL, set_anon_super, flags, NULL);
1803 bool dir_created = false;
1804 int error = 0;
1805
1806 if (IS_ERR(sb))
1807 return ERR_CAST(sb);
1808
1809 sb->s_op = &incfs_super_ops;
1810 sb->s_d_op = &incfs_dentry_ops;
1811 sb->s_flags |= S_NOATIME;
1812 sb->s_magic = INCFS_MAGIC_NUMBER;
1813 sb->s_time_gran = 1;
1814 sb->s_blocksize = INCFS_DATA_FILE_BLOCK_SIZE;
1815 sb->s_blocksize_bits = blksize_bits(sb->s_blocksize);
1816 sb->s_xattr = incfs_xattr_ops;
1817
1818 if (!dev_name) {
1819 pr_err("incfs: Backing dir is not set, filesystem can't be mounted.\n");
1820 error = -ENOENT;
1821 goto err_deactivate;
1822 }
1823
1824 error = parse_options(&options, (char *)data);
1825 if (error != 0) {
1826 pr_err("incfs: Options parsing error. %d\n", error);
1827 goto err_deactivate;
1828 }
1829
1830 sb->s_bdi->ra_pages = options.readahead_pages;
1831 if (!dev_name) {
1832 pr_err("incfs: Backing dir is not set, filesystem can't be mounted.\n");
1833 error = -ENOENT;
1834 goto err_free_opts;
1835 }
1836
1837 error = kern_path(dev_name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
1838 &backing_dir_path);
1839 if (error || backing_dir_path.dentry == NULL ||
1840 !d_really_is_positive(backing_dir_path.dentry)) {
1841 pr_err("incfs: Error accessing: %s.\n",
1842 dev_name);
1843 goto err_free_opts;
1844 }
1845 src_fs_sb = backing_dir_path.dentry->d_sb;
1846 sb->s_maxbytes = src_fs_sb->s_maxbytes;
1847 sb->s_stack_depth = src_fs_sb->s_stack_depth + 1;
1848
1849 if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
1850 error = -EINVAL;
1851 goto err_put_path;
1852 }
1853
1854 mi = incfs_alloc_mount_info(sb, &options, &backing_dir_path);
1855 if (IS_ERR_OR_NULL(mi)) {
1856 error = PTR_ERR(mi);
1857 pr_err("incfs: Error allocating mount info. %d\n", error);
1858 goto err_put_path;
1859 }
1860
1861 sb->s_fs_info = mi;
1862 mi->mi_backing_dir_path = backing_dir_path;
1863 index_dir = open_or_create_special_dir(backing_dir_path.dentry,
1864 INCFS_INDEX_NAME, &dir_created);
1865 if (IS_ERR_OR_NULL(index_dir)) {
1866 error = PTR_ERR(index_dir);
1867 pr_err("incfs: Can't find or create .index dir in %s\n",
1868 dev_name);
1869 /* No need to null index_dir since we don't put it */
1870 goto err_put_path;
1871 }
1872
1873 mi->mi_index_dir = index_dir;
1874 mi->mi_index_free = dir_created;
1875
1876 incomplete_dir = open_or_create_special_dir(backing_dir_path.dentry,
1877 INCFS_INCOMPLETE_NAME,
1878 &dir_created);
1879 if (IS_ERR_OR_NULL(incomplete_dir)) {
1880 error = PTR_ERR(incomplete_dir);
1881 pr_err("incfs: Can't find or create .incomplete dir in %s\n",
1882 dev_name);
1883 /* No need to null incomplete_dir since we don't put it */
1884 goto err_put_path;
1885 }
1886 mi->mi_incomplete_dir = incomplete_dir;
1887 mi->mi_incomplete_free = dir_created;
1888
1889 root_inode = fetch_regular_inode(sb, backing_dir_path.dentry);
1890 if (IS_ERR(root_inode)) {
1891 error = PTR_ERR(root_inode);
1892 goto err_put_path;
1893 }
1894
1895 sb->s_root = d_make_root(root_inode);
1896 if (!sb->s_root) {
1897 error = -ENOMEM;
1898 goto err_put_path;
1899 }
1900 error = incfs_init_dentry(sb->s_root, &backing_dir_path);
1901 if (error)
1902 goto err_put_path;
1903
1904 path_put(&backing_dir_path);
1905 sb->s_flags |= SB_ACTIVE;
1906
1907 pr_debug("incfs: mount\n");
1908 return dget(sb->s_root);
1909
1910 err_put_path:
1911 path_put(&backing_dir_path);
1912 err_free_opts:
1913 free_options(&options);
1914 err_deactivate:
1915 deactivate_locked_super(sb);
1916 pr_err("incfs: mount failed %d\n", error);
1917 return ERR_PTR(error);
1918 }
1919
incfs_remount_fs(struct super_block * sb,int * flags,char * data)1920 static int incfs_remount_fs(struct super_block *sb, int *flags, char *data)
1921 {
1922 struct mount_options options;
1923 struct mount_info *mi = get_mount_info(sb);
1924 int err = 0;
1925
1926 sync_filesystem(sb);
1927 err = parse_options(&options, (char *)data);
1928 if (err)
1929 return err;
1930
1931 if (options.report_uid != mi->mi_options.report_uid) {
1932 pr_err("incfs: Can't change report_uid mount option on remount\n");
1933 err = -EOPNOTSUPP;
1934 goto out;
1935 }
1936
1937 err = incfs_realloc_mount_info(mi, &options);
1938 if (err)
1939 goto out;
1940
1941 pr_debug("incfs: remount\n");
1942
1943 out:
1944 free_options(&options);
1945 return err;
1946 }
1947
incfs_kill_sb(struct super_block * sb)1948 void incfs_kill_sb(struct super_block *sb)
1949 {
1950 struct mount_info *mi = sb->s_fs_info;
1951 struct inode *dinode = NULL;
1952
1953 pr_debug("incfs: unmount\n");
1954
1955 /*
1956 * We must kill the super before freeing mi, since killing the super
1957 * triggers inode eviction, which triggers the final update of the
1958 * backing file, which uses certain information for mi
1959 */
1960 kill_anon_super(sb);
1961
1962 if (mi) {
1963 if (mi->mi_backing_dir_path.dentry)
1964 dinode = d_inode(mi->mi_backing_dir_path.dentry);
1965
1966 if (dinode) {
1967 if (mi->mi_index_dir && mi->mi_index_free)
1968 vfs_rmdir(&nop_mnt_idmap, dinode,
1969 mi->mi_index_dir);
1970
1971 if (mi->mi_incomplete_dir && mi->mi_incomplete_free)
1972 vfs_rmdir(&nop_mnt_idmap, dinode,
1973 mi->mi_incomplete_dir);
1974 }
1975
1976 incfs_free_mount_info(mi);
1977 sb->s_fs_info = NULL;
1978 }
1979 }
1980
show_options(struct seq_file * m,struct dentry * root)1981 static int show_options(struct seq_file *m, struct dentry *root)
1982 {
1983 struct mount_info *mi = get_mount_info(root->d_sb);
1984
1985 seq_printf(m, ",read_timeout_ms=%u", mi->mi_options.read_timeout_ms);
1986 seq_printf(m, ",readahead=%u", mi->mi_options.readahead_pages);
1987 if (mi->mi_options.read_log_pages != 0) {
1988 seq_printf(m, ",rlog_pages=%u", mi->mi_options.read_log_pages);
1989 seq_printf(m, ",rlog_wakeup_cnt=%u",
1990 mi->mi_options.read_log_wakeup_count);
1991 }
1992 if (mi->mi_options.report_uid)
1993 seq_puts(m, ",report_uid");
1994
1995 if (mi->mi_sysfs_node)
1996 seq_printf(m, ",sysfs_name=%s",
1997 kobject_name(&mi->mi_sysfs_node->isn_sysfs_node));
1998 return 0;
1999 }
2000