1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/fs_context.h>
14 #include <linux/moduleparam.h>
15 #include <linux/sched.h>
16 #include <linux/namei.h>
17 #include <linux/slab.h>
18 #include <linux/xattr.h>
19 #include <linux/iversion.h>
20 #include <linux/posix_acl.h>
21 #include <linux/security.h>
22 #include <linux/types.h>
23 #include <linux/kernel.h>
24
25 static bool __read_mostly allow_sys_admin_access;
26 module_param(allow_sys_admin_access, bool, 0644);
27 MODULE_PARM_DESC(allow_sys_admin_access,
28 "Allow users with CAP_SYS_ADMIN in initial userns to bypass allow_other access check");
29
fuse_advise_use_readdirplus(struct inode * dir)30 static void fuse_advise_use_readdirplus(struct inode *dir)
31 {
32 struct fuse_inode *fi = get_fuse_inode(dir);
33
34 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
35 }
36
37 #if BITS_PER_LONG >= 64
__fuse_dentry_settime(struct dentry * entry,u64 time)38 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
39 {
40 entry->d_fsdata = (void *) time;
41 }
42
fuse_dentry_time(const struct dentry * entry)43 static inline u64 fuse_dentry_time(const struct dentry *entry)
44 {
45 return (u64)entry->d_fsdata;
46 }
47
48 #else
49 union fuse_dentry {
50 u64 time;
51 struct rcu_head rcu;
52 };
53
__fuse_dentry_settime(struct dentry * dentry,u64 time)54 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
55 {
56 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
57 }
58
fuse_dentry_time(const struct dentry * entry)59 static inline u64 fuse_dentry_time(const struct dentry *entry)
60 {
61 return ((union fuse_dentry *) entry->d_fsdata)->time;
62 }
63 #endif
64
fuse_dentry_settime(struct dentry * dentry,u64 time)65 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
66 {
67 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
68 bool delete = !time && fc->delete_stale;
69 /*
70 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
71 * Don't care about races, either way it's just an optimization
72 */
73 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
74 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
75 spin_lock(&dentry->d_lock);
76 if (!delete)
77 dentry->d_flags &= ~DCACHE_OP_DELETE;
78 else
79 dentry->d_flags |= DCACHE_OP_DELETE;
80 spin_unlock(&dentry->d_lock);
81 }
82
83 __fuse_dentry_settime(dentry, time);
84 }
85
86 /*
87 * FUSE caches dentries and attributes with separate timeout. The
88 * time in jiffies until the dentry/attributes are valid is stored in
89 * dentry->d_fsdata and fuse_inode->i_time respectively.
90 */
91
92 /*
93 * Calculate the time in jiffies until a dentry/attributes are valid
94 */
time_to_jiffies(u64 sec,u32 nsec)95 static u64 time_to_jiffies(u64 sec, u32 nsec)
96 {
97 if (sec || nsec) {
98 struct timespec64 ts = {
99 sec,
100 min_t(u32, nsec, NSEC_PER_SEC - 1)
101 };
102
103 return get_jiffies_64() + timespec64_to_jiffies(&ts);
104 } else
105 return 0;
106 }
107
108 /*
109 * Set dentry and possibly attribute timeouts from the lookup/mk*
110 * replies
111 */
fuse_change_entry_timeout(struct dentry * entry,struct fuse_entry_out * o)112 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
113 {
114 fuse_dentry_settime(entry,
115 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
116 }
117
attr_timeout(struct fuse_attr_out * o)118 static u64 attr_timeout(struct fuse_attr_out *o)
119 {
120 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
121 }
122
entry_attr_timeout(struct fuse_entry_out * o)123 u64 entry_attr_timeout(struct fuse_entry_out *o)
124 {
125 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
126 }
127
fuse_invalidate_attr_mask(struct inode * inode,u32 mask)128 void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
129 {
130 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
131 }
132
133 /*
134 * Mark the attributes as stale, so that at the next call to
135 * ->getattr() they will be fetched from userspace
136 */
fuse_invalidate_attr(struct inode * inode)137 void fuse_invalidate_attr(struct inode *inode)
138 {
139 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
140 }
141
fuse_dir_changed(struct inode * dir)142 static void fuse_dir_changed(struct inode *dir)
143 {
144 fuse_invalidate_attr(dir);
145 inode_maybe_inc_iversion(dir, false);
146 }
147
148 /**
149 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
150 * atime is not used.
151 */
fuse_invalidate_atime(struct inode * inode)152 void fuse_invalidate_atime(struct inode *inode)
153 {
154 if (!IS_RDONLY(inode))
155 fuse_invalidate_attr_mask(inode, STATX_ATIME);
156 }
157
158 /*
159 * Just mark the entry as stale, so that a next attempt to look it up
160 * will result in a new lookup call to userspace
161 *
162 * This is called when a dentry is about to become negative and the
163 * timeout is unknown (unlink, rmdir, rename and in some cases
164 * lookup)
165 */
fuse_invalidate_entry_cache(struct dentry * entry)166 void fuse_invalidate_entry_cache(struct dentry *entry)
167 {
168 fuse_dentry_settime(entry, 0);
169 }
170
171 /*
172 * Same as fuse_invalidate_entry_cache(), but also try to remove the
173 * dentry from the hash
174 */
fuse_invalidate_entry(struct dentry * entry)175 static void fuse_invalidate_entry(struct dentry *entry)
176 {
177 d_invalidate(entry);
178 fuse_invalidate_entry_cache(entry);
179 }
180
fuse_lookup_init(struct fuse_conn * fc,struct fuse_args * args,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg)181 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
182 u64 nodeid, const struct qstr *name,
183 struct fuse_entry_out *outarg)
184 {
185 memset(outarg, 0, sizeof(struct fuse_entry_out));
186 args->opcode = FUSE_LOOKUP;
187 args->nodeid = nodeid;
188 args->in_numargs = 1;
189 args->in_args[0].size = name->len + 1;
190 args->in_args[0].value = name->name;
191 args->out_numargs = 1;
192 args->out_args[0].size = sizeof(struct fuse_entry_out);
193 args->out_args[0].value = outarg;
194 }
195
196 /*
197 * Check whether the dentry is still valid
198 *
199 * If the entry validity timeout has expired and the dentry is
200 * positive, try to redo the lookup. If the lookup results in a
201 * different inode, then let the VFS invalidate the dentry and redo
202 * the lookup once more. If the lookup results in the same inode,
203 * then refresh the attributes, timeouts and mark the dentry valid.
204 */
fuse_dentry_revalidate(struct dentry * entry,unsigned int flags)205 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
206 {
207 struct inode *inode;
208 struct dentry *parent;
209 struct fuse_mount *fm;
210 struct fuse_inode *fi;
211 int ret;
212
213 inode = d_inode_rcu(entry);
214 if (inode && fuse_is_bad(inode))
215 goto invalid;
216 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
217 (flags & (LOOKUP_EXCL | LOOKUP_REVAL))) {
218 struct fuse_entry_out outarg;
219 FUSE_ARGS(args);
220 struct fuse_forget_link *forget;
221 u64 attr_version;
222
223 /* For negative dentries, always do a fresh lookup */
224 if (!inode)
225 goto invalid;
226
227 ret = -ECHILD;
228 if (flags & LOOKUP_RCU)
229 goto out;
230
231 fm = get_fuse_mount(inode);
232
233 forget = fuse_alloc_forget();
234 ret = -ENOMEM;
235 if (!forget)
236 goto out;
237
238 attr_version = fuse_get_attr_version(fm->fc);
239
240 parent = dget_parent(entry);
241 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
242 &entry->d_name, &outarg);
243 ret = fuse_simple_request(fm, &args);
244 dput(parent);
245 /* Zero nodeid is same as -ENOENT */
246 if (!ret && !outarg.nodeid)
247 ret = -ENOENT;
248 if (!ret) {
249 fi = get_fuse_inode(inode);
250 if (outarg.nodeid != get_node_id(inode) ||
251 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
252 fuse_queue_forget(fm->fc, forget,
253 outarg.nodeid, 1);
254 goto invalid;
255 }
256 spin_lock(&fi->lock);
257 fi->nlookup++;
258 spin_unlock(&fi->lock);
259 }
260 kfree(forget);
261 if (ret == -ENOMEM)
262 goto out;
263 if (ret || fuse_invalid_attr(&outarg.attr) ||
264 fuse_stale_inode(inode, outarg.generation, &outarg.attr))
265 goto invalid;
266
267 forget_all_cached_acls(inode);
268 fuse_change_attributes(inode, &outarg.attr,
269 entry_attr_timeout(&outarg),
270 attr_version);
271 fuse_change_entry_timeout(entry, &outarg);
272 } else if (inode) {
273 fi = get_fuse_inode(inode);
274 if (flags & LOOKUP_RCU) {
275 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
276 return -ECHILD;
277 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
278 parent = dget_parent(entry);
279 fuse_advise_use_readdirplus(d_inode(parent));
280 dput(parent);
281 }
282 }
283 ret = 1;
284 out:
285 return ret;
286
287 invalid:
288 ret = 0;
289 goto out;
290 }
291
292 #if BITS_PER_LONG < 64
fuse_dentry_init(struct dentry * dentry)293 static int fuse_dentry_init(struct dentry *dentry)
294 {
295 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
296 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
297
298 return dentry->d_fsdata ? 0 : -ENOMEM;
299 }
fuse_dentry_release(struct dentry * dentry)300 static void fuse_dentry_release(struct dentry *dentry)
301 {
302 union fuse_dentry *fd = dentry->d_fsdata;
303
304 kfree_rcu(fd, rcu);
305 }
306 #endif
307
fuse_dentry_delete(const struct dentry * dentry)308 static int fuse_dentry_delete(const struct dentry *dentry)
309 {
310 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
311 }
312
313 /*
314 * Create a fuse_mount object with a new superblock (with path->dentry
315 * as the root), and return that mount so it can be auto-mounted on
316 * @path.
317 */
fuse_dentry_automount(struct path * path)318 static struct vfsmount *fuse_dentry_automount(struct path *path)
319 {
320 struct fs_context *fsc;
321 struct vfsmount *mnt;
322 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
323
324 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
325 if (IS_ERR(fsc))
326 return ERR_CAST(fsc);
327
328 /* Pass the FUSE inode of the mount for fuse_get_tree_submount() */
329 fsc->fs_private = mp_fi;
330
331 /* Create the submount */
332 mnt = fc_mount(fsc);
333 if (!IS_ERR(mnt))
334 mntget(mnt);
335
336 put_fs_context(fsc);
337 return mnt;
338 }
339
340 const struct dentry_operations fuse_dentry_operations = {
341 .d_revalidate = fuse_dentry_revalidate,
342 .d_delete = fuse_dentry_delete,
343 #if BITS_PER_LONG < 64
344 .d_init = fuse_dentry_init,
345 .d_release = fuse_dentry_release,
346 #endif
347 .d_automount = fuse_dentry_automount,
348 };
349
350 const struct dentry_operations fuse_root_dentry_operations = {
351 #if BITS_PER_LONG < 64
352 .d_init = fuse_dentry_init,
353 .d_release = fuse_dentry_release,
354 #endif
355 };
356
fuse_valid_type(int m)357 int fuse_valid_type(int m)
358 {
359 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
360 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
361 }
362
fuse_invalid_attr(struct fuse_attr * attr)363 bool fuse_invalid_attr(struct fuse_attr *attr)
364 {
365 return !fuse_valid_type(attr->mode) ||
366 attr->size > LLONG_MAX;
367 }
368
fuse_lookup_name(struct super_block * sb,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg,struct inode ** inode)369 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
370 struct fuse_entry_out *outarg, struct inode **inode)
371 {
372 struct fuse_mount *fm = get_fuse_mount_super(sb);
373 FUSE_ARGS(args);
374 struct fuse_forget_link *forget;
375 u64 attr_version;
376 int err;
377
378 *inode = NULL;
379 err = -ENAMETOOLONG;
380 if (name->len > FUSE_NAME_MAX)
381 goto out;
382
383
384 forget = fuse_alloc_forget();
385 err = -ENOMEM;
386 if (!forget)
387 goto out;
388
389 attr_version = fuse_get_attr_version(fm->fc);
390
391 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg);
392 err = fuse_simple_request(fm, &args);
393 /* Zero nodeid is same as -ENOENT, but with valid timeout */
394 if (err || !outarg->nodeid)
395 goto out_put_forget;
396
397 err = -EIO;
398 if (!outarg->nodeid)
399 goto out_put_forget;
400 if (fuse_invalid_attr(&outarg->attr))
401 goto out_put_forget;
402
403 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
404 &outarg->attr, entry_attr_timeout(outarg),
405 attr_version);
406 err = -ENOMEM;
407 if (!*inode) {
408 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
409 goto out;
410 }
411 err = 0;
412
413 out_put_forget:
414 kfree(forget);
415 out:
416 return err;
417 }
418
fuse_lookup(struct inode * dir,struct dentry * entry,unsigned int flags)419 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
420 unsigned int flags)
421 {
422 int err;
423 struct fuse_entry_out outarg;
424 struct inode *inode;
425 struct dentry *newent;
426 bool outarg_valid = true;
427 bool locked;
428
429 if (fuse_is_bad(dir))
430 return ERR_PTR(-EIO);
431
432 locked = fuse_lock_inode(dir);
433 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
434 &outarg, &inode);
435 fuse_unlock_inode(dir, locked);
436 if (err == -ENOENT) {
437 outarg_valid = false;
438 err = 0;
439 }
440 if (err)
441 goto out_err;
442
443 err = -EIO;
444 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
445 goto out_iput;
446
447 newent = d_splice_alias(inode, entry);
448 err = PTR_ERR(newent);
449 if (IS_ERR(newent))
450 goto out_err;
451
452 entry = newent ? newent : entry;
453 if (outarg_valid)
454 fuse_change_entry_timeout(entry, &outarg);
455 else
456 fuse_invalidate_entry_cache(entry);
457
458 if (inode)
459 fuse_advise_use_readdirplus(dir);
460 return newent;
461
462 out_iput:
463 iput(inode);
464 out_err:
465 return ERR_PTR(err);
466 }
467
get_security_context(struct dentry * entry,umode_t mode,void ** security_ctx,u32 * security_ctxlen)468 static int get_security_context(struct dentry *entry, umode_t mode,
469 void **security_ctx, u32 *security_ctxlen)
470 {
471 struct fuse_secctx *fctx;
472 struct fuse_secctx_header *header;
473 void *ctx = NULL, *ptr;
474 u32 ctxlen, total_len = sizeof(*header);
475 int err, nr_ctx = 0;
476 const char *name;
477 size_t namelen;
478
479 err = security_dentry_init_security(entry, mode, &entry->d_name,
480 &name, &ctx, &ctxlen);
481 if (err) {
482 if (err != -EOPNOTSUPP)
483 goto out_err;
484 /* No LSM is supporting this security hook. Ignore error */
485 ctxlen = 0;
486 ctx = NULL;
487 }
488
489 if (ctxlen) {
490 nr_ctx = 1;
491 namelen = strlen(name) + 1;
492 err = -EIO;
493 if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || ctxlen > S32_MAX))
494 goto out_err;
495 total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + ctxlen);
496 }
497
498 err = -ENOMEM;
499 header = ptr = kzalloc(total_len, GFP_KERNEL);
500 if (!ptr)
501 goto out_err;
502
503 header->nr_secctx = nr_ctx;
504 header->size = total_len;
505 ptr += sizeof(*header);
506 if (nr_ctx) {
507 fctx = ptr;
508 fctx->size = ctxlen;
509 ptr += sizeof(*fctx);
510
511 strcpy(ptr, name);
512 ptr += namelen;
513
514 memcpy(ptr, ctx, ctxlen);
515 }
516 *security_ctxlen = total_len;
517 *security_ctx = header;
518 err = 0;
519 out_err:
520 kfree(ctx);
521 return err;
522 }
523
524 /*
525 * Atomic create+open operation
526 *
527 * If the filesystem doesn't support this, then fall back to separate
528 * 'mknod' + 'open' requests.
529 */
fuse_create_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned int flags,umode_t mode,u32 opcode)530 static int fuse_create_open(struct inode *dir, struct dentry *entry,
531 struct file *file, unsigned int flags,
532 umode_t mode, u32 opcode)
533 {
534 int err;
535 struct inode *inode;
536 struct fuse_mount *fm = get_fuse_mount(dir);
537 FUSE_ARGS(args);
538 struct fuse_forget_link *forget;
539 struct fuse_create_in inarg;
540 struct fuse_open_out outopen;
541 struct fuse_entry_out outentry;
542 struct fuse_inode *fi;
543 struct fuse_file *ff;
544 void *security_ctx = NULL;
545 u32 security_ctxlen;
546 bool trunc = flags & O_TRUNC;
547
548 /* Userspace expects S_IFREG in create mode */
549 BUG_ON((mode & S_IFMT) != S_IFREG);
550
551 forget = fuse_alloc_forget();
552 err = -ENOMEM;
553 if (!forget)
554 goto out_err;
555
556 err = -ENOMEM;
557 ff = fuse_file_alloc(fm);
558 if (!ff)
559 goto out_put_forget_req;
560
561 if (!fm->fc->dont_mask)
562 mode &= ~current_umask();
563
564 flags &= ~O_NOCTTY;
565 memset(&inarg, 0, sizeof(inarg));
566 memset(&outentry, 0, sizeof(outentry));
567 inarg.flags = flags;
568 inarg.mode = mode;
569 inarg.umask = current_umask();
570
571 if (fm->fc->handle_killpriv_v2 && trunc &&
572 !(flags & O_EXCL) && !capable(CAP_FSETID)) {
573 inarg.open_flags |= FUSE_OPEN_KILL_SUIDGID;
574 }
575
576 args.opcode = opcode;
577 args.nodeid = get_node_id(dir);
578 args.in_numargs = 2;
579 args.in_args[0].size = sizeof(inarg);
580 args.in_args[0].value = &inarg;
581 args.in_args[1].size = entry->d_name.len + 1;
582 args.in_args[1].value = entry->d_name.name;
583 args.out_numargs = 2;
584 args.out_args[0].size = sizeof(outentry);
585 args.out_args[0].value = &outentry;
586 args.out_args[1].size = sizeof(outopen);
587 args.out_args[1].value = &outopen;
588
589 if (fm->fc->init_security) {
590 err = get_security_context(entry, mode, &security_ctx,
591 &security_ctxlen);
592 if (err)
593 goto out_put_forget_req;
594
595 args.in_numargs = 3;
596 args.in_args[2].size = security_ctxlen;
597 args.in_args[2].value = security_ctx;
598 }
599
600 err = fuse_simple_request(fm, &args);
601 kfree(security_ctx);
602 if (err)
603 goto out_free_ff;
604
605 err = -EIO;
606 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
607 fuse_invalid_attr(&outentry.attr))
608 goto out_free_ff;
609
610 ff->fh = outopen.fh;
611 ff->nodeid = outentry.nodeid;
612 ff->open_flags = outopen.open_flags;
613 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
614 &outentry.attr, entry_attr_timeout(&outentry), 0);
615 if (!inode) {
616 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
617 fuse_sync_release(NULL, ff, flags);
618 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
619 err = -ENOMEM;
620 goto out_err;
621 }
622 kfree(forget);
623 d_instantiate(entry, inode);
624 fuse_change_entry_timeout(entry, &outentry);
625 fuse_dir_changed(dir);
626 err = finish_open(file, entry, generic_file_open);
627 if (err) {
628 fi = get_fuse_inode(inode);
629 fuse_sync_release(fi, ff, flags);
630 } else {
631 file->private_data = ff;
632 fuse_finish_open(inode, file);
633 if (fm->fc->atomic_o_trunc && trunc)
634 truncate_pagecache(inode, 0);
635 else if (!(ff->open_flags & FOPEN_KEEP_CACHE))
636 invalidate_inode_pages2(inode->i_mapping);
637 }
638 return err;
639
640 out_free_ff:
641 fuse_file_free(ff);
642 out_put_forget_req:
643 kfree(forget);
644 out_err:
645 return err;
646 }
647
648 static int fuse_mknod(struct user_namespace *, struct inode *, struct dentry *,
649 umode_t, dev_t);
fuse_atomic_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode)650 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
651 struct file *file, unsigned flags,
652 umode_t mode)
653 {
654 int err;
655 struct fuse_conn *fc = get_fuse_conn(dir);
656 struct dentry *res = NULL;
657
658 if (fuse_is_bad(dir))
659 return -EIO;
660
661 if (d_in_lookup(entry)) {
662 res = fuse_lookup(dir, entry, 0);
663 if (IS_ERR(res))
664 return PTR_ERR(res);
665
666 if (res)
667 entry = res;
668 }
669
670 if (!(flags & O_CREAT) || d_really_is_positive(entry))
671 goto no_open;
672
673 /* Only creates */
674 file->f_mode |= FMODE_CREATED;
675
676 if (fc->no_create)
677 goto mknod;
678
679 err = fuse_create_open(dir, entry, file, flags, mode, FUSE_CREATE);
680 if (err == -ENOSYS) {
681 fc->no_create = 1;
682 goto mknod;
683 }
684 out_dput:
685 dput(res);
686 return err;
687
688 mknod:
689 err = fuse_mknod(&init_user_ns, dir, entry, mode, 0);
690 if (err)
691 goto out_dput;
692 no_open:
693 return finish_no_open(file, res);
694 }
695
696 /*
697 * Code shared between mknod, mkdir, symlink and link
698 */
create_new_entry(struct fuse_mount * fm,struct fuse_args * args,struct inode * dir,struct dentry * entry,umode_t mode)699 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args,
700 struct inode *dir, struct dentry *entry,
701 umode_t mode)
702 {
703 struct fuse_entry_out outarg;
704 struct inode *inode;
705 struct dentry *d;
706 int err;
707 struct fuse_forget_link *forget;
708 void *security_ctx = NULL;
709 u32 security_ctxlen;
710
711 if (fuse_is_bad(dir))
712 return -EIO;
713
714 forget = fuse_alloc_forget();
715 if (!forget)
716 return -ENOMEM;
717
718 memset(&outarg, 0, sizeof(outarg));
719 args->nodeid = get_node_id(dir);
720 args->out_numargs = 1;
721 args->out_args[0].size = sizeof(outarg);
722 args->out_args[0].value = &outarg;
723
724 if (fm->fc->init_security && args->opcode != FUSE_LINK) {
725 err = get_security_context(entry, mode, &security_ctx,
726 &security_ctxlen);
727 if (err)
728 goto out_put_forget_req;
729
730 BUG_ON(args->in_numargs != 2);
731
732 args->in_numargs = 3;
733 args->in_args[2].size = security_ctxlen;
734 args->in_args[2].value = security_ctx;
735 }
736
737 err = fuse_simple_request(fm, args);
738 kfree(security_ctx);
739 if (err)
740 goto out_put_forget_req;
741
742 err = -EIO;
743 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
744 goto out_put_forget_req;
745
746 if ((outarg.attr.mode ^ mode) & S_IFMT)
747 goto out_put_forget_req;
748
749 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
750 &outarg.attr, entry_attr_timeout(&outarg), 0);
751 if (!inode) {
752 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
753 return -ENOMEM;
754 }
755 kfree(forget);
756
757 d_drop(entry);
758 d = d_splice_alias(inode, entry);
759 if (IS_ERR(d))
760 return PTR_ERR(d);
761
762 if (d) {
763 fuse_change_entry_timeout(d, &outarg);
764 dput(d);
765 } else {
766 fuse_change_entry_timeout(entry, &outarg);
767 }
768 fuse_dir_changed(dir);
769 return 0;
770
771 out_put_forget_req:
772 kfree(forget);
773 return err;
774 }
775
fuse_mknod(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,umode_t mode,dev_t rdev)776 static int fuse_mknod(struct user_namespace *mnt_userns, struct inode *dir,
777 struct dentry *entry, umode_t mode, dev_t rdev)
778 {
779 struct fuse_mknod_in inarg;
780 struct fuse_mount *fm = get_fuse_mount(dir);
781 FUSE_ARGS(args);
782
783 if (!fm->fc->dont_mask)
784 mode &= ~current_umask();
785
786 memset(&inarg, 0, sizeof(inarg));
787 inarg.mode = mode;
788 inarg.rdev = new_encode_dev(rdev);
789 inarg.umask = current_umask();
790 args.opcode = FUSE_MKNOD;
791 args.in_numargs = 2;
792 args.in_args[0].size = sizeof(inarg);
793 args.in_args[0].value = &inarg;
794 args.in_args[1].size = entry->d_name.len + 1;
795 args.in_args[1].value = entry->d_name.name;
796 return create_new_entry(fm, &args, dir, entry, mode);
797 }
798
fuse_create(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,umode_t mode,bool excl)799 static int fuse_create(struct user_namespace *mnt_userns, struct inode *dir,
800 struct dentry *entry, umode_t mode, bool excl)
801 {
802 return fuse_mknod(&init_user_ns, dir, entry, mode, 0);
803 }
804
fuse_tmpfile(struct user_namespace * mnt_userns,struct inode * dir,struct file * file,umode_t mode)805 static int fuse_tmpfile(struct user_namespace *mnt_userns, struct inode *dir,
806 struct file *file, umode_t mode)
807 {
808 struct fuse_conn *fc = get_fuse_conn(dir);
809 int err;
810
811 if (fc->no_tmpfile)
812 return -EOPNOTSUPP;
813
814 err = fuse_create_open(dir, file->f_path.dentry, file, file->f_flags, mode, FUSE_TMPFILE);
815 if (err == -ENOSYS) {
816 fc->no_tmpfile = 1;
817 err = -EOPNOTSUPP;
818 }
819 return err;
820 }
821
fuse_mkdir(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,umode_t mode)822 static int fuse_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
823 struct dentry *entry, umode_t mode)
824 {
825 struct fuse_mkdir_in inarg;
826 struct fuse_mount *fm = get_fuse_mount(dir);
827 FUSE_ARGS(args);
828
829 if (!fm->fc->dont_mask)
830 mode &= ~current_umask();
831
832 memset(&inarg, 0, sizeof(inarg));
833 inarg.mode = mode;
834 inarg.umask = current_umask();
835 args.opcode = FUSE_MKDIR;
836 args.in_numargs = 2;
837 args.in_args[0].size = sizeof(inarg);
838 args.in_args[0].value = &inarg;
839 args.in_args[1].size = entry->d_name.len + 1;
840 args.in_args[1].value = entry->d_name.name;
841 return create_new_entry(fm, &args, dir, entry, S_IFDIR);
842 }
843
fuse_symlink(struct user_namespace * mnt_userns,struct inode * dir,struct dentry * entry,const char * link)844 static int fuse_symlink(struct user_namespace *mnt_userns, struct inode *dir,
845 struct dentry *entry, const char *link)
846 {
847 struct fuse_mount *fm = get_fuse_mount(dir);
848 unsigned len = strlen(link) + 1;
849 FUSE_ARGS(args);
850
851 args.opcode = FUSE_SYMLINK;
852 args.in_numargs = 2;
853 args.in_args[0].size = entry->d_name.len + 1;
854 args.in_args[0].value = entry->d_name.name;
855 args.in_args[1].size = len;
856 args.in_args[1].value = link;
857 return create_new_entry(fm, &args, dir, entry, S_IFLNK);
858 }
859
fuse_flush_time_update(struct inode * inode)860 void fuse_flush_time_update(struct inode *inode)
861 {
862 int err = sync_inode_metadata(inode, 1);
863
864 mapping_set_error(inode->i_mapping, err);
865 }
866
fuse_update_ctime_in_cache(struct inode * inode)867 static void fuse_update_ctime_in_cache(struct inode *inode)
868 {
869 if (!IS_NOCMTIME(inode)) {
870 inode->i_ctime = current_time(inode);
871 mark_inode_dirty_sync(inode);
872 fuse_flush_time_update(inode);
873 }
874 }
875
fuse_update_ctime(struct inode * inode)876 void fuse_update_ctime(struct inode *inode)
877 {
878 fuse_invalidate_attr_mask(inode, STATX_CTIME);
879 fuse_update_ctime_in_cache(inode);
880 }
881
fuse_entry_unlinked(struct dentry * entry)882 static void fuse_entry_unlinked(struct dentry *entry)
883 {
884 struct inode *inode = d_inode(entry);
885 struct fuse_conn *fc = get_fuse_conn(inode);
886 struct fuse_inode *fi = get_fuse_inode(inode);
887
888 spin_lock(&fi->lock);
889 fi->attr_version = atomic64_inc_return(&fc->attr_version);
890 /*
891 * If i_nlink == 0 then unlink doesn't make sense, yet this can
892 * happen if userspace filesystem is careless. It would be
893 * difficult to enforce correct nlink usage so just ignore this
894 * condition here
895 */
896 if (S_ISDIR(inode->i_mode))
897 clear_nlink(inode);
898 else if (inode->i_nlink > 0)
899 drop_nlink(inode);
900 spin_unlock(&fi->lock);
901 fuse_invalidate_entry_cache(entry);
902 fuse_update_ctime(inode);
903 }
904
fuse_unlink(struct inode * dir,struct dentry * entry)905 static int fuse_unlink(struct inode *dir, struct dentry *entry)
906 {
907 int err;
908 struct fuse_mount *fm = get_fuse_mount(dir);
909 FUSE_ARGS(args);
910
911 if (fuse_is_bad(dir))
912 return -EIO;
913
914 args.opcode = FUSE_UNLINK;
915 args.nodeid = get_node_id(dir);
916 args.in_numargs = 1;
917 args.in_args[0].size = entry->d_name.len + 1;
918 args.in_args[0].value = entry->d_name.name;
919 err = fuse_simple_request(fm, &args);
920 if (!err) {
921 fuse_dir_changed(dir);
922 fuse_entry_unlinked(entry);
923 } else if (err == -EINTR)
924 fuse_invalidate_entry(entry);
925 return err;
926 }
927
fuse_rmdir(struct inode * dir,struct dentry * entry)928 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
929 {
930 int err;
931 struct fuse_mount *fm = get_fuse_mount(dir);
932 FUSE_ARGS(args);
933
934 if (fuse_is_bad(dir))
935 return -EIO;
936
937 args.opcode = FUSE_RMDIR;
938 args.nodeid = get_node_id(dir);
939 args.in_numargs = 1;
940 args.in_args[0].size = entry->d_name.len + 1;
941 args.in_args[0].value = entry->d_name.name;
942 err = fuse_simple_request(fm, &args);
943 if (!err) {
944 fuse_dir_changed(dir);
945 fuse_entry_unlinked(entry);
946 } else if (err == -EINTR)
947 fuse_invalidate_entry(entry);
948 return err;
949 }
950
fuse_rename_common(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags,int opcode,size_t argsize)951 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
952 struct inode *newdir, struct dentry *newent,
953 unsigned int flags, int opcode, size_t argsize)
954 {
955 int err;
956 struct fuse_rename2_in inarg;
957 struct fuse_mount *fm = get_fuse_mount(olddir);
958 FUSE_ARGS(args);
959
960 memset(&inarg, 0, argsize);
961 inarg.newdir = get_node_id(newdir);
962 inarg.flags = flags;
963 args.opcode = opcode;
964 args.nodeid = get_node_id(olddir);
965 args.in_numargs = 3;
966 args.in_args[0].size = argsize;
967 args.in_args[0].value = &inarg;
968 args.in_args[1].size = oldent->d_name.len + 1;
969 args.in_args[1].value = oldent->d_name.name;
970 args.in_args[2].size = newent->d_name.len + 1;
971 args.in_args[2].value = newent->d_name.name;
972 err = fuse_simple_request(fm, &args);
973 if (!err) {
974 /* ctime changes */
975 fuse_update_ctime(d_inode(oldent));
976
977 if (flags & RENAME_EXCHANGE)
978 fuse_update_ctime(d_inode(newent));
979
980 fuse_dir_changed(olddir);
981 if (olddir != newdir)
982 fuse_dir_changed(newdir);
983
984 /* newent will end up negative */
985 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent))
986 fuse_entry_unlinked(newent);
987 } else if (err == -EINTR) {
988 /* If request was interrupted, DEITY only knows if the
989 rename actually took place. If the invalidation
990 fails (e.g. some process has CWD under the renamed
991 directory), then there can be inconsistency between
992 the dcache and the real filesystem. Tough luck. */
993 fuse_invalidate_entry(oldent);
994 if (d_really_is_positive(newent))
995 fuse_invalidate_entry(newent);
996 }
997
998 return err;
999 }
1000
fuse_rename2(struct user_namespace * mnt_userns,struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags)1001 static int fuse_rename2(struct user_namespace *mnt_userns, struct inode *olddir,
1002 struct dentry *oldent, struct inode *newdir,
1003 struct dentry *newent, unsigned int flags)
1004 {
1005 struct fuse_conn *fc = get_fuse_conn(olddir);
1006 int err;
1007
1008 if (fuse_is_bad(olddir))
1009 return -EIO;
1010
1011 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
1012 return -EINVAL;
1013
1014 if (flags) {
1015 if (fc->no_rename2 || fc->minor < 23)
1016 return -EINVAL;
1017
1018 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
1019 FUSE_RENAME2,
1020 sizeof(struct fuse_rename2_in));
1021 if (err == -ENOSYS) {
1022 fc->no_rename2 = 1;
1023 err = -EINVAL;
1024 }
1025 } else {
1026 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
1027 FUSE_RENAME,
1028 sizeof(struct fuse_rename_in));
1029 }
1030
1031 return err;
1032 }
1033
fuse_link(struct dentry * entry,struct inode * newdir,struct dentry * newent)1034 static int fuse_link(struct dentry *entry, struct inode *newdir,
1035 struct dentry *newent)
1036 {
1037 int err;
1038 struct fuse_link_in inarg;
1039 struct inode *inode = d_inode(entry);
1040 struct fuse_mount *fm = get_fuse_mount(inode);
1041 FUSE_ARGS(args);
1042
1043 memset(&inarg, 0, sizeof(inarg));
1044 inarg.oldnodeid = get_node_id(inode);
1045 args.opcode = FUSE_LINK;
1046 args.in_numargs = 2;
1047 args.in_args[0].size = sizeof(inarg);
1048 args.in_args[0].value = &inarg;
1049 args.in_args[1].size = newent->d_name.len + 1;
1050 args.in_args[1].value = newent->d_name.name;
1051 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode);
1052 if (!err)
1053 fuse_update_ctime_in_cache(inode);
1054 else if (err == -EINTR)
1055 fuse_invalidate_attr(inode);
1056
1057 return err;
1058 }
1059
fuse_fillattr(struct inode * inode,struct fuse_attr * attr,struct kstat * stat)1060 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
1061 struct kstat *stat)
1062 {
1063 unsigned int blkbits;
1064 struct fuse_conn *fc = get_fuse_conn(inode);
1065
1066 stat->dev = inode->i_sb->s_dev;
1067 stat->ino = attr->ino;
1068 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
1069 stat->nlink = attr->nlink;
1070 stat->uid = make_kuid(fc->user_ns, attr->uid);
1071 stat->gid = make_kgid(fc->user_ns, attr->gid);
1072 stat->rdev = inode->i_rdev;
1073 stat->atime.tv_sec = attr->atime;
1074 stat->atime.tv_nsec = attr->atimensec;
1075 stat->mtime.tv_sec = attr->mtime;
1076 stat->mtime.tv_nsec = attr->mtimensec;
1077 stat->ctime.tv_sec = attr->ctime;
1078 stat->ctime.tv_nsec = attr->ctimensec;
1079 stat->size = attr->size;
1080 stat->blocks = attr->blocks;
1081
1082 if (attr->blksize != 0)
1083 blkbits = ilog2(attr->blksize);
1084 else
1085 blkbits = inode->i_sb->s_blocksize_bits;
1086
1087 stat->blksize = 1 << blkbits;
1088 }
1089
fuse_do_getattr(struct inode * inode,struct kstat * stat,struct file * file)1090 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
1091 struct file *file)
1092 {
1093 int err;
1094 struct fuse_getattr_in inarg;
1095 struct fuse_attr_out outarg;
1096 struct fuse_mount *fm = get_fuse_mount(inode);
1097 FUSE_ARGS(args);
1098 u64 attr_version;
1099
1100 attr_version = fuse_get_attr_version(fm->fc);
1101
1102 memset(&inarg, 0, sizeof(inarg));
1103 memset(&outarg, 0, sizeof(outarg));
1104 /* Directories have separate file-handle space */
1105 if (file && S_ISREG(inode->i_mode)) {
1106 struct fuse_file *ff = file->private_data;
1107
1108 inarg.getattr_flags |= FUSE_GETATTR_FH;
1109 inarg.fh = ff->fh;
1110 }
1111 args.opcode = FUSE_GETATTR;
1112 args.nodeid = get_node_id(inode);
1113 args.in_numargs = 1;
1114 args.in_args[0].size = sizeof(inarg);
1115 args.in_args[0].value = &inarg;
1116 args.out_numargs = 1;
1117 args.out_args[0].size = sizeof(outarg);
1118 args.out_args[0].value = &outarg;
1119 err = fuse_simple_request(fm, &args);
1120 if (!err) {
1121 if (fuse_invalid_attr(&outarg.attr) ||
1122 inode_wrong_type(inode, outarg.attr.mode)) {
1123 fuse_make_bad(inode);
1124 err = -EIO;
1125 } else {
1126 fuse_change_attributes(inode, &outarg.attr,
1127 attr_timeout(&outarg),
1128 attr_version);
1129 if (stat)
1130 fuse_fillattr(inode, &outarg.attr, stat);
1131 }
1132 }
1133 return err;
1134 }
1135
fuse_update_get_attr(struct inode * inode,struct file * file,struct kstat * stat,u32 request_mask,unsigned int flags)1136 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1137 struct kstat *stat, u32 request_mask,
1138 unsigned int flags)
1139 {
1140 struct fuse_inode *fi = get_fuse_inode(inode);
1141 int err = 0;
1142 bool sync;
1143 u32 inval_mask = READ_ONCE(fi->inval_mask);
1144 u32 cache_mask = fuse_get_cache_mask(inode);
1145
1146 if (flags & AT_STATX_FORCE_SYNC)
1147 sync = true;
1148 else if (flags & AT_STATX_DONT_SYNC)
1149 sync = false;
1150 else if (request_mask & inval_mask & ~cache_mask)
1151 sync = true;
1152 else
1153 sync = time_before64(fi->i_time, get_jiffies_64());
1154
1155 if (sync) {
1156 forget_all_cached_acls(inode);
1157 err = fuse_do_getattr(inode, stat, file);
1158 } else if (stat) {
1159 generic_fillattr(&init_user_ns, inode, stat);
1160 stat->mode = fi->orig_i_mode;
1161 stat->ino = fi->orig_ino;
1162 }
1163
1164 return err;
1165 }
1166
fuse_update_attributes(struct inode * inode,struct file * file,u32 mask)1167 int fuse_update_attributes(struct inode *inode, struct file *file, u32 mask)
1168 {
1169 return fuse_update_get_attr(inode, file, NULL, mask, 0);
1170 }
1171
fuse_reverse_inval_entry(struct fuse_conn * fc,u64 parent_nodeid,u64 child_nodeid,struct qstr * name)1172 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1173 u64 child_nodeid, struct qstr *name)
1174 {
1175 int err = -ENOTDIR;
1176 struct inode *parent;
1177 struct dentry *dir;
1178 struct dentry *entry;
1179
1180 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1181 if (!parent)
1182 return -ENOENT;
1183
1184 inode_lock_nested(parent, I_MUTEX_PARENT);
1185 if (!S_ISDIR(parent->i_mode))
1186 goto unlock;
1187
1188 err = -ENOENT;
1189 dir = d_find_alias(parent);
1190 if (!dir)
1191 goto unlock;
1192
1193 name->hash = full_name_hash(dir, name->name, name->len);
1194 entry = d_lookup(dir, name);
1195 dput(dir);
1196 if (!entry)
1197 goto unlock;
1198
1199 fuse_dir_changed(parent);
1200 fuse_invalidate_entry(entry);
1201
1202 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1203 inode_lock(d_inode(entry));
1204 if (get_node_id(d_inode(entry)) != child_nodeid) {
1205 err = -ENOENT;
1206 goto badentry;
1207 }
1208 if (d_mountpoint(entry)) {
1209 err = -EBUSY;
1210 goto badentry;
1211 }
1212 if (d_is_dir(entry)) {
1213 shrink_dcache_parent(entry);
1214 if (!simple_empty(entry)) {
1215 err = -ENOTEMPTY;
1216 goto badentry;
1217 }
1218 d_inode(entry)->i_flags |= S_DEAD;
1219 }
1220 dont_mount(entry);
1221 clear_nlink(d_inode(entry));
1222 err = 0;
1223 badentry:
1224 inode_unlock(d_inode(entry));
1225 if (!err)
1226 d_delete(entry);
1227 } else {
1228 err = 0;
1229 }
1230 dput(entry);
1231
1232 unlock:
1233 inode_unlock(parent);
1234 iput(parent);
1235 return err;
1236 }
1237
1238 /*
1239 * Calling into a user-controlled filesystem gives the filesystem
1240 * daemon ptrace-like capabilities over the current process. This
1241 * means, that the filesystem daemon is able to record the exact
1242 * filesystem operations performed, and can also control the behavior
1243 * of the requester process in otherwise impossible ways. For example
1244 * it can delay the operation for arbitrary length of time allowing
1245 * DoS against the requester.
1246 *
1247 * For this reason only those processes can call into the filesystem,
1248 * for which the owner of the mount has ptrace privilege. This
1249 * excludes processes started by other users, suid or sgid processes.
1250 */
fuse_allow_current_process(struct fuse_conn * fc)1251 int fuse_allow_current_process(struct fuse_conn *fc)
1252 {
1253 const struct cred *cred;
1254
1255 if (allow_sys_admin_access && capable(CAP_SYS_ADMIN))
1256 return 1;
1257
1258 if (fc->allow_other)
1259 return current_in_userns(fc->user_ns);
1260
1261 cred = current_cred();
1262 if (uid_eq(cred->euid, fc->user_id) &&
1263 uid_eq(cred->suid, fc->user_id) &&
1264 uid_eq(cred->uid, fc->user_id) &&
1265 gid_eq(cred->egid, fc->group_id) &&
1266 gid_eq(cred->sgid, fc->group_id) &&
1267 gid_eq(cred->gid, fc->group_id))
1268 return 1;
1269
1270 return 0;
1271 }
1272
fuse_access(struct inode * inode,int mask)1273 static int fuse_access(struct inode *inode, int mask)
1274 {
1275 struct fuse_mount *fm = get_fuse_mount(inode);
1276 FUSE_ARGS(args);
1277 struct fuse_access_in inarg;
1278 int err;
1279
1280 BUG_ON(mask & MAY_NOT_BLOCK);
1281
1282 if (fm->fc->no_access)
1283 return 0;
1284
1285 memset(&inarg, 0, sizeof(inarg));
1286 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1287 args.opcode = FUSE_ACCESS;
1288 args.nodeid = get_node_id(inode);
1289 args.in_numargs = 1;
1290 args.in_args[0].size = sizeof(inarg);
1291 args.in_args[0].value = &inarg;
1292 err = fuse_simple_request(fm, &args);
1293 if (err == -ENOSYS) {
1294 fm->fc->no_access = 1;
1295 err = 0;
1296 }
1297 return err;
1298 }
1299
fuse_perm_getattr(struct inode * inode,int mask)1300 static int fuse_perm_getattr(struct inode *inode, int mask)
1301 {
1302 if (mask & MAY_NOT_BLOCK)
1303 return -ECHILD;
1304
1305 forget_all_cached_acls(inode);
1306 return fuse_do_getattr(inode, NULL, NULL);
1307 }
1308
1309 /*
1310 * Check permission. The two basic access models of FUSE are:
1311 *
1312 * 1) Local access checking ('default_permissions' mount option) based
1313 * on file mode. This is the plain old disk filesystem permission
1314 * modell.
1315 *
1316 * 2) "Remote" access checking, where server is responsible for
1317 * checking permission in each inode operation. An exception to this
1318 * is if ->permission() was invoked from sys_access() in which case an
1319 * access request is sent. Execute permission is still checked
1320 * locally based on file mode.
1321 */
fuse_permission(struct user_namespace * mnt_userns,struct inode * inode,int mask)1322 static int fuse_permission(struct user_namespace *mnt_userns,
1323 struct inode *inode, int mask)
1324 {
1325 struct fuse_conn *fc = get_fuse_conn(inode);
1326 bool refreshed = false;
1327 int err = 0;
1328
1329 if (fuse_is_bad(inode))
1330 return -EIO;
1331
1332 if (!fuse_allow_current_process(fc))
1333 return -EACCES;
1334
1335 /*
1336 * If attributes are needed, refresh them before proceeding
1337 */
1338 if (fc->default_permissions ||
1339 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1340 struct fuse_inode *fi = get_fuse_inode(inode);
1341 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1342
1343 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1344 time_before64(fi->i_time, get_jiffies_64())) {
1345 refreshed = true;
1346
1347 err = fuse_perm_getattr(inode, mask);
1348 if (err)
1349 return err;
1350 }
1351 }
1352
1353 if (fc->default_permissions) {
1354 err = generic_permission(&init_user_ns, inode, mask);
1355
1356 /* If permission is denied, try to refresh file
1357 attributes. This is also needed, because the root
1358 node will at first have no permissions */
1359 if (err == -EACCES && !refreshed) {
1360 err = fuse_perm_getattr(inode, mask);
1361 if (!err)
1362 err = generic_permission(&init_user_ns,
1363 inode, mask);
1364 }
1365
1366 /* Note: the opposite of the above test does not
1367 exist. So if permissions are revoked this won't be
1368 noticed immediately, only after the attribute
1369 timeout has expired */
1370 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1371 err = fuse_access(inode, mask);
1372 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1373 if (!(inode->i_mode & S_IXUGO)) {
1374 if (refreshed)
1375 return -EACCES;
1376
1377 err = fuse_perm_getattr(inode, mask);
1378 if (!err && !(inode->i_mode & S_IXUGO))
1379 return -EACCES;
1380 }
1381 }
1382 return err;
1383 }
1384
fuse_readlink_page(struct inode * inode,struct page * page)1385 static int fuse_readlink_page(struct inode *inode, struct page *page)
1386 {
1387 struct fuse_mount *fm = get_fuse_mount(inode);
1388 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1389 struct fuse_args_pages ap = {
1390 .num_pages = 1,
1391 .pages = &page,
1392 .descs = &desc,
1393 };
1394 char *link;
1395 ssize_t res;
1396
1397 ap.args.opcode = FUSE_READLINK;
1398 ap.args.nodeid = get_node_id(inode);
1399 ap.args.out_pages = true;
1400 ap.args.out_argvar = true;
1401 ap.args.page_zeroing = true;
1402 ap.args.out_numargs = 1;
1403 ap.args.out_args[0].size = desc.length;
1404 res = fuse_simple_request(fm, &ap.args);
1405
1406 fuse_invalidate_atime(inode);
1407
1408 if (res < 0)
1409 return res;
1410
1411 if (WARN_ON(res >= PAGE_SIZE))
1412 return -EIO;
1413
1414 link = page_address(page);
1415 link[res] = '\0';
1416
1417 return 0;
1418 }
1419
fuse_get_link(struct dentry * dentry,struct inode * inode,struct delayed_call * callback)1420 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1421 struct delayed_call *callback)
1422 {
1423 struct fuse_conn *fc = get_fuse_conn(inode);
1424 struct page *page;
1425 int err;
1426
1427 err = -EIO;
1428 if (fuse_is_bad(inode))
1429 goto out_err;
1430
1431 if (fc->cache_symlinks)
1432 return page_get_link(dentry, inode, callback);
1433
1434 err = -ECHILD;
1435 if (!dentry)
1436 goto out_err;
1437
1438 page = alloc_page(GFP_KERNEL);
1439 err = -ENOMEM;
1440 if (!page)
1441 goto out_err;
1442
1443 err = fuse_readlink_page(inode, page);
1444 if (err) {
1445 __free_page(page);
1446 goto out_err;
1447 }
1448
1449 set_delayed_call(callback, page_put_link, page);
1450
1451 return page_address(page);
1452
1453 out_err:
1454 return ERR_PTR(err);
1455 }
1456
fuse_dir_open(struct inode * inode,struct file * file)1457 static int fuse_dir_open(struct inode *inode, struct file *file)
1458 {
1459 return fuse_open_common(inode, file, true);
1460 }
1461
fuse_dir_release(struct inode * inode,struct file * file)1462 static int fuse_dir_release(struct inode *inode, struct file *file)
1463 {
1464 fuse_release_common(file, true);
1465
1466 return 0;
1467 }
1468
fuse_dir_fsync(struct file * file,loff_t start,loff_t end,int datasync)1469 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1470 int datasync)
1471 {
1472 struct inode *inode = file->f_mapping->host;
1473 struct fuse_conn *fc = get_fuse_conn(inode);
1474 int err;
1475
1476 if (fuse_is_bad(inode))
1477 return -EIO;
1478
1479 if (fc->no_fsyncdir)
1480 return 0;
1481
1482 inode_lock(inode);
1483 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1484 if (err == -ENOSYS) {
1485 fc->no_fsyncdir = 1;
1486 err = 0;
1487 }
1488 inode_unlock(inode);
1489
1490 return err;
1491 }
1492
fuse_dir_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1493 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1494 unsigned long arg)
1495 {
1496 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1497
1498 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1499 if (fc->minor < 18)
1500 return -ENOTTY;
1501
1502 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1503 }
1504
fuse_dir_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1505 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1506 unsigned long arg)
1507 {
1508 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1509
1510 if (fc->minor < 18)
1511 return -ENOTTY;
1512
1513 return fuse_ioctl_common(file, cmd, arg,
1514 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1515 }
1516
update_mtime(unsigned ivalid,bool trust_local_mtime)1517 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1518 {
1519 /* Always update if mtime is explicitly set */
1520 if (ivalid & ATTR_MTIME_SET)
1521 return true;
1522
1523 /* Or if kernel i_mtime is the official one */
1524 if (trust_local_mtime)
1525 return true;
1526
1527 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1528 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1529 return false;
1530
1531 /* In all other cases update */
1532 return true;
1533 }
1534
iattr_to_fattr(struct fuse_conn * fc,struct iattr * iattr,struct fuse_setattr_in * arg,bool trust_local_cmtime)1535 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1536 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1537 {
1538 unsigned ivalid = iattr->ia_valid;
1539
1540 if (ivalid & ATTR_MODE)
1541 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1542 if (ivalid & ATTR_UID)
1543 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1544 if (ivalid & ATTR_GID)
1545 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1546 if (ivalid & ATTR_SIZE)
1547 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1548 if (ivalid & ATTR_ATIME) {
1549 arg->valid |= FATTR_ATIME;
1550 arg->atime = iattr->ia_atime.tv_sec;
1551 arg->atimensec = iattr->ia_atime.tv_nsec;
1552 if (!(ivalid & ATTR_ATIME_SET))
1553 arg->valid |= FATTR_ATIME_NOW;
1554 }
1555 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1556 arg->valid |= FATTR_MTIME;
1557 arg->mtime = iattr->ia_mtime.tv_sec;
1558 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1559 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1560 arg->valid |= FATTR_MTIME_NOW;
1561 }
1562 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1563 arg->valid |= FATTR_CTIME;
1564 arg->ctime = iattr->ia_ctime.tv_sec;
1565 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1566 }
1567 }
1568
1569 /*
1570 * Prevent concurrent writepages on inode
1571 *
1572 * This is done by adding a negative bias to the inode write counter
1573 * and waiting for all pending writes to finish.
1574 */
fuse_set_nowrite(struct inode * inode)1575 void fuse_set_nowrite(struct inode *inode)
1576 {
1577 struct fuse_inode *fi = get_fuse_inode(inode);
1578
1579 BUG_ON(!inode_is_locked(inode));
1580
1581 spin_lock(&fi->lock);
1582 BUG_ON(fi->writectr < 0);
1583 fi->writectr += FUSE_NOWRITE;
1584 spin_unlock(&fi->lock);
1585 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1586 }
1587
1588 /*
1589 * Allow writepages on inode
1590 *
1591 * Remove the bias from the writecounter and send any queued
1592 * writepages.
1593 */
__fuse_release_nowrite(struct inode * inode)1594 static void __fuse_release_nowrite(struct inode *inode)
1595 {
1596 struct fuse_inode *fi = get_fuse_inode(inode);
1597
1598 BUG_ON(fi->writectr != FUSE_NOWRITE);
1599 fi->writectr = 0;
1600 fuse_flush_writepages(inode);
1601 }
1602
fuse_release_nowrite(struct inode * inode)1603 void fuse_release_nowrite(struct inode *inode)
1604 {
1605 struct fuse_inode *fi = get_fuse_inode(inode);
1606
1607 spin_lock(&fi->lock);
1608 __fuse_release_nowrite(inode);
1609 spin_unlock(&fi->lock);
1610 }
1611
fuse_setattr_fill(struct fuse_conn * fc,struct fuse_args * args,struct inode * inode,struct fuse_setattr_in * inarg_p,struct fuse_attr_out * outarg_p)1612 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1613 struct inode *inode,
1614 struct fuse_setattr_in *inarg_p,
1615 struct fuse_attr_out *outarg_p)
1616 {
1617 args->opcode = FUSE_SETATTR;
1618 args->nodeid = get_node_id(inode);
1619 args->in_numargs = 1;
1620 args->in_args[0].size = sizeof(*inarg_p);
1621 args->in_args[0].value = inarg_p;
1622 args->out_numargs = 1;
1623 args->out_args[0].size = sizeof(*outarg_p);
1624 args->out_args[0].value = outarg_p;
1625 }
1626
1627 /*
1628 * Flush inode->i_mtime to the server
1629 */
fuse_flush_times(struct inode * inode,struct fuse_file * ff)1630 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1631 {
1632 struct fuse_mount *fm = get_fuse_mount(inode);
1633 FUSE_ARGS(args);
1634 struct fuse_setattr_in inarg;
1635 struct fuse_attr_out outarg;
1636
1637 memset(&inarg, 0, sizeof(inarg));
1638 memset(&outarg, 0, sizeof(outarg));
1639
1640 inarg.valid = FATTR_MTIME;
1641 inarg.mtime = inode->i_mtime.tv_sec;
1642 inarg.mtimensec = inode->i_mtime.tv_nsec;
1643 if (fm->fc->minor >= 23) {
1644 inarg.valid |= FATTR_CTIME;
1645 inarg.ctime = inode->i_ctime.tv_sec;
1646 inarg.ctimensec = inode->i_ctime.tv_nsec;
1647 }
1648 if (ff) {
1649 inarg.valid |= FATTR_FH;
1650 inarg.fh = ff->fh;
1651 }
1652 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1653
1654 return fuse_simple_request(fm, &args);
1655 }
1656
1657 /*
1658 * Set attributes, and at the same time refresh them.
1659 *
1660 * Truncation is slightly complicated, because the 'truncate' request
1661 * may fail, in which case we don't want to touch the mapping.
1662 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1663 * and the actual truncation by hand.
1664 */
fuse_do_setattr(struct dentry * dentry,struct iattr * attr,struct file * file)1665 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1666 struct file *file)
1667 {
1668 struct inode *inode = d_inode(dentry);
1669 struct fuse_mount *fm = get_fuse_mount(inode);
1670 struct fuse_conn *fc = fm->fc;
1671 struct fuse_inode *fi = get_fuse_inode(inode);
1672 struct address_space *mapping = inode->i_mapping;
1673 FUSE_ARGS(args);
1674 struct fuse_setattr_in inarg;
1675 struct fuse_attr_out outarg;
1676 bool is_truncate = false;
1677 bool is_wb = fc->writeback_cache && S_ISREG(inode->i_mode);
1678 loff_t oldsize;
1679 int err;
1680 bool trust_local_cmtime = is_wb;
1681 bool fault_blocked = false;
1682
1683 if (!fc->default_permissions)
1684 attr->ia_valid |= ATTR_FORCE;
1685
1686 err = setattr_prepare(&init_user_ns, dentry, attr);
1687 if (err)
1688 return err;
1689
1690 if (attr->ia_valid & ATTR_SIZE) {
1691 if (WARN_ON(!S_ISREG(inode->i_mode)))
1692 return -EIO;
1693 is_truncate = true;
1694 }
1695
1696 if (FUSE_IS_DAX(inode) && is_truncate) {
1697 filemap_invalidate_lock(mapping);
1698 fault_blocked = true;
1699 err = fuse_dax_break_layouts(inode, 0, 0);
1700 if (err) {
1701 filemap_invalidate_unlock(mapping);
1702 return err;
1703 }
1704 }
1705
1706 if (attr->ia_valid & ATTR_OPEN) {
1707 /* This is coming from open(..., ... | O_TRUNC); */
1708 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1709 WARN_ON(attr->ia_size != 0);
1710 if (fc->atomic_o_trunc) {
1711 /*
1712 * No need to send request to userspace, since actual
1713 * truncation has already been done by OPEN. But still
1714 * need to truncate page cache.
1715 */
1716 i_size_write(inode, 0);
1717 truncate_pagecache(inode, 0);
1718 goto out;
1719 }
1720 file = NULL;
1721 }
1722
1723 /* Flush dirty data/metadata before non-truncate SETATTR */
1724 if (is_wb &&
1725 attr->ia_valid &
1726 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1727 ATTR_TIMES_SET)) {
1728 err = write_inode_now(inode, true);
1729 if (err)
1730 return err;
1731
1732 fuse_set_nowrite(inode);
1733 fuse_release_nowrite(inode);
1734 }
1735
1736 if (is_truncate) {
1737 fuse_set_nowrite(inode);
1738 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1739 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1740 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1741 }
1742
1743 memset(&inarg, 0, sizeof(inarg));
1744 memset(&outarg, 0, sizeof(outarg));
1745 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1746 if (file) {
1747 struct fuse_file *ff = file->private_data;
1748 inarg.valid |= FATTR_FH;
1749 inarg.fh = ff->fh;
1750 }
1751
1752 /* Kill suid/sgid for non-directory chown unconditionally */
1753 if (fc->handle_killpriv_v2 && !S_ISDIR(inode->i_mode) &&
1754 attr->ia_valid & (ATTR_UID | ATTR_GID))
1755 inarg.valid |= FATTR_KILL_SUIDGID;
1756
1757 if (attr->ia_valid & ATTR_SIZE) {
1758 /* For mandatory locking in truncate */
1759 inarg.valid |= FATTR_LOCKOWNER;
1760 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1761
1762 /* Kill suid/sgid for truncate only if no CAP_FSETID */
1763 if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
1764 inarg.valid |= FATTR_KILL_SUIDGID;
1765 }
1766 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1767 err = fuse_simple_request(fm, &args);
1768 if (err) {
1769 if (err == -EINTR)
1770 fuse_invalidate_attr(inode);
1771 goto error;
1772 }
1773
1774 if (fuse_invalid_attr(&outarg.attr) ||
1775 inode_wrong_type(inode, outarg.attr.mode)) {
1776 fuse_make_bad(inode);
1777 err = -EIO;
1778 goto error;
1779 }
1780
1781 spin_lock(&fi->lock);
1782 /* the kernel maintains i_mtime locally */
1783 if (trust_local_cmtime) {
1784 if (attr->ia_valid & ATTR_MTIME)
1785 inode->i_mtime = attr->ia_mtime;
1786 if (attr->ia_valid & ATTR_CTIME)
1787 inode->i_ctime = attr->ia_ctime;
1788 /* FIXME: clear I_DIRTY_SYNC? */
1789 }
1790
1791 fuse_change_attributes_common(inode, &outarg.attr,
1792 attr_timeout(&outarg),
1793 fuse_get_cache_mask(inode));
1794 oldsize = inode->i_size;
1795 /* see the comment in fuse_change_attributes() */
1796 if (!is_wb || is_truncate)
1797 i_size_write(inode, outarg.attr.size);
1798
1799 if (is_truncate) {
1800 /* NOTE: this may release/reacquire fi->lock */
1801 __fuse_release_nowrite(inode);
1802 }
1803 spin_unlock(&fi->lock);
1804
1805 /*
1806 * Only call invalidate_inode_pages2() after removing
1807 * FUSE_NOWRITE, otherwise fuse_launder_folio() would deadlock.
1808 */
1809 if ((is_truncate || !is_wb) &&
1810 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1811 truncate_pagecache(inode, outarg.attr.size);
1812 invalidate_inode_pages2(mapping);
1813 }
1814
1815 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1816 out:
1817 if (fault_blocked)
1818 filemap_invalidate_unlock(mapping);
1819
1820 return 0;
1821
1822 error:
1823 if (is_truncate)
1824 fuse_release_nowrite(inode);
1825
1826 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1827
1828 if (fault_blocked)
1829 filemap_invalidate_unlock(mapping);
1830 return err;
1831 }
1832
fuse_setattr(struct user_namespace * mnt_userns,struct dentry * entry,struct iattr * attr)1833 static int fuse_setattr(struct user_namespace *mnt_userns, struct dentry *entry,
1834 struct iattr *attr)
1835 {
1836 struct inode *inode = d_inode(entry);
1837 struct fuse_conn *fc = get_fuse_conn(inode);
1838 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1839 int ret;
1840
1841 if (fuse_is_bad(inode))
1842 return -EIO;
1843
1844 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1845 return -EACCES;
1846
1847 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1848 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1849 ATTR_MODE);
1850
1851 /*
1852 * The only sane way to reliably kill suid/sgid is to do it in
1853 * the userspace filesystem
1854 *
1855 * This should be done on write(), truncate() and chown().
1856 */
1857 if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
1858 /*
1859 * ia_mode calculation may have used stale i_mode.
1860 * Refresh and recalculate.
1861 */
1862 ret = fuse_do_getattr(inode, NULL, file);
1863 if (ret)
1864 return ret;
1865
1866 attr->ia_mode = inode->i_mode;
1867 if (inode->i_mode & S_ISUID) {
1868 attr->ia_valid |= ATTR_MODE;
1869 attr->ia_mode &= ~S_ISUID;
1870 }
1871 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1872 attr->ia_valid |= ATTR_MODE;
1873 attr->ia_mode &= ~S_ISGID;
1874 }
1875 }
1876 }
1877 if (!attr->ia_valid)
1878 return 0;
1879
1880 ret = fuse_do_setattr(entry, attr, file);
1881 if (!ret) {
1882 /*
1883 * If filesystem supports acls it may have updated acl xattrs in
1884 * the filesystem, so forget cached acls for the inode.
1885 */
1886 if (fc->posix_acl)
1887 forget_all_cached_acls(inode);
1888
1889 /* Directory mode changed, may need to revalidate access */
1890 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1891 fuse_invalidate_entry_cache(entry);
1892 }
1893 return ret;
1894 }
1895
fuse_getattr(struct user_namespace * mnt_userns,const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1896 static int fuse_getattr(struct user_namespace *mnt_userns,
1897 const struct path *path, struct kstat *stat,
1898 u32 request_mask, unsigned int flags)
1899 {
1900 struct inode *inode = d_inode(path->dentry);
1901 struct fuse_conn *fc = get_fuse_conn(inode);
1902
1903 if (fuse_is_bad(inode))
1904 return -EIO;
1905
1906 if (!fuse_allow_current_process(fc)) {
1907 if (!request_mask) {
1908 /*
1909 * If user explicitly requested *nothing* then don't
1910 * error out, but return st_dev only.
1911 */
1912 stat->result_mask = 0;
1913 stat->dev = inode->i_sb->s_dev;
1914 return 0;
1915 }
1916 return -EACCES;
1917 }
1918
1919 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
1920 }
1921
1922 static const struct inode_operations fuse_dir_inode_operations = {
1923 .lookup = fuse_lookup,
1924 .mkdir = fuse_mkdir,
1925 .symlink = fuse_symlink,
1926 .unlink = fuse_unlink,
1927 .rmdir = fuse_rmdir,
1928 .rename = fuse_rename2,
1929 .link = fuse_link,
1930 .setattr = fuse_setattr,
1931 .create = fuse_create,
1932 .atomic_open = fuse_atomic_open,
1933 .tmpfile = fuse_tmpfile,
1934 .mknod = fuse_mknod,
1935 .permission = fuse_permission,
1936 .getattr = fuse_getattr,
1937 .listxattr = fuse_listxattr,
1938 .get_acl = fuse_get_acl,
1939 .set_acl = fuse_set_acl,
1940 .fileattr_get = fuse_fileattr_get,
1941 .fileattr_set = fuse_fileattr_set,
1942 };
1943
1944 static const struct file_operations fuse_dir_operations = {
1945 .llseek = generic_file_llseek,
1946 .read = generic_read_dir,
1947 .iterate_shared = fuse_readdir,
1948 .open = fuse_dir_open,
1949 .release = fuse_dir_release,
1950 .fsync = fuse_dir_fsync,
1951 .unlocked_ioctl = fuse_dir_ioctl,
1952 .compat_ioctl = fuse_dir_compat_ioctl,
1953 };
1954
1955 static const struct inode_operations fuse_common_inode_operations = {
1956 .setattr = fuse_setattr,
1957 .permission = fuse_permission,
1958 .getattr = fuse_getattr,
1959 .listxattr = fuse_listxattr,
1960 .get_acl = fuse_get_acl,
1961 .set_acl = fuse_set_acl,
1962 .fileattr_get = fuse_fileattr_get,
1963 .fileattr_set = fuse_fileattr_set,
1964 };
1965
1966 static const struct inode_operations fuse_symlink_inode_operations = {
1967 .setattr = fuse_setattr,
1968 .get_link = fuse_get_link,
1969 .getattr = fuse_getattr,
1970 .listxattr = fuse_listxattr,
1971 };
1972
fuse_init_common(struct inode * inode)1973 void fuse_init_common(struct inode *inode)
1974 {
1975 inode->i_op = &fuse_common_inode_operations;
1976 }
1977
fuse_init_dir(struct inode * inode)1978 void fuse_init_dir(struct inode *inode)
1979 {
1980 struct fuse_inode *fi = get_fuse_inode(inode);
1981
1982 inode->i_op = &fuse_dir_inode_operations;
1983 inode->i_fop = &fuse_dir_operations;
1984
1985 spin_lock_init(&fi->rdc.lock);
1986 fi->rdc.cached = false;
1987 fi->rdc.size = 0;
1988 fi->rdc.pos = 0;
1989 fi->rdc.version = 0;
1990 }
1991
fuse_symlink_read_folio(struct file * null,struct folio * folio)1992 static int fuse_symlink_read_folio(struct file *null, struct folio *folio)
1993 {
1994 int err = fuse_readlink_page(folio->mapping->host, &folio->page);
1995
1996 if (!err)
1997 folio_mark_uptodate(folio);
1998
1999 folio_unlock(folio);
2000
2001 return err;
2002 }
2003
2004 static const struct address_space_operations fuse_symlink_aops = {
2005 .read_folio = fuse_symlink_read_folio,
2006 };
2007
fuse_init_symlink(struct inode * inode)2008 void fuse_init_symlink(struct inode *inode)
2009 {
2010 inode->i_op = &fuse_symlink_inode_operations;
2011 inode->i_data.a_ops = &fuse_symlink_aops;
2012 inode_nohighmem(inode);
2013 }
2014
