1 /* 2 FUSE: Filesystem in Userspace 3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu> 4 5 This program can be distributed under the terms of the GNU GPL. 6 See the file COPYING. 7 */ 8 9 #include "fuse_i.h" 10 11 #include <linux/pagemap.h> 12 #include <linux/file.h> 13 #include <linux/fs_context.h> 14 #include <linux/sched.h> 15 #include <linux/namei.h> 16 #include <linux/slab.h> 17 #include <linux/xattr.h> 18 #include <linux/iversion.h> 19 #include <linux/posix_acl.h> 20 21 static void fuse_advise_use_readdirplus(struct inode *dir) 22 { 23 struct fuse_inode *fi = get_fuse_inode(dir); 24 25 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state); 26 } 27 28 #if BITS_PER_LONG >= 64 29 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time) 30 { 31 entry->d_fsdata = (void *) time; 32 } 33 34 static inline u64 fuse_dentry_time(const struct dentry *entry) 35 { 36 return (u64)entry->d_fsdata; 37 } 38 39 #else 40 union fuse_dentry { 41 u64 time; 42 struct rcu_head rcu; 43 }; 44 45 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time) 46 { 47 ((union fuse_dentry *) dentry->d_fsdata)->time = time; 48 } 49 50 static inline u64 fuse_dentry_time(const struct dentry *entry) 51 { 52 return ((union fuse_dentry *) entry->d_fsdata)->time; 53 } 54 #endif 55 56 static void fuse_dentry_settime(struct dentry *dentry, u64 time) 57 { 58 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb); 59 bool delete = !time && fc->delete_stale; 60 /* 61 * Mess with DCACHE_OP_DELETE because dput() will be faster without it. 62 * Don't care about races, either way it's just an optimization 63 */ 64 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) || 65 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) { 66 spin_lock(&dentry->d_lock); 67 if (!delete) 68 dentry->d_flags &= ~DCACHE_OP_DELETE; 69 else 70 dentry->d_flags |= DCACHE_OP_DELETE; 71 spin_unlock(&dentry->d_lock); 72 } 73 74 __fuse_dentry_settime(dentry, time); 75 } 76 77 /* 78 * FUSE caches dentries and attributes with separate timeout. The 79 * time in jiffies until the dentry/attributes are valid is stored in 80 * dentry->d_fsdata and fuse_inode->i_time respectively. 81 */ 82 83 /* 84 * Calculate the time in jiffies until a dentry/attributes are valid 85 */ 86 static u64 time_to_jiffies(u64 sec, u32 nsec) 87 { 88 if (sec || nsec) { 89 struct timespec64 ts = { 90 sec, 91 min_t(u32, nsec, NSEC_PER_SEC - 1) 92 }; 93 94 return get_jiffies_64() + timespec64_to_jiffies(&ts); 95 } else 96 return 0; 97 } 98 99 /* 100 * Set dentry and possibly attribute timeouts from the lookup/mk* 101 * replies 102 */ 103 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o) 104 { 105 fuse_dentry_settime(entry, 106 time_to_jiffies(o->entry_valid, o->entry_valid_nsec)); 107 } 108 109 static u64 attr_timeout(struct fuse_attr_out *o) 110 { 111 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec); 112 } 113 114 u64 entry_attr_timeout(struct fuse_entry_out *o) 115 { 116 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec); 117 } 118 119 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask) 120 { 121 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask); 122 } 123 124 /* 125 * Mark the attributes as stale, so that at the next call to 126 * ->getattr() they will be fetched from userspace 127 */ 128 void fuse_invalidate_attr(struct inode *inode) 129 { 130 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS); 131 } 132 133 static void fuse_dir_changed(struct inode *dir) 134 { 135 fuse_invalidate_attr(dir); 136 inode_maybe_inc_iversion(dir, false); 137 } 138 139 /** 140 * Mark the attributes as stale due to an atime change. Avoid the invalidate if 141 * atime is not used. 142 */ 143 void fuse_invalidate_atime(struct inode *inode) 144 { 145 if (!IS_RDONLY(inode)) 146 fuse_invalidate_attr_mask(inode, STATX_ATIME); 147 } 148 149 /* 150 * Just mark the entry as stale, so that a next attempt to look it up 151 * will result in a new lookup call to userspace 152 * 153 * This is called when a dentry is about to become negative and the 154 * timeout is unknown (unlink, rmdir, rename and in some cases 155 * lookup) 156 */ 157 void fuse_invalidate_entry_cache(struct dentry *entry) 158 { 159 fuse_dentry_settime(entry, 0); 160 } 161 162 /* 163 * Same as fuse_invalidate_entry_cache(), but also try to remove the 164 * dentry from the hash 165 */ 166 static void fuse_invalidate_entry(struct dentry *entry) 167 { 168 d_invalidate(entry); 169 fuse_invalidate_entry_cache(entry); 170 } 171 172 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args, 173 u64 nodeid, const struct qstr *name, 174 struct fuse_entry_out *outarg) 175 { 176 memset(outarg, 0, sizeof(struct fuse_entry_out)); 177 args->opcode = FUSE_LOOKUP; 178 args->nodeid = nodeid; 179 args->in_numargs = 1; 180 args->in_args[0].size = name->len + 1; 181 args->in_args[0].value = name->name; 182 args->out_numargs = 1; 183 args->out_args[0].size = sizeof(struct fuse_entry_out); 184 args->out_args[0].value = outarg; 185 } 186 187 /* 188 * Check whether the dentry is still valid 189 * 190 * If the entry validity timeout has expired and the dentry is 191 * positive, try to redo the lookup. If the lookup results in a 192 * different inode, then let the VFS invalidate the dentry and redo 193 * the lookup once more. If the lookup results in the same inode, 194 * then refresh the attributes, timeouts and mark the dentry valid. 195 */ 196 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags) 197 { 198 struct inode *inode; 199 struct dentry *parent; 200 struct fuse_mount *fm; 201 struct fuse_inode *fi; 202 int ret; 203 204 inode = d_inode_rcu(entry); 205 if (inode && is_bad_inode(inode)) 206 goto invalid; 207 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) || 208 (flags & LOOKUP_REVAL)) { 209 struct fuse_entry_out outarg; 210 FUSE_ARGS(args); 211 struct fuse_forget_link *forget; 212 u64 attr_version; 213 214 /* For negative dentries, always do a fresh lookup */ 215 if (!inode) 216 goto invalid; 217 218 ret = -ECHILD; 219 if (flags & LOOKUP_RCU) 220 goto out; 221 222 fm = get_fuse_mount(inode); 223 224 forget = fuse_alloc_forget(); 225 ret = -ENOMEM; 226 if (!forget) 227 goto out; 228 229 attr_version = fuse_get_attr_version(fm->fc); 230 231 parent = dget_parent(entry); 232 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)), 233 &entry->d_name, &outarg); 234 ret = fuse_simple_request(fm, &args); 235 dput(parent); 236 /* Zero nodeid is same as -ENOENT */ 237 if (!ret && !outarg.nodeid) 238 ret = -ENOENT; 239 if (!ret) { 240 fi = get_fuse_inode(inode); 241 if (outarg.nodeid != get_node_id(inode) || 242 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) { 243 fuse_queue_forget(fm->fc, forget, 244 outarg.nodeid, 1); 245 goto invalid; 246 } 247 spin_lock(&fi->lock); 248 fi->nlookup++; 249 spin_unlock(&fi->lock); 250 } 251 kfree(forget); 252 if (ret == -ENOMEM) 253 goto out; 254 if (ret || fuse_invalid_attr(&outarg.attr) || 255 (outarg.attr.mode ^ inode->i_mode) & S_IFMT) 256 goto invalid; 257 258 forget_all_cached_acls(inode); 259 fuse_change_attributes(inode, &outarg.attr, 260 entry_attr_timeout(&outarg), 261 attr_version); 262 fuse_change_entry_timeout(entry, &outarg); 263 } else if (inode) { 264 fi = get_fuse_inode(inode); 265 if (flags & LOOKUP_RCU) { 266 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state)) 267 return -ECHILD; 268 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) { 269 parent = dget_parent(entry); 270 fuse_advise_use_readdirplus(d_inode(parent)); 271 dput(parent); 272 } 273 } 274 ret = 1; 275 out: 276 return ret; 277 278 invalid: 279 ret = 0; 280 goto out; 281 } 282 283 #if BITS_PER_LONG < 64 284 static int fuse_dentry_init(struct dentry *dentry) 285 { 286 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry), 287 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE); 288 289 return dentry->d_fsdata ? 0 : -ENOMEM; 290 } 291 static void fuse_dentry_release(struct dentry *dentry) 292 { 293 union fuse_dentry *fd = dentry->d_fsdata; 294 295 kfree_rcu(fd, rcu); 296 } 297 #endif 298 299 static int fuse_dentry_delete(const struct dentry *dentry) 300 { 301 return time_before64(fuse_dentry_time(dentry), get_jiffies_64()); 302 } 303 304 /* 305 * Create a fuse_mount object with a new superblock (with path->dentry 306 * as the root), and return that mount so it can be auto-mounted on 307 * @path. 308 */ 309 static struct vfsmount *fuse_dentry_automount(struct path *path) 310 { 311 struct fs_context *fsc; 312 struct fuse_mount *parent_fm = get_fuse_mount_super(path->mnt->mnt_sb); 313 struct fuse_conn *fc = parent_fm->fc; 314 struct fuse_mount *fm; 315 struct vfsmount *mnt; 316 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry)); 317 struct super_block *sb; 318 int err; 319 320 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry); 321 if (IS_ERR(fsc)) { 322 err = PTR_ERR(fsc); 323 goto out; 324 } 325 326 err = -ENOMEM; 327 fm = kzalloc(sizeof(struct fuse_mount), GFP_KERNEL); 328 if (!fm) 329 goto out_put_fsc; 330 331 refcount_set(&fm->count, 1); 332 fsc->s_fs_info = fm; 333 sb = sget_fc(fsc, NULL, set_anon_super_fc); 334 if (IS_ERR(sb)) { 335 err = PTR_ERR(sb); 336 fuse_mount_put(fm); 337 goto out_put_fsc; 338 } 339 fm->fc = fuse_conn_get(fc); 340 341 /* Initialize superblock, making @mp_fi its root */ 342 err = fuse_fill_super_submount(sb, mp_fi); 343 if (err) 344 goto out_put_sb; 345 346 sb->s_flags |= SB_ACTIVE; 347 fsc->root = dget(sb->s_root); 348 /* We are done configuring the superblock, so unlock it */ 349 up_write(&sb->s_umount); 350 351 down_write(&fc->killsb); 352 list_add_tail(&fm->fc_entry, &fc->mounts); 353 up_write(&fc->killsb); 354 355 /* Create the submount */ 356 mnt = vfs_create_mount(fsc); 357 if (IS_ERR(mnt)) { 358 err = PTR_ERR(mnt); 359 goto out_put_fsc; 360 } 361 mntget(mnt); 362 put_fs_context(fsc); 363 return mnt; 364 365 out_put_sb: 366 /* 367 * Only jump here when fsc->root is NULL and sb is still locked 368 * (otherwise put_fs_context() will put the superblock) 369 */ 370 deactivate_locked_super(sb); 371 out_put_fsc: 372 put_fs_context(fsc); 373 out: 374 return ERR_PTR(err); 375 } 376 377 const struct dentry_operations fuse_dentry_operations = { 378 .d_revalidate = fuse_dentry_revalidate, 379 .d_delete = fuse_dentry_delete, 380 #if BITS_PER_LONG < 64 381 .d_init = fuse_dentry_init, 382 .d_release = fuse_dentry_release, 383 #endif 384 .d_automount = fuse_dentry_automount, 385 }; 386 387 const struct dentry_operations fuse_root_dentry_operations = { 388 #if BITS_PER_LONG < 64 389 .d_init = fuse_dentry_init, 390 .d_release = fuse_dentry_release, 391 #endif 392 }; 393 394 int fuse_valid_type(int m) 395 { 396 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) || 397 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m); 398 } 399 400 bool fuse_invalid_attr(struct fuse_attr *attr) 401 { 402 return !fuse_valid_type(attr->mode) || 403 attr->size > LLONG_MAX; 404 } 405 406 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name, 407 struct fuse_entry_out *outarg, struct inode **inode) 408 { 409 struct fuse_mount *fm = get_fuse_mount_super(sb); 410 FUSE_ARGS(args); 411 struct fuse_forget_link *forget; 412 u64 attr_version; 413 int err; 414 415 *inode = NULL; 416 err = -ENAMETOOLONG; 417 if (name->len > FUSE_NAME_MAX) 418 goto out; 419 420 421 forget = fuse_alloc_forget(); 422 err = -ENOMEM; 423 if (!forget) 424 goto out; 425 426 attr_version = fuse_get_attr_version(fm->fc); 427 428 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg); 429 err = fuse_simple_request(fm, &args); 430 /* Zero nodeid is same as -ENOENT, but with valid timeout */ 431 if (err || !outarg->nodeid) 432 goto out_put_forget; 433 434 err = -EIO; 435 if (!outarg->nodeid) 436 goto out_put_forget; 437 if (fuse_invalid_attr(&outarg->attr)) 438 goto out_put_forget; 439 440 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation, 441 &outarg->attr, entry_attr_timeout(outarg), 442 attr_version); 443 err = -ENOMEM; 444 if (!*inode) { 445 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1); 446 goto out; 447 } 448 err = 0; 449 450 out_put_forget: 451 kfree(forget); 452 out: 453 return err; 454 } 455 456 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry, 457 unsigned int flags) 458 { 459 int err; 460 struct fuse_entry_out outarg; 461 struct inode *inode; 462 struct dentry *newent; 463 bool outarg_valid = true; 464 bool locked; 465 466 locked = fuse_lock_inode(dir); 467 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name, 468 &outarg, &inode); 469 fuse_unlock_inode(dir, locked); 470 if (err == -ENOENT) { 471 outarg_valid = false; 472 err = 0; 473 } 474 if (err) 475 goto out_err; 476 477 err = -EIO; 478 if (inode && get_node_id(inode) == FUSE_ROOT_ID) 479 goto out_iput; 480 481 newent = d_splice_alias(inode, entry); 482 err = PTR_ERR(newent); 483 if (IS_ERR(newent)) 484 goto out_err; 485 486 entry = newent ? newent : entry; 487 if (outarg_valid) 488 fuse_change_entry_timeout(entry, &outarg); 489 else 490 fuse_invalidate_entry_cache(entry); 491 492 if (inode) 493 fuse_advise_use_readdirplus(dir); 494 return newent; 495 496 out_iput: 497 iput(inode); 498 out_err: 499 return ERR_PTR(err); 500 } 501 502 /* 503 * Atomic create+open operation 504 * 505 * If the filesystem doesn't support this, then fall back to separate 506 * 'mknod' + 'open' requests. 507 */ 508 static int fuse_create_open(struct inode *dir, struct dentry *entry, 509 struct file *file, unsigned flags, 510 umode_t mode) 511 { 512 int err; 513 struct inode *inode; 514 struct fuse_mount *fm = get_fuse_mount(dir); 515 FUSE_ARGS(args); 516 struct fuse_forget_link *forget; 517 struct fuse_create_in inarg; 518 struct fuse_open_out outopen; 519 struct fuse_entry_out outentry; 520 struct fuse_inode *fi; 521 struct fuse_file *ff; 522 523 /* Userspace expects S_IFREG in create mode */ 524 BUG_ON((mode & S_IFMT) != S_IFREG); 525 526 forget = fuse_alloc_forget(); 527 err = -ENOMEM; 528 if (!forget) 529 goto out_err; 530 531 err = -ENOMEM; 532 ff = fuse_file_alloc(fm); 533 if (!ff) 534 goto out_put_forget_req; 535 536 if (!fm->fc->dont_mask) 537 mode &= ~current_umask(); 538 539 flags &= ~O_NOCTTY; 540 memset(&inarg, 0, sizeof(inarg)); 541 memset(&outentry, 0, sizeof(outentry)); 542 inarg.flags = flags; 543 inarg.mode = mode; 544 inarg.umask = current_umask(); 545 args.opcode = FUSE_CREATE; 546 args.nodeid = get_node_id(dir); 547 args.in_numargs = 2; 548 args.in_args[0].size = sizeof(inarg); 549 args.in_args[0].value = &inarg; 550 args.in_args[1].size = entry->d_name.len + 1; 551 args.in_args[1].value = entry->d_name.name; 552 args.out_numargs = 2; 553 args.out_args[0].size = sizeof(outentry); 554 args.out_args[0].value = &outentry; 555 args.out_args[1].size = sizeof(outopen); 556 args.out_args[1].value = &outopen; 557 err = fuse_simple_request(fm, &args); 558 if (err) 559 goto out_free_ff; 560 561 err = -EIO; 562 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) || 563 fuse_invalid_attr(&outentry.attr)) 564 goto out_free_ff; 565 566 ff->fh = outopen.fh; 567 ff->nodeid = outentry.nodeid; 568 ff->open_flags = outopen.open_flags; 569 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation, 570 &outentry.attr, entry_attr_timeout(&outentry), 0); 571 if (!inode) { 572 flags &= ~(O_CREAT | O_EXCL | O_TRUNC); 573 fuse_sync_release(NULL, ff, flags); 574 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1); 575 err = -ENOMEM; 576 goto out_err; 577 } 578 kfree(forget); 579 d_instantiate(entry, inode); 580 fuse_change_entry_timeout(entry, &outentry); 581 fuse_dir_changed(dir); 582 err = finish_open(file, entry, generic_file_open); 583 if (err) { 584 fi = get_fuse_inode(inode); 585 fuse_sync_release(fi, ff, flags); 586 } else { 587 file->private_data = ff; 588 fuse_finish_open(inode, file); 589 } 590 return err; 591 592 out_free_ff: 593 fuse_file_free(ff); 594 out_put_forget_req: 595 kfree(forget); 596 out_err: 597 return err; 598 } 599 600 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t); 601 static int fuse_atomic_open(struct inode *dir, struct dentry *entry, 602 struct file *file, unsigned flags, 603 umode_t mode) 604 { 605 int err; 606 struct fuse_conn *fc = get_fuse_conn(dir); 607 struct dentry *res = NULL; 608 609 if (d_in_lookup(entry)) { 610 res = fuse_lookup(dir, entry, 0); 611 if (IS_ERR(res)) 612 return PTR_ERR(res); 613 614 if (res) 615 entry = res; 616 } 617 618 if (!(flags & O_CREAT) || d_really_is_positive(entry)) 619 goto no_open; 620 621 /* Only creates */ 622 file->f_mode |= FMODE_CREATED; 623 624 if (fc->no_create) 625 goto mknod; 626 627 err = fuse_create_open(dir, entry, file, flags, mode); 628 if (err == -ENOSYS) { 629 fc->no_create = 1; 630 goto mknod; 631 } 632 out_dput: 633 dput(res); 634 return err; 635 636 mknod: 637 err = fuse_mknod(dir, entry, mode, 0); 638 if (err) 639 goto out_dput; 640 no_open: 641 return finish_no_open(file, res); 642 } 643 644 /* 645 * Code shared between mknod, mkdir, symlink and link 646 */ 647 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args, 648 struct inode *dir, struct dentry *entry, 649 umode_t mode) 650 { 651 struct fuse_entry_out outarg; 652 struct inode *inode; 653 struct dentry *d; 654 int err; 655 struct fuse_forget_link *forget; 656 657 forget = fuse_alloc_forget(); 658 if (!forget) 659 return -ENOMEM; 660 661 memset(&outarg, 0, sizeof(outarg)); 662 args->nodeid = get_node_id(dir); 663 args->out_numargs = 1; 664 args->out_args[0].size = sizeof(outarg); 665 args->out_args[0].value = &outarg; 666 err = fuse_simple_request(fm, args); 667 if (err) 668 goto out_put_forget_req; 669 670 err = -EIO; 671 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr)) 672 goto out_put_forget_req; 673 674 if ((outarg.attr.mode ^ mode) & S_IFMT) 675 goto out_put_forget_req; 676 677 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation, 678 &outarg.attr, entry_attr_timeout(&outarg), 0); 679 if (!inode) { 680 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1); 681 return -ENOMEM; 682 } 683 kfree(forget); 684 685 d_drop(entry); 686 d = d_splice_alias(inode, entry); 687 if (IS_ERR(d)) 688 return PTR_ERR(d); 689 690 if (d) { 691 fuse_change_entry_timeout(d, &outarg); 692 dput(d); 693 } else { 694 fuse_change_entry_timeout(entry, &outarg); 695 } 696 fuse_dir_changed(dir); 697 return 0; 698 699 out_put_forget_req: 700 kfree(forget); 701 return err; 702 } 703 704 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode, 705 dev_t rdev) 706 { 707 struct fuse_mknod_in inarg; 708 struct fuse_mount *fm = get_fuse_mount(dir); 709 FUSE_ARGS(args); 710 711 if (!fm->fc->dont_mask) 712 mode &= ~current_umask(); 713 714 memset(&inarg, 0, sizeof(inarg)); 715 inarg.mode = mode; 716 inarg.rdev = new_encode_dev(rdev); 717 inarg.umask = current_umask(); 718 args.opcode = FUSE_MKNOD; 719 args.in_numargs = 2; 720 args.in_args[0].size = sizeof(inarg); 721 args.in_args[0].value = &inarg; 722 args.in_args[1].size = entry->d_name.len + 1; 723 args.in_args[1].value = entry->d_name.name; 724 return create_new_entry(fm, &args, dir, entry, mode); 725 } 726 727 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode, 728 bool excl) 729 { 730 return fuse_mknod(dir, entry, mode, 0); 731 } 732 733 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode) 734 { 735 struct fuse_mkdir_in inarg; 736 struct fuse_mount *fm = get_fuse_mount(dir); 737 FUSE_ARGS(args); 738 739 if (!fm->fc->dont_mask) 740 mode &= ~current_umask(); 741 742 memset(&inarg, 0, sizeof(inarg)); 743 inarg.mode = mode; 744 inarg.umask = current_umask(); 745 args.opcode = FUSE_MKDIR; 746 args.in_numargs = 2; 747 args.in_args[0].size = sizeof(inarg); 748 args.in_args[0].value = &inarg; 749 args.in_args[1].size = entry->d_name.len + 1; 750 args.in_args[1].value = entry->d_name.name; 751 return create_new_entry(fm, &args, dir, entry, S_IFDIR); 752 } 753 754 static int fuse_symlink(struct inode *dir, struct dentry *entry, 755 const char *link) 756 { 757 struct fuse_mount *fm = get_fuse_mount(dir); 758 unsigned len = strlen(link) + 1; 759 FUSE_ARGS(args); 760 761 args.opcode = FUSE_SYMLINK; 762 args.in_numargs = 2; 763 args.in_args[0].size = entry->d_name.len + 1; 764 args.in_args[0].value = entry->d_name.name; 765 args.in_args[1].size = len; 766 args.in_args[1].value = link; 767 return create_new_entry(fm, &args, dir, entry, S_IFLNK); 768 } 769 770 void fuse_update_ctime(struct inode *inode) 771 { 772 if (!IS_NOCMTIME(inode)) { 773 inode->i_ctime = current_time(inode); 774 mark_inode_dirty_sync(inode); 775 } 776 } 777 778 static int fuse_unlink(struct inode *dir, struct dentry *entry) 779 { 780 int err; 781 struct fuse_mount *fm = get_fuse_mount(dir); 782 FUSE_ARGS(args); 783 784 args.opcode = FUSE_UNLINK; 785 args.nodeid = get_node_id(dir); 786 args.in_numargs = 1; 787 args.in_args[0].size = entry->d_name.len + 1; 788 args.in_args[0].value = entry->d_name.name; 789 err = fuse_simple_request(fm, &args); 790 if (!err) { 791 struct inode *inode = d_inode(entry); 792 struct fuse_inode *fi = get_fuse_inode(inode); 793 794 spin_lock(&fi->lock); 795 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version); 796 /* 797 * If i_nlink == 0 then unlink doesn't make sense, yet this can 798 * happen if userspace filesystem is careless. It would be 799 * difficult to enforce correct nlink usage so just ignore this 800 * condition here 801 */ 802 if (inode->i_nlink > 0) 803 drop_nlink(inode); 804 spin_unlock(&fi->lock); 805 fuse_invalidate_attr(inode); 806 fuse_dir_changed(dir); 807 fuse_invalidate_entry_cache(entry); 808 fuse_update_ctime(inode); 809 } else if (err == -EINTR) 810 fuse_invalidate_entry(entry); 811 return err; 812 } 813 814 static int fuse_rmdir(struct inode *dir, struct dentry *entry) 815 { 816 int err; 817 struct fuse_mount *fm = get_fuse_mount(dir); 818 FUSE_ARGS(args); 819 820 args.opcode = FUSE_RMDIR; 821 args.nodeid = get_node_id(dir); 822 args.in_numargs = 1; 823 args.in_args[0].size = entry->d_name.len + 1; 824 args.in_args[0].value = entry->d_name.name; 825 err = fuse_simple_request(fm, &args); 826 if (!err) { 827 clear_nlink(d_inode(entry)); 828 fuse_dir_changed(dir); 829 fuse_invalidate_entry_cache(entry); 830 } else if (err == -EINTR) 831 fuse_invalidate_entry(entry); 832 return err; 833 } 834 835 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent, 836 struct inode *newdir, struct dentry *newent, 837 unsigned int flags, int opcode, size_t argsize) 838 { 839 int err; 840 struct fuse_rename2_in inarg; 841 struct fuse_mount *fm = get_fuse_mount(olddir); 842 FUSE_ARGS(args); 843 844 memset(&inarg, 0, argsize); 845 inarg.newdir = get_node_id(newdir); 846 inarg.flags = flags; 847 args.opcode = opcode; 848 args.nodeid = get_node_id(olddir); 849 args.in_numargs = 3; 850 args.in_args[0].size = argsize; 851 args.in_args[0].value = &inarg; 852 args.in_args[1].size = oldent->d_name.len + 1; 853 args.in_args[1].value = oldent->d_name.name; 854 args.in_args[2].size = newent->d_name.len + 1; 855 args.in_args[2].value = newent->d_name.name; 856 err = fuse_simple_request(fm, &args); 857 if (!err) { 858 /* ctime changes */ 859 fuse_invalidate_attr(d_inode(oldent)); 860 fuse_update_ctime(d_inode(oldent)); 861 862 if (flags & RENAME_EXCHANGE) { 863 fuse_invalidate_attr(d_inode(newent)); 864 fuse_update_ctime(d_inode(newent)); 865 } 866 867 fuse_dir_changed(olddir); 868 if (olddir != newdir) 869 fuse_dir_changed(newdir); 870 871 /* newent will end up negative */ 872 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) { 873 fuse_invalidate_attr(d_inode(newent)); 874 fuse_invalidate_entry_cache(newent); 875 fuse_update_ctime(d_inode(newent)); 876 } 877 } else if (err == -EINTR) { 878 /* If request was interrupted, DEITY only knows if the 879 rename actually took place. If the invalidation 880 fails (e.g. some process has CWD under the renamed 881 directory), then there can be inconsistency between 882 the dcache and the real filesystem. Tough luck. */ 883 fuse_invalidate_entry(oldent); 884 if (d_really_is_positive(newent)) 885 fuse_invalidate_entry(newent); 886 } 887 888 return err; 889 } 890 891 static int fuse_rename2(struct inode *olddir, struct dentry *oldent, 892 struct inode *newdir, struct dentry *newent, 893 unsigned int flags) 894 { 895 struct fuse_conn *fc = get_fuse_conn(olddir); 896 int err; 897 898 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT)) 899 return -EINVAL; 900 901 if (flags) { 902 if (fc->no_rename2 || fc->minor < 23) 903 return -EINVAL; 904 905 err = fuse_rename_common(olddir, oldent, newdir, newent, flags, 906 FUSE_RENAME2, 907 sizeof(struct fuse_rename2_in)); 908 if (err == -ENOSYS) { 909 fc->no_rename2 = 1; 910 err = -EINVAL; 911 } 912 } else { 913 err = fuse_rename_common(olddir, oldent, newdir, newent, 0, 914 FUSE_RENAME, 915 sizeof(struct fuse_rename_in)); 916 } 917 918 return err; 919 } 920 921 static int fuse_link(struct dentry *entry, struct inode *newdir, 922 struct dentry *newent) 923 { 924 int err; 925 struct fuse_link_in inarg; 926 struct inode *inode = d_inode(entry); 927 struct fuse_mount *fm = get_fuse_mount(inode); 928 FUSE_ARGS(args); 929 930 memset(&inarg, 0, sizeof(inarg)); 931 inarg.oldnodeid = get_node_id(inode); 932 args.opcode = FUSE_LINK; 933 args.in_numargs = 2; 934 args.in_args[0].size = sizeof(inarg); 935 args.in_args[0].value = &inarg; 936 args.in_args[1].size = newent->d_name.len + 1; 937 args.in_args[1].value = newent->d_name.name; 938 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode); 939 /* Contrary to "normal" filesystems it can happen that link 940 makes two "logical" inodes point to the same "physical" 941 inode. We invalidate the attributes of the old one, so it 942 will reflect changes in the backing inode (link count, 943 etc.) 944 */ 945 if (!err) { 946 struct fuse_inode *fi = get_fuse_inode(inode); 947 948 spin_lock(&fi->lock); 949 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version); 950 if (likely(inode->i_nlink < UINT_MAX)) 951 inc_nlink(inode); 952 spin_unlock(&fi->lock); 953 fuse_invalidate_attr(inode); 954 fuse_update_ctime(inode); 955 } else if (err == -EINTR) { 956 fuse_invalidate_attr(inode); 957 } 958 return err; 959 } 960 961 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr, 962 struct kstat *stat) 963 { 964 unsigned int blkbits; 965 struct fuse_conn *fc = get_fuse_conn(inode); 966 967 /* see the comment in fuse_change_attributes() */ 968 if (fc->writeback_cache && S_ISREG(inode->i_mode)) { 969 attr->size = i_size_read(inode); 970 attr->mtime = inode->i_mtime.tv_sec; 971 attr->mtimensec = inode->i_mtime.tv_nsec; 972 attr->ctime = inode->i_ctime.tv_sec; 973 attr->ctimensec = inode->i_ctime.tv_nsec; 974 } 975 976 stat->dev = inode->i_sb->s_dev; 977 stat->ino = attr->ino; 978 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777); 979 stat->nlink = attr->nlink; 980 stat->uid = make_kuid(fc->user_ns, attr->uid); 981 stat->gid = make_kgid(fc->user_ns, attr->gid); 982 stat->rdev = inode->i_rdev; 983 stat->atime.tv_sec = attr->atime; 984 stat->atime.tv_nsec = attr->atimensec; 985 stat->mtime.tv_sec = attr->mtime; 986 stat->mtime.tv_nsec = attr->mtimensec; 987 stat->ctime.tv_sec = attr->ctime; 988 stat->ctime.tv_nsec = attr->ctimensec; 989 stat->size = attr->size; 990 stat->blocks = attr->blocks; 991 992 if (attr->blksize != 0) 993 blkbits = ilog2(attr->blksize); 994 else 995 blkbits = inode->i_sb->s_blocksize_bits; 996 997 stat->blksize = 1 << blkbits; 998 } 999 1000 static int fuse_do_getattr(struct inode *inode, struct kstat *stat, 1001 struct file *file) 1002 { 1003 int err; 1004 struct fuse_getattr_in inarg; 1005 struct fuse_attr_out outarg; 1006 struct fuse_mount *fm = get_fuse_mount(inode); 1007 FUSE_ARGS(args); 1008 u64 attr_version; 1009 1010 attr_version = fuse_get_attr_version(fm->fc); 1011 1012 memset(&inarg, 0, sizeof(inarg)); 1013 memset(&outarg, 0, sizeof(outarg)); 1014 /* Directories have separate file-handle space */ 1015 if (file && S_ISREG(inode->i_mode)) { 1016 struct fuse_file *ff = file->private_data; 1017 1018 inarg.getattr_flags |= FUSE_GETATTR_FH; 1019 inarg.fh = ff->fh; 1020 } 1021 args.opcode = FUSE_GETATTR; 1022 args.nodeid = get_node_id(inode); 1023 args.in_numargs = 1; 1024 args.in_args[0].size = sizeof(inarg); 1025 args.in_args[0].value = &inarg; 1026 args.out_numargs = 1; 1027 args.out_args[0].size = sizeof(outarg); 1028 args.out_args[0].value = &outarg; 1029 err = fuse_simple_request(fm, &args); 1030 if (!err) { 1031 if (fuse_invalid_attr(&outarg.attr) || 1032 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) { 1033 make_bad_inode(inode); 1034 err = -EIO; 1035 } else { 1036 fuse_change_attributes(inode, &outarg.attr, 1037 attr_timeout(&outarg), 1038 attr_version); 1039 if (stat) 1040 fuse_fillattr(inode, &outarg.attr, stat); 1041 } 1042 } 1043 return err; 1044 } 1045 1046 static int fuse_update_get_attr(struct inode *inode, struct file *file, 1047 struct kstat *stat, u32 request_mask, 1048 unsigned int flags) 1049 { 1050 struct fuse_inode *fi = get_fuse_inode(inode); 1051 int err = 0; 1052 bool sync; 1053 1054 if (flags & AT_STATX_FORCE_SYNC) 1055 sync = true; 1056 else if (flags & AT_STATX_DONT_SYNC) 1057 sync = false; 1058 else if (request_mask & READ_ONCE(fi->inval_mask)) 1059 sync = true; 1060 else 1061 sync = time_before64(fi->i_time, get_jiffies_64()); 1062 1063 if (sync) { 1064 forget_all_cached_acls(inode); 1065 err = fuse_do_getattr(inode, stat, file); 1066 } else if (stat) { 1067 generic_fillattr(inode, stat); 1068 stat->mode = fi->orig_i_mode; 1069 stat->ino = fi->orig_ino; 1070 } 1071 1072 return err; 1073 } 1074 1075 int fuse_update_attributes(struct inode *inode, struct file *file) 1076 { 1077 /* Do *not* need to get atime for internal purposes */ 1078 return fuse_update_get_attr(inode, file, NULL, 1079 STATX_BASIC_STATS & ~STATX_ATIME, 0); 1080 } 1081 1082 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid, 1083 u64 child_nodeid, struct qstr *name) 1084 { 1085 int err = -ENOTDIR; 1086 struct inode *parent; 1087 struct dentry *dir; 1088 struct dentry *entry; 1089 1090 parent = fuse_ilookup(fc, parent_nodeid, NULL); 1091 if (!parent) 1092 return -ENOENT; 1093 1094 inode_lock(parent); 1095 if (!S_ISDIR(parent->i_mode)) 1096 goto unlock; 1097 1098 err = -ENOENT; 1099 dir = d_find_alias(parent); 1100 if (!dir) 1101 goto unlock; 1102 1103 name->hash = full_name_hash(dir, name->name, name->len); 1104 entry = d_lookup(dir, name); 1105 dput(dir); 1106 if (!entry) 1107 goto unlock; 1108 1109 fuse_dir_changed(parent); 1110 fuse_invalidate_entry(entry); 1111 1112 if (child_nodeid != 0 && d_really_is_positive(entry)) { 1113 inode_lock(d_inode(entry)); 1114 if (get_node_id(d_inode(entry)) != child_nodeid) { 1115 err = -ENOENT; 1116 goto badentry; 1117 } 1118 if (d_mountpoint(entry)) { 1119 err = -EBUSY; 1120 goto badentry; 1121 } 1122 if (d_is_dir(entry)) { 1123 shrink_dcache_parent(entry); 1124 if (!simple_empty(entry)) { 1125 err = -ENOTEMPTY; 1126 goto badentry; 1127 } 1128 d_inode(entry)->i_flags |= S_DEAD; 1129 } 1130 dont_mount(entry); 1131 clear_nlink(d_inode(entry)); 1132 err = 0; 1133 badentry: 1134 inode_unlock(d_inode(entry)); 1135 if (!err) 1136 d_delete(entry); 1137 } else { 1138 err = 0; 1139 } 1140 dput(entry); 1141 1142 unlock: 1143 inode_unlock(parent); 1144 iput(parent); 1145 return err; 1146 } 1147 1148 /* 1149 * Calling into a user-controlled filesystem gives the filesystem 1150 * daemon ptrace-like capabilities over the current process. This 1151 * means, that the filesystem daemon is able to record the exact 1152 * filesystem operations performed, and can also control the behavior 1153 * of the requester process in otherwise impossible ways. For example 1154 * it can delay the operation for arbitrary length of time allowing 1155 * DoS against the requester. 1156 * 1157 * For this reason only those processes can call into the filesystem, 1158 * for which the owner of the mount has ptrace privilege. This 1159 * excludes processes started by other users, suid or sgid processes. 1160 */ 1161 int fuse_allow_current_process(struct fuse_conn *fc) 1162 { 1163 const struct cred *cred; 1164 1165 if (fc->allow_other) 1166 return current_in_userns(fc->user_ns); 1167 1168 cred = current_cred(); 1169 if (uid_eq(cred->euid, fc->user_id) && 1170 uid_eq(cred->suid, fc->user_id) && 1171 uid_eq(cred->uid, fc->user_id) && 1172 gid_eq(cred->egid, fc->group_id) && 1173 gid_eq(cred->sgid, fc->group_id) && 1174 gid_eq(cred->gid, fc->group_id)) 1175 return 1; 1176 1177 return 0; 1178 } 1179 1180 static int fuse_access(struct inode *inode, int mask) 1181 { 1182 struct fuse_mount *fm = get_fuse_mount(inode); 1183 FUSE_ARGS(args); 1184 struct fuse_access_in inarg; 1185 int err; 1186 1187 BUG_ON(mask & MAY_NOT_BLOCK); 1188 1189 if (fm->fc->no_access) 1190 return 0; 1191 1192 memset(&inarg, 0, sizeof(inarg)); 1193 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC); 1194 args.opcode = FUSE_ACCESS; 1195 args.nodeid = get_node_id(inode); 1196 args.in_numargs = 1; 1197 args.in_args[0].size = sizeof(inarg); 1198 args.in_args[0].value = &inarg; 1199 err = fuse_simple_request(fm, &args); 1200 if (err == -ENOSYS) { 1201 fm->fc->no_access = 1; 1202 err = 0; 1203 } 1204 return err; 1205 } 1206 1207 static int fuse_perm_getattr(struct inode *inode, int mask) 1208 { 1209 if (mask & MAY_NOT_BLOCK) 1210 return -ECHILD; 1211 1212 forget_all_cached_acls(inode); 1213 return fuse_do_getattr(inode, NULL, NULL); 1214 } 1215 1216 /* 1217 * Check permission. The two basic access models of FUSE are: 1218 * 1219 * 1) Local access checking ('default_permissions' mount option) based 1220 * on file mode. This is the plain old disk filesystem permission 1221 * modell. 1222 * 1223 * 2) "Remote" access checking, where server is responsible for 1224 * checking permission in each inode operation. An exception to this 1225 * is if ->permission() was invoked from sys_access() in which case an 1226 * access request is sent. Execute permission is still checked 1227 * locally based on file mode. 1228 */ 1229 static int fuse_permission(struct inode *inode, int mask) 1230 { 1231 struct fuse_conn *fc = get_fuse_conn(inode); 1232 bool refreshed = false; 1233 int err = 0; 1234 1235 if (!fuse_allow_current_process(fc)) 1236 return -EACCES; 1237 1238 /* 1239 * If attributes are needed, refresh them before proceeding 1240 */ 1241 if (fc->default_permissions || 1242 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) { 1243 struct fuse_inode *fi = get_fuse_inode(inode); 1244 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID; 1245 1246 if (perm_mask & READ_ONCE(fi->inval_mask) || 1247 time_before64(fi->i_time, get_jiffies_64())) { 1248 refreshed = true; 1249 1250 err = fuse_perm_getattr(inode, mask); 1251 if (err) 1252 return err; 1253 } 1254 } 1255 1256 if (fc->default_permissions) { 1257 err = generic_permission(inode, mask); 1258 1259 /* If permission is denied, try to refresh file 1260 attributes. This is also needed, because the root 1261 node will at first have no permissions */ 1262 if (err == -EACCES && !refreshed) { 1263 err = fuse_perm_getattr(inode, mask); 1264 if (!err) 1265 err = generic_permission(inode, mask); 1266 } 1267 1268 /* Note: the opposite of the above test does not 1269 exist. So if permissions are revoked this won't be 1270 noticed immediately, only after the attribute 1271 timeout has expired */ 1272 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) { 1273 err = fuse_access(inode, mask); 1274 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) { 1275 if (!(inode->i_mode & S_IXUGO)) { 1276 if (refreshed) 1277 return -EACCES; 1278 1279 err = fuse_perm_getattr(inode, mask); 1280 if (!err && !(inode->i_mode & S_IXUGO)) 1281 return -EACCES; 1282 } 1283 } 1284 return err; 1285 } 1286 1287 static int fuse_readlink_page(struct inode *inode, struct page *page) 1288 { 1289 struct fuse_mount *fm = get_fuse_mount(inode); 1290 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 }; 1291 struct fuse_args_pages ap = { 1292 .num_pages = 1, 1293 .pages = &page, 1294 .descs = &desc, 1295 }; 1296 char *link; 1297 ssize_t res; 1298 1299 ap.args.opcode = FUSE_READLINK; 1300 ap.args.nodeid = get_node_id(inode); 1301 ap.args.out_pages = true; 1302 ap.args.out_argvar = true; 1303 ap.args.page_zeroing = true; 1304 ap.args.out_numargs = 1; 1305 ap.args.out_args[0].size = desc.length; 1306 res = fuse_simple_request(fm, &ap.args); 1307 1308 fuse_invalidate_atime(inode); 1309 1310 if (res < 0) 1311 return res; 1312 1313 if (WARN_ON(res >= PAGE_SIZE)) 1314 return -EIO; 1315 1316 link = page_address(page); 1317 link[res] = '\0'; 1318 1319 return 0; 1320 } 1321 1322 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode, 1323 struct delayed_call *callback) 1324 { 1325 struct fuse_conn *fc = get_fuse_conn(inode); 1326 struct page *page; 1327 int err; 1328 1329 err = -EIO; 1330 if (is_bad_inode(inode)) 1331 goto out_err; 1332 1333 if (fc->cache_symlinks) 1334 return page_get_link(dentry, inode, callback); 1335 1336 err = -ECHILD; 1337 if (!dentry) 1338 goto out_err; 1339 1340 page = alloc_page(GFP_KERNEL); 1341 err = -ENOMEM; 1342 if (!page) 1343 goto out_err; 1344 1345 err = fuse_readlink_page(inode, page); 1346 if (err) { 1347 __free_page(page); 1348 goto out_err; 1349 } 1350 1351 set_delayed_call(callback, page_put_link, page); 1352 1353 return page_address(page); 1354 1355 out_err: 1356 return ERR_PTR(err); 1357 } 1358 1359 static int fuse_dir_open(struct inode *inode, struct file *file) 1360 { 1361 return fuse_open_common(inode, file, true); 1362 } 1363 1364 static int fuse_dir_release(struct inode *inode, struct file *file) 1365 { 1366 fuse_release_common(file, true); 1367 1368 return 0; 1369 } 1370 1371 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end, 1372 int datasync) 1373 { 1374 struct inode *inode = file->f_mapping->host; 1375 struct fuse_conn *fc = get_fuse_conn(inode); 1376 int err; 1377 1378 if (is_bad_inode(inode)) 1379 return -EIO; 1380 1381 if (fc->no_fsyncdir) 1382 return 0; 1383 1384 inode_lock(inode); 1385 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR); 1386 if (err == -ENOSYS) { 1387 fc->no_fsyncdir = 1; 1388 err = 0; 1389 } 1390 inode_unlock(inode); 1391 1392 return err; 1393 } 1394 1395 static long fuse_dir_ioctl(struct file *file, unsigned int cmd, 1396 unsigned long arg) 1397 { 1398 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host); 1399 1400 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */ 1401 if (fc->minor < 18) 1402 return -ENOTTY; 1403 1404 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR); 1405 } 1406 1407 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd, 1408 unsigned long arg) 1409 { 1410 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host); 1411 1412 if (fc->minor < 18) 1413 return -ENOTTY; 1414 1415 return fuse_ioctl_common(file, cmd, arg, 1416 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR); 1417 } 1418 1419 static bool update_mtime(unsigned ivalid, bool trust_local_mtime) 1420 { 1421 /* Always update if mtime is explicitly set */ 1422 if (ivalid & ATTR_MTIME_SET) 1423 return true; 1424 1425 /* Or if kernel i_mtime is the official one */ 1426 if (trust_local_mtime) 1427 return true; 1428 1429 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */ 1430 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE))) 1431 return false; 1432 1433 /* In all other cases update */ 1434 return true; 1435 } 1436 1437 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr, 1438 struct fuse_setattr_in *arg, bool trust_local_cmtime) 1439 { 1440 unsigned ivalid = iattr->ia_valid; 1441 1442 if (ivalid & ATTR_MODE) 1443 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode; 1444 if (ivalid & ATTR_UID) 1445 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid); 1446 if (ivalid & ATTR_GID) 1447 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid); 1448 if (ivalid & ATTR_SIZE) 1449 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size; 1450 if (ivalid & ATTR_ATIME) { 1451 arg->valid |= FATTR_ATIME; 1452 arg->atime = iattr->ia_atime.tv_sec; 1453 arg->atimensec = iattr->ia_atime.tv_nsec; 1454 if (!(ivalid & ATTR_ATIME_SET)) 1455 arg->valid |= FATTR_ATIME_NOW; 1456 } 1457 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) { 1458 arg->valid |= FATTR_MTIME; 1459 arg->mtime = iattr->ia_mtime.tv_sec; 1460 arg->mtimensec = iattr->ia_mtime.tv_nsec; 1461 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime) 1462 arg->valid |= FATTR_MTIME_NOW; 1463 } 1464 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) { 1465 arg->valid |= FATTR_CTIME; 1466 arg->ctime = iattr->ia_ctime.tv_sec; 1467 arg->ctimensec = iattr->ia_ctime.tv_nsec; 1468 } 1469 } 1470 1471 /* 1472 * Prevent concurrent writepages on inode 1473 * 1474 * This is done by adding a negative bias to the inode write counter 1475 * and waiting for all pending writes to finish. 1476 */ 1477 void fuse_set_nowrite(struct inode *inode) 1478 { 1479 struct fuse_inode *fi = get_fuse_inode(inode); 1480 1481 BUG_ON(!inode_is_locked(inode)); 1482 1483 spin_lock(&fi->lock); 1484 BUG_ON(fi->writectr < 0); 1485 fi->writectr += FUSE_NOWRITE; 1486 spin_unlock(&fi->lock); 1487 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE); 1488 } 1489 1490 /* 1491 * Allow writepages on inode 1492 * 1493 * Remove the bias from the writecounter and send any queued 1494 * writepages. 1495 */ 1496 static void __fuse_release_nowrite(struct inode *inode) 1497 { 1498 struct fuse_inode *fi = get_fuse_inode(inode); 1499 1500 BUG_ON(fi->writectr != FUSE_NOWRITE); 1501 fi->writectr = 0; 1502 fuse_flush_writepages(inode); 1503 } 1504 1505 void fuse_release_nowrite(struct inode *inode) 1506 { 1507 struct fuse_inode *fi = get_fuse_inode(inode); 1508 1509 spin_lock(&fi->lock); 1510 __fuse_release_nowrite(inode); 1511 spin_unlock(&fi->lock); 1512 } 1513 1514 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args, 1515 struct inode *inode, 1516 struct fuse_setattr_in *inarg_p, 1517 struct fuse_attr_out *outarg_p) 1518 { 1519 args->opcode = FUSE_SETATTR; 1520 args->nodeid = get_node_id(inode); 1521 args->in_numargs = 1; 1522 args->in_args[0].size = sizeof(*inarg_p); 1523 args->in_args[0].value = inarg_p; 1524 args->out_numargs = 1; 1525 args->out_args[0].size = sizeof(*outarg_p); 1526 args->out_args[0].value = outarg_p; 1527 } 1528 1529 /* 1530 * Flush inode->i_mtime to the server 1531 */ 1532 int fuse_flush_times(struct inode *inode, struct fuse_file *ff) 1533 { 1534 struct fuse_mount *fm = get_fuse_mount(inode); 1535 FUSE_ARGS(args); 1536 struct fuse_setattr_in inarg; 1537 struct fuse_attr_out outarg; 1538 1539 memset(&inarg, 0, sizeof(inarg)); 1540 memset(&outarg, 0, sizeof(outarg)); 1541 1542 inarg.valid = FATTR_MTIME; 1543 inarg.mtime = inode->i_mtime.tv_sec; 1544 inarg.mtimensec = inode->i_mtime.tv_nsec; 1545 if (fm->fc->minor >= 23) { 1546 inarg.valid |= FATTR_CTIME; 1547 inarg.ctime = inode->i_ctime.tv_sec; 1548 inarg.ctimensec = inode->i_ctime.tv_nsec; 1549 } 1550 if (ff) { 1551 inarg.valid |= FATTR_FH; 1552 inarg.fh = ff->fh; 1553 } 1554 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg); 1555 1556 return fuse_simple_request(fm, &args); 1557 } 1558 1559 /* 1560 * Set attributes, and at the same time refresh them. 1561 * 1562 * Truncation is slightly complicated, because the 'truncate' request 1563 * may fail, in which case we don't want to touch the mapping. 1564 * vmtruncate() doesn't allow for this case, so do the rlimit checking 1565 * and the actual truncation by hand. 1566 */ 1567 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr, 1568 struct file *file) 1569 { 1570 struct inode *inode = d_inode(dentry); 1571 struct fuse_mount *fm = get_fuse_mount(inode); 1572 struct fuse_conn *fc = fm->fc; 1573 struct fuse_inode *fi = get_fuse_inode(inode); 1574 FUSE_ARGS(args); 1575 struct fuse_setattr_in inarg; 1576 struct fuse_attr_out outarg; 1577 bool is_truncate = false; 1578 bool is_wb = fc->writeback_cache; 1579 loff_t oldsize; 1580 int err; 1581 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode); 1582 bool fault_blocked = false; 1583 1584 if (!fc->default_permissions) 1585 attr->ia_valid |= ATTR_FORCE; 1586 1587 err = setattr_prepare(dentry, attr); 1588 if (err) 1589 return err; 1590 1591 if (attr->ia_valid & ATTR_SIZE) { 1592 if (WARN_ON(!S_ISREG(inode->i_mode))) 1593 return -EIO; 1594 is_truncate = true; 1595 } 1596 1597 if (FUSE_IS_DAX(inode) && is_truncate) { 1598 down_write(&fi->i_mmap_sem); 1599 fault_blocked = true; 1600 err = fuse_dax_break_layouts(inode, 0, 0); 1601 if (err) { 1602 up_write(&fi->i_mmap_sem); 1603 return err; 1604 } 1605 } 1606 1607 if (attr->ia_valid & ATTR_OPEN) { 1608 /* This is coming from open(..., ... | O_TRUNC); */ 1609 WARN_ON(!(attr->ia_valid & ATTR_SIZE)); 1610 WARN_ON(attr->ia_size != 0); 1611 if (fc->atomic_o_trunc) { 1612 /* 1613 * No need to send request to userspace, since actual 1614 * truncation has already been done by OPEN. But still 1615 * need to truncate page cache. 1616 */ 1617 i_size_write(inode, 0); 1618 truncate_pagecache(inode, 0); 1619 goto out; 1620 } 1621 file = NULL; 1622 } 1623 1624 /* Flush dirty data/metadata before non-truncate SETATTR */ 1625 if (is_wb && S_ISREG(inode->i_mode) && 1626 attr->ia_valid & 1627 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET | 1628 ATTR_TIMES_SET)) { 1629 err = write_inode_now(inode, true); 1630 if (err) 1631 return err; 1632 1633 fuse_set_nowrite(inode); 1634 fuse_release_nowrite(inode); 1635 } 1636 1637 if (is_truncate) { 1638 fuse_set_nowrite(inode); 1639 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state); 1640 if (trust_local_cmtime && attr->ia_size != inode->i_size) 1641 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME; 1642 } 1643 1644 memset(&inarg, 0, sizeof(inarg)); 1645 memset(&outarg, 0, sizeof(outarg)); 1646 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime); 1647 if (file) { 1648 struct fuse_file *ff = file->private_data; 1649 inarg.valid |= FATTR_FH; 1650 inarg.fh = ff->fh; 1651 } 1652 if (attr->ia_valid & ATTR_SIZE) { 1653 /* For mandatory locking in truncate */ 1654 inarg.valid |= FATTR_LOCKOWNER; 1655 inarg.lock_owner = fuse_lock_owner_id(fc, current->files); 1656 } 1657 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg); 1658 err = fuse_simple_request(fm, &args); 1659 if (err) { 1660 if (err == -EINTR) 1661 fuse_invalidate_attr(inode); 1662 goto error; 1663 } 1664 1665 if (fuse_invalid_attr(&outarg.attr) || 1666 (inode->i_mode ^ outarg.attr.mode) & S_IFMT) { 1667 make_bad_inode(inode); 1668 err = -EIO; 1669 goto error; 1670 } 1671 1672 spin_lock(&fi->lock); 1673 /* the kernel maintains i_mtime locally */ 1674 if (trust_local_cmtime) { 1675 if (attr->ia_valid & ATTR_MTIME) 1676 inode->i_mtime = attr->ia_mtime; 1677 if (attr->ia_valid & ATTR_CTIME) 1678 inode->i_ctime = attr->ia_ctime; 1679 /* FIXME: clear I_DIRTY_SYNC? */ 1680 } 1681 1682 fuse_change_attributes_common(inode, &outarg.attr, 1683 attr_timeout(&outarg)); 1684 oldsize = inode->i_size; 1685 /* see the comment in fuse_change_attributes() */ 1686 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode)) 1687 i_size_write(inode, outarg.attr.size); 1688 1689 if (is_truncate) { 1690 /* NOTE: this may release/reacquire fi->lock */ 1691 __fuse_release_nowrite(inode); 1692 } 1693 spin_unlock(&fi->lock); 1694 1695 /* 1696 * Only call invalidate_inode_pages2() after removing 1697 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock. 1698 */ 1699 if ((is_truncate || !is_wb) && 1700 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) { 1701 truncate_pagecache(inode, outarg.attr.size); 1702 invalidate_inode_pages2(inode->i_mapping); 1703 } 1704 1705 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state); 1706 out: 1707 if (fault_blocked) 1708 up_write(&fi->i_mmap_sem); 1709 1710 return 0; 1711 1712 error: 1713 if (is_truncate) 1714 fuse_release_nowrite(inode); 1715 1716 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state); 1717 1718 if (fault_blocked) 1719 up_write(&fi->i_mmap_sem); 1720 return err; 1721 } 1722 1723 static int fuse_setattr(struct dentry *entry, struct iattr *attr) 1724 { 1725 struct inode *inode = d_inode(entry); 1726 struct fuse_conn *fc = get_fuse_conn(inode); 1727 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL; 1728 int ret; 1729 1730 if (!fuse_allow_current_process(get_fuse_conn(inode))) 1731 return -EACCES; 1732 1733 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) { 1734 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID | 1735 ATTR_MODE); 1736 1737 /* 1738 * The only sane way to reliably kill suid/sgid is to do it in 1739 * the userspace filesystem 1740 * 1741 * This should be done on write(), truncate() and chown(). 1742 */ 1743 if (!fc->handle_killpriv) { 1744 /* 1745 * ia_mode calculation may have used stale i_mode. 1746 * Refresh and recalculate. 1747 */ 1748 ret = fuse_do_getattr(inode, NULL, file); 1749 if (ret) 1750 return ret; 1751 1752 attr->ia_mode = inode->i_mode; 1753 if (inode->i_mode & S_ISUID) { 1754 attr->ia_valid |= ATTR_MODE; 1755 attr->ia_mode &= ~S_ISUID; 1756 } 1757 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { 1758 attr->ia_valid |= ATTR_MODE; 1759 attr->ia_mode &= ~S_ISGID; 1760 } 1761 } 1762 } 1763 if (!attr->ia_valid) 1764 return 0; 1765 1766 ret = fuse_do_setattr(entry, attr, file); 1767 if (!ret) { 1768 /* 1769 * If filesystem supports acls it may have updated acl xattrs in 1770 * the filesystem, so forget cached acls for the inode. 1771 */ 1772 if (fc->posix_acl) 1773 forget_all_cached_acls(inode); 1774 1775 /* Directory mode changed, may need to revalidate access */ 1776 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE)) 1777 fuse_invalidate_entry_cache(entry); 1778 } 1779 return ret; 1780 } 1781 1782 static int fuse_getattr(const struct path *path, struct kstat *stat, 1783 u32 request_mask, unsigned int flags) 1784 { 1785 struct inode *inode = d_inode(path->dentry); 1786 struct fuse_conn *fc = get_fuse_conn(inode); 1787 1788 if (!fuse_allow_current_process(fc)) { 1789 if (!request_mask) { 1790 /* 1791 * If user explicitly requested *nothing* then don't 1792 * error out, but return st_dev only. 1793 */ 1794 stat->result_mask = 0; 1795 stat->dev = inode->i_sb->s_dev; 1796 return 0; 1797 } 1798 return -EACCES; 1799 } 1800 1801 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags); 1802 } 1803 1804 static const struct inode_operations fuse_dir_inode_operations = { 1805 .lookup = fuse_lookup, 1806 .mkdir = fuse_mkdir, 1807 .symlink = fuse_symlink, 1808 .unlink = fuse_unlink, 1809 .rmdir = fuse_rmdir, 1810 .rename = fuse_rename2, 1811 .link = fuse_link, 1812 .setattr = fuse_setattr, 1813 .create = fuse_create, 1814 .atomic_open = fuse_atomic_open, 1815 .mknod = fuse_mknod, 1816 .permission = fuse_permission, 1817 .getattr = fuse_getattr, 1818 .listxattr = fuse_listxattr, 1819 .get_acl = fuse_get_acl, 1820 .set_acl = fuse_set_acl, 1821 }; 1822 1823 static const struct file_operations fuse_dir_operations = { 1824 .llseek = generic_file_llseek, 1825 .read = generic_read_dir, 1826 .iterate_shared = fuse_readdir, 1827 .open = fuse_dir_open, 1828 .release = fuse_dir_release, 1829 .fsync = fuse_dir_fsync, 1830 .unlocked_ioctl = fuse_dir_ioctl, 1831 .compat_ioctl = fuse_dir_compat_ioctl, 1832 }; 1833 1834 static const struct inode_operations fuse_common_inode_operations = { 1835 .setattr = fuse_setattr, 1836 .permission = fuse_permission, 1837 .getattr = fuse_getattr, 1838 .listxattr = fuse_listxattr, 1839 .get_acl = fuse_get_acl, 1840 .set_acl = fuse_set_acl, 1841 }; 1842 1843 static const struct inode_operations fuse_symlink_inode_operations = { 1844 .setattr = fuse_setattr, 1845 .get_link = fuse_get_link, 1846 .getattr = fuse_getattr, 1847 .listxattr = fuse_listxattr, 1848 }; 1849 1850 void fuse_init_common(struct inode *inode) 1851 { 1852 inode->i_op = &fuse_common_inode_operations; 1853 } 1854 1855 void fuse_init_dir(struct inode *inode) 1856 { 1857 struct fuse_inode *fi = get_fuse_inode(inode); 1858 1859 inode->i_op = &fuse_dir_inode_operations; 1860 inode->i_fop = &fuse_dir_operations; 1861 1862 spin_lock_init(&fi->rdc.lock); 1863 fi->rdc.cached = false; 1864 fi->rdc.size = 0; 1865 fi->rdc.pos = 0; 1866 fi->rdc.version = 0; 1867 } 1868 1869 static int fuse_symlink_readpage(struct file *null, struct page *page) 1870 { 1871 int err = fuse_readlink_page(page->mapping->host, page); 1872 1873 if (!err) 1874 SetPageUptodate(page); 1875 1876 unlock_page(page); 1877 1878 return err; 1879 } 1880 1881 static const struct address_space_operations fuse_symlink_aops = { 1882 .readpage = fuse_symlink_readpage, 1883 }; 1884 1885 void fuse_init_symlink(struct inode *inode) 1886 { 1887 inode->i_op = &fuse_symlink_inode_operations; 1888 inode->i_data.a_ops = &fuse_symlink_aops; 1889 inode_nohighmem(inode); 1890 } 1891