1 /* 2 FUSE: Filesystem in Userspace 3 Copyright (C) 2001-2005 Miklos Szeredi <miklos@szeredi.hu> 4 5 This program can be distributed under the terms of the GNU GPL. 6 See the file COPYING. 7 */ 8 9 #include "fuse_i.h" 10 11 #include <linux/pagemap.h> 12 #include <linux/file.h> 13 #include <linux/gfp.h> 14 #include <linux/sched.h> 15 #include <linux/namei.h> 16 17 /* 18 * FUSE caches dentries and attributes with separate timeout. The 19 * time in jiffies until the dentry/attributes are valid is stored in 20 * dentry->d_time and fuse_inode->i_time respectively. 21 */ 22 23 /* 24 * Calculate the time in jiffies until a dentry/attributes are valid 25 */ 26 static unsigned long time_to_jiffies(unsigned long sec, unsigned long nsec) 27 { 28 struct timespec ts = {sec, nsec}; 29 return jiffies + timespec_to_jiffies(&ts); 30 } 31 32 /* 33 * Set dentry and possibly attribute timeouts from the lookup/mk* 34 * replies 35 */ 36 static void fuse_change_timeout(struct dentry *entry, struct fuse_entry_out *o) 37 { 38 entry->d_time = time_to_jiffies(o->entry_valid, o->entry_valid_nsec); 39 if (entry->d_inode) 40 get_fuse_inode(entry->d_inode)->i_time = 41 time_to_jiffies(o->attr_valid, o->attr_valid_nsec); 42 } 43 44 /* 45 * Mark the attributes as stale, so that at the next call to 46 * ->getattr() they will be fetched from userspace 47 */ 48 void fuse_invalidate_attr(struct inode *inode) 49 { 50 get_fuse_inode(inode)->i_time = jiffies - 1; 51 } 52 53 /* 54 * Just mark the entry as stale, so that a next attempt to look it up 55 * will result in a new lookup call to userspace 56 * 57 * This is called when a dentry is about to become negative and the 58 * timeout is unknown (unlink, rmdir, rename and in some cases 59 * lookup) 60 */ 61 static void fuse_invalidate_entry_cache(struct dentry *entry) 62 { 63 entry->d_time = jiffies - 1; 64 } 65 66 /* 67 * Same as fuse_invalidate_entry_cache(), but also try to remove the 68 * dentry from the hash 69 */ 70 static void fuse_invalidate_entry(struct dentry *entry) 71 { 72 d_invalidate(entry); 73 fuse_invalidate_entry_cache(entry); 74 } 75 76 static void fuse_lookup_init(struct fuse_req *req, struct inode *dir, 77 struct dentry *entry, 78 struct fuse_entry_out *outarg) 79 { 80 req->in.h.opcode = FUSE_LOOKUP; 81 req->in.h.nodeid = get_node_id(dir); 82 req->inode = dir; 83 req->in.numargs = 1; 84 req->in.args[0].size = entry->d_name.len + 1; 85 req->in.args[0].value = entry->d_name.name; 86 req->out.numargs = 1; 87 req->out.args[0].size = sizeof(struct fuse_entry_out); 88 req->out.args[0].value = outarg; 89 } 90 91 /* 92 * Check whether the dentry is still valid 93 * 94 * If the entry validity timeout has expired and the dentry is 95 * positive, try to redo the lookup. If the lookup results in a 96 * different inode, then let the VFS invalidate the dentry and redo 97 * the lookup once more. If the lookup results in the same inode, 98 * then refresh the attributes, timeouts and mark the dentry valid. 99 */ 100 static int fuse_dentry_revalidate(struct dentry *entry, struct nameidata *nd) 101 { 102 struct inode *inode = entry->d_inode; 103 104 if (inode && is_bad_inode(inode)) 105 return 0; 106 else if (time_after(jiffies, entry->d_time)) { 107 int err; 108 struct fuse_entry_out outarg; 109 struct fuse_conn *fc; 110 struct fuse_req *req; 111 112 /* Doesn't hurt to "reset" the validity timeout */ 113 fuse_invalidate_entry_cache(entry); 114 115 /* For negative dentries, always do a fresh lookup */ 116 if (!inode) 117 return 0; 118 119 fc = get_fuse_conn(inode); 120 req = fuse_get_req(fc); 121 if (IS_ERR(req)) 122 return 0; 123 124 fuse_lookup_init(req, entry->d_parent->d_inode, entry, &outarg); 125 request_send(fc, req); 126 err = req->out.h.error; 127 /* Zero nodeid is same as -ENOENT */ 128 if (!err && !outarg.nodeid) 129 err = -ENOENT; 130 if (!err) { 131 struct fuse_inode *fi = get_fuse_inode(inode); 132 if (outarg.nodeid != get_node_id(inode)) { 133 fuse_send_forget(fc, req, outarg.nodeid, 1); 134 return 0; 135 } 136 fi->nlookup ++; 137 } 138 fuse_put_request(fc, req); 139 if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT) 140 return 0; 141 142 fuse_change_attributes(inode, &outarg.attr); 143 fuse_change_timeout(entry, &outarg); 144 } 145 return 1; 146 } 147 148 /* 149 * Check if there's already a hashed alias of this directory inode. 150 * If yes, then lookup and mkdir must not create a new alias. 151 */ 152 static int dir_alias(struct inode *inode) 153 { 154 if (S_ISDIR(inode->i_mode)) { 155 struct dentry *alias = d_find_alias(inode); 156 if (alias) { 157 dput(alias); 158 return 1; 159 } 160 } 161 return 0; 162 } 163 164 static int invalid_nodeid(u64 nodeid) 165 { 166 return !nodeid || nodeid == FUSE_ROOT_ID; 167 } 168 169 static struct dentry_operations fuse_dentry_operations = { 170 .d_revalidate = fuse_dentry_revalidate, 171 }; 172 173 static int valid_mode(int m) 174 { 175 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) || 176 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m); 177 } 178 179 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry, 180 struct nameidata *nd) 181 { 182 int err; 183 struct fuse_entry_out outarg; 184 struct inode *inode = NULL; 185 struct fuse_conn *fc = get_fuse_conn(dir); 186 struct fuse_req *req; 187 188 if (entry->d_name.len > FUSE_NAME_MAX) 189 return ERR_PTR(-ENAMETOOLONG); 190 191 req = fuse_get_req(fc); 192 if (IS_ERR(req)) 193 return ERR_PTR(PTR_ERR(req)); 194 195 fuse_lookup_init(req, dir, entry, &outarg); 196 request_send(fc, req); 197 err = req->out.h.error; 198 /* Zero nodeid is same as -ENOENT, but with valid timeout */ 199 if (!err && outarg.nodeid && 200 (invalid_nodeid(outarg.nodeid) || !valid_mode(outarg.attr.mode))) 201 err = -EIO; 202 if (!err && outarg.nodeid) { 203 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation, 204 &outarg.attr); 205 if (!inode) { 206 fuse_send_forget(fc, req, outarg.nodeid, 1); 207 return ERR_PTR(-ENOMEM); 208 } 209 } 210 fuse_put_request(fc, req); 211 if (err && err != -ENOENT) 212 return ERR_PTR(err); 213 214 if (inode && dir_alias(inode)) { 215 iput(inode); 216 return ERR_PTR(-EIO); 217 } 218 d_add(entry, inode); 219 entry->d_op = &fuse_dentry_operations; 220 if (!err) 221 fuse_change_timeout(entry, &outarg); 222 else 223 fuse_invalidate_entry_cache(entry); 224 return NULL; 225 } 226 227 /* 228 * Atomic create+open operation 229 * 230 * If the filesystem doesn't support this, then fall back to separate 231 * 'mknod' + 'open' requests. 232 */ 233 static int fuse_create_open(struct inode *dir, struct dentry *entry, int mode, 234 struct nameidata *nd) 235 { 236 int err; 237 struct inode *inode; 238 struct fuse_conn *fc = get_fuse_conn(dir); 239 struct fuse_req *req; 240 struct fuse_open_in inarg; 241 struct fuse_open_out outopen; 242 struct fuse_entry_out outentry; 243 struct fuse_file *ff; 244 struct file *file; 245 int flags = nd->intent.open.flags - 1; 246 247 if (fc->no_create) 248 return -ENOSYS; 249 250 req = fuse_get_req(fc); 251 if (IS_ERR(req)) 252 return PTR_ERR(req); 253 254 err = -ENOMEM; 255 ff = fuse_file_alloc(); 256 if (!ff) 257 goto out_put_request; 258 259 flags &= ~O_NOCTTY; 260 memset(&inarg, 0, sizeof(inarg)); 261 inarg.flags = flags; 262 inarg.mode = mode; 263 req->in.h.opcode = FUSE_CREATE; 264 req->in.h.nodeid = get_node_id(dir); 265 req->inode = dir; 266 req->in.numargs = 2; 267 req->in.args[0].size = sizeof(inarg); 268 req->in.args[0].value = &inarg; 269 req->in.args[1].size = entry->d_name.len + 1; 270 req->in.args[1].value = entry->d_name.name; 271 req->out.numargs = 2; 272 req->out.args[0].size = sizeof(outentry); 273 req->out.args[0].value = &outentry; 274 req->out.args[1].size = sizeof(outopen); 275 req->out.args[1].value = &outopen; 276 request_send(fc, req); 277 err = req->out.h.error; 278 if (err) { 279 if (err == -ENOSYS) 280 fc->no_create = 1; 281 goto out_free_ff; 282 } 283 284 err = -EIO; 285 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid)) 286 goto out_free_ff; 287 288 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation, 289 &outentry.attr); 290 err = -ENOMEM; 291 if (!inode) { 292 flags &= ~(O_CREAT | O_EXCL | O_TRUNC); 293 ff->fh = outopen.fh; 294 /* Special release, with inode = NULL, this will 295 trigger a 'forget' request when the release is 296 complete */ 297 fuse_send_release(fc, ff, outentry.nodeid, NULL, flags, 0); 298 goto out_put_request; 299 } 300 fuse_put_request(fc, req); 301 d_instantiate(entry, inode); 302 fuse_change_timeout(entry, &outentry); 303 file = lookup_instantiate_filp(nd, entry, generic_file_open); 304 if (IS_ERR(file)) { 305 ff->fh = outopen.fh; 306 fuse_send_release(fc, ff, outentry.nodeid, inode, flags, 0); 307 return PTR_ERR(file); 308 } 309 fuse_finish_open(inode, file, ff, &outopen); 310 return 0; 311 312 out_free_ff: 313 fuse_file_free(ff); 314 out_put_request: 315 fuse_put_request(fc, req); 316 return err; 317 } 318 319 /* 320 * Code shared between mknod, mkdir, symlink and link 321 */ 322 static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req, 323 struct inode *dir, struct dentry *entry, 324 int mode) 325 { 326 struct fuse_entry_out outarg; 327 struct inode *inode; 328 int err; 329 330 req->in.h.nodeid = get_node_id(dir); 331 req->inode = dir; 332 req->out.numargs = 1; 333 req->out.args[0].size = sizeof(outarg); 334 req->out.args[0].value = &outarg; 335 request_send(fc, req); 336 err = req->out.h.error; 337 if (err) { 338 fuse_put_request(fc, req); 339 return err; 340 } 341 err = -EIO; 342 if (invalid_nodeid(outarg.nodeid)) 343 goto out_put_request; 344 345 if ((outarg.attr.mode ^ mode) & S_IFMT) 346 goto out_put_request; 347 348 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation, 349 &outarg.attr); 350 if (!inode) { 351 fuse_send_forget(fc, req, outarg.nodeid, 1); 352 return -ENOMEM; 353 } 354 fuse_put_request(fc, req); 355 356 if (dir_alias(inode)) { 357 iput(inode); 358 return -EIO; 359 } 360 361 d_instantiate(entry, inode); 362 fuse_change_timeout(entry, &outarg); 363 fuse_invalidate_attr(dir); 364 return 0; 365 366 out_put_request: 367 fuse_put_request(fc, req); 368 return err; 369 } 370 371 static int fuse_mknod(struct inode *dir, struct dentry *entry, int mode, 372 dev_t rdev) 373 { 374 struct fuse_mknod_in inarg; 375 struct fuse_conn *fc = get_fuse_conn(dir); 376 struct fuse_req *req = fuse_get_req(fc); 377 if (IS_ERR(req)) 378 return PTR_ERR(req); 379 380 memset(&inarg, 0, sizeof(inarg)); 381 inarg.mode = mode; 382 inarg.rdev = new_encode_dev(rdev); 383 req->in.h.opcode = FUSE_MKNOD; 384 req->in.numargs = 2; 385 req->in.args[0].size = sizeof(inarg); 386 req->in.args[0].value = &inarg; 387 req->in.args[1].size = entry->d_name.len + 1; 388 req->in.args[1].value = entry->d_name.name; 389 return create_new_entry(fc, req, dir, entry, mode); 390 } 391 392 static int fuse_create(struct inode *dir, struct dentry *entry, int mode, 393 struct nameidata *nd) 394 { 395 if (nd && (nd->flags & LOOKUP_CREATE)) { 396 int err = fuse_create_open(dir, entry, mode, nd); 397 if (err != -ENOSYS) 398 return err; 399 /* Fall back on mknod */ 400 } 401 return fuse_mknod(dir, entry, mode, 0); 402 } 403 404 static int fuse_mkdir(struct inode *dir, struct dentry *entry, int mode) 405 { 406 struct fuse_mkdir_in inarg; 407 struct fuse_conn *fc = get_fuse_conn(dir); 408 struct fuse_req *req = fuse_get_req(fc); 409 if (IS_ERR(req)) 410 return PTR_ERR(req); 411 412 memset(&inarg, 0, sizeof(inarg)); 413 inarg.mode = mode; 414 req->in.h.opcode = FUSE_MKDIR; 415 req->in.numargs = 2; 416 req->in.args[0].size = sizeof(inarg); 417 req->in.args[0].value = &inarg; 418 req->in.args[1].size = entry->d_name.len + 1; 419 req->in.args[1].value = entry->d_name.name; 420 return create_new_entry(fc, req, dir, entry, S_IFDIR); 421 } 422 423 static int fuse_symlink(struct inode *dir, struct dentry *entry, 424 const char *link) 425 { 426 struct fuse_conn *fc = get_fuse_conn(dir); 427 unsigned len = strlen(link) + 1; 428 struct fuse_req *req = fuse_get_req(fc); 429 if (IS_ERR(req)) 430 return PTR_ERR(req); 431 432 req->in.h.opcode = FUSE_SYMLINK; 433 req->in.numargs = 2; 434 req->in.args[0].size = entry->d_name.len + 1; 435 req->in.args[0].value = entry->d_name.name; 436 req->in.args[1].size = len; 437 req->in.args[1].value = link; 438 return create_new_entry(fc, req, dir, entry, S_IFLNK); 439 } 440 441 static int fuse_unlink(struct inode *dir, struct dentry *entry) 442 { 443 int err; 444 struct fuse_conn *fc = get_fuse_conn(dir); 445 struct fuse_req *req = fuse_get_req(fc); 446 if (IS_ERR(req)) 447 return PTR_ERR(req); 448 449 req->in.h.opcode = FUSE_UNLINK; 450 req->in.h.nodeid = get_node_id(dir); 451 req->inode = dir; 452 req->in.numargs = 1; 453 req->in.args[0].size = entry->d_name.len + 1; 454 req->in.args[0].value = entry->d_name.name; 455 request_send(fc, req); 456 err = req->out.h.error; 457 fuse_put_request(fc, req); 458 if (!err) { 459 struct inode *inode = entry->d_inode; 460 461 /* Set nlink to zero so the inode can be cleared, if 462 the inode does have more links this will be 463 discovered at the next lookup/getattr */ 464 inode->i_nlink = 0; 465 fuse_invalidate_attr(inode); 466 fuse_invalidate_attr(dir); 467 fuse_invalidate_entry_cache(entry); 468 } else if (err == -EINTR) 469 fuse_invalidate_entry(entry); 470 return err; 471 } 472 473 static int fuse_rmdir(struct inode *dir, struct dentry *entry) 474 { 475 int err; 476 struct fuse_conn *fc = get_fuse_conn(dir); 477 struct fuse_req *req = fuse_get_req(fc); 478 if (IS_ERR(req)) 479 return PTR_ERR(req); 480 481 req->in.h.opcode = FUSE_RMDIR; 482 req->in.h.nodeid = get_node_id(dir); 483 req->inode = dir; 484 req->in.numargs = 1; 485 req->in.args[0].size = entry->d_name.len + 1; 486 req->in.args[0].value = entry->d_name.name; 487 request_send(fc, req); 488 err = req->out.h.error; 489 fuse_put_request(fc, req); 490 if (!err) { 491 entry->d_inode->i_nlink = 0; 492 fuse_invalidate_attr(dir); 493 fuse_invalidate_entry_cache(entry); 494 } else if (err == -EINTR) 495 fuse_invalidate_entry(entry); 496 return err; 497 } 498 499 static int fuse_rename(struct inode *olddir, struct dentry *oldent, 500 struct inode *newdir, struct dentry *newent) 501 { 502 int err; 503 struct fuse_rename_in inarg; 504 struct fuse_conn *fc = get_fuse_conn(olddir); 505 struct fuse_req *req = fuse_get_req(fc); 506 if (IS_ERR(req)) 507 return PTR_ERR(req); 508 509 memset(&inarg, 0, sizeof(inarg)); 510 inarg.newdir = get_node_id(newdir); 511 req->in.h.opcode = FUSE_RENAME; 512 req->in.h.nodeid = get_node_id(olddir); 513 req->inode = olddir; 514 req->inode2 = newdir; 515 req->in.numargs = 3; 516 req->in.args[0].size = sizeof(inarg); 517 req->in.args[0].value = &inarg; 518 req->in.args[1].size = oldent->d_name.len + 1; 519 req->in.args[1].value = oldent->d_name.name; 520 req->in.args[2].size = newent->d_name.len + 1; 521 req->in.args[2].value = newent->d_name.name; 522 request_send(fc, req); 523 err = req->out.h.error; 524 fuse_put_request(fc, req); 525 if (!err) { 526 fuse_invalidate_attr(olddir); 527 if (olddir != newdir) 528 fuse_invalidate_attr(newdir); 529 530 /* newent will end up negative */ 531 if (newent->d_inode) 532 fuse_invalidate_entry_cache(newent); 533 } else if (err == -EINTR) { 534 /* If request was interrupted, DEITY only knows if the 535 rename actually took place. If the invalidation 536 fails (e.g. some process has CWD under the renamed 537 directory), then there can be inconsistency between 538 the dcache and the real filesystem. Tough luck. */ 539 fuse_invalidate_entry(oldent); 540 if (newent->d_inode) 541 fuse_invalidate_entry(newent); 542 } 543 544 return err; 545 } 546 547 static int fuse_link(struct dentry *entry, struct inode *newdir, 548 struct dentry *newent) 549 { 550 int err; 551 struct fuse_link_in inarg; 552 struct inode *inode = entry->d_inode; 553 struct fuse_conn *fc = get_fuse_conn(inode); 554 struct fuse_req *req = fuse_get_req(fc); 555 if (IS_ERR(req)) 556 return PTR_ERR(req); 557 558 memset(&inarg, 0, sizeof(inarg)); 559 inarg.oldnodeid = get_node_id(inode); 560 req->in.h.opcode = FUSE_LINK; 561 req->inode2 = inode; 562 req->in.numargs = 2; 563 req->in.args[0].size = sizeof(inarg); 564 req->in.args[0].value = &inarg; 565 req->in.args[1].size = newent->d_name.len + 1; 566 req->in.args[1].value = newent->d_name.name; 567 err = create_new_entry(fc, req, newdir, newent, inode->i_mode); 568 /* Contrary to "normal" filesystems it can happen that link 569 makes two "logical" inodes point to the same "physical" 570 inode. We invalidate the attributes of the old one, so it 571 will reflect changes in the backing inode (link count, 572 etc.) 573 */ 574 if (!err || err == -EINTR) 575 fuse_invalidate_attr(inode); 576 return err; 577 } 578 579 int fuse_do_getattr(struct inode *inode) 580 { 581 int err; 582 struct fuse_attr_out arg; 583 struct fuse_conn *fc = get_fuse_conn(inode); 584 struct fuse_req *req = fuse_get_req(fc); 585 if (IS_ERR(req)) 586 return PTR_ERR(req); 587 588 req->in.h.opcode = FUSE_GETATTR; 589 req->in.h.nodeid = get_node_id(inode); 590 req->inode = inode; 591 req->out.numargs = 1; 592 req->out.args[0].size = sizeof(arg); 593 req->out.args[0].value = &arg; 594 request_send(fc, req); 595 err = req->out.h.error; 596 fuse_put_request(fc, req); 597 if (!err) { 598 if ((inode->i_mode ^ arg.attr.mode) & S_IFMT) { 599 make_bad_inode(inode); 600 err = -EIO; 601 } else { 602 struct fuse_inode *fi = get_fuse_inode(inode); 603 fuse_change_attributes(inode, &arg.attr); 604 fi->i_time = time_to_jiffies(arg.attr_valid, 605 arg.attr_valid_nsec); 606 } 607 } 608 return err; 609 } 610 611 /* 612 * Calling into a user-controlled filesystem gives the filesystem 613 * daemon ptrace-like capabilities over the requester process. This 614 * means, that the filesystem daemon is able to record the exact 615 * filesystem operations performed, and can also control the behavior 616 * of the requester process in otherwise impossible ways. For example 617 * it can delay the operation for arbitrary length of time allowing 618 * DoS against the requester. 619 * 620 * For this reason only those processes can call into the filesystem, 621 * for which the owner of the mount has ptrace privilege. This 622 * excludes processes started by other users, suid or sgid processes. 623 */ 624 static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) 625 { 626 if (fc->flags & FUSE_ALLOW_OTHER) 627 return 1; 628 629 if (task->euid == fc->user_id && 630 task->suid == fc->user_id && 631 task->uid == fc->user_id && 632 task->egid == fc->group_id && 633 task->sgid == fc->group_id && 634 task->gid == fc->group_id) 635 return 1; 636 637 return 0; 638 } 639 640 /* 641 * Check whether the inode attributes are still valid 642 * 643 * If the attribute validity timeout has expired, then fetch the fresh 644 * attributes with a 'getattr' request 645 * 646 * I'm not sure why cached attributes are never returned for the root 647 * inode, this is probably being too cautious. 648 */ 649 static int fuse_revalidate(struct dentry *entry) 650 { 651 struct inode *inode = entry->d_inode; 652 struct fuse_inode *fi = get_fuse_inode(inode); 653 struct fuse_conn *fc = get_fuse_conn(inode); 654 655 if (!fuse_allow_task(fc, current)) 656 return -EACCES; 657 if (get_node_id(inode) != FUSE_ROOT_ID && 658 time_before_eq(jiffies, fi->i_time)) 659 return 0; 660 661 return fuse_do_getattr(inode); 662 } 663 664 static int fuse_access(struct inode *inode, int mask) 665 { 666 struct fuse_conn *fc = get_fuse_conn(inode); 667 struct fuse_req *req; 668 struct fuse_access_in inarg; 669 int err; 670 671 if (fc->no_access) 672 return 0; 673 674 req = fuse_get_req(fc); 675 if (IS_ERR(req)) 676 return PTR_ERR(req); 677 678 memset(&inarg, 0, sizeof(inarg)); 679 inarg.mask = mask; 680 req->in.h.opcode = FUSE_ACCESS; 681 req->in.h.nodeid = get_node_id(inode); 682 req->inode = inode; 683 req->in.numargs = 1; 684 req->in.args[0].size = sizeof(inarg); 685 req->in.args[0].value = &inarg; 686 request_send(fc, req); 687 err = req->out.h.error; 688 fuse_put_request(fc, req); 689 if (err == -ENOSYS) { 690 fc->no_access = 1; 691 err = 0; 692 } 693 return err; 694 } 695 696 /* 697 * Check permission. The two basic access models of FUSE are: 698 * 699 * 1) Local access checking ('default_permissions' mount option) based 700 * on file mode. This is the plain old disk filesystem permission 701 * modell. 702 * 703 * 2) "Remote" access checking, where server is responsible for 704 * checking permission in each inode operation. An exception to this 705 * is if ->permission() was invoked from sys_access() in which case an 706 * access request is sent. Execute permission is still checked 707 * locally based on file mode. 708 */ 709 static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) 710 { 711 struct fuse_conn *fc = get_fuse_conn(inode); 712 713 if (!fuse_allow_task(fc, current)) 714 return -EACCES; 715 else if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { 716 int err = generic_permission(inode, mask, NULL); 717 718 /* If permission is denied, try to refresh file 719 attributes. This is also needed, because the root 720 node will at first have no permissions */ 721 if (err == -EACCES) { 722 err = fuse_do_getattr(inode); 723 if (!err) 724 err = generic_permission(inode, mask, NULL); 725 } 726 727 /* Note: the opposite of the above test does not 728 exist. So if permissions are revoked this won't be 729 noticed immediately, only after the attribute 730 timeout has expired */ 731 732 return err; 733 } else { 734 int mode = inode->i_mode; 735 if ((mask & MAY_EXEC) && !S_ISDIR(mode) && !(mode & S_IXUGO)) 736 return -EACCES; 737 738 if (nd && (nd->flags & LOOKUP_ACCESS)) 739 return fuse_access(inode, mask); 740 return 0; 741 } 742 } 743 744 static int parse_dirfile(char *buf, size_t nbytes, struct file *file, 745 void *dstbuf, filldir_t filldir) 746 { 747 while (nbytes >= FUSE_NAME_OFFSET) { 748 struct fuse_dirent *dirent = (struct fuse_dirent *) buf; 749 size_t reclen = FUSE_DIRENT_SIZE(dirent); 750 int over; 751 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX) 752 return -EIO; 753 if (reclen > nbytes) 754 break; 755 756 over = filldir(dstbuf, dirent->name, dirent->namelen, 757 file->f_pos, dirent->ino, dirent->type); 758 if (over) 759 break; 760 761 buf += reclen; 762 nbytes -= reclen; 763 file->f_pos = dirent->off; 764 } 765 766 return 0; 767 } 768 769 static int fuse_readdir(struct file *file, void *dstbuf, filldir_t filldir) 770 { 771 int err; 772 size_t nbytes; 773 struct page *page; 774 struct inode *inode = file->f_dentry->d_inode; 775 struct fuse_conn *fc = get_fuse_conn(inode); 776 struct fuse_req *req; 777 778 if (is_bad_inode(inode)) 779 return -EIO; 780 781 req = fuse_get_req(fc); 782 if (IS_ERR(req)) 783 return PTR_ERR(req); 784 785 page = alloc_page(GFP_KERNEL); 786 if (!page) { 787 fuse_put_request(fc, req); 788 return -ENOMEM; 789 } 790 req->num_pages = 1; 791 req->pages[0] = page; 792 fuse_read_fill(req, file, inode, file->f_pos, PAGE_SIZE, FUSE_READDIR); 793 request_send(fc, req); 794 nbytes = req->out.args[0].size; 795 err = req->out.h.error; 796 fuse_put_request(fc, req); 797 if (!err) 798 err = parse_dirfile(page_address(page), nbytes, file, dstbuf, 799 filldir); 800 801 __free_page(page); 802 fuse_invalidate_attr(inode); /* atime changed */ 803 return err; 804 } 805 806 static char *read_link(struct dentry *dentry) 807 { 808 struct inode *inode = dentry->d_inode; 809 struct fuse_conn *fc = get_fuse_conn(inode); 810 struct fuse_req *req = fuse_get_req(fc); 811 char *link; 812 813 if (IS_ERR(req)) 814 return ERR_PTR(PTR_ERR(req)); 815 816 link = (char *) __get_free_page(GFP_KERNEL); 817 if (!link) { 818 link = ERR_PTR(-ENOMEM); 819 goto out; 820 } 821 req->in.h.opcode = FUSE_READLINK; 822 req->in.h.nodeid = get_node_id(inode); 823 req->inode = inode; 824 req->out.argvar = 1; 825 req->out.numargs = 1; 826 req->out.args[0].size = PAGE_SIZE - 1; 827 req->out.args[0].value = link; 828 request_send(fc, req); 829 if (req->out.h.error) { 830 free_page((unsigned long) link); 831 link = ERR_PTR(req->out.h.error); 832 } else 833 link[req->out.args[0].size] = '\0'; 834 out: 835 fuse_put_request(fc, req); 836 fuse_invalidate_attr(inode); /* atime changed */ 837 return link; 838 } 839 840 static void free_link(char *link) 841 { 842 if (!IS_ERR(link)) 843 free_page((unsigned long) link); 844 } 845 846 static void *fuse_follow_link(struct dentry *dentry, struct nameidata *nd) 847 { 848 nd_set_link(nd, read_link(dentry)); 849 return NULL; 850 } 851 852 static void fuse_put_link(struct dentry *dentry, struct nameidata *nd, void *c) 853 { 854 free_link(nd_get_link(nd)); 855 } 856 857 static int fuse_dir_open(struct inode *inode, struct file *file) 858 { 859 return fuse_open_common(inode, file, 1); 860 } 861 862 static int fuse_dir_release(struct inode *inode, struct file *file) 863 { 864 return fuse_release_common(inode, file, 1); 865 } 866 867 static int fuse_dir_fsync(struct file *file, struct dentry *de, int datasync) 868 { 869 /* nfsd can call this with no file */ 870 return file ? fuse_fsync_common(file, de, datasync, 1) : 0; 871 } 872 873 static void iattr_to_fattr(struct iattr *iattr, struct fuse_setattr_in *arg) 874 { 875 unsigned ivalid = iattr->ia_valid; 876 877 if (ivalid & ATTR_MODE) 878 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode; 879 if (ivalid & ATTR_UID) 880 arg->valid |= FATTR_UID, arg->uid = iattr->ia_uid; 881 if (ivalid & ATTR_GID) 882 arg->valid |= FATTR_GID, arg->gid = iattr->ia_gid; 883 if (ivalid & ATTR_SIZE) 884 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size; 885 /* You can only _set_ these together (they may change by themselves) */ 886 if ((ivalid & (ATTR_ATIME | ATTR_MTIME)) == (ATTR_ATIME | ATTR_MTIME)) { 887 arg->valid |= FATTR_ATIME | FATTR_MTIME; 888 arg->atime = iattr->ia_atime.tv_sec; 889 arg->mtime = iattr->ia_mtime.tv_sec; 890 } 891 if (ivalid & ATTR_FILE) { 892 struct fuse_file *ff = iattr->ia_file->private_data; 893 arg->valid |= FATTR_FH; 894 arg->fh = ff->fh; 895 } 896 } 897 898 /* 899 * Set attributes, and at the same time refresh them. 900 * 901 * Truncation is slightly complicated, because the 'truncate' request 902 * may fail, in which case we don't want to touch the mapping. 903 * vmtruncate() doesn't allow for this case. So do the rlimit 904 * checking by hand and call vmtruncate() only after the file has 905 * actually been truncated. 906 */ 907 static int fuse_setattr(struct dentry *entry, struct iattr *attr) 908 { 909 struct inode *inode = entry->d_inode; 910 struct fuse_conn *fc = get_fuse_conn(inode); 911 struct fuse_inode *fi = get_fuse_inode(inode); 912 struct fuse_req *req; 913 struct fuse_setattr_in inarg; 914 struct fuse_attr_out outarg; 915 int err; 916 int is_truncate = 0; 917 918 if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { 919 err = inode_change_ok(inode, attr); 920 if (err) 921 return err; 922 } 923 924 if (attr->ia_valid & ATTR_SIZE) { 925 unsigned long limit; 926 is_truncate = 1; 927 limit = current->signal->rlim[RLIMIT_FSIZE].rlim_cur; 928 if (limit != RLIM_INFINITY && attr->ia_size > (loff_t) limit) { 929 send_sig(SIGXFSZ, current, 0); 930 return -EFBIG; 931 } 932 } 933 934 req = fuse_get_req(fc); 935 if (IS_ERR(req)) 936 return PTR_ERR(req); 937 938 memset(&inarg, 0, sizeof(inarg)); 939 iattr_to_fattr(attr, &inarg); 940 req->in.h.opcode = FUSE_SETATTR; 941 req->in.h.nodeid = get_node_id(inode); 942 req->inode = inode; 943 req->in.numargs = 1; 944 req->in.args[0].size = sizeof(inarg); 945 req->in.args[0].value = &inarg; 946 req->out.numargs = 1; 947 req->out.args[0].size = sizeof(outarg); 948 req->out.args[0].value = &outarg; 949 request_send(fc, req); 950 err = req->out.h.error; 951 fuse_put_request(fc, req); 952 if (!err) { 953 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) { 954 make_bad_inode(inode); 955 err = -EIO; 956 } else { 957 if (is_truncate) { 958 loff_t origsize = i_size_read(inode); 959 i_size_write(inode, outarg.attr.size); 960 if (origsize > outarg.attr.size) 961 vmtruncate(inode, outarg.attr.size); 962 } 963 fuse_change_attributes(inode, &outarg.attr); 964 fi->i_time = time_to_jiffies(outarg.attr_valid, 965 outarg.attr_valid_nsec); 966 } 967 } else if (err == -EINTR) 968 fuse_invalidate_attr(inode); 969 970 return err; 971 } 972 973 static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry, 974 struct kstat *stat) 975 { 976 struct inode *inode = entry->d_inode; 977 int err = fuse_revalidate(entry); 978 if (!err) 979 generic_fillattr(inode, stat); 980 981 return err; 982 } 983 984 static int fuse_setxattr(struct dentry *entry, const char *name, 985 const void *value, size_t size, int flags) 986 { 987 struct inode *inode = entry->d_inode; 988 struct fuse_conn *fc = get_fuse_conn(inode); 989 struct fuse_req *req; 990 struct fuse_setxattr_in inarg; 991 int err; 992 993 if (fc->no_setxattr) 994 return -EOPNOTSUPP; 995 996 req = fuse_get_req(fc); 997 if (IS_ERR(req)) 998 return PTR_ERR(req); 999 1000 memset(&inarg, 0, sizeof(inarg)); 1001 inarg.size = size; 1002 inarg.flags = flags; 1003 req->in.h.opcode = FUSE_SETXATTR; 1004 req->in.h.nodeid = get_node_id(inode); 1005 req->inode = inode; 1006 req->in.numargs = 3; 1007 req->in.args[0].size = sizeof(inarg); 1008 req->in.args[0].value = &inarg; 1009 req->in.args[1].size = strlen(name) + 1; 1010 req->in.args[1].value = name; 1011 req->in.args[2].size = size; 1012 req->in.args[2].value = value; 1013 request_send(fc, req); 1014 err = req->out.h.error; 1015 fuse_put_request(fc, req); 1016 if (err == -ENOSYS) { 1017 fc->no_setxattr = 1; 1018 err = -EOPNOTSUPP; 1019 } 1020 return err; 1021 } 1022 1023 static ssize_t fuse_getxattr(struct dentry *entry, const char *name, 1024 void *value, size_t size) 1025 { 1026 struct inode *inode = entry->d_inode; 1027 struct fuse_conn *fc = get_fuse_conn(inode); 1028 struct fuse_req *req; 1029 struct fuse_getxattr_in inarg; 1030 struct fuse_getxattr_out outarg; 1031 ssize_t ret; 1032 1033 if (fc->no_getxattr) 1034 return -EOPNOTSUPP; 1035 1036 req = fuse_get_req(fc); 1037 if (IS_ERR(req)) 1038 return PTR_ERR(req); 1039 1040 memset(&inarg, 0, sizeof(inarg)); 1041 inarg.size = size; 1042 req->in.h.opcode = FUSE_GETXATTR; 1043 req->in.h.nodeid = get_node_id(inode); 1044 req->inode = inode; 1045 req->in.numargs = 2; 1046 req->in.args[0].size = sizeof(inarg); 1047 req->in.args[0].value = &inarg; 1048 req->in.args[1].size = strlen(name) + 1; 1049 req->in.args[1].value = name; 1050 /* This is really two different operations rolled into one */ 1051 req->out.numargs = 1; 1052 if (size) { 1053 req->out.argvar = 1; 1054 req->out.args[0].size = size; 1055 req->out.args[0].value = value; 1056 } else { 1057 req->out.args[0].size = sizeof(outarg); 1058 req->out.args[0].value = &outarg; 1059 } 1060 request_send(fc, req); 1061 ret = req->out.h.error; 1062 if (!ret) 1063 ret = size ? req->out.args[0].size : outarg.size; 1064 else { 1065 if (ret == -ENOSYS) { 1066 fc->no_getxattr = 1; 1067 ret = -EOPNOTSUPP; 1068 } 1069 } 1070 fuse_put_request(fc, req); 1071 return ret; 1072 } 1073 1074 static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size) 1075 { 1076 struct inode *inode = entry->d_inode; 1077 struct fuse_conn *fc = get_fuse_conn(inode); 1078 struct fuse_req *req; 1079 struct fuse_getxattr_in inarg; 1080 struct fuse_getxattr_out outarg; 1081 ssize_t ret; 1082 1083 if (fc->no_listxattr) 1084 return -EOPNOTSUPP; 1085 1086 req = fuse_get_req(fc); 1087 if (IS_ERR(req)) 1088 return PTR_ERR(req); 1089 1090 memset(&inarg, 0, sizeof(inarg)); 1091 inarg.size = size; 1092 req->in.h.opcode = FUSE_LISTXATTR; 1093 req->in.h.nodeid = get_node_id(inode); 1094 req->inode = inode; 1095 req->in.numargs = 1; 1096 req->in.args[0].size = sizeof(inarg); 1097 req->in.args[0].value = &inarg; 1098 /* This is really two different operations rolled into one */ 1099 req->out.numargs = 1; 1100 if (size) { 1101 req->out.argvar = 1; 1102 req->out.args[0].size = size; 1103 req->out.args[0].value = list; 1104 } else { 1105 req->out.args[0].size = sizeof(outarg); 1106 req->out.args[0].value = &outarg; 1107 } 1108 request_send(fc, req); 1109 ret = req->out.h.error; 1110 if (!ret) 1111 ret = size ? req->out.args[0].size : outarg.size; 1112 else { 1113 if (ret == -ENOSYS) { 1114 fc->no_listxattr = 1; 1115 ret = -EOPNOTSUPP; 1116 } 1117 } 1118 fuse_put_request(fc, req); 1119 return ret; 1120 } 1121 1122 static int fuse_removexattr(struct dentry *entry, const char *name) 1123 { 1124 struct inode *inode = entry->d_inode; 1125 struct fuse_conn *fc = get_fuse_conn(inode); 1126 struct fuse_req *req; 1127 int err; 1128 1129 if (fc->no_removexattr) 1130 return -EOPNOTSUPP; 1131 1132 req = fuse_get_req(fc); 1133 if (IS_ERR(req)) 1134 return PTR_ERR(req); 1135 1136 req->in.h.opcode = FUSE_REMOVEXATTR; 1137 req->in.h.nodeid = get_node_id(inode); 1138 req->inode = inode; 1139 req->in.numargs = 1; 1140 req->in.args[0].size = strlen(name) + 1; 1141 req->in.args[0].value = name; 1142 request_send(fc, req); 1143 err = req->out.h.error; 1144 fuse_put_request(fc, req); 1145 if (err == -ENOSYS) { 1146 fc->no_removexattr = 1; 1147 err = -EOPNOTSUPP; 1148 } 1149 return err; 1150 } 1151 1152 static struct inode_operations fuse_dir_inode_operations = { 1153 .lookup = fuse_lookup, 1154 .mkdir = fuse_mkdir, 1155 .symlink = fuse_symlink, 1156 .unlink = fuse_unlink, 1157 .rmdir = fuse_rmdir, 1158 .rename = fuse_rename, 1159 .link = fuse_link, 1160 .setattr = fuse_setattr, 1161 .create = fuse_create, 1162 .mknod = fuse_mknod, 1163 .permission = fuse_permission, 1164 .getattr = fuse_getattr, 1165 .setxattr = fuse_setxattr, 1166 .getxattr = fuse_getxattr, 1167 .listxattr = fuse_listxattr, 1168 .removexattr = fuse_removexattr, 1169 }; 1170 1171 static const struct file_operations fuse_dir_operations = { 1172 .llseek = generic_file_llseek, 1173 .read = generic_read_dir, 1174 .readdir = fuse_readdir, 1175 .open = fuse_dir_open, 1176 .release = fuse_dir_release, 1177 .fsync = fuse_dir_fsync, 1178 }; 1179 1180 static struct inode_operations fuse_common_inode_operations = { 1181 .setattr = fuse_setattr, 1182 .permission = fuse_permission, 1183 .getattr = fuse_getattr, 1184 .setxattr = fuse_setxattr, 1185 .getxattr = fuse_getxattr, 1186 .listxattr = fuse_listxattr, 1187 .removexattr = fuse_removexattr, 1188 }; 1189 1190 static struct inode_operations fuse_symlink_inode_operations = { 1191 .setattr = fuse_setattr, 1192 .follow_link = fuse_follow_link, 1193 .put_link = fuse_put_link, 1194 .readlink = generic_readlink, 1195 .getattr = fuse_getattr, 1196 .setxattr = fuse_setxattr, 1197 .getxattr = fuse_getxattr, 1198 .listxattr = fuse_listxattr, 1199 .removexattr = fuse_removexattr, 1200 }; 1201 1202 void fuse_init_common(struct inode *inode) 1203 { 1204 inode->i_op = &fuse_common_inode_operations; 1205 } 1206 1207 void fuse_init_dir(struct inode *inode) 1208 { 1209 inode->i_op = &fuse_dir_inode_operations; 1210 inode->i_fop = &fuse_dir_operations; 1211 } 1212 1213 void fuse_init_symlink(struct inode *inode) 1214 { 1215 inode->i_op = &fuse_symlink_inode_operations; 1216 } 1217