1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* |
3 | * Directory notifications for Linux. |
4 | * |
5 | * Copyright (C) 2000,2001,2002 Stephen Rothwell |
6 | * |
7 | * Copyright (C) 2009 Eric Paris <Red Hat Inc> |
8 | * dnotify was largly rewritten to use the new fsnotify infrastructure |
9 | */ |
10 | #include <linux/fs.h> |
11 | #include <linux/module.h> |
12 | #include <linux/sched.h> |
13 | #include <linux/sched/signal.h> |
14 | #include <linux/dnotify.h> |
15 | #include <linux/init.h> |
16 | #include <linux/security.h> |
17 | #include <linux/spinlock.h> |
18 | #include <linux/slab.h> |
19 | #include <linux/fdtable.h> |
20 | #include <linux/fsnotify_backend.h> |
21 | |
22 | static int dir_notify_enable __read_mostly = 1; |
23 | #ifdef CONFIG_SYSCTL |
24 | static struct ctl_table dnotify_sysctls[] = { |
25 | { |
26 | .procname = "dir-notify-enable" , |
27 | .data = &dir_notify_enable, |
28 | .maxlen = sizeof(int), |
29 | .mode = 0644, |
30 | .proc_handler = proc_dointvec, |
31 | }, |
32 | }; |
33 | static void __init dnotify_sysctl_init(void) |
34 | { |
35 | register_sysctl_init("fs" , dnotify_sysctls); |
36 | } |
37 | #else |
38 | #define dnotify_sysctl_init() do { } while (0) |
39 | #endif |
40 | |
41 | static struct kmem_cache *dnotify_struct_cache __ro_after_init; |
42 | static struct kmem_cache *dnotify_mark_cache __ro_after_init; |
43 | static struct fsnotify_group *dnotify_group __ro_after_init; |
44 | |
45 | /* |
46 | * dnotify will attach one of these to each inode (i_fsnotify_marks) which |
47 | * is being watched by dnotify. If multiple userspace applications are watching |
48 | * the same directory with dnotify their information is chained in dn |
49 | */ |
50 | struct dnotify_mark { |
51 | struct fsnotify_mark fsn_mark; |
52 | struct dnotify_struct *dn; |
53 | }; |
54 | |
55 | /* |
56 | * When a process starts or stops watching an inode the set of events which |
57 | * dnotify cares about for that inode may change. This function runs the |
58 | * list of everything receiving dnotify events about this directory and calculates |
59 | * the set of all those events. After it updates what dnotify is interested in |
60 | * it calls the fsnotify function so it can update the set of all events relevant |
61 | * to this inode. |
62 | */ |
63 | static void dnotify_recalc_inode_mask(struct fsnotify_mark *fsn_mark) |
64 | { |
65 | __u32 new_mask = 0; |
66 | struct dnotify_struct *dn; |
67 | struct dnotify_mark *dn_mark = container_of(fsn_mark, |
68 | struct dnotify_mark, |
69 | fsn_mark); |
70 | |
71 | assert_spin_locked(&fsn_mark->lock); |
72 | |
73 | for (dn = dn_mark->dn; dn != NULL; dn = dn->dn_next) |
74 | new_mask |= (dn->dn_mask & ~FS_DN_MULTISHOT); |
75 | if (fsn_mark->mask == new_mask) |
76 | return; |
77 | fsn_mark->mask = new_mask; |
78 | |
79 | fsnotify_recalc_mask(conn: fsn_mark->connector); |
80 | } |
81 | |
82 | /* |
83 | * Mains fsnotify call where events are delivered to dnotify. |
84 | * Find the dnotify mark on the relevant inode, run the list of dnotify structs |
85 | * on that mark and determine which of them has expressed interest in receiving |
86 | * events of this type. When found send the correct process and signal and |
87 | * destroy the dnotify struct if it was not registered to receive multiple |
88 | * events. |
89 | */ |
90 | static int dnotify_handle_event(struct fsnotify_mark *inode_mark, u32 mask, |
91 | struct inode *inode, struct inode *dir, |
92 | const struct qstr *name, u32 cookie) |
93 | { |
94 | struct dnotify_mark *dn_mark; |
95 | struct dnotify_struct *dn; |
96 | struct dnotify_struct **prev; |
97 | struct fown_struct *fown; |
98 | __u32 test_mask = mask & ~FS_EVENT_ON_CHILD; |
99 | |
100 | /* not a dir, dnotify doesn't care */ |
101 | if (!dir && !(mask & FS_ISDIR)) |
102 | return 0; |
103 | |
104 | dn_mark = container_of(inode_mark, struct dnotify_mark, fsn_mark); |
105 | |
106 | spin_lock(lock: &inode_mark->lock); |
107 | prev = &dn_mark->dn; |
108 | while ((dn = *prev) != NULL) { |
109 | if ((dn->dn_mask & test_mask) == 0) { |
110 | prev = &dn->dn_next; |
111 | continue; |
112 | } |
113 | fown = &dn->dn_filp->f_owner; |
114 | send_sigio(fown, fd: dn->dn_fd, POLL_MSG); |
115 | if (dn->dn_mask & FS_DN_MULTISHOT) |
116 | prev = &dn->dn_next; |
117 | else { |
118 | *prev = dn->dn_next; |
119 | kmem_cache_free(s: dnotify_struct_cache, objp: dn); |
120 | dnotify_recalc_inode_mask(fsn_mark: inode_mark); |
121 | } |
122 | } |
123 | |
124 | spin_unlock(lock: &inode_mark->lock); |
125 | |
126 | return 0; |
127 | } |
128 | |
129 | static void dnotify_free_mark(struct fsnotify_mark *fsn_mark) |
130 | { |
131 | struct dnotify_mark *dn_mark = container_of(fsn_mark, |
132 | struct dnotify_mark, |
133 | fsn_mark); |
134 | |
135 | BUG_ON(dn_mark->dn); |
136 | |
137 | kmem_cache_free(s: dnotify_mark_cache, objp: dn_mark); |
138 | } |
139 | |
140 | static const struct fsnotify_ops dnotify_fsnotify_ops = { |
141 | .handle_inode_event = dnotify_handle_event, |
142 | .free_mark = dnotify_free_mark, |
143 | }; |
144 | |
145 | /* |
146 | * Called every time a file is closed. Looks first for a dnotify mark on the |
147 | * inode. If one is found run all of the ->dn structures attached to that |
148 | * mark for one relevant to this process closing the file and remove that |
149 | * dnotify_struct. If that was the last dnotify_struct also remove the |
150 | * fsnotify_mark. |
151 | */ |
152 | void dnotify_flush(struct file *filp, fl_owner_t id) |
153 | { |
154 | struct fsnotify_mark *fsn_mark; |
155 | struct dnotify_mark *dn_mark; |
156 | struct dnotify_struct *dn; |
157 | struct dnotify_struct **prev; |
158 | struct inode *inode; |
159 | bool free = false; |
160 | |
161 | inode = file_inode(f: filp); |
162 | if (!S_ISDIR(inode->i_mode)) |
163 | return; |
164 | |
165 | fsn_mark = fsnotify_find_mark(connp: &inode->i_fsnotify_marks, group: dnotify_group); |
166 | if (!fsn_mark) |
167 | return; |
168 | dn_mark = container_of(fsn_mark, struct dnotify_mark, fsn_mark); |
169 | |
170 | fsnotify_group_lock(group: dnotify_group); |
171 | |
172 | spin_lock(lock: &fsn_mark->lock); |
173 | prev = &dn_mark->dn; |
174 | while ((dn = *prev) != NULL) { |
175 | if ((dn->dn_owner == id) && (dn->dn_filp == filp)) { |
176 | *prev = dn->dn_next; |
177 | kmem_cache_free(s: dnotify_struct_cache, objp: dn); |
178 | dnotify_recalc_inode_mask(fsn_mark); |
179 | break; |
180 | } |
181 | prev = &dn->dn_next; |
182 | } |
183 | |
184 | spin_unlock(lock: &fsn_mark->lock); |
185 | |
186 | /* nothing else could have found us thanks to the dnotify_groups |
187 | mark_mutex */ |
188 | if (dn_mark->dn == NULL) { |
189 | fsnotify_detach_mark(mark: fsn_mark); |
190 | free = true; |
191 | } |
192 | |
193 | fsnotify_group_unlock(group: dnotify_group); |
194 | |
195 | if (free) |
196 | fsnotify_free_mark(mark: fsn_mark); |
197 | fsnotify_put_mark(mark: fsn_mark); |
198 | } |
199 | |
200 | /* this conversion is done only at watch creation */ |
201 | static __u32 convert_arg(unsigned int arg) |
202 | { |
203 | __u32 new_mask = FS_EVENT_ON_CHILD; |
204 | |
205 | if (arg & DN_MULTISHOT) |
206 | new_mask |= FS_DN_MULTISHOT; |
207 | if (arg & DN_DELETE) |
208 | new_mask |= (FS_DELETE | FS_MOVED_FROM); |
209 | if (arg & DN_MODIFY) |
210 | new_mask |= FS_MODIFY; |
211 | if (arg & DN_ACCESS) |
212 | new_mask |= FS_ACCESS; |
213 | if (arg & DN_ATTRIB) |
214 | new_mask |= FS_ATTRIB; |
215 | if (arg & DN_RENAME) |
216 | new_mask |= FS_RENAME; |
217 | if (arg & DN_CREATE) |
218 | new_mask |= (FS_CREATE | FS_MOVED_TO); |
219 | |
220 | return new_mask; |
221 | } |
222 | |
223 | /* |
224 | * If multiple processes watch the same inode with dnotify there is only one |
225 | * dnotify mark in inode->i_fsnotify_marks but we chain a dnotify_struct |
226 | * onto that mark. This function either attaches the new dnotify_struct onto |
227 | * that list, or it |= the mask onto an existing dnofiy_struct. |
228 | */ |
229 | static int attach_dn(struct dnotify_struct *dn, struct dnotify_mark *dn_mark, |
230 | fl_owner_t id, int fd, struct file *filp, __u32 mask) |
231 | { |
232 | struct dnotify_struct *odn; |
233 | |
234 | odn = dn_mark->dn; |
235 | while (odn != NULL) { |
236 | /* adding more events to existing dnofiy_struct? */ |
237 | if ((odn->dn_owner == id) && (odn->dn_filp == filp)) { |
238 | odn->dn_fd = fd; |
239 | odn->dn_mask |= mask; |
240 | return -EEXIST; |
241 | } |
242 | odn = odn->dn_next; |
243 | } |
244 | |
245 | dn->dn_mask = mask; |
246 | dn->dn_fd = fd; |
247 | dn->dn_filp = filp; |
248 | dn->dn_owner = id; |
249 | dn->dn_next = dn_mark->dn; |
250 | dn_mark->dn = dn; |
251 | |
252 | return 0; |
253 | } |
254 | |
255 | /* |
256 | * When a process calls fcntl to attach a dnotify watch to a directory it ends |
257 | * up here. Allocate both a mark for fsnotify to add and a dnotify_struct to be |
258 | * attached to the fsnotify_mark. |
259 | */ |
260 | int fcntl_dirnotify(int fd, struct file *filp, unsigned int arg) |
261 | { |
262 | struct dnotify_mark *new_dn_mark, *dn_mark; |
263 | struct fsnotify_mark *new_fsn_mark, *fsn_mark; |
264 | struct dnotify_struct *dn; |
265 | struct inode *inode; |
266 | fl_owner_t id = current->files; |
267 | struct file *f = NULL; |
268 | int destroy = 0, error = 0; |
269 | __u32 mask; |
270 | |
271 | /* we use these to tell if we need to kfree */ |
272 | new_fsn_mark = NULL; |
273 | dn = NULL; |
274 | |
275 | if (!dir_notify_enable) { |
276 | error = -EINVAL; |
277 | goto out_err; |
278 | } |
279 | |
280 | /* a 0 mask means we are explicitly removing the watch */ |
281 | if ((arg & ~DN_MULTISHOT) == 0) { |
282 | dnotify_flush(filp, id); |
283 | error = 0; |
284 | goto out_err; |
285 | } |
286 | |
287 | /* dnotify only works on directories */ |
288 | inode = file_inode(f: filp); |
289 | if (!S_ISDIR(inode->i_mode)) { |
290 | error = -ENOTDIR; |
291 | goto out_err; |
292 | } |
293 | |
294 | /* |
295 | * convert the userspace DN_* "arg" to the internal FS_* |
296 | * defined in fsnotify |
297 | */ |
298 | mask = convert_arg(arg); |
299 | |
300 | error = security_path_notify(path: &filp->f_path, mask, |
301 | obj_type: FSNOTIFY_OBJ_TYPE_INODE); |
302 | if (error) |
303 | goto out_err; |
304 | |
305 | /* expect most fcntl to add new rather than augment old */ |
306 | dn = kmem_cache_alloc(cachep: dnotify_struct_cache, GFP_KERNEL); |
307 | if (!dn) { |
308 | error = -ENOMEM; |
309 | goto out_err; |
310 | } |
311 | |
312 | /* new fsnotify mark, we expect most fcntl calls to add a new mark */ |
313 | new_dn_mark = kmem_cache_alloc(cachep: dnotify_mark_cache, GFP_KERNEL); |
314 | if (!new_dn_mark) { |
315 | error = -ENOMEM; |
316 | goto out_err; |
317 | } |
318 | |
319 | /* set up the new_fsn_mark and new_dn_mark */ |
320 | new_fsn_mark = &new_dn_mark->fsn_mark; |
321 | fsnotify_init_mark(mark: new_fsn_mark, group: dnotify_group); |
322 | new_fsn_mark->mask = mask; |
323 | new_dn_mark->dn = NULL; |
324 | |
325 | /* this is needed to prevent the fcntl/close race described below */ |
326 | fsnotify_group_lock(group: dnotify_group); |
327 | |
328 | /* add the new_fsn_mark or find an old one. */ |
329 | fsn_mark = fsnotify_find_mark(connp: &inode->i_fsnotify_marks, group: dnotify_group); |
330 | if (fsn_mark) { |
331 | dn_mark = container_of(fsn_mark, struct dnotify_mark, fsn_mark); |
332 | spin_lock(lock: &fsn_mark->lock); |
333 | } else { |
334 | error = fsnotify_add_inode_mark_locked(mark: new_fsn_mark, inode, add_flags: 0); |
335 | if (error) { |
336 | fsnotify_group_unlock(group: dnotify_group); |
337 | goto out_err; |
338 | } |
339 | spin_lock(lock: &new_fsn_mark->lock); |
340 | fsn_mark = new_fsn_mark; |
341 | dn_mark = new_dn_mark; |
342 | /* we used new_fsn_mark, so don't free it */ |
343 | new_fsn_mark = NULL; |
344 | } |
345 | |
346 | rcu_read_lock(); |
347 | f = lookup_fdget_rcu(fd); |
348 | rcu_read_unlock(); |
349 | |
350 | /* if (f != filp) means that we lost a race and another task/thread |
351 | * actually closed the fd we are still playing with before we grabbed |
352 | * the dnotify_groups mark_mutex and fsn_mark->lock. Since closing the |
353 | * fd is the only time we clean up the marks we need to get our mark |
354 | * off the list. */ |
355 | if (f != filp) { |
356 | /* if we added ourselves, shoot ourselves, it's possible that |
357 | * the flush actually did shoot this fsn_mark. That's fine too |
358 | * since multiple calls to destroy_mark is perfectly safe, if |
359 | * we found a dn_mark already attached to the inode, just sod |
360 | * off silently as the flush at close time dealt with it. |
361 | */ |
362 | if (dn_mark == new_dn_mark) |
363 | destroy = 1; |
364 | error = 0; |
365 | goto out; |
366 | } |
367 | |
368 | __f_setown(filp, task_pid(current), PIDTYPE_TGID, force: 0); |
369 | |
370 | error = attach_dn(dn, dn_mark, id, fd, filp, mask); |
371 | /* !error means that we attached the dn to the dn_mark, so don't free it */ |
372 | if (!error) |
373 | dn = NULL; |
374 | /* -EEXIST means that we didn't add this new dn and used an old one. |
375 | * that isn't an error (and the unused dn should be freed) */ |
376 | else if (error == -EEXIST) |
377 | error = 0; |
378 | |
379 | dnotify_recalc_inode_mask(fsn_mark); |
380 | out: |
381 | spin_unlock(lock: &fsn_mark->lock); |
382 | |
383 | if (destroy) |
384 | fsnotify_detach_mark(mark: fsn_mark); |
385 | fsnotify_group_unlock(group: dnotify_group); |
386 | if (destroy) |
387 | fsnotify_free_mark(mark: fsn_mark); |
388 | fsnotify_put_mark(mark: fsn_mark); |
389 | out_err: |
390 | if (new_fsn_mark) |
391 | fsnotify_put_mark(mark: new_fsn_mark); |
392 | if (dn) |
393 | kmem_cache_free(s: dnotify_struct_cache, objp: dn); |
394 | if (f) |
395 | fput(f); |
396 | return error; |
397 | } |
398 | |
399 | static int __init dnotify_init(void) |
400 | { |
401 | dnotify_struct_cache = KMEM_CACHE(dnotify_struct, |
402 | SLAB_PANIC|SLAB_ACCOUNT); |
403 | dnotify_mark_cache = KMEM_CACHE(dnotify_mark, SLAB_PANIC|SLAB_ACCOUNT); |
404 | |
405 | dnotify_group = fsnotify_alloc_group(ops: &dnotify_fsnotify_ops, |
406 | FSNOTIFY_GROUP_NOFS); |
407 | if (IS_ERR(ptr: dnotify_group)) |
408 | panic(fmt: "unable to allocate fsnotify group for dnotify\n" ); |
409 | dnotify_sysctl_init(); |
410 | return 0; |
411 | } |
412 | |
413 | module_init(dnotify_init) |
414 | |