1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/fs_context.h>
14 #include <linux/sched.h>
15 #include <linux/namei.h>
16 #include <linux/slab.h>
17 #include <linux/xattr.h>
18 #include <linux/iversion.h>
19 #include <linux/posix_acl.h>
20
fuse_advise_use_readdirplus(struct inode * dir)21 static void fuse_advise_use_readdirplus(struct inode *dir)
22 {
23 struct fuse_inode *fi = get_fuse_inode(dir);
24
25 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
26 }
27
28 #if BITS_PER_LONG >= 64
__fuse_dentry_settime(struct dentry * entry,u64 time)29 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
30 {
31 entry->d_fsdata = (void *) time;
32 }
33
fuse_dentry_time(const struct dentry * entry)34 static inline u64 fuse_dentry_time(const struct dentry *entry)
35 {
36 return (u64)entry->d_fsdata;
37 }
38
39 #else
40 union fuse_dentry {
41 u64 time;
42 struct rcu_head rcu;
43 };
44
__fuse_dentry_settime(struct dentry * dentry,u64 time)45 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
46 {
47 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
48 }
49
fuse_dentry_time(const struct dentry * entry)50 static inline u64 fuse_dentry_time(const struct dentry *entry)
51 {
52 return ((union fuse_dentry *) entry->d_fsdata)->time;
53 }
54 #endif
55
fuse_dentry_settime(struct dentry * dentry,u64 time)56 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
57 {
58 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
59 bool delete = !time && fc->delete_stale;
60 /*
61 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
62 * Don't care about races, either way it's just an optimization
63 */
64 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
65 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
66 spin_lock(&dentry->d_lock);
67 if (!delete)
68 dentry->d_flags &= ~DCACHE_OP_DELETE;
69 else
70 dentry->d_flags |= DCACHE_OP_DELETE;
71 spin_unlock(&dentry->d_lock);
72 }
73
74 __fuse_dentry_settime(dentry, time);
75 }
76
77 /*
78 * FUSE caches dentries and attributes with separate timeout. The
79 * time in jiffies until the dentry/attributes are valid is stored in
80 * dentry->d_fsdata and fuse_inode->i_time respectively.
81 */
82
83 /*
84 * Calculate the time in jiffies until a dentry/attributes are valid
85 */
time_to_jiffies(u64 sec,u32 nsec)86 static u64 time_to_jiffies(u64 sec, u32 nsec)
87 {
88 if (sec || nsec) {
89 struct timespec64 ts = {
90 sec,
91 min_t(u32, nsec, NSEC_PER_SEC - 1)
92 };
93
94 return get_jiffies_64() + timespec64_to_jiffies(&ts);
95 } else
96 return 0;
97 }
98
99 /*
100 * Set dentry and possibly attribute timeouts from the lookup/mk*
101 * replies
102 */
fuse_change_entry_timeout(struct dentry * entry,struct fuse_entry_out * o)103 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
104 {
105 fuse_dentry_settime(entry,
106 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
107 }
108
attr_timeout(struct fuse_attr_out * o)109 static u64 attr_timeout(struct fuse_attr_out *o)
110 {
111 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
112 }
113
entry_attr_timeout(struct fuse_entry_out * o)114 u64 entry_attr_timeout(struct fuse_entry_out *o)
115 {
116 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
117 }
118
fuse_invalidate_attr_mask(struct inode * inode,u32 mask)119 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
120 {
121 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
122 }
123
124 /*
125 * Mark the attributes as stale, so that at the next call to
126 * ->getattr() they will be fetched from userspace
127 */
fuse_invalidate_attr(struct inode * inode)128 void fuse_invalidate_attr(struct inode *inode)
129 {
130 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
131 }
132
fuse_dir_changed(struct inode * dir)133 static void fuse_dir_changed(struct inode *dir)
134 {
135 fuse_invalidate_attr(dir);
136 inode_maybe_inc_iversion(dir, false);
137 }
138
139 /**
140 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
141 * atime is not used.
142 */
fuse_invalidate_atime(struct inode * inode)143 void fuse_invalidate_atime(struct inode *inode)
144 {
145 if (!IS_RDONLY(inode))
146 fuse_invalidate_attr_mask(inode, STATX_ATIME);
147 }
148
149 /*
150 * Just mark the entry as stale, so that a next attempt to look it up
151 * will result in a new lookup call to userspace
152 *
153 * This is called when a dentry is about to become negative and the
154 * timeout is unknown (unlink, rmdir, rename and in some cases
155 * lookup)
156 */
fuse_invalidate_entry_cache(struct dentry * entry)157 void fuse_invalidate_entry_cache(struct dentry *entry)
158 {
159 fuse_dentry_settime(entry, 0);
160 }
161
162 /*
163 * Same as fuse_invalidate_entry_cache(), but also try to remove the
164 * dentry from the hash
165 */
fuse_invalidate_entry(struct dentry * entry)166 static void fuse_invalidate_entry(struct dentry *entry)
167 {
168 d_invalidate(entry);
169 fuse_invalidate_entry_cache(entry);
170 }
171
fuse_lookup_init(struct fuse_conn * fc,struct fuse_args * args,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg)172 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
173 u64 nodeid, const struct qstr *name,
174 struct fuse_entry_out *outarg)
175 {
176 memset(outarg, 0, sizeof(struct fuse_entry_out));
177 args->opcode = FUSE_LOOKUP;
178 args->nodeid = nodeid;
179 args->in_numargs = 1;
180 args->in_args[0].size = name->len + 1;
181 args->in_args[0].value = name->name;
182 args->out_numargs = 1;
183 args->out_args[0].size = sizeof(struct fuse_entry_out);
184 args->out_args[0].value = outarg;
185 }
186
187 /*
188 * Check whether the dentry is still valid
189 *
190 * If the entry validity timeout has expired and the dentry is
191 * positive, try to redo the lookup. If the lookup results in a
192 * different inode, then let the VFS invalidate the dentry and redo
193 * the lookup once more. If the lookup results in the same inode,
194 * then refresh the attributes, timeouts and mark the dentry valid.
195 */
fuse_dentry_revalidate(struct dentry * entry,unsigned int flags)196 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
197 {
198 struct inode *inode;
199 struct dentry *parent;
200 struct fuse_mount *fm;
201 struct fuse_inode *fi;
202 int ret;
203
204 inode = d_inode_rcu(entry);
205 if (inode && is_bad_inode(inode))
206 goto invalid;
207 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
208 (flags & LOOKUP_REVAL)) {
209 struct fuse_entry_out outarg;
210 FUSE_ARGS(args);
211 struct fuse_forget_link *forget;
212 u64 attr_version;
213
214 /* For negative dentries, always do a fresh lookup */
215 if (!inode)
216 goto invalid;
217
218 ret = -ECHILD;
219 if (flags & LOOKUP_RCU)
220 goto out;
221
222 fm = get_fuse_mount(inode);
223
224 forget = fuse_alloc_forget();
225 ret = -ENOMEM;
226 if (!forget)
227 goto out;
228
229 attr_version = fuse_get_attr_version(fm->fc);
230
231 parent = dget_parent(entry);
232 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
233 &entry->d_name, &outarg);
234 ret = fuse_simple_request(fm, &args);
235 dput(parent);
236 /* Zero nodeid is same as -ENOENT */
237 if (!ret && !outarg.nodeid)
238 ret = -ENOENT;
239 if (!ret) {
240 fi = get_fuse_inode(inode);
241 if (outarg.nodeid != get_node_id(inode) ||
242 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
243 fuse_queue_forget(fm->fc, forget,
244 outarg.nodeid, 1);
245 goto invalid;
246 }
247 spin_lock(&fi->lock);
248 fi->nlookup++;
249 spin_unlock(&fi->lock);
250 }
251 kfree(forget);
252 if (ret == -ENOMEM)
253 goto out;
254 if (ret || fuse_invalid_attr(&outarg.attr) ||
255 (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
256 goto invalid;
257
258 forget_all_cached_acls(inode);
259 fuse_change_attributes(inode, &outarg.attr,
260 entry_attr_timeout(&outarg),
261 attr_version);
262 fuse_change_entry_timeout(entry, &outarg);
263 } else if (inode) {
264 fi = get_fuse_inode(inode);
265 if (flags & LOOKUP_RCU) {
266 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
267 return -ECHILD;
268 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
269 parent = dget_parent(entry);
270 fuse_advise_use_readdirplus(d_inode(parent));
271 dput(parent);
272 }
273 }
274 ret = 1;
275 out:
276 return ret;
277
278 invalid:
279 ret = 0;
280 goto out;
281 }
282
283 #if BITS_PER_LONG < 64
fuse_dentry_init(struct dentry * dentry)284 static int fuse_dentry_init(struct dentry *dentry)
285 {
286 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
287 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
288
289 return dentry->d_fsdata ? 0 : -ENOMEM;
290 }
fuse_dentry_release(struct dentry * dentry)291 static void fuse_dentry_release(struct dentry *dentry)
292 {
293 union fuse_dentry *fd = dentry->d_fsdata;
294
295 kfree_rcu(fd, rcu);
296 }
297 #endif
298
fuse_dentry_delete(const struct dentry * dentry)299 static int fuse_dentry_delete(const struct dentry *dentry)
300 {
301 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
302 }
303
304 /*
305 * Create a fuse_mount object with a new superblock (with path->dentry
306 * as the root), and return that mount so it can be auto-mounted on
307 * @path.
308 */
fuse_dentry_automount(struct path * path)309 static struct vfsmount *fuse_dentry_automount(struct path *path)
310 {
311 struct fs_context *fsc;
312 struct fuse_mount *parent_fm = get_fuse_mount_super(path->mnt->mnt_sb);
313 struct fuse_conn *fc = parent_fm->fc;
314 struct fuse_mount *fm;
315 struct vfsmount *mnt;
316 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
317 struct super_block *sb;
318 int err;
319
320 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
321 if (IS_ERR(fsc)) {
322 err = PTR_ERR(fsc);
323 goto out;
324 }
325
326 err = -ENOMEM;
327 fm = kzalloc(sizeof(struct fuse_mount), GFP_KERNEL);
328 if (!fm)
329 goto out_put_fsc;
330
331 refcount_set(&fm->count, 1);
332 fsc->s_fs_info = fm;
333 sb = sget_fc(fsc, NULL, set_anon_super_fc);
334 if (IS_ERR(sb)) {
335 err = PTR_ERR(sb);
336 fuse_mount_put(fm);
337 goto out_put_fsc;
338 }
339 fm->fc = fuse_conn_get(fc);
340
341 /* Initialize superblock, making @mp_fi its root */
342 err = fuse_fill_super_submount(sb, mp_fi);
343 if (err)
344 goto out_put_sb;
345
346 sb->s_flags |= SB_ACTIVE;
347 fsc->root = dget(sb->s_root);
348 /* We are done configuring the superblock, so unlock it */
349 up_write(&sb->s_umount);
350
351 down_write(&fc->killsb);
352 list_add_tail(&fm->fc_entry, &fc->mounts);
353 up_write(&fc->killsb);
354
355 /* Create the submount */
356 mnt = vfs_create_mount(fsc);
357 if (IS_ERR(mnt)) {
358 err = PTR_ERR(mnt);
359 goto out_put_fsc;
360 }
361 mntget(mnt);
362 put_fs_context(fsc);
363 return mnt;
364
365 out_put_sb:
366 /*
367 * Only jump here when fsc->root is NULL and sb is still locked
368 * (otherwise put_fs_context() will put the superblock)
369 */
370 deactivate_locked_super(sb);
371 out_put_fsc:
372 put_fs_context(fsc);
373 out:
374 return ERR_PTR(err);
375 }
376
377 const struct dentry_operations fuse_dentry_operations = {
378 .d_revalidate = fuse_dentry_revalidate,
379 .d_delete = fuse_dentry_delete,
380 #if BITS_PER_LONG < 64
381 .d_init = fuse_dentry_init,
382 .d_release = fuse_dentry_release,
383 #endif
384 .d_automount = fuse_dentry_automount,
385 };
386
387 const struct dentry_operations fuse_root_dentry_operations = {
388 #if BITS_PER_LONG < 64
389 .d_init = fuse_dentry_init,
390 .d_release = fuse_dentry_release,
391 #endif
392 };
393
fuse_valid_type(int m)394 int fuse_valid_type(int m)
395 {
396 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
397 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
398 }
399
fuse_invalid_attr(struct fuse_attr * attr)400 bool fuse_invalid_attr(struct fuse_attr *attr)
401 {
402 return !fuse_valid_type(attr->mode) ||
403 attr->size > LLONG_MAX;
404 }
405
fuse_lookup_name(struct super_block * sb,u64 nodeid,const struct qstr * name,struct fuse_entry_out * outarg,struct inode ** inode)406 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
407 struct fuse_entry_out *outarg, struct inode **inode)
408 {
409 struct fuse_mount *fm = get_fuse_mount_super(sb);
410 FUSE_ARGS(args);
411 struct fuse_forget_link *forget;
412 u64 attr_version;
413 int err;
414
415 *inode = NULL;
416 err = -ENAMETOOLONG;
417 if (name->len > FUSE_NAME_MAX)
418 goto out;
419
420
421 forget = fuse_alloc_forget();
422 err = -ENOMEM;
423 if (!forget)
424 goto out;
425
426 attr_version = fuse_get_attr_version(fm->fc);
427
428 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg);
429 err = fuse_simple_request(fm, &args);
430 /* Zero nodeid is same as -ENOENT, but with valid timeout */
431 if (err || !outarg->nodeid)
432 goto out_put_forget;
433
434 err = -EIO;
435 if (!outarg->nodeid)
436 goto out_put_forget;
437 if (fuse_invalid_attr(&outarg->attr))
438 goto out_put_forget;
439
440 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
441 &outarg->attr, entry_attr_timeout(outarg),
442 attr_version);
443 err = -ENOMEM;
444 if (!*inode) {
445 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
446 goto out;
447 }
448 err = 0;
449
450 out_put_forget:
451 kfree(forget);
452 out:
453 return err;
454 }
455
fuse_lookup(struct inode * dir,struct dentry * entry,unsigned int flags)456 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
457 unsigned int flags)
458 {
459 int err;
460 struct fuse_entry_out outarg;
461 struct inode *inode;
462 struct dentry *newent;
463 bool outarg_valid = true;
464 bool locked;
465
466 locked = fuse_lock_inode(dir);
467 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
468 &outarg, &inode);
469 fuse_unlock_inode(dir, locked);
470 if (err == -ENOENT) {
471 outarg_valid = false;
472 err = 0;
473 }
474 if (err)
475 goto out_err;
476
477 err = -EIO;
478 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
479 goto out_iput;
480
481 newent = d_splice_alias(inode, entry);
482 err = PTR_ERR(newent);
483 if (IS_ERR(newent))
484 goto out_err;
485
486 entry = newent ? newent : entry;
487 if (outarg_valid)
488 fuse_change_entry_timeout(entry, &outarg);
489 else
490 fuse_invalidate_entry_cache(entry);
491
492 if (inode)
493 fuse_advise_use_readdirplus(dir);
494 return newent;
495
496 out_iput:
497 iput(inode);
498 out_err:
499 return ERR_PTR(err);
500 }
501
502 /*
503 * Atomic create+open operation
504 *
505 * If the filesystem doesn't support this, then fall back to separate
506 * 'mknod' + 'open' requests.
507 */
fuse_create_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode)508 static int fuse_create_open(struct inode *dir, struct dentry *entry,
509 struct file *file, unsigned flags,
510 umode_t mode)
511 {
512 int err;
513 struct inode *inode;
514 struct fuse_mount *fm = get_fuse_mount(dir);
515 FUSE_ARGS(args);
516 struct fuse_forget_link *forget;
517 struct fuse_create_in inarg;
518 struct fuse_open_out outopen;
519 struct fuse_entry_out outentry;
520 struct fuse_inode *fi;
521 struct fuse_file *ff;
522
523 /* Userspace expects S_IFREG in create mode */
524 BUG_ON((mode & S_IFMT) != S_IFREG);
525
526 forget = fuse_alloc_forget();
527 err = -ENOMEM;
528 if (!forget)
529 goto out_err;
530
531 err = -ENOMEM;
532 ff = fuse_file_alloc(fm);
533 if (!ff)
534 goto out_put_forget_req;
535
536 if (!fm->fc->dont_mask)
537 mode &= ~current_umask();
538
539 flags &= ~O_NOCTTY;
540 memset(&inarg, 0, sizeof(inarg));
541 memset(&outentry, 0, sizeof(outentry));
542 inarg.flags = flags;
543 inarg.mode = mode;
544 inarg.umask = current_umask();
545 args.opcode = FUSE_CREATE;
546 args.nodeid = get_node_id(dir);
547 args.in_numargs = 2;
548 args.in_args[0].size = sizeof(inarg);
549 args.in_args[0].value = &inarg;
550 args.in_args[1].size = entry->d_name.len + 1;
551 args.in_args[1].value = entry->d_name.name;
552 args.out_numargs = 2;
553 args.out_args[0].size = sizeof(outentry);
554 args.out_args[0].value = &outentry;
555 args.out_args[1].size = sizeof(outopen);
556 args.out_args[1].value = &outopen;
557 err = fuse_simple_request(fm, &args);
558 if (err)
559 goto out_free_ff;
560
561 err = -EIO;
562 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
563 fuse_invalid_attr(&outentry.attr))
564 goto out_free_ff;
565
566 ff->fh = outopen.fh;
567 ff->nodeid = outentry.nodeid;
568 ff->open_flags = outopen.open_flags;
569 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
570 &outentry.attr, entry_attr_timeout(&outentry), 0);
571 if (!inode) {
572 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
573 fuse_sync_release(NULL, ff, flags);
574 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
575 err = -ENOMEM;
576 goto out_err;
577 }
578 kfree(forget);
579 d_instantiate(entry, inode);
580 fuse_change_entry_timeout(entry, &outentry);
581 fuse_dir_changed(dir);
582 err = finish_open(file, entry, generic_file_open);
583 if (err) {
584 fi = get_fuse_inode(inode);
585 fuse_sync_release(fi, ff, flags);
586 } else {
587 file->private_data = ff;
588 fuse_finish_open(inode, file);
589 }
590 return err;
591
592 out_free_ff:
593 fuse_file_free(ff);
594 out_put_forget_req:
595 kfree(forget);
596 out_err:
597 return err;
598 }
599
600 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
fuse_atomic_open(struct inode * dir,struct dentry * entry,struct file * file,unsigned flags,umode_t mode)601 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
602 struct file *file, unsigned flags,
603 umode_t mode)
604 {
605 int err;
606 struct fuse_conn *fc = get_fuse_conn(dir);
607 struct dentry *res = NULL;
608
609 if (d_in_lookup(entry)) {
610 res = fuse_lookup(dir, entry, 0);
611 if (IS_ERR(res))
612 return PTR_ERR(res);
613
614 if (res)
615 entry = res;
616 }
617
618 if (!(flags & O_CREAT) || d_really_is_positive(entry))
619 goto no_open;
620
621 /* Only creates */
622 file->f_mode |= FMODE_CREATED;
623
624 if (fc->no_create)
625 goto mknod;
626
627 err = fuse_create_open(dir, entry, file, flags, mode);
628 if (err == -ENOSYS) {
629 fc->no_create = 1;
630 goto mknod;
631 }
632 out_dput:
633 dput(res);
634 return err;
635
636 mknod:
637 err = fuse_mknod(dir, entry, mode, 0);
638 if (err)
639 goto out_dput;
640 no_open:
641 return finish_no_open(file, res);
642 }
643
644 /*
645 * Code shared between mknod, mkdir, symlink and link
646 */
create_new_entry(struct fuse_mount * fm,struct fuse_args * args,struct inode * dir,struct dentry * entry,umode_t mode)647 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args,
648 struct inode *dir, struct dentry *entry,
649 umode_t mode)
650 {
651 struct fuse_entry_out outarg;
652 struct inode *inode;
653 struct dentry *d;
654 int err;
655 struct fuse_forget_link *forget;
656
657 forget = fuse_alloc_forget();
658 if (!forget)
659 return -ENOMEM;
660
661 memset(&outarg, 0, sizeof(outarg));
662 args->nodeid = get_node_id(dir);
663 args->out_numargs = 1;
664 args->out_args[0].size = sizeof(outarg);
665 args->out_args[0].value = &outarg;
666 err = fuse_simple_request(fm, args);
667 if (err)
668 goto out_put_forget_req;
669
670 err = -EIO;
671 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
672 goto out_put_forget_req;
673
674 if ((outarg.attr.mode ^ mode) & S_IFMT)
675 goto out_put_forget_req;
676
677 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
678 &outarg.attr, entry_attr_timeout(&outarg), 0);
679 if (!inode) {
680 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
681 return -ENOMEM;
682 }
683 kfree(forget);
684
685 d_drop(entry);
686 d = d_splice_alias(inode, entry);
687 if (IS_ERR(d))
688 return PTR_ERR(d);
689
690 if (d) {
691 fuse_change_entry_timeout(d, &outarg);
692 dput(d);
693 } else {
694 fuse_change_entry_timeout(entry, &outarg);
695 }
696 fuse_dir_changed(dir);
697 return 0;
698
699 out_put_forget_req:
700 kfree(forget);
701 return err;
702 }
703
fuse_mknod(struct inode * dir,struct dentry * entry,umode_t mode,dev_t rdev)704 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
705 dev_t rdev)
706 {
707 struct fuse_mknod_in inarg;
708 struct fuse_mount *fm = get_fuse_mount(dir);
709 FUSE_ARGS(args);
710
711 if (!fm->fc->dont_mask)
712 mode &= ~current_umask();
713
714 memset(&inarg, 0, sizeof(inarg));
715 inarg.mode = mode;
716 inarg.rdev = new_encode_dev(rdev);
717 inarg.umask = current_umask();
718 args.opcode = FUSE_MKNOD;
719 args.in_numargs = 2;
720 args.in_args[0].size = sizeof(inarg);
721 args.in_args[0].value = &inarg;
722 args.in_args[1].size = entry->d_name.len + 1;
723 args.in_args[1].value = entry->d_name.name;
724 return create_new_entry(fm, &args, dir, entry, mode);
725 }
726
fuse_create(struct inode * dir,struct dentry * entry,umode_t mode,bool excl)727 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
728 bool excl)
729 {
730 return fuse_mknod(dir, entry, mode, 0);
731 }
732
fuse_mkdir(struct inode * dir,struct dentry * entry,umode_t mode)733 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
734 {
735 struct fuse_mkdir_in inarg;
736 struct fuse_mount *fm = get_fuse_mount(dir);
737 FUSE_ARGS(args);
738
739 if (!fm->fc->dont_mask)
740 mode &= ~current_umask();
741
742 memset(&inarg, 0, sizeof(inarg));
743 inarg.mode = mode;
744 inarg.umask = current_umask();
745 args.opcode = FUSE_MKDIR;
746 args.in_numargs = 2;
747 args.in_args[0].size = sizeof(inarg);
748 args.in_args[0].value = &inarg;
749 args.in_args[1].size = entry->d_name.len + 1;
750 args.in_args[1].value = entry->d_name.name;
751 return create_new_entry(fm, &args, dir, entry, S_IFDIR);
752 }
753
fuse_symlink(struct inode * dir,struct dentry * entry,const char * link)754 static int fuse_symlink(struct inode *dir, struct dentry *entry,
755 const char *link)
756 {
757 struct fuse_mount *fm = get_fuse_mount(dir);
758 unsigned len = strlen(link) + 1;
759 FUSE_ARGS(args);
760
761 args.opcode = FUSE_SYMLINK;
762 args.in_numargs = 2;
763 args.in_args[0].size = entry->d_name.len + 1;
764 args.in_args[0].value = entry->d_name.name;
765 args.in_args[1].size = len;
766 args.in_args[1].value = link;
767 return create_new_entry(fm, &args, dir, entry, S_IFLNK);
768 }
769
fuse_update_ctime(struct inode * inode)770 void fuse_update_ctime(struct inode *inode)
771 {
772 if (!IS_NOCMTIME(inode)) {
773 inode->i_ctime = current_time(inode);
774 mark_inode_dirty_sync(inode);
775 }
776 }
777
fuse_unlink(struct inode * dir,struct dentry * entry)778 static int fuse_unlink(struct inode *dir, struct dentry *entry)
779 {
780 int err;
781 struct fuse_mount *fm = get_fuse_mount(dir);
782 FUSE_ARGS(args);
783
784 args.opcode = FUSE_UNLINK;
785 args.nodeid = get_node_id(dir);
786 args.in_numargs = 1;
787 args.in_args[0].size = entry->d_name.len + 1;
788 args.in_args[0].value = entry->d_name.name;
789 err = fuse_simple_request(fm, &args);
790 if (!err) {
791 struct inode *inode = d_inode(entry);
792 struct fuse_inode *fi = get_fuse_inode(inode);
793
794 spin_lock(&fi->lock);
795 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version);
796 /*
797 * If i_nlink == 0 then unlink doesn't make sense, yet this can
798 * happen if userspace filesystem is careless. It would be
799 * difficult to enforce correct nlink usage so just ignore this
800 * condition here
801 */
802 if (inode->i_nlink > 0)
803 drop_nlink(inode);
804 spin_unlock(&fi->lock);
805 fuse_invalidate_attr(inode);
806 fuse_dir_changed(dir);
807 fuse_invalidate_entry_cache(entry);
808 fuse_update_ctime(inode);
809 } else if (err == -EINTR)
810 fuse_invalidate_entry(entry);
811 return err;
812 }
813
fuse_rmdir(struct inode * dir,struct dentry * entry)814 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
815 {
816 int err;
817 struct fuse_mount *fm = get_fuse_mount(dir);
818 FUSE_ARGS(args);
819
820 args.opcode = FUSE_RMDIR;
821 args.nodeid = get_node_id(dir);
822 args.in_numargs = 1;
823 args.in_args[0].size = entry->d_name.len + 1;
824 args.in_args[0].value = entry->d_name.name;
825 err = fuse_simple_request(fm, &args);
826 if (!err) {
827 clear_nlink(d_inode(entry));
828 fuse_dir_changed(dir);
829 fuse_invalidate_entry_cache(entry);
830 } else if (err == -EINTR)
831 fuse_invalidate_entry(entry);
832 return err;
833 }
834
fuse_rename_common(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags,int opcode,size_t argsize)835 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
836 struct inode *newdir, struct dentry *newent,
837 unsigned int flags, int opcode, size_t argsize)
838 {
839 int err;
840 struct fuse_rename2_in inarg;
841 struct fuse_mount *fm = get_fuse_mount(olddir);
842 FUSE_ARGS(args);
843
844 memset(&inarg, 0, argsize);
845 inarg.newdir = get_node_id(newdir);
846 inarg.flags = flags;
847 args.opcode = opcode;
848 args.nodeid = get_node_id(olddir);
849 args.in_numargs = 3;
850 args.in_args[0].size = argsize;
851 args.in_args[0].value = &inarg;
852 args.in_args[1].size = oldent->d_name.len + 1;
853 args.in_args[1].value = oldent->d_name.name;
854 args.in_args[2].size = newent->d_name.len + 1;
855 args.in_args[2].value = newent->d_name.name;
856 err = fuse_simple_request(fm, &args);
857 if (!err) {
858 /* ctime changes */
859 fuse_invalidate_attr(d_inode(oldent));
860 fuse_update_ctime(d_inode(oldent));
861
862 if (flags & RENAME_EXCHANGE) {
863 fuse_invalidate_attr(d_inode(newent));
864 fuse_update_ctime(d_inode(newent));
865 }
866
867 fuse_dir_changed(olddir);
868 if (olddir != newdir)
869 fuse_dir_changed(newdir);
870
871 /* newent will end up negative */
872 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
873 fuse_invalidate_attr(d_inode(newent));
874 fuse_invalidate_entry_cache(newent);
875 fuse_update_ctime(d_inode(newent));
876 }
877 } else if (err == -EINTR) {
878 /* If request was interrupted, DEITY only knows if the
879 rename actually took place. If the invalidation
880 fails (e.g. some process has CWD under the renamed
881 directory), then there can be inconsistency between
882 the dcache and the real filesystem. Tough luck. */
883 fuse_invalidate_entry(oldent);
884 if (d_really_is_positive(newent))
885 fuse_invalidate_entry(newent);
886 }
887
888 return err;
889 }
890
fuse_rename2(struct inode * olddir,struct dentry * oldent,struct inode * newdir,struct dentry * newent,unsigned int flags)891 static int fuse_rename2(struct inode *olddir, struct dentry *oldent,
892 struct inode *newdir, struct dentry *newent,
893 unsigned int flags)
894 {
895 struct fuse_conn *fc = get_fuse_conn(olddir);
896 int err;
897
898 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
899 return -EINVAL;
900
901 if (flags) {
902 if (fc->no_rename2 || fc->minor < 23)
903 return -EINVAL;
904
905 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
906 FUSE_RENAME2,
907 sizeof(struct fuse_rename2_in));
908 if (err == -ENOSYS) {
909 fc->no_rename2 = 1;
910 err = -EINVAL;
911 }
912 } else {
913 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
914 FUSE_RENAME,
915 sizeof(struct fuse_rename_in));
916 }
917
918 return err;
919 }
920
fuse_link(struct dentry * entry,struct inode * newdir,struct dentry * newent)921 static int fuse_link(struct dentry *entry, struct inode *newdir,
922 struct dentry *newent)
923 {
924 int err;
925 struct fuse_link_in inarg;
926 struct inode *inode = d_inode(entry);
927 struct fuse_mount *fm = get_fuse_mount(inode);
928 FUSE_ARGS(args);
929
930 memset(&inarg, 0, sizeof(inarg));
931 inarg.oldnodeid = get_node_id(inode);
932 args.opcode = FUSE_LINK;
933 args.in_numargs = 2;
934 args.in_args[0].size = sizeof(inarg);
935 args.in_args[0].value = &inarg;
936 args.in_args[1].size = newent->d_name.len + 1;
937 args.in_args[1].value = newent->d_name.name;
938 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode);
939 /* Contrary to "normal" filesystems it can happen that link
940 makes two "logical" inodes point to the same "physical"
941 inode. We invalidate the attributes of the old one, so it
942 will reflect changes in the backing inode (link count,
943 etc.)
944 */
945 if (!err) {
946 struct fuse_inode *fi = get_fuse_inode(inode);
947
948 spin_lock(&fi->lock);
949 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version);
950 if (likely(inode->i_nlink < UINT_MAX))
951 inc_nlink(inode);
952 spin_unlock(&fi->lock);
953 fuse_invalidate_attr(inode);
954 fuse_update_ctime(inode);
955 } else if (err == -EINTR) {
956 fuse_invalidate_attr(inode);
957 }
958 return err;
959 }
960
fuse_fillattr(struct inode * inode,struct fuse_attr * attr,struct kstat * stat)961 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
962 struct kstat *stat)
963 {
964 unsigned int blkbits;
965 struct fuse_conn *fc = get_fuse_conn(inode);
966
967 /* see the comment in fuse_change_attributes() */
968 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
969 attr->size = i_size_read(inode);
970 attr->mtime = inode->i_mtime.tv_sec;
971 attr->mtimensec = inode->i_mtime.tv_nsec;
972 attr->ctime = inode->i_ctime.tv_sec;
973 attr->ctimensec = inode->i_ctime.tv_nsec;
974 }
975
976 stat->dev = inode->i_sb->s_dev;
977 stat->ino = attr->ino;
978 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
979 stat->nlink = attr->nlink;
980 stat->uid = make_kuid(fc->user_ns, attr->uid);
981 stat->gid = make_kgid(fc->user_ns, attr->gid);
982 stat->rdev = inode->i_rdev;
983 stat->atime.tv_sec = attr->atime;
984 stat->atime.tv_nsec = attr->atimensec;
985 stat->mtime.tv_sec = attr->mtime;
986 stat->mtime.tv_nsec = attr->mtimensec;
987 stat->ctime.tv_sec = attr->ctime;
988 stat->ctime.tv_nsec = attr->ctimensec;
989 stat->size = attr->size;
990 stat->blocks = attr->blocks;
991
992 if (attr->blksize != 0)
993 blkbits = ilog2(attr->blksize);
994 else
995 blkbits = inode->i_sb->s_blocksize_bits;
996
997 stat->blksize = 1 << blkbits;
998 }
999
fuse_do_getattr(struct inode * inode,struct kstat * stat,struct file * file)1000 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
1001 struct file *file)
1002 {
1003 int err;
1004 struct fuse_getattr_in inarg;
1005 struct fuse_attr_out outarg;
1006 struct fuse_mount *fm = get_fuse_mount(inode);
1007 FUSE_ARGS(args);
1008 u64 attr_version;
1009
1010 attr_version = fuse_get_attr_version(fm->fc);
1011
1012 memset(&inarg, 0, sizeof(inarg));
1013 memset(&outarg, 0, sizeof(outarg));
1014 /* Directories have separate file-handle space */
1015 if (file && S_ISREG(inode->i_mode)) {
1016 struct fuse_file *ff = file->private_data;
1017
1018 inarg.getattr_flags |= FUSE_GETATTR_FH;
1019 inarg.fh = ff->fh;
1020 }
1021 args.opcode = FUSE_GETATTR;
1022 args.nodeid = get_node_id(inode);
1023 args.in_numargs = 1;
1024 args.in_args[0].size = sizeof(inarg);
1025 args.in_args[0].value = &inarg;
1026 args.out_numargs = 1;
1027 args.out_args[0].size = sizeof(outarg);
1028 args.out_args[0].value = &outarg;
1029 err = fuse_simple_request(fm, &args);
1030 if (!err) {
1031 if (fuse_invalid_attr(&outarg.attr) ||
1032 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1033 make_bad_inode(inode);
1034 err = -EIO;
1035 } else {
1036 fuse_change_attributes(inode, &outarg.attr,
1037 attr_timeout(&outarg),
1038 attr_version);
1039 if (stat)
1040 fuse_fillattr(inode, &outarg.attr, stat);
1041 }
1042 }
1043 return err;
1044 }
1045
fuse_update_get_attr(struct inode * inode,struct file * file,struct kstat * stat,u32 request_mask,unsigned int flags)1046 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1047 struct kstat *stat, u32 request_mask,
1048 unsigned int flags)
1049 {
1050 struct fuse_inode *fi = get_fuse_inode(inode);
1051 int err = 0;
1052 bool sync;
1053
1054 if (flags & AT_STATX_FORCE_SYNC)
1055 sync = true;
1056 else if (flags & AT_STATX_DONT_SYNC)
1057 sync = false;
1058 else if (request_mask & READ_ONCE(fi->inval_mask))
1059 sync = true;
1060 else
1061 sync = time_before64(fi->i_time, get_jiffies_64());
1062
1063 if (sync) {
1064 forget_all_cached_acls(inode);
1065 err = fuse_do_getattr(inode, stat, file);
1066 } else if (stat) {
1067 generic_fillattr(inode, stat);
1068 stat->mode = fi->orig_i_mode;
1069 stat->ino = fi->orig_ino;
1070 }
1071
1072 return err;
1073 }
1074
fuse_update_attributes(struct inode * inode,struct file * file)1075 int fuse_update_attributes(struct inode *inode, struct file *file)
1076 {
1077 /* Do *not* need to get atime for internal purposes */
1078 return fuse_update_get_attr(inode, file, NULL,
1079 STATX_BASIC_STATS & ~STATX_ATIME, 0);
1080 }
1081
fuse_reverse_inval_entry(struct fuse_conn * fc,u64 parent_nodeid,u64 child_nodeid,struct qstr * name)1082 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1083 u64 child_nodeid, struct qstr *name)
1084 {
1085 int err = -ENOTDIR;
1086 struct inode *parent;
1087 struct dentry *dir;
1088 struct dentry *entry;
1089
1090 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1091 if (!parent)
1092 return -ENOENT;
1093
1094 inode_lock(parent);
1095 if (!S_ISDIR(parent->i_mode))
1096 goto unlock;
1097
1098 err = -ENOENT;
1099 dir = d_find_alias(parent);
1100 if (!dir)
1101 goto unlock;
1102
1103 name->hash = full_name_hash(dir, name->name, name->len);
1104 entry = d_lookup(dir, name);
1105 dput(dir);
1106 if (!entry)
1107 goto unlock;
1108
1109 fuse_dir_changed(parent);
1110 fuse_invalidate_entry(entry);
1111
1112 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1113 inode_lock(d_inode(entry));
1114 if (get_node_id(d_inode(entry)) != child_nodeid) {
1115 err = -ENOENT;
1116 goto badentry;
1117 }
1118 if (d_mountpoint(entry)) {
1119 err = -EBUSY;
1120 goto badentry;
1121 }
1122 if (d_is_dir(entry)) {
1123 shrink_dcache_parent(entry);
1124 if (!simple_empty(entry)) {
1125 err = -ENOTEMPTY;
1126 goto badentry;
1127 }
1128 d_inode(entry)->i_flags |= S_DEAD;
1129 }
1130 dont_mount(entry);
1131 clear_nlink(d_inode(entry));
1132 err = 0;
1133 badentry:
1134 inode_unlock(d_inode(entry));
1135 if (!err)
1136 d_delete(entry);
1137 } else {
1138 err = 0;
1139 }
1140 dput(entry);
1141
1142 unlock:
1143 inode_unlock(parent);
1144 iput(parent);
1145 return err;
1146 }
1147
1148 /*
1149 * Calling into a user-controlled filesystem gives the filesystem
1150 * daemon ptrace-like capabilities over the current process. This
1151 * means, that the filesystem daemon is able to record the exact
1152 * filesystem operations performed, and can also control the behavior
1153 * of the requester process in otherwise impossible ways. For example
1154 * it can delay the operation for arbitrary length of time allowing
1155 * DoS against the requester.
1156 *
1157 * For this reason only those processes can call into the filesystem,
1158 * for which the owner of the mount has ptrace privilege. This
1159 * excludes processes started by other users, suid or sgid processes.
1160 */
fuse_allow_current_process(struct fuse_conn * fc)1161 int fuse_allow_current_process(struct fuse_conn *fc)
1162 {
1163 const struct cred *cred;
1164
1165 if (fc->allow_other)
1166 return current_in_userns(fc->user_ns);
1167
1168 cred = current_cred();
1169 if (uid_eq(cred->euid, fc->user_id) &&
1170 uid_eq(cred->suid, fc->user_id) &&
1171 uid_eq(cred->uid, fc->user_id) &&
1172 gid_eq(cred->egid, fc->group_id) &&
1173 gid_eq(cred->sgid, fc->group_id) &&
1174 gid_eq(cred->gid, fc->group_id))
1175 return 1;
1176
1177 return 0;
1178 }
1179
fuse_access(struct inode * inode,int mask)1180 static int fuse_access(struct inode *inode, int mask)
1181 {
1182 struct fuse_mount *fm = get_fuse_mount(inode);
1183 FUSE_ARGS(args);
1184 struct fuse_access_in inarg;
1185 int err;
1186
1187 BUG_ON(mask & MAY_NOT_BLOCK);
1188
1189 if (fm->fc->no_access)
1190 return 0;
1191
1192 memset(&inarg, 0, sizeof(inarg));
1193 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1194 args.opcode = FUSE_ACCESS;
1195 args.nodeid = get_node_id(inode);
1196 args.in_numargs = 1;
1197 args.in_args[0].size = sizeof(inarg);
1198 args.in_args[0].value = &inarg;
1199 err = fuse_simple_request(fm, &args);
1200 if (err == -ENOSYS) {
1201 fm->fc->no_access = 1;
1202 err = 0;
1203 }
1204 return err;
1205 }
1206
fuse_perm_getattr(struct inode * inode,int mask)1207 static int fuse_perm_getattr(struct inode *inode, int mask)
1208 {
1209 if (mask & MAY_NOT_BLOCK)
1210 return -ECHILD;
1211
1212 forget_all_cached_acls(inode);
1213 return fuse_do_getattr(inode, NULL, NULL);
1214 }
1215
1216 /*
1217 * Check permission. The two basic access models of FUSE are:
1218 *
1219 * 1) Local access checking ('default_permissions' mount option) based
1220 * on file mode. This is the plain old disk filesystem permission
1221 * modell.
1222 *
1223 * 2) "Remote" access checking, where server is responsible for
1224 * checking permission in each inode operation. An exception to this
1225 * is if ->permission() was invoked from sys_access() in which case an
1226 * access request is sent. Execute permission is still checked
1227 * locally based on file mode.
1228 */
fuse_permission(struct inode * inode,int mask)1229 static int fuse_permission(struct inode *inode, int mask)
1230 {
1231 struct fuse_conn *fc = get_fuse_conn(inode);
1232 bool refreshed = false;
1233 int err = 0;
1234
1235 if (!fuse_allow_current_process(fc))
1236 return -EACCES;
1237
1238 /*
1239 * If attributes are needed, refresh them before proceeding
1240 */
1241 if (fc->default_permissions ||
1242 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1243 struct fuse_inode *fi = get_fuse_inode(inode);
1244 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1245
1246 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1247 time_before64(fi->i_time, get_jiffies_64())) {
1248 refreshed = true;
1249
1250 err = fuse_perm_getattr(inode, mask);
1251 if (err)
1252 return err;
1253 }
1254 }
1255
1256 if (fc->default_permissions) {
1257 err = generic_permission(inode, mask);
1258
1259 /* If permission is denied, try to refresh file
1260 attributes. This is also needed, because the root
1261 node will at first have no permissions */
1262 if (err == -EACCES && !refreshed) {
1263 err = fuse_perm_getattr(inode, mask);
1264 if (!err)
1265 err = generic_permission(inode, mask);
1266 }
1267
1268 /* Note: the opposite of the above test does not
1269 exist. So if permissions are revoked this won't be
1270 noticed immediately, only after the attribute
1271 timeout has expired */
1272 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1273 err = fuse_access(inode, mask);
1274 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1275 if (!(inode->i_mode & S_IXUGO)) {
1276 if (refreshed)
1277 return -EACCES;
1278
1279 err = fuse_perm_getattr(inode, mask);
1280 if (!err && !(inode->i_mode & S_IXUGO))
1281 return -EACCES;
1282 }
1283 }
1284 return err;
1285 }
1286
fuse_readlink_page(struct inode * inode,struct page * page)1287 static int fuse_readlink_page(struct inode *inode, struct page *page)
1288 {
1289 struct fuse_mount *fm = get_fuse_mount(inode);
1290 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1291 struct fuse_args_pages ap = {
1292 .num_pages = 1,
1293 .pages = &page,
1294 .descs = &desc,
1295 };
1296 char *link;
1297 ssize_t res;
1298
1299 ap.args.opcode = FUSE_READLINK;
1300 ap.args.nodeid = get_node_id(inode);
1301 ap.args.out_pages = true;
1302 ap.args.out_argvar = true;
1303 ap.args.page_zeroing = true;
1304 ap.args.out_numargs = 1;
1305 ap.args.out_args[0].size = desc.length;
1306 res = fuse_simple_request(fm, &ap.args);
1307
1308 fuse_invalidate_atime(inode);
1309
1310 if (res < 0)
1311 return res;
1312
1313 if (WARN_ON(res >= PAGE_SIZE))
1314 return -EIO;
1315
1316 link = page_address(page);
1317 link[res] = '\0';
1318
1319 return 0;
1320 }
1321
fuse_get_link(struct dentry * dentry,struct inode * inode,struct delayed_call * callback)1322 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1323 struct delayed_call *callback)
1324 {
1325 struct fuse_conn *fc = get_fuse_conn(inode);
1326 struct page *page;
1327 int err;
1328
1329 err = -EIO;
1330 if (is_bad_inode(inode))
1331 goto out_err;
1332
1333 if (fc->cache_symlinks)
1334 return page_get_link(dentry, inode, callback);
1335
1336 err = -ECHILD;
1337 if (!dentry)
1338 goto out_err;
1339
1340 page = alloc_page(GFP_KERNEL);
1341 err = -ENOMEM;
1342 if (!page)
1343 goto out_err;
1344
1345 err = fuse_readlink_page(inode, page);
1346 if (err) {
1347 __free_page(page);
1348 goto out_err;
1349 }
1350
1351 set_delayed_call(callback, page_put_link, page);
1352
1353 return page_address(page);
1354
1355 out_err:
1356 return ERR_PTR(err);
1357 }
1358
fuse_dir_open(struct inode * inode,struct file * file)1359 static int fuse_dir_open(struct inode *inode, struct file *file)
1360 {
1361 return fuse_open_common(inode, file, true);
1362 }
1363
fuse_dir_release(struct inode * inode,struct file * file)1364 static int fuse_dir_release(struct inode *inode, struct file *file)
1365 {
1366 fuse_release_common(file, true);
1367
1368 return 0;
1369 }
1370
fuse_dir_fsync(struct file * file,loff_t start,loff_t end,int datasync)1371 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1372 int datasync)
1373 {
1374 struct inode *inode = file->f_mapping->host;
1375 struct fuse_conn *fc = get_fuse_conn(inode);
1376 int err;
1377
1378 if (is_bad_inode(inode))
1379 return -EIO;
1380
1381 if (fc->no_fsyncdir)
1382 return 0;
1383
1384 inode_lock(inode);
1385 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1386 if (err == -ENOSYS) {
1387 fc->no_fsyncdir = 1;
1388 err = 0;
1389 }
1390 inode_unlock(inode);
1391
1392 return err;
1393 }
1394
fuse_dir_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1395 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1396 unsigned long arg)
1397 {
1398 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1399
1400 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1401 if (fc->minor < 18)
1402 return -ENOTTY;
1403
1404 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1405 }
1406
fuse_dir_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1407 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1408 unsigned long arg)
1409 {
1410 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1411
1412 if (fc->minor < 18)
1413 return -ENOTTY;
1414
1415 return fuse_ioctl_common(file, cmd, arg,
1416 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1417 }
1418
update_mtime(unsigned ivalid,bool trust_local_mtime)1419 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1420 {
1421 /* Always update if mtime is explicitly set */
1422 if (ivalid & ATTR_MTIME_SET)
1423 return true;
1424
1425 /* Or if kernel i_mtime is the official one */
1426 if (trust_local_mtime)
1427 return true;
1428
1429 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1430 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1431 return false;
1432
1433 /* In all other cases update */
1434 return true;
1435 }
1436
iattr_to_fattr(struct fuse_conn * fc,struct iattr * iattr,struct fuse_setattr_in * arg,bool trust_local_cmtime)1437 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1438 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1439 {
1440 unsigned ivalid = iattr->ia_valid;
1441
1442 if (ivalid & ATTR_MODE)
1443 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1444 if (ivalid & ATTR_UID)
1445 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1446 if (ivalid & ATTR_GID)
1447 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1448 if (ivalid & ATTR_SIZE)
1449 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1450 if (ivalid & ATTR_ATIME) {
1451 arg->valid |= FATTR_ATIME;
1452 arg->atime = iattr->ia_atime.tv_sec;
1453 arg->atimensec = iattr->ia_atime.tv_nsec;
1454 if (!(ivalid & ATTR_ATIME_SET))
1455 arg->valid |= FATTR_ATIME_NOW;
1456 }
1457 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1458 arg->valid |= FATTR_MTIME;
1459 arg->mtime = iattr->ia_mtime.tv_sec;
1460 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1461 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1462 arg->valid |= FATTR_MTIME_NOW;
1463 }
1464 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1465 arg->valid |= FATTR_CTIME;
1466 arg->ctime = iattr->ia_ctime.tv_sec;
1467 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1468 }
1469 }
1470
1471 /*
1472 * Prevent concurrent writepages on inode
1473 *
1474 * This is done by adding a negative bias to the inode write counter
1475 * and waiting for all pending writes to finish.
1476 */
fuse_set_nowrite(struct inode * inode)1477 void fuse_set_nowrite(struct inode *inode)
1478 {
1479 struct fuse_inode *fi = get_fuse_inode(inode);
1480
1481 BUG_ON(!inode_is_locked(inode));
1482
1483 spin_lock(&fi->lock);
1484 BUG_ON(fi->writectr < 0);
1485 fi->writectr += FUSE_NOWRITE;
1486 spin_unlock(&fi->lock);
1487 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1488 }
1489
1490 /*
1491 * Allow writepages on inode
1492 *
1493 * Remove the bias from the writecounter and send any queued
1494 * writepages.
1495 */
__fuse_release_nowrite(struct inode * inode)1496 static void __fuse_release_nowrite(struct inode *inode)
1497 {
1498 struct fuse_inode *fi = get_fuse_inode(inode);
1499
1500 BUG_ON(fi->writectr != FUSE_NOWRITE);
1501 fi->writectr = 0;
1502 fuse_flush_writepages(inode);
1503 }
1504
fuse_release_nowrite(struct inode * inode)1505 void fuse_release_nowrite(struct inode *inode)
1506 {
1507 struct fuse_inode *fi = get_fuse_inode(inode);
1508
1509 spin_lock(&fi->lock);
1510 __fuse_release_nowrite(inode);
1511 spin_unlock(&fi->lock);
1512 }
1513
fuse_setattr_fill(struct fuse_conn * fc,struct fuse_args * args,struct inode * inode,struct fuse_setattr_in * inarg_p,struct fuse_attr_out * outarg_p)1514 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1515 struct inode *inode,
1516 struct fuse_setattr_in *inarg_p,
1517 struct fuse_attr_out *outarg_p)
1518 {
1519 args->opcode = FUSE_SETATTR;
1520 args->nodeid = get_node_id(inode);
1521 args->in_numargs = 1;
1522 args->in_args[0].size = sizeof(*inarg_p);
1523 args->in_args[0].value = inarg_p;
1524 args->out_numargs = 1;
1525 args->out_args[0].size = sizeof(*outarg_p);
1526 args->out_args[0].value = outarg_p;
1527 }
1528
1529 /*
1530 * Flush inode->i_mtime to the server
1531 */
fuse_flush_times(struct inode * inode,struct fuse_file * ff)1532 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1533 {
1534 struct fuse_mount *fm = get_fuse_mount(inode);
1535 FUSE_ARGS(args);
1536 struct fuse_setattr_in inarg;
1537 struct fuse_attr_out outarg;
1538
1539 memset(&inarg, 0, sizeof(inarg));
1540 memset(&outarg, 0, sizeof(outarg));
1541
1542 inarg.valid = FATTR_MTIME;
1543 inarg.mtime = inode->i_mtime.tv_sec;
1544 inarg.mtimensec = inode->i_mtime.tv_nsec;
1545 if (fm->fc->minor >= 23) {
1546 inarg.valid |= FATTR_CTIME;
1547 inarg.ctime = inode->i_ctime.tv_sec;
1548 inarg.ctimensec = inode->i_ctime.tv_nsec;
1549 }
1550 if (ff) {
1551 inarg.valid |= FATTR_FH;
1552 inarg.fh = ff->fh;
1553 }
1554 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1555
1556 return fuse_simple_request(fm, &args);
1557 }
1558
1559 /*
1560 * Set attributes, and at the same time refresh them.
1561 *
1562 * Truncation is slightly complicated, because the 'truncate' request
1563 * may fail, in which case we don't want to touch the mapping.
1564 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1565 * and the actual truncation by hand.
1566 */
fuse_do_setattr(struct dentry * dentry,struct iattr * attr,struct file * file)1567 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1568 struct file *file)
1569 {
1570 struct inode *inode = d_inode(dentry);
1571 struct fuse_mount *fm = get_fuse_mount(inode);
1572 struct fuse_conn *fc = fm->fc;
1573 struct fuse_inode *fi = get_fuse_inode(inode);
1574 FUSE_ARGS(args);
1575 struct fuse_setattr_in inarg;
1576 struct fuse_attr_out outarg;
1577 bool is_truncate = false;
1578 bool is_wb = fc->writeback_cache;
1579 loff_t oldsize;
1580 int err;
1581 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1582 bool fault_blocked = false;
1583
1584 if (!fc->default_permissions)
1585 attr->ia_valid |= ATTR_FORCE;
1586
1587 err = setattr_prepare(dentry, attr);
1588 if (err)
1589 return err;
1590
1591 if (attr->ia_valid & ATTR_SIZE) {
1592 if (WARN_ON(!S_ISREG(inode->i_mode)))
1593 return -EIO;
1594 is_truncate = true;
1595 }
1596
1597 if (FUSE_IS_DAX(inode) && is_truncate) {
1598 down_write(&fi->i_mmap_sem);
1599 fault_blocked = true;
1600 err = fuse_dax_break_layouts(inode, 0, 0);
1601 if (err) {
1602 up_write(&fi->i_mmap_sem);
1603 return err;
1604 }
1605 }
1606
1607 if (attr->ia_valid & ATTR_OPEN) {
1608 /* This is coming from open(..., ... | O_TRUNC); */
1609 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1610 WARN_ON(attr->ia_size != 0);
1611 if (fc->atomic_o_trunc) {
1612 /*
1613 * No need to send request to userspace, since actual
1614 * truncation has already been done by OPEN. But still
1615 * need to truncate page cache.
1616 */
1617 i_size_write(inode, 0);
1618 truncate_pagecache(inode, 0);
1619 goto out;
1620 }
1621 file = NULL;
1622 }
1623
1624 /* Flush dirty data/metadata before non-truncate SETATTR */
1625 if (is_wb && S_ISREG(inode->i_mode) &&
1626 attr->ia_valid &
1627 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1628 ATTR_TIMES_SET)) {
1629 err = write_inode_now(inode, true);
1630 if (err)
1631 return err;
1632
1633 fuse_set_nowrite(inode);
1634 fuse_release_nowrite(inode);
1635 }
1636
1637 if (is_truncate) {
1638 fuse_set_nowrite(inode);
1639 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1640 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1641 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1642 }
1643
1644 memset(&inarg, 0, sizeof(inarg));
1645 memset(&outarg, 0, sizeof(outarg));
1646 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1647 if (file) {
1648 struct fuse_file *ff = file->private_data;
1649 inarg.valid |= FATTR_FH;
1650 inarg.fh = ff->fh;
1651 }
1652 if (attr->ia_valid & ATTR_SIZE) {
1653 /* For mandatory locking in truncate */
1654 inarg.valid |= FATTR_LOCKOWNER;
1655 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1656 }
1657 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1658 err = fuse_simple_request(fm, &args);
1659 if (err) {
1660 if (err == -EINTR)
1661 fuse_invalidate_attr(inode);
1662 goto error;
1663 }
1664
1665 if (fuse_invalid_attr(&outarg.attr) ||
1666 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1667 make_bad_inode(inode);
1668 err = -EIO;
1669 goto error;
1670 }
1671
1672 spin_lock(&fi->lock);
1673 /* the kernel maintains i_mtime locally */
1674 if (trust_local_cmtime) {
1675 if (attr->ia_valid & ATTR_MTIME)
1676 inode->i_mtime = attr->ia_mtime;
1677 if (attr->ia_valid & ATTR_CTIME)
1678 inode->i_ctime = attr->ia_ctime;
1679 /* FIXME: clear I_DIRTY_SYNC? */
1680 }
1681
1682 fuse_change_attributes_common(inode, &outarg.attr,
1683 attr_timeout(&outarg));
1684 oldsize = inode->i_size;
1685 /* see the comment in fuse_change_attributes() */
1686 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1687 i_size_write(inode, outarg.attr.size);
1688
1689 if (is_truncate) {
1690 /* NOTE: this may release/reacquire fi->lock */
1691 __fuse_release_nowrite(inode);
1692 }
1693 spin_unlock(&fi->lock);
1694
1695 /*
1696 * Only call invalidate_inode_pages2() after removing
1697 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1698 */
1699 if ((is_truncate || !is_wb) &&
1700 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1701 truncate_pagecache(inode, outarg.attr.size);
1702 invalidate_inode_pages2(inode->i_mapping);
1703 }
1704
1705 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1706 out:
1707 if (fault_blocked)
1708 up_write(&fi->i_mmap_sem);
1709
1710 return 0;
1711
1712 error:
1713 if (is_truncate)
1714 fuse_release_nowrite(inode);
1715
1716 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1717
1718 if (fault_blocked)
1719 up_write(&fi->i_mmap_sem);
1720 return err;
1721 }
1722
fuse_setattr(struct dentry * entry,struct iattr * attr)1723 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1724 {
1725 struct inode *inode = d_inode(entry);
1726 struct fuse_conn *fc = get_fuse_conn(inode);
1727 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1728 int ret;
1729
1730 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1731 return -EACCES;
1732
1733 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1734 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1735 ATTR_MODE);
1736
1737 /*
1738 * The only sane way to reliably kill suid/sgid is to do it in
1739 * the userspace filesystem
1740 *
1741 * This should be done on write(), truncate() and chown().
1742 */
1743 if (!fc->handle_killpriv) {
1744 /*
1745 * ia_mode calculation may have used stale i_mode.
1746 * Refresh and recalculate.
1747 */
1748 ret = fuse_do_getattr(inode, NULL, file);
1749 if (ret)
1750 return ret;
1751
1752 attr->ia_mode = inode->i_mode;
1753 if (inode->i_mode & S_ISUID) {
1754 attr->ia_valid |= ATTR_MODE;
1755 attr->ia_mode &= ~S_ISUID;
1756 }
1757 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1758 attr->ia_valid |= ATTR_MODE;
1759 attr->ia_mode &= ~S_ISGID;
1760 }
1761 }
1762 }
1763 if (!attr->ia_valid)
1764 return 0;
1765
1766 ret = fuse_do_setattr(entry, attr, file);
1767 if (!ret) {
1768 /*
1769 * If filesystem supports acls it may have updated acl xattrs in
1770 * the filesystem, so forget cached acls for the inode.
1771 */
1772 if (fc->posix_acl)
1773 forget_all_cached_acls(inode);
1774
1775 /* Directory mode changed, may need to revalidate access */
1776 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1777 fuse_invalidate_entry_cache(entry);
1778 }
1779 return ret;
1780 }
1781
fuse_getattr(const struct path * path,struct kstat * stat,u32 request_mask,unsigned int flags)1782 static int fuse_getattr(const struct path *path, struct kstat *stat,
1783 u32 request_mask, unsigned int flags)
1784 {
1785 struct inode *inode = d_inode(path->dentry);
1786 struct fuse_conn *fc = get_fuse_conn(inode);
1787
1788 if (!fuse_allow_current_process(fc)) {
1789 if (!request_mask) {
1790 /*
1791 * If user explicitly requested *nothing* then don't
1792 * error out, but return st_dev only.
1793 */
1794 stat->result_mask = 0;
1795 stat->dev = inode->i_sb->s_dev;
1796 return 0;
1797 }
1798 return -EACCES;
1799 }
1800
1801 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
1802 }
1803
1804 static const struct inode_operations fuse_dir_inode_operations = {
1805 .lookup = fuse_lookup,
1806 .mkdir = fuse_mkdir,
1807 .symlink = fuse_symlink,
1808 .unlink = fuse_unlink,
1809 .rmdir = fuse_rmdir,
1810 .rename = fuse_rename2,
1811 .link = fuse_link,
1812 .setattr = fuse_setattr,
1813 .create = fuse_create,
1814 .atomic_open = fuse_atomic_open,
1815 .mknod = fuse_mknod,
1816 .permission = fuse_permission,
1817 .getattr = fuse_getattr,
1818 .listxattr = fuse_listxattr,
1819 .get_acl = fuse_get_acl,
1820 .set_acl = fuse_set_acl,
1821 };
1822
1823 static const struct file_operations fuse_dir_operations = {
1824 .llseek = generic_file_llseek,
1825 .read = generic_read_dir,
1826 .iterate_shared = fuse_readdir,
1827 .open = fuse_dir_open,
1828 .release = fuse_dir_release,
1829 .fsync = fuse_dir_fsync,
1830 .unlocked_ioctl = fuse_dir_ioctl,
1831 .compat_ioctl = fuse_dir_compat_ioctl,
1832 };
1833
1834 static const struct inode_operations fuse_common_inode_operations = {
1835 .setattr = fuse_setattr,
1836 .permission = fuse_permission,
1837 .getattr = fuse_getattr,
1838 .listxattr = fuse_listxattr,
1839 .get_acl = fuse_get_acl,
1840 .set_acl = fuse_set_acl,
1841 };
1842
1843 static const struct inode_operations fuse_symlink_inode_operations = {
1844 .setattr = fuse_setattr,
1845 .get_link = fuse_get_link,
1846 .getattr = fuse_getattr,
1847 .listxattr = fuse_listxattr,
1848 };
1849
fuse_init_common(struct inode * inode)1850 void fuse_init_common(struct inode *inode)
1851 {
1852 inode->i_op = &fuse_common_inode_operations;
1853 }
1854
fuse_init_dir(struct inode * inode)1855 void fuse_init_dir(struct inode *inode)
1856 {
1857 struct fuse_inode *fi = get_fuse_inode(inode);
1858
1859 inode->i_op = &fuse_dir_inode_operations;
1860 inode->i_fop = &fuse_dir_operations;
1861
1862 spin_lock_init(&fi->rdc.lock);
1863 fi->rdc.cached = false;
1864 fi->rdc.size = 0;
1865 fi->rdc.pos = 0;
1866 fi->rdc.version = 0;
1867 }
1868
fuse_symlink_readpage(struct file * null,struct page * page)1869 static int fuse_symlink_readpage(struct file *null, struct page *page)
1870 {
1871 int err = fuse_readlink_page(page->mapping->host, page);
1872
1873 if (!err)
1874 SetPageUptodate(page);
1875
1876 unlock_page(page);
1877
1878 return err;
1879 }
1880
1881 static const struct address_space_operations fuse_symlink_aops = {
1882 .readpage = fuse_symlink_readpage,
1883 };
1884
fuse_init_symlink(struct inode * inode)1885 void fuse_init_symlink(struct inode *inode)
1886 {
1887 inode->i_op = &fuse_symlink_inode_operations;
1888 inode->i_data.a_ops = &fuse_symlink_aops;
1889 inode_nohighmem(inode);
1890 }
1891
