1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Directory notifications for Linux. 4 * 5 * Copyright (C) 2000,2001,2002 Stephen Rothwell 6 * 7 * Copyright (C) 2009 Eric Paris <Red Hat Inc> 8 * dnotify was largly rewritten to use the new fsnotify infrastructure 9 */ 10 #include <linux/fs.h> 11 #include <linux/module.h> 12 #include <linux/sched.h> 13 #include <linux/sched/signal.h> 14 #include <linux/dnotify.h> 15 #include <linux/init.h> 16 #include <linux/security.h> 17 #include <linux/spinlock.h> 18 #include <linux/slab.h> 19 #include <linux/fdtable.h> 20 #include <linux/fsnotify_backend.h> 21 22 static int dir_notify_enable __read_mostly = 1; 23 #ifdef CONFIG_SYSCTL 24 static struct ctl_table dnotify_sysctls[] = { 25 { 26 .procname = "dir-notify-enable", 27 .data = &dir_notify_enable, 28 .maxlen = sizeof(int), 29 .mode = 0644, 30 .proc_handler = proc_dointvec, 31 }, 32 }; 33 static void __init dnotify_sysctl_init(void) 34 { 35 register_sysctl_init("fs", dnotify_sysctls); 36 } 37 #else 38 #define dnotify_sysctl_init() do { } while (0) 39 #endif 40 41 static struct kmem_cache *dnotify_struct_cache __ro_after_init; 42 static struct kmem_cache *dnotify_mark_cache __ro_after_init; 43 static struct fsnotify_group *dnotify_group __ro_after_init; 44 45 /* 46 * dnotify will attach one of these to each inode (i_fsnotify_marks) which 47 * is being watched by dnotify. If multiple userspace applications are watching 48 * the same directory with dnotify their information is chained in dn 49 */ 50 struct dnotify_mark { 51 struct fsnotify_mark fsn_mark; 52 struct dnotify_struct *dn; 53 }; 54 55 /* 56 * When a process starts or stops watching an inode the set of events which 57 * dnotify cares about for that inode may change. This function runs the 58 * list of everything receiving dnotify events about this directory and calculates 59 * the set of all those events. After it updates what dnotify is interested in 60 * it calls the fsnotify function so it can update the set of all events relevant 61 * to this inode. 62 */ 63 static void dnotify_recalc_inode_mask(struct fsnotify_mark *fsn_mark) 64 { 65 __u32 new_mask = 0; 66 struct dnotify_struct *dn; 67 struct dnotify_mark *dn_mark = container_of(fsn_mark, 68 struct dnotify_mark, 69 fsn_mark); 70 71 assert_spin_locked(&fsn_mark->lock); 72 73 for (dn = dn_mark->dn; dn != NULL; dn = dn->dn_next) 74 new_mask |= (dn->dn_mask & ~FS_DN_MULTISHOT); 75 if (fsn_mark->mask == new_mask) 76 return; 77 fsn_mark->mask = new_mask; 78 79 fsnotify_recalc_mask(fsn_mark->connector); 80 } 81 82 /* 83 * Mains fsnotify call where events are delivered to dnotify. 84 * Find the dnotify mark on the relevant inode, run the list of dnotify structs 85 * on that mark and determine which of them has expressed interest in receiving 86 * events of this type. When found send the correct process and signal and 87 * destroy the dnotify struct if it was not registered to receive multiple 88 * events. 89 */ 90 static int dnotify_handle_event(struct fsnotify_mark *inode_mark, u32 mask, 91 struct inode *inode, struct inode *dir, 92 const struct qstr *name, u32 cookie) 93 { 94 struct dnotify_mark *dn_mark; 95 struct dnotify_struct *dn; 96 struct dnotify_struct **prev; 97 struct fown_struct *fown; 98 __u32 test_mask = mask & ~FS_EVENT_ON_CHILD; 99 100 /* not a dir, dnotify doesn't care */ 101 if (!dir && !(mask & FS_ISDIR)) 102 return 0; 103 104 dn_mark = container_of(inode_mark, struct dnotify_mark, fsn_mark); 105 106 spin_lock(&inode_mark->lock); 107 prev = &dn_mark->dn; 108 while ((dn = *prev) != NULL) { 109 if ((dn->dn_mask & test_mask) == 0) { 110 prev = &dn->dn_next; 111 continue; 112 } 113 fown = &dn->dn_filp->f_owner; 114 send_sigio(fown, dn->dn_fd, POLL_MSG); 115 if (dn->dn_mask & FS_DN_MULTISHOT) 116 prev = &dn->dn_next; 117 else { 118 *prev = dn->dn_next; 119 kmem_cache_free(dnotify_struct_cache, dn); 120 dnotify_recalc_inode_mask(inode_mark); 121 } 122 } 123 124 spin_unlock(&inode_mark->lock); 125 126 return 0; 127 } 128 129 static void dnotify_free_mark(struct fsnotify_mark *fsn_mark) 130 { 131 struct dnotify_mark *dn_mark = container_of(fsn_mark, 132 struct dnotify_mark, 133 fsn_mark); 134 135 BUG_ON(dn_mark->dn); 136 137 kmem_cache_free(dnotify_mark_cache, dn_mark); 138 } 139 140 static const struct fsnotify_ops dnotify_fsnotify_ops = { 141 .handle_inode_event = dnotify_handle_event, 142 .free_mark = dnotify_free_mark, 143 }; 144 145 /* 146 * Called every time a file is closed. Looks first for a dnotify mark on the 147 * inode. If one is found run all of the ->dn structures attached to that 148 * mark for one relevant to this process closing the file and remove that 149 * dnotify_struct. If that was the last dnotify_struct also remove the 150 * fsnotify_mark. 151 */ 152 void dnotify_flush(struct file *filp, fl_owner_t id) 153 { 154 struct fsnotify_mark *fsn_mark; 155 struct dnotify_mark *dn_mark; 156 struct dnotify_struct *dn; 157 struct dnotify_struct **prev; 158 struct inode *inode; 159 bool free = false; 160 161 inode = file_inode(filp); 162 if (!S_ISDIR(inode->i_mode)) 163 return; 164 165 fsn_mark = fsnotify_find_mark(&inode->i_fsnotify_marks, dnotify_group); 166 if (!fsn_mark) 167 return; 168 dn_mark = container_of(fsn_mark, struct dnotify_mark, fsn_mark); 169 170 fsnotify_group_lock(dnotify_group); 171 172 spin_lock(&fsn_mark->lock); 173 prev = &dn_mark->dn; 174 while ((dn = *prev) != NULL) { 175 if ((dn->dn_owner == id) && (dn->dn_filp == filp)) { 176 *prev = dn->dn_next; 177 kmem_cache_free(dnotify_struct_cache, dn); 178 dnotify_recalc_inode_mask(fsn_mark); 179 break; 180 } 181 prev = &dn->dn_next; 182 } 183 184 spin_unlock(&fsn_mark->lock); 185 186 /* nothing else could have found us thanks to the dnotify_groups 187 mark_mutex */ 188 if (dn_mark->dn == NULL) { 189 fsnotify_detach_mark(fsn_mark); 190 free = true; 191 } 192 193 fsnotify_group_unlock(dnotify_group); 194 195 if (free) 196 fsnotify_free_mark(fsn_mark); 197 fsnotify_put_mark(fsn_mark); 198 } 199 200 /* this conversion is done only at watch creation */ 201 static __u32 convert_arg(unsigned int arg) 202 { 203 __u32 new_mask = FS_EVENT_ON_CHILD; 204 205 if (arg & DN_MULTISHOT) 206 new_mask |= FS_DN_MULTISHOT; 207 if (arg & DN_DELETE) 208 new_mask |= (FS_DELETE | FS_MOVED_FROM); 209 if (arg & DN_MODIFY) 210 new_mask |= FS_MODIFY; 211 if (arg & DN_ACCESS) 212 new_mask |= FS_ACCESS; 213 if (arg & DN_ATTRIB) 214 new_mask |= FS_ATTRIB; 215 if (arg & DN_RENAME) 216 new_mask |= FS_RENAME; 217 if (arg & DN_CREATE) 218 new_mask |= (FS_CREATE | FS_MOVED_TO); 219 220 return new_mask; 221 } 222 223 /* 224 * If multiple processes watch the same inode with dnotify there is only one 225 * dnotify mark in inode->i_fsnotify_marks but we chain a dnotify_struct 226 * onto that mark. This function either attaches the new dnotify_struct onto 227 * that list, or it |= the mask onto an existing dnofiy_struct. 228 */ 229 static int attach_dn(struct dnotify_struct *dn, struct dnotify_mark *dn_mark, 230 fl_owner_t id, int fd, struct file *filp, __u32 mask) 231 { 232 struct dnotify_struct *odn; 233 234 odn = dn_mark->dn; 235 while (odn != NULL) { 236 /* adding more events to existing dnofiy_struct? */ 237 if ((odn->dn_owner == id) && (odn->dn_filp == filp)) { 238 odn->dn_fd = fd; 239 odn->dn_mask |= mask; 240 return -EEXIST; 241 } 242 odn = odn->dn_next; 243 } 244 245 dn->dn_mask = mask; 246 dn->dn_fd = fd; 247 dn->dn_filp = filp; 248 dn->dn_owner = id; 249 dn->dn_next = dn_mark->dn; 250 dn_mark->dn = dn; 251 252 return 0; 253 } 254 255 /* 256 * When a process calls fcntl to attach a dnotify watch to a directory it ends 257 * up here. Allocate both a mark for fsnotify to add and a dnotify_struct to be 258 * attached to the fsnotify_mark. 259 */ 260 int fcntl_dirnotify(int fd, struct file *filp, unsigned int arg) 261 { 262 struct dnotify_mark *new_dn_mark, *dn_mark; 263 struct fsnotify_mark *new_fsn_mark, *fsn_mark; 264 struct dnotify_struct *dn; 265 struct inode *inode; 266 fl_owner_t id = current->files; 267 struct file *f = NULL; 268 int destroy = 0, error = 0; 269 __u32 mask; 270 271 /* we use these to tell if we need to kfree */ 272 new_fsn_mark = NULL; 273 dn = NULL; 274 275 if (!dir_notify_enable) { 276 error = -EINVAL; 277 goto out_err; 278 } 279 280 /* a 0 mask means we are explicitly removing the watch */ 281 if ((arg & ~DN_MULTISHOT) == 0) { 282 dnotify_flush(filp, id); 283 error = 0; 284 goto out_err; 285 } 286 287 /* dnotify only works on directories */ 288 inode = file_inode(filp); 289 if (!S_ISDIR(inode->i_mode)) { 290 error = -ENOTDIR; 291 goto out_err; 292 } 293 294 /* 295 * convert the userspace DN_* "arg" to the internal FS_* 296 * defined in fsnotify 297 */ 298 mask = convert_arg(arg); 299 300 error = security_path_notify(&filp->f_path, mask, 301 FSNOTIFY_OBJ_TYPE_INODE); 302 if (error) 303 goto out_err; 304 305 /* expect most fcntl to add new rather than augment old */ 306 dn = kmem_cache_alloc(dnotify_struct_cache, GFP_KERNEL); 307 if (!dn) { 308 error = -ENOMEM; 309 goto out_err; 310 } 311 312 /* new fsnotify mark, we expect most fcntl calls to add a new mark */ 313 new_dn_mark = kmem_cache_alloc(dnotify_mark_cache, GFP_KERNEL); 314 if (!new_dn_mark) { 315 error = -ENOMEM; 316 goto out_err; 317 } 318 319 /* set up the new_fsn_mark and new_dn_mark */ 320 new_fsn_mark = &new_dn_mark->fsn_mark; 321 fsnotify_init_mark(new_fsn_mark, dnotify_group); 322 new_fsn_mark->mask = mask; 323 new_dn_mark->dn = NULL; 324 325 /* this is needed to prevent the fcntl/close race described below */ 326 fsnotify_group_lock(dnotify_group); 327 328 /* add the new_fsn_mark or find an old one. */ 329 fsn_mark = fsnotify_find_mark(&inode->i_fsnotify_marks, dnotify_group); 330 if (fsn_mark) { 331 dn_mark = container_of(fsn_mark, struct dnotify_mark, fsn_mark); 332 spin_lock(&fsn_mark->lock); 333 } else { 334 error = fsnotify_add_inode_mark_locked(new_fsn_mark, inode, 0); 335 if (error) { 336 fsnotify_group_unlock(dnotify_group); 337 goto out_err; 338 } 339 spin_lock(&new_fsn_mark->lock); 340 fsn_mark = new_fsn_mark; 341 dn_mark = new_dn_mark; 342 /* we used new_fsn_mark, so don't free it */ 343 new_fsn_mark = NULL; 344 } 345 346 rcu_read_lock(); 347 f = lookup_fdget_rcu(fd); 348 rcu_read_unlock(); 349 350 /* if (f != filp) means that we lost a race and another task/thread 351 * actually closed the fd we are still playing with before we grabbed 352 * the dnotify_groups mark_mutex and fsn_mark->lock. Since closing the 353 * fd is the only time we clean up the marks we need to get our mark 354 * off the list. */ 355 if (f != filp) { 356 /* if we added ourselves, shoot ourselves, it's possible that 357 * the flush actually did shoot this fsn_mark. That's fine too 358 * since multiple calls to destroy_mark is perfectly safe, if 359 * we found a dn_mark already attached to the inode, just sod 360 * off silently as the flush at close time dealt with it. 361 */ 362 if (dn_mark == new_dn_mark) 363 destroy = 1; 364 error = 0; 365 goto out; 366 } 367 368 __f_setown(filp, task_pid(current), PIDTYPE_TGID, 0); 369 370 error = attach_dn(dn, dn_mark, id, fd, filp, mask); 371 /* !error means that we attached the dn to the dn_mark, so don't free it */ 372 if (!error) 373 dn = NULL; 374 /* -EEXIST means that we didn't add this new dn and used an old one. 375 * that isn't an error (and the unused dn should be freed) */ 376 else if (error == -EEXIST) 377 error = 0; 378 379 dnotify_recalc_inode_mask(fsn_mark); 380 out: 381 spin_unlock(&fsn_mark->lock); 382 383 if (destroy) 384 fsnotify_detach_mark(fsn_mark); 385 fsnotify_group_unlock(dnotify_group); 386 if (destroy) 387 fsnotify_free_mark(fsn_mark); 388 fsnotify_put_mark(fsn_mark); 389 out_err: 390 if (new_fsn_mark) 391 fsnotify_put_mark(new_fsn_mark); 392 if (dn) 393 kmem_cache_free(dnotify_struct_cache, dn); 394 if (f) 395 fput(f); 396 return error; 397 } 398 399 static int __init dnotify_init(void) 400 { 401 dnotify_struct_cache = KMEM_CACHE(dnotify_struct, 402 SLAB_PANIC|SLAB_ACCOUNT); 403 dnotify_mark_cache = KMEM_CACHE(dnotify_mark, SLAB_PANIC|SLAB_ACCOUNT); 404 405 dnotify_group = fsnotify_alloc_group(&dnotify_fsnotify_ops, 406 FSNOTIFY_GROUP_NOFS); 407 if (IS_ERR(dnotify_group)) 408 panic("unable to allocate fsnotify group for dnotify\n"); 409 dnotify_sysctl_init(); 410 return 0; 411 } 412 413 module_init(dnotify_init) 414