1/* 2 FUSE: Filesystem in Userspace 3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu> 4 5 This program can be distributed under the terms of the GNU GPL. 6 See the file COPYING. 7*/ 8 9#include "fuse_i.h" 10 11#include <linux/pagemap.h> 12#include <linux/file.h> 13#include <linux/fs_context.h> 14#include <linux/sched.h> 15#include <linux/namei.h> 16#include <linux/slab.h> 17#include <linux/xattr.h> 18#include <linux/iversion.h> 19#include <linux/posix_acl.h> 20 21static void fuse_advise_use_readdirplus(struct inode *dir) 22{ 23 struct fuse_inode *fi = get_fuse_inode(dir); 24 25 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state); 26} 27 28#if BITS_PER_LONG >= 64 29static inline void __fuse_dentry_settime(struct dentry *entry, u64 time) 30{ 31 entry->d_fsdata = (void *) time; 32} 33 34static inline u64 fuse_dentry_time(const struct dentry *entry) 35{ 36 return (u64)entry->d_fsdata; 37} 38 39#else 40union fuse_dentry { 41 u64 time; 42 struct rcu_head rcu; 43}; 44 45static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time) 46{ 47 ((union fuse_dentry *) dentry->d_fsdata)->time = time; 48} 49 50static inline u64 fuse_dentry_time(const struct dentry *entry) 51{ 52 return ((union fuse_dentry *) entry->d_fsdata)->time; 53} 54#endif 55 56static void fuse_dentry_settime(struct dentry *dentry, u64 time) 57{ 58 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb); 59 bool delete = !time && fc->delete_stale; 60 /* 61 * Mess with DCACHE_OP_DELETE because dput() will be faster without it. 62 * Don't care about races, either way it's just an optimization 63 */ 64 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) || 65 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) { 66 spin_lock(&dentry->d_lock); 67 if (!delete) 68 dentry->d_flags &= ~DCACHE_OP_DELETE; 69 else 70 dentry->d_flags |= DCACHE_OP_DELETE; 71 spin_unlock(&dentry->d_lock); 72 } 73 74 __fuse_dentry_settime(dentry, time); 75} 76 77/* 78 * FUSE caches dentries and attributes with separate timeout. The 79 * time in jiffies until the dentry/attributes are valid is stored in 80 * dentry->d_fsdata and fuse_inode->i_time respectively. 81 */ 82 83/* 84 * Calculate the time in jiffies until a dentry/attributes are valid 85 */ 86static u64 time_to_jiffies(u64 sec, u32 nsec) 87{ 88 if (sec || nsec) { 89 struct timespec64 ts = { 90 sec, 91 min_t(u32, nsec, NSEC_PER_SEC - 1) 92 }; 93 94 return get_jiffies_64() + timespec64_to_jiffies(&ts); 95 } else 96 return 0; 97} 98 99/* 100 * Set dentry and possibly attribute timeouts from the lookup/mk* 101 * replies 102 */ 103void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o) 104{ 105 fuse_dentry_settime(entry, 106 time_to_jiffies(o->entry_valid, o->entry_valid_nsec)); 107} 108 109static u64 attr_timeout(struct fuse_attr_out *o) 110{ 111 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec); 112} 113 114u64 entry_attr_timeout(struct fuse_entry_out *o) 115{ 116 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec); 117} 118 119static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask) 120{ 121 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask); 122} 123 124/* 125 * Mark the attributes as stale, so that at the next call to 126 * ->getattr() they will be fetched from userspace 127 */ 128void fuse_invalidate_attr(struct inode *inode) 129{ 130 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS); 131} 132 133static void fuse_dir_changed(struct inode *dir) 134{ 135 fuse_invalidate_attr(dir); 136 inode_maybe_inc_iversion(dir, false); 137} 138 139/** 140 * Mark the attributes as stale due to an atime change. Avoid the invalidate if 141 * atime is not used. 142 */ 143void fuse_invalidate_atime(struct inode *inode) 144{ 145 if (!IS_RDONLY(inode)) 146 fuse_invalidate_attr_mask(inode, STATX_ATIME); 147} 148 149/* 150 * Just mark the entry as stale, so that a next attempt to look it up 151 * will result in a new lookup call to userspace 152 * 153 * This is called when a dentry is about to become negative and the 154 * timeout is unknown (unlink, rmdir, rename and in some cases 155 * lookup) 156 */ 157void fuse_invalidate_entry_cache(struct dentry *entry) 158{ 159 fuse_dentry_settime(entry, 0); 160} 161 162/* 163 * Same as fuse_invalidate_entry_cache(), but also try to remove the 164 * dentry from the hash 165 */ 166static void fuse_invalidate_entry(struct dentry *entry) 167{ 168 d_invalidate(entry); 169 fuse_invalidate_entry_cache(entry); 170} 171 172static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args, 173 u64 nodeid, const struct qstr *name, 174 struct fuse_entry_out *outarg) 175{ 176 memset(outarg, 0, sizeof(struct fuse_entry_out)); 177 args->opcode = FUSE_LOOKUP; 178 args->nodeid = nodeid; 179 args->in_numargs = 1; 180 args->in_args[0].size = name->len + 1; 181 args->in_args[0].value = name->name; 182 args->out_numargs = 1; 183 args->out_args[0].size = sizeof(struct fuse_entry_out); 184 args->out_args[0].value = outarg; 185} 186 187/* 188 * Check whether the dentry is still valid 189 * 190 * If the entry validity timeout has expired and the dentry is 191 * positive, try to redo the lookup. If the lookup results in a 192 * different inode, then let the VFS invalidate the dentry and redo 193 * the lookup once more. If the lookup results in the same inode, 194 * then refresh the attributes, timeouts and mark the dentry valid. 195 */ 196static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags) 197{ 198 struct inode *inode; 199 struct dentry *parent; 200 struct fuse_mount *fm; 201 struct fuse_inode *fi; 202 int ret; 203 204 inode = d_inode_rcu(entry); 205 if (inode && fuse_is_bad(inode)) 206 goto invalid; 207 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) || 208 (flags & (LOOKUP_EXCL | LOOKUP_REVAL | LOOKUP_RENAME_TARGET))) { 209 struct fuse_entry_out outarg; 210 FUSE_ARGS(args); 211 struct fuse_forget_link *forget; 212 u64 attr_version; 213 214 /* For negative dentries, always do a fresh lookup */ 215 if (!inode) 216 goto invalid; 217 218 ret = -ECHILD; 219 if (flags & LOOKUP_RCU) 220 goto out; 221 222 fm = get_fuse_mount(inode); 223 224 forget = fuse_alloc_forget(); 225 ret = -ENOMEM; 226 if (!forget) 227 goto out; 228 229 attr_version = fuse_get_attr_version(fm->fc); 230 231 parent = dget_parent(entry); 232 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)), 233 &entry->d_name, &outarg); 234 ret = fuse_simple_request(fm, &args); 235 dput(parent); 236 /* Zero nodeid is same as -ENOENT */ 237 if (!ret && !outarg.nodeid) 238 ret = -ENOENT; 239 if (!ret) { 240 fi = get_fuse_inode(inode); 241 if (outarg.nodeid != get_node_id(inode) || 242 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) { 243 fuse_queue_forget(fm->fc, forget, 244 outarg.nodeid, 1); 245 goto invalid; 246 } 247 spin_lock(&fi->lock); 248 fi->nlookup++; 249 spin_unlock(&fi->lock); 250 } 251 kfree(forget); 252 if (ret == -ENOMEM || ret == -EINTR) 253 goto out; 254 if (ret || fuse_invalid_attr(&outarg.attr) || 255 fuse_stale_inode(inode, outarg.generation, &outarg.attr)) 256 goto invalid; 257 258 forget_all_cached_acls(inode); 259 fuse_change_attributes(inode, &outarg.attr, 260 entry_attr_timeout(&outarg), 261 attr_version); 262 fuse_change_entry_timeout(entry, &outarg); 263 } else if (inode) { 264 fi = get_fuse_inode(inode); 265 if (flags & LOOKUP_RCU) { 266 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state)) 267 return -ECHILD; 268 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) { 269 parent = dget_parent(entry); 270 fuse_advise_use_readdirplus(d_inode(parent)); 271 dput(parent); 272 } 273 } 274 ret = 1; 275out: 276 return ret; 277 278invalid: 279 ret = 0; 280 goto out; 281} 282 283#if BITS_PER_LONG < 64 284static int fuse_dentry_init(struct dentry *dentry) 285{ 286 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry), 287 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE); 288 289 return dentry->d_fsdata ? 0 : -ENOMEM; 290} 291static void fuse_dentry_release(struct dentry *dentry) 292{ 293 union fuse_dentry *fd = dentry->d_fsdata; 294 295 kfree_rcu(fd, rcu); 296} 297#endif 298 299static int fuse_dentry_delete(const struct dentry *dentry) 300{ 301 return time_before64(fuse_dentry_time(dentry), get_jiffies_64()); 302} 303 304/* 305 * Create a fuse_mount object with a new superblock (with path->dentry 306 * as the root), and return that mount so it can be auto-mounted on 307 * @path. 308 */ 309static struct vfsmount *fuse_dentry_automount(struct path *path) 310{ 311 struct fs_context *fsc; 312 struct fuse_mount *parent_fm = get_fuse_mount_super(path->mnt->mnt_sb); 313 struct fuse_conn *fc = parent_fm->fc; 314 struct fuse_mount *fm; 315 struct vfsmount *mnt; 316 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry)); 317 struct super_block *sb; 318 int err; 319 320 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry); 321 if (IS_ERR(fsc)) { 322 err = PTR_ERR(fsc); 323 goto out; 324 } 325 326 err = -ENOMEM; 327 fm = kzalloc(sizeof(struct fuse_mount), GFP_KERNEL); 328 if (!fm) 329 goto out_put_fsc; 330 331 refcount_set(&fm->count, 1); 332 fsc->s_fs_info = fm; 333 sb = sget_fc(fsc, NULL, set_anon_super_fc); 334 if (IS_ERR(sb)) { 335 err = PTR_ERR(sb); 336 fuse_mount_put(fm); 337 goto out_put_fsc; 338 } 339 fm->fc = fuse_conn_get(fc); 340 341 /* Initialize superblock, making @mp_fi its root */ 342 err = fuse_fill_super_submount(sb, mp_fi); 343 if (err) { 344 fuse_conn_put(fc); 345 kfree(fm); 346 sb->s_fs_info = NULL; 347 goto out_put_sb; 348 } 349 350 down_write(&fc->killsb); 351 list_add_tail(&fm->fc_entry, &fc->mounts); 352 up_write(&fc->killsb); 353 354 sb->s_flags |= SB_ACTIVE; 355 fsc->root = dget(sb->s_root); 356 357 /* 358 * FIXME: setting SB_BORN requires a write barrier for 359 * super_cache_count(). We should actually come 360 * up with a proper ->get_tree() implementation 361 * for submounts and call vfs_get_tree() to take 362 * care of the write barrier. 363 */ 364 smp_wmb(); 365 sb->s_flags |= SB_BORN; 366 367 /* We are done configuring the superblock, so unlock it */ 368 up_write(&sb->s_umount); 369 370 /* Create the submount */ 371 mnt = vfs_create_mount(fsc); 372 if (IS_ERR(mnt)) { 373 err = PTR_ERR(mnt); 374 goto out_put_fsc; 375 } 376 mntget(mnt); 377 put_fs_context(fsc); 378 return mnt; 379 380out_put_sb: 381 /* 382 * Only jump here when fsc->root is NULL and sb is still locked 383 * (otherwise put_fs_context() will put the superblock) 384 */ 385 deactivate_locked_super(sb); 386out_put_fsc: 387 put_fs_context(fsc); 388out: 389 return ERR_PTR(err); 390} 391 392const struct dentry_operations fuse_dentry_operations = { 393 .d_revalidate = fuse_dentry_revalidate, 394 .d_delete = fuse_dentry_delete, 395#if BITS_PER_LONG < 64 396 .d_init = fuse_dentry_init, 397 .d_release = fuse_dentry_release, 398#endif 399 .d_automount = fuse_dentry_automount, 400}; 401 402const struct dentry_operations fuse_root_dentry_operations = { 403#if BITS_PER_LONG < 64 404 .d_init = fuse_dentry_init, 405 .d_release = fuse_dentry_release, 406#endif 407}; 408 409int fuse_valid_type(int m) 410{ 411 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) || 412 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m); 413} 414 415bool fuse_invalid_attr(struct fuse_attr *attr) 416{ 417 return !fuse_valid_type(attr->mode) || 418 attr->size > LLONG_MAX; 419} 420 421int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name, 422 struct fuse_entry_out *outarg, struct inode **inode) 423{ 424 struct fuse_mount *fm = get_fuse_mount_super(sb); 425 FUSE_ARGS(args); 426 struct fuse_forget_link *forget; 427 u64 attr_version; 428 int err; 429 430 *inode = NULL; 431 err = -ENAMETOOLONG; 432 if (name->len > FUSE_NAME_MAX) 433 goto out; 434 435 436 forget = fuse_alloc_forget(); 437 err = -ENOMEM; 438 if (!forget) 439 goto out; 440 441 attr_version = fuse_get_attr_version(fm->fc); 442 443 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg); 444 err = fuse_simple_request(fm, &args); 445 /* Zero nodeid is same as -ENOENT, but with valid timeout */ 446 if (err || !outarg->nodeid) 447 goto out_put_forget; 448 449 err = -EIO; 450 if (!outarg->nodeid) 451 goto out_put_forget; 452 if (fuse_invalid_attr(&outarg->attr)) 453 goto out_put_forget; 454 455 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation, 456 &outarg->attr, entry_attr_timeout(outarg), 457 attr_version); 458 err = -ENOMEM; 459 if (!*inode) { 460 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1); 461 goto out; 462 } 463 err = 0; 464 465 out_put_forget: 466 kfree(forget); 467 out: 468 return err; 469} 470 471static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry, 472 unsigned int flags) 473{ 474 int err; 475 struct fuse_entry_out outarg; 476 struct inode *inode; 477 struct dentry *newent; 478 bool outarg_valid = true; 479 bool locked; 480 481 if (fuse_is_bad(dir)) 482 return ERR_PTR(-EIO); 483 484 locked = fuse_lock_inode(dir); 485 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name, 486 &outarg, &inode); 487 fuse_unlock_inode(dir, locked); 488 if (err == -ENOENT) { 489 outarg_valid = false; 490 err = 0; 491 } 492 if (err) 493 goto out_err; 494 495 err = -EIO; 496 if (inode && get_node_id(inode) == FUSE_ROOT_ID) 497 goto out_iput; 498 499 newent = d_splice_alias(inode, entry); 500 err = PTR_ERR(newent); 501 if (IS_ERR(newent)) 502 goto out_err; 503 504 entry = newent ? newent : entry; 505 if (outarg_valid) 506 fuse_change_entry_timeout(entry, &outarg); 507 else 508 fuse_invalidate_entry_cache(entry); 509 510 if (inode) 511 fuse_advise_use_readdirplus(dir); 512 return newent; 513 514 out_iput: 515 iput(inode); 516 out_err: 517 return ERR_PTR(err); 518} 519 520/* 521 * Atomic create+open operation 522 * 523 * If the filesystem doesn't support this, then fall back to separate 524 * 'mknod' + 'open' requests. 525 */ 526static int fuse_create_open(struct inode *dir, struct dentry *entry, 527 struct file *file, unsigned flags, 528 umode_t mode) 529{ 530 int err; 531 struct inode *inode; 532 struct fuse_mount *fm = get_fuse_mount(dir); 533 FUSE_ARGS(args); 534 struct fuse_forget_link *forget; 535 struct fuse_create_in inarg; 536 struct fuse_open_out outopen; 537 struct fuse_entry_out outentry; 538 struct fuse_inode *fi; 539 struct fuse_file *ff; 540 bool trunc = flags & O_TRUNC; 541 542 /* Userspace expects S_IFREG in create mode */ 543 BUG_ON((mode & S_IFMT) != S_IFREG); 544 545 forget = fuse_alloc_forget(); 546 err = -ENOMEM; 547 if (!forget) 548 goto out_err; 549 550 err = -ENOMEM; 551 ff = fuse_file_alloc(fm); 552 if (!ff) 553 goto out_put_forget_req; 554 555 if (!fm->fc->dont_mask) 556 mode &= ~current_umask(); 557 558 flags &= ~O_NOCTTY; 559 memset(&inarg, 0, sizeof(inarg)); 560 memset(&outentry, 0, sizeof(outentry)); 561 inarg.flags = flags; 562 inarg.mode = mode; 563 inarg.umask = current_umask(); 564 args.opcode = FUSE_CREATE; 565 args.nodeid = get_node_id(dir); 566 args.in_numargs = 2; 567 args.in_args[0].size = sizeof(inarg); 568 args.in_args[0].value = &inarg; 569 args.in_args[1].size = entry->d_name.len + 1; 570 args.in_args[1].value = entry->d_name.name; 571 args.out_numargs = 2; 572 args.out_args[0].size = sizeof(outentry); 573 args.out_args[0].value = &outentry; 574 args.out_args[1].size = sizeof(outopen); 575 args.out_args[1].value = &outopen; 576 err = fuse_simple_request(fm, &args); 577 if (err) 578 goto out_free_ff; 579 580 err = -EIO; 581 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) || 582 fuse_invalid_attr(&outentry.attr)) 583 goto out_free_ff; 584 585 ff->fh = outopen.fh; 586 ff->nodeid = outentry.nodeid; 587 ff->open_flags = outopen.open_flags; 588 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation, 589 &outentry.attr, entry_attr_timeout(&outentry), 0); 590 if (!inode) { 591 flags &= ~(O_CREAT | O_EXCL | O_TRUNC); 592 fuse_sync_release(NULL, ff, flags); 593 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1); 594 err = -ENOMEM; 595 goto out_err; 596 } 597 kfree(forget); 598 d_instantiate(entry, inode); 599 fuse_change_entry_timeout(entry, &outentry); 600 fuse_dir_changed(dir); 601 err = finish_open(file, entry, generic_file_open); 602 if (err) { 603 fi = get_fuse_inode(inode); 604 fuse_sync_release(fi, ff, flags); 605 } else { 606 file->private_data = ff; 607 fuse_finish_open(inode, file); 608 if (fm->fc->atomic_o_trunc && trunc) 609 truncate_pagecache(inode, 0); 610 else if (!(ff->open_flags & FOPEN_KEEP_CACHE)) 611 invalidate_inode_pages2(inode->i_mapping); 612 } 613 return err; 614 615out_free_ff: 616 fuse_file_free(ff); 617out_put_forget_req: 618 kfree(forget); 619out_err: 620 return err; 621} 622 623static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t); 624static int fuse_atomic_open(struct inode *dir, struct dentry *entry, 625 struct file *file, unsigned flags, 626 umode_t mode) 627{ 628 int err; 629 struct fuse_conn *fc = get_fuse_conn(dir); 630 struct dentry *res = NULL; 631 632 if (fuse_is_bad(dir)) 633 return -EIO; 634 635 if (d_in_lookup(entry)) { 636 res = fuse_lookup(dir, entry, 0); 637 if (IS_ERR(res)) 638 return PTR_ERR(res); 639 640 if (res) 641 entry = res; 642 } 643 644 if (!(flags & O_CREAT) || d_really_is_positive(entry)) 645 goto no_open; 646 647 /* Only creates */ 648 file->f_mode |= FMODE_CREATED; 649 650 if (fc->no_create) 651 goto mknod; 652 653 err = fuse_create_open(dir, entry, file, flags, mode); 654 if (err == -ENOSYS) { 655 fc->no_create = 1; 656 goto mknod; 657 } 658out_dput: 659 dput(res); 660 return err; 661 662mknod: 663 err = fuse_mknod(dir, entry, mode, 0); 664 if (err) 665 goto out_dput; 666no_open: 667 return finish_no_open(file, res); 668} 669 670/* 671 * Code shared between mknod, mkdir, symlink and link 672 */ 673static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args, 674 struct inode *dir, struct dentry *entry, 675 umode_t mode) 676{ 677 struct fuse_entry_out outarg; 678 struct inode *inode; 679 struct dentry *d; 680 int err; 681 struct fuse_forget_link *forget; 682 683 if (fuse_is_bad(dir)) 684 return -EIO; 685 686 forget = fuse_alloc_forget(); 687 if (!forget) 688 return -ENOMEM; 689 690 memset(&outarg, 0, sizeof(outarg)); 691 args->nodeid = get_node_id(dir); 692 args->out_numargs = 1; 693 args->out_args[0].size = sizeof(outarg); 694 args->out_args[0].value = &outarg; 695 err = fuse_simple_request(fm, args); 696 if (err) 697 goto out_put_forget_req; 698 699 err = -EIO; 700 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr)) 701 goto out_put_forget_req; 702 703 if ((outarg.attr.mode ^ mode) & S_IFMT) 704 goto out_put_forget_req; 705 706 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation, 707 &outarg.attr, entry_attr_timeout(&outarg), 0); 708 if (!inode) { 709 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1); 710 return -ENOMEM; 711 } 712 kfree(forget); 713 714 d_drop(entry); 715 d = d_splice_alias(inode, entry); 716 if (IS_ERR(d)) 717 return PTR_ERR(d); 718 719 if (d) { 720 fuse_change_entry_timeout(d, &outarg); 721 dput(d); 722 } else { 723 fuse_change_entry_timeout(entry, &outarg); 724 } 725 fuse_dir_changed(dir); 726 return 0; 727 728 out_put_forget_req: 729 kfree(forget); 730 return err; 731} 732 733static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode, 734 dev_t rdev) 735{ 736 struct fuse_mknod_in inarg; 737 struct fuse_mount *fm = get_fuse_mount(dir); 738 FUSE_ARGS(args); 739 740 if (!fm->fc->dont_mask) 741 mode &= ~current_umask(); 742 743 memset(&inarg, 0, sizeof(inarg)); 744 inarg.mode = mode; 745 inarg.rdev = new_encode_dev(rdev); 746 inarg.umask = current_umask(); 747 args.opcode = FUSE_MKNOD; 748 args.in_numargs = 2; 749 args.in_args[0].size = sizeof(inarg); 750 args.in_args[0].value = &inarg; 751 args.in_args[1].size = entry->d_name.len + 1; 752 args.in_args[1].value = entry->d_name.name; 753 return create_new_entry(fm, &args, dir, entry, mode); 754} 755 756static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode, 757 bool excl) 758{ 759 return fuse_mknod(dir, entry, mode, 0); 760} 761 762static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode) 763{ 764 struct fuse_mkdir_in inarg; 765 struct fuse_mount *fm = get_fuse_mount(dir); 766 FUSE_ARGS(args); 767 768 if (!fm->fc->dont_mask) 769 mode &= ~current_umask(); 770 771 memset(&inarg, 0, sizeof(inarg)); 772 inarg.mode = mode; 773 inarg.umask = current_umask(); 774 args.opcode = FUSE_MKDIR; 775 args.in_numargs = 2; 776 args.in_args[0].size = sizeof(inarg); 777 args.in_args[0].value = &inarg; 778 args.in_args[1].size = entry->d_name.len + 1; 779 args.in_args[1].value = entry->d_name.name; 780 return create_new_entry(fm, &args, dir, entry, S_IFDIR); 781} 782 783static int fuse_symlink(struct inode *dir, struct dentry *entry, 784 const char *link) 785{ 786 struct fuse_mount *fm = get_fuse_mount(dir); 787 unsigned len = strlen(link) + 1; 788 FUSE_ARGS(args); 789 790 args.opcode = FUSE_SYMLINK; 791 args.in_numargs = 2; 792 args.in_args[0].size = entry->d_name.len + 1; 793 args.in_args[0].value = entry->d_name.name; 794 args.in_args[1].size = len; 795 args.in_args[1].value = link; 796 return create_new_entry(fm, &args, dir, entry, S_IFLNK); 797} 798 799void fuse_flush_time_update(struct inode *inode) 800{ 801 int err = sync_inode_metadata(inode, 1); 802 803 mapping_set_error(inode->i_mapping, err); 804} 805 806void fuse_update_ctime(struct inode *inode) 807{ 808 if (!IS_NOCMTIME(inode)) { 809 inode->i_ctime = current_time(inode); 810 mark_inode_dirty_sync(inode); 811 fuse_flush_time_update(inode); 812 } 813} 814 815static int fuse_unlink(struct inode *dir, struct dentry *entry) 816{ 817 int err; 818 struct fuse_mount *fm = get_fuse_mount(dir); 819 FUSE_ARGS(args); 820 821 if (fuse_is_bad(dir)) 822 return -EIO; 823 824 args.opcode = FUSE_UNLINK; 825 args.nodeid = get_node_id(dir); 826 args.in_numargs = 1; 827 args.in_args[0].size = entry->d_name.len + 1; 828 args.in_args[0].value = entry->d_name.name; 829 err = fuse_simple_request(fm, &args); 830 if (!err) { 831 struct inode *inode = d_inode(entry); 832 struct fuse_inode *fi = get_fuse_inode(inode); 833 834 spin_lock(&fi->lock); 835 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version); 836 /* 837 * If i_nlink == 0 then unlink doesn't make sense, yet this can 838 * happen if userspace filesystem is careless. It would be 839 * difficult to enforce correct nlink usage so just ignore this 840 * condition here 841 */ 842 if (inode->i_nlink > 0) 843 drop_nlink(inode); 844 spin_unlock(&fi->lock); 845 fuse_invalidate_attr(inode); 846 fuse_dir_changed(dir); 847 fuse_invalidate_entry_cache(entry); 848 fuse_update_ctime(inode); 849 } else if (err == -EINTR) 850 fuse_invalidate_entry(entry); 851 return err; 852} 853 854static int fuse_rmdir(struct inode *dir, struct dentry *entry) 855{ 856 int err; 857 struct fuse_mount *fm = get_fuse_mount(dir); 858 FUSE_ARGS(args); 859 860 if (fuse_is_bad(dir)) 861 return -EIO; 862 863 args.opcode = FUSE_RMDIR; 864 args.nodeid = get_node_id(dir); 865 args.in_numargs = 1; 866 args.in_args[0].size = entry->d_name.len + 1; 867 args.in_args[0].value = entry->d_name.name; 868 err = fuse_simple_request(fm, &args); 869 if (!err) { 870 clear_nlink(d_inode(entry)); 871 fuse_dir_changed(dir); 872 fuse_invalidate_entry_cache(entry); 873 } else if (err == -EINTR) 874 fuse_invalidate_entry(entry); 875 return err; 876} 877 878static int fuse_rename_common(struct inode *olddir, struct dentry *oldent, 879 struct inode *newdir, struct dentry *newent, 880 unsigned int flags, int opcode, size_t argsize) 881{ 882 int err; 883 struct fuse_rename2_in inarg; 884 struct fuse_mount *fm = get_fuse_mount(olddir); 885 FUSE_ARGS(args); 886 887 memset(&inarg, 0, argsize); 888 inarg.newdir = get_node_id(newdir); 889 inarg.flags = flags; 890 args.opcode = opcode; 891 args.nodeid = get_node_id(olddir); 892 args.in_numargs = 3; 893 args.in_args[0].size = argsize; 894 args.in_args[0].value = &inarg; 895 args.in_args[1].size = oldent->d_name.len + 1; 896 args.in_args[1].value = oldent->d_name.name; 897 args.in_args[2].size = newent->d_name.len + 1; 898 args.in_args[2].value = newent->d_name.name; 899 err = fuse_simple_request(fm, &args); 900 if (!err) { 901 /* ctime changes */ 902 fuse_invalidate_attr(d_inode(oldent)); 903 fuse_update_ctime(d_inode(oldent)); 904 905 if (flags & RENAME_EXCHANGE) { 906 fuse_invalidate_attr(d_inode(newent)); 907 fuse_update_ctime(d_inode(newent)); 908 } 909 910 fuse_dir_changed(olddir); 911 if (olddir != newdir) 912 fuse_dir_changed(newdir); 913 914 /* newent will end up negative */ 915 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) { 916 fuse_invalidate_attr(d_inode(newent)); 917 fuse_invalidate_entry_cache(newent); 918 fuse_update_ctime(d_inode(newent)); 919 } 920 } else if (err == -EINTR) { 921 /* If request was interrupted, DEITY only knows if the 922 rename actually took place. If the invalidation 923 fails (e.g. some process has CWD under the renamed 924 directory), then there can be inconsistency between 925 the dcache and the real filesystem. Tough luck. */ 926 fuse_invalidate_entry(oldent); 927 if (d_really_is_positive(newent)) 928 fuse_invalidate_entry(newent); 929 } 930 931 return err; 932} 933 934static int fuse_rename2(struct inode *olddir, struct dentry *oldent, 935 struct inode *newdir, struct dentry *newent, 936 unsigned int flags) 937{ 938 struct fuse_conn *fc = get_fuse_conn(olddir); 939 int err; 940 941 if (fuse_is_bad(olddir)) 942 return -EIO; 943 944 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 945 return -EINVAL; 946 947 if (flags) { 948 if (fc->no_rename2 || fc->minor < 23) 949 return -EINVAL; 950 951 err = fuse_rename_common(olddir, oldent, newdir, newent, flags, 952 FUSE_RENAME2, 953 sizeof(struct fuse_rename2_in)); 954 if (err == -ENOSYS) { 955 fc->no_rename2 = 1; 956 err = -EINVAL; 957 } 958 } else { 959 err = fuse_rename_common(olddir, oldent, newdir, newent, 0, 960 FUSE_RENAME, 961 sizeof(struct fuse_rename_in)); 962 } 963 964 return err; 965} 966 967static int fuse_link(struct dentry *entry, struct inode *newdir, 968 struct dentry *newent) 969{ 970 int err; 971 struct fuse_link_in inarg; 972 struct inode *inode = d_inode(entry); 973 struct fuse_mount *fm = get_fuse_mount(inode); 974 FUSE_ARGS(args); 975 976 memset(&inarg, 0, sizeof(inarg)); 977 inarg.oldnodeid = get_node_id(inode); 978 args.opcode = FUSE_LINK; 979 args.in_numargs = 2; 980 args.in_args[0].size = sizeof(inarg); 981 args.in_args[0].value = &inarg; 982 args.in_args[1].size = newent->d_name.len + 1; 983 args.in_args[1].value = newent->d_name.name; 984 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode); 985 /* Contrary to "normal" filesystems it can happen that link 986 makes two "logical" inodes point to the same "physical" 987 inode. We invalidate the attributes of the old one, so it 988 will reflect changes in the backing inode (link count, 989 etc.) 990 */ 991 if (!err) { 992 struct fuse_inode *fi = get_fuse_inode(inode); 993 994 spin_lock(&fi->lock); 995 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version); 996 if (likely(inode->i_nlink < UINT_MAX)) 997 inc_nlink(inode); 998 spin_unlock(&fi->lock); 999 fuse_invalidate_attr(inode); 1000 fuse_update_ctime(inode); 1001 } else if (err == -EINTR) { 1002 fuse_invalidate_attr(inode); 1003 } 1004 return err; 1005} 1006 1007static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr, 1008 struct kstat *stat) 1009{ 1010 unsigned int blkbits; 1011 struct fuse_conn *fc = get_fuse_conn(inode); 1012 1013 /* see the comment in fuse_change_attributes() */ 1014 if (fc->writeback_cache && S_ISREG(inode->i_mode)) { 1015 attr->size = i_size_read(inode); 1016 attr->mtime = inode->i_mtime.tv_sec; 1017 attr->mtimensec = inode->i_mtime.tv_nsec; 1018 attr->ctime = inode->i_ctime.tv_sec; 1019 attr->ctimensec = inode->i_ctime.tv_nsec; 1020 } 1021 1022 stat->dev = inode->i_sb->s_dev; 1023 stat->ino = attr->ino; 1024 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777); 1025 stat->nlink = attr->nlink; 1026 stat->uid = make_kuid(fc->user_ns, attr->uid); 1027 stat->gid = make_kgid(fc->user_ns, attr->gid); 1028 stat->rdev = inode->i_rdev; 1029 stat->atime.tv_sec = attr->atime; 1030 stat->atime.tv_nsec = attr->atimensec; 1031 stat->mtime.tv_sec = attr->mtime; 1032 stat->mtime.tv_nsec = attr->mtimensec; 1033 stat->ctime.tv_sec = attr->ctime; 1034 stat->ctime.tv_nsec = attr->ctimensec; 1035 stat->size = attr->size; 1036 stat->blocks = attr->blocks; 1037 1038 if (attr->blksize != 0) 1039 blkbits = ilog2(attr->blksize); 1040 else 1041 blkbits = inode->i_sb->s_blocksize_bits; 1042 1043 stat->blksize = 1 << blkbits; 1044} 1045 1046static int fuse_do_getattr(struct inode *inode, struct kstat *stat, 1047 struct file *file) 1048{ 1049 int err; 1050 struct fuse_getattr_in inarg; 1051 struct fuse_attr_out outarg; 1052 struct fuse_mount *fm = get_fuse_mount(inode); 1053 FUSE_ARGS(args); 1054 u64 attr_version; 1055 1056 attr_version = fuse_get_attr_version(fm->fc); 1057 1058 memset(&inarg, 0, sizeof(inarg)); 1059 memset(&outarg, 0, sizeof(outarg)); 1060 /* Directories have separate file-handle space */ 1061 if (file && S_ISREG(inode->i_mode)) { 1062 struct fuse_file *ff = file->private_data; 1063 1064 inarg.getattr_flags |= FUSE_GETATTR_FH; 1065 inarg.fh = ff->fh; 1066 } 1067 args.opcode = FUSE_GETATTR; 1068 args.nodeid = get_node_id(inode); 1069 args.in_numargs = 1; 1070 args.in_args[0].size = sizeof(inarg); 1071 args.in_args[0].value = &inarg; 1072 args.out_numargs = 1; 1073 args.out_args[0].size = sizeof(outarg); 1074 args.out_args[0].value = &outarg; 1075 err = fuse_simple_request(fm, &args); 1076 if (!err) { 1077 if (fuse_invalid_attr(&outarg.attr) || 1078 inode_wrong_type(inode, outarg.attr.mode)) { 1079 fuse_make_bad(inode); 1080 err = -EIO; 1081 } else { 1082 fuse_change_attributes(inode, &outarg.attr, 1083 attr_timeout(&outarg), 1084 attr_version); 1085 if (stat) 1086 fuse_fillattr(inode, &outarg.attr, stat); 1087 } 1088 } 1089 return err; 1090} 1091 1092static int fuse_update_get_attr(struct inode *inode, struct file *file, 1093 struct kstat *stat, u32 request_mask, 1094 unsigned int flags) 1095{ 1096 struct fuse_inode *fi = get_fuse_inode(inode); 1097 int err = 0; 1098 bool sync; 1099 1100 if (flags & AT_STATX_FORCE_SYNC) 1101 sync = true; 1102 else if (flags & AT_STATX_DONT_SYNC) 1103 sync = false; 1104 else if (request_mask & READ_ONCE(fi->inval_mask)) 1105 sync = true; 1106 else 1107 sync = time_before64(fi->i_time, get_jiffies_64()); 1108 1109 if (sync) { 1110 forget_all_cached_acls(inode); 1111 err = fuse_do_getattr(inode, stat, file); 1112 } else if (stat) { 1113 generic_fillattr(inode, stat); 1114 stat->mode = fi->orig_i_mode; 1115 stat->ino = fi->orig_ino; 1116 } 1117 1118 return err; 1119} 1120 1121int fuse_update_attributes(struct inode *inode, struct file *file) 1122{ 1123 /* Do *not* need to get atime for internal purposes */ 1124 return fuse_update_get_attr(inode, file, NULL, 1125 STATX_BASIC_STATS & ~STATX_ATIME, 0); 1126} 1127 1128int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid, 1129 u64 child_nodeid, struct qstr *name) 1130{ 1131 int err = -ENOTDIR; 1132 struct inode *parent; 1133 struct dentry *dir; 1134 struct dentry *entry; 1135 1136 parent = fuse_ilookup(fc, parent_nodeid, NULL); 1137 if (!parent) 1138 return -ENOENT; 1139 1140 inode_lock_nested(parent, I_MUTEX_PARENT); 1141 if (!S_ISDIR(parent->i_mode)) 1142 goto unlock; 1143 1144 err = -ENOENT; 1145 dir = d_find_alias(parent); 1146 if (!dir) 1147 goto unlock; 1148 1149 name->hash = full_name_hash(dir, name->name, name->len); 1150 entry = d_lookup(dir, name); 1151 dput(dir); 1152 if (!entry) 1153 goto unlock; 1154 1155 fuse_dir_changed(parent); 1156 fuse_invalidate_entry(entry); 1157 1158 if (child_nodeid != 0 && d_really_is_positive(entry)) { 1159 inode_lock(d_inode(entry)); 1160 if (get_node_id(d_inode(entry)) != child_nodeid) { 1161 err = -ENOENT; 1162 goto badentry; 1163 } 1164 if (d_mountpoint(entry)) { 1165 err = -EBUSY; 1166 goto badentry; 1167 } 1168 if (d_is_dir(entry)) { 1169 shrink_dcache_parent(entry); 1170 if (!simple_empty(entry)) { 1171 err = -ENOTEMPTY; 1172 goto badentry; 1173 } 1174 d_inode(entry)->i_flags |= S_DEAD; 1175 } 1176 dont_mount(entry); 1177 clear_nlink(d_inode(entry)); 1178 err = 0; 1179 badentry: 1180 inode_unlock(d_inode(entry)); 1181 if (!err) 1182 d_delete(entry); 1183 } else { 1184 err = 0; 1185 } 1186 dput(entry); 1187 1188 unlock: 1189 inode_unlock(parent); 1190 iput(parent); 1191 return err; 1192} 1193 1194/* 1195 * Calling into a user-controlled filesystem gives the filesystem 1196 * daemon ptrace-like capabilities over the current process. This 1197 * means, that the filesystem daemon is able to record the exact 1198 * filesystem operations performed, and can also control the behavior 1199 * of the requester process in otherwise impossible ways. For example 1200 * it can delay the operation for arbitrary length of time allowing 1201 * DoS against the requester. 1202 * 1203 * For this reason only those processes can call into the filesystem, 1204 * for which the owner of the mount has ptrace privilege. This 1205 * excludes processes started by other users, suid or sgid processes. 1206 */ 1207int fuse_allow_current_process(struct fuse_conn *fc) 1208{ 1209 const struct cred *cred; 1210 1211 if (fc->allow_other) 1212 return current_in_userns(fc->user_ns); 1213 1214 cred = current_cred(); 1215 if (uid_eq(cred->euid, fc->user_id) && 1216 uid_eq(cred->suid, fc->user_id) && 1217 uid_eq(cred->uid, fc->user_id) && 1218 gid_eq(cred->egid, fc->group_id) && 1219 gid_eq(cred->sgid, fc->group_id) && 1220 gid_eq(cred->gid, fc->group_id)) 1221 return 1; 1222 1223 return 0; 1224} 1225 1226static int fuse_access(struct inode *inode, int mask) 1227{ 1228 struct fuse_mount *fm = get_fuse_mount(inode); 1229 FUSE_ARGS(args); 1230 struct fuse_access_in inarg; 1231 int err; 1232 1233 BUG_ON(mask & MAY_NOT_BLOCK); 1234 1235 if (fm->fc->no_access) 1236 return 0; 1237 1238 memset(&inarg, 0, sizeof(inarg)); 1239 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC); 1240 args.opcode = FUSE_ACCESS; 1241 args.nodeid = get_node_id(inode); 1242 args.in_numargs = 1; 1243 args.in_args[0].size = sizeof(inarg); 1244 args.in_args[0].value = &inarg; 1245 err = fuse_simple_request(fm, &args); 1246 if (err == -ENOSYS) { 1247 fm->fc->no_access = 1; 1248 err = 0; 1249 } 1250 return err; 1251} 1252 1253static int fuse_perm_getattr(struct inode *inode, int mask) 1254{ 1255 if (mask & MAY_NOT_BLOCK) 1256 return -ECHILD; 1257 1258 forget_all_cached_acls(inode); 1259 return fuse_do_getattr(inode, NULL, NULL); 1260} 1261 1262/* 1263 * Check permission. The two basic access models of FUSE are: 1264 * 1265 * 1) Local access checking ('default_permissions' mount option) based 1266 * on file mode. This is the plain old disk filesystem permission 1267 * modell. 1268 * 1269 * 2) "Remote" access checking, where server is responsible for 1270 * checking permission in each inode operation. An exception to this 1271 * is if ->permission() was invoked from sys_access() in which case an 1272 * access request is sent. Execute permission is still checked 1273 * locally based on file mode. 1274 */ 1275static int fuse_permission(struct inode *inode, int mask) 1276{ 1277 struct fuse_conn *fc = get_fuse_conn(inode); 1278 bool refreshed = false; 1279 int err = 0; 1280 1281 if (fuse_is_bad(inode)) 1282 return -EIO; 1283 1284 if (!fuse_allow_current_process(fc)) 1285 return -EACCES; 1286 1287 /* 1288 * If attributes are needed, refresh them before proceeding 1289 */ 1290 if (fc->default_permissions || 1291 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) { 1292 struct fuse_inode *fi = get_fuse_inode(inode); 1293 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID; 1294 1295 if (perm_mask & READ_ONCE(fi->inval_mask) || 1296 time_before64(fi->i_time, get_jiffies_64())) { 1297 refreshed = true; 1298 1299 err = fuse_perm_getattr(inode, mask); 1300 if (err) 1301 return err; 1302 } 1303 } 1304 1305 if (fc->default_permissions) { 1306 err = generic_permission(inode, mask); 1307 1308 /* If permission is denied, try to refresh file 1309 attributes. This is also needed, because the root 1310 node will at first have no permissions */ 1311 if (err == -EACCES && !refreshed) { 1312 err = fuse_perm_getattr(inode, mask); 1313 if (!err) 1314 err = generic_permission(inode, mask); 1315 } 1316 1317 /* Note: the opposite of the above test does not 1318 exist. So if permissions are revoked this won't be 1319 noticed immediately, only after the attribute 1320 timeout has expired */ 1321 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) { 1322 err = fuse_access(inode, mask); 1323 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) { 1324 if (!(inode->i_mode & S_IXUGO)) { 1325 if (refreshed) 1326 return -EACCES; 1327 1328 err = fuse_perm_getattr(inode, mask); 1329 if (!err && !(inode->i_mode & S_IXUGO)) 1330 return -EACCES; 1331 } 1332 } 1333 return err; 1334} 1335 1336static int fuse_readlink_page(struct inode *inode, struct page *page) 1337{ 1338 struct fuse_mount *fm = get_fuse_mount(inode); 1339 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 }; 1340 struct fuse_args_pages ap = { 1341 .num_pages = 1, 1342 .pages = &page, 1343 .descs = &desc, 1344 }; 1345 char *link; 1346 ssize_t res; 1347 1348 ap.args.opcode = FUSE_READLINK; 1349 ap.args.nodeid = get_node_id(inode); 1350 ap.args.out_pages = true; 1351 ap.args.out_argvar = true; 1352 ap.args.page_zeroing = true; 1353 ap.args.out_numargs = 1; 1354 ap.args.out_args[0].size = desc.length; 1355 res = fuse_simple_request(fm, &ap.args); 1356 1357 fuse_invalidate_atime(inode); 1358 1359 if (res < 0) 1360 return res; 1361 1362 if (WARN_ON(res >= PAGE_SIZE)) 1363 return -EIO; 1364 1365 link = page_address(page); 1366 link[res] = '\0'; 1367 1368 return 0; 1369} 1370 1371static const char *fuse_get_link(struct dentry *dentry, struct inode *inode, 1372 struct delayed_call *callback) 1373{ 1374 struct fuse_conn *fc = get_fuse_conn(inode); 1375 struct page *page; 1376 int err; 1377 1378 err = -EIO; 1379 if (fuse_is_bad(inode)) 1380 goto out_err; 1381 1382 if (fc->cache_symlinks) 1383 return page_get_link(dentry, inode, callback); 1384 1385 err = -ECHILD; 1386 if (!dentry) 1387 goto out_err; 1388 1389 page = alloc_page(GFP_KERNEL); 1390 err = -ENOMEM; 1391 if (!page) 1392 goto out_err; 1393 1394 err = fuse_readlink_page(inode, page); 1395 if (err) { 1396 __free_page(page); 1397 goto out_err; 1398 } 1399 1400 set_delayed_call(callback, page_put_link, page); 1401 1402 return page_address(page); 1403 1404out_err: 1405 return ERR_PTR(err); 1406} 1407 1408static int fuse_dir_open(struct inode *inode, struct file *file) 1409{ 1410 return fuse_open_common(inode, file, true); 1411} 1412 1413static int fuse_dir_release(struct inode *inode, struct file *file) 1414{ 1415 fuse_release_common(file, true); 1416 1417 return 0; 1418} 1419 1420static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end, 1421 int datasync) 1422{ 1423 struct inode *inode = file->f_mapping->host; 1424 struct fuse_conn *fc = get_fuse_conn(inode); 1425 int err; 1426 1427 if (fuse_is_bad(inode)) 1428 return -EIO; 1429 1430 if (fc->no_fsyncdir) 1431 return 0; 1432 1433 inode_lock(inode); 1434 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR); 1435 if (err == -ENOSYS) { 1436 fc->no_fsyncdir = 1; 1437 err = 0; 1438 } 1439 inode_unlock(inode); 1440 1441 return err; 1442} 1443 1444static long fuse_dir_ioctl(struct file *file, unsigned int cmd, 1445 unsigned long arg) 1446{ 1447 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host); 1448 1449 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */ 1450 if (fc->minor < 18) 1451 return -ENOTTY; 1452 1453 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR); 1454} 1455 1456static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd, 1457 unsigned long arg) 1458{ 1459 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host); 1460 1461 if (fc->minor < 18) 1462 return -ENOTTY; 1463 1464 return fuse_ioctl_common(file, cmd, arg, 1465 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR); 1466} 1467 1468static bool update_mtime(unsigned ivalid, bool trust_local_mtime) 1469{ 1470 /* Always update if mtime is explicitly set */ 1471 if (ivalid & ATTR_MTIME_SET) 1472 return true; 1473 1474 /* Or if kernel i_mtime is the official one */ 1475 if (trust_local_mtime) 1476 return true; 1477 1478 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */ 1479 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE))) 1480 return false; 1481 1482 /* In all other cases update */ 1483 return true; 1484} 1485 1486static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr, 1487 struct fuse_setattr_in *arg, bool trust_local_cmtime) 1488{ 1489 unsigned ivalid = iattr->ia_valid; 1490 1491 if (ivalid & ATTR_MODE) 1492 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode; 1493 if (ivalid & ATTR_UID) 1494 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid); 1495 if (ivalid & ATTR_GID) 1496 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid); 1497 if (ivalid & ATTR_SIZE) 1498 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size; 1499 if (ivalid & ATTR_ATIME) { 1500 arg->valid |= FATTR_ATIME; 1501 arg->atime = iattr->ia_atime.tv_sec; 1502 arg->atimensec = iattr->ia_atime.tv_nsec; 1503 if (!(ivalid & ATTR_ATIME_SET)) 1504 arg->valid |= FATTR_ATIME_NOW; 1505 } 1506 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) { 1507 arg->valid |= FATTR_MTIME; 1508 arg->mtime = iattr->ia_mtime.tv_sec; 1509 arg->mtimensec = iattr->ia_mtime.tv_nsec; 1510 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime) 1511 arg->valid |= FATTR_MTIME_NOW; 1512 } 1513 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) { 1514 arg->valid |= FATTR_CTIME; 1515 arg->ctime = iattr->ia_ctime.tv_sec; 1516 arg->ctimensec = iattr->ia_ctime.tv_nsec; 1517 } 1518} 1519 1520/* 1521 * Prevent concurrent writepages on inode 1522 * 1523 * This is done by adding a negative bias to the inode write counter 1524 * and waiting for all pending writes to finish. 1525 */ 1526void fuse_set_nowrite(struct inode *inode) 1527{ 1528 struct fuse_inode *fi = get_fuse_inode(inode); 1529 1530 BUG_ON(!inode_is_locked(inode)); 1531 1532 spin_lock(&fi->lock); 1533 BUG_ON(fi->writectr < 0); 1534 fi->writectr += FUSE_NOWRITE; 1535 spin_unlock(&fi->lock); 1536 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE); 1537} 1538 1539/* 1540 * Allow writepages on inode 1541 * 1542 * Remove the bias from the writecounter and send any queued 1543 * writepages. 1544 */ 1545static void __fuse_release_nowrite(struct inode *inode) 1546{ 1547 struct fuse_inode *fi = get_fuse_inode(inode); 1548 1549 BUG_ON(fi->writectr != FUSE_NOWRITE); 1550 fi->writectr = 0; 1551 fuse_flush_writepages(inode); 1552} 1553 1554void fuse_release_nowrite(struct inode *inode) 1555{ 1556 struct fuse_inode *fi = get_fuse_inode(inode); 1557 1558 spin_lock(&fi->lock); 1559 __fuse_release_nowrite(inode); 1560 spin_unlock(&fi->lock); 1561} 1562 1563static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args, 1564 struct inode *inode, 1565 struct fuse_setattr_in *inarg_p, 1566 struct fuse_attr_out *outarg_p) 1567{ 1568 args->opcode = FUSE_SETATTR; 1569 args->nodeid = get_node_id(inode); 1570 args->in_numargs = 1; 1571 args->in_args[0].size = sizeof(*inarg_p); 1572 args->in_args[0].value = inarg_p; 1573 args->out_numargs = 1; 1574 args->out_args[0].size = sizeof(*outarg_p); 1575 args->out_args[0].value = outarg_p; 1576} 1577 1578/* 1579 * Flush inode->i_mtime to the server 1580 */ 1581int fuse_flush_times(struct inode *inode, struct fuse_file *ff) 1582{ 1583 struct fuse_mount *fm = get_fuse_mount(inode); 1584 FUSE_ARGS(args); 1585 struct fuse_setattr_in inarg; 1586 struct fuse_attr_out outarg; 1587 1588 memset(&inarg, 0, sizeof(inarg)); 1589 memset(&outarg, 0, sizeof(outarg)); 1590 1591 inarg.valid = FATTR_MTIME; 1592 inarg.mtime = inode->i_mtime.tv_sec; 1593 inarg.mtimensec = inode->i_mtime.tv_nsec; 1594 if (fm->fc->minor >= 23) { 1595 inarg.valid |= FATTR_CTIME; 1596 inarg.ctime = inode->i_ctime.tv_sec; 1597 inarg.ctimensec = inode->i_ctime.tv_nsec; 1598 } 1599 if (ff) { 1600 inarg.valid |= FATTR_FH; 1601 inarg.fh = ff->fh; 1602 } 1603 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg); 1604 1605 return fuse_simple_request(fm, &args); 1606} 1607 1608/* 1609 * Set attributes, and at the same time refresh them. 1610 * 1611 * Truncation is slightly complicated, because the 'truncate' request 1612 * may fail, in which case we don't want to touch the mapping. 1613 * vmtruncate() doesn't allow for this case, so do the rlimit checking 1614 * and the actual truncation by hand. 1615 */ 1616int fuse_do_setattr(struct dentry *dentry, struct iattr *attr, 1617 struct file *file) 1618{ 1619 struct inode *inode = d_inode(dentry); 1620 struct fuse_mount *fm = get_fuse_mount(inode); 1621 struct fuse_conn *fc = fm->fc; 1622 struct fuse_inode *fi = get_fuse_inode(inode); 1623 FUSE_ARGS(args); 1624 struct fuse_setattr_in inarg; 1625 struct fuse_attr_out outarg; 1626 bool is_truncate = false; 1627 bool is_wb = fc->writeback_cache; 1628 loff_t oldsize; 1629 int err; 1630 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode); 1631 bool fault_blocked = false; 1632 1633 if (!fc->default_permissions) 1634 attr->ia_valid |= ATTR_FORCE; 1635 1636 err = setattr_prepare(dentry, attr); 1637 if (err) 1638 return err; 1639 1640 if (attr->ia_valid & ATTR_SIZE) { 1641 if (WARN_ON(!S_ISREG(inode->i_mode))) 1642 return -EIO; 1643 is_truncate = true; 1644 } 1645 1646 if (FUSE_IS_DAX(inode) && is_truncate) { 1647 down_write(&fi->i_mmap_sem); 1648 fault_blocked = true; 1649 err = fuse_dax_break_layouts(inode, 0, 0); 1650 if (err) { 1651 up_write(&fi->i_mmap_sem); 1652 return err; 1653 } 1654 } 1655 1656 if (attr->ia_valid & ATTR_OPEN) { 1657 /* This is coming from open(..., ... | O_TRUNC); */ 1658 WARN_ON(!(attr->ia_valid & ATTR_SIZE)); 1659 WARN_ON(attr->ia_size != 0); 1660 if (fc->atomic_o_trunc) { 1661 /* 1662 * No need to send request to userspace, since actual 1663 * truncation has already been done by OPEN. But still 1664 * need to truncate page cache. 1665 */ 1666 i_size_write(inode, 0); 1667 truncate_pagecache(inode, 0); 1668 goto out; 1669 } 1670 file = NULL; 1671 } 1672 1673 /* Flush dirty data/metadata before non-truncate SETATTR */ 1674 if (is_wb && S_ISREG(inode->i_mode) && 1675 attr->ia_valid & 1676 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET | 1677 ATTR_TIMES_SET)) { 1678 err = write_inode_now(inode, true); 1679 if (err) 1680 return err; 1681 1682 fuse_set_nowrite(inode); 1683 fuse_release_nowrite(inode); 1684 } 1685 1686 if (is_truncate) { 1687 fuse_set_nowrite(inode); 1688 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state); 1689 if (trust_local_cmtime && attr->ia_size != inode->i_size) 1690 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME; 1691 } 1692 1693 memset(&inarg, 0, sizeof(inarg)); 1694 memset(&outarg, 0, sizeof(outarg)); 1695 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime); 1696 if (file) { 1697 struct fuse_file *ff = file->private_data; 1698 inarg.valid |= FATTR_FH; 1699 inarg.fh = ff->fh; 1700 } 1701 if (attr->ia_valid & ATTR_SIZE) { 1702 /* For mandatory locking in truncate */ 1703 inarg.valid |= FATTR_LOCKOWNER; 1704 inarg.lock_owner = fuse_lock_owner_id(fc, current->files); 1705 } 1706 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg); 1707 err = fuse_simple_request(fm, &args); 1708 if (err) { 1709 if (err == -EINTR) 1710 fuse_invalidate_attr(inode); 1711 goto error; 1712 } 1713 1714 if (fuse_invalid_attr(&outarg.attr) || 1715 inode_wrong_type(inode, outarg.attr.mode)) { 1716 fuse_make_bad(inode); 1717 err = -EIO; 1718 goto error; 1719 } 1720 1721 spin_lock(&fi->lock); 1722 /* the kernel maintains i_mtime locally */ 1723 if (trust_local_cmtime) { 1724 if (attr->ia_valid & ATTR_MTIME) 1725 inode->i_mtime = attr->ia_mtime; 1726 if (attr->ia_valid & ATTR_CTIME) 1727 inode->i_ctime = attr->ia_ctime; 1728 /* FIXME: clear I_DIRTY_SYNC? */ 1729 } 1730 1731 fuse_change_attributes_common(inode, &outarg.attr, 1732 attr_timeout(&outarg)); 1733 oldsize = inode->i_size; 1734 /* see the comment in fuse_change_attributes() */ 1735 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode)) 1736 i_size_write(inode, outarg.attr.size); 1737 1738 if (is_truncate) { 1739 /* NOTE: this may release/reacquire fi->lock */ 1740 __fuse_release_nowrite(inode); 1741 } 1742 spin_unlock(&fi->lock); 1743 1744 /* 1745 * Only call invalidate_inode_pages2() after removing 1746 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock. 1747 */ 1748 if ((is_truncate || !is_wb) && 1749 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) { 1750 truncate_pagecache(inode, outarg.attr.size); 1751 invalidate_inode_pages2(inode->i_mapping); 1752 } 1753 1754 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state); 1755out: 1756 if (fault_blocked) 1757 up_write(&fi->i_mmap_sem); 1758 1759 return 0; 1760 1761error: 1762 if (is_truncate) 1763 fuse_release_nowrite(inode); 1764 1765 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state); 1766 1767 if (fault_blocked) 1768 up_write(&fi->i_mmap_sem); 1769 return err; 1770} 1771 1772static int fuse_setattr(struct dentry *entry, struct iattr *attr) 1773{ 1774 struct inode *inode = d_inode(entry); 1775 struct fuse_conn *fc = get_fuse_conn(inode); 1776 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL; 1777 int ret; 1778 1779 if (fuse_is_bad(inode)) 1780 return -EIO; 1781 1782 if (!fuse_allow_current_process(get_fuse_conn(inode))) 1783 return -EACCES; 1784 1785 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) { 1786 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID | 1787 ATTR_MODE); 1788 1789 /* 1790 * The only sane way to reliably kill suid/sgid is to do it in 1791 * the userspace filesystem 1792 * 1793 * This should be done on write(), truncate() and chown(). 1794 */ 1795 if (!fc->handle_killpriv) { 1796 /* 1797 * ia_mode calculation may have used stale i_mode. 1798 * Refresh and recalculate. 1799 */ 1800 ret = fuse_do_getattr(inode, NULL, file); 1801 if (ret) 1802 return ret; 1803 1804 attr->ia_mode = inode->i_mode; 1805 if (inode->i_mode & S_ISUID) { 1806 attr->ia_valid |= ATTR_MODE; 1807 attr->ia_mode &= ~S_ISUID; 1808 } 1809 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { 1810 attr->ia_valid |= ATTR_MODE; 1811 attr->ia_mode &= ~S_ISGID; 1812 } 1813 } 1814 } 1815 if (!attr->ia_valid) 1816 return 0; 1817 1818 ret = fuse_do_setattr(entry, attr, file); 1819 if (!ret) { 1820 /* 1821 * If filesystem supports acls it may have updated acl xattrs in 1822 * the filesystem, so forget cached acls for the inode. 1823 */ 1824 if (fc->posix_acl) 1825 forget_all_cached_acls(inode); 1826 1827 /* Directory mode changed, may need to revalidate access */ 1828 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE)) 1829 fuse_invalidate_entry_cache(entry); 1830 } 1831 return ret; 1832} 1833 1834static int fuse_getattr(const struct path *path, struct kstat *stat, 1835 u32 request_mask, unsigned int flags) 1836{ 1837 struct inode *inode = d_inode(path->dentry); 1838 struct fuse_conn *fc = get_fuse_conn(inode); 1839 1840 if (fuse_is_bad(inode)) 1841 return -EIO; 1842 1843 if (!fuse_allow_current_process(fc)) { 1844 if (!request_mask) { 1845 /* 1846 * If user explicitly requested *nothing* then don't 1847 * error out, but return st_dev only. 1848 */ 1849 stat->result_mask = 0; 1850 stat->dev = inode->i_sb->s_dev; 1851 return 0; 1852 } 1853 return -EACCES; 1854 } 1855 1856 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags); 1857} 1858 1859static const struct inode_operations fuse_dir_inode_operations = { 1860 .lookup = fuse_lookup, 1861 .mkdir = fuse_mkdir, 1862 .symlink = fuse_symlink, 1863 .unlink = fuse_unlink, 1864 .rmdir = fuse_rmdir, 1865 .rename = fuse_rename2, 1866 .link = fuse_link, 1867 .setattr = fuse_setattr, 1868 .create = fuse_create, 1869 .atomic_open = fuse_atomic_open, 1870 .mknod = fuse_mknod, 1871 .permission = fuse_permission, 1872 .getattr = fuse_getattr, 1873 .listxattr = fuse_listxattr, 1874 .get_acl = fuse_get_acl, 1875 .set_acl = fuse_set_acl, 1876}; 1877 1878static const struct file_operations fuse_dir_operations = { 1879 .llseek = generic_file_llseek, 1880 .read = generic_read_dir, 1881 .iterate_shared = fuse_readdir, 1882 .open = fuse_dir_open, 1883 .release = fuse_dir_release, 1884 .fsync = fuse_dir_fsync, 1885 .unlocked_ioctl = fuse_dir_ioctl, 1886 .compat_ioctl = fuse_dir_compat_ioctl, 1887}; 1888 1889static const struct inode_operations fuse_common_inode_operations = { 1890 .setattr = fuse_setattr, 1891 .permission = fuse_permission, 1892 .getattr = fuse_getattr, 1893 .listxattr = fuse_listxattr, 1894 .get_acl = fuse_get_acl, 1895 .set_acl = fuse_set_acl, 1896}; 1897 1898static const struct inode_operations fuse_symlink_inode_operations = { 1899 .setattr = fuse_setattr, 1900 .get_link = fuse_get_link, 1901 .getattr = fuse_getattr, 1902 .listxattr = fuse_listxattr, 1903}; 1904 1905void fuse_init_common(struct inode *inode) 1906{ 1907 inode->i_op = &fuse_common_inode_operations; 1908} 1909 1910void fuse_init_dir(struct inode *inode) 1911{ 1912 struct fuse_inode *fi = get_fuse_inode(inode); 1913 1914 inode->i_op = &fuse_dir_inode_operations; 1915 inode->i_fop = &fuse_dir_operations; 1916 1917 spin_lock_init(&fi->rdc.lock); 1918 fi->rdc.cached = false; 1919 fi->rdc.size = 0; 1920 fi->rdc.pos = 0; 1921 fi->rdc.version = 0; 1922} 1923 1924static int fuse_symlink_readpage(struct file *null, struct page *page) 1925{ 1926 int err = fuse_readlink_page(page->mapping->host, page); 1927 1928 if (!err) 1929 SetPageUptodate(page); 1930 1931 unlock_page(page); 1932 1933 return err; 1934} 1935 1936static const struct address_space_operations fuse_symlink_aops = { 1937 .readpage = fuse_symlink_readpage, 1938}; 1939 1940void fuse_init_symlink(struct inode *inode) 1941{ 1942 inode->i_op = &fuse_symlink_inode_operations; 1943 inode->i_data.a_ops = &fuse_symlink_aops; 1944 inode_nohighmem(inode); 1945} 1946