2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/gfp.h>
14 #include <linux/sched.h>
15 #include <linux/namei.h>
17 #if BITS_PER_LONG >= 64
18 static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
23 static inline u64 fuse_dentry_time(struct dentry *entry)
29 * On 32 bit archs store the high 32 bits of time in d_fsdata
31 static void fuse_dentry_settime(struct dentry *entry, u64 time)
34 entry->d_fsdata = (void *) (unsigned long) (time >> 32);
37 static u64 fuse_dentry_time(struct dentry *entry)
39 return (u64) entry->d_time +
40 ((u64) (unsigned long) entry->d_fsdata << 32);
45 * FUSE caches dentries and attributes with separate timeout. The
46 * time in jiffies until the dentry/attributes are valid is stored in
47 * dentry->d_time and fuse_inode->i_time respectively.
51 * Calculate the time in jiffies until a dentry/attributes are valid
53 static u64 time_to_jiffies(unsigned long sec, unsigned long nsec)
56 struct timespec ts = {sec, nsec};
57 return get_jiffies_64() + timespec_to_jiffies(&ts);
63 * Set dentry and possibly attribute timeouts from the lookup/mk*
66 static void fuse_change_entry_timeout(struct dentry *entry,
67 struct fuse_entry_out *o)
69 fuse_dentry_settime(entry,
70 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
73 static u64 attr_timeout(struct fuse_attr_out *o)
75 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
78 static u64 entry_attr_timeout(struct fuse_entry_out *o)
80 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
84 * Mark the attributes as stale, so that at the next call to
85 * ->getattr() they will be fetched from userspace
87 void fuse_invalidate_attr(struct inode *inode)
89 get_fuse_inode(inode)->i_time = 0;
93 * Just mark the entry as stale, so that a next attempt to look it up
94 * will result in a new lookup call to userspace
96 * This is called when a dentry is about to become negative and the
97 * timeout is unknown (unlink, rmdir, rename and in some cases
100 void fuse_invalidate_entry_cache(struct dentry *entry)
102 fuse_dentry_settime(entry, 0);
106 * Same as fuse_invalidate_entry_cache(), but also try to remove the
107 * dentry from the hash
109 static void fuse_invalidate_entry(struct dentry *entry)
112 fuse_invalidate_entry_cache(entry);
115 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_req *req,
116 u64 nodeid, struct qstr *name,
117 struct fuse_entry_out *outarg)
119 memset(outarg, 0, sizeof(struct fuse_entry_out));
120 req->in.h.opcode = FUSE_LOOKUP;
121 req->in.h.nodeid = nodeid;
123 req->in.args[0].size = name->len + 1;
124 req->in.args[0].value = name->name;
125 req->out.numargs = 1;
127 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
129 req->out.args[0].size = sizeof(struct fuse_entry_out);
130 req->out.args[0].value = outarg;
133 u64 fuse_get_attr_version(struct fuse_conn *fc)
138 * The spin lock isn't actually needed on 64bit archs, but we
139 * don't yet care too much about such optimizations.
141 spin_lock(&fc->lock);
142 curr_version = fc->attr_version;
143 spin_unlock(&fc->lock);
149 * Check whether the dentry is still valid
151 * If the entry validity timeout has expired and the dentry is
152 * positive, try to redo the lookup. If the lookup results in a
153 * different inode, then let the VFS invalidate the dentry and redo
154 * the lookup once more. If the lookup results in the same inode,
155 * then refresh the attributes, timeouts and mark the dentry valid.
157 static int fuse_dentry_revalidate(struct dentry *entry, struct nameidata *nd)
161 if (nd->flags & LOOKUP_RCU)
164 inode = entry->d_inode;
165 if (inode && is_bad_inode(inode))
167 else if (fuse_dentry_time(entry) < get_jiffies_64()) {
169 struct fuse_entry_out outarg;
170 struct fuse_conn *fc;
171 struct fuse_req *req;
172 struct fuse_req *forget_req;
173 struct dentry *parent;
176 /* For negative dentries, always do a fresh lookup */
180 fc = get_fuse_conn(inode);
181 req = fuse_get_req(fc);
185 forget_req = fuse_get_req(fc);
186 if (IS_ERR(forget_req)) {
187 fuse_put_request(fc, req);
191 attr_version = fuse_get_attr_version(fc);
193 parent = dget_parent(entry);
194 fuse_lookup_init(fc, req, get_node_id(parent->d_inode),
195 &entry->d_name, &outarg);
196 fuse_request_send(fc, req);
198 err = req->out.h.error;
199 fuse_put_request(fc, req);
200 /* Zero nodeid is same as -ENOENT */
201 if (!err && !outarg.nodeid)
204 struct fuse_inode *fi = get_fuse_inode(inode);
205 if (outarg.nodeid != get_node_id(inode)) {
206 fuse_send_forget(fc, forget_req,
210 spin_lock(&fc->lock);
212 spin_unlock(&fc->lock);
214 fuse_put_request(fc, forget_req);
215 if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
218 fuse_change_attributes(inode, &outarg.attr,
219 entry_attr_timeout(&outarg),
221 fuse_change_entry_timeout(entry, &outarg);
226 static int invalid_nodeid(u64 nodeid)
228 return !nodeid || nodeid == FUSE_ROOT_ID;
231 const struct dentry_operations fuse_dentry_operations = {
232 .d_revalidate = fuse_dentry_revalidate,
235 int fuse_valid_type(int m)
237 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
238 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
242 * Add a directory inode to a dentry, ensuring that no other dentry
243 * refers to this inode. Called with fc->inst_mutex.
245 static struct dentry *fuse_d_add_directory(struct dentry *entry,
248 struct dentry *alias = d_find_alias(inode);
249 if (alias && !(alias->d_flags & DCACHE_DISCONNECTED)) {
250 /* This tries to shrink the subtree below alias */
251 fuse_invalidate_entry(alias);
253 if (!list_empty(&inode->i_dentry))
254 return ERR_PTR(-EBUSY);
258 return d_splice_alias(inode, entry);
261 int fuse_lookup_name(struct super_block *sb, u64 nodeid, struct qstr *name,
262 struct fuse_entry_out *outarg, struct inode **inode)
264 struct fuse_conn *fc = get_fuse_conn_super(sb);
265 struct fuse_req *req;
266 struct fuse_req *forget_req;
272 if (name->len > FUSE_NAME_MAX)
275 req = fuse_get_req(fc);
280 forget_req = fuse_get_req(fc);
281 err = PTR_ERR(forget_req);
282 if (IS_ERR(forget_req)) {
283 fuse_put_request(fc, req);
287 attr_version = fuse_get_attr_version(fc);
289 fuse_lookup_init(fc, req, nodeid, name, outarg);
290 fuse_request_send(fc, req);
291 err = req->out.h.error;
292 fuse_put_request(fc, req);
293 /* Zero nodeid is same as -ENOENT, but with valid timeout */
294 if (err || !outarg->nodeid)
300 if (!fuse_valid_type(outarg->attr.mode))
303 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
304 &outarg->attr, entry_attr_timeout(outarg),
308 fuse_send_forget(fc, forget_req, outarg->nodeid, 1);
314 fuse_put_request(fc, forget_req);
319 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
320 struct nameidata *nd)
323 struct fuse_entry_out outarg;
325 struct dentry *newent;
326 struct fuse_conn *fc = get_fuse_conn(dir);
327 bool outarg_valid = true;
329 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
331 if (err == -ENOENT) {
332 outarg_valid = false;
339 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
342 if (inode && S_ISDIR(inode->i_mode)) {
343 mutex_lock(&fc->inst_mutex);
344 newent = fuse_d_add_directory(entry, inode);
345 mutex_unlock(&fc->inst_mutex);
346 err = PTR_ERR(newent);
350 newent = d_splice_alias(inode, entry);
353 entry = newent ? newent : entry;
354 d_set_d_op(entry, &fuse_dentry_operations);
356 fuse_change_entry_timeout(entry, &outarg);
358 fuse_invalidate_entry_cache(entry);
369 * Atomic create+open operation
371 * If the filesystem doesn't support this, then fall back to separate
372 * 'mknod' + 'open' requests.
374 static int fuse_create_open(struct inode *dir, struct dentry *entry, int mode,
375 struct nameidata *nd)
379 struct fuse_conn *fc = get_fuse_conn(dir);
380 struct fuse_req *req;
381 struct fuse_req *forget_req;
382 struct fuse_create_in inarg;
383 struct fuse_open_out outopen;
384 struct fuse_entry_out outentry;
385 struct fuse_file *ff;
387 int flags = nd->intent.open.flags - 1;
392 if (flags & O_DIRECT)
395 forget_req = fuse_get_req(fc);
396 if (IS_ERR(forget_req))
397 return PTR_ERR(forget_req);
399 req = fuse_get_req(fc);
402 goto out_put_forget_req;
405 ff = fuse_file_alloc(fc);
407 goto out_put_request;
410 mode &= ~current_umask();
413 memset(&inarg, 0, sizeof(inarg));
414 memset(&outentry, 0, sizeof(outentry));
417 inarg.umask = current_umask();
418 req->in.h.opcode = FUSE_CREATE;
419 req->in.h.nodeid = get_node_id(dir);
421 req->in.args[0].size = fc->minor < 12 ? sizeof(struct fuse_open_in) :
423 req->in.args[0].value = &inarg;
424 req->in.args[1].size = entry->d_name.len + 1;
425 req->in.args[1].value = entry->d_name.name;
426 req->out.numargs = 2;
428 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
430 req->out.args[0].size = sizeof(outentry);
431 req->out.args[0].value = &outentry;
432 req->out.args[1].size = sizeof(outopen);
433 req->out.args[1].value = &outopen;
434 fuse_request_send(fc, req);
435 err = req->out.h.error;
443 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
446 fuse_put_request(fc, req);
448 ff->nodeid = outentry.nodeid;
449 ff->open_flags = outopen.open_flags;
450 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
451 &outentry.attr, entry_attr_timeout(&outentry), 0);
453 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
454 fuse_sync_release(ff, flags);
455 fuse_send_forget(fc, forget_req, outentry.nodeid, 1);
458 fuse_put_request(fc, forget_req);
459 d_instantiate(entry, inode);
460 fuse_change_entry_timeout(entry, &outentry);
461 fuse_invalidate_attr(dir);
462 file = lookup_instantiate_filp(nd, entry, generic_file_open);
464 fuse_sync_release(ff, flags);
465 return PTR_ERR(file);
467 file->private_data = fuse_file_get(ff);
468 fuse_finish_open(inode, file);
474 fuse_put_request(fc, req);
476 fuse_put_request(fc, forget_req);
481 * Code shared between mknod, mkdir, symlink and link
483 static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req,
484 struct inode *dir, struct dentry *entry,
487 struct fuse_entry_out outarg;
490 struct fuse_req *forget_req;
492 forget_req = fuse_get_req(fc);
493 if (IS_ERR(forget_req)) {
494 fuse_put_request(fc, req);
495 return PTR_ERR(forget_req);
498 memset(&outarg, 0, sizeof(outarg));
499 req->in.h.nodeid = get_node_id(dir);
500 req->out.numargs = 1;
502 req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
504 req->out.args[0].size = sizeof(outarg);
505 req->out.args[0].value = &outarg;
506 fuse_request_send(fc, req);
507 err = req->out.h.error;
508 fuse_put_request(fc, req);
510 goto out_put_forget_req;
513 if (invalid_nodeid(outarg.nodeid))
514 goto out_put_forget_req;
516 if ((outarg.attr.mode ^ mode) & S_IFMT)
517 goto out_put_forget_req;
519 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
520 &outarg.attr, entry_attr_timeout(&outarg), 0);
522 fuse_send_forget(fc, forget_req, outarg.nodeid, 1);
525 fuse_put_request(fc, forget_req);
527 if (S_ISDIR(inode->i_mode)) {
528 struct dentry *alias;
529 mutex_lock(&fc->inst_mutex);
530 alias = d_find_alias(inode);
532 /* New directory must have moved since mkdir */
533 mutex_unlock(&fc->inst_mutex);
538 d_instantiate(entry, inode);
539 mutex_unlock(&fc->inst_mutex);
541 d_instantiate(entry, inode);
543 fuse_change_entry_timeout(entry, &outarg);
544 fuse_invalidate_attr(dir);
548 fuse_put_request(fc, forget_req);
552 static int fuse_mknod(struct inode *dir, struct dentry *entry, int mode,
555 struct fuse_mknod_in inarg;
556 struct fuse_conn *fc = get_fuse_conn(dir);
557 struct fuse_req *req = fuse_get_req(fc);
562 mode &= ~current_umask();
564 memset(&inarg, 0, sizeof(inarg));
566 inarg.rdev = new_encode_dev(rdev);
567 inarg.umask = current_umask();
568 req->in.h.opcode = FUSE_MKNOD;
570 req->in.args[0].size = fc->minor < 12 ? FUSE_COMPAT_MKNOD_IN_SIZE :
572 req->in.args[0].value = &inarg;
573 req->in.args[1].size = entry->d_name.len + 1;
574 req->in.args[1].value = entry->d_name.name;
575 return create_new_entry(fc, req, dir, entry, mode);
578 static int fuse_create(struct inode *dir, struct dentry *entry, int mode,
579 struct nameidata *nd)
581 if (nd && (nd->flags & LOOKUP_OPEN)) {
582 int err = fuse_create_open(dir, entry, mode, nd);
585 /* Fall back on mknod */
587 return fuse_mknod(dir, entry, mode, 0);
590 static int fuse_mkdir(struct inode *dir, struct dentry *entry, int mode)
592 struct fuse_mkdir_in inarg;
593 struct fuse_conn *fc = get_fuse_conn(dir);
594 struct fuse_req *req = fuse_get_req(fc);
599 mode &= ~current_umask();
601 memset(&inarg, 0, sizeof(inarg));
603 inarg.umask = current_umask();
604 req->in.h.opcode = FUSE_MKDIR;
606 req->in.args[0].size = sizeof(inarg);
607 req->in.args[0].value = &inarg;
608 req->in.args[1].size = entry->d_name.len + 1;
609 req->in.args[1].value = entry->d_name.name;
610 return create_new_entry(fc, req, dir, entry, S_IFDIR);
613 static int fuse_symlink(struct inode *dir, struct dentry *entry,
616 struct fuse_conn *fc = get_fuse_conn(dir);
617 unsigned len = strlen(link) + 1;
618 struct fuse_req *req = fuse_get_req(fc);
622 req->in.h.opcode = FUSE_SYMLINK;
624 req->in.args[0].size = entry->d_name.len + 1;
625 req->in.args[0].value = entry->d_name.name;
626 req->in.args[1].size = len;
627 req->in.args[1].value = link;
628 return create_new_entry(fc, req, dir, entry, S_IFLNK);
631 static int fuse_unlink(struct inode *dir, struct dentry *entry)
634 struct fuse_conn *fc = get_fuse_conn(dir);
635 struct fuse_req *req = fuse_get_req(fc);
639 req->in.h.opcode = FUSE_UNLINK;
640 req->in.h.nodeid = get_node_id(dir);
642 req->in.args[0].size = entry->d_name.len + 1;
643 req->in.args[0].value = entry->d_name.name;
644 fuse_request_send(fc, req);
645 err = req->out.h.error;
646 fuse_put_request(fc, req);
648 struct inode *inode = entry->d_inode;
651 * Set nlink to zero so the inode can be cleared, if the inode
652 * does have more links this will be discovered at the next
656 fuse_invalidate_attr(inode);
657 fuse_invalidate_attr(dir);
658 fuse_invalidate_entry_cache(entry);
659 } else if (err == -EINTR)
660 fuse_invalidate_entry(entry);
664 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
667 struct fuse_conn *fc = get_fuse_conn(dir);
668 struct fuse_req *req = fuse_get_req(fc);
672 req->in.h.opcode = FUSE_RMDIR;
673 req->in.h.nodeid = get_node_id(dir);
675 req->in.args[0].size = entry->d_name.len + 1;
676 req->in.args[0].value = entry->d_name.name;
677 fuse_request_send(fc, req);
678 err = req->out.h.error;
679 fuse_put_request(fc, req);
681 clear_nlink(entry->d_inode);
682 fuse_invalidate_attr(dir);
683 fuse_invalidate_entry_cache(entry);
684 } else if (err == -EINTR)
685 fuse_invalidate_entry(entry);
689 static int fuse_rename(struct inode *olddir, struct dentry *oldent,
690 struct inode *newdir, struct dentry *newent)
693 struct fuse_rename_in inarg;
694 struct fuse_conn *fc = get_fuse_conn(olddir);
695 struct fuse_req *req = fuse_get_req(fc);
699 memset(&inarg, 0, sizeof(inarg));
700 inarg.newdir = get_node_id(newdir);
701 req->in.h.opcode = FUSE_RENAME;
702 req->in.h.nodeid = get_node_id(olddir);
704 req->in.args[0].size = sizeof(inarg);
705 req->in.args[0].value = &inarg;
706 req->in.args[1].size = oldent->d_name.len + 1;
707 req->in.args[1].value = oldent->d_name.name;
708 req->in.args[2].size = newent->d_name.len + 1;
709 req->in.args[2].value = newent->d_name.name;
710 fuse_request_send(fc, req);
711 err = req->out.h.error;
712 fuse_put_request(fc, req);
715 fuse_invalidate_attr(oldent->d_inode);
717 fuse_invalidate_attr(olddir);
718 if (olddir != newdir)
719 fuse_invalidate_attr(newdir);
721 /* newent will end up negative */
722 if (newent->d_inode) {
723 fuse_invalidate_attr(newent->d_inode);
724 fuse_invalidate_entry_cache(newent);
726 } else if (err == -EINTR) {
727 /* If request was interrupted, DEITY only knows if the
728 rename actually took place. If the invalidation
729 fails (e.g. some process has CWD under the renamed
730 directory), then there can be inconsistency between
731 the dcache and the real filesystem. Tough luck. */
732 fuse_invalidate_entry(oldent);
734 fuse_invalidate_entry(newent);
740 static int fuse_link(struct dentry *entry, struct inode *newdir,
741 struct dentry *newent)
744 struct fuse_link_in inarg;
745 struct inode *inode = entry->d_inode;
746 struct fuse_conn *fc = get_fuse_conn(inode);
747 struct fuse_req *req = fuse_get_req(fc);
751 memset(&inarg, 0, sizeof(inarg));
752 inarg.oldnodeid = get_node_id(inode);
753 req->in.h.opcode = FUSE_LINK;
755 req->in.args[0].size = sizeof(inarg);
756 req->in.args[0].value = &inarg;
757 req->in.args[1].size = newent->d_name.len + 1;
758 req->in.args[1].value = newent->d_name.name;
759 err = create_new_entry(fc, req, newdir, newent, inode->i_mode);
760 /* Contrary to "normal" filesystems it can happen that link
761 makes two "logical" inodes point to the same "physical"
762 inode. We invalidate the attributes of the old one, so it
763 will reflect changes in the backing inode (link count,
766 if (!err || err == -EINTR)
767 fuse_invalidate_attr(inode);
771 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
774 stat->dev = inode->i_sb->s_dev;
775 stat->ino = attr->ino;
776 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
777 stat->nlink = attr->nlink;
778 stat->uid = attr->uid;
779 stat->gid = attr->gid;
780 stat->rdev = inode->i_rdev;
781 stat->atime.tv_sec = attr->atime;
782 stat->atime.tv_nsec = attr->atimensec;
783 stat->mtime.tv_sec = attr->mtime;
784 stat->mtime.tv_nsec = attr->mtimensec;
785 stat->ctime.tv_sec = attr->ctime;
786 stat->ctime.tv_nsec = attr->ctimensec;
787 stat->size = attr->size;
788 stat->blocks = attr->blocks;
789 stat->blksize = (1 << inode->i_blkbits);
792 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
796 struct fuse_getattr_in inarg;
797 struct fuse_attr_out outarg;
798 struct fuse_conn *fc = get_fuse_conn(inode);
799 struct fuse_req *req;
802 req = fuse_get_req(fc);
806 attr_version = fuse_get_attr_version(fc);
808 memset(&inarg, 0, sizeof(inarg));
809 memset(&outarg, 0, sizeof(outarg));
810 /* Directories have separate file-handle space */
811 if (file && S_ISREG(inode->i_mode)) {
812 struct fuse_file *ff = file->private_data;
814 inarg.getattr_flags |= FUSE_GETATTR_FH;
817 req->in.h.opcode = FUSE_GETATTR;
818 req->in.h.nodeid = get_node_id(inode);
820 req->in.args[0].size = sizeof(inarg);
821 req->in.args[0].value = &inarg;
822 req->out.numargs = 1;
824 req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
826 req->out.args[0].size = sizeof(outarg);
827 req->out.args[0].value = &outarg;
828 fuse_request_send(fc, req);
829 err = req->out.h.error;
830 fuse_put_request(fc, req);
832 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
833 make_bad_inode(inode);
836 fuse_change_attributes(inode, &outarg.attr,
837 attr_timeout(&outarg),
840 fuse_fillattr(inode, &outarg.attr, stat);
846 int fuse_update_attributes(struct inode *inode, struct kstat *stat,
847 struct file *file, bool *refreshed)
849 struct fuse_inode *fi = get_fuse_inode(inode);
853 if (fi->i_time < get_jiffies_64()) {
855 err = fuse_do_getattr(inode, stat, file);
860 generic_fillattr(inode, stat);
861 stat->mode = fi->orig_i_mode;
865 if (refreshed != NULL)
871 int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
875 struct inode *parent;
877 struct dentry *entry;
879 parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
883 mutex_lock(&parent->i_mutex);
884 if (!S_ISDIR(parent->i_mode))
888 dir = d_find_alias(parent);
892 entry = d_lookup(dir, name);
897 fuse_invalidate_attr(parent);
898 fuse_invalidate_entry(entry);
903 mutex_unlock(&parent->i_mutex);
909 * Calling into a user-controlled filesystem gives the filesystem
910 * daemon ptrace-like capabilities over the requester process. This
911 * means, that the filesystem daemon is able to record the exact
912 * filesystem operations performed, and can also control the behavior
913 * of the requester process in otherwise impossible ways. For example
914 * it can delay the operation for arbitrary length of time allowing
915 * DoS against the requester.
917 * For this reason only those processes can call into the filesystem,
918 * for which the owner of the mount has ptrace privilege. This
919 * excludes processes started by other users, suid or sgid processes.
921 int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
923 const struct cred *cred;
926 if (fc->flags & FUSE_ALLOW_OTHER)
931 cred = __task_cred(task);
932 if (cred->euid == fc->user_id &&
933 cred->suid == fc->user_id &&
934 cred->uid == fc->user_id &&
935 cred->egid == fc->group_id &&
936 cred->sgid == fc->group_id &&
937 cred->gid == fc->group_id)
944 static int fuse_access(struct inode *inode, int mask)
946 struct fuse_conn *fc = get_fuse_conn(inode);
947 struct fuse_req *req;
948 struct fuse_access_in inarg;
954 req = fuse_get_req(fc);
958 memset(&inarg, 0, sizeof(inarg));
959 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
960 req->in.h.opcode = FUSE_ACCESS;
961 req->in.h.nodeid = get_node_id(inode);
963 req->in.args[0].size = sizeof(inarg);
964 req->in.args[0].value = &inarg;
965 fuse_request_send(fc, req);
966 err = req->out.h.error;
967 fuse_put_request(fc, req);
968 if (err == -ENOSYS) {
976 * Check permission. The two basic access models of FUSE are:
978 * 1) Local access checking ('default_permissions' mount option) based
979 * on file mode. This is the plain old disk filesystem permission
982 * 2) "Remote" access checking, where server is responsible for
983 * checking permission in each inode operation. An exception to this
984 * is if ->permission() was invoked from sys_access() in which case an
985 * access request is sent. Execute permission is still checked
986 * locally based on file mode.
988 static int fuse_permission(struct inode *inode, int mask, unsigned int flags)
990 struct fuse_conn *fc = get_fuse_conn(inode);
991 bool refreshed = false;
994 if (flags & IPERM_FLAG_RCU)
997 if (!fuse_allow_task(fc, current))
1001 * If attributes are needed, refresh them before proceeding
1003 if ((fc->flags & FUSE_DEFAULT_PERMISSIONS) ||
1004 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1005 err = fuse_update_attributes(inode, NULL, NULL, &refreshed);
1010 if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
1011 err = generic_permission(inode, mask, flags, NULL);
1013 /* If permission is denied, try to refresh file
1014 attributes. This is also needed, because the root
1015 node will at first have no permissions */
1016 if (err == -EACCES && !refreshed) {
1017 err = fuse_do_getattr(inode, NULL, NULL);
1019 err = generic_permission(inode, mask,
1023 /* Note: the opposite of the above test does not
1024 exist. So if permissions are revoked this won't be
1025 noticed immediately, only after the attribute
1026 timeout has expired */
1027 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1028 err = fuse_access(inode, mask);
1029 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1030 if (!(inode->i_mode & S_IXUGO)) {
1034 err = fuse_do_getattr(inode, NULL, NULL);
1035 if (!err && !(inode->i_mode & S_IXUGO))
1042 static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
1043 void *dstbuf, filldir_t filldir)
1045 while (nbytes >= FUSE_NAME_OFFSET) {
1046 struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
1047 size_t reclen = FUSE_DIRENT_SIZE(dirent);
1049 if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
1051 if (reclen > nbytes)
1054 over = filldir(dstbuf, dirent->name, dirent->namelen,
1055 file->f_pos, dirent->ino, dirent->type);
1061 file->f_pos = dirent->off;
1067 static int fuse_readdir(struct file *file, void *dstbuf, filldir_t filldir)
1072 struct inode *inode = file->f_path.dentry->d_inode;
1073 struct fuse_conn *fc = get_fuse_conn(inode);
1074 struct fuse_req *req;
1076 if (is_bad_inode(inode))
1079 req = fuse_get_req(fc);
1081 return PTR_ERR(req);
1083 page = alloc_page(GFP_KERNEL);
1085 fuse_put_request(fc, req);
1088 req->out.argpages = 1;
1090 req->pages[0] = page;
1091 fuse_read_fill(req, file, file->f_pos, PAGE_SIZE, FUSE_READDIR);
1092 fuse_request_send(fc, req);
1093 nbytes = req->out.args[0].size;
1094 err = req->out.h.error;
1095 fuse_put_request(fc, req);
1097 err = parse_dirfile(page_address(page), nbytes, file, dstbuf,
1101 fuse_invalidate_attr(inode); /* atime changed */
1105 static char *read_link(struct dentry *dentry)
1107 struct inode *inode = dentry->d_inode;
1108 struct fuse_conn *fc = get_fuse_conn(inode);
1109 struct fuse_req *req = fuse_get_req(fc);
1113 return ERR_CAST(req);
1115 link = (char *) __get_free_page(GFP_KERNEL);
1117 link = ERR_PTR(-ENOMEM);
1120 req->in.h.opcode = FUSE_READLINK;
1121 req->in.h.nodeid = get_node_id(inode);
1122 req->out.argvar = 1;
1123 req->out.numargs = 1;
1124 req->out.args[0].size = PAGE_SIZE - 1;
1125 req->out.args[0].value = link;
1126 fuse_request_send(fc, req);
1127 if (req->out.h.error) {
1128 free_page((unsigned long) link);
1129 link = ERR_PTR(req->out.h.error);
1131 link[req->out.args[0].size] = '\0';
1133 fuse_put_request(fc, req);
1134 fuse_invalidate_attr(inode); /* atime changed */
1138 static void free_link(char *link)
1141 free_page((unsigned long) link);
1144 static void *fuse_follow_link(struct dentry *dentry, struct nameidata *nd)
1146 nd_set_link(nd, read_link(dentry));
1150 static void fuse_put_link(struct dentry *dentry, struct nameidata *nd, void *c)
1152 free_link(nd_get_link(nd));
1155 static int fuse_dir_open(struct inode *inode, struct file *file)
1157 return fuse_open_common(inode, file, true);
1160 static int fuse_dir_release(struct inode *inode, struct file *file)
1162 fuse_release_common(file, FUSE_RELEASEDIR);
1167 static int fuse_dir_fsync(struct file *file, int datasync)
1169 return fuse_fsync_common(file, datasync, 1);
1172 static bool update_mtime(unsigned ivalid)
1174 /* Always update if mtime is explicitly set */
1175 if (ivalid & ATTR_MTIME_SET)
1178 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1179 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1182 /* In all other cases update */
1186 static void iattr_to_fattr(struct iattr *iattr, struct fuse_setattr_in *arg)
1188 unsigned ivalid = iattr->ia_valid;
1190 if (ivalid & ATTR_MODE)
1191 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1192 if (ivalid & ATTR_UID)
1193 arg->valid |= FATTR_UID, arg->uid = iattr->ia_uid;
1194 if (ivalid & ATTR_GID)
1195 arg->valid |= FATTR_GID, arg->gid = iattr->ia_gid;
1196 if (ivalid & ATTR_SIZE)
1197 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1198 if (ivalid & ATTR_ATIME) {
1199 arg->valid |= FATTR_ATIME;
1200 arg->atime = iattr->ia_atime.tv_sec;
1201 arg->atimensec = iattr->ia_atime.tv_nsec;
1202 if (!(ivalid & ATTR_ATIME_SET))
1203 arg->valid |= FATTR_ATIME_NOW;
1205 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid)) {
1206 arg->valid |= FATTR_MTIME;
1207 arg->mtime = iattr->ia_mtime.tv_sec;
1208 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1209 if (!(ivalid & ATTR_MTIME_SET))
1210 arg->valid |= FATTR_MTIME_NOW;
1215 * Prevent concurrent writepages on inode
1217 * This is done by adding a negative bias to the inode write counter
1218 * and waiting for all pending writes to finish.
1220 void fuse_set_nowrite(struct inode *inode)
1222 struct fuse_conn *fc = get_fuse_conn(inode);
1223 struct fuse_inode *fi = get_fuse_inode(inode);
1225 BUG_ON(!mutex_is_locked(&inode->i_mutex));
1227 spin_lock(&fc->lock);
1228 BUG_ON(fi->writectr < 0);
1229 fi->writectr += FUSE_NOWRITE;
1230 spin_unlock(&fc->lock);
1231 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1235 * Allow writepages on inode
1237 * Remove the bias from the writecounter and send any queued
1240 static void __fuse_release_nowrite(struct inode *inode)
1242 struct fuse_inode *fi = get_fuse_inode(inode);
1244 BUG_ON(fi->writectr != FUSE_NOWRITE);
1246 fuse_flush_writepages(inode);
1249 void fuse_release_nowrite(struct inode *inode)
1251 struct fuse_conn *fc = get_fuse_conn(inode);
1253 spin_lock(&fc->lock);
1254 __fuse_release_nowrite(inode);
1255 spin_unlock(&fc->lock);
1259 * Set attributes, and at the same time refresh them.
1261 * Truncation is slightly complicated, because the 'truncate' request
1262 * may fail, in which case we don't want to touch the mapping.
1263 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1264 * and the actual truncation by hand.
1266 static int fuse_do_setattr(struct dentry *entry, struct iattr *attr,
1269 struct inode *inode = entry->d_inode;
1270 struct fuse_conn *fc = get_fuse_conn(inode);
1271 struct fuse_req *req;
1272 struct fuse_setattr_in inarg;
1273 struct fuse_attr_out outarg;
1274 bool is_truncate = false;
1278 if (!fuse_allow_task(fc, current))
1281 if (!(fc->flags & FUSE_DEFAULT_PERMISSIONS))
1282 attr->ia_valid |= ATTR_FORCE;
1284 err = inode_change_ok(inode, attr);
1288 if ((attr->ia_valid & ATTR_OPEN) && fc->atomic_o_trunc)
1291 if (attr->ia_valid & ATTR_SIZE)
1294 req = fuse_get_req(fc);
1296 return PTR_ERR(req);
1299 fuse_set_nowrite(inode);
1301 memset(&inarg, 0, sizeof(inarg));
1302 memset(&outarg, 0, sizeof(outarg));
1303 iattr_to_fattr(attr, &inarg);
1305 struct fuse_file *ff = file->private_data;
1306 inarg.valid |= FATTR_FH;
1309 if (attr->ia_valid & ATTR_SIZE) {
1310 /* For mandatory locking in truncate */
1311 inarg.valid |= FATTR_LOCKOWNER;
1312 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1314 req->in.h.opcode = FUSE_SETATTR;
1315 req->in.h.nodeid = get_node_id(inode);
1316 req->in.numargs = 1;
1317 req->in.args[0].size = sizeof(inarg);
1318 req->in.args[0].value = &inarg;
1319 req->out.numargs = 1;
1321 req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
1323 req->out.args[0].size = sizeof(outarg);
1324 req->out.args[0].value = &outarg;
1325 fuse_request_send(fc, req);
1326 err = req->out.h.error;
1327 fuse_put_request(fc, req);
1330 fuse_invalidate_attr(inode);
1334 if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
1335 make_bad_inode(inode);
1340 spin_lock(&fc->lock);
1341 fuse_change_attributes_common(inode, &outarg.attr,
1342 attr_timeout(&outarg));
1343 oldsize = inode->i_size;
1344 i_size_write(inode, outarg.attr.size);
1347 /* NOTE: this may release/reacquire fc->lock */
1348 __fuse_release_nowrite(inode);
1350 spin_unlock(&fc->lock);
1353 * Only call invalidate_inode_pages2() after removing
1354 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1356 if (S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1357 truncate_pagecache(inode, oldsize, outarg.attr.size);
1358 invalidate_inode_pages2(inode->i_mapping);
1365 fuse_release_nowrite(inode);
1370 static int fuse_setattr(struct dentry *entry, struct iattr *attr)
1372 if (attr->ia_valid & ATTR_FILE)
1373 return fuse_do_setattr(entry, attr, attr->ia_file);
1375 return fuse_do_setattr(entry, attr, NULL);
1378 static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry,
1381 struct inode *inode = entry->d_inode;
1382 struct fuse_conn *fc = get_fuse_conn(inode);
1384 if (!fuse_allow_task(fc, current))
1387 return fuse_update_attributes(inode, stat, NULL, NULL);
1390 static int fuse_setxattr(struct dentry *entry, const char *name,
1391 const void *value, size_t size, int flags)
1393 struct inode *inode = entry->d_inode;
1394 struct fuse_conn *fc = get_fuse_conn(inode);
1395 struct fuse_req *req;
1396 struct fuse_setxattr_in inarg;
1399 if (fc->no_setxattr)
1402 req = fuse_get_req(fc);
1404 return PTR_ERR(req);
1406 memset(&inarg, 0, sizeof(inarg));
1408 inarg.flags = flags;
1409 req->in.h.opcode = FUSE_SETXATTR;
1410 req->in.h.nodeid = get_node_id(inode);
1411 req->in.numargs = 3;
1412 req->in.args[0].size = sizeof(inarg);
1413 req->in.args[0].value = &inarg;
1414 req->in.args[1].size = strlen(name) + 1;
1415 req->in.args[1].value = name;
1416 req->in.args[2].size = size;
1417 req->in.args[2].value = value;
1418 fuse_request_send(fc, req);
1419 err = req->out.h.error;
1420 fuse_put_request(fc, req);
1421 if (err == -ENOSYS) {
1422 fc->no_setxattr = 1;
1428 static ssize_t fuse_getxattr(struct dentry *entry, const char *name,
1429 void *value, size_t size)
1431 struct inode *inode = entry->d_inode;
1432 struct fuse_conn *fc = get_fuse_conn(inode);
1433 struct fuse_req *req;
1434 struct fuse_getxattr_in inarg;
1435 struct fuse_getxattr_out outarg;
1438 if (fc->no_getxattr)
1441 req = fuse_get_req(fc);
1443 return PTR_ERR(req);
1445 memset(&inarg, 0, sizeof(inarg));
1447 req->in.h.opcode = FUSE_GETXATTR;
1448 req->in.h.nodeid = get_node_id(inode);
1449 req->in.numargs = 2;
1450 req->in.args[0].size = sizeof(inarg);
1451 req->in.args[0].value = &inarg;
1452 req->in.args[1].size = strlen(name) + 1;
1453 req->in.args[1].value = name;
1454 /* This is really two different operations rolled into one */
1455 req->out.numargs = 1;
1457 req->out.argvar = 1;
1458 req->out.args[0].size = size;
1459 req->out.args[0].value = value;
1461 req->out.args[0].size = sizeof(outarg);
1462 req->out.args[0].value = &outarg;
1464 fuse_request_send(fc, req);
1465 ret = req->out.h.error;
1467 ret = size ? req->out.args[0].size : outarg.size;
1469 if (ret == -ENOSYS) {
1470 fc->no_getxattr = 1;
1474 fuse_put_request(fc, req);
1478 static ssize_t fuse_listxattr(struct dentry *entry, char *list, size_t size)
1480 struct inode *inode = entry->d_inode;
1481 struct fuse_conn *fc = get_fuse_conn(inode);
1482 struct fuse_req *req;
1483 struct fuse_getxattr_in inarg;
1484 struct fuse_getxattr_out outarg;
1487 if (!fuse_allow_task(fc, current))
1490 if (fc->no_listxattr)
1493 req = fuse_get_req(fc);
1495 return PTR_ERR(req);
1497 memset(&inarg, 0, sizeof(inarg));
1499 req->in.h.opcode = FUSE_LISTXATTR;
1500 req->in.h.nodeid = get_node_id(inode);
1501 req->in.numargs = 1;
1502 req->in.args[0].size = sizeof(inarg);
1503 req->in.args[0].value = &inarg;
1504 /* This is really two different operations rolled into one */
1505 req->out.numargs = 1;
1507 req->out.argvar = 1;
1508 req->out.args[0].size = size;
1509 req->out.args[0].value = list;
1511 req->out.args[0].size = sizeof(outarg);
1512 req->out.args[0].value = &outarg;
1514 fuse_request_send(fc, req);
1515 ret = req->out.h.error;
1517 ret = size ? req->out.args[0].size : outarg.size;
1519 if (ret == -ENOSYS) {
1520 fc->no_listxattr = 1;
1524 fuse_put_request(fc, req);
1528 static int fuse_removexattr(struct dentry *entry, const char *name)
1530 struct inode *inode = entry->d_inode;
1531 struct fuse_conn *fc = get_fuse_conn(inode);
1532 struct fuse_req *req;
1535 if (fc->no_removexattr)
1538 req = fuse_get_req(fc);
1540 return PTR_ERR(req);
1542 req->in.h.opcode = FUSE_REMOVEXATTR;
1543 req->in.h.nodeid = get_node_id(inode);
1544 req->in.numargs = 1;
1545 req->in.args[0].size = strlen(name) + 1;
1546 req->in.args[0].value = name;
1547 fuse_request_send(fc, req);
1548 err = req->out.h.error;
1549 fuse_put_request(fc, req);
1550 if (err == -ENOSYS) {
1551 fc->no_removexattr = 1;
1557 static const struct inode_operations fuse_dir_inode_operations = {
1558 .lookup = fuse_lookup,
1559 .mkdir = fuse_mkdir,
1560 .symlink = fuse_symlink,
1561 .unlink = fuse_unlink,
1562 .rmdir = fuse_rmdir,
1563 .rename = fuse_rename,
1565 .setattr = fuse_setattr,
1566 .create = fuse_create,
1567 .mknod = fuse_mknod,
1568 .permission = fuse_permission,
1569 .getattr = fuse_getattr,
1570 .setxattr = fuse_setxattr,
1571 .getxattr = fuse_getxattr,
1572 .listxattr = fuse_listxattr,
1573 .removexattr = fuse_removexattr,
1576 static const struct file_operations fuse_dir_operations = {
1577 .llseek = generic_file_llseek,
1578 .read = generic_read_dir,
1579 .readdir = fuse_readdir,
1580 .open = fuse_dir_open,
1581 .release = fuse_dir_release,
1582 .fsync = fuse_dir_fsync,
1585 static const struct inode_operations fuse_common_inode_operations = {
1586 .setattr = fuse_setattr,
1587 .permission = fuse_permission,
1588 .getattr = fuse_getattr,
1589 .setxattr = fuse_setxattr,
1590 .getxattr = fuse_getxattr,
1591 .listxattr = fuse_listxattr,
1592 .removexattr = fuse_removexattr,
1595 static const struct inode_operations fuse_symlink_inode_operations = {
1596 .setattr = fuse_setattr,
1597 .follow_link = fuse_follow_link,
1598 .put_link = fuse_put_link,
1599 .readlink = generic_readlink,
1600 .getattr = fuse_getattr,
1601 .setxattr = fuse_setxattr,
1602 .getxattr = fuse_getxattr,
1603 .listxattr = fuse_listxattr,
1604 .removexattr = fuse_removexattr,
1607 void fuse_init_common(struct inode *inode)
1609 inode->i_op = &fuse_common_inode_operations;
1612 void fuse_init_dir(struct inode *inode)
1614 inode->i_op = &fuse_dir_inode_operations;
1615 inode->i_fop = &fuse_dir_operations;
1618 void fuse_init_symlink(struct inode *inode)
1620 inode->i_op = &fuse_symlink_inode_operations;