2 FUSE: Filesystem in Userspace
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/fs_context.h>
14 #include <linux/moduleparam.h>
15 #include <linux/sched.h>
16 #include <linux/namei.h>
17 #include <linux/slab.h>
18 #include <linux/xattr.h>
19 #include <linux/iversion.h>
20 #include <linux/posix_acl.h>
21 #include <linux/security.h>
22 #include <linux/types.h>
23 #include <linux/kernel.h>
25 static bool __read_mostly allow_sys_admin_access;
26 module_param(allow_sys_admin_access, bool, 0644);
27 MODULE_PARM_DESC(allow_sys_admin_access,
28 "Allow users with CAP_SYS_ADMIN in initial userns to bypass allow_other access check");
30 static void fuse_advise_use_readdirplus(struct inode *dir)
32 struct fuse_inode *fi = get_fuse_inode(dir);
34 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
37 #if BITS_PER_LONG >= 64
38 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
40 entry->d_fsdata = (void *) time;
43 static inline u64 fuse_dentry_time(const struct dentry *entry)
45 return (u64)entry->d_fsdata;
54 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
56 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
59 static inline u64 fuse_dentry_time(const struct dentry *entry)
61 return ((union fuse_dentry *) entry->d_fsdata)->time;
65 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
67 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
68 bool delete = !time && fc->delete_stale;
70 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
71 * Don't care about races, either way it's just an optimization
73 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
74 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
75 spin_lock(&dentry->d_lock);
77 dentry->d_flags &= ~DCACHE_OP_DELETE;
79 dentry->d_flags |= DCACHE_OP_DELETE;
80 spin_unlock(&dentry->d_lock);
83 __fuse_dentry_settime(dentry, time);
87 * FUSE caches dentries and attributes with separate timeout. The
88 * time in jiffies until the dentry/attributes are valid is stored in
89 * dentry->d_fsdata and fuse_inode->i_time respectively.
93 * Calculate the time in jiffies until a dentry/attributes are valid
95 u64 fuse_time_to_jiffies(u64 sec, u32 nsec)
98 struct timespec64 ts = {
100 min_t(u32, nsec, NSEC_PER_SEC - 1)
103 return get_jiffies_64() + timespec64_to_jiffies(&ts);
109 * Set dentry and possibly attribute timeouts from the lookup/mk*
112 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
114 fuse_dentry_settime(entry,
115 fuse_time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
118 void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
120 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
124 * Mark the attributes as stale, so that at the next call to
125 * ->getattr() they will be fetched from userspace
127 void fuse_invalidate_attr(struct inode *inode)
129 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
132 static void fuse_dir_changed(struct inode *dir)
134 fuse_invalidate_attr(dir);
135 inode_maybe_inc_iversion(dir, false);
139 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
142 void fuse_invalidate_atime(struct inode *inode)
144 if (!IS_RDONLY(inode))
145 fuse_invalidate_attr_mask(inode, STATX_ATIME);
149 * Just mark the entry as stale, so that a next attempt to look it up
150 * will result in a new lookup call to userspace
152 * This is called when a dentry is about to become negative and the
153 * timeout is unknown (unlink, rmdir, rename and in some cases
156 void fuse_invalidate_entry_cache(struct dentry *entry)
158 fuse_dentry_settime(entry, 0);
162 * Same as fuse_invalidate_entry_cache(), but also try to remove the
163 * dentry from the hash
165 static void fuse_invalidate_entry(struct dentry *entry)
168 fuse_invalidate_entry_cache(entry);
171 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
172 u64 nodeid, const struct qstr *name,
173 struct fuse_entry_out *outarg)
175 memset(outarg, 0, sizeof(struct fuse_entry_out));
176 args->opcode = FUSE_LOOKUP;
177 args->nodeid = nodeid;
178 args->in_numargs = 1;
179 args->in_args[0].size = name->len + 1;
180 args->in_args[0].value = name->name;
181 args->out_numargs = 1;
182 args->out_args[0].size = sizeof(struct fuse_entry_out);
183 args->out_args[0].value = outarg;
187 * Check whether the dentry is still valid
189 * If the entry validity timeout has expired and the dentry is
190 * positive, try to redo the lookup. If the lookup results in a
191 * different inode, then let the VFS invalidate the dentry and redo
192 * the lookup once more. If the lookup results in the same inode,
193 * then refresh the attributes, timeouts and mark the dentry valid.
195 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
198 struct dentry *parent;
199 struct fuse_mount *fm;
200 struct fuse_inode *fi;
203 inode = d_inode_rcu(entry);
204 if (inode && fuse_is_bad(inode))
206 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
207 (flags & (LOOKUP_EXCL | LOOKUP_REVAL | LOOKUP_RENAME_TARGET))) {
208 struct fuse_entry_out outarg;
210 struct fuse_forget_link *forget;
213 /* For negative dentries, always do a fresh lookup */
218 if (flags & LOOKUP_RCU)
221 fm = get_fuse_mount(inode);
223 forget = fuse_alloc_forget();
228 attr_version = fuse_get_attr_version(fm->fc);
230 parent = dget_parent(entry);
231 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
232 &entry->d_name, &outarg);
233 ret = fuse_simple_request(fm, &args);
235 /* Zero nodeid is same as -ENOENT */
236 if (!ret && !outarg.nodeid)
239 fi = get_fuse_inode(inode);
240 if (outarg.nodeid != get_node_id(inode) ||
241 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
242 fuse_queue_forget(fm->fc, forget,
246 spin_lock(&fi->lock);
248 spin_unlock(&fi->lock);
251 if (ret == -ENOMEM || ret == -EINTR)
253 if (ret || fuse_invalid_attr(&outarg.attr) ||
254 fuse_stale_inode(inode, outarg.generation, &outarg.attr))
257 forget_all_cached_acls(inode);
258 fuse_change_attributes(inode, &outarg.attr, NULL,
259 ATTR_TIMEOUT(&outarg),
261 fuse_change_entry_timeout(entry, &outarg);
263 fi = get_fuse_inode(inode);
264 if (flags & LOOKUP_RCU) {
265 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
267 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
268 parent = dget_parent(entry);
269 fuse_advise_use_readdirplus(d_inode(parent));
282 #if BITS_PER_LONG < 64
283 static int fuse_dentry_init(struct dentry *dentry)
285 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
286 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
288 return dentry->d_fsdata ? 0 : -ENOMEM;
290 static void fuse_dentry_release(struct dentry *dentry)
292 union fuse_dentry *fd = dentry->d_fsdata;
298 static int fuse_dentry_delete(const struct dentry *dentry)
300 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
304 * Create a fuse_mount object with a new superblock (with path->dentry
305 * as the root), and return that mount so it can be auto-mounted on
308 static struct vfsmount *fuse_dentry_automount(struct path *path)
310 struct fs_context *fsc;
311 struct vfsmount *mnt;
312 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
314 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
316 return ERR_CAST(fsc);
318 /* Pass the FUSE inode of the mount for fuse_get_tree_submount() */
319 fsc->fs_private = mp_fi;
321 /* Create the submount */
330 const struct dentry_operations fuse_dentry_operations = {
331 .d_revalidate = fuse_dentry_revalidate,
332 .d_delete = fuse_dentry_delete,
333 #if BITS_PER_LONG < 64
334 .d_init = fuse_dentry_init,
335 .d_release = fuse_dentry_release,
337 .d_automount = fuse_dentry_automount,
340 const struct dentry_operations fuse_root_dentry_operations = {
341 #if BITS_PER_LONG < 64
342 .d_init = fuse_dentry_init,
343 .d_release = fuse_dentry_release,
347 int fuse_valid_type(int m)
349 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
350 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
353 static bool fuse_valid_size(u64 size)
355 return size <= LLONG_MAX;
358 bool fuse_invalid_attr(struct fuse_attr *attr)
360 return !fuse_valid_type(attr->mode) || !fuse_valid_size(attr->size);
363 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
364 struct fuse_entry_out *outarg, struct inode **inode)
366 struct fuse_mount *fm = get_fuse_mount_super(sb);
368 struct fuse_forget_link *forget;
374 if (name->len > FUSE_NAME_MAX)
378 forget = fuse_alloc_forget();
383 attr_version = fuse_get_attr_version(fm->fc);
385 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg);
386 err = fuse_simple_request(fm, &args);
387 /* Zero nodeid is same as -ENOENT, but with valid timeout */
388 if (err || !outarg->nodeid)
392 if (fuse_invalid_attr(&outarg->attr))
395 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
396 &outarg->attr, ATTR_TIMEOUT(outarg),
400 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
411 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
415 struct fuse_entry_out outarg;
417 struct dentry *newent;
418 bool outarg_valid = true;
421 if (fuse_is_bad(dir))
422 return ERR_PTR(-EIO);
424 locked = fuse_lock_inode(dir);
425 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
427 fuse_unlock_inode(dir, locked);
428 if (err == -ENOENT) {
429 outarg_valid = false;
436 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
439 newent = d_splice_alias(inode, entry);
440 err = PTR_ERR(newent);
444 entry = newent ? newent : entry;
446 fuse_change_entry_timeout(entry, &outarg);
448 fuse_invalidate_entry_cache(entry);
451 fuse_advise_use_readdirplus(dir);
460 static int get_security_context(struct dentry *entry, umode_t mode,
461 struct fuse_in_arg *ext)
463 struct fuse_secctx *fctx;
464 struct fuse_secctx_header *header;
465 void *ctx = NULL, *ptr;
466 u32 ctxlen, total_len = sizeof(*header);
471 err = security_dentry_init_security(entry, mode, &entry->d_name,
472 &name, &ctx, &ctxlen);
474 if (err != -EOPNOTSUPP)
476 /* No LSM is supporting this security hook. Ignore error */
483 namelen = strlen(name) + 1;
485 if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || ctxlen > S32_MAX))
487 total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + ctxlen);
491 header = ptr = kzalloc(total_len, GFP_KERNEL);
495 header->nr_secctx = nr_ctx;
496 header->size = total_len;
497 ptr += sizeof(*header);
501 ptr += sizeof(*fctx);
506 memcpy(ptr, ctx, ctxlen);
508 ext->size = total_len;
516 static void *extend_arg(struct fuse_in_arg *buf, u32 bytes)
519 u32 newlen = buf->size + bytes;
521 p = krealloc(buf->value, newlen, GFP_KERNEL);
529 memset(p + buf->size, 0, bytes);
533 return p + newlen - bytes;
536 static u32 fuse_ext_size(size_t size)
538 return FUSE_REC_ALIGN(sizeof(struct fuse_ext_header) + size);
542 * This adds just a single supplementary group that matches the parent's group.
544 static int get_create_supp_group(struct inode *dir, struct fuse_in_arg *ext)
546 struct fuse_conn *fc = get_fuse_conn(dir);
547 struct fuse_ext_header *xh;
548 struct fuse_supp_groups *sg;
549 kgid_t kgid = dir->i_gid;
550 gid_t parent_gid = from_kgid(fc->user_ns, kgid);
551 u32 sg_len = fuse_ext_size(sizeof(*sg) + sizeof(sg->groups[0]));
553 if (parent_gid == (gid_t) -1 || gid_eq(kgid, current_fsgid()) ||
557 xh = extend_arg(ext, sg_len);
562 xh->type = FUSE_EXT_GROUPS;
564 sg = (struct fuse_supp_groups *) &xh[1];
566 sg->groups[0] = parent_gid;
571 static int get_create_ext(struct fuse_args *args,
572 struct inode *dir, struct dentry *dentry,
575 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
576 struct fuse_in_arg ext = { .size = 0, .value = NULL };
579 if (fc->init_security)
580 err = get_security_context(dentry, mode, &ext);
581 if (!err && fc->create_supp_group)
582 err = get_create_supp_group(dir, &ext);
584 if (!err && ext.size) {
585 WARN_ON(args->in_numargs >= ARRAY_SIZE(args->in_args));
587 args->ext_idx = args->in_numargs++;
588 args->in_args[args->ext_idx] = ext;
596 static void free_ext_value(struct fuse_args *args)
599 kfree(args->in_args[args->ext_idx].value);
603 * Atomic create+open operation
605 * If the filesystem doesn't support this, then fall back to separate
606 * 'mknod' + 'open' requests.
608 static int fuse_create_open(struct inode *dir, struct dentry *entry,
609 struct file *file, unsigned int flags,
610 umode_t mode, u32 opcode)
614 struct fuse_mount *fm = get_fuse_mount(dir);
616 struct fuse_forget_link *forget;
617 struct fuse_create_in inarg;
618 struct fuse_open_out outopen;
619 struct fuse_entry_out outentry;
620 struct fuse_inode *fi;
621 struct fuse_file *ff;
622 bool trunc = flags & O_TRUNC;
624 /* Userspace expects S_IFREG in create mode */
625 BUG_ON((mode & S_IFMT) != S_IFREG);
627 forget = fuse_alloc_forget();
633 ff = fuse_file_alloc(fm);
635 goto out_put_forget_req;
637 if (!fm->fc->dont_mask)
638 mode &= ~current_umask();
641 memset(&inarg, 0, sizeof(inarg));
642 memset(&outentry, 0, sizeof(outentry));
645 inarg.umask = current_umask();
647 if (fm->fc->handle_killpriv_v2 && trunc &&
648 !(flags & O_EXCL) && !capable(CAP_FSETID)) {
649 inarg.open_flags |= FUSE_OPEN_KILL_SUIDGID;
652 args.opcode = opcode;
653 args.nodeid = get_node_id(dir);
655 args.in_args[0].size = sizeof(inarg);
656 args.in_args[0].value = &inarg;
657 args.in_args[1].size = entry->d_name.len + 1;
658 args.in_args[1].value = entry->d_name.name;
659 args.out_numargs = 2;
660 args.out_args[0].size = sizeof(outentry);
661 args.out_args[0].value = &outentry;
662 args.out_args[1].size = sizeof(outopen);
663 args.out_args[1].value = &outopen;
665 err = get_create_ext(&args, dir, entry, mode);
667 goto out_put_forget_req;
669 err = fuse_simple_request(fm, &args);
670 free_ext_value(&args);
675 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
676 fuse_invalid_attr(&outentry.attr))
680 ff->nodeid = outentry.nodeid;
681 ff->open_flags = outopen.open_flags;
682 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
683 &outentry.attr, ATTR_TIMEOUT(&outentry), 0);
685 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
686 fuse_sync_release(NULL, ff, flags);
687 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
692 d_instantiate(entry, inode);
693 fuse_change_entry_timeout(entry, &outentry);
694 fuse_dir_changed(dir);
695 err = finish_open(file, entry, generic_file_open);
697 fi = get_fuse_inode(inode);
698 fuse_sync_release(fi, ff, flags);
700 file->private_data = ff;
701 fuse_finish_open(inode, file);
702 if (fm->fc->atomic_o_trunc && trunc)
703 truncate_pagecache(inode, 0);
704 else if (!(ff->open_flags & FOPEN_KEEP_CACHE))
705 invalidate_inode_pages2(inode->i_mapping);
717 static int fuse_mknod(struct mnt_idmap *, struct inode *, struct dentry *,
719 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
720 struct file *file, unsigned flags,
724 struct fuse_conn *fc = get_fuse_conn(dir);
725 struct dentry *res = NULL;
727 if (fuse_is_bad(dir))
730 if (d_in_lookup(entry)) {
731 res = fuse_lookup(dir, entry, 0);
739 if (!(flags & O_CREAT) || d_really_is_positive(entry))
743 file->f_mode |= FMODE_CREATED;
748 err = fuse_create_open(dir, entry, file, flags, mode, FUSE_CREATE);
749 if (err == -ENOSYS) {
752 } else if (err == -EEXIST)
753 fuse_invalidate_entry(entry);
759 err = fuse_mknod(&nop_mnt_idmap, dir, entry, mode, 0);
763 return finish_no_open(file, res);
767 * Code shared between mknod, mkdir, symlink and link
769 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args,
770 struct inode *dir, struct dentry *entry,
773 struct fuse_entry_out outarg;
777 struct fuse_forget_link *forget;
779 if (fuse_is_bad(dir))
782 forget = fuse_alloc_forget();
786 memset(&outarg, 0, sizeof(outarg));
787 args->nodeid = get_node_id(dir);
788 args->out_numargs = 1;
789 args->out_args[0].size = sizeof(outarg);
790 args->out_args[0].value = &outarg;
792 if (args->opcode != FUSE_LINK) {
793 err = get_create_ext(args, dir, entry, mode);
795 goto out_put_forget_req;
798 err = fuse_simple_request(fm, args);
799 free_ext_value(args);
801 goto out_put_forget_req;
804 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
805 goto out_put_forget_req;
807 if ((outarg.attr.mode ^ mode) & S_IFMT)
808 goto out_put_forget_req;
810 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
811 &outarg.attr, ATTR_TIMEOUT(&outarg), 0);
813 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
819 d = d_splice_alias(inode, entry);
824 fuse_change_entry_timeout(d, &outarg);
827 fuse_change_entry_timeout(entry, &outarg);
829 fuse_dir_changed(dir);
834 fuse_invalidate_entry(entry);
839 static int fuse_mknod(struct mnt_idmap *idmap, struct inode *dir,
840 struct dentry *entry, umode_t mode, dev_t rdev)
842 struct fuse_mknod_in inarg;
843 struct fuse_mount *fm = get_fuse_mount(dir);
846 if (!fm->fc->dont_mask)
847 mode &= ~current_umask();
849 memset(&inarg, 0, sizeof(inarg));
851 inarg.rdev = new_encode_dev(rdev);
852 inarg.umask = current_umask();
853 args.opcode = FUSE_MKNOD;
855 args.in_args[0].size = sizeof(inarg);
856 args.in_args[0].value = &inarg;
857 args.in_args[1].size = entry->d_name.len + 1;
858 args.in_args[1].value = entry->d_name.name;
859 return create_new_entry(fm, &args, dir, entry, mode);
862 static int fuse_create(struct mnt_idmap *idmap, struct inode *dir,
863 struct dentry *entry, umode_t mode, bool excl)
865 return fuse_mknod(&nop_mnt_idmap, dir, entry, mode, 0);
868 static int fuse_tmpfile(struct mnt_idmap *idmap, struct inode *dir,
869 struct file *file, umode_t mode)
871 struct fuse_conn *fc = get_fuse_conn(dir);
877 err = fuse_create_open(dir, file->f_path.dentry, file, file->f_flags, mode, FUSE_TMPFILE);
878 if (err == -ENOSYS) {
885 static int fuse_mkdir(struct mnt_idmap *idmap, struct inode *dir,
886 struct dentry *entry, umode_t mode)
888 struct fuse_mkdir_in inarg;
889 struct fuse_mount *fm = get_fuse_mount(dir);
892 if (!fm->fc->dont_mask)
893 mode &= ~current_umask();
895 memset(&inarg, 0, sizeof(inarg));
897 inarg.umask = current_umask();
898 args.opcode = FUSE_MKDIR;
900 args.in_args[0].size = sizeof(inarg);
901 args.in_args[0].value = &inarg;
902 args.in_args[1].size = entry->d_name.len + 1;
903 args.in_args[1].value = entry->d_name.name;
904 return create_new_entry(fm, &args, dir, entry, S_IFDIR);
907 static int fuse_symlink(struct mnt_idmap *idmap, struct inode *dir,
908 struct dentry *entry, const char *link)
910 struct fuse_mount *fm = get_fuse_mount(dir);
911 unsigned len = strlen(link) + 1;
914 args.opcode = FUSE_SYMLINK;
916 args.in_args[0].size = entry->d_name.len + 1;
917 args.in_args[0].value = entry->d_name.name;
918 args.in_args[1].size = len;
919 args.in_args[1].value = link;
920 return create_new_entry(fm, &args, dir, entry, S_IFLNK);
923 void fuse_flush_time_update(struct inode *inode)
925 int err = sync_inode_metadata(inode, 1);
927 mapping_set_error(inode->i_mapping, err);
930 static void fuse_update_ctime_in_cache(struct inode *inode)
932 if (!IS_NOCMTIME(inode)) {
933 inode_set_ctime_current(inode);
934 mark_inode_dirty_sync(inode);
935 fuse_flush_time_update(inode);
939 void fuse_update_ctime(struct inode *inode)
941 fuse_invalidate_attr_mask(inode, STATX_CTIME);
942 fuse_update_ctime_in_cache(inode);
945 static void fuse_entry_unlinked(struct dentry *entry)
947 struct inode *inode = d_inode(entry);
948 struct fuse_conn *fc = get_fuse_conn(inode);
949 struct fuse_inode *fi = get_fuse_inode(inode);
951 spin_lock(&fi->lock);
952 fi->attr_version = atomic64_inc_return(&fc->attr_version);
954 * If i_nlink == 0 then unlink doesn't make sense, yet this can
955 * happen if userspace filesystem is careless. It would be
956 * difficult to enforce correct nlink usage so just ignore this
959 if (S_ISDIR(inode->i_mode))
961 else if (inode->i_nlink > 0)
963 spin_unlock(&fi->lock);
964 fuse_invalidate_entry_cache(entry);
965 fuse_update_ctime(inode);
968 static int fuse_unlink(struct inode *dir, struct dentry *entry)
971 struct fuse_mount *fm = get_fuse_mount(dir);
974 if (fuse_is_bad(dir))
977 args.opcode = FUSE_UNLINK;
978 args.nodeid = get_node_id(dir);
980 args.in_args[0].size = entry->d_name.len + 1;
981 args.in_args[0].value = entry->d_name.name;
982 err = fuse_simple_request(fm, &args);
984 fuse_dir_changed(dir);
985 fuse_entry_unlinked(entry);
986 } else if (err == -EINTR || err == -ENOENT)
987 fuse_invalidate_entry(entry);
991 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
994 struct fuse_mount *fm = get_fuse_mount(dir);
997 if (fuse_is_bad(dir))
1000 args.opcode = FUSE_RMDIR;
1001 args.nodeid = get_node_id(dir);
1002 args.in_numargs = 1;
1003 args.in_args[0].size = entry->d_name.len + 1;
1004 args.in_args[0].value = entry->d_name.name;
1005 err = fuse_simple_request(fm, &args);
1007 fuse_dir_changed(dir);
1008 fuse_entry_unlinked(entry);
1009 } else if (err == -EINTR || err == -ENOENT)
1010 fuse_invalidate_entry(entry);
1014 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
1015 struct inode *newdir, struct dentry *newent,
1016 unsigned int flags, int opcode, size_t argsize)
1019 struct fuse_rename2_in inarg;
1020 struct fuse_mount *fm = get_fuse_mount(olddir);
1023 memset(&inarg, 0, argsize);
1024 inarg.newdir = get_node_id(newdir);
1025 inarg.flags = flags;
1026 args.opcode = opcode;
1027 args.nodeid = get_node_id(olddir);
1028 args.in_numargs = 3;
1029 args.in_args[0].size = argsize;
1030 args.in_args[0].value = &inarg;
1031 args.in_args[1].size = oldent->d_name.len + 1;
1032 args.in_args[1].value = oldent->d_name.name;
1033 args.in_args[2].size = newent->d_name.len + 1;
1034 args.in_args[2].value = newent->d_name.name;
1035 err = fuse_simple_request(fm, &args);
1038 fuse_update_ctime(d_inode(oldent));
1040 if (flags & RENAME_EXCHANGE)
1041 fuse_update_ctime(d_inode(newent));
1043 fuse_dir_changed(olddir);
1044 if (olddir != newdir)
1045 fuse_dir_changed(newdir);
1047 /* newent will end up negative */
1048 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent))
1049 fuse_entry_unlinked(newent);
1050 } else if (err == -EINTR || err == -ENOENT) {
1051 /* If request was interrupted, DEITY only knows if the
1052 rename actually took place. If the invalidation
1053 fails (e.g. some process has CWD under the renamed
1054 directory), then there can be inconsistency between
1055 the dcache and the real filesystem. Tough luck. */
1056 fuse_invalidate_entry(oldent);
1057 if (d_really_is_positive(newent))
1058 fuse_invalidate_entry(newent);
1064 static int fuse_rename2(struct mnt_idmap *idmap, struct inode *olddir,
1065 struct dentry *oldent, struct inode *newdir,
1066 struct dentry *newent, unsigned int flags)
1068 struct fuse_conn *fc = get_fuse_conn(olddir);
1071 if (fuse_is_bad(olddir))
1074 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
1078 if (fc->no_rename2 || fc->minor < 23)
1081 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
1083 sizeof(struct fuse_rename2_in));
1084 if (err == -ENOSYS) {
1089 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
1091 sizeof(struct fuse_rename_in));
1097 static int fuse_link(struct dentry *entry, struct inode *newdir,
1098 struct dentry *newent)
1101 struct fuse_link_in inarg;
1102 struct inode *inode = d_inode(entry);
1103 struct fuse_mount *fm = get_fuse_mount(inode);
1106 memset(&inarg, 0, sizeof(inarg));
1107 inarg.oldnodeid = get_node_id(inode);
1108 args.opcode = FUSE_LINK;
1109 args.in_numargs = 2;
1110 args.in_args[0].size = sizeof(inarg);
1111 args.in_args[0].value = &inarg;
1112 args.in_args[1].size = newent->d_name.len + 1;
1113 args.in_args[1].value = newent->d_name.name;
1114 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode);
1116 fuse_update_ctime_in_cache(inode);
1117 else if (err == -EINTR)
1118 fuse_invalidate_attr(inode);
1123 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
1126 unsigned int blkbits;
1127 struct fuse_conn *fc = get_fuse_conn(inode);
1129 stat->dev = inode->i_sb->s_dev;
1130 stat->ino = attr->ino;
1131 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
1132 stat->nlink = attr->nlink;
1133 stat->uid = make_kuid(fc->user_ns, attr->uid);
1134 stat->gid = make_kgid(fc->user_ns, attr->gid);
1135 stat->rdev = inode->i_rdev;
1136 stat->atime.tv_sec = attr->atime;
1137 stat->atime.tv_nsec = attr->atimensec;
1138 stat->mtime.tv_sec = attr->mtime;
1139 stat->mtime.tv_nsec = attr->mtimensec;
1140 stat->ctime.tv_sec = attr->ctime;
1141 stat->ctime.tv_nsec = attr->ctimensec;
1142 stat->size = attr->size;
1143 stat->blocks = attr->blocks;
1145 if (attr->blksize != 0)
1146 blkbits = ilog2(attr->blksize);
1148 blkbits = inode->i_sb->s_blocksize_bits;
1150 stat->blksize = 1 << blkbits;
1153 static void fuse_statx_to_attr(struct fuse_statx *sx, struct fuse_attr *attr)
1155 memset(attr, 0, sizeof(*attr));
1156 attr->ino = sx->ino;
1157 attr->size = sx->size;
1158 attr->blocks = sx->blocks;
1159 attr->atime = sx->atime.tv_sec;
1160 attr->mtime = sx->mtime.tv_sec;
1161 attr->ctime = sx->ctime.tv_sec;
1162 attr->atimensec = sx->atime.tv_nsec;
1163 attr->mtimensec = sx->mtime.tv_nsec;
1164 attr->ctimensec = sx->ctime.tv_nsec;
1165 attr->mode = sx->mode;
1166 attr->nlink = sx->nlink;
1167 attr->uid = sx->uid;
1168 attr->gid = sx->gid;
1169 attr->rdev = new_encode_dev(MKDEV(sx->rdev_major, sx->rdev_minor));
1170 attr->blksize = sx->blksize;
1173 static int fuse_do_statx(struct inode *inode, struct file *file,
1177 struct fuse_attr attr;
1178 struct fuse_statx *sx;
1179 struct fuse_statx_in inarg;
1180 struct fuse_statx_out outarg;
1181 struct fuse_mount *fm = get_fuse_mount(inode);
1182 u64 attr_version = fuse_get_attr_version(fm->fc);
1185 memset(&inarg, 0, sizeof(inarg));
1186 memset(&outarg, 0, sizeof(outarg));
1187 /* Directories have separate file-handle space */
1188 if (file && S_ISREG(inode->i_mode)) {
1189 struct fuse_file *ff = file->private_data;
1191 inarg.getattr_flags |= FUSE_GETATTR_FH;
1194 /* For now leave sync hints as the default, request all stats. */
1196 inarg.sx_mask = STATX_BASIC_STATS | STATX_BTIME;
1197 args.opcode = FUSE_STATX;
1198 args.nodeid = get_node_id(inode);
1199 args.in_numargs = 1;
1200 args.in_args[0].size = sizeof(inarg);
1201 args.in_args[0].value = &inarg;
1202 args.out_numargs = 1;
1203 args.out_args[0].size = sizeof(outarg);
1204 args.out_args[0].value = &outarg;
1205 err = fuse_simple_request(fm, &args);
1210 if (((sx->mask & STATX_SIZE) && !fuse_valid_size(sx->size)) ||
1211 ((sx->mask & STATX_TYPE) && (!fuse_valid_type(sx->mode) ||
1212 inode_wrong_type(inode, sx->mode)))) {
1213 make_bad_inode(inode);
1217 fuse_statx_to_attr(&outarg.stat, &attr);
1218 if ((sx->mask & STATX_BASIC_STATS) == STATX_BASIC_STATS) {
1219 fuse_change_attributes(inode, &attr, &outarg.stat,
1220 ATTR_TIMEOUT(&outarg), attr_version);
1224 stat->result_mask = sx->mask & (STATX_BASIC_STATS | STATX_BTIME);
1225 stat->btime.tv_sec = sx->btime.tv_sec;
1226 stat->btime.tv_nsec = min_t(u32, sx->btime.tv_nsec, NSEC_PER_SEC - 1);
1227 fuse_fillattr(inode, &attr, stat);
1228 stat->result_mask |= STATX_TYPE;
1234 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
1238 struct fuse_getattr_in inarg;
1239 struct fuse_attr_out outarg;
1240 struct fuse_mount *fm = get_fuse_mount(inode);
1244 attr_version = fuse_get_attr_version(fm->fc);
1246 memset(&inarg, 0, sizeof(inarg));
1247 memset(&outarg, 0, sizeof(outarg));
1248 /* Directories have separate file-handle space */
1249 if (file && S_ISREG(inode->i_mode)) {
1250 struct fuse_file *ff = file->private_data;
1252 inarg.getattr_flags |= FUSE_GETATTR_FH;
1255 args.opcode = FUSE_GETATTR;
1256 args.nodeid = get_node_id(inode);
1257 args.in_numargs = 1;
1258 args.in_args[0].size = sizeof(inarg);
1259 args.in_args[0].value = &inarg;
1260 args.out_numargs = 1;
1261 args.out_args[0].size = sizeof(outarg);
1262 args.out_args[0].value = &outarg;
1263 err = fuse_simple_request(fm, &args);
1265 if (fuse_invalid_attr(&outarg.attr) ||
1266 inode_wrong_type(inode, outarg.attr.mode)) {
1267 fuse_make_bad(inode);
1270 fuse_change_attributes(inode, &outarg.attr, NULL,
1271 ATTR_TIMEOUT(&outarg),
1274 fuse_fillattr(inode, &outarg.attr, stat);
1280 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1281 struct kstat *stat, u32 request_mask,
1284 struct fuse_inode *fi = get_fuse_inode(inode);
1285 struct fuse_conn *fc = get_fuse_conn(inode);
1288 u32 inval_mask = READ_ONCE(fi->inval_mask);
1289 u32 cache_mask = fuse_get_cache_mask(inode);
1292 /* FUSE only supports basic stats and possibly btime */
1293 request_mask &= STATX_BASIC_STATS | STATX_BTIME;
1296 request_mask &= STATX_BASIC_STATS;
1300 else if (flags & AT_STATX_FORCE_SYNC)
1302 else if (flags & AT_STATX_DONT_SYNC)
1304 else if (request_mask & inval_mask & ~cache_mask)
1307 sync = time_before64(fi->i_time, get_jiffies_64());
1310 forget_all_cached_acls(inode);
1311 /* Try statx if BTIME is requested */
1312 if (!fc->no_statx && (request_mask & ~STATX_BASIC_STATS)) {
1313 err = fuse_do_statx(inode, file, stat);
1314 if (err == -ENOSYS) {
1319 err = fuse_do_getattr(inode, stat, file);
1322 generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat);
1323 stat->mode = fi->orig_i_mode;
1324 stat->ino = fi->orig_ino;
1325 if (test_bit(FUSE_I_BTIME, &fi->state)) {
1326 stat->btime = fi->i_btime;
1327 stat->result_mask |= STATX_BTIME;
1334 int fuse_update_attributes(struct inode *inode, struct file *file, u32 mask)
1336 return fuse_update_get_attr(inode, file, NULL, mask, 0);
1339 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1340 u64 child_nodeid, struct qstr *name, u32 flags)
1343 struct inode *parent;
1345 struct dentry *entry;
1347 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1351 inode_lock_nested(parent, I_MUTEX_PARENT);
1352 if (!S_ISDIR(parent->i_mode))
1356 dir = d_find_alias(parent);
1360 name->hash = full_name_hash(dir, name->name, name->len);
1361 entry = d_lookup(dir, name);
1366 fuse_dir_changed(parent);
1367 if (!(flags & FUSE_EXPIRE_ONLY))
1368 d_invalidate(entry);
1369 fuse_invalidate_entry_cache(entry);
1371 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1372 inode_lock(d_inode(entry));
1373 if (get_node_id(d_inode(entry)) != child_nodeid) {
1377 if (d_mountpoint(entry)) {
1381 if (d_is_dir(entry)) {
1382 shrink_dcache_parent(entry);
1383 if (!simple_empty(entry)) {
1387 d_inode(entry)->i_flags |= S_DEAD;
1390 clear_nlink(d_inode(entry));
1393 inode_unlock(d_inode(entry));
1402 inode_unlock(parent);
1407 static inline bool fuse_permissible_uidgid(struct fuse_conn *fc)
1409 const struct cred *cred = current_cred();
1411 return (uid_eq(cred->euid, fc->user_id) &&
1412 uid_eq(cred->suid, fc->user_id) &&
1413 uid_eq(cred->uid, fc->user_id) &&
1414 gid_eq(cred->egid, fc->group_id) &&
1415 gid_eq(cred->sgid, fc->group_id) &&
1416 gid_eq(cred->gid, fc->group_id));
1420 * Calling into a user-controlled filesystem gives the filesystem
1421 * daemon ptrace-like capabilities over the current process. This
1422 * means, that the filesystem daemon is able to record the exact
1423 * filesystem operations performed, and can also control the behavior
1424 * of the requester process in otherwise impossible ways. For example
1425 * it can delay the operation for arbitrary length of time allowing
1426 * DoS against the requester.
1428 * For this reason only those processes can call into the filesystem,
1429 * for which the owner of the mount has ptrace privilege. This
1430 * excludes processes started by other users, suid or sgid processes.
1432 bool fuse_allow_current_process(struct fuse_conn *fc)
1436 if (fc->allow_other)
1437 allow = current_in_userns(fc->user_ns);
1439 allow = fuse_permissible_uidgid(fc);
1441 if (!allow && allow_sys_admin_access && capable(CAP_SYS_ADMIN))
1447 static int fuse_access(struct inode *inode, int mask)
1449 struct fuse_mount *fm = get_fuse_mount(inode);
1451 struct fuse_access_in inarg;
1454 BUG_ON(mask & MAY_NOT_BLOCK);
1456 if (fm->fc->no_access)
1459 memset(&inarg, 0, sizeof(inarg));
1460 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1461 args.opcode = FUSE_ACCESS;
1462 args.nodeid = get_node_id(inode);
1463 args.in_numargs = 1;
1464 args.in_args[0].size = sizeof(inarg);
1465 args.in_args[0].value = &inarg;
1466 err = fuse_simple_request(fm, &args);
1467 if (err == -ENOSYS) {
1468 fm->fc->no_access = 1;
1474 static int fuse_perm_getattr(struct inode *inode, int mask)
1476 if (mask & MAY_NOT_BLOCK)
1479 forget_all_cached_acls(inode);
1480 return fuse_do_getattr(inode, NULL, NULL);
1484 * Check permission. The two basic access models of FUSE are:
1486 * 1) Local access checking ('default_permissions' mount option) based
1487 * on file mode. This is the plain old disk filesystem permission
1490 * 2) "Remote" access checking, where server is responsible for
1491 * checking permission in each inode operation. An exception to this
1492 * is if ->permission() was invoked from sys_access() in which case an
1493 * access request is sent. Execute permission is still checked
1494 * locally based on file mode.
1496 static int fuse_permission(struct mnt_idmap *idmap,
1497 struct inode *inode, int mask)
1499 struct fuse_conn *fc = get_fuse_conn(inode);
1500 bool refreshed = false;
1503 if (fuse_is_bad(inode))
1506 if (!fuse_allow_current_process(fc))
1510 * If attributes are needed, refresh them before proceeding
1512 if (fc->default_permissions ||
1513 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1514 struct fuse_inode *fi = get_fuse_inode(inode);
1515 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1517 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1518 time_before64(fi->i_time, get_jiffies_64())) {
1521 err = fuse_perm_getattr(inode, mask);
1527 if (fc->default_permissions) {
1528 err = generic_permission(&nop_mnt_idmap, inode, mask);
1530 /* If permission is denied, try to refresh file
1531 attributes. This is also needed, because the root
1532 node will at first have no permissions */
1533 if (err == -EACCES && !refreshed) {
1534 err = fuse_perm_getattr(inode, mask);
1536 err = generic_permission(&nop_mnt_idmap,
1540 /* Note: the opposite of the above test does not
1541 exist. So if permissions are revoked this won't be
1542 noticed immediately, only after the attribute
1543 timeout has expired */
1544 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1545 err = fuse_access(inode, mask);
1546 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1547 if (!(inode->i_mode & S_IXUGO)) {
1551 err = fuse_perm_getattr(inode, mask);
1552 if (!err && !(inode->i_mode & S_IXUGO))
1559 static int fuse_readlink_page(struct inode *inode, struct page *page)
1561 struct fuse_mount *fm = get_fuse_mount(inode);
1562 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1563 struct fuse_args_pages ap = {
1571 ap.args.opcode = FUSE_READLINK;
1572 ap.args.nodeid = get_node_id(inode);
1573 ap.args.out_pages = true;
1574 ap.args.out_argvar = true;
1575 ap.args.page_zeroing = true;
1576 ap.args.out_numargs = 1;
1577 ap.args.out_args[0].size = desc.length;
1578 res = fuse_simple_request(fm, &ap.args);
1580 fuse_invalidate_atime(inode);
1585 if (WARN_ON(res >= PAGE_SIZE))
1588 link = page_address(page);
1594 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1595 struct delayed_call *callback)
1597 struct fuse_conn *fc = get_fuse_conn(inode);
1602 if (fuse_is_bad(inode))
1605 if (fc->cache_symlinks)
1606 return page_get_link(dentry, inode, callback);
1612 page = alloc_page(GFP_KERNEL);
1617 err = fuse_readlink_page(inode, page);
1623 set_delayed_call(callback, page_put_link, page);
1625 return page_address(page);
1628 return ERR_PTR(err);
1631 static int fuse_dir_open(struct inode *inode, struct file *file)
1633 return fuse_open_common(inode, file, true);
1636 static int fuse_dir_release(struct inode *inode, struct file *file)
1638 fuse_release_common(file, true);
1643 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1646 struct inode *inode = file->f_mapping->host;
1647 struct fuse_conn *fc = get_fuse_conn(inode);
1650 if (fuse_is_bad(inode))
1653 if (fc->no_fsyncdir)
1657 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1658 if (err == -ENOSYS) {
1659 fc->no_fsyncdir = 1;
1662 inode_unlock(inode);
1667 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1670 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1672 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1676 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1679 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1682 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1687 return fuse_ioctl_common(file, cmd, arg,
1688 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1691 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1693 /* Always update if mtime is explicitly set */
1694 if (ivalid & ATTR_MTIME_SET)
1697 /* Or if kernel i_mtime is the official one */
1698 if (trust_local_mtime)
1701 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1702 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1705 /* In all other cases update */
1709 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1710 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1712 unsigned ivalid = iattr->ia_valid;
1714 if (ivalid & ATTR_MODE)
1715 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1716 if (ivalid & ATTR_UID)
1717 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1718 if (ivalid & ATTR_GID)
1719 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1720 if (ivalid & ATTR_SIZE)
1721 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1722 if (ivalid & ATTR_ATIME) {
1723 arg->valid |= FATTR_ATIME;
1724 arg->atime = iattr->ia_atime.tv_sec;
1725 arg->atimensec = iattr->ia_atime.tv_nsec;
1726 if (!(ivalid & ATTR_ATIME_SET))
1727 arg->valid |= FATTR_ATIME_NOW;
1729 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1730 arg->valid |= FATTR_MTIME;
1731 arg->mtime = iattr->ia_mtime.tv_sec;
1732 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1733 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1734 arg->valid |= FATTR_MTIME_NOW;
1736 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1737 arg->valid |= FATTR_CTIME;
1738 arg->ctime = iattr->ia_ctime.tv_sec;
1739 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1744 * Prevent concurrent writepages on inode
1746 * This is done by adding a negative bias to the inode write counter
1747 * and waiting for all pending writes to finish.
1749 void fuse_set_nowrite(struct inode *inode)
1751 struct fuse_inode *fi = get_fuse_inode(inode);
1753 BUG_ON(!inode_is_locked(inode));
1755 spin_lock(&fi->lock);
1756 BUG_ON(fi->writectr < 0);
1757 fi->writectr += FUSE_NOWRITE;
1758 spin_unlock(&fi->lock);
1759 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1763 * Allow writepages on inode
1765 * Remove the bias from the writecounter and send any queued
1768 static void __fuse_release_nowrite(struct inode *inode)
1770 struct fuse_inode *fi = get_fuse_inode(inode);
1772 BUG_ON(fi->writectr != FUSE_NOWRITE);
1774 fuse_flush_writepages(inode);
1777 void fuse_release_nowrite(struct inode *inode)
1779 struct fuse_inode *fi = get_fuse_inode(inode);
1781 spin_lock(&fi->lock);
1782 __fuse_release_nowrite(inode);
1783 spin_unlock(&fi->lock);
1786 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1787 struct inode *inode,
1788 struct fuse_setattr_in *inarg_p,
1789 struct fuse_attr_out *outarg_p)
1791 args->opcode = FUSE_SETATTR;
1792 args->nodeid = get_node_id(inode);
1793 args->in_numargs = 1;
1794 args->in_args[0].size = sizeof(*inarg_p);
1795 args->in_args[0].value = inarg_p;
1796 args->out_numargs = 1;
1797 args->out_args[0].size = sizeof(*outarg_p);
1798 args->out_args[0].value = outarg_p;
1802 * Flush inode->i_mtime to the server
1804 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1806 struct fuse_mount *fm = get_fuse_mount(inode);
1808 struct fuse_setattr_in inarg;
1809 struct fuse_attr_out outarg;
1811 memset(&inarg, 0, sizeof(inarg));
1812 memset(&outarg, 0, sizeof(outarg));
1814 inarg.valid = FATTR_MTIME;
1815 inarg.mtime = inode_get_mtime_sec(inode);
1816 inarg.mtimensec = inode_get_mtime_nsec(inode);
1817 if (fm->fc->minor >= 23) {
1818 inarg.valid |= FATTR_CTIME;
1819 inarg.ctime = inode_get_ctime_sec(inode);
1820 inarg.ctimensec = inode_get_ctime_nsec(inode);
1823 inarg.valid |= FATTR_FH;
1826 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1828 return fuse_simple_request(fm, &args);
1832 * Set attributes, and at the same time refresh them.
1834 * Truncation is slightly complicated, because the 'truncate' request
1835 * may fail, in which case we don't want to touch the mapping.
1836 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1837 * and the actual truncation by hand.
1839 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1842 struct inode *inode = d_inode(dentry);
1843 struct fuse_mount *fm = get_fuse_mount(inode);
1844 struct fuse_conn *fc = fm->fc;
1845 struct fuse_inode *fi = get_fuse_inode(inode);
1846 struct address_space *mapping = inode->i_mapping;
1848 struct fuse_setattr_in inarg;
1849 struct fuse_attr_out outarg;
1850 bool is_truncate = false;
1851 bool is_wb = fc->writeback_cache && S_ISREG(inode->i_mode);
1854 bool trust_local_cmtime = is_wb;
1855 bool fault_blocked = false;
1857 if (!fc->default_permissions)
1858 attr->ia_valid |= ATTR_FORCE;
1860 err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
1864 if (attr->ia_valid & ATTR_SIZE) {
1865 if (WARN_ON(!S_ISREG(inode->i_mode)))
1870 if (FUSE_IS_DAX(inode) && is_truncate) {
1871 filemap_invalidate_lock(mapping);
1872 fault_blocked = true;
1873 err = fuse_dax_break_layouts(inode, 0, 0);
1875 filemap_invalidate_unlock(mapping);
1880 if (attr->ia_valid & ATTR_OPEN) {
1881 /* This is coming from open(..., ... | O_TRUNC); */
1882 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1883 WARN_ON(attr->ia_size != 0);
1884 if (fc->atomic_o_trunc) {
1886 * No need to send request to userspace, since actual
1887 * truncation has already been done by OPEN. But still
1888 * need to truncate page cache.
1890 i_size_write(inode, 0);
1891 truncate_pagecache(inode, 0);
1897 /* Flush dirty data/metadata before non-truncate SETATTR */
1900 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1902 err = write_inode_now(inode, true);
1906 fuse_set_nowrite(inode);
1907 fuse_release_nowrite(inode);
1911 fuse_set_nowrite(inode);
1912 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1913 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1914 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1917 memset(&inarg, 0, sizeof(inarg));
1918 memset(&outarg, 0, sizeof(outarg));
1919 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1921 struct fuse_file *ff = file->private_data;
1922 inarg.valid |= FATTR_FH;
1926 /* Kill suid/sgid for non-directory chown unconditionally */
1927 if (fc->handle_killpriv_v2 && !S_ISDIR(inode->i_mode) &&
1928 attr->ia_valid & (ATTR_UID | ATTR_GID))
1929 inarg.valid |= FATTR_KILL_SUIDGID;
1931 if (attr->ia_valid & ATTR_SIZE) {
1932 /* For mandatory locking in truncate */
1933 inarg.valid |= FATTR_LOCKOWNER;
1934 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1936 /* Kill suid/sgid for truncate only if no CAP_FSETID */
1937 if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
1938 inarg.valid |= FATTR_KILL_SUIDGID;
1940 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1941 err = fuse_simple_request(fm, &args);
1944 fuse_invalidate_attr(inode);
1948 if (fuse_invalid_attr(&outarg.attr) ||
1949 inode_wrong_type(inode, outarg.attr.mode)) {
1950 fuse_make_bad(inode);
1955 spin_lock(&fi->lock);
1956 /* the kernel maintains i_mtime locally */
1957 if (trust_local_cmtime) {
1958 if (attr->ia_valid & ATTR_MTIME)
1959 inode_set_mtime_to_ts(inode, attr->ia_mtime);
1960 if (attr->ia_valid & ATTR_CTIME)
1961 inode_set_ctime_to_ts(inode, attr->ia_ctime);
1962 /* FIXME: clear I_DIRTY_SYNC? */
1965 fuse_change_attributes_common(inode, &outarg.attr, NULL,
1966 ATTR_TIMEOUT(&outarg),
1967 fuse_get_cache_mask(inode));
1968 oldsize = inode->i_size;
1969 /* see the comment in fuse_change_attributes() */
1970 if (!is_wb || is_truncate)
1971 i_size_write(inode, outarg.attr.size);
1974 /* NOTE: this may release/reacquire fi->lock */
1975 __fuse_release_nowrite(inode);
1977 spin_unlock(&fi->lock);
1980 * Only call invalidate_inode_pages2() after removing
1981 * FUSE_NOWRITE, otherwise fuse_launder_folio() would deadlock.
1983 if ((is_truncate || !is_wb) &&
1984 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1985 truncate_pagecache(inode, outarg.attr.size);
1986 invalidate_inode_pages2(mapping);
1989 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1992 filemap_invalidate_unlock(mapping);
1998 fuse_release_nowrite(inode);
2000 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
2003 filemap_invalidate_unlock(mapping);
2007 static int fuse_setattr(struct mnt_idmap *idmap, struct dentry *entry,
2010 struct inode *inode = d_inode(entry);
2011 struct fuse_conn *fc = get_fuse_conn(inode);
2012 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
2015 if (fuse_is_bad(inode))
2018 if (!fuse_allow_current_process(get_fuse_conn(inode)))
2021 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
2022 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
2026 * The only sane way to reliably kill suid/sgid is to do it in
2027 * the userspace filesystem
2029 * This should be done on write(), truncate() and chown().
2031 if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
2033 * ia_mode calculation may have used stale i_mode.
2034 * Refresh and recalculate.
2036 ret = fuse_do_getattr(inode, NULL, file);
2040 attr->ia_mode = inode->i_mode;
2041 if (inode->i_mode & S_ISUID) {
2042 attr->ia_valid |= ATTR_MODE;
2043 attr->ia_mode &= ~S_ISUID;
2045 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
2046 attr->ia_valid |= ATTR_MODE;
2047 attr->ia_mode &= ~S_ISGID;
2051 if (!attr->ia_valid)
2054 ret = fuse_do_setattr(entry, attr, file);
2057 * If filesystem supports acls it may have updated acl xattrs in
2058 * the filesystem, so forget cached acls for the inode.
2061 forget_all_cached_acls(inode);
2063 /* Directory mode changed, may need to revalidate access */
2064 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
2065 fuse_invalidate_entry_cache(entry);
2070 static int fuse_getattr(struct mnt_idmap *idmap,
2071 const struct path *path, struct kstat *stat,
2072 u32 request_mask, unsigned int flags)
2074 struct inode *inode = d_inode(path->dentry);
2075 struct fuse_conn *fc = get_fuse_conn(inode);
2077 if (fuse_is_bad(inode))
2080 if (!fuse_allow_current_process(fc)) {
2081 if (!request_mask) {
2083 * If user explicitly requested *nothing* then don't
2084 * error out, but return st_dev only.
2086 stat->result_mask = 0;
2087 stat->dev = inode->i_sb->s_dev;
2093 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
2096 static const struct inode_operations fuse_dir_inode_operations = {
2097 .lookup = fuse_lookup,
2098 .mkdir = fuse_mkdir,
2099 .symlink = fuse_symlink,
2100 .unlink = fuse_unlink,
2101 .rmdir = fuse_rmdir,
2102 .rename = fuse_rename2,
2104 .setattr = fuse_setattr,
2105 .create = fuse_create,
2106 .atomic_open = fuse_atomic_open,
2107 .tmpfile = fuse_tmpfile,
2108 .mknod = fuse_mknod,
2109 .permission = fuse_permission,
2110 .getattr = fuse_getattr,
2111 .listxattr = fuse_listxattr,
2112 .get_inode_acl = fuse_get_inode_acl,
2113 .get_acl = fuse_get_acl,
2114 .set_acl = fuse_set_acl,
2115 .fileattr_get = fuse_fileattr_get,
2116 .fileattr_set = fuse_fileattr_set,
2119 static const struct file_operations fuse_dir_operations = {
2120 .llseek = generic_file_llseek,
2121 .read = generic_read_dir,
2122 .iterate_shared = fuse_readdir,
2123 .open = fuse_dir_open,
2124 .release = fuse_dir_release,
2125 .fsync = fuse_dir_fsync,
2126 .unlocked_ioctl = fuse_dir_ioctl,
2127 .compat_ioctl = fuse_dir_compat_ioctl,
2130 static const struct inode_operations fuse_common_inode_operations = {
2131 .setattr = fuse_setattr,
2132 .permission = fuse_permission,
2133 .getattr = fuse_getattr,
2134 .listxattr = fuse_listxattr,
2135 .get_inode_acl = fuse_get_inode_acl,
2136 .get_acl = fuse_get_acl,
2137 .set_acl = fuse_set_acl,
2138 .fileattr_get = fuse_fileattr_get,
2139 .fileattr_set = fuse_fileattr_set,
2142 static const struct inode_operations fuse_symlink_inode_operations = {
2143 .setattr = fuse_setattr,
2144 .get_link = fuse_get_link,
2145 .getattr = fuse_getattr,
2146 .listxattr = fuse_listxattr,
2149 void fuse_init_common(struct inode *inode)
2151 inode->i_op = &fuse_common_inode_operations;
2154 void fuse_init_dir(struct inode *inode)
2156 struct fuse_inode *fi = get_fuse_inode(inode);
2158 inode->i_op = &fuse_dir_inode_operations;
2159 inode->i_fop = &fuse_dir_operations;
2161 spin_lock_init(&fi->rdc.lock);
2162 fi->rdc.cached = false;
2165 fi->rdc.version = 0;
2168 static int fuse_symlink_read_folio(struct file *null, struct folio *folio)
2170 int err = fuse_readlink_page(folio->mapping->host, &folio->page);
2173 folio_mark_uptodate(folio);
2175 folio_unlock(folio);
2180 static const struct address_space_operations fuse_symlink_aops = {
2181 .read_folio = fuse_symlink_read_folio,
2184 void fuse_init_symlink(struct inode *inode)
2186 inode->i_op = &fuse_symlink_inode_operations;
2187 inode->i_data.a_ops = &fuse_symlink_aops;
2188 inode_nohighmem(inode);
projects / linux.git / blob