]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blob - fs/fuse/dir.c
projects / mirror_ubuntu-focal-kernel.git / blob
? search:


34487bf1d791448a5cd9f73d9d1897c482b0b9b0
[mirror_ubuntu-focal-kernel.git] / fs / fuse / dir.c
1 /*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7 */
8
9 #include "fuse_i.h"
10
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
16 #include <linux/xattr.h>
17 #include <linux/iversion.h>
18 #include <linux/posix_acl.h>
19
20 static void fuse_advise_use_readdirplus(struct inode *dir)
21 {
22 struct fuse_inode *fi = get_fuse_inode(dir);
23
24 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
25 }
26
27 #if BITS_PER_LONG >= 64
28 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
29 {
30 entry->d_fsdata = (void *) time;
31 }
32
33 static inline u64 fuse_dentry_time(const struct dentry *entry)
34 {
35 return (u64)entry->d_fsdata;
36 }
37
38 #else
39 union fuse_dentry {
40 u64 time;
41 struct rcu_head rcu;
42 };
43
44 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
45 {
46 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
47 }
48
49 static inline u64 fuse_dentry_time(const struct dentry *entry)
50 {
51 return ((union fuse_dentry *) entry->d_fsdata)->time;
52 }
53 #endif
54
55 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
56 {
57 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
58 bool delete = !time && fc->delete_stale;
59 /*
60 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
61 * Don't care about races, either way it's just an optimization
62 */
63 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
64 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
65 spin_lock(&dentry->d_lock);
66 if (!delete)
67 dentry->d_flags &= ~DCACHE_OP_DELETE;
68 else
69 dentry->d_flags |= DCACHE_OP_DELETE;
70 spin_unlock(&dentry->d_lock);
71 }
72
73 __fuse_dentry_settime(dentry, time);
74 }
75
76 /*
77 * FUSE caches dentries and attributes with separate timeout. The
78 * time in jiffies until the dentry/attributes are valid is stored in
79 * dentry->d_fsdata and fuse_inode->i_time respectively.
80 */
81
82 /*
83 * Calculate the time in jiffies until a dentry/attributes are valid
84 */
85 static u64 time_to_jiffies(u64 sec, u32 nsec)
86 {
87 if (sec || nsec) {
88 struct timespec64 ts = {
89 sec,
90 min_t(u32, nsec, NSEC_PER_SEC - 1)
91 };
92
93 return get_jiffies_64() + timespec64_to_jiffies(&ts);
94 } else
95 return 0;
96 }
97
98 /*
99 * Set dentry and possibly attribute timeouts from the lookup/mk*
100 * replies
101 */
102 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
103 {
104 fuse_dentry_settime(entry,
105 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
106 }
107
108 static u64 attr_timeout(struct fuse_attr_out *o)
109 {
110 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
111 }
112
113 u64 entry_attr_timeout(struct fuse_entry_out *o)
114 {
115 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
116 }
117
118 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
119 {
120 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
121 }
122
123 /*
124 * Mark the attributes as stale, so that at the next call to
125 * ->getattr() they will be fetched from userspace
126 */
127 void fuse_invalidate_attr(struct inode *inode)
128 {
129 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
130 }
131
132 static void fuse_dir_changed(struct inode *dir)
133 {
134 fuse_invalidate_attr(dir);
135 inode_maybe_inc_iversion(dir, false);
136 }
137
138 /**
139 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
140 * atime is not used.
141 */
142 void fuse_invalidate_atime(struct inode *inode)
143 {
144 if (!IS_RDONLY(inode))
145 fuse_invalidate_attr_mask(inode, STATX_ATIME);
146 }
147
148 /*
149 * Just mark the entry as stale, so that a next attempt to look it up
150 * will result in a new lookup call to userspace
151 *
152 * This is called when a dentry is about to become negative and the
153 * timeout is unknown (unlink, rmdir, rename and in some cases
154 * lookup)
155 */
156 void fuse_invalidate_entry_cache(struct dentry *entry)
157 {
158 fuse_dentry_settime(entry, 0);
159 }
160
161 /*
162 * Same as fuse_invalidate_entry_cache(), but also try to remove the
163 * dentry from the hash
164 */
165 static void fuse_invalidate_entry(struct dentry *entry)
166 {
167 d_invalidate(entry);
168 fuse_invalidate_entry_cache(entry);
169 }
170
171 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
172 u64 nodeid, const struct qstr *name,
173 struct fuse_entry_out *outarg)
174 {
175 memset(outarg, 0, sizeof(struct fuse_entry_out));
176 args->opcode = FUSE_LOOKUP;
177 args->nodeid = nodeid;
178 args->in_numargs = 1;
179 args->in_args[0].size = name->len + 1;
180 args->in_args[0].value = name->name;
181 args->out_numargs = 1;
182 args->out_args[0].size = sizeof(struct fuse_entry_out);
183 args->out_args[0].value = outarg;
184 }
185
186 /*
187 * Check whether the dentry is still valid
188 *
189 * If the entry validity timeout has expired and the dentry is
190 * positive, try to redo the lookup. If the lookup results in a
191 * different inode, then let the VFS invalidate the dentry and redo
192 * the lookup once more. If the lookup results in the same inode,
193 * then refresh the attributes, timeouts and mark the dentry valid.
194 */
195 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
196 {
197 struct inode *inode;
198 struct dentry *parent;
199 struct fuse_conn *fc;
200 struct fuse_inode *fi;
201 int ret;
202
203 inode = d_inode_rcu(entry);
204 if (inode && fuse_is_bad(inode))
205 goto invalid;
206 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
207 (flags & LOOKUP_REVAL)) {
208 struct fuse_entry_out outarg;
209 FUSE_ARGS(args);
210 struct fuse_forget_link *forget;
211 u64 attr_version;
212
213 /* For negative dentries, always do a fresh lookup */
214 if (!inode)
215 goto invalid;
216
217 ret = -ECHILD;
218 if (flags & LOOKUP_RCU)
219 goto out;
220
221 fc = get_fuse_conn(inode);
222
223 forget = fuse_alloc_forget();
224 ret = -ENOMEM;
225 if (!forget)
226 goto out;
227
228 attr_version = fuse_get_attr_version(fc);
229
230 parent = dget_parent(entry);
231 fuse_lookup_init(fc, &args, get_node_id(d_inode(parent)),
232 &entry->d_name, &outarg);
233 ret = fuse_simple_request(fc, &args);
234 dput(parent);
235 /* Zero nodeid is same as -ENOENT */
236 if (!ret && !outarg.nodeid)
237 ret = -ENOENT;
238 if (!ret) {
239 fi = get_fuse_inode(inode);
240 if (outarg.nodeid != get_node_id(inode)) {
241 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
242 goto invalid;
243 }
244 spin_lock(&fi->lock);
245 fi->nlookup++;
246 spin_unlock(&fi->lock);
247 }
248 kfree(forget);
249 if (ret == -ENOMEM)
250 goto out;
251 if (ret || fuse_invalid_attr(&outarg.attr) ||
252 (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
253 goto invalid;
254
255 forget_all_cached_acls(inode);
256 fuse_change_attributes(inode, &outarg.attr,
257 entry_attr_timeout(&outarg),
258 attr_version);
259 fuse_change_entry_timeout(entry, &outarg);
260 } else if (inode) {
261 fi = get_fuse_inode(inode);
262 if (flags & LOOKUP_RCU) {
263 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
264 return -ECHILD;
265 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
266 parent = dget_parent(entry);
267 fuse_advise_use_readdirplus(d_inode(parent));
268 dput(parent);
269 }
270 }
271 ret = 1;
272 out:
273 return ret;
274
275 invalid:
276 ret = 0;
277 goto out;
278 }
279
280 #if BITS_PER_LONG < 64
281 static int fuse_dentry_init(struct dentry *dentry)
282 {
283 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
284 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
285
286 return dentry->d_fsdata ? 0 : -ENOMEM;
287 }
288 static void fuse_dentry_release(struct dentry *dentry)
289 {
290 union fuse_dentry *fd = dentry->d_fsdata;
291
292 kfree_rcu(fd, rcu);
293 }
294 #endif
295
296 static int fuse_dentry_delete(const struct dentry *dentry)
297 {
298 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
299 }
300
301 const struct dentry_operations fuse_dentry_operations = {
302 .d_revalidate = fuse_dentry_revalidate,
303 .d_delete = fuse_dentry_delete,
304 #if BITS_PER_LONG < 64
305 .d_init = fuse_dentry_init,
306 .d_release = fuse_dentry_release,
307 #endif
308 };
309
310 const struct dentry_operations fuse_root_dentry_operations = {
311 #if BITS_PER_LONG < 64
312 .d_init = fuse_dentry_init,
313 .d_release = fuse_dentry_release,
314 #endif
315 };
316
317 int fuse_valid_type(int m)
318 {
319 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
320 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
321 }
322
323 bool fuse_invalid_attr(struct fuse_attr *attr)
324 {
325 return !fuse_valid_type(attr->mode) ||
326 attr->size > LLONG_MAX;
327 }
328
329 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
330 struct fuse_entry_out *outarg, struct inode **inode)
331 {
332 struct fuse_conn *fc = get_fuse_conn_super(sb);
333 FUSE_ARGS(args);
334 struct fuse_forget_link *forget;
335 u64 attr_version;
336 int err;
337
338 *inode = NULL;
339 err = -ENAMETOOLONG;
340 if (name->len > FUSE_NAME_MAX)
341 goto out;
342
343
344 forget = fuse_alloc_forget();
345 err = -ENOMEM;
346 if (!forget)
347 goto out;
348
349 attr_version = fuse_get_attr_version(fc);
350
351 fuse_lookup_init(fc, &args, nodeid, name, outarg);
352 err = fuse_simple_request(fc, &args);
353 /* Zero nodeid is same as -ENOENT, but with valid timeout */
354 if (err || !outarg->nodeid)
355 goto out_put_forget;
356
357 err = -EIO;
358 if (!outarg->nodeid)
359 goto out_put_forget;
360 if (fuse_invalid_attr(&outarg->attr))
361 goto out_put_forget;
362
363 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
364 &outarg->attr, entry_attr_timeout(outarg),
365 attr_version);
366 err = -ENOMEM;
367 if (!*inode) {
368 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
369 goto out;
370 }
371 err = 0;
372
373 out_put_forget:
374 kfree(forget);
375 out:
376 return err;
377 }
378
379 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
380 unsigned int flags)
381 {
382 int err;
383 struct fuse_entry_out outarg;
384 struct inode *inode;
385 struct dentry *newent;
386 bool outarg_valid = true;
387 bool locked;
388
389 if (fuse_is_bad(dir))
390 return ERR_PTR(-EIO);
391
392 locked = fuse_lock_inode(dir);
393 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
394 &outarg, &inode);
395 fuse_unlock_inode(dir, locked);
396 if (err == -ENOENT) {
397 outarg_valid = false;
398 err = 0;
399 }
400 if (err)
401 goto out_err;
402
403 err = -EIO;
404 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
405 goto out_iput;
406
407 newent = d_splice_alias(inode, entry);
408 err = PTR_ERR(newent);
409 if (IS_ERR(newent))
410 goto out_err;
411
412 entry = newent ? newent : entry;
413 if (outarg_valid)
414 fuse_change_entry_timeout(entry, &outarg);
415 else
416 fuse_invalidate_entry_cache(entry);
417
418 if (inode)
419 fuse_advise_use_readdirplus(dir);
420 return newent;
421
422 out_iput:
423 iput(inode);
424 out_err:
425 return ERR_PTR(err);
426 }
427
428 /*
429 * Atomic create+open operation
430 *
431 * If the filesystem doesn't support this, then fall back to separate
432 * 'mknod' + 'open' requests.
433 */
434 static int fuse_create_open(struct inode *dir, struct dentry *entry,
435 struct file *file, unsigned flags,
436 umode_t mode)
437 {
438 int err;
439 struct inode *inode;
440 struct fuse_conn *fc = get_fuse_conn(dir);
441 FUSE_ARGS(args);
442 struct fuse_forget_link *forget;
443 struct fuse_create_in inarg;
444 struct fuse_open_out outopen;
445 struct fuse_entry_out outentry;
446 struct fuse_inode *fi;
447 struct fuse_file *ff;
448
449 /* Userspace expects S_IFREG in create mode */
450 BUG_ON((mode & S_IFMT) != S_IFREG);
451
452 forget = fuse_alloc_forget();
453 err = -ENOMEM;
454 if (!forget)
455 goto out_err;
456
457 err = -ENOMEM;
458 ff = fuse_file_alloc(fc);
459 if (!ff)
460 goto out_put_forget_req;
461
462 if (!fc->dont_mask)
463 mode &= ~current_umask();
464
465 flags &= ~O_NOCTTY;
466 memset(&inarg, 0, sizeof(inarg));
467 memset(&outentry, 0, sizeof(outentry));
468 inarg.flags = flags;
469 inarg.mode = mode;
470 inarg.umask = current_umask();
471 args.opcode = FUSE_CREATE;
472 args.nodeid = get_node_id(dir);
473 args.in_numargs = 2;
474 args.in_args[0].size = sizeof(inarg);
475 args.in_args[0].value = &inarg;
476 args.in_args[1].size = entry->d_name.len + 1;
477 args.in_args[1].value = entry->d_name.name;
478 args.out_numargs = 2;
479 args.out_args[0].size = sizeof(outentry);
480 args.out_args[0].value = &outentry;
481 args.out_args[1].size = sizeof(outopen);
482 args.out_args[1].value = &outopen;
483 err = fuse_simple_request(fc, &args);
484 if (err)
485 goto out_free_ff;
486
487 err = -EIO;
488 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
489 fuse_invalid_attr(&outentry.attr))
490 goto out_free_ff;
491
492 ff->fh = outopen.fh;
493 ff->nodeid = outentry.nodeid;
494 ff->open_flags = outopen.open_flags;
495 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
496 &outentry.attr, entry_attr_timeout(&outentry), 0);
497 if (!inode) {
498 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
499 fuse_sync_release(NULL, ff, flags);
500 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
501 err = -ENOMEM;
502 goto out_err;
503 }
504 kfree(forget);
505 d_instantiate(entry, inode);
506 fuse_change_entry_timeout(entry, &outentry);
507 fuse_dir_changed(dir);
508 err = finish_open(file, entry, generic_file_open);
509 if (err) {
510 fi = get_fuse_inode(inode);
511 fuse_sync_release(fi, ff, flags);
512 } else {
513 file->private_data = ff;
514 fuse_finish_open(inode, file);
515 }
516 return err;
517
518 out_free_ff:
519 fuse_file_free(ff);
520 out_put_forget_req:
521 kfree(forget);
522 out_err:
523 return err;
524 }
525
526 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
527 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
528 struct file *file, unsigned flags,
529 umode_t mode)
530 {
531 int err;
532 struct fuse_conn *fc = get_fuse_conn(dir);
533 struct dentry *res = NULL;
534
535 if (fuse_is_bad(dir))
536 return -EIO;
537
538 if (d_in_lookup(entry)) {
539 res = fuse_lookup(dir, entry, 0);
540 if (IS_ERR(res))
541 return PTR_ERR(res);
542
543 if (res)
544 entry = res;
545 }
546
547 if (!(flags & O_CREAT) || d_really_is_positive(entry))
548 goto no_open;
549
550 /* Only creates */
551 file->f_mode |= FMODE_CREATED;
552
553 if (fc->no_create)
554 goto mknod;
555
556 err = fuse_create_open(dir, entry, file, flags, mode);
557 if (err == -ENOSYS) {
558 fc->no_create = 1;
559 goto mknod;
560 }
561 out_dput:
562 dput(res);
563 return err;
564
565 mknod:
566 err = fuse_mknod(dir, entry, mode, 0);
567 if (err)
568 goto out_dput;
569 no_open:
570 return finish_no_open(file, res);
571 }
572
573 /*
574 * Code shared between mknod, mkdir, symlink and link
575 */
576 static int create_new_entry(struct fuse_conn *fc, struct fuse_args *args,
577 struct inode *dir, struct dentry *entry,
578 umode_t mode)
579 {
580 struct fuse_entry_out outarg;
581 struct inode *inode;
582 struct dentry *d;
583 int err;
584 struct fuse_forget_link *forget;
585
586 if (fuse_is_bad(dir))
587 return -EIO;
588
589 forget = fuse_alloc_forget();
590 if (!forget)
591 return -ENOMEM;
592
593 memset(&outarg, 0, sizeof(outarg));
594 args->nodeid = get_node_id(dir);
595 args->out_numargs = 1;
596 args->out_args[0].size = sizeof(outarg);
597 args->out_args[0].value = &outarg;
598 err = fuse_simple_request(fc, args);
599 if (err)
600 goto out_put_forget_req;
601
602 err = -EIO;
603 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
604 goto out_put_forget_req;
605
606 if ((outarg.attr.mode ^ mode) & S_IFMT)
607 goto out_put_forget_req;
608
609 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
610 &outarg.attr, entry_attr_timeout(&outarg), 0);
611 if (!inode) {
612 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
613 return -ENOMEM;
614 }
615 kfree(forget);
616
617 d_drop(entry);
618 d = d_splice_alias(inode, entry);
619 if (IS_ERR(d))
620 return PTR_ERR(d);
621
622 if (d) {
623 fuse_change_entry_timeout(d, &outarg);
624 dput(d);
625 } else {
626 fuse_change_entry_timeout(entry, &outarg);
627 }
628 fuse_dir_changed(dir);
629 return 0;
630
631 out_put_forget_req:
632 kfree(forget);
633 return err;
634 }
635
636 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
637 dev_t rdev)
638 {
639 struct fuse_mknod_in inarg;
640 struct fuse_conn *fc = get_fuse_conn(dir);
641 FUSE_ARGS(args);
642
643 if (!fc->dont_mask)
644 mode &= ~current_umask();
645
646 memset(&inarg, 0, sizeof(inarg));
647 inarg.mode = mode;
648 inarg.rdev = new_encode_dev(rdev);
649 inarg.umask = current_umask();
650 args.opcode = FUSE_MKNOD;
651 args.in_numargs = 2;
652 args.in_args[0].size = sizeof(inarg);
653 args.in_args[0].value = &inarg;
654 args.in_args[1].size = entry->d_name.len + 1;
655 args.in_args[1].value = entry->d_name.name;
656 return create_new_entry(fc, &args, dir, entry, mode);
657 }
658
659 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
660 bool excl)
661 {
662 return fuse_mknod(dir, entry, mode, 0);
663 }
664
665 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
666 {
667 struct fuse_mkdir_in inarg;
668 struct fuse_conn *fc = get_fuse_conn(dir);
669 FUSE_ARGS(args);
670
671 if (!fc->dont_mask)
672 mode &= ~current_umask();
673
674 memset(&inarg, 0, sizeof(inarg));
675 inarg.mode = mode;
676 inarg.umask = current_umask();
677 args.opcode = FUSE_MKDIR;
678 args.in_numargs = 2;
679 args.in_args[0].size = sizeof(inarg);
680 args.in_args[0].value = &inarg;
681 args.in_args[1].size = entry->d_name.len + 1;
682 args.in_args[1].value = entry->d_name.name;
683 return create_new_entry(fc, &args, dir, entry, S_IFDIR);
684 }
685
686 static int fuse_symlink(struct inode *dir, struct dentry *entry,
687 const char *link)
688 {
689 struct fuse_conn *fc = get_fuse_conn(dir);
690 unsigned len = strlen(link) + 1;
691 FUSE_ARGS(args);
692
693 args.opcode = FUSE_SYMLINK;
694 args.in_numargs = 2;
695 args.in_args[0].size = entry->d_name.len + 1;
696 args.in_args[0].value = entry->d_name.name;
697 args.in_args[1].size = len;
698 args.in_args[1].value = link;
699 return create_new_entry(fc, &args, dir, entry, S_IFLNK);
700 }
701
702 void fuse_update_ctime(struct inode *inode)
703 {
704 if (!IS_NOCMTIME(inode)) {
705 inode->i_ctime = current_time(inode);
706 mark_inode_dirty_sync(inode);
707 }
708 }
709
710 static int fuse_unlink(struct inode *dir, struct dentry *entry)
711 {
712 int err;
713 struct fuse_conn *fc = get_fuse_conn(dir);
714 FUSE_ARGS(args);
715
716 if (fuse_is_bad(dir))
717 return -EIO;
718
719 args.opcode = FUSE_UNLINK;
720 args.nodeid = get_node_id(dir);
721 args.in_numargs = 1;
722 args.in_args[0].size = entry->d_name.len + 1;
723 args.in_args[0].value = entry->d_name.name;
724 err = fuse_simple_request(fc, &args);
725 if (!err) {
726 struct inode *inode = d_inode(entry);
727 struct fuse_inode *fi = get_fuse_inode(inode);
728
729 spin_lock(&fi->lock);
730 fi->attr_version = atomic64_inc_return(&fc->attr_version);
731 /*
732 * If i_nlink == 0 then unlink doesn't make sense, yet this can
733 * happen if userspace filesystem is careless. It would be
734 * difficult to enforce correct nlink usage so just ignore this
735 * condition here
736 */
737 if (inode->i_nlink > 0)
738 drop_nlink(inode);
739 spin_unlock(&fi->lock);
740 fuse_invalidate_attr(inode);
741 fuse_dir_changed(dir);
742 fuse_invalidate_entry_cache(entry);
743 fuse_update_ctime(inode);
744 } else if (err == -EINTR)
745 fuse_invalidate_entry(entry);
746 return err;
747 }
748
749 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
750 {
751 int err;
752 struct fuse_conn *fc = get_fuse_conn(dir);
753 FUSE_ARGS(args);
754
755 if (fuse_is_bad(dir))
756 return -EIO;
757
758 args.opcode = FUSE_RMDIR;
759 args.nodeid = get_node_id(dir);
760 args.in_numargs = 1;
761 args.in_args[0].size = entry->d_name.len + 1;
762 args.in_args[0].value = entry->d_name.name;
763 err = fuse_simple_request(fc, &args);
764 if (!err) {
765 clear_nlink(d_inode(entry));
766 fuse_dir_changed(dir);
767 fuse_invalidate_entry_cache(entry);
768 } else if (err == -EINTR)
769 fuse_invalidate_entry(entry);
770 return err;
771 }
772
773 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
774 struct inode *newdir, struct dentry *newent,
775 unsigned int flags, int opcode, size_t argsize)
776 {
777 int err;
778 struct fuse_rename2_in inarg;
779 struct fuse_conn *fc = get_fuse_conn(olddir);
780 FUSE_ARGS(args);
781
782 memset(&inarg, 0, argsize);
783 inarg.newdir = get_node_id(newdir);
784 inarg.flags = flags;
785 args.opcode = opcode;
786 args.nodeid = get_node_id(olddir);
787 args.in_numargs = 3;
788 args.in_args[0].size = argsize;
789 args.in_args[0].value = &inarg;
790 args.in_args[1].size = oldent->d_name.len + 1;
791 args.in_args[1].value = oldent->d_name.name;
792 args.in_args[2].size = newent->d_name.len + 1;
793 args.in_args[2].value = newent->d_name.name;
794 err = fuse_simple_request(fc, &args);
795 if (!err) {
796 /* ctime changes */
797 fuse_invalidate_attr(d_inode(oldent));
798 fuse_update_ctime(d_inode(oldent));
799
800 if (flags & RENAME_EXCHANGE) {
801 fuse_invalidate_attr(d_inode(newent));
802 fuse_update_ctime(d_inode(newent));
803 }
804
805 fuse_dir_changed(olddir);
806 if (olddir != newdir)
807 fuse_dir_changed(newdir);
808
809 /* newent will end up negative */
810 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
811 fuse_invalidate_attr(d_inode(newent));
812 fuse_invalidate_entry_cache(newent);
813 fuse_update_ctime(d_inode(newent));
814 }
815 } else if (err == -EINTR) {
816 /* If request was interrupted, DEITY only knows if the
817 rename actually took place. If the invalidation
818 fails (e.g. some process has CWD under the renamed
819 directory), then there can be inconsistency between
820 the dcache and the real filesystem. Tough luck. */
821 fuse_invalidate_entry(oldent);
822 if (d_really_is_positive(newent))
823 fuse_invalidate_entry(newent);
824 }
825
826 return err;
827 }
828
829 static int fuse_rename2(struct inode *olddir, struct dentry *oldent,
830 struct inode *newdir, struct dentry *newent,
831 unsigned int flags)
832 {
833 struct fuse_conn *fc = get_fuse_conn(olddir);
834 int err;
835
836 if (fuse_is_bad(olddir))
837 return -EIO;
838
839 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
840 return -EINVAL;
841
842 if (flags) {
843 if (fc->no_rename2 || fc->minor < 23)
844 return -EINVAL;
845
846 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
847 FUSE_RENAME2,
848 sizeof(struct fuse_rename2_in));
849 if (err == -ENOSYS) {
850 fc->no_rename2 = 1;
851 err = -EINVAL;
852 }
853 } else {
854 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
855 FUSE_RENAME,
856 sizeof(struct fuse_rename_in));
857 }
858
859 return err;
860 }
861
862 static int fuse_link(struct dentry *entry, struct inode *newdir,
863 struct dentry *newent)
864 {
865 int err;
866 struct fuse_link_in inarg;
867 struct inode *inode = d_inode(entry);
868 struct fuse_conn *fc = get_fuse_conn(inode);
869 FUSE_ARGS(args);
870
871 memset(&inarg, 0, sizeof(inarg));
872 inarg.oldnodeid = get_node_id(inode);
873 args.opcode = FUSE_LINK;
874 args.in_numargs = 2;
875 args.in_args[0].size = sizeof(inarg);
876 args.in_args[0].value = &inarg;
877 args.in_args[1].size = newent->d_name.len + 1;
878 args.in_args[1].value = newent->d_name.name;
879 err = create_new_entry(fc, &args, newdir, newent, inode->i_mode);
880 /* Contrary to "normal" filesystems it can happen that link
881 makes two "logical" inodes point to the same "physical"
882 inode. We invalidate the attributes of the old one, so it
883 will reflect changes in the backing inode (link count,
884 etc.)
885 */
886 if (!err) {
887 struct fuse_inode *fi = get_fuse_inode(inode);
888
889 spin_lock(&fi->lock);
890 fi->attr_version = atomic64_inc_return(&fc->attr_version);
891 if (likely(inode->i_nlink < UINT_MAX))
892 inc_nlink(inode);
893 spin_unlock(&fi->lock);
894 fuse_invalidate_attr(inode);
895 fuse_update_ctime(inode);
896 } else if (err == -EINTR) {
897 fuse_invalidate_attr(inode);
898 }
899 return err;
900 }
901
902 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
903 struct kstat *stat)
904 {
905 unsigned int blkbits;
906 struct fuse_conn *fc = get_fuse_conn(inode);
907
908 /* see the comment in fuse_change_attributes() */
909 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
910 attr->size = i_size_read(inode);
911 attr->mtime = inode->i_mtime.tv_sec;
912 attr->mtimensec = inode->i_mtime.tv_nsec;
913 attr->ctime = inode->i_ctime.tv_sec;
914 attr->ctimensec = inode->i_ctime.tv_nsec;
915 }
916
917 stat->dev = inode->i_sb->s_dev;
918 stat->ino = attr->ino;
919 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
920 stat->nlink = attr->nlink;
921 stat->uid = make_kuid(fc->user_ns, attr->uid);
922 stat->gid = make_kgid(fc->user_ns, attr->gid);
923 stat->rdev = inode->i_rdev;
924 stat->atime.tv_sec = attr->atime;
925 stat->atime.tv_nsec = attr->atimensec;
926 stat->mtime.tv_sec = attr->mtime;
927 stat->mtime.tv_nsec = attr->mtimensec;
928 stat->ctime.tv_sec = attr->ctime;
929 stat->ctime.tv_nsec = attr->ctimensec;
930 stat->size = attr->size;
931 stat->blocks = attr->blocks;
932
933 if (attr->blksize != 0)
934 blkbits = ilog2(attr->blksize);
935 else
936 blkbits = inode->i_sb->s_blocksize_bits;
937
938 stat->blksize = 1 << blkbits;
939 }
940
941 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
942 struct file *file)
943 {
944 int err;
945 struct fuse_getattr_in inarg;
946 struct fuse_attr_out outarg;
947 struct fuse_conn *fc = get_fuse_conn(inode);
948 FUSE_ARGS(args);
949 u64 attr_version;
950
951 attr_version = fuse_get_attr_version(fc);
952
953 memset(&inarg, 0, sizeof(inarg));
954 memset(&outarg, 0, sizeof(outarg));
955 /* Directories have separate file-handle space */
956 if (file && S_ISREG(inode->i_mode)) {
957 struct fuse_file *ff = file->private_data;
958
959 inarg.getattr_flags |= FUSE_GETATTR_FH;
960 inarg.fh = ff->fh;
961 }
962 args.opcode = FUSE_GETATTR;
963 args.nodeid = get_node_id(inode);
964 args.in_numargs = 1;
965 args.in_args[0].size = sizeof(inarg);
966 args.in_args[0].value = &inarg;
967 args.out_numargs = 1;
968 args.out_args[0].size = sizeof(outarg);
969 args.out_args[0].value = &outarg;
970 err = fuse_simple_request(fc, &args);
971 if (!err) {
972 if (fuse_invalid_attr(&outarg.attr) ||
973 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
974 fuse_make_bad(inode);
975 err = -EIO;
976 } else {
977 fuse_change_attributes(inode, &outarg.attr,
978 attr_timeout(&outarg),
979 attr_version);
980 if (stat)
981 fuse_fillattr(inode, &outarg.attr, stat);
982 }
983 }
984 return err;
985 }
986
987 static int fuse_update_get_attr(struct inode *inode, struct file *file,
988 struct kstat *stat, u32 request_mask,
989 unsigned int flags)
990 {
991 struct fuse_inode *fi = get_fuse_inode(inode);
992 int err = 0;
993 bool sync;
994
995 if (flags & AT_STATX_FORCE_SYNC)
996 sync = true;
997 else if (flags & AT_STATX_DONT_SYNC)
998 sync = false;
999 else if (request_mask & READ_ONCE(fi->inval_mask))
1000 sync = true;
1001 else
1002 sync = time_before64(fi->i_time, get_jiffies_64());
1003
1004 if (sync) {
1005 forget_all_cached_acls(inode);
1006 err = fuse_do_getattr(inode, stat, file);
1007 } else if (stat) {
1008 generic_fillattr(inode, stat);
1009 stat->mode = fi->orig_i_mode;
1010 stat->ino = fi->orig_ino;
1011 }
1012
1013 return err;
1014 }
1015
1016 int fuse_update_attributes(struct inode *inode, struct file *file)
1017 {
1018 /* Do *not* need to get atime for internal purposes */
1019 return fuse_update_get_attr(inode, file, NULL,
1020 STATX_BASIC_STATS & ~STATX_ATIME, 0);
1021 }
1022
1023 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
1024 u64 child_nodeid, struct qstr *name)
1025 {
1026 int err = -ENOTDIR;
1027 struct inode *parent;
1028 struct dentry *dir;
1029 struct dentry *entry;
1030
1031 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
1032 if (!parent)
1033 return -ENOENT;
1034
1035 inode_lock_nested(parent, I_MUTEX_PARENT);
1036 if (!S_ISDIR(parent->i_mode))
1037 goto unlock;
1038
1039 err = -ENOENT;
1040 dir = d_find_alias(parent);
1041 if (!dir)
1042 goto unlock;
1043
1044 name->hash = full_name_hash(dir, name->name, name->len);
1045 entry = d_lookup(dir, name);
1046 dput(dir);
1047 if (!entry)
1048 goto unlock;
1049
1050 fuse_dir_changed(parent);
1051 fuse_invalidate_entry(entry);
1052
1053 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1054 inode_lock(d_inode(entry));
1055 if (get_node_id(d_inode(entry)) != child_nodeid) {
1056 err = -ENOENT;
1057 goto badentry;
1058 }
1059 if (d_mountpoint(entry)) {
1060 err = -EBUSY;
1061 goto badentry;
1062 }
1063 if (d_is_dir(entry)) {
1064 shrink_dcache_parent(entry);
1065 if (!simple_empty(entry)) {
1066 err = -ENOTEMPTY;
1067 goto badentry;
1068 }
1069 d_inode(entry)->i_flags |= S_DEAD;
1070 }
1071 dont_mount(entry);
1072 clear_nlink(d_inode(entry));
1073 err = 0;
1074 badentry:
1075 inode_unlock(d_inode(entry));
1076 if (!err)
1077 d_delete(entry);
1078 } else {
1079 err = 0;
1080 }
1081 dput(entry);
1082
1083 unlock:
1084 inode_unlock(parent);
1085 iput(parent);
1086 return err;
1087 }
1088
1089 /*
1090 * Calling into a user-controlled filesystem gives the filesystem
1091 * daemon ptrace-like capabilities over the current process. This
1092 * means, that the filesystem daemon is able to record the exact
1093 * filesystem operations performed, and can also control the behavior
1094 * of the requester process in otherwise impossible ways. For example
1095 * it can delay the operation for arbitrary length of time allowing
1096 * DoS against the requester.
1097 *
1098 * For this reason only those processes can call into the filesystem,
1099 * for which the owner of the mount has ptrace privilege. This
1100 * excludes processes started by other users, suid or sgid processes.
1101 */
1102 int fuse_allow_current_process(struct fuse_conn *fc)
1103 {
1104 const struct cred *cred;
1105
1106 if (fc->allow_other)
1107 return current_in_userns(fc->user_ns);
1108
1109 cred = current_cred();
1110 if (uid_eq(cred->euid, fc->user_id) &&
1111 uid_eq(cred->suid, fc->user_id) &&
1112 uid_eq(cred->uid, fc->user_id) &&
1113 gid_eq(cred->egid, fc->group_id) &&
1114 gid_eq(cred->sgid, fc->group_id) &&
1115 gid_eq(cred->gid, fc->group_id))
1116 return 1;
1117
1118 return 0;
1119 }
1120
1121 static int fuse_access(struct inode *inode, int mask)
1122 {
1123 struct fuse_conn *fc = get_fuse_conn(inode);
1124 FUSE_ARGS(args);
1125 struct fuse_access_in inarg;
1126 int err;
1127
1128 BUG_ON(mask & MAY_NOT_BLOCK);
1129
1130 if (fc->no_access)
1131 return 0;
1132
1133 memset(&inarg, 0, sizeof(inarg));
1134 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1135 args.opcode = FUSE_ACCESS;
1136 args.nodeid = get_node_id(inode);
1137 args.in_numargs = 1;
1138 args.in_args[0].size = sizeof(inarg);
1139 args.in_args[0].value = &inarg;
1140 err = fuse_simple_request(fc, &args);
1141 if (err == -ENOSYS) {
1142 fc->no_access = 1;
1143 err = 0;
1144 }
1145 return err;
1146 }
1147
1148 static int fuse_perm_getattr(struct inode *inode, int mask)
1149 {
1150 if (mask & MAY_NOT_BLOCK)
1151 return -ECHILD;
1152
1153 forget_all_cached_acls(inode);
1154 return fuse_do_getattr(inode, NULL, NULL);
1155 }
1156
1157 /*
1158 * Check permission. The two basic access models of FUSE are:
1159 *
1160 * 1) Local access checking ('default_permissions' mount option) based
1161 * on file mode. This is the plain old disk filesystem permission
1162 * modell.
1163 *
1164 * 2) "Remote" access checking, where server is responsible for
1165 * checking permission in each inode operation. An exception to this
1166 * is if ->permission() was invoked from sys_access() in which case an
1167 * access request is sent. Execute permission is still checked
1168 * locally based on file mode.
1169 */
1170 static int fuse_permission(struct inode *inode, int mask)
1171 {
1172 struct fuse_conn *fc = get_fuse_conn(inode);
1173 bool refreshed = false;
1174 int err = 0;
1175
1176 if (fuse_is_bad(inode))
1177 return -EIO;
1178
1179 if (!fuse_allow_current_process(fc))
1180 return -EACCES;
1181
1182 /*
1183 * If attributes are needed, refresh them before proceeding
1184 */
1185 if (fc->default_permissions ||
1186 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1187 struct fuse_inode *fi = get_fuse_inode(inode);
1188 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1189
1190 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1191 time_before64(fi->i_time, get_jiffies_64())) {
1192 refreshed = true;
1193
1194 err = fuse_perm_getattr(inode, mask);
1195 if (err)
1196 return err;
1197 }
1198 }
1199
1200 if (fc->default_permissions) {
1201 err = generic_permission(inode, mask);
1202
1203 /* If permission is denied, try to refresh file
1204 attributes. This is also needed, because the root
1205 node will at first have no permissions */
1206 if (err == -EACCES && !refreshed) {
1207 err = fuse_perm_getattr(inode, mask);
1208 if (!err)
1209 err = generic_permission(inode, mask);
1210 }
1211
1212 /* Note: the opposite of the above test does not
1213 exist. So if permissions are revoked this won't be
1214 noticed immediately, only after the attribute
1215 timeout has expired */
1216 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1217 err = fuse_access(inode, mask);
1218 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1219 if (!(inode->i_mode & S_IXUGO)) {
1220 if (refreshed)
1221 return -EACCES;
1222
1223 err = fuse_perm_getattr(inode, mask);
1224 if (!err && !(inode->i_mode & S_IXUGO))
1225 return -EACCES;
1226 }
1227 }
1228 return err;
1229 }
1230
1231 static int fuse_readlink_page(struct inode *inode, struct page *page)
1232 {
1233 struct fuse_conn *fc = get_fuse_conn(inode);
1234 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1235 struct fuse_args_pages ap = {
1236 .num_pages = 1,
1237 .pages = &page,
1238 .descs = &desc,
1239 };
1240 char *link;
1241 ssize_t res;
1242
1243 ap.args.opcode = FUSE_READLINK;
1244 ap.args.nodeid = get_node_id(inode);
1245 ap.args.out_pages = true;
1246 ap.args.out_argvar = true;
1247 ap.args.page_zeroing = true;
1248 ap.args.out_numargs = 1;
1249 ap.args.out_args[0].size = desc.length;
1250 res = fuse_simple_request(fc, &ap.args);
1251
1252 fuse_invalidate_atime(inode);
1253
1254 if (res < 0)
1255 return res;
1256
1257 if (WARN_ON(res >= PAGE_SIZE))
1258 return -EIO;
1259
1260 link = page_address(page);
1261 link[res] = '\0';
1262
1263 return 0;
1264 }
1265
1266 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1267 struct delayed_call *callback)
1268 {
1269 struct fuse_conn *fc = get_fuse_conn(inode);
1270 struct page *page;
1271 int err;
1272
1273 err = -EIO;
1274 if (fuse_is_bad(inode))
1275 goto out_err;
1276
1277 if (fc->cache_symlinks)
1278 return page_get_link(dentry, inode, callback);
1279
1280 err = -ECHILD;
1281 if (!dentry)
1282 goto out_err;
1283
1284 page = alloc_page(GFP_KERNEL);
1285 err = -ENOMEM;
1286 if (!page)
1287 goto out_err;
1288
1289 err = fuse_readlink_page(inode, page);
1290 if (err) {
1291 __free_page(page);
1292 goto out_err;
1293 }
1294
1295 set_delayed_call(callback, page_put_link, page);
1296
1297 return page_address(page);
1298
1299 out_err:
1300 return ERR_PTR(err);
1301 }
1302
1303 static int fuse_dir_open(struct inode *inode, struct file *file)
1304 {
1305 return fuse_open_common(inode, file, true);
1306 }
1307
1308 static int fuse_dir_release(struct inode *inode, struct file *file)
1309 {
1310 fuse_release_common(file, true);
1311
1312 return 0;
1313 }
1314
1315 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1316 int datasync)
1317 {
1318 struct inode *inode = file->f_mapping->host;
1319 struct fuse_conn *fc = get_fuse_conn(inode);
1320 int err;
1321
1322 if (fuse_is_bad(inode))
1323 return -EIO;
1324
1325 if (fc->no_fsyncdir)
1326 return 0;
1327
1328 inode_lock(inode);
1329 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1330 if (err == -ENOSYS) {
1331 fc->no_fsyncdir = 1;
1332 err = 0;
1333 }
1334 inode_unlock(inode);
1335
1336 return err;
1337 }
1338
1339 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1340 unsigned long arg)
1341 {
1342 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1343
1344 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1345 if (fc->minor < 18)
1346 return -ENOTTY;
1347
1348 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1349 }
1350
1351 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1352 unsigned long arg)
1353 {
1354 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1355
1356 if (fc->minor < 18)
1357 return -ENOTTY;
1358
1359 return fuse_ioctl_common(file, cmd, arg,
1360 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1361 }
1362
1363 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1364 {
1365 /* Always update if mtime is explicitly set */
1366 if (ivalid & ATTR_MTIME_SET)
1367 return true;
1368
1369 /* Or if kernel i_mtime is the official one */
1370 if (trust_local_mtime)
1371 return true;
1372
1373 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1374 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1375 return false;
1376
1377 /* In all other cases update */
1378 return true;
1379 }
1380
1381 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1382 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1383 {
1384 unsigned ivalid = iattr->ia_valid;
1385
1386 if (ivalid & ATTR_MODE)
1387 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1388 if (ivalid & ATTR_UID)
1389 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1390 if (ivalid & ATTR_GID)
1391 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1392 if (ivalid & ATTR_SIZE)
1393 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1394 if (ivalid & ATTR_ATIME) {
1395 arg->valid |= FATTR_ATIME;
1396 arg->atime = iattr->ia_atime.tv_sec;
1397 arg->atimensec = iattr->ia_atime.tv_nsec;
1398 if (!(ivalid & ATTR_ATIME_SET))
1399 arg->valid |= FATTR_ATIME_NOW;
1400 }
1401 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1402 arg->valid |= FATTR_MTIME;
1403 arg->mtime = iattr->ia_mtime.tv_sec;
1404 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1405 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1406 arg->valid |= FATTR_MTIME_NOW;
1407 }
1408 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1409 arg->valid |= FATTR_CTIME;
1410 arg->ctime = iattr->ia_ctime.tv_sec;
1411 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1412 }
1413 }
1414
1415 /*
1416 * Prevent concurrent writepages on inode
1417 *
1418 * This is done by adding a negative bias to the inode write counter
1419 * and waiting for all pending writes to finish.
1420 */
1421 void fuse_set_nowrite(struct inode *inode)
1422 {
1423 struct fuse_inode *fi = get_fuse_inode(inode);
1424
1425 BUG_ON(!inode_is_locked(inode));
1426
1427 spin_lock(&fi->lock);
1428 BUG_ON(fi->writectr < 0);
1429 fi->writectr += FUSE_NOWRITE;
1430 spin_unlock(&fi->lock);
1431 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1432 }
1433
1434 /*
1435 * Allow writepages on inode
1436 *
1437 * Remove the bias from the writecounter and send any queued
1438 * writepages.
1439 */
1440 static void __fuse_release_nowrite(struct inode *inode)
1441 {
1442 struct fuse_inode *fi = get_fuse_inode(inode);
1443
1444 BUG_ON(fi->writectr != FUSE_NOWRITE);
1445 fi->writectr = 0;
1446 fuse_flush_writepages(inode);
1447 }
1448
1449 void fuse_release_nowrite(struct inode *inode)
1450 {
1451 struct fuse_inode *fi = get_fuse_inode(inode);
1452
1453 spin_lock(&fi->lock);
1454 __fuse_release_nowrite(inode);
1455 spin_unlock(&fi->lock);
1456 }
1457
1458 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1459 struct inode *inode,
1460 struct fuse_setattr_in *inarg_p,
1461 struct fuse_attr_out *outarg_p)
1462 {
1463 args->opcode = FUSE_SETATTR;
1464 args->nodeid = get_node_id(inode);
1465 args->in_numargs = 1;
1466 args->in_args[0].size = sizeof(*inarg_p);
1467 args->in_args[0].value = inarg_p;
1468 args->out_numargs = 1;
1469 args->out_args[0].size = sizeof(*outarg_p);
1470 args->out_args[0].value = outarg_p;
1471 }
1472
1473 /*
1474 * Flush inode->i_mtime to the server
1475 */
1476 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1477 {
1478 struct fuse_conn *fc = get_fuse_conn(inode);
1479 FUSE_ARGS(args);
1480 struct fuse_setattr_in inarg;
1481 struct fuse_attr_out outarg;
1482
1483 memset(&inarg, 0, sizeof(inarg));
1484 memset(&outarg, 0, sizeof(outarg));
1485
1486 inarg.valid = FATTR_MTIME;
1487 inarg.mtime = inode->i_mtime.tv_sec;
1488 inarg.mtimensec = inode->i_mtime.tv_nsec;
1489 if (fc->minor >= 23) {
1490 inarg.valid |= FATTR_CTIME;
1491 inarg.ctime = inode->i_ctime.tv_sec;
1492 inarg.ctimensec = inode->i_ctime.tv_nsec;
1493 }
1494 if (ff) {
1495 inarg.valid |= FATTR_FH;
1496 inarg.fh = ff->fh;
1497 }
1498 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1499
1500 return fuse_simple_request(fc, &args);
1501 }
1502
1503 /*
1504 * Set attributes, and at the same time refresh them.
1505 *
1506 * Truncation is slightly complicated, because the 'truncate' request
1507 * may fail, in which case we don't want to touch the mapping.
1508 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1509 * and the actual truncation by hand.
1510 */
1511 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1512 struct file *file)
1513 {
1514 struct inode *inode = d_inode(dentry);
1515 struct fuse_conn *fc = get_fuse_conn(inode);
1516 struct fuse_inode *fi = get_fuse_inode(inode);
1517 FUSE_ARGS(args);
1518 struct fuse_setattr_in inarg;
1519 struct fuse_attr_out outarg;
1520 bool is_truncate = false;
1521 bool is_wb = fc->writeback_cache;
1522 loff_t oldsize;
1523 int err;
1524 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1525
1526 if (!fc->default_permissions)
1527 attr->ia_valid |= ATTR_FORCE;
1528
1529 err = setattr_prepare(dentry, attr);
1530 if (err)
1531 return err;
1532
1533 if (attr->ia_valid & ATTR_OPEN) {
1534 /* This is coming from open(..., ... | O_TRUNC); */
1535 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1536 WARN_ON(attr->ia_size != 0);
1537 if (fc->atomic_o_trunc) {
1538 /*
1539 * No need to send request to userspace, since actual
1540 * truncation has already been done by OPEN. But still
1541 * need to truncate page cache.
1542 */
1543 i_size_write(inode, 0);
1544 truncate_pagecache(inode, 0);
1545 return 0;
1546 }
1547 file = NULL;
1548 }
1549
1550 if (attr->ia_valid & ATTR_SIZE) {
1551 if (WARN_ON(!S_ISREG(inode->i_mode)))
1552 return -EIO;
1553 is_truncate = true;
1554 }
1555
1556 /* Flush dirty data/metadata before non-truncate SETATTR */
1557 if (is_wb && S_ISREG(inode->i_mode) &&
1558 attr->ia_valid &
1559 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1560 ATTR_TIMES_SET)) {
1561 err = write_inode_now(inode, true);
1562 if (err)
1563 return err;
1564
1565 fuse_set_nowrite(inode);
1566 fuse_release_nowrite(inode);
1567 }
1568
1569 if (is_truncate) {
1570 fuse_set_nowrite(inode);
1571 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1572 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1573 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1574 }
1575
1576 memset(&inarg, 0, sizeof(inarg));
1577 memset(&outarg, 0, sizeof(outarg));
1578 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1579 if (file) {
1580 struct fuse_file *ff = file->private_data;
1581 inarg.valid |= FATTR_FH;
1582 inarg.fh = ff->fh;
1583 }
1584 if (attr->ia_valid & ATTR_SIZE) {
1585 /* For mandatory locking in truncate */
1586 inarg.valid |= FATTR_LOCKOWNER;
1587 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1588 }
1589 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1590 err = fuse_simple_request(fc, &args);
1591 if (err) {
1592 if (err == -EINTR)
1593 fuse_invalidate_attr(inode);
1594 goto error;
1595 }
1596
1597 if (fuse_invalid_attr(&outarg.attr) ||
1598 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1599 fuse_make_bad(inode);
1600 err = -EIO;
1601 goto error;
1602 }
1603
1604 spin_lock(&fi->lock);
1605 /* the kernel maintains i_mtime locally */
1606 if (trust_local_cmtime) {
1607 if (attr->ia_valid & ATTR_MTIME)
1608 inode->i_mtime = attr->ia_mtime;
1609 if (attr->ia_valid & ATTR_CTIME)
1610 inode->i_ctime = attr->ia_ctime;
1611 /* FIXME: clear I_DIRTY_SYNC? */
1612 }
1613
1614 fuse_change_attributes_common(inode, &outarg.attr,
1615 attr_timeout(&outarg));
1616 oldsize = inode->i_size;
1617 /* see the comment in fuse_change_attributes() */
1618 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1619 i_size_write(inode, outarg.attr.size);
1620
1621 if (is_truncate) {
1622 /* NOTE: this may release/reacquire fi->lock */
1623 __fuse_release_nowrite(inode);
1624 }
1625 spin_unlock(&fi->lock);
1626
1627 /*
1628 * Only call invalidate_inode_pages2() after removing
1629 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1630 */
1631 if ((is_truncate || !is_wb) &&
1632 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1633 truncate_pagecache(inode, outarg.attr.size);
1634 invalidate_inode_pages2(inode->i_mapping);
1635 }
1636
1637 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1638 return 0;
1639
1640 error:
1641 if (is_truncate)
1642 fuse_release_nowrite(inode);
1643
1644 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1645 return err;
1646 }
1647
1648 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1649 {
1650 struct inode *inode = d_inode(entry);
1651 struct fuse_conn *fc = get_fuse_conn(inode);
1652 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1653 int ret;
1654
1655 if (fuse_is_bad(inode))
1656 return -EIO;
1657
1658 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1659 return -EACCES;
1660
1661 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1662 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1663 ATTR_MODE);
1664
1665 /*
1666 * The only sane way to reliably kill suid/sgid is to do it in
1667 * the userspace filesystem
1668 *
1669 * This should be done on write(), truncate() and chown().
1670 */
1671 if (!fc->handle_killpriv) {
1672 /*
1673 * ia_mode calculation may have used stale i_mode.
1674 * Refresh and recalculate.
1675 */
1676 ret = fuse_do_getattr(inode, NULL, file);
1677 if (ret)
1678 return ret;
1679
1680 attr->ia_mode = inode->i_mode;
1681 if (inode->i_mode & S_ISUID) {
1682 attr->ia_valid |= ATTR_MODE;
1683 attr->ia_mode &= ~S_ISUID;
1684 }
1685 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1686 attr->ia_valid |= ATTR_MODE;
1687 attr->ia_mode &= ~S_ISGID;
1688 }
1689 }
1690 }
1691 if (!attr->ia_valid)
1692 return 0;
1693
1694 ret = fuse_do_setattr(entry, attr, file);
1695 if (!ret) {
1696 /*
1697 * If filesystem supports acls it may have updated acl xattrs in
1698 * the filesystem, so forget cached acls for the inode.
1699 */
1700 if (fc->posix_acl)
1701 forget_all_cached_acls(inode);
1702
1703 /* Directory mode changed, may need to revalidate access */
1704 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1705 fuse_invalidate_entry_cache(entry);
1706 }
1707 return ret;
1708 }
1709
1710 static int fuse_getattr(const struct path *path, struct kstat *stat,
1711 u32 request_mask, unsigned int flags)
1712 {
1713 struct inode *inode = d_inode(path->dentry);
1714 struct fuse_conn *fc = get_fuse_conn(inode);
1715
1716 if (fuse_is_bad(inode))
1717 return -EIO;
1718
1719 if (!fuse_allow_current_process(fc))
1720 return -EACCES;
1721
1722 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
1723 }
1724
1725 static const struct inode_operations fuse_dir_inode_operations = {
1726 .lookup = fuse_lookup,
1727 .mkdir = fuse_mkdir,
1728 .symlink = fuse_symlink,
1729 .unlink = fuse_unlink,
1730 .rmdir = fuse_rmdir,
1731 .rename = fuse_rename2,
1732 .link = fuse_link,
1733 .setattr = fuse_setattr,
1734 .create = fuse_create,
1735 .atomic_open = fuse_atomic_open,
1736 .mknod = fuse_mknod,
1737 .permission = fuse_permission,
1738 .getattr = fuse_getattr,
1739 .listxattr = fuse_listxattr,
1740 .get_acl = fuse_get_acl,
1741 .set_acl = fuse_set_acl,
1742 };
1743
1744 static const struct file_operations fuse_dir_operations = {
1745 .llseek = generic_file_llseek,
1746 .read = generic_read_dir,
1747 .iterate_shared = fuse_readdir,
1748 .open = fuse_dir_open,
1749 .release = fuse_dir_release,
1750 .fsync = fuse_dir_fsync,
1751 .unlocked_ioctl = fuse_dir_ioctl,
1752 .compat_ioctl = fuse_dir_compat_ioctl,
1753 };
1754
1755 static const struct inode_operations fuse_common_inode_operations = {
1756 .setattr = fuse_setattr,
1757 .permission = fuse_permission,
1758 .getattr = fuse_getattr,
1759 .listxattr = fuse_listxattr,
1760 .get_acl = fuse_get_acl,
1761 .set_acl = fuse_set_acl,
1762 };
1763
1764 static const struct inode_operations fuse_symlink_inode_operations = {
1765 .setattr = fuse_setattr,
1766 .get_link = fuse_get_link,
1767 .getattr = fuse_getattr,
1768 .listxattr = fuse_listxattr,
1769 };
1770
1771 void fuse_init_common(struct inode *inode)
1772 {
1773 inode->i_op = &fuse_common_inode_operations;
1774 }
1775
1776 void fuse_init_dir(struct inode *inode)
1777 {
1778 struct fuse_inode *fi = get_fuse_inode(inode);
1779
1780 inode->i_op = &fuse_dir_inode_operations;
1781 inode->i_fop = &fuse_dir_operations;
1782
1783 spin_lock_init(&fi->rdc.lock);
1784 fi->rdc.cached = false;
1785 fi->rdc.size = 0;
1786 fi->rdc.pos = 0;
1787 fi->rdc.version = 0;
1788 }
1789
1790 static int fuse_symlink_readpage(struct file *null, struct page *page)
1791 {
1792 int err = fuse_readlink_page(page->mapping->host, page);
1793
1794 if (!err)
1795 SetPageUptodate(page);
1796
1797 unlock_page(page);
1798
1799 return err;
1800 }
1801
1802 static const struct address_space_operations fuse_symlink_aops = {
1803 .readpage = fuse_symlink_readpage,
1804 };
1805
1806 void fuse_init_symlink(struct inode *inode)
1807 {
1808 inode->i_op = &fuse_symlink_inode_operations;
1809 inode->i_data.a_ops = &fuse_symlink_aops;
1810 inode_nohighmem(inode);
1811 }
Ubuntu Focal Linux kernel mirror