]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - fs/fuse/dir.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fuse: set FR_SENT while locked
[mirror_ubuntu-bionic-kernel.git] / fs / fuse / dir.c
1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
16 #include <linux/xattr.h>
17 #include <linux/posix_acl.h>
18
19 static bool fuse_use_readdirplus(struct inode *dir, struct dir_context *ctx)
20 {
21 struct fuse_conn *fc = get_fuse_conn(dir);
22 struct fuse_inode *fi = get_fuse_inode(dir);
23
24 if (!fc->do_readdirplus)
25 return false;
26 if (!fc->readdirplus_auto)
27 return true;
28 if (test_and_clear_bit(FUSE_I_ADVISE_RDPLUS, &fi->state))
29 return true;
30 if (ctx->pos == 0)
31 return true;
32 return false;
33 }
34
35 static void fuse_advise_use_readdirplus(struct inode *dir)
36 {
37 struct fuse_inode *fi = get_fuse_inode(dir);
38
39 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
40 }
41
42 union fuse_dentry {
43 u64 time;
44 struct rcu_head rcu;
45 };
46
47 static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
48 {
49 ((union fuse_dentry *) entry->d_fsdata)->time = time;
50 }
51
52 static inline u64 fuse_dentry_time(struct dentry *entry)
53 {
54 return ((union fuse_dentry *) entry->d_fsdata)->time;
55 }
56
57 /*
58 * FUSE caches dentries and attributes with separate timeout. The
59 * time in jiffies until the dentry/attributes are valid is stored in
60 * dentry->d_fsdata and fuse_inode->i_time respectively.
61 */
62
63 /*
64 * Calculate the time in jiffies until a dentry/attributes are valid
65 */
66 static u64 time_to_jiffies(u64 sec, u32 nsec)
67 {
68 if (sec || nsec) {
69 struct timespec64 ts = {
70 sec,
71 min_t(u32, nsec, NSEC_PER_SEC - 1)
72 };
73
74 return get_jiffies_64() + timespec64_to_jiffies(&ts);
75 } else
76 return 0;
77 }
78
79 /*
80 * Set dentry and possibly attribute timeouts from the lookup/mk*
81 * replies
82 */
83 static void fuse_change_entry_timeout(struct dentry *entry,
84 struct fuse_entry_out *o)
85 {
86 fuse_dentry_settime(entry,
87 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
88 }
89
90 static u64 attr_timeout(struct fuse_attr_out *o)
91 {
92 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
93 }
94
95 static u64 entry_attr_timeout(struct fuse_entry_out *o)
96 {
97 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
98 }
99
100 /*
101 * Mark the attributes as stale, so that at the next call to
102 * ->getattr() they will be fetched from userspace
103 */
104 void fuse_invalidate_attr(struct inode *inode)
105 {
106 get_fuse_inode(inode)->i_time = 0;
107 }
108
109 /**
110 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
111 * atime is not used.
112 */
113 void fuse_invalidate_atime(struct inode *inode)
114 {
115 if (!IS_RDONLY(inode))
116 fuse_invalidate_attr(inode);
117 }
118
119 /*
120 * Just mark the entry as stale, so that a next attempt to look it up
121 * will result in a new lookup call to userspace
122 *
123 * This is called when a dentry is about to become negative and the
124 * timeout is unknown (unlink, rmdir, rename and in some cases
125 * lookup)
126 */
127 void fuse_invalidate_entry_cache(struct dentry *entry)
128 {
129 fuse_dentry_settime(entry, 0);
130 }
131
132 /*
133 * Same as fuse_invalidate_entry_cache(), but also try to remove the
134 * dentry from the hash
135 */
136 static void fuse_invalidate_entry(struct dentry *entry)
137 {
138 d_invalidate(entry);
139 fuse_invalidate_entry_cache(entry);
140 }
141
142 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
143 u64 nodeid, const struct qstr *name,
144 struct fuse_entry_out *outarg)
145 {
146 memset(outarg, 0, sizeof(struct fuse_entry_out));
147 args->in.h.opcode = FUSE_LOOKUP;
148 args->in.h.nodeid = nodeid;
149 args->in.numargs = 1;
150 args->in.args[0].size = name->len + 1;
151 args->in.args[0].value = name->name;
152 args->out.numargs = 1;
153 args->out.args[0].size = sizeof(struct fuse_entry_out);
154 args->out.args[0].value = outarg;
155 }
156
157 u64 fuse_get_attr_version(struct fuse_conn *fc)
158 {
159 u64 curr_version;
160
161 /*
162 * The spin lock isn't actually needed on 64bit archs, but we
163 * don't yet care too much about such optimizations.
164 */
165 spin_lock(&fc->lock);
166 curr_version = fc->attr_version;
167 spin_unlock(&fc->lock);
168
169 return curr_version;
170 }
171
172 /*
173 * Check whether the dentry is still valid
174 *
175 * If the entry validity timeout has expired and the dentry is
176 * positive, try to redo the lookup. If the lookup results in a
177 * different inode, then let the VFS invalidate the dentry and redo
178 * the lookup once more. If the lookup results in the same inode,
179 * then refresh the attributes, timeouts and mark the dentry valid.
180 */
181 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
182 {
183 struct inode *inode;
184 struct dentry *parent;
185 struct fuse_conn *fc;
186 struct fuse_inode *fi;
187 int ret;
188
189 inode = d_inode_rcu(entry);
190 if (inode && is_bad_inode(inode))
191 goto invalid;
192 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
193 (flags & LOOKUP_REVAL)) {
194 struct fuse_entry_out outarg;
195 FUSE_ARGS(args);
196 struct fuse_forget_link *forget;
197 u64 attr_version;
198
199 /* For negative dentries, always do a fresh lookup */
200 if (!inode)
201 goto invalid;
202
203 ret = -ECHILD;
204 if (flags & LOOKUP_RCU)
205 goto out;
206
207 fc = get_fuse_conn(inode);
208
209 forget = fuse_alloc_forget();
210 ret = -ENOMEM;
211 if (!forget)
212 goto out;
213
214 attr_version = fuse_get_attr_version(fc);
215
216 parent = dget_parent(entry);
217 fuse_lookup_init(fc, &args, get_node_id(d_inode(parent)),
218 &entry->d_name, &outarg);
219 ret = fuse_simple_request(fc, &args);
220 dput(parent);
221 /* Zero nodeid is same as -ENOENT */
222 if (!ret && !outarg.nodeid)
223 ret = -ENOENT;
224 if (!ret) {
225 fi = get_fuse_inode(inode);
226 if (outarg.nodeid != get_node_id(inode)) {
227 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
228 goto invalid;
229 }
230 spin_lock(&fc->lock);
231 fi->nlookup++;
232 spin_unlock(&fc->lock);
233 }
234 kfree(forget);
235 if (ret == -ENOMEM)
236 goto out;
237 if (ret || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
238 goto invalid;
239
240 forget_all_cached_acls(inode);
241 fuse_change_attributes(inode, &outarg.attr,
242 entry_attr_timeout(&outarg),
243 attr_version);
244 fuse_change_entry_timeout(entry, &outarg);
245 } else if (inode) {
246 fi = get_fuse_inode(inode);
247 if (flags & LOOKUP_RCU) {
248 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
249 return -ECHILD;
250 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
251 parent = dget_parent(entry);
252 fuse_advise_use_readdirplus(d_inode(parent));
253 dput(parent);
254 }
255 }
256 ret = 1;
257 out:
258 return ret;
259
260 invalid:
261 ret = 0;
262 goto out;
263 }
264
265 static int invalid_nodeid(u64 nodeid)
266 {
267 return !nodeid || nodeid == FUSE_ROOT_ID;
268 }
269
270 static int fuse_dentry_init(struct dentry *dentry)
271 {
272 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry), GFP_KERNEL);
273
274 return dentry->d_fsdata ? 0 : -ENOMEM;
275 }
276 static void fuse_dentry_release(struct dentry *dentry)
277 {
278 union fuse_dentry *fd = dentry->d_fsdata;
279
280 kfree_rcu(fd, rcu);
281 }
282
283 const struct dentry_operations fuse_dentry_operations = {
284 .d_revalidate = fuse_dentry_revalidate,
285 .d_init = fuse_dentry_init,
286 .d_release = fuse_dentry_release,
287 };
288
289 const struct dentry_operations fuse_root_dentry_operations = {
290 .d_init = fuse_dentry_init,
291 .d_release = fuse_dentry_release,
292 };
293
294 int fuse_valid_type(int m)
295 {
296 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
297 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
298 }
299
300 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
301 struct fuse_entry_out *outarg, struct inode **inode)
302 {
303 struct fuse_conn *fc = get_fuse_conn_super(sb);
304 FUSE_ARGS(args);
305 struct fuse_forget_link *forget;
306 u64 attr_version;
307 int err;
308
309 *inode = NULL;
310 err = -ENAMETOOLONG;
311 if (name->len > FUSE_NAME_MAX)
312 goto out;
313
314
315 forget = fuse_alloc_forget();
316 err = -ENOMEM;
317 if (!forget)
318 goto out;
319
320 attr_version = fuse_get_attr_version(fc);
321
322 fuse_lookup_init(fc, &args, nodeid, name, outarg);
323 err = fuse_simple_request(fc, &args);
324 /* Zero nodeid is same as -ENOENT, but with valid timeout */
325 if (err || !outarg->nodeid)
326 goto out_put_forget;
327
328 err = -EIO;
329 if (!outarg->nodeid)
330 goto out_put_forget;
331 if (!fuse_valid_type(outarg->attr.mode))
332 goto out_put_forget;
333
334 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
335 &outarg->attr, entry_attr_timeout(outarg),
336 attr_version);
337 err = -ENOMEM;
338 if (!*inode) {
339 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
340 goto out;
341 }
342 err = 0;
343
344 out_put_forget:
345 kfree(forget);
346 out:
347 return err;
348 }
349
350 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
351 unsigned int flags)
352 {
353 int err;
354 struct fuse_entry_out outarg;
355 struct inode *inode;
356 struct dentry *newent;
357 bool outarg_valid = true;
358 bool locked;
359
360 locked = fuse_lock_inode(dir);
361 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
362 &outarg, &inode);
363 fuse_unlock_inode(dir, locked);
364 if (err == -ENOENT) {
365 outarg_valid = false;
366 err = 0;
367 }
368 if (err)
369 goto out_err;
370
371 err = -EIO;
372 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
373 goto out_iput;
374
375 newent = d_splice_alias(inode, entry);
376 err = PTR_ERR(newent);
377 if (IS_ERR(newent))
378 goto out_err;
379
380 entry = newent ? newent : entry;
381 if (outarg_valid)
382 fuse_change_entry_timeout(entry, &outarg);
383 else
384 fuse_invalidate_entry_cache(entry);
385
386 fuse_advise_use_readdirplus(dir);
387 return newent;
388
389 out_iput:
390 iput(inode);
391 out_err:
392 return ERR_PTR(err);
393 }
394
395 /*
396 * Atomic create+open operation
397 *
398 * If the filesystem doesn't support this, then fall back to separate
399 * 'mknod' + 'open' requests.
400 */
401 static int fuse_create_open(struct inode *dir, struct dentry *entry,
402 struct file *file, unsigned flags,
403 umode_t mode, int *opened)
404 {
405 int err;
406 struct inode *inode;
407 struct fuse_conn *fc = get_fuse_conn(dir);
408 FUSE_ARGS(args);
409 struct fuse_forget_link *forget;
410 struct fuse_create_in inarg;
411 struct fuse_open_out outopen;
412 struct fuse_entry_out outentry;
413 struct fuse_file *ff;
414
415 /* Userspace expects S_IFREG in create mode */
416 BUG_ON((mode & S_IFMT) != S_IFREG);
417
418 forget = fuse_alloc_forget();
419 err = -ENOMEM;
420 if (!forget)
421 goto out_err;
422
423 err = -ENOMEM;
424 ff = fuse_file_alloc(fc);
425 if (!ff)
426 goto out_put_forget_req;
427
428 if (!fc->dont_mask)
429 mode &= ~current_umask();
430
431 flags &= ~O_NOCTTY;
432 memset(&inarg, 0, sizeof(inarg));
433 memset(&outentry, 0, sizeof(outentry));
434 inarg.flags = flags;
435 inarg.mode = mode;
436 inarg.umask = current_umask();
437 args.in.h.opcode = FUSE_CREATE;
438 args.in.h.nodeid = get_node_id(dir);
439 args.in.numargs = 2;
440 args.in.args[0].size = sizeof(inarg);
441 args.in.args[0].value = &inarg;
442 args.in.args[1].size = entry->d_name.len + 1;
443 args.in.args[1].value = entry->d_name.name;
444 args.out.numargs = 2;
445 args.out.args[0].size = sizeof(outentry);
446 args.out.args[0].value = &outentry;
447 args.out.args[1].size = sizeof(outopen);
448 args.out.args[1].value = &outopen;
449 err = fuse_simple_request(fc, &args);
450 if (err)
451 goto out_free_ff;
452
453 err = -EIO;
454 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
455 goto out_free_ff;
456
457 ff->fh = outopen.fh;
458 ff->nodeid = outentry.nodeid;
459 ff->open_flags = outopen.open_flags;
460 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
461 &outentry.attr, entry_attr_timeout(&outentry), 0);
462 if (!inode) {
463 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
464 fuse_sync_release(ff, flags);
465 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
466 err = -ENOMEM;
467 goto out_err;
468 }
469 kfree(forget);
470 d_instantiate(entry, inode);
471 fuse_change_entry_timeout(entry, &outentry);
472 fuse_invalidate_attr(dir);
473 err = finish_open(file, entry, generic_file_open, opened);
474 if (err) {
475 fuse_sync_release(ff, flags);
476 } else {
477 file->private_data = ff;
478 fuse_finish_open(inode, file);
479 }
480 return err;
481
482 out_free_ff:
483 fuse_file_free(ff);
484 out_put_forget_req:
485 kfree(forget);
486 out_err:
487 return err;
488 }
489
490 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
491 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
492 struct file *file, unsigned flags,
493 umode_t mode, int *opened)
494 {
495 int err;
496 struct fuse_conn *fc = get_fuse_conn(dir);
497 struct dentry *res = NULL;
498
499 if (d_in_lookup(entry)) {
500 res = fuse_lookup(dir, entry, 0);
501 if (IS_ERR(res))
502 return PTR_ERR(res);
503
504 if (res)
505 entry = res;
506 }
507
508 if (!(flags & O_CREAT) || d_really_is_positive(entry))
509 goto no_open;
510
511 /* Only creates */
512 *opened |= FILE_CREATED;
513
514 if (fc->no_create)
515 goto mknod;
516
517 err = fuse_create_open(dir, entry, file, flags, mode, opened);
518 if (err == -ENOSYS) {
519 fc->no_create = 1;
520 goto mknod;
521 }
522 out_dput:
523 dput(res);
524 return err;
525
526 mknod:
527 err = fuse_mknod(dir, entry, mode, 0);
528 if (err)
529 goto out_dput;
530 no_open:
531 return finish_no_open(file, res);
532 }
533
534 /*
535 * Code shared between mknod, mkdir, symlink and link
536 */
537 static int create_new_entry(struct fuse_conn *fc, struct fuse_args *args,
538 struct inode *dir, struct dentry *entry,
539 umode_t mode)
540 {
541 struct fuse_entry_out outarg;
542 struct inode *inode;
543 int err;
544 struct fuse_forget_link *forget;
545
546 forget = fuse_alloc_forget();
547 if (!forget)
548 return -ENOMEM;
549
550 memset(&outarg, 0, sizeof(outarg));
551 args->in.h.nodeid = get_node_id(dir);
552 args->out.numargs = 1;
553 args->out.args[0].size = sizeof(outarg);
554 args->out.args[0].value = &outarg;
555 err = fuse_simple_request(fc, args);
556 if (err)
557 goto out_put_forget_req;
558
559 err = -EIO;
560 if (invalid_nodeid(outarg.nodeid))
561 goto out_put_forget_req;
562
563 if ((outarg.attr.mode ^ mode) & S_IFMT)
564 goto out_put_forget_req;
565
566 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
567 &outarg.attr, entry_attr_timeout(&outarg), 0);
568 if (!inode) {
569 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
570 return -ENOMEM;
571 }
572 kfree(forget);
573
574 err = d_instantiate_no_diralias(entry, inode);
575 if (err)
576 return err;
577
578 fuse_change_entry_timeout(entry, &outarg);
579 fuse_invalidate_attr(dir);
580 return 0;
581
582 out_put_forget_req:
583 kfree(forget);
584 return err;
585 }
586
587 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
588 dev_t rdev)
589 {
590 struct fuse_mknod_in inarg;
591 struct fuse_conn *fc = get_fuse_conn(dir);
592 FUSE_ARGS(args);
593
594 if (!fc->dont_mask)
595 mode &= ~current_umask();
596
597 memset(&inarg, 0, sizeof(inarg));
598 inarg.mode = mode;
599 inarg.rdev = new_encode_dev(rdev);
600 inarg.umask = current_umask();
601 args.in.h.opcode = FUSE_MKNOD;
602 args.in.numargs = 2;
603 args.in.args[0].size = sizeof(inarg);
604 args.in.args[0].value = &inarg;
605 args.in.args[1].size = entry->d_name.len + 1;
606 args.in.args[1].value = entry->d_name.name;
607 return create_new_entry(fc, &args, dir, entry, mode);
608 }
609
610 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
611 bool excl)
612 {
613 return fuse_mknod(dir, entry, mode, 0);
614 }
615
616 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
617 {
618 struct fuse_mkdir_in inarg;
619 struct fuse_conn *fc = get_fuse_conn(dir);
620 FUSE_ARGS(args);
621
622 if (!fc->dont_mask)
623 mode &= ~current_umask();
624
625 memset(&inarg, 0, sizeof(inarg));
626 inarg.mode = mode;
627 inarg.umask = current_umask();
628 args.in.h.opcode = FUSE_MKDIR;
629 args.in.numargs = 2;
630 args.in.args[0].size = sizeof(inarg);
631 args.in.args[0].value = &inarg;
632 args.in.args[1].size = entry->d_name.len + 1;
633 args.in.args[1].value = entry->d_name.name;
634 return create_new_entry(fc, &args, dir, entry, S_IFDIR);
635 }
636
637 static int fuse_symlink(struct inode *dir, struct dentry *entry,
638 const char *link)
639 {
640 struct fuse_conn *fc = get_fuse_conn(dir);
641 unsigned len = strlen(link) + 1;
642 FUSE_ARGS(args);
643
644 args.in.h.opcode = FUSE_SYMLINK;
645 args.in.numargs = 2;
646 args.in.args[0].size = entry->d_name.len + 1;
647 args.in.args[0].value = entry->d_name.name;
648 args.in.args[1].size = len;
649 args.in.args[1].value = link;
650 return create_new_entry(fc, &args, dir, entry, S_IFLNK);
651 }
652
653 void fuse_update_ctime(struct inode *inode)
654 {
655 if (!IS_NOCMTIME(inode)) {
656 inode->i_ctime = current_time(inode);
657 mark_inode_dirty_sync(inode);
658 }
659 }
660
661 static int fuse_unlink(struct inode *dir, struct dentry *entry)
662 {
663 int err;
664 struct fuse_conn *fc = get_fuse_conn(dir);
665 FUSE_ARGS(args);
666
667 args.in.h.opcode = FUSE_UNLINK;
668 args.in.h.nodeid = get_node_id(dir);
669 args.in.numargs = 1;
670 args.in.args[0].size = entry->d_name.len + 1;
671 args.in.args[0].value = entry->d_name.name;
672 err = fuse_simple_request(fc, &args);
673 if (!err) {
674 struct inode *inode = d_inode(entry);
675 struct fuse_inode *fi = get_fuse_inode(inode);
676
677 spin_lock(&fc->lock);
678 fi->attr_version = ++fc->attr_version;
679 /*
680 * If i_nlink == 0 then unlink doesn't make sense, yet this can
681 * happen if userspace filesystem is careless. It would be
682 * difficult to enforce correct nlink usage so just ignore this
683 * condition here
684 */
685 if (inode->i_nlink > 0)
686 drop_nlink(inode);
687 spin_unlock(&fc->lock);
688 fuse_invalidate_attr(inode);
689 fuse_invalidate_attr(dir);
690 fuse_invalidate_entry_cache(entry);
691 fuse_update_ctime(inode);
692 } else if (err == -EINTR)
693 fuse_invalidate_entry(entry);
694 return err;
695 }
696
697 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
698 {
699 int err;
700 struct fuse_conn *fc = get_fuse_conn(dir);
701 FUSE_ARGS(args);
702
703 args.in.h.opcode = FUSE_RMDIR;
704 args.in.h.nodeid = get_node_id(dir);
705 args.in.numargs = 1;
706 args.in.args[0].size = entry->d_name.len + 1;
707 args.in.args[0].value = entry->d_name.name;
708 err = fuse_simple_request(fc, &args);
709 if (!err) {
710 clear_nlink(d_inode(entry));
711 fuse_invalidate_attr(dir);
712 fuse_invalidate_entry_cache(entry);
713 } else if (err == -EINTR)
714 fuse_invalidate_entry(entry);
715 return err;
716 }
717
718 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
719 struct inode *newdir, struct dentry *newent,
720 unsigned int flags, int opcode, size_t argsize)
721 {
722 int err;
723 struct fuse_rename2_in inarg;
724 struct fuse_conn *fc = get_fuse_conn(olddir);
725 FUSE_ARGS(args);
726
727 memset(&inarg, 0, argsize);
728 inarg.newdir = get_node_id(newdir);
729 inarg.flags = flags;
730 args.in.h.opcode = opcode;
731 args.in.h.nodeid = get_node_id(olddir);
732 args.in.numargs = 3;
733 args.in.args[0].size = argsize;
734 args.in.args[0].value = &inarg;
735 args.in.args[1].size = oldent->d_name.len + 1;
736 args.in.args[1].value = oldent->d_name.name;
737 args.in.args[2].size = newent->d_name.len + 1;
738 args.in.args[2].value = newent->d_name.name;
739 err = fuse_simple_request(fc, &args);
740 if (!err) {
741 /* ctime changes */
742 fuse_invalidate_attr(d_inode(oldent));
743 fuse_update_ctime(d_inode(oldent));
744
745 if (flags & RENAME_EXCHANGE) {
746 fuse_invalidate_attr(d_inode(newent));
747 fuse_update_ctime(d_inode(newent));
748 }
749
750 fuse_invalidate_attr(olddir);
751 if (olddir != newdir)
752 fuse_invalidate_attr(newdir);
753
754 /* newent will end up negative */
755 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
756 fuse_invalidate_attr(d_inode(newent));
757 fuse_invalidate_entry_cache(newent);
758 fuse_update_ctime(d_inode(newent));
759 }
760 } else if (err == -EINTR) {
761 /* If request was interrupted, DEITY only knows if the
762 rename actually took place. If the invalidation
763 fails (e.g. some process has CWD under the renamed
764 directory), then there can be inconsistency between
765 the dcache and the real filesystem. Tough luck. */
766 fuse_invalidate_entry(oldent);
767 if (d_really_is_positive(newent))
768 fuse_invalidate_entry(newent);
769 }
770
771 return err;
772 }
773
774 static int fuse_rename2(struct inode *olddir, struct dentry *oldent,
775 struct inode *newdir, struct dentry *newent,
776 unsigned int flags)
777 {
778 struct fuse_conn *fc = get_fuse_conn(olddir);
779 int err;
780
781 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
782 return -EINVAL;
783
784 if (flags) {
785 if (fc->no_rename2 || fc->minor < 23)
786 return -EINVAL;
787
788 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
789 FUSE_RENAME2,
790 sizeof(struct fuse_rename2_in));
791 if (err == -ENOSYS) {
792 fc->no_rename2 = 1;
793 err = -EINVAL;
794 }
795 } else {
796 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
797 FUSE_RENAME,
798 sizeof(struct fuse_rename_in));
799 }
800
801 return err;
802 }
803
804 static int fuse_link(struct dentry *entry, struct inode *newdir,
805 struct dentry *newent)
806 {
807 int err;
808 struct fuse_link_in inarg;
809 struct inode *inode = d_inode(entry);
810 struct fuse_conn *fc = get_fuse_conn(inode);
811 FUSE_ARGS(args);
812
813 memset(&inarg, 0, sizeof(inarg));
814 inarg.oldnodeid = get_node_id(inode);
815 args.in.h.opcode = FUSE_LINK;
816 args.in.numargs = 2;
817 args.in.args[0].size = sizeof(inarg);
818 args.in.args[0].value = &inarg;
819 args.in.args[1].size = newent->d_name.len + 1;
820 args.in.args[1].value = newent->d_name.name;
821 err = create_new_entry(fc, &args, newdir, newent, inode->i_mode);
822 /* Contrary to "normal" filesystems it can happen that link
823 makes two "logical" inodes point to the same "physical"
824 inode. We invalidate the attributes of the old one, so it
825 will reflect changes in the backing inode (link count,
826 etc.)
827 */
828 if (!err) {
829 struct fuse_inode *fi = get_fuse_inode(inode);
830
831 spin_lock(&fc->lock);
832 fi->attr_version = ++fc->attr_version;
833 inc_nlink(inode);
834 spin_unlock(&fc->lock);
835 fuse_invalidate_attr(inode);
836 fuse_update_ctime(inode);
837 } else if (err == -EINTR) {
838 fuse_invalidate_attr(inode);
839 }
840 return err;
841 }
842
843 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
844 struct kstat *stat)
845 {
846 unsigned int blkbits;
847 struct fuse_conn *fc = get_fuse_conn(inode);
848
849 /* see the comment in fuse_change_attributes() */
850 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
851 attr->size = i_size_read(inode);
852 attr->mtime = inode->i_mtime.tv_sec;
853 attr->mtimensec = inode->i_mtime.tv_nsec;
854 attr->ctime = inode->i_ctime.tv_sec;
855 attr->ctimensec = inode->i_ctime.tv_nsec;
856 }
857
858 stat->dev = inode->i_sb->s_dev;
859 stat->ino = attr->ino;
860 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
861 stat->nlink = attr->nlink;
862 stat->uid = make_kuid(fc->user_ns, attr->uid);
863 stat->gid = make_kgid(fc->user_ns, attr->gid);
864 stat->rdev = inode->i_rdev;
865 stat->atime.tv_sec = attr->atime;
866 stat->atime.tv_nsec = attr->atimensec;
867 stat->mtime.tv_sec = attr->mtime;
868 stat->mtime.tv_nsec = attr->mtimensec;
869 stat->ctime.tv_sec = attr->ctime;
870 stat->ctime.tv_nsec = attr->ctimensec;
871 stat->size = attr->size;
872 stat->blocks = attr->blocks;
873
874 if (attr->blksize != 0)
875 blkbits = ilog2(attr->blksize);
876 else
877 blkbits = inode->i_sb->s_blocksize_bits;
878
879 stat->blksize = 1 << blkbits;
880 }
881
882 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
883 struct file *file)
884 {
885 int err;
886 struct fuse_getattr_in inarg;
887 struct fuse_attr_out outarg;
888 struct fuse_conn *fc = get_fuse_conn(inode);
889 FUSE_ARGS(args);
890 u64 attr_version;
891
892 attr_version = fuse_get_attr_version(fc);
893
894 memset(&inarg, 0, sizeof(inarg));
895 memset(&outarg, 0, sizeof(outarg));
896 /* Directories have separate file-handle space */
897 if (file && S_ISREG(inode->i_mode)) {
898 struct fuse_file *ff = file->private_data;
899
900 inarg.getattr_flags |= FUSE_GETATTR_FH;
901 inarg.fh = ff->fh;
902 }
903 args.in.h.opcode = FUSE_GETATTR;
904 args.in.h.nodeid = get_node_id(inode);
905 args.in.numargs = 1;
906 args.in.args[0].size = sizeof(inarg);
907 args.in.args[0].value = &inarg;
908 args.out.numargs = 1;
909 args.out.args[0].size = sizeof(outarg);
910 args.out.args[0].value = &outarg;
911 err = fuse_simple_request(fc, &args);
912 if (!err) {
913 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
914 make_bad_inode(inode);
915 err = -EIO;
916 } else {
917 fuse_change_attributes(inode, &outarg.attr,
918 attr_timeout(&outarg),
919 attr_version);
920 if (stat)
921 fuse_fillattr(inode, &outarg.attr, stat);
922 }
923 }
924 return err;
925 }
926
927 static int fuse_update_get_attr(struct inode *inode, struct file *file,
928 struct kstat *stat)
929 {
930 struct fuse_inode *fi = get_fuse_inode(inode);
931 int err = 0;
932
933 if (time_before64(fi->i_time, get_jiffies_64())) {
934 forget_all_cached_acls(inode);
935 err = fuse_do_getattr(inode, stat, file);
936 } else if (stat) {
937 generic_fillattr(inode, stat);
938 stat->mode = fi->orig_i_mode;
939 stat->ino = fi->orig_ino;
940 }
941
942 return err;
943 }
944
945 int fuse_update_attributes(struct inode *inode, struct file *file)
946 {
947 return fuse_update_get_attr(inode, file, NULL);
948 }
949
950 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
951 u64 child_nodeid, struct qstr *name)
952 {
953 int err = -ENOTDIR;
954 struct inode *parent;
955 struct dentry *dir;
956 struct dentry *entry;
957
958 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
959 if (!parent)
960 return -ENOENT;
961
962 inode_lock(parent);
963 if (!S_ISDIR(parent->i_mode))
964 goto unlock;
965
966 err = -ENOENT;
967 dir = d_find_alias(parent);
968 if (!dir)
969 goto unlock;
970
971 name->hash = full_name_hash(dir, name->name, name->len);
972 entry = d_lookup(dir, name);
973 dput(dir);
974 if (!entry)
975 goto unlock;
976
977 fuse_invalidate_attr(parent);
978 fuse_invalidate_entry(entry);
979
980 if (child_nodeid != 0 && d_really_is_positive(entry)) {
981 inode_lock(d_inode(entry));
982 if (get_node_id(d_inode(entry)) != child_nodeid) {
983 err = -ENOENT;
984 goto badentry;
985 }
986 if (d_mountpoint(entry)) {
987 err = -EBUSY;
988 goto badentry;
989 }
990 if (d_is_dir(entry)) {
991 shrink_dcache_parent(entry);
992 if (!simple_empty(entry)) {
993 err = -ENOTEMPTY;
994 goto badentry;
995 }
996 d_inode(entry)->i_flags |= S_DEAD;
997 }
998 dont_mount(entry);
999 clear_nlink(d_inode(entry));
1000 err = 0;
1001 badentry:
1002 inode_unlock(d_inode(entry));
1003 if (!err)
1004 d_delete(entry);
1005 } else {
1006 err = 0;
1007 }
1008 dput(entry);
1009
1010 unlock:
1011 inode_unlock(parent);
1012 iput(parent);
1013 return err;
1014 }
1015
1016 /*
1017 * Calling into a user-controlled filesystem gives the filesystem
1018 * daemon ptrace-like capabilities over the current process. This
1019 * means, that the filesystem daemon is able to record the exact
1020 * filesystem operations performed, and can also control the behavior
1021 * of the requester process in otherwise impossible ways. For example
1022 * it can delay the operation for arbitrary length of time allowing
1023 * DoS against the requester.
1024 *
1025 * For this reason only those processes can call into the filesystem,
1026 * for which the owner of the mount has ptrace privilege. This
1027 * excludes processes started by other users, suid or sgid processes.
1028 */
1029 int fuse_allow_current_process(struct fuse_conn *fc)
1030 {
1031 const struct cred *cred;
1032
1033 if (fc->allow_other)
1034 return current_in_userns(fc->user_ns);
1035
1036 cred = current_cred();
1037 if (uid_eq(cred->euid, fc->user_id) &&
1038 uid_eq(cred->suid, fc->user_id) &&
1039 uid_eq(cred->uid, fc->user_id) &&
1040 gid_eq(cred->egid, fc->group_id) &&
1041 gid_eq(cred->sgid, fc->group_id) &&
1042 gid_eq(cred->gid, fc->group_id))
1043 return 1;
1044
1045 return 0;
1046 }
1047
1048 static int fuse_access(struct inode *inode, int mask)
1049 {
1050 struct fuse_conn *fc = get_fuse_conn(inode);
1051 FUSE_ARGS(args);
1052 struct fuse_access_in inarg;
1053 int err;
1054
1055 BUG_ON(mask & MAY_NOT_BLOCK);
1056
1057 if (fc->no_access)
1058 return 0;
1059
1060 memset(&inarg, 0, sizeof(inarg));
1061 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1062 args.in.h.opcode = FUSE_ACCESS;
1063 args.in.h.nodeid = get_node_id(inode);
1064 args.in.numargs = 1;
1065 args.in.args[0].size = sizeof(inarg);
1066 args.in.args[0].value = &inarg;
1067 err = fuse_simple_request(fc, &args);
1068 if (err == -ENOSYS) {
1069 fc->no_access = 1;
1070 err = 0;
1071 }
1072 return err;
1073 }
1074
1075 static int fuse_perm_getattr(struct inode *inode, int mask)
1076 {
1077 if (mask & MAY_NOT_BLOCK)
1078 return -ECHILD;
1079
1080 forget_all_cached_acls(inode);
1081 return fuse_do_getattr(inode, NULL, NULL);
1082 }
1083
1084 /*
1085 * Check permission. The two basic access models of FUSE are:
1086 *
1087 * 1) Local access checking ('default_permissions' mount option) based
1088 * on file mode. This is the plain old disk filesystem permission
1089 * modell.
1090 *
1091 * 2) "Remote" access checking, where server is responsible for
1092 * checking permission in each inode operation. An exception to this
1093 * is if ->permission() was invoked from sys_access() in which case an
1094 * access request is sent. Execute permission is still checked
1095 * locally based on file mode.
1096 */
1097 static int fuse_permission(struct inode *inode, int mask)
1098 {
1099 struct fuse_conn *fc = get_fuse_conn(inode);
1100 bool refreshed = false;
1101 int err = 0;
1102
1103 if (!fuse_allow_current_process(fc))
1104 return -EACCES;
1105
1106 /*
1107 * If attributes are needed, refresh them before proceeding
1108 */
1109 if (fc->default_permissions ||
1110 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1111 struct fuse_inode *fi = get_fuse_inode(inode);
1112
1113 if (time_before64(fi->i_time, get_jiffies_64())) {
1114 refreshed = true;
1115
1116 err = fuse_perm_getattr(inode, mask);
1117 if (err)
1118 return err;
1119 }
1120 }
1121
1122 if (fc->default_permissions) {
1123 err = generic_permission(inode, mask);
1124
1125 /* If permission is denied, try to refresh file
1126 attributes. This is also needed, because the root
1127 node will at first have no permissions */
1128 if (err == -EACCES && !refreshed) {
1129 err = fuse_perm_getattr(inode, mask);
1130 if (!err)
1131 err = generic_permission(inode, mask);
1132 }
1133
1134 /* Note: the opposite of the above test does not
1135 exist. So if permissions are revoked this won't be
1136 noticed immediately, only after the attribute
1137 timeout has expired */
1138 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1139 err = fuse_access(inode, mask);
1140 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1141 if (!(inode->i_mode & S_IXUGO)) {
1142 if (refreshed)
1143 return -EACCES;
1144
1145 err = fuse_perm_getattr(inode, mask);
1146 if (!err && !(inode->i_mode & S_IXUGO))
1147 return -EACCES;
1148 }
1149 }
1150 return err;
1151 }
1152
1153 static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
1154 struct dir_context *ctx)
1155 {
1156 while (nbytes >= FUSE_NAME_OFFSET) {
1157 struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
1158 size_t reclen = FUSE_DIRENT_SIZE(dirent);
1159 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1160 return -EIO;
1161 if (reclen > nbytes)
1162 break;
1163 if (memchr(dirent->name, '/', dirent->namelen) != NULL)
1164 return -EIO;
1165
1166 if (!dir_emit(ctx, dirent->name, dirent->namelen,
1167 dirent->ino, dirent->type))
1168 break;
1169
1170 buf += reclen;
1171 nbytes -= reclen;
1172 ctx->pos = dirent->off;
1173 }
1174
1175 return 0;
1176 }
1177
1178 static int fuse_direntplus_link(struct file *file,
1179 struct fuse_direntplus *direntplus,
1180 u64 attr_version)
1181 {
1182 struct fuse_entry_out *o = &direntplus->entry_out;
1183 struct fuse_dirent *dirent = &direntplus->dirent;
1184 struct dentry *parent = file->f_path.dentry;
1185 struct qstr name = QSTR_INIT(dirent->name, dirent->namelen);
1186 struct dentry *dentry;
1187 struct dentry *alias;
1188 struct inode *dir = d_inode(parent);
1189 struct fuse_conn *fc;
1190 struct inode *inode;
1191 DECLARE_WAIT_QUEUE_HEAD_ONSTACK(wq);
1192
1193 if (!o->nodeid) {
1194 /*
1195 * Unlike in the case of fuse_lookup, zero nodeid does not mean
1196 * ENOENT. Instead, it only means the userspace filesystem did
1197 * not want to return attributes/handle for this entry.
1198 *
1199 * So do nothing.
1200 */
1201 return 0;
1202 }
1203
1204 if (name.name[0] == '.') {
1205 /*
1206 * We could potentially refresh the attributes of the directory
1207 * and its parent?
1208 */
1209 if (name.len == 1)
1210 return 0;
1211 if (name.name[1] == '.' && name.len == 2)
1212 return 0;
1213 }
1214
1215 if (invalid_nodeid(o->nodeid))
1216 return -EIO;
1217 if (!fuse_valid_type(o->attr.mode))
1218 return -EIO;
1219
1220 fc = get_fuse_conn(dir);
1221
1222 name.hash = full_name_hash(parent, name.name, name.len);
1223 dentry = d_lookup(parent, &name);
1224 if (!dentry) {
1225 retry:
1226 dentry = d_alloc_parallel(parent, &name, &wq);
1227 if (IS_ERR(dentry))
1228 return PTR_ERR(dentry);
1229 }
1230 if (!d_in_lookup(dentry)) {
1231 struct fuse_inode *fi;
1232 inode = d_inode(dentry);
1233 if (!inode ||
1234 get_node_id(inode) != o->nodeid ||
1235 ((o->attr.mode ^ inode->i_mode) & S_IFMT)) {
1236 d_invalidate(dentry);
1237 dput(dentry);
1238 goto retry;
1239 }
1240 if (is_bad_inode(inode)) {
1241 dput(dentry);
1242 return -EIO;
1243 }
1244
1245 fi = get_fuse_inode(inode);
1246 spin_lock(&fc->lock);
1247 fi->nlookup++;
1248 spin_unlock(&fc->lock);
1249
1250 forget_all_cached_acls(inode);
1251 fuse_change_attributes(inode, &o->attr,
1252 entry_attr_timeout(o),
1253 attr_version);
1254 /*
1255 * The other branch comes via fuse_iget()
1256 * which bumps nlookup inside
1257 */
1258 } else {
1259 inode = fuse_iget(dir->i_sb, o->nodeid, o->generation,
1260 &o->attr, entry_attr_timeout(o),
1261 attr_version);
1262 if (!inode)
1263 inode = ERR_PTR(-ENOMEM);
1264
1265 alias = d_splice_alias(inode, dentry);
1266 d_lookup_done(dentry);
1267 if (alias) {
1268 dput(dentry);
1269 dentry = alias;
1270 }
1271 if (IS_ERR(dentry))
1272 return PTR_ERR(dentry);
1273 }
1274 if (fc->readdirplus_auto)
1275 set_bit(FUSE_I_INIT_RDPLUS, &get_fuse_inode(inode)->state);
1276 fuse_change_entry_timeout(dentry, o);
1277
1278 dput(dentry);
1279 return 0;
1280 }
1281
1282 static int parse_dirplusfile(char *buf, size_t nbytes, struct file *file,
1283 struct dir_context *ctx, u64 attr_version)
1284 {
1285 struct fuse_direntplus *direntplus;
1286 struct fuse_dirent *dirent;
1287 size_t reclen;
1288 int over = 0;
1289 int ret;
1290
1291 while (nbytes >= FUSE_NAME_OFFSET_DIRENTPLUS) {
1292 direntplus = (struct fuse_direntplus *) buf;
1293 dirent = &direntplus->dirent;
1294 reclen = FUSE_DIRENTPLUS_SIZE(direntplus);
1295
1296 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1297 return -EIO;
1298 if (reclen > nbytes)
1299 break;
1300 if (memchr(dirent->name, '/', dirent->namelen) != NULL)
1301 return -EIO;
1302
1303 if (!over) {
1304 /* We fill entries into dstbuf only as much as
1305 it can hold. But we still continue iterating
1306 over remaining entries to link them. If not,
1307 we need to send a FORGET for each of those
1308 which we did not link.
1309 */
1310 over = !dir_emit(ctx, dirent->name, dirent->namelen,
1311 dirent->ino, dirent->type);
1312 if (!over)
1313 ctx->pos = dirent->off;
1314 }
1315
1316 buf += reclen;
1317 nbytes -= reclen;
1318
1319 ret = fuse_direntplus_link(file, direntplus, attr_version);
1320 if (ret)
1321 fuse_force_forget(file, direntplus->entry_out.nodeid);
1322 }
1323
1324 return 0;
1325 }
1326
1327 static int fuse_readdir(struct file *file, struct dir_context *ctx)
1328 {
1329 int plus, err;
1330 size_t nbytes;
1331 struct page *page;
1332 struct inode *inode = file_inode(file);
1333 struct fuse_conn *fc = get_fuse_conn(inode);
1334 struct fuse_req *req;
1335 u64 attr_version = 0;
1336 bool locked;
1337
1338 if (is_bad_inode(inode))
1339 return -EIO;
1340
1341 req = fuse_get_req(fc, 1);
1342 if (IS_ERR(req))
1343 return PTR_ERR(req);
1344
1345 page = alloc_page(GFP_KERNEL);
1346 if (!page) {
1347 fuse_put_request(fc, req);
1348 return -ENOMEM;
1349 }
1350
1351 plus = fuse_use_readdirplus(inode, ctx);
1352 req->out.argpages = 1;
1353 req->num_pages = 1;
1354 req->pages[0] = page;
1355 req->page_descs[0].length = PAGE_SIZE;
1356 if (plus) {
1357 attr_version = fuse_get_attr_version(fc);
1358 fuse_read_fill(req, file, ctx->pos, PAGE_SIZE,
1359 FUSE_READDIRPLUS);
1360 } else {
1361 fuse_read_fill(req, file, ctx->pos, PAGE_SIZE,
1362 FUSE_READDIR);
1363 }
1364 locked = fuse_lock_inode(inode);
1365 fuse_request_send(fc, req);
1366 fuse_unlock_inode(inode, locked);
1367 nbytes = req->out.args[0].size;
1368 err = req->out.h.error;
1369 fuse_put_request(fc, req);
1370 if (!err) {
1371 if (plus) {
1372 err = parse_dirplusfile(page_address(page), nbytes,
1373 file, ctx,
1374 attr_version);
1375 } else {
1376 err = parse_dirfile(page_address(page), nbytes, file,
1377 ctx);
1378 }
1379 }
1380
1381 __free_page(page);
1382 fuse_invalidate_atime(inode);
1383 return err;
1384 }
1385
1386 static const char *fuse_get_link(struct dentry *dentry,
1387 struct inode *inode,
1388 struct delayed_call *done)
1389 {
1390 struct fuse_conn *fc = get_fuse_conn(inode);
1391 FUSE_ARGS(args);
1392 char *link;
1393 ssize_t ret;
1394
1395 if (!dentry)
1396 return ERR_PTR(-ECHILD);
1397
1398 link = kmalloc(PAGE_SIZE, GFP_KERNEL);
1399 if (!link)
1400 return ERR_PTR(-ENOMEM);
1401
1402 args.in.h.opcode = FUSE_READLINK;
1403 args.in.h.nodeid = get_node_id(inode);
1404 args.out.argvar = 1;
1405 args.out.numargs = 1;
1406 args.out.args[0].size = PAGE_SIZE - 1;
1407 args.out.args[0].value = link;
1408 ret = fuse_simple_request(fc, &args);
1409 if (ret < 0) {
1410 kfree(link);
1411 link = ERR_PTR(ret);
1412 } else {
1413 link[ret] = '\0';
1414 set_delayed_call(done, kfree_link, link);
1415 }
1416 fuse_invalidate_atime(inode);
1417 return link;
1418 }
1419
1420 static int fuse_dir_open(struct inode *inode, struct file *file)
1421 {
1422 return fuse_open_common(inode, file, true);
1423 }
1424
1425 static int fuse_dir_release(struct inode *inode, struct file *file)
1426 {
1427 fuse_release_common(file, FUSE_RELEASEDIR);
1428
1429 return 0;
1430 }
1431
1432 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1433 int datasync)
1434 {
1435 return fuse_fsync_common(file, start, end, datasync, 1);
1436 }
1437
1438 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1439 unsigned long arg)
1440 {
1441 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1442
1443 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1444 if (fc->minor < 18)
1445 return -ENOTTY;
1446
1447 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1448 }
1449
1450 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1451 unsigned long arg)
1452 {
1453 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1454
1455 if (fc->minor < 18)
1456 return -ENOTTY;
1457
1458 return fuse_ioctl_common(file, cmd, arg,
1459 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1460 }
1461
1462 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1463 {
1464 /* Always update if mtime is explicitly set */
1465 if (ivalid & ATTR_MTIME_SET)
1466 return true;
1467
1468 /* Or if kernel i_mtime is the official one */
1469 if (trust_local_mtime)
1470 return true;
1471
1472 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1473 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1474 return false;
1475
1476 /* In all other cases update */
1477 return true;
1478 }
1479
1480 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1481 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1482 {
1483 unsigned ivalid = iattr->ia_valid;
1484
1485 if (ivalid & ATTR_MODE)
1486 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1487 if (ivalid & ATTR_UID)
1488 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1489 if (ivalid & ATTR_GID)
1490 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1491 if (ivalid & ATTR_SIZE)
1492 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1493 if (ivalid & ATTR_ATIME) {
1494 arg->valid |= FATTR_ATIME;
1495 arg->atime = iattr->ia_atime.tv_sec;
1496 arg->atimensec = iattr->ia_atime.tv_nsec;
1497 if (!(ivalid & ATTR_ATIME_SET))
1498 arg->valid |= FATTR_ATIME_NOW;
1499 }
1500 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1501 arg->valid |= FATTR_MTIME;
1502 arg->mtime = iattr->ia_mtime.tv_sec;
1503 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1504 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1505 arg->valid |= FATTR_MTIME_NOW;
1506 }
1507 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1508 arg->valid |= FATTR_CTIME;
1509 arg->ctime = iattr->ia_ctime.tv_sec;
1510 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1511 }
1512 }
1513
1514 /*
1515 * Prevent concurrent writepages on inode
1516 *
1517 * This is done by adding a negative bias to the inode write counter
1518 * and waiting for all pending writes to finish.
1519 */
1520 void fuse_set_nowrite(struct inode *inode)
1521 {
1522 struct fuse_conn *fc = get_fuse_conn(inode);
1523 struct fuse_inode *fi = get_fuse_inode(inode);
1524
1525 BUG_ON(!inode_is_locked(inode));
1526
1527 spin_lock(&fc->lock);
1528 BUG_ON(fi->writectr < 0);
1529 fi->writectr += FUSE_NOWRITE;
1530 spin_unlock(&fc->lock);
1531 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1532 }
1533
1534 /*
1535 * Allow writepages on inode
1536 *
1537 * Remove the bias from the writecounter and send any queued
1538 * writepages.
1539 */
1540 static void __fuse_release_nowrite(struct inode *inode)
1541 {
1542 struct fuse_inode *fi = get_fuse_inode(inode);
1543
1544 BUG_ON(fi->writectr != FUSE_NOWRITE);
1545 fi->writectr = 0;
1546 fuse_flush_writepages(inode);
1547 }
1548
1549 void fuse_release_nowrite(struct inode *inode)
1550 {
1551 struct fuse_conn *fc = get_fuse_conn(inode);
1552
1553 spin_lock(&fc->lock);
1554 __fuse_release_nowrite(inode);
1555 spin_unlock(&fc->lock);
1556 }
1557
1558 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1559 struct inode *inode,
1560 struct fuse_setattr_in *inarg_p,
1561 struct fuse_attr_out *outarg_p)
1562 {
1563 args->in.h.opcode = FUSE_SETATTR;
1564 args->in.h.nodeid = get_node_id(inode);
1565 args->in.numargs = 1;
1566 args->in.args[0].size = sizeof(*inarg_p);
1567 args->in.args[0].value = inarg_p;
1568 args->out.numargs = 1;
1569 args->out.args[0].size = sizeof(*outarg_p);
1570 args->out.args[0].value = outarg_p;
1571 }
1572
1573 /*
1574 * Flush inode->i_mtime to the server
1575 */
1576 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1577 {
1578 struct fuse_conn *fc = get_fuse_conn(inode);
1579 FUSE_ARGS(args);
1580 struct fuse_setattr_in inarg;
1581 struct fuse_attr_out outarg;
1582
1583 memset(&inarg, 0, sizeof(inarg));
1584 memset(&outarg, 0, sizeof(outarg));
1585
1586 inarg.valid = FATTR_MTIME;
1587 inarg.mtime = inode->i_mtime.tv_sec;
1588 inarg.mtimensec = inode->i_mtime.tv_nsec;
1589 if (fc->minor >= 23) {
1590 inarg.valid |= FATTR_CTIME;
1591 inarg.ctime = inode->i_ctime.tv_sec;
1592 inarg.ctimensec = inode->i_ctime.tv_nsec;
1593 }
1594 if (ff) {
1595 inarg.valid |= FATTR_FH;
1596 inarg.fh = ff->fh;
1597 }
1598 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1599
1600 return fuse_simple_request(fc, &args);
1601 }
1602
1603 /*
1604 * Set attributes, and at the same time refresh them.
1605 *
1606 * Truncation is slightly complicated, because the 'truncate' request
1607 * may fail, in which case we don't want to touch the mapping.
1608 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1609 * and the actual truncation by hand.
1610 */
1611 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1612 struct file *file)
1613 {
1614 struct inode *inode = d_inode(dentry);
1615 struct fuse_conn *fc = get_fuse_conn(inode);
1616 struct fuse_inode *fi = get_fuse_inode(inode);
1617 FUSE_ARGS(args);
1618 struct fuse_setattr_in inarg;
1619 struct fuse_attr_out outarg;
1620 bool is_truncate = false;
1621 bool is_wb = fc->writeback_cache;
1622 loff_t oldsize;
1623 int err;
1624 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1625
1626 if (!fc->default_permissions)
1627 attr->ia_valid |= ATTR_FORCE;
1628
1629 err = setattr_prepare(dentry, attr);
1630 if (err)
1631 return err;
1632
1633 if (attr->ia_valid & ATTR_OPEN) {
1634 /* This is coming from open(..., ... | O_TRUNC); */
1635 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1636 WARN_ON(attr->ia_size != 0);
1637 if (fc->atomic_o_trunc) {
1638 /*
1639 * No need to send request to userspace, since actual
1640 * truncation has already been done by OPEN. But still
1641 * need to truncate page cache.
1642 */
1643 i_size_write(inode, 0);
1644 truncate_pagecache(inode, 0);
1645 return 0;
1646 }
1647 file = NULL;
1648 }
1649
1650 if (attr->ia_valid & ATTR_SIZE)
1651 is_truncate = true;
1652
1653 if (is_truncate) {
1654 fuse_set_nowrite(inode);
1655 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1656 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1657 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1658 }
1659
1660 memset(&inarg, 0, sizeof(inarg));
1661 memset(&outarg, 0, sizeof(outarg));
1662 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1663 if (file) {
1664 struct fuse_file *ff = file->private_data;
1665 inarg.valid |= FATTR_FH;
1666 inarg.fh = ff->fh;
1667 }
1668 if (attr->ia_valid & ATTR_SIZE) {
1669 /* For mandatory locking in truncate */
1670 inarg.valid |= FATTR_LOCKOWNER;
1671 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1672 }
1673 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1674 err = fuse_simple_request(fc, &args);
1675 if (err) {
1676 if (err == -EINTR)
1677 fuse_invalidate_attr(inode);
1678 goto error;
1679 }
1680
1681 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1682 make_bad_inode(inode);
1683 err = -EIO;
1684 goto error;
1685 }
1686
1687 spin_lock(&fc->lock);
1688 /* the kernel maintains i_mtime locally */
1689 if (trust_local_cmtime) {
1690 if (attr->ia_valid & ATTR_MTIME)
1691 inode->i_mtime = attr->ia_mtime;
1692 if (attr->ia_valid & ATTR_CTIME)
1693 inode->i_ctime = attr->ia_ctime;
1694 /* FIXME: clear I_DIRTY_SYNC? */
1695 }
1696
1697 fuse_change_attributes_common(inode, &outarg.attr,
1698 attr_timeout(&outarg));
1699 oldsize = inode->i_size;
1700 /* see the comment in fuse_change_attributes() */
1701 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1702 i_size_write(inode, outarg.attr.size);
1703
1704 if (is_truncate) {
1705 /* NOTE: this may release/reacquire fc->lock */
1706 __fuse_release_nowrite(inode);
1707 }
1708 spin_unlock(&fc->lock);
1709
1710 /*
1711 * Only call invalidate_inode_pages2() after removing
1712 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1713 */
1714 if ((is_truncate || !is_wb) &&
1715 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1716 truncate_pagecache(inode, outarg.attr.size);
1717 invalidate_inode_pages2(inode->i_mapping);
1718 }
1719
1720 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1721 return 0;
1722
1723 error:
1724 if (is_truncate)
1725 fuse_release_nowrite(inode);
1726
1727 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1728 return err;
1729 }
1730
1731 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1732 {
1733 struct inode *inode = d_inode(entry);
1734 struct fuse_conn *fc = get_fuse_conn(inode);
1735 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1736 int ret;
1737
1738 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1739 return -EACCES;
1740
1741 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1742 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1743 ATTR_MODE);
1744
1745 /*
1746 * The only sane way to reliably kill suid/sgid is to do it in
1747 * the userspace filesystem
1748 *
1749 * This should be done on write(), truncate() and chown().
1750 */
1751 if (!fc->handle_killpriv) {
1752 /*
1753 * ia_mode calculation may have used stale i_mode.
1754 * Refresh and recalculate.
1755 */
1756 ret = fuse_do_getattr(inode, NULL, file);
1757 if (ret)
1758 return ret;
1759
1760 attr->ia_mode = inode->i_mode;
1761 if (inode->i_mode & S_ISUID) {
1762 attr->ia_valid |= ATTR_MODE;
1763 attr->ia_mode &= ~S_ISUID;
1764 }
1765 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1766 attr->ia_valid |= ATTR_MODE;
1767 attr->ia_mode &= ~S_ISGID;
1768 }
1769 }
1770 }
1771 if (!attr->ia_valid)
1772 return 0;
1773
1774 ret = fuse_do_setattr(entry, attr, file);
1775 if (!ret) {
1776 /*
1777 * If filesystem supports acls it may have updated acl xattrs in
1778 * the filesystem, so forget cached acls for the inode.
1779 */
1780 if (fc->posix_acl)
1781 forget_all_cached_acls(inode);
1782
1783 /* Directory mode changed, may need to revalidate access */
1784 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1785 fuse_invalidate_entry_cache(entry);
1786 }
1787 return ret;
1788 }
1789
1790 static int fuse_getattr(const struct path *path, struct kstat *stat,
1791 u32 request_mask, unsigned int flags)
1792 {
1793 struct inode *inode = d_inode(path->dentry);
1794 struct fuse_conn *fc = get_fuse_conn(inode);
1795
1796 if (!fuse_allow_current_process(fc))
1797 return -EACCES;
1798
1799 return fuse_update_get_attr(inode, NULL, stat);
1800 }
1801
1802 static const struct inode_operations fuse_dir_inode_operations = {
1803 .lookup = fuse_lookup,
1804 .mkdir = fuse_mkdir,
1805 .symlink = fuse_symlink,
1806 .unlink = fuse_unlink,
1807 .rmdir = fuse_rmdir,
1808 .rename = fuse_rename2,
1809 .link = fuse_link,
1810 .setattr = fuse_setattr,
1811 .create = fuse_create,
1812 .atomic_open = fuse_atomic_open,
1813 .mknod = fuse_mknod,
1814 .permission = fuse_permission,
1815 .getattr = fuse_getattr,
1816 .listxattr = fuse_listxattr,
1817 .get_acl = fuse_get_acl,
1818 .set_acl = fuse_set_acl,
1819 };
1820
1821 static const struct file_operations fuse_dir_operations = {
1822 .llseek = generic_file_llseek,
1823 .read = generic_read_dir,
1824 .iterate_shared = fuse_readdir,
1825 .open = fuse_dir_open,
1826 .release = fuse_dir_release,
1827 .fsync = fuse_dir_fsync,
1828 .unlocked_ioctl = fuse_dir_ioctl,
1829 .compat_ioctl = fuse_dir_compat_ioctl,
1830 };
1831
1832 static const struct inode_operations fuse_common_inode_operations = {
1833 .setattr = fuse_setattr,
1834 .permission = fuse_permission,
1835 .getattr = fuse_getattr,
1836 .listxattr = fuse_listxattr,
1837 .get_acl = fuse_get_acl,
1838 .set_acl = fuse_set_acl,
1839 };
1840
1841 static const struct inode_operations fuse_symlink_inode_operations = {
1842 .setattr = fuse_setattr,
1843 .get_link = fuse_get_link,
1844 .getattr = fuse_getattr,
1845 .listxattr = fuse_listxattr,
1846 };
1847
1848 void fuse_init_common(struct inode *inode)
1849 {
1850 inode->i_op = &fuse_common_inode_operations;
1851 }
1852
1853 void fuse_init_dir(struct inode *inode)
1854 {
1855 inode->i_op = &fuse_dir_inode_operations;
1856 inode->i_fop = &fuse_dir_operations;
1857 }
1858
1859 void fuse_init_symlink(struct inode *inode)
1860 {
1861 inode->i_op = &fuse_symlink_inode_operations;
1862 }
ubuntu-bionic-kernel mirror