2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
17 #if BITS_PER_LONG >= 64
18 static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
23 static inline u64 fuse_dentry_time(struct dentry *entry)
29 * On 32 bit archs store the high 32 bits of time in d_fsdata
31 static void fuse_dentry_settime(struct dentry *entry, u64 time)
34 entry->d_fsdata = (void *) (unsigned long) (time >> 32);
37 static u64 fuse_dentry_time(struct dentry *entry)
39 return (u64) entry->d_time +
40 ((u64) (unsigned long) entry->d_fsdata << 32);
45 * FUSE caches dentries and attributes with separate timeout. The
46 * time in jiffies until the dentry/attributes are valid is stored in
47 * dentry->d_time and fuse_inode->i_time respectively.
51 * Calculate the time in jiffies until a dentry/attributes are valid
53 static u64 time_to_jiffies(unsigned long sec, unsigned long nsec)
56 struct timespec ts = {sec, nsec};
57 return get_jiffies_64() + timespec_to_jiffies(&ts);
63 * Set dentry and possibly attribute timeouts from the lookup/mk*
66 static void fuse_change_entry_timeout(struct dentry *entry,
67 struct fuse_entry_out *o)
69 fuse_dentry_settime(entry,
70 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
73 static u64 attr_timeout(struct fuse_attr_out *o)
75 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
78 static u64 entry_attr_timeout(struct fuse_entry_out *o)
80 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
84 * Mark the attributes as stale, so that at the next call to
85 * ->getattr() they will be fetched from userspace
87 void fuse_invalidate_attr(struct inode *inode)
89 get_fuse_inode(inode)->i_time = 0;
93 * Just mark the entry as stale, so that a next attempt to look it up
94 * will result in a new lookup call to userspace
96 * This is called when a dentry is about to become negative and the
97 * timeout is unknown (unlink, rmdir, rename and in some cases
100 void fuse_invalidate_entry_cache(struct dentry *entry)
102 fuse_dentry_settime(entry, 0);
106 * Same as fuse_invalidate_entry_cache(), but also try to remove the
107 * dentry from the hash
109 static void fuse_invalidate_entry(struct dentry *entry)
112 fuse_invalidate_entry_cache(entry);
115 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_req *req,
116 u64 nodeid, struct qstr *name,
117 struct fuse_entry_out *outarg)
119 memset(outarg, 0, sizeof(struct fuse_entry_out));
120 req->in.h.opcode = FUSE_LOOKUP;
121 req->in.h.nodeid = nodeid;
123 req->in.args[0].size = name->len + 1;
124 req->in.args[0].value = name->name;
125 req->out.numargs = 1;
127 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
129 req->out.args[0].size = sizeof(struct fuse_entry_out);
130 req->out.args[0].value = outarg;
133 u64 fuse_get_attr_version(struct fuse_conn *fc)
138 * The spin lock isn't actually needed on 64bit archs, but we
139 * don't yet care too much about such optimizations.
141 spin_lock(&fc->lock);
142 curr_version = fc->attr_version;
143 spin_unlock(&fc->lock);
149 * Check whether the dentry is still valid
151 * If the entry validity timeout has expired and the dentry is
152 * positive, try to redo the lookup. If the lookup results in a
153 * different inode, then let the VFS invalidate the dentry and redo
154 * the lookup once more. If the lookup results in the same inode,
155 * then refresh the attributes, timeouts and mark the dentry valid.
157 static int fuse_dentry_revalidate(struct dentry *entry, struct nameidata *nd)
161 inode = ACCESS_ONCE(entry->d_inode);
162 if (inode && is_bad_inode(inode))
164 else if (fuse_dentry_time(entry) < get_jiffies_64()) {
166 struct fuse_entry_out outarg;
167 struct fuse_conn *fc;
168 struct fuse_req *req;
169 struct fuse_forget_link *forget;
170 struct dentry *parent;
173 /* For negative dentries, always do a fresh lookup */
177 if (nd && (nd->flags & LOOKUP_RCU))
180 fc = get_fuse_conn(inode);
181 req = fuse_get_req(fc);
185 forget = fuse_alloc_forget();
187 fuse_put_request(fc, req);
191 attr_version = fuse_get_attr_version(fc);
193 parent = dget_parent(entry);
194 fuse_lookup_init(fc, req, get_node_id(parent->d_inode),
195 &entry->d_name, &outarg);
196 fuse_request_send(fc, req);
198 err = req->out.h.error;
199 fuse_put_request(fc, req);
200 /* Zero nodeid is same as -ENOENT */
201 if (!err && !outarg.nodeid)
204 struct fuse_inode *fi = get_fuse_inode(inode);
205 if (outarg.nodeid != get_node_id(inode)) {
206 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
209 spin_lock(&fc->lock);
211 spin_unlock(&fc->lock);
214 if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
217 fuse_change_attributes(inode, &outarg.attr,
218 entry_attr_timeout(&outarg),
220 fuse_change_entry_timeout(entry, &outarg);
225 static int invalid_nodeid(u64 nodeid)
227 return !nodeid || nodeid == FUSE_ROOT_ID;
230 const struct dentry_operations fuse_dentry_operations = {
231 .d_revalidate = fuse_dentry_revalidate,
234 int fuse_valid_type(int m)
236 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
237 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
241 * Add a directory inode to a dentry, ensuring that no other dentry
242 * refers to this inode. Called with fc->inst_mutex.
244 static struct dentry *fuse_d_add_directory(struct dentry *entry,
247 struct dentry *alias = d_find_alias(inode);
248 if (alias && !(alias->d_flags & DCACHE_DISCONNECTED)) {
249 /* This tries to shrink the subtree below alias */
250 fuse_invalidate_entry(alias);
252 if (!list_empty(&inode->i_dentry))
253 return ERR_PTR(-EBUSY);
257 return d_splice_alias(inode, entry);
260 int fuse_lookup_name(struct super_block *sb, u64 nodeid, struct qstr *name,
261 struct fuse_entry_out *outarg, struct inode **inode)
263 struct fuse_conn *fc = get_fuse_conn_super(sb);
264 struct fuse_req *req;
265 struct fuse_forget_link *forget;
271 if (name->len > FUSE_NAME_MAX)
274 req = fuse_get_req(fc);
279 forget = fuse_alloc_forget();
282 fuse_put_request(fc, req);
286 attr_version = fuse_get_attr_version(fc);
288 fuse_lookup_init(fc, req, nodeid, name, outarg);
289 fuse_request_send(fc, req);
290 err = req->out.h.error;
291 fuse_put_request(fc, req);
292 /* Zero nodeid is same as -ENOENT, but with valid timeout */
293 if (err || !outarg->nodeid)
299 if (!fuse_valid_type(outarg->attr.mode))
302 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
303 &outarg->attr, entry_attr_timeout(outarg),
307 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
318 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
319 struct nameidata *nd)
322 struct fuse_entry_out outarg;
324 struct dentry *newent;
325 struct fuse_conn *fc = get_fuse_conn(dir);
326 bool outarg_valid = true;
328 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
330 if (err == -ENOENT) {
331 outarg_valid = false;
338 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
341 if (inode && S_ISDIR(inode->i_mode)) {
342 mutex_lock(&fc->inst_mutex);
343 newent = fuse_d_add_directory(entry, inode);
344 mutex_unlock(&fc->inst_mutex);
345 err = PTR_ERR(newent);
349 newent = d_splice_alias(inode, entry);
352 entry = newent ? newent : entry;
354 fuse_change_entry_timeout(entry, &outarg);
356 fuse_invalidate_entry_cache(entry);
367 * Atomic create+open operation
369 * If the filesystem doesn't support this, then fall back to separate
370 * 'mknod' + 'open' requests.
372 static int fuse_create_open(struct inode *dir, struct dentry *entry,
373 umode_t mode, struct nameidata *nd)
377 struct fuse_conn *fc = get_fuse_conn(dir);
378 struct fuse_req *req;
379 struct fuse_forget_link *forget;
380 struct fuse_create_in inarg;
381 struct fuse_open_out outopen;
382 struct fuse_entry_out outentry;
383 struct fuse_file *ff;
385 int flags = nd->intent.open.flags;
390 forget = fuse_alloc_forget();
394 req = fuse_get_req(fc);
397 goto out_put_forget_req;
400 ff = fuse_file_alloc(fc);
402 goto out_put_request;
405 mode &= ~current_umask();
408 memset(&inarg, 0, sizeof(inarg));
409 memset(&outentry, 0, sizeof(outentry));
412 inarg.umask = current_umask();
413 req->in.h.opcode = FUSE_CREATE;
414 req->in.h.nodeid = get_node_id(dir);
416 req->in.args[0].size = fc->minor < 12 ? sizeof(struct fuse_open_in) :
418 req->in.args[0].value = &inarg;
419 req->in.args[1].size = entry->d_name.len + 1;
420 req->in.args[1].value = entry->d_name.name;
421 req->out.numargs = 2;
423 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
425 req->out.args[0].size = sizeof(outentry);
426 req->out.args[0].value = &outentry;
427 req->out.args[1].size = sizeof(outopen);
428 req->out.args[1].value = &outopen;
429 fuse_request_send(fc, req);
430 err = req->out.h.error;
438 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
441 fuse_put_request(fc, req);
443 ff->nodeid = outentry.nodeid;
444 ff->open_flags = outopen.open_flags;
445 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
446 &outentry.attr, entry_attr_timeout(&outentry), 0);
448 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
449 fuse_sync_release(ff, flags);
450 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
454 d_instantiate(entry, inode);
455 fuse_change_entry_timeout(entry, &outentry);
456 fuse_invalidate_attr(dir);
457 file = lookup_instantiate_filp(nd, entry, generic_file_open);
459 fuse_sync_release(ff, flags);
460 return PTR_ERR(file);
462 file->private_data = fuse_file_get(ff);
463 fuse_finish_open(inode, file);
469 fuse_put_request(fc, req);
476 * Code shared between mknod, mkdir, symlink and link
478 static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req,
479 struct inode *dir, struct dentry *entry,
482 struct fuse_entry_out outarg;
485 struct fuse_forget_link *forget;
487 forget = fuse_alloc_forget();
489 fuse_put_request(fc, req);
493 memset(&outarg, 0, sizeof(outarg));
494 req->in.h.nodeid = get_node_id(dir);
495 req->out.numargs = 1;
497 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
499 req->out.args[0].size = sizeof(outarg);
500 req->out.args[0].value = &outarg;
501 fuse_request_send(fc, req);
502 err = req->out.h.error;
503 fuse_put_request(fc, req);
505 goto out_put_forget_req;
508 if (invalid_nodeid(outarg.nodeid))
509 goto out_put_forget_req;
511 if ((outarg.attr.mode ^ mode) & S_IFMT)
512 goto out_put_forget_req;
514 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
515 &outarg.attr, entry_attr_timeout(&outarg), 0);
517 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
522 if (S_ISDIR(inode->i_mode)) {
523 struct dentry *alias;
524 mutex_lock(&fc->inst_mutex);
525 alias = d_find_alias(inode);
527 /* New directory must have moved since mkdir */
528 mutex_unlock(&fc->inst_mutex);
533 d_instantiate(entry, inode);
534 mutex_unlock(&fc->inst_mutex);
536 d_instantiate(entry, inode);
538 fuse_change_entry_timeout(entry, &outarg);
539 fuse_invalidate_attr(dir);
547 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
550 struct fuse_mknod_in inarg;
551 struct fuse_conn *fc = get_fuse_conn(dir);
552 struct fuse_req *req = fuse_get_req(fc);
557 mode &= ~current_umask();
559 memset(&inarg, 0, sizeof(inarg));
561 inarg.rdev = new_encode_dev(rdev);
562 inarg.umask = current_umask();
563 req->in.h.opcode = FUSE_MKNOD;
565 req->in.args[0].size = fc->minor < 12 ? FUSE_COMPAT_MKNOD_IN_SIZE :
567 req->in.args[0].value = &inarg;
568 req->in.args[1].size = entry->d_name.len + 1;
569 req->in.args[1].value = entry->d_name.name;
570 return create_new_entry(fc, req, dir, entry, mode);
573 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
574 struct nameidata *nd)
577 int err = fuse_create_open(dir, entry, mode, nd);
580 /* Fall back on mknod */
582 return fuse_mknod(dir, entry, mode, 0);
585 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
587 struct fuse_mkdir_in inarg;
588 struct fuse_conn *fc = get_fuse_conn(dir);
589 struct fuse_req *req = fuse_get_req(fc);
594 mode &= ~current_umask();
596 memset(&inarg, 0, sizeof(inarg));
598 inarg.umask = current_umask();
599 req->in.h.opcode = FUSE_MKDIR;
601 req->in.args[0].size = sizeof(inarg);
602 req->in.args[0].value = &inarg;
603 req->in.args[1].size = entry->d_name.len + 1;
604 req->in.args[1].value = entry->d_name.name;
605 return create_new_entry(fc, req, dir, entry, S_IFDIR);
608 static int fuse_symlink(struct inode *dir, struct dentry *entry,
611 struct fuse_conn *fc = get_fuse_conn(dir);
612 unsigned len = strlen(link) + 1;
613 struct fuse_req *req = fuse_get_req(fc);
617 req->in.h.opcode = FUSE_SYMLINK;
619 req->in.args[0].size = entry->d_name.len + 1;
620 req->in.args[0].value = entry->d_name.name;
621 req->in.args[1].size = len;
622 req->in.args[1].value = link;
623 return create_new_entry(fc, req, dir, entry, S_IFLNK);
626 static int fuse_unlink(struct inode *dir, struct dentry *entry)
629 struct fuse_conn *fc = get_fuse_conn(dir);
630 struct fuse_req *req = fuse_get_req(fc);
634 req->in.h.opcode = FUSE_UNLINK;
635 req->in.h.nodeid = get_node_id(dir);
637 req->in.args[0].size = entry->d_name.len + 1;
638 req->in.args[0].value = entry->d_name.name;
639 fuse_request_send(fc, req);
640 err = req->out.h.error;
641 fuse_put_request(fc, req);
643 struct inode *inode = entry->d_inode;
644 struct fuse_inode *fi = get_fuse_inode(inode);
646 spin_lock(&fc->lock);
647 fi->attr_version = ++fc->attr_version;
649 spin_unlock(&fc->lock);
650 fuse_invalidate_attr(inode);
651 fuse_invalidate_attr(dir);
652 fuse_invalidate_entry_cache(entry);
653 } else if (err == -EINTR)
654 fuse_invalidate_entry(entry);
658 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
661 struct fuse_conn *fc = get_fuse_conn(dir);
662 struct fuse_req *req = fuse_get_req(fc);
666 req->in.h.opcode = FUSE_RMDIR;
667 req->in.h.nodeid = get_node_id(dir);
669 req->in.args[0].size = entry->d_name.len + 1;
670 req->in.args[0].value = entry->d_name.name;
671 fuse_request_send(fc, req);
672 err = req->out.h.error;
673 fuse_put_request(fc, req);
675 clear_nlink(entry->d_inode);
676 fuse_invalidate_attr(dir);
677 fuse_invalidate_entry_cache(entry);
678 } else if (err == -EINTR)
679 fuse_invalidate_entry(entry);
683 static int fuse_rename(struct inode *olddir, struct dentry *oldent,
684 struct inode *newdir, struct dentry *newent)
687 struct fuse_rename_in inarg;
688 struct fuse_conn *fc = get_fuse_conn(olddir);
689 struct fuse_req *req = fuse_get_req(fc);
694 memset(&inarg, 0, sizeof(inarg));
695 inarg.newdir = get_node_id(newdir);
696 req->in.h.opcode = FUSE_RENAME;
697 req->in.h.nodeid = get_node_id(olddir);
699 req->in.args[0].size = sizeof(inarg);
700 req->in.args[0].value = &inarg;
701 req->in.args[1].size = oldent->d_name.len + 1;
702 req->in.args[1].value = oldent->d_name.name;
703 req->in.args[2].size = newent->d_name.len + 1;
704 req->in.args[2].value = newent->d_name.name;
705 fuse_request_send(fc, req);
706 err = req->out.h.error;
707 fuse_put_request(fc, req);
710 fuse_invalidate_attr(oldent->d_inode);
712 fuse_invalidate_attr(olddir);
713 if (olddir != newdir)
714 fuse_invalidate_attr(newdir);
716 /* newent will end up negative */
717 if (newent->d_inode) {
718 fuse_invalidate_attr(newent->d_inode);
719 fuse_invalidate_entry_cache(newent);
721 } else if (err == -EINTR) {
722 /* If request was interrupted, DEITY only knows if the
723 rename actually took place. If the invalidation
724 fails (e.g. some process has CWD under the renamed
725 directory), then there can be inconsistency between
726 the dcache and the real filesystem. Tough luck. */
727 fuse_invalidate_entry(oldent);
729 fuse_invalidate_entry(newent);
735 static int fuse_link(struct dentry *entry, struct inode *newdir,
736 struct dentry *newent)
739 struct fuse_link_in inarg;
740 struct inode *inode = entry->d_inode;
741 struct fuse_conn *fc = get_fuse_conn(inode);
742 struct fuse_req *req = fuse_get_req(fc);
746 memset(&inarg, 0, sizeof(inarg));
747 inarg.oldnodeid = get_node_id(inode);
748 req->in.h.opcode = FUSE_LINK;
750 req->in.args[0].size = sizeof(inarg);
751 req->in.args[0].value = &inarg;
752 req->in.args[1].size = newent->d_name.len + 1;
753 req->in.args[1].value = newent->d_name.name;
754 err = create_new_entry(fc, req, newdir, newent, inode->i_mode);
755 /* Contrary to "normal" filesystems it can happen that link
756 makes two "logical" inodes point to the same "physical"
757 inode. We invalidate the attributes of the old one, so it
758 will reflect changes in the backing inode (link count,
762 struct fuse_inode *fi = get_fuse_inode(inode);
764 spin_lock(&fc->lock);
765 fi->attr_version = ++fc->attr_version;
767 spin_unlock(&fc->lock);
768 fuse_invalidate_attr(inode);
769 } else if (err == -EINTR) {
770 fuse_invalidate_attr(inode);
775 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
778 unsigned int blkbits;
780 stat->dev = inode->i_sb->s_dev;
781 stat->ino = attr->ino;
782 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
783 stat->nlink = attr->nlink;
784 stat->uid = attr->uid;
785 stat->gid = attr->gid;
786 stat->rdev = inode->i_rdev;
787 stat->atime.tv_sec = attr->atime;
788 stat->atime.tv_nsec = attr->atimensec;
789 stat->mtime.tv_sec = attr->mtime;
790 stat->mtime.tv_nsec = attr->mtimensec;
791 stat->ctime.tv_sec = attr->ctime;
792 stat->ctime.tv_nsec = attr->ctimensec;
793 stat->size = attr->size;
794 stat->blocks = attr->blocks;
796 if (attr->blksize != 0)
797 blkbits = ilog2(attr->blksize);
799 blkbits = inode->i_sb->s_blocksize_bits;
801 stat->blksize = 1 << blkbits;
804 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
808 struct fuse_getattr_in inarg;
809 struct fuse_attr_out outarg;
810 struct fuse_conn *fc = get_fuse_conn(inode);
811 struct fuse_req *req;
814 req = fuse_get_req(fc);
818 attr_version = fuse_get_attr_version(fc);
820 memset(&inarg, 0, sizeof(inarg));
821 memset(&outarg, 0, sizeof(outarg));
822 /* Directories have separate file-handle space */
823 if (file && S_ISREG(inode->i_mode)) {
824 struct fuse_file *ff = file->private_data;
826 inarg.getattr_flags |= FUSE_GETATTR_FH;
829 req->in.h.opcode = FUSE_GETATTR;
830 req->in.h.nodeid = get_node_id(inode);
832 req->in.args[0].size = sizeof(inarg);
833 req->in.args[0].value = &inarg;
834 req->out.numargs = 1;
836 req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
838 req->out.args[0].size = sizeof(outarg);
839 req->out.args[0].value = &outarg;
840 fuse_request_send(fc, req);
841 err = req->out.h.error;
842 fuse_put_request(fc, req);
844 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
845 make_bad_inode(inode);
848 fuse_change_attributes(inode, &outarg.attr,
849 attr_timeout(&outarg),
852 fuse_fillattr(inode, &outarg.attr, stat);
858 int fuse_update_attributes(struct inode *inode, struct kstat *stat,
859 struct file *file, bool *refreshed)
861 struct fuse_inode *fi = get_fuse_inode(inode);
865 if (fi->i_time < get_jiffies_64()) {
867 err = fuse_do_getattr(inode, stat, file);
872 generic_fillattr(inode, stat);
873 stat->mode = fi->orig_i_mode;
874 stat->ino = fi->orig_ino;
878 if (refreshed != NULL)
884 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
885 u64 child_nodeid, struct qstr *name)
888 struct inode *parent;
890 struct dentry *entry;
892 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
896 mutex_lock(&parent->i_mutex);
897 if (!S_ISDIR(parent->i_mode))
901 dir = d_find_alias(parent);
905 entry = d_lookup(dir, name);
910 fuse_invalidate_attr(parent);
911 fuse_invalidate_entry(entry);
913 if (child_nodeid != 0 && entry->d_inode) {
914 mutex_lock(&entry->d_inode->i_mutex);
915 if (get_node_id(entry->d_inode) != child_nodeid) {
919 if (d_mountpoint(entry)) {
923 if (S_ISDIR(entry->d_inode->i_mode)) {
924 shrink_dcache_parent(entry);
925 if (!simple_empty(entry)) {
929 entry->d_inode->i_flags |= S_DEAD;
932 clear_nlink(entry->d_inode);
935 mutex_unlock(&entry->d_inode->i_mutex);
944 mutex_unlock(&parent->i_mutex);
950 * Calling into a user-controlled filesystem gives the filesystem
951 * daemon ptrace-like capabilities over the requester process. This
952 * means, that the filesystem daemon is able to record the exact
953 * filesystem operations performed, and can also control the behavior
954 * of the requester process in otherwise impossible ways. For example
955 * it can delay the operation for arbitrary length of time allowing
956 * DoS against the requester.
958 * For this reason only those processes can call into the filesystem,
959 * for which the owner of the mount has ptrace privilege. This
960 * excludes processes started by other users, suid or sgid processes.
962 int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
964 const struct cred *cred;
967 if (fc->flags & FUSE_ALLOW_OTHER)
972 cred = __task_cred(task);
973 if (cred->euid == fc->user_id &&
974 cred->suid == fc->user_id &&
975 cred->uid == fc->user_id &&
976 cred->egid == fc->group_id &&
977 cred->sgid == fc->group_id &&
978 cred->gid == fc->group_id)
985 static int fuse_access(struct inode *inode, int mask)
987 struct fuse_conn *fc = get_fuse_conn(inode);
988 struct fuse_req *req;
989 struct fuse_access_in inarg;
995 req = fuse_get_req(fc);
999 memset(&inarg, 0, sizeof(inarg));
1000 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1001 req->in.h.opcode = FUSE_ACCESS;
1002 req->in.h.nodeid = get_node_id(inode);
1003 req->in.numargs = 1;
1004 req->in.args[0].size = sizeof(inarg);
1005 req->in.args[0].value = &inarg;
1006 fuse_request_send(fc, req);
1007 err = req->out.h.error;
1008 fuse_put_request(fc, req);
1009 if (err == -ENOSYS) {
1016 static int fuse_perm_getattr(struct inode *inode, int mask)
1018 if (mask & MAY_NOT_BLOCK)
1021 return fuse_do_getattr(inode, NULL, NULL);
1025 * Check permission. The two basic access models of FUSE are:
1027 * 1) Local access checking ('default_permissions' mount option) based
1028 * on file mode. This is the plain old disk filesystem permission
1031 * 2) "Remote" access checking, where server is responsible for
1032 * checking permission in each inode operation. An exception to this
1033 * is if ->permission() was invoked from sys_access() in which case an
1034 * access request is sent. Execute permission is still checked
1035 * locally based on file mode.
1037 static int fuse_permission(struct inode *inode, int mask)
1039 struct fuse_conn *fc = get_fuse_conn(inode);
1040 bool refreshed = false;
1043 if (!fuse_allow_task(fc, current))
1047 * If attributes are needed, refresh them before proceeding
1049 if ((fc->flags & FUSE_DEFAULT_PERMISSIONS) ||
1050 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1051 struct fuse_inode *fi = get_fuse_inode(inode);
1053 if (fi->i_time < get_jiffies_64()) {
1056 err = fuse_perm_getattr(inode, mask);
1062 if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
1063 err = generic_permission(inode, mask);
1065 /* If permission is denied, try to refresh file
1066 attributes. This is also needed, because the root
1067 node will at first have no permissions */
1068 if (err == -EACCES && !refreshed) {
1069 err = fuse_perm_getattr(inode, mask);
1071 err = generic_permission(inode, mask);
1074 /* Note: the opposite of the above test does not
1075 exist. So if permissions are revoked this won't be
1076 noticed immediately, only after the attribute
1077 timeout has expired */
1078 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1079 if (mask & MAY_NOT_BLOCK)
1082 err = fuse_access(inode, mask);
1083 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1084 if (!(inode->i_mode & S_IXUGO)) {
1088 err = fuse_perm_getattr(inode, mask);
1089 if (!err && !(inode->i_mode & S_IXUGO))
1096 static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
1097 void *dstbuf, filldir_t filldir)
1099 while (nbytes >= FUSE_NAME_OFFSET) {
1100 struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
1101 size_t reclen = FUSE_DIRENT_SIZE(dirent);
1103 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1105 if (reclen > nbytes)
1108 over = filldir(dstbuf, dirent->name, dirent->namelen,
1109 file->f_pos, dirent->ino, dirent->type);
1115 file->f_pos = dirent->off;
1121 static int fuse_readdir(struct file *file, void *dstbuf, filldir_t filldir)
1126 struct inode *inode = file->f_path.dentry->d_inode;
1127 struct fuse_conn *fc = get_fuse_conn(inode);
1128 struct fuse_req *req;
1130 if (is_bad_inode(inode))
1133 req = fuse_get_req(fc);
1135 return PTR_ERR(req);
1137 page = alloc_page(GFP_KERNEL);
1139 fuse_put_request(fc, req);
1142 req->out.argpages = 1;
1144 req->pages[0] = page;
1145 fuse_read_fill(req, file, file->f_pos, PAGE_SIZE, FUSE_READDIR);
1146 fuse_request_send(fc, req);
1147 nbytes = req->out.args[0].size;
1148 err = req->out.h.error;
1149 fuse_put_request(fc, req);
1151 err = parse_dirfile(page_address(page), nbytes, file, dstbuf,
1155 fuse_invalidate_attr(inode); /* atime changed */
1159 static char *read_link(struct dentry *dentry)
1161 struct inode *inode = dentry->d_inode;
1162 struct fuse_conn *fc = get_fuse_conn(inode);
1163 struct fuse_req *req = fuse_get_req(fc);
1167 return ERR_CAST(req);
1169 link = (char *) __get_free_page(GFP_KERNEL);
1171 link = ERR_PTR(-ENOMEM);
1174 req->in.h.opcode = FUSE_READLINK;
1175 req->in.h.nodeid = get_node_id(inode);
1176 req->out.argvar = 1;
1177 req->out.numargs = 1;
1178 req->out.args[0].size = PAGE_SIZE - 1;
1179 req->out.args[0].value = link;
1180 fuse_request_send(fc, req);
1181 if (req->out.h.error) {
1182 free_page((unsigned long) link);
1183 link = ERR_PTR(req->out.h.error);
1185 link[req->out.args[0].size] = '\0';
1187 fuse_put_request(fc, req);
1188 fuse_invalidate_attr(inode); /* atime changed */
1192 static void free_link(char *link)
1195 free_page((unsigned long) link);
1198 static void *fuse_follow_link(struct dentry *dentry, struct nameidata *nd)
1200 nd_set_link(nd, read_link(dentry));
1204 static void fuse_put_link(struct dentry *dentry, struct nameidata *nd, void *c)
1206 free_link(nd_get_link(nd));
1209 static int fuse_dir_open(struct inode *inode, struct file *file)
1211 return fuse_open_common(inode, file, true);
1214 static int fuse_dir_release(struct inode *inode, struct file *file)
1216 fuse_release_common(file, FUSE_RELEASEDIR);
1221 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1224 return fuse_fsync_common(file, start, end, datasync, 1);
1227 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1230 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1232 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1236 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1239 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1242 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1247 return fuse_ioctl_common(file, cmd, arg,
1248 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1251 static bool update_mtime(unsigned ivalid)
1253 /* Always update if mtime is explicitly set */
1254 if (ivalid & ATTR_MTIME_SET)
1257 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1258 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1261 /* In all other cases update */
1265 static void iattr_to_fattr(struct iattr *iattr, struct fuse_setattr_in *arg)
1267 unsigned ivalid = iattr->ia_valid;
1269 if (ivalid & ATTR_MODE)
1270 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1271 if (ivalid & ATTR_UID)
1272 arg->valid |= FATTR_UID, arg->uid = iattr->ia_uid;
1273 if (ivalid & ATTR_GID)
1274 arg->valid |= FATTR_GID, arg->gid = iattr->ia_gid;
1275 if (ivalid & ATTR_SIZE)
1276 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1277 if (ivalid & ATTR_ATIME) {
1278 arg->valid |= FATTR_ATIME;
1279 arg->atime = iattr->ia_atime.tv_sec;
1280 arg->atimensec = iattr->ia_atime.tv_nsec;
1281 if (!(ivalid & ATTR_ATIME_SET))
1282 arg->valid |= FATTR_ATIME_NOW;
1284 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid)) {
1285 arg->valid |= FATTR_MTIME;
1286 arg->mtime = iattr->ia_mtime.tv_sec;
1287 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1288 if (!(ivalid & ATTR_MTIME_SET))
1289 arg->valid |= FATTR_MTIME_NOW;
1294 * Prevent concurrent writepages on inode
1296 * This is done by adding a negative bias to the inode write counter
1297 * and waiting for all pending writes to finish.
1299 void fuse_set_nowrite(struct inode *inode)
1301 struct fuse_conn *fc = get_fuse_conn(inode);
1302 struct fuse_inode *fi = get_fuse_inode(inode);
1304 BUG_ON(!mutex_is_locked(&inode->i_mutex));
1306 spin_lock(&fc->lock);
1307 BUG_ON(fi->writectr < 0);
1308 fi->writectr += FUSE_NOWRITE;
1309 spin_unlock(&fc->lock);
1310 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1314 * Allow writepages on inode
1316 * Remove the bias from the writecounter and send any queued
1319 static void __fuse_release_nowrite(struct inode *inode)
1321 struct fuse_inode *fi = get_fuse_inode(inode);
1323 BUG_ON(fi->writectr != FUSE_NOWRITE);
1325 fuse_flush_writepages(inode);
1328 void fuse_release_nowrite(struct inode *inode)
1330 struct fuse_conn *fc = get_fuse_conn(inode);
1332 spin_lock(&fc->lock);
1333 __fuse_release_nowrite(inode);
1334 spin_unlock(&fc->lock);
1338 * Set attributes, and at the same time refresh them.
1340 * Truncation is slightly complicated, because the 'truncate' request
1341 * may fail, in which case we don't want to touch the mapping.
1342 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1343 * and the actual truncation by hand.
1345 static int fuse_do_setattr(struct dentry *entry, struct iattr *attr,
1348 struct inode *inode = entry->d_inode;
1349 struct fuse_conn *fc = get_fuse_conn(inode);
1350 struct fuse_req *req;
1351 struct fuse_setattr_in inarg;
1352 struct fuse_attr_out outarg;
1353 bool is_truncate = false;
1357 if (!fuse_allow_task(fc, current))
1360 if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS))
1361 attr->ia_valid |= ATTR_FORCE;
1363 err = inode_change_ok(inode, attr);
1367 if (attr->ia_valid & ATTR_OPEN) {
1368 if (fc->atomic_o_trunc)
1373 if (attr->ia_valid & ATTR_SIZE)
1376 req = fuse_get_req(fc);
1378 return PTR_ERR(req);
1381 fuse_set_nowrite(inode);
1383 memset(&inarg, 0, sizeof(inarg));
1384 memset(&outarg, 0, sizeof(outarg));
1385 iattr_to_fattr(attr, &inarg);
1387 struct fuse_file *ff = file->private_data;
1388 inarg.valid |= FATTR_FH;
1391 if (attr->ia_valid & ATTR_SIZE) {
1392 /* For mandatory locking in truncate */
1393 inarg.valid |= FATTR_LOCKOWNER;
1394 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1396 req->in.h.opcode = FUSE_SETATTR;
1397 req->in.h.nodeid = get_node_id(inode);
1398 req->in.numargs = 1;
1399 req->in.args[0].size = sizeof(inarg);
1400 req->in.args[0].value = &inarg;
1401 req->out.numargs = 1;
1403 req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
1405 req->out.args[0].size = sizeof(outarg);
1406 req->out.args[0].value = &outarg;
1407 fuse_request_send(fc, req);
1408 err = req->out.h.error;
1409 fuse_put_request(fc, req);
1412 fuse_invalidate_attr(inode);
1416 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1417 make_bad_inode(inode);
1422 spin_lock(&fc->lock);
1423 fuse_change_attributes_common(inode, &outarg.attr,
1424 attr_timeout(&outarg));
1425 oldsize = inode->i_size;
1426 i_size_write(inode, outarg.attr.size);
1429 /* NOTE: this may release/reacquire fc->lock */
1430 __fuse_release_nowrite(inode);
1432 spin_unlock(&fc->lock);
1435 * Only call invalidate_inode_pages2() after removing
1436 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1438 if (S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1439 truncate_pagecache(inode, oldsize, outarg.attr.size);
1440 invalidate_inode_pages2(inode->i_mapping);
1447 fuse_release_nowrite(inode);
1452 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1454 if (attr->ia_valid & ATTR_FILE)
1455 return fuse_do_setattr(entry, attr, attr->ia_file);
1457 return fuse_do_setattr(entry, attr, NULL);
1460 static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry,
1463 struct inode *inode = entry->d_inode;
1464 struct fuse_conn *fc = get_fuse_conn(inode);
1466 if (!fuse_allow_task(fc, current))
1469 return fuse_update_attributes(inode, stat, NULL, NULL);
1472 static int fuse_setxattr(struct dentry *entry, const char *name,
1473 const void *value, size_t size, int flags)
1475 struct inode *inode = entry->d_inode;
1476 struct fuse_conn *fc = get_fuse_conn(inode);
1477 struct fuse_req *req;
1478 struct fuse_setxattr_in inarg;
1481 if (fc->no_setxattr)
1484 req = fuse_get_req(fc);
1486 return PTR_ERR(req);
1488 memset(&inarg, 0, sizeof(inarg));
1490 inarg.flags = flags;
1491 req->in.h.opcode = FUSE_SETXATTR;
1492 req->in.h.nodeid = get_node_id(inode);
1493 req->in.numargs = 3;
1494 req->in.args[0].size = sizeof(inarg);
1495 req->in.args[0].value = &inarg;
1496 req->in.args[1].size = strlen(name) + 1;
1497 req->in.args[1].value = name;
1498 req->in.args[2].size = size;
1499 req->in.args[2].value = value;
1500 fuse_request_send(fc, req);
1501 err = req->out.h.error;
1502 fuse_put_request(fc, req);
1503 if (err == -ENOSYS) {
1504 fc->no_setxattr = 1;
1510 static ssize_t fuse_getxattr(struct dentry *entry, const char *name,
1511 void *value, size_t size)
1513 struct inode *inode = entry->d_inode;
1514 struct fuse_conn *fc = get_fuse_conn(inode);
1515 struct fuse_req *req;
1516 struct fuse_getxattr_in inarg;
1517 struct fuse_getxattr_out outarg;
1520 if (fc->no_getxattr)
1523 req = fuse_get_req(fc);
1525 return PTR_ERR(req);
1527 memset(&inarg, 0, sizeof(inarg));
1529 req->in.h.opcode = FUSE_GETXATTR;
1530 req->in.h.nodeid = get_node_id(inode);
1531 req->in.numargs = 2;
1532 req->in.args[0].size = sizeof(inarg);
1533 req->in.args[0].value = &inarg;
1534 req->in.args[1].size = strlen(name) + 1;
1535 req->in.args[1].value = name;
1536 /* This is really two different operations rolled into one */
1537 req->out.numargs = 1;
1539 req->out.argvar = 1;
1540 req->out.args[0].size = size;
1541 req->out.args[0].value = value;
1543 req->out.args[0].size = sizeof(outarg);
1544 req->out.args[0].value = &outarg;
1546 fuse_request_send(fc, req);
1547 ret = req->out.h.error;
1549 ret = size ? req->out.args[0].size : outarg.size;
1551 if (ret == -ENOSYS) {
1552 fc->no_getxattr = 1;
1556 fuse_put_request(fc, req);
1560 static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
1562 struct inode *inode = entry->d_inode;
1563 struct fuse_conn *fc = get_fuse_conn(inode);
1564 struct fuse_req *req;
1565 struct fuse_getxattr_in inarg;
1566 struct fuse_getxattr_out outarg;
1569 if (!fuse_allow_task(fc, current))
1572 if (fc->no_listxattr)
1575 req = fuse_get_req(fc);
1577 return PTR_ERR(req);
1579 memset(&inarg, 0, sizeof(inarg));
1581 req->in.h.opcode = FUSE_LISTXATTR;
1582 req->in.h.nodeid = get_node_id(inode);
1583 req->in.numargs = 1;
1584 req->in.args[0].size = sizeof(inarg);
1585 req->in.args[0].value = &inarg;
1586 /* This is really two different operations rolled into one */
1587 req->out.numargs = 1;
1589 req->out.argvar = 1;
1590 req->out.args[0].size = size;
1591 req->out.args[0].value = list;
1593 req->out.args[0].size = sizeof(outarg);
1594 req->out.args[0].value = &outarg;
1596 fuse_request_send(fc, req);
1597 ret = req->out.h.error;
1599 ret = size ? req->out.args[0].size : outarg.size;
1601 if (ret == -ENOSYS) {
1602 fc->no_listxattr = 1;
1606 fuse_put_request(fc, req);
1610 static int fuse_removexattr(struct dentry *entry, const char *name)
1612 struct inode *inode = entry->d_inode;
1613 struct fuse_conn *fc = get_fuse_conn(inode);
1614 struct fuse_req *req;
1617 if (fc->no_removexattr)
1620 req = fuse_get_req(fc);
1622 return PTR_ERR(req);
1624 req->in.h.opcode = FUSE_REMOVEXATTR;
1625 req->in.h.nodeid = get_node_id(inode);
1626 req->in.numargs = 1;
1627 req->in.args[0].size = strlen(name) + 1;
1628 req->in.args[0].value = name;
1629 fuse_request_send(fc, req);
1630 err = req->out.h.error;
1631 fuse_put_request(fc, req);
1632 if (err == -ENOSYS) {
1633 fc->no_removexattr = 1;
1639 static const struct inode_operations fuse_dir_inode_operations = {
1640 .lookup = fuse_lookup,
1641 .mkdir = fuse_mkdir,
1642 .symlink = fuse_symlink,
1643 .unlink = fuse_unlink,
1644 .rmdir = fuse_rmdir,
1645 .rename = fuse_rename,
1647 .setattr = fuse_setattr,
1648 .create = fuse_create,
1649 .mknod = fuse_mknod,
1650 .permission = fuse_permission,
1651 .getattr = fuse_getattr,
1652 .setxattr = fuse_setxattr,
1653 .getxattr = fuse_getxattr,
1654 .listxattr = fuse_listxattr,
1655 .removexattr = fuse_removexattr,
1658 static const struct file_operations fuse_dir_operations = {
1659 .llseek = generic_file_llseek,
1660 .read = generic_read_dir,
1661 .readdir = fuse_readdir,
1662 .open = fuse_dir_open,
1663 .release = fuse_dir_release,
1664 .fsync = fuse_dir_fsync,
1665 .unlocked_ioctl = fuse_dir_ioctl,
1666 .compat_ioctl = fuse_dir_compat_ioctl,
1669 static const struct inode_operations fuse_common_inode_operations = {
1670 .setattr = fuse_setattr,
1671 .permission = fuse_permission,
1672 .getattr = fuse_getattr,
1673 .setxattr = fuse_setxattr,
1674 .getxattr = fuse_getxattr,
1675 .listxattr = fuse_listxattr,
1676 .removexattr = fuse_removexattr,
1679 static const struct inode_operations fuse_symlink_inode_operations = {
1680 .setattr = fuse_setattr,
1681 .follow_link = fuse_follow_link,
1682 .put_link = fuse_put_link,
1683 .readlink = generic_readlink,
1684 .getattr = fuse_getattr,
1685 .setxattr = fuse_setxattr,
1686 .getxattr = fuse_getxattr,
1687 .listxattr = fuse_listxattr,
1688 .removexattr = fuse_removexattr,
1691 void fuse_init_common(struct inode *inode)
1693 inode->i_op = &fuse_common_inode_operations;
1696 void fuse_init_dir(struct inode *inode)
1698 inode->i_op = &fuse_dir_inode_operations;
1699 inode->i_fop = &fuse_dir_operations;
1702 void fuse_init_symlink(struct inode *inode)
1704 inode->i_op = &fuse_symlink_inode_operations;
projects / ~andy / linux / blob