2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/fs_context.h>
14 #include <linux/moduleparam.h>
15 #include <linux/sched.h>
16 #include <linux/namei.h>
17 #include <linux/slab.h>
18 #include <linux/xattr.h>
19 #include <linux/iversion.h>
20 #include <linux/posix_acl.h>
21 #include <linux/security.h>
22 #include <linux/types.h>
23 #include <linux/kernel.h>
25 static bool __read_mostly allow_sys_admin_access
;
26 module_param(allow_sys_admin_access
, bool, 0644);
27 MODULE_PARM_DESC(allow_sys_admin_access
,
28 "Allow users with CAP_SYS_ADMIN in initial userns to bypass allow_other access check");
30 static void fuse_advise_use_readdirplus(struct inode
*dir
)
32 struct fuse_inode
*fi
= get_fuse_inode(dir
);
34 set_bit(FUSE_I_ADVISE_RDPLUS
, &fi
->state
);
37 #if BITS_PER_LONG >= 64
38 static inline void __fuse_dentry_settime(struct dentry
*entry
, u64 time
)
40 entry
->d_fsdata
= (void *) time
;
43 static inline u64
fuse_dentry_time(const struct dentry
*entry
)
45 return (u64
)entry
->d_fsdata
;
54 static inline void __fuse_dentry_settime(struct dentry
*dentry
, u64 time
)
56 ((union fuse_dentry
*) dentry
->d_fsdata
)->time
= time
;
59 static inline u64
fuse_dentry_time(const struct dentry
*entry
)
61 return ((union fuse_dentry
*) entry
->d_fsdata
)->time
;
65 static void fuse_dentry_settime(struct dentry
*dentry
, u64 time
)
67 struct fuse_conn
*fc
= get_fuse_conn_super(dentry
->d_sb
);
68 bool delete = !time
&& fc
->delete_stale
;
70 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
71 * Don't care about races, either way it's just an optimization
73 if ((!delete && (dentry
->d_flags
& DCACHE_OP_DELETE
)) ||
74 (delete && !(dentry
->d_flags
& DCACHE_OP_DELETE
))) {
75 spin_lock(&dentry
->d_lock
);
77 dentry
->d_flags
&= ~DCACHE_OP_DELETE
;
79 dentry
->d_flags
|= DCACHE_OP_DELETE
;
80 spin_unlock(&dentry
->d_lock
);
83 __fuse_dentry_settime(dentry
, time
);
87 * FUSE caches dentries and attributes with separate timeout. The
88 * time in jiffies until the dentry/attributes are valid is stored in
89 * dentry->d_fsdata and fuse_inode->i_time respectively.
93 * Calculate the time in jiffies until a dentry/attributes are valid
95 u64
fuse_time_to_jiffies(u64 sec
, u32 nsec
)
98 struct timespec64 ts
= {
100 min_t(u32
, nsec
, NSEC_PER_SEC
- 1)
103 return get_jiffies_64() + timespec64_to_jiffies(&ts
);
109 * Set dentry and possibly attribute timeouts from the lookup/mk*
112 void fuse_change_entry_timeout(struct dentry
*entry
, struct fuse_entry_out
*o
)
114 fuse_dentry_settime(entry
,
115 fuse_time_to_jiffies(o
->entry_valid
, o
->entry_valid_nsec
));
118 void fuse_invalidate_attr_mask(struct inode
*inode
, u32 mask
)
120 set_mask_bits(&get_fuse_inode(inode
)->inval_mask
, 0, mask
);
124 * Mark the attributes as stale, so that at the next call to
125 * ->getattr() they will be fetched from userspace
127 void fuse_invalidate_attr(struct inode
*inode
)
129 fuse_invalidate_attr_mask(inode
, STATX_BASIC_STATS
);
132 static void fuse_dir_changed(struct inode
*dir
)
134 fuse_invalidate_attr(dir
);
135 inode_maybe_inc_iversion(dir
, false);
139 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
142 void fuse_invalidate_atime(struct inode
*inode
)
144 if (!IS_RDONLY(inode
))
145 fuse_invalidate_attr_mask(inode
, STATX_ATIME
);
149 * Just mark the entry as stale, so that a next attempt to look it up
150 * will result in a new lookup call to userspace
152 * This is called when a dentry is about to become negative and the
153 * timeout is unknown (unlink, rmdir, rename and in some cases
156 void fuse_invalidate_entry_cache(struct dentry
*entry
)
158 fuse_dentry_settime(entry
, 0);
162 * Same as fuse_invalidate_entry_cache(), but also try to remove the
163 * dentry from the hash
165 static void fuse_invalidate_entry(struct dentry
*entry
)
168 fuse_invalidate_entry_cache(entry
);
171 static void fuse_lookup_init(struct fuse_conn
*fc
, struct fuse_args
*args
,
172 u64 nodeid
, const struct qstr
*name
,
173 struct fuse_entry_out
*outarg
)
175 memset(outarg
, 0, sizeof(struct fuse_entry_out
));
176 args
->opcode
= FUSE_LOOKUP
;
177 args
->nodeid
= nodeid
;
178 args
->in_numargs
= 1;
179 args
->in_args
[0].size
= name
->len
+ 1;
180 args
->in_args
[0].value
= name
->name
;
181 args
->out_numargs
= 1;
182 args
->out_args
[0].size
= sizeof(struct fuse_entry_out
);
183 args
->out_args
[0].value
= outarg
;
187 * Check whether the dentry is still valid
189 * If the entry validity timeout has expired and the dentry is
190 * positive, try to redo the lookup. If the lookup results in a
191 * different inode, then let the VFS invalidate the dentry and redo
192 * the lookup once more. If the lookup results in the same inode,
193 * then refresh the attributes, timeouts and mark the dentry valid.
195 static int fuse_dentry_revalidate(struct dentry
*entry
, unsigned int flags
)
198 struct dentry
*parent
;
199 struct fuse_mount
*fm
;
200 struct fuse_inode
*fi
;
203 inode
= d_inode_rcu(entry
);
204 if (inode
&& fuse_is_bad(inode
))
206 else if (time_before64(fuse_dentry_time(entry
), get_jiffies_64()) ||
207 (flags
& (LOOKUP_EXCL
| LOOKUP_REVAL
| LOOKUP_RENAME_TARGET
))) {
208 struct fuse_entry_out outarg
;
210 struct fuse_forget_link
*forget
;
213 /* For negative dentries, always do a fresh lookup */
218 if (flags
& LOOKUP_RCU
)
221 fm
= get_fuse_mount(inode
);
223 forget
= fuse_alloc_forget();
228 attr_version
= fuse_get_attr_version(fm
->fc
);
230 parent
= dget_parent(entry
);
231 fuse_lookup_init(fm
->fc
, &args
, get_node_id(d_inode(parent
)),
232 &entry
->d_name
, &outarg
);
233 ret
= fuse_simple_request(fm
, &args
);
235 /* Zero nodeid is same as -ENOENT */
236 if (!ret
&& !outarg
.nodeid
)
239 fi
= get_fuse_inode(inode
);
240 if (outarg
.nodeid
!= get_node_id(inode
) ||
241 (bool) IS_AUTOMOUNT(inode
) != (bool) (outarg
.attr
.flags
& FUSE_ATTR_SUBMOUNT
)) {
242 fuse_queue_forget(fm
->fc
, forget
,
246 spin_lock(&fi
->lock
);
248 spin_unlock(&fi
->lock
);
251 if (ret
== -ENOMEM
|| ret
== -EINTR
)
253 if (ret
|| fuse_invalid_attr(&outarg
.attr
) ||
254 fuse_stale_inode(inode
, outarg
.generation
, &outarg
.attr
))
257 forget_all_cached_acls(inode
);
258 fuse_change_attributes(inode
, &outarg
.attr
, NULL
,
259 ATTR_TIMEOUT(&outarg
),
261 fuse_change_entry_timeout(entry
, &outarg
);
263 fi
= get_fuse_inode(inode
);
264 if (flags
& LOOKUP_RCU
) {
265 if (test_bit(FUSE_I_INIT_RDPLUS
, &fi
->state
))
267 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS
, &fi
->state
)) {
268 parent
= dget_parent(entry
);
269 fuse_advise_use_readdirplus(d_inode(parent
));
282 #if BITS_PER_LONG < 64
283 static int fuse_dentry_init(struct dentry
*dentry
)
285 dentry
->d_fsdata
= kzalloc(sizeof(union fuse_dentry
),
286 GFP_KERNEL_ACCOUNT
| __GFP_RECLAIMABLE
);
288 return dentry
->d_fsdata
? 0 : -ENOMEM
;
290 static void fuse_dentry_release(struct dentry
*dentry
)
292 union fuse_dentry
*fd
= dentry
->d_fsdata
;
298 static int fuse_dentry_delete(const struct dentry
*dentry
)
300 return time_before64(fuse_dentry_time(dentry
), get_jiffies_64());
304 * Create a fuse_mount object with a new superblock (with path->dentry
305 * as the root), and return that mount so it can be auto-mounted on
308 static struct vfsmount
*fuse_dentry_automount(struct path
*path
)
310 struct fs_context
*fsc
;
311 struct vfsmount
*mnt
;
312 struct fuse_inode
*mp_fi
= get_fuse_inode(d_inode(path
->dentry
));
314 fsc
= fs_context_for_submount(path
->mnt
->mnt_sb
->s_type
, path
->dentry
);
316 return ERR_CAST(fsc
);
318 /* Pass the FUSE inode of the mount for fuse_get_tree_submount() */
319 fsc
->fs_private
= mp_fi
;
321 /* Create the submount */
330 const struct dentry_operations fuse_dentry_operations
= {
331 .d_revalidate
= fuse_dentry_revalidate
,
332 .d_delete
= fuse_dentry_delete
,
333 #if BITS_PER_LONG < 64
334 .d_init
= fuse_dentry_init
,
335 .d_release
= fuse_dentry_release
,
337 .d_automount
= fuse_dentry_automount
,
340 const struct dentry_operations fuse_root_dentry_operations
= {
341 #if BITS_PER_LONG < 64
342 .d_init
= fuse_dentry_init
,
343 .d_release
= fuse_dentry_release
,
347 int fuse_valid_type(int m
)
349 return S_ISREG(m
) || S_ISDIR(m
) || S_ISLNK(m
) || S_ISCHR(m
) ||
350 S_ISBLK(m
) || S_ISFIFO(m
) || S_ISSOCK(m
);
353 static bool fuse_valid_size(u64 size
)
355 return size
<= LLONG_MAX
;
358 bool fuse_invalid_attr(struct fuse_attr
*attr
)
360 return !fuse_valid_type(attr
->mode
) || !fuse_valid_size(attr
->size
);
363 int fuse_lookup_name(struct super_block
*sb
, u64 nodeid
, const struct qstr
*name
,
364 struct fuse_entry_out
*outarg
, struct inode
**inode
)
366 struct fuse_mount
*fm
= get_fuse_mount_super(sb
);
368 struct fuse_forget_link
*forget
;
374 if (name
->len
> FUSE_NAME_MAX
)
378 forget
= fuse_alloc_forget();
383 attr_version
= fuse_get_attr_version(fm
->fc
);
385 fuse_lookup_init(fm
->fc
, &args
, nodeid
, name
, outarg
);
386 err
= fuse_simple_request(fm
, &args
);
387 /* Zero nodeid is same as -ENOENT, but with valid timeout */
388 if (err
|| !outarg
->nodeid
)
392 if (fuse_invalid_attr(&outarg
->attr
))
395 *inode
= fuse_iget(sb
, outarg
->nodeid
, outarg
->generation
,
396 &outarg
->attr
, ATTR_TIMEOUT(outarg
),
400 fuse_queue_forget(fm
->fc
, forget
, outarg
->nodeid
, 1);
411 static struct dentry
*fuse_lookup(struct inode
*dir
, struct dentry
*entry
,
415 struct fuse_entry_out outarg
;
417 struct dentry
*newent
;
418 bool outarg_valid
= true;
421 if (fuse_is_bad(dir
))
422 return ERR_PTR(-EIO
);
424 locked
= fuse_lock_inode(dir
);
425 err
= fuse_lookup_name(dir
->i_sb
, get_node_id(dir
), &entry
->d_name
,
427 fuse_unlock_inode(dir
, locked
);
428 if (err
== -ENOENT
) {
429 outarg_valid
= false;
436 if (inode
&& get_node_id(inode
) == FUSE_ROOT_ID
)
439 newent
= d_splice_alias(inode
, entry
);
440 err
= PTR_ERR(newent
);
444 entry
= newent
? newent
: entry
;
446 fuse_change_entry_timeout(entry
, &outarg
);
448 fuse_invalidate_entry_cache(entry
);
451 fuse_advise_use_readdirplus(dir
);
460 static int get_security_context(struct dentry
*entry
, umode_t mode
,
461 struct fuse_in_arg
*ext
)
463 struct fuse_secctx
*fctx
;
464 struct fuse_secctx_header
*header
;
465 void *ctx
= NULL
, *ptr
;
466 u32 ctxlen
, total_len
= sizeof(*header
);
471 err
= security_dentry_init_security(entry
, mode
, &entry
->d_name
,
472 &name
, &ctx
, &ctxlen
);
474 if (err
!= -EOPNOTSUPP
)
476 /* No LSM is supporting this security hook. Ignore error */
483 namelen
= strlen(name
) + 1;
485 if (WARN_ON(namelen
> XATTR_NAME_MAX
+ 1 || ctxlen
> S32_MAX
))
487 total_len
+= FUSE_REC_ALIGN(sizeof(*fctx
) + namelen
+ ctxlen
);
491 header
= ptr
= kzalloc(total_len
, GFP_KERNEL
);
495 header
->nr_secctx
= nr_ctx
;
496 header
->size
= total_len
;
497 ptr
+= sizeof(*header
);
501 ptr
+= sizeof(*fctx
);
506 memcpy(ptr
, ctx
, ctxlen
);
508 ext
->size
= total_len
;
516 static void *extend_arg(struct fuse_in_arg
*buf
, u32 bytes
)
519 u32 newlen
= buf
->size
+ bytes
;
521 p
= krealloc(buf
->value
, newlen
, GFP_KERNEL
);
529 memset(p
+ buf
->size
, 0, bytes
);
533 return p
+ newlen
- bytes
;
536 static u32
fuse_ext_size(size_t size
)
538 return FUSE_REC_ALIGN(sizeof(struct fuse_ext_header
) + size
);
542 * This adds just a single supplementary group that matches the parent's group.
544 static int get_create_supp_group(struct inode
*dir
, struct fuse_in_arg
*ext
)
546 struct fuse_conn
*fc
= get_fuse_conn(dir
);
547 struct fuse_ext_header
*xh
;
548 struct fuse_supp_groups
*sg
;
549 kgid_t kgid
= dir
->i_gid
;
550 gid_t parent_gid
= from_kgid(fc
->user_ns
, kgid
);
551 u32 sg_len
= fuse_ext_size(sizeof(*sg
) + sizeof(sg
->groups
[0]));
553 if (parent_gid
== (gid_t
) -1 || gid_eq(kgid
, current_fsgid()) ||
557 xh
= extend_arg(ext
, sg_len
);
562 xh
->type
= FUSE_EXT_GROUPS
;
564 sg
= (struct fuse_supp_groups
*) &xh
[1];
566 sg
->groups
[0] = parent_gid
;
571 static int get_create_ext(struct fuse_args
*args
,
572 struct inode
*dir
, struct dentry
*dentry
,
575 struct fuse_conn
*fc
= get_fuse_conn_super(dentry
->d_sb
);
576 struct fuse_in_arg ext
= { .size
= 0, .value
= NULL
};
579 if (fc
->init_security
)
580 err
= get_security_context(dentry
, mode
, &ext
);
581 if (!err
&& fc
->create_supp_group
)
582 err
= get_create_supp_group(dir
, &ext
);
584 if (!err
&& ext
.size
) {
585 WARN_ON(args
->in_numargs
>= ARRAY_SIZE(args
->in_args
));
587 args
->ext_idx
= args
->in_numargs
++;
588 args
->in_args
[args
->ext_idx
] = ext
;
596 static void free_ext_value(struct fuse_args
*args
)
599 kfree(args
->in_args
[args
->ext_idx
].value
);
603 * Atomic create+open operation
605 * If the filesystem doesn't support this, then fall back to separate
606 * 'mknod' + 'open' requests.
608 static int fuse_create_open(struct inode
*dir
, struct dentry
*entry
,
609 struct file
*file
, unsigned int flags
,
610 umode_t mode
, u32 opcode
)
614 struct fuse_mount
*fm
= get_fuse_mount(dir
);
616 struct fuse_forget_link
*forget
;
617 struct fuse_create_in inarg
;
618 struct fuse_open_out outopen
;
619 struct fuse_entry_out outentry
;
620 struct fuse_inode
*fi
;
621 struct fuse_file
*ff
;
622 bool trunc
= flags
& O_TRUNC
;
624 /* Userspace expects S_IFREG in create mode */
625 BUG_ON((mode
& S_IFMT
) != S_IFREG
);
627 forget
= fuse_alloc_forget();
633 ff
= fuse_file_alloc(fm
, true);
635 goto out_put_forget_req
;
637 if (!fm
->fc
->dont_mask
)
638 mode
&= ~current_umask();
641 memset(&inarg
, 0, sizeof(inarg
));
642 memset(&outentry
, 0, sizeof(outentry
));
645 inarg
.umask
= current_umask();
647 if (fm
->fc
->handle_killpriv_v2
&& trunc
&&
648 !(flags
& O_EXCL
) && !capable(CAP_FSETID
)) {
649 inarg
.open_flags
|= FUSE_OPEN_KILL_SUIDGID
;
652 args
.opcode
= opcode
;
653 args
.nodeid
= get_node_id(dir
);
655 args
.in_args
[0].size
= sizeof(inarg
);
656 args
.in_args
[0].value
= &inarg
;
657 args
.in_args
[1].size
= entry
->d_name
.len
+ 1;
658 args
.in_args
[1].value
= entry
->d_name
.name
;
659 args
.out_numargs
= 2;
660 args
.out_args
[0].size
= sizeof(outentry
);
661 args
.out_args
[0].value
= &outentry
;
662 args
.out_args
[1].size
= sizeof(outopen
);
663 args
.out_args
[1].value
= &outopen
;
665 err
= get_create_ext(&args
, dir
, entry
, mode
);
667 goto out_put_forget_req
;
669 err
= fuse_simple_request(fm
, &args
);
670 free_ext_value(&args
);
675 if (!S_ISREG(outentry
.attr
.mode
) || invalid_nodeid(outentry
.nodeid
) ||
676 fuse_invalid_attr(&outentry
.attr
))
680 ff
->nodeid
= outentry
.nodeid
;
681 ff
->open_flags
= outopen
.open_flags
;
682 inode
= fuse_iget(dir
->i_sb
, outentry
.nodeid
, outentry
.generation
,
683 &outentry
.attr
, ATTR_TIMEOUT(&outentry
), 0);
685 flags
&= ~(O_CREAT
| O_EXCL
| O_TRUNC
);
686 fuse_sync_release(NULL
, ff
, flags
);
687 fuse_queue_forget(fm
->fc
, forget
, outentry
.nodeid
, 1);
692 d_instantiate(entry
, inode
);
693 fuse_change_entry_timeout(entry
, &outentry
);
694 fuse_dir_changed(dir
);
695 err
= generic_file_open(inode
, file
);
697 file
->private_data
= ff
;
698 err
= finish_open(file
, entry
, fuse_finish_open
);
701 fi
= get_fuse_inode(inode
);
702 fuse_sync_release(fi
, ff
, flags
);
704 if (fm
->fc
->atomic_o_trunc
&& trunc
)
705 truncate_pagecache(inode
, 0);
706 else if (!(ff
->open_flags
& FOPEN_KEEP_CACHE
))
707 invalidate_inode_pages2(inode
->i_mapping
);
719 static int fuse_mknod(struct mnt_idmap
*, struct inode
*, struct dentry
*,
721 static int fuse_atomic_open(struct inode
*dir
, struct dentry
*entry
,
722 struct file
*file
, unsigned flags
,
726 struct fuse_conn
*fc
= get_fuse_conn(dir
);
727 struct dentry
*res
= NULL
;
729 if (fuse_is_bad(dir
))
732 if (d_in_lookup(entry
)) {
733 res
= fuse_lookup(dir
, entry
, 0);
741 if (!(flags
& O_CREAT
) || d_really_is_positive(entry
))
745 file
->f_mode
|= FMODE_CREATED
;
750 err
= fuse_create_open(dir
, entry
, file
, flags
, mode
, FUSE_CREATE
);
751 if (err
== -ENOSYS
) {
754 } else if (err
== -EEXIST
)
755 fuse_invalidate_entry(entry
);
761 err
= fuse_mknod(&nop_mnt_idmap
, dir
, entry
, mode
, 0);
765 return finish_no_open(file
, res
);
769 * Code shared between mknod, mkdir, symlink and link
771 static int create_new_entry(struct fuse_mount
*fm
, struct fuse_args
*args
,
772 struct inode
*dir
, struct dentry
*entry
,
775 struct fuse_entry_out outarg
;
779 struct fuse_forget_link
*forget
;
781 if (fuse_is_bad(dir
))
784 forget
= fuse_alloc_forget();
788 memset(&outarg
, 0, sizeof(outarg
));
789 args
->nodeid
= get_node_id(dir
);
790 args
->out_numargs
= 1;
791 args
->out_args
[0].size
= sizeof(outarg
);
792 args
->out_args
[0].value
= &outarg
;
794 if (args
->opcode
!= FUSE_LINK
) {
795 err
= get_create_ext(args
, dir
, entry
, mode
);
797 goto out_put_forget_req
;
800 err
= fuse_simple_request(fm
, args
);
801 free_ext_value(args
);
803 goto out_put_forget_req
;
806 if (invalid_nodeid(outarg
.nodeid
) || fuse_invalid_attr(&outarg
.attr
))
807 goto out_put_forget_req
;
809 if ((outarg
.attr
.mode
^ mode
) & S_IFMT
)
810 goto out_put_forget_req
;
812 inode
= fuse_iget(dir
->i_sb
, outarg
.nodeid
, outarg
.generation
,
813 &outarg
.attr
, ATTR_TIMEOUT(&outarg
), 0);
815 fuse_queue_forget(fm
->fc
, forget
, outarg
.nodeid
, 1);
821 d
= d_splice_alias(inode
, entry
);
826 fuse_change_entry_timeout(d
, &outarg
);
829 fuse_change_entry_timeout(entry
, &outarg
);
831 fuse_dir_changed(dir
);
836 fuse_invalidate_entry(entry
);
841 static int fuse_mknod(struct mnt_idmap
*idmap
, struct inode
*dir
,
842 struct dentry
*entry
, umode_t mode
, dev_t rdev
)
844 struct fuse_mknod_in inarg
;
845 struct fuse_mount
*fm
= get_fuse_mount(dir
);
848 if (!fm
->fc
->dont_mask
)
849 mode
&= ~current_umask();
851 memset(&inarg
, 0, sizeof(inarg
));
853 inarg
.rdev
= new_encode_dev(rdev
);
854 inarg
.umask
= current_umask();
855 args
.opcode
= FUSE_MKNOD
;
857 args
.in_args
[0].size
= sizeof(inarg
);
858 args
.in_args
[0].value
= &inarg
;
859 args
.in_args
[1].size
= entry
->d_name
.len
+ 1;
860 args
.in_args
[1].value
= entry
->d_name
.name
;
861 return create_new_entry(fm
, &args
, dir
, entry
, mode
);
864 static int fuse_create(struct mnt_idmap
*idmap
, struct inode
*dir
,
865 struct dentry
*entry
, umode_t mode
, bool excl
)
867 return fuse_mknod(&nop_mnt_idmap
, dir
, entry
, mode
, 0);
870 static int fuse_tmpfile(struct mnt_idmap
*idmap
, struct inode
*dir
,
871 struct file
*file
, umode_t mode
)
873 struct fuse_conn
*fc
= get_fuse_conn(dir
);
879 err
= fuse_create_open(dir
, file
->f_path
.dentry
, file
, file
->f_flags
, mode
, FUSE_TMPFILE
);
880 if (err
== -ENOSYS
) {
887 static int fuse_mkdir(struct mnt_idmap
*idmap
, struct inode
*dir
,
888 struct dentry
*entry
, umode_t mode
)
890 struct fuse_mkdir_in inarg
;
891 struct fuse_mount
*fm
= get_fuse_mount(dir
);
894 if (!fm
->fc
->dont_mask
)
895 mode
&= ~current_umask();
897 memset(&inarg
, 0, sizeof(inarg
));
899 inarg
.umask
= current_umask();
900 args
.opcode
= FUSE_MKDIR
;
902 args
.in_args
[0].size
= sizeof(inarg
);
903 args
.in_args
[0].value
= &inarg
;
904 args
.in_args
[1].size
= entry
->d_name
.len
+ 1;
905 args
.in_args
[1].value
= entry
->d_name
.name
;
906 return create_new_entry(fm
, &args
, dir
, entry
, S_IFDIR
);
909 static int fuse_symlink(struct mnt_idmap
*idmap
, struct inode
*dir
,
910 struct dentry
*entry
, const char *link
)
912 struct fuse_mount
*fm
= get_fuse_mount(dir
);
913 unsigned len
= strlen(link
) + 1;
916 args
.opcode
= FUSE_SYMLINK
;
918 args
.in_args
[0].size
= entry
->d_name
.len
+ 1;
919 args
.in_args
[0].value
= entry
->d_name
.name
;
920 args
.in_args
[1].size
= len
;
921 args
.in_args
[1].value
= link
;
922 return create_new_entry(fm
, &args
, dir
, entry
, S_IFLNK
);
925 void fuse_flush_time_update(struct inode
*inode
)
927 int err
= sync_inode_metadata(inode
, 1);
929 mapping_set_error(inode
->i_mapping
, err
);
932 static void fuse_update_ctime_in_cache(struct inode
*inode
)
934 if (!IS_NOCMTIME(inode
)) {
935 inode_set_ctime_current(inode
);
936 mark_inode_dirty_sync(inode
);
937 fuse_flush_time_update(inode
);
941 void fuse_update_ctime(struct inode
*inode
)
943 fuse_invalidate_attr_mask(inode
, STATX_CTIME
);
944 fuse_update_ctime_in_cache(inode
);
947 static void fuse_entry_unlinked(struct dentry
*entry
)
949 struct inode
*inode
= d_inode(entry
);
950 struct fuse_conn
*fc
= get_fuse_conn(inode
);
951 struct fuse_inode
*fi
= get_fuse_inode(inode
);
953 spin_lock(&fi
->lock
);
954 fi
->attr_version
= atomic64_inc_return(&fc
->attr_version
);
956 * If i_nlink == 0 then unlink doesn't make sense, yet this can
957 * happen if userspace filesystem is careless. It would be
958 * difficult to enforce correct nlink usage so just ignore this
961 if (S_ISDIR(inode
->i_mode
))
963 else if (inode
->i_nlink
> 0)
965 spin_unlock(&fi
->lock
);
966 fuse_invalidate_entry_cache(entry
);
967 fuse_update_ctime(inode
);
970 static int fuse_unlink(struct inode
*dir
, struct dentry
*entry
)
973 struct fuse_mount
*fm
= get_fuse_mount(dir
);
976 if (fuse_is_bad(dir
))
979 args
.opcode
= FUSE_UNLINK
;
980 args
.nodeid
= get_node_id(dir
);
982 args
.in_args
[0].size
= entry
->d_name
.len
+ 1;
983 args
.in_args
[0].value
= entry
->d_name
.name
;
984 err
= fuse_simple_request(fm
, &args
);
986 fuse_dir_changed(dir
);
987 fuse_entry_unlinked(entry
);
988 } else if (err
== -EINTR
|| err
== -ENOENT
)
989 fuse_invalidate_entry(entry
);
993 static int fuse_rmdir(struct inode
*dir
, struct dentry
*entry
)
996 struct fuse_mount
*fm
= get_fuse_mount(dir
);
999 if (fuse_is_bad(dir
))
1002 args
.opcode
= FUSE_RMDIR
;
1003 args
.nodeid
= get_node_id(dir
);
1004 args
.in_numargs
= 1;
1005 args
.in_args
[0].size
= entry
->d_name
.len
+ 1;
1006 args
.in_args
[0].value
= entry
->d_name
.name
;
1007 err
= fuse_simple_request(fm
, &args
);
1009 fuse_dir_changed(dir
);
1010 fuse_entry_unlinked(entry
);
1011 } else if (err
== -EINTR
|| err
== -ENOENT
)
1012 fuse_invalidate_entry(entry
);
1016 static int fuse_rename_common(struct inode
*olddir
, struct dentry
*oldent
,
1017 struct inode
*newdir
, struct dentry
*newent
,
1018 unsigned int flags
, int opcode
, size_t argsize
)
1021 struct fuse_rename2_in inarg
;
1022 struct fuse_mount
*fm
= get_fuse_mount(olddir
);
1025 memset(&inarg
, 0, argsize
);
1026 inarg
.newdir
= get_node_id(newdir
);
1027 inarg
.flags
= flags
;
1028 args
.opcode
= opcode
;
1029 args
.nodeid
= get_node_id(olddir
);
1030 args
.in_numargs
= 3;
1031 args
.in_args
[0].size
= argsize
;
1032 args
.in_args
[0].value
= &inarg
;
1033 args
.in_args
[1].size
= oldent
->d_name
.len
+ 1;
1034 args
.in_args
[1].value
= oldent
->d_name
.name
;
1035 args
.in_args
[2].size
= newent
->d_name
.len
+ 1;
1036 args
.in_args
[2].value
= newent
->d_name
.name
;
1037 err
= fuse_simple_request(fm
, &args
);
1040 fuse_update_ctime(d_inode(oldent
));
1042 if (flags
& RENAME_EXCHANGE
)
1043 fuse_update_ctime(d_inode(newent
));
1045 fuse_dir_changed(olddir
);
1046 if (olddir
!= newdir
)
1047 fuse_dir_changed(newdir
);
1049 /* newent will end up negative */
1050 if (!(flags
& RENAME_EXCHANGE
) && d_really_is_positive(newent
))
1051 fuse_entry_unlinked(newent
);
1052 } else if (err
== -EINTR
|| err
== -ENOENT
) {
1053 /* If request was interrupted, DEITY only knows if the
1054 rename actually took place. If the invalidation
1055 fails (e.g. some process has CWD under the renamed
1056 directory), then there can be inconsistency between
1057 the dcache and the real filesystem. Tough luck. */
1058 fuse_invalidate_entry(oldent
);
1059 if (d_really_is_positive(newent
))
1060 fuse_invalidate_entry(newent
);
1066 static int fuse_rename2(struct mnt_idmap
*idmap
, struct inode
*olddir
,
1067 struct dentry
*oldent
, struct inode
*newdir
,
1068 struct dentry
*newent
, unsigned int flags
)
1070 struct fuse_conn
*fc
= get_fuse_conn(olddir
);
1073 if (fuse_is_bad(olddir
))
1076 if (flags
& ~(RENAME_NOREPLACE
| RENAME_EXCHANGE
| RENAME_WHITEOUT
))
1080 if (fc
->no_rename2
|| fc
->minor
< 23)
1083 err
= fuse_rename_common(olddir
, oldent
, newdir
, newent
, flags
,
1085 sizeof(struct fuse_rename2_in
));
1086 if (err
== -ENOSYS
) {
1091 err
= fuse_rename_common(olddir
, oldent
, newdir
, newent
, 0,
1093 sizeof(struct fuse_rename_in
));
1099 static int fuse_link(struct dentry
*entry
, struct inode
*newdir
,
1100 struct dentry
*newent
)
1103 struct fuse_link_in inarg
;
1104 struct inode
*inode
= d_inode(entry
);
1105 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1108 memset(&inarg
, 0, sizeof(inarg
));
1109 inarg
.oldnodeid
= get_node_id(inode
);
1110 args
.opcode
= FUSE_LINK
;
1111 args
.in_numargs
= 2;
1112 args
.in_args
[0].size
= sizeof(inarg
);
1113 args
.in_args
[0].value
= &inarg
;
1114 args
.in_args
[1].size
= newent
->d_name
.len
+ 1;
1115 args
.in_args
[1].value
= newent
->d_name
.name
;
1116 err
= create_new_entry(fm
, &args
, newdir
, newent
, inode
->i_mode
);
1118 fuse_update_ctime_in_cache(inode
);
1119 else if (err
== -EINTR
)
1120 fuse_invalidate_attr(inode
);
1125 static void fuse_fillattr(struct inode
*inode
, struct fuse_attr
*attr
,
1128 unsigned int blkbits
;
1129 struct fuse_conn
*fc
= get_fuse_conn(inode
);
1131 stat
->dev
= inode
->i_sb
->s_dev
;
1132 stat
->ino
= attr
->ino
;
1133 stat
->mode
= (inode
->i_mode
& S_IFMT
) | (attr
->mode
& 07777);
1134 stat
->nlink
= attr
->nlink
;
1135 stat
->uid
= make_kuid(fc
->user_ns
, attr
->uid
);
1136 stat
->gid
= make_kgid(fc
->user_ns
, attr
->gid
);
1137 stat
->rdev
= inode
->i_rdev
;
1138 stat
->atime
.tv_sec
= attr
->atime
;
1139 stat
->atime
.tv_nsec
= attr
->atimensec
;
1140 stat
->mtime
.tv_sec
= attr
->mtime
;
1141 stat
->mtime
.tv_nsec
= attr
->mtimensec
;
1142 stat
->ctime
.tv_sec
= attr
->ctime
;
1143 stat
->ctime
.tv_nsec
= attr
->ctimensec
;
1144 stat
->size
= attr
->size
;
1145 stat
->blocks
= attr
->blocks
;
1147 if (attr
->blksize
!= 0)
1148 blkbits
= ilog2(attr
->blksize
);
1150 blkbits
= inode
->i_sb
->s_blocksize_bits
;
1152 stat
->blksize
= 1 << blkbits
;
1155 static void fuse_statx_to_attr(struct fuse_statx
*sx
, struct fuse_attr
*attr
)
1157 memset(attr
, 0, sizeof(*attr
));
1158 attr
->ino
= sx
->ino
;
1159 attr
->size
= sx
->size
;
1160 attr
->blocks
= sx
->blocks
;
1161 attr
->atime
= sx
->atime
.tv_sec
;
1162 attr
->mtime
= sx
->mtime
.tv_sec
;
1163 attr
->ctime
= sx
->ctime
.tv_sec
;
1164 attr
->atimensec
= sx
->atime
.tv_nsec
;
1165 attr
->mtimensec
= sx
->mtime
.tv_nsec
;
1166 attr
->ctimensec
= sx
->ctime
.tv_nsec
;
1167 attr
->mode
= sx
->mode
;
1168 attr
->nlink
= sx
->nlink
;
1169 attr
->uid
= sx
->uid
;
1170 attr
->gid
= sx
->gid
;
1171 attr
->rdev
= new_encode_dev(MKDEV(sx
->rdev_major
, sx
->rdev_minor
));
1172 attr
->blksize
= sx
->blksize
;
1175 static int fuse_do_statx(struct inode
*inode
, struct file
*file
,
1179 struct fuse_attr attr
;
1180 struct fuse_statx
*sx
;
1181 struct fuse_statx_in inarg
;
1182 struct fuse_statx_out outarg
;
1183 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1184 u64 attr_version
= fuse_get_attr_version(fm
->fc
);
1187 memset(&inarg
, 0, sizeof(inarg
));
1188 memset(&outarg
, 0, sizeof(outarg
));
1189 /* Directories have separate file-handle space */
1190 if (file
&& S_ISREG(inode
->i_mode
)) {
1191 struct fuse_file
*ff
= file
->private_data
;
1193 inarg
.getattr_flags
|= FUSE_GETATTR_FH
;
1196 /* For now leave sync hints as the default, request all stats. */
1198 inarg
.sx_mask
= STATX_BASIC_STATS
| STATX_BTIME
;
1199 args
.opcode
= FUSE_STATX
;
1200 args
.nodeid
= get_node_id(inode
);
1201 args
.in_numargs
= 1;
1202 args
.in_args
[0].size
= sizeof(inarg
);
1203 args
.in_args
[0].value
= &inarg
;
1204 args
.out_numargs
= 1;
1205 args
.out_args
[0].size
= sizeof(outarg
);
1206 args
.out_args
[0].value
= &outarg
;
1207 err
= fuse_simple_request(fm
, &args
);
1212 if (((sx
->mask
& STATX_SIZE
) && !fuse_valid_size(sx
->size
)) ||
1213 ((sx
->mask
& STATX_TYPE
) && (!fuse_valid_type(sx
->mode
) ||
1214 inode_wrong_type(inode
, sx
->mode
)))) {
1215 make_bad_inode(inode
);
1219 fuse_statx_to_attr(&outarg
.stat
, &attr
);
1220 if ((sx
->mask
& STATX_BASIC_STATS
) == STATX_BASIC_STATS
) {
1221 fuse_change_attributes(inode
, &attr
, &outarg
.stat
,
1222 ATTR_TIMEOUT(&outarg
), attr_version
);
1226 stat
->result_mask
= sx
->mask
& (STATX_BASIC_STATS
| STATX_BTIME
);
1227 stat
->btime
.tv_sec
= sx
->btime
.tv_sec
;
1228 stat
->btime
.tv_nsec
= min_t(u32
, sx
->btime
.tv_nsec
, NSEC_PER_SEC
- 1);
1229 fuse_fillattr(inode
, &attr
, stat
);
1230 stat
->result_mask
|= STATX_TYPE
;
1236 static int fuse_do_getattr(struct inode
*inode
, struct kstat
*stat
,
1240 struct fuse_getattr_in inarg
;
1241 struct fuse_attr_out outarg
;
1242 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1246 attr_version
= fuse_get_attr_version(fm
->fc
);
1248 memset(&inarg
, 0, sizeof(inarg
));
1249 memset(&outarg
, 0, sizeof(outarg
));
1250 /* Directories have separate file-handle space */
1251 if (file
&& S_ISREG(inode
->i_mode
)) {
1252 struct fuse_file
*ff
= file
->private_data
;
1254 inarg
.getattr_flags
|= FUSE_GETATTR_FH
;
1257 args
.opcode
= FUSE_GETATTR
;
1258 args
.nodeid
= get_node_id(inode
);
1259 args
.in_numargs
= 1;
1260 args
.in_args
[0].size
= sizeof(inarg
);
1261 args
.in_args
[0].value
= &inarg
;
1262 args
.out_numargs
= 1;
1263 args
.out_args
[0].size
= sizeof(outarg
);
1264 args
.out_args
[0].value
= &outarg
;
1265 err
= fuse_simple_request(fm
, &args
);
1267 if (fuse_invalid_attr(&outarg
.attr
) ||
1268 inode_wrong_type(inode
, outarg
.attr
.mode
)) {
1269 fuse_make_bad(inode
);
1272 fuse_change_attributes(inode
, &outarg
.attr
, NULL
,
1273 ATTR_TIMEOUT(&outarg
),
1276 fuse_fillattr(inode
, &outarg
.attr
, stat
);
1282 static int fuse_update_get_attr(struct inode
*inode
, struct file
*file
,
1283 struct kstat
*stat
, u32 request_mask
,
1286 struct fuse_inode
*fi
= get_fuse_inode(inode
);
1287 struct fuse_conn
*fc
= get_fuse_conn(inode
);
1290 u32 inval_mask
= READ_ONCE(fi
->inval_mask
);
1291 u32 cache_mask
= fuse_get_cache_mask(inode
);
1294 /* FUSE only supports basic stats and possibly btime */
1295 request_mask
&= STATX_BASIC_STATS
| STATX_BTIME
;
1298 request_mask
&= STATX_BASIC_STATS
;
1302 else if (flags
& AT_STATX_FORCE_SYNC
)
1304 else if (flags
& AT_STATX_DONT_SYNC
)
1306 else if (request_mask
& inval_mask
& ~cache_mask
)
1309 sync
= time_before64(fi
->i_time
, get_jiffies_64());
1312 forget_all_cached_acls(inode
);
1313 /* Try statx if BTIME is requested */
1314 if (!fc
->no_statx
&& (request_mask
& ~STATX_BASIC_STATS
)) {
1315 err
= fuse_do_statx(inode
, file
, stat
);
1316 if (err
== -ENOSYS
) {
1321 err
= fuse_do_getattr(inode
, stat
, file
);
1324 generic_fillattr(&nop_mnt_idmap
, request_mask
, inode
, stat
);
1325 stat
->mode
= fi
->orig_i_mode
;
1326 stat
->ino
= fi
->orig_ino
;
1327 if (test_bit(FUSE_I_BTIME
, &fi
->state
)) {
1328 stat
->btime
= fi
->i_btime
;
1329 stat
->result_mask
|= STATX_BTIME
;
1336 int fuse_update_attributes(struct inode
*inode
, struct file
*file
, u32 mask
)
1338 return fuse_update_get_attr(inode
, file
, NULL
, mask
, 0);
1341 int fuse_reverse_inval_entry(struct fuse_conn
*fc
, u64 parent_nodeid
,
1342 u64 child_nodeid
, struct qstr
*name
, u32 flags
)
1345 struct inode
*parent
;
1347 struct dentry
*entry
;
1349 parent
= fuse_ilookup(fc
, parent_nodeid
, NULL
);
1353 inode_lock_nested(parent
, I_MUTEX_PARENT
);
1354 if (!S_ISDIR(parent
->i_mode
))
1358 dir
= d_find_alias(parent
);
1362 name
->hash
= full_name_hash(dir
, name
->name
, name
->len
);
1363 entry
= d_lookup(dir
, name
);
1368 fuse_dir_changed(parent
);
1369 if (!(flags
& FUSE_EXPIRE_ONLY
))
1370 d_invalidate(entry
);
1371 fuse_invalidate_entry_cache(entry
);
1373 if (child_nodeid
!= 0 && d_really_is_positive(entry
)) {
1374 inode_lock(d_inode(entry
));
1375 if (get_node_id(d_inode(entry
)) != child_nodeid
) {
1379 if (d_mountpoint(entry
)) {
1383 if (d_is_dir(entry
)) {
1384 shrink_dcache_parent(entry
);
1385 if (!simple_empty(entry
)) {
1389 d_inode(entry
)->i_flags
|= S_DEAD
;
1392 clear_nlink(d_inode(entry
));
1395 inode_unlock(d_inode(entry
));
1404 inode_unlock(parent
);
1409 static inline bool fuse_permissible_uidgid(struct fuse_conn
*fc
)
1411 const struct cred
*cred
= current_cred();
1413 return (uid_eq(cred
->euid
, fc
->user_id
) &&
1414 uid_eq(cred
->suid
, fc
->user_id
) &&
1415 uid_eq(cred
->uid
, fc
->user_id
) &&
1416 gid_eq(cred
->egid
, fc
->group_id
) &&
1417 gid_eq(cred
->sgid
, fc
->group_id
) &&
1418 gid_eq(cred
->gid
, fc
->group_id
));
1422 * Calling into a user-controlled filesystem gives the filesystem
1423 * daemon ptrace-like capabilities over the current process. This
1424 * means, that the filesystem daemon is able to record the exact
1425 * filesystem operations performed, and can also control the behavior
1426 * of the requester process in otherwise impossible ways. For example
1427 * it can delay the operation for arbitrary length of time allowing
1428 * DoS against the requester.
1430 * For this reason only those processes can call into the filesystem,
1431 * for which the owner of the mount has ptrace privilege. This
1432 * excludes processes started by other users, suid or sgid processes.
1434 bool fuse_allow_current_process(struct fuse_conn
*fc
)
1438 if (fc
->allow_other
)
1439 allow
= current_in_userns(fc
->user_ns
);
1441 allow
= fuse_permissible_uidgid(fc
);
1443 if (!allow
&& allow_sys_admin_access
&& capable(CAP_SYS_ADMIN
))
1449 static int fuse_access(struct inode
*inode
, int mask
)
1451 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1453 struct fuse_access_in inarg
;
1456 BUG_ON(mask
& MAY_NOT_BLOCK
);
1458 if (fm
->fc
->no_access
)
1461 memset(&inarg
, 0, sizeof(inarg
));
1462 inarg
.mask
= mask
& (MAY_READ
| MAY_WRITE
| MAY_EXEC
);
1463 args
.opcode
= FUSE_ACCESS
;
1464 args
.nodeid
= get_node_id(inode
);
1465 args
.in_numargs
= 1;
1466 args
.in_args
[0].size
= sizeof(inarg
);
1467 args
.in_args
[0].value
= &inarg
;
1468 err
= fuse_simple_request(fm
, &args
);
1469 if (err
== -ENOSYS
) {
1470 fm
->fc
->no_access
= 1;
1476 static int fuse_perm_getattr(struct inode
*inode
, int mask
)
1478 if (mask
& MAY_NOT_BLOCK
)
1481 forget_all_cached_acls(inode
);
1482 return fuse_do_getattr(inode
, NULL
, NULL
);
1486 * Check permission. The two basic access models of FUSE are:
1488 * 1) Local access checking ('default_permissions' mount option) based
1489 * on file mode. This is the plain old disk filesystem permission
1492 * 2) "Remote" access checking, where server is responsible for
1493 * checking permission in each inode operation. An exception to this
1494 * is if ->permission() was invoked from sys_access() in which case an
1495 * access request is sent. Execute permission is still checked
1496 * locally based on file mode.
1498 static int fuse_permission(struct mnt_idmap
*idmap
,
1499 struct inode
*inode
, int mask
)
1501 struct fuse_conn
*fc
= get_fuse_conn(inode
);
1502 bool refreshed
= false;
1505 if (fuse_is_bad(inode
))
1508 if (!fuse_allow_current_process(fc
))
1512 * If attributes are needed, refresh them before proceeding
1514 if (fc
->default_permissions
||
1515 ((mask
& MAY_EXEC
) && S_ISREG(inode
->i_mode
))) {
1516 struct fuse_inode
*fi
= get_fuse_inode(inode
);
1517 u32 perm_mask
= STATX_MODE
| STATX_UID
| STATX_GID
;
1519 if (perm_mask
& READ_ONCE(fi
->inval_mask
) ||
1520 time_before64(fi
->i_time
, get_jiffies_64())) {
1523 err
= fuse_perm_getattr(inode
, mask
);
1529 if (fc
->default_permissions
) {
1530 err
= generic_permission(&nop_mnt_idmap
, inode
, mask
);
1532 /* If permission is denied, try to refresh file
1533 attributes. This is also needed, because the root
1534 node will at first have no permissions */
1535 if (err
== -EACCES
&& !refreshed
) {
1536 err
= fuse_perm_getattr(inode
, mask
);
1538 err
= generic_permission(&nop_mnt_idmap
,
1542 /* Note: the opposite of the above test does not
1543 exist. So if permissions are revoked this won't be
1544 noticed immediately, only after the attribute
1545 timeout has expired */
1546 } else if (mask
& (MAY_ACCESS
| MAY_CHDIR
)) {
1547 err
= fuse_access(inode
, mask
);
1548 } else if ((mask
& MAY_EXEC
) && S_ISREG(inode
->i_mode
)) {
1549 if (!(inode
->i_mode
& S_IXUGO
)) {
1553 err
= fuse_perm_getattr(inode
, mask
);
1554 if (!err
&& !(inode
->i_mode
& S_IXUGO
))
1561 static int fuse_readlink_page(struct inode
*inode
, struct page
*page
)
1563 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1564 struct fuse_page_desc desc
= { .length
= PAGE_SIZE
- 1 };
1565 struct fuse_args_pages ap
= {
1573 ap
.args
.opcode
= FUSE_READLINK
;
1574 ap
.args
.nodeid
= get_node_id(inode
);
1575 ap
.args
.out_pages
= true;
1576 ap
.args
.out_argvar
= true;
1577 ap
.args
.page_zeroing
= true;
1578 ap
.args
.out_numargs
= 1;
1579 ap
.args
.out_args
[0].size
= desc
.length
;
1580 res
= fuse_simple_request(fm
, &ap
.args
);
1582 fuse_invalidate_atime(inode
);
1587 if (WARN_ON(res
>= PAGE_SIZE
))
1590 link
= page_address(page
);
1596 static const char *fuse_get_link(struct dentry
*dentry
, struct inode
*inode
,
1597 struct delayed_call
*callback
)
1599 struct fuse_conn
*fc
= get_fuse_conn(inode
);
1604 if (fuse_is_bad(inode
))
1607 if (fc
->cache_symlinks
)
1608 return page_get_link(dentry
, inode
, callback
);
1614 page
= alloc_page(GFP_KERNEL
);
1619 err
= fuse_readlink_page(inode
, page
);
1625 set_delayed_call(callback
, page_put_link
, page
);
1627 return page_address(page
);
1630 return ERR_PTR(err
);
1633 static int fuse_dir_open(struct inode
*inode
, struct file
*file
)
1635 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1638 if (fuse_is_bad(inode
))
1641 err
= generic_file_open(inode
, file
);
1645 err
= fuse_do_open(fm
, get_node_id(inode
), file
, true);
1647 struct fuse_file
*ff
= file
->private_data
;
1650 * Keep handling FOPEN_STREAM and FOPEN_NONSEEKABLE for
1651 * directories for backward compatibility, though it's unlikely
1654 if (ff
->open_flags
& (FOPEN_STREAM
| FOPEN_NONSEEKABLE
))
1655 nonseekable_open(inode
, file
);
1661 static int fuse_dir_release(struct inode
*inode
, struct file
*file
)
1663 fuse_release_common(file
, true);
1668 static int fuse_dir_fsync(struct file
*file
, loff_t start
, loff_t end
,
1671 struct inode
*inode
= file
->f_mapping
->host
;
1672 struct fuse_conn
*fc
= get_fuse_conn(inode
);
1675 if (fuse_is_bad(inode
))
1678 if (fc
->no_fsyncdir
)
1682 err
= fuse_fsync_common(file
, start
, end
, datasync
, FUSE_FSYNCDIR
);
1683 if (err
== -ENOSYS
) {
1684 fc
->no_fsyncdir
= 1;
1687 inode_unlock(inode
);
1692 static long fuse_dir_ioctl(struct file
*file
, unsigned int cmd
,
1695 struct fuse_conn
*fc
= get_fuse_conn(file
->f_mapping
->host
);
1697 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1701 return fuse_ioctl_common(file
, cmd
, arg
, FUSE_IOCTL_DIR
);
1704 static long fuse_dir_compat_ioctl(struct file
*file
, unsigned int cmd
,
1707 struct fuse_conn
*fc
= get_fuse_conn(file
->f_mapping
->host
);
1712 return fuse_ioctl_common(file
, cmd
, arg
,
1713 FUSE_IOCTL_COMPAT
| FUSE_IOCTL_DIR
);
1716 static bool update_mtime(unsigned ivalid
, bool trust_local_mtime
)
1718 /* Always update if mtime is explicitly set */
1719 if (ivalid
& ATTR_MTIME_SET
)
1722 /* Or if kernel i_mtime is the official one */
1723 if (trust_local_mtime
)
1726 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1727 if ((ivalid
& ATTR_SIZE
) && (ivalid
& (ATTR_OPEN
| ATTR_FILE
)))
1730 /* In all other cases update */
1734 static void iattr_to_fattr(struct fuse_conn
*fc
, struct iattr
*iattr
,
1735 struct fuse_setattr_in
*arg
, bool trust_local_cmtime
)
1737 unsigned ivalid
= iattr
->ia_valid
;
1739 if (ivalid
& ATTR_MODE
)
1740 arg
->valid
|= FATTR_MODE
, arg
->mode
= iattr
->ia_mode
;
1741 if (ivalid
& ATTR_UID
)
1742 arg
->valid
|= FATTR_UID
, arg
->uid
= from_kuid(fc
->user_ns
, iattr
->ia_uid
);
1743 if (ivalid
& ATTR_GID
)
1744 arg
->valid
|= FATTR_GID
, arg
->gid
= from_kgid(fc
->user_ns
, iattr
->ia_gid
);
1745 if (ivalid
& ATTR_SIZE
)
1746 arg
->valid
|= FATTR_SIZE
, arg
->size
= iattr
->ia_size
;
1747 if (ivalid
& ATTR_ATIME
) {
1748 arg
->valid
|= FATTR_ATIME
;
1749 arg
->atime
= iattr
->ia_atime
.tv_sec
;
1750 arg
->atimensec
= iattr
->ia_atime
.tv_nsec
;
1751 if (!(ivalid
& ATTR_ATIME_SET
))
1752 arg
->valid
|= FATTR_ATIME_NOW
;
1754 if ((ivalid
& ATTR_MTIME
) && update_mtime(ivalid
, trust_local_cmtime
)) {
1755 arg
->valid
|= FATTR_MTIME
;
1756 arg
->mtime
= iattr
->ia_mtime
.tv_sec
;
1757 arg
->mtimensec
= iattr
->ia_mtime
.tv_nsec
;
1758 if (!(ivalid
& ATTR_MTIME_SET
) && !trust_local_cmtime
)
1759 arg
->valid
|= FATTR_MTIME_NOW
;
1761 if ((ivalid
& ATTR_CTIME
) && trust_local_cmtime
) {
1762 arg
->valid
|= FATTR_CTIME
;
1763 arg
->ctime
= iattr
->ia_ctime
.tv_sec
;
1764 arg
->ctimensec
= iattr
->ia_ctime
.tv_nsec
;
1769 * Prevent concurrent writepages on inode
1771 * This is done by adding a negative bias to the inode write counter
1772 * and waiting for all pending writes to finish.
1774 void fuse_set_nowrite(struct inode
*inode
)
1776 struct fuse_inode
*fi
= get_fuse_inode(inode
);
1778 BUG_ON(!inode_is_locked(inode
));
1780 spin_lock(&fi
->lock
);
1781 BUG_ON(fi
->writectr
< 0);
1782 fi
->writectr
+= FUSE_NOWRITE
;
1783 spin_unlock(&fi
->lock
);
1784 wait_event(fi
->page_waitq
, fi
->writectr
== FUSE_NOWRITE
);
1788 * Allow writepages on inode
1790 * Remove the bias from the writecounter and send any queued
1793 static void __fuse_release_nowrite(struct inode
*inode
)
1795 struct fuse_inode
*fi
= get_fuse_inode(inode
);
1797 BUG_ON(fi
->writectr
!= FUSE_NOWRITE
);
1799 fuse_flush_writepages(inode
);
1802 void fuse_release_nowrite(struct inode
*inode
)
1804 struct fuse_inode
*fi
= get_fuse_inode(inode
);
1806 spin_lock(&fi
->lock
);
1807 __fuse_release_nowrite(inode
);
1808 spin_unlock(&fi
->lock
);
1811 static void fuse_setattr_fill(struct fuse_conn
*fc
, struct fuse_args
*args
,
1812 struct inode
*inode
,
1813 struct fuse_setattr_in
*inarg_p
,
1814 struct fuse_attr_out
*outarg_p
)
1816 args
->opcode
= FUSE_SETATTR
;
1817 args
->nodeid
= get_node_id(inode
);
1818 args
->in_numargs
= 1;
1819 args
->in_args
[0].size
= sizeof(*inarg_p
);
1820 args
->in_args
[0].value
= inarg_p
;
1821 args
->out_numargs
= 1;
1822 args
->out_args
[0].size
= sizeof(*outarg_p
);
1823 args
->out_args
[0].value
= outarg_p
;
1827 * Flush inode->i_mtime to the server
1829 int fuse_flush_times(struct inode
*inode
, struct fuse_file
*ff
)
1831 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1833 struct fuse_setattr_in inarg
;
1834 struct fuse_attr_out outarg
;
1836 memset(&inarg
, 0, sizeof(inarg
));
1837 memset(&outarg
, 0, sizeof(outarg
));
1839 inarg
.valid
= FATTR_MTIME
;
1840 inarg
.mtime
= inode_get_mtime_sec(inode
);
1841 inarg
.mtimensec
= inode_get_mtime_nsec(inode
);
1842 if (fm
->fc
->minor
>= 23) {
1843 inarg
.valid
|= FATTR_CTIME
;
1844 inarg
.ctime
= inode_get_ctime_sec(inode
);
1845 inarg
.ctimensec
= inode_get_ctime_nsec(inode
);
1848 inarg
.valid
|= FATTR_FH
;
1851 fuse_setattr_fill(fm
->fc
, &args
, inode
, &inarg
, &outarg
);
1853 return fuse_simple_request(fm
, &args
);
1857 * Set attributes, and at the same time refresh them.
1859 * Truncation is slightly complicated, because the 'truncate' request
1860 * may fail, in which case we don't want to touch the mapping.
1861 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1862 * and the actual truncation by hand.
1864 int fuse_do_setattr(struct dentry
*dentry
, struct iattr
*attr
,
1867 struct inode
*inode
= d_inode(dentry
);
1868 struct fuse_mount
*fm
= get_fuse_mount(inode
);
1869 struct fuse_conn
*fc
= fm
->fc
;
1870 struct fuse_inode
*fi
= get_fuse_inode(inode
);
1871 struct address_space
*mapping
= inode
->i_mapping
;
1873 struct fuse_setattr_in inarg
;
1874 struct fuse_attr_out outarg
;
1875 bool is_truncate
= false;
1876 bool is_wb
= fc
->writeback_cache
&& S_ISREG(inode
->i_mode
);
1879 bool trust_local_cmtime
= is_wb
;
1880 bool fault_blocked
= false;
1882 if (!fc
->default_permissions
)
1883 attr
->ia_valid
|= ATTR_FORCE
;
1885 err
= setattr_prepare(&nop_mnt_idmap
, dentry
, attr
);
1889 if (attr
->ia_valid
& ATTR_SIZE
) {
1890 if (WARN_ON(!S_ISREG(inode
->i_mode
)))
1895 if (FUSE_IS_DAX(inode
) && is_truncate
) {
1896 filemap_invalidate_lock(mapping
);
1897 fault_blocked
= true;
1898 err
= fuse_dax_break_layouts(inode
, 0, 0);
1900 filemap_invalidate_unlock(mapping
);
1905 if (attr
->ia_valid
& ATTR_OPEN
) {
1906 /* This is coming from open(..., ... | O_TRUNC); */
1907 WARN_ON(!(attr
->ia_valid
& ATTR_SIZE
));
1908 WARN_ON(attr
->ia_size
!= 0);
1909 if (fc
->atomic_o_trunc
) {
1911 * No need to send request to userspace, since actual
1912 * truncation has already been done by OPEN. But still
1913 * need to truncate page cache.
1915 i_size_write(inode
, 0);
1916 truncate_pagecache(inode
, 0);
1922 /* Flush dirty data/metadata before non-truncate SETATTR */
1925 (ATTR_MODE
| ATTR_UID
| ATTR_GID
| ATTR_MTIME_SET
|
1927 err
= write_inode_now(inode
, true);
1931 fuse_set_nowrite(inode
);
1932 fuse_release_nowrite(inode
);
1936 fuse_set_nowrite(inode
);
1937 set_bit(FUSE_I_SIZE_UNSTABLE
, &fi
->state
);
1938 if (trust_local_cmtime
&& attr
->ia_size
!= inode
->i_size
)
1939 attr
->ia_valid
|= ATTR_MTIME
| ATTR_CTIME
;
1942 memset(&inarg
, 0, sizeof(inarg
));
1943 memset(&outarg
, 0, sizeof(outarg
));
1944 iattr_to_fattr(fc
, attr
, &inarg
, trust_local_cmtime
);
1946 struct fuse_file
*ff
= file
->private_data
;
1947 inarg
.valid
|= FATTR_FH
;
1951 /* Kill suid/sgid for non-directory chown unconditionally */
1952 if (fc
->handle_killpriv_v2
&& !S_ISDIR(inode
->i_mode
) &&
1953 attr
->ia_valid
& (ATTR_UID
| ATTR_GID
))
1954 inarg
.valid
|= FATTR_KILL_SUIDGID
;
1956 if (attr
->ia_valid
& ATTR_SIZE
) {
1957 /* For mandatory locking in truncate */
1958 inarg
.valid
|= FATTR_LOCKOWNER
;
1959 inarg
.lock_owner
= fuse_lock_owner_id(fc
, current
->files
);
1961 /* Kill suid/sgid for truncate only if no CAP_FSETID */
1962 if (fc
->handle_killpriv_v2
&& !capable(CAP_FSETID
))
1963 inarg
.valid
|= FATTR_KILL_SUIDGID
;
1965 fuse_setattr_fill(fc
, &args
, inode
, &inarg
, &outarg
);
1966 err
= fuse_simple_request(fm
, &args
);
1969 fuse_invalidate_attr(inode
);
1973 if (fuse_invalid_attr(&outarg
.attr
) ||
1974 inode_wrong_type(inode
, outarg
.attr
.mode
)) {
1975 fuse_make_bad(inode
);
1980 spin_lock(&fi
->lock
);
1981 /* the kernel maintains i_mtime locally */
1982 if (trust_local_cmtime
) {
1983 if (attr
->ia_valid
& ATTR_MTIME
)
1984 inode_set_mtime_to_ts(inode
, attr
->ia_mtime
);
1985 if (attr
->ia_valid
& ATTR_CTIME
)
1986 inode_set_ctime_to_ts(inode
, attr
->ia_ctime
);
1987 /* FIXME: clear I_DIRTY_SYNC? */
1990 fuse_change_attributes_common(inode
, &outarg
.attr
, NULL
,
1991 ATTR_TIMEOUT(&outarg
),
1992 fuse_get_cache_mask(inode
));
1993 oldsize
= inode
->i_size
;
1994 /* see the comment in fuse_change_attributes() */
1995 if (!is_wb
|| is_truncate
)
1996 i_size_write(inode
, outarg
.attr
.size
);
1999 /* NOTE: this may release/reacquire fi->lock */
2000 __fuse_release_nowrite(inode
);
2002 spin_unlock(&fi
->lock
);
2005 * Only call invalidate_inode_pages2() after removing
2006 * FUSE_NOWRITE, otherwise fuse_launder_folio() would deadlock.
2008 if ((is_truncate
|| !is_wb
) &&
2009 S_ISREG(inode
->i_mode
) && oldsize
!= outarg
.attr
.size
) {
2010 truncate_pagecache(inode
, outarg
.attr
.size
);
2011 invalidate_inode_pages2(mapping
);
2014 clear_bit(FUSE_I_SIZE_UNSTABLE
, &fi
->state
);
2017 filemap_invalidate_unlock(mapping
);
2023 fuse_release_nowrite(inode
);
2025 clear_bit(FUSE_I_SIZE_UNSTABLE
, &fi
->state
);
2028 filemap_invalidate_unlock(mapping
);
2032 static int fuse_setattr(struct mnt_idmap
*idmap
, struct dentry
*entry
,
2035 struct inode
*inode
= d_inode(entry
);
2036 struct fuse_conn
*fc
= get_fuse_conn(inode
);
2037 struct file
*file
= (attr
->ia_valid
& ATTR_FILE
) ? attr
->ia_file
: NULL
;
2040 if (fuse_is_bad(inode
))
2043 if (!fuse_allow_current_process(get_fuse_conn(inode
)))
2046 if (attr
->ia_valid
& (ATTR_KILL_SUID
| ATTR_KILL_SGID
)) {
2047 attr
->ia_valid
&= ~(ATTR_KILL_SUID
| ATTR_KILL_SGID
|
2051 * The only sane way to reliably kill suid/sgid is to do it in
2052 * the userspace filesystem
2054 * This should be done on write(), truncate() and chown().
2056 if (!fc
->handle_killpriv
&& !fc
->handle_killpriv_v2
) {
2058 * ia_mode calculation may have used stale i_mode.
2059 * Refresh and recalculate.
2061 ret
= fuse_do_getattr(inode
, NULL
, file
);
2065 attr
->ia_mode
= inode
->i_mode
;
2066 if (inode
->i_mode
& S_ISUID
) {
2067 attr
->ia_valid
|= ATTR_MODE
;
2068 attr
->ia_mode
&= ~S_ISUID
;
2070 if ((inode
->i_mode
& (S_ISGID
| S_IXGRP
)) == (S_ISGID
| S_IXGRP
)) {
2071 attr
->ia_valid
|= ATTR_MODE
;
2072 attr
->ia_mode
&= ~S_ISGID
;
2076 if (!attr
->ia_valid
)
2079 ret
= fuse_do_setattr(entry
, attr
, file
);
2082 * If filesystem supports acls it may have updated acl xattrs in
2083 * the filesystem, so forget cached acls for the inode.
2086 forget_all_cached_acls(inode
);
2088 /* Directory mode changed, may need to revalidate access */
2089 if (d_is_dir(entry
) && (attr
->ia_valid
& ATTR_MODE
))
2090 fuse_invalidate_entry_cache(entry
);
2095 static int fuse_getattr(struct mnt_idmap
*idmap
,
2096 const struct path
*path
, struct kstat
*stat
,
2097 u32 request_mask
, unsigned int flags
)
2099 struct inode
*inode
= d_inode(path
->dentry
);
2100 struct fuse_conn
*fc
= get_fuse_conn(inode
);
2102 if (fuse_is_bad(inode
))
2105 if (!fuse_allow_current_process(fc
)) {
2106 if (!request_mask
) {
2108 * If user explicitly requested *nothing* then don't
2109 * error out, but return st_dev only.
2111 stat
->result_mask
= 0;
2112 stat
->dev
= inode
->i_sb
->s_dev
;
2118 return fuse_update_get_attr(inode
, NULL
, stat
, request_mask
, flags
);
2121 static const struct inode_operations fuse_dir_inode_operations
= {
2122 .lookup
= fuse_lookup
,
2123 .mkdir
= fuse_mkdir
,
2124 .symlink
= fuse_symlink
,
2125 .unlink
= fuse_unlink
,
2126 .rmdir
= fuse_rmdir
,
2127 .rename
= fuse_rename2
,
2129 .setattr
= fuse_setattr
,
2130 .create
= fuse_create
,
2131 .atomic_open
= fuse_atomic_open
,
2132 .tmpfile
= fuse_tmpfile
,
2133 .mknod
= fuse_mknod
,
2134 .permission
= fuse_permission
,
2135 .getattr
= fuse_getattr
,
2136 .listxattr
= fuse_listxattr
,
2137 .get_inode_acl
= fuse_get_inode_acl
,
2138 .get_acl
= fuse_get_acl
,
2139 .set_acl
= fuse_set_acl
,
2140 .fileattr_get
= fuse_fileattr_get
,
2141 .fileattr_set
= fuse_fileattr_set
,
2144 static const struct file_operations fuse_dir_operations
= {
2145 .llseek
= generic_file_llseek
,
2146 .read
= generic_read_dir
,
2147 .iterate_shared
= fuse_readdir
,
2148 .open
= fuse_dir_open
,
2149 .release
= fuse_dir_release
,
2150 .fsync
= fuse_dir_fsync
,
2151 .unlocked_ioctl
= fuse_dir_ioctl
,
2152 .compat_ioctl
= fuse_dir_compat_ioctl
,
2155 static const struct inode_operations fuse_common_inode_operations
= {
2156 .setattr
= fuse_setattr
,
2157 .permission
= fuse_permission
,
2158 .getattr
= fuse_getattr
,
2159 .listxattr
= fuse_listxattr
,
2160 .get_inode_acl
= fuse_get_inode_acl
,
2161 .get_acl
= fuse_get_acl
,
2162 .set_acl
= fuse_set_acl
,
2163 .fileattr_get
= fuse_fileattr_get
,
2164 .fileattr_set
= fuse_fileattr_set
,
2167 static const struct inode_operations fuse_symlink_inode_operations
= {
2168 .setattr
= fuse_setattr
,
2169 .get_link
= fuse_get_link
,
2170 .getattr
= fuse_getattr
,
2171 .listxattr
= fuse_listxattr
,
2174 void fuse_init_common(struct inode
*inode
)
2176 inode
->i_op
= &fuse_common_inode_operations
;
2179 void fuse_init_dir(struct inode
*inode
)
2181 struct fuse_inode
*fi
= get_fuse_inode(inode
);
2183 inode
->i_op
= &fuse_dir_inode_operations
;
2184 inode
->i_fop
= &fuse_dir_operations
;
2186 spin_lock_init(&fi
->rdc
.lock
);
2187 fi
->rdc
.cached
= false;
2190 fi
->rdc
.version
= 0;
2193 static int fuse_symlink_read_folio(struct file
*null
, struct folio
*folio
)
2195 int err
= fuse_readlink_page(folio
->mapping
->host
, &folio
->page
);
2198 folio_mark_uptodate(folio
);
2200 folio_unlock(folio
);
2205 static const struct address_space_operations fuse_symlink_aops
= {
2206 .read_folio
= fuse_symlink_read_folio
,
2209 void fuse_init_symlink(struct inode
*inode
)
2211 inode
->i_op
= &fuse_symlink_inode_operations
;
2212 inode
->i_data
.a_ops
= &fuse_symlink_aops
;
2213 inode_nohighmem(inode
);