1 | /* |
2 | FUSE: Filesystem in Userspace |
3 | Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu> |
4 | |
5 | This program can be distributed under the terms of the GNU GPL. |
6 | See the file COPYING. |
7 | */ |
8 | |
9 | #include "fuse_i.h" |
10 | |
11 | #include <linux/pagemap.h> |
12 | #include <linux/slab.h> |
13 | #include <linux/file.h> |
14 | #include <linux/seq_file.h> |
15 | #include <linux/init.h> |
16 | #include <linux/module.h> |
17 | #include <linux/moduleparam.h> |
18 | #include <linux/fs_context.h> |
19 | #include <linux/fs_parser.h> |
20 | #include <linux/statfs.h> |
21 | #include <linux/random.h> |
22 | #include <linux/sched.h> |
23 | #include <linux/exportfs.h> |
24 | #include <linux/posix_acl.h> |
25 | #include <linux/pid_namespace.h> |
26 | #include <uapi/linux/magic.h> |
27 | |
28 | MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>" ); |
29 | MODULE_DESCRIPTION("Filesystem in Userspace" ); |
30 | MODULE_LICENSE("GPL" ); |
31 | |
32 | static struct kmem_cache *fuse_inode_cachep; |
33 | struct list_head fuse_conn_list; |
34 | DEFINE_MUTEX(fuse_mutex); |
35 | |
36 | static int set_global_limit(const char *val, const struct kernel_param *kp); |
37 | |
38 | unsigned max_user_bgreq; |
39 | module_param_call(max_user_bgreq, set_global_limit, param_get_uint, |
40 | &max_user_bgreq, 0644); |
41 | __MODULE_PARM_TYPE(max_user_bgreq, "uint" ); |
42 | MODULE_PARM_DESC(max_user_bgreq, |
43 | "Global limit for the maximum number of backgrounded requests an " |
44 | "unprivileged user can set" ); |
45 | |
46 | unsigned max_user_congthresh; |
47 | module_param_call(max_user_congthresh, set_global_limit, param_get_uint, |
48 | &max_user_congthresh, 0644); |
49 | __MODULE_PARM_TYPE(max_user_congthresh, "uint" ); |
50 | MODULE_PARM_DESC(max_user_congthresh, |
51 | "Global limit for the maximum congestion threshold an " |
52 | "unprivileged user can set" ); |
53 | |
54 | #define FUSE_DEFAULT_BLKSIZE 512 |
55 | |
56 | /** Maximum number of outstanding background requests */ |
57 | #define FUSE_DEFAULT_MAX_BACKGROUND 12 |
58 | |
59 | /** Congestion starts at 75% of maximum */ |
60 | #define FUSE_DEFAULT_CONGESTION_THRESHOLD (FUSE_DEFAULT_MAX_BACKGROUND * 3 / 4) |
61 | |
62 | #ifdef CONFIG_BLOCK |
63 | static struct file_system_type fuseblk_fs_type; |
64 | #endif |
65 | |
66 | struct fuse_forget_link *fuse_alloc_forget(void) |
67 | { |
68 | return kzalloc(size: sizeof(struct fuse_forget_link), GFP_KERNEL_ACCOUNT); |
69 | } |
70 | |
71 | static struct fuse_submount_lookup *fuse_alloc_submount_lookup(void) |
72 | { |
73 | struct fuse_submount_lookup *sl; |
74 | |
75 | sl = kzalloc(size: sizeof(struct fuse_submount_lookup), GFP_KERNEL_ACCOUNT); |
76 | if (!sl) |
77 | return NULL; |
78 | sl->forget = fuse_alloc_forget(); |
79 | if (!sl->forget) |
80 | goto out_free; |
81 | |
82 | return sl; |
83 | |
84 | out_free: |
85 | kfree(objp: sl); |
86 | return NULL; |
87 | } |
88 | |
89 | static struct inode *fuse_alloc_inode(struct super_block *sb) |
90 | { |
91 | struct fuse_inode *fi; |
92 | |
93 | fi = alloc_inode_sb(sb, cache: fuse_inode_cachep, GFP_KERNEL); |
94 | if (!fi) |
95 | return NULL; |
96 | |
97 | fi->i_time = 0; |
98 | fi->inval_mask = ~0; |
99 | fi->nodeid = 0; |
100 | fi->nlookup = 0; |
101 | fi->attr_version = 0; |
102 | fi->orig_ino = 0; |
103 | fi->state = 0; |
104 | fi->submount_lookup = NULL; |
105 | mutex_init(&fi->mutex); |
106 | spin_lock_init(&fi->lock); |
107 | fi->forget = fuse_alloc_forget(); |
108 | if (!fi->forget) |
109 | goto out_free; |
110 | |
111 | if (IS_ENABLED(CONFIG_FUSE_DAX) && !fuse_dax_inode_alloc(sb, fi)) |
112 | goto out_free_forget; |
113 | |
114 | if (IS_ENABLED(CONFIG_FUSE_PASSTHROUGH)) |
115 | fuse_inode_backing_set(fi, NULL); |
116 | |
117 | return &fi->inode; |
118 | |
119 | out_free_forget: |
120 | kfree(objp: fi->forget); |
121 | out_free: |
122 | kmem_cache_free(s: fuse_inode_cachep, objp: fi); |
123 | return NULL; |
124 | } |
125 | |
126 | static void fuse_free_inode(struct inode *inode) |
127 | { |
128 | struct fuse_inode *fi = get_fuse_inode(inode); |
129 | |
130 | mutex_destroy(lock: &fi->mutex); |
131 | kfree(objp: fi->forget); |
132 | #ifdef CONFIG_FUSE_DAX |
133 | kfree(objp: fi->dax); |
134 | #endif |
135 | if (IS_ENABLED(CONFIG_FUSE_PASSTHROUGH)) |
136 | fuse_backing_put(fb: fuse_inode_backing(fi)); |
137 | |
138 | kmem_cache_free(s: fuse_inode_cachep, objp: fi); |
139 | } |
140 | |
141 | static void fuse_cleanup_submount_lookup(struct fuse_conn *fc, |
142 | struct fuse_submount_lookup *sl) |
143 | { |
144 | if (!refcount_dec_and_test(r: &sl->count)) |
145 | return; |
146 | |
147 | fuse_queue_forget(fc, forget: sl->forget, nodeid: sl->nodeid, nlookup: 1); |
148 | sl->forget = NULL; |
149 | kfree(objp: sl); |
150 | } |
151 | |
152 | static void fuse_evict_inode(struct inode *inode) |
153 | { |
154 | struct fuse_inode *fi = get_fuse_inode(inode); |
155 | |
156 | /* Will write inode on close/munmap and in all other dirtiers */ |
157 | WARN_ON(inode->i_state & I_DIRTY_INODE); |
158 | |
159 | truncate_inode_pages_final(&inode->i_data); |
160 | clear_inode(inode); |
161 | if (inode->i_sb->s_flags & SB_ACTIVE) { |
162 | struct fuse_conn *fc = get_fuse_conn(inode); |
163 | |
164 | if (FUSE_IS_DAX(inode)) |
165 | fuse_dax_inode_cleanup(inode); |
166 | if (fi->nlookup) { |
167 | fuse_queue_forget(fc, forget: fi->forget, nodeid: fi->nodeid, |
168 | nlookup: fi->nlookup); |
169 | fi->forget = NULL; |
170 | } |
171 | |
172 | if (fi->submount_lookup) { |
173 | fuse_cleanup_submount_lookup(fc, sl: fi->submount_lookup); |
174 | fi->submount_lookup = NULL; |
175 | } |
176 | } |
177 | if (S_ISREG(inode->i_mode) && !fuse_is_bad(inode)) { |
178 | WARN_ON(fi->iocachectr != 0); |
179 | WARN_ON(!list_empty(&fi->write_files)); |
180 | WARN_ON(!list_empty(&fi->queued_writes)); |
181 | } |
182 | } |
183 | |
184 | static int fuse_reconfigure(struct fs_context *fsc) |
185 | { |
186 | struct super_block *sb = fsc->root->d_sb; |
187 | |
188 | sync_filesystem(sb); |
189 | if (fsc->sb_flags & SB_MANDLOCK) |
190 | return -EINVAL; |
191 | |
192 | return 0; |
193 | } |
194 | |
195 | /* |
196 | * ino_t is 32-bits on 32-bit arch. We have to squash the 64-bit value down |
197 | * so that it will fit. |
198 | */ |
199 | static ino_t fuse_squash_ino(u64 ino64) |
200 | { |
201 | ino_t ino = (ino_t) ino64; |
202 | if (sizeof(ino_t) < sizeof(u64)) |
203 | ino ^= ino64 >> (sizeof(u64) - sizeof(ino_t)) * 8; |
204 | return ino; |
205 | } |
206 | |
207 | void fuse_change_attributes_common(struct inode *inode, struct fuse_attr *attr, |
208 | struct fuse_statx *sx, |
209 | u64 attr_valid, u32 cache_mask) |
210 | { |
211 | struct fuse_conn *fc = get_fuse_conn(inode); |
212 | struct fuse_inode *fi = get_fuse_inode(inode); |
213 | |
214 | lockdep_assert_held(&fi->lock); |
215 | |
216 | fi->attr_version = atomic64_inc_return(v: &fc->attr_version); |
217 | fi->i_time = attr_valid; |
218 | /* Clear basic stats from invalid mask */ |
219 | set_mask_bits(&fi->inval_mask, STATX_BASIC_STATS, 0); |
220 | |
221 | inode->i_ino = fuse_squash_ino(ino64: attr->ino); |
222 | inode->i_mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777); |
223 | set_nlink(inode, nlink: attr->nlink); |
224 | inode->i_uid = make_kuid(from: fc->user_ns, uid: attr->uid); |
225 | inode->i_gid = make_kgid(from: fc->user_ns, gid: attr->gid); |
226 | inode->i_blocks = attr->blocks; |
227 | |
228 | /* Sanitize nsecs */ |
229 | attr->atimensec = min_t(u32, attr->atimensec, NSEC_PER_SEC - 1); |
230 | attr->mtimensec = min_t(u32, attr->mtimensec, NSEC_PER_SEC - 1); |
231 | attr->ctimensec = min_t(u32, attr->ctimensec, NSEC_PER_SEC - 1); |
232 | |
233 | inode_set_atime(inode, sec: attr->atime, nsec: attr->atimensec); |
234 | /* mtime from server may be stale due to local buffered write */ |
235 | if (!(cache_mask & STATX_MTIME)) { |
236 | inode_set_mtime(inode, sec: attr->mtime, nsec: attr->mtimensec); |
237 | } |
238 | if (!(cache_mask & STATX_CTIME)) { |
239 | inode_set_ctime(inode, sec: attr->ctime, nsec: attr->ctimensec); |
240 | } |
241 | if (sx) { |
242 | /* Sanitize nsecs */ |
243 | sx->btime.tv_nsec = |
244 | min_t(u32, sx->btime.tv_nsec, NSEC_PER_SEC - 1); |
245 | |
246 | /* |
247 | * Btime has been queried, cache is valid (whether or not btime |
248 | * is available or not) so clear STATX_BTIME from inval_mask. |
249 | * |
250 | * Availability of the btime attribute is indicated in |
251 | * FUSE_I_BTIME |
252 | */ |
253 | set_mask_bits(&fi->inval_mask, STATX_BTIME, 0); |
254 | if (sx->mask & STATX_BTIME) { |
255 | set_bit(nr: FUSE_I_BTIME, addr: &fi->state); |
256 | fi->i_btime.tv_sec = sx->btime.tv_sec; |
257 | fi->i_btime.tv_nsec = sx->btime.tv_nsec; |
258 | } |
259 | } |
260 | |
261 | if (attr->blksize != 0) |
262 | inode->i_blkbits = ilog2(attr->blksize); |
263 | else |
264 | inode->i_blkbits = inode->i_sb->s_blocksize_bits; |
265 | |
266 | /* |
267 | * Don't set the sticky bit in i_mode, unless we want the VFS |
268 | * to check permissions. This prevents failures due to the |
269 | * check in may_delete(). |
270 | */ |
271 | fi->orig_i_mode = inode->i_mode; |
272 | if (!fc->default_permissions) |
273 | inode->i_mode &= ~S_ISVTX; |
274 | |
275 | fi->orig_ino = attr->ino; |
276 | |
277 | /* |
278 | * We are refreshing inode data and it is possible that another |
279 | * client set suid/sgid or security.capability xattr. So clear |
280 | * S_NOSEC. Ideally, we could have cleared it only if suid/sgid |
281 | * was set or if security.capability xattr was set. But we don't |
282 | * know if security.capability has been set or not. So clear it |
283 | * anyway. Its less efficient but should be safe. |
284 | */ |
285 | inode->i_flags &= ~S_NOSEC; |
286 | } |
287 | |
288 | u32 fuse_get_cache_mask(struct inode *inode) |
289 | { |
290 | struct fuse_conn *fc = get_fuse_conn(inode); |
291 | |
292 | if (!fc->writeback_cache || !S_ISREG(inode->i_mode)) |
293 | return 0; |
294 | |
295 | return STATX_MTIME | STATX_CTIME | STATX_SIZE; |
296 | } |
297 | |
298 | void fuse_change_attributes(struct inode *inode, struct fuse_attr *attr, |
299 | struct fuse_statx *sx, |
300 | u64 attr_valid, u64 attr_version) |
301 | { |
302 | struct fuse_conn *fc = get_fuse_conn(inode); |
303 | struct fuse_inode *fi = get_fuse_inode(inode); |
304 | u32 cache_mask; |
305 | loff_t oldsize; |
306 | struct timespec64 old_mtime; |
307 | |
308 | spin_lock(lock: &fi->lock); |
309 | /* |
310 | * In case of writeback_cache enabled, writes update mtime, ctime and |
311 | * may update i_size. In these cases trust the cached value in the |
312 | * inode. |
313 | */ |
314 | cache_mask = fuse_get_cache_mask(inode); |
315 | if (cache_mask & STATX_SIZE) |
316 | attr->size = i_size_read(inode); |
317 | |
318 | if (cache_mask & STATX_MTIME) { |
319 | attr->mtime = inode_get_mtime_sec(inode); |
320 | attr->mtimensec = inode_get_mtime_nsec(inode); |
321 | } |
322 | if (cache_mask & STATX_CTIME) { |
323 | attr->ctime = inode_get_ctime_sec(inode); |
324 | attr->ctimensec = inode_get_ctime_nsec(inode); |
325 | } |
326 | |
327 | if ((attr_version != 0 && fi->attr_version > attr_version) || |
328 | test_bit(FUSE_I_SIZE_UNSTABLE, &fi->state)) { |
329 | spin_unlock(lock: &fi->lock); |
330 | return; |
331 | } |
332 | |
333 | old_mtime = inode_get_mtime(inode); |
334 | fuse_change_attributes_common(inode, attr, sx, attr_valid, cache_mask); |
335 | |
336 | oldsize = inode->i_size; |
337 | /* |
338 | * In case of writeback_cache enabled, the cached writes beyond EOF |
339 | * extend local i_size without keeping userspace server in sync. So, |
340 | * attr->size coming from server can be stale. We cannot trust it. |
341 | */ |
342 | if (!(cache_mask & STATX_SIZE)) |
343 | i_size_write(inode, i_size: attr->size); |
344 | spin_unlock(lock: &fi->lock); |
345 | |
346 | if (!cache_mask && S_ISREG(inode->i_mode)) { |
347 | bool inval = false; |
348 | |
349 | if (oldsize != attr->size) { |
350 | truncate_pagecache(inode, new: attr->size); |
351 | if (!fc->explicit_inval_data) |
352 | inval = true; |
353 | } else if (fc->auto_inval_data) { |
354 | struct timespec64 new_mtime = { |
355 | .tv_sec = attr->mtime, |
356 | .tv_nsec = attr->mtimensec, |
357 | }; |
358 | |
359 | /* |
360 | * Auto inval mode also checks and invalidates if mtime |
361 | * has changed. |
362 | */ |
363 | if (!timespec64_equal(a: &old_mtime, b: &new_mtime)) |
364 | inval = true; |
365 | } |
366 | |
367 | if (inval) |
368 | invalidate_inode_pages2(mapping: inode->i_mapping); |
369 | } |
370 | |
371 | if (IS_ENABLED(CONFIG_FUSE_DAX)) |
372 | fuse_dax_dontcache(inode, flags: attr->flags); |
373 | } |
374 | |
375 | static void fuse_init_submount_lookup(struct fuse_submount_lookup *sl, |
376 | u64 nodeid) |
377 | { |
378 | sl->nodeid = nodeid; |
379 | refcount_set(r: &sl->count, n: 1); |
380 | } |
381 | |
382 | static void fuse_init_inode(struct inode *inode, struct fuse_attr *attr, |
383 | struct fuse_conn *fc) |
384 | { |
385 | inode->i_mode = attr->mode & S_IFMT; |
386 | inode->i_size = attr->size; |
387 | inode_set_mtime(inode, sec: attr->mtime, nsec: attr->mtimensec); |
388 | inode_set_ctime(inode, sec: attr->ctime, nsec: attr->ctimensec); |
389 | if (S_ISREG(inode->i_mode)) { |
390 | fuse_init_common(inode); |
391 | fuse_init_file_inode(inode, flags: attr->flags); |
392 | } else if (S_ISDIR(inode->i_mode)) |
393 | fuse_init_dir(inode); |
394 | else if (S_ISLNK(inode->i_mode)) |
395 | fuse_init_symlink(inode); |
396 | else if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode) || |
397 | S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) { |
398 | fuse_init_common(inode); |
399 | init_special_inode(inode, inode->i_mode, |
400 | new_decode_dev(dev: attr->rdev)); |
401 | } else |
402 | BUG(); |
403 | /* |
404 | * Ensure that we don't cache acls for daemons without FUSE_POSIX_ACL |
405 | * so they see the exact same behavior as before. |
406 | */ |
407 | if (!fc->posix_acl) |
408 | inode->i_acl = inode->i_default_acl = ACL_DONT_CACHE; |
409 | } |
410 | |
411 | static int fuse_inode_eq(struct inode *inode, void *_nodeidp) |
412 | { |
413 | u64 nodeid = *(u64 *) _nodeidp; |
414 | if (get_node_id(inode) == nodeid) |
415 | return 1; |
416 | else |
417 | return 0; |
418 | } |
419 | |
420 | static int fuse_inode_set(struct inode *inode, void *_nodeidp) |
421 | { |
422 | u64 nodeid = *(u64 *) _nodeidp; |
423 | get_fuse_inode(inode)->nodeid = nodeid; |
424 | return 0; |
425 | } |
426 | |
427 | struct inode *fuse_iget(struct super_block *sb, u64 nodeid, |
428 | int generation, struct fuse_attr *attr, |
429 | u64 attr_valid, u64 attr_version) |
430 | { |
431 | struct inode *inode; |
432 | struct fuse_inode *fi; |
433 | struct fuse_conn *fc = get_fuse_conn_super(sb); |
434 | |
435 | /* |
436 | * Auto mount points get their node id from the submount root, which is |
437 | * not a unique identifier within this filesystem. |
438 | * |
439 | * To avoid conflicts, do not place submount points into the inode hash |
440 | * table. |
441 | */ |
442 | if (fc->auto_submounts && (attr->flags & FUSE_ATTR_SUBMOUNT) && |
443 | S_ISDIR(attr->mode)) { |
444 | struct fuse_inode *fi; |
445 | |
446 | inode = new_inode(sb); |
447 | if (!inode) |
448 | return NULL; |
449 | |
450 | fuse_init_inode(inode, attr, fc); |
451 | fi = get_fuse_inode(inode); |
452 | fi->nodeid = nodeid; |
453 | fi->submount_lookup = fuse_alloc_submount_lookup(); |
454 | if (!fi->submount_lookup) { |
455 | iput(inode); |
456 | return NULL; |
457 | } |
458 | /* Sets nlookup = 1 on fi->submount_lookup->nlookup */ |
459 | fuse_init_submount_lookup(sl: fi->submount_lookup, nodeid); |
460 | inode->i_flags |= S_AUTOMOUNT; |
461 | goto done; |
462 | } |
463 | |
464 | retry: |
465 | inode = iget5_locked(sb, nodeid, test: fuse_inode_eq, set: fuse_inode_set, &nodeid); |
466 | if (!inode) |
467 | return NULL; |
468 | |
469 | if ((inode->i_state & I_NEW)) { |
470 | inode->i_flags |= S_NOATIME; |
471 | if (!fc->writeback_cache || !S_ISREG(attr->mode)) |
472 | inode->i_flags |= S_NOCMTIME; |
473 | inode->i_generation = generation; |
474 | fuse_init_inode(inode, attr, fc); |
475 | unlock_new_inode(inode); |
476 | } else if (fuse_stale_inode(inode, generation, attr)) { |
477 | /* nodeid was reused, any I/O on the old inode should fail */ |
478 | fuse_make_bad(inode); |
479 | if (inode != d_inode(dentry: sb->s_root)) { |
480 | remove_inode_hash(inode); |
481 | iput(inode); |
482 | goto retry; |
483 | } |
484 | } |
485 | fi = get_fuse_inode(inode); |
486 | spin_lock(lock: &fi->lock); |
487 | fi->nlookup++; |
488 | spin_unlock(lock: &fi->lock); |
489 | done: |
490 | fuse_change_attributes(inode, attr, NULL, attr_valid, attr_version); |
491 | |
492 | return inode; |
493 | } |
494 | |
495 | struct inode *fuse_ilookup(struct fuse_conn *fc, u64 nodeid, |
496 | struct fuse_mount **fm) |
497 | { |
498 | struct fuse_mount *fm_iter; |
499 | struct inode *inode; |
500 | |
501 | WARN_ON(!rwsem_is_locked(&fc->killsb)); |
502 | list_for_each_entry(fm_iter, &fc->mounts, fc_entry) { |
503 | if (!fm_iter->sb) |
504 | continue; |
505 | |
506 | inode = ilookup5(sb: fm_iter->sb, hashval: nodeid, test: fuse_inode_eq, data: &nodeid); |
507 | if (inode) { |
508 | if (fm) |
509 | *fm = fm_iter; |
510 | return inode; |
511 | } |
512 | } |
513 | |
514 | return NULL; |
515 | } |
516 | |
517 | int fuse_reverse_inval_inode(struct fuse_conn *fc, u64 nodeid, |
518 | loff_t offset, loff_t len) |
519 | { |
520 | struct fuse_inode *fi; |
521 | struct inode *inode; |
522 | pgoff_t pg_start; |
523 | pgoff_t pg_end; |
524 | |
525 | inode = fuse_ilookup(fc, nodeid, NULL); |
526 | if (!inode) |
527 | return -ENOENT; |
528 | |
529 | fi = get_fuse_inode(inode); |
530 | spin_lock(lock: &fi->lock); |
531 | fi->attr_version = atomic64_inc_return(v: &fc->attr_version); |
532 | spin_unlock(lock: &fi->lock); |
533 | |
534 | fuse_invalidate_attr(inode); |
535 | forget_all_cached_acls(inode); |
536 | if (offset >= 0) { |
537 | pg_start = offset >> PAGE_SHIFT; |
538 | if (len <= 0) |
539 | pg_end = -1; |
540 | else |
541 | pg_end = (offset + len - 1) >> PAGE_SHIFT; |
542 | invalidate_inode_pages2_range(mapping: inode->i_mapping, |
543 | start: pg_start, end: pg_end); |
544 | } |
545 | iput(inode); |
546 | return 0; |
547 | } |
548 | |
549 | bool fuse_lock_inode(struct inode *inode) |
550 | { |
551 | bool locked = false; |
552 | |
553 | if (!get_fuse_conn(inode)->parallel_dirops) { |
554 | mutex_lock(&get_fuse_inode(inode)->mutex); |
555 | locked = true; |
556 | } |
557 | |
558 | return locked; |
559 | } |
560 | |
561 | void fuse_unlock_inode(struct inode *inode, bool locked) |
562 | { |
563 | if (locked) |
564 | mutex_unlock(lock: &get_fuse_inode(inode)->mutex); |
565 | } |
566 | |
567 | static void fuse_umount_begin(struct super_block *sb) |
568 | { |
569 | struct fuse_conn *fc = get_fuse_conn_super(sb); |
570 | |
571 | if (fc->no_force_umount) |
572 | return; |
573 | |
574 | fuse_abort_conn(fc); |
575 | |
576 | // Only retire block-device-based superblocks. |
577 | if (sb->s_bdev != NULL) |
578 | retire_super(sb); |
579 | } |
580 | |
581 | static void fuse_send_destroy(struct fuse_mount *fm) |
582 | { |
583 | if (fm->fc->conn_init) { |
584 | FUSE_ARGS(args); |
585 | |
586 | args.opcode = FUSE_DESTROY; |
587 | args.force = true; |
588 | args.nocreds = true; |
589 | fuse_simple_request(fm, args: &args); |
590 | } |
591 | } |
592 | |
593 | static void convert_fuse_statfs(struct kstatfs *stbuf, struct fuse_kstatfs *attr) |
594 | { |
595 | stbuf->f_type = FUSE_SUPER_MAGIC; |
596 | stbuf->f_bsize = attr->bsize; |
597 | stbuf->f_frsize = attr->frsize; |
598 | stbuf->f_blocks = attr->blocks; |
599 | stbuf->f_bfree = attr->bfree; |
600 | stbuf->f_bavail = attr->bavail; |
601 | stbuf->f_files = attr->files; |
602 | stbuf->f_ffree = attr->ffree; |
603 | stbuf->f_namelen = attr->namelen; |
604 | /* fsid is left zero */ |
605 | } |
606 | |
607 | static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf) |
608 | { |
609 | struct super_block *sb = dentry->d_sb; |
610 | struct fuse_mount *fm = get_fuse_mount_super(sb); |
611 | FUSE_ARGS(args); |
612 | struct fuse_statfs_out outarg; |
613 | int err; |
614 | |
615 | if (!fuse_allow_current_process(fc: fm->fc)) { |
616 | buf->f_type = FUSE_SUPER_MAGIC; |
617 | return 0; |
618 | } |
619 | |
620 | memset(&outarg, 0, sizeof(outarg)); |
621 | args.in_numargs = 0; |
622 | args.opcode = FUSE_STATFS; |
623 | args.nodeid = get_node_id(inode: d_inode(dentry)); |
624 | args.out_numargs = 1; |
625 | args.out_args[0].size = sizeof(outarg); |
626 | args.out_args[0].value = &outarg; |
627 | err = fuse_simple_request(fm, args: &args); |
628 | if (!err) |
629 | convert_fuse_statfs(stbuf: buf, attr: &outarg.st); |
630 | return err; |
631 | } |
632 | |
633 | static struct fuse_sync_bucket *fuse_sync_bucket_alloc(void) |
634 | { |
635 | struct fuse_sync_bucket *bucket; |
636 | |
637 | bucket = kzalloc(size: sizeof(*bucket), GFP_KERNEL | __GFP_NOFAIL); |
638 | if (bucket) { |
639 | init_waitqueue_head(&bucket->waitq); |
640 | /* Initial active count */ |
641 | atomic_set(v: &bucket->count, i: 1); |
642 | } |
643 | return bucket; |
644 | } |
645 | |
646 | static void fuse_sync_fs_writes(struct fuse_conn *fc) |
647 | { |
648 | struct fuse_sync_bucket *bucket, *new_bucket; |
649 | int count; |
650 | |
651 | new_bucket = fuse_sync_bucket_alloc(); |
652 | spin_lock(lock: &fc->lock); |
653 | bucket = rcu_dereference_protected(fc->curr_bucket, 1); |
654 | count = atomic_read(v: &bucket->count); |
655 | WARN_ON(count < 1); |
656 | /* No outstanding writes? */ |
657 | if (count == 1) { |
658 | spin_unlock(lock: &fc->lock); |
659 | kfree(objp: new_bucket); |
660 | return; |
661 | } |
662 | |
663 | /* |
664 | * Completion of new bucket depends on completion of this bucket, so add |
665 | * one more count. |
666 | */ |
667 | atomic_inc(v: &new_bucket->count); |
668 | rcu_assign_pointer(fc->curr_bucket, new_bucket); |
669 | spin_unlock(lock: &fc->lock); |
670 | /* |
671 | * Drop initial active count. At this point if all writes in this and |
672 | * ancestor buckets complete, the count will go to zero and this task |
673 | * will be woken up. |
674 | */ |
675 | atomic_dec(v: &bucket->count); |
676 | |
677 | wait_event(bucket->waitq, atomic_read(&bucket->count) == 0); |
678 | |
679 | /* Drop temp count on descendant bucket */ |
680 | fuse_sync_bucket_dec(bucket: new_bucket); |
681 | kfree_rcu(bucket, rcu); |
682 | } |
683 | |
684 | static int fuse_sync_fs(struct super_block *sb, int wait) |
685 | { |
686 | struct fuse_mount *fm = get_fuse_mount_super(sb); |
687 | struct fuse_conn *fc = fm->fc; |
688 | struct fuse_syncfs_in inarg; |
689 | FUSE_ARGS(args); |
690 | int err; |
691 | |
692 | /* |
693 | * Userspace cannot handle the wait == 0 case. Avoid a |
694 | * gratuitous roundtrip. |
695 | */ |
696 | if (!wait) |
697 | return 0; |
698 | |
699 | /* The filesystem is being unmounted. Nothing to do. */ |
700 | if (!sb->s_root) |
701 | return 0; |
702 | |
703 | if (!fc->sync_fs) |
704 | return 0; |
705 | |
706 | fuse_sync_fs_writes(fc); |
707 | |
708 | memset(&inarg, 0, sizeof(inarg)); |
709 | args.in_numargs = 1; |
710 | args.in_args[0].size = sizeof(inarg); |
711 | args.in_args[0].value = &inarg; |
712 | args.opcode = FUSE_SYNCFS; |
713 | args.nodeid = get_node_id(inode: sb->s_root->d_inode); |
714 | args.out_numargs = 0; |
715 | |
716 | err = fuse_simple_request(fm, args: &args); |
717 | if (err == -ENOSYS) { |
718 | fc->sync_fs = 0; |
719 | err = 0; |
720 | } |
721 | |
722 | return err; |
723 | } |
724 | |
725 | enum { |
726 | OPT_SOURCE, |
727 | OPT_SUBTYPE, |
728 | OPT_FD, |
729 | OPT_ROOTMODE, |
730 | OPT_USER_ID, |
731 | OPT_GROUP_ID, |
732 | OPT_DEFAULT_PERMISSIONS, |
733 | OPT_ALLOW_OTHER, |
734 | OPT_MAX_READ, |
735 | OPT_BLKSIZE, |
736 | OPT_ERR |
737 | }; |
738 | |
739 | static const struct fs_parameter_spec fuse_fs_parameters[] = { |
740 | fsparam_string ("source" , OPT_SOURCE), |
741 | fsparam_u32 ("fd" , OPT_FD), |
742 | fsparam_u32oct ("rootmode" , OPT_ROOTMODE), |
743 | fsparam_u32 ("user_id" , OPT_USER_ID), |
744 | fsparam_u32 ("group_id" , OPT_GROUP_ID), |
745 | fsparam_flag ("default_permissions" , OPT_DEFAULT_PERMISSIONS), |
746 | fsparam_flag ("allow_other" , OPT_ALLOW_OTHER), |
747 | fsparam_u32 ("max_read" , OPT_MAX_READ), |
748 | fsparam_u32 ("blksize" , OPT_BLKSIZE), |
749 | fsparam_string ("subtype" , OPT_SUBTYPE), |
750 | {} |
751 | }; |
752 | |
753 | static int fuse_parse_param(struct fs_context *fsc, struct fs_parameter *param) |
754 | { |
755 | struct fs_parse_result result; |
756 | struct fuse_fs_context *ctx = fsc->fs_private; |
757 | int opt; |
758 | |
759 | if (fsc->purpose == FS_CONTEXT_FOR_RECONFIGURE) { |
760 | /* |
761 | * Ignore options coming from mount(MS_REMOUNT) for backward |
762 | * compatibility. |
763 | */ |
764 | if (fsc->oldapi) |
765 | return 0; |
766 | |
767 | return invalfc(fsc, "No changes allowed in reconfigure" ); |
768 | } |
769 | |
770 | opt = fs_parse(fc: fsc, desc: fuse_fs_parameters, param, result: &result); |
771 | if (opt < 0) |
772 | return opt; |
773 | |
774 | switch (opt) { |
775 | case OPT_SOURCE: |
776 | if (fsc->source) |
777 | return invalfc(fsc, "Multiple sources specified" ); |
778 | fsc->source = param->string; |
779 | param->string = NULL; |
780 | break; |
781 | |
782 | case OPT_SUBTYPE: |
783 | if (ctx->subtype) |
784 | return invalfc(fsc, "Multiple subtypes specified" ); |
785 | ctx->subtype = param->string; |
786 | param->string = NULL; |
787 | return 0; |
788 | |
789 | case OPT_FD: |
790 | ctx->fd = result.uint_32; |
791 | ctx->fd_present = true; |
792 | break; |
793 | |
794 | case OPT_ROOTMODE: |
795 | if (!fuse_valid_type(m: result.uint_32)) |
796 | return invalfc(fsc, "Invalid rootmode" ); |
797 | ctx->rootmode = result.uint_32; |
798 | ctx->rootmode_present = true; |
799 | break; |
800 | |
801 | case OPT_USER_ID: |
802 | ctx->user_id = make_kuid(from: fsc->user_ns, uid: result.uint_32); |
803 | if (!uid_valid(uid: ctx->user_id)) |
804 | return invalfc(fsc, "Invalid user_id" ); |
805 | ctx->user_id_present = true; |
806 | break; |
807 | |
808 | case OPT_GROUP_ID: |
809 | ctx->group_id = make_kgid(from: fsc->user_ns, gid: result.uint_32); |
810 | if (!gid_valid(gid: ctx->group_id)) |
811 | return invalfc(fsc, "Invalid group_id" ); |
812 | ctx->group_id_present = true; |
813 | break; |
814 | |
815 | case OPT_DEFAULT_PERMISSIONS: |
816 | ctx->default_permissions = true; |
817 | break; |
818 | |
819 | case OPT_ALLOW_OTHER: |
820 | ctx->allow_other = true; |
821 | break; |
822 | |
823 | case OPT_MAX_READ: |
824 | ctx->max_read = result.uint_32; |
825 | break; |
826 | |
827 | case OPT_BLKSIZE: |
828 | if (!ctx->is_bdev) |
829 | return invalfc(fsc, "blksize only supported for fuseblk" ); |
830 | ctx->blksize = result.uint_32; |
831 | break; |
832 | |
833 | default: |
834 | return -EINVAL; |
835 | } |
836 | |
837 | return 0; |
838 | } |
839 | |
840 | static void fuse_free_fsc(struct fs_context *fsc) |
841 | { |
842 | struct fuse_fs_context *ctx = fsc->fs_private; |
843 | |
844 | if (ctx) { |
845 | kfree(objp: ctx->subtype); |
846 | kfree(objp: ctx); |
847 | } |
848 | } |
849 | |
850 | static int fuse_show_options(struct seq_file *m, struct dentry *root) |
851 | { |
852 | struct super_block *sb = root->d_sb; |
853 | struct fuse_conn *fc = get_fuse_conn_super(sb); |
854 | |
855 | if (fc->legacy_opts_show) { |
856 | seq_printf(m, fmt: ",user_id=%u" , |
857 | from_kuid_munged(to: fc->user_ns, uid: fc->user_id)); |
858 | seq_printf(m, fmt: ",group_id=%u" , |
859 | from_kgid_munged(to: fc->user_ns, gid: fc->group_id)); |
860 | if (fc->default_permissions) |
861 | seq_puts(m, s: ",default_permissions" ); |
862 | if (fc->allow_other) |
863 | seq_puts(m, s: ",allow_other" ); |
864 | if (fc->max_read != ~0) |
865 | seq_printf(m, fmt: ",max_read=%u" , fc->max_read); |
866 | if (sb->s_bdev && sb->s_blocksize != FUSE_DEFAULT_BLKSIZE) |
867 | seq_printf(m, fmt: ",blksize=%lu" , sb->s_blocksize); |
868 | } |
869 | #ifdef CONFIG_FUSE_DAX |
870 | if (fc->dax_mode == FUSE_DAX_ALWAYS) |
871 | seq_puts(m, s: ",dax=always" ); |
872 | else if (fc->dax_mode == FUSE_DAX_NEVER) |
873 | seq_puts(m, s: ",dax=never" ); |
874 | else if (fc->dax_mode == FUSE_DAX_INODE_USER) |
875 | seq_puts(m, s: ",dax=inode" ); |
876 | #endif |
877 | |
878 | return 0; |
879 | } |
880 | |
881 | static void fuse_iqueue_init(struct fuse_iqueue *fiq, |
882 | const struct fuse_iqueue_ops *ops, |
883 | void *priv) |
884 | { |
885 | memset(fiq, 0, sizeof(struct fuse_iqueue)); |
886 | spin_lock_init(&fiq->lock); |
887 | init_waitqueue_head(&fiq->waitq); |
888 | INIT_LIST_HEAD(list: &fiq->pending); |
889 | INIT_LIST_HEAD(list: &fiq->interrupts); |
890 | fiq->forget_list_tail = &fiq->forget_list_head; |
891 | fiq->connected = 1; |
892 | fiq->ops = ops; |
893 | fiq->priv = priv; |
894 | } |
895 | |
896 | static void fuse_pqueue_init(struct fuse_pqueue *fpq) |
897 | { |
898 | unsigned int i; |
899 | |
900 | spin_lock_init(&fpq->lock); |
901 | for (i = 0; i < FUSE_PQ_HASH_SIZE; i++) |
902 | INIT_LIST_HEAD(list: &fpq->processing[i]); |
903 | INIT_LIST_HEAD(list: &fpq->io); |
904 | fpq->connected = 1; |
905 | } |
906 | |
907 | void fuse_conn_init(struct fuse_conn *fc, struct fuse_mount *fm, |
908 | struct user_namespace *user_ns, |
909 | const struct fuse_iqueue_ops *fiq_ops, void *fiq_priv) |
910 | { |
911 | memset(fc, 0, sizeof(*fc)); |
912 | spin_lock_init(&fc->lock); |
913 | spin_lock_init(&fc->bg_lock); |
914 | init_rwsem(&fc->killsb); |
915 | refcount_set(r: &fc->count, n: 1); |
916 | atomic_set(v: &fc->dev_count, i: 1); |
917 | init_waitqueue_head(&fc->blocked_waitq); |
918 | fuse_iqueue_init(fiq: &fc->iq, ops: fiq_ops, priv: fiq_priv); |
919 | INIT_LIST_HEAD(list: &fc->bg_queue); |
920 | INIT_LIST_HEAD(list: &fc->entry); |
921 | INIT_LIST_HEAD(list: &fc->devices); |
922 | atomic_set(v: &fc->num_waiting, i: 0); |
923 | fc->max_background = FUSE_DEFAULT_MAX_BACKGROUND; |
924 | fc->congestion_threshold = FUSE_DEFAULT_CONGESTION_THRESHOLD; |
925 | atomic64_set(v: &fc->khctr, i: 0); |
926 | fc->polled_files = RB_ROOT; |
927 | fc->blocked = 0; |
928 | fc->initialized = 0; |
929 | fc->connected = 1; |
930 | atomic64_set(v: &fc->attr_version, i: 1); |
931 | get_random_bytes(buf: &fc->scramble_key, len: sizeof(fc->scramble_key)); |
932 | fc->pid_ns = get_pid_ns(ns: task_active_pid_ns(current)); |
933 | fc->user_ns = get_user_ns(ns: user_ns); |
934 | fc->max_pages = FUSE_DEFAULT_MAX_PAGES_PER_REQ; |
935 | fc->max_pages_limit = FUSE_MAX_MAX_PAGES; |
936 | |
937 | if (IS_ENABLED(CONFIG_FUSE_PASSTHROUGH)) |
938 | fuse_backing_files_init(fc); |
939 | |
940 | INIT_LIST_HEAD(list: &fc->mounts); |
941 | list_add(new: &fm->fc_entry, head: &fc->mounts); |
942 | fm->fc = fc; |
943 | } |
944 | EXPORT_SYMBOL_GPL(fuse_conn_init); |
945 | |
946 | static void delayed_release(struct rcu_head *p) |
947 | { |
948 | struct fuse_conn *fc = container_of(p, struct fuse_conn, rcu); |
949 | |
950 | put_user_ns(ns: fc->user_ns); |
951 | fc->release(fc); |
952 | } |
953 | |
954 | void fuse_conn_put(struct fuse_conn *fc) |
955 | { |
956 | if (refcount_dec_and_test(r: &fc->count)) { |
957 | struct fuse_iqueue *fiq = &fc->iq; |
958 | struct fuse_sync_bucket *bucket; |
959 | |
960 | if (IS_ENABLED(CONFIG_FUSE_DAX)) |
961 | fuse_dax_conn_free(fc); |
962 | if (fiq->ops->release) |
963 | fiq->ops->release(fiq); |
964 | put_pid_ns(ns: fc->pid_ns); |
965 | bucket = rcu_dereference_protected(fc->curr_bucket, 1); |
966 | if (bucket) { |
967 | WARN_ON(atomic_read(&bucket->count) != 1); |
968 | kfree(objp: bucket); |
969 | } |
970 | if (IS_ENABLED(CONFIG_FUSE_PASSTHROUGH)) |
971 | fuse_backing_files_free(fc); |
972 | call_rcu(head: &fc->rcu, func: delayed_release); |
973 | } |
974 | } |
975 | EXPORT_SYMBOL_GPL(fuse_conn_put); |
976 | |
977 | struct fuse_conn *fuse_conn_get(struct fuse_conn *fc) |
978 | { |
979 | refcount_inc(r: &fc->count); |
980 | return fc; |
981 | } |
982 | EXPORT_SYMBOL_GPL(fuse_conn_get); |
983 | |
984 | static struct inode *fuse_get_root_inode(struct super_block *sb, unsigned mode) |
985 | { |
986 | struct fuse_attr attr; |
987 | memset(&attr, 0, sizeof(attr)); |
988 | |
989 | attr.mode = mode; |
990 | attr.ino = FUSE_ROOT_ID; |
991 | attr.nlink = 1; |
992 | return fuse_iget(sb, FUSE_ROOT_ID, generation: 0, attr: &attr, attr_valid: 0, attr_version: 0); |
993 | } |
994 | |
995 | struct fuse_inode_handle { |
996 | u64 nodeid; |
997 | u32 generation; |
998 | }; |
999 | |
1000 | static struct dentry *fuse_get_dentry(struct super_block *sb, |
1001 | struct fuse_inode_handle *handle) |
1002 | { |
1003 | struct fuse_conn *fc = get_fuse_conn_super(sb); |
1004 | struct inode *inode; |
1005 | struct dentry *entry; |
1006 | int err = -ESTALE; |
1007 | |
1008 | if (handle->nodeid == 0) |
1009 | goto out_err; |
1010 | |
1011 | inode = ilookup5(sb, hashval: handle->nodeid, test: fuse_inode_eq, data: &handle->nodeid); |
1012 | if (!inode) { |
1013 | struct fuse_entry_out outarg; |
1014 | const struct qstr name = QSTR_INIT("." , 1); |
1015 | |
1016 | if (!fc->export_support) |
1017 | goto out_err; |
1018 | |
1019 | err = fuse_lookup_name(sb, nodeid: handle->nodeid, name: &name, outarg: &outarg, |
1020 | inode: &inode); |
1021 | if (err && err != -ENOENT) |
1022 | goto out_err; |
1023 | if (err || !inode) { |
1024 | err = -ESTALE; |
1025 | goto out_err; |
1026 | } |
1027 | err = -EIO; |
1028 | if (get_node_id(inode) != handle->nodeid) |
1029 | goto out_iput; |
1030 | } |
1031 | err = -ESTALE; |
1032 | if (inode->i_generation != handle->generation) |
1033 | goto out_iput; |
1034 | |
1035 | entry = d_obtain_alias(inode); |
1036 | if (!IS_ERR(ptr: entry) && get_node_id(inode) != FUSE_ROOT_ID) |
1037 | fuse_invalidate_entry_cache(entry); |
1038 | |
1039 | return entry; |
1040 | |
1041 | out_iput: |
1042 | iput(inode); |
1043 | out_err: |
1044 | return ERR_PTR(error: err); |
1045 | } |
1046 | |
1047 | static int fuse_encode_fh(struct inode *inode, u32 *fh, int *max_len, |
1048 | struct inode *parent) |
1049 | { |
1050 | int len = parent ? 6 : 3; |
1051 | u64 nodeid; |
1052 | u32 generation; |
1053 | |
1054 | if (*max_len < len) { |
1055 | *max_len = len; |
1056 | return FILEID_INVALID; |
1057 | } |
1058 | |
1059 | nodeid = get_fuse_inode(inode)->nodeid; |
1060 | generation = inode->i_generation; |
1061 | |
1062 | fh[0] = (u32)(nodeid >> 32); |
1063 | fh[1] = (u32)(nodeid & 0xffffffff); |
1064 | fh[2] = generation; |
1065 | |
1066 | if (parent) { |
1067 | nodeid = get_fuse_inode(inode: parent)->nodeid; |
1068 | generation = parent->i_generation; |
1069 | |
1070 | fh[3] = (u32)(nodeid >> 32); |
1071 | fh[4] = (u32)(nodeid & 0xffffffff); |
1072 | fh[5] = generation; |
1073 | } |
1074 | |
1075 | *max_len = len; |
1076 | return parent ? FILEID_INO64_GEN_PARENT : FILEID_INO64_GEN; |
1077 | } |
1078 | |
1079 | static struct dentry *fuse_fh_to_dentry(struct super_block *sb, |
1080 | struct fid *fid, int fh_len, int fh_type) |
1081 | { |
1082 | struct fuse_inode_handle handle; |
1083 | |
1084 | if ((fh_type != FILEID_INO64_GEN && |
1085 | fh_type != FILEID_INO64_GEN_PARENT) || fh_len < 3) |
1086 | return NULL; |
1087 | |
1088 | handle.nodeid = (u64) fid->raw[0] << 32; |
1089 | handle.nodeid |= (u64) fid->raw[1]; |
1090 | handle.generation = fid->raw[2]; |
1091 | return fuse_get_dentry(sb, handle: &handle); |
1092 | } |
1093 | |
1094 | static struct dentry *fuse_fh_to_parent(struct super_block *sb, |
1095 | struct fid *fid, int fh_len, int fh_type) |
1096 | { |
1097 | struct fuse_inode_handle parent; |
1098 | |
1099 | if (fh_type != FILEID_INO64_GEN_PARENT || fh_len < 6) |
1100 | return NULL; |
1101 | |
1102 | parent.nodeid = (u64) fid->raw[3] << 32; |
1103 | parent.nodeid |= (u64) fid->raw[4]; |
1104 | parent.generation = fid->raw[5]; |
1105 | return fuse_get_dentry(sb, handle: &parent); |
1106 | } |
1107 | |
1108 | static struct dentry *fuse_get_parent(struct dentry *child) |
1109 | { |
1110 | struct inode *child_inode = d_inode(dentry: child); |
1111 | struct fuse_conn *fc = get_fuse_conn(inode: child_inode); |
1112 | struct inode *inode; |
1113 | struct dentry *parent; |
1114 | struct fuse_entry_out outarg; |
1115 | int err; |
1116 | |
1117 | if (!fc->export_support) |
1118 | return ERR_PTR(error: -ESTALE); |
1119 | |
1120 | err = fuse_lookup_name(sb: child_inode->i_sb, nodeid: get_node_id(inode: child_inode), |
1121 | name: &dotdot_name, outarg: &outarg, inode: &inode); |
1122 | if (err) { |
1123 | if (err == -ENOENT) |
1124 | return ERR_PTR(error: -ESTALE); |
1125 | return ERR_PTR(error: err); |
1126 | } |
1127 | |
1128 | parent = d_obtain_alias(inode); |
1129 | if (!IS_ERR(ptr: parent) && get_node_id(inode) != FUSE_ROOT_ID) |
1130 | fuse_invalidate_entry_cache(entry: parent); |
1131 | |
1132 | return parent; |
1133 | } |
1134 | |
1135 | /* only for fid encoding; no support for file handle */ |
1136 | static const struct export_operations fuse_export_fid_operations = { |
1137 | .encode_fh = fuse_encode_fh, |
1138 | }; |
1139 | |
1140 | static const struct export_operations fuse_export_operations = { |
1141 | .fh_to_dentry = fuse_fh_to_dentry, |
1142 | .fh_to_parent = fuse_fh_to_parent, |
1143 | .encode_fh = fuse_encode_fh, |
1144 | .get_parent = fuse_get_parent, |
1145 | }; |
1146 | |
1147 | static const struct super_operations fuse_super_operations = { |
1148 | .alloc_inode = fuse_alloc_inode, |
1149 | .free_inode = fuse_free_inode, |
1150 | .evict_inode = fuse_evict_inode, |
1151 | .write_inode = fuse_write_inode, |
1152 | .drop_inode = generic_delete_inode, |
1153 | .umount_begin = fuse_umount_begin, |
1154 | .statfs = fuse_statfs, |
1155 | .sync_fs = fuse_sync_fs, |
1156 | .show_options = fuse_show_options, |
1157 | }; |
1158 | |
1159 | static void sanitize_global_limit(unsigned *limit) |
1160 | { |
1161 | /* |
1162 | * The default maximum number of async requests is calculated to consume |
1163 | * 1/2^13 of the total memory, assuming 392 bytes per request. |
1164 | */ |
1165 | if (*limit == 0) |
1166 | *limit = ((totalram_pages() << PAGE_SHIFT) >> 13) / 392; |
1167 | |
1168 | if (*limit >= 1 << 16) |
1169 | *limit = (1 << 16) - 1; |
1170 | } |
1171 | |
1172 | static int set_global_limit(const char *val, const struct kernel_param *kp) |
1173 | { |
1174 | int rv; |
1175 | |
1176 | rv = param_set_uint(val, kp); |
1177 | if (rv) |
1178 | return rv; |
1179 | |
1180 | sanitize_global_limit(limit: (unsigned *)kp->arg); |
1181 | |
1182 | return 0; |
1183 | } |
1184 | |
1185 | static void process_init_limits(struct fuse_conn *fc, struct fuse_init_out *arg) |
1186 | { |
1187 | int cap_sys_admin = capable(CAP_SYS_ADMIN); |
1188 | |
1189 | if (arg->minor < 13) |
1190 | return; |
1191 | |
1192 | sanitize_global_limit(limit: &max_user_bgreq); |
1193 | sanitize_global_limit(limit: &max_user_congthresh); |
1194 | |
1195 | spin_lock(lock: &fc->bg_lock); |
1196 | if (arg->max_background) { |
1197 | fc->max_background = arg->max_background; |
1198 | |
1199 | if (!cap_sys_admin && fc->max_background > max_user_bgreq) |
1200 | fc->max_background = max_user_bgreq; |
1201 | } |
1202 | if (arg->congestion_threshold) { |
1203 | fc->congestion_threshold = arg->congestion_threshold; |
1204 | |
1205 | if (!cap_sys_admin && |
1206 | fc->congestion_threshold > max_user_congthresh) |
1207 | fc->congestion_threshold = max_user_congthresh; |
1208 | } |
1209 | spin_unlock(lock: &fc->bg_lock); |
1210 | } |
1211 | |
1212 | struct fuse_init_args { |
1213 | struct fuse_args args; |
1214 | struct fuse_init_in in; |
1215 | struct fuse_init_out out; |
1216 | }; |
1217 | |
1218 | static void process_init_reply(struct fuse_mount *fm, struct fuse_args *args, |
1219 | int error) |
1220 | { |
1221 | struct fuse_conn *fc = fm->fc; |
1222 | struct fuse_init_args *ia = container_of(args, typeof(*ia), args); |
1223 | struct fuse_init_out *arg = &ia->out; |
1224 | bool ok = true; |
1225 | |
1226 | if (error || arg->major != FUSE_KERNEL_VERSION) |
1227 | ok = false; |
1228 | else { |
1229 | unsigned long ra_pages; |
1230 | |
1231 | process_init_limits(fc, arg); |
1232 | |
1233 | if (arg->minor >= 6) { |
1234 | u64 flags = arg->flags; |
1235 | |
1236 | if (flags & FUSE_INIT_EXT) |
1237 | flags |= (u64) arg->flags2 << 32; |
1238 | |
1239 | ra_pages = arg->max_readahead / PAGE_SIZE; |
1240 | if (flags & FUSE_ASYNC_READ) |
1241 | fc->async_read = 1; |
1242 | if (!(flags & FUSE_POSIX_LOCKS)) |
1243 | fc->no_lock = 1; |
1244 | if (arg->minor >= 17) { |
1245 | if (!(flags & FUSE_FLOCK_LOCKS)) |
1246 | fc->no_flock = 1; |
1247 | } else { |
1248 | if (!(flags & FUSE_POSIX_LOCKS)) |
1249 | fc->no_flock = 1; |
1250 | } |
1251 | if (flags & FUSE_ATOMIC_O_TRUNC) |
1252 | fc->atomic_o_trunc = 1; |
1253 | if (arg->minor >= 9) { |
1254 | /* LOOKUP has dependency on proto version */ |
1255 | if (flags & FUSE_EXPORT_SUPPORT) |
1256 | fc->export_support = 1; |
1257 | } |
1258 | if (flags & FUSE_BIG_WRITES) |
1259 | fc->big_writes = 1; |
1260 | if (flags & FUSE_DONT_MASK) |
1261 | fc->dont_mask = 1; |
1262 | if (flags & FUSE_AUTO_INVAL_DATA) |
1263 | fc->auto_inval_data = 1; |
1264 | else if (flags & FUSE_EXPLICIT_INVAL_DATA) |
1265 | fc->explicit_inval_data = 1; |
1266 | if (flags & FUSE_DO_READDIRPLUS) { |
1267 | fc->do_readdirplus = 1; |
1268 | if (flags & FUSE_READDIRPLUS_AUTO) |
1269 | fc->readdirplus_auto = 1; |
1270 | } |
1271 | if (flags & FUSE_ASYNC_DIO) |
1272 | fc->async_dio = 1; |
1273 | if (flags & FUSE_WRITEBACK_CACHE) |
1274 | fc->writeback_cache = 1; |
1275 | if (flags & FUSE_PARALLEL_DIROPS) |
1276 | fc->parallel_dirops = 1; |
1277 | if (flags & FUSE_HANDLE_KILLPRIV) |
1278 | fc->handle_killpriv = 1; |
1279 | if (arg->time_gran && arg->time_gran <= 1000000000) |
1280 | fm->sb->s_time_gran = arg->time_gran; |
1281 | if ((flags & FUSE_POSIX_ACL)) { |
1282 | fc->default_permissions = 1; |
1283 | fc->posix_acl = 1; |
1284 | } |
1285 | if (flags & FUSE_CACHE_SYMLINKS) |
1286 | fc->cache_symlinks = 1; |
1287 | if (flags & FUSE_ABORT_ERROR) |
1288 | fc->abort_err = 1; |
1289 | if (flags & FUSE_MAX_PAGES) { |
1290 | fc->max_pages = |
1291 | min_t(unsigned int, fc->max_pages_limit, |
1292 | max_t(unsigned int, arg->max_pages, 1)); |
1293 | } |
1294 | if (IS_ENABLED(CONFIG_FUSE_DAX)) { |
1295 | if (flags & FUSE_MAP_ALIGNMENT && |
1296 | !fuse_dax_check_alignment(fc, map_alignment: arg->map_alignment)) { |
1297 | ok = false; |
1298 | } |
1299 | if (flags & FUSE_HAS_INODE_DAX) |
1300 | fc->inode_dax = 1; |
1301 | } |
1302 | if (flags & FUSE_HANDLE_KILLPRIV_V2) { |
1303 | fc->handle_killpriv_v2 = 1; |
1304 | fm->sb->s_flags |= SB_NOSEC; |
1305 | } |
1306 | if (flags & FUSE_SETXATTR_EXT) |
1307 | fc->setxattr_ext = 1; |
1308 | if (flags & FUSE_SECURITY_CTX) |
1309 | fc->init_security = 1; |
1310 | if (flags & FUSE_CREATE_SUPP_GROUP) |
1311 | fc->create_supp_group = 1; |
1312 | if (flags & FUSE_DIRECT_IO_ALLOW_MMAP) |
1313 | fc->direct_io_allow_mmap = 1; |
1314 | /* |
1315 | * max_stack_depth is the max stack depth of FUSE fs, |
1316 | * so it has to be at least 1 to support passthrough |
1317 | * to backing files. |
1318 | * |
1319 | * with max_stack_depth > 1, the backing files can be |
1320 | * on a stacked fs (e.g. overlayfs) themselves and with |
1321 | * max_stack_depth == 1, FUSE fs can be stacked as the |
1322 | * underlying fs of a stacked fs (e.g. overlayfs). |
1323 | */ |
1324 | if (IS_ENABLED(CONFIG_FUSE_PASSTHROUGH) && |
1325 | (flags & FUSE_PASSTHROUGH) && |
1326 | arg->max_stack_depth > 0 && |
1327 | arg->max_stack_depth <= FILESYSTEM_MAX_STACK_DEPTH) { |
1328 | fc->passthrough = 1; |
1329 | fc->max_stack_depth = arg->max_stack_depth; |
1330 | fm->sb->s_stack_depth = arg->max_stack_depth; |
1331 | } |
1332 | if (flags & FUSE_NO_EXPORT_SUPPORT) |
1333 | fm->sb->s_export_op = &fuse_export_fid_operations; |
1334 | } else { |
1335 | ra_pages = fc->max_read / PAGE_SIZE; |
1336 | fc->no_lock = 1; |
1337 | fc->no_flock = 1; |
1338 | } |
1339 | |
1340 | fm->sb->s_bdi->ra_pages = |
1341 | min(fm->sb->s_bdi->ra_pages, ra_pages); |
1342 | fc->minor = arg->minor; |
1343 | fc->max_write = arg->minor < 5 ? 4096 : arg->max_write; |
1344 | fc->max_write = max_t(unsigned, 4096, fc->max_write); |
1345 | fc->conn_init = 1; |
1346 | } |
1347 | kfree(objp: ia); |
1348 | |
1349 | if (!ok) { |
1350 | fc->conn_init = 0; |
1351 | fc->conn_error = 1; |
1352 | } |
1353 | |
1354 | fuse_set_initialized(fc); |
1355 | wake_up_all(&fc->blocked_waitq); |
1356 | } |
1357 | |
1358 | void fuse_send_init(struct fuse_mount *fm) |
1359 | { |
1360 | struct fuse_init_args *ia; |
1361 | u64 flags; |
1362 | |
1363 | ia = kzalloc(size: sizeof(*ia), GFP_KERNEL | __GFP_NOFAIL); |
1364 | |
1365 | ia->in.major = FUSE_KERNEL_VERSION; |
1366 | ia->in.minor = FUSE_KERNEL_MINOR_VERSION; |
1367 | ia->in.max_readahead = fm->sb->s_bdi->ra_pages * PAGE_SIZE; |
1368 | flags = |
1369 | FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_ATOMIC_O_TRUNC | |
1370 | FUSE_EXPORT_SUPPORT | FUSE_BIG_WRITES | FUSE_DONT_MASK | |
1371 | FUSE_SPLICE_WRITE | FUSE_SPLICE_MOVE | FUSE_SPLICE_READ | |
1372 | FUSE_FLOCK_LOCKS | FUSE_HAS_IOCTL_DIR | FUSE_AUTO_INVAL_DATA | |
1373 | FUSE_DO_READDIRPLUS | FUSE_READDIRPLUS_AUTO | FUSE_ASYNC_DIO | |
1374 | FUSE_WRITEBACK_CACHE | FUSE_NO_OPEN_SUPPORT | |
1375 | FUSE_PARALLEL_DIROPS | FUSE_HANDLE_KILLPRIV | FUSE_POSIX_ACL | |
1376 | FUSE_ABORT_ERROR | FUSE_MAX_PAGES | FUSE_CACHE_SYMLINKS | |
1377 | FUSE_NO_OPENDIR_SUPPORT | FUSE_EXPLICIT_INVAL_DATA | |
1378 | FUSE_HANDLE_KILLPRIV_V2 | FUSE_SETXATTR_EXT | FUSE_INIT_EXT | |
1379 | FUSE_SECURITY_CTX | FUSE_CREATE_SUPP_GROUP | |
1380 | FUSE_HAS_EXPIRE_ONLY | FUSE_DIRECT_IO_ALLOW_MMAP | |
1381 | FUSE_NO_EXPORT_SUPPORT | FUSE_HAS_RESEND; |
1382 | #ifdef CONFIG_FUSE_DAX |
1383 | if (fm->fc->dax) |
1384 | flags |= FUSE_MAP_ALIGNMENT; |
1385 | if (fuse_is_inode_dax_mode(mode: fm->fc->dax_mode)) |
1386 | flags |= FUSE_HAS_INODE_DAX; |
1387 | #endif |
1388 | if (fm->fc->auto_submounts) |
1389 | flags |= FUSE_SUBMOUNTS; |
1390 | if (IS_ENABLED(CONFIG_FUSE_PASSTHROUGH)) |
1391 | flags |= FUSE_PASSTHROUGH; |
1392 | |
1393 | ia->in.flags = flags; |
1394 | ia->in.flags2 = flags >> 32; |
1395 | |
1396 | ia->args.opcode = FUSE_INIT; |
1397 | ia->args.in_numargs = 1; |
1398 | ia->args.in_args[0].size = sizeof(ia->in); |
1399 | ia->args.in_args[0].value = &ia->in; |
1400 | ia->args.out_numargs = 1; |
1401 | /* Variable length argument used for backward compatibility |
1402 | with interface version < 7.5. Rest of init_out is zeroed |
1403 | by do_get_request(), so a short reply is not a problem */ |
1404 | ia->args.out_argvar = true; |
1405 | ia->args.out_args[0].size = sizeof(ia->out); |
1406 | ia->args.out_args[0].value = &ia->out; |
1407 | ia->args.force = true; |
1408 | ia->args.nocreds = true; |
1409 | ia->args.end = process_init_reply; |
1410 | |
1411 | if (fuse_simple_background(fm, args: &ia->args, GFP_KERNEL) != 0) |
1412 | process_init_reply(fm, args: &ia->args, error: -ENOTCONN); |
1413 | } |
1414 | EXPORT_SYMBOL_GPL(fuse_send_init); |
1415 | |
1416 | void fuse_free_conn(struct fuse_conn *fc) |
1417 | { |
1418 | WARN_ON(!list_empty(&fc->devices)); |
1419 | kfree(objp: fc); |
1420 | } |
1421 | EXPORT_SYMBOL_GPL(fuse_free_conn); |
1422 | |
1423 | static int fuse_bdi_init(struct fuse_conn *fc, struct super_block *sb) |
1424 | { |
1425 | int err; |
1426 | char *suffix = "" ; |
1427 | |
1428 | if (sb->s_bdev) { |
1429 | suffix = "-fuseblk" ; |
1430 | /* |
1431 | * sb->s_bdi points to blkdev's bdi however we want to redirect |
1432 | * it to our private bdi... |
1433 | */ |
1434 | bdi_put(bdi: sb->s_bdi); |
1435 | sb->s_bdi = &noop_backing_dev_info; |
1436 | } |
1437 | err = super_setup_bdi_name(sb, fmt: "%u:%u%s" , MAJOR(fc->dev), |
1438 | MINOR(fc->dev), suffix); |
1439 | if (err) |
1440 | return err; |
1441 | |
1442 | /* fuse does it's own writeback accounting */ |
1443 | sb->s_bdi->capabilities &= ~BDI_CAP_WRITEBACK_ACCT; |
1444 | sb->s_bdi->capabilities |= BDI_CAP_STRICTLIMIT; |
1445 | |
1446 | /* |
1447 | * For a single fuse filesystem use max 1% of dirty + |
1448 | * writeback threshold. |
1449 | * |
1450 | * This gives about 1M of write buffer for memory maps on a |
1451 | * machine with 1G and 10% dirty_ratio, which should be more |
1452 | * than enough. |
1453 | * |
1454 | * Privileged users can raise it by writing to |
1455 | * |
1456 | * /sys/class/bdi/<bdi>/max_ratio |
1457 | */ |
1458 | bdi_set_max_ratio(bdi: sb->s_bdi, max_ratio: 1); |
1459 | |
1460 | return 0; |
1461 | } |
1462 | |
1463 | struct fuse_dev *fuse_dev_alloc(void) |
1464 | { |
1465 | struct fuse_dev *fud; |
1466 | struct list_head *pq; |
1467 | |
1468 | fud = kzalloc(size: sizeof(struct fuse_dev), GFP_KERNEL); |
1469 | if (!fud) |
1470 | return NULL; |
1471 | |
1472 | pq = kcalloc(FUSE_PQ_HASH_SIZE, size: sizeof(struct list_head), GFP_KERNEL); |
1473 | if (!pq) { |
1474 | kfree(objp: fud); |
1475 | return NULL; |
1476 | } |
1477 | |
1478 | fud->pq.processing = pq; |
1479 | fuse_pqueue_init(fpq: &fud->pq); |
1480 | |
1481 | return fud; |
1482 | } |
1483 | EXPORT_SYMBOL_GPL(fuse_dev_alloc); |
1484 | |
1485 | void fuse_dev_install(struct fuse_dev *fud, struct fuse_conn *fc) |
1486 | { |
1487 | fud->fc = fuse_conn_get(fc); |
1488 | spin_lock(lock: &fc->lock); |
1489 | list_add_tail(new: &fud->entry, head: &fc->devices); |
1490 | spin_unlock(lock: &fc->lock); |
1491 | } |
1492 | EXPORT_SYMBOL_GPL(fuse_dev_install); |
1493 | |
1494 | struct fuse_dev *fuse_dev_alloc_install(struct fuse_conn *fc) |
1495 | { |
1496 | struct fuse_dev *fud; |
1497 | |
1498 | fud = fuse_dev_alloc(); |
1499 | if (!fud) |
1500 | return NULL; |
1501 | |
1502 | fuse_dev_install(fud, fc); |
1503 | return fud; |
1504 | } |
1505 | EXPORT_SYMBOL_GPL(fuse_dev_alloc_install); |
1506 | |
1507 | void fuse_dev_free(struct fuse_dev *fud) |
1508 | { |
1509 | struct fuse_conn *fc = fud->fc; |
1510 | |
1511 | if (fc) { |
1512 | spin_lock(lock: &fc->lock); |
1513 | list_del(entry: &fud->entry); |
1514 | spin_unlock(lock: &fc->lock); |
1515 | |
1516 | fuse_conn_put(fc); |
1517 | } |
1518 | kfree(objp: fud->pq.processing); |
1519 | kfree(objp: fud); |
1520 | } |
1521 | EXPORT_SYMBOL_GPL(fuse_dev_free); |
1522 | |
1523 | static void fuse_fill_attr_from_inode(struct fuse_attr *attr, |
1524 | const struct fuse_inode *fi) |
1525 | { |
1526 | struct timespec64 atime = inode_get_atime(inode: &fi->inode); |
1527 | struct timespec64 mtime = inode_get_mtime(inode: &fi->inode); |
1528 | struct timespec64 ctime = inode_get_ctime(inode: &fi->inode); |
1529 | |
1530 | *attr = (struct fuse_attr){ |
1531 | .ino = fi->inode.i_ino, |
1532 | .size = fi->inode.i_size, |
1533 | .blocks = fi->inode.i_blocks, |
1534 | .atime = atime.tv_sec, |
1535 | .mtime = mtime.tv_sec, |
1536 | .ctime = ctime.tv_sec, |
1537 | .atimensec = atime.tv_nsec, |
1538 | .mtimensec = mtime.tv_nsec, |
1539 | .ctimensec = ctime.tv_nsec, |
1540 | .mode = fi->inode.i_mode, |
1541 | .nlink = fi->inode.i_nlink, |
1542 | .uid = __kuid_val(uid: fi->inode.i_uid), |
1543 | .gid = __kgid_val(gid: fi->inode.i_gid), |
1544 | .rdev = fi->inode.i_rdev, |
1545 | .blksize = 1u << fi->inode.i_blkbits, |
1546 | }; |
1547 | } |
1548 | |
1549 | static void fuse_sb_defaults(struct super_block *sb) |
1550 | { |
1551 | sb->s_magic = FUSE_SUPER_MAGIC; |
1552 | sb->s_op = &fuse_super_operations; |
1553 | sb->s_xattr = fuse_xattr_handlers; |
1554 | sb->s_maxbytes = MAX_LFS_FILESIZE; |
1555 | sb->s_time_gran = 1; |
1556 | sb->s_export_op = &fuse_export_operations; |
1557 | sb->s_iflags |= SB_I_IMA_UNVERIFIABLE_SIGNATURE; |
1558 | if (sb->s_user_ns != &init_user_ns) |
1559 | sb->s_iflags |= SB_I_UNTRUSTED_MOUNTER; |
1560 | sb->s_flags &= ~(SB_NOSEC | SB_I_VERSION); |
1561 | } |
1562 | |
1563 | static int fuse_fill_super_submount(struct super_block *sb, |
1564 | struct fuse_inode *parent_fi) |
1565 | { |
1566 | struct fuse_mount *fm = get_fuse_mount_super(sb); |
1567 | struct super_block *parent_sb = parent_fi->inode.i_sb; |
1568 | struct fuse_attr root_attr; |
1569 | struct inode *root; |
1570 | struct fuse_submount_lookup *sl; |
1571 | struct fuse_inode *fi; |
1572 | |
1573 | fuse_sb_defaults(sb); |
1574 | fm->sb = sb; |
1575 | |
1576 | WARN_ON(sb->s_bdi != &noop_backing_dev_info); |
1577 | sb->s_bdi = bdi_get(bdi: parent_sb->s_bdi); |
1578 | |
1579 | sb->s_xattr = parent_sb->s_xattr; |
1580 | sb->s_export_op = parent_sb->s_export_op; |
1581 | sb->s_time_gran = parent_sb->s_time_gran; |
1582 | sb->s_blocksize = parent_sb->s_blocksize; |
1583 | sb->s_blocksize_bits = parent_sb->s_blocksize_bits; |
1584 | sb->s_subtype = kstrdup(s: parent_sb->s_subtype, GFP_KERNEL); |
1585 | if (parent_sb->s_subtype && !sb->s_subtype) |
1586 | return -ENOMEM; |
1587 | |
1588 | fuse_fill_attr_from_inode(attr: &root_attr, fi: parent_fi); |
1589 | root = fuse_iget(sb, nodeid: parent_fi->nodeid, generation: 0, attr: &root_attr, attr_valid: 0, attr_version: 0); |
1590 | /* |
1591 | * This inode is just a duplicate, so it is not looked up and |
1592 | * its nlookup should not be incremented. fuse_iget() does |
1593 | * that, though, so undo it here. |
1594 | */ |
1595 | fi = get_fuse_inode(inode: root); |
1596 | fi->nlookup--; |
1597 | |
1598 | sb->s_d_op = &fuse_dentry_operations; |
1599 | sb->s_root = d_make_root(root); |
1600 | if (!sb->s_root) |
1601 | return -ENOMEM; |
1602 | |
1603 | /* |
1604 | * Grab the parent's submount_lookup pointer and take a |
1605 | * reference on the shared nlookup from the parent. This is to |
1606 | * prevent the last forget for this nodeid from getting |
1607 | * triggered until all users have finished with it. |
1608 | */ |
1609 | sl = parent_fi->submount_lookup; |
1610 | WARN_ON(!sl); |
1611 | if (sl) { |
1612 | refcount_inc(r: &sl->count); |
1613 | fi->submount_lookup = sl; |
1614 | } |
1615 | |
1616 | return 0; |
1617 | } |
1618 | |
1619 | /* Filesystem context private data holds the FUSE inode of the mount point */ |
1620 | static int fuse_get_tree_submount(struct fs_context *fsc) |
1621 | { |
1622 | struct fuse_mount *fm; |
1623 | struct fuse_inode *mp_fi = fsc->fs_private; |
1624 | struct fuse_conn *fc = get_fuse_conn(inode: &mp_fi->inode); |
1625 | struct super_block *sb; |
1626 | int err; |
1627 | |
1628 | fm = kzalloc(size: sizeof(struct fuse_mount), GFP_KERNEL); |
1629 | if (!fm) |
1630 | return -ENOMEM; |
1631 | |
1632 | fm->fc = fuse_conn_get(fc); |
1633 | fsc->s_fs_info = fm; |
1634 | sb = sget_fc(fc: fsc, NULL, set: set_anon_super_fc); |
1635 | if (fsc->s_fs_info) |
1636 | fuse_mount_destroy(fm); |
1637 | if (IS_ERR(ptr: sb)) |
1638 | return PTR_ERR(ptr: sb); |
1639 | |
1640 | /* Initialize superblock, making @mp_fi its root */ |
1641 | err = fuse_fill_super_submount(sb, parent_fi: mp_fi); |
1642 | if (err) { |
1643 | deactivate_locked_super(sb); |
1644 | return err; |
1645 | } |
1646 | |
1647 | down_write(sem: &fc->killsb); |
1648 | list_add_tail(new: &fm->fc_entry, head: &fc->mounts); |
1649 | up_write(sem: &fc->killsb); |
1650 | |
1651 | sb->s_flags |= SB_ACTIVE; |
1652 | fsc->root = dget(dentry: sb->s_root); |
1653 | |
1654 | return 0; |
1655 | } |
1656 | |
1657 | static const struct fs_context_operations fuse_context_submount_ops = { |
1658 | .get_tree = fuse_get_tree_submount, |
1659 | }; |
1660 | |
1661 | int fuse_init_fs_context_submount(struct fs_context *fsc) |
1662 | { |
1663 | fsc->ops = &fuse_context_submount_ops; |
1664 | return 0; |
1665 | } |
1666 | EXPORT_SYMBOL_GPL(fuse_init_fs_context_submount); |
1667 | |
1668 | int fuse_fill_super_common(struct super_block *sb, struct fuse_fs_context *ctx) |
1669 | { |
1670 | struct fuse_dev *fud = NULL; |
1671 | struct fuse_mount *fm = get_fuse_mount_super(sb); |
1672 | struct fuse_conn *fc = fm->fc; |
1673 | struct inode *root; |
1674 | struct dentry *root_dentry; |
1675 | int err; |
1676 | |
1677 | err = -EINVAL; |
1678 | if (sb->s_flags & SB_MANDLOCK) |
1679 | goto err; |
1680 | |
1681 | rcu_assign_pointer(fc->curr_bucket, fuse_sync_bucket_alloc()); |
1682 | fuse_sb_defaults(sb); |
1683 | |
1684 | if (ctx->is_bdev) { |
1685 | #ifdef CONFIG_BLOCK |
1686 | err = -EINVAL; |
1687 | if (!sb_set_blocksize(sb, ctx->blksize)) |
1688 | goto err; |
1689 | #endif |
1690 | } else { |
1691 | sb->s_blocksize = PAGE_SIZE; |
1692 | sb->s_blocksize_bits = PAGE_SHIFT; |
1693 | } |
1694 | |
1695 | sb->s_subtype = ctx->subtype; |
1696 | ctx->subtype = NULL; |
1697 | if (IS_ENABLED(CONFIG_FUSE_DAX)) { |
1698 | err = fuse_dax_conn_alloc(fc, mode: ctx->dax_mode, dax_dev: ctx->dax_dev); |
1699 | if (err) |
1700 | goto err; |
1701 | } |
1702 | |
1703 | if (ctx->fudptr) { |
1704 | err = -ENOMEM; |
1705 | fud = fuse_dev_alloc_install(fc); |
1706 | if (!fud) |
1707 | goto err_free_dax; |
1708 | } |
1709 | |
1710 | fc->dev = sb->s_dev; |
1711 | fm->sb = sb; |
1712 | err = fuse_bdi_init(fc, sb); |
1713 | if (err) |
1714 | goto err_dev_free; |
1715 | |
1716 | /* Handle umasking inside the fuse code */ |
1717 | if (sb->s_flags & SB_POSIXACL) |
1718 | fc->dont_mask = 1; |
1719 | sb->s_flags |= SB_POSIXACL; |
1720 | |
1721 | fc->default_permissions = ctx->default_permissions; |
1722 | fc->allow_other = ctx->allow_other; |
1723 | fc->user_id = ctx->user_id; |
1724 | fc->group_id = ctx->group_id; |
1725 | fc->legacy_opts_show = ctx->legacy_opts_show; |
1726 | fc->max_read = max_t(unsigned int, 4096, ctx->max_read); |
1727 | fc->destroy = ctx->destroy; |
1728 | fc->no_control = ctx->no_control; |
1729 | fc->no_force_umount = ctx->no_force_umount; |
1730 | |
1731 | err = -ENOMEM; |
1732 | root = fuse_get_root_inode(sb, mode: ctx->rootmode); |
1733 | sb->s_d_op = &fuse_root_dentry_operations; |
1734 | root_dentry = d_make_root(root); |
1735 | if (!root_dentry) |
1736 | goto err_dev_free; |
1737 | /* Root dentry doesn't have .d_revalidate */ |
1738 | sb->s_d_op = &fuse_dentry_operations; |
1739 | |
1740 | mutex_lock(&fuse_mutex); |
1741 | err = -EINVAL; |
1742 | if (ctx->fudptr && *ctx->fudptr) |
1743 | goto err_unlock; |
1744 | |
1745 | err = fuse_ctl_add_conn(fc); |
1746 | if (err) |
1747 | goto err_unlock; |
1748 | |
1749 | list_add_tail(new: &fc->entry, head: &fuse_conn_list); |
1750 | sb->s_root = root_dentry; |
1751 | if (ctx->fudptr) |
1752 | *ctx->fudptr = fud; |
1753 | mutex_unlock(lock: &fuse_mutex); |
1754 | return 0; |
1755 | |
1756 | err_unlock: |
1757 | mutex_unlock(lock: &fuse_mutex); |
1758 | dput(root_dentry); |
1759 | err_dev_free: |
1760 | if (fud) |
1761 | fuse_dev_free(fud); |
1762 | err_free_dax: |
1763 | if (IS_ENABLED(CONFIG_FUSE_DAX)) |
1764 | fuse_dax_conn_free(fc); |
1765 | err: |
1766 | return err; |
1767 | } |
1768 | EXPORT_SYMBOL_GPL(fuse_fill_super_common); |
1769 | |
1770 | static int fuse_fill_super(struct super_block *sb, struct fs_context *fsc) |
1771 | { |
1772 | struct fuse_fs_context *ctx = fsc->fs_private; |
1773 | int err; |
1774 | |
1775 | if (!ctx->file || !ctx->rootmode_present || |
1776 | !ctx->user_id_present || !ctx->group_id_present) |
1777 | return -EINVAL; |
1778 | |
1779 | /* |
1780 | * Require mount to happen from the same user namespace which |
1781 | * opened /dev/fuse to prevent potential attacks. |
1782 | */ |
1783 | if ((ctx->file->f_op != &fuse_dev_operations) || |
1784 | (ctx->file->f_cred->user_ns != sb->s_user_ns)) |
1785 | return -EINVAL; |
1786 | ctx->fudptr = &ctx->file->private_data; |
1787 | |
1788 | err = fuse_fill_super_common(sb, ctx); |
1789 | if (err) |
1790 | return err; |
1791 | /* file->private_data shall be visible on all CPUs after this */ |
1792 | smp_mb(); |
1793 | fuse_send_init(get_fuse_mount_super(sb)); |
1794 | return 0; |
1795 | } |
1796 | |
1797 | /* |
1798 | * This is the path where user supplied an already initialized fuse dev. In |
1799 | * this case never create a new super if the old one is gone. |
1800 | */ |
1801 | static int fuse_set_no_super(struct super_block *sb, struct fs_context *fsc) |
1802 | { |
1803 | return -ENOTCONN; |
1804 | } |
1805 | |
1806 | static int fuse_test_super(struct super_block *sb, struct fs_context *fsc) |
1807 | { |
1808 | |
1809 | return fsc->sget_key == get_fuse_conn_super(sb); |
1810 | } |
1811 | |
1812 | static int fuse_get_tree(struct fs_context *fsc) |
1813 | { |
1814 | struct fuse_fs_context *ctx = fsc->fs_private; |
1815 | struct fuse_dev *fud; |
1816 | struct fuse_conn *fc; |
1817 | struct fuse_mount *fm; |
1818 | struct super_block *sb; |
1819 | int err; |
1820 | |
1821 | fc = kmalloc(size: sizeof(*fc), GFP_KERNEL); |
1822 | if (!fc) |
1823 | return -ENOMEM; |
1824 | |
1825 | fm = kzalloc(size: sizeof(*fm), GFP_KERNEL); |
1826 | if (!fm) { |
1827 | kfree(objp: fc); |
1828 | return -ENOMEM; |
1829 | } |
1830 | |
1831 | fuse_conn_init(fc, fm, fsc->user_ns, &fuse_dev_fiq_ops, NULL); |
1832 | fc->release = fuse_free_conn; |
1833 | |
1834 | fsc->s_fs_info = fm; |
1835 | |
1836 | if (ctx->fd_present) |
1837 | ctx->file = fget(fd: ctx->fd); |
1838 | |
1839 | if (IS_ENABLED(CONFIG_BLOCK) && ctx->is_bdev) { |
1840 | err = get_tree_bdev(fc: fsc, fill_super: fuse_fill_super); |
1841 | goto out; |
1842 | } |
1843 | /* |
1844 | * While block dev mount can be initialized with a dummy device fd |
1845 | * (found by device name), normal fuse mounts can't |
1846 | */ |
1847 | err = -EINVAL; |
1848 | if (!ctx->file) |
1849 | goto out; |
1850 | |
1851 | /* |
1852 | * Allow creating a fuse mount with an already initialized fuse |
1853 | * connection |
1854 | */ |
1855 | fud = READ_ONCE(ctx->file->private_data); |
1856 | if (ctx->file->f_op == &fuse_dev_operations && fud) { |
1857 | fsc->sget_key = fud->fc; |
1858 | sb = sget_fc(fc: fsc, test: fuse_test_super, set: fuse_set_no_super); |
1859 | err = PTR_ERR_OR_ZERO(ptr: sb); |
1860 | if (!IS_ERR(ptr: sb)) |
1861 | fsc->root = dget(dentry: sb->s_root); |
1862 | } else { |
1863 | err = get_tree_nodev(fc: fsc, fill_super: fuse_fill_super); |
1864 | } |
1865 | out: |
1866 | if (fsc->s_fs_info) |
1867 | fuse_mount_destroy(fm); |
1868 | if (ctx->file) |
1869 | fput(ctx->file); |
1870 | return err; |
1871 | } |
1872 | |
1873 | static const struct fs_context_operations fuse_context_ops = { |
1874 | .free = fuse_free_fsc, |
1875 | .parse_param = fuse_parse_param, |
1876 | .reconfigure = fuse_reconfigure, |
1877 | .get_tree = fuse_get_tree, |
1878 | }; |
1879 | |
1880 | /* |
1881 | * Set up the filesystem mount context. |
1882 | */ |
1883 | static int fuse_init_fs_context(struct fs_context *fsc) |
1884 | { |
1885 | struct fuse_fs_context *ctx; |
1886 | |
1887 | ctx = kzalloc(size: sizeof(struct fuse_fs_context), GFP_KERNEL); |
1888 | if (!ctx) |
1889 | return -ENOMEM; |
1890 | |
1891 | ctx->max_read = ~0; |
1892 | ctx->blksize = FUSE_DEFAULT_BLKSIZE; |
1893 | ctx->legacy_opts_show = true; |
1894 | |
1895 | #ifdef CONFIG_BLOCK |
1896 | if (fsc->fs_type == &fuseblk_fs_type) { |
1897 | ctx->is_bdev = true; |
1898 | ctx->destroy = true; |
1899 | } |
1900 | #endif |
1901 | |
1902 | fsc->fs_private = ctx; |
1903 | fsc->ops = &fuse_context_ops; |
1904 | return 0; |
1905 | } |
1906 | |
1907 | bool fuse_mount_remove(struct fuse_mount *fm) |
1908 | { |
1909 | struct fuse_conn *fc = fm->fc; |
1910 | bool last = false; |
1911 | |
1912 | down_write(sem: &fc->killsb); |
1913 | list_del_init(entry: &fm->fc_entry); |
1914 | if (list_empty(head: &fc->mounts)) |
1915 | last = true; |
1916 | up_write(sem: &fc->killsb); |
1917 | |
1918 | return last; |
1919 | } |
1920 | EXPORT_SYMBOL_GPL(fuse_mount_remove); |
1921 | |
1922 | void fuse_conn_destroy(struct fuse_mount *fm) |
1923 | { |
1924 | struct fuse_conn *fc = fm->fc; |
1925 | |
1926 | if (fc->destroy) |
1927 | fuse_send_destroy(fm); |
1928 | |
1929 | fuse_abort_conn(fc); |
1930 | fuse_wait_aborted(fc); |
1931 | |
1932 | if (!list_empty(head: &fc->entry)) { |
1933 | mutex_lock(&fuse_mutex); |
1934 | list_del(entry: &fc->entry); |
1935 | fuse_ctl_remove_conn(fc); |
1936 | mutex_unlock(lock: &fuse_mutex); |
1937 | } |
1938 | } |
1939 | EXPORT_SYMBOL_GPL(fuse_conn_destroy); |
1940 | |
1941 | static void fuse_sb_destroy(struct super_block *sb) |
1942 | { |
1943 | struct fuse_mount *fm = get_fuse_mount_super(sb); |
1944 | bool last; |
1945 | |
1946 | if (sb->s_root) { |
1947 | last = fuse_mount_remove(fm); |
1948 | if (last) |
1949 | fuse_conn_destroy(fm); |
1950 | } |
1951 | } |
1952 | |
1953 | void fuse_mount_destroy(struct fuse_mount *fm) |
1954 | { |
1955 | fuse_conn_put(fm->fc); |
1956 | kfree_rcu(fm, rcu); |
1957 | } |
1958 | EXPORT_SYMBOL(fuse_mount_destroy); |
1959 | |
1960 | static void fuse_kill_sb_anon(struct super_block *sb) |
1961 | { |
1962 | fuse_sb_destroy(sb); |
1963 | kill_anon_super(sb); |
1964 | fuse_mount_destroy(get_fuse_mount_super(sb)); |
1965 | } |
1966 | |
1967 | static struct file_system_type fuse_fs_type = { |
1968 | .owner = THIS_MODULE, |
1969 | .name = "fuse" , |
1970 | .fs_flags = FS_HAS_SUBTYPE | FS_USERNS_MOUNT, |
1971 | .init_fs_context = fuse_init_fs_context, |
1972 | .parameters = fuse_fs_parameters, |
1973 | .kill_sb = fuse_kill_sb_anon, |
1974 | }; |
1975 | MODULE_ALIAS_FS("fuse" ); |
1976 | |
1977 | #ifdef CONFIG_BLOCK |
1978 | static void fuse_kill_sb_blk(struct super_block *sb) |
1979 | { |
1980 | fuse_sb_destroy(sb); |
1981 | kill_block_super(sb); |
1982 | fuse_mount_destroy(get_fuse_mount_super(sb)); |
1983 | } |
1984 | |
1985 | static struct file_system_type fuseblk_fs_type = { |
1986 | .owner = THIS_MODULE, |
1987 | .name = "fuseblk" , |
1988 | .init_fs_context = fuse_init_fs_context, |
1989 | .parameters = fuse_fs_parameters, |
1990 | .kill_sb = fuse_kill_sb_blk, |
1991 | .fs_flags = FS_REQUIRES_DEV | FS_HAS_SUBTYPE, |
1992 | }; |
1993 | MODULE_ALIAS_FS("fuseblk" ); |
1994 | |
1995 | static inline int register_fuseblk(void) |
1996 | { |
1997 | return register_filesystem(&fuseblk_fs_type); |
1998 | } |
1999 | |
2000 | static inline void unregister_fuseblk(void) |
2001 | { |
2002 | unregister_filesystem(&fuseblk_fs_type); |
2003 | } |
2004 | #else |
2005 | static inline int register_fuseblk(void) |
2006 | { |
2007 | return 0; |
2008 | } |
2009 | |
2010 | static inline void unregister_fuseblk(void) |
2011 | { |
2012 | } |
2013 | #endif |
2014 | |
2015 | static void fuse_inode_init_once(void *foo) |
2016 | { |
2017 | struct inode *inode = foo; |
2018 | |
2019 | inode_init_once(inode); |
2020 | } |
2021 | |
2022 | static int __init fuse_fs_init(void) |
2023 | { |
2024 | int err; |
2025 | |
2026 | fuse_inode_cachep = kmem_cache_create(name: "fuse_inode" , |
2027 | size: sizeof(struct fuse_inode), align: 0, |
2028 | SLAB_HWCACHE_ALIGN|SLAB_ACCOUNT|SLAB_RECLAIM_ACCOUNT, |
2029 | ctor: fuse_inode_init_once); |
2030 | err = -ENOMEM; |
2031 | if (!fuse_inode_cachep) |
2032 | goto out; |
2033 | |
2034 | err = register_fuseblk(); |
2035 | if (err) |
2036 | goto out2; |
2037 | |
2038 | err = register_filesystem(&fuse_fs_type); |
2039 | if (err) |
2040 | goto out3; |
2041 | |
2042 | return 0; |
2043 | |
2044 | out3: |
2045 | unregister_fuseblk(); |
2046 | out2: |
2047 | kmem_cache_destroy(s: fuse_inode_cachep); |
2048 | out: |
2049 | return err; |
2050 | } |
2051 | |
2052 | static void fuse_fs_cleanup(void) |
2053 | { |
2054 | unregister_filesystem(&fuse_fs_type); |
2055 | unregister_fuseblk(); |
2056 | |
2057 | /* |
2058 | * Make sure all delayed rcu free inodes are flushed before we |
2059 | * destroy cache. |
2060 | */ |
2061 | rcu_barrier(); |
2062 | kmem_cache_destroy(s: fuse_inode_cachep); |
2063 | } |
2064 | |
2065 | static struct kobject *fuse_kobj; |
2066 | |
2067 | static int fuse_sysfs_init(void) |
2068 | { |
2069 | int err; |
2070 | |
2071 | fuse_kobj = kobject_create_and_add(name: "fuse" , parent: fs_kobj); |
2072 | if (!fuse_kobj) { |
2073 | err = -ENOMEM; |
2074 | goto out_err; |
2075 | } |
2076 | |
2077 | err = sysfs_create_mount_point(parent_kobj: fuse_kobj, name: "connections" ); |
2078 | if (err) |
2079 | goto out_fuse_unregister; |
2080 | |
2081 | return 0; |
2082 | |
2083 | out_fuse_unregister: |
2084 | kobject_put(kobj: fuse_kobj); |
2085 | out_err: |
2086 | return err; |
2087 | } |
2088 | |
2089 | static void fuse_sysfs_cleanup(void) |
2090 | { |
2091 | sysfs_remove_mount_point(parent_kobj: fuse_kobj, name: "connections" ); |
2092 | kobject_put(kobj: fuse_kobj); |
2093 | } |
2094 | |
2095 | static int __init fuse_init(void) |
2096 | { |
2097 | int res; |
2098 | |
2099 | pr_info("init (API version %i.%i)\n" , |
2100 | FUSE_KERNEL_VERSION, FUSE_KERNEL_MINOR_VERSION); |
2101 | |
2102 | INIT_LIST_HEAD(list: &fuse_conn_list); |
2103 | res = fuse_fs_init(); |
2104 | if (res) |
2105 | goto err; |
2106 | |
2107 | res = fuse_dev_init(); |
2108 | if (res) |
2109 | goto err_fs_cleanup; |
2110 | |
2111 | res = fuse_sysfs_init(); |
2112 | if (res) |
2113 | goto err_dev_cleanup; |
2114 | |
2115 | res = fuse_ctl_init(); |
2116 | if (res) |
2117 | goto err_sysfs_cleanup; |
2118 | |
2119 | sanitize_global_limit(limit: &max_user_bgreq); |
2120 | sanitize_global_limit(limit: &max_user_congthresh); |
2121 | |
2122 | return 0; |
2123 | |
2124 | err_sysfs_cleanup: |
2125 | fuse_sysfs_cleanup(); |
2126 | err_dev_cleanup: |
2127 | fuse_dev_cleanup(); |
2128 | err_fs_cleanup: |
2129 | fuse_fs_cleanup(); |
2130 | err: |
2131 | return res; |
2132 | } |
2133 | |
2134 | static void __exit fuse_exit(void) |
2135 | { |
2136 | pr_debug("exit\n" ); |
2137 | |
2138 | fuse_ctl_cleanup(); |
2139 | fuse_sysfs_cleanup(); |
2140 | fuse_fs_cleanup(); |
2141 | fuse_dev_cleanup(); |
2142 | } |
2143 | |
2144 | module_init(fuse_init); |
2145 | module_exit(fuse_exit); |
2146 | |