]>
Commit | Line | Data |
---|---|---|
7c6b6602 | 1 | /* |
7387863d DDAG |
2 | * FUSE: Filesystem in Userspace |
3 | * Copyright (C) 2001-2007 Miklos Szeredi <miklos@szeredi.hu> | |
4 | * | |
5 | * This program can be distributed under the terms of the GNU GPLv2. | |
6 | * See the file COPYING. | |
7 | */ | |
7c6b6602 | 8 | |
7387863d | 9 | /* |
7c6b6602 DDAG |
10 | * |
11 | * This file system mirrors the existing file system hierarchy of the | |
12 | * system, starting at the root file system. This is implemented by | |
13 | * just "passing through" all requests to the corresponding user-space | |
14 | * libc functions. In contrast to passthrough.c and passthrough_fh.c, | |
15 | * this implementation uses the low-level API. Its performance should | |
16 | * be the least bad among the three, but many operations are not | |
17 | * implemented. In particular, it is not possible to remove files (or | |
18 | * directories) because the code necessary to defer actual removal | |
19 | * until the file is not opened anymore would make the example much | |
20 | * more complicated. | |
21 | * | |
22 | * When writeback caching is enabled (-o writeback mount option), it | |
23 | * is only possible to write to files for which the mounting user has | |
24 | * read permissions. This is because the writeback cache requires the | |
25 | * kernel to be able to issue read requests for all files (which the | |
26 | * passthrough filesystem cannot satisfy if it can't read the file in | |
27 | * the underlying filesystem). | |
28 | * | |
29 | * Compile with: | |
30 | * | |
7387863d DDAG |
31 | * gcc -Wall passthrough_ll.c `pkg-config fuse3 --cflags --libs` -o |
32 | * passthrough_ll | |
7c6b6602 DDAG |
33 | * |
34 | * ## Source code ## | |
35 | * \include passthrough_ll.c | |
36 | */ | |
37 | ||
09863ebc | 38 | #include "qemu/osdep.h" |
50fb955a | 39 | #include "qemu/timer.h" |
f6f3573c | 40 | #include "fuse_virtio.h" |
d240314a | 41 | #include "fuse_log.h" |
09863ebc | 42 | #include "fuse_lowlevel.h" |
7c6b6602 | 43 | #include <assert.h> |
2405f3c0 | 44 | #include <cap-ng.h> |
7387863d | 45 | #include <dirent.h> |
7c6b6602 | 46 | #include <errno.h> |
36f38469 | 47 | #include <glib.h> |
7c6b6602 | 48 | #include <inttypes.h> |
7387863d | 49 | #include <limits.h> |
7c6b6602 | 50 | #include <pthread.h> |
7387863d DDAG |
51 | #include <stdbool.h> |
52 | #include <stddef.h> | |
53 | #include <stdio.h> | |
54 | #include <stdlib.h> | |
55 | #include <string.h> | |
7c6b6602 | 56 | #include <sys/file.h> |
5baa3b8e | 57 | #include <sys/mount.h> |
8e1d4ef2 | 58 | #include <sys/prctl.h> |
01a6dc95 | 59 | #include <sys/resource.h> |
929cfb7a | 60 | #include <sys/syscall.h> |
8e1d4ef2 SH |
61 | #include <sys/types.h> |
62 | #include <sys/wait.h> | |
7c6b6602 | 63 | #include <sys/xattr.h> |
f185621d | 64 | #include <syslog.h> |
7387863d | 65 | #include <unistd.h> |
7c6b6602 DDAG |
66 | |
67 | #include "passthrough_helpers.h" | |
4f8bde99 | 68 | #include "seccomp.h" |
7c6b6602 | 69 | |
0e81414c VG |
70 | /* Keep track of inode posix locks for each owner. */ |
71 | struct lo_inode_plock { | |
72 | uint64_t lock_owner; | |
73 | int fd; /* fd for OFD locks */ | |
74 | }; | |
75 | ||
25c13572 SH |
76 | struct lo_map_elem { |
77 | union { | |
92fb57b8 | 78 | struct lo_inode *inode; |
b39bce12 | 79 | struct lo_dirp *dirp; |
73b4d19d | 80 | int fd; |
25c13572 SH |
81 | ssize_t freelist; |
82 | }; | |
83 | bool in_use; | |
84 | }; | |
85 | ||
86 | /* Maps FUSE fh or ino values to internal objects */ | |
87 | struct lo_map { | |
88 | struct lo_map_elem *elems; | |
89 | size_t nelems; | |
90 | ssize_t freelist; | |
91 | }; | |
92 | ||
bfc50a6e MS |
93 | struct lo_key { |
94 | ino_t ino; | |
95 | dev_t dev; | |
96 | }; | |
97 | ||
7c6b6602 | 98 | struct lo_inode { |
7387863d | 99 | int fd; |
c241aa94 SH |
100 | |
101 | /* | |
102 | * Atomic reference count for this object. The nlookup field holds a | |
103 | * reference and release it when nlookup reaches 0. | |
104 | */ | |
105 | gint refcount; | |
106 | ||
bfc50a6e | 107 | struct lo_key key; |
1222f015 SH |
108 | |
109 | /* | |
110 | * This counter keeps the inode alive during the FUSE session. | |
111 | * Incremented when the FUSE inode number is sent in a reply | |
112 | * (FUSE_LOOKUP, FUSE_READDIRPLUS, etc). Decremented when an inode is | |
113 | * released by requests like FUSE_FORGET, FUSE_RMDIR, FUSE_RENAME, etc. | |
114 | * | |
115 | * Note that this value is untrusted because the client can manipulate | |
116 | * it arbitrarily using FUSE_FORGET requests. | |
117 | * | |
118 | * Protected by lo->mutex. | |
119 | */ | |
120 | uint64_t nlookup; | |
121 | ||
92fb57b8 | 122 | fuse_ino_t fuse_ino; |
0e81414c VG |
123 | pthread_mutex_t plock_mutex; |
124 | GHashTable *posix_locks; /* protected by lo_inode->plock_mutex */ | |
c241aa94 SH |
125 | |
126 | bool is_symlink; | |
7c6b6602 DDAG |
127 | }; |
128 | ||
929cfb7a VG |
129 | struct lo_cred { |
130 | uid_t euid; | |
131 | gid_t egid; | |
132 | }; | |
133 | ||
7c6b6602 | 134 | enum { |
230e777b MS |
135 | CACHE_NONE, |
136 | CACHE_AUTO, | |
7387863d | 137 | CACHE_ALWAYS, |
7c6b6602 DDAG |
138 | }; |
139 | ||
140 | struct lo_data { | |
7387863d DDAG |
141 | pthread_mutex_t mutex; |
142 | int debug; | |
5fe319a7 | 143 | int norace; |
7387863d DDAG |
144 | int writeback; |
145 | int flock; | |
0e81414c | 146 | int posix_lock; |
7387863d | 147 | int xattr; |
eb68a33b | 148 | char *source; |
7387863d DDAG |
149 | double timeout; |
150 | int cache; | |
151 | int timeout_set; | |
59aef494 MS |
152 | int readdirplus_set; |
153 | int readdirplus_clear; | |
bfc50a6e MS |
154 | struct lo_inode root; |
155 | GHashTable *inodes; /* protected by lo->mutex */ | |
92fb57b8 | 156 | struct lo_map ino_map; /* protected by lo->mutex */ |
b39bce12 | 157 | struct lo_map dirp_map; /* protected by lo->mutex */ |
73b4d19d | 158 | struct lo_map fd_map; /* protected by lo->mutex */ |
9f59d175 SH |
159 | |
160 | /* An O_PATH file descriptor to /proc/self/fd/ */ | |
161 | int proc_self_fd; | |
7c6b6602 DDAG |
162 | }; |
163 | ||
164 | static const struct fuse_opt lo_opts[] = { | |
7387863d DDAG |
165 | { "writeback", offsetof(struct lo_data, writeback), 1 }, |
166 | { "no_writeback", offsetof(struct lo_data, writeback), 0 }, | |
167 | { "source=%s", offsetof(struct lo_data, source), 0 }, | |
168 | { "flock", offsetof(struct lo_data, flock), 1 }, | |
169 | { "no_flock", offsetof(struct lo_data, flock), 0 }, | |
0e81414c VG |
170 | { "posix_lock", offsetof(struct lo_data, posix_lock), 1 }, |
171 | { "no_posix_lock", offsetof(struct lo_data, posix_lock), 0 }, | |
7387863d DDAG |
172 | { "xattr", offsetof(struct lo_data, xattr), 1 }, |
173 | { "no_xattr", offsetof(struct lo_data, xattr), 0 }, | |
174 | { "timeout=%lf", offsetof(struct lo_data, timeout), 0 }, | |
175 | { "timeout=", offsetof(struct lo_data, timeout_set), 1 }, | |
230e777b MS |
176 | { "cache=none", offsetof(struct lo_data, cache), CACHE_NONE }, |
177 | { "cache=auto", offsetof(struct lo_data, cache), CACHE_AUTO }, | |
7387863d | 178 | { "cache=always", offsetof(struct lo_data, cache), CACHE_ALWAYS }, |
5fe319a7 | 179 | { "norace", offsetof(struct lo_data, norace), 1 }, |
59aef494 MS |
180 | { "readdirplus", offsetof(struct lo_data, readdirplus_set), 1 }, |
181 | { "no_readdirplus", offsetof(struct lo_data, readdirplus_clear), 1 }, | |
7387863d | 182 | FUSE_OPT_END |
7c6b6602 | 183 | }; |
f185621d | 184 | static bool use_syslog = false; |
d240314a | 185 | static int current_log_level; |
95d27157 MS |
186 | static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode, |
187 | uint64_t n); | |
5fe319a7 | 188 | |
2405f3c0 DDAG |
189 | static struct { |
190 | pthread_mutex_t mutex; | |
191 | void *saved; | |
192 | } cap; | |
193 | /* That we loaded cap-ng in the current thread from the saved */ | |
194 | static __thread bool cap_loaded = 0; | |
195 | ||
5fe319a7 MS |
196 | static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st); |
197 | ||
25dae28c SH |
198 | static int is_dot_or_dotdot(const char *name) |
199 | { | |
200 | return name[0] == '.' && | |
201 | (name[1] == '\0' || (name[1] == '.' && name[2] == '\0')); | |
202 | } | |
203 | ||
204 | /* Is `path` a single path component that is not "." or ".."? */ | |
205 | static int is_safe_path_component(const char *path) | |
206 | { | |
207 | if (strchr(path, '/')) { | |
208 | return 0; | |
209 | } | |
210 | ||
211 | return !is_dot_or_dotdot(path); | |
212 | } | |
5fe319a7 | 213 | |
7c6b6602 DDAG |
214 | static struct lo_data *lo_data(fuse_req_t req) |
215 | { | |
7387863d | 216 | return (struct lo_data *)fuse_req_userdata(req); |
7c6b6602 DDAG |
217 | } |
218 | ||
2405f3c0 DDAG |
219 | /* |
220 | * Load capng's state from our saved state if the current thread | |
221 | * hadn't previously been loaded. | |
222 | * returns 0 on success | |
223 | */ | |
224 | static int load_capng(void) | |
225 | { | |
226 | if (!cap_loaded) { | |
227 | pthread_mutex_lock(&cap.mutex); | |
228 | capng_restore_state(&cap.saved); | |
229 | /* | |
230 | * restore_state free's the saved copy | |
231 | * so make another. | |
232 | */ | |
233 | cap.saved = capng_save_state(); | |
234 | if (!cap.saved) { | |
235 | fuse_log(FUSE_LOG_ERR, "capng_save_state (thread)\n"); | |
236 | return -EINVAL; | |
237 | } | |
238 | pthread_mutex_unlock(&cap.mutex); | |
239 | ||
240 | /* | |
241 | * We want to use the loaded state for our pid, | |
242 | * not the original | |
243 | */ | |
244 | capng_setpid(syscall(SYS_gettid)); | |
245 | cap_loaded = true; | |
246 | } | |
247 | return 0; | |
248 | } | |
249 | ||
ee884652 VG |
250 | /* |
251 | * Helpers for dropping and regaining effective capabilities. Returns 0 | |
252 | * on success, error otherwise | |
253 | */ | |
254 | static int drop_effective_cap(const char *cap_name, bool *cap_dropped) | |
255 | { | |
256 | int cap, ret; | |
257 | ||
258 | cap = capng_name_to_capability(cap_name); | |
259 | if (cap < 0) { | |
260 | ret = errno; | |
261 | fuse_log(FUSE_LOG_ERR, "capng_name_to_capability(%s) failed:%s\n", | |
262 | cap_name, strerror(errno)); | |
263 | goto out; | |
264 | } | |
265 | ||
266 | if (load_capng()) { | |
267 | ret = errno; | |
268 | fuse_log(FUSE_LOG_ERR, "load_capng() failed\n"); | |
269 | goto out; | |
270 | } | |
271 | ||
272 | /* We dont have this capability in effective set already. */ | |
273 | if (!capng_have_capability(CAPNG_EFFECTIVE, cap)) { | |
274 | ret = 0; | |
275 | goto out; | |
276 | } | |
277 | ||
278 | if (capng_update(CAPNG_DROP, CAPNG_EFFECTIVE, cap)) { | |
279 | ret = errno; | |
280 | fuse_log(FUSE_LOG_ERR, "capng_update(DROP,) failed\n"); | |
281 | goto out; | |
282 | } | |
283 | ||
284 | if (capng_apply(CAPNG_SELECT_CAPS)) { | |
285 | ret = errno; | |
286 | fuse_log(FUSE_LOG_ERR, "drop:capng_apply() failed\n"); | |
287 | goto out; | |
288 | } | |
289 | ||
290 | ret = 0; | |
291 | if (cap_dropped) { | |
292 | *cap_dropped = true; | |
293 | } | |
294 | ||
295 | out: | |
296 | return ret; | |
297 | } | |
298 | ||
299 | static int gain_effective_cap(const char *cap_name) | |
300 | { | |
301 | int cap; | |
302 | int ret = 0; | |
303 | ||
304 | cap = capng_name_to_capability(cap_name); | |
305 | if (cap < 0) { | |
306 | ret = errno; | |
307 | fuse_log(FUSE_LOG_ERR, "capng_name_to_capability(%s) failed:%s\n", | |
308 | cap_name, strerror(errno)); | |
309 | goto out; | |
310 | } | |
311 | ||
312 | if (load_capng()) { | |
313 | ret = errno; | |
314 | fuse_log(FUSE_LOG_ERR, "load_capng() failed\n"); | |
315 | goto out; | |
316 | } | |
317 | ||
318 | if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, cap)) { | |
319 | ret = errno; | |
320 | fuse_log(FUSE_LOG_ERR, "capng_update(ADD,) failed\n"); | |
321 | goto out; | |
322 | } | |
323 | ||
324 | if (capng_apply(CAPNG_SELECT_CAPS)) { | |
325 | ret = errno; | |
326 | fuse_log(FUSE_LOG_ERR, "gain:capng_apply() failed\n"); | |
327 | goto out; | |
328 | } | |
329 | ret = 0; | |
330 | ||
331 | out: | |
332 | return ret; | |
333 | } | |
334 | ||
92fb57b8 | 335 | static void lo_map_init(struct lo_map *map) |
25c13572 SH |
336 | { |
337 | map->elems = NULL; | |
338 | map->nelems = 0; | |
339 | map->freelist = -1; | |
340 | } | |
341 | ||
92fb57b8 | 342 | static void lo_map_destroy(struct lo_map *map) |
25c13572 SH |
343 | { |
344 | free(map->elems); | |
345 | } | |
346 | ||
347 | static int lo_map_grow(struct lo_map *map, size_t new_nelems) | |
348 | { | |
349 | struct lo_map_elem *new_elems; | |
350 | size_t i; | |
351 | ||
352 | if (new_nelems <= map->nelems) { | |
353 | return 1; | |
354 | } | |
355 | ||
356 | new_elems = realloc(map->elems, sizeof(map->elems[0]) * new_nelems); | |
357 | if (!new_elems) { | |
358 | return 0; | |
359 | } | |
360 | ||
361 | for (i = map->nelems; i < new_nelems; i++) { | |
362 | new_elems[i].freelist = i + 1; | |
363 | new_elems[i].in_use = false; | |
364 | } | |
365 | new_elems[new_nelems - 1].freelist = -1; | |
366 | ||
367 | map->elems = new_elems; | |
368 | map->freelist = map->nelems; | |
369 | map->nelems = new_nelems; | |
370 | return 1; | |
371 | } | |
372 | ||
92fb57b8 | 373 | static struct lo_map_elem *lo_map_alloc_elem(struct lo_map *map) |
25c13572 SH |
374 | { |
375 | struct lo_map_elem *elem; | |
376 | ||
377 | if (map->freelist == -1 && !lo_map_grow(map, map->nelems + 256)) { | |
378 | return NULL; | |
379 | } | |
380 | ||
381 | elem = &map->elems[map->freelist]; | |
382 | map->freelist = elem->freelist; | |
383 | ||
384 | elem->in_use = true; | |
385 | ||
386 | return elem; | |
387 | } | |
388 | ||
92fb57b8 | 389 | static struct lo_map_elem *lo_map_reserve(struct lo_map *map, size_t key) |
25c13572 SH |
390 | { |
391 | ssize_t *prev; | |
392 | ||
393 | if (!lo_map_grow(map, key + 1)) { | |
394 | return NULL; | |
395 | } | |
396 | ||
397 | for (prev = &map->freelist; *prev != -1; | |
398 | prev = &map->elems[*prev].freelist) { | |
399 | if (*prev == key) { | |
400 | struct lo_map_elem *elem = &map->elems[key]; | |
401 | ||
402 | *prev = elem->freelist; | |
403 | elem->in_use = true; | |
404 | return elem; | |
405 | } | |
406 | } | |
407 | return NULL; | |
408 | } | |
409 | ||
92fb57b8 | 410 | static struct lo_map_elem *lo_map_get(struct lo_map *map, size_t key) |
25c13572 SH |
411 | { |
412 | if (key >= map->nelems) { | |
413 | return NULL; | |
414 | } | |
415 | if (!map->elems[key].in_use) { | |
416 | return NULL; | |
417 | } | |
418 | return &map->elems[key]; | |
419 | } | |
420 | ||
92fb57b8 | 421 | static void lo_map_remove(struct lo_map *map, size_t key) |
25c13572 SH |
422 | { |
423 | struct lo_map_elem *elem; | |
424 | ||
425 | if (key >= map->nelems) { | |
426 | return; | |
427 | } | |
428 | ||
429 | elem = &map->elems[key]; | |
430 | if (!elem->in_use) { | |
431 | return; | |
432 | } | |
433 | ||
434 | elem->in_use = false; | |
435 | ||
436 | elem->freelist = map->freelist; | |
437 | map->freelist = key; | |
438 | } | |
439 | ||
73b4d19d SH |
440 | /* Assumes lo->mutex is held */ |
441 | static ssize_t lo_add_fd_mapping(fuse_req_t req, int fd) | |
442 | { | |
443 | struct lo_map_elem *elem; | |
444 | ||
445 | elem = lo_map_alloc_elem(&lo_data(req)->fd_map); | |
446 | if (!elem) { | |
447 | return -1; | |
448 | } | |
449 | ||
450 | elem->fd = fd; | |
451 | return elem - lo_data(req)->fd_map.elems; | |
452 | } | |
453 | ||
b39bce12 SH |
454 | /* Assumes lo->mutex is held */ |
455 | static ssize_t lo_add_dirp_mapping(fuse_req_t req, struct lo_dirp *dirp) | |
456 | { | |
457 | struct lo_map_elem *elem; | |
458 | ||
459 | elem = lo_map_alloc_elem(&lo_data(req)->dirp_map); | |
460 | if (!elem) { | |
461 | return -1; | |
462 | } | |
463 | ||
464 | elem->dirp = dirp; | |
465 | return elem - lo_data(req)->dirp_map.elems; | |
466 | } | |
467 | ||
92fb57b8 SH |
468 | /* Assumes lo->mutex is held */ |
469 | static ssize_t lo_add_inode_mapping(fuse_req_t req, struct lo_inode *inode) | |
470 | { | |
471 | struct lo_map_elem *elem; | |
472 | ||
473 | elem = lo_map_alloc_elem(&lo_data(req)->ino_map); | |
474 | if (!elem) { | |
475 | return -1; | |
476 | } | |
477 | ||
478 | elem->inode = inode; | |
479 | return elem - lo_data(req)->ino_map.elems; | |
480 | } | |
481 | ||
c241aa94 SH |
482 | static void lo_inode_put(struct lo_data *lo, struct lo_inode **inodep) |
483 | { | |
484 | struct lo_inode *inode = *inodep; | |
485 | ||
486 | if (!inode) { | |
487 | return; | |
488 | } | |
489 | ||
490 | *inodep = NULL; | |
491 | ||
492 | if (g_atomic_int_dec_and_test(&inode->refcount)) { | |
493 | close(inode->fd); | |
494 | free(inode); | |
495 | } | |
496 | } | |
497 | ||
498 | /* Caller must release refcount using lo_inode_put() */ | |
7c6b6602 DDAG |
499 | static struct lo_inode *lo_inode(fuse_req_t req, fuse_ino_t ino) |
500 | { | |
92fb57b8 SH |
501 | struct lo_data *lo = lo_data(req); |
502 | struct lo_map_elem *elem; | |
503 | ||
504 | pthread_mutex_lock(&lo->mutex); | |
505 | elem = lo_map_get(&lo->ino_map, ino); | |
c241aa94 SH |
506 | if (elem) { |
507 | g_atomic_int_inc(&elem->inode->refcount); | |
508 | } | |
92fb57b8 SH |
509 | pthread_mutex_unlock(&lo->mutex); |
510 | ||
511 | if (!elem) { | |
512 | return NULL; | |
7387863d | 513 | } |
92fb57b8 SH |
514 | |
515 | return elem->inode; | |
7c6b6602 DDAG |
516 | } |
517 | ||
c241aa94 SH |
518 | /* |
519 | * TODO Remove this helper and force callers to hold an inode refcount until | |
520 | * they are done with the fd. This will be done in a later patch to make | |
521 | * review easier. | |
522 | */ | |
7c6b6602 DDAG |
523 | static int lo_fd(fuse_req_t req, fuse_ino_t ino) |
524 | { | |
92fb57b8 | 525 | struct lo_inode *inode = lo_inode(req, ino); |
c241aa94 SH |
526 | int fd; |
527 | ||
528 | if (!inode) { | |
529 | return -1; | |
530 | } | |
531 | ||
532 | fd = inode->fd; | |
533 | lo_inode_put(lo_data(req), &inode); | |
534 | return fd; | |
7c6b6602 DDAG |
535 | } |
536 | ||
7387863d | 537 | static void lo_init(void *userdata, struct fuse_conn_info *conn) |
7c6b6602 | 538 | { |
7387863d DDAG |
539 | struct lo_data *lo = (struct lo_data *)userdata; |
540 | ||
541 | if (conn->capable & FUSE_CAP_EXPORT_SUPPORT) { | |
542 | conn->want |= FUSE_CAP_EXPORT_SUPPORT; | |
543 | } | |
544 | ||
545 | if (lo->writeback && conn->capable & FUSE_CAP_WRITEBACK_CACHE) { | |
d240314a | 546 | fuse_log(FUSE_LOG_DEBUG, "lo_init: activating writeback\n"); |
7387863d DDAG |
547 | conn->want |= FUSE_CAP_WRITEBACK_CACHE; |
548 | } | |
e468d4af PT |
549 | if (conn->capable & FUSE_CAP_FLOCK_LOCKS) { |
550 | if (lo->flock) { | |
551 | fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n"); | |
552 | conn->want |= FUSE_CAP_FLOCK_LOCKS; | |
553 | } else { | |
554 | fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling flock locks\n"); | |
555 | conn->want &= ~FUSE_CAP_FLOCK_LOCKS; | |
556 | } | |
7387863d | 557 | } |
0e81414c VG |
558 | |
559 | if (conn->capable & FUSE_CAP_POSIX_LOCKS) { | |
560 | if (lo->posix_lock) { | |
561 | fuse_log(FUSE_LOG_DEBUG, "lo_init: activating posix locks\n"); | |
562 | conn->want |= FUSE_CAP_POSIX_LOCKS; | |
563 | } else { | |
564 | fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling posix locks\n"); | |
565 | conn->want &= ~FUSE_CAP_POSIX_LOCKS; | |
566 | } | |
567 | } | |
568 | ||
230e777b | 569 | if ((lo->cache == CACHE_NONE && !lo->readdirplus_set) || |
59aef494 | 570 | lo->readdirplus_clear) { |
ddcbabcb MS |
571 | fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling readdirplus\n"); |
572 | conn->want &= ~FUSE_CAP_READDIRPLUS; | |
573 | } | |
7c6b6602 DDAG |
574 | } |
575 | ||
576 | static void lo_getattr(fuse_req_t req, fuse_ino_t ino, | |
7387863d | 577 | struct fuse_file_info *fi) |
7c6b6602 | 578 | { |
7387863d DDAG |
579 | int res; |
580 | struct stat buf; | |
581 | struct lo_data *lo = lo_data(req); | |
7c6b6602 | 582 | |
7387863d | 583 | (void)fi; |
7c6b6602 | 584 | |
7387863d DDAG |
585 | res = |
586 | fstatat(lo_fd(req, ino), "", &buf, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW); | |
587 | if (res == -1) { | |
588 | return (void)fuse_reply_err(req, errno); | |
589 | } | |
7c6b6602 | 590 | |
7387863d | 591 | fuse_reply_attr(req, &buf, lo->timeout); |
7c6b6602 DDAG |
592 | } |
593 | ||
c241aa94 SH |
594 | /* |
595 | * Increments parent->nlookup and caller must release refcount using | |
596 | * lo_inode_put(&parent). | |
597 | */ | |
5fe319a7 MS |
598 | static int lo_parent_and_name(struct lo_data *lo, struct lo_inode *inode, |
599 | char path[PATH_MAX], struct lo_inode **parent) | |
7c6b6602 | 600 | { |
7387863d | 601 | char procname[64]; |
5fe319a7 MS |
602 | char *last; |
603 | struct stat stat; | |
604 | struct lo_inode *p; | |
605 | int retries = 2; | |
606 | int res; | |
607 | ||
608 | retry: | |
9f59d175 | 609 | sprintf(procname, "%i", inode->fd); |
5fe319a7 | 610 | |
9f59d175 | 611 | res = readlinkat(lo->proc_self_fd, procname, path, PATH_MAX); |
5fe319a7 MS |
612 | if (res < 0) { |
613 | fuse_log(FUSE_LOG_WARNING, "%s: readlink failed: %m\n", __func__); | |
614 | goto fail_noretry; | |
615 | } | |
616 | ||
617 | if (res >= PATH_MAX) { | |
618 | fuse_log(FUSE_LOG_WARNING, "%s: readlink overflowed\n", __func__); | |
619 | goto fail_noretry; | |
620 | } | |
621 | path[res] = '\0'; | |
622 | ||
623 | last = strrchr(path, '/'); | |
624 | if (last == NULL) { | |
625 | /* Shouldn't happen */ | |
626 | fuse_log( | |
627 | FUSE_LOG_WARNING, | |
628 | "%s: INTERNAL ERROR: bad path read from proc\n", __func__); | |
629 | goto fail_noretry; | |
630 | } | |
631 | if (last == path) { | |
632 | p = &lo->root; | |
633 | pthread_mutex_lock(&lo->mutex); | |
1222f015 | 634 | p->nlookup++; |
c241aa94 | 635 | g_atomic_int_inc(&p->refcount); |
5fe319a7 MS |
636 | pthread_mutex_unlock(&lo->mutex); |
637 | } else { | |
638 | *last = '\0'; | |
639 | res = fstatat(AT_FDCWD, last == path ? "/" : path, &stat, 0); | |
640 | if (res == -1) { | |
641 | if (!retries) { | |
642 | fuse_log(FUSE_LOG_WARNING, | |
643 | "%s: failed to stat parent: %m\n", __func__); | |
644 | } | |
645 | goto fail; | |
646 | } | |
647 | p = lo_find(lo, &stat); | |
648 | if (p == NULL) { | |
649 | if (!retries) { | |
650 | fuse_log(FUSE_LOG_WARNING, | |
651 | "%s: failed to find parent\n", __func__); | |
652 | } | |
653 | goto fail; | |
654 | } | |
655 | } | |
656 | last++; | |
657 | res = fstatat(p->fd, last, &stat, AT_SYMLINK_NOFOLLOW); | |
658 | if (res == -1) { | |
659 | if (!retries) { | |
660 | fuse_log(FUSE_LOG_WARNING, | |
661 | "%s: failed to stat last\n", __func__); | |
662 | } | |
663 | goto fail_unref; | |
664 | } | |
bfc50a6e | 665 | if (stat.st_dev != inode->key.dev || stat.st_ino != inode->key.ino) { |
5fe319a7 MS |
666 | if (!retries) { |
667 | fuse_log(FUSE_LOG_WARNING, | |
668 | "%s: failed to match last\n", __func__); | |
669 | } | |
670 | goto fail_unref; | |
671 | } | |
672 | *parent = p; | |
673 | memmove(path, last, strlen(last) + 1); | |
674 | ||
675 | return 0; | |
676 | ||
677 | fail_unref: | |
95d27157 | 678 | unref_inode_lolocked(lo, p, 1); |
c241aa94 | 679 | lo_inode_put(lo, &p); |
5fe319a7 MS |
680 | fail: |
681 | if (retries) { | |
682 | retries--; | |
683 | goto retry; | |
684 | } | |
685 | fail_noretry: | |
686 | errno = EIO; | |
687 | return -1; | |
688 | } | |
689 | ||
690 | static int utimensat_empty(struct lo_data *lo, struct lo_inode *inode, | |
691 | const struct timespec *tv) | |
692 | { | |
693 | int res; | |
694 | struct lo_inode *parent; | |
695 | char path[PATH_MAX]; | |
7387863d DDAG |
696 | |
697 | if (inode->is_symlink) { | |
5fe319a7 | 698 | res = utimensat(inode->fd, "", tv, AT_EMPTY_PATH); |
7387863d DDAG |
699 | if (res == -1 && errno == EINVAL) { |
700 | /* Sorry, no race free way to set times on symlink. */ | |
5fe319a7 MS |
701 | if (lo->norace) { |
702 | errno = EPERM; | |
703 | } else { | |
704 | goto fallback; | |
705 | } | |
7387863d DDAG |
706 | } |
707 | return res; | |
708 | } | |
9f59d175 | 709 | sprintf(path, "%i", inode->fd); |
5fe319a7 | 710 | |
9f59d175 | 711 | return utimensat(lo->proc_self_fd, path, tv, 0); |
7387863d | 712 | |
5fe319a7 MS |
713 | fallback: |
714 | res = lo_parent_and_name(lo, inode, path, &parent); | |
715 | if (res != -1) { | |
716 | res = utimensat(parent->fd, path, tv, AT_SYMLINK_NOFOLLOW); | |
95d27157 | 717 | unref_inode_lolocked(lo, parent, 1); |
c241aa94 | 718 | lo_inode_put(lo, &parent); |
5fe319a7 MS |
719 | } |
720 | ||
721 | return res; | |
7c6b6602 DDAG |
722 | } |
723 | ||
73b4d19d SH |
724 | static int lo_fi_fd(fuse_req_t req, struct fuse_file_info *fi) |
725 | { | |
726 | struct lo_data *lo = lo_data(req); | |
727 | struct lo_map_elem *elem; | |
728 | ||
729 | pthread_mutex_lock(&lo->mutex); | |
730 | elem = lo_map_get(&lo->fd_map, fi->fh); | |
731 | pthread_mutex_unlock(&lo->mutex); | |
732 | ||
733 | if (!elem) { | |
734 | return -1; | |
735 | } | |
736 | ||
737 | return elem->fd; | |
738 | } | |
739 | ||
7c6b6602 | 740 | static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr, |
7387863d | 741 | int valid, struct fuse_file_info *fi) |
7c6b6602 | 742 | { |
7387863d DDAG |
743 | int saverr; |
744 | char procname[64]; | |
5fe319a7 | 745 | struct lo_data *lo = lo_data(req); |
92fb57b8 SH |
746 | struct lo_inode *inode; |
747 | int ifd; | |
7387863d | 748 | int res; |
73b4d19d | 749 | int fd; |
7387863d | 750 | |
92fb57b8 SH |
751 | inode = lo_inode(req, ino); |
752 | if (!inode) { | |
753 | fuse_reply_err(req, EBADF); | |
754 | return; | |
755 | } | |
756 | ||
757 | ifd = inode->fd; | |
758 | ||
73b4d19d SH |
759 | /* If fi->fh is invalid we'll report EBADF later */ |
760 | if (fi) { | |
761 | fd = lo_fi_fd(req, fi); | |
762 | } | |
763 | ||
7387863d DDAG |
764 | if (valid & FUSE_SET_ATTR_MODE) { |
765 | if (fi) { | |
73b4d19d | 766 | res = fchmod(fd, attr->st_mode); |
7387863d | 767 | } else { |
9f59d175 SH |
768 | sprintf(procname, "%i", ifd); |
769 | res = fchmodat(lo->proc_self_fd, procname, attr->st_mode, 0); | |
7387863d DDAG |
770 | } |
771 | if (res == -1) { | |
772 | goto out_err; | |
773 | } | |
774 | } | |
775 | if (valid & (FUSE_SET_ATTR_UID | FUSE_SET_ATTR_GID)) { | |
776 | uid_t uid = (valid & FUSE_SET_ATTR_UID) ? attr->st_uid : (uid_t)-1; | |
777 | gid_t gid = (valid & FUSE_SET_ATTR_GID) ? attr->st_gid : (gid_t)-1; | |
778 | ||
779 | res = fchownat(ifd, "", uid, gid, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW); | |
780 | if (res == -1) { | |
781 | goto out_err; | |
782 | } | |
783 | } | |
784 | if (valid & FUSE_SET_ATTR_SIZE) { | |
9f59d175 SH |
785 | int truncfd; |
786 | ||
7387863d | 787 | if (fi) { |
9f59d175 | 788 | truncfd = fd; |
7387863d | 789 | } else { |
9f59d175 SH |
790 | sprintf(procname, "%i", ifd); |
791 | truncfd = openat(lo->proc_self_fd, procname, O_RDWR); | |
792 | if (truncfd < 0) { | |
793 | goto out_err; | |
794 | } | |
795 | } | |
796 | ||
797 | res = ftruncate(truncfd, attr->st_size); | |
798 | if (!fi) { | |
799 | saverr = errno; | |
800 | close(truncfd); | |
801 | errno = saverr; | |
7387863d DDAG |
802 | } |
803 | if (res == -1) { | |
804 | goto out_err; | |
805 | } | |
806 | } | |
807 | if (valid & (FUSE_SET_ATTR_ATIME | FUSE_SET_ATTR_MTIME)) { | |
808 | struct timespec tv[2]; | |
809 | ||
810 | tv[0].tv_sec = 0; | |
811 | tv[1].tv_sec = 0; | |
812 | tv[0].tv_nsec = UTIME_OMIT; | |
813 | tv[1].tv_nsec = UTIME_OMIT; | |
814 | ||
815 | if (valid & FUSE_SET_ATTR_ATIME_NOW) { | |
816 | tv[0].tv_nsec = UTIME_NOW; | |
817 | } else if (valid & FUSE_SET_ATTR_ATIME) { | |
818 | tv[0] = attr->st_atim; | |
819 | } | |
820 | ||
821 | if (valid & FUSE_SET_ATTR_MTIME_NOW) { | |
822 | tv[1].tv_nsec = UTIME_NOW; | |
823 | } else if (valid & FUSE_SET_ATTR_MTIME) { | |
824 | tv[1] = attr->st_mtim; | |
825 | } | |
826 | ||
827 | if (fi) { | |
73b4d19d | 828 | res = futimens(fd, tv); |
7387863d | 829 | } else { |
5fe319a7 | 830 | res = utimensat_empty(lo, inode, tv); |
7387863d DDAG |
831 | } |
832 | if (res == -1) { | |
833 | goto out_err; | |
834 | } | |
835 | } | |
c241aa94 | 836 | lo_inode_put(lo, &inode); |
7387863d DDAG |
837 | |
838 | return lo_getattr(req, ino, fi); | |
7c6b6602 DDAG |
839 | |
840 | out_err: | |
7387863d | 841 | saverr = errno; |
c241aa94 | 842 | lo_inode_put(lo, &inode); |
7387863d | 843 | fuse_reply_err(req, saverr); |
7c6b6602 DDAG |
844 | } |
845 | ||
846 | static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st) | |
847 | { | |
7387863d | 848 | struct lo_inode *p; |
bfc50a6e MS |
849 | struct lo_key key = { |
850 | .ino = st->st_ino, | |
851 | .dev = st->st_dev, | |
852 | }; | |
7387863d DDAG |
853 | |
854 | pthread_mutex_lock(&lo->mutex); | |
bfc50a6e MS |
855 | p = g_hash_table_lookup(lo->inodes, &key); |
856 | if (p) { | |
1222f015 SH |
857 | assert(p->nlookup > 0); |
858 | p->nlookup++; | |
c241aa94 | 859 | g_atomic_int_inc(&p->refcount); |
7387863d DDAG |
860 | } |
861 | pthread_mutex_unlock(&lo->mutex); | |
bfc50a6e MS |
862 | |
863 | return p; | |
7c6b6602 DDAG |
864 | } |
865 | ||
0e81414c VG |
866 | /* value_destroy_func for posix_locks GHashTable */ |
867 | static void posix_locks_value_destroy(gpointer data) | |
868 | { | |
869 | struct lo_inode_plock *plock = data; | |
870 | ||
871 | /* | |
872 | * We had used open() for locks and had only one fd. So | |
873 | * closing this fd should release all OFD locks. | |
874 | */ | |
875 | close(plock->fd); | |
876 | free(plock); | |
877 | } | |
878 | ||
c241aa94 SH |
879 | /* |
880 | * Increments nlookup and caller must release refcount using | |
881 | * lo_inode_put(&parent). | |
882 | */ | |
7c6b6602 | 883 | static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name, |
7387863d | 884 | struct fuse_entry_param *e) |
7c6b6602 | 885 | { |
7387863d DDAG |
886 | int newfd; |
887 | int res; | |
888 | int saverr; | |
889 | struct lo_data *lo = lo_data(req); | |
c241aa94 SH |
890 | struct lo_inode *inode = NULL; |
891 | struct lo_inode *dir = lo_inode(req, parent); | |
7387863d | 892 | |
9de4fab5 MS |
893 | /* |
894 | * name_to_handle_at() and open_by_handle_at() can reach here with fuse | |
895 | * mount point in guest, but we don't have its inode info in the | |
896 | * ino_map. | |
897 | */ | |
898 | if (!dir) { | |
899 | return ENOENT; | |
900 | } | |
901 | ||
7387863d DDAG |
902 | memset(e, 0, sizeof(*e)); |
903 | e->attr_timeout = lo->timeout; | |
904 | e->entry_timeout = lo->timeout; | |
905 | ||
854684bc SH |
906 | /* Do not allow escaping root directory */ |
907 | if (dir == &lo->root && strcmp(name, "..") == 0) { | |
908 | name = "."; | |
909 | } | |
910 | ||
9de4fab5 | 911 | newfd = openat(dir->fd, name, O_PATH | O_NOFOLLOW); |
7387863d DDAG |
912 | if (newfd == -1) { |
913 | goto out_err; | |
914 | } | |
915 | ||
916 | res = fstatat(newfd, "", &e->attr, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW); | |
917 | if (res == -1) { | |
918 | goto out_err; | |
919 | } | |
920 | ||
9de4fab5 | 921 | inode = lo_find(lo, &e->attr); |
7387863d DDAG |
922 | if (inode) { |
923 | close(newfd); | |
924 | newfd = -1; | |
925 | } else { | |
7387863d DDAG |
926 | inode = calloc(1, sizeof(struct lo_inode)); |
927 | if (!inode) { | |
928 | goto out_err; | |
929 | } | |
930 | ||
931 | inode->is_symlink = S_ISLNK(e->attr.st_mode); | |
c241aa94 SH |
932 | |
933 | /* | |
934 | * One for the caller and one for nlookup (released in | |
935 | * unref_inode_lolocked()) | |
936 | */ | |
937 | g_atomic_int_set(&inode->refcount, 2); | |
938 | ||
1222f015 | 939 | inode->nlookup = 1; |
7387863d | 940 | inode->fd = newfd; |
9de4fab5 | 941 | newfd = -1; |
bfc50a6e MS |
942 | inode->key.ino = e->attr.st_ino; |
943 | inode->key.dev = e->attr.st_dev; | |
0e81414c VG |
944 | pthread_mutex_init(&inode->plock_mutex, NULL); |
945 | inode->posix_locks = g_hash_table_new_full( | |
946 | g_direct_hash, g_direct_equal, NULL, posix_locks_value_destroy); | |
7387863d DDAG |
947 | |
948 | pthread_mutex_lock(&lo->mutex); | |
92fb57b8 | 949 | inode->fuse_ino = lo_add_inode_mapping(req, inode); |
bfc50a6e | 950 | g_hash_table_insert(lo->inodes, &inode->key, inode); |
7387863d DDAG |
951 | pthread_mutex_unlock(&lo->mutex); |
952 | } | |
92fb57b8 | 953 | e->ino = inode->fuse_ino; |
c241aa94 SH |
954 | lo_inode_put(lo, &inode); |
955 | lo_inode_put(lo, &dir); | |
7387863d | 956 | |
d240314a EG |
957 | fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n", (unsigned long long)parent, |
958 | name, (unsigned long long)e->ino); | |
7387863d DDAG |
959 | |
960 | return 0; | |
7c6b6602 DDAG |
961 | |
962 | out_err: | |
7387863d DDAG |
963 | saverr = errno; |
964 | if (newfd != -1) { | |
965 | close(newfd); | |
966 | } | |
c241aa94 SH |
967 | lo_inode_put(lo, &inode); |
968 | lo_inode_put(lo, &dir); | |
7387863d | 969 | return saverr; |
7c6b6602 DDAG |
970 | } |
971 | ||
972 | static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name) | |
973 | { | |
7387863d DDAG |
974 | struct fuse_entry_param e; |
975 | int err; | |
976 | ||
d240314a EG |
977 | fuse_log(FUSE_LOG_DEBUG, "lo_lookup(parent=%" PRIu64 ", name=%s)\n", parent, |
978 | name); | |
7387863d | 979 | |
25dae28c SH |
980 | /* |
981 | * Don't use is_safe_path_component(), allow "." and ".." for NFS export | |
982 | * support. | |
983 | */ | |
984 | if (strchr(name, '/')) { | |
985 | fuse_reply_err(req, EINVAL); | |
986 | return; | |
987 | } | |
988 | ||
7387863d DDAG |
989 | err = lo_do_lookup(req, parent, name, &e); |
990 | if (err) { | |
991 | fuse_reply_err(req, err); | |
992 | } else { | |
993 | fuse_reply_entry(req, &e); | |
994 | } | |
7c6b6602 DDAG |
995 | } |
996 | ||
929cfb7a VG |
997 | /* |
998 | * On some archs, setres*id is limited to 2^16 but they | |
999 | * provide setres*id32 variants that allow 2^32. | |
1000 | * Others just let setres*id do 2^32 anyway. | |
1001 | */ | |
1002 | #ifdef SYS_setresgid32 | |
1003 | #define OURSYS_setresgid SYS_setresgid32 | |
1004 | #else | |
1005 | #define OURSYS_setresgid SYS_setresgid | |
1006 | #endif | |
1007 | ||
1008 | #ifdef SYS_setresuid32 | |
1009 | #define OURSYS_setresuid SYS_setresuid32 | |
1010 | #else | |
1011 | #define OURSYS_setresuid SYS_setresuid | |
1012 | #endif | |
1013 | ||
1014 | /* | |
1015 | * Change to uid/gid of caller so that file is created with | |
1016 | * ownership of caller. | |
1017 | * TODO: What about selinux context? | |
1018 | */ | |
1019 | static int lo_change_cred(fuse_req_t req, struct lo_cred *old) | |
1020 | { | |
1021 | int res; | |
1022 | ||
1023 | old->euid = geteuid(); | |
1024 | old->egid = getegid(); | |
1025 | ||
1026 | res = syscall(OURSYS_setresgid, -1, fuse_req_ctx(req)->gid, -1); | |
1027 | if (res == -1) { | |
1028 | return errno; | |
1029 | } | |
1030 | ||
1031 | res = syscall(OURSYS_setresuid, -1, fuse_req_ctx(req)->uid, -1); | |
1032 | if (res == -1) { | |
1033 | int errno_save = errno; | |
1034 | ||
1035 | syscall(OURSYS_setresgid, -1, old->egid, -1); | |
1036 | return errno_save; | |
1037 | } | |
1038 | ||
1039 | return 0; | |
1040 | } | |
1041 | ||
1042 | /* Regain Privileges */ | |
1043 | static void lo_restore_cred(struct lo_cred *old) | |
1044 | { | |
1045 | int res; | |
1046 | ||
1047 | res = syscall(OURSYS_setresuid, -1, old->euid, -1); | |
1048 | if (res == -1) { | |
1049 | fuse_log(FUSE_LOG_ERR, "seteuid(%u): %m\n", old->euid); | |
1050 | exit(1); | |
1051 | } | |
1052 | ||
1053 | res = syscall(OURSYS_setresgid, -1, old->egid, -1); | |
1054 | if (res == -1) { | |
1055 | fuse_log(FUSE_LOG_ERR, "setegid(%u): %m\n", old->egid); | |
1056 | exit(1); | |
1057 | } | |
1058 | } | |
1059 | ||
7c6b6602 | 1060 | static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent, |
7387863d DDAG |
1061 | const char *name, mode_t mode, dev_t rdev, |
1062 | const char *link) | |
7c6b6602 | 1063 | { |
7387863d DDAG |
1064 | int res; |
1065 | int saverr; | |
c241aa94 | 1066 | struct lo_data *lo = lo_data(req); |
92fb57b8 | 1067 | struct lo_inode *dir; |
7387863d | 1068 | struct fuse_entry_param e; |
929cfb7a | 1069 | struct lo_cred old = {}; |
7c6b6602 | 1070 | |
25dae28c SH |
1071 | if (!is_safe_path_component(name)) { |
1072 | fuse_reply_err(req, EINVAL); | |
1073 | return; | |
1074 | } | |
1075 | ||
92fb57b8 SH |
1076 | dir = lo_inode(req, parent); |
1077 | if (!dir) { | |
1078 | fuse_reply_err(req, EBADF); | |
1079 | return; | |
1080 | } | |
1081 | ||
7387863d | 1082 | saverr = ENOMEM; |
7c6b6602 | 1083 | |
929cfb7a VG |
1084 | saverr = lo_change_cred(req, &old); |
1085 | if (saverr) { | |
1086 | goto out; | |
1087 | } | |
1088 | ||
7387863d | 1089 | res = mknod_wrapper(dir->fd, name, link, mode, rdev); |
7c6b6602 | 1090 | |
7387863d | 1091 | saverr = errno; |
929cfb7a VG |
1092 | |
1093 | lo_restore_cred(&old); | |
1094 | ||
7387863d DDAG |
1095 | if (res == -1) { |
1096 | goto out; | |
1097 | } | |
7c6b6602 | 1098 | |
7387863d DDAG |
1099 | saverr = lo_do_lookup(req, parent, name, &e); |
1100 | if (saverr) { | |
1101 | goto out; | |
1102 | } | |
7c6b6602 | 1103 | |
d240314a EG |
1104 | fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n", (unsigned long long)parent, |
1105 | name, (unsigned long long)e.ino); | |
7c6b6602 | 1106 | |
7387863d | 1107 | fuse_reply_entry(req, &e); |
c241aa94 | 1108 | lo_inode_put(lo, &dir); |
7387863d | 1109 | return; |
7c6b6602 DDAG |
1110 | |
1111 | out: | |
c241aa94 | 1112 | lo_inode_put(lo, &dir); |
7387863d | 1113 | fuse_reply_err(req, saverr); |
7c6b6602 DDAG |
1114 | } |
1115 | ||
7387863d DDAG |
1116 | static void lo_mknod(fuse_req_t req, fuse_ino_t parent, const char *name, |
1117 | mode_t mode, dev_t rdev) | |
7c6b6602 | 1118 | { |
7387863d | 1119 | lo_mknod_symlink(req, parent, name, mode, rdev, NULL); |
7c6b6602 DDAG |
1120 | } |
1121 | ||
1122 | static void lo_mkdir(fuse_req_t req, fuse_ino_t parent, const char *name, | |
7387863d | 1123 | mode_t mode) |
7c6b6602 | 1124 | { |
7387863d | 1125 | lo_mknod_symlink(req, parent, name, S_IFDIR | mode, 0, NULL); |
7c6b6602 DDAG |
1126 | } |
1127 | ||
7387863d DDAG |
1128 | static void lo_symlink(fuse_req_t req, const char *link, fuse_ino_t parent, |
1129 | const char *name) | |
7c6b6602 | 1130 | { |
7387863d | 1131 | lo_mknod_symlink(req, parent, name, S_IFLNK, 0, link); |
7c6b6602 DDAG |
1132 | } |
1133 | ||
5fe319a7 MS |
1134 | static int linkat_empty_nofollow(struct lo_data *lo, struct lo_inode *inode, |
1135 | int dfd, const char *name) | |
7c6b6602 | 1136 | { |
7387863d | 1137 | int res; |
5fe319a7 MS |
1138 | struct lo_inode *parent; |
1139 | char path[PATH_MAX]; | |
7c6b6602 | 1140 | |
7387863d DDAG |
1141 | if (inode->is_symlink) { |
1142 | res = linkat(inode->fd, "", dfd, name, AT_EMPTY_PATH); | |
1143 | if (res == -1 && (errno == ENOENT || errno == EINVAL)) { | |
1144 | /* Sorry, no race free way to hard-link a symlink. */ | |
5fe319a7 MS |
1145 | if (lo->norace) { |
1146 | errno = EPERM; | |
1147 | } else { | |
1148 | goto fallback; | |
1149 | } | |
7387863d DDAG |
1150 | } |
1151 | return res; | |
1152 | } | |
7c6b6602 | 1153 | |
9f59d175 | 1154 | sprintf(path, "%i", inode->fd); |
5fe319a7 | 1155 | |
9f59d175 | 1156 | return linkat(lo->proc_self_fd, path, dfd, name, AT_SYMLINK_FOLLOW); |
5fe319a7 MS |
1157 | |
1158 | fallback: | |
1159 | res = lo_parent_and_name(lo, inode, path, &parent); | |
1160 | if (res != -1) { | |
1161 | res = linkat(parent->fd, path, dfd, name, 0); | |
95d27157 | 1162 | unref_inode_lolocked(lo, parent, 1); |
c241aa94 | 1163 | lo_inode_put(lo, &parent); |
5fe319a7 | 1164 | } |
7c6b6602 | 1165 | |
5fe319a7 | 1166 | return res; |
7c6b6602 DDAG |
1167 | } |
1168 | ||
1169 | static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent, | |
7387863d | 1170 | const char *name) |
7c6b6602 | 1171 | { |
7387863d DDAG |
1172 | int res; |
1173 | struct lo_data *lo = lo_data(req); | |
c241aa94 | 1174 | struct lo_inode *parent_inode; |
92fb57b8 | 1175 | struct lo_inode *inode; |
7387863d DDAG |
1176 | struct fuse_entry_param e; |
1177 | int saverr; | |
1178 | ||
25dae28c SH |
1179 | if (!is_safe_path_component(name)) { |
1180 | fuse_reply_err(req, EINVAL); | |
1181 | return; | |
1182 | } | |
1183 | ||
c241aa94 | 1184 | parent_inode = lo_inode(req, parent); |
92fb57b8 | 1185 | inode = lo_inode(req, ino); |
c241aa94 SH |
1186 | if (!parent_inode || !inode) { |
1187 | errno = EBADF; | |
1188 | goto out_err; | |
92fb57b8 SH |
1189 | } |
1190 | ||
7387863d DDAG |
1191 | memset(&e, 0, sizeof(struct fuse_entry_param)); |
1192 | e.attr_timeout = lo->timeout; | |
1193 | e.entry_timeout = lo->timeout; | |
1194 | ||
c241aa94 | 1195 | res = linkat_empty_nofollow(lo, inode, parent_inode->fd, name); |
7387863d DDAG |
1196 | if (res == -1) { |
1197 | goto out_err; | |
1198 | } | |
1199 | ||
1200 | res = fstatat(inode->fd, "", &e.attr, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW); | |
1201 | if (res == -1) { | |
1202 | goto out_err; | |
1203 | } | |
1204 | ||
1205 | pthread_mutex_lock(&lo->mutex); | |
1222f015 | 1206 | inode->nlookup++; |
7387863d | 1207 | pthread_mutex_unlock(&lo->mutex); |
92fb57b8 | 1208 | e.ino = inode->fuse_ino; |
7387863d | 1209 | |
d240314a EG |
1210 | fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n", (unsigned long long)parent, |
1211 | name, (unsigned long long)e.ino); | |
7387863d DDAG |
1212 | |
1213 | fuse_reply_entry(req, &e); | |
c241aa94 SH |
1214 | lo_inode_put(lo, &parent_inode); |
1215 | lo_inode_put(lo, &inode); | |
7387863d | 1216 | return; |
7c6b6602 DDAG |
1217 | |
1218 | out_err: | |
7387863d | 1219 | saverr = errno; |
c241aa94 SH |
1220 | lo_inode_put(lo, &parent_inode); |
1221 | lo_inode_put(lo, &inode); | |
7387863d | 1222 | fuse_reply_err(req, saverr); |
7c6b6602 DDAG |
1223 | } |
1224 | ||
c241aa94 | 1225 | /* Increments nlookup and caller must release refcount using lo_inode_put() */ |
9257e514 MS |
1226 | static struct lo_inode *lookup_name(fuse_req_t req, fuse_ino_t parent, |
1227 | const char *name) | |
1228 | { | |
1229 | int res; | |
1230 | struct stat attr; | |
1231 | ||
1232 | res = fstatat(lo_fd(req, parent), name, &attr, | |
1233 | AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW); | |
1234 | if (res == -1) { | |
1235 | return NULL; | |
1236 | } | |
1237 | ||
1238 | return lo_find(lo_data(req), &attr); | |
1239 | } | |
1240 | ||
7c6b6602 DDAG |
1241 | static void lo_rmdir(fuse_req_t req, fuse_ino_t parent, const char *name) |
1242 | { | |
7387863d | 1243 | int res; |
9257e514 MS |
1244 | struct lo_inode *inode; |
1245 | struct lo_data *lo = lo_data(req); | |
1246 | ||
25dae28c SH |
1247 | if (!is_safe_path_component(name)) { |
1248 | fuse_reply_err(req, EINVAL); | |
1249 | return; | |
1250 | } | |
7c6b6602 | 1251 | |
9257e514 MS |
1252 | inode = lookup_name(req, parent, name); |
1253 | if (!inode) { | |
1254 | fuse_reply_err(req, EIO); | |
1255 | return; | |
1256 | } | |
1257 | ||
7387863d | 1258 | res = unlinkat(lo_fd(req, parent), name, AT_REMOVEDIR); |
7c6b6602 | 1259 | |
7387863d | 1260 | fuse_reply_err(req, res == -1 ? errno : 0); |
9257e514 | 1261 | unref_inode_lolocked(lo, inode, 1); |
c241aa94 | 1262 | lo_inode_put(lo, &inode); |
7c6b6602 DDAG |
1263 | } |
1264 | ||
1265 | static void lo_rename(fuse_req_t req, fuse_ino_t parent, const char *name, | |
7387863d DDAG |
1266 | fuse_ino_t newparent, const char *newname, |
1267 | unsigned int flags) | |
7c6b6602 | 1268 | { |
7387863d | 1269 | int res; |
c241aa94 SH |
1270 | struct lo_inode *parent_inode; |
1271 | struct lo_inode *newparent_inode; | |
1272 | struct lo_inode *oldinode = NULL; | |
1273 | struct lo_inode *newinode = NULL; | |
9257e514 | 1274 | struct lo_data *lo = lo_data(req); |
7c6b6602 | 1275 | |
25dae28c SH |
1276 | if (!is_safe_path_component(name) || !is_safe_path_component(newname)) { |
1277 | fuse_reply_err(req, EINVAL); | |
1278 | return; | |
1279 | } | |
1280 | ||
c241aa94 SH |
1281 | parent_inode = lo_inode(req, parent); |
1282 | newparent_inode = lo_inode(req, newparent); | |
1283 | if (!parent_inode || !newparent_inode) { | |
1284 | fuse_reply_err(req, EBADF); | |
1285 | goto out; | |
1286 | } | |
1287 | ||
9257e514 MS |
1288 | oldinode = lookup_name(req, parent, name); |
1289 | newinode = lookup_name(req, newparent, newname); | |
1290 | ||
1291 | if (!oldinode) { | |
1292 | fuse_reply_err(req, EIO); | |
1293 | goto out; | |
1294 | } | |
1295 | ||
7387863d | 1296 | if (flags) { |
f0ab7d6f | 1297 | #ifndef SYS_renameat2 |
7387863d | 1298 | fuse_reply_err(req, EINVAL); |
f0ab7d6f | 1299 | #else |
c241aa94 SH |
1300 | res = syscall(SYS_renameat2, parent_inode->fd, name, |
1301 | newparent_inode->fd, newname, flags); | |
f0ab7d6f MS |
1302 | if (res == -1 && errno == ENOSYS) { |
1303 | fuse_reply_err(req, EINVAL); | |
1304 | } else { | |
1305 | fuse_reply_err(req, res == -1 ? errno : 0); | |
1306 | } | |
1307 | #endif | |
9257e514 | 1308 | goto out; |
7387863d | 1309 | } |
7c6b6602 | 1310 | |
c241aa94 | 1311 | res = renameat(parent_inode->fd, name, newparent_inode->fd, newname); |
7c6b6602 | 1312 | |
7387863d | 1313 | fuse_reply_err(req, res == -1 ? errno : 0); |
9257e514 MS |
1314 | out: |
1315 | unref_inode_lolocked(lo, oldinode, 1); | |
1316 | unref_inode_lolocked(lo, newinode, 1); | |
c241aa94 SH |
1317 | lo_inode_put(lo, &oldinode); |
1318 | lo_inode_put(lo, &newinode); | |
1319 | lo_inode_put(lo, &parent_inode); | |
1320 | lo_inode_put(lo, &newparent_inode); | |
7c6b6602 DDAG |
1321 | } |
1322 | ||
1323 | static void lo_unlink(fuse_req_t req, fuse_ino_t parent, const char *name) | |
1324 | { | |
7387863d | 1325 | int res; |
9257e514 MS |
1326 | struct lo_inode *inode; |
1327 | struct lo_data *lo = lo_data(req); | |
7c6b6602 | 1328 | |
25dae28c SH |
1329 | if (!is_safe_path_component(name)) { |
1330 | fuse_reply_err(req, EINVAL); | |
1331 | return; | |
1332 | } | |
1333 | ||
9257e514 MS |
1334 | inode = lookup_name(req, parent, name); |
1335 | if (!inode) { | |
1336 | fuse_reply_err(req, EIO); | |
1337 | return; | |
1338 | } | |
1339 | ||
7387863d | 1340 | res = unlinkat(lo_fd(req, parent), name, 0); |
7c6b6602 | 1341 | |
7387863d | 1342 | fuse_reply_err(req, res == -1 ? errno : 0); |
9257e514 | 1343 | unref_inode_lolocked(lo, inode, 1); |
c241aa94 | 1344 | lo_inode_put(lo, &inode); |
7c6b6602 DDAG |
1345 | } |
1346 | ||
95d27157 MS |
1347 | static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode, |
1348 | uint64_t n) | |
7c6b6602 | 1349 | { |
7387863d DDAG |
1350 | if (!inode) { |
1351 | return; | |
1352 | } | |
1353 | ||
1354 | pthread_mutex_lock(&lo->mutex); | |
1222f015 SH |
1355 | assert(inode->nlookup >= n); |
1356 | inode->nlookup -= n; | |
1357 | if (!inode->nlookup) { | |
92fb57b8 | 1358 | lo_map_remove(&lo->ino_map, inode->fuse_ino); |
bfc50a6e | 1359 | g_hash_table_remove(lo->inodes, &inode->key); |
0e81414c VG |
1360 | if (g_hash_table_size(inode->posix_locks)) { |
1361 | fuse_log(FUSE_LOG_WARNING, "Hash table is not empty\n"); | |
1362 | } | |
1363 | g_hash_table_destroy(inode->posix_locks); | |
1364 | pthread_mutex_destroy(&inode->plock_mutex); | |
7387863d | 1365 | pthread_mutex_unlock(&lo->mutex); |
c241aa94 SH |
1366 | |
1367 | /* Drop our refcount from lo_do_lookup() */ | |
1368 | lo_inode_put(lo, &inode); | |
7387863d DDAG |
1369 | } else { |
1370 | pthread_mutex_unlock(&lo->mutex); | |
1371 | } | |
7c6b6602 DDAG |
1372 | } |
1373 | ||
771b01eb DDAG |
1374 | static int unref_all_inodes_cb(gpointer key, gpointer value, gpointer user_data) |
1375 | { | |
1376 | struct lo_inode *inode = value; | |
1377 | struct lo_data *lo = user_data; | |
1378 | ||
1222f015 | 1379 | inode->nlookup = 0; |
771b01eb DDAG |
1380 | lo_map_remove(&lo->ino_map, inode->fuse_ino); |
1381 | close(inode->fd); | |
c241aa94 | 1382 | lo_inode_put(lo, &inode); /* Drop our refcount from lo_do_lookup() */ |
771b01eb DDAG |
1383 | |
1384 | return TRUE; | |
1385 | } | |
1386 | ||
1387 | static void unref_all_inodes(struct lo_data *lo) | |
1388 | { | |
1389 | pthread_mutex_lock(&lo->mutex); | |
1390 | g_hash_table_foreach_remove(lo->inodes, unref_all_inodes_cb, lo); | |
1391 | pthread_mutex_unlock(&lo->mutex); | |
1392 | } | |
1393 | ||
7c6b6602 DDAG |
1394 | static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup) |
1395 | { | |
7387863d | 1396 | struct lo_data *lo = lo_data(req); |
92fb57b8 SH |
1397 | struct lo_inode *inode; |
1398 | ||
1399 | inode = lo_inode(req, ino); | |
1400 | if (!inode) { | |
1401 | return; | |
1402 | } | |
7c6b6602 | 1403 | |
d240314a | 1404 | fuse_log(FUSE_LOG_DEBUG, " forget %lli %lli -%lli\n", |
1222f015 | 1405 | (unsigned long long)ino, (unsigned long long)inode->nlookup, |
d240314a | 1406 | (unsigned long long)nlookup); |
7c6b6602 | 1407 | |
95d27157 | 1408 | unref_inode_lolocked(lo, inode, nlookup); |
c241aa94 | 1409 | lo_inode_put(lo, &inode); |
7c6b6602 DDAG |
1410 | } |
1411 | ||
1412 | static void lo_forget(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup) | |
1413 | { | |
7387863d DDAG |
1414 | lo_forget_one(req, ino, nlookup); |
1415 | fuse_reply_none(req); | |
7c6b6602 DDAG |
1416 | } |
1417 | ||
1418 | static void lo_forget_multi(fuse_req_t req, size_t count, | |
7387863d | 1419 | struct fuse_forget_data *forgets) |
7c6b6602 | 1420 | { |
7387863d | 1421 | int i; |
7c6b6602 | 1422 | |
7387863d DDAG |
1423 | for (i = 0; i < count; i++) { |
1424 | lo_forget_one(req, forgets[i].ino, forgets[i].nlookup); | |
1425 | } | |
1426 | fuse_reply_none(req); | |
7c6b6602 DDAG |
1427 | } |
1428 | ||
1429 | static void lo_readlink(fuse_req_t req, fuse_ino_t ino) | |
1430 | { | |
7387863d DDAG |
1431 | char buf[PATH_MAX + 1]; |
1432 | int res; | |
7c6b6602 | 1433 | |
7387863d DDAG |
1434 | res = readlinkat(lo_fd(req, ino), "", buf, sizeof(buf)); |
1435 | if (res == -1) { | |
1436 | return (void)fuse_reply_err(req, errno); | |
1437 | } | |
7c6b6602 | 1438 | |
7387863d DDAG |
1439 | if (res == sizeof(buf)) { |
1440 | return (void)fuse_reply_err(req, ENAMETOOLONG); | |
1441 | } | |
7c6b6602 | 1442 | |
7387863d | 1443 | buf[res] = '\0'; |
7c6b6602 | 1444 | |
7387863d | 1445 | fuse_reply_readlink(req, buf); |
7c6b6602 DDAG |
1446 | } |
1447 | ||
1448 | struct lo_dirp { | |
acefdde7 | 1449 | gint refcount; |
7387863d DDAG |
1450 | DIR *dp; |
1451 | struct dirent *entry; | |
1452 | off_t offset; | |
7c6b6602 DDAG |
1453 | }; |
1454 | ||
acefdde7 SH |
1455 | static void lo_dirp_put(struct lo_dirp **dp) |
1456 | { | |
1457 | struct lo_dirp *d = *dp; | |
1458 | ||
1459 | if (!d) { | |
1460 | return; | |
1461 | } | |
1462 | *dp = NULL; | |
1463 | ||
1464 | if (g_atomic_int_dec_and_test(&d->refcount)) { | |
1465 | closedir(d->dp); | |
1466 | free(d); | |
1467 | } | |
1468 | } | |
1469 | ||
1470 | /* Call lo_dirp_put() on the return value when no longer needed */ | |
b39bce12 | 1471 | static struct lo_dirp *lo_dirp(fuse_req_t req, struct fuse_file_info *fi) |
7c6b6602 | 1472 | { |
b39bce12 SH |
1473 | struct lo_data *lo = lo_data(req); |
1474 | struct lo_map_elem *elem; | |
1475 | ||
1476 | pthread_mutex_lock(&lo->mutex); | |
1477 | elem = lo_map_get(&lo->dirp_map, fi->fh); | |
acefdde7 SH |
1478 | if (elem) { |
1479 | g_atomic_int_inc(&elem->dirp->refcount); | |
1480 | } | |
b39bce12 SH |
1481 | pthread_mutex_unlock(&lo->mutex); |
1482 | if (!elem) { | |
1483 | return NULL; | |
1484 | } | |
1485 | ||
1486 | return elem->dirp; | |
7c6b6602 DDAG |
1487 | } |
1488 | ||
7387863d DDAG |
1489 | static void lo_opendir(fuse_req_t req, fuse_ino_t ino, |
1490 | struct fuse_file_info *fi) | |
7c6b6602 | 1491 | { |
7387863d DDAG |
1492 | int error = ENOMEM; |
1493 | struct lo_data *lo = lo_data(req); | |
1494 | struct lo_dirp *d; | |
1495 | int fd; | |
b39bce12 | 1496 | ssize_t fh; |
7387863d DDAG |
1497 | |
1498 | d = calloc(1, sizeof(struct lo_dirp)); | |
1499 | if (d == NULL) { | |
1500 | goto out_err; | |
1501 | } | |
1502 | ||
1503 | fd = openat(lo_fd(req, ino), ".", O_RDONLY); | |
1504 | if (fd == -1) { | |
1505 | goto out_errno; | |
1506 | } | |
1507 | ||
1508 | d->dp = fdopendir(fd); | |
1509 | if (d->dp == NULL) { | |
1510 | goto out_errno; | |
1511 | } | |
1512 | ||
1513 | d->offset = 0; | |
1514 | d->entry = NULL; | |
1515 | ||
acefdde7 | 1516 | g_atomic_int_set(&d->refcount, 1); /* paired with lo_releasedir() */ |
b39bce12 SH |
1517 | pthread_mutex_lock(&lo->mutex); |
1518 | fh = lo_add_dirp_mapping(req, d); | |
1519 | pthread_mutex_unlock(&lo->mutex); | |
1520 | if (fh == -1) { | |
1521 | goto out_err; | |
1522 | } | |
1523 | ||
1524 | fi->fh = fh; | |
7387863d DDAG |
1525 | if (lo->cache == CACHE_ALWAYS) { |
1526 | fi->keep_cache = 1; | |
1527 | } | |
1528 | fuse_reply_open(req, fi); | |
1529 | return; | |
7c6b6602 DDAG |
1530 | |
1531 | out_errno: | |
7387863d | 1532 | error = errno; |
7c6b6602 | 1533 | out_err: |
7387863d | 1534 | if (d) { |
b39bce12 SH |
1535 | if (d->dp) { |
1536 | closedir(d->dp); | |
1537 | } | |
7387863d DDAG |
1538 | if (fd != -1) { |
1539 | close(fd); | |
1540 | } | |
1541 | free(d); | |
1542 | } | |
1543 | fuse_reply_err(req, error); | |
7c6b6602 DDAG |
1544 | } |
1545 | ||
7c6b6602 | 1546 | static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size, |
7387863d | 1547 | off_t offset, struct fuse_file_info *fi, int plus) |
7c6b6602 | 1548 | { |
752272da | 1549 | struct lo_data *lo = lo_data(req); |
acefdde7 | 1550 | struct lo_dirp *d = NULL; |
752272da | 1551 | struct lo_inode *dinode; |
b39bce12 | 1552 | char *buf = NULL; |
7387863d DDAG |
1553 | char *p; |
1554 | size_t rem = size; | |
752272da | 1555 | int err = EBADF; |
7387863d | 1556 | |
752272da SH |
1557 | dinode = lo_inode(req, ino); |
1558 | if (!dinode) { | |
1559 | goto error; | |
1560 | } | |
7387863d | 1561 | |
b39bce12 SH |
1562 | d = lo_dirp(req, fi); |
1563 | if (!d) { | |
1564 | goto error; | |
1565 | } | |
1566 | ||
752272da | 1567 | err = ENOMEM; |
7387863d DDAG |
1568 | buf = calloc(1, size); |
1569 | if (!buf) { | |
7387863d DDAG |
1570 | goto error; |
1571 | } | |
1572 | p = buf; | |
1573 | ||
1574 | if (offset != d->offset) { | |
1575 | seekdir(d->dp, offset); | |
1576 | d->entry = NULL; | |
1577 | d->offset = offset; | |
1578 | } | |
1579 | while (1) { | |
1580 | size_t entsize; | |
1581 | off_t nextoff; | |
1582 | const char *name; | |
1583 | ||
1584 | if (!d->entry) { | |
1585 | errno = 0; | |
1586 | d->entry = readdir(d->dp); | |
1587 | if (!d->entry) { | |
1588 | if (errno) { /* Error */ | |
1589 | err = errno; | |
1590 | goto error; | |
1591 | } else { /* End of stream */ | |
1592 | break; | |
1593 | } | |
1594 | } | |
1595 | } | |
1596 | nextoff = d->entry->d_off; | |
1597 | name = d->entry->d_name; | |
752272da | 1598 | |
7387863d | 1599 | fuse_ino_t entry_ino = 0; |
752272da SH |
1600 | struct fuse_entry_param e = (struct fuse_entry_param){ |
1601 | .attr.st_ino = d->entry->d_ino, | |
1602 | .attr.st_mode = d->entry->d_type << 12, | |
1603 | }; | |
1604 | ||
1605 | /* Hide root's parent directory */ | |
1606 | if (dinode == &lo->root && strcmp(name, "..") == 0) { | |
bfc50a6e | 1607 | e.attr.st_ino = lo->root.key.ino; |
752272da SH |
1608 | e.attr.st_mode = DT_DIR << 12; |
1609 | } | |
1610 | ||
7387863d | 1611 | if (plus) { |
752272da | 1612 | if (!is_dot_or_dotdot(name)) { |
7387863d DDAG |
1613 | err = lo_do_lookup(req, ino, name, &e); |
1614 | if (err) { | |
1615 | goto error; | |
1616 | } | |
1617 | entry_ino = e.ino; | |
1618 | } | |
1619 | ||
1620 | entsize = fuse_add_direntry_plus(req, p, rem, name, &e, nextoff); | |
1621 | } else { | |
752272da | 1622 | entsize = fuse_add_direntry(req, p, rem, name, &e.attr, nextoff); |
7387863d DDAG |
1623 | } |
1624 | if (entsize > rem) { | |
1625 | if (entry_ino != 0) { | |
1626 | lo_forget_one(req, entry_ino, 1); | |
1627 | } | |
1628 | break; | |
1629 | } | |
1630 | ||
1631 | p += entsize; | |
1632 | rem -= entsize; | |
1633 | ||
1634 | d->entry = NULL; | |
1635 | d->offset = nextoff; | |
1636 | } | |
7c6b6602 DDAG |
1637 | |
1638 | err = 0; | |
1639 | error: | |
acefdde7 | 1640 | lo_dirp_put(&d); |
c241aa94 | 1641 | lo_inode_put(lo, &dinode); |
acefdde7 | 1642 | |
7387863d DDAG |
1643 | /* |
1644 | * If there's an error, we can only signal it if we haven't stored | |
1645 | * any entries yet - otherwise we'd end up with wrong lookup | |
1646 | * counts for the entries that are already in the buffer. So we | |
1647 | * return what we've collected until that point. | |
1648 | */ | |
1649 | if (err && rem == size) { | |
1650 | fuse_reply_err(req, err); | |
1651 | } else { | |
1652 | fuse_reply_buf(req, buf, size - rem); | |
1653 | } | |
7c6b6602 DDAG |
1654 | free(buf); |
1655 | } | |
1656 | ||
1657 | static void lo_readdir(fuse_req_t req, fuse_ino_t ino, size_t size, | |
7387863d | 1658 | off_t offset, struct fuse_file_info *fi) |
7c6b6602 | 1659 | { |
7387863d | 1660 | lo_do_readdir(req, ino, size, offset, fi, 0); |
7c6b6602 DDAG |
1661 | } |
1662 | ||
1663 | static void lo_readdirplus(fuse_req_t req, fuse_ino_t ino, size_t size, | |
7387863d | 1664 | off_t offset, struct fuse_file_info *fi) |
7c6b6602 | 1665 | { |
7387863d | 1666 | lo_do_readdir(req, ino, size, offset, fi, 1); |
7c6b6602 DDAG |
1667 | } |
1668 | ||
7387863d DDAG |
1669 | static void lo_releasedir(fuse_req_t req, fuse_ino_t ino, |
1670 | struct fuse_file_info *fi) | |
7c6b6602 | 1671 | { |
b39bce12 | 1672 | struct lo_data *lo = lo_data(req); |
acefdde7 | 1673 | struct lo_map_elem *elem; |
b39bce12 SH |
1674 | struct lo_dirp *d; |
1675 | ||
7387863d | 1676 | (void)ino; |
b39bce12 | 1677 | |
acefdde7 SH |
1678 | pthread_mutex_lock(&lo->mutex); |
1679 | elem = lo_map_get(&lo->dirp_map, fi->fh); | |
1680 | if (!elem) { | |
1681 | pthread_mutex_unlock(&lo->mutex); | |
b39bce12 SH |
1682 | fuse_reply_err(req, EBADF); |
1683 | return; | |
1684 | } | |
1685 | ||
acefdde7 | 1686 | d = elem->dirp; |
b39bce12 SH |
1687 | lo_map_remove(&lo->dirp_map, fi->fh); |
1688 | pthread_mutex_unlock(&lo->mutex); | |
1689 | ||
acefdde7 SH |
1690 | lo_dirp_put(&d); /* paired with lo_opendir() */ |
1691 | ||
7387863d | 1692 | fuse_reply_err(req, 0); |
7c6b6602 DDAG |
1693 | } |
1694 | ||
1695 | static void lo_create(fuse_req_t req, fuse_ino_t parent, const char *name, | |
7387863d | 1696 | mode_t mode, struct fuse_file_info *fi) |
7c6b6602 | 1697 | { |
7387863d DDAG |
1698 | int fd; |
1699 | struct lo_data *lo = lo_data(req); | |
c241aa94 | 1700 | struct lo_inode *parent_inode; |
7387863d DDAG |
1701 | struct fuse_entry_param e; |
1702 | int err; | |
929cfb7a | 1703 | struct lo_cred old = {}; |
7387863d | 1704 | |
d240314a EG |
1705 | fuse_log(FUSE_LOG_DEBUG, "lo_create(parent=%" PRIu64 ", name=%s)\n", parent, |
1706 | name); | |
7387863d | 1707 | |
25dae28c SH |
1708 | if (!is_safe_path_component(name)) { |
1709 | fuse_reply_err(req, EINVAL); | |
1710 | return; | |
1711 | } | |
1712 | ||
c241aa94 SH |
1713 | parent_inode = lo_inode(req, parent); |
1714 | if (!parent_inode) { | |
1715 | fuse_reply_err(req, EBADF); | |
1716 | return; | |
1717 | } | |
1718 | ||
929cfb7a VG |
1719 | err = lo_change_cred(req, &old); |
1720 | if (err) { | |
1721 | goto out; | |
1722 | } | |
1723 | ||
65da4539 VG |
1724 | /* |
1725 | * O_DIRECT in guest should not necessarily mean bypassing page | |
1726 | * cache on host as well. If somebody needs that behavior, it | |
1727 | * probably should be a configuration knob in daemon. | |
1728 | */ | |
1729 | fi->flags &= ~O_DIRECT; | |
1730 | ||
c241aa94 | 1731 | fd = openat(parent_inode->fd, name, (fi->flags | O_CREAT) & ~O_NOFOLLOW, |
7387863d | 1732 | mode); |
929cfb7a VG |
1733 | err = fd == -1 ? errno : 0; |
1734 | lo_restore_cred(&old); | |
7387863d | 1735 | |
929cfb7a | 1736 | if (!err) { |
73b4d19d SH |
1737 | ssize_t fh; |
1738 | ||
1739 | pthread_mutex_lock(&lo->mutex); | |
1740 | fh = lo_add_fd_mapping(req, fd); | |
1741 | pthread_mutex_unlock(&lo->mutex); | |
1742 | if (fh == -1) { | |
1743 | close(fd); | |
c241aa94 SH |
1744 | err = ENOMEM; |
1745 | goto out; | |
73b4d19d SH |
1746 | } |
1747 | ||
1748 | fi->fh = fh; | |
929cfb7a VG |
1749 | err = lo_do_lookup(req, parent, name, &e); |
1750 | } | |
230e777b | 1751 | if (lo->cache == CACHE_NONE) { |
7387863d DDAG |
1752 | fi->direct_io = 1; |
1753 | } else if (lo->cache == CACHE_ALWAYS) { | |
1754 | fi->keep_cache = 1; | |
1755 | } | |
1756 | ||
929cfb7a | 1757 | out: |
c241aa94 SH |
1758 | lo_inode_put(lo, &parent_inode); |
1759 | ||
7387863d DDAG |
1760 | if (err) { |
1761 | fuse_reply_err(req, err); | |
1762 | } else { | |
1763 | fuse_reply_create(req, &e, fi); | |
1764 | } | |
7c6b6602 DDAG |
1765 | } |
1766 | ||
0e81414c VG |
1767 | /* Should be called with inode->plock_mutex held */ |
1768 | static struct lo_inode_plock *lookup_create_plock_ctx(struct lo_data *lo, | |
1769 | struct lo_inode *inode, | |
1770 | uint64_t lock_owner, | |
1771 | pid_t pid, int *err) | |
1772 | { | |
1773 | struct lo_inode_plock *plock; | |
1774 | char procname[64]; | |
1775 | int fd; | |
1776 | ||
1777 | plock = | |
1778 | g_hash_table_lookup(inode->posix_locks, GUINT_TO_POINTER(lock_owner)); | |
1779 | ||
1780 | if (plock) { | |
1781 | return plock; | |
1782 | } | |
1783 | ||
1784 | plock = malloc(sizeof(struct lo_inode_plock)); | |
1785 | if (!plock) { | |
1786 | *err = ENOMEM; | |
1787 | return NULL; | |
1788 | } | |
1789 | ||
1790 | /* Open another instance of file which can be used for ofd locks. */ | |
1791 | sprintf(procname, "%i", inode->fd); | |
1792 | ||
1793 | /* TODO: What if file is not writable? */ | |
1794 | fd = openat(lo->proc_self_fd, procname, O_RDWR); | |
1795 | if (fd == -1) { | |
1796 | *err = errno; | |
1797 | free(plock); | |
1798 | return NULL; | |
1799 | } | |
1800 | ||
1801 | plock->lock_owner = lock_owner; | |
1802 | plock->fd = fd; | |
1803 | g_hash_table_insert(inode->posix_locks, GUINT_TO_POINTER(plock->lock_owner), | |
1804 | plock); | |
1805 | return plock; | |
1806 | } | |
1807 | ||
1808 | static void lo_getlk(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi, | |
1809 | struct flock *lock) | |
1810 | { | |
1811 | struct lo_data *lo = lo_data(req); | |
1812 | struct lo_inode *inode; | |
1813 | struct lo_inode_plock *plock; | |
1814 | int ret, saverr = 0; | |
1815 | ||
1816 | fuse_log(FUSE_LOG_DEBUG, | |
1817 | "lo_getlk(ino=%" PRIu64 ", flags=%d)" | |
1818 | " owner=0x%lx, l_type=%d l_start=0x%lx" | |
1819 | " l_len=0x%lx\n", | |
1820 | ino, fi->flags, fi->lock_owner, lock->l_type, lock->l_start, | |
1821 | lock->l_len); | |
1822 | ||
1823 | inode = lo_inode(req, ino); | |
1824 | if (!inode) { | |
1825 | fuse_reply_err(req, EBADF); | |
1826 | return; | |
1827 | } | |
1828 | ||
1829 | pthread_mutex_lock(&inode->plock_mutex); | |
1830 | plock = | |
1831 | lookup_create_plock_ctx(lo, inode, fi->lock_owner, lock->l_pid, &ret); | |
1832 | if (!plock) { | |
c241aa94 SH |
1833 | saverr = ret; |
1834 | goto out; | |
0e81414c VG |
1835 | } |
1836 | ||
1837 | ret = fcntl(plock->fd, F_OFD_GETLK, lock); | |
1838 | if (ret == -1) { | |
1839 | saverr = errno; | |
1840 | } | |
c241aa94 SH |
1841 | |
1842 | out: | |
0e81414c | 1843 | pthread_mutex_unlock(&inode->plock_mutex); |
c241aa94 | 1844 | lo_inode_put(lo, &inode); |
0e81414c VG |
1845 | |
1846 | if (saverr) { | |
1847 | fuse_reply_err(req, saverr); | |
1848 | } else { | |
1849 | fuse_reply_lock(req, lock); | |
1850 | } | |
1851 | } | |
1852 | ||
1853 | static void lo_setlk(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi, | |
1854 | struct flock *lock, int sleep) | |
1855 | { | |
1856 | struct lo_data *lo = lo_data(req); | |
1857 | struct lo_inode *inode; | |
1858 | struct lo_inode_plock *plock; | |
1859 | int ret, saverr = 0; | |
1860 | ||
1861 | fuse_log(FUSE_LOG_DEBUG, | |
1862 | "lo_setlk(ino=%" PRIu64 ", flags=%d)" | |
1863 | " cmd=%d pid=%d owner=0x%lx sleep=%d l_whence=%d" | |
1864 | " l_start=0x%lx l_len=0x%lx\n", | |
1865 | ino, fi->flags, lock->l_type, lock->l_pid, fi->lock_owner, sleep, | |
1866 | lock->l_whence, lock->l_start, lock->l_len); | |
1867 | ||
1868 | if (sleep) { | |
1869 | fuse_reply_err(req, EOPNOTSUPP); | |
1870 | return; | |
1871 | } | |
1872 | ||
1873 | inode = lo_inode(req, ino); | |
1874 | if (!inode) { | |
1875 | fuse_reply_err(req, EBADF); | |
1876 | return; | |
1877 | } | |
1878 | ||
1879 | pthread_mutex_lock(&inode->plock_mutex); | |
1880 | plock = | |
1881 | lookup_create_plock_ctx(lo, inode, fi->lock_owner, lock->l_pid, &ret); | |
1882 | ||
1883 | if (!plock) { | |
c241aa94 SH |
1884 | saverr = ret; |
1885 | goto out; | |
0e81414c VG |
1886 | } |
1887 | ||
1888 | /* TODO: Is it alright to modify flock? */ | |
1889 | lock->l_pid = 0; | |
1890 | ret = fcntl(plock->fd, F_OFD_SETLK, lock); | |
1891 | if (ret == -1) { | |
1892 | saverr = errno; | |
1893 | } | |
c241aa94 SH |
1894 | |
1895 | out: | |
0e81414c | 1896 | pthread_mutex_unlock(&inode->plock_mutex); |
c241aa94 SH |
1897 | lo_inode_put(lo, &inode); |
1898 | ||
0e81414c VG |
1899 | fuse_reply_err(req, saverr); |
1900 | } | |
1901 | ||
7c6b6602 | 1902 | static void lo_fsyncdir(fuse_req_t req, fuse_ino_t ino, int datasync, |
7387863d | 1903 | struct fuse_file_info *fi) |
7c6b6602 | 1904 | { |
7387863d | 1905 | int res; |
b39bce12 SH |
1906 | struct lo_dirp *d; |
1907 | int fd; | |
1908 | ||
7387863d | 1909 | (void)ino; |
b39bce12 SH |
1910 | |
1911 | d = lo_dirp(req, fi); | |
1912 | if (!d) { | |
1913 | fuse_reply_err(req, EBADF); | |
1914 | return; | |
1915 | } | |
1916 | ||
1917 | fd = dirfd(d->dp); | |
7387863d DDAG |
1918 | if (datasync) { |
1919 | res = fdatasync(fd); | |
1920 | } else { | |
1921 | res = fsync(fd); | |
1922 | } | |
acefdde7 SH |
1923 | |
1924 | lo_dirp_put(&d); | |
1925 | ||
7387863d | 1926 | fuse_reply_err(req, res == -1 ? errno : 0); |
7c6b6602 DDAG |
1927 | } |
1928 | ||
1929 | static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi) | |
1930 | { | |
7387863d | 1931 | int fd; |
73b4d19d | 1932 | ssize_t fh; |
7387863d DDAG |
1933 | char buf[64]; |
1934 | struct lo_data *lo = lo_data(req); | |
1935 | ||
d240314a EG |
1936 | fuse_log(FUSE_LOG_DEBUG, "lo_open(ino=%" PRIu64 ", flags=%d)\n", ino, |
1937 | fi->flags); | |
7387863d DDAG |
1938 | |
1939 | /* | |
1940 | * With writeback cache, kernel may send read requests even | |
1941 | * when userspace opened write-only | |
1942 | */ | |
1943 | if (lo->writeback && (fi->flags & O_ACCMODE) == O_WRONLY) { | |
1944 | fi->flags &= ~O_ACCMODE; | |
1945 | fi->flags |= O_RDWR; | |
1946 | } | |
1947 | ||
1948 | /* | |
1949 | * With writeback cache, O_APPEND is handled by the kernel. | |
1950 | * This breaks atomicity (since the file may change in the | |
1951 | * underlying filesystem, so that the kernel's idea of the | |
1952 | * end of the file isn't accurate anymore). In this example, | |
1953 | * we just accept that. A more rigorous filesystem may want | |
1954 | * to return an error here | |
1955 | */ | |
1956 | if (lo->writeback && (fi->flags & O_APPEND)) { | |
1957 | fi->flags &= ~O_APPEND; | |
1958 | } | |
1959 | ||
65da4539 VG |
1960 | /* |
1961 | * O_DIRECT in guest should not necessarily mean bypassing page | |
1962 | * cache on host as well. If somebody needs that behavior, it | |
1963 | * probably should be a configuration knob in daemon. | |
1964 | */ | |
1965 | fi->flags &= ~O_DIRECT; | |
1966 | ||
9f59d175 SH |
1967 | sprintf(buf, "%i", lo_fd(req, ino)); |
1968 | fd = openat(lo->proc_self_fd, buf, fi->flags & ~O_NOFOLLOW); | |
7387863d DDAG |
1969 | if (fd == -1) { |
1970 | return (void)fuse_reply_err(req, errno); | |
1971 | } | |
1972 | ||
73b4d19d SH |
1973 | pthread_mutex_lock(&lo->mutex); |
1974 | fh = lo_add_fd_mapping(req, fd); | |
1975 | pthread_mutex_unlock(&lo->mutex); | |
1976 | if (fh == -1) { | |
1977 | close(fd); | |
1978 | fuse_reply_err(req, ENOMEM); | |
1979 | return; | |
1980 | } | |
1981 | ||
1982 | fi->fh = fh; | |
230e777b | 1983 | if (lo->cache == CACHE_NONE) { |
7387863d DDAG |
1984 | fi->direct_io = 1; |
1985 | } else if (lo->cache == CACHE_ALWAYS) { | |
1986 | fi->keep_cache = 1; | |
1987 | } | |
1988 | fuse_reply_open(req, fi); | |
7c6b6602 DDAG |
1989 | } |
1990 | ||
7387863d DDAG |
1991 | static void lo_release(fuse_req_t req, fuse_ino_t ino, |
1992 | struct fuse_file_info *fi) | |
7c6b6602 | 1993 | { |
73b4d19d | 1994 | struct lo_data *lo = lo_data(req); |
baed65c0 SH |
1995 | struct lo_map_elem *elem; |
1996 | int fd = -1; | |
73b4d19d | 1997 | |
7387863d | 1998 | (void)ino; |
7c6b6602 | 1999 | |
73b4d19d | 2000 | pthread_mutex_lock(&lo->mutex); |
baed65c0 SH |
2001 | elem = lo_map_get(&lo->fd_map, fi->fh); |
2002 | if (elem) { | |
2003 | fd = elem->fd; | |
2004 | elem = NULL; | |
2005 | lo_map_remove(&lo->fd_map, fi->fh); | |
2006 | } | |
73b4d19d SH |
2007 | pthread_mutex_unlock(&lo->mutex); |
2008 | ||
2009 | close(fd); | |
7387863d | 2010 | fuse_reply_err(req, 0); |
7c6b6602 DDAG |
2011 | } |
2012 | ||
2013 | static void lo_flush(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi) | |
2014 | { | |
7387863d DDAG |
2015 | int res; |
2016 | (void)ino; | |
0e81414c VG |
2017 | struct lo_inode *inode; |
2018 | ||
2019 | inode = lo_inode(req, ino); | |
2020 | if (!inode) { | |
2021 | fuse_reply_err(req, EBADF); | |
2022 | return; | |
2023 | } | |
2024 | ||
2025 | /* An fd is going away. Cleanup associated posix locks */ | |
2026 | pthread_mutex_lock(&inode->plock_mutex); | |
2027 | g_hash_table_remove(inode->posix_locks, GUINT_TO_POINTER(fi->lock_owner)); | |
2028 | pthread_mutex_unlock(&inode->plock_mutex); | |
2029 | ||
73b4d19d | 2030 | res = close(dup(lo_fi_fd(req, fi))); |
c241aa94 | 2031 | lo_inode_put(lo_data(req), &inode); |
7387863d | 2032 | fuse_reply_err(req, res == -1 ? errno : 0); |
7c6b6602 DDAG |
2033 | } |
2034 | ||
2035 | static void lo_fsync(fuse_req_t req, fuse_ino_t ino, int datasync, | |
7387863d | 2036 | struct fuse_file_info *fi) |
7c6b6602 | 2037 | { |
7387863d | 2038 | int res; |
1b209805 VG |
2039 | int fd; |
2040 | char *buf; | |
2041 | ||
2042 | fuse_log(FUSE_LOG_DEBUG, "lo_fsync(ino=%" PRIu64 ", fi=0x%p)\n", ino, | |
2043 | (void *)fi); | |
2044 | ||
2045 | if (!fi) { | |
9f59d175 SH |
2046 | struct lo_data *lo = lo_data(req); |
2047 | ||
2048 | res = asprintf(&buf, "%i", lo_fd(req, ino)); | |
1b209805 VG |
2049 | if (res == -1) { |
2050 | return (void)fuse_reply_err(req, errno); | |
2051 | } | |
2052 | ||
9f59d175 | 2053 | fd = openat(lo->proc_self_fd, buf, O_RDWR); |
1b209805 VG |
2054 | free(buf); |
2055 | if (fd == -1) { | |
2056 | return (void)fuse_reply_err(req, errno); | |
2057 | } | |
2058 | } else { | |
73b4d19d | 2059 | fd = lo_fi_fd(req, fi); |
1b209805 VG |
2060 | } |
2061 | ||
7387863d | 2062 | if (datasync) { |
1b209805 | 2063 | res = fdatasync(fd); |
7387863d | 2064 | } else { |
1b209805 VG |
2065 | res = fsync(fd); |
2066 | } | |
2067 | if (!fi) { | |
2068 | close(fd); | |
7387863d DDAG |
2069 | } |
2070 | fuse_reply_err(req, res == -1 ? errno : 0); | |
7c6b6602 DDAG |
2071 | } |
2072 | ||
7387863d DDAG |
2073 | static void lo_read(fuse_req_t req, fuse_ino_t ino, size_t size, off_t offset, |
2074 | struct fuse_file_info *fi) | |
7c6b6602 | 2075 | { |
7387863d | 2076 | struct fuse_bufvec buf = FUSE_BUFVEC_INIT(size); |
7c6b6602 | 2077 | |
d240314a EG |
2078 | fuse_log(FUSE_LOG_DEBUG, |
2079 | "lo_read(ino=%" PRIu64 ", size=%zd, " | |
2080 | "off=%lu)\n", | |
2081 | ino, size, (unsigned long)offset); | |
7c6b6602 | 2082 | |
7387863d | 2083 | buf.buf[0].flags = FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK; |
73b4d19d | 2084 | buf.buf[0].fd = lo_fi_fd(req, fi); |
7387863d | 2085 | buf.buf[0].pos = offset; |
7c6b6602 | 2086 | |
8c3fe75e | 2087 | fuse_reply_data(req, &buf); |
7c6b6602 DDAG |
2088 | } |
2089 | ||
2090 | static void lo_write_buf(fuse_req_t req, fuse_ino_t ino, | |
7387863d DDAG |
2091 | struct fuse_bufvec *in_buf, off_t off, |
2092 | struct fuse_file_info *fi) | |
7c6b6602 | 2093 | { |
7387863d DDAG |
2094 | (void)ino; |
2095 | ssize_t res; | |
2096 | struct fuse_bufvec out_buf = FUSE_BUFVEC_INIT(fuse_buf_size(in_buf)); | |
ee884652 | 2097 | bool cap_fsetid_dropped = false; |
7387863d DDAG |
2098 | |
2099 | out_buf.buf[0].flags = FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK; | |
73b4d19d | 2100 | out_buf.buf[0].fd = lo_fi_fd(req, fi); |
7387863d DDAG |
2101 | out_buf.buf[0].pos = off; |
2102 | ||
d240314a EG |
2103 | fuse_log(FUSE_LOG_DEBUG, |
2104 | "lo_write_buf(ino=%" PRIu64 ", size=%zd, off=%lu)\n", ino, | |
2105 | out_buf.buf[0].size, (unsigned long)off); | |
7387863d | 2106 | |
ee884652 VG |
2107 | /* |
2108 | * If kill_priv is set, drop CAP_FSETID which should lead to kernel | |
2109 | * clearing setuid/setgid on file. | |
2110 | */ | |
2111 | if (fi->kill_priv) { | |
2112 | res = drop_effective_cap("FSETID", &cap_fsetid_dropped); | |
2113 | if (res != 0) { | |
2114 | fuse_reply_err(req, res); | |
2115 | return; | |
2116 | } | |
2117 | } | |
2118 | ||
8c3fe75e | 2119 | res = fuse_buf_copy(&out_buf, in_buf); |
7387863d DDAG |
2120 | if (res < 0) { |
2121 | fuse_reply_err(req, -res); | |
2122 | } else { | |
2123 | fuse_reply_write(req, (size_t)res); | |
2124 | } | |
ee884652 VG |
2125 | |
2126 | if (cap_fsetid_dropped) { | |
2127 | res = gain_effective_cap("FSETID"); | |
2128 | if (res) { | |
2129 | fuse_log(FUSE_LOG_ERR, "Failed to gain CAP_FSETID\n"); | |
2130 | } | |
2131 | } | |
7c6b6602 DDAG |
2132 | } |
2133 | ||
2134 | static void lo_statfs(fuse_req_t req, fuse_ino_t ino) | |
2135 | { | |
7387863d DDAG |
2136 | int res; |
2137 | struct statvfs stbuf; | |
2138 | ||
2139 | res = fstatvfs(lo_fd(req, ino), &stbuf); | |
2140 | if (res == -1) { | |
2141 | fuse_reply_err(req, errno); | |
2142 | } else { | |
2143 | fuse_reply_statfs(req, &stbuf); | |
2144 | } | |
7c6b6602 DDAG |
2145 | } |
2146 | ||
7387863d DDAG |
2147 | static void lo_fallocate(fuse_req_t req, fuse_ino_t ino, int mode, off_t offset, |
2148 | off_t length, struct fuse_file_info *fi) | |
7c6b6602 | 2149 | { |
7387863d DDAG |
2150 | int err = EOPNOTSUPP; |
2151 | (void)ino; | |
7c6b6602 | 2152 | |
9776457c | 2153 | #ifdef CONFIG_FALLOCATE |
73b4d19d | 2154 | err = fallocate(lo_fi_fd(req, fi), mode, offset, length); |
7387863d DDAG |
2155 | if (err < 0) { |
2156 | err = errno; | |
2157 | } | |
7c6b6602 | 2158 | |
9776457c | 2159 | #elif defined(CONFIG_POSIX_FALLOCATE) |
7387863d DDAG |
2160 | if (mode) { |
2161 | fuse_reply_err(req, EOPNOTSUPP); | |
2162 | return; | |
2163 | } | |
7c6b6602 | 2164 | |
73b4d19d | 2165 | err = posix_fallocate(lo_fi_fd(req, fi), offset, length); |
7c6b6602 DDAG |
2166 | #endif |
2167 | ||
7387863d | 2168 | fuse_reply_err(req, err); |
7c6b6602 DDAG |
2169 | } |
2170 | ||
2171 | static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi, | |
7387863d | 2172 | int op) |
7c6b6602 | 2173 | { |
7387863d DDAG |
2174 | int res; |
2175 | (void)ino; | |
7c6b6602 | 2176 | |
73b4d19d | 2177 | res = flock(lo_fi_fd(req, fi), op); |
7c6b6602 | 2178 | |
7387863d | 2179 | fuse_reply_err(req, res == -1 ? errno : 0); |
7c6b6602 DDAG |
2180 | } |
2181 | ||
2182 | static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name, | |
7387863d | 2183 | size_t size) |
7c6b6602 | 2184 | { |
9f59d175 | 2185 | struct lo_data *lo = lo_data(req); |
7387863d DDAG |
2186 | char *value = NULL; |
2187 | char procname[64]; | |
92fb57b8 | 2188 | struct lo_inode *inode; |
7387863d DDAG |
2189 | ssize_t ret; |
2190 | int saverr; | |
9f59d175 | 2191 | int fd = -1; |
7387863d | 2192 | |
92fb57b8 SH |
2193 | inode = lo_inode(req, ino); |
2194 | if (!inode) { | |
2195 | fuse_reply_err(req, EBADF); | |
2196 | return; | |
2197 | } | |
2198 | ||
7387863d DDAG |
2199 | saverr = ENOSYS; |
2200 | if (!lo_data(req)->xattr) { | |
2201 | goto out; | |
2202 | } | |
2203 | ||
d240314a EG |
2204 | fuse_log(FUSE_LOG_DEBUG, "lo_getxattr(ino=%" PRIu64 ", name=%s size=%zd)\n", |
2205 | ino, name, size); | |
7387863d DDAG |
2206 | |
2207 | if (inode->is_symlink) { | |
2208 | /* Sorry, no race free way to getxattr on symlink. */ | |
2209 | saverr = EPERM; | |
2210 | goto out; | |
2211 | } | |
2212 | ||
9f59d175 SH |
2213 | sprintf(procname, "%i", inode->fd); |
2214 | fd = openat(lo->proc_self_fd, procname, O_RDONLY); | |
2215 | if (fd < 0) { | |
2216 | goto out_err; | |
2217 | } | |
7387863d DDAG |
2218 | |
2219 | if (size) { | |
2220 | value = malloc(size); | |
2221 | if (!value) { | |
2222 | goto out_err; | |
2223 | } | |
2224 | ||
9f59d175 | 2225 | ret = fgetxattr(fd, name, value, size); |
7387863d DDAG |
2226 | if (ret == -1) { |
2227 | goto out_err; | |
2228 | } | |
2229 | saverr = 0; | |
2230 | if (ret == 0) { | |
2231 | goto out; | |
2232 | } | |
2233 | ||
2234 | fuse_reply_buf(req, value, ret); | |
2235 | } else { | |
9f59d175 | 2236 | ret = fgetxattr(fd, name, NULL, 0); |
7387863d DDAG |
2237 | if (ret == -1) { |
2238 | goto out_err; | |
2239 | } | |
2240 | ||
2241 | fuse_reply_xattr(req, ret); | |
2242 | } | |
7c6b6602 | 2243 | out_free: |
7387863d | 2244 | free(value); |
9f59d175 SH |
2245 | |
2246 | if (fd >= 0) { | |
2247 | close(fd); | |
2248 | } | |
c241aa94 SH |
2249 | |
2250 | lo_inode_put(lo, &inode); | |
7387863d | 2251 | return; |
7c6b6602 DDAG |
2252 | |
2253 | out_err: | |
7387863d | 2254 | saverr = errno; |
7c6b6602 | 2255 | out: |
c241aa94 | 2256 | lo_inode_put(lo, &inode); |
7387863d DDAG |
2257 | fuse_reply_err(req, saverr); |
2258 | goto out_free; | |
7c6b6602 DDAG |
2259 | } |
2260 | ||
2261 | static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size) | |
2262 | { | |
9f59d175 | 2263 | struct lo_data *lo = lo_data(req); |
7387863d DDAG |
2264 | char *value = NULL; |
2265 | char procname[64]; | |
92fb57b8 | 2266 | struct lo_inode *inode; |
7387863d DDAG |
2267 | ssize_t ret; |
2268 | int saverr; | |
9f59d175 | 2269 | int fd = -1; |
7387863d | 2270 | |
92fb57b8 SH |
2271 | inode = lo_inode(req, ino); |
2272 | if (!inode) { | |
2273 | fuse_reply_err(req, EBADF); | |
2274 | return; | |
2275 | } | |
2276 | ||
7387863d DDAG |
2277 | saverr = ENOSYS; |
2278 | if (!lo_data(req)->xattr) { | |
2279 | goto out; | |
2280 | } | |
2281 | ||
d240314a EG |
2282 | fuse_log(FUSE_LOG_DEBUG, "lo_listxattr(ino=%" PRIu64 ", size=%zd)\n", ino, |
2283 | size); | |
7387863d DDAG |
2284 | |
2285 | if (inode->is_symlink) { | |
2286 | /* Sorry, no race free way to listxattr on symlink. */ | |
2287 | saverr = EPERM; | |
2288 | goto out; | |
2289 | } | |
2290 | ||
9f59d175 SH |
2291 | sprintf(procname, "%i", inode->fd); |
2292 | fd = openat(lo->proc_self_fd, procname, O_RDONLY); | |
2293 | if (fd < 0) { | |
2294 | goto out_err; | |
2295 | } | |
7387863d DDAG |
2296 | |
2297 | if (size) { | |
2298 | value = malloc(size); | |
2299 | if (!value) { | |
2300 | goto out_err; | |
2301 | } | |
2302 | ||
9f59d175 | 2303 | ret = flistxattr(fd, value, size); |
7387863d DDAG |
2304 | if (ret == -1) { |
2305 | goto out_err; | |
2306 | } | |
2307 | saverr = 0; | |
2308 | if (ret == 0) { | |
2309 | goto out; | |
2310 | } | |
2311 | ||
2312 | fuse_reply_buf(req, value, ret); | |
2313 | } else { | |
9f59d175 | 2314 | ret = flistxattr(fd, NULL, 0); |
7387863d DDAG |
2315 | if (ret == -1) { |
2316 | goto out_err; | |
2317 | } | |
2318 | ||
2319 | fuse_reply_xattr(req, ret); | |
2320 | } | |
7c6b6602 | 2321 | out_free: |
7387863d | 2322 | free(value); |
9f59d175 SH |
2323 | |
2324 | if (fd >= 0) { | |
2325 | close(fd); | |
2326 | } | |
c241aa94 SH |
2327 | |
2328 | lo_inode_put(lo, &inode); | |
7387863d | 2329 | return; |
7c6b6602 DDAG |
2330 | |
2331 | out_err: | |
7387863d | 2332 | saverr = errno; |
7c6b6602 | 2333 | out: |
c241aa94 | 2334 | lo_inode_put(lo, &inode); |
7387863d DDAG |
2335 | fuse_reply_err(req, saverr); |
2336 | goto out_free; | |
7c6b6602 DDAG |
2337 | } |
2338 | ||
2339 | static void lo_setxattr(fuse_req_t req, fuse_ino_t ino, const char *name, | |
7387863d | 2340 | const char *value, size_t size, int flags) |
7c6b6602 | 2341 | { |
7387863d | 2342 | char procname[64]; |
9f59d175 | 2343 | struct lo_data *lo = lo_data(req); |
92fb57b8 | 2344 | struct lo_inode *inode; |
7387863d DDAG |
2345 | ssize_t ret; |
2346 | int saverr; | |
9f59d175 | 2347 | int fd = -1; |
7c6b6602 | 2348 | |
92fb57b8 SH |
2349 | inode = lo_inode(req, ino); |
2350 | if (!inode) { | |
2351 | fuse_reply_err(req, EBADF); | |
2352 | return; | |
2353 | } | |
2354 | ||
7387863d DDAG |
2355 | saverr = ENOSYS; |
2356 | if (!lo_data(req)->xattr) { | |
2357 | goto out; | |
2358 | } | |
7c6b6602 | 2359 | |
d240314a EG |
2360 | fuse_log(FUSE_LOG_DEBUG, "lo_setxattr(ino=%" PRIu64 |
2361 | ", name=%s value=%s size=%zd)\n", ino, name, value, size); | |
7c6b6602 | 2362 | |
7387863d DDAG |
2363 | if (inode->is_symlink) { |
2364 | /* Sorry, no race free way to setxattr on symlink. */ | |
2365 | saverr = EPERM; | |
2366 | goto out; | |
2367 | } | |
7c6b6602 | 2368 | |
9f59d175 SH |
2369 | sprintf(procname, "%i", inode->fd); |
2370 | fd = openat(lo->proc_self_fd, procname, O_RDWR); | |
2371 | if (fd < 0) { | |
2372 | saverr = errno; | |
2373 | goto out; | |
2374 | } | |
7c6b6602 | 2375 | |
9f59d175 | 2376 | ret = fsetxattr(fd, name, value, size, flags); |
7387863d | 2377 | saverr = ret == -1 ? errno : 0; |
7c6b6602 DDAG |
2378 | |
2379 | out: | |
9f59d175 SH |
2380 | if (fd >= 0) { |
2381 | close(fd); | |
2382 | } | |
c241aa94 SH |
2383 | |
2384 | lo_inode_put(lo, &inode); | |
7387863d | 2385 | fuse_reply_err(req, saverr); |
7c6b6602 DDAG |
2386 | } |
2387 | ||
2388 | static void lo_removexattr(fuse_req_t req, fuse_ino_t ino, const char *name) | |
2389 | { | |
7387863d | 2390 | char procname[64]; |
9f59d175 | 2391 | struct lo_data *lo = lo_data(req); |
92fb57b8 | 2392 | struct lo_inode *inode; |
7387863d DDAG |
2393 | ssize_t ret; |
2394 | int saverr; | |
9f59d175 | 2395 | int fd = -1; |
7c6b6602 | 2396 | |
92fb57b8 SH |
2397 | inode = lo_inode(req, ino); |
2398 | if (!inode) { | |
2399 | fuse_reply_err(req, EBADF); | |
2400 | return; | |
2401 | } | |
2402 | ||
7387863d DDAG |
2403 | saverr = ENOSYS; |
2404 | if (!lo_data(req)->xattr) { | |
2405 | goto out; | |
2406 | } | |
7c6b6602 | 2407 | |
d240314a EG |
2408 | fuse_log(FUSE_LOG_DEBUG, "lo_removexattr(ino=%" PRIu64 ", name=%s)\n", ino, |
2409 | name); | |
7c6b6602 | 2410 | |
7387863d DDAG |
2411 | if (inode->is_symlink) { |
2412 | /* Sorry, no race free way to setxattr on symlink. */ | |
2413 | saverr = EPERM; | |
2414 | goto out; | |
2415 | } | |
7c6b6602 | 2416 | |
9f59d175 SH |
2417 | sprintf(procname, "%i", inode->fd); |
2418 | fd = openat(lo->proc_self_fd, procname, O_RDWR); | |
2419 | if (fd < 0) { | |
2420 | saverr = errno; | |
2421 | goto out; | |
2422 | } | |
7c6b6602 | 2423 | |
9f59d175 | 2424 | ret = fremovexattr(fd, name); |
7387863d | 2425 | saverr = ret == -1 ? errno : 0; |
7c6b6602 DDAG |
2426 | |
2427 | out: | |
9f59d175 SH |
2428 | if (fd >= 0) { |
2429 | close(fd); | |
2430 | } | |
c241aa94 SH |
2431 | |
2432 | lo_inode_put(lo, &inode); | |
7387863d | 2433 | fuse_reply_err(req, saverr); |
7c6b6602 DDAG |
2434 | } |
2435 | ||
2436 | #ifdef HAVE_COPY_FILE_RANGE | |
2437 | static void lo_copy_file_range(fuse_req_t req, fuse_ino_t ino_in, off_t off_in, | |
7387863d DDAG |
2438 | struct fuse_file_info *fi_in, fuse_ino_t ino_out, |
2439 | off_t off_out, struct fuse_file_info *fi_out, | |
2440 | size_t len, int flags) | |
7c6b6602 | 2441 | { |
73b4d19d | 2442 | int in_fd, out_fd; |
7387863d DDAG |
2443 | ssize_t res; |
2444 | ||
73b4d19d SH |
2445 | in_fd = lo_fi_fd(req, fi_in); |
2446 | out_fd = lo_fi_fd(req, fi_out); | |
2447 | ||
2448 | fuse_log(FUSE_LOG_DEBUG, | |
2449 | "lo_copy_file_range(ino=%" PRIu64 "/fd=%d, " | |
2450 | "off=%lu, ino=%" PRIu64 "/fd=%d, " | |
2451 | "off=%lu, size=%zd, flags=0x%x)\n", | |
2452 | ino_in, in_fd, off_in, ino_out, out_fd, off_out, len, flags); | |
7387863d | 2453 | |
73b4d19d | 2454 | res = copy_file_range(in_fd, &off_in, out_fd, &off_out, len, flags); |
7387863d DDAG |
2455 | if (res < 0) { |
2456 | fuse_reply_err(req, -errno); | |
2457 | } else { | |
2458 | fuse_reply_write(req, res); | |
2459 | } | |
7c6b6602 DDAG |
2460 | } |
2461 | #endif | |
2462 | ||
2463 | static void lo_lseek(fuse_req_t req, fuse_ino_t ino, off_t off, int whence, | |
7387863d | 2464 | struct fuse_file_info *fi) |
7c6b6602 | 2465 | { |
7387863d DDAG |
2466 | off_t res; |
2467 | ||
2468 | (void)ino; | |
73b4d19d | 2469 | res = lseek(lo_fi_fd(req, fi), off, whence); |
7387863d DDAG |
2470 | if (res != -1) { |
2471 | fuse_reply_lseek(req, res); | |
2472 | } else { | |
2473 | fuse_reply_err(req, errno); | |
2474 | } | |
7c6b6602 DDAG |
2475 | } |
2476 | ||
771b01eb DDAG |
2477 | static void lo_destroy(void *userdata) |
2478 | { | |
2479 | struct lo_data *lo = (struct lo_data *)userdata; | |
2480 | unref_all_inodes(lo); | |
2481 | } | |
2482 | ||
7c6b6602 | 2483 | static struct fuse_lowlevel_ops lo_oper = { |
7387863d DDAG |
2484 | .init = lo_init, |
2485 | .lookup = lo_lookup, | |
2486 | .mkdir = lo_mkdir, | |
2487 | .mknod = lo_mknod, | |
2488 | .symlink = lo_symlink, | |
2489 | .link = lo_link, | |
2490 | .unlink = lo_unlink, | |
2491 | .rmdir = lo_rmdir, | |
2492 | .rename = lo_rename, | |
2493 | .forget = lo_forget, | |
2494 | .forget_multi = lo_forget_multi, | |
2495 | .getattr = lo_getattr, | |
2496 | .setattr = lo_setattr, | |
2497 | .readlink = lo_readlink, | |
2498 | .opendir = lo_opendir, | |
2499 | .readdir = lo_readdir, | |
2500 | .readdirplus = lo_readdirplus, | |
2501 | .releasedir = lo_releasedir, | |
2502 | .fsyncdir = lo_fsyncdir, | |
2503 | .create = lo_create, | |
0e81414c VG |
2504 | .getlk = lo_getlk, |
2505 | .setlk = lo_setlk, | |
7387863d DDAG |
2506 | .open = lo_open, |
2507 | .release = lo_release, | |
2508 | .flush = lo_flush, | |
2509 | .fsync = lo_fsync, | |
2510 | .read = lo_read, | |
2511 | .write_buf = lo_write_buf, | |
2512 | .statfs = lo_statfs, | |
2513 | .fallocate = lo_fallocate, | |
2514 | .flock = lo_flock, | |
2515 | .getxattr = lo_getxattr, | |
2516 | .listxattr = lo_listxattr, | |
2517 | .setxattr = lo_setxattr, | |
2518 | .removexattr = lo_removexattr, | |
7c6b6602 | 2519 | #ifdef HAVE_COPY_FILE_RANGE |
7387863d | 2520 | .copy_file_range = lo_copy_file_range, |
7c6b6602 | 2521 | #endif |
7387863d | 2522 | .lseek = lo_lseek, |
771b01eb | 2523 | .destroy = lo_destroy, |
7c6b6602 DDAG |
2524 | }; |
2525 | ||
45018fbb SH |
2526 | /* Print vhost-user.json backend program capabilities */ |
2527 | static void print_capabilities(void) | |
2528 | { | |
2529 | printf("{\n"); | |
2530 | printf(" \"type\": \"fs\"\n"); | |
2531 | printf("}\n"); | |
2532 | } | |
2533 | ||
d74830d1 | 2534 | /* |
8e1d4ef2 | 2535 | * Move to a new mount, net, and pid namespaces to isolate this process. |
d74830d1 | 2536 | */ |
8e1d4ef2 | 2537 | static void setup_namespaces(struct lo_data *lo, struct fuse_session *se) |
d74830d1 | 2538 | { |
8e1d4ef2 SH |
2539 | pid_t child; |
2540 | ||
2541 | /* | |
2542 | * Create a new pid namespace for *child* processes. We'll have to | |
2543 | * fork in order to enter the new pid namespace. A new mount namespace | |
2544 | * is also needed so that we can remount /proc for the new pid | |
2545 | * namespace. | |
2546 | * | |
2547 | * Our UNIX domain sockets have been created. Now we can move to | |
2548 | * an empty network namespace to prevent TCP/IP and other network | |
2549 | * activity in case this process is compromised. | |
2550 | */ | |
2551 | if (unshare(CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWNET) != 0) { | |
2552 | fuse_log(FUSE_LOG_ERR, "unshare(CLONE_NEWPID | CLONE_NEWNS): %m\n"); | |
2553 | exit(1); | |
2554 | } | |
2555 | ||
2556 | child = fork(); | |
2557 | if (child < 0) { | |
2558 | fuse_log(FUSE_LOG_ERR, "fork() failed: %m\n"); | |
2559 | exit(1); | |
2560 | } | |
2561 | if (child > 0) { | |
2562 | pid_t waited; | |
2563 | int wstatus; | |
2564 | ||
2565 | /* The parent waits for the child */ | |
2566 | do { | |
2567 | waited = waitpid(child, &wstatus, 0); | |
2568 | } while (waited < 0 && errno == EINTR && !se->exited); | |
2569 | ||
2570 | /* We were terminated by a signal, see fuse_signals.c */ | |
2571 | if (se->exited) { | |
2572 | exit(0); | |
2573 | } | |
2574 | ||
2575 | if (WIFEXITED(wstatus)) { | |
2576 | exit(WEXITSTATUS(wstatus)); | |
2577 | } | |
2578 | ||
2579 | exit(1); | |
2580 | } | |
2581 | ||
2582 | /* Send us SIGTERM when the parent thread terminates, see prctl(2) */ | |
2583 | prctl(PR_SET_PDEATHSIG, SIGTERM); | |
2584 | ||
2585 | /* | |
2586 | * If the mounts have shared propagation then we want to opt out so our | |
2587 | * mount changes don't affect the parent mount namespace. | |
2588 | */ | |
2589 | if (mount(NULL, "/", NULL, MS_REC | MS_SLAVE, NULL) < 0) { | |
2590 | fuse_log(FUSE_LOG_ERR, "mount(/, MS_REC|MS_SLAVE): %m\n"); | |
2591 | exit(1); | |
2592 | } | |
2593 | ||
2594 | /* The child must remount /proc to use the new pid namespace */ | |
2595 | if (mount("proc", "/proc", "proc", | |
2596 | MS_NODEV | MS_NOEXEC | MS_NOSUID | MS_RELATIME, NULL) < 0) { | |
2597 | fuse_log(FUSE_LOG_ERR, "mount(/proc): %m\n"); | |
2598 | exit(1); | |
2599 | } | |
2600 | ||
2601 | /* Now we can get our /proc/self/fd directory file descriptor */ | |
2602 | lo->proc_self_fd = open("/proc/self/fd", O_PATH); | |
2603 | if (lo->proc_self_fd == -1) { | |
2604 | fuse_log(FUSE_LOG_ERR, "open(/proc/self/fd, O_PATH): %m\n"); | |
d74830d1 SH |
2605 | exit(1); |
2606 | } | |
2607 | } | |
2608 | ||
2405f3c0 DDAG |
2609 | /* |
2610 | * Capture the capability state, we'll need to restore this for individual | |
2611 | * threads later; see load_capng. | |
2612 | */ | |
2613 | static void setup_capng(void) | |
2614 | { | |
2615 | /* Note this accesses /proc so has to happen before the sandbox */ | |
2616 | if (capng_get_caps_process()) { | |
2617 | fuse_log(FUSE_LOG_ERR, "capng_get_caps_process\n"); | |
2618 | exit(1); | |
2619 | } | |
2620 | pthread_mutex_init(&cap.mutex, NULL); | |
2621 | pthread_mutex_lock(&cap.mutex); | |
2622 | cap.saved = capng_save_state(); | |
2623 | if (!cap.saved) { | |
2624 | fuse_log(FUSE_LOG_ERR, "capng_save_state\n"); | |
2625 | exit(1); | |
2626 | } | |
2627 | pthread_mutex_unlock(&cap.mutex); | |
2628 | } | |
2629 | ||
2630 | static void cleanup_capng(void) | |
2631 | { | |
2632 | free(cap.saved); | |
2633 | cap.saved = NULL; | |
2634 | pthread_mutex_destroy(&cap.mutex); | |
2635 | } | |
2636 | ||
2637 | ||
8e1d4ef2 SH |
2638 | /* |
2639 | * Make the source directory our root so symlinks cannot escape and no other | |
2640 | * files are accessible. Assumes unshare(CLONE_NEWNS) was already called. | |
2641 | */ | |
2642 | static void setup_mounts(const char *source) | |
5baa3b8e SH |
2643 | { |
2644 | int oldroot; | |
2645 | int newroot; | |
2646 | ||
8e1d4ef2 SH |
2647 | if (mount(source, source, NULL, MS_BIND, NULL) < 0) { |
2648 | fuse_log(FUSE_LOG_ERR, "mount(%s, %s, MS_BIND): %m\n", source, source); | |
2649 | exit(1); | |
2650 | } | |
2651 | ||
2652 | /* This magic is based on lxc's lxc_pivot_root() */ | |
5baa3b8e SH |
2653 | oldroot = open("/", O_DIRECTORY | O_RDONLY | O_CLOEXEC); |
2654 | if (oldroot < 0) { | |
2655 | fuse_log(FUSE_LOG_ERR, "open(/): %m\n"); | |
2656 | exit(1); | |
2657 | } | |
2658 | ||
2659 | newroot = open(source, O_DIRECTORY | O_RDONLY | O_CLOEXEC); | |
2660 | if (newroot < 0) { | |
2661 | fuse_log(FUSE_LOG_ERR, "open(%s): %m\n", source); | |
2662 | exit(1); | |
2663 | } | |
2664 | ||
2665 | if (fchdir(newroot) < 0) { | |
2666 | fuse_log(FUSE_LOG_ERR, "fchdir(newroot): %m\n"); | |
2667 | exit(1); | |
2668 | } | |
2669 | ||
2670 | if (syscall(__NR_pivot_root, ".", ".") < 0) { | |
2671 | fuse_log(FUSE_LOG_ERR, "pivot_root(., .): %m\n"); | |
2672 | exit(1); | |
2673 | } | |
2674 | ||
2675 | if (fchdir(oldroot) < 0) { | |
2676 | fuse_log(FUSE_LOG_ERR, "fchdir(oldroot): %m\n"); | |
2677 | exit(1); | |
2678 | } | |
2679 | ||
2680 | if (mount("", ".", "", MS_SLAVE | MS_REC, NULL) < 0) { | |
2681 | fuse_log(FUSE_LOG_ERR, "mount(., MS_SLAVE | MS_REC): %m\n"); | |
2682 | exit(1); | |
2683 | } | |
2684 | ||
2685 | if (umount2(".", MNT_DETACH) < 0) { | |
2686 | fuse_log(FUSE_LOG_ERR, "umount2(., MNT_DETACH): %m\n"); | |
2687 | exit(1); | |
2688 | } | |
2689 | ||
2690 | if (fchdir(newroot) < 0) { | |
2691 | fuse_log(FUSE_LOG_ERR, "fchdir(newroot): %m\n"); | |
2692 | exit(1); | |
2693 | } | |
2694 | ||
2695 | close(newroot); | |
2696 | close(oldroot); | |
2697 | } | |
2698 | ||
5baa3b8e SH |
2699 | /* |
2700 | * Lock down this process to prevent access to other processes or files outside | |
2701 | * source directory. This reduces the impact of arbitrary code execution bugs. | |
2702 | */ | |
f185621d SH |
2703 | static void setup_sandbox(struct lo_data *lo, struct fuse_session *se, |
2704 | bool enable_syslog) | |
5baa3b8e | 2705 | { |
8e1d4ef2 SH |
2706 | setup_namespaces(lo, se); |
2707 | setup_mounts(lo->source); | |
f185621d | 2708 | setup_seccomp(enable_syslog); |
5baa3b8e SH |
2709 | } |
2710 | ||
01a6dc95 SH |
2711 | /* Raise the maximum number of open file descriptors */ |
2712 | static void setup_nofile_rlimit(void) | |
2713 | { | |
2714 | const rlim_t max_fds = 1000000; | |
2715 | struct rlimit rlim; | |
2716 | ||
2717 | if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) { | |
2718 | fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n"); | |
2719 | exit(1); | |
2720 | } | |
2721 | ||
2722 | if (rlim.rlim_cur >= max_fds) { | |
2723 | return; /* nothing to do */ | |
2724 | } | |
2725 | ||
2726 | rlim.rlim_cur = max_fds; | |
2727 | rlim.rlim_max = max_fds; | |
2728 | ||
2729 | if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) { | |
2730 | /* Ignore SELinux denials */ | |
2731 | if (errno == EPERM) { | |
2732 | return; | |
2733 | } | |
2734 | ||
2735 | fuse_log(FUSE_LOG_ERR, "setrlimit(RLIMIT_NOFILE): %m\n"); | |
2736 | exit(1); | |
2737 | } | |
2738 | } | |
2739 | ||
f185621d SH |
2740 | static void log_func(enum fuse_log_level level, const char *fmt, va_list ap) |
2741 | { | |
36f38469 MM |
2742 | g_autofree char *localfmt = NULL; |
2743 | ||
d240314a EG |
2744 | if (current_log_level < level) { |
2745 | return; | |
2746 | } | |
2747 | ||
36f38469 | 2748 | if (current_log_level == FUSE_LOG_DEBUG) { |
50fb955a MM |
2749 | if (!use_syslog) { |
2750 | localfmt = g_strdup_printf("[%" PRId64 "] [ID: %08ld] %s", | |
2751 | get_clock(), syscall(__NR_gettid), fmt); | |
2752 | } else { | |
2753 | localfmt = g_strdup_printf("[ID: %08ld] %s", syscall(__NR_gettid), | |
2754 | fmt); | |
2755 | } | |
36f38469 MM |
2756 | fmt = localfmt; |
2757 | } | |
2758 | ||
f185621d SH |
2759 | if (use_syslog) { |
2760 | int priority = LOG_ERR; | |
2761 | switch (level) { | |
2762 | case FUSE_LOG_EMERG: | |
2763 | priority = LOG_EMERG; | |
2764 | break; | |
2765 | case FUSE_LOG_ALERT: | |
2766 | priority = LOG_ALERT; | |
2767 | break; | |
2768 | case FUSE_LOG_CRIT: | |
2769 | priority = LOG_CRIT; | |
2770 | break; | |
2771 | case FUSE_LOG_ERR: | |
2772 | priority = LOG_ERR; | |
2773 | break; | |
2774 | case FUSE_LOG_WARNING: | |
2775 | priority = LOG_WARNING; | |
2776 | break; | |
2777 | case FUSE_LOG_NOTICE: | |
2778 | priority = LOG_NOTICE; | |
2779 | break; | |
2780 | case FUSE_LOG_INFO: | |
2781 | priority = LOG_INFO; | |
2782 | break; | |
2783 | case FUSE_LOG_DEBUG: | |
2784 | priority = LOG_DEBUG; | |
2785 | break; | |
2786 | } | |
2787 | vsyslog(priority, fmt, ap); | |
2788 | } else { | |
2789 | vfprintf(stderr, fmt, ap); | |
2790 | } | |
2791 | } | |
2792 | ||
3ca8a2b1 MS |
2793 | static void setup_root(struct lo_data *lo, struct lo_inode *root) |
2794 | { | |
2795 | int fd, res; | |
2796 | struct stat stat; | |
2797 | ||
2798 | fd = open("/", O_PATH); | |
2799 | if (fd == -1) { | |
2800 | fuse_log(FUSE_LOG_ERR, "open(%s, O_PATH): %m\n", lo->source); | |
2801 | exit(1); | |
2802 | } | |
2803 | ||
2804 | res = fstatat(fd, "", &stat, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW); | |
2805 | if (res == -1) { | |
2806 | fuse_log(FUSE_LOG_ERR, "fstatat(%s): %m\n", lo->source); | |
2807 | exit(1); | |
2808 | } | |
2809 | ||
2810 | root->is_symlink = false; | |
2811 | root->fd = fd; | |
bfc50a6e MS |
2812 | root->key.ino = stat.st_ino; |
2813 | root->key.dev = stat.st_dev; | |
1222f015 | 2814 | root->nlookup = 2; |
c241aa94 | 2815 | g_atomic_int_set(&root->refcount, 2); |
3ca8a2b1 MS |
2816 | } |
2817 | ||
bfc50a6e MS |
2818 | static guint lo_key_hash(gconstpointer key) |
2819 | { | |
2820 | const struct lo_key *lkey = key; | |
2821 | ||
2822 | return (guint)lkey->ino + (guint)lkey->dev; | |
2823 | } | |
2824 | ||
2825 | static gboolean lo_key_equal(gconstpointer a, gconstpointer b) | |
2826 | { | |
2827 | const struct lo_key *la = a; | |
2828 | const struct lo_key *lb = b; | |
2829 | ||
2830 | return la->ino == lb->ino && la->dev == lb->dev; | |
2831 | } | |
2832 | ||
18a69cbb LB |
2833 | static void fuse_lo_data_cleanup(struct lo_data *lo) |
2834 | { | |
2835 | if (lo->inodes) { | |
2836 | g_hash_table_destroy(lo->inodes); | |
2837 | } | |
2838 | lo_map_destroy(&lo->fd_map); | |
2839 | lo_map_destroy(&lo->dirp_map); | |
2840 | lo_map_destroy(&lo->ino_map); | |
2841 | ||
2842 | if (lo->proc_self_fd >= 0) { | |
2843 | close(lo->proc_self_fd); | |
2844 | } | |
2845 | ||
2846 | if (lo->root.fd >= 0) { | |
2847 | close(lo->root.fd); | |
2848 | } | |
2849 | ||
2850 | free(lo->source); | |
2851 | } | |
2852 | ||
7c6b6602 DDAG |
2853 | int main(int argc, char *argv[]) |
2854 | { | |
7387863d DDAG |
2855 | struct fuse_args args = FUSE_ARGS_INIT(argc, argv); |
2856 | struct fuse_session *se; | |
2857 | struct fuse_cmdline_opts opts; | |
9f59d175 SH |
2858 | struct lo_data lo = { |
2859 | .debug = 0, | |
2860 | .writeback = 0, | |
0e81414c | 2861 | .posix_lock = 1, |
9f59d175 SH |
2862 | .proc_self_fd = -1, |
2863 | }; | |
92fb57b8 | 2864 | struct lo_map_elem *root_elem; |
7387863d DDAG |
2865 | int ret = -1; |
2866 | ||
2867 | /* Don't mask creation mode, kernel already did that */ | |
2868 | umask(0); | |
2869 | ||
2870 | pthread_mutex_init(&lo.mutex, NULL); | |
bfc50a6e | 2871 | lo.inodes = g_hash_table_new(lo_key_hash, lo_key_equal); |
7387863d | 2872 | lo.root.fd = -1; |
92fb57b8 | 2873 | lo.root.fuse_ino = FUSE_ROOT_ID; |
230e777b | 2874 | lo.cache = CACHE_AUTO; |
7387863d | 2875 | |
92fb57b8 SH |
2876 | /* |
2877 | * Set up the ino map like this: | |
2878 | * [0] Reserved (will not be used) | |
2879 | * [1] Root inode | |
2880 | */ | |
2881 | lo_map_init(&lo.ino_map); | |
2882 | lo_map_reserve(&lo.ino_map, 0)->in_use = false; | |
2883 | root_elem = lo_map_reserve(&lo.ino_map, lo.root.fuse_ino); | |
2884 | root_elem->inode = &lo.root; | |
2885 | ||
b39bce12 | 2886 | lo_map_init(&lo.dirp_map); |
73b4d19d | 2887 | lo_map_init(&lo.fd_map); |
b39bce12 | 2888 | |
7387863d | 2889 | if (fuse_parse_cmdline(&args, &opts) != 0) { |
c6de8046 | 2890 | goto err_out1; |
7387863d | 2891 | } |
f185621d SH |
2892 | fuse_set_log_func(log_func); |
2893 | use_syslog = opts.syslog; | |
2894 | if (use_syslog) { | |
2895 | openlog("virtiofsd", LOG_PID, LOG_DAEMON); | |
2896 | } | |
c6de8046 | 2897 | |
7387863d | 2898 | if (opts.show_help) { |
67aab022 | 2899 | printf("usage: %s [options]\n\n", argv[0]); |
7387863d | 2900 | fuse_cmdline_help(); |
4ff075f7 | 2901 | printf(" -o source=PATH shared directory tree\n"); |
7387863d DDAG |
2902 | fuse_lowlevel_help(); |
2903 | ret = 0; | |
2904 | goto err_out1; | |
2905 | } else if (opts.show_version) { | |
2906 | fuse_lowlevel_version(); | |
2907 | ret = 0; | |
2908 | goto err_out1; | |
45018fbb SH |
2909 | } else if (opts.print_capabilities) { |
2910 | print_capabilities(); | |
2911 | ret = 0; | |
2912 | goto err_out1; | |
7387863d DDAG |
2913 | } |
2914 | ||
7387863d | 2915 | if (fuse_opt_parse(&args, &lo, lo_opts, NULL) == -1) { |
c6de8046 | 2916 | goto err_out1; |
7387863d DDAG |
2917 | } |
2918 | ||
d240314a EG |
2919 | /* |
2920 | * log_level is 0 if not configured via cmd options (0 is LOG_EMERG, | |
2921 | * and we don't use this log level). | |
2922 | */ | |
2923 | if (opts.log_level != 0) { | |
2924 | current_log_level = opts.log_level; | |
2925 | } | |
7387863d | 2926 | lo.debug = opts.debug; |
d240314a EG |
2927 | if (lo.debug) { |
2928 | current_log_level = FUSE_LOG_DEBUG; | |
2929 | } | |
7387863d DDAG |
2930 | if (lo.source) { |
2931 | struct stat stat; | |
2932 | int res; | |
2933 | ||
2934 | res = lstat(lo.source, &stat); | |
2935 | if (res == -1) { | |
2936 | fuse_log(FUSE_LOG_ERR, "failed to stat source (\"%s\"): %m\n", | |
2937 | lo.source); | |
2938 | exit(1); | |
2939 | } | |
2940 | if (!S_ISDIR(stat.st_mode)) { | |
2941 | fuse_log(FUSE_LOG_ERR, "source is not a directory\n"); | |
2942 | exit(1); | |
2943 | } | |
7387863d | 2944 | } else { |
eb68a33b | 2945 | lo.source = strdup("/"); |
7387863d | 2946 | } |
7387863d DDAG |
2947 | if (!lo.timeout_set) { |
2948 | switch (lo.cache) { | |
230e777b | 2949 | case CACHE_NONE: |
7387863d DDAG |
2950 | lo.timeout = 0.0; |
2951 | break; | |
2952 | ||
230e777b | 2953 | case CACHE_AUTO: |
7387863d DDAG |
2954 | lo.timeout = 1.0; |
2955 | break; | |
2956 | ||
2957 | case CACHE_ALWAYS: | |
2958 | lo.timeout = 86400.0; | |
2959 | break; | |
2960 | } | |
2961 | } else if (lo.timeout < 0) { | |
2962 | fuse_log(FUSE_LOG_ERR, "timeout is negative (%lf)\n", lo.timeout); | |
2963 | exit(1); | |
2964 | } | |
2965 | ||
7387863d DDAG |
2966 | se = fuse_session_new(&args, &lo_oper, sizeof(lo_oper), &lo); |
2967 | if (se == NULL) { | |
2968 | goto err_out1; | |
2969 | } | |
2970 | ||
2971 | if (fuse_set_signal_handlers(se) != 0) { | |
2972 | goto err_out2; | |
2973 | } | |
2974 | ||
67aab022 | 2975 | if (fuse_session_mount(se) != 0) { |
7387863d DDAG |
2976 | goto err_out3; |
2977 | } | |
2978 | ||
2979 | fuse_daemonize(opts.foreground); | |
2980 | ||
01a6dc95 SH |
2981 | setup_nofile_rlimit(); |
2982 | ||
2405f3c0 DDAG |
2983 | /* Must be before sandbox since it wants /proc */ |
2984 | setup_capng(); | |
2985 | ||
f185621d | 2986 | setup_sandbox(&lo, se, opts.syslog); |
5baa3b8e | 2987 | |
3ca8a2b1 | 2988 | setup_root(&lo, &lo.root); |
7387863d | 2989 | /* Block until ctrl+c or fusermount -u */ |
f6f3573c | 2990 | ret = virtio_loop(se); |
7387863d DDAG |
2991 | |
2992 | fuse_session_unmount(se); | |
2405f3c0 | 2993 | cleanup_capng(); |
7c6b6602 | 2994 | err_out3: |
7387863d | 2995 | fuse_remove_signal_handlers(se); |
7c6b6602 | 2996 | err_out2: |
7387863d | 2997 | fuse_session_destroy(se); |
7c6b6602 | 2998 | err_out1: |
7387863d | 2999 | fuse_opt_free_args(&args); |
7c6b6602 | 3000 | |
18a69cbb | 3001 | fuse_lo_data_cleanup(&lo); |
eb68a33b | 3002 | |
7387863d | 3003 | return ret ? 1 : 0; |
7c6b6602 | 3004 | } |