1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* Provide a way to create a superblock configuration context within the kernel |
3 | * that allows a superblock to be set up prior to mounting. |
4 | * |
5 | * Copyright (C) 2017 Red Hat, Inc. All Rights Reserved. |
6 | * Written by David Howells (dhowells@redhat.com) |
7 | */ |
8 | |
9 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt |
10 | #include <linux/module.h> |
11 | #include <linux/fs_context.h> |
12 | #include <linux/fs_parser.h> |
13 | #include <linux/fs.h> |
14 | #include <linux/mount.h> |
15 | #include <linux/nsproxy.h> |
16 | #include <linux/slab.h> |
17 | #include <linux/magic.h> |
18 | #include <linux/security.h> |
19 | #include <linux/mnt_namespace.h> |
20 | #include <linux/pid_namespace.h> |
21 | #include <linux/user_namespace.h> |
22 | #include <net/net_namespace.h> |
23 | #include <asm/sections.h> |
24 | #include "mount.h" |
25 | #include "internal.h" |
26 | |
27 | enum legacy_fs_param { |
28 | LEGACY_FS_UNSET_PARAMS, |
29 | LEGACY_FS_MONOLITHIC_PARAMS, |
30 | LEGACY_FS_INDIVIDUAL_PARAMS, |
31 | }; |
32 | |
33 | struct legacy_fs_context { |
34 | char *legacy_data; /* Data page for legacy filesystems */ |
35 | size_t data_size; |
36 | enum legacy_fs_param param_type; |
37 | }; |
38 | |
39 | static int legacy_init_fs_context(struct fs_context *fc); |
40 | |
41 | static const struct constant_table common_set_sb_flag[] = { |
42 | { "dirsync" , SB_DIRSYNC }, |
43 | { "lazytime" , SB_LAZYTIME }, |
44 | { "mand" , SB_MANDLOCK }, |
45 | { "ro" , SB_RDONLY }, |
46 | { "sync" , SB_SYNCHRONOUS }, |
47 | { }, |
48 | }; |
49 | |
50 | static const struct constant_table common_clear_sb_flag[] = { |
51 | { "async" , SB_SYNCHRONOUS }, |
52 | { "nolazytime" , SB_LAZYTIME }, |
53 | { "nomand" , SB_MANDLOCK }, |
54 | { "rw" , SB_RDONLY }, |
55 | { }, |
56 | }; |
57 | |
58 | /* |
59 | * Check for a common mount option that manipulates s_flags. |
60 | */ |
61 | static int vfs_parse_sb_flag(struct fs_context *fc, const char *key) |
62 | { |
63 | unsigned int token; |
64 | |
65 | token = lookup_constant(tbl: common_set_sb_flag, name: key, not_found: 0); |
66 | if (token) { |
67 | fc->sb_flags |= token; |
68 | fc->sb_flags_mask |= token; |
69 | return 0; |
70 | } |
71 | |
72 | token = lookup_constant(tbl: common_clear_sb_flag, name: key, not_found: 0); |
73 | if (token) { |
74 | fc->sb_flags &= ~token; |
75 | fc->sb_flags_mask |= token; |
76 | return 0; |
77 | } |
78 | |
79 | return -ENOPARAM; |
80 | } |
81 | |
82 | /** |
83 | * vfs_parse_fs_param_source - Handle setting "source" via parameter |
84 | * @fc: The filesystem context to modify |
85 | * @param: The parameter |
86 | * |
87 | * This is a simple helper for filesystems to verify that the "source" they |
88 | * accept is sane. |
89 | * |
90 | * Returns 0 on success, -ENOPARAM if this is not "source" parameter, and |
91 | * -EINVAL otherwise. In the event of failure, supplementary error information |
92 | * is logged. |
93 | */ |
94 | int vfs_parse_fs_param_source(struct fs_context *fc, struct fs_parameter *param) |
95 | { |
96 | if (strcmp(param->key, "source" ) != 0) |
97 | return -ENOPARAM; |
98 | |
99 | if (param->type != fs_value_is_string) |
100 | return invalf(fc, "Non-string source" ); |
101 | |
102 | if (fc->source) |
103 | return invalf(fc, "Multiple sources" ); |
104 | |
105 | fc->source = param->string; |
106 | param->string = NULL; |
107 | return 0; |
108 | } |
109 | EXPORT_SYMBOL(vfs_parse_fs_param_source); |
110 | |
111 | /** |
112 | * vfs_parse_fs_param - Add a single parameter to a superblock config |
113 | * @fc: The filesystem context to modify |
114 | * @param: The parameter |
115 | * |
116 | * A single mount option in string form is applied to the filesystem context |
117 | * being set up. Certain standard options (for example "ro") are translated |
118 | * into flag bits without going to the filesystem. The active security module |
119 | * is allowed to observe and poach options. Any other options are passed over |
120 | * to the filesystem to parse. |
121 | * |
122 | * This may be called multiple times for a context. |
123 | * |
124 | * Returns 0 on success and a negative error code on failure. In the event of |
125 | * failure, supplementary error information may have been set. |
126 | */ |
127 | int vfs_parse_fs_param(struct fs_context *fc, struct fs_parameter *param) |
128 | { |
129 | int ret; |
130 | |
131 | if (!param->key) |
132 | return invalf(fc, "Unnamed parameter\n" ); |
133 | |
134 | ret = vfs_parse_sb_flag(fc, key: param->key); |
135 | if (ret != -ENOPARAM) |
136 | return ret; |
137 | |
138 | ret = security_fs_context_parse_param(fc, param); |
139 | if (ret != -ENOPARAM) |
140 | /* Param belongs to the LSM or is disallowed by the LSM; so |
141 | * don't pass to the FS. |
142 | */ |
143 | return ret; |
144 | |
145 | if (fc->ops->parse_param) { |
146 | ret = fc->ops->parse_param(fc, param); |
147 | if (ret != -ENOPARAM) |
148 | return ret; |
149 | } |
150 | |
151 | /* If the filesystem doesn't take any arguments, give it the |
152 | * default handling of source. |
153 | */ |
154 | ret = vfs_parse_fs_param_source(fc, param); |
155 | if (ret != -ENOPARAM) |
156 | return ret; |
157 | |
158 | return invalf(fc, "%s: Unknown parameter '%s'" , |
159 | fc->fs_type->name, param->key); |
160 | } |
161 | EXPORT_SYMBOL(vfs_parse_fs_param); |
162 | |
163 | /** |
164 | * vfs_parse_fs_string - Convenience function to just parse a string. |
165 | * @fc: Filesystem context. |
166 | * @key: Parameter name. |
167 | * @value: Default value. |
168 | * @v_size: Maximum number of bytes in the value. |
169 | */ |
170 | int vfs_parse_fs_string(struct fs_context *fc, const char *key, |
171 | const char *value, size_t v_size) |
172 | { |
173 | int ret; |
174 | |
175 | struct fs_parameter param = { |
176 | .key = key, |
177 | .type = fs_value_is_flag, |
178 | .size = v_size, |
179 | }; |
180 | |
181 | if (value) { |
182 | param.string = kmemdup_nul(s: value, len: v_size, GFP_KERNEL); |
183 | if (!param.string) |
184 | return -ENOMEM; |
185 | param.type = fs_value_is_string; |
186 | } |
187 | |
188 | ret = vfs_parse_fs_param(fc, ¶m); |
189 | kfree(objp: param.string); |
190 | return ret; |
191 | } |
192 | EXPORT_SYMBOL(vfs_parse_fs_string); |
193 | |
194 | /** |
195 | * vfs_parse_monolithic_sep - Parse key[=val][,key[=val]]* mount data |
196 | * @fc: The superblock configuration to fill in. |
197 | * @data: The data to parse |
198 | * @sep: callback for separating next option |
199 | * |
200 | * Parse a blob of data that's in key[=val][,key[=val]]* form with a custom |
201 | * option separator callback. |
202 | * |
203 | * Returns 0 on success or the error returned by the ->parse_option() fs_context |
204 | * operation on failure. |
205 | */ |
206 | int vfs_parse_monolithic_sep(struct fs_context *fc, void *data, |
207 | char *(*sep)(char **)) |
208 | { |
209 | char *options = data, *key; |
210 | int ret = 0; |
211 | |
212 | if (!options) |
213 | return 0; |
214 | |
215 | ret = security_sb_eat_lsm_opts(options, mnt_opts: &fc->security); |
216 | if (ret) |
217 | return ret; |
218 | |
219 | while ((key = sep(&options)) != NULL) { |
220 | if (*key) { |
221 | size_t v_len = 0; |
222 | char *value = strchr(key, '='); |
223 | |
224 | if (value) { |
225 | if (value == key) |
226 | continue; |
227 | *value++ = 0; |
228 | v_len = strlen(value); |
229 | } |
230 | ret = vfs_parse_fs_string(fc, key, value, v_len); |
231 | if (ret < 0) |
232 | break; |
233 | } |
234 | } |
235 | |
236 | return ret; |
237 | } |
238 | EXPORT_SYMBOL(vfs_parse_monolithic_sep); |
239 | |
240 | static char *vfs_parse_comma_sep(char **s) |
241 | { |
242 | return strsep(s, "," ); |
243 | } |
244 | |
245 | /** |
246 | * generic_parse_monolithic - Parse key[=val][,key[=val]]* mount data |
247 | * @fc: The superblock configuration to fill in. |
248 | * @data: The data to parse |
249 | * |
250 | * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be |
251 | * called from the ->monolithic_mount_data() fs_context operation. |
252 | * |
253 | * Returns 0 on success or the error returned by the ->parse_option() fs_context |
254 | * operation on failure. |
255 | */ |
256 | int generic_parse_monolithic(struct fs_context *fc, void *data) |
257 | { |
258 | return vfs_parse_monolithic_sep(fc, data, vfs_parse_comma_sep); |
259 | } |
260 | EXPORT_SYMBOL(generic_parse_monolithic); |
261 | |
262 | /** |
263 | * alloc_fs_context - Create a filesystem context. |
264 | * @fs_type: The filesystem type. |
265 | * @reference: The dentry from which this one derives (or NULL) |
266 | * @sb_flags: Filesystem/superblock flags (SB_*) |
267 | * @sb_flags_mask: Applicable members of @sb_flags |
268 | * @purpose: The purpose that this configuration shall be used for. |
269 | * |
270 | * Open a filesystem and create a mount context. The mount context is |
271 | * initialised with the supplied flags and, if a submount/automount from |
272 | * another superblock (referred to by @reference) is supplied, may have |
273 | * parameters such as namespaces copied across from that superblock. |
274 | */ |
275 | static struct fs_context *alloc_fs_context(struct file_system_type *fs_type, |
276 | struct dentry *reference, |
277 | unsigned int sb_flags, |
278 | unsigned int sb_flags_mask, |
279 | enum fs_context_purpose purpose) |
280 | { |
281 | int (*init_fs_context)(struct fs_context *); |
282 | struct fs_context *fc; |
283 | int ret = -ENOMEM; |
284 | |
285 | fc = kzalloc(size: sizeof(struct fs_context), GFP_KERNEL_ACCOUNT); |
286 | if (!fc) |
287 | return ERR_PTR(error: -ENOMEM); |
288 | |
289 | fc->purpose = purpose; |
290 | fc->sb_flags = sb_flags; |
291 | fc->sb_flags_mask = sb_flags_mask; |
292 | fc->fs_type = get_filesystem(fs: fs_type); |
293 | fc->cred = get_current_cred(); |
294 | fc->net_ns = get_net(current->nsproxy->net_ns); |
295 | fc->log.prefix = fs_type->name; |
296 | |
297 | mutex_init(&fc->uapi_mutex); |
298 | |
299 | switch (purpose) { |
300 | case FS_CONTEXT_FOR_MOUNT: |
301 | fc->user_ns = get_user_ns(ns: fc->cred->user_ns); |
302 | break; |
303 | case FS_CONTEXT_FOR_SUBMOUNT: |
304 | fc->user_ns = get_user_ns(ns: reference->d_sb->s_user_ns); |
305 | break; |
306 | case FS_CONTEXT_FOR_RECONFIGURE: |
307 | atomic_inc(v: &reference->d_sb->s_active); |
308 | fc->user_ns = get_user_ns(ns: reference->d_sb->s_user_ns); |
309 | fc->root = dget(dentry: reference); |
310 | break; |
311 | } |
312 | |
313 | /* TODO: Make all filesystems support this unconditionally */ |
314 | init_fs_context = fc->fs_type->init_fs_context; |
315 | if (!init_fs_context) |
316 | init_fs_context = legacy_init_fs_context; |
317 | |
318 | ret = init_fs_context(fc); |
319 | if (ret < 0) |
320 | goto err_fc; |
321 | fc->need_free = true; |
322 | return fc; |
323 | |
324 | err_fc: |
325 | put_fs_context(fc); |
326 | return ERR_PTR(error: ret); |
327 | } |
328 | |
329 | struct fs_context *fs_context_for_mount(struct file_system_type *fs_type, |
330 | unsigned int sb_flags) |
331 | { |
332 | return alloc_fs_context(fs_type, NULL, sb_flags, sb_flags_mask: 0, |
333 | purpose: FS_CONTEXT_FOR_MOUNT); |
334 | } |
335 | EXPORT_SYMBOL(fs_context_for_mount); |
336 | |
337 | struct fs_context *fs_context_for_reconfigure(struct dentry *dentry, |
338 | unsigned int sb_flags, |
339 | unsigned int sb_flags_mask) |
340 | { |
341 | return alloc_fs_context(fs_type: dentry->d_sb->s_type, reference: dentry, sb_flags, |
342 | sb_flags_mask, purpose: FS_CONTEXT_FOR_RECONFIGURE); |
343 | } |
344 | EXPORT_SYMBOL(fs_context_for_reconfigure); |
345 | |
346 | /** |
347 | * fs_context_for_submount: allocate a new fs_context for a submount |
348 | * @type: file_system_type of the new context |
349 | * @reference: reference dentry from which to copy relevant info |
350 | * |
351 | * Allocate a new fs_context suitable for a submount. This also ensures that |
352 | * the fc->security object is inherited from @reference (if needed). |
353 | */ |
354 | struct fs_context *fs_context_for_submount(struct file_system_type *type, |
355 | struct dentry *reference) |
356 | { |
357 | struct fs_context *fc; |
358 | int ret; |
359 | |
360 | fc = alloc_fs_context(fs_type: type, reference, sb_flags: 0, sb_flags_mask: 0, purpose: FS_CONTEXT_FOR_SUBMOUNT); |
361 | if (IS_ERR(ptr: fc)) |
362 | return fc; |
363 | |
364 | ret = security_fs_context_submount(fc, reference: reference->d_sb); |
365 | if (ret) { |
366 | put_fs_context(fc); |
367 | return ERR_PTR(error: ret); |
368 | } |
369 | |
370 | return fc; |
371 | } |
372 | EXPORT_SYMBOL(fs_context_for_submount); |
373 | |
374 | void fc_drop_locked(struct fs_context *fc) |
375 | { |
376 | struct super_block *sb = fc->root->d_sb; |
377 | dput(fc->root); |
378 | fc->root = NULL; |
379 | deactivate_locked_super(sb); |
380 | } |
381 | |
382 | static void legacy_fs_context_free(struct fs_context *fc); |
383 | |
384 | /** |
385 | * vfs_dup_fs_context - Duplicate a filesystem context. |
386 | * @src_fc: The context to copy. |
387 | */ |
388 | struct fs_context *vfs_dup_fs_context(struct fs_context *src_fc) |
389 | { |
390 | struct fs_context *fc; |
391 | int ret; |
392 | |
393 | if (!src_fc->ops->dup) |
394 | return ERR_PTR(error: -EOPNOTSUPP); |
395 | |
396 | fc = kmemdup(p: src_fc, size: sizeof(struct fs_context), GFP_KERNEL); |
397 | if (!fc) |
398 | return ERR_PTR(error: -ENOMEM); |
399 | |
400 | mutex_init(&fc->uapi_mutex); |
401 | |
402 | fc->fs_private = NULL; |
403 | fc->s_fs_info = NULL; |
404 | fc->source = NULL; |
405 | fc->security = NULL; |
406 | get_filesystem(fs: fc->fs_type); |
407 | get_net(net: fc->net_ns); |
408 | get_user_ns(ns: fc->user_ns); |
409 | get_cred(cred: fc->cred); |
410 | if (fc->log.log) |
411 | refcount_inc(r: &fc->log.log->usage); |
412 | |
413 | /* Can't call put until we've called ->dup */ |
414 | ret = fc->ops->dup(fc, src_fc); |
415 | if (ret < 0) |
416 | goto err_fc; |
417 | |
418 | ret = security_fs_context_dup(fc, src_fc); |
419 | if (ret < 0) |
420 | goto err_fc; |
421 | return fc; |
422 | |
423 | err_fc: |
424 | put_fs_context(fc); |
425 | return ERR_PTR(error: ret); |
426 | } |
427 | EXPORT_SYMBOL(vfs_dup_fs_context); |
428 | |
429 | /** |
430 | * logfc - Log a message to a filesystem context |
431 | * @log: The filesystem context to log to, or NULL to use printk. |
432 | * @prefix: A string to prefix the output with, or NULL. |
433 | * @level: 'w' for a warning, 'e' for an error. Anything else is a notice. |
434 | * @fmt: The format of the buffer. |
435 | */ |
436 | void logfc(struct fc_log *log, const char *prefix, char level, const char *fmt, ...) |
437 | { |
438 | va_list va; |
439 | struct va_format vaf = {.fmt = fmt, .va = &va}; |
440 | |
441 | va_start(va, fmt); |
442 | if (!log) { |
443 | switch (level) { |
444 | case 'w': |
445 | printk(KERN_WARNING "%s%s%pV\n" , prefix ? prefix : "" , |
446 | prefix ? ": " : "" , &vaf); |
447 | break; |
448 | case 'e': |
449 | printk(KERN_ERR "%s%s%pV\n" , prefix ? prefix : "" , |
450 | prefix ? ": " : "" , &vaf); |
451 | break; |
452 | default: |
453 | printk(KERN_NOTICE "%s%s%pV\n" , prefix ? prefix : "" , |
454 | prefix ? ": " : "" , &vaf); |
455 | break; |
456 | } |
457 | } else { |
458 | unsigned int logsize = ARRAY_SIZE(log->buffer); |
459 | u8 index; |
460 | char *q = kasprintf(GFP_KERNEL, fmt: "%c %s%s%pV\n" , level, |
461 | prefix ? prefix : "" , |
462 | prefix ? ": " : "" , &vaf); |
463 | |
464 | index = log->head & (logsize - 1); |
465 | BUILD_BUG_ON(sizeof(log->head) != sizeof(u8) || |
466 | sizeof(log->tail) != sizeof(u8)); |
467 | if ((u8)(log->head - log->tail) == logsize) { |
468 | /* The buffer is full, discard the oldest message */ |
469 | if (log->need_free & (1 << index)) |
470 | kfree(objp: log->buffer[index]); |
471 | log->tail++; |
472 | } |
473 | |
474 | log->buffer[index] = q ? q : "OOM: Can't store error string" ; |
475 | if (q) |
476 | log->need_free |= 1 << index; |
477 | else |
478 | log->need_free &= ~(1 << index); |
479 | log->head++; |
480 | } |
481 | va_end(va); |
482 | } |
483 | EXPORT_SYMBOL(logfc); |
484 | |
485 | /* |
486 | * Free a logging structure. |
487 | */ |
488 | static void put_fc_log(struct fs_context *fc) |
489 | { |
490 | struct fc_log *log = fc->log.log; |
491 | int i; |
492 | |
493 | if (log) { |
494 | if (refcount_dec_and_test(r: &log->usage)) { |
495 | fc->log.log = NULL; |
496 | for (i = 0; i <= 7; i++) |
497 | if (log->need_free & (1 << i)) |
498 | kfree(objp: log->buffer[i]); |
499 | kfree(objp: log); |
500 | } |
501 | } |
502 | } |
503 | |
504 | /** |
505 | * put_fs_context - Dispose of a superblock configuration context. |
506 | * @fc: The context to dispose of. |
507 | */ |
508 | void put_fs_context(struct fs_context *fc) |
509 | { |
510 | struct super_block *sb; |
511 | |
512 | if (fc->root) { |
513 | sb = fc->root->d_sb; |
514 | dput(fc->root); |
515 | fc->root = NULL; |
516 | deactivate_super(sb); |
517 | } |
518 | |
519 | if (fc->need_free && fc->ops && fc->ops->free) |
520 | fc->ops->free(fc); |
521 | |
522 | security_free_mnt_opts(mnt_opts: &fc->security); |
523 | put_net(net: fc->net_ns); |
524 | put_user_ns(ns: fc->user_ns); |
525 | put_cred(cred: fc->cred); |
526 | put_fc_log(fc); |
527 | put_filesystem(fs: fc->fs_type); |
528 | kfree(objp: fc->source); |
529 | kfree(objp: fc); |
530 | } |
531 | EXPORT_SYMBOL(put_fs_context); |
532 | |
533 | /* |
534 | * Free the config for a filesystem that doesn't support fs_context. |
535 | */ |
536 | static void legacy_fs_context_free(struct fs_context *fc) |
537 | { |
538 | struct legacy_fs_context *ctx = fc->fs_private; |
539 | |
540 | if (ctx) { |
541 | if (ctx->param_type == LEGACY_FS_INDIVIDUAL_PARAMS) |
542 | kfree(objp: ctx->legacy_data); |
543 | kfree(objp: ctx); |
544 | } |
545 | } |
546 | |
547 | /* |
548 | * Duplicate a legacy config. |
549 | */ |
550 | static int legacy_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) |
551 | { |
552 | struct legacy_fs_context *ctx; |
553 | struct legacy_fs_context *src_ctx = src_fc->fs_private; |
554 | |
555 | ctx = kmemdup(p: src_ctx, size: sizeof(*src_ctx), GFP_KERNEL); |
556 | if (!ctx) |
557 | return -ENOMEM; |
558 | |
559 | if (ctx->param_type == LEGACY_FS_INDIVIDUAL_PARAMS) { |
560 | ctx->legacy_data = kmemdup(p: src_ctx->legacy_data, |
561 | size: src_ctx->data_size, GFP_KERNEL); |
562 | if (!ctx->legacy_data) { |
563 | kfree(objp: ctx); |
564 | return -ENOMEM; |
565 | } |
566 | } |
567 | |
568 | fc->fs_private = ctx; |
569 | return 0; |
570 | } |
571 | |
572 | /* |
573 | * Add a parameter to a legacy config. We build up a comma-separated list of |
574 | * options. |
575 | */ |
576 | static int legacy_parse_param(struct fs_context *fc, struct fs_parameter *param) |
577 | { |
578 | struct legacy_fs_context *ctx = fc->fs_private; |
579 | unsigned int size = ctx->data_size; |
580 | size_t len = 0; |
581 | int ret; |
582 | |
583 | ret = vfs_parse_fs_param_source(fc, param); |
584 | if (ret != -ENOPARAM) |
585 | return ret; |
586 | |
587 | if (ctx->param_type == LEGACY_FS_MONOLITHIC_PARAMS) |
588 | return invalf(fc, "VFS: Legacy: Can't mix monolithic and individual options" ); |
589 | |
590 | switch (param->type) { |
591 | case fs_value_is_string: |
592 | len = 1 + param->size; |
593 | fallthrough; |
594 | case fs_value_is_flag: |
595 | len += strlen(param->key); |
596 | break; |
597 | default: |
598 | return invalf(fc, "VFS: Legacy: Parameter type for '%s' not supported" , |
599 | param->key); |
600 | } |
601 | |
602 | if (size + len + 2 > PAGE_SIZE) |
603 | return invalf(fc, "VFS: Legacy: Cumulative options too large" ); |
604 | if (strchr(param->key, ',') || |
605 | (param->type == fs_value_is_string && |
606 | memchr(p: param->string, c: ',', size: param->size))) |
607 | return invalf(fc, "VFS: Legacy: Option '%s' contained comma" , |
608 | param->key); |
609 | if (!ctx->legacy_data) { |
610 | ctx->legacy_data = kmalloc(PAGE_SIZE, GFP_KERNEL); |
611 | if (!ctx->legacy_data) |
612 | return -ENOMEM; |
613 | } |
614 | |
615 | if (size) |
616 | ctx->legacy_data[size++] = ','; |
617 | len = strlen(param->key); |
618 | memcpy(ctx->legacy_data + size, param->key, len); |
619 | size += len; |
620 | if (param->type == fs_value_is_string) { |
621 | ctx->legacy_data[size++] = '='; |
622 | memcpy(ctx->legacy_data + size, param->string, param->size); |
623 | size += param->size; |
624 | } |
625 | ctx->legacy_data[size] = '\0'; |
626 | ctx->data_size = size; |
627 | ctx->param_type = LEGACY_FS_INDIVIDUAL_PARAMS; |
628 | return 0; |
629 | } |
630 | |
631 | /* |
632 | * Add monolithic mount data. |
633 | */ |
634 | static int legacy_parse_monolithic(struct fs_context *fc, void *data) |
635 | { |
636 | struct legacy_fs_context *ctx = fc->fs_private; |
637 | |
638 | if (ctx->param_type != LEGACY_FS_UNSET_PARAMS) { |
639 | pr_warn("VFS: Can't mix monolithic and individual options\n" ); |
640 | return -EINVAL; |
641 | } |
642 | |
643 | ctx->legacy_data = data; |
644 | ctx->param_type = LEGACY_FS_MONOLITHIC_PARAMS; |
645 | if (!ctx->legacy_data) |
646 | return 0; |
647 | |
648 | if (fc->fs_type->fs_flags & FS_BINARY_MOUNTDATA) |
649 | return 0; |
650 | return security_sb_eat_lsm_opts(options: ctx->legacy_data, mnt_opts: &fc->security); |
651 | } |
652 | |
653 | /* |
654 | * Get a mountable root with the legacy mount command. |
655 | */ |
656 | static int legacy_get_tree(struct fs_context *fc) |
657 | { |
658 | struct legacy_fs_context *ctx = fc->fs_private; |
659 | struct super_block *sb; |
660 | struct dentry *root; |
661 | |
662 | root = fc->fs_type->mount(fc->fs_type, fc->sb_flags, |
663 | fc->source, ctx->legacy_data); |
664 | if (IS_ERR(ptr: root)) |
665 | return PTR_ERR(ptr: root); |
666 | |
667 | sb = root->d_sb; |
668 | BUG_ON(!sb); |
669 | |
670 | fc->root = root; |
671 | return 0; |
672 | } |
673 | |
674 | /* |
675 | * Handle remount. |
676 | */ |
677 | static int legacy_reconfigure(struct fs_context *fc) |
678 | { |
679 | struct legacy_fs_context *ctx = fc->fs_private; |
680 | struct super_block *sb = fc->root->d_sb; |
681 | |
682 | if (!sb->s_op->remount_fs) |
683 | return 0; |
684 | |
685 | return sb->s_op->remount_fs(sb, &fc->sb_flags, |
686 | ctx ? ctx->legacy_data : NULL); |
687 | } |
688 | |
689 | const struct fs_context_operations legacy_fs_context_ops = { |
690 | .free = legacy_fs_context_free, |
691 | .dup = legacy_fs_context_dup, |
692 | .parse_param = legacy_parse_param, |
693 | .parse_monolithic = legacy_parse_monolithic, |
694 | .get_tree = legacy_get_tree, |
695 | .reconfigure = legacy_reconfigure, |
696 | }; |
697 | |
698 | /* |
699 | * Initialise a legacy context for a filesystem that doesn't support |
700 | * fs_context. |
701 | */ |
702 | static int legacy_init_fs_context(struct fs_context *fc) |
703 | { |
704 | fc->fs_private = kzalloc(size: sizeof(struct legacy_fs_context), GFP_KERNEL_ACCOUNT); |
705 | if (!fc->fs_private) |
706 | return -ENOMEM; |
707 | fc->ops = &legacy_fs_context_ops; |
708 | return 0; |
709 | } |
710 | |
711 | int parse_monolithic_mount_data(struct fs_context *fc, void *data) |
712 | { |
713 | int (*monolithic_mount_data)(struct fs_context *, void *); |
714 | |
715 | monolithic_mount_data = fc->ops->parse_monolithic; |
716 | if (!monolithic_mount_data) |
717 | monolithic_mount_data = generic_parse_monolithic; |
718 | |
719 | return monolithic_mount_data(fc, data); |
720 | } |
721 | |
722 | /* |
723 | * Clean up a context after performing an action on it and put it into a state |
724 | * from where it can be used to reconfigure a superblock. |
725 | * |
726 | * Note that here we do only the parts that can't fail; the rest is in |
727 | * finish_clean_context() below and in between those fs_context is marked |
728 | * FS_CONTEXT_AWAITING_RECONF. The reason for splitup is that after |
729 | * successful mount or remount we need to report success to userland. |
730 | * Trying to do full reinit (for the sake of possible subsequent remount) |
731 | * and failing to allocate memory would've put us into a nasty situation. |
732 | * So here we only discard the old state and reinitialization is left |
733 | * until we actually try to reconfigure. |
734 | */ |
735 | void vfs_clean_context(struct fs_context *fc) |
736 | { |
737 | if (fc->need_free && fc->ops && fc->ops->free) |
738 | fc->ops->free(fc); |
739 | fc->need_free = false; |
740 | fc->fs_private = NULL; |
741 | fc->s_fs_info = NULL; |
742 | fc->sb_flags = 0; |
743 | security_free_mnt_opts(mnt_opts: &fc->security); |
744 | kfree(objp: fc->source); |
745 | fc->source = NULL; |
746 | fc->exclusive = false; |
747 | |
748 | fc->purpose = FS_CONTEXT_FOR_RECONFIGURE; |
749 | fc->phase = FS_CONTEXT_AWAITING_RECONF; |
750 | } |
751 | |
752 | int finish_clean_context(struct fs_context *fc) |
753 | { |
754 | int error; |
755 | |
756 | if (fc->phase != FS_CONTEXT_AWAITING_RECONF) |
757 | return 0; |
758 | |
759 | if (fc->fs_type->init_fs_context) |
760 | error = fc->fs_type->init_fs_context(fc); |
761 | else |
762 | error = legacy_init_fs_context(fc); |
763 | if (unlikely(error)) { |
764 | fc->phase = FS_CONTEXT_FAILED; |
765 | return error; |
766 | } |
767 | fc->need_free = true; |
768 | fc->phase = FS_CONTEXT_RECONF_PARAMS; |
769 | return 0; |
770 | } |
771 | |