1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright 1997-1998 Transmeta Corporation -- All Rights Reserved 4 * Copyright 1999-2000 Jeremy Fitzhardinge <jeremy@goop.org> 5 * Copyright 2001-2006 Ian Kent <raven@themaw.net> 6 */ 7 8 #include <linux/capability.h> 9 #include <linux/compat.h> 10 11 #include "autofs_i.h" 12 13 static int autofs_dir_symlink(struct inode *, struct dentry *, const char *); 14 static int autofs_dir_unlink(struct inode *, struct dentry *); 15 static int autofs_dir_rmdir(struct inode *, struct dentry *); 16 static int autofs_dir_mkdir(struct inode *, struct dentry *, umode_t); 17 static long autofs_root_ioctl(struct file *, unsigned int, unsigned long); 18 #ifdef CONFIG_COMPAT 19 static long autofs_root_compat_ioctl(struct file *, 20 unsigned int, unsigned long); 21 #endif 22 static int autofs_dir_open(struct inode *inode, struct file *file); 23 static struct dentry *autofs_lookup(struct inode *, 24 struct dentry *, unsigned int); 25 static struct vfsmount *autofs_d_automount(struct path *); 26 static int autofs_d_manage(const struct path *, bool); 27 static void autofs_dentry_release(struct dentry *); 28 29 const struct file_operations autofs_root_operations = { 30 .open = dcache_dir_open, 31 .release = dcache_dir_close, 32 .read = generic_read_dir, 33 .iterate_shared = dcache_readdir, 34 .llseek = dcache_dir_lseek, 35 .unlocked_ioctl = autofs_root_ioctl, 36 #ifdef CONFIG_COMPAT 37 .compat_ioctl = autofs_root_compat_ioctl, 38 #endif 39 }; 40 41 const struct file_operations autofs_dir_operations = { 42 .open = autofs_dir_open, 43 .release = dcache_dir_close, 44 .read = generic_read_dir, 45 .iterate_shared = dcache_readdir, 46 .llseek = dcache_dir_lseek, 47 }; 48 49 const struct inode_operations autofs_dir_inode_operations = { 50 .lookup = autofs_lookup, 51 .unlink = autofs_dir_unlink, 52 .symlink = autofs_dir_symlink, 53 .mkdir = autofs_dir_mkdir, 54 .rmdir = autofs_dir_rmdir, 55 }; 56 57 const struct dentry_operations autofs_dentry_operations = { 58 .d_automount = autofs_d_automount, 59 .d_manage = autofs_d_manage, 60 .d_release = autofs_dentry_release, 61 }; 62 63 static void autofs_del_active(struct dentry *dentry) 64 { 65 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 66 struct autofs_info *ino; 67 68 ino = autofs_dentry_ino(dentry); 69 spin_lock(&sbi->lookup_lock); 70 list_del_init(&ino->active); 71 spin_unlock(&sbi->lookup_lock); 72 } 73 74 static int autofs_dir_open(struct inode *inode, struct file *file) 75 { 76 struct dentry *dentry = file->f_path.dentry; 77 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 78 79 pr_debug("file=%p dentry=%p %pd\n", file, dentry, dentry); 80 81 if (autofs_oz_mode(sbi)) 82 goto out; 83 84 /* 85 * An empty directory in an autofs file system is always a 86 * mount point. The daemon must have failed to mount this 87 * during lookup so it doesn't exist. This can happen, for 88 * example, if user space returns an incorrect status for a 89 * mount request. Otherwise we're doing a readdir on the 90 * autofs file system so just let the libfs routines handle 91 * it. 92 */ 93 spin_lock(&sbi->lookup_lock); 94 if (!path_is_mountpoint(&file->f_path) && simple_empty(dentry)) { 95 spin_unlock(&sbi->lookup_lock); 96 return -ENOENT; 97 } 98 spin_unlock(&sbi->lookup_lock); 99 100 out: 101 return dcache_dir_open(inode, file); 102 } 103 104 static void autofs_dentry_release(struct dentry *de) 105 { 106 struct autofs_info *ino = autofs_dentry_ino(de); 107 struct autofs_sb_info *sbi = autofs_sbi(de->d_sb); 108 109 pr_debug("releasing %p\n", de); 110 111 if (!ino) 112 return; 113 114 if (sbi) { 115 spin_lock(&sbi->lookup_lock); 116 if (!list_empty(&ino->active)) 117 list_del(&ino->active); 118 if (!list_empty(&ino->expiring)) 119 list_del(&ino->expiring); 120 spin_unlock(&sbi->lookup_lock); 121 } 122 123 autofs_free_ino(ino); 124 } 125 126 static struct dentry *autofs_lookup_active(struct dentry *dentry) 127 { 128 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 129 struct dentry *parent = dentry->d_parent; 130 const struct qstr *name = &dentry->d_name; 131 unsigned int len = name->len; 132 unsigned int hash = name->hash; 133 const unsigned char *str = name->name; 134 struct list_head *p, *head; 135 136 head = &sbi->active_list; 137 if (list_empty(head)) 138 return NULL; 139 spin_lock(&sbi->lookup_lock); 140 list_for_each(p, head) { 141 struct autofs_info *ino; 142 struct dentry *active; 143 const struct qstr *qstr; 144 145 ino = list_entry(p, struct autofs_info, active); 146 active = ino->dentry; 147 148 spin_lock(&active->d_lock); 149 150 /* Already gone? */ 151 if ((int) d_count(active) <= 0) 152 goto next; 153 154 qstr = &active->d_name; 155 156 if (active->d_name.hash != hash) 157 goto next; 158 if (active->d_parent != parent) 159 goto next; 160 161 if (qstr->len != len) 162 goto next; 163 if (memcmp(qstr->name, str, len)) 164 goto next; 165 166 if (d_unhashed(active)) { 167 dget_dlock(active); 168 spin_unlock(&active->d_lock); 169 spin_unlock(&sbi->lookup_lock); 170 return active; 171 } 172 next: 173 spin_unlock(&active->d_lock); 174 } 175 spin_unlock(&sbi->lookup_lock); 176 177 return NULL; 178 } 179 180 static struct dentry *autofs_lookup_expiring(struct dentry *dentry, 181 bool rcu_walk) 182 { 183 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 184 struct dentry *parent = dentry->d_parent; 185 const struct qstr *name = &dentry->d_name; 186 unsigned int len = name->len; 187 unsigned int hash = name->hash; 188 const unsigned char *str = name->name; 189 struct list_head *p, *head; 190 191 head = &sbi->expiring_list; 192 if (list_empty(head)) 193 return NULL; 194 spin_lock(&sbi->lookup_lock); 195 list_for_each(p, head) { 196 struct autofs_info *ino; 197 struct dentry *expiring; 198 const struct qstr *qstr; 199 200 if (rcu_walk) { 201 spin_unlock(&sbi->lookup_lock); 202 return ERR_PTR(-ECHILD); 203 } 204 205 ino = list_entry(p, struct autofs_info, expiring); 206 expiring = ino->dentry; 207 208 spin_lock(&expiring->d_lock); 209 210 /* We've already been dentry_iput or unlinked */ 211 if (d_really_is_negative(expiring)) 212 goto next; 213 214 qstr = &expiring->d_name; 215 216 if (expiring->d_name.hash != hash) 217 goto next; 218 if (expiring->d_parent != parent) 219 goto next; 220 221 if (qstr->len != len) 222 goto next; 223 if (memcmp(qstr->name, str, len)) 224 goto next; 225 226 if (d_unhashed(expiring)) { 227 dget_dlock(expiring); 228 spin_unlock(&expiring->d_lock); 229 spin_unlock(&sbi->lookup_lock); 230 return expiring; 231 } 232 next: 233 spin_unlock(&expiring->d_lock); 234 } 235 spin_unlock(&sbi->lookup_lock); 236 237 return NULL; 238 } 239 240 static int autofs_mount_wait(const struct path *path, bool rcu_walk) 241 { 242 struct autofs_sb_info *sbi = autofs_sbi(path->dentry->d_sb); 243 struct autofs_info *ino = autofs_dentry_ino(path->dentry); 244 int status = 0; 245 246 if (ino->flags & AUTOFS_INF_PENDING) { 247 if (rcu_walk) 248 return -ECHILD; 249 pr_debug("waiting for mount name=%pd\n", path->dentry); 250 status = autofs_wait(sbi, path, NFY_MOUNT); 251 pr_debug("mount wait done status=%d\n", status); 252 ino->last_used = jiffies; 253 return status; 254 } 255 if (!(sbi->flags & AUTOFS_SBI_STRICTEXPIRE)) 256 ino->last_used = jiffies; 257 return status; 258 } 259 260 static int do_expire_wait(const struct path *path, bool rcu_walk) 261 { 262 struct dentry *dentry = path->dentry; 263 struct dentry *expiring; 264 265 expiring = autofs_lookup_expiring(dentry, rcu_walk); 266 if (IS_ERR(expiring)) 267 return PTR_ERR(expiring); 268 if (!expiring) 269 return autofs_expire_wait(path, rcu_walk); 270 else { 271 const struct path this = { .mnt = path->mnt, .dentry = expiring }; 272 /* 273 * If we are racing with expire the request might not 274 * be quite complete, but the directory has been removed 275 * so it must have been successful, just wait for it. 276 */ 277 autofs_expire_wait(&this, 0); 278 autofs_del_expiring(expiring); 279 dput(expiring); 280 } 281 return 0; 282 } 283 284 static struct dentry *autofs_mountpoint_changed(struct path *path) 285 { 286 struct dentry *dentry = path->dentry; 287 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 288 289 /* 290 * If this is an indirect mount the dentry could have gone away 291 * as a result of an expire and a new one created. 292 */ 293 if (autofs_type_indirect(sbi->type) && d_unhashed(dentry)) { 294 struct dentry *parent = dentry->d_parent; 295 struct autofs_info *ino; 296 struct dentry *new; 297 298 new = d_lookup(parent, &dentry->d_name); 299 if (!new) 300 return NULL; 301 ino = autofs_dentry_ino(new); 302 ino->last_used = jiffies; 303 dput(path->dentry); 304 path->dentry = new; 305 } 306 return path->dentry; 307 } 308 309 static struct vfsmount *autofs_d_automount(struct path *path) 310 { 311 struct dentry *dentry = path->dentry; 312 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 313 struct autofs_info *ino = autofs_dentry_ino(dentry); 314 int status; 315 316 pr_debug("dentry=%p %pd\n", dentry, dentry); 317 318 /* The daemon never triggers a mount. */ 319 if (autofs_oz_mode(sbi)) 320 return NULL; 321 322 /* 323 * If an expire request is pending everyone must wait. 324 * If the expire fails we're still mounted so continue 325 * the follow and return. A return of -EAGAIN (which only 326 * happens with indirect mounts) means the expire completed 327 * and the directory was removed, so just go ahead and try 328 * the mount. 329 */ 330 status = do_expire_wait(path, 0); 331 if (status && status != -EAGAIN) 332 return NULL; 333 334 /* Callback to the daemon to perform the mount or wait */ 335 spin_lock(&sbi->fs_lock); 336 if (ino->flags & AUTOFS_INF_PENDING) { 337 spin_unlock(&sbi->fs_lock); 338 status = autofs_mount_wait(path, 0); 339 if (status) 340 return ERR_PTR(status); 341 goto done; 342 } 343 344 /* 345 * If the dentry is a symlink it's equivalent to a directory 346 * having path_is_mountpoint() true, so there's no need to call 347 * back to the daemon. 348 */ 349 if (d_really_is_positive(dentry) && d_is_symlink(dentry)) { 350 spin_unlock(&sbi->fs_lock); 351 goto done; 352 } 353 354 if (!path_is_mountpoint(path)) { 355 /* 356 * It's possible that user space hasn't removed directories 357 * after umounting a rootless multi-mount, although it 358 * should. For v5 path_has_submounts() is sufficient to 359 * handle this because the leaves of the directory tree under 360 * the mount never trigger mounts themselves (they have an 361 * autofs trigger mount mounted on them). But v4 pseudo direct 362 * mounts do need the leaves to trigger mounts. In this case 363 * we have no choice but to use the list_empty() check and 364 * require user space behave. 365 */ 366 if (sbi->version > 4) { 367 if (path_has_submounts(path)) { 368 spin_unlock(&sbi->fs_lock); 369 goto done; 370 } 371 } else { 372 if (!simple_empty(dentry)) { 373 spin_unlock(&sbi->fs_lock); 374 goto done; 375 } 376 } 377 ino->flags |= AUTOFS_INF_PENDING; 378 spin_unlock(&sbi->fs_lock); 379 status = autofs_mount_wait(path, 0); 380 spin_lock(&sbi->fs_lock); 381 ino->flags &= ~AUTOFS_INF_PENDING; 382 if (status) { 383 spin_unlock(&sbi->fs_lock); 384 return ERR_PTR(status); 385 } 386 } 387 spin_unlock(&sbi->fs_lock); 388 done: 389 /* Mount succeeded, check if we ended up with a new dentry */ 390 dentry = autofs_mountpoint_changed(path); 391 if (!dentry) 392 return ERR_PTR(-ENOENT); 393 394 return NULL; 395 } 396 397 static int autofs_d_manage(const struct path *path, bool rcu_walk) 398 { 399 struct dentry *dentry = path->dentry; 400 struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb); 401 struct autofs_info *ino = autofs_dentry_ino(dentry); 402 int status; 403 404 pr_debug("dentry=%p %pd\n", dentry, dentry); 405 406 /* The daemon never waits. */ 407 if (autofs_oz_mode(sbi)) { 408 if (!path_is_mountpoint(path)) 409 return -EISDIR; 410 return 0; 411 } 412 413 /* Wait for pending expires */ 414 if (do_expire_wait(path, rcu_walk) == -ECHILD) 415 return -ECHILD; 416 417 /* 418 * This dentry may be under construction so wait on mount 419 * completion. 420 */ 421 status = autofs_mount_wait(path, rcu_walk); 422 if (status) 423 return status; 424 425 if (rcu_walk) { 426 /* We don't need fs_lock in rcu_walk mode, 427 * just testing 'AUTOFS_INFO_NO_RCU' is enough. 428 * simple_empty() takes a spinlock, so leave it 429 * to last. 430 * We only return -EISDIR when certain this isn't 431 * a mount-trap. 432 */ 433 struct inode *inode; 434 435 if (ino->flags & AUTOFS_INF_WANT_EXPIRE) 436 return 0; 437 if (path_is_mountpoint(path)) 438 return 0; 439 inode = d_inode_rcu(dentry); 440 if (inode && S_ISLNK(inode->i_mode)) 441 return -EISDIR; 442 if (list_empty(&dentry->d_subdirs)) 443 return 0; 444 if (!simple_empty(dentry)) 445 return -EISDIR; 446 return 0; 447 } 448 449 spin_lock(&sbi->fs_lock); 450 /* 451 * If the dentry has been selected for expire while we slept 452 * on the lock then it might go away. We'll deal with that in 453 * ->d_automount() and wait on a new mount if the expire 454 * succeeds or return here if it doesn't (since there's no 455 * mount to follow with a rootless multi-mount). 456 */ 457 if (!(ino->flags & AUTOFS_INF_EXPIRING)) { 458 /* 459 * Any needed mounting has been completed and the path 460 * updated so check if this is a rootless multi-mount so 461 * we can avoid needless calls ->d_automount() and avoid 462 * an incorrect ELOOP error return. 463 */ 464 if ((!path_is_mountpoint(path) && !simple_empty(dentry)) || 465 (d_really_is_positive(dentry) && d_is_symlink(dentry))) 466 status = -EISDIR; 467 } 468 spin_unlock(&sbi->fs_lock); 469 470 return status; 471 } 472 473 /* Lookups in the root directory */ 474 static struct dentry *autofs_lookup(struct inode *dir, 475 struct dentry *dentry, unsigned int flags) 476 { 477 struct autofs_sb_info *sbi; 478 struct autofs_info *ino; 479 struct dentry *active; 480 481 pr_debug("name = %pd\n", dentry); 482 483 /* File name too long to exist */ 484 if (dentry->d_name.len > NAME_MAX) 485 return ERR_PTR(-ENAMETOOLONG); 486 487 sbi = autofs_sbi(dir->i_sb); 488 489 pr_debug("pid = %u, pgrp = %u, catatonic = %d, oz_mode = %d\n", 490 current->pid, task_pgrp_nr(current), 491 sbi->flags & AUTOFS_SBI_CATATONIC, 492 autofs_oz_mode(sbi)); 493 494 active = autofs_lookup_active(dentry); 495 if (active) 496 return active; 497 else { 498 /* 499 * A dentry that is not within the root can never trigger a 500 * mount operation, unless the directory already exists, so we 501 * can return fail immediately. The daemon however does need 502 * to create directories within the file system. 503 */ 504 if (!autofs_oz_mode(sbi) && !IS_ROOT(dentry->d_parent)) 505 return ERR_PTR(-ENOENT); 506 507 ino = autofs_new_ino(sbi); 508 if (!ino) 509 return ERR_PTR(-ENOMEM); 510 511 spin_lock(&sbi->lookup_lock); 512 spin_lock(&dentry->d_lock); 513 /* Mark entries in the root as mount triggers */ 514 if (IS_ROOT(dentry->d_parent) && 515 autofs_type_indirect(sbi->type)) 516 __managed_dentry_set_managed(dentry); 517 dentry->d_fsdata = ino; 518 ino->dentry = dentry; 519 520 list_add(&ino->active, &sbi->active_list); 521 spin_unlock(&sbi->lookup_lock); 522 spin_unlock(&dentry->d_lock); 523 } 524 return NULL; 525 } 526 527 static int autofs_dir_symlink(struct inode *dir, 528 struct dentry *dentry, 529 const char *symname) 530 { 531 struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb); 532 struct autofs_info *ino = autofs_dentry_ino(dentry); 533 struct autofs_info *p_ino; 534 struct inode *inode; 535 size_t size = strlen(symname); 536 char *cp; 537 538 pr_debug("%s <- %pd\n", symname, dentry); 539 540 if (!autofs_oz_mode(sbi)) 541 return -EACCES; 542 543 /* autofs_oz_mode() needs to allow path walks when the 544 * autofs mount is catatonic but the state of an autofs 545 * file system needs to be preserved over restarts. 546 */ 547 if (sbi->flags & AUTOFS_SBI_CATATONIC) 548 return -EACCES; 549 550 BUG_ON(!ino); 551 552 autofs_clean_ino(ino); 553 554 autofs_del_active(dentry); 555 556 cp = kmalloc(size + 1, GFP_KERNEL); 557 if (!cp) 558 return -ENOMEM; 559 560 strcpy(cp, symname); 561 562 inode = autofs_get_inode(dir->i_sb, S_IFLNK | 0555); 563 if (!inode) { 564 kfree(cp); 565 return -ENOMEM; 566 } 567 inode->i_private = cp; 568 inode->i_size = size; 569 d_add(dentry, inode); 570 571 dget(dentry); 572 ino->count++; 573 p_ino = autofs_dentry_ino(dentry->d_parent); 574 p_ino->count++; 575 576 dir->i_mtime = current_time(dir); 577 578 return 0; 579 } 580 581 /* 582 * NOTE! 583 * 584 * Normal filesystems would do a "d_delete()" to tell the VFS dcache 585 * that the file no longer exists. However, doing that means that the 586 * VFS layer can turn the dentry into a negative dentry. We don't want 587 * this, because the unlink is probably the result of an expire. 588 * We simply d_drop it and add it to a expiring list in the super block, 589 * which allows the dentry lookup to check for an incomplete expire. 590 * 591 * If a process is blocked on the dentry waiting for the expire to finish, 592 * it will invalidate the dentry and try to mount with a new one. 593 * 594 * Also see autofs_dir_rmdir().. 595 */ 596 static int autofs_dir_unlink(struct inode *dir, struct dentry *dentry) 597 { 598 struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb); 599 struct autofs_info *ino = autofs_dentry_ino(dentry); 600 struct autofs_info *p_ino; 601 602 if (!autofs_oz_mode(sbi)) 603 return -EACCES; 604 605 /* autofs_oz_mode() needs to allow path walks when the 606 * autofs mount is catatonic but the state of an autofs 607 * file system needs to be preserved over restarts. 608 */ 609 if (sbi->flags & AUTOFS_SBI_CATATONIC) 610 return -EACCES; 611 612 ino->count--; 613 p_ino = autofs_dentry_ino(dentry->d_parent); 614 p_ino->count--; 615 dput(ino->dentry); 616 617 d_inode(dentry)->i_size = 0; 618 clear_nlink(d_inode(dentry)); 619 620 dir->i_mtime = current_time(dir); 621 622 spin_lock(&sbi->lookup_lock); 623 __autofs_add_expiring(dentry); 624 d_drop(dentry); 625 spin_unlock(&sbi->lookup_lock); 626 627 return 0; 628 } 629 630 /* 631 * Version 4 of autofs provides a pseudo direct mount implementation 632 * that relies on directories at the leaves of a directory tree under 633 * an indirect mount to trigger mounts. To allow for this we need to 634 * set the DMANAGED_AUTOMOUNT and DMANAGED_TRANSIT flags on the leaves 635 * of the directory tree. There is no need to clear the automount flag 636 * following a mount or restore it after an expire because these mounts 637 * are always covered. However, it is necessary to ensure that these 638 * flags are clear on non-empty directories to avoid unnecessary calls 639 * during path walks. 640 */ 641 static void autofs_set_leaf_automount_flags(struct dentry *dentry) 642 { 643 struct dentry *parent; 644 645 /* root and dentrys in the root are already handled */ 646 if (IS_ROOT(dentry->d_parent)) 647 return; 648 649 managed_dentry_set_managed(dentry); 650 651 parent = dentry->d_parent; 652 /* only consider parents below dentrys in the root */ 653 if (IS_ROOT(parent->d_parent)) 654 return; 655 managed_dentry_clear_managed(parent); 656 } 657 658 static void autofs_clear_leaf_automount_flags(struct dentry *dentry) 659 { 660 struct dentry *parent; 661 662 /* flags for dentrys in the root are handled elsewhere */ 663 if (IS_ROOT(dentry->d_parent)) 664 return; 665 666 managed_dentry_clear_managed(dentry); 667 668 parent = dentry->d_parent; 669 /* only consider parents below dentrys in the root */ 670 if (IS_ROOT(parent->d_parent)) 671 return; 672 if (autofs_dentry_ino(parent)->count == 2) 673 managed_dentry_set_managed(parent); 674 } 675 676 static int autofs_dir_rmdir(struct inode *dir, struct dentry *dentry) 677 { 678 struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb); 679 struct autofs_info *ino = autofs_dentry_ino(dentry); 680 struct autofs_info *p_ino; 681 682 pr_debug("dentry %p, removing %pd\n", dentry, dentry); 683 684 if (!autofs_oz_mode(sbi)) 685 return -EACCES; 686 687 /* autofs_oz_mode() needs to allow path walks when the 688 * autofs mount is catatonic but the state of an autofs 689 * file system needs to be preserved over restarts. 690 */ 691 if (sbi->flags & AUTOFS_SBI_CATATONIC) 692 return -EACCES; 693 694 if (ino->count != 1) 695 return -ENOTEMPTY; 696 697 spin_lock(&sbi->lookup_lock); 698 __autofs_add_expiring(dentry); 699 d_drop(dentry); 700 spin_unlock(&sbi->lookup_lock); 701 702 if (sbi->version < 5) 703 autofs_clear_leaf_automount_flags(dentry); 704 705 ino->count--; 706 p_ino = autofs_dentry_ino(dentry->d_parent); 707 p_ino->count--; 708 dput(ino->dentry); 709 d_inode(dentry)->i_size = 0; 710 clear_nlink(d_inode(dentry)); 711 712 if (dir->i_nlink) 713 drop_nlink(dir); 714 715 return 0; 716 } 717 718 static int autofs_dir_mkdir(struct inode *dir, 719 struct dentry *dentry, umode_t mode) 720 { 721 struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb); 722 struct autofs_info *ino = autofs_dentry_ino(dentry); 723 struct autofs_info *p_ino; 724 struct inode *inode; 725 726 if (!autofs_oz_mode(sbi)) 727 return -EACCES; 728 729 /* autofs_oz_mode() needs to allow path walks when the 730 * autofs mount is catatonic but the state of an autofs 731 * file system needs to be preserved over restarts. 732 */ 733 if (sbi->flags & AUTOFS_SBI_CATATONIC) 734 return -EACCES; 735 736 pr_debug("dentry %p, creating %pd\n", dentry, dentry); 737 738 BUG_ON(!ino); 739 740 autofs_clean_ino(ino); 741 742 autofs_del_active(dentry); 743 744 inode = autofs_get_inode(dir->i_sb, S_IFDIR | mode); 745 if (!inode) 746 return -ENOMEM; 747 d_add(dentry, inode); 748 749 if (sbi->version < 5) 750 autofs_set_leaf_automount_flags(dentry); 751 752 dget(dentry); 753 ino->count++; 754 p_ino = autofs_dentry_ino(dentry->d_parent); 755 p_ino->count++; 756 inc_nlink(dir); 757 dir->i_mtime = current_time(dir); 758 759 return 0; 760 } 761 762 /* Get/set timeout ioctl() operation */ 763 #ifdef CONFIG_COMPAT 764 static inline int autofs_compat_get_set_timeout(struct autofs_sb_info *sbi, 765 compat_ulong_t __user *p) 766 { 767 unsigned long ntimeout; 768 int rv; 769 770 rv = get_user(ntimeout, p); 771 if (rv) 772 goto error; 773 774 rv = put_user(sbi->exp_timeout/HZ, p); 775 if (rv) 776 goto error; 777 778 if (ntimeout > UINT_MAX/HZ) 779 sbi->exp_timeout = 0; 780 else 781 sbi->exp_timeout = ntimeout * HZ; 782 783 return 0; 784 error: 785 return rv; 786 } 787 #endif 788 789 static inline int autofs_get_set_timeout(struct autofs_sb_info *sbi, 790 unsigned long __user *p) 791 { 792 unsigned long ntimeout; 793 int rv; 794 795 rv = get_user(ntimeout, p); 796 if (rv) 797 goto error; 798 799 rv = put_user(sbi->exp_timeout/HZ, p); 800 if (rv) 801 goto error; 802 803 if (ntimeout > ULONG_MAX/HZ) 804 sbi->exp_timeout = 0; 805 else 806 sbi->exp_timeout = ntimeout * HZ; 807 808 return 0; 809 error: 810 return rv; 811 } 812 813 /* Return protocol version */ 814 static inline int autofs_get_protover(struct autofs_sb_info *sbi, 815 int __user *p) 816 { 817 return put_user(sbi->version, p); 818 } 819 820 /* Return protocol sub version */ 821 static inline int autofs_get_protosubver(struct autofs_sb_info *sbi, 822 int __user *p) 823 { 824 return put_user(sbi->sub_version, p); 825 } 826 827 /* 828 * Tells the daemon whether it can umount the autofs mount. 829 */ 830 static inline int autofs_ask_umount(struct vfsmount *mnt, int __user *p) 831 { 832 int status = 0; 833 834 if (may_umount(mnt)) 835 status = 1; 836 837 pr_debug("may umount %d\n", status); 838 839 status = put_user(status, p); 840 841 return status; 842 } 843 844 /* Identify autofs_dentries - this is so we can tell if there's 845 * an extra dentry refcount or not. We only hold a refcount on the 846 * dentry if its non-negative (ie, d_inode != NULL) 847 */ 848 int is_autofs_dentry(struct dentry *dentry) 849 { 850 return dentry && d_really_is_positive(dentry) && 851 dentry->d_op == &autofs_dentry_operations && 852 dentry->d_fsdata != NULL; 853 } 854 855 /* 856 * ioctl()'s on the root directory is the chief method for the daemon to 857 * generate kernel reactions 858 */ 859 static int autofs_root_ioctl_unlocked(struct inode *inode, struct file *filp, 860 unsigned int cmd, unsigned long arg) 861 { 862 struct autofs_sb_info *sbi = autofs_sbi(inode->i_sb); 863 void __user *p = (void __user *)arg; 864 865 pr_debug("cmd = 0x%08x, arg = 0x%08lx, sbi = %p, pgrp = %u\n", 866 cmd, arg, sbi, task_pgrp_nr(current)); 867 868 if (_IOC_TYPE(cmd) != _IOC_TYPE(AUTOFS_IOC_FIRST) || 869 _IOC_NR(cmd) - _IOC_NR(AUTOFS_IOC_FIRST) >= AUTOFS_IOC_COUNT) 870 return -ENOTTY; 871 872 if (!autofs_oz_mode(sbi) && !capable(CAP_SYS_ADMIN)) 873 return -EPERM; 874 875 switch (cmd) { 876 case AUTOFS_IOC_READY: /* Wait queue: go ahead and retry */ 877 return autofs_wait_release(sbi, (autofs_wqt_t) arg, 0); 878 case AUTOFS_IOC_FAIL: /* Wait queue: fail with ENOENT */ 879 return autofs_wait_release(sbi, (autofs_wqt_t) arg, -ENOENT); 880 case AUTOFS_IOC_CATATONIC: /* Enter catatonic mode (daemon shutdown) */ 881 autofs_catatonic_mode(sbi); 882 return 0; 883 case AUTOFS_IOC_PROTOVER: /* Get protocol version */ 884 return autofs_get_protover(sbi, p); 885 case AUTOFS_IOC_PROTOSUBVER: /* Get protocol sub version */ 886 return autofs_get_protosubver(sbi, p); 887 case AUTOFS_IOC_SETTIMEOUT: 888 return autofs_get_set_timeout(sbi, p); 889 #ifdef CONFIG_COMPAT 890 case AUTOFS_IOC_SETTIMEOUT32: 891 return autofs_compat_get_set_timeout(sbi, p); 892 #endif 893 894 case AUTOFS_IOC_ASKUMOUNT: 895 return autofs_ask_umount(filp->f_path.mnt, p); 896 897 /* return a single thing to expire */ 898 case AUTOFS_IOC_EXPIRE: 899 return autofs_expire_run(inode->i_sb, filp->f_path.mnt, sbi, p); 900 /* same as above, but can send multiple expires through pipe */ 901 case AUTOFS_IOC_EXPIRE_MULTI: 902 return autofs_expire_multi(inode->i_sb, 903 filp->f_path.mnt, sbi, p); 904 905 default: 906 return -EINVAL; 907 } 908 } 909 910 static long autofs_root_ioctl(struct file *filp, 911 unsigned int cmd, unsigned long arg) 912 { 913 struct inode *inode = file_inode(filp); 914 915 return autofs_root_ioctl_unlocked(inode, filp, cmd, arg); 916 } 917 918 #ifdef CONFIG_COMPAT 919 static long autofs_root_compat_ioctl(struct file *filp, 920 unsigned int cmd, unsigned long arg) 921 { 922 struct inode *inode = file_inode(filp); 923 int ret; 924 925 if (cmd == AUTOFS_IOC_READY || cmd == AUTOFS_IOC_FAIL) 926 ret = autofs_root_ioctl_unlocked(inode, filp, cmd, arg); 927 else 928 ret = autofs_root_ioctl_unlocked(inode, filp, cmd, 929 (unsigned long) compat_ptr(arg)); 930 931 return ret; 932 } 933 #endif 934