2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/sched.h>
14 #include <linux/namei.h>
15 #include <linux/slab.h>
16 #include <linux/xattr.h>
17 #include <linux/iversion.h>
18 #include <linux/posix_acl.h>
20 static void fuse_advise_use_readdirplus(struct inode *dir)
22 struct fuse_inode *fi = get_fuse_inode(dir);
24 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
32 static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
34 ((union fuse_dentry *) entry->d_fsdata)->time = time;
37 static inline u64 fuse_dentry_time(struct dentry *entry)
39 return ((union fuse_dentry *) entry->d_fsdata)->time;
43 * FUSE caches dentries and attributes with separate timeout. The
44 * time in jiffies until the dentry/attributes are valid is stored in
45 * dentry->d_fsdata and fuse_inode->i_time respectively.
49 * Calculate the time in jiffies until a dentry/attributes are valid
51 static u64 time_to_jiffies(u64 sec, u32 nsec)
54 struct timespec64 ts = {
56 min_t(u32, nsec, NSEC_PER_SEC - 1)
59 return get_jiffies_64() + timespec64_to_jiffies(&ts);
65 * Set dentry and possibly attribute timeouts from the lookup/mk*
68 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
70 fuse_dentry_settime(entry,
71 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
74 static u64 attr_timeout(struct fuse_attr_out *o)
76 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
79 u64 entry_attr_timeout(struct fuse_entry_out *o)
81 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
84 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
86 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
90 * Mark the attributes as stale, so that at the next call to
91 * ->getattr() they will be fetched from userspace
93 void fuse_invalidate_attr(struct inode *inode)
95 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
98 static void fuse_dir_changed(struct inode *dir)
100 fuse_invalidate_attr(dir);
101 inode_maybe_inc_iversion(dir, false);
105 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
108 void fuse_invalidate_atime(struct inode *inode)
110 if (!IS_RDONLY(inode))
111 fuse_invalidate_attr_mask(inode, STATX_ATIME);
115 * Just mark the entry as stale, so that a next attempt to look it up
116 * will result in a new lookup call to userspace
118 * This is called when a dentry is about to become negative and the
119 * timeout is unknown (unlink, rmdir, rename and in some cases
122 void fuse_invalidate_entry_cache(struct dentry *entry)
124 fuse_dentry_settime(entry, 0);
128 * Same as fuse_invalidate_entry_cache(), but also try to remove the
129 * dentry from the hash
131 static void fuse_invalidate_entry(struct dentry *entry)
134 fuse_invalidate_entry_cache(entry);
137 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
138 u64 nodeid, const struct qstr *name,
139 struct fuse_entry_out *outarg)
141 memset(outarg, 0, sizeof(struct fuse_entry_out));
142 args->in.h.opcode = FUSE_LOOKUP;
143 args->in.h.nodeid = nodeid;
144 args->in.numargs = 1;
145 args->in.args[0].size = name->len + 1;
146 args->in.args[0].value = name->name;
147 args->out.numargs = 1;
148 args->out.args[0].size = sizeof(struct fuse_entry_out);
149 args->out.args[0].value = outarg;
153 * Check whether the dentry is still valid
155 * If the entry validity timeout has expired and the dentry is
156 * positive, try to redo the lookup. If the lookup results in a
157 * different inode, then let the VFS invalidate the dentry and redo
158 * the lookup once more. If the lookup results in the same inode,
159 * then refresh the attributes, timeouts and mark the dentry valid.
161 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
164 struct dentry *parent;
165 struct fuse_conn *fc;
166 struct fuse_inode *fi;
169 inode = d_inode_rcu(entry);
170 if (inode && is_bad_inode(inode))
172 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
173 (flags & LOOKUP_REVAL)) {
174 struct fuse_entry_out outarg;
176 struct fuse_forget_link *forget;
179 /* For negative dentries, always do a fresh lookup */
184 if (flags & LOOKUP_RCU)
187 fc = get_fuse_conn(inode);
189 forget = fuse_alloc_forget();
194 attr_version = fuse_get_attr_version(fc);
196 parent = dget_parent(entry);
197 fuse_lookup_init(fc, &args, get_node_id(d_inode(parent)),
198 &entry->d_name, &outarg);
199 ret = fuse_simple_request(fc, &args);
201 /* Zero nodeid is same as -ENOENT */
202 if (!ret && !outarg.nodeid)
205 fi = get_fuse_inode(inode);
206 if (outarg.nodeid != get_node_id(inode)) {
207 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
210 spin_lock(&fi->lock);
212 spin_unlock(&fi->lock);
217 if (ret || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
220 forget_all_cached_acls(inode);
221 fuse_change_attributes(inode, &outarg.attr,
222 entry_attr_timeout(&outarg),
224 fuse_change_entry_timeout(entry, &outarg);
226 fi = get_fuse_inode(inode);
227 if (flags & LOOKUP_RCU) {
228 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
230 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
231 parent = dget_parent(entry);
232 fuse_advise_use_readdirplus(d_inode(parent));
245 static int fuse_dentry_init(struct dentry *dentry)
247 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry), GFP_KERNEL);
249 return dentry->d_fsdata ? 0 : -ENOMEM;
251 static void fuse_dentry_release(struct dentry *dentry)
253 union fuse_dentry *fd = dentry->d_fsdata;
258 const struct dentry_operations fuse_dentry_operations = {
259 .d_revalidate = fuse_dentry_revalidate,
260 .d_init = fuse_dentry_init,
261 .d_release = fuse_dentry_release,
264 const struct dentry_operations fuse_root_dentry_operations = {
265 .d_init = fuse_dentry_init,
266 .d_release = fuse_dentry_release,
269 int fuse_valid_type(int m)
271 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
272 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
275 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
276 struct fuse_entry_out *outarg, struct inode **inode)
278 struct fuse_conn *fc = get_fuse_conn_super(sb);
280 struct fuse_forget_link *forget;
286 if (name->len > FUSE_NAME_MAX)
290 forget = fuse_alloc_forget();
295 attr_version = fuse_get_attr_version(fc);
297 fuse_lookup_init(fc, &args, nodeid, name, outarg);
298 err = fuse_simple_request(fc, &args);
299 /* Zero nodeid is same as -ENOENT, but with valid timeout */
300 if (err || !outarg->nodeid)
306 if (!fuse_valid_type(outarg->attr.mode))
309 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
310 &outarg->attr, entry_attr_timeout(outarg),
314 fuse_queue_forget(fc, forget, outarg->nodeid, 1);
325 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
329 struct fuse_entry_out outarg;
331 struct dentry *newent;
332 bool outarg_valid = true;
335 locked = fuse_lock_inode(dir);
336 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
338 fuse_unlock_inode(dir, locked);
339 if (err == -ENOENT) {
340 outarg_valid = false;
347 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
350 newent = d_splice_alias(inode, entry);
351 err = PTR_ERR(newent);
355 entry = newent ? newent : entry;
357 fuse_change_entry_timeout(entry, &outarg);
359 fuse_invalidate_entry_cache(entry);
361 fuse_advise_use_readdirplus(dir);
371 * Atomic create+open operation
373 * If the filesystem doesn't support this, then fall back to separate
374 * 'mknod' + 'open' requests.
376 static int fuse_create_open(struct inode *dir, struct dentry *entry,
377 struct file *file, unsigned flags,
382 struct fuse_conn *fc = get_fuse_conn(dir);
384 struct fuse_forget_link *forget;
385 struct fuse_create_in inarg;
386 struct fuse_open_out outopen;
387 struct fuse_entry_out outentry;
388 struct fuse_inode *fi;
389 struct fuse_file *ff;
391 /* Userspace expects S_IFREG in create mode */
392 BUG_ON((mode & S_IFMT) != S_IFREG);
394 forget = fuse_alloc_forget();
400 ff = fuse_file_alloc(fc);
402 goto out_put_forget_req;
405 mode &= ~current_umask();
408 memset(&inarg, 0, sizeof(inarg));
409 memset(&outentry, 0, sizeof(outentry));
412 inarg.umask = current_umask();
413 args.in.h.opcode = FUSE_CREATE;
414 args.in.h.nodeid = get_node_id(dir);
416 args.in.args[0].size = sizeof(inarg);
417 args.in.args[0].value = &inarg;
418 args.in.args[1].size = entry->d_name.len + 1;
419 args.in.args[1].value = entry->d_name.name;
420 args.out.numargs = 2;
421 args.out.args[0].size = sizeof(outentry);
422 args.out.args[0].value = &outentry;
423 args.out.args[1].size = sizeof(outopen);
424 args.out.args[1].value = &outopen;
425 err = fuse_simple_request(fc, &args);
430 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
434 ff->nodeid = outentry.nodeid;
435 ff->open_flags = outopen.open_flags;
436 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
437 &outentry.attr, entry_attr_timeout(&outentry), 0);
439 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
440 fuse_sync_release(NULL, ff, flags);
441 fuse_queue_forget(fc, forget, outentry.nodeid, 1);
446 d_instantiate(entry, inode);
447 fuse_change_entry_timeout(entry, &outentry);
448 fuse_dir_changed(dir);
449 err = finish_open(file, entry, generic_file_open);
451 fi = get_fuse_inode(inode);
452 fuse_sync_release(fi, ff, flags);
454 file->private_data = ff;
455 fuse_finish_open(inode, file);
467 static int fuse_mknod(struct inode *, struct dentry *, umode_t, dev_t);
468 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
469 struct file *file, unsigned flags,
473 struct fuse_conn *fc = get_fuse_conn(dir);
474 struct dentry *res = NULL;
476 if (d_in_lookup(entry)) {
477 res = fuse_lookup(dir, entry, 0);
485 if (!(flags & O_CREAT) || d_really_is_positive(entry))
489 file->f_mode |= FMODE_CREATED;
494 err = fuse_create_open(dir, entry, file, flags, mode);
495 if (err == -ENOSYS) {
504 err = fuse_mknod(dir, entry, mode, 0);
508 return finish_no_open(file, res);
512 * Code shared between mknod, mkdir, symlink and link
514 static int create_new_entry(struct fuse_conn *fc, struct fuse_args *args,
515 struct inode *dir, struct dentry *entry,
518 struct fuse_entry_out outarg;
522 struct fuse_forget_link *forget;
524 forget = fuse_alloc_forget();
528 memset(&outarg, 0, sizeof(outarg));
529 args->in.h.nodeid = get_node_id(dir);
530 args->out.numargs = 1;
531 args->out.args[0].size = sizeof(outarg);
532 args->out.args[0].value = &outarg;
533 err = fuse_simple_request(fc, args);
535 goto out_put_forget_req;
538 if (invalid_nodeid(outarg.nodeid))
539 goto out_put_forget_req;
541 if ((outarg.attr.mode ^ mode) & S_IFMT)
542 goto out_put_forget_req;
544 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
545 &outarg.attr, entry_attr_timeout(&outarg), 0);
547 fuse_queue_forget(fc, forget, outarg.nodeid, 1);
553 d = d_splice_alias(inode, entry);
558 fuse_change_entry_timeout(d, &outarg);
561 fuse_change_entry_timeout(entry, &outarg);
563 fuse_dir_changed(dir);
571 static int fuse_mknod(struct inode *dir, struct dentry *entry, umode_t mode,
574 struct fuse_mknod_in inarg;
575 struct fuse_conn *fc = get_fuse_conn(dir);
579 mode &= ~current_umask();
581 memset(&inarg, 0, sizeof(inarg));
583 inarg.rdev = new_encode_dev(rdev);
584 inarg.umask = current_umask();
585 args.in.h.opcode = FUSE_MKNOD;
587 args.in.args[0].size = sizeof(inarg);
588 args.in.args[0].value = &inarg;
589 args.in.args[1].size = entry->d_name.len + 1;
590 args.in.args[1].value = entry->d_name.name;
591 return create_new_entry(fc, &args, dir, entry, mode);
594 static int fuse_create(struct inode *dir, struct dentry *entry, umode_t mode,
597 return fuse_mknod(dir, entry, mode, 0);
600 static int fuse_mkdir(struct inode *dir, struct dentry *entry, umode_t mode)
602 struct fuse_mkdir_in inarg;
603 struct fuse_conn *fc = get_fuse_conn(dir);
607 mode &= ~current_umask();
609 memset(&inarg, 0, sizeof(inarg));
611 inarg.umask = current_umask();
612 args.in.h.opcode = FUSE_MKDIR;
614 args.in.args[0].size = sizeof(inarg);
615 args.in.args[0].value = &inarg;
616 args.in.args[1].size = entry->d_name.len + 1;
617 args.in.args[1].value = entry->d_name.name;
618 return create_new_entry(fc, &args, dir, entry, S_IFDIR);
621 static int fuse_symlink(struct inode *dir, struct dentry *entry,
624 struct fuse_conn *fc = get_fuse_conn(dir);
625 unsigned len = strlen(link) + 1;
628 args.in.h.opcode = FUSE_SYMLINK;
630 args.in.args[0].size = entry->d_name.len + 1;
631 args.in.args[0].value = entry->d_name.name;
632 args.in.args[1].size = len;
633 args.in.args[1].value = link;
634 return create_new_entry(fc, &args, dir, entry, S_IFLNK);
637 void fuse_update_ctime(struct inode *inode)
639 if (!IS_NOCMTIME(inode)) {
640 inode->i_ctime = current_time(inode);
641 mark_inode_dirty_sync(inode);
645 static int fuse_unlink(struct inode *dir, struct dentry *entry)
648 struct fuse_conn *fc = get_fuse_conn(dir);
651 args.in.h.opcode = FUSE_UNLINK;
652 args.in.h.nodeid = get_node_id(dir);
654 args.in.args[0].size = entry->d_name.len + 1;
655 args.in.args[0].value = entry->d_name.name;
656 err = fuse_simple_request(fc, &args);
658 struct inode *inode = d_inode(entry);
659 struct fuse_inode *fi = get_fuse_inode(inode);
661 spin_lock(&fi->lock);
662 fi->attr_version = atomic64_inc_return(&fc->attr_version);
664 * If i_nlink == 0 then unlink doesn't make sense, yet this can
665 * happen if userspace filesystem is careless. It would be
666 * difficult to enforce correct nlink usage so just ignore this
669 if (inode->i_nlink > 0)
671 spin_unlock(&fi->lock);
672 fuse_invalidate_attr(inode);
673 fuse_dir_changed(dir);
674 fuse_invalidate_entry_cache(entry);
675 fuse_update_ctime(inode);
676 } else if (err == -EINTR)
677 fuse_invalidate_entry(entry);
681 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
684 struct fuse_conn *fc = get_fuse_conn(dir);
687 args.in.h.opcode = FUSE_RMDIR;
688 args.in.h.nodeid = get_node_id(dir);
690 args.in.args[0].size = entry->d_name.len + 1;
691 args.in.args[0].value = entry->d_name.name;
692 err = fuse_simple_request(fc, &args);
694 clear_nlink(d_inode(entry));
695 fuse_dir_changed(dir);
696 fuse_invalidate_entry_cache(entry);
697 } else if (err == -EINTR)
698 fuse_invalidate_entry(entry);
702 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
703 struct inode *newdir, struct dentry *newent,
704 unsigned int flags, int opcode, size_t argsize)
707 struct fuse_rename2_in inarg;
708 struct fuse_conn *fc = get_fuse_conn(olddir);
711 memset(&inarg, 0, argsize);
712 inarg.newdir = get_node_id(newdir);
714 args.in.h.opcode = opcode;
715 args.in.h.nodeid = get_node_id(olddir);
717 args.in.args[0].size = argsize;
718 args.in.args[0].value = &inarg;
719 args.in.args[1].size = oldent->d_name.len + 1;
720 args.in.args[1].value = oldent->d_name.name;
721 args.in.args[2].size = newent->d_name.len + 1;
722 args.in.args[2].value = newent->d_name.name;
723 err = fuse_simple_request(fc, &args);
726 fuse_invalidate_attr(d_inode(oldent));
727 fuse_update_ctime(d_inode(oldent));
729 if (flags & RENAME_EXCHANGE) {
730 fuse_invalidate_attr(d_inode(newent));
731 fuse_update_ctime(d_inode(newent));
734 fuse_dir_changed(olddir);
735 if (olddir != newdir)
736 fuse_dir_changed(newdir);
738 /* newent will end up negative */
739 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
740 fuse_invalidate_attr(d_inode(newent));
741 fuse_invalidate_entry_cache(newent);
742 fuse_update_ctime(d_inode(newent));
744 } else if (err == -EINTR) {
745 /* If request was interrupted, DEITY only knows if the
746 rename actually took place. If the invalidation
747 fails (e.g. some process has CWD under the renamed
748 directory), then there can be inconsistency between
749 the dcache and the real filesystem. Tough luck. */
750 fuse_invalidate_entry(oldent);
751 if (d_really_is_positive(newent))
752 fuse_invalidate_entry(newent);
758 static int fuse_rename2(struct inode *olddir, struct dentry *oldent,
759 struct inode *newdir, struct dentry *newent,
762 struct fuse_conn *fc = get_fuse_conn(olddir);
765 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE))
769 if (fc->no_rename2 || fc->minor < 23)
772 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
774 sizeof(struct fuse_rename2_in));
775 if (err == -ENOSYS) {
780 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
782 sizeof(struct fuse_rename_in));
788 static int fuse_link(struct dentry *entry, struct inode *newdir,
789 struct dentry *newent)
792 struct fuse_link_in inarg;
793 struct inode *inode = d_inode(entry);
794 struct fuse_conn *fc = get_fuse_conn(inode);
797 memset(&inarg, 0, sizeof(inarg));
798 inarg.oldnodeid = get_node_id(inode);
799 args.in.h.opcode = FUSE_LINK;
801 args.in.args[0].size = sizeof(inarg);
802 args.in.args[0].value = &inarg;
803 args.in.args[1].size = newent->d_name.len + 1;
804 args.in.args[1].value = newent->d_name.name;
805 err = create_new_entry(fc, &args, newdir, newent, inode->i_mode);
806 /* Contrary to "normal" filesystems it can happen that link
807 makes two "logical" inodes point to the same "physical"
808 inode. We invalidate the attributes of the old one, so it
809 will reflect changes in the backing inode (link count,
813 struct fuse_inode *fi = get_fuse_inode(inode);
815 spin_lock(&fi->lock);
816 fi->attr_version = atomic64_inc_return(&fc->attr_version);
818 spin_unlock(&fi->lock);
819 fuse_invalidate_attr(inode);
820 fuse_update_ctime(inode);
821 } else if (err == -EINTR) {
822 fuse_invalidate_attr(inode);
827 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
830 unsigned int blkbits;
831 struct fuse_conn *fc = get_fuse_conn(inode);
833 /* see the comment in fuse_change_attributes() */
834 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
835 attr->size = i_size_read(inode);
836 attr->mtime = inode->i_mtime.tv_sec;
837 attr->mtimensec = inode->i_mtime.tv_nsec;
838 attr->ctime = inode->i_ctime.tv_sec;
839 attr->ctimensec = inode->i_ctime.tv_nsec;
842 stat->dev = inode->i_sb->s_dev;
843 stat->ino = attr->ino;
844 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
845 stat->nlink = attr->nlink;
846 stat->uid = make_kuid(fc->user_ns, attr->uid);
847 stat->gid = make_kgid(fc->user_ns, attr->gid);
848 stat->rdev = inode->i_rdev;
849 stat->atime.tv_sec = attr->atime;
850 stat->atime.tv_nsec = attr->atimensec;
851 stat->mtime.tv_sec = attr->mtime;
852 stat->mtime.tv_nsec = attr->mtimensec;
853 stat->ctime.tv_sec = attr->ctime;
854 stat->ctime.tv_nsec = attr->ctimensec;
855 stat->size = attr->size;
856 stat->blocks = attr->blocks;
858 if (attr->blksize != 0)
859 blkbits = ilog2(attr->blksize);
861 blkbits = inode->i_sb->s_blocksize_bits;
863 stat->blksize = 1 << blkbits;
866 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
870 struct fuse_getattr_in inarg;
871 struct fuse_attr_out outarg;
872 struct fuse_conn *fc = get_fuse_conn(inode);
876 attr_version = fuse_get_attr_version(fc);
878 memset(&inarg, 0, sizeof(inarg));
879 memset(&outarg, 0, sizeof(outarg));
880 /* Directories have separate file-handle space */
881 if (file && S_ISREG(inode->i_mode)) {
882 struct fuse_file *ff = file->private_data;
884 inarg.getattr_flags |= FUSE_GETATTR_FH;
887 args.in.h.opcode = FUSE_GETATTR;
888 args.in.h.nodeid = get_node_id(inode);
890 args.in.args[0].size = sizeof(inarg);
891 args.in.args[0].value = &inarg;
892 args.out.numargs = 1;
893 args.out.args[0].size = sizeof(outarg);
894 args.out.args[0].value = &outarg;
895 err = fuse_simple_request(fc, &args);
897 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
898 make_bad_inode(inode);
901 fuse_change_attributes(inode, &outarg.attr,
902 attr_timeout(&outarg),
905 fuse_fillattr(inode, &outarg.attr, stat);
911 static int fuse_update_get_attr(struct inode *inode, struct file *file,
912 struct kstat *stat, u32 request_mask,
915 struct fuse_inode *fi = get_fuse_inode(inode);
919 if (flags & AT_STATX_FORCE_SYNC)
921 else if (flags & AT_STATX_DONT_SYNC)
923 else if (request_mask & READ_ONCE(fi->inval_mask))
926 sync = time_before64(fi->i_time, get_jiffies_64());
929 forget_all_cached_acls(inode);
930 err = fuse_do_getattr(inode, stat, file);
932 generic_fillattr(inode, stat);
933 stat->mode = fi->orig_i_mode;
934 stat->ino = fi->orig_ino;
940 int fuse_update_attributes(struct inode *inode, struct file *file)
942 /* Do *not* need to get atime for internal purposes */
943 return fuse_update_get_attr(inode, file, NULL,
944 STATX_BASIC_STATS & ~STATX_ATIME, 0);
947 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
948 u64 child_nodeid, struct qstr *name)
951 struct inode *parent;
953 struct dentry *entry;
955 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
960 if (!S_ISDIR(parent->i_mode))
964 dir = d_find_alias(parent);
968 name->hash = full_name_hash(dir, name->name, name->len);
969 entry = d_lookup(dir, name);
974 fuse_dir_changed(parent);
975 fuse_invalidate_entry(entry);
977 if (child_nodeid != 0 && d_really_is_positive(entry)) {
978 inode_lock(d_inode(entry));
979 if (get_node_id(d_inode(entry)) != child_nodeid) {
983 if (d_mountpoint(entry)) {
987 if (d_is_dir(entry)) {
988 shrink_dcache_parent(entry);
989 if (!simple_empty(entry)) {
993 d_inode(entry)->i_flags |= S_DEAD;
996 clear_nlink(d_inode(entry));
999 inode_unlock(d_inode(entry));
1008 inode_unlock(parent);
1014 * Calling into a user-controlled filesystem gives the filesystem
1015 * daemon ptrace-like capabilities over the current process. This
1016 * means, that the filesystem daemon is able to record the exact
1017 * filesystem operations performed, and can also control the behavior
1018 * of the requester process in otherwise impossible ways. For example
1019 * it can delay the operation for arbitrary length of time allowing
1020 * DoS against the requester.
1022 * For this reason only those processes can call into the filesystem,
1023 * for which the owner of the mount has ptrace privilege. This
1024 * excludes processes started by other users, suid or sgid processes.
1026 int fuse_allow_current_process(struct fuse_conn *fc)
1028 const struct cred *cred;
1030 if (fc->allow_other)
1031 return current_in_userns(fc->user_ns);
1033 cred = current_cred();
1034 if (uid_eq(cred->euid, fc->user_id) &&
1035 uid_eq(cred->suid, fc->user_id) &&
1036 uid_eq(cred->uid, fc->user_id) &&
1037 gid_eq(cred->egid, fc->group_id) &&
1038 gid_eq(cred->sgid, fc->group_id) &&
1039 gid_eq(cred->gid, fc->group_id))
1045 static int fuse_access(struct inode *inode, int mask)
1047 struct fuse_conn *fc = get_fuse_conn(inode);
1049 struct fuse_access_in inarg;
1052 BUG_ON(mask & MAY_NOT_BLOCK);
1057 memset(&inarg, 0, sizeof(inarg));
1058 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1059 args.in.h.opcode = FUSE_ACCESS;
1060 args.in.h.nodeid = get_node_id(inode);
1061 args.in.numargs = 1;
1062 args.in.args[0].size = sizeof(inarg);
1063 args.in.args[0].value = &inarg;
1064 err = fuse_simple_request(fc, &args);
1065 if (err == -ENOSYS) {
1072 static int fuse_perm_getattr(struct inode *inode, int mask)
1074 if (mask & MAY_NOT_BLOCK)
1077 forget_all_cached_acls(inode);
1078 return fuse_do_getattr(inode, NULL, NULL);
1082 * Check permission. The two basic access models of FUSE are:
1084 * 1) Local access checking ('default_permissions' mount option) based
1085 * on file mode. This is the plain old disk filesystem permission
1088 * 2) "Remote" access checking, where server is responsible for
1089 * checking permission in each inode operation. An exception to this
1090 * is if ->permission() was invoked from sys_access() in which case an
1091 * access request is sent. Execute permission is still checked
1092 * locally based on file mode.
1094 static int fuse_permission(struct inode *inode, int mask)
1096 struct fuse_conn *fc = get_fuse_conn(inode);
1097 bool refreshed = false;
1100 if (!fuse_allow_current_process(fc))
1104 * If attributes are needed, refresh them before proceeding
1106 if (fc->default_permissions ||
1107 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1108 struct fuse_inode *fi = get_fuse_inode(inode);
1109 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1111 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1112 time_before64(fi->i_time, get_jiffies_64())) {
1115 err = fuse_perm_getattr(inode, mask);
1121 if (fc->default_permissions) {
1122 err = generic_permission(inode, mask);
1124 /* If permission is denied, try to refresh file
1125 attributes. This is also needed, because the root
1126 node will at first have no permissions */
1127 if (err == -EACCES && !refreshed) {
1128 err = fuse_perm_getattr(inode, mask);
1130 err = generic_permission(inode, mask);
1133 /* Note: the opposite of the above test does not
1134 exist. So if permissions are revoked this won't be
1135 noticed immediately, only after the attribute
1136 timeout has expired */
1137 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1138 err = fuse_access(inode, mask);
1139 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1140 if (!(inode->i_mode & S_IXUGO)) {
1144 err = fuse_perm_getattr(inode, mask);
1145 if (!err && !(inode->i_mode & S_IXUGO))
1152 static int fuse_readlink_page(struct inode *inode, struct page *page)
1154 struct fuse_conn *fc = get_fuse_conn(inode);
1155 struct fuse_req *req;
1158 req = fuse_get_req(fc, 1);
1160 return PTR_ERR(req);
1162 req->out.page_zeroing = 1;
1163 req->out.argpages = 1;
1165 req->pages[0] = page;
1166 req->page_descs[0].length = PAGE_SIZE - 1;
1167 req->in.h.opcode = FUSE_READLINK;
1168 req->in.h.nodeid = get_node_id(inode);
1169 req->out.argvar = 1;
1170 req->out.numargs = 1;
1171 req->out.args[0].size = PAGE_SIZE - 1;
1172 fuse_request_send(fc, req);
1173 err = req->out.h.error;
1176 char *link = page_address(page);
1177 size_t len = req->out.args[0].size;
1179 BUG_ON(len >= PAGE_SIZE);
1183 fuse_put_request(fc, req);
1184 fuse_invalidate_atime(inode);
1189 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1190 struct delayed_call *callback)
1192 struct fuse_conn *fc = get_fuse_conn(inode);
1197 if (is_bad_inode(inode))
1200 if (fc->cache_symlinks)
1201 return page_get_link(dentry, inode, callback);
1207 page = alloc_page(GFP_KERNEL);
1212 err = fuse_readlink_page(inode, page);
1218 set_delayed_call(callback, page_put_link, page);
1220 return page_address(page);
1223 return ERR_PTR(err);
1226 static int fuse_dir_open(struct inode *inode, struct file *file)
1228 return fuse_open_common(inode, file, true);
1231 static int fuse_dir_release(struct inode *inode, struct file *file)
1233 fuse_release_common(file, true);
1238 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1241 struct inode *inode = file->f_mapping->host;
1242 struct fuse_conn *fc = get_fuse_conn(inode);
1245 if (is_bad_inode(inode))
1248 if (fc->no_fsyncdir)
1252 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1253 if (err == -ENOSYS) {
1254 fc->no_fsyncdir = 1;
1257 inode_unlock(inode);
1262 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1265 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1267 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1271 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1274 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1277 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1282 return fuse_ioctl_common(file, cmd, arg,
1283 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1286 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1288 /* Always update if mtime is explicitly set */
1289 if (ivalid & ATTR_MTIME_SET)
1292 /* Or if kernel i_mtime is the official one */
1293 if (trust_local_mtime)
1296 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1297 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1300 /* In all other cases update */
1304 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1305 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1307 unsigned ivalid = iattr->ia_valid;
1309 if (ivalid & ATTR_MODE)
1310 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1311 if (ivalid & ATTR_UID)
1312 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1313 if (ivalid & ATTR_GID)
1314 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1315 if (ivalid & ATTR_SIZE)
1316 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1317 if (ivalid & ATTR_ATIME) {
1318 arg->valid |= FATTR_ATIME;
1319 arg->atime = iattr->ia_atime.tv_sec;
1320 arg->atimensec = iattr->ia_atime.tv_nsec;
1321 if (!(ivalid & ATTR_ATIME_SET))
1322 arg->valid |= FATTR_ATIME_NOW;
1324 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1325 arg->valid |= FATTR_MTIME;
1326 arg->mtime = iattr->ia_mtime.tv_sec;
1327 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1328 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1329 arg->valid |= FATTR_MTIME_NOW;
1331 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1332 arg->valid |= FATTR_CTIME;
1333 arg->ctime = iattr->ia_ctime.tv_sec;
1334 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1339 * Prevent concurrent writepages on inode
1341 * This is done by adding a negative bias to the inode write counter
1342 * and waiting for all pending writes to finish.
1344 void fuse_set_nowrite(struct inode *inode)
1346 struct fuse_inode *fi = get_fuse_inode(inode);
1348 BUG_ON(!inode_is_locked(inode));
1350 spin_lock(&fi->lock);
1351 BUG_ON(fi->writectr < 0);
1352 fi->writectr += FUSE_NOWRITE;
1353 spin_unlock(&fi->lock);
1354 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1358 * Allow writepages on inode
1360 * Remove the bias from the writecounter and send any queued
1363 static void __fuse_release_nowrite(struct inode *inode)
1365 struct fuse_inode *fi = get_fuse_inode(inode);
1367 BUG_ON(fi->writectr != FUSE_NOWRITE);
1369 fuse_flush_writepages(inode);
1372 void fuse_release_nowrite(struct inode *inode)
1374 struct fuse_inode *fi = get_fuse_inode(inode);
1376 spin_lock(&fi->lock);
1377 __fuse_release_nowrite(inode);
1378 spin_unlock(&fi->lock);
1381 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1382 struct inode *inode,
1383 struct fuse_setattr_in *inarg_p,
1384 struct fuse_attr_out *outarg_p)
1386 args->in.h.opcode = FUSE_SETATTR;
1387 args->in.h.nodeid = get_node_id(inode);
1388 args->in.numargs = 1;
1389 args->in.args[0].size = sizeof(*inarg_p);
1390 args->in.args[0].value = inarg_p;
1391 args->out.numargs = 1;
1392 args->out.args[0].size = sizeof(*outarg_p);
1393 args->out.args[0].value = outarg_p;
1397 * Flush inode->i_mtime to the server
1399 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1401 struct fuse_conn *fc = get_fuse_conn(inode);
1403 struct fuse_setattr_in inarg;
1404 struct fuse_attr_out outarg;
1406 memset(&inarg, 0, sizeof(inarg));
1407 memset(&outarg, 0, sizeof(outarg));
1409 inarg.valid = FATTR_MTIME;
1410 inarg.mtime = inode->i_mtime.tv_sec;
1411 inarg.mtimensec = inode->i_mtime.tv_nsec;
1412 if (fc->minor >= 23) {
1413 inarg.valid |= FATTR_CTIME;
1414 inarg.ctime = inode->i_ctime.tv_sec;
1415 inarg.ctimensec = inode->i_ctime.tv_nsec;
1418 inarg.valid |= FATTR_FH;
1421 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1423 return fuse_simple_request(fc, &args);
1427 * Set attributes, and at the same time refresh them.
1429 * Truncation is slightly complicated, because the 'truncate' request
1430 * may fail, in which case we don't want to touch the mapping.
1431 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1432 * and the actual truncation by hand.
1434 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1437 struct inode *inode = d_inode(dentry);
1438 struct fuse_conn *fc = get_fuse_conn(inode);
1439 struct fuse_inode *fi = get_fuse_inode(inode);
1441 struct fuse_setattr_in inarg;
1442 struct fuse_attr_out outarg;
1443 bool is_truncate = false;
1444 bool is_wb = fc->writeback_cache;
1447 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1449 if (!fc->default_permissions)
1450 attr->ia_valid |= ATTR_FORCE;
1452 err = setattr_prepare(dentry, attr);
1456 if (attr->ia_valid & ATTR_OPEN) {
1457 /* This is coming from open(..., ... | O_TRUNC); */
1458 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1459 WARN_ON(attr->ia_size != 0);
1460 if (fc->atomic_o_trunc) {
1462 * No need to send request to userspace, since actual
1463 * truncation has already been done by OPEN. But still
1464 * need to truncate page cache.
1466 i_size_write(inode, 0);
1467 truncate_pagecache(inode, 0);
1473 if (attr->ia_valid & ATTR_SIZE) {
1474 if (WARN_ON(!S_ISREG(inode->i_mode)))
1479 /* Flush dirty data/metadata before non-truncate SETATTR */
1480 if (is_wb && S_ISREG(inode->i_mode) &&
1482 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1484 err = write_inode_now(inode, true);
1488 fuse_set_nowrite(inode);
1489 fuse_release_nowrite(inode);
1493 fuse_set_nowrite(inode);
1494 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1495 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1496 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1499 memset(&inarg, 0, sizeof(inarg));
1500 memset(&outarg, 0, sizeof(outarg));
1501 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1503 struct fuse_file *ff = file->private_data;
1504 inarg.valid |= FATTR_FH;
1507 if (attr->ia_valid & ATTR_SIZE) {
1508 /* For mandatory locking in truncate */
1509 inarg.valid |= FATTR_LOCKOWNER;
1510 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1512 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1513 err = fuse_simple_request(fc, &args);
1516 fuse_invalidate_attr(inode);
1520 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1521 make_bad_inode(inode);
1526 spin_lock(&fi->lock);
1527 /* the kernel maintains i_mtime locally */
1528 if (trust_local_cmtime) {
1529 if (attr->ia_valid & ATTR_MTIME)
1530 inode->i_mtime = attr->ia_mtime;
1531 if (attr->ia_valid & ATTR_CTIME)
1532 inode->i_ctime = attr->ia_ctime;
1533 /* FIXME: clear I_DIRTY_SYNC? */
1536 fuse_change_attributes_common(inode, &outarg.attr,
1537 attr_timeout(&outarg));
1538 oldsize = inode->i_size;
1539 /* see the comment in fuse_change_attributes() */
1540 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1541 i_size_write(inode, outarg.attr.size);
1544 /* NOTE: this may release/reacquire fi->lock */
1545 __fuse_release_nowrite(inode);
1547 spin_unlock(&fi->lock);
1550 * Only call invalidate_inode_pages2() after removing
1551 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1553 if ((is_truncate || !is_wb) &&
1554 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1555 truncate_pagecache(inode, outarg.attr.size);
1556 invalidate_inode_pages2(inode->i_mapping);
1559 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1564 fuse_release_nowrite(inode);
1566 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1570 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1572 struct inode *inode = d_inode(entry);
1573 struct fuse_conn *fc = get_fuse_conn(inode);
1574 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1577 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1580 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1581 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1585 * The only sane way to reliably kill suid/sgid is to do it in
1586 * the userspace filesystem
1588 * This should be done on write(), truncate() and chown().
1590 if (!fc->handle_killpriv) {
1592 * ia_mode calculation may have used stale i_mode.
1593 * Refresh and recalculate.
1595 ret = fuse_do_getattr(inode, NULL, file);
1599 attr->ia_mode = inode->i_mode;
1600 if (inode->i_mode & S_ISUID) {
1601 attr->ia_valid |= ATTR_MODE;
1602 attr->ia_mode &= ~S_ISUID;
1604 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1605 attr->ia_valid |= ATTR_MODE;
1606 attr->ia_mode &= ~S_ISGID;
1610 if (!attr->ia_valid)
1613 ret = fuse_do_setattr(entry, attr, file);
1616 * If filesystem supports acls it may have updated acl xattrs in
1617 * the filesystem, so forget cached acls for the inode.
1620 forget_all_cached_acls(inode);
1622 /* Directory mode changed, may need to revalidate access */
1623 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1624 fuse_invalidate_entry_cache(entry);
1629 static int fuse_getattr(const struct path *path, struct kstat *stat,
1630 u32 request_mask, unsigned int flags)
1632 struct inode *inode = d_inode(path->dentry);
1633 struct fuse_conn *fc = get_fuse_conn(inode);
1635 if (!fuse_allow_current_process(fc))
1638 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
1641 static const struct inode_operations fuse_dir_inode_operations = {
1642 .lookup = fuse_lookup,
1643 .mkdir = fuse_mkdir,
1644 .symlink = fuse_symlink,
1645 .unlink = fuse_unlink,
1646 .rmdir = fuse_rmdir,
1647 .rename = fuse_rename2,
1649 .setattr = fuse_setattr,
1650 .create = fuse_create,
1651 .atomic_open = fuse_atomic_open,
1652 .mknod = fuse_mknod,
1653 .permission = fuse_permission,
1654 .getattr = fuse_getattr,
1655 .listxattr = fuse_listxattr,
1656 .get_acl = fuse_get_acl,
1657 .set_acl = fuse_set_acl,
1660 static const struct file_operations fuse_dir_operations = {
1661 .llseek = generic_file_llseek,
1662 .read = generic_read_dir,
1663 .iterate_shared = fuse_readdir,
1664 .open = fuse_dir_open,
1665 .release = fuse_dir_release,
1666 .fsync = fuse_dir_fsync,
1667 .unlocked_ioctl = fuse_dir_ioctl,
1668 .compat_ioctl = fuse_dir_compat_ioctl,
1671 static const struct inode_operations fuse_common_inode_operations = {
1672 .setattr = fuse_setattr,
1673 .permission = fuse_permission,
1674 .getattr = fuse_getattr,
1675 .listxattr = fuse_listxattr,
1676 .get_acl = fuse_get_acl,
1677 .set_acl = fuse_set_acl,
1680 static const struct inode_operations fuse_symlink_inode_operations = {
1681 .setattr = fuse_setattr,
1682 .get_link = fuse_get_link,
1683 .getattr = fuse_getattr,
1684 .listxattr = fuse_listxattr,
1687 void fuse_init_common(struct inode *inode)
1689 inode->i_op = &fuse_common_inode_operations;
1692 void fuse_init_dir(struct inode *inode)
1694 struct fuse_inode *fi = get_fuse_inode(inode);
1696 inode->i_op = &fuse_dir_inode_operations;
1697 inode->i_fop = &fuse_dir_operations;
1699 spin_lock_init(&fi->rdc.lock);
1700 fi->rdc.cached = false;
1703 fi->rdc.version = 0;
1706 static int fuse_symlink_readpage(struct file *null, struct page *page)
1708 int err = fuse_readlink_page(page->mapping->host, page);
1711 SetPageUptodate(page);
1718 static const struct address_space_operations fuse_symlink_aops = {
1719 .readpage = fuse_symlink_readpage,
1722 void fuse_init_symlink(struct inode *inode)
1724 inode->i_op = &fuse_symlink_inode_operations;
1725 inode->i_data.a_ops = &fuse_symlink_aops;
1726 inode_nohighmem(inode);
projects / librecmc / linux-libre.git / blob