xref: /openbmc/linux/fs/fuse/dir.c (revision 851f6657)
1 /*
2   FUSE: Filesystem in Userspace
3   Copyright (C) 2001-2008  Miklos Szeredi <miklos@szeredi.hu>
4 
5   This program can be distributed under the terms of the GNU GPL.
6   See the file COPYING.
7 */
8 
9 #include "fuse_i.h"
10 
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
16 
17 static bool fuse_use_readdirplus(struct inode *dir, struct file *filp)
18 {
19 	struct fuse_conn *fc = get_fuse_conn(dir);
20 	struct fuse_inode *fi = get_fuse_inode(dir);
21 
22 	if (!fc->do_readdirplus)
23 		return false;
24 	if (!fc->readdirplus_auto)
25 		return true;
26 	if (test_and_clear_bit(FUSE_I_ADVISE_RDPLUS, &fi->state))
27 		return true;
28 	if (filp->f_pos == 0)
29 		return true;
30 	return false;
31 }
32 
33 static void fuse_advise_use_readdirplus(struct inode *dir)
34 {
35 	struct fuse_inode *fi = get_fuse_inode(dir);
36 
37 	set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
38 }
39 
40 #if BITS_PER_LONG >= 64
41 static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
42 {
43 	entry->d_time = time;
44 }
45 
46 static inline u64 fuse_dentry_time(struct dentry *entry)
47 {
48 	return entry->d_time;
49 }
50 #else
51 /*
52  * On 32 bit archs store the high 32 bits of time in d_fsdata
53  */
54 static void fuse_dentry_settime(struct dentry *entry, u64 time)
55 {
56 	entry->d_time = time;
57 	entry->d_fsdata = (void *) (unsigned long) (time >> 32);
58 }
59 
60 static u64 fuse_dentry_time(struct dentry *entry)
61 {
62 	return (u64) entry->d_time +
63 		((u64) (unsigned long) entry->d_fsdata << 32);
64 }
65 #endif
66 
67 /*
68  * FUSE caches dentries and attributes with separate timeout.  The
69  * time in jiffies until the dentry/attributes are valid is stored in
70  * dentry->d_time and fuse_inode->i_time respectively.
71  */
72 
73 /*
74  * Calculate the time in jiffies until a dentry/attributes are valid
75  */
76 static u64 time_to_jiffies(unsigned long sec, unsigned long nsec)
77 {
78 	if (sec || nsec) {
79 		struct timespec ts = {sec, nsec};
80 		return get_jiffies_64() + timespec_to_jiffies(&ts);
81 	} else
82 		return 0;
83 }
84 
85 /*
86  * Set dentry and possibly attribute timeouts from the lookup/mk*
87  * replies
88  */
89 static void fuse_change_entry_timeout(struct dentry *entry,
90 				      struct fuse_entry_out *o)
91 {
92 	fuse_dentry_settime(entry,
93 		time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
94 }
95 
96 static u64 attr_timeout(struct fuse_attr_out *o)
97 {
98 	return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
99 }
100 
101 static u64 entry_attr_timeout(struct fuse_entry_out *o)
102 {
103 	return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
104 }
105 
106 /*
107  * Mark the attributes as stale, so that at the next call to
108  * ->getattr() they will be fetched from userspace
109  */
110 void fuse_invalidate_attr(struct inode *inode)
111 {
112 	get_fuse_inode(inode)->i_time = 0;
113 }
114 
115 /*
116  * Just mark the entry as stale, so that a next attempt to look it up
117  * will result in a new lookup call to userspace
118  *
119  * This is called when a dentry is about to become negative and the
120  * timeout is unknown (unlink, rmdir, rename and in some cases
121  * lookup)
122  */
123 void fuse_invalidate_entry_cache(struct dentry *entry)
124 {
125 	fuse_dentry_settime(entry, 0);
126 }
127 
128 /*
129  * Same as fuse_invalidate_entry_cache(), but also try to remove the
130  * dentry from the hash
131  */
132 static void fuse_invalidate_entry(struct dentry *entry)
133 {
134 	d_invalidate(entry);
135 	fuse_invalidate_entry_cache(entry);
136 }
137 
138 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_req *req,
139 			     u64 nodeid, struct qstr *name,
140 			     struct fuse_entry_out *outarg)
141 {
142 	memset(outarg, 0, sizeof(struct fuse_entry_out));
143 	req->in.h.opcode = FUSE_LOOKUP;
144 	req->in.h.nodeid = nodeid;
145 	req->in.numargs = 1;
146 	req->in.args[0].size = name->len + 1;
147 	req->in.args[0].value = name->name;
148 	req->out.numargs = 1;
149 	if (fc->minor < 9)
150 		req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
151 	else
152 		req->out.args[0].size = sizeof(struct fuse_entry_out);
153 	req->out.args[0].value = outarg;
154 }
155 
156 u64 fuse_get_attr_version(struct fuse_conn *fc)
157 {
158 	u64 curr_version;
159 
160 	/*
161 	 * The spin lock isn't actually needed on 64bit archs, but we
162 	 * don't yet care too much about such optimizations.
163 	 */
164 	spin_lock(&fc->lock);
165 	curr_version = fc->attr_version;
166 	spin_unlock(&fc->lock);
167 
168 	return curr_version;
169 }
170 
171 /*
172  * Check whether the dentry is still valid
173  *
174  * If the entry validity timeout has expired and the dentry is
175  * positive, try to redo the lookup.  If the lookup results in a
176  * different inode, then let the VFS invalidate the dentry and redo
177  * the lookup once more.  If the lookup results in the same inode,
178  * then refresh the attributes, timeouts and mark the dentry valid.
179  */
180 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
181 {
182 	struct inode *inode;
183 
184 	inode = ACCESS_ONCE(entry->d_inode);
185 	if (inode && is_bad_inode(inode))
186 		return 0;
187 	else if (fuse_dentry_time(entry) < get_jiffies_64()) {
188 		int err;
189 		struct fuse_entry_out outarg;
190 		struct fuse_conn *fc;
191 		struct fuse_req *req;
192 		struct fuse_forget_link *forget;
193 		struct dentry *parent;
194 		u64 attr_version;
195 
196 		/* For negative dentries, always do a fresh lookup */
197 		if (!inode)
198 			return 0;
199 
200 		if (flags & LOOKUP_RCU)
201 			return -ECHILD;
202 
203 		fc = get_fuse_conn(inode);
204 		req = fuse_get_req_nopages(fc);
205 		if (IS_ERR(req))
206 			return 0;
207 
208 		forget = fuse_alloc_forget();
209 		if (!forget) {
210 			fuse_put_request(fc, req);
211 			return 0;
212 		}
213 
214 		attr_version = fuse_get_attr_version(fc);
215 
216 		parent = dget_parent(entry);
217 		fuse_lookup_init(fc, req, get_node_id(parent->d_inode),
218 				 &entry->d_name, &outarg);
219 		fuse_request_send(fc, req);
220 		dput(parent);
221 		err = req->out.h.error;
222 		fuse_put_request(fc, req);
223 		/* Zero nodeid is same as -ENOENT */
224 		if (!err && !outarg.nodeid)
225 			err = -ENOENT;
226 		if (!err) {
227 			struct fuse_inode *fi = get_fuse_inode(inode);
228 			if (outarg.nodeid != get_node_id(inode)) {
229 				fuse_queue_forget(fc, forget, outarg.nodeid, 1);
230 				return 0;
231 			}
232 			spin_lock(&fc->lock);
233 			fi->nlookup++;
234 			spin_unlock(&fc->lock);
235 		}
236 		kfree(forget);
237 		if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
238 			return 0;
239 
240 		fuse_change_attributes(inode, &outarg.attr,
241 				       entry_attr_timeout(&outarg),
242 				       attr_version);
243 		fuse_change_entry_timeout(entry, &outarg);
244 	}
245 	fuse_advise_use_readdirplus(inode);
246 	return 1;
247 }
248 
249 static int invalid_nodeid(u64 nodeid)
250 {
251 	return !nodeid || nodeid == FUSE_ROOT_ID;
252 }
253 
254 const struct dentry_operations fuse_dentry_operations = {
255 	.d_revalidate	= fuse_dentry_revalidate,
256 };
257 
258 int fuse_valid_type(int m)
259 {
260 	return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
261 		S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
262 }
263 
264 /*
265  * Add a directory inode to a dentry, ensuring that no other dentry
266  * refers to this inode.  Called with fc->inst_mutex.
267  */
268 static struct dentry *fuse_d_add_directory(struct dentry *entry,
269 					   struct inode *inode)
270 {
271 	struct dentry *alias = d_find_alias(inode);
272 	if (alias && !(alias->d_flags & DCACHE_DISCONNECTED)) {
273 		/* This tries to shrink the subtree below alias */
274 		fuse_invalidate_entry(alias);
275 		dput(alias);
276 		if (!hlist_empty(&inode->i_dentry))
277 			return ERR_PTR(-EBUSY);
278 	} else {
279 		dput(alias);
280 	}
281 	return d_splice_alias(inode, entry);
282 }
283 
284 int fuse_lookup_name(struct super_block *sb, u64 nodeid, struct qstr *name,
285 		     struct fuse_entry_out *outarg, struct inode **inode)
286 {
287 	struct fuse_conn *fc = get_fuse_conn_super(sb);
288 	struct fuse_req *req;
289 	struct fuse_forget_link *forget;
290 	u64 attr_version;
291 	int err;
292 
293 	*inode = NULL;
294 	err = -ENAMETOOLONG;
295 	if (name->len > FUSE_NAME_MAX)
296 		goto out;
297 
298 	req = fuse_get_req_nopages(fc);
299 	err = PTR_ERR(req);
300 	if (IS_ERR(req))
301 		goto out;
302 
303 	forget = fuse_alloc_forget();
304 	err = -ENOMEM;
305 	if (!forget) {
306 		fuse_put_request(fc, req);
307 		goto out;
308 	}
309 
310 	attr_version = fuse_get_attr_version(fc);
311 
312 	fuse_lookup_init(fc, req, nodeid, name, outarg);
313 	fuse_request_send(fc, req);
314 	err = req->out.h.error;
315 	fuse_put_request(fc, req);
316 	/* Zero nodeid is same as -ENOENT, but with valid timeout */
317 	if (err || !outarg->nodeid)
318 		goto out_put_forget;
319 
320 	err = -EIO;
321 	if (!outarg->nodeid)
322 		goto out_put_forget;
323 	if (!fuse_valid_type(outarg->attr.mode))
324 		goto out_put_forget;
325 
326 	*inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
327 			   &outarg->attr, entry_attr_timeout(outarg),
328 			   attr_version);
329 	err = -ENOMEM;
330 	if (!*inode) {
331 		fuse_queue_forget(fc, forget, outarg->nodeid, 1);
332 		goto out;
333 	}
334 	err = 0;
335 
336  out_put_forget:
337 	kfree(forget);
338  out:
339 	return err;
340 }
341 
342 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
343 				  unsigned int flags)
344 {
345 	int err;
346 	struct fuse_entry_out outarg;
347 	struct inode *inode;
348 	struct dentry *newent;
349 	struct fuse_conn *fc = get_fuse_conn(dir);
350 	bool outarg_valid = true;
351 
352 	err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
353 			       &outarg, &inode);
354 	if (err == -ENOENT) {
355 		outarg_valid = false;
356 		err = 0;
357 	}
358 	if (err)
359 		goto out_err;
360 
361 	err = -EIO;
362 	if (inode && get_node_id(inode) == FUSE_ROOT_ID)
363 		goto out_iput;
364 
365 	if (inode && S_ISDIR(inode->i_mode)) {
366 		mutex_lock(&fc->inst_mutex);
367 		newent = fuse_d_add_directory(entry, inode);
368 		mutex_unlock(&fc->inst_mutex);
369 		err = PTR_ERR(newent);
370 		if (IS_ERR(newent))
371 			goto out_iput;
372 	} else {
373 		newent = d_splice_alias(inode, entry);
374 	}
375 
376 	entry = newent ? newent : entry;
377 	if (outarg_valid)
378 		fuse_change_entry_timeout(entry, &outarg);
379 	else
380 		fuse_invalidate_entry_cache(entry);
381 
382 	fuse_advise_use_readdirplus(dir);
383 	return newent;
384 
385  out_iput:
386 	iput(inode);
387  out_err:
388 	return ERR_PTR(err);
389 }
390 
391 /*
392  * Atomic create+open operation
393  *
394  * If the filesystem doesn't support this, then fall back to separate
395  * 'mknod' + 'open' requests.
396  */
397 static int fuse_create_open(struct inode *dir, struct dentry *entry,
398 			    struct file *file, unsigned flags,
399 			    umode_t mode, int *opened)
400 {
401 	int err;
402 	struct inode *inode;
403 	struct fuse_conn *fc = get_fuse_conn(dir);
404 	struct fuse_req *req;
405 	struct fuse_forget_link *forget;
406 	struct fuse_create_in inarg;
407 	struct fuse_open_out outopen;
408 	struct fuse_entry_out outentry;
409 	struct fuse_file *ff;
410 
411 	/* Userspace expects S_IFREG in create mode */
412 	BUG_ON((mode & S_IFMT) != S_IFREG);
413 
414 	forget = fuse_alloc_forget();
415 	err = -ENOMEM;
416 	if (!forget)
417 		goto out_err;
418 
419 	req = fuse_get_req_nopages(fc);
420 	err = PTR_ERR(req);
421 	if (IS_ERR(req))
422 		goto out_put_forget_req;
423 
424 	err = -ENOMEM;
425 	ff = fuse_file_alloc(fc);
426 	if (!ff)
427 		goto out_put_request;
428 
429 	if (!fc->dont_mask)
430 		mode &= ~current_umask();
431 
432 	flags &= ~O_NOCTTY;
433 	memset(&inarg, 0, sizeof(inarg));
434 	memset(&outentry, 0, sizeof(outentry));
435 	inarg.flags = flags;
436 	inarg.mode = mode;
437 	inarg.umask = current_umask();
438 	req->in.h.opcode = FUSE_CREATE;
439 	req->in.h.nodeid = get_node_id(dir);
440 	req->in.numargs = 2;
441 	req->in.args[0].size = fc->minor < 12 ? sizeof(struct fuse_open_in) :
442 						sizeof(inarg);
443 	req->in.args[0].value = &inarg;
444 	req->in.args[1].size = entry->d_name.len + 1;
445 	req->in.args[1].value = entry->d_name.name;
446 	req->out.numargs = 2;
447 	if (fc->minor < 9)
448 		req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
449 	else
450 		req->out.args[0].size = sizeof(outentry);
451 	req->out.args[0].value = &outentry;
452 	req->out.args[1].size = sizeof(outopen);
453 	req->out.args[1].value = &outopen;
454 	fuse_request_send(fc, req);
455 	err = req->out.h.error;
456 	if (err)
457 		goto out_free_ff;
458 
459 	err = -EIO;
460 	if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
461 		goto out_free_ff;
462 
463 	fuse_put_request(fc, req);
464 	ff->fh = outopen.fh;
465 	ff->nodeid = outentry.nodeid;
466 	ff->open_flags = outopen.open_flags;
467 	inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
468 			  &outentry.attr, entry_attr_timeout(&outentry), 0);
469 	if (!inode) {
470 		flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
471 		fuse_sync_release(ff, flags);
472 		fuse_queue_forget(fc, forget, outentry.nodeid, 1);
473 		err = -ENOMEM;
474 		goto out_err;
475 	}
476 	kfree(forget);
477 	d_instantiate(entry, inode);
478 	fuse_change_entry_timeout(entry, &outentry);
479 	fuse_invalidate_attr(dir);
480 	err = finish_open(file, entry, generic_file_open, opened);
481 	if (err) {
482 		fuse_sync_release(ff, flags);
483 	} else {
484 		file->private_data = fuse_file_get(ff);
485 		fuse_finish_open(inode, file);
486 	}
487 	return err;
488 
489 out_free_ff:
490 	fuse_file_free(ff);
491 out_put_request:
492 	fuse_put_request(fc, req);
493 out_put_forget_req:
494 	kfree(forget);
495 out_err:
496 	return err;
497 }
498 
499 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
500 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
501 			    struct file *file, unsigned flags,
502 			    umode_t mode, int *opened)
503 {
504 	int err;
505 	struct fuse_conn *fc = get_fuse_conn(dir);
506 	struct dentry *res = NULL;
507 
508 	if (d_unhashed(entry)) {
509 		res = fuse_lookup(dir, entry, 0);
510 		if (IS_ERR(res))
511 			return PTR_ERR(res);
512 
513 		if (res)
514 			entry = res;
515 	}
516 
517 	if (!(flags & O_CREAT) || entry->d_inode)
518 		goto no_open;
519 
520 	/* Only creates */
521 	*opened |= FILE_CREATED;
522 
523 	if (fc->no_create)
524 		goto mknod;
525 
526 	err = fuse_create_open(dir, entry, file, flags, mode, opened);
527 	if (err == -ENOSYS) {
528 		fc->no_create = 1;
529 		goto mknod;
530 	}
531 out_dput:
532 	dput(res);
533 	return err;
534 
535 mknod:
536 	err = fuse_mknod(dir, entry, mode, 0);
537 	if (err)
538 		goto out_dput;
539 no_open:
540 	return finish_no_open(file, res);
541 }
542 
543 /*
544  * Code shared between mknod, mkdir, symlink and link
545  */
546 static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req,
547 			    struct inode *dir, struct dentry *entry,
548 			    umode_t mode)
549 {
550 	struct fuse_entry_out outarg;
551 	struct inode *inode;
552 	int err;
553 	struct fuse_forget_link *forget;
554 
555 	forget = fuse_alloc_forget();
556 	if (!forget) {
557 		fuse_put_request(fc, req);
558 		return -ENOMEM;
559 	}
560 
561 	memset(&outarg, 0, sizeof(outarg));
562 	req->in.h.nodeid = get_node_id(dir);
563 	req->out.numargs = 1;
564 	if (fc->minor < 9)
565 		req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
566 	else
567 		req->out.args[0].size = sizeof(outarg);
568 	req->out.args[0].value = &outarg;
569 	fuse_request_send(fc, req);
570 	err = req->out.h.error;
571 	fuse_put_request(fc, req);
572 	if (err)
573 		goto out_put_forget_req;
574 
575 	err = -EIO;
576 	if (invalid_nodeid(outarg.nodeid))
577 		goto out_put_forget_req;
578 
579 	if ((outarg.attr.mode ^ mode) & S_IFMT)
580 		goto out_put_forget_req;
581 
582 	inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
583 			  &outarg.attr, entry_attr_timeout(&outarg), 0);
584 	if (!inode) {
585 		fuse_queue_forget(fc, forget, outarg.nodeid, 1);
586 		return -ENOMEM;
587 	}
588 	kfree(forget);
589 
590 	if (S_ISDIR(inode->i_mode)) {
591 		struct dentry *alias;
592 		mutex_lock(&fc->inst_mutex);
593 		alias = d_find_alias(inode);
594 		if (alias) {
595 			/* New directory must have moved since mkdir */
596 			mutex_unlock(&fc->inst_mutex);
597 			dput(alias);
598 			iput(inode);
599 			return -EBUSY;
600 		}
601 		d_instantiate(entry, inode);
602 		mutex_unlock(&fc->inst_mutex);
603 	} else
604 		d_instantiate(entry, inode);
605 
606 	fuse_change_entry_timeout(entry, &outarg);
607 	fuse_invalidate_attr(dir);
608 	return 0;
609 
610  out_put_forget_req:
611 	kfree(forget);
612 	return err;
613 }
614 
615 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
616 		      dev_t rdev)
617 {
618 	struct fuse_mknod_in inarg;
619 	struct fuse_conn *fc = get_fuse_conn(dir);
620 	struct fuse_req *req = fuse_get_req_nopages(fc);
621 	if (IS_ERR(req))
622 		return PTR_ERR(req);
623 
624 	if (!fc->dont_mask)
625 		mode &= ~current_umask();
626 
627 	memset(&inarg, 0, sizeof(inarg));
628 	inarg.mode = mode;
629 	inarg.rdev = new_encode_dev(rdev);
630 	inarg.umask = current_umask();
631 	req->in.h.opcode = FUSE_MKNOD;
632 	req->in.numargs = 2;
633 	req->in.args[0].size = fc->minor < 12 ? FUSE_COMPAT_MKNOD_IN_SIZE :
634 						sizeof(inarg);
635 	req->in.args[0].value = &inarg;
636 	req->in.args[1].size = entry->d_name.len + 1;
637 	req->in.args[1].value = entry->d_name.name;
638 	return create_new_entry(fc, req, dir, entry, mode);
639 }
640 
641 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
642 		       bool excl)
643 {
644 	return fuse_mknod(dir, entry, mode, 0);
645 }
646 
647 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
648 {
649 	struct fuse_mkdir_in inarg;
650 	struct fuse_conn *fc = get_fuse_conn(dir);
651 	struct fuse_req *req = fuse_get_req_nopages(fc);
652 	if (IS_ERR(req))
653 		return PTR_ERR(req);
654 
655 	if (!fc->dont_mask)
656 		mode &= ~current_umask();
657 
658 	memset(&inarg, 0, sizeof(inarg));
659 	inarg.mode = mode;
660 	inarg.umask = current_umask();
661 	req->in.h.opcode = FUSE_MKDIR;
662 	req->in.numargs = 2;
663 	req->in.args[0].size = sizeof(inarg);
664 	req->in.args[0].value = &inarg;
665 	req->in.args[1].size = entry->d_name.len + 1;
666 	req->in.args[1].value = entry->d_name.name;
667 	return create_new_entry(fc, req, dir, entry, S_IFDIR);
668 }
669 
670 static int fuse_symlink(struct inode *dir, struct dentry *entry,
671 			const char *link)
672 {
673 	struct fuse_conn *fc = get_fuse_conn(dir);
674 	unsigned len = strlen(link) + 1;
675 	struct fuse_req *req = fuse_get_req_nopages(fc);
676 	if (IS_ERR(req))
677 		return PTR_ERR(req);
678 
679 	req->in.h.opcode = FUSE_SYMLINK;
680 	req->in.numargs = 2;
681 	req->in.args[0].size = entry->d_name.len + 1;
682 	req->in.args[0].value = entry->d_name.name;
683 	req->in.args[1].size = len;
684 	req->in.args[1].value = link;
685 	return create_new_entry(fc, req, dir, entry, S_IFLNK);
686 }
687 
688 static int fuse_unlink(struct inode *dir, struct dentry *entry)
689 {
690 	int err;
691 	struct fuse_conn *fc = get_fuse_conn(dir);
692 	struct fuse_req *req = fuse_get_req_nopages(fc);
693 	if (IS_ERR(req))
694 		return PTR_ERR(req);
695 
696 	req->in.h.opcode = FUSE_UNLINK;
697 	req->in.h.nodeid = get_node_id(dir);
698 	req->in.numargs = 1;
699 	req->in.args[0].size = entry->d_name.len + 1;
700 	req->in.args[0].value = entry->d_name.name;
701 	fuse_request_send(fc, req);
702 	err = req->out.h.error;
703 	fuse_put_request(fc, req);
704 	if (!err) {
705 		struct inode *inode = entry->d_inode;
706 		struct fuse_inode *fi = get_fuse_inode(inode);
707 
708 		spin_lock(&fc->lock);
709 		fi->attr_version = ++fc->attr_version;
710 		/*
711 		 * If i_nlink == 0 then unlink doesn't make sense, yet this can
712 		 * happen if userspace filesystem is careless.  It would be
713 		 * difficult to enforce correct nlink usage so just ignore this
714 		 * condition here
715 		 */
716 		if (inode->i_nlink > 0)
717 			drop_nlink(inode);
718 		spin_unlock(&fc->lock);
719 		fuse_invalidate_attr(inode);
720 		fuse_invalidate_attr(dir);
721 		fuse_invalidate_entry_cache(entry);
722 	} else if (err == -EINTR)
723 		fuse_invalidate_entry(entry);
724 	return err;
725 }
726 
727 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
728 {
729 	int err;
730 	struct fuse_conn *fc = get_fuse_conn(dir);
731 	struct fuse_req *req = fuse_get_req_nopages(fc);
732 	if (IS_ERR(req))
733 		return PTR_ERR(req);
734 
735 	req->in.h.opcode = FUSE_RMDIR;
736 	req->in.h.nodeid = get_node_id(dir);
737 	req->in.numargs = 1;
738 	req->in.args[0].size = entry->d_name.len + 1;
739 	req->in.args[0].value = entry->d_name.name;
740 	fuse_request_send(fc, req);
741 	err = req->out.h.error;
742 	fuse_put_request(fc, req);
743 	if (!err) {
744 		clear_nlink(entry->d_inode);
745 		fuse_invalidate_attr(dir);
746 		fuse_invalidate_entry_cache(entry);
747 	} else if (err == -EINTR)
748 		fuse_invalidate_entry(entry);
749 	return err;
750 }
751 
752 static int fuse_rename(struct inode *olddir, struct dentry *oldent,
753 		       struct inode *newdir, struct dentry *newent)
754 {
755 	int err;
756 	struct fuse_rename_in inarg;
757 	struct fuse_conn *fc = get_fuse_conn(olddir);
758 	struct fuse_req *req = fuse_get_req_nopages(fc);
759 
760 	if (IS_ERR(req))
761 		return PTR_ERR(req);
762 
763 	memset(&inarg, 0, sizeof(inarg));
764 	inarg.newdir = get_node_id(newdir);
765 	req->in.h.opcode = FUSE_RENAME;
766 	req->in.h.nodeid = get_node_id(olddir);
767 	req->in.numargs = 3;
768 	req->in.args[0].size = sizeof(inarg);
769 	req->in.args[0].value = &inarg;
770 	req->in.args[1].size = oldent->d_name.len + 1;
771 	req->in.args[1].value = oldent->d_name.name;
772 	req->in.args[2].size = newent->d_name.len + 1;
773 	req->in.args[2].value = newent->d_name.name;
774 	fuse_request_send(fc, req);
775 	err = req->out.h.error;
776 	fuse_put_request(fc, req);
777 	if (!err) {
778 		/* ctime changes */
779 		fuse_invalidate_attr(oldent->d_inode);
780 
781 		fuse_invalidate_attr(olddir);
782 		if (olddir != newdir)
783 			fuse_invalidate_attr(newdir);
784 
785 		/* newent will end up negative */
786 		if (newent->d_inode) {
787 			fuse_invalidate_attr(newent->d_inode);
788 			fuse_invalidate_entry_cache(newent);
789 		}
790 	} else if (err == -EINTR) {
791 		/* If request was interrupted, DEITY only knows if the
792 		   rename actually took place.  If the invalidation
793 		   fails (e.g. some process has CWD under the renamed
794 		   directory), then there can be inconsistency between
795 		   the dcache and the real filesystem.  Tough luck. */
796 		fuse_invalidate_entry(oldent);
797 		if (newent->d_inode)
798 			fuse_invalidate_entry(newent);
799 	}
800 
801 	return err;
802 }
803 
804 static int fuse_link(struct dentry *entry, struct inode *newdir,
805 		     struct dentry *newent)
806 {
807 	int err;
808 	struct fuse_link_in inarg;
809 	struct inode *inode = entry->d_inode;
810 	struct fuse_conn *fc = get_fuse_conn(inode);
811 	struct fuse_req *req = fuse_get_req_nopages(fc);
812 	if (IS_ERR(req))
813 		return PTR_ERR(req);
814 
815 	memset(&inarg, 0, sizeof(inarg));
816 	inarg.oldnodeid = get_node_id(inode);
817 	req->in.h.opcode = FUSE_LINK;
818 	req->in.numargs = 2;
819 	req->in.args[0].size = sizeof(inarg);
820 	req->in.args[0].value = &inarg;
821 	req->in.args[1].size = newent->d_name.len + 1;
822 	req->in.args[1].value = newent->d_name.name;
823 	err = create_new_entry(fc, req, newdir, newent, inode->i_mode);
824 	/* Contrary to "normal" filesystems it can happen that link
825 	   makes two "logical" inodes point to the same "physical"
826 	   inode.  We invalidate the attributes of the old one, so it
827 	   will reflect changes in the backing inode (link count,
828 	   etc.)
829 	*/
830 	if (!err) {
831 		struct fuse_inode *fi = get_fuse_inode(inode);
832 
833 		spin_lock(&fc->lock);
834 		fi->attr_version = ++fc->attr_version;
835 		inc_nlink(inode);
836 		spin_unlock(&fc->lock);
837 		fuse_invalidate_attr(inode);
838 	} else if (err == -EINTR) {
839 		fuse_invalidate_attr(inode);
840 	}
841 	return err;
842 }
843 
844 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
845 			  struct kstat *stat)
846 {
847 	unsigned int blkbits;
848 
849 	stat->dev = inode->i_sb->s_dev;
850 	stat->ino = attr->ino;
851 	stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
852 	stat->nlink = attr->nlink;
853 	stat->uid = make_kuid(&init_user_ns, attr->uid);
854 	stat->gid = make_kgid(&init_user_ns, attr->gid);
855 	stat->rdev = inode->i_rdev;
856 	stat->atime.tv_sec = attr->atime;
857 	stat->atime.tv_nsec = attr->atimensec;
858 	stat->mtime.tv_sec = attr->mtime;
859 	stat->mtime.tv_nsec = attr->mtimensec;
860 	stat->ctime.tv_sec = attr->ctime;
861 	stat->ctime.tv_nsec = attr->ctimensec;
862 	stat->size = attr->size;
863 	stat->blocks = attr->blocks;
864 
865 	if (attr->blksize != 0)
866 		blkbits = ilog2(attr->blksize);
867 	else
868 		blkbits = inode->i_sb->s_blocksize_bits;
869 
870 	stat->blksize = 1 << blkbits;
871 }
872 
873 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
874 			   struct file *file)
875 {
876 	int err;
877 	struct fuse_getattr_in inarg;
878 	struct fuse_attr_out outarg;
879 	struct fuse_conn *fc = get_fuse_conn(inode);
880 	struct fuse_req *req;
881 	u64 attr_version;
882 
883 	req = fuse_get_req_nopages(fc);
884 	if (IS_ERR(req))
885 		return PTR_ERR(req);
886 
887 	attr_version = fuse_get_attr_version(fc);
888 
889 	memset(&inarg, 0, sizeof(inarg));
890 	memset(&outarg, 0, sizeof(outarg));
891 	/* Directories have separate file-handle space */
892 	if (file && S_ISREG(inode->i_mode)) {
893 		struct fuse_file *ff = file->private_data;
894 
895 		inarg.getattr_flags |= FUSE_GETATTR_FH;
896 		inarg.fh = ff->fh;
897 	}
898 	req->in.h.opcode = FUSE_GETATTR;
899 	req->in.h.nodeid = get_node_id(inode);
900 	req->in.numargs = 1;
901 	req->in.args[0].size = sizeof(inarg);
902 	req->in.args[0].value = &inarg;
903 	req->out.numargs = 1;
904 	if (fc->minor < 9)
905 		req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
906 	else
907 		req->out.args[0].size = sizeof(outarg);
908 	req->out.args[0].value = &outarg;
909 	fuse_request_send(fc, req);
910 	err = req->out.h.error;
911 	fuse_put_request(fc, req);
912 	if (!err) {
913 		if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
914 			make_bad_inode(inode);
915 			err = -EIO;
916 		} else {
917 			fuse_change_attributes(inode, &outarg.attr,
918 					       attr_timeout(&outarg),
919 					       attr_version);
920 			if (stat)
921 				fuse_fillattr(inode, &outarg.attr, stat);
922 		}
923 	}
924 	return err;
925 }
926 
927 int fuse_update_attributes(struct inode *inode, struct kstat *stat,
928 			   struct file *file, bool *refreshed)
929 {
930 	struct fuse_inode *fi = get_fuse_inode(inode);
931 	int err;
932 	bool r;
933 
934 	if (fi->i_time < get_jiffies_64()) {
935 		r = true;
936 		err = fuse_do_getattr(inode, stat, file);
937 	} else {
938 		r = false;
939 		err = 0;
940 		if (stat) {
941 			generic_fillattr(inode, stat);
942 			stat->mode = fi->orig_i_mode;
943 			stat->ino = fi->orig_ino;
944 		}
945 	}
946 
947 	if (refreshed != NULL)
948 		*refreshed = r;
949 
950 	return err;
951 }
952 
953 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
954 			     u64 child_nodeid, struct qstr *name)
955 {
956 	int err = -ENOTDIR;
957 	struct inode *parent;
958 	struct dentry *dir;
959 	struct dentry *entry;
960 
961 	parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
962 	if (!parent)
963 		return -ENOENT;
964 
965 	mutex_lock(&parent->i_mutex);
966 	if (!S_ISDIR(parent->i_mode))
967 		goto unlock;
968 
969 	err = -ENOENT;
970 	dir = d_find_alias(parent);
971 	if (!dir)
972 		goto unlock;
973 
974 	entry = d_lookup(dir, name);
975 	dput(dir);
976 	if (!entry)
977 		goto unlock;
978 
979 	fuse_invalidate_attr(parent);
980 	fuse_invalidate_entry(entry);
981 
982 	if (child_nodeid != 0 && entry->d_inode) {
983 		mutex_lock(&entry->d_inode->i_mutex);
984 		if (get_node_id(entry->d_inode) != child_nodeid) {
985 			err = -ENOENT;
986 			goto badentry;
987 		}
988 		if (d_mountpoint(entry)) {
989 			err = -EBUSY;
990 			goto badentry;
991 		}
992 		if (S_ISDIR(entry->d_inode->i_mode)) {
993 			shrink_dcache_parent(entry);
994 			if (!simple_empty(entry)) {
995 				err = -ENOTEMPTY;
996 				goto badentry;
997 			}
998 			entry->d_inode->i_flags |= S_DEAD;
999 		}
1000 		dont_mount(entry);
1001 		clear_nlink(entry->d_inode);
1002 		err = 0;
1003  badentry:
1004 		mutex_unlock(&entry->d_inode->i_mutex);
1005 		if (!err)
1006 			d_delete(entry);
1007 	} else {
1008 		err = 0;
1009 	}
1010 	dput(entry);
1011 
1012  unlock:
1013 	mutex_unlock(&parent->i_mutex);
1014 	iput(parent);
1015 	return err;
1016 }
1017 
1018 /*
1019  * Calling into a user-controlled filesystem gives the filesystem
1020  * daemon ptrace-like capabilities over the current process.  This
1021  * means, that the filesystem daemon is able to record the exact
1022  * filesystem operations performed, and can also control the behavior
1023  * of the requester process in otherwise impossible ways.  For example
1024  * it can delay the operation for arbitrary length of time allowing
1025  * DoS against the requester.
1026  *
1027  * For this reason only those processes can call into the filesystem,
1028  * for which the owner of the mount has ptrace privilege.  This
1029  * excludes processes started by other users, suid or sgid processes.
1030  */
1031 int fuse_allow_current_process(struct fuse_conn *fc)
1032 {
1033 	const struct cred *cred;
1034 
1035 	if (fc->flags & FUSE_ALLOW_OTHER)
1036 		return 1;
1037 
1038 	cred = current_cred();
1039 	if (uid_eq(cred->euid, fc->user_id) &&
1040 	    uid_eq(cred->suid, fc->user_id) &&
1041 	    uid_eq(cred->uid,  fc->user_id) &&
1042 	    gid_eq(cred->egid, fc->group_id) &&
1043 	    gid_eq(cred->sgid, fc->group_id) &&
1044 	    gid_eq(cred->gid,  fc->group_id))
1045 		return 1;
1046 
1047 	return 0;
1048 }
1049 
1050 static int fuse_access(struct inode *inode, int mask)
1051 {
1052 	struct fuse_conn *fc = get_fuse_conn(inode);
1053 	struct fuse_req *req;
1054 	struct fuse_access_in inarg;
1055 	int err;
1056 
1057 	if (fc->no_access)
1058 		return 0;
1059 
1060 	req = fuse_get_req_nopages(fc);
1061 	if (IS_ERR(req))
1062 		return PTR_ERR(req);
1063 
1064 	memset(&inarg, 0, sizeof(inarg));
1065 	inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1066 	req->in.h.opcode = FUSE_ACCESS;
1067 	req->in.h.nodeid = get_node_id(inode);
1068 	req->in.numargs = 1;
1069 	req->in.args[0].size = sizeof(inarg);
1070 	req->in.args[0].value = &inarg;
1071 	fuse_request_send(fc, req);
1072 	err = req->out.h.error;
1073 	fuse_put_request(fc, req);
1074 	if (err == -ENOSYS) {
1075 		fc->no_access = 1;
1076 		err = 0;
1077 	}
1078 	return err;
1079 }
1080 
1081 static int fuse_perm_getattr(struct inode *inode, int mask)
1082 {
1083 	if (mask & MAY_NOT_BLOCK)
1084 		return -ECHILD;
1085 
1086 	return fuse_do_getattr(inode, NULL, NULL);
1087 }
1088 
1089 /*
1090  * Check permission.  The two basic access models of FUSE are:
1091  *
1092  * 1) Local access checking ('default_permissions' mount option) based
1093  * on file mode.  This is the plain old disk filesystem permission
1094  * modell.
1095  *
1096  * 2) "Remote" access checking, where server is responsible for
1097  * checking permission in each inode operation.  An exception to this
1098  * is if ->permission() was invoked from sys_access() in which case an
1099  * access request is sent.  Execute permission is still checked
1100  * locally based on file mode.
1101  */
1102 static int fuse_permission(struct inode *inode, int mask)
1103 {
1104 	struct fuse_conn *fc = get_fuse_conn(inode);
1105 	bool refreshed = false;
1106 	int err = 0;
1107 
1108 	if (!fuse_allow_current_process(fc))
1109 		return -EACCES;
1110 
1111 	/*
1112 	 * If attributes are needed, refresh them before proceeding
1113 	 */
1114 	if ((fc->flags & FUSE_DEFAULT_PERMISSIONS) ||
1115 	    ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1116 		struct fuse_inode *fi = get_fuse_inode(inode);
1117 
1118 		if (fi->i_time < get_jiffies_64()) {
1119 			refreshed = true;
1120 
1121 			err = fuse_perm_getattr(inode, mask);
1122 			if (err)
1123 				return err;
1124 		}
1125 	}
1126 
1127 	if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
1128 		err = generic_permission(inode, mask);
1129 
1130 		/* If permission is denied, try to refresh file
1131 		   attributes.  This is also needed, because the root
1132 		   node will at first have no permissions */
1133 		if (err == -EACCES && !refreshed) {
1134 			err = fuse_perm_getattr(inode, mask);
1135 			if (!err)
1136 				err = generic_permission(inode, mask);
1137 		}
1138 
1139 		/* Note: the opposite of the above test does not
1140 		   exist.  So if permissions are revoked this won't be
1141 		   noticed immediately, only after the attribute
1142 		   timeout has expired */
1143 	} else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1144 		if (mask & MAY_NOT_BLOCK)
1145 			return -ECHILD;
1146 
1147 		err = fuse_access(inode, mask);
1148 	} else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1149 		if (!(inode->i_mode & S_IXUGO)) {
1150 			if (refreshed)
1151 				return -EACCES;
1152 
1153 			err = fuse_perm_getattr(inode, mask);
1154 			if (!err && !(inode->i_mode & S_IXUGO))
1155 				return -EACCES;
1156 		}
1157 	}
1158 	return err;
1159 }
1160 
1161 static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
1162 			 void *dstbuf, filldir_t filldir)
1163 {
1164 	while (nbytes >= FUSE_NAME_OFFSET) {
1165 		struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
1166 		size_t reclen = FUSE_DIRENT_SIZE(dirent);
1167 		int over;
1168 		if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1169 			return -EIO;
1170 		if (reclen > nbytes)
1171 			break;
1172 
1173 		over = filldir(dstbuf, dirent->name, dirent->namelen,
1174 			       file->f_pos, dirent->ino, dirent->type);
1175 		if (over)
1176 			break;
1177 
1178 		buf += reclen;
1179 		nbytes -= reclen;
1180 		file->f_pos = dirent->off;
1181 	}
1182 
1183 	return 0;
1184 }
1185 
1186 static int fuse_direntplus_link(struct file *file,
1187 				struct fuse_direntplus *direntplus,
1188 				u64 attr_version)
1189 {
1190 	int err;
1191 	struct fuse_entry_out *o = &direntplus->entry_out;
1192 	struct fuse_dirent *dirent = &direntplus->dirent;
1193 	struct dentry *parent = file->f_path.dentry;
1194 	struct qstr name = QSTR_INIT(dirent->name, dirent->namelen);
1195 	struct dentry *dentry;
1196 	struct dentry *alias;
1197 	struct inode *dir = parent->d_inode;
1198 	struct fuse_conn *fc;
1199 	struct inode *inode;
1200 
1201 	if (!o->nodeid) {
1202 		/*
1203 		 * Unlike in the case of fuse_lookup, zero nodeid does not mean
1204 		 * ENOENT. Instead, it only means the userspace filesystem did
1205 		 * not want to return attributes/handle for this entry.
1206 		 *
1207 		 * So do nothing.
1208 		 */
1209 		return 0;
1210 	}
1211 
1212 	if (name.name[0] == '.') {
1213 		/*
1214 		 * We could potentially refresh the attributes of the directory
1215 		 * and its parent?
1216 		 */
1217 		if (name.len == 1)
1218 			return 0;
1219 		if (name.name[1] == '.' && name.len == 2)
1220 			return 0;
1221 	}
1222 	fc = get_fuse_conn(dir);
1223 
1224 	name.hash = full_name_hash(name.name, name.len);
1225 	dentry = d_lookup(parent, &name);
1226 	if (dentry && dentry->d_inode) {
1227 		inode = dentry->d_inode;
1228 		if (get_node_id(inode) == o->nodeid) {
1229 			struct fuse_inode *fi;
1230 			fi = get_fuse_inode(inode);
1231 			spin_lock(&fc->lock);
1232 			fi->nlookup++;
1233 			spin_unlock(&fc->lock);
1234 
1235 			/*
1236 			 * The other branch to 'found' comes via fuse_iget()
1237 			 * which bumps nlookup inside
1238 			 */
1239 			goto found;
1240 		}
1241 		err = d_invalidate(dentry);
1242 		if (err)
1243 			goto out;
1244 		dput(dentry);
1245 		dentry = NULL;
1246 	}
1247 
1248 	dentry = d_alloc(parent, &name);
1249 	err = -ENOMEM;
1250 	if (!dentry)
1251 		goto out;
1252 
1253 	inode = fuse_iget(dir->i_sb, o->nodeid, o->generation,
1254 			  &o->attr, entry_attr_timeout(o), attr_version);
1255 	if (!inode)
1256 		goto out;
1257 
1258 	alias = d_materialise_unique(dentry, inode);
1259 	err = PTR_ERR(alias);
1260 	if (IS_ERR(alias))
1261 		goto out;
1262 	if (alias) {
1263 		dput(dentry);
1264 		dentry = alias;
1265 	}
1266 
1267 found:
1268 	fuse_change_attributes(inode, &o->attr, entry_attr_timeout(o),
1269 			       attr_version);
1270 
1271 	fuse_change_entry_timeout(dentry, o);
1272 
1273 	err = 0;
1274 out:
1275 	if (dentry)
1276 		dput(dentry);
1277 	return err;
1278 }
1279 
1280 static int parse_dirplusfile(char *buf, size_t nbytes, struct file *file,
1281 			     void *dstbuf, filldir_t filldir, u64 attr_version)
1282 {
1283 	struct fuse_direntplus *direntplus;
1284 	struct fuse_dirent *dirent;
1285 	size_t reclen;
1286 	int over = 0;
1287 	int ret;
1288 
1289 	while (nbytes >= FUSE_NAME_OFFSET_DIRENTPLUS) {
1290 		direntplus = (struct fuse_direntplus *) buf;
1291 		dirent = &direntplus->dirent;
1292 		reclen = FUSE_DIRENTPLUS_SIZE(direntplus);
1293 
1294 		if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1295 			return -EIO;
1296 		if (reclen > nbytes)
1297 			break;
1298 
1299 		if (!over) {
1300 			/* We fill entries into dstbuf only as much as
1301 			   it can hold. But we still continue iterating
1302 			   over remaining entries to link them. If not,
1303 			   we need to send a FORGET for each of those
1304 			   which we did not link.
1305 			*/
1306 			over = filldir(dstbuf, dirent->name, dirent->namelen,
1307 				       file->f_pos, dirent->ino,
1308 				       dirent->type);
1309 			file->f_pos = dirent->off;
1310 		}
1311 
1312 		buf += reclen;
1313 		nbytes -= reclen;
1314 
1315 		ret = fuse_direntplus_link(file, direntplus, attr_version);
1316 		if (ret)
1317 			fuse_force_forget(file, direntplus->entry_out.nodeid);
1318 	}
1319 
1320 	return 0;
1321 }
1322 
1323 static int fuse_readdir(struct file *file, void *dstbuf, filldir_t filldir)
1324 {
1325 	int plus, err;
1326 	size_t nbytes;
1327 	struct page *page;
1328 	struct inode *inode = file_inode(file);
1329 	struct fuse_conn *fc = get_fuse_conn(inode);
1330 	struct fuse_req *req;
1331 	u64 attr_version = 0;
1332 
1333 	if (is_bad_inode(inode))
1334 		return -EIO;
1335 
1336 	req = fuse_get_req(fc, 1);
1337 	if (IS_ERR(req))
1338 		return PTR_ERR(req);
1339 
1340 	page = alloc_page(GFP_KERNEL);
1341 	if (!page) {
1342 		fuse_put_request(fc, req);
1343 		return -ENOMEM;
1344 	}
1345 
1346 	plus = fuse_use_readdirplus(inode, file);
1347 	req->out.argpages = 1;
1348 	req->num_pages = 1;
1349 	req->pages[0] = page;
1350 	req->page_descs[0].length = PAGE_SIZE;
1351 	if (plus) {
1352 		attr_version = fuse_get_attr_version(fc);
1353 		fuse_read_fill(req, file, file->f_pos, PAGE_SIZE,
1354 			       FUSE_READDIRPLUS);
1355 	} else {
1356 		fuse_read_fill(req, file, file->f_pos, PAGE_SIZE,
1357 			       FUSE_READDIR);
1358 	}
1359 	fuse_request_send(fc, req);
1360 	nbytes = req->out.args[0].size;
1361 	err = req->out.h.error;
1362 	fuse_put_request(fc, req);
1363 	if (!err) {
1364 		if (plus) {
1365 			err = parse_dirplusfile(page_address(page), nbytes,
1366 						file, dstbuf, filldir,
1367 						attr_version);
1368 		} else {
1369 			err = parse_dirfile(page_address(page), nbytes, file,
1370 					    dstbuf, filldir);
1371 		}
1372 	}
1373 
1374 	__free_page(page);
1375 	fuse_invalidate_attr(inode); /* atime changed */
1376 	return err;
1377 }
1378 
1379 static char *read_link(struct dentry *dentry)
1380 {
1381 	struct inode *inode = dentry->d_inode;
1382 	struct fuse_conn *fc = get_fuse_conn(inode);
1383 	struct fuse_req *req = fuse_get_req_nopages(fc);
1384 	char *link;
1385 
1386 	if (IS_ERR(req))
1387 		return ERR_CAST(req);
1388 
1389 	link = (char *) __get_free_page(GFP_KERNEL);
1390 	if (!link) {
1391 		link = ERR_PTR(-ENOMEM);
1392 		goto out;
1393 	}
1394 	req->in.h.opcode = FUSE_READLINK;
1395 	req->in.h.nodeid = get_node_id(inode);
1396 	req->out.argvar = 1;
1397 	req->out.numargs = 1;
1398 	req->out.args[0].size = PAGE_SIZE - 1;
1399 	req->out.args[0].value = link;
1400 	fuse_request_send(fc, req);
1401 	if (req->out.h.error) {
1402 		free_page((unsigned long) link);
1403 		link = ERR_PTR(req->out.h.error);
1404 	} else
1405 		link[req->out.args[0].size] = '\0';
1406  out:
1407 	fuse_put_request(fc, req);
1408 	fuse_invalidate_attr(inode); /* atime changed */
1409 	return link;
1410 }
1411 
1412 static void free_link(char *link)
1413 {
1414 	if (!IS_ERR(link))
1415 		free_page((unsigned long) link);
1416 }
1417 
1418 static void *fuse_follow_link(struct dentry *dentry, struct nameidata *nd)
1419 {
1420 	nd_set_link(nd, read_link(dentry));
1421 	return NULL;
1422 }
1423 
1424 static void fuse_put_link(struct dentry *dentry, struct nameidata *nd, void *c)
1425 {
1426 	free_link(nd_get_link(nd));
1427 }
1428 
1429 static int fuse_dir_open(struct inode *inode, struct file *file)
1430 {
1431 	return fuse_open_common(inode, file, true);
1432 }
1433 
1434 static int fuse_dir_release(struct inode *inode, struct file *file)
1435 {
1436 	fuse_release_common(file, FUSE_RELEASEDIR);
1437 
1438 	return 0;
1439 }
1440 
1441 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1442 			  int datasync)
1443 {
1444 	return fuse_fsync_common(file, start, end, datasync, 1);
1445 }
1446 
1447 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1448 			    unsigned long arg)
1449 {
1450 	struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1451 
1452 	/* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1453 	if (fc->minor < 18)
1454 		return -ENOTTY;
1455 
1456 	return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1457 }
1458 
1459 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1460 				   unsigned long arg)
1461 {
1462 	struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1463 
1464 	if (fc->minor < 18)
1465 		return -ENOTTY;
1466 
1467 	return fuse_ioctl_common(file, cmd, arg,
1468 				 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1469 }
1470 
1471 static bool update_mtime(unsigned ivalid)
1472 {
1473 	/* Always update if mtime is explicitly set  */
1474 	if (ivalid & ATTR_MTIME_SET)
1475 		return true;
1476 
1477 	/* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1478 	if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1479 		return false;
1480 
1481 	/* In all other cases update */
1482 	return true;
1483 }
1484 
1485 static void iattr_to_fattr(struct iattr *iattr, struct fuse_setattr_in *arg)
1486 {
1487 	unsigned ivalid = iattr->ia_valid;
1488 
1489 	if (ivalid & ATTR_MODE)
1490 		arg->valid |= FATTR_MODE,   arg->mode = iattr->ia_mode;
1491 	if (ivalid & ATTR_UID)
1492 		arg->valid |= FATTR_UID,    arg->uid = from_kuid(&init_user_ns, iattr->ia_uid);
1493 	if (ivalid & ATTR_GID)
1494 		arg->valid |= FATTR_GID,    arg->gid = from_kgid(&init_user_ns, iattr->ia_gid);
1495 	if (ivalid & ATTR_SIZE)
1496 		arg->valid |= FATTR_SIZE,   arg->size = iattr->ia_size;
1497 	if (ivalid & ATTR_ATIME) {
1498 		arg->valid |= FATTR_ATIME;
1499 		arg->atime = iattr->ia_atime.tv_sec;
1500 		arg->atimensec = iattr->ia_atime.tv_nsec;
1501 		if (!(ivalid & ATTR_ATIME_SET))
1502 			arg->valid |= FATTR_ATIME_NOW;
1503 	}
1504 	if ((ivalid & ATTR_MTIME) && update_mtime(ivalid)) {
1505 		arg->valid |= FATTR_MTIME;
1506 		arg->mtime = iattr->ia_mtime.tv_sec;
1507 		arg->mtimensec = iattr->ia_mtime.tv_nsec;
1508 		if (!(ivalid & ATTR_MTIME_SET))
1509 			arg->valid |= FATTR_MTIME_NOW;
1510 	}
1511 }
1512 
1513 /*
1514  * Prevent concurrent writepages on inode
1515  *
1516  * This is done by adding a negative bias to the inode write counter
1517  * and waiting for all pending writes to finish.
1518  */
1519 void fuse_set_nowrite(struct inode *inode)
1520 {
1521 	struct fuse_conn *fc = get_fuse_conn(inode);
1522 	struct fuse_inode *fi = get_fuse_inode(inode);
1523 
1524 	BUG_ON(!mutex_is_locked(&inode->i_mutex));
1525 
1526 	spin_lock(&fc->lock);
1527 	BUG_ON(fi->writectr < 0);
1528 	fi->writectr += FUSE_NOWRITE;
1529 	spin_unlock(&fc->lock);
1530 	wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1531 }
1532 
1533 /*
1534  * Allow writepages on inode
1535  *
1536  * Remove the bias from the writecounter and send any queued
1537  * writepages.
1538  */
1539 static void __fuse_release_nowrite(struct inode *inode)
1540 {
1541 	struct fuse_inode *fi = get_fuse_inode(inode);
1542 
1543 	BUG_ON(fi->writectr != FUSE_NOWRITE);
1544 	fi->writectr = 0;
1545 	fuse_flush_writepages(inode);
1546 }
1547 
1548 void fuse_release_nowrite(struct inode *inode)
1549 {
1550 	struct fuse_conn *fc = get_fuse_conn(inode);
1551 
1552 	spin_lock(&fc->lock);
1553 	__fuse_release_nowrite(inode);
1554 	spin_unlock(&fc->lock);
1555 }
1556 
1557 /*
1558  * Set attributes, and at the same time refresh them.
1559  *
1560  * Truncation is slightly complicated, because the 'truncate' request
1561  * may fail, in which case we don't want to touch the mapping.
1562  * vmtruncate() doesn't allow for this case, so do the rlimit checking
1563  * and the actual truncation by hand.
1564  */
1565 int fuse_do_setattr(struct inode *inode, struct iattr *attr,
1566 		    struct file *file)
1567 {
1568 	struct fuse_conn *fc = get_fuse_conn(inode);
1569 	struct fuse_req *req;
1570 	struct fuse_setattr_in inarg;
1571 	struct fuse_attr_out outarg;
1572 	bool is_truncate = false;
1573 	loff_t oldsize;
1574 	int err;
1575 
1576 	if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS))
1577 		attr->ia_valid |= ATTR_FORCE;
1578 
1579 	err = inode_change_ok(inode, attr);
1580 	if (err)
1581 		return err;
1582 
1583 	if (attr->ia_valid & ATTR_OPEN) {
1584 		if (fc->atomic_o_trunc)
1585 			return 0;
1586 		file = NULL;
1587 	}
1588 
1589 	if (attr->ia_valid & ATTR_SIZE)
1590 		is_truncate = true;
1591 
1592 	req = fuse_get_req_nopages(fc);
1593 	if (IS_ERR(req))
1594 		return PTR_ERR(req);
1595 
1596 	if (is_truncate)
1597 		fuse_set_nowrite(inode);
1598 
1599 	memset(&inarg, 0, sizeof(inarg));
1600 	memset(&outarg, 0, sizeof(outarg));
1601 	iattr_to_fattr(attr, &inarg);
1602 	if (file) {
1603 		struct fuse_file *ff = file->private_data;
1604 		inarg.valid |= FATTR_FH;
1605 		inarg.fh = ff->fh;
1606 	}
1607 	if (attr->ia_valid & ATTR_SIZE) {
1608 		/* For mandatory locking in truncate */
1609 		inarg.valid |= FATTR_LOCKOWNER;
1610 		inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1611 	}
1612 	req->in.h.opcode = FUSE_SETATTR;
1613 	req->in.h.nodeid = get_node_id(inode);
1614 	req->in.numargs = 1;
1615 	req->in.args[0].size = sizeof(inarg);
1616 	req->in.args[0].value = &inarg;
1617 	req->out.numargs = 1;
1618 	if (fc->minor < 9)
1619 		req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
1620 	else
1621 		req->out.args[0].size = sizeof(outarg);
1622 	req->out.args[0].value = &outarg;
1623 	fuse_request_send(fc, req);
1624 	err = req->out.h.error;
1625 	fuse_put_request(fc, req);
1626 	if (err) {
1627 		if (err == -EINTR)
1628 			fuse_invalidate_attr(inode);
1629 		goto error;
1630 	}
1631 
1632 	if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1633 		make_bad_inode(inode);
1634 		err = -EIO;
1635 		goto error;
1636 	}
1637 
1638 	spin_lock(&fc->lock);
1639 	fuse_change_attributes_common(inode, &outarg.attr,
1640 				      attr_timeout(&outarg));
1641 	oldsize = inode->i_size;
1642 	i_size_write(inode, outarg.attr.size);
1643 
1644 	if (is_truncate) {
1645 		/* NOTE: this may release/reacquire fc->lock */
1646 		__fuse_release_nowrite(inode);
1647 	}
1648 	spin_unlock(&fc->lock);
1649 
1650 	/*
1651 	 * Only call invalidate_inode_pages2() after removing
1652 	 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1653 	 */
1654 	if (S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1655 		truncate_pagecache(inode, oldsize, outarg.attr.size);
1656 		invalidate_inode_pages2(inode->i_mapping);
1657 	}
1658 
1659 	return 0;
1660 
1661 error:
1662 	if (is_truncate)
1663 		fuse_release_nowrite(inode);
1664 
1665 	return err;
1666 }
1667 
1668 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1669 {
1670 	struct inode *inode = entry->d_inode;
1671 
1672 	if (!fuse_allow_current_process(get_fuse_conn(inode)))
1673 		return -EACCES;
1674 
1675 	if (attr->ia_valid & ATTR_FILE)
1676 		return fuse_do_setattr(inode, attr, attr->ia_file);
1677 	else
1678 		return fuse_do_setattr(inode, attr, NULL);
1679 }
1680 
1681 static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry,
1682 			struct kstat *stat)
1683 {
1684 	struct inode *inode = entry->d_inode;
1685 	struct fuse_conn *fc = get_fuse_conn(inode);
1686 
1687 	if (!fuse_allow_current_process(fc))
1688 		return -EACCES;
1689 
1690 	return fuse_update_attributes(inode, stat, NULL, NULL);
1691 }
1692 
1693 static int fuse_setxattr(struct dentry *entry, const char *name,
1694 			 const void *value, size_t size, int flags)
1695 {
1696 	struct inode *inode = entry->d_inode;
1697 	struct fuse_conn *fc = get_fuse_conn(inode);
1698 	struct fuse_req *req;
1699 	struct fuse_setxattr_in inarg;
1700 	int err;
1701 
1702 	if (fc->no_setxattr)
1703 		return -EOPNOTSUPP;
1704 
1705 	req = fuse_get_req_nopages(fc);
1706 	if (IS_ERR(req))
1707 		return PTR_ERR(req);
1708 
1709 	memset(&inarg, 0, sizeof(inarg));
1710 	inarg.size = size;
1711 	inarg.flags = flags;
1712 	req->in.h.opcode = FUSE_SETXATTR;
1713 	req->in.h.nodeid = get_node_id(inode);
1714 	req->in.numargs = 3;
1715 	req->in.args[0].size = sizeof(inarg);
1716 	req->in.args[0].value = &inarg;
1717 	req->in.args[1].size = strlen(name) + 1;
1718 	req->in.args[1].value = name;
1719 	req->in.args[2].size = size;
1720 	req->in.args[2].value = value;
1721 	fuse_request_send(fc, req);
1722 	err = req->out.h.error;
1723 	fuse_put_request(fc, req);
1724 	if (err == -ENOSYS) {
1725 		fc->no_setxattr = 1;
1726 		err = -EOPNOTSUPP;
1727 	}
1728 	return err;
1729 }
1730 
1731 static ssize_t fuse_getxattr(struct dentry *entry, const char *name,
1732 			     void *value, size_t size)
1733 {
1734 	struct inode *inode = entry->d_inode;
1735 	struct fuse_conn *fc = get_fuse_conn(inode);
1736 	struct fuse_req *req;
1737 	struct fuse_getxattr_in inarg;
1738 	struct fuse_getxattr_out outarg;
1739 	ssize_t ret;
1740 
1741 	if (fc->no_getxattr)
1742 		return -EOPNOTSUPP;
1743 
1744 	req = fuse_get_req_nopages(fc);
1745 	if (IS_ERR(req))
1746 		return PTR_ERR(req);
1747 
1748 	memset(&inarg, 0, sizeof(inarg));
1749 	inarg.size = size;
1750 	req->in.h.opcode = FUSE_GETXATTR;
1751 	req->in.h.nodeid = get_node_id(inode);
1752 	req->in.numargs = 2;
1753 	req->in.args[0].size = sizeof(inarg);
1754 	req->in.args[0].value = &inarg;
1755 	req->in.args[1].size = strlen(name) + 1;
1756 	req->in.args[1].value = name;
1757 	/* This is really two different operations rolled into one */
1758 	req->out.numargs = 1;
1759 	if (size) {
1760 		req->out.argvar = 1;
1761 		req->out.args[0].size = size;
1762 		req->out.args[0].value = value;
1763 	} else {
1764 		req->out.args[0].size = sizeof(outarg);
1765 		req->out.args[0].value = &outarg;
1766 	}
1767 	fuse_request_send(fc, req);
1768 	ret = req->out.h.error;
1769 	if (!ret)
1770 		ret = size ? req->out.args[0].size : outarg.size;
1771 	else {
1772 		if (ret == -ENOSYS) {
1773 			fc->no_getxattr = 1;
1774 			ret = -EOPNOTSUPP;
1775 		}
1776 	}
1777 	fuse_put_request(fc, req);
1778 	return ret;
1779 }
1780 
1781 static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
1782 {
1783 	struct inode *inode = entry->d_inode;
1784 	struct fuse_conn *fc = get_fuse_conn(inode);
1785 	struct fuse_req *req;
1786 	struct fuse_getxattr_in inarg;
1787 	struct fuse_getxattr_out outarg;
1788 	ssize_t ret;
1789 
1790 	if (!fuse_allow_current_process(fc))
1791 		return -EACCES;
1792 
1793 	if (fc->no_listxattr)
1794 		return -EOPNOTSUPP;
1795 
1796 	req = fuse_get_req_nopages(fc);
1797 	if (IS_ERR(req))
1798 		return PTR_ERR(req);
1799 
1800 	memset(&inarg, 0, sizeof(inarg));
1801 	inarg.size = size;
1802 	req->in.h.opcode = FUSE_LISTXATTR;
1803 	req->in.h.nodeid = get_node_id(inode);
1804 	req->in.numargs = 1;
1805 	req->in.args[0].size = sizeof(inarg);
1806 	req->in.args[0].value = &inarg;
1807 	/* This is really two different operations rolled into one */
1808 	req->out.numargs = 1;
1809 	if (size) {
1810 		req->out.argvar = 1;
1811 		req->out.args[0].size = size;
1812 		req->out.args[0].value = list;
1813 	} else {
1814 		req->out.args[0].size = sizeof(outarg);
1815 		req->out.args[0].value = &outarg;
1816 	}
1817 	fuse_request_send(fc, req);
1818 	ret = req->out.h.error;
1819 	if (!ret)
1820 		ret = size ? req->out.args[0].size : outarg.size;
1821 	else {
1822 		if (ret == -ENOSYS) {
1823 			fc->no_listxattr = 1;
1824 			ret = -EOPNOTSUPP;
1825 		}
1826 	}
1827 	fuse_put_request(fc, req);
1828 	return ret;
1829 }
1830 
1831 static int fuse_removexattr(struct dentry *entry, const char *name)
1832 {
1833 	struct inode *inode = entry->d_inode;
1834 	struct fuse_conn *fc = get_fuse_conn(inode);
1835 	struct fuse_req *req;
1836 	int err;
1837 
1838 	if (fc->no_removexattr)
1839 		return -EOPNOTSUPP;
1840 
1841 	req = fuse_get_req_nopages(fc);
1842 	if (IS_ERR(req))
1843 		return PTR_ERR(req);
1844 
1845 	req->in.h.opcode = FUSE_REMOVEXATTR;
1846 	req->in.h.nodeid = get_node_id(inode);
1847 	req->in.numargs = 1;
1848 	req->in.args[0].size = strlen(name) + 1;
1849 	req->in.args[0].value = name;
1850 	fuse_request_send(fc, req);
1851 	err = req->out.h.error;
1852 	fuse_put_request(fc, req);
1853 	if (err == -ENOSYS) {
1854 		fc->no_removexattr = 1;
1855 		err = -EOPNOTSUPP;
1856 	}
1857 	return err;
1858 }
1859 
1860 static const struct inode_operations fuse_dir_inode_operations = {
1861 	.lookup		= fuse_lookup,
1862 	.mkdir		= fuse_mkdir,
1863 	.symlink	= fuse_symlink,
1864 	.unlink		= fuse_unlink,
1865 	.rmdir		= fuse_rmdir,
1866 	.rename		= fuse_rename,
1867 	.link		= fuse_link,
1868 	.setattr	= fuse_setattr,
1869 	.create		= fuse_create,
1870 	.atomic_open	= fuse_atomic_open,
1871 	.mknod		= fuse_mknod,
1872 	.permission	= fuse_permission,
1873 	.getattr	= fuse_getattr,
1874 	.setxattr	= fuse_setxattr,
1875 	.getxattr	= fuse_getxattr,
1876 	.listxattr	= fuse_listxattr,
1877 	.removexattr	= fuse_removexattr,
1878 };
1879 
1880 static const struct file_operations fuse_dir_operations = {
1881 	.llseek		= generic_file_llseek,
1882 	.read		= generic_read_dir,
1883 	.readdir	= fuse_readdir,
1884 	.open		= fuse_dir_open,
1885 	.release	= fuse_dir_release,
1886 	.fsync		= fuse_dir_fsync,
1887 	.unlocked_ioctl	= fuse_dir_ioctl,
1888 	.compat_ioctl	= fuse_dir_compat_ioctl,
1889 };
1890 
1891 static const struct inode_operations fuse_common_inode_operations = {
1892 	.setattr	= fuse_setattr,
1893 	.permission	= fuse_permission,
1894 	.getattr	= fuse_getattr,
1895 	.setxattr	= fuse_setxattr,
1896 	.getxattr	= fuse_getxattr,
1897 	.listxattr	= fuse_listxattr,
1898 	.removexattr	= fuse_removexattr,
1899 };
1900 
1901 static const struct inode_operations fuse_symlink_inode_operations = {
1902 	.setattr	= fuse_setattr,
1903 	.follow_link	= fuse_follow_link,
1904 	.put_link	= fuse_put_link,
1905 	.readlink	= generic_readlink,
1906 	.getattr	= fuse_getattr,
1907 	.setxattr	= fuse_setxattr,
1908 	.getxattr	= fuse_getxattr,
1909 	.listxattr	= fuse_listxattr,
1910 	.removexattr	= fuse_removexattr,
1911 };
1912 
1913 void fuse_init_common(struct inode *inode)
1914 {
1915 	inode->i_op = &fuse_common_inode_operations;
1916 }
1917 
1918 void fuse_init_dir(struct inode *inode)
1919 {
1920 	inode->i_op = &fuse_dir_inode_operations;
1921 	inode->i_fop = &fuse_dir_operations;
1922 }
1923 
1924 void fuse_init_symlink(struct inode *inode)
1925 {
1926 	inode->i_op = &fuse_symlink_inode_operations;
1927 }
1928