xref: /linux/fs/anon_inodes.c (revision 4b660dbd9ee2059850fd30e0df420ca7a38a1856)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  fs/anon_inodes.c
4  *
5  *  Copyright (C) 2007  Davide Libenzi <davidel@xmailserver.org>
6  *
7  *  Thanks to Arnd Bergmann for code review and suggestions.
8  *  More changes for Thomas Gleixner suggestions.
9  *
10  */
11 
12 #include <linux/cred.h>
13 #include <linux/file.h>
14 #include <linux/poll.h>
15 #include <linux/sched.h>
16 #include <linux/init.h>
17 #include <linux/fs.h>
18 #include <linux/mount.h>
19 #include <linux/module.h>
20 #include <linux/kernel.h>
21 #include <linux/magic.h>
22 #include <linux/anon_inodes.h>
23 #include <linux/pseudo_fs.h>
24 
25 #include <linux/uaccess.h>
26 
27 static struct vfsmount *anon_inode_mnt __ro_after_init;
28 static struct inode *anon_inode_inode __ro_after_init;
29 
30 /*
31  * anon_inodefs_dname() is called from d_path().
32  */
33 static char *anon_inodefs_dname(struct dentry *dentry, char *buffer, int buflen)
34 {
35 	return dynamic_dname(buffer, buflen, "anon_inode:%s",
36 				dentry->d_name.name);
37 }
38 
39 static const struct dentry_operations anon_inodefs_dentry_operations = {
40 	.d_dname	= anon_inodefs_dname,
41 };
42 
43 static int anon_inodefs_init_fs_context(struct fs_context *fc)
44 {
45 	struct pseudo_fs_context *ctx = init_pseudo(fc, ANON_INODE_FS_MAGIC);
46 	if (!ctx)
47 		return -ENOMEM;
48 	ctx->dops = &anon_inodefs_dentry_operations;
49 	return 0;
50 }
51 
52 static struct file_system_type anon_inode_fs_type = {
53 	.name		= "anon_inodefs",
54 	.init_fs_context = anon_inodefs_init_fs_context,
55 	.kill_sb	= kill_anon_super,
56 };
57 
58 static struct inode *anon_inode_make_secure_inode(
59 	const char *name,
60 	const struct inode *context_inode)
61 {
62 	struct inode *inode;
63 	const struct qstr qname = QSTR_INIT(name, strlen(name));
64 	int error;
65 
66 	inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);
67 	if (IS_ERR(inode))
68 		return inode;
69 	inode->i_flags &= ~S_PRIVATE;
70 	error =	security_inode_init_security_anon(inode, &qname, context_inode);
71 	if (error) {
72 		iput(inode);
73 		return ERR_PTR(error);
74 	}
75 	return inode;
76 }
77 
78 static struct file *__anon_inode_getfile(const char *name,
79 					 const struct file_operations *fops,
80 					 void *priv, int flags,
81 					 const struct inode *context_inode,
82 					 bool make_inode)
83 {
84 	struct inode *inode;
85 	struct file *file;
86 
87 	if (fops->owner && !try_module_get(fops->owner))
88 		return ERR_PTR(-ENOENT);
89 
90 	if (make_inode) {
91 		inode =	anon_inode_make_secure_inode(name, context_inode);
92 		if (IS_ERR(inode)) {
93 			file = ERR_CAST(inode);
94 			goto err;
95 		}
96 	} else {
97 		inode =	anon_inode_inode;
98 		if (IS_ERR(inode)) {
99 			file = ERR_PTR(-ENODEV);
100 			goto err;
101 		}
102 		/*
103 		 * We know the anon_inode inode count is always
104 		 * greater than zero, so ihold() is safe.
105 		 */
106 		ihold(inode);
107 	}
108 
109 	file = alloc_file_pseudo(inode, anon_inode_mnt, name,
110 				 flags & (O_ACCMODE | O_NONBLOCK), fops);
111 	if (IS_ERR(file))
112 		goto err_iput;
113 
114 	file->f_mapping = inode->i_mapping;
115 
116 	file->private_data = priv;
117 
118 	return file;
119 
120 err_iput:
121 	iput(inode);
122 err:
123 	module_put(fops->owner);
124 	return file;
125 }
126 
127 /**
128  * anon_inode_getfile - creates a new file instance by hooking it up to an
129  *                      anonymous inode, and a dentry that describe the "class"
130  *                      of the file
131  *
132  * @name:    [in]    name of the "class" of the new file
133  * @fops:    [in]    file operations for the new file
134  * @priv:    [in]    private data for the new file (will be file's private_data)
135  * @flags:   [in]    flags
136  *
137  * Creates a new file by hooking it on a single inode. This is useful for files
138  * that do not need to have a full-fledged inode in order to operate correctly.
139  * All the files created with anon_inode_getfile() will share a single inode,
140  * hence saving memory and avoiding code duplication for the file/inode/dentry
141  * setup.  Returns the newly created file* or an error pointer.
142  */
143 struct file *anon_inode_getfile(const char *name,
144 				const struct file_operations *fops,
145 				void *priv, int flags)
146 {
147 	return __anon_inode_getfile(name, fops, priv, flags, NULL, false);
148 }
149 EXPORT_SYMBOL_GPL(anon_inode_getfile);
150 
151 /**
152  * anon_inode_create_getfile - Like anon_inode_getfile(), but creates a new
153  *                             !S_PRIVATE anon inode rather than reuse the
154  *                             singleton anon inode and calls the
155  *                             inode_init_security_anon() LSM hook.
156  *
157  * @name:    [in]    name of the "class" of the new file
158  * @fops:    [in]    file operations for the new file
159  * @priv:    [in]    private data for the new file (will be file's private_data)
160  * @flags:   [in]    flags
161  * @context_inode:
162  *           [in]    the logical relationship with the new inode (optional)
163  *
164  * Create a new anonymous inode and file pair.  This can be done for two
165  * reasons:
166  *
167  * - for the inode to have its own security context, so that LSMs can enforce
168  *   policy on the inode's creation;
169  *
170  * - if the caller needs a unique inode, for example in order to customize
171  *   the size returned by fstat()
172  *
173  * The LSM may use @context_inode in inode_init_security_anon(), but a
174  * reference to it is not held.
175  *
176  * Returns the newly created file* or an error pointer.
177  */
178 struct file *anon_inode_create_getfile(const char *name,
179 				       const struct file_operations *fops,
180 				       void *priv, int flags,
181 				       const struct inode *context_inode)
182 {
183 	return __anon_inode_getfile(name, fops, priv, flags,
184 				    context_inode, true);
185 }
186 EXPORT_SYMBOL_GPL(anon_inode_create_getfile);
187 
188 static int __anon_inode_getfd(const char *name,
189 			      const struct file_operations *fops,
190 			      void *priv, int flags,
191 			      const struct inode *context_inode,
192 			      bool make_inode)
193 {
194 	int error, fd;
195 	struct file *file;
196 
197 	error = get_unused_fd_flags(flags);
198 	if (error < 0)
199 		return error;
200 	fd = error;
201 
202 	file = __anon_inode_getfile(name, fops, priv, flags, context_inode,
203 				    make_inode);
204 	if (IS_ERR(file)) {
205 		error = PTR_ERR(file);
206 		goto err_put_unused_fd;
207 	}
208 	fd_install(fd, file);
209 
210 	return fd;
211 
212 err_put_unused_fd:
213 	put_unused_fd(fd);
214 	return error;
215 }
216 
217 /**
218  * anon_inode_getfd - creates a new file instance by hooking it up to
219  *                    an anonymous inode and a dentry that describe
220  *                    the "class" of the file
221  *
222  * @name:    [in]    name of the "class" of the new file
223  * @fops:    [in]    file operations for the new file
224  * @priv:    [in]    private data for the new file (will be file's private_data)
225  * @flags:   [in]    flags
226  *
227  * Creates a new file by hooking it on a single inode. This is
228  * useful for files that do not need to have a full-fledged inode in
229  * order to operate correctly.  All the files created with
230  * anon_inode_getfd() will use the same singleton inode, reducing
231  * memory use and avoiding code duplication for the file/inode/dentry
232  * setup.  Returns a newly created file descriptor or an error code.
233  */
234 int anon_inode_getfd(const char *name, const struct file_operations *fops,
235 		     void *priv, int flags)
236 {
237 	return __anon_inode_getfd(name, fops, priv, flags, NULL, false);
238 }
239 EXPORT_SYMBOL_GPL(anon_inode_getfd);
240 
241 /**
242  * anon_inode_create_getfd - Like anon_inode_getfd(), but creates a new
243  * !S_PRIVATE anon inode rather than reuse the singleton anon inode, and calls
244  * the inode_init_security_anon() LSM hook.
245  *
246  * @name:    [in]    name of the "class" of the new file
247  * @fops:    [in]    file operations for the new file
248  * @priv:    [in]    private data for the new file (will be file's private_data)
249  * @flags:   [in]    flags
250  * @context_inode:
251  *           [in]    the logical relationship with the new inode (optional)
252  *
253  * Create a new anonymous inode and file pair.  This can be done for two
254  * reasons:
255  *
256  * - for the inode to have its own security context, so that LSMs can enforce
257  *   policy on the inode's creation;
258  *
259  * - if the caller needs a unique inode, for example in order to customize
260  *   the size returned by fstat()
261  *
262  * The LSM may use @context_inode in inode_init_security_anon(), but a
263  * reference to it is not held.
264  *
265  * Returns a newly created file descriptor or an error code.
266  */
267 int anon_inode_create_getfd(const char *name, const struct file_operations *fops,
268 			    void *priv, int flags,
269 			    const struct inode *context_inode)
270 {
271 	return __anon_inode_getfd(name, fops, priv, flags, context_inode, true);
272 }
273 
274 static int __init anon_inode_init(void)
275 {
276 	anon_inode_mnt = kern_mount(&anon_inode_fs_type);
277 	if (IS_ERR(anon_inode_mnt))
278 		panic("anon_inode_init() kernel mount failed (%ld)\n", PTR_ERR(anon_inode_mnt));
279 
280 	anon_inode_inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);
281 	if (IS_ERR(anon_inode_inode))
282 		panic("anon_inode_init() inode allocation failed (%ld)\n", PTR_ERR(anon_inode_inode));
283 
284 	return 0;
285 }
286 
287 fs_initcall(anon_inode_init);
288 
289