Loading...
1/*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7*/
8
9#include "fuse_i.h"
10
11#include <linux/pagemap.h>
12#include <linux/file.h>
13#include <linux/sched.h>
14#include <linux/namei.h>
15#include <linux/slab.h>
16
17#if BITS_PER_LONG >= 64
18static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
19{
20 entry->d_time = time;
21}
22
23static inline u64 fuse_dentry_time(struct dentry *entry)
24{
25 return entry->d_time;
26}
27#else
28/*
29 * On 32 bit archs store the high 32 bits of time in d_fsdata
30 */
31static void fuse_dentry_settime(struct dentry *entry, u64 time)
32{
33 entry->d_time = time;
34 entry->d_fsdata = (void *) (unsigned long) (time >> 32);
35}
36
37static u64 fuse_dentry_time(struct dentry *entry)
38{
39 return (u64) entry->d_time +
40 ((u64) (unsigned long) entry->d_fsdata << 32);
41}
42#endif
43
44/*
45 * FUSE caches dentries and attributes with separate timeout. The
46 * time in jiffies until the dentry/attributes are valid is stored in
47 * dentry->d_time and fuse_inode->i_time respectively.
48 */
49
50/*
51 * Calculate the time in jiffies until a dentry/attributes are valid
52 */
53static u64 time_to_jiffies(unsigned long sec, unsigned long nsec)
54{
55 if (sec || nsec) {
56 struct timespec ts = {sec, nsec};
57 return get_jiffies_64() + timespec_to_jiffies(&ts);
58 } else
59 return 0;
60}
61
62/*
63 * Set dentry and possibly attribute timeouts from the lookup/mk*
64 * replies
65 */
66static void fuse_change_entry_timeout(struct dentry *entry,
67 struct fuse_entry_out *o)
68{
69 fuse_dentry_settime(entry,
70 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
71}
72
73static u64 attr_timeout(struct fuse_attr_out *o)
74{
75 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
76}
77
78static u64 entry_attr_timeout(struct fuse_entry_out *o)
79{
80 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
81}
82
83/*
84 * Mark the attributes as stale, so that at the next call to
85 * ->getattr() they will be fetched from userspace
86 */
87void fuse_invalidate_attr(struct inode *inode)
88{
89 get_fuse_inode(inode)->i_time = 0;
90}
91
92/*
93 * Just mark the entry as stale, so that a next attempt to look it up
94 * will result in a new lookup call to userspace
95 *
96 * This is called when a dentry is about to become negative and the
97 * timeout is unknown (unlink, rmdir, rename and in some cases
98 * lookup)
99 */
100void fuse_invalidate_entry_cache(struct dentry *entry)
101{
102 fuse_dentry_settime(entry, 0);
103}
104
105/*
106 * Same as fuse_invalidate_entry_cache(), but also try to remove the
107 * dentry from the hash
108 */
109static void fuse_invalidate_entry(struct dentry *entry)
110{
111 d_invalidate(entry);
112 fuse_invalidate_entry_cache(entry);
113}
114
115static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_req *req,
116 u64 nodeid, struct qstr *name,
117 struct fuse_entry_out *outarg)
118{
119 memset(outarg, 0, sizeof(struct fuse_entry_out));
120 req->in.h.opcode = FUSE_LOOKUP;
121 req->in.h.nodeid = nodeid;
122 req->in.numargs = 1;
123 req->in.args[0].size = name->len + 1;
124 req->in.args[0].value = name->name;
125 req->out.numargs = 1;
126 if (fc->minor < 9)
127 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
128 else
129 req->out.args[0].size = sizeof(struct fuse_entry_out);
130 req->out.args[0].value = outarg;
131}
132
133u64 fuse_get_attr_version(struct fuse_conn *fc)
134{
135 u64 curr_version;
136
137 /*
138 * The spin lock isn't actually needed on 64bit archs, but we
139 * don't yet care too much about such optimizations.
140 */
141 spin_lock(&fc->lock);
142 curr_version = fc->attr_version;
143 spin_unlock(&fc->lock);
144
145 return curr_version;
146}
147
148/*
149 * Check whether the dentry is still valid
150 *
151 * If the entry validity timeout has expired and the dentry is
152 * positive, try to redo the lookup. If the lookup results in a
153 * different inode, then let the VFS invalidate the dentry and redo
154 * the lookup once more. If the lookup results in the same inode,
155 * then refresh the attributes, timeouts and mark the dentry valid.
156 */
157static int fuse_dentry_revalidate(struct dentry *entry, struct nameidata *nd)
158{
159 struct inode *inode;
160
161 inode = ACCESS_ONCE(entry->d_inode);
162 if (inode && is_bad_inode(inode))
163 return 0;
164 else if (fuse_dentry_time(entry) < get_jiffies_64()) {
165 int err;
166 struct fuse_entry_out outarg;
167 struct fuse_conn *fc;
168 struct fuse_req *req;
169 struct fuse_forget_link *forget;
170 struct dentry *parent;
171 u64 attr_version;
172
173 /* For negative dentries, always do a fresh lookup */
174 if (!inode)
175 return 0;
176
177 if (nd && (nd->flags & LOOKUP_RCU))
178 return -ECHILD;
179
180 fc = get_fuse_conn(inode);
181 req = fuse_get_req(fc);
182 if (IS_ERR(req))
183 return 0;
184
185 forget = fuse_alloc_forget();
186 if (!forget) {
187 fuse_put_request(fc, req);
188 return 0;
189 }
190
191 attr_version = fuse_get_attr_version(fc);
192
193 parent = dget_parent(entry);
194 fuse_lookup_init(fc, req, get_node_id(parent->d_inode),
195 &entry->d_name, &outarg);
196 fuse_request_send(fc, req);
197 dput(parent);
198 err = req->out.h.error;
199 fuse_put_request(fc, req);
200 /* Zero nodeid is same as -ENOENT */
201 if (!err && !outarg.nodeid)
202 err = -ENOENT;
203 if (!err) {
204 struct fuse_inode *fi = get_fuse_inode(inode);
205 if (outarg.nodeid != get_node_id(inode)) {
206 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
207 return 0;
208 }
209 spin_lock(&fc->lock);
210 fi->nlookup++;
211 spin_unlock(&fc->lock);
212 }
213 kfree(forget);
214 if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
215 return 0;
216
217 fuse_change_attributes(inode, &outarg.attr,
218 entry_attr_timeout(&outarg),
219 attr_version);
220 fuse_change_entry_timeout(entry, &outarg);
221 }
222 return 1;
223}
224
225static int invalid_nodeid(u64 nodeid)
226{
227 return !nodeid || nodeid == FUSE_ROOT_ID;
228}
229
230const struct dentry_operations fuse_dentry_operations = {
231 .d_revalidate = fuse_dentry_revalidate,
232};
233
234int fuse_valid_type(int m)
235{
236 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
237 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
238}
239
240/*
241 * Add a directory inode to a dentry, ensuring that no other dentry
242 * refers to this inode. Called with fc->inst_mutex.
243 */
244static struct dentry *fuse_d_add_directory(struct dentry *entry,
245 struct inode *inode)
246{
247 struct dentry *alias = d_find_alias(inode);
248 if (alias && !(alias->d_flags & DCACHE_DISCONNECTED)) {
249 /* This tries to shrink the subtree below alias */
250 fuse_invalidate_entry(alias);
251 dput(alias);
252 if (!list_empty(&inode->i_dentry))
253 return ERR_PTR(-EBUSY);
254 } else {
255 dput(alias);
256 }
257 return d_splice_alias(inode, entry);
258}
259
260int fuse_lookup_name(struct super_block *sb, u64 nodeid, struct qstr *name,
261 struct fuse_entry_out *outarg, struct inode **inode)
262{
263 struct fuse_conn *fc = get_fuse_conn_super(sb);
264 struct fuse_req *req;
265 struct fuse_forget_link *forget;
266 u64 attr_version;
267 int err;
268
269 *inode = NULL;
270 err = -ENAMETOOLONG;
271 if (name->len > FUSE_NAME_MAX)
272 goto out;
273
274 req = fuse_get_req(fc);
275 err = PTR_ERR(req);
276 if (IS_ERR(req))
277 goto out;
278
279 forget = fuse_alloc_forget();
280 err = -ENOMEM;
281 if (!forget) {
282 fuse_put_request(fc, req);
283 goto out;
284 }
285
286 attr_version = fuse_get_attr_version(fc);
287
288 fuse_lookup_init(fc, req, nodeid, name, outarg);
289 fuse_request_send(fc, req);
290 err = req->out.h.error;
291 fuse_put_request(fc, req);
292 /* Zero nodeid is same as -ENOENT, but with valid timeout */
293 if (err || !outarg->nodeid)
294 goto out_put_forget;
295
296 err = -EIO;
297 if (!outarg->nodeid)
298 goto out_put_forget;
299 if (!fuse_valid_type(outarg->attr.mode))
300 goto out_put_forget;
301
302 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
303 &outarg->attr, entry_attr_timeout(outarg),
304 attr_version);
305 err = -ENOMEM;
306 if (!*inode) {
307 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
308 goto out;
309 }
310 err = 0;
311
312 out_put_forget:
313 kfree(forget);
314 out:
315 return err;
316}
317
318static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
319 struct nameidata *nd)
320{
321 int err;
322 struct fuse_entry_out outarg;
323 struct inode *inode;
324 struct dentry *newent;
325 struct fuse_conn *fc = get_fuse_conn(dir);
326 bool outarg_valid = true;
327
328 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
329 &outarg, &inode);
330 if (err == -ENOENT) {
331 outarg_valid = false;
332 err = 0;
333 }
334 if (err)
335 goto out_err;
336
337 err = -EIO;
338 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
339 goto out_iput;
340
341 if (inode && S_ISDIR(inode->i_mode)) {
342 mutex_lock(&fc->inst_mutex);
343 newent = fuse_d_add_directory(entry, inode);
344 mutex_unlock(&fc->inst_mutex);
345 err = PTR_ERR(newent);
346 if (IS_ERR(newent))
347 goto out_iput;
348 } else {
349 newent = d_splice_alias(inode, entry);
350 }
351
352 entry = newent ? newent : entry;
353 if (outarg_valid)
354 fuse_change_entry_timeout(entry, &outarg);
355 else
356 fuse_invalidate_entry_cache(entry);
357
358 return newent;
359
360 out_iput:
361 iput(inode);
362 out_err:
363 return ERR_PTR(err);
364}
365
366/*
367 * Atomic create+open operation
368 *
369 * If the filesystem doesn't support this, then fall back to separate
370 * 'mknod' + 'open' requests.
371 */
372static int fuse_create_open(struct inode *dir, struct dentry *entry, int mode,
373 struct nameidata *nd)
374{
375 int err;
376 struct inode *inode;
377 struct fuse_conn *fc = get_fuse_conn(dir);
378 struct fuse_req *req;
379 struct fuse_forget_link *forget;
380 struct fuse_create_in inarg;
381 struct fuse_open_out outopen;
382 struct fuse_entry_out outentry;
383 struct fuse_file *ff;
384 struct file *file;
385 int flags = nd->intent.open.flags;
386
387 if (fc->no_create)
388 return -ENOSYS;
389
390 if (flags & O_DIRECT)
391 return -EINVAL;
392
393 forget = fuse_alloc_forget();
394 if (!forget)
395 return -ENOMEM;
396
397 req = fuse_get_req(fc);
398 err = PTR_ERR(req);
399 if (IS_ERR(req))
400 goto out_put_forget_req;
401
402 err = -ENOMEM;
403 ff = fuse_file_alloc(fc);
404 if (!ff)
405 goto out_put_request;
406
407 if (!fc->dont_mask)
408 mode &= ~current_umask();
409
410 flags &= ~O_NOCTTY;
411 memset(&inarg, 0, sizeof(inarg));
412 memset(&outentry, 0, sizeof(outentry));
413 inarg.flags = flags;
414 inarg.mode = mode;
415 inarg.umask = current_umask();
416 req->in.h.opcode = FUSE_CREATE;
417 req->in.h.nodeid = get_node_id(dir);
418 req->in.numargs = 2;
419 req->in.args[0].size = fc->minor < 12 ? sizeof(struct fuse_open_in) :
420 sizeof(inarg);
421 req->in.args[0].value = &inarg;
422 req->in.args[1].size = entry->d_name.len + 1;
423 req->in.args[1].value = entry->d_name.name;
424 req->out.numargs = 2;
425 if (fc->minor < 9)
426 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
427 else
428 req->out.args[0].size = sizeof(outentry);
429 req->out.args[0].value = &outentry;
430 req->out.args[1].size = sizeof(outopen);
431 req->out.args[1].value = &outopen;
432 fuse_request_send(fc, req);
433 err = req->out.h.error;
434 if (err) {
435 if (err == -ENOSYS)
436 fc->no_create = 1;
437 goto out_free_ff;
438 }
439
440 err = -EIO;
441 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
442 goto out_free_ff;
443
444 fuse_put_request(fc, req);
445 ff->fh = outopen.fh;
446 ff->nodeid = outentry.nodeid;
447 ff->open_flags = outopen.open_flags;
448 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
449 &outentry.attr, entry_attr_timeout(&outentry), 0);
450 if (!inode) {
451 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
452 fuse_sync_release(ff, flags);
453 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
454 return -ENOMEM;
455 }
456 kfree(forget);
457 d_instantiate(entry, inode);
458 fuse_change_entry_timeout(entry, &outentry);
459 fuse_invalidate_attr(dir);
460 file = lookup_instantiate_filp(nd, entry, generic_file_open);
461 if (IS_ERR(file)) {
462 fuse_sync_release(ff, flags);
463 return PTR_ERR(file);
464 }
465 file->private_data = fuse_file_get(ff);
466 fuse_finish_open(inode, file);
467 return 0;
468
469 out_free_ff:
470 fuse_file_free(ff);
471 out_put_request:
472 fuse_put_request(fc, req);
473 out_put_forget_req:
474 kfree(forget);
475 return err;
476}
477
478/*
479 * Code shared between mknod, mkdir, symlink and link
480 */
481static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req,
482 struct inode *dir, struct dentry *entry,
483 int mode)
484{
485 struct fuse_entry_out outarg;
486 struct inode *inode;
487 int err;
488 struct fuse_forget_link *forget;
489
490 forget = fuse_alloc_forget();
491 if (!forget) {
492 fuse_put_request(fc, req);
493 return -ENOMEM;
494 }
495
496 memset(&outarg, 0, sizeof(outarg));
497 req->in.h.nodeid = get_node_id(dir);
498 req->out.numargs = 1;
499 if (fc->minor < 9)
500 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
501 else
502 req->out.args[0].size = sizeof(outarg);
503 req->out.args[0].value = &outarg;
504 fuse_request_send(fc, req);
505 err = req->out.h.error;
506 fuse_put_request(fc, req);
507 if (err)
508 goto out_put_forget_req;
509
510 err = -EIO;
511 if (invalid_nodeid(outarg.nodeid))
512 goto out_put_forget_req;
513
514 if ((outarg.attr.mode ^ mode) & S_IFMT)
515 goto out_put_forget_req;
516
517 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
518 &outarg.attr, entry_attr_timeout(&outarg), 0);
519 if (!inode) {
520 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
521 return -ENOMEM;
522 }
523 kfree(forget);
524
525 if (S_ISDIR(inode->i_mode)) {
526 struct dentry *alias;
527 mutex_lock(&fc->inst_mutex);
528 alias = d_find_alias(inode);
529 if (alias) {
530 /* New directory must have moved since mkdir */
531 mutex_unlock(&fc->inst_mutex);
532 dput(alias);
533 iput(inode);
534 return -EBUSY;
535 }
536 d_instantiate(entry, inode);
537 mutex_unlock(&fc->inst_mutex);
538 } else
539 d_instantiate(entry, inode);
540
541 fuse_change_entry_timeout(entry, &outarg);
542 fuse_invalidate_attr(dir);
543 return 0;
544
545 out_put_forget_req:
546 kfree(forget);
547 return err;
548}
549
550static int fuse_mknod(struct inode *dir, struct dentry *entry, int mode,
551 dev_t rdev)
552{
553 struct fuse_mknod_in inarg;
554 struct fuse_conn *fc = get_fuse_conn(dir);
555 struct fuse_req *req = fuse_get_req(fc);
556 if (IS_ERR(req))
557 return PTR_ERR(req);
558
559 if (!fc->dont_mask)
560 mode &= ~current_umask();
561
562 memset(&inarg, 0, sizeof(inarg));
563 inarg.mode = mode;
564 inarg.rdev = new_encode_dev(rdev);
565 inarg.umask = current_umask();
566 req->in.h.opcode = FUSE_MKNOD;
567 req->in.numargs = 2;
568 req->in.args[0].size = fc->minor < 12 ? FUSE_COMPAT_MKNOD_IN_SIZE :
569 sizeof(inarg);
570 req->in.args[0].value = &inarg;
571 req->in.args[1].size = entry->d_name.len + 1;
572 req->in.args[1].value = entry->d_name.name;
573 return create_new_entry(fc, req, dir, entry, mode);
574}
575
576static int fuse_create(struct inode *dir, struct dentry *entry, int mode,
577 struct nameidata *nd)
578{
579 if (nd) {
580 int err = fuse_create_open(dir, entry, mode, nd);
581 if (err != -ENOSYS)
582 return err;
583 /* Fall back on mknod */
584 }
585 return fuse_mknod(dir, entry, mode, 0);
586}
587
588static int fuse_mkdir(struct inode *dir, struct dentry *entry, int mode)
589{
590 struct fuse_mkdir_in inarg;
591 struct fuse_conn *fc = get_fuse_conn(dir);
592 struct fuse_req *req = fuse_get_req(fc);
593 if (IS_ERR(req))
594 return PTR_ERR(req);
595
596 if (!fc->dont_mask)
597 mode &= ~current_umask();
598
599 memset(&inarg, 0, sizeof(inarg));
600 inarg.mode = mode;
601 inarg.umask = current_umask();
602 req->in.h.opcode = FUSE_MKDIR;
603 req->in.numargs = 2;
604 req->in.args[0].size = sizeof(inarg);
605 req->in.args[0].value = &inarg;
606 req->in.args[1].size = entry->d_name.len + 1;
607 req->in.args[1].value = entry->d_name.name;
608 return create_new_entry(fc, req, dir, entry, S_IFDIR);
609}
610
611static int fuse_symlink(struct inode *dir, struct dentry *entry,
612 const char *link)
613{
614 struct fuse_conn *fc = get_fuse_conn(dir);
615 unsigned len = strlen(link) + 1;
616 struct fuse_req *req = fuse_get_req(fc);
617 if (IS_ERR(req))
618 return PTR_ERR(req);
619
620 req->in.h.opcode = FUSE_SYMLINK;
621 req->in.numargs = 2;
622 req->in.args[0].size = entry->d_name.len + 1;
623 req->in.args[0].value = entry->d_name.name;
624 req->in.args[1].size = len;
625 req->in.args[1].value = link;
626 return create_new_entry(fc, req, dir, entry, S_IFLNK);
627}
628
629static int fuse_unlink(struct inode *dir, struct dentry *entry)
630{
631 int err;
632 struct fuse_conn *fc = get_fuse_conn(dir);
633 struct fuse_req *req = fuse_get_req(fc);
634 if (IS_ERR(req))
635 return PTR_ERR(req);
636
637 req->in.h.opcode = FUSE_UNLINK;
638 req->in.h.nodeid = get_node_id(dir);
639 req->in.numargs = 1;
640 req->in.args[0].size = entry->d_name.len + 1;
641 req->in.args[0].value = entry->d_name.name;
642 fuse_request_send(fc, req);
643 err = req->out.h.error;
644 fuse_put_request(fc, req);
645 if (!err) {
646 struct inode *inode = entry->d_inode;
647
648 /*
649 * Set nlink to zero so the inode can be cleared, if the inode
650 * does have more links this will be discovered at the next
651 * lookup/getattr.
652 */
653 clear_nlink(inode);
654 fuse_invalidate_attr(inode);
655 fuse_invalidate_attr(dir);
656 fuse_invalidate_entry_cache(entry);
657 } else if (err == -EINTR)
658 fuse_invalidate_entry(entry);
659 return err;
660}
661
662static int fuse_rmdir(struct inode *dir, struct dentry *entry)
663{
664 int err;
665 struct fuse_conn *fc = get_fuse_conn(dir);
666 struct fuse_req *req = fuse_get_req(fc);
667 if (IS_ERR(req))
668 return PTR_ERR(req);
669
670 req->in.h.opcode = FUSE_RMDIR;
671 req->in.h.nodeid = get_node_id(dir);
672 req->in.numargs = 1;
673 req->in.args[0].size = entry->d_name.len + 1;
674 req->in.args[0].value = entry->d_name.name;
675 fuse_request_send(fc, req);
676 err = req->out.h.error;
677 fuse_put_request(fc, req);
678 if (!err) {
679 clear_nlink(entry->d_inode);
680 fuse_invalidate_attr(dir);
681 fuse_invalidate_entry_cache(entry);
682 } else if (err == -EINTR)
683 fuse_invalidate_entry(entry);
684 return err;
685}
686
687static int fuse_rename(struct inode *olddir, struct dentry *oldent,
688 struct inode *newdir, struct dentry *newent)
689{
690 int err;
691 struct fuse_rename_in inarg;
692 struct fuse_conn *fc = get_fuse_conn(olddir);
693 struct fuse_req *req = fuse_get_req(fc);
694
695 if (IS_ERR(req))
696 return PTR_ERR(req);
697
698 memset(&inarg, 0, sizeof(inarg));
699 inarg.newdir = get_node_id(newdir);
700 req->in.h.opcode = FUSE_RENAME;
701 req->in.h.nodeid = get_node_id(olddir);
702 req->in.numargs = 3;
703 req->in.args[0].size = sizeof(inarg);
704 req->in.args[0].value = &inarg;
705 req->in.args[1].size = oldent->d_name.len + 1;
706 req->in.args[1].value = oldent->d_name.name;
707 req->in.args[2].size = newent->d_name.len + 1;
708 req->in.args[2].value = newent->d_name.name;
709 fuse_request_send(fc, req);
710 err = req->out.h.error;
711 fuse_put_request(fc, req);
712 if (!err) {
713 /* ctime changes */
714 fuse_invalidate_attr(oldent->d_inode);
715
716 fuse_invalidate_attr(olddir);
717 if (olddir != newdir)
718 fuse_invalidate_attr(newdir);
719
720 /* newent will end up negative */
721 if (newent->d_inode) {
722 fuse_invalidate_attr(newent->d_inode);
723 fuse_invalidate_entry_cache(newent);
724 }
725 } else if (err == -EINTR) {
726 /* If request was interrupted, DEITY only knows if the
727 rename actually took place. If the invalidation
728 fails (e.g. some process has CWD under the renamed
729 directory), then there can be inconsistency between
730 the dcache and the real filesystem. Tough luck. */
731 fuse_invalidate_entry(oldent);
732 if (newent->d_inode)
733 fuse_invalidate_entry(newent);
734 }
735
736 return err;
737}
738
739static int fuse_link(struct dentry *entry, struct inode *newdir,
740 struct dentry *newent)
741{
742 int err;
743 struct fuse_link_in inarg;
744 struct inode *inode = entry->d_inode;
745 struct fuse_conn *fc = get_fuse_conn(inode);
746 struct fuse_req *req = fuse_get_req(fc);
747 if (IS_ERR(req))
748 return PTR_ERR(req);
749
750 memset(&inarg, 0, sizeof(inarg));
751 inarg.oldnodeid = get_node_id(inode);
752 req->in.h.opcode = FUSE_LINK;
753 req->in.numargs = 2;
754 req->in.args[0].size = sizeof(inarg);
755 req->in.args[0].value = &inarg;
756 req->in.args[1].size = newent->d_name.len + 1;
757 req->in.args[1].value = newent->d_name.name;
758 err = create_new_entry(fc, req, newdir, newent, inode->i_mode);
759 /* Contrary to "normal" filesystems it can happen that link
760 makes two "logical" inodes point to the same "physical"
761 inode. We invalidate the attributes of the old one, so it
762 will reflect changes in the backing inode (link count,
763 etc.)
764 */
765 if (!err || err == -EINTR)
766 fuse_invalidate_attr(inode);
767 return err;
768}
769
770static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
771 struct kstat *stat)
772{
773 stat->dev = inode->i_sb->s_dev;
774 stat->ino = attr->ino;
775 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
776 stat->nlink = attr->nlink;
777 stat->uid = attr->uid;
778 stat->gid = attr->gid;
779 stat->rdev = inode->i_rdev;
780 stat->atime.tv_sec = attr->atime;
781 stat->atime.tv_nsec = attr->atimensec;
782 stat->mtime.tv_sec = attr->mtime;
783 stat->mtime.tv_nsec = attr->mtimensec;
784 stat->ctime.tv_sec = attr->ctime;
785 stat->ctime.tv_nsec = attr->ctimensec;
786 stat->size = attr->size;
787 stat->blocks = attr->blocks;
788 stat->blksize = (1 << inode->i_blkbits);
789}
790
791static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
792 struct file *file)
793{
794 int err;
795 struct fuse_getattr_in inarg;
796 struct fuse_attr_out outarg;
797 struct fuse_conn *fc = get_fuse_conn(inode);
798 struct fuse_req *req;
799 u64 attr_version;
800
801 req = fuse_get_req(fc);
802 if (IS_ERR(req))
803 return PTR_ERR(req);
804
805 attr_version = fuse_get_attr_version(fc);
806
807 memset(&inarg, 0, sizeof(inarg));
808 memset(&outarg, 0, sizeof(outarg));
809 /* Directories have separate file-handle space */
810 if (file && S_ISREG(inode->i_mode)) {
811 struct fuse_file *ff = file->private_data;
812
813 inarg.getattr_flags |= FUSE_GETATTR_FH;
814 inarg.fh = ff->fh;
815 }
816 req->in.h.opcode = FUSE_GETATTR;
817 req->in.h.nodeid = get_node_id(inode);
818 req->in.numargs = 1;
819 req->in.args[0].size = sizeof(inarg);
820 req->in.args[0].value = &inarg;
821 req->out.numargs = 1;
822 if (fc->minor < 9)
823 req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
824 else
825 req->out.args[0].size = sizeof(outarg);
826 req->out.args[0].value = &outarg;
827 fuse_request_send(fc, req);
828 err = req->out.h.error;
829 fuse_put_request(fc, req);
830 if (!err) {
831 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
832 make_bad_inode(inode);
833 err = -EIO;
834 } else {
835 fuse_change_attributes(inode, &outarg.attr,
836 attr_timeout(&outarg),
837 attr_version);
838 if (stat)
839 fuse_fillattr(inode, &outarg.attr, stat);
840 }
841 }
842 return err;
843}
844
845int fuse_update_attributes(struct inode *inode, struct kstat *stat,
846 struct file *file, bool *refreshed)
847{
848 struct fuse_inode *fi = get_fuse_inode(inode);
849 int err;
850 bool r;
851
852 if (fi->i_time < get_jiffies_64()) {
853 r = true;
854 err = fuse_do_getattr(inode, stat, file);
855 } else {
856 r = false;
857 err = 0;
858 if (stat) {
859 generic_fillattr(inode, stat);
860 stat->mode = fi->orig_i_mode;
861 }
862 }
863
864 if (refreshed != NULL)
865 *refreshed = r;
866
867 return err;
868}
869
870int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
871 struct qstr *name)
872{
873 int err = -ENOTDIR;
874 struct inode *parent;
875 struct dentry *dir;
876 struct dentry *entry;
877
878 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
879 if (!parent)
880 return -ENOENT;
881
882 mutex_lock(&parent->i_mutex);
883 if (!S_ISDIR(parent->i_mode))
884 goto unlock;
885
886 err = -ENOENT;
887 dir = d_find_alias(parent);
888 if (!dir)
889 goto unlock;
890
891 entry = d_lookup(dir, name);
892 dput(dir);
893 if (!entry)
894 goto unlock;
895
896 fuse_invalidate_attr(parent);
897 fuse_invalidate_entry(entry);
898 dput(entry);
899 err = 0;
900
901 unlock:
902 mutex_unlock(&parent->i_mutex);
903 iput(parent);
904 return err;
905}
906
907/*
908 * Calling into a user-controlled filesystem gives the filesystem
909 * daemon ptrace-like capabilities over the requester process. This
910 * means, that the filesystem daemon is able to record the exact
911 * filesystem operations performed, and can also control the behavior
912 * of the requester process in otherwise impossible ways. For example
913 * it can delay the operation for arbitrary length of time allowing
914 * DoS against the requester.
915 *
916 * For this reason only those processes can call into the filesystem,
917 * for which the owner of the mount has ptrace privilege. This
918 * excludes processes started by other users, suid or sgid processes.
919 */
920int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
921{
922 const struct cred *cred;
923 int ret;
924
925 if (fc->flags & FUSE_ALLOW_OTHER)
926 return 1;
927
928 rcu_read_lock();
929 ret = 0;
930 cred = __task_cred(task);
931 if (cred->euid == fc->user_id &&
932 cred->suid == fc->user_id &&
933 cred->uid == fc->user_id &&
934 cred->egid == fc->group_id &&
935 cred->sgid == fc->group_id &&
936 cred->gid == fc->group_id)
937 ret = 1;
938 rcu_read_unlock();
939
940 return ret;
941}
942
943static int fuse_access(struct inode *inode, int mask)
944{
945 struct fuse_conn *fc = get_fuse_conn(inode);
946 struct fuse_req *req;
947 struct fuse_access_in inarg;
948 int err;
949
950 if (fc->no_access)
951 return 0;
952
953 req = fuse_get_req(fc);
954 if (IS_ERR(req))
955 return PTR_ERR(req);
956
957 memset(&inarg, 0, sizeof(inarg));
958 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
959 req->in.h.opcode = FUSE_ACCESS;
960 req->in.h.nodeid = get_node_id(inode);
961 req->in.numargs = 1;
962 req->in.args[0].size = sizeof(inarg);
963 req->in.args[0].value = &inarg;
964 fuse_request_send(fc, req);
965 err = req->out.h.error;
966 fuse_put_request(fc, req);
967 if (err == -ENOSYS) {
968 fc->no_access = 1;
969 err = 0;
970 }
971 return err;
972}
973
974static int fuse_perm_getattr(struct inode *inode, int mask)
975{
976 if (mask & MAY_NOT_BLOCK)
977 return -ECHILD;
978
979 return fuse_do_getattr(inode, NULL, NULL);
980}
981
982/*
983 * Check permission. The two basic access models of FUSE are:
984 *
985 * 1) Local access checking ('default_permissions' mount option) based
986 * on file mode. This is the plain old disk filesystem permission
987 * modell.
988 *
989 * 2) "Remote" access checking, where server is responsible for
990 * checking permission in each inode operation. An exception to this
991 * is if ->permission() was invoked from sys_access() in which case an
992 * access request is sent. Execute permission is still checked
993 * locally based on file mode.
994 */
995static int fuse_permission(struct inode *inode, int mask)
996{
997 struct fuse_conn *fc = get_fuse_conn(inode);
998 bool refreshed = false;
999 int err = 0;
1000
1001 if (!fuse_allow_task(fc, current))
1002 return -EACCES;
1003
1004 /*
1005 * If attributes are needed, refresh them before proceeding
1006 */
1007 if ((fc->flags & FUSE_DEFAULT_PERMISSIONS) ||
1008 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1009 struct fuse_inode *fi = get_fuse_inode(inode);
1010
1011 if (fi->i_time < get_jiffies_64()) {
1012 refreshed = true;
1013
1014 err = fuse_perm_getattr(inode, mask);
1015 if (err)
1016 return err;
1017 }
1018 }
1019
1020 if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
1021 err = generic_permission(inode, mask);
1022
1023 /* If permission is denied, try to refresh file
1024 attributes. This is also needed, because the root
1025 node will at first have no permissions */
1026 if (err == -EACCES && !refreshed) {
1027 err = fuse_perm_getattr(inode, mask);
1028 if (!err)
1029 err = generic_permission(inode, mask);
1030 }
1031
1032 /* Note: the opposite of the above test does not
1033 exist. So if permissions are revoked this won't be
1034 noticed immediately, only after the attribute
1035 timeout has expired */
1036 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1037 if (mask & MAY_NOT_BLOCK)
1038 return -ECHILD;
1039
1040 err = fuse_access(inode, mask);
1041 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1042 if (!(inode->i_mode & S_IXUGO)) {
1043 if (refreshed)
1044 return -EACCES;
1045
1046 err = fuse_perm_getattr(inode, mask);
1047 if (!err && !(inode->i_mode & S_IXUGO))
1048 return -EACCES;
1049 }
1050 }
1051 return err;
1052}
1053
1054static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
1055 void *dstbuf, filldir_t filldir)
1056{
1057 while (nbytes >= FUSE_NAME_OFFSET) {
1058 struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
1059 size_t reclen = FUSE_DIRENT_SIZE(dirent);
1060 int over;
1061 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1062 return -EIO;
1063 if (reclen > nbytes)
1064 break;
1065
1066 over = filldir(dstbuf, dirent->name, dirent->namelen,
1067 file->f_pos, dirent->ino, dirent->type);
1068 if (over)
1069 break;
1070
1071 buf += reclen;
1072 nbytes -= reclen;
1073 file->f_pos = dirent->off;
1074 }
1075
1076 return 0;
1077}
1078
1079static int fuse_readdir(struct file *file, void *dstbuf, filldir_t filldir)
1080{
1081 int err;
1082 size_t nbytes;
1083 struct page *page;
1084 struct inode *inode = file->f_path.dentry->d_inode;
1085 struct fuse_conn *fc = get_fuse_conn(inode);
1086 struct fuse_req *req;
1087
1088 if (is_bad_inode(inode))
1089 return -EIO;
1090
1091 req = fuse_get_req(fc);
1092 if (IS_ERR(req))
1093 return PTR_ERR(req);
1094
1095 page = alloc_page(GFP_KERNEL);
1096 if (!page) {
1097 fuse_put_request(fc, req);
1098 return -ENOMEM;
1099 }
1100 req->out.argpages = 1;
1101 req->num_pages = 1;
1102 req->pages[0] = page;
1103 fuse_read_fill(req, file, file->f_pos, PAGE_SIZE, FUSE_READDIR);
1104 fuse_request_send(fc, req);
1105 nbytes = req->out.args[0].size;
1106 err = req->out.h.error;
1107 fuse_put_request(fc, req);
1108 if (!err)
1109 err = parse_dirfile(page_address(page), nbytes, file, dstbuf,
1110 filldir);
1111
1112 __free_page(page);
1113 fuse_invalidate_attr(inode); /* atime changed */
1114 return err;
1115}
1116
1117static char *read_link(struct dentry *dentry)
1118{
1119 struct inode *inode = dentry->d_inode;
1120 struct fuse_conn *fc = get_fuse_conn(inode);
1121 struct fuse_req *req = fuse_get_req(fc);
1122 char *link;
1123
1124 if (IS_ERR(req))
1125 return ERR_CAST(req);
1126
1127 link = (char *) __get_free_page(GFP_KERNEL);
1128 if (!link) {
1129 link = ERR_PTR(-ENOMEM);
1130 goto out;
1131 }
1132 req->in.h.opcode = FUSE_READLINK;
1133 req->in.h.nodeid = get_node_id(inode);
1134 req->out.argvar = 1;
1135 req->out.numargs = 1;
1136 req->out.args[0].size = PAGE_SIZE - 1;
1137 req->out.args[0].value = link;
1138 fuse_request_send(fc, req);
1139 if (req->out.h.error) {
1140 free_page((unsigned long) link);
1141 link = ERR_PTR(req->out.h.error);
1142 } else
1143 link[req->out.args[0].size] = '\0';
1144 out:
1145 fuse_put_request(fc, req);
1146 fuse_invalidate_attr(inode); /* atime changed */
1147 return link;
1148}
1149
1150static void free_link(char *link)
1151{
1152 if (!IS_ERR(link))
1153 free_page((unsigned long) link);
1154}
1155
1156static void *fuse_follow_link(struct dentry *dentry, struct nameidata *nd)
1157{
1158 nd_set_link(nd, read_link(dentry));
1159 return NULL;
1160}
1161
1162static void fuse_put_link(struct dentry *dentry, struct nameidata *nd, void *c)
1163{
1164 free_link(nd_get_link(nd));
1165}
1166
1167static int fuse_dir_open(struct inode *inode, struct file *file)
1168{
1169 return fuse_open_common(inode, file, true);
1170}
1171
1172static int fuse_dir_release(struct inode *inode, struct file *file)
1173{
1174 fuse_release_common(file, FUSE_RELEASEDIR);
1175
1176 return 0;
1177}
1178
1179static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1180 int datasync)
1181{
1182 return fuse_fsync_common(file, start, end, datasync, 1);
1183}
1184
1185static bool update_mtime(unsigned ivalid)
1186{
1187 /* Always update if mtime is explicitly set */
1188 if (ivalid & ATTR_MTIME_SET)
1189 return true;
1190
1191 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1192 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1193 return false;
1194
1195 /* In all other cases update */
1196 return true;
1197}
1198
1199static void iattr_to_fattr(struct iattr *iattr, struct fuse_setattr_in *arg)
1200{
1201 unsigned ivalid = iattr->ia_valid;
1202
1203 if (ivalid & ATTR_MODE)
1204 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1205 if (ivalid & ATTR_UID)
1206 arg->valid |= FATTR_UID, arg->uid = iattr->ia_uid;
1207 if (ivalid & ATTR_GID)
1208 arg->valid |= FATTR_GID, arg->gid = iattr->ia_gid;
1209 if (ivalid & ATTR_SIZE)
1210 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1211 if (ivalid & ATTR_ATIME) {
1212 arg->valid |= FATTR_ATIME;
1213 arg->atime = iattr->ia_atime.tv_sec;
1214 arg->atimensec = iattr->ia_atime.tv_nsec;
1215 if (!(ivalid & ATTR_ATIME_SET))
1216 arg->valid |= FATTR_ATIME_NOW;
1217 }
1218 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid)) {
1219 arg->valid |= FATTR_MTIME;
1220 arg->mtime = iattr->ia_mtime.tv_sec;
1221 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1222 if (!(ivalid & ATTR_MTIME_SET))
1223 arg->valid |= FATTR_MTIME_NOW;
1224 }
1225}
1226
1227/*
1228 * Prevent concurrent writepages on inode
1229 *
1230 * This is done by adding a negative bias to the inode write counter
1231 * and waiting for all pending writes to finish.
1232 */
1233void fuse_set_nowrite(struct inode *inode)
1234{
1235 struct fuse_conn *fc = get_fuse_conn(inode);
1236 struct fuse_inode *fi = get_fuse_inode(inode);
1237
1238 BUG_ON(!mutex_is_locked(&inode->i_mutex));
1239
1240 spin_lock(&fc->lock);
1241 BUG_ON(fi->writectr < 0);
1242 fi->writectr += FUSE_NOWRITE;
1243 spin_unlock(&fc->lock);
1244 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1245}
1246
1247/*
1248 * Allow writepages on inode
1249 *
1250 * Remove the bias from the writecounter and send any queued
1251 * writepages.
1252 */
1253static void __fuse_release_nowrite(struct inode *inode)
1254{
1255 struct fuse_inode *fi = get_fuse_inode(inode);
1256
1257 BUG_ON(fi->writectr != FUSE_NOWRITE);
1258 fi->writectr = 0;
1259 fuse_flush_writepages(inode);
1260}
1261
1262void fuse_release_nowrite(struct inode *inode)
1263{
1264 struct fuse_conn *fc = get_fuse_conn(inode);
1265
1266 spin_lock(&fc->lock);
1267 __fuse_release_nowrite(inode);
1268 spin_unlock(&fc->lock);
1269}
1270
1271/*
1272 * Set attributes, and at the same time refresh them.
1273 *
1274 * Truncation is slightly complicated, because the 'truncate' request
1275 * may fail, in which case we don't want to touch the mapping.
1276 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1277 * and the actual truncation by hand.
1278 */
1279static int fuse_do_setattr(struct dentry *entry, struct iattr *attr,
1280 struct file *file)
1281{
1282 struct inode *inode = entry->d_inode;
1283 struct fuse_conn *fc = get_fuse_conn(inode);
1284 struct fuse_req *req;
1285 struct fuse_setattr_in inarg;
1286 struct fuse_attr_out outarg;
1287 bool is_truncate = false;
1288 loff_t oldsize;
1289 int err;
1290
1291 if (!fuse_allow_task(fc, current))
1292 return -EACCES;
1293
1294 if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS))
1295 attr->ia_valid |= ATTR_FORCE;
1296
1297 err = inode_change_ok(inode, attr);
1298 if (err)
1299 return err;
1300
1301 if (attr->ia_valid & ATTR_OPEN) {
1302 if (fc->atomic_o_trunc)
1303 return 0;
1304 file = NULL;
1305 }
1306
1307 if (attr->ia_valid & ATTR_SIZE)
1308 is_truncate = true;
1309
1310 req = fuse_get_req(fc);
1311 if (IS_ERR(req))
1312 return PTR_ERR(req);
1313
1314 if (is_truncate)
1315 fuse_set_nowrite(inode);
1316
1317 memset(&inarg, 0, sizeof(inarg));
1318 memset(&outarg, 0, sizeof(outarg));
1319 iattr_to_fattr(attr, &inarg);
1320 if (file) {
1321 struct fuse_file *ff = file->private_data;
1322 inarg.valid |= FATTR_FH;
1323 inarg.fh = ff->fh;
1324 }
1325 if (attr->ia_valid & ATTR_SIZE) {
1326 /* For mandatory locking in truncate */
1327 inarg.valid |= FATTR_LOCKOWNER;
1328 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1329 }
1330 req->in.h.opcode = FUSE_SETATTR;
1331 req->in.h.nodeid = get_node_id(inode);
1332 req->in.numargs = 1;
1333 req->in.args[0].size = sizeof(inarg);
1334 req->in.args[0].value = &inarg;
1335 req->out.numargs = 1;
1336 if (fc->minor < 9)
1337 req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
1338 else
1339 req->out.args[0].size = sizeof(outarg);
1340 req->out.args[0].value = &outarg;
1341 fuse_request_send(fc, req);
1342 err = req->out.h.error;
1343 fuse_put_request(fc, req);
1344 if (err) {
1345 if (err == -EINTR)
1346 fuse_invalidate_attr(inode);
1347 goto error;
1348 }
1349
1350 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1351 make_bad_inode(inode);
1352 err = -EIO;
1353 goto error;
1354 }
1355
1356 spin_lock(&fc->lock);
1357 fuse_change_attributes_common(inode, &outarg.attr,
1358 attr_timeout(&outarg));
1359 oldsize = inode->i_size;
1360 i_size_write(inode, outarg.attr.size);
1361
1362 if (is_truncate) {
1363 /* NOTE: this may release/reacquire fc->lock */
1364 __fuse_release_nowrite(inode);
1365 }
1366 spin_unlock(&fc->lock);
1367
1368 /*
1369 * Only call invalidate_inode_pages2() after removing
1370 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1371 */
1372 if (S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1373 truncate_pagecache(inode, oldsize, outarg.attr.size);
1374 invalidate_inode_pages2(inode->i_mapping);
1375 }
1376
1377 return 0;
1378
1379error:
1380 if (is_truncate)
1381 fuse_release_nowrite(inode);
1382
1383 return err;
1384}
1385
1386static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1387{
1388 if (attr->ia_valid & ATTR_FILE)
1389 return fuse_do_setattr(entry, attr, attr->ia_file);
1390 else
1391 return fuse_do_setattr(entry, attr, NULL);
1392}
1393
1394static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry,
1395 struct kstat *stat)
1396{
1397 struct inode *inode = entry->d_inode;
1398 struct fuse_conn *fc = get_fuse_conn(inode);
1399
1400 if (!fuse_allow_task(fc, current))
1401 return -EACCES;
1402
1403 return fuse_update_attributes(inode, stat, NULL, NULL);
1404}
1405
1406static int fuse_setxattr(struct dentry *entry, const char *name,
1407 const void *value, size_t size, int flags)
1408{
1409 struct inode *inode = entry->d_inode;
1410 struct fuse_conn *fc = get_fuse_conn(inode);
1411 struct fuse_req *req;
1412 struct fuse_setxattr_in inarg;
1413 int err;
1414
1415 if (fc->no_setxattr)
1416 return -EOPNOTSUPP;
1417
1418 req = fuse_get_req(fc);
1419 if (IS_ERR(req))
1420 return PTR_ERR(req);
1421
1422 memset(&inarg, 0, sizeof(inarg));
1423 inarg.size = size;
1424 inarg.flags = flags;
1425 req->in.h.opcode = FUSE_SETXATTR;
1426 req->in.h.nodeid = get_node_id(inode);
1427 req->in.numargs = 3;
1428 req->in.args[0].size = sizeof(inarg);
1429 req->in.args[0].value = &inarg;
1430 req->in.args[1].size = strlen(name) + 1;
1431 req->in.args[1].value = name;
1432 req->in.args[2].size = size;
1433 req->in.args[2].value = value;
1434 fuse_request_send(fc, req);
1435 err = req->out.h.error;
1436 fuse_put_request(fc, req);
1437 if (err == -ENOSYS) {
1438 fc->no_setxattr = 1;
1439 err = -EOPNOTSUPP;
1440 }
1441 return err;
1442}
1443
1444static ssize_t fuse_getxattr(struct dentry *entry, const char *name,
1445 void *value, size_t size)
1446{
1447 struct inode *inode = entry->d_inode;
1448 struct fuse_conn *fc = get_fuse_conn(inode);
1449 struct fuse_req *req;
1450 struct fuse_getxattr_in inarg;
1451 struct fuse_getxattr_out outarg;
1452 ssize_t ret;
1453
1454 if (fc->no_getxattr)
1455 return -EOPNOTSUPP;
1456
1457 req = fuse_get_req(fc);
1458 if (IS_ERR(req))
1459 return PTR_ERR(req);
1460
1461 memset(&inarg, 0, sizeof(inarg));
1462 inarg.size = size;
1463 req->in.h.opcode = FUSE_GETXATTR;
1464 req->in.h.nodeid = get_node_id(inode);
1465 req->in.numargs = 2;
1466 req->in.args[0].size = sizeof(inarg);
1467 req->in.args[0].value = &inarg;
1468 req->in.args[1].size = strlen(name) + 1;
1469 req->in.args[1].value = name;
1470 /* This is really two different operations rolled into one */
1471 req->out.numargs = 1;
1472 if (size) {
1473 req->out.argvar = 1;
1474 req->out.args[0].size = size;
1475 req->out.args[0].value = value;
1476 } else {
1477 req->out.args[0].size = sizeof(outarg);
1478 req->out.args[0].value = &outarg;
1479 }
1480 fuse_request_send(fc, req);
1481 ret = req->out.h.error;
1482 if (!ret)
1483 ret = size ? req->out.args[0].size : outarg.size;
1484 else {
1485 if (ret == -ENOSYS) {
1486 fc->no_getxattr = 1;
1487 ret = -EOPNOTSUPP;
1488 }
1489 }
1490 fuse_put_request(fc, req);
1491 return ret;
1492}
1493
1494static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
1495{
1496 struct inode *inode = entry->d_inode;
1497 struct fuse_conn *fc = get_fuse_conn(inode);
1498 struct fuse_req *req;
1499 struct fuse_getxattr_in inarg;
1500 struct fuse_getxattr_out outarg;
1501 ssize_t ret;
1502
1503 if (!fuse_allow_task(fc, current))
1504 return -EACCES;
1505
1506 if (fc->no_listxattr)
1507 return -EOPNOTSUPP;
1508
1509 req = fuse_get_req(fc);
1510 if (IS_ERR(req))
1511 return PTR_ERR(req);
1512
1513 memset(&inarg, 0, sizeof(inarg));
1514 inarg.size = size;
1515 req->in.h.opcode = FUSE_LISTXATTR;
1516 req->in.h.nodeid = get_node_id(inode);
1517 req->in.numargs = 1;
1518 req->in.args[0].size = sizeof(inarg);
1519 req->in.args[0].value = &inarg;
1520 /* This is really two different operations rolled into one */
1521 req->out.numargs = 1;
1522 if (size) {
1523 req->out.argvar = 1;
1524 req->out.args[0].size = size;
1525 req->out.args[0].value = list;
1526 } else {
1527 req->out.args[0].size = sizeof(outarg);
1528 req->out.args[0].value = &outarg;
1529 }
1530 fuse_request_send(fc, req);
1531 ret = req->out.h.error;
1532 if (!ret)
1533 ret = size ? req->out.args[0].size : outarg.size;
1534 else {
1535 if (ret == -ENOSYS) {
1536 fc->no_listxattr = 1;
1537 ret = -EOPNOTSUPP;
1538 }
1539 }
1540 fuse_put_request(fc, req);
1541 return ret;
1542}
1543
1544static int fuse_removexattr(struct dentry *entry, const char *name)
1545{
1546 struct inode *inode = entry->d_inode;
1547 struct fuse_conn *fc = get_fuse_conn(inode);
1548 struct fuse_req *req;
1549 int err;
1550
1551 if (fc->no_removexattr)
1552 return -EOPNOTSUPP;
1553
1554 req = fuse_get_req(fc);
1555 if (IS_ERR(req))
1556 return PTR_ERR(req);
1557
1558 req->in.h.opcode = FUSE_REMOVEXATTR;
1559 req->in.h.nodeid = get_node_id(inode);
1560 req->in.numargs = 1;
1561 req->in.args[0].size = strlen(name) + 1;
1562 req->in.args[0].value = name;
1563 fuse_request_send(fc, req);
1564 err = req->out.h.error;
1565 fuse_put_request(fc, req);
1566 if (err == -ENOSYS) {
1567 fc->no_removexattr = 1;
1568 err = -EOPNOTSUPP;
1569 }
1570 return err;
1571}
1572
1573static const struct inode_operations fuse_dir_inode_operations = {
1574 .lookup = fuse_lookup,
1575 .mkdir = fuse_mkdir,
1576 .symlink = fuse_symlink,
1577 .unlink = fuse_unlink,
1578 .rmdir = fuse_rmdir,
1579 .rename = fuse_rename,
1580 .link = fuse_link,
1581 .setattr = fuse_setattr,
1582 .create = fuse_create,
1583 .mknod = fuse_mknod,
1584 .permission = fuse_permission,
1585 .getattr = fuse_getattr,
1586 .setxattr = fuse_setxattr,
1587 .getxattr = fuse_getxattr,
1588 .listxattr = fuse_listxattr,
1589 .removexattr = fuse_removexattr,
1590};
1591
1592static const struct file_operations fuse_dir_operations = {
1593 .llseek = generic_file_llseek,
1594 .read = generic_read_dir,
1595 .readdir = fuse_readdir,
1596 .open = fuse_dir_open,
1597 .release = fuse_dir_release,
1598 .fsync = fuse_dir_fsync,
1599};
1600
1601static const struct inode_operations fuse_common_inode_operations = {
1602 .setattr = fuse_setattr,
1603 .permission = fuse_permission,
1604 .getattr = fuse_getattr,
1605 .setxattr = fuse_setxattr,
1606 .getxattr = fuse_getxattr,
1607 .listxattr = fuse_listxattr,
1608 .removexattr = fuse_removexattr,
1609};
1610
1611static const struct inode_operations fuse_symlink_inode_operations = {
1612 .setattr = fuse_setattr,
1613 .follow_link = fuse_follow_link,
1614 .put_link = fuse_put_link,
1615 .readlink = generic_readlink,
1616 .getattr = fuse_getattr,
1617 .setxattr = fuse_setxattr,
1618 .getxattr = fuse_getxattr,
1619 .listxattr = fuse_listxattr,
1620 .removexattr = fuse_removexattr,
1621};
1622
1623void fuse_init_common(struct inode *inode)
1624{
1625 inode->i_op = &fuse_common_inode_operations;
1626}
1627
1628void fuse_init_dir(struct inode *inode)
1629{
1630 inode->i_op = &fuse_dir_inode_operations;
1631 inode->i_fop = &fuse_dir_operations;
1632}
1633
1634void fuse_init_symlink(struct inode *inode)
1635{
1636 inode->i_op = &fuse_symlink_inode_operations;
1637}
1/*
2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
4
5 This program can be distributed under the terms of the GNU GPL.
6 See the file COPYING.
7*/
8
9#include "fuse_i.h"
10
11#include <linux/pagemap.h>
12#include <linux/file.h>
13#include <linux/fs_context.h>
14#include <linux/moduleparam.h>
15#include <linux/sched.h>
16#include <linux/namei.h>
17#include <linux/slab.h>
18#include <linux/xattr.h>
19#include <linux/iversion.h>
20#include <linux/posix_acl.h>
21#include <linux/security.h>
22#include <linux/types.h>
23#include <linux/kernel.h>
24
25static bool __read_mostly allow_sys_admin_access;
26module_param(allow_sys_admin_access, bool, 0644);
27MODULE_PARM_DESC(allow_sys_admin_access,
28 "Allow users with CAP_SYS_ADMIN in initial userns to bypass allow_other access check");
29
30static void fuse_advise_use_readdirplus(struct inode *dir)
31{
32 struct fuse_inode *fi = get_fuse_inode(dir);
33
34 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
35}
36
37#if BITS_PER_LONG >= 64
38static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
39{
40 entry->d_fsdata = (void *) time;
41}
42
43static inline u64 fuse_dentry_time(const struct dentry *entry)
44{
45 return (u64)entry->d_fsdata;
46}
47
48#else
49union fuse_dentry {
50 u64 time;
51 struct rcu_head rcu;
52};
53
54static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
55{
56 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
57}
58
59static inline u64 fuse_dentry_time(const struct dentry *entry)
60{
61 return ((union fuse_dentry *) entry->d_fsdata)->time;
62}
63#endif
64
65static void fuse_dentry_settime(struct dentry *dentry, u64 time)
66{
67 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
68 bool delete = !time && fc->delete_stale;
69 /*
70 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
71 * Don't care about races, either way it's just an optimization
72 */
73 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
74 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
75 spin_lock(&dentry->d_lock);
76 if (!delete)
77 dentry->d_flags &= ~DCACHE_OP_DELETE;
78 else
79 dentry->d_flags |= DCACHE_OP_DELETE;
80 spin_unlock(&dentry->d_lock);
81 }
82
83 __fuse_dentry_settime(dentry, time);
84}
85
86/*
87 * FUSE caches dentries and attributes with separate timeout. The
88 * time in jiffies until the dentry/attributes are valid is stored in
89 * dentry->d_fsdata and fuse_inode->i_time respectively.
90 */
91
92/*
93 * Calculate the time in jiffies until a dentry/attributes are valid
94 */
95u64 fuse_time_to_jiffies(u64 sec, u32 nsec)
96{
97 if (sec || nsec) {
98 struct timespec64 ts = {
99 sec,
100 min_t(u32, nsec, NSEC_PER_SEC - 1)
101 };
102
103 return get_jiffies_64() + timespec64_to_jiffies(&ts);
104 } else
105 return 0;
106}
107
108/*
109 * Set dentry and possibly attribute timeouts from the lookup/mk*
110 * replies
111 */
112void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
113{
114 fuse_dentry_settime(entry,
115 fuse_time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
116}
117
118void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
119{
120 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
121}
122
123/*
124 * Mark the attributes as stale, so that at the next call to
125 * ->getattr() they will be fetched from userspace
126 */
127void fuse_invalidate_attr(struct inode *inode)
128{
129 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
130}
131
132static void fuse_dir_changed(struct inode *dir)
133{
134 fuse_invalidate_attr(dir);
135 inode_maybe_inc_iversion(dir, false);
136}
137
138/*
139 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
140 * atime is not used.
141 */
142void fuse_invalidate_atime(struct inode *inode)
143{
144 if (!IS_RDONLY(inode))
145 fuse_invalidate_attr_mask(inode, STATX_ATIME);
146}
147
148/*
149 * Just mark the entry as stale, so that a next attempt to look it up
150 * will result in a new lookup call to userspace
151 *
152 * This is called when a dentry is about to become negative and the
153 * timeout is unknown (unlink, rmdir, rename and in some cases
154 * lookup)
155 */
156void fuse_invalidate_entry_cache(struct dentry *entry)
157{
158 fuse_dentry_settime(entry, 0);
159}
160
161/*
162 * Same as fuse_invalidate_entry_cache(), but also try to remove the
163 * dentry from the hash
164 */
165static void fuse_invalidate_entry(struct dentry *entry)
166{
167 d_invalidate(entry);
168 fuse_invalidate_entry_cache(entry);
169}
170
171static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
172 u64 nodeid, const struct qstr *name,
173 struct fuse_entry_out *outarg)
174{
175 memset(outarg, 0, sizeof(struct fuse_entry_out));
176 args->opcode = FUSE_LOOKUP;
177 args->nodeid = nodeid;
178 args->in_numargs = 1;
179 args->in_args[0].size = name->len + 1;
180 args->in_args[0].value = name->name;
181 args->out_numargs = 1;
182 args->out_args[0].size = sizeof(struct fuse_entry_out);
183 args->out_args[0].value = outarg;
184}
185
186/*
187 * Check whether the dentry is still valid
188 *
189 * If the entry validity timeout has expired and the dentry is
190 * positive, try to redo the lookup. If the lookup results in a
191 * different inode, then let the VFS invalidate the dentry and redo
192 * the lookup once more. If the lookup results in the same inode,
193 * then refresh the attributes, timeouts and mark the dentry valid.
194 */
195static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
196{
197 struct inode *inode;
198 struct dentry *parent;
199 struct fuse_mount *fm;
200 struct fuse_inode *fi;
201 int ret;
202
203 inode = d_inode_rcu(entry);
204 if (inode && fuse_is_bad(inode))
205 goto invalid;
206 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
207 (flags & (LOOKUP_EXCL | LOOKUP_REVAL | LOOKUP_RENAME_TARGET))) {
208 struct fuse_entry_out outarg;
209 FUSE_ARGS(args);
210 struct fuse_forget_link *forget;
211 u64 attr_version;
212
213 /* For negative dentries, always do a fresh lookup */
214 if (!inode)
215 goto invalid;
216
217 ret = -ECHILD;
218 if (flags & LOOKUP_RCU)
219 goto out;
220
221 fm = get_fuse_mount(inode);
222
223 forget = fuse_alloc_forget();
224 ret = -ENOMEM;
225 if (!forget)
226 goto out;
227
228 attr_version = fuse_get_attr_version(fm->fc);
229
230 parent = dget_parent(entry);
231 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
232 &entry->d_name, &outarg);
233 ret = fuse_simple_request(fm, &args);
234 dput(parent);
235 /* Zero nodeid is same as -ENOENT */
236 if (!ret && !outarg.nodeid)
237 ret = -ENOENT;
238 if (!ret) {
239 fi = get_fuse_inode(inode);
240 if (outarg.nodeid != get_node_id(inode) ||
241 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
242 fuse_queue_forget(fm->fc, forget,
243 outarg.nodeid, 1);
244 goto invalid;
245 }
246 spin_lock(&fi->lock);
247 fi->nlookup++;
248 spin_unlock(&fi->lock);
249 }
250 kfree(forget);
251 if (ret == -ENOMEM || ret == -EINTR)
252 goto out;
253 if (ret || fuse_invalid_attr(&outarg.attr) ||
254 fuse_stale_inode(inode, outarg.generation, &outarg.attr))
255 goto invalid;
256
257 forget_all_cached_acls(inode);
258 fuse_change_attributes(inode, &outarg.attr, NULL,
259 ATTR_TIMEOUT(&outarg),
260 attr_version);
261 fuse_change_entry_timeout(entry, &outarg);
262 } else if (inode) {
263 fi = get_fuse_inode(inode);
264 if (flags & LOOKUP_RCU) {
265 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
266 return -ECHILD;
267 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
268 parent = dget_parent(entry);
269 fuse_advise_use_readdirplus(d_inode(parent));
270 dput(parent);
271 }
272 }
273 ret = 1;
274out:
275 return ret;
276
277invalid:
278 ret = 0;
279 goto out;
280}
281
282#if BITS_PER_LONG < 64
283static int fuse_dentry_init(struct dentry *dentry)
284{
285 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
286 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
287
288 return dentry->d_fsdata ? 0 : -ENOMEM;
289}
290static void fuse_dentry_release(struct dentry *dentry)
291{
292 union fuse_dentry *fd = dentry->d_fsdata;
293
294 kfree_rcu(fd, rcu);
295}
296#endif
297
298static int fuse_dentry_delete(const struct dentry *dentry)
299{
300 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
301}
302
303/*
304 * Create a fuse_mount object with a new superblock (with path->dentry
305 * as the root), and return that mount so it can be auto-mounted on
306 * @path.
307 */
308static struct vfsmount *fuse_dentry_automount(struct path *path)
309{
310 struct fs_context *fsc;
311 struct vfsmount *mnt;
312 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
313
314 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
315 if (IS_ERR(fsc))
316 return ERR_CAST(fsc);
317
318 /* Pass the FUSE inode of the mount for fuse_get_tree_submount() */
319 fsc->fs_private = mp_fi;
320
321 /* Create the submount */
322 mnt = fc_mount(fsc);
323 if (!IS_ERR(mnt))
324 mntget(mnt);
325
326 put_fs_context(fsc);
327 return mnt;
328}
329
330const struct dentry_operations fuse_dentry_operations = {
331 .d_revalidate = fuse_dentry_revalidate,
332 .d_delete = fuse_dentry_delete,
333#if BITS_PER_LONG < 64
334 .d_init = fuse_dentry_init,
335 .d_release = fuse_dentry_release,
336#endif
337 .d_automount = fuse_dentry_automount,
338};
339
340const struct dentry_operations fuse_root_dentry_operations = {
341#if BITS_PER_LONG < 64
342 .d_init = fuse_dentry_init,
343 .d_release = fuse_dentry_release,
344#endif
345};
346
347int fuse_valid_type(int m)
348{
349 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
350 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
351}
352
353static bool fuse_valid_size(u64 size)
354{
355 return size <= LLONG_MAX;
356}
357
358bool fuse_invalid_attr(struct fuse_attr *attr)
359{
360 return !fuse_valid_type(attr->mode) || !fuse_valid_size(attr->size);
361}
362
363int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
364 struct fuse_entry_out *outarg, struct inode **inode)
365{
366 struct fuse_mount *fm = get_fuse_mount_super(sb);
367 FUSE_ARGS(args);
368 struct fuse_forget_link *forget;
369 u64 attr_version, evict_ctr;
370 int err;
371
372 *inode = NULL;
373 err = -ENAMETOOLONG;
374 if (name->len > FUSE_NAME_MAX)
375 goto out;
376
377
378 forget = fuse_alloc_forget();
379 err = -ENOMEM;
380 if (!forget)
381 goto out;
382
383 attr_version = fuse_get_attr_version(fm->fc);
384 evict_ctr = fuse_get_evict_ctr(fm->fc);
385
386 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg);
387 err = fuse_simple_request(fm, &args);
388 /* Zero nodeid is same as -ENOENT, but with valid timeout */
389 if (err || !outarg->nodeid)
390 goto out_put_forget;
391
392 err = -EIO;
393 if (fuse_invalid_attr(&outarg->attr))
394 goto out_put_forget;
395 if (outarg->nodeid == FUSE_ROOT_ID && outarg->generation != 0) {
396 pr_warn_once("root generation should be zero\n");
397 outarg->generation = 0;
398 }
399
400 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
401 &outarg->attr, ATTR_TIMEOUT(outarg),
402 attr_version, evict_ctr);
403 err = -ENOMEM;
404 if (!*inode) {
405 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
406 goto out;
407 }
408 err = 0;
409
410 out_put_forget:
411 kfree(forget);
412 out:
413 return err;
414}
415
416static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
417 unsigned int flags)
418{
419 int err;
420 struct fuse_entry_out outarg;
421 struct inode *inode;
422 struct dentry *newent;
423 bool outarg_valid = true;
424 bool locked;
425
426 if (fuse_is_bad(dir))
427 return ERR_PTR(-EIO);
428
429 locked = fuse_lock_inode(dir);
430 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
431 &outarg, &inode);
432 fuse_unlock_inode(dir, locked);
433 if (err == -ENOENT) {
434 outarg_valid = false;
435 err = 0;
436 }
437 if (err)
438 goto out_err;
439
440 err = -EIO;
441 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
442 goto out_iput;
443
444 newent = d_splice_alias(inode, entry);
445 err = PTR_ERR(newent);
446 if (IS_ERR(newent))
447 goto out_err;
448
449 entry = newent ? newent : entry;
450 if (outarg_valid)
451 fuse_change_entry_timeout(entry, &outarg);
452 else
453 fuse_invalidate_entry_cache(entry);
454
455 if (inode)
456 fuse_advise_use_readdirplus(dir);
457 return newent;
458
459 out_iput:
460 iput(inode);
461 out_err:
462 return ERR_PTR(err);
463}
464
465static int get_security_context(struct dentry *entry, umode_t mode,
466 struct fuse_in_arg *ext)
467{
468 struct fuse_secctx *fctx;
469 struct fuse_secctx_header *header;
470 void *ctx = NULL, *ptr;
471 u32 ctxlen, total_len = sizeof(*header);
472 int err, nr_ctx = 0;
473 const char *name;
474 size_t namelen;
475
476 err = security_dentry_init_security(entry, mode, &entry->d_name,
477 &name, &ctx, &ctxlen);
478 if (err) {
479 if (err != -EOPNOTSUPP)
480 goto out_err;
481 /* No LSM is supporting this security hook. Ignore error */
482 ctxlen = 0;
483 ctx = NULL;
484 }
485
486 if (ctxlen) {
487 nr_ctx = 1;
488 namelen = strlen(name) + 1;
489 err = -EIO;
490 if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || ctxlen > S32_MAX))
491 goto out_err;
492 total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + ctxlen);
493 }
494
495 err = -ENOMEM;
496 header = ptr = kzalloc(total_len, GFP_KERNEL);
497 if (!ptr)
498 goto out_err;
499
500 header->nr_secctx = nr_ctx;
501 header->size = total_len;
502 ptr += sizeof(*header);
503 if (nr_ctx) {
504 fctx = ptr;
505 fctx->size = ctxlen;
506 ptr += sizeof(*fctx);
507
508 strcpy(ptr, name);
509 ptr += namelen;
510
511 memcpy(ptr, ctx, ctxlen);
512 }
513 ext->size = total_len;
514 ext->value = header;
515 err = 0;
516out_err:
517 kfree(ctx);
518 return err;
519}
520
521static void *extend_arg(struct fuse_in_arg *buf, u32 bytes)
522{
523 void *p;
524 u32 newlen = buf->size + bytes;
525
526 p = krealloc(buf->value, newlen, GFP_KERNEL);
527 if (!p) {
528 kfree(buf->value);
529 buf->size = 0;
530 buf->value = NULL;
531 return NULL;
532 }
533
534 memset(p + buf->size, 0, bytes);
535 buf->value = p;
536 buf->size = newlen;
537
538 return p + newlen - bytes;
539}
540
541static u32 fuse_ext_size(size_t size)
542{
543 return FUSE_REC_ALIGN(sizeof(struct fuse_ext_header) + size);
544}
545
546/*
547 * This adds just a single supplementary group that matches the parent's group.
548 */
549static int get_create_supp_group(struct mnt_idmap *idmap,
550 struct inode *dir,
551 struct fuse_in_arg *ext)
552{
553 struct fuse_conn *fc = get_fuse_conn(dir);
554 struct fuse_ext_header *xh;
555 struct fuse_supp_groups *sg;
556 kgid_t kgid = dir->i_gid;
557 vfsgid_t vfsgid = make_vfsgid(idmap, fc->user_ns, kgid);
558 gid_t parent_gid = from_kgid(fc->user_ns, kgid);
559
560 u32 sg_len = fuse_ext_size(sizeof(*sg) + sizeof(sg->groups[0]));
561
562 if (parent_gid == (gid_t) -1 || vfsgid_eq_kgid(vfsgid, current_fsgid()) ||
563 !vfsgid_in_group_p(vfsgid))
564 return 0;
565
566 xh = extend_arg(ext, sg_len);
567 if (!xh)
568 return -ENOMEM;
569
570 xh->size = sg_len;
571 xh->type = FUSE_EXT_GROUPS;
572
573 sg = (struct fuse_supp_groups *) &xh[1];
574 sg->nr_groups = 1;
575 sg->groups[0] = parent_gid;
576
577 return 0;
578}
579
580static int get_create_ext(struct mnt_idmap *idmap,
581 struct fuse_args *args,
582 struct inode *dir, struct dentry *dentry,
583 umode_t mode)
584{
585 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
586 struct fuse_in_arg ext = { .size = 0, .value = NULL };
587 int err = 0;
588
589 if (fc->init_security)
590 err = get_security_context(dentry, mode, &ext);
591 if (!err && fc->create_supp_group)
592 err = get_create_supp_group(idmap, dir, &ext);
593
594 if (!err && ext.size) {
595 WARN_ON(args->in_numargs >= ARRAY_SIZE(args->in_args));
596 args->is_ext = true;
597 args->ext_idx = args->in_numargs++;
598 args->in_args[args->ext_idx] = ext;
599 } else {
600 kfree(ext.value);
601 }
602
603 return err;
604}
605
606static void free_ext_value(struct fuse_args *args)
607{
608 if (args->is_ext)
609 kfree(args->in_args[args->ext_idx].value);
610}
611
612/*
613 * Atomic create+open operation
614 *
615 * If the filesystem doesn't support this, then fall back to separate
616 * 'mknod' + 'open' requests.
617 */
618static int fuse_create_open(struct mnt_idmap *idmap, struct inode *dir,
619 struct dentry *entry, struct file *file,
620 unsigned int flags, umode_t mode, u32 opcode)
621{
622 int err;
623 struct inode *inode;
624 struct fuse_mount *fm = get_fuse_mount(dir);
625 FUSE_ARGS(args);
626 struct fuse_forget_link *forget;
627 struct fuse_create_in inarg;
628 struct fuse_open_out *outopenp;
629 struct fuse_entry_out outentry;
630 struct fuse_inode *fi;
631 struct fuse_file *ff;
632 bool trunc = flags & O_TRUNC;
633
634 /* Userspace expects S_IFREG in create mode */
635 BUG_ON((mode & S_IFMT) != S_IFREG);
636
637 forget = fuse_alloc_forget();
638 err = -ENOMEM;
639 if (!forget)
640 goto out_err;
641
642 err = -ENOMEM;
643 ff = fuse_file_alloc(fm, true);
644 if (!ff)
645 goto out_put_forget_req;
646
647 if (!fm->fc->dont_mask)
648 mode &= ~current_umask();
649
650 flags &= ~O_NOCTTY;
651 memset(&inarg, 0, sizeof(inarg));
652 memset(&outentry, 0, sizeof(outentry));
653 inarg.flags = flags;
654 inarg.mode = mode;
655 inarg.umask = current_umask();
656
657 if (fm->fc->handle_killpriv_v2 && trunc &&
658 !(flags & O_EXCL) && !capable(CAP_FSETID)) {
659 inarg.open_flags |= FUSE_OPEN_KILL_SUIDGID;
660 }
661
662 args.opcode = opcode;
663 args.nodeid = get_node_id(dir);
664 args.in_numargs = 2;
665 args.in_args[0].size = sizeof(inarg);
666 args.in_args[0].value = &inarg;
667 args.in_args[1].size = entry->d_name.len + 1;
668 args.in_args[1].value = entry->d_name.name;
669 args.out_numargs = 2;
670 args.out_args[0].size = sizeof(outentry);
671 args.out_args[0].value = &outentry;
672 /* Store outarg for fuse_finish_open() */
673 outopenp = &ff->args->open_outarg;
674 args.out_args[1].size = sizeof(*outopenp);
675 args.out_args[1].value = outopenp;
676
677 err = get_create_ext(idmap, &args, dir, entry, mode);
678 if (err)
679 goto out_free_ff;
680
681 err = fuse_simple_idmap_request(idmap, fm, &args);
682 free_ext_value(&args);
683 if (err)
684 goto out_free_ff;
685
686 err = -EIO;
687 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
688 fuse_invalid_attr(&outentry.attr))
689 goto out_free_ff;
690
691 ff->fh = outopenp->fh;
692 ff->nodeid = outentry.nodeid;
693 ff->open_flags = outopenp->open_flags;
694 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
695 &outentry.attr, ATTR_TIMEOUT(&outentry), 0, 0);
696 if (!inode) {
697 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
698 fuse_sync_release(NULL, ff, flags);
699 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
700 err = -ENOMEM;
701 goto out_err;
702 }
703 kfree(forget);
704 d_instantiate(entry, inode);
705 fuse_change_entry_timeout(entry, &outentry);
706 fuse_dir_changed(dir);
707 err = generic_file_open(inode, file);
708 if (!err) {
709 file->private_data = ff;
710 err = finish_open(file, entry, fuse_finish_open);
711 }
712 if (err) {
713 fi = get_fuse_inode(inode);
714 fuse_sync_release(fi, ff, flags);
715 } else {
716 if (fm->fc->atomic_o_trunc && trunc)
717 truncate_pagecache(inode, 0);
718 else if (!(ff->open_flags & FOPEN_KEEP_CACHE))
719 invalidate_inode_pages2(inode->i_mapping);
720 }
721 return err;
722
723out_free_ff:
724 fuse_file_free(ff);
725out_put_forget_req:
726 kfree(forget);
727out_err:
728 return err;
729}
730
731static int fuse_mknod(struct mnt_idmap *, struct inode *, struct dentry *,
732 umode_t, dev_t);
733static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
734 struct file *file, unsigned flags,
735 umode_t mode)
736{
737 int err;
738 struct mnt_idmap *idmap = file_mnt_idmap(file);
739 struct fuse_conn *fc = get_fuse_conn(dir);
740 struct dentry *res = NULL;
741
742 if (fuse_is_bad(dir))
743 return -EIO;
744
745 if (d_in_lookup(entry)) {
746 res = fuse_lookup(dir, entry, 0);
747 if (IS_ERR(res))
748 return PTR_ERR(res);
749
750 if (res)
751 entry = res;
752 }
753
754 if (!(flags & O_CREAT) || d_really_is_positive(entry))
755 goto no_open;
756
757 /* Only creates */
758 file->f_mode |= FMODE_CREATED;
759
760 if (fc->no_create)
761 goto mknod;
762
763 err = fuse_create_open(idmap, dir, entry, file, flags, mode, FUSE_CREATE);
764 if (err == -ENOSYS) {
765 fc->no_create = 1;
766 goto mknod;
767 } else if (err == -EEXIST)
768 fuse_invalidate_entry(entry);
769out_dput:
770 dput(res);
771 return err;
772
773mknod:
774 err = fuse_mknod(idmap, dir, entry, mode, 0);
775 if (err)
776 goto out_dput;
777no_open:
778 return finish_no_open(file, res);
779}
780
781/*
782 * Code shared between mknod, mkdir, symlink and link
783 */
784static int create_new_entry(struct mnt_idmap *idmap, struct fuse_mount *fm,
785 struct fuse_args *args, struct inode *dir,
786 struct dentry *entry, umode_t mode)
787{
788 struct fuse_entry_out outarg;
789 struct inode *inode;
790 struct dentry *d;
791 int err;
792 struct fuse_forget_link *forget;
793
794 if (fuse_is_bad(dir))
795 return -EIO;
796
797 forget = fuse_alloc_forget();
798 if (!forget)
799 return -ENOMEM;
800
801 memset(&outarg, 0, sizeof(outarg));
802 args->nodeid = get_node_id(dir);
803 args->out_numargs = 1;
804 args->out_args[0].size = sizeof(outarg);
805 args->out_args[0].value = &outarg;
806
807 if (args->opcode != FUSE_LINK) {
808 err = get_create_ext(idmap, args, dir, entry, mode);
809 if (err)
810 goto out_put_forget_req;
811 }
812
813 err = fuse_simple_idmap_request(idmap, fm, args);
814 free_ext_value(args);
815 if (err)
816 goto out_put_forget_req;
817
818 err = -EIO;
819 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
820 goto out_put_forget_req;
821
822 if ((outarg.attr.mode ^ mode) & S_IFMT)
823 goto out_put_forget_req;
824
825 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
826 &outarg.attr, ATTR_TIMEOUT(&outarg), 0, 0);
827 if (!inode) {
828 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
829 return -ENOMEM;
830 }
831 kfree(forget);
832
833 d_drop(entry);
834 d = d_splice_alias(inode, entry);
835 if (IS_ERR(d))
836 return PTR_ERR(d);
837
838 if (d) {
839 fuse_change_entry_timeout(d, &outarg);
840 dput(d);
841 } else {
842 fuse_change_entry_timeout(entry, &outarg);
843 }
844 fuse_dir_changed(dir);
845 return 0;
846
847 out_put_forget_req:
848 if (err == -EEXIST)
849 fuse_invalidate_entry(entry);
850 kfree(forget);
851 return err;
852}
853
854static int fuse_mknod(struct mnt_idmap *idmap, struct inode *dir,
855 struct dentry *entry, umode_t mode, dev_t rdev)
856{
857 struct fuse_mknod_in inarg;
858 struct fuse_mount *fm = get_fuse_mount(dir);
859 FUSE_ARGS(args);
860
861 if (!fm->fc->dont_mask)
862 mode &= ~current_umask();
863
864 memset(&inarg, 0, sizeof(inarg));
865 inarg.mode = mode;
866 inarg.rdev = new_encode_dev(rdev);
867 inarg.umask = current_umask();
868 args.opcode = FUSE_MKNOD;
869 args.in_numargs = 2;
870 args.in_args[0].size = sizeof(inarg);
871 args.in_args[0].value = &inarg;
872 args.in_args[1].size = entry->d_name.len + 1;
873 args.in_args[1].value = entry->d_name.name;
874 return create_new_entry(idmap, fm, &args, dir, entry, mode);
875}
876
877static int fuse_create(struct mnt_idmap *idmap, struct inode *dir,
878 struct dentry *entry, umode_t mode, bool excl)
879{
880 return fuse_mknod(idmap, dir, entry, mode, 0);
881}
882
883static int fuse_tmpfile(struct mnt_idmap *idmap, struct inode *dir,
884 struct file *file, umode_t mode)
885{
886 struct fuse_conn *fc = get_fuse_conn(dir);
887 int err;
888
889 if (fc->no_tmpfile)
890 return -EOPNOTSUPP;
891
892 err = fuse_create_open(idmap, dir, file->f_path.dentry, file,
893 file->f_flags, mode, FUSE_TMPFILE);
894 if (err == -ENOSYS) {
895 fc->no_tmpfile = 1;
896 err = -EOPNOTSUPP;
897 }
898 return err;
899}
900
901static int fuse_mkdir(struct mnt_idmap *idmap, struct inode *dir,
902 struct dentry *entry, umode_t mode)
903{
904 struct fuse_mkdir_in inarg;
905 struct fuse_mount *fm = get_fuse_mount(dir);
906 FUSE_ARGS(args);
907
908 if (!fm->fc->dont_mask)
909 mode &= ~current_umask();
910
911 memset(&inarg, 0, sizeof(inarg));
912 inarg.mode = mode;
913 inarg.umask = current_umask();
914 args.opcode = FUSE_MKDIR;
915 args.in_numargs = 2;
916 args.in_args[0].size = sizeof(inarg);
917 args.in_args[0].value = &inarg;
918 args.in_args[1].size = entry->d_name.len + 1;
919 args.in_args[1].value = entry->d_name.name;
920 return create_new_entry(idmap, fm, &args, dir, entry, S_IFDIR);
921}
922
923static int fuse_symlink(struct mnt_idmap *idmap, struct inode *dir,
924 struct dentry *entry, const char *link)
925{
926 struct fuse_mount *fm = get_fuse_mount(dir);
927 unsigned len = strlen(link) + 1;
928 FUSE_ARGS(args);
929
930 args.opcode = FUSE_SYMLINK;
931 args.in_numargs = 2;
932 args.in_args[0].size = entry->d_name.len + 1;
933 args.in_args[0].value = entry->d_name.name;
934 args.in_args[1].size = len;
935 args.in_args[1].value = link;
936 return create_new_entry(idmap, fm, &args, dir, entry, S_IFLNK);
937}
938
939void fuse_flush_time_update(struct inode *inode)
940{
941 int err = sync_inode_metadata(inode, 1);
942
943 mapping_set_error(inode->i_mapping, err);
944}
945
946static void fuse_update_ctime_in_cache(struct inode *inode)
947{
948 if (!IS_NOCMTIME(inode)) {
949 inode_set_ctime_current(inode);
950 mark_inode_dirty_sync(inode);
951 fuse_flush_time_update(inode);
952 }
953}
954
955void fuse_update_ctime(struct inode *inode)
956{
957 fuse_invalidate_attr_mask(inode, STATX_CTIME);
958 fuse_update_ctime_in_cache(inode);
959}
960
961static void fuse_entry_unlinked(struct dentry *entry)
962{
963 struct inode *inode = d_inode(entry);
964 struct fuse_conn *fc = get_fuse_conn(inode);
965 struct fuse_inode *fi = get_fuse_inode(inode);
966
967 spin_lock(&fi->lock);
968 fi->attr_version = atomic64_inc_return(&fc->attr_version);
969 /*
970 * If i_nlink == 0 then unlink doesn't make sense, yet this can
971 * happen if userspace filesystem is careless. It would be
972 * difficult to enforce correct nlink usage so just ignore this
973 * condition here
974 */
975 if (S_ISDIR(inode->i_mode))
976 clear_nlink(inode);
977 else if (inode->i_nlink > 0)
978 drop_nlink(inode);
979 spin_unlock(&fi->lock);
980 fuse_invalidate_entry_cache(entry);
981 fuse_update_ctime(inode);
982}
983
984static int fuse_unlink(struct inode *dir, struct dentry *entry)
985{
986 int err;
987 struct fuse_mount *fm = get_fuse_mount(dir);
988 FUSE_ARGS(args);
989
990 if (fuse_is_bad(dir))
991 return -EIO;
992
993 args.opcode = FUSE_UNLINK;
994 args.nodeid = get_node_id(dir);
995 args.in_numargs = 1;
996 args.in_args[0].size = entry->d_name.len + 1;
997 args.in_args[0].value = entry->d_name.name;
998 err = fuse_simple_request(fm, &args);
999 if (!err) {
1000 fuse_dir_changed(dir);
1001 fuse_entry_unlinked(entry);
1002 } else if (err == -EINTR || err == -ENOENT)
1003 fuse_invalidate_entry(entry);
1004 return err;
1005}
1006
1007static int fuse_rmdir(struct inode *dir, struct dentry *entry)
1008{
1009 int err;
1010 struct fuse_mount *fm = get_fuse_mount(dir);
1011 FUSE_ARGS(args);
1012
1013 if (fuse_is_bad(dir))
1014 return -EIO;
1015
1016 args.opcode = FUSE_RMDIR;
1017 args.nodeid = get_node_id(dir);
1018 args.in_numargs = 1;
1019 args.in_args[0].size = entry->d_name.len + 1;
1020 args.in_args[0].value = entry->d_name.name;
1021 err = fuse_simple_request(fm, &args);
1022 if (!err) {
1023 fuse_dir_changed(dir);
1024 fuse_entry_unlinked(entry);
1025 } else if (err == -EINTR || err == -ENOENT)
1026 fuse_invalidate_entry(entry);
1027 return err;
1028}
1029
1030static int fuse_rename_common(struct mnt_idmap *idmap, struct inode *olddir, struct dentry *oldent,
1031 struct inode *newdir, struct dentry *newent,
1032 unsigned int flags, int opcode, size_t argsize)
1033{
1034 int err;
1035 struct fuse_rename2_in inarg;
1036 struct fuse_mount *fm = get_fuse_mount(olddir);
1037 FUSE_ARGS(args);
1038
1039 memset(&inarg, 0, argsize);
1040 inarg.newdir = get_node_id(newdir);
1041 inarg.flags = flags;
1042 args.opcode = opcode;
1043 args.nodeid = get_node_id(olddir);
1044 args.in_numargs = 3;
1045 args.in_args[0].size = argsize;
1046 args.in_args[0].value = &inarg;
1047 args.in_args[1].size = oldent->d_name.len + 1;
1048 args.in_args[1].value = oldent->d_name.name;
1049 args.in_args[2].size = newent->d_name.len + 1;
1050 args.in_args[2].value = newent->d_name.name;
1051 err = fuse_simple_idmap_request(idmap, fm, &args);
1052 if (!err) {
1053 /* ctime changes */
1054 fuse_update_ctime(d_inode(oldent));
1055
1056 if (flags & RENAME_EXCHANGE)
1057 fuse_update_ctime(d_inode(newent));
1058
1059 fuse_dir_changed(olddir);
1060 if (olddir != newdir)
1061 fuse_dir_changed(newdir);
1062
1063 /* newent will end up negative */
1064 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent))
1065 fuse_entry_unlinked(newent);
1066 } else if (err == -EINTR || err == -ENOENT) {
1067 /* If request was interrupted, DEITY only knows if the
1068 rename actually took place. If the invalidation
1069 fails (e.g. some process has CWD under the renamed
1070 directory), then there can be inconsistency between
1071 the dcache and the real filesystem. Tough luck. */
1072 fuse_invalidate_entry(oldent);
1073 if (d_really_is_positive(newent))
1074 fuse_invalidate_entry(newent);
1075 }
1076
1077 return err;
1078}
1079
1080static int fuse_rename2(struct mnt_idmap *idmap, struct inode *olddir,
1081 struct dentry *oldent, struct inode *newdir,
1082 struct dentry *newent, unsigned int flags)
1083{
1084 struct fuse_conn *fc = get_fuse_conn(olddir);
1085 int err;
1086
1087 if (fuse_is_bad(olddir))
1088 return -EIO;
1089
1090 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
1091 return -EINVAL;
1092
1093 if (flags) {
1094 if (fc->no_rename2 || fc->minor < 23)
1095 return -EINVAL;
1096
1097 err = fuse_rename_common((flags & RENAME_WHITEOUT) ? idmap : &invalid_mnt_idmap,
1098 olddir, oldent, newdir, newent, flags,
1099 FUSE_RENAME2,
1100 sizeof(struct fuse_rename2_in));
1101 if (err == -ENOSYS) {
1102 fc->no_rename2 = 1;
1103 err = -EINVAL;
1104 }
1105 } else {
1106 err = fuse_rename_common(&invalid_mnt_idmap, olddir, oldent, newdir, newent, 0,
1107 FUSE_RENAME,
1108 sizeof(struct fuse_rename_in));
1109 }
1110
1111 return err;
1112}
1113
1114static int fuse_link(struct dentry *entry, struct inode *newdir,
1115 struct dentry *newent)
1116{
1117 int err;
1118 struct fuse_link_in inarg;
1119 struct inode *inode = d_inode(entry);
1120 struct fuse_mount *fm = get_fuse_mount(inode);
1121 FUSE_ARGS(args);
1122
1123 memset(&inarg, 0, sizeof(inarg));
1124 inarg.oldnodeid = get_node_id(inode);
1125 args.opcode = FUSE_LINK;
1126 args.in_numargs = 2;
1127 args.in_args[0].size = sizeof(inarg);
1128 args.in_args[0].value = &inarg;
1129 args.in_args[1].size = newent->d_name.len + 1;
1130 args.in_args[1].value = newent->d_name.name;
1131 err = create_new_entry(&invalid_mnt_idmap, fm, &args, newdir, newent, inode->i_mode);
1132 if (!err)
1133 fuse_update_ctime_in_cache(inode);
1134 else if (err == -EINTR)
1135 fuse_invalidate_attr(inode);
1136
1137 return err;
1138}
1139
1140static void fuse_fillattr(struct mnt_idmap *idmap, struct inode *inode,
1141 struct fuse_attr *attr, struct kstat *stat)
1142{
1143 unsigned int blkbits;
1144 struct fuse_conn *fc = get_fuse_conn(inode);
1145 vfsuid_t vfsuid = make_vfsuid(idmap, fc->user_ns,
1146 make_kuid(fc->user_ns, attr->uid));
1147 vfsgid_t vfsgid = make_vfsgid(idmap, fc->user_ns,
1148 make_kgid(fc->user_ns, attr->gid));
1149
1150 stat->dev = inode->i_sb->s_dev;
1151 stat->ino = attr->ino;
1152 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
1153 stat->nlink = attr->nlink;
1154 stat->uid = vfsuid_into_kuid(vfsuid);
1155 stat->gid = vfsgid_into_kgid(vfsgid);
1156 stat->rdev = inode->i_rdev;
1157 stat->atime.tv_sec = attr->atime;
1158 stat->atime.tv_nsec = attr->atimensec;
1159 stat->mtime.tv_sec = attr->mtime;
1160 stat->mtime.tv_nsec = attr->mtimensec;
1161 stat->ctime.tv_sec = attr->ctime;
1162 stat->ctime.tv_nsec = attr->ctimensec;
1163 stat->size = attr->size;
1164 stat->blocks = attr->blocks;
1165
1166 if (attr->blksize != 0)
1167 blkbits = ilog2(attr->blksize);
1168 else
1169 blkbits = inode->i_sb->s_blocksize_bits;
1170
1171 stat->blksize = 1 << blkbits;
1172}
1173
1174static void fuse_statx_to_attr(struct fuse_statx *sx, struct fuse_attr *attr)
1175{
1176 memset(attr, 0, sizeof(*attr));
1177 attr->ino = sx->ino;
1178 attr->size = sx->size;
1179 attr->blocks = sx->blocks;
1180 attr->atime = sx->atime.tv_sec;
1181 attr->mtime = sx->mtime.tv_sec;
1182 attr->ctime = sx->ctime.tv_sec;
1183 attr->atimensec = sx->atime.tv_nsec;
1184 attr->mtimensec = sx->mtime.tv_nsec;
1185 attr->ctimensec = sx->ctime.tv_nsec;
1186 attr->mode = sx->mode;
1187 attr->nlink = sx->nlink;
1188 attr->uid = sx->uid;
1189 attr->gid = sx->gid;
1190 attr->rdev = new_encode_dev(MKDEV(sx->rdev_major, sx->rdev_minor));
1191 attr->blksize = sx->blksize;
1192}
1193
1194static int fuse_do_statx(struct mnt_idmap *idmap, struct inode *inode,
1195 struct file *file, struct kstat *stat)
1196{
1197 int err;
1198 struct fuse_attr attr;
1199 struct fuse_statx *sx;
1200 struct fuse_statx_in inarg;
1201 struct fuse_statx_out outarg;
1202 struct fuse_mount *fm = get_fuse_mount(inode);
1203 u64 attr_version = fuse_get_attr_version(fm->fc);
1204 FUSE_ARGS(args);
1205
1206 memset(&inarg, 0, sizeof(inarg));
1207 memset(&outarg, 0, sizeof(outarg));
1208 /* Directories have separate file-handle space */
1209 if (file && S_ISREG(inode->i_mode)) {
1210 struct fuse_file *ff = file->private_data;
1211
1212 inarg.getattr_flags |= FUSE_GETATTR_FH;
1213 inarg.fh = ff->fh;
1214 }
1215 /* For now leave sync hints as the default, request all stats. */
1216 inarg.sx_flags = 0;
1217 inarg.sx_mask = STATX_BASIC_STATS | STATX_BTIME;
1218 args.opcode = FUSE_STATX;
1219 args.nodeid = get_node_id(inode);
1220 args.in_numargs = 1;
1221 args.in_args[0].size = sizeof(inarg);
1222 args.in_args[0].value = &inarg;
1223 args.out_numargs = 1;
1224 args.out_args[0].size = sizeof(outarg);
1225 args.out_args[0].value = &outarg;
1226 err = fuse_simple_request(fm, &args);
1227 if (err)
1228 return err;
1229
1230 sx = &outarg.stat;
1231 if (((sx->mask & STATX_SIZE) && !fuse_valid_size(sx->size)) ||
1232 ((sx->mask & STATX_TYPE) && (!fuse_valid_type(sx->mode) ||
1233 inode_wrong_type(inode, sx->mode)))) {
1234 fuse_make_bad(inode);
1235 return -EIO;
1236 }
1237
1238 fuse_statx_to_attr(&outarg.stat, &attr);
1239 if ((sx->mask & STATX_BASIC_STATS) == STATX_BASIC_STATS) {
1240 fuse_change_attributes(inode, &attr, &outarg.stat,
1241 ATTR_TIMEOUT(&outarg), attr_version);
1242 }
1243
1244 if (stat) {
1245 stat->result_mask = sx->mask & (STATX_BASIC_STATS | STATX_BTIME);
1246 stat->btime.tv_sec = sx->btime.tv_sec;
1247 stat->btime.tv_nsec = min_t(u32, sx->btime.tv_nsec, NSEC_PER_SEC - 1);
1248 fuse_fillattr(idmap, inode, &attr, stat);
1249 stat->result_mask |= STATX_TYPE;
1250 }
1251
1252 return 0;
1253}
1254
1255static int fuse_do_getattr(struct mnt_idmap *idmap, struct inode *inode,
1256 struct kstat *stat, struct file *file)
1257{
1258 int err;
1259 struct fuse_getattr_in inarg;
1260 struct fuse_attr_out outarg;
1261 struct fuse_mount *fm = get_fuse_mount(inode);
1262 FUSE_ARGS(args);
1263 u64 attr_version;
1264
1265 attr_version = fuse_get_attr_version(fm->fc);
1266
1267 memset(&inarg, 0, sizeof(inarg));
1268 memset(&outarg, 0, sizeof(outarg));
1269 /* Directories have separate file-handle space */
1270 if (file && S_ISREG(inode->i_mode)) {
1271 struct fuse_file *ff = file->private_data;
1272
1273 inarg.getattr_flags |= FUSE_GETATTR_FH;
1274 inarg.fh = ff->fh;
1275 }
1276 args.opcode = FUSE_GETATTR;
1277 args.nodeid = get_node_id(inode);
1278 args.in_numargs = 1;
1279 args.in_args[0].size = sizeof(inarg);
1280 args.in_args[0].value = &inarg;
1281 args.out_numargs = 1;
1282 args.out_args[0].size = sizeof(outarg);
1283 args.out_args[0].value = &outarg;
1284 err = fuse_simple_request(fm, &args);
1285 if (!err) {
1286 if (fuse_invalid_attr(&outarg.attr) ||
1287 inode_wrong_type(inode, outarg.attr.mode)) {
1288 fuse_make_bad(inode);
1289 err = -EIO;
1290 } else {
1291 fuse_change_attributes(inode, &outarg.attr, NULL,
1292 ATTR_TIMEOUT(&outarg),
1293 attr_version);
1294 if (stat)
1295 fuse_fillattr(idmap, inode, &outarg.attr, stat);
1296 }
1297 }
1298 return err;
1299}
1300
1301static int fuse_update_get_attr(struct mnt_idmap *idmap, struct inode *inode,
1302 struct file *file, struct kstat *stat,
1303 u32 request_mask, unsigned int flags)
1304{
1305 struct fuse_inode *fi = get_fuse_inode(inode);
1306 struct fuse_conn *fc = get_fuse_conn(inode);
1307 int err = 0;
1308 bool sync;
1309 u32 inval_mask = READ_ONCE(fi->inval_mask);
1310 u32 cache_mask = fuse_get_cache_mask(inode);
1311
1312
1313 /* FUSE only supports basic stats and possibly btime */
1314 request_mask &= STATX_BASIC_STATS | STATX_BTIME;
1315retry:
1316 if (fc->no_statx)
1317 request_mask &= STATX_BASIC_STATS;
1318
1319 if (!request_mask)
1320 sync = false;
1321 else if (flags & AT_STATX_FORCE_SYNC)
1322 sync = true;
1323 else if (flags & AT_STATX_DONT_SYNC)
1324 sync = false;
1325 else if (request_mask & inval_mask & ~cache_mask)
1326 sync = true;
1327 else
1328 sync = time_before64(fi->i_time, get_jiffies_64());
1329
1330 if (sync) {
1331 forget_all_cached_acls(inode);
1332 /* Try statx if BTIME is requested */
1333 if (!fc->no_statx && (request_mask & ~STATX_BASIC_STATS)) {
1334 err = fuse_do_statx(idmap, inode, file, stat);
1335 if (err == -ENOSYS) {
1336 fc->no_statx = 1;
1337 err = 0;
1338 goto retry;
1339 }
1340 } else {
1341 err = fuse_do_getattr(idmap, inode, stat, file);
1342 }
1343 } else if (stat) {
1344 generic_fillattr(idmap, request_mask, inode, stat);
1345 stat->mode = fi->orig_i_mode;
1346 stat->ino = fi->orig_ino;
1347 if (test_bit(FUSE_I_BTIME, &fi->state)) {
1348 stat->btime = fi->i_btime;
1349 stat->result_mask |= STATX_BTIME;
1350 }
1351 }
1352
1353 return err;
1354}
1355
1356int fuse_update_attributes(struct inode *inode, struct file *file, u32 mask)
1357{
1358 return fuse_update_get_attr(&nop_mnt_idmap, inode, file, NULL, mask, 0);
1359}
1360
1361int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1362 u64 child_nodeid, struct qstr *name, u32 flags)
1363{
1364 int err = -ENOTDIR;
1365 struct inode *parent;
1366 struct dentry *dir;
1367 struct dentry *entry;
1368
1369 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1370 if (!parent)
1371 return -ENOENT;
1372
1373 inode_lock_nested(parent, I_MUTEX_PARENT);
1374 if (!S_ISDIR(parent->i_mode))
1375 goto unlock;
1376
1377 err = -ENOENT;
1378 dir = d_find_alias(parent);
1379 if (!dir)
1380 goto unlock;
1381
1382 name->hash = full_name_hash(dir, name->name, name->len);
1383 entry = d_lookup(dir, name);
1384 dput(dir);
1385 if (!entry)
1386 goto unlock;
1387
1388 fuse_dir_changed(parent);
1389 if (!(flags & FUSE_EXPIRE_ONLY))
1390 d_invalidate(entry);
1391 fuse_invalidate_entry_cache(entry);
1392
1393 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1394 inode_lock(d_inode(entry));
1395 if (get_node_id(d_inode(entry)) != child_nodeid) {
1396 err = -ENOENT;
1397 goto badentry;
1398 }
1399 if (d_mountpoint(entry)) {
1400 err = -EBUSY;
1401 goto badentry;
1402 }
1403 if (d_is_dir(entry)) {
1404 shrink_dcache_parent(entry);
1405 if (!simple_empty(entry)) {
1406 err = -ENOTEMPTY;
1407 goto badentry;
1408 }
1409 d_inode(entry)->i_flags |= S_DEAD;
1410 }
1411 dont_mount(entry);
1412 clear_nlink(d_inode(entry));
1413 err = 0;
1414 badentry:
1415 inode_unlock(d_inode(entry));
1416 if (!err)
1417 d_delete(entry);
1418 } else {
1419 err = 0;
1420 }
1421 dput(entry);
1422
1423 unlock:
1424 inode_unlock(parent);
1425 iput(parent);
1426 return err;
1427}
1428
1429static inline bool fuse_permissible_uidgid(struct fuse_conn *fc)
1430{
1431 const struct cred *cred = current_cred();
1432
1433 return (uid_eq(cred->euid, fc->user_id) &&
1434 uid_eq(cred->suid, fc->user_id) &&
1435 uid_eq(cred->uid, fc->user_id) &&
1436 gid_eq(cred->egid, fc->group_id) &&
1437 gid_eq(cred->sgid, fc->group_id) &&
1438 gid_eq(cred->gid, fc->group_id));
1439}
1440
1441/*
1442 * Calling into a user-controlled filesystem gives the filesystem
1443 * daemon ptrace-like capabilities over the current process. This
1444 * means, that the filesystem daemon is able to record the exact
1445 * filesystem operations performed, and can also control the behavior
1446 * of the requester process in otherwise impossible ways. For example
1447 * it can delay the operation for arbitrary length of time allowing
1448 * DoS against the requester.
1449 *
1450 * For this reason only those processes can call into the filesystem,
1451 * for which the owner of the mount has ptrace privilege. This
1452 * excludes processes started by other users, suid or sgid processes.
1453 */
1454bool fuse_allow_current_process(struct fuse_conn *fc)
1455{
1456 bool allow;
1457
1458 if (fc->allow_other)
1459 allow = current_in_userns(fc->user_ns);
1460 else
1461 allow = fuse_permissible_uidgid(fc);
1462
1463 if (!allow && allow_sys_admin_access && capable(CAP_SYS_ADMIN))
1464 allow = true;
1465
1466 return allow;
1467}
1468
1469static int fuse_access(struct inode *inode, int mask)
1470{
1471 struct fuse_mount *fm = get_fuse_mount(inode);
1472 FUSE_ARGS(args);
1473 struct fuse_access_in inarg;
1474 int err;
1475
1476 BUG_ON(mask & MAY_NOT_BLOCK);
1477
1478 /*
1479 * We should not send FUSE_ACCESS to the userspace
1480 * when idmapped mounts are enabled as for this case
1481 * we have fc->default_permissions = 1 and access
1482 * permission checks are done on the kernel side.
1483 */
1484 WARN_ON_ONCE(!(fm->sb->s_iflags & SB_I_NOIDMAP));
1485
1486 if (fm->fc->no_access)
1487 return 0;
1488
1489 memset(&inarg, 0, sizeof(inarg));
1490 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1491 args.opcode = FUSE_ACCESS;
1492 args.nodeid = get_node_id(inode);
1493 args.in_numargs = 1;
1494 args.in_args[0].size = sizeof(inarg);
1495 args.in_args[0].value = &inarg;
1496 err = fuse_simple_request(fm, &args);
1497 if (err == -ENOSYS) {
1498 fm->fc->no_access = 1;
1499 err = 0;
1500 }
1501 return err;
1502}
1503
1504static int fuse_perm_getattr(struct inode *inode, int mask)
1505{
1506 if (mask & MAY_NOT_BLOCK)
1507 return -ECHILD;
1508
1509 forget_all_cached_acls(inode);
1510 return fuse_do_getattr(&nop_mnt_idmap, inode, NULL, NULL);
1511}
1512
1513/*
1514 * Check permission. The two basic access models of FUSE are:
1515 *
1516 * 1) Local access checking ('default_permissions' mount option) based
1517 * on file mode. This is the plain old disk filesystem permission
1518 * model.
1519 *
1520 * 2) "Remote" access checking, where server is responsible for
1521 * checking permission in each inode operation. An exception to this
1522 * is if ->permission() was invoked from sys_access() in which case an
1523 * access request is sent. Execute permission is still checked
1524 * locally based on file mode.
1525 */
1526static int fuse_permission(struct mnt_idmap *idmap,
1527 struct inode *inode, int mask)
1528{
1529 struct fuse_conn *fc = get_fuse_conn(inode);
1530 bool refreshed = false;
1531 int err = 0;
1532
1533 if (fuse_is_bad(inode))
1534 return -EIO;
1535
1536 if (!fuse_allow_current_process(fc))
1537 return -EACCES;
1538
1539 /*
1540 * If attributes are needed, refresh them before proceeding
1541 */
1542 if (fc->default_permissions ||
1543 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1544 struct fuse_inode *fi = get_fuse_inode(inode);
1545 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1546
1547 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1548 time_before64(fi->i_time, get_jiffies_64())) {
1549 refreshed = true;
1550
1551 err = fuse_perm_getattr(inode, mask);
1552 if (err)
1553 return err;
1554 }
1555 }
1556
1557 if (fc->default_permissions) {
1558 err = generic_permission(idmap, inode, mask);
1559
1560 /* If permission is denied, try to refresh file
1561 attributes. This is also needed, because the root
1562 node will at first have no permissions */
1563 if (err == -EACCES && !refreshed) {
1564 err = fuse_perm_getattr(inode, mask);
1565 if (!err)
1566 err = generic_permission(idmap,
1567 inode, mask);
1568 }
1569
1570 /* Note: the opposite of the above test does not
1571 exist. So if permissions are revoked this won't be
1572 noticed immediately, only after the attribute
1573 timeout has expired */
1574 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1575 err = fuse_access(inode, mask);
1576 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1577 if (!(inode->i_mode & S_IXUGO)) {
1578 if (refreshed)
1579 return -EACCES;
1580
1581 err = fuse_perm_getattr(inode, mask);
1582 if (!err && !(inode->i_mode & S_IXUGO))
1583 return -EACCES;
1584 }
1585 }
1586 return err;
1587}
1588
1589static int fuse_readlink_page(struct inode *inode, struct folio *folio)
1590{
1591 struct fuse_mount *fm = get_fuse_mount(inode);
1592 struct fuse_folio_desc desc = { .length = PAGE_SIZE - 1 };
1593 struct fuse_args_pages ap = {
1594 .num_folios = 1,
1595 .folios = &folio,
1596 .descs = &desc,
1597 };
1598 char *link;
1599 ssize_t res;
1600
1601 ap.args.opcode = FUSE_READLINK;
1602 ap.args.nodeid = get_node_id(inode);
1603 ap.args.out_pages = true;
1604 ap.args.out_argvar = true;
1605 ap.args.page_zeroing = true;
1606 ap.args.out_numargs = 1;
1607 ap.args.out_args[0].size = desc.length;
1608 res = fuse_simple_request(fm, &ap.args);
1609
1610 fuse_invalidate_atime(inode);
1611
1612 if (res < 0)
1613 return res;
1614
1615 if (WARN_ON(res >= PAGE_SIZE))
1616 return -EIO;
1617
1618 link = folio_address(folio);
1619 link[res] = '\0';
1620
1621 return 0;
1622}
1623
1624static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1625 struct delayed_call *callback)
1626{
1627 struct fuse_conn *fc = get_fuse_conn(inode);
1628 struct folio *folio;
1629 int err;
1630
1631 err = -EIO;
1632 if (fuse_is_bad(inode))
1633 goto out_err;
1634
1635 if (fc->cache_symlinks)
1636 return page_get_link(dentry, inode, callback);
1637
1638 err = -ECHILD;
1639 if (!dentry)
1640 goto out_err;
1641
1642 folio = folio_alloc(GFP_KERNEL, 0);
1643 err = -ENOMEM;
1644 if (!folio)
1645 goto out_err;
1646
1647 err = fuse_readlink_page(inode, folio);
1648 if (err) {
1649 folio_put(folio);
1650 goto out_err;
1651 }
1652
1653 set_delayed_call(callback, page_put_link, &folio->page);
1654
1655 return folio_address(folio);
1656
1657out_err:
1658 return ERR_PTR(err);
1659}
1660
1661static int fuse_dir_open(struct inode *inode, struct file *file)
1662{
1663 struct fuse_mount *fm = get_fuse_mount(inode);
1664 int err;
1665
1666 if (fuse_is_bad(inode))
1667 return -EIO;
1668
1669 err = generic_file_open(inode, file);
1670 if (err)
1671 return err;
1672
1673 err = fuse_do_open(fm, get_node_id(inode), file, true);
1674 if (!err) {
1675 struct fuse_file *ff = file->private_data;
1676
1677 /*
1678 * Keep handling FOPEN_STREAM and FOPEN_NONSEEKABLE for
1679 * directories for backward compatibility, though it's unlikely
1680 * to be useful.
1681 */
1682 if (ff->open_flags & (FOPEN_STREAM | FOPEN_NONSEEKABLE))
1683 nonseekable_open(inode, file);
1684 if (!(ff->open_flags & FOPEN_KEEP_CACHE))
1685 invalidate_inode_pages2(inode->i_mapping);
1686 }
1687
1688 return err;
1689}
1690
1691static int fuse_dir_release(struct inode *inode, struct file *file)
1692{
1693 fuse_release_common(file, true);
1694
1695 return 0;
1696}
1697
1698static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1699 int datasync)
1700{
1701 struct inode *inode = file->f_mapping->host;
1702 struct fuse_conn *fc = get_fuse_conn(inode);
1703 int err;
1704
1705 if (fuse_is_bad(inode))
1706 return -EIO;
1707
1708 if (fc->no_fsyncdir)
1709 return 0;
1710
1711 inode_lock(inode);
1712 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1713 if (err == -ENOSYS) {
1714 fc->no_fsyncdir = 1;
1715 err = 0;
1716 }
1717 inode_unlock(inode);
1718
1719 return err;
1720}
1721
1722static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1723 unsigned long arg)
1724{
1725 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1726
1727 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1728 if (fc->minor < 18)
1729 return -ENOTTY;
1730
1731 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1732}
1733
1734static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1735 unsigned long arg)
1736{
1737 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1738
1739 if (fc->minor < 18)
1740 return -ENOTTY;
1741
1742 return fuse_ioctl_common(file, cmd, arg,
1743 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1744}
1745
1746static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1747{
1748 /* Always update if mtime is explicitly set */
1749 if (ivalid & ATTR_MTIME_SET)
1750 return true;
1751
1752 /* Or if kernel i_mtime is the official one */
1753 if (trust_local_mtime)
1754 return true;
1755
1756 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1757 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1758 return false;
1759
1760 /* In all other cases update */
1761 return true;
1762}
1763
1764static void iattr_to_fattr(struct mnt_idmap *idmap, struct fuse_conn *fc,
1765 struct iattr *iattr, struct fuse_setattr_in *arg,
1766 bool trust_local_cmtime)
1767{
1768 unsigned ivalid = iattr->ia_valid;
1769
1770 if (ivalid & ATTR_MODE)
1771 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1772
1773 if (ivalid & ATTR_UID) {
1774 kuid_t fsuid = from_vfsuid(idmap, fc->user_ns, iattr->ia_vfsuid);
1775
1776 arg->valid |= FATTR_UID;
1777 arg->uid = from_kuid(fc->user_ns, fsuid);
1778 }
1779
1780 if (ivalid & ATTR_GID) {
1781 kgid_t fsgid = from_vfsgid(idmap, fc->user_ns, iattr->ia_vfsgid);
1782
1783 arg->valid |= FATTR_GID;
1784 arg->gid = from_kgid(fc->user_ns, fsgid);
1785 }
1786
1787 if (ivalid & ATTR_SIZE)
1788 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1789 if (ivalid & ATTR_ATIME) {
1790 arg->valid |= FATTR_ATIME;
1791 arg->atime = iattr->ia_atime.tv_sec;
1792 arg->atimensec = iattr->ia_atime.tv_nsec;
1793 if (!(ivalid & ATTR_ATIME_SET))
1794 arg->valid |= FATTR_ATIME_NOW;
1795 }
1796 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1797 arg->valid |= FATTR_MTIME;
1798 arg->mtime = iattr->ia_mtime.tv_sec;
1799 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1800 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1801 arg->valid |= FATTR_MTIME_NOW;
1802 }
1803 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1804 arg->valid |= FATTR_CTIME;
1805 arg->ctime = iattr->ia_ctime.tv_sec;
1806 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1807 }
1808}
1809
1810/*
1811 * Prevent concurrent writepages on inode
1812 *
1813 * This is done by adding a negative bias to the inode write counter
1814 * and waiting for all pending writes to finish.
1815 */
1816void fuse_set_nowrite(struct inode *inode)
1817{
1818 struct fuse_inode *fi = get_fuse_inode(inode);
1819
1820 BUG_ON(!inode_is_locked(inode));
1821
1822 spin_lock(&fi->lock);
1823 BUG_ON(fi->writectr < 0);
1824 fi->writectr += FUSE_NOWRITE;
1825 spin_unlock(&fi->lock);
1826 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1827}
1828
1829/*
1830 * Allow writepages on inode
1831 *
1832 * Remove the bias from the writecounter and send any queued
1833 * writepages.
1834 */
1835static void __fuse_release_nowrite(struct inode *inode)
1836{
1837 struct fuse_inode *fi = get_fuse_inode(inode);
1838
1839 BUG_ON(fi->writectr != FUSE_NOWRITE);
1840 fi->writectr = 0;
1841 fuse_flush_writepages(inode);
1842}
1843
1844void fuse_release_nowrite(struct inode *inode)
1845{
1846 struct fuse_inode *fi = get_fuse_inode(inode);
1847
1848 spin_lock(&fi->lock);
1849 __fuse_release_nowrite(inode);
1850 spin_unlock(&fi->lock);
1851}
1852
1853static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1854 struct inode *inode,
1855 struct fuse_setattr_in *inarg_p,
1856 struct fuse_attr_out *outarg_p)
1857{
1858 args->opcode = FUSE_SETATTR;
1859 args->nodeid = get_node_id(inode);
1860 args->in_numargs = 1;
1861 args->in_args[0].size = sizeof(*inarg_p);
1862 args->in_args[0].value = inarg_p;
1863 args->out_numargs = 1;
1864 args->out_args[0].size = sizeof(*outarg_p);
1865 args->out_args[0].value = outarg_p;
1866}
1867
1868/*
1869 * Flush inode->i_mtime to the server
1870 */
1871int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1872{
1873 struct fuse_mount *fm = get_fuse_mount(inode);
1874 FUSE_ARGS(args);
1875 struct fuse_setattr_in inarg;
1876 struct fuse_attr_out outarg;
1877
1878 memset(&inarg, 0, sizeof(inarg));
1879 memset(&outarg, 0, sizeof(outarg));
1880
1881 inarg.valid = FATTR_MTIME;
1882 inarg.mtime = inode_get_mtime_sec(inode);
1883 inarg.mtimensec = inode_get_mtime_nsec(inode);
1884 if (fm->fc->minor >= 23) {
1885 inarg.valid |= FATTR_CTIME;
1886 inarg.ctime = inode_get_ctime_sec(inode);
1887 inarg.ctimensec = inode_get_ctime_nsec(inode);
1888 }
1889 if (ff) {
1890 inarg.valid |= FATTR_FH;
1891 inarg.fh = ff->fh;
1892 }
1893 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1894
1895 return fuse_simple_request(fm, &args);
1896}
1897
1898/*
1899 * Set attributes, and at the same time refresh them.
1900 *
1901 * Truncation is slightly complicated, because the 'truncate' request
1902 * may fail, in which case we don't want to touch the mapping.
1903 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1904 * and the actual truncation by hand.
1905 */
1906int fuse_do_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
1907 struct iattr *attr, struct file *file)
1908{
1909 struct inode *inode = d_inode(dentry);
1910 struct fuse_mount *fm = get_fuse_mount(inode);
1911 struct fuse_conn *fc = fm->fc;
1912 struct fuse_inode *fi = get_fuse_inode(inode);
1913 struct address_space *mapping = inode->i_mapping;
1914 FUSE_ARGS(args);
1915 struct fuse_setattr_in inarg;
1916 struct fuse_attr_out outarg;
1917 bool is_truncate = false;
1918 bool is_wb = fc->writeback_cache && S_ISREG(inode->i_mode);
1919 loff_t oldsize;
1920 int err;
1921 bool trust_local_cmtime = is_wb;
1922 bool fault_blocked = false;
1923
1924 if (!fc->default_permissions)
1925 attr->ia_valid |= ATTR_FORCE;
1926
1927 err = setattr_prepare(idmap, dentry, attr);
1928 if (err)
1929 return err;
1930
1931 if (attr->ia_valid & ATTR_SIZE) {
1932 if (WARN_ON(!S_ISREG(inode->i_mode)))
1933 return -EIO;
1934 is_truncate = true;
1935 }
1936
1937 if (FUSE_IS_DAX(inode) && is_truncate) {
1938 filemap_invalidate_lock(mapping);
1939 fault_blocked = true;
1940 err = fuse_dax_break_layouts(inode, 0, 0);
1941 if (err) {
1942 filemap_invalidate_unlock(mapping);
1943 return err;
1944 }
1945 }
1946
1947 if (attr->ia_valid & ATTR_OPEN) {
1948 /* This is coming from open(..., ... | O_TRUNC); */
1949 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1950 WARN_ON(attr->ia_size != 0);
1951 if (fc->atomic_o_trunc) {
1952 /*
1953 * No need to send request to userspace, since actual
1954 * truncation has already been done by OPEN. But still
1955 * need to truncate page cache.
1956 */
1957 i_size_write(inode, 0);
1958 truncate_pagecache(inode, 0);
1959 goto out;
1960 }
1961 file = NULL;
1962 }
1963
1964 /* Flush dirty data/metadata before non-truncate SETATTR */
1965 if (is_wb &&
1966 attr->ia_valid &
1967 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1968 ATTR_TIMES_SET)) {
1969 err = write_inode_now(inode, true);
1970 if (err)
1971 return err;
1972
1973 fuse_set_nowrite(inode);
1974 fuse_release_nowrite(inode);
1975 }
1976
1977 if (is_truncate) {
1978 fuse_set_nowrite(inode);
1979 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1980 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1981 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1982 }
1983
1984 memset(&inarg, 0, sizeof(inarg));
1985 memset(&outarg, 0, sizeof(outarg));
1986 iattr_to_fattr(idmap, fc, attr, &inarg, trust_local_cmtime);
1987 if (file) {
1988 struct fuse_file *ff = file->private_data;
1989 inarg.valid |= FATTR_FH;
1990 inarg.fh = ff->fh;
1991 }
1992
1993 /* Kill suid/sgid for non-directory chown unconditionally */
1994 if (fc->handle_killpriv_v2 && !S_ISDIR(inode->i_mode) &&
1995 attr->ia_valid & (ATTR_UID | ATTR_GID))
1996 inarg.valid |= FATTR_KILL_SUIDGID;
1997
1998 if (attr->ia_valid & ATTR_SIZE) {
1999 /* For mandatory locking in truncate */
2000 inarg.valid |= FATTR_LOCKOWNER;
2001 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
2002
2003 /* Kill suid/sgid for truncate only if no CAP_FSETID */
2004 if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
2005 inarg.valid |= FATTR_KILL_SUIDGID;
2006 }
2007 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
2008 err = fuse_simple_request(fm, &args);
2009 if (err) {
2010 if (err == -EINTR)
2011 fuse_invalidate_attr(inode);
2012 goto error;
2013 }
2014
2015 if (fuse_invalid_attr(&outarg.attr) ||
2016 inode_wrong_type(inode, outarg.attr.mode)) {
2017 fuse_make_bad(inode);
2018 err = -EIO;
2019 goto error;
2020 }
2021
2022 spin_lock(&fi->lock);
2023 /* the kernel maintains i_mtime locally */
2024 if (trust_local_cmtime) {
2025 if (attr->ia_valid & ATTR_MTIME)
2026 inode_set_mtime_to_ts(inode, attr->ia_mtime);
2027 if (attr->ia_valid & ATTR_CTIME)
2028 inode_set_ctime_to_ts(inode, attr->ia_ctime);
2029 /* FIXME: clear I_DIRTY_SYNC? */
2030 }
2031
2032 fuse_change_attributes_common(inode, &outarg.attr, NULL,
2033 ATTR_TIMEOUT(&outarg),
2034 fuse_get_cache_mask(inode), 0);
2035 oldsize = inode->i_size;
2036 /* see the comment in fuse_change_attributes() */
2037 if (!is_wb || is_truncate)
2038 i_size_write(inode, outarg.attr.size);
2039
2040 if (is_truncate) {
2041 /* NOTE: this may release/reacquire fi->lock */
2042 __fuse_release_nowrite(inode);
2043 }
2044 spin_unlock(&fi->lock);
2045
2046 /*
2047 * Only call invalidate_inode_pages2() after removing
2048 * FUSE_NOWRITE, otherwise fuse_launder_folio() would deadlock.
2049 */
2050 if ((is_truncate || !is_wb) &&
2051 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
2052 truncate_pagecache(inode, outarg.attr.size);
2053 invalidate_inode_pages2(mapping);
2054 }
2055
2056 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
2057out:
2058 if (fault_blocked)
2059 filemap_invalidate_unlock(mapping);
2060
2061 return 0;
2062
2063error:
2064 if (is_truncate)
2065 fuse_release_nowrite(inode);
2066
2067 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
2068
2069 if (fault_blocked)
2070 filemap_invalidate_unlock(mapping);
2071 return err;
2072}
2073
2074static int fuse_setattr(struct mnt_idmap *idmap, struct dentry *entry,
2075 struct iattr *attr)
2076{
2077 struct inode *inode = d_inode(entry);
2078 struct fuse_conn *fc = get_fuse_conn(inode);
2079 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
2080 int ret;
2081
2082 if (fuse_is_bad(inode))
2083 return -EIO;
2084
2085 if (!fuse_allow_current_process(get_fuse_conn(inode)))
2086 return -EACCES;
2087
2088 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
2089 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
2090 ATTR_MODE);
2091
2092 /*
2093 * The only sane way to reliably kill suid/sgid is to do it in
2094 * the userspace filesystem
2095 *
2096 * This should be done on write(), truncate() and chown().
2097 */
2098 if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
2099 /*
2100 * ia_mode calculation may have used stale i_mode.
2101 * Refresh and recalculate.
2102 */
2103 ret = fuse_do_getattr(idmap, inode, NULL, file);
2104 if (ret)
2105 return ret;
2106
2107 attr->ia_mode = inode->i_mode;
2108 if (inode->i_mode & S_ISUID) {
2109 attr->ia_valid |= ATTR_MODE;
2110 attr->ia_mode &= ~S_ISUID;
2111 }
2112 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
2113 attr->ia_valid |= ATTR_MODE;
2114 attr->ia_mode &= ~S_ISGID;
2115 }
2116 }
2117 }
2118 if (!attr->ia_valid)
2119 return 0;
2120
2121 ret = fuse_do_setattr(idmap, entry, attr, file);
2122 if (!ret) {
2123 /*
2124 * If filesystem supports acls it may have updated acl xattrs in
2125 * the filesystem, so forget cached acls for the inode.
2126 */
2127 if (fc->posix_acl)
2128 forget_all_cached_acls(inode);
2129
2130 /* Directory mode changed, may need to revalidate access */
2131 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
2132 fuse_invalidate_entry_cache(entry);
2133 }
2134 return ret;
2135}
2136
2137static int fuse_getattr(struct mnt_idmap *idmap,
2138 const struct path *path, struct kstat *stat,
2139 u32 request_mask, unsigned int flags)
2140{
2141 struct inode *inode = d_inode(path->dentry);
2142 struct fuse_conn *fc = get_fuse_conn(inode);
2143
2144 if (fuse_is_bad(inode))
2145 return -EIO;
2146
2147 if (!fuse_allow_current_process(fc)) {
2148 if (!request_mask) {
2149 /*
2150 * If user explicitly requested *nothing* then don't
2151 * error out, but return st_dev only.
2152 */
2153 stat->result_mask = 0;
2154 stat->dev = inode->i_sb->s_dev;
2155 return 0;
2156 }
2157 return -EACCES;
2158 }
2159
2160 return fuse_update_get_attr(idmap, inode, NULL, stat, request_mask, flags);
2161}
2162
2163static const struct inode_operations fuse_dir_inode_operations = {
2164 .lookup = fuse_lookup,
2165 .mkdir = fuse_mkdir,
2166 .symlink = fuse_symlink,
2167 .unlink = fuse_unlink,
2168 .rmdir = fuse_rmdir,
2169 .rename = fuse_rename2,
2170 .link = fuse_link,
2171 .setattr = fuse_setattr,
2172 .create = fuse_create,
2173 .atomic_open = fuse_atomic_open,
2174 .tmpfile = fuse_tmpfile,
2175 .mknod = fuse_mknod,
2176 .permission = fuse_permission,
2177 .getattr = fuse_getattr,
2178 .listxattr = fuse_listxattr,
2179 .get_inode_acl = fuse_get_inode_acl,
2180 .get_acl = fuse_get_acl,
2181 .set_acl = fuse_set_acl,
2182 .fileattr_get = fuse_fileattr_get,
2183 .fileattr_set = fuse_fileattr_set,
2184};
2185
2186static const struct file_operations fuse_dir_operations = {
2187 .llseek = generic_file_llseek,
2188 .read = generic_read_dir,
2189 .iterate_shared = fuse_readdir,
2190 .open = fuse_dir_open,
2191 .release = fuse_dir_release,
2192 .fsync = fuse_dir_fsync,
2193 .unlocked_ioctl = fuse_dir_ioctl,
2194 .compat_ioctl = fuse_dir_compat_ioctl,
2195};
2196
2197static const struct inode_operations fuse_common_inode_operations = {
2198 .setattr = fuse_setattr,
2199 .permission = fuse_permission,
2200 .getattr = fuse_getattr,
2201 .listxattr = fuse_listxattr,
2202 .get_inode_acl = fuse_get_inode_acl,
2203 .get_acl = fuse_get_acl,
2204 .set_acl = fuse_set_acl,
2205 .fileattr_get = fuse_fileattr_get,
2206 .fileattr_set = fuse_fileattr_set,
2207};
2208
2209static const struct inode_operations fuse_symlink_inode_operations = {
2210 .setattr = fuse_setattr,
2211 .get_link = fuse_get_link,
2212 .getattr = fuse_getattr,
2213 .listxattr = fuse_listxattr,
2214};
2215
2216void fuse_init_common(struct inode *inode)
2217{
2218 inode->i_op = &fuse_common_inode_operations;
2219}
2220
2221void fuse_init_dir(struct inode *inode)
2222{
2223 struct fuse_inode *fi = get_fuse_inode(inode);
2224
2225 inode->i_op = &fuse_dir_inode_operations;
2226 inode->i_fop = &fuse_dir_operations;
2227
2228 spin_lock_init(&fi->rdc.lock);
2229 fi->rdc.cached = false;
2230 fi->rdc.size = 0;
2231 fi->rdc.pos = 0;
2232 fi->rdc.version = 0;
2233}
2234
2235static int fuse_symlink_read_folio(struct file *null, struct folio *folio)
2236{
2237 int err = fuse_readlink_page(folio->mapping->host, folio);
2238
2239 if (!err)
2240 folio_mark_uptodate(folio);
2241
2242 folio_unlock(folio);
2243
2244 return err;
2245}
2246
2247static const struct address_space_operations fuse_symlink_aops = {
2248 .read_folio = fuse_symlink_read_folio,
2249};
2250
2251void fuse_init_symlink(struct inode *inode)
2252{
2253 inode->i_op = &fuse_symlink_inode_operations;
2254 inode->i_data.a_ops = &fuse_symlink_aops;
2255 inode_nohighmem(inode);
2256}