[thirdparty/kernel/linux.git] / fs / anon_inodes.c

// SPDX-License-Identifier: GPL-2.0-only
/*
 *  fs/anon_inodes.c
 *
 *  Copyright (C) 2007  Davide Libenzi <davidel@xmailserver.org>
 *
 *  Thanks to Arnd Bergmann for code review and suggestions.
 *  More changes for Thomas Gleixner suggestions.
 *
 */

#include <linux/cred.h>
#include <linux/file.h>
#include <linux/poll.h>
#include <linux/sched.h>
#include <linux/init.h>
#include <linux/fs.h>
#include <linux/mount.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/magic.h>
#include <linux/anon_inodes.h>
#include <linux/pseudo_fs.h>

#include <linux/uaccess.h>

static struct vfsmount *anon_inode_mnt __ro_after_init;
static struct inode *anon_inode_inode __ro_after_init;

/*
 * anon_inodefs_dname() is called from d_path().
 */
static char *anon_inodefs_dname(struct dentry *dentry, char *buffer, int buflen)
{
	return dynamic_dname(buffer, buflen, "anon_inode:%s",
				dentry->d_name.name);
}

static const struct dentry_operations anon_inodefs_dentry_operations = {
	.d_dname	= anon_inodefs_dname,
};

static int anon_inodefs_init_fs_context(struct fs_context *fc)
{
	struct pseudo_fs_context *ctx = init_pseudo(fc, ANON_INODE_FS_MAGIC);
	if (!ctx)
		return -ENOMEM;
	ctx->dops = &anon_inodefs_dentry_operations;
	return 0;
}

static struct file_system_type anon_inode_fs_type = {
	.name		= "anon_inodefs",
	.init_fs_context = anon_inodefs_init_fs_context,
	.kill_sb	= kill_anon_super,
};

static struct inode *anon_inode_make_secure_inode(
	const char *name,
	const struct inode *context_inode)
{
	struct inode *inode;
	const struct qstr qname = QSTR_INIT(name, strlen(name));
	int error;

	inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);
	if (IS_ERR(inode))
		return inode;
	inode->i_flags &= ~S_PRIVATE;
	error =	security_inode_init_security_anon(inode, &qname, context_inode);
	if (error) {
		iput(inode);
		return ERR_PTR(error);
	}
	return inode;
}

static struct file *__anon_inode_getfile(const char *name,
					 const struct file_operations *fops,
					 void *priv, int flags,
					 const struct inode *context_inode,
					 bool make_inode)
{
	struct inode *inode;
	struct file *file;

	if (fops->owner && !try_module_get(fops->owner))
		return ERR_PTR(-ENOENT);

	if (make_inode) {
		inode =	anon_inode_make_secure_inode(name, context_inode);
		if (IS_ERR(inode)) {
			file = ERR_CAST(inode);
			goto err;
		}
	} else {
		inode =	anon_inode_inode;
		if (IS_ERR(inode)) {
			file = ERR_PTR(-ENODEV);
			goto err;
		}
		/*
		 * We know the anon_inode inode count is always
		 * greater than zero, so ihold() is safe.
		 */
		ihold(inode);
	}

	file = alloc_file_pseudo(inode, anon_inode_mnt, name,
				 flags & (O_ACCMODE | O_NONBLOCK), fops);
	if (IS_ERR(file))
		goto err_iput;

	file->f_mapping = inode->i_mapping;

	file->private_data = priv;

	return file;

err_iput:
	iput(inode);
err:
	module_put(fops->owner);
	return file;
}

/**
 * anon_inode_getfile - creates a new file instance by hooking it up to an
 *                      anonymous inode, and a dentry that describe the "class"
 *                      of the file
 *
 * @name:    [in]    name of the "class" of the new file
 * @fops:    [in]    file operations for the new file
 * @priv:    [in]    private data for the new file (will be file's private_data)
 * @flags:   [in]    flags
 *
 * Creates a new file by hooking it on a single inode. This is useful for files
 * that do not need to have a full-fledged inode in order to operate correctly.
 * All the files created with anon_inode_getfile() will share a single inode,
 * hence saving memory and avoiding code duplication for the file/inode/dentry
 * setup.  Returns the newly created file* or an error pointer.
 */
struct file *anon_inode_getfile(const char *name,
				const struct file_operations *fops,
				void *priv, int flags)
{
	return __anon_inode_getfile(name, fops, priv, flags, NULL, false);
}
EXPORT_SYMBOL_GPL(anon_inode_getfile);

/**
 * anon_inode_create_getfile - Like anon_inode_getfile(), but creates a new
 *                             !S_PRIVATE anon inode rather than reuse the
 *                             singleton anon inode and calls the
 *                             inode_init_security_anon() LSM hook.
 *
 * @name:    [in]    name of the "class" of the new file
 * @fops:    [in]    file operations for the new file
 * @priv:    [in]    private data for the new file (will be file's private_data)
 * @flags:   [in]    flags
 * @context_inode:
 *           [in]    the logical relationship with the new inode (optional)
 *
 * Create a new anonymous inode and file pair.  This can be done for two
 * reasons:
 *
 * - for the inode to have its own security context, so that LSMs can enforce
 *   policy on the inode's creation;
 *
 * - if the caller needs a unique inode, for example in order to customize
 *   the size returned by fstat()
 *
 * The LSM may use @context_inode in inode_init_security_anon(), but a
 * reference to it is not held.
 *
 * Returns the newly created file* or an error pointer.
 */
struct file *anon_inode_create_getfile(const char *name,
				       const struct file_operations *fops,
				       void *priv, int flags,
				       const struct inode *context_inode)
{
	return __anon_inode_getfile(name, fops, priv, flags,
				    context_inode, true);
}
EXPORT_SYMBOL_GPL(anon_inode_create_getfile);

static int __anon_inode_getfd(const char *name,
			      const struct file_operations *fops,
			      void *priv, int flags,
			      const struct inode *context_inode,
			      bool make_inode)
{
	int error, fd;
	struct file *file;

	error = get_unused_fd_flags(flags);
	if (error < 0)
		return error;
	fd = error;

	file = __anon_inode_getfile(name, fops, priv, flags, context_inode,
				    make_inode);
	if (IS_ERR(file)) {
		error = PTR_ERR(file);
		goto err_put_unused_fd;
	}
	fd_install(fd, file);

	return fd;

err_put_unused_fd:
	put_unused_fd(fd);
	return error;
}

/**
 * anon_inode_getfd - creates a new file instance by hooking it up to
 *                    an anonymous inode and a dentry that describe
 *                    the "class" of the file
 *
 * @name:    [in]    name of the "class" of the new file
 * @fops:    [in]    file operations for the new file
 * @priv:    [in]    private data for the new file (will be file's private_data)
 * @flags:   [in]    flags
 *
 * Creates a new file by hooking it on a single inode. This is
 * useful for files that do not need to have a full-fledged inode in
 * order to operate correctly.  All the files created with
 * anon_inode_getfd() will use the same singleton inode, reducing
 * memory use and avoiding code duplication for the file/inode/dentry
 * setup.  Returns a newly created file descriptor or an error code.
 */
int anon_inode_getfd(const char *name, const struct file_operations *fops,
		     void *priv, int flags)
{
	return __anon_inode_getfd(name, fops, priv, flags, NULL, false);
}
EXPORT_SYMBOL_GPL(anon_inode_getfd);

/**
 * anon_inode_create_getfd - Like anon_inode_getfd(), but creates a new
 * !S_PRIVATE anon inode rather than reuse the singleton anon inode, and calls
 * the inode_init_security_anon() LSM hook.
 *
 * @name:    [in]    name of the "class" of the new file
 * @fops:    [in]    file operations for the new file
 * @priv:    [in]    private data for the new file (will be file's private_data)
 * @flags:   [in]    flags
 * @context_inode:
 *           [in]    the logical relationship with the new inode (optional)
 *
 * Create a new anonymous inode and file pair.  This can be done for two
 * reasons:
 *
 * - for the inode to have its own security context, so that LSMs can enforce
 *   policy on the inode's creation;
 *
 * - if the caller needs a unique inode, for example in order to customize
 *   the size returned by fstat()
 *
 * The LSM may use @context_inode in inode_init_security_anon(), but a
 * reference to it is not held.
 *
 * Returns a newly created file descriptor or an error code.
 */
int anon_inode_create_getfd(const char *name, const struct file_operations *fops,
			    void *priv, int flags,
			    const struct inode *context_inode)
{
	return __anon_inode_getfd(name, fops, priv, flags, context_inode, true);
}

static int __init anon_inode_init(void)
{
	anon_inode_mnt = kern_mount(&anon_inode_fs_type);
	if (IS_ERR(anon_inode_mnt))
		panic("anon_inode_init() kernel mount failed (%ld)\n", PTR_ERR(anon_inode_mnt));

	anon_inode_inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);
	if (IS_ERR(anon_inode_inode))
		panic("anon_inode_init() inode allocation failed (%ld)\n", PTR_ERR(anon_inode_inode));

	return 0;
}

fs_initcall(anon_inode_init);
Commit	Line	Data
457c8996	1	// SPDX-License-Identifier: GPL-2.0-only
5dc8bf81 DL	2	/*
	3	* fs/anon_inodes.c
	4	*
	5	* Copyright (C) 2007 Davide Libenzi <davidel@xmailserver.org>
	6	*
	7	* Thanks to Arnd Bergmann for code review and suggestions.
	8	* More changes for Thomas Gleixner suggestions.
	9	*
	10	*/
	11
a99bbaf5	12	#include <linux/cred.h>
5dc8bf81 DL	13	#include <linux/file.h>
5dc8bf81 DL	14	#include <linux/poll.h>
a99bbaf5	15	#include <linux/sched.h>
5dc8bf81 DL	16	#include <linux/init.h>
	17	#include <linux/fs.h>
	18	#include <linux/mount.h>
	19	#include <linux/module.h>
	20	#include <linux/kernel.h>
	21	#include <linux/magic.h>
	22	#include <linux/anon_inodes.h>
33cada40	23	#include <linux/pseudo_fs.h>
5dc8bf81	24
7c0f6ba6	25	#include <linux/uaccess.h>
5dc8bf81	26
68279f9c AD	27	static struct vfsmount *anon_inode_mnt __ro_after_init;
68279f9c AD	28	static struct inode *anon_inode_inode __ro_after_init;
5dc8bf81	29
b9aff027 NP	30	/*
	31	* anon_inodefs_dname() is called from d_path().
	32	*/
	33	static char anon_inodefs_dname(struct dentry dentry, char *buffer, int buflen)
	34	{
0f60d288	35	return dynamic_dname(buffer, buflen, "anon_inode:%s",
b9aff027 NP	36	dentry->d_name.name);
	37	}
	38
c74a1cbb AV	39	static const struct dentry_operations anon_inodefs_dentry_operations = {
	40	.d_dname = anon_inodefs_dname,
	41	};
	42
33cada40	43	static int anon_inodefs_init_fs_context(struct fs_context *fc)
ca7068c4	44	{
33cada40 DH	45	struct pseudo_fs_context *ctx = init_pseudo(fc, ANON_INODE_FS_MAGIC);
	46	if (!ctx)
	47	return -ENOMEM;
	48	ctx->dops = &anon_inodefs_dentry_operations;
	49	return 0;
ca7068c4 AV	50	}
	51
	52	static struct file_system_type anon_inode_fs_type = {
	53	.name = "anon_inodefs",
33cada40	54	.init_fs_context = anon_inodefs_init_fs_context,
ca7068c4 AV	55	.kill_sb = kill_anon_super,
	56	};
	57
e7e832ce DC	58	static struct inode *anon_inode_make_secure_inode(
	59	const char *name,
	60	const struct inode *context_inode)
5dc8bf81	61	{
e7e832ce DC	62	struct inode *inode;
	63	const struct qstr qname = QSTR_INIT(name, strlen(name));
	64	int error;
	65
	66	inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);
	67	if (IS_ERR(inode))
	68	return inode;
	69	inode->i_flags &= ~S_PRIVATE;
	70	error = security_inode_init_security_anon(inode, &qname, context_inode);
	71	if (error) {
	72	iput(inode);
	73	return ERR_PTR(error);
	74	}
	75	return inode;
	76	}
5dc8bf81	77
e7e832ce DC	78	static struct file __anon_inode_getfile(const char name,
	79	const struct file_operations *fops,
	80	void *priv, int flags,
	81	const struct inode *context_inode,
4f0b9194	82	bool make_inode)
e7e832ce DC	83	{
	84	struct inode *inode;
	85	struct file *file;
5dc8bf81	86
e3a2a0d4	87	if (fops->owner && !try_module_get(fops->owner))
562787a5	88	return ERR_PTR(-ENOENT);
5dc8bf81	89
4f0b9194	90	if (make_inode) {
e7e832ce DC	91	inode = anon_inode_make_secure_inode(name, context_inode);
	92	if (IS_ERR(inode)) {
	93	file = ERR_CAST(inode);
	94	goto err;
	95	}
	96	} else {
	97	inode = anon_inode_inode;
	98	if (IS_ERR(inode)) {
	99	file = ERR_PTR(-ENODEV);
	100	goto err;
	101	}
	102	/*
	103	* We know the anon_inode inode count is always
	104	* greater than zero, so ihold() is safe.
	105	*/
	106	ihold(inode);
	107	}
	108
	109	file = alloc_file_pseudo(inode, anon_inode_mnt, name,
52c91f8b	110	flags & (O_ACCMODE \| O_NONBLOCK), fops);
39b65252	111	if (IS_ERR(file))
e7e832ce	112	goto err_iput;
52c91f8b	113
e7e832ce	114	file->f_mapping = inode->i_mapping;
5dc8bf81	115
5dc8bf81 DL	116	file->private_data = priv;
5dc8bf81 DL	117
562787a5 DL	118	return file;
562787a5 DL	119
e7e832ce DC	120	err_iput:
e7e832ce DC	121	iput(inode);
52c91f8b	122	err:
562787a5	123	module_put(fops->owner);
39b65252	124	return file;
562787a5	125	}
562787a5 DL	126
562787a5 DL	127	/**
e7e832ce DC	128	* anon_inode_getfile - creates a new file instance by hooking it up to an
	129	* anonymous inode, and a dentry that describe the "class"
	130	* of the file
562787a5 DL	131	*
	132	* @name: [in] name of the "class" of the new file
	133	* @fops: [in] file operations for the new file
	134	* @priv: [in] private data for the new file (will be file's private_data)
	135	* @flags: [in] flags
	136	*
	137	* Creates a new file by hooking it on a single inode. This is useful for files
	138	* that do not need to have a full-fledged inode in order to operate correctly.
e7e832ce	139	* All the files created with anon_inode_getfile() will share a single inode,
562787a5	140	* hence saving memory and avoiding code duplication for the file/inode/dentry
e7e832ce	141	* setup. Returns the newly created file* or an error pointer.
562787a5	142	*/
e7e832ce DC	143	struct file anon_inode_getfile(const char name,
	144	const struct file_operations *fops,
	145	void *priv, int flags)
	146	{
	147	return __anon_inode_getfile(name, fops, priv, flags, NULL, false);
	148	}
	149	EXPORT_SYMBOL_GPL(anon_inode_getfile);
	150
3a862cac	151	/**
4f0b9194	152	* anon_inode_create_getfile - Like anon_inode_getfile(), but creates a new
3a862cac PM	153	* !S_PRIVATE anon inode rather than reuse the
3a862cac PM	154	* singleton anon inode and calls the
4f0b9194	155	* inode_init_security_anon() LSM hook.
3a862cac PM	156	*
	157	* @name: [in] name of the "class" of the new file
	158	* @fops: [in] file operations for the new file
	159	* @priv: [in] private data for the new file (will be file's private_data)
	160	* @flags: [in] flags
	161	* @context_inode:
	162	* [in] the logical relationship with the new inode (optional)
	163	*
4f0b9194 PB	164	* Create a new anonymous inode and file pair. This can be done for two
	165	* reasons:
	166	*
	167	* - for the inode to have its own security context, so that LSMs can enforce
	168	* policy on the inode's creation;
	169	*
	170	* - if the caller needs a unique inode, for example in order to customize
	171	* the size returned by fstat()
	172	*
3a862cac	173	* The LSM may use @context_inode in inode_init_security_anon(), but a
4f0b9194 PB	174	* reference to it is not held.
	175	*
	176	* Returns the newly created file* or an error pointer.
3a862cac	177	*/
4f0b9194	178	struct file anon_inode_create_getfile(const char name,
3a862cac PM	179	const struct file_operations *fops,
	180	void *priv, int flags,
	181	const struct inode *context_inode)
	182	{
	183	return __anon_inode_getfile(name, fops, priv, flags,
	184	context_inode, true);
	185	}
a7800aa8	186	EXPORT_SYMBOL_GPL(anon_inode_create_getfile);
3a862cac	187
e7e832ce DC	188	static int __anon_inode_getfd(const char *name,
	189	const struct file_operations *fops,
	190	void *priv, int flags,
	191	const struct inode *context_inode,
4f0b9194	192	bool make_inode)
562787a5 DL	193	{
	194	int error, fd;
	195	struct file *file;
	196
	197	error = get_unused_fd_flags(flags);
	198	if (error < 0)
	199	return error;
	200	fd = error;
	201
e7e832ce	202	file = __anon_inode_getfile(name, fops, priv, flags, context_inode,
4f0b9194	203	make_inode);
562787a5 DL	204	if (IS_ERR(file)) {
	205	error = PTR_ERR(file);
	206	goto err_put_unused_fd;
	207	}
5dc8bf81 DL	208	fd_install(fd, file);
5dc8bf81 DL	209
2030a42c	210	return fd;
5dc8bf81 DL	211
	212	err_put_unused_fd:
	213	put_unused_fd(fd);
5dc8bf81 DL	214	return error;
5dc8bf81 DL	215	}
e7e832ce DC	216
	217	/**
	218	* anon_inode_getfd - creates a new file instance by hooking it up to
	219	* an anonymous inode and a dentry that describe
	220	* the "class" of the file
	221	*
	222	* @name: [in] name of the "class" of the new file
	223	* @fops: [in] file operations for the new file
	224	* @priv: [in] private data for the new file (will be file's private_data)
	225	* @flags: [in] flags
	226	*
	227	* Creates a new file by hooking it on a single inode. This is
	228	* useful for files that do not need to have a full-fledged inode in
	229	* order to operate correctly. All the files created with
	230	* anon_inode_getfd() will use the same singleton inode, reducing
	231	* memory use and avoiding code duplication for the file/inode/dentry
	232	* setup. Returns a newly created file descriptor or an error code.
	233	*/
	234	int anon_inode_getfd(const char name, const struct file_operations fops,
	235	void *priv, int flags)
	236	{
	237	return __anon_inode_getfd(name, fops, priv, flags, NULL, false);
	238	}
d6d28168	239	EXPORT_SYMBOL_GPL(anon_inode_getfd);
5dc8bf81	240
e7e832ce	241	/**
4f0b9194	242	* anon_inode_create_getfd - Like anon_inode_getfd(), but creates a new
365982ab	243	* !S_PRIVATE anon inode rather than reuse the singleton anon inode, and calls
4f0b9194	244	* the inode_init_security_anon() LSM hook.
365982ab LB	245	*
	246	* @name: [in] name of the "class" of the new file
	247	* @fops: [in] file operations for the new file
	248	* @priv: [in] private data for the new file (will be file's private_data)
	249	* @flags: [in] flags
	250	* @context_inode:
	251	* [in] the logical relationship with the new inode (optional)
	252	*
4f0b9194 PB	253	* Create a new anonymous inode and file pair. This can be done for two
	254	* reasons:
	255	*
	256	* - for the inode to have its own security context, so that LSMs can enforce
	257	* policy on the inode's creation;
	258	*
	259	* - if the caller needs a unique inode, for example in order to customize
	260	* the size returned by fstat()
	261	*
365982ab LB	262	* The LSM may use @context_inode in inode_init_security_anon(), but a
365982ab LB	263	* reference to it is not held.
4f0b9194 PB	264	*
4f0b9194 PB	265	* Returns a newly created file descriptor or an error code.
e7e832ce	266	*/
4f0b9194	267	int anon_inode_create_getfd(const char name, const struct file_operations fops,
e7e832ce DC	268	void *priv, int flags,
	269	const struct inode *context_inode)
	270	{
	271	return __anon_inode_getfd(name, fops, priv, flags, context_inode, true);
	272	}
e7e832ce	273
5dc8bf81 DL	274	static int __init anon_inode_init(void)
5dc8bf81 DL	275	{
5dc8bf81	276	anon_inode_mnt = kern_mount(&anon_inode_fs_type);
75c5a52d JK	277	if (IS_ERR(anon_inode_mnt))
75c5a52d JK	278	panic("anon_inode_init() kernel mount failed (%ld)\n", PTR_ERR(anon_inode_mnt));
5dc8bf81	279
75c5a52d JK	280	anon_inode_inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);
	281	if (IS_ERR(anon_inode_inode))
	282	panic("anon_inode_init() inode allocation failed (%ld)\n", PTR_ERR(anon_inode_inode));
	283
	284	return 0;
5dc8bf81 DL	285	}
	286
	287	fs_initcall(anon_inode_init);
	288