1 // SPDX-License-Identifier: GPL-2.0-only 2 3 #include "dev.h" 4 #include "fuse_i.h" 5 #include <linux/pagemap.h> 6 7 static int fuse_notify_poll(struct fuse_conn *fc, unsigned int size, 8 struct fuse_copy_state *cs) 9 { 10 struct fuse_notify_poll_wakeup_out outarg; 11 int err; 12 13 if (size != sizeof(outarg)) 14 return -EINVAL; 15 16 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 17 if (err) 18 return err; 19 20 fuse_copy_finish(cs); 21 return fuse_notify_poll_wakeup(fc, &outarg); 22 } 23 24 static int fuse_notify_inval_inode(struct fuse_conn *fc, unsigned int size, 25 struct fuse_copy_state *cs) 26 { 27 struct fuse_notify_inval_inode_out outarg; 28 int err; 29 30 if (size != sizeof(outarg)) 31 return -EINVAL; 32 33 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 34 if (err) 35 return err; 36 fuse_copy_finish(cs); 37 38 down_read(&fc->killsb); 39 err = fuse_reverse_inval_inode(fc, outarg.ino, 40 outarg.off, outarg.len); 41 up_read(&fc->killsb); 42 return err; 43 } 44 45 static int fuse_notify_inval_entry(struct fuse_conn *fc, unsigned int size, 46 struct fuse_copy_state *cs) 47 { 48 struct fuse_notify_inval_entry_out outarg; 49 int err; 50 char *buf; 51 struct qstr name; 52 53 if (size < sizeof(outarg)) 54 return -EINVAL; 55 56 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 57 if (err) 58 return err; 59 60 if (outarg.namelen > fc->name_max) 61 return -ENAMETOOLONG; 62 63 err = -EINVAL; 64 if (size != sizeof(outarg) + outarg.namelen + 1) 65 return -EINVAL; 66 67 buf = kzalloc(outarg.namelen + 1, GFP_KERNEL); 68 if (!buf) 69 return -ENOMEM; 70 71 name.name = buf; 72 name.len = outarg.namelen; 73 err = fuse_copy_one(cs, buf, outarg.namelen + 1); 74 if (err) 75 goto err; 76 fuse_copy_finish(cs); 77 buf[outarg.namelen] = 0; 78 79 down_read(&fc->killsb); 80 err = fuse_reverse_inval_entry(fc, outarg.parent, 0, &name, outarg.flags); 81 up_read(&fc->killsb); 82 err: 83 kfree(buf); 84 return err; 85 } 86 87 static int fuse_notify_delete(struct fuse_conn *fc, unsigned int size, 88 struct fuse_copy_state *cs) 89 { 90 struct fuse_notify_delete_out outarg; 91 int err; 92 char *buf; 93 struct qstr name; 94 95 if (size < sizeof(outarg)) 96 return -EINVAL; 97 98 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 99 if (err) 100 return err; 101 102 if (outarg.namelen > fc->name_max) 103 return -ENAMETOOLONG; 104 105 if (size != sizeof(outarg) + outarg.namelen + 1) 106 return -EINVAL; 107 108 buf = kzalloc(outarg.namelen + 1, GFP_KERNEL); 109 if (!buf) 110 return -ENOMEM; 111 112 name.name = buf; 113 name.len = outarg.namelen; 114 err = fuse_copy_one(cs, buf, outarg.namelen + 1); 115 if (err) 116 goto err; 117 fuse_copy_finish(cs); 118 buf[outarg.namelen] = 0; 119 120 down_read(&fc->killsb); 121 err = fuse_reverse_inval_entry(fc, outarg.parent, outarg.child, &name, 0); 122 up_read(&fc->killsb); 123 err: 124 kfree(buf); 125 return err; 126 } 127 128 static int fuse_notify_store(struct fuse_conn *fc, unsigned int size, 129 struct fuse_copy_state *cs) 130 { 131 struct fuse_notify_store_out outarg; 132 struct inode *inode; 133 struct address_space *mapping; 134 u64 nodeid; 135 int err; 136 unsigned int num; 137 loff_t file_size; 138 loff_t pos; 139 loff_t end; 140 141 if (size < sizeof(outarg)) 142 return -EINVAL; 143 144 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 145 if (err) 146 return err; 147 148 if (size - sizeof(outarg) != outarg.size) 149 return -EINVAL; 150 151 if (outarg.offset >= MAX_LFS_FILESIZE) 152 return -EINVAL; 153 154 nodeid = outarg.nodeid; 155 pos = outarg.offset; 156 num = min(outarg.size, MAX_LFS_FILESIZE - pos); 157 158 down_read(&fc->killsb); 159 160 err = -ENOENT; 161 inode = fuse_ilookup(fc, nodeid, NULL); 162 if (!inode) 163 goto out_up_killsb; 164 if (!S_ISREG(inode->i_mode)) { 165 err = -EINVAL; 166 goto out_iput; 167 } 168 169 mapping = inode->i_mapping; 170 file_size = i_size_read(inode); 171 end = pos + num; 172 if (end > file_size) { 173 file_size = end; 174 fuse_write_update_attr(inode, file_size, num); 175 } 176 177 while (num) { 178 struct folio *folio; 179 unsigned int folio_offset; 180 unsigned int nr_bytes; 181 pgoff_t index = pos >> PAGE_SHIFT; 182 183 folio = filemap_grab_folio(mapping, index); 184 err = PTR_ERR(folio); 185 if (IS_ERR(folio)) 186 goto out_iput; 187 188 folio_offset = offset_in_folio(folio, pos); 189 nr_bytes = min(num, folio_size(folio) - folio_offset); 190 191 err = fuse_copy_folio(cs, &folio, folio_offset, nr_bytes, 0); 192 if (!folio_test_uptodate(folio) && !err && folio_offset == 0 && 193 (nr_bytes == folio_size(folio) || file_size == end)) { 194 folio_zero_segment(folio, nr_bytes, folio_size(folio)); 195 folio_mark_uptodate(folio); 196 } 197 folio_unlock(folio); 198 folio_put(folio); 199 200 if (err) 201 goto out_iput; 202 203 pos += nr_bytes; 204 num -= nr_bytes; 205 } 206 207 err = 0; 208 209 out_iput: 210 iput(inode); 211 out_up_killsb: 212 up_read(&fc->killsb); 213 return err; 214 } 215 216 struct fuse_retrieve_args { 217 struct fuse_args_pages ap; 218 struct fuse_notify_retrieve_in inarg; 219 }; 220 221 static void fuse_retrieve_end(struct fuse_args *args, int error) 222 { 223 struct fuse_retrieve_args *ra = 224 container_of(args, typeof(*ra), ap.args); 225 226 release_pages(ra->ap.folios, ra->ap.num_folios); 227 kfree(ra); 228 } 229 230 static int fuse_retrieve(struct fuse_mount *fm, struct inode *inode, 231 struct fuse_notify_retrieve_out *outarg) 232 { 233 int err; 234 struct address_space *mapping = inode->i_mapping; 235 loff_t file_size; 236 unsigned int num; 237 unsigned int offset; 238 size_t total_len = 0; 239 unsigned int num_pages; 240 struct fuse_conn *fc = fm->fc; 241 struct fuse_retrieve_args *ra; 242 size_t args_size = sizeof(*ra); 243 struct fuse_args_pages *ap; 244 struct fuse_args *args; 245 loff_t pos = outarg->offset; 246 247 offset = offset_in_page(pos); 248 file_size = i_size_read(inode); 249 250 num = min(outarg->size, fc->max_write); 251 if (pos > file_size) 252 num = 0; 253 else if (num > file_size - pos) 254 num = file_size - pos; 255 256 num_pages = DIV_ROUND_UP(num + offset, PAGE_SIZE); 257 num_pages = min(num_pages, fc->max_pages); 258 num = min(num, num_pages << PAGE_SHIFT); 259 260 args_size += num_pages * (sizeof(ap->folios[0]) + sizeof(ap->descs[0])); 261 262 ra = kzalloc(args_size, GFP_KERNEL); 263 if (!ra) 264 return -ENOMEM; 265 266 ap = &ra->ap; 267 ap->folios = (void *) (ra + 1); 268 ap->descs = (void *) (ap->folios + num_pages); 269 270 args = &ap->args; 271 args->nodeid = outarg->nodeid; 272 args->opcode = FUSE_NOTIFY_REPLY; 273 args->in_numargs = 3; 274 args->in_pages = true; 275 args->end = fuse_retrieve_end; 276 277 while (num && ap->num_folios < num_pages) { 278 struct folio *folio; 279 unsigned int folio_offset; 280 unsigned int nr_bytes; 281 pgoff_t index = pos >> PAGE_SHIFT; 282 283 folio = filemap_get_folio(mapping, index); 284 if (IS_ERR(folio)) 285 break; 286 if (!folio_test_uptodate(folio)) { 287 folio_put(folio); 288 break; 289 } 290 291 folio_offset = offset_in_folio(folio, pos); 292 nr_bytes = min(folio_size(folio) - folio_offset, num); 293 294 ap->folios[ap->num_folios] = folio; 295 ap->descs[ap->num_folios].offset = folio_offset; 296 ap->descs[ap->num_folios].length = nr_bytes; 297 ap->num_folios++; 298 299 pos += nr_bytes; 300 num -= nr_bytes; 301 total_len += nr_bytes; 302 } 303 ra->inarg.offset = outarg->offset; 304 ra->inarg.size = total_len; 305 fuse_set_zero_arg0(args); 306 args->in_args[1].size = sizeof(ra->inarg); 307 args->in_args[1].value = &ra->inarg; 308 args->in_args[2].size = total_len; 309 310 err = fuse_simple_notify_reply(fm, args, outarg->notify_unique); 311 if (err) 312 fuse_retrieve_end(args, err); 313 314 return err; 315 } 316 317 static int fuse_notify_retrieve(struct fuse_conn *fc, unsigned int size, 318 struct fuse_copy_state *cs) 319 { 320 struct fuse_notify_retrieve_out outarg; 321 struct fuse_mount *fm; 322 struct inode *inode; 323 u64 nodeid; 324 int err; 325 326 if (size != sizeof(outarg)) 327 return -EINVAL; 328 329 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 330 if (err) 331 return err; 332 333 fuse_copy_finish(cs); 334 335 if (outarg.offset >= MAX_LFS_FILESIZE) 336 return -EINVAL; 337 338 down_read(&fc->killsb); 339 err = -ENOENT; 340 nodeid = outarg.nodeid; 341 342 inode = fuse_ilookup(fc, nodeid, &fm); 343 if (inode) { 344 err = -EINVAL; 345 if (S_ISREG(inode->i_mode)) 346 err = fuse_retrieve(fm, inode, &outarg); 347 iput(inode); 348 } 349 up_read(&fc->killsb); 350 351 return err; 352 } 353 354 static int fuse_notify_resend(struct fuse_conn *fc) 355 { 356 fuse_chan_resend(fc->chan); 357 return 0; 358 } 359 360 /* 361 * Increments the fuse connection epoch. This will cause dentries and 362 * readdir caches from previous epochs to be invalidated. Additionally, 363 * if inval_wq is set, a work queue is scheduled to trigger the invalidation. 364 */ 365 static int fuse_notify_inc_epoch(struct fuse_conn *fc) 366 { 367 atomic_inc(&fc->epoch); 368 if (inval_wq) 369 schedule_work(&fc->epoch_work); 370 371 return 0; 372 } 373 374 static int fuse_notify_prune(struct fuse_conn *fc, unsigned int size, 375 struct fuse_copy_state *cs) 376 { 377 struct fuse_notify_prune_out outarg; 378 const unsigned int batch = 512; 379 u64 *nodeids __free(kfree) = kmalloc(sizeof(u64) * batch, GFP_KERNEL); 380 unsigned int num, i; 381 int err; 382 383 if (!nodeids) 384 return -ENOMEM; 385 386 if (size < sizeof(outarg)) 387 return -EINVAL; 388 389 err = fuse_copy_one(cs, &outarg, sizeof(outarg)); 390 if (err) 391 return err; 392 393 if (size - sizeof(outarg) != array_size(outarg.count, sizeof(u64))) 394 return -EINVAL; 395 396 for (; outarg.count; outarg.count -= num) { 397 num = min(batch, outarg.count); 398 err = fuse_copy_one(cs, nodeids, num * sizeof(u64)); 399 if (err) 400 return err; 401 402 scoped_guard(rwsem_read, &fc->killsb) { 403 for (i = 0; i < num; i++) 404 fuse_try_prune_one_inode(fc, nodeids[i]); 405 } 406 } 407 return 0; 408 } 409 410 int fuse_notify(struct fuse_conn *fc, enum fuse_notify_code code, 411 unsigned int size, struct fuse_copy_state *cs) 412 { 413 switch (code) { 414 case FUSE_NOTIFY_POLL: 415 return fuse_notify_poll(fc, size, cs); 416 417 case FUSE_NOTIFY_INVAL_INODE: 418 return fuse_notify_inval_inode(fc, size, cs); 419 420 case FUSE_NOTIFY_INVAL_ENTRY: 421 return fuse_notify_inval_entry(fc, size, cs); 422 423 case FUSE_NOTIFY_STORE: 424 return fuse_notify_store(fc, size, cs); 425 426 case FUSE_NOTIFY_RETRIEVE: 427 return fuse_notify_retrieve(fc, size, cs); 428 429 case FUSE_NOTIFY_DELETE: 430 return fuse_notify_delete(fc, size, cs); 431 432 case FUSE_NOTIFY_RESEND: 433 return fuse_notify_resend(fc); 434 435 case FUSE_NOTIFY_INC_EPOCH: 436 return fuse_notify_inc_epoch(fc); 437 438 case FUSE_NOTIFY_PRUNE: 439 return fuse_notify_prune(fc, size, cs); 440 441 default: 442 return -EINVAL; 443 } 444 } 445