1 /* 2 * linux/fs/proc/inode.c 3 * 4 * Copyright (C) 1991, 1992 Linus Torvalds 5 */ 6 7 #include <linux/time.h> 8 #include <linux/proc_fs.h> 9 #include <linux/kernel.h> 10 #include <linux/pid_namespace.h> 11 #include <linux/mm.h> 12 #include <linux/string.h> 13 #include <linux/stat.h> 14 #include <linux/completion.h> 15 #include <linux/poll.h> 16 #include <linux/printk.h> 17 #include <linux/file.h> 18 #include <linux/limits.h> 19 #include <linux/init.h> 20 #include <linux/module.h> 21 #include <linux/sysctl.h> 22 #include <linux/seq_file.h> 23 #include <linux/slab.h> 24 #include <linux/mount.h> 25 26 #include <asm/uaccess.h> 27 28 #include "internal.h" 29 30 static void proc_evict_inode(struct inode *inode) 31 { 32 struct proc_dir_entry *de; 33 struct ctl_table_header *head; 34 const struct proc_ns_operations *ns_ops; 35 void *ns; 36 37 truncate_inode_pages(&inode->i_data, 0); 38 clear_inode(inode); 39 40 /* Stop tracking associated processes */ 41 put_pid(PROC_I(inode)->pid); 42 43 /* Let go of any associated proc directory entry */ 44 de = PROC_I(inode)->pde; 45 if (de) 46 pde_put(de); 47 head = PROC_I(inode)->sysctl; 48 if (head) { 49 rcu_assign_pointer(PROC_I(inode)->sysctl, NULL); 50 sysctl_head_put(head); 51 } 52 /* Release any associated namespace */ 53 ns_ops = PROC_I(inode)->ns_ops; 54 ns = PROC_I(inode)->ns; 55 if (ns_ops && ns) 56 ns_ops->put(ns); 57 } 58 59 static struct kmem_cache * proc_inode_cachep; 60 61 static struct inode *proc_alloc_inode(struct super_block *sb) 62 { 63 struct proc_inode *ei; 64 struct inode *inode; 65 66 ei = (struct proc_inode *)kmem_cache_alloc(proc_inode_cachep, GFP_KERNEL); 67 if (!ei) 68 return NULL; 69 ei->pid = NULL; 70 ei->fd = 0; 71 ei->op.proc_get_link = NULL; 72 ei->pde = NULL; 73 ei->sysctl = NULL; 74 ei->sysctl_entry = NULL; 75 ei->ns = NULL; 76 ei->ns_ops = NULL; 77 inode = &ei->vfs_inode; 78 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; 79 return inode; 80 } 81 82 static void proc_i_callback(struct rcu_head *head) 83 { 84 struct inode *inode = container_of(head, struct inode, i_rcu); 85 kmem_cache_free(proc_inode_cachep, PROC_I(inode)); 86 } 87 88 static void proc_destroy_inode(struct inode *inode) 89 { 90 call_rcu(&inode->i_rcu, proc_i_callback); 91 } 92 93 static void init_once(void *foo) 94 { 95 struct proc_inode *ei = (struct proc_inode *) foo; 96 97 inode_init_once(&ei->vfs_inode); 98 } 99 100 void __init proc_init_inodecache(void) 101 { 102 proc_inode_cachep = kmem_cache_create("proc_inode_cache", 103 sizeof(struct proc_inode), 104 0, (SLAB_RECLAIM_ACCOUNT| 105 SLAB_MEM_SPREAD|SLAB_PANIC), 106 init_once); 107 } 108 109 static int proc_show_options(struct seq_file *seq, struct dentry *root) 110 { 111 struct super_block *sb = root->d_sb; 112 struct pid_namespace *pid = sb->s_fs_info; 113 114 if (!gid_eq(pid->pid_gid, GLOBAL_ROOT_GID)) 115 seq_printf(seq, ",gid=%u", from_kgid_munged(&init_user_ns, pid->pid_gid)); 116 if (pid->hide_pid != 0) 117 seq_printf(seq, ",hidepid=%u", pid->hide_pid); 118 119 return 0; 120 } 121 122 static const struct super_operations proc_sops = { 123 .alloc_inode = proc_alloc_inode, 124 .destroy_inode = proc_destroy_inode, 125 .drop_inode = generic_delete_inode, 126 .evict_inode = proc_evict_inode, 127 .statfs = simple_statfs, 128 .remount_fs = proc_remount, 129 .show_options = proc_show_options, 130 }; 131 132 static void __pde_users_dec(struct proc_dir_entry *pde) 133 { 134 pde->pde_users--; 135 if (pde->pde_unload_completion && pde->pde_users == 0) 136 complete(pde->pde_unload_completion); 137 } 138 139 void pde_users_dec(struct proc_dir_entry *pde) 140 { 141 spin_lock(&pde->pde_unload_lock); 142 __pde_users_dec(pde); 143 spin_unlock(&pde->pde_unload_lock); 144 } 145 146 static loff_t proc_reg_llseek(struct file *file, loff_t offset, int whence) 147 { 148 struct proc_dir_entry *pde = PDE(file_inode(file)); 149 loff_t rv = -EINVAL; 150 loff_t (*llseek)(struct file *, loff_t, int); 151 152 spin_lock(&pde->pde_unload_lock); 153 /* 154 * remove_proc_entry() is going to delete PDE (as part of module 155 * cleanup sequence). No new callers into module allowed. 156 */ 157 if (!pde->proc_fops) { 158 spin_unlock(&pde->pde_unload_lock); 159 return rv; 160 } 161 /* 162 * Bump refcount so that remove_proc_entry will wail for ->llseek to 163 * complete. 164 */ 165 pde->pde_users++; 166 /* 167 * Save function pointer under lock, to protect against ->proc_fops 168 * NULL'ifying right after ->pde_unload_lock is dropped. 169 */ 170 llseek = pde->proc_fops->llseek; 171 spin_unlock(&pde->pde_unload_lock); 172 173 if (!llseek) 174 llseek = default_llseek; 175 rv = llseek(file, offset, whence); 176 177 pde_users_dec(pde); 178 return rv; 179 } 180 181 static ssize_t proc_reg_read(struct file *file, char __user *buf, size_t count, loff_t *ppos) 182 { 183 struct proc_dir_entry *pde = PDE(file_inode(file)); 184 ssize_t rv = -EIO; 185 ssize_t (*read)(struct file *, char __user *, size_t, loff_t *); 186 187 spin_lock(&pde->pde_unload_lock); 188 if (!pde->proc_fops) { 189 spin_unlock(&pde->pde_unload_lock); 190 return rv; 191 } 192 pde->pde_users++; 193 read = pde->proc_fops->read; 194 spin_unlock(&pde->pde_unload_lock); 195 196 if (read) 197 rv = read(file, buf, count, ppos); 198 199 pde_users_dec(pde); 200 return rv; 201 } 202 203 static ssize_t proc_reg_write(struct file *file, const char __user *buf, size_t count, loff_t *ppos) 204 { 205 struct proc_dir_entry *pde = PDE(file_inode(file)); 206 ssize_t rv = -EIO; 207 ssize_t (*write)(struct file *, const char __user *, size_t, loff_t *); 208 209 spin_lock(&pde->pde_unload_lock); 210 if (!pde->proc_fops) { 211 spin_unlock(&pde->pde_unload_lock); 212 return rv; 213 } 214 pde->pde_users++; 215 write = pde->proc_fops->write; 216 spin_unlock(&pde->pde_unload_lock); 217 218 if (write) 219 rv = write(file, buf, count, ppos); 220 221 pde_users_dec(pde); 222 return rv; 223 } 224 225 static unsigned int proc_reg_poll(struct file *file, struct poll_table_struct *pts) 226 { 227 struct proc_dir_entry *pde = PDE(file_inode(file)); 228 unsigned int rv = DEFAULT_POLLMASK; 229 unsigned int (*poll)(struct file *, struct poll_table_struct *); 230 231 spin_lock(&pde->pde_unload_lock); 232 if (!pde->proc_fops) { 233 spin_unlock(&pde->pde_unload_lock); 234 return rv; 235 } 236 pde->pde_users++; 237 poll = pde->proc_fops->poll; 238 spin_unlock(&pde->pde_unload_lock); 239 240 if (poll) 241 rv = poll(file, pts); 242 243 pde_users_dec(pde); 244 return rv; 245 } 246 247 static long proc_reg_unlocked_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 248 { 249 struct proc_dir_entry *pde = PDE(file_inode(file)); 250 long rv = -ENOTTY; 251 long (*ioctl)(struct file *, unsigned int, unsigned long); 252 253 spin_lock(&pde->pde_unload_lock); 254 if (!pde->proc_fops) { 255 spin_unlock(&pde->pde_unload_lock); 256 return rv; 257 } 258 pde->pde_users++; 259 ioctl = pde->proc_fops->unlocked_ioctl; 260 spin_unlock(&pde->pde_unload_lock); 261 262 if (ioctl) 263 rv = ioctl(file, cmd, arg); 264 265 pde_users_dec(pde); 266 return rv; 267 } 268 269 #ifdef CONFIG_COMPAT 270 static long proc_reg_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 271 { 272 struct proc_dir_entry *pde = PDE(file_inode(file)); 273 long rv = -ENOTTY; 274 long (*compat_ioctl)(struct file *, unsigned int, unsigned long); 275 276 spin_lock(&pde->pde_unload_lock); 277 if (!pde->proc_fops) { 278 spin_unlock(&pde->pde_unload_lock); 279 return rv; 280 } 281 pde->pde_users++; 282 compat_ioctl = pde->proc_fops->compat_ioctl; 283 spin_unlock(&pde->pde_unload_lock); 284 285 if (compat_ioctl) 286 rv = compat_ioctl(file, cmd, arg); 287 288 pde_users_dec(pde); 289 return rv; 290 } 291 #endif 292 293 static int proc_reg_mmap(struct file *file, struct vm_area_struct *vma) 294 { 295 struct proc_dir_entry *pde = PDE(file_inode(file)); 296 int rv = -EIO; 297 int (*mmap)(struct file *, struct vm_area_struct *); 298 299 spin_lock(&pde->pde_unload_lock); 300 if (!pde->proc_fops) { 301 spin_unlock(&pde->pde_unload_lock); 302 return rv; 303 } 304 pde->pde_users++; 305 mmap = pde->proc_fops->mmap; 306 spin_unlock(&pde->pde_unload_lock); 307 308 if (mmap) 309 rv = mmap(file, vma); 310 311 pde_users_dec(pde); 312 return rv; 313 } 314 315 static int proc_reg_open(struct inode *inode, struct file *file) 316 { 317 struct proc_dir_entry *pde = PDE(inode); 318 int rv = 0; 319 int (*open)(struct inode *, struct file *); 320 int (*release)(struct inode *, struct file *); 321 struct pde_opener *pdeo; 322 323 /* 324 * What for, you ask? Well, we can have open, rmmod, remove_proc_entry 325 * sequence. ->release won't be called because ->proc_fops will be 326 * cleared. Depending on complexity of ->release, consequences vary. 327 * 328 * We can't wait for mercy when close will be done for real, it's 329 * deadlockable: rmmod foo </proc/foo . So, we're going to do ->release 330 * by hand in remove_proc_entry(). For this, save opener's credentials 331 * for later. 332 */ 333 pdeo = kmalloc(sizeof(struct pde_opener), GFP_KERNEL); 334 if (!pdeo) 335 return -ENOMEM; 336 337 spin_lock(&pde->pde_unload_lock); 338 if (!pde->proc_fops) { 339 spin_unlock(&pde->pde_unload_lock); 340 kfree(pdeo); 341 return -ENOENT; 342 } 343 pde->pde_users++; 344 open = pde->proc_fops->open; 345 release = pde->proc_fops->release; 346 spin_unlock(&pde->pde_unload_lock); 347 348 if (open) 349 rv = open(inode, file); 350 351 spin_lock(&pde->pde_unload_lock); 352 if (rv == 0 && release) { 353 /* To know what to release. */ 354 pdeo->inode = inode; 355 pdeo->file = file; 356 /* Strictly for "too late" ->release in proc_reg_release(). */ 357 pdeo->release = release; 358 list_add(&pdeo->lh, &pde->pde_openers); 359 } else 360 kfree(pdeo); 361 __pde_users_dec(pde); 362 spin_unlock(&pde->pde_unload_lock); 363 return rv; 364 } 365 366 static struct pde_opener *find_pde_opener(struct proc_dir_entry *pde, 367 struct inode *inode, struct file *file) 368 { 369 struct pde_opener *pdeo; 370 371 list_for_each_entry(pdeo, &pde->pde_openers, lh) { 372 if (pdeo->inode == inode && pdeo->file == file) 373 return pdeo; 374 } 375 return NULL; 376 } 377 378 static int proc_reg_release(struct inode *inode, struct file *file) 379 { 380 struct proc_dir_entry *pde = PDE(inode); 381 int rv = 0; 382 int (*release)(struct inode *, struct file *); 383 struct pde_opener *pdeo; 384 385 spin_lock(&pde->pde_unload_lock); 386 pdeo = find_pde_opener(pde, inode, file); 387 if (!pde->proc_fops) { 388 /* 389 * Can't simply exit, __fput() will think that everything is OK, 390 * and move on to freeing struct file. remove_proc_entry() will 391 * find slacker in opener's list and will try to do non-trivial 392 * things with struct file. Therefore, remove opener from list. 393 * 394 * But if opener is removed from list, who will ->release it? 395 */ 396 if (pdeo) { 397 list_del(&pdeo->lh); 398 spin_unlock(&pde->pde_unload_lock); 399 rv = pdeo->release(inode, file); 400 kfree(pdeo); 401 } else 402 spin_unlock(&pde->pde_unload_lock); 403 return rv; 404 } 405 pde->pde_users++; 406 release = pde->proc_fops->release; 407 if (pdeo) { 408 list_del(&pdeo->lh); 409 kfree(pdeo); 410 } 411 spin_unlock(&pde->pde_unload_lock); 412 413 if (release) 414 rv = release(inode, file); 415 416 pde_users_dec(pde); 417 return rv; 418 } 419 420 static const struct file_operations proc_reg_file_ops = { 421 .llseek = proc_reg_llseek, 422 .read = proc_reg_read, 423 .write = proc_reg_write, 424 .poll = proc_reg_poll, 425 .unlocked_ioctl = proc_reg_unlocked_ioctl, 426 #ifdef CONFIG_COMPAT 427 .compat_ioctl = proc_reg_compat_ioctl, 428 #endif 429 .mmap = proc_reg_mmap, 430 .open = proc_reg_open, 431 .release = proc_reg_release, 432 }; 433 434 #ifdef CONFIG_COMPAT 435 static const struct file_operations proc_reg_file_ops_no_compat = { 436 .llseek = proc_reg_llseek, 437 .read = proc_reg_read, 438 .write = proc_reg_write, 439 .poll = proc_reg_poll, 440 .unlocked_ioctl = proc_reg_unlocked_ioctl, 441 .mmap = proc_reg_mmap, 442 .open = proc_reg_open, 443 .release = proc_reg_release, 444 }; 445 #endif 446 447 struct inode *proc_get_inode(struct super_block *sb, struct proc_dir_entry *de) 448 { 449 struct inode *inode = iget_locked(sb, de->low_ino); 450 451 if (inode && (inode->i_state & I_NEW)) { 452 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; 453 PROC_I(inode)->pde = de; 454 455 if (de->mode) { 456 inode->i_mode = de->mode; 457 inode->i_uid = de->uid; 458 inode->i_gid = de->gid; 459 } 460 if (de->size) 461 inode->i_size = de->size; 462 if (de->nlink) 463 set_nlink(inode, de->nlink); 464 if (de->proc_iops) 465 inode->i_op = de->proc_iops; 466 if (de->proc_fops) { 467 if (S_ISREG(inode->i_mode)) { 468 #ifdef CONFIG_COMPAT 469 if (!de->proc_fops->compat_ioctl) 470 inode->i_fop = 471 &proc_reg_file_ops_no_compat; 472 else 473 #endif 474 inode->i_fop = &proc_reg_file_ops; 475 } else { 476 inode->i_fop = de->proc_fops; 477 } 478 } 479 unlock_new_inode(inode); 480 } else 481 pde_put(de); 482 return inode; 483 } 484 485 int proc_fill_super(struct super_block *s) 486 { 487 struct inode *root_inode; 488 489 s->s_flags |= MS_NODIRATIME | MS_NOSUID | MS_NOEXEC; 490 s->s_blocksize = 1024; 491 s->s_blocksize_bits = 10; 492 s->s_magic = PROC_SUPER_MAGIC; 493 s->s_op = &proc_sops; 494 s->s_time_gran = 1; 495 496 pde_get(&proc_root); 497 root_inode = proc_get_inode(s, &proc_root); 498 if (!root_inode) { 499 pr_err("proc_fill_super: get root inode failed\n"); 500 return -ENOMEM; 501 } 502 503 s->s_root = d_make_root(root_inode); 504 if (!s->s_root) { 505 pr_err("proc_fill_super: allocate dentry failed\n"); 506 return -ENOMEM; 507 } 508 509 return 0; 510 } 511