dir.c 39.7 KB
Newer Older
1 2
/*
  FUSE: Filesystem in Userspace
Miklos Szeredi's avatar
Miklos Szeredi committed
3
  Copyright (C) 2001-2008  Miklos Szeredi <miklos@szeredi.hu>
4 5 6 7 8 9 10 11 12 13 14 15 16

  This program can be distributed under the terms of the GNU GPL.
  See the file COPYING.
*/

#include "fuse_i.h"

#include <linux/pagemap.h>
#include <linux/file.h>
#include <linux/gfp.h>
#include <linux/sched.h>
#include <linux/namei.h>

Miklos Szeredi's avatar
Miklos Szeredi committed
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
#if BITS_PER_LONG >= 64
static inline void fuse_dentry_settime(struct dentry *entry, u64 time)
{
	entry->d_time = time;
}

static inline u64 fuse_dentry_time(struct dentry *entry)
{
	return entry->d_time;
}
#else
/*
 * On 32 bit archs store the high 32 bits of time in d_fsdata
 */
static void fuse_dentry_settime(struct dentry *entry, u64 time)
{
	entry->d_time = time;
	entry->d_fsdata = (void *) (unsigned long) (time >> 32);
}

static u64 fuse_dentry_time(struct dentry *entry)
{
	return (u64) entry->d_time +
		((u64) (unsigned long) entry->d_fsdata << 32);
}
#endif

44 45 46 47 48 49 50 51 52
/*
 * FUSE caches dentries and attributes with separate timeout.  The
 * time in jiffies until the dentry/attributes are valid is stored in
 * dentry->d_time and fuse_inode->i_time respectively.
 */

/*
 * Calculate the time in jiffies until a dentry/attributes are valid
 */
Miklos Szeredi's avatar
Miklos Szeredi committed
53
static u64 time_to_jiffies(unsigned long sec, unsigned long nsec)
54
{
55 56
	if (sec || nsec) {
		struct timespec ts = {sec, nsec};
Miklos Szeredi's avatar
Miklos Szeredi committed
57
		return get_jiffies_64() + timespec_to_jiffies(&ts);
58
	} else
Miklos Szeredi's avatar
Miklos Szeredi committed
59
		return 0;
60 61
}

62 63 64 65
/*
 * Set dentry and possibly attribute timeouts from the lookup/mk*
 * replies
 */
66 67
static void fuse_change_entry_timeout(struct dentry *entry,
				      struct fuse_entry_out *o)
68
{
Miklos Szeredi's avatar
Miklos Szeredi committed
69 70
	fuse_dentry_settime(entry,
		time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
71 72 73 74 75 76 77 78 79 80
}

static u64 attr_timeout(struct fuse_attr_out *o)
{
	return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
}

static u64 entry_attr_timeout(struct fuse_entry_out *o)
{
	return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
81 82
}

83 84 85 86
/*
 * Mark the attributes as stale, so that at the next call to
 * ->getattr() they will be fetched from userspace
 */
87 88
void fuse_invalidate_attr(struct inode *inode)
{
Miklos Szeredi's avatar
Miklos Szeredi committed
89
	get_fuse_inode(inode)->i_time = 0;
90 91
}

92 93 94 95 96 97 98 99
/*
 * Just mark the entry as stale, so that a next attempt to look it up
 * will result in a new lookup call to userspace
 *
 * This is called when a dentry is about to become negative and the
 * timeout is unknown (unlink, rmdir, rename and in some cases
 * lookup)
 */
Miklos Szeredi's avatar
Miklos Szeredi committed
100
void fuse_invalidate_entry_cache(struct dentry *entry)
101
{
Miklos Szeredi's avatar
Miklos Szeredi committed
102
	fuse_dentry_settime(entry, 0);
103 104
}

105 106 107 108
/*
 * Same as fuse_invalidate_entry_cache(), but also try to remove the
 * dentry from the hash
 */
109 110 111 112
static void fuse_invalidate_entry(struct dentry *entry)
{
	d_invalidate(entry);
	fuse_invalidate_entry_cache(entry);
113 114
}

115 116
static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_req *req,
			     u64 nodeid, struct qstr *name,
117 118
			     struct fuse_entry_out *outarg)
{
119
	memset(outarg, 0, sizeof(struct fuse_entry_out));
120
	req->in.h.opcode = FUSE_LOOKUP;
121
	req->in.h.nodeid = nodeid;
122
	req->in.numargs = 1;
123 124
	req->in.args[0].size = name->len + 1;
	req->in.args[0].value = name->name;
125
	req->out.numargs = 1;
126 127 128 129
	if (fc->minor < 9)
		req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
	else
		req->out.args[0].size = sizeof(struct fuse_entry_out);
130 131 132
	req->out.args[0].value = outarg;
}

133
u64 fuse_get_attr_version(struct fuse_conn *fc)
134 135 136 137 138 139 140 141 142 143 144 145 146 147
{
	u64 curr_version;

	/*
	 * The spin lock isn't actually needed on 64bit archs, but we
	 * don't yet care too much about such optimizations.
	 */
	spin_lock(&fc->lock);
	curr_version = fc->attr_version;
	spin_unlock(&fc->lock);

	return curr_version;
}

148 149 150 151 152 153 154 155 156
/*
 * Check whether the dentry is still valid
 *
 * If the entry validity timeout has expired and the dentry is
 * positive, try to redo the lookup.  If the lookup results in a
 * different inode, then let the VFS invalidate the dentry and redo
 * the lookup once more.  If the lookup results in the same inode,
 * then refresh the attributes, timeouts and mark the dentry valid.
 */
157 158
static int fuse_dentry_revalidate(struct dentry *entry, struct nameidata *nd)
{
159 160 161
	struct inode *inode = entry->d_inode;

	if (inode && is_bad_inode(inode))
162
		return 0;
Miklos Szeredi's avatar
Miklos Szeredi committed
163
	else if (fuse_dentry_time(entry) < get_jiffies_64()) {
164 165
		int err;
		struct fuse_entry_out outarg;
166 167
		struct fuse_conn *fc;
		struct fuse_req *req;
168
		struct fuse_req *forget_req;
169
		struct dentry *parent;
170
		u64 attr_version;
171

172
		/* For negative dentries, always do a fresh lookup */
173 174 175 176
		if (!inode)
			return 0;

		fc = get_fuse_conn(inode);
177 178
		req = fuse_get_req(fc);
		if (IS_ERR(req))
179 180
			return 0;

181 182 183 184 185 186
		forget_req = fuse_get_req(fc);
		if (IS_ERR(forget_req)) {
			fuse_put_request(fc, req);
			return 0;
		}

187
		attr_version = fuse_get_attr_version(fc);
188

189
		parent = dget_parent(entry);
190 191
		fuse_lookup_init(fc, req, get_node_id(parent->d_inode),
				 &entry->d_name, &outarg);
192
		fuse_request_send(fc, req);
193
		dput(parent);
194
		err = req->out.h.error;
195
		fuse_put_request(fc, req);
196 197 198
		/* Zero nodeid is same as -ENOENT */
		if (!err && !outarg.nodeid)
			err = -ENOENT;
199
		if (!err) {
200
			struct fuse_inode *fi = get_fuse_inode(inode);
201
			if (outarg.nodeid != get_node_id(inode)) {
202 203
				fuse_send_forget(fc, forget_req,
						 outarg.nodeid, 1);
204 205
				return 0;
			}
206
			spin_lock(&fc->lock);
Miklos Szeredi's avatar
Miklos Szeredi committed
207
			fi->nlookup++;
208
			spin_unlock(&fc->lock);
209
		}
210
		fuse_put_request(fc, forget_req);
211
		if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT)
212 213
			return 0;

214 215 216 217
		fuse_change_attributes(inode, &outarg.attr,
				       entry_attr_timeout(&outarg),
				       attr_version);
		fuse_change_entry_timeout(entry, &outarg);
218 219 220 221
	}
	return 1;
}

222
static int invalid_nodeid(u64 nodeid)
223 224 225 226
{
	return !nodeid || nodeid == FUSE_ROOT_ID;
}

Al Viro's avatar
Al Viro committed
227
const struct dentry_operations fuse_dentry_operations = {
228 229 230
	.d_revalidate	= fuse_dentry_revalidate,
};

231
int fuse_valid_type(int m)
232 233 234 235 236
{
	return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
		S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
}

237 238 239 240
/*
 * Add a directory inode to a dentry, ensuring that no other dentry
 * refers to this inode.  Called with fc->inst_mutex.
 */
241 242
static struct dentry *fuse_d_add_directory(struct dentry *entry,
					   struct inode *inode)
243 244
{
	struct dentry *alias = d_find_alias(inode);
245
	if (alias && !(alias->d_flags & DCACHE_DISCONNECTED)) {
246 247 248 249
		/* This tries to shrink the subtree below alias */
		fuse_invalidate_entry(alias);
		dput(alias);
		if (!list_empty(&inode->i_dentry))
250 251 252
			return ERR_PTR(-EBUSY);
	} else {
		dput(alias);
253
	}
254
	return d_splice_alias(inode, entry);
255 256
}

257 258
int fuse_lookup_name(struct super_block *sb, u64 nodeid, struct qstr *name,
		     struct fuse_entry_out *outarg, struct inode **inode)
259
{
260
	struct fuse_conn *fc = get_fuse_conn_super(sb);
261
	struct fuse_req *req;
262
	struct fuse_req *forget_req;
263
	u64 attr_version;
264
	int err;
265

266 267 268 269
	*inode = NULL;
	err = -ENAMETOOLONG;
	if (name->len > FUSE_NAME_MAX)
		goto out;
270

271
	req = fuse_get_req(fc);
272
	err = PTR_ERR(req);
273
	if (IS_ERR(req))
274
		goto out;
275

276
	forget_req = fuse_get_req(fc);
277
	err = PTR_ERR(forget_req);
278 279
	if (IS_ERR(forget_req)) {
		fuse_put_request(fc, req);
280
		goto out;
281 282
	}

283
	attr_version = fuse_get_attr_version(fc);
284

285
	fuse_lookup_init(fc, req, nodeid, name, outarg);
286
	fuse_request_send(fc, req);
287
	err = req->out.h.error;
288
	fuse_put_request(fc, req);
289
	/* Zero nodeid is same as -ENOENT, but with valid timeout */
290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305
	if (err || !outarg->nodeid)
		goto out_put_forget;

	err = -EIO;
	if (!outarg->nodeid)
		goto out_put_forget;
	if (!fuse_valid_type(outarg->attr.mode))
		goto out_put_forget;

	*inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
			   &outarg->attr, entry_attr_timeout(outarg),
			   attr_version);
	err = -ENOMEM;
	if (!*inode) {
		fuse_send_forget(fc, forget_req, outarg->nodeid, 1);
		goto out;
306
	}
307 308 309
	err = 0;

 out_put_forget:
310
	fuse_put_request(fc, forget_req);
311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336
 out:
	return err;
}

static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
				  struct nameidata *nd)
{
	int err;
	struct fuse_entry_out outarg;
	struct inode *inode;
	struct dentry *newent;
	struct fuse_conn *fc = get_fuse_conn(dir);
	bool outarg_valid = true;

	err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
			       &outarg, &inode);
	if (err == -ENOENT) {
		outarg_valid = false;
		err = 0;
	}
	if (err)
		goto out_err;

	err = -EIO;
	if (inode && get_node_id(inode) == FUSE_ROOT_ID)
		goto out_iput;
337

338 339
	if (inode && S_ISDIR(inode->i_mode)) {
		mutex_lock(&fc->inst_mutex);
340
		newent = fuse_d_add_directory(entry, inode);
341
		mutex_unlock(&fc->inst_mutex);
342 343 344 345
		err = PTR_ERR(newent);
		if (IS_ERR(newent))
			goto out_iput;
	} else {
346
		newent = d_splice_alias(inode, entry);
347
	}
348

349
	entry = newent ? newent : entry;
350
	entry->d_op = &fuse_dentry_operations;
351
	if (outarg_valid)
352
		fuse_change_entry_timeout(entry, &outarg);
353 354
	else
		fuse_invalidate_entry_cache(entry);
355

356
	return newent;
357 358 359 360 361

 out_iput:
	iput(inode);
 out_err:
	return ERR_PTR(err);
362 363
}

364 365 366 367 368 369
/*
 * Atomic create+open operation
 *
 * If the filesystem doesn't support this, then fall back to separate
 * 'mknod' + 'open' requests.
 */
370 371 372 373 374 375 376
static int fuse_create_open(struct inode *dir, struct dentry *entry, int mode,
			    struct nameidata *nd)
{
	int err;
	struct inode *inode;
	struct fuse_conn *fc = get_fuse_conn(dir);
	struct fuse_req *req;
377
	struct fuse_req *forget_req;
378
	struct fuse_create_in inarg;
379 380 381 382 383 384 385
	struct fuse_open_out outopen;
	struct fuse_entry_out outentry;
	struct fuse_file *ff;
	struct file *file;
	int flags = nd->intent.open.flags - 1;

	if (fc->no_create)
386
		return -ENOSYS;
387

388 389 390
	if (flags & O_DIRECT)
		return -EINVAL;

391 392 393 394
	forget_req = fuse_get_req(fc);
	if (IS_ERR(forget_req))
		return PTR_ERR(forget_req);

395
	req = fuse_get_req(fc);
396
	err = PTR_ERR(req);
397
	if (IS_ERR(req))
398
		goto out_put_forget_req;
399

400
	err = -ENOMEM;
Tejun Heo's avatar
Tejun Heo committed
401
	ff = fuse_file_alloc(fc);
402 403 404
	if (!ff)
		goto out_put_request;

405 406 407
	if (!fc->dont_mask)
		mode &= ~current_umask();

408 409
	flags &= ~O_NOCTTY;
	memset(&inarg, 0, sizeof(inarg));
410
	memset(&outentry, 0, sizeof(outentry));
411 412
	inarg.flags = flags;
	inarg.mode = mode;
413
	inarg.umask = current_umask();
414 415 416
	req->in.h.opcode = FUSE_CREATE;
	req->in.h.nodeid = get_node_id(dir);
	req->in.numargs = 2;
417 418
	req->in.args[0].size = fc->minor < 12 ? sizeof(struct fuse_open_in) :
						sizeof(inarg);
419 420 421 422
	req->in.args[0].value = &inarg;
	req->in.args[1].size = entry->d_name.len + 1;
	req->in.args[1].value = entry->d_name.name;
	req->out.numargs = 2;
423 424 425 426
	if (fc->minor < 9)
		req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
	else
		req->out.args[0].size = sizeof(outentry);
427 428 429
	req->out.args[0].value = &outentry;
	req->out.args[1].size = sizeof(outopen);
	req->out.args[1].value = &outopen;
430
	fuse_request_send(fc, req);
431 432 433 434 435 436 437 438
	err = req->out.h.error;
	if (err) {
		if (err == -ENOSYS)
			fc->no_create = 1;
		goto out_free_ff;
	}

	err = -EIO;
439
	if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid))
440 441
		goto out_free_ff;

442
	fuse_put_request(fc, req);
443 444 445
	ff->fh = outopen.fh;
	ff->nodeid = outentry.nodeid;
	ff->open_flags = outopen.open_flags;
446
	inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
447
			  &outentry.attr, entry_attr_timeout(&outentry), 0);
448 449
	if (!inode) {
		flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
450
		fuse_sync_release(ff, flags);
451 452
		fuse_send_forget(fc, forget_req, outentry.nodeid, 1);
		return -ENOMEM;
453
	}
454
	fuse_put_request(fc, forget_req);
455
	d_instantiate(entry, inode);
456
	fuse_change_entry_timeout(entry, &outentry);
457
	fuse_invalidate_attr(dir);
458 459
	file = lookup_instantiate_filp(nd, entry, generic_file_open);
	if (IS_ERR(file)) {
460
		fuse_sync_release(ff, flags);
461 462
		return PTR_ERR(file);
	}
463 464
	file->private_data = fuse_file_get(ff);
	fuse_finish_open(inode, file);
465 466 467 468 469 470
	return 0;

 out_free_ff:
	fuse_file_free(ff);
 out_put_request:
	fuse_put_request(fc, req);
471 472
 out_put_forget_req:
	fuse_put_request(fc, forget_req);
473 474 475
	return err;
}

476 477 478
/*
 * Code shared between mknod, mkdir, symlink and link
 */
479 480 481 482 483 484 485
static int create_new_entry(struct fuse_conn *fc, struct fuse_req *req,
			    struct inode *dir, struct dentry *entry,
			    int mode)
{
	struct fuse_entry_out outarg;
	struct inode *inode;
	int err;
486 487 488 489 490 491 492
	struct fuse_req *forget_req;

	forget_req = fuse_get_req(fc);
	if (IS_ERR(forget_req)) {
		fuse_put_request(fc, req);
		return PTR_ERR(forget_req);
	}
493

494
	memset(&outarg, 0, sizeof(outarg));
495 496
	req->in.h.nodeid = get_node_id(dir);
	req->out.numargs = 1;
497 498 499 500
	if (fc->minor < 9)
		req->out.args[0].size = FUSE_COMPAT_ENTRY_OUT_SIZE;
	else
		req->out.args[0].size = sizeof(outarg);
501
	req->out.args[0].value = &outarg;
502
	fuse_request_send(fc, req);
503
	err = req->out.h.error;
504 505 506 507
	fuse_put_request(fc, req);
	if (err)
		goto out_put_forget_req;

508 509
	err = -EIO;
	if (invalid_nodeid(outarg.nodeid))
510
		goto out_put_forget_req;
511 512

	if ((outarg.attr.mode ^ mode) & S_IFMT)
513
		goto out_put_forget_req;
514

515
	inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
516
			  &outarg.attr, entry_attr_timeout(&outarg), 0);
517
	if (!inode) {
518
		fuse_send_forget(fc, forget_req, outarg.nodeid, 1);
519 520
		return -ENOMEM;
	}
521
	fuse_put_request(fc, forget_req);
522

523 524 525 526 527 528 529 530 531 532 533 534 535 536 537
	if (S_ISDIR(inode->i_mode)) {
		struct dentry *alias;
		mutex_lock(&fc->inst_mutex);
		alias = d_find_alias(inode);
		if (alias) {
			/* New directory must have moved since mkdir */
			mutex_unlock(&fc->inst_mutex);
			dput(alias);
			iput(inode);
			return -EBUSY;
		}
		d_instantiate(entry, inode);
		mutex_unlock(&fc->inst_mutex);
	} else
		d_instantiate(entry, inode);
538

539
	fuse_change_entry_timeout(entry, &outarg);
540 541
	fuse_invalidate_attr(dir);
	return 0;
542

543 544
 out_put_forget_req:
	fuse_put_request(fc, forget_req);
545
	return err;
546 547 548 549 550 551 552
}

static int fuse_mknod(struct inode *dir, struct dentry *entry, int mode,
		      dev_t rdev)
{
	struct fuse_mknod_in inarg;
	struct fuse_conn *fc = get_fuse_conn(dir);
553 554 555
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
556

557 558 559
	if (!fc->dont_mask)
		mode &= ~current_umask();

560 561 562
	memset(&inarg, 0, sizeof(inarg));
	inarg.mode = mode;
	inarg.rdev = new_encode_dev(rdev);
563
	inarg.umask = current_umask();
564 565
	req->in.h.opcode = FUSE_MKNOD;
	req->in.numargs = 2;
566 567
	req->in.args[0].size = fc->minor < 12 ? FUSE_COMPAT_MKNOD_IN_SIZE :
						sizeof(inarg);
568 569 570 571 572 573 574 575 576
	req->in.args[0].value = &inarg;
	req->in.args[1].size = entry->d_name.len + 1;
	req->in.args[1].value = entry->d_name.name;
	return create_new_entry(fc, req, dir, entry, mode);
}

static int fuse_create(struct inode *dir, struct dentry *entry, int mode,
		       struct nameidata *nd)
{
577
	if (nd && (nd->flags & LOOKUP_OPEN)) {
578 579 580 581 582
		int err = fuse_create_open(dir, entry, mode, nd);
		if (err != -ENOSYS)
			return err;
		/* Fall back on mknod */
	}
583 584 585 586 587 588 589
	return fuse_mknod(dir, entry, mode, 0);
}

static int fuse_mkdir(struct inode *dir, struct dentry *entry, int mode)
{
	struct fuse_mkdir_in inarg;
	struct fuse_conn *fc = get_fuse_conn(dir);
590 591 592
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
593

594 595 596
	if (!fc->dont_mask)
		mode &= ~current_umask();

597 598
	memset(&inarg, 0, sizeof(inarg));
	inarg.mode = mode;
599
	inarg.umask = current_umask();
600 601 602 603 604 605 606 607 608 609 610 611 612 613
	req->in.h.opcode = FUSE_MKDIR;
	req->in.numargs = 2;
	req->in.args[0].size = sizeof(inarg);
	req->in.args[0].value = &inarg;
	req->in.args[1].size = entry->d_name.len + 1;
	req->in.args[1].value = entry->d_name.name;
	return create_new_entry(fc, req, dir, entry, S_IFDIR);
}

static int fuse_symlink(struct inode *dir, struct dentry *entry,
			const char *link)
{
	struct fuse_conn *fc = get_fuse_conn(dir);
	unsigned len = strlen(link) + 1;
614 615 616
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
617 618 619 620 621 622 623 624 625 626 627 628 629 630

	req->in.h.opcode = FUSE_SYMLINK;
	req->in.numargs = 2;
	req->in.args[0].size = entry->d_name.len + 1;
	req->in.args[0].value = entry->d_name.name;
	req->in.args[1].size = len;
	req->in.args[1].value = link;
	return create_new_entry(fc, req, dir, entry, S_IFLNK);
}

static int fuse_unlink(struct inode *dir, struct dentry *entry)
{
	int err;
	struct fuse_conn *fc = get_fuse_conn(dir);
631 632 633
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
634 635 636 637 638 639

	req->in.h.opcode = FUSE_UNLINK;
	req->in.h.nodeid = get_node_id(dir);
	req->in.numargs = 1;
	req->in.args[0].size = entry->d_name.len + 1;
	req->in.args[0].value = entry->d_name.name;
640
	fuse_request_send(fc, req);
641 642 643 644 645
	err = req->out.h.error;
	fuse_put_request(fc, req);
	if (!err) {
		struct inode *inode = entry->d_inode;

Miklos Szeredi's avatar
Miklos Szeredi committed
646 647 648 649 650
		/*
		 * Set nlink to zero so the inode can be cleared, if the inode
		 * does have more links this will be discovered at the next
		 * lookup/getattr.
		 */
651
		clear_nlink(inode);
652 653
		fuse_invalidate_attr(inode);
		fuse_invalidate_attr(dir);
654
		fuse_invalidate_entry_cache(entry);
655 656 657 658 659 660 661 662 663
	} else if (err == -EINTR)
		fuse_invalidate_entry(entry);
	return err;
}

static int fuse_rmdir(struct inode *dir, struct dentry *entry)
{
	int err;
	struct fuse_conn *fc = get_fuse_conn(dir);
664 665 666
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
667 668 669 670 671 672

	req->in.h.opcode = FUSE_RMDIR;
	req->in.h.nodeid = get_node_id(dir);
	req->in.numargs = 1;
	req->in.args[0].size = entry->d_name.len + 1;
	req->in.args[0].value = entry->d_name.name;
673
	fuse_request_send(fc, req);
674 675 676
	err = req->out.h.error;
	fuse_put_request(fc, req);
	if (!err) {
677
		clear_nlink(entry->d_inode);
678
		fuse_invalidate_attr(dir);
679
		fuse_invalidate_entry_cache(entry);
680 681 682 683 684 685 686 687 688 689 690
	} else if (err == -EINTR)
		fuse_invalidate_entry(entry);
	return err;
}

static int fuse_rename(struct inode *olddir, struct dentry *oldent,
		       struct inode *newdir, struct dentry *newent)
{
	int err;
	struct fuse_rename_in inarg;
	struct fuse_conn *fc = get_fuse_conn(olddir);
691 692 693
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
694 695 696 697 698 699 700 701 702 703 704 705

	memset(&inarg, 0, sizeof(inarg));
	inarg.newdir = get_node_id(newdir);
	req->in.h.opcode = FUSE_RENAME;
	req->in.h.nodeid = get_node_id(olddir);
	req->in.numargs = 3;
	req->in.args[0].size = sizeof(inarg);
	req->in.args[0].value = &inarg;
	req->in.args[1].size = oldent->d_name.len + 1;
	req->in.args[1].value = oldent->d_name.name;
	req->in.args[2].size = newent->d_name.len + 1;
	req->in.args[2].value = newent->d_name.name;
706
	fuse_request_send(fc, req);
707 708 709
	err = req->out.h.error;
	fuse_put_request(fc, req);
	if (!err) {
710 711 712
		/* ctime changes */
		fuse_invalidate_attr(oldent->d_inode);

713 714 715
		fuse_invalidate_attr(olddir);
		if (olddir != newdir)
			fuse_invalidate_attr(newdir);
716 717

		/* newent will end up negative */
718 719
		if (newent->d_inode) {
			fuse_invalidate_attr(newent->d_inode);
720
			fuse_invalidate_entry_cache(newent);
721
		}
722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742
	} else if (err == -EINTR) {
		/* If request was interrupted, DEITY only knows if the
		   rename actually took place.  If the invalidation
		   fails (e.g. some process has CWD under the renamed
		   directory), then there can be inconsistency between
		   the dcache and the real filesystem.  Tough luck. */
		fuse_invalidate_entry(oldent);
		if (newent->d_inode)
			fuse_invalidate_entry(newent);
	}

	return err;
}

static int fuse_link(struct dentry *entry, struct inode *newdir,
		     struct dentry *newent)
{
	int err;
	struct fuse_link_in inarg;
	struct inode *inode = entry->d_inode;
	struct fuse_conn *fc = get_fuse_conn(inode);
743 744 745
	struct fuse_req *req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766

	memset(&inarg, 0, sizeof(inarg));
	inarg.oldnodeid = get_node_id(inode);
	req->in.h.opcode = FUSE_LINK;
	req->in.numargs = 2;
	req->in.args[0].size = sizeof(inarg);
	req->in.args[0].value = &inarg;
	req->in.args[1].size = newent->d_name.len + 1;
	req->in.args[1].value = newent->d_name.name;
	err = create_new_entry(fc, req, newdir, newent, inode->i_mode);
	/* Contrary to "normal" filesystems it can happen that link
	   makes two "logical" inodes point to the same "physical"
	   inode.  We invalidate the attributes of the old one, so it
	   will reflect changes in the backing inode (link count,
	   etc.)
	*/
	if (!err || err == -EINTR)
		fuse_invalidate_attr(inode);
	return err;
}

767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787
static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
			  struct kstat *stat)
{
	stat->dev = inode->i_sb->s_dev;
	stat->ino = attr->ino;
	stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
	stat->nlink = attr->nlink;
	stat->uid = attr->uid;
	stat->gid = attr->gid;
	stat->rdev = inode->i_rdev;
	stat->atime.tv_sec = attr->atime;
	stat->atime.tv_nsec = attr->atimensec;
	stat->mtime.tv_sec = attr->mtime;
	stat->mtime.tv_nsec = attr->mtimensec;
	stat->ctime.tv_sec = attr->ctime;
	stat->ctime.tv_nsec = attr->ctimensec;
	stat->size = attr->size;
	stat->blocks = attr->blocks;
	stat->blksize = (1 << inode->i_blkbits);
}

788 789
static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
			   struct file *file)
790 791
{
	int err;
792 793
	struct fuse_getattr_in inarg;
	struct fuse_attr_out outarg;
794
	struct fuse_conn *fc = get_fuse_conn(inode);
795 796 797 798
	struct fuse_req *req;
	u64 attr_version;

	req = fuse_get_req(fc);
799 800
	if (IS_ERR(req))
		return PTR_ERR(req);
801

802
	attr_version = fuse_get_attr_version(fc);
803

804
	memset(&inarg, 0, sizeof(inarg));
805
	memset(&outarg, 0, sizeof(outarg));
806 807 808 809 810 811 812
	/* Directories have separate file-handle space */
	if (file && S_ISREG(inode->i_mode)) {
		struct fuse_file *ff = file->private_data;

		inarg.getattr_flags |= FUSE_GETATTR_FH;
		inarg.fh = ff->fh;
	}
813 814
	req->in.h.opcode = FUSE_GETATTR;
	req->in.h.nodeid = get_node_id(inode);
815 816 817
	req->in.numargs = 1;
	req->in.args[0].size = sizeof(inarg);
	req->in.args[0].value = &inarg;
818
	req->out.numargs = 1;
819 820 821 822
	if (fc->minor < 9)
		req->out.args[0].size = FUSE_COMPAT_ATTR_OUT_SIZE;
	else
		req->out.args[0].size = sizeof(outarg);
823
	req->out.args[0].value = &outarg;
824
	fuse_request_send(fc, req);
825 826 827
	err = req->out.h.error;
	fuse_put_request(fc, req);
	if (!err) {
828
		if ((inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
829 830 831
			make_bad_inode(inode);
			err = -EIO;
		} else {
832 833
			fuse_change_attributes(inode, &outarg.attr,
					       attr_timeout(&outarg),
834 835
					       attr_version);
			if (stat)
836
				fuse_fillattr(inode, &outarg.attr, stat);
837 838 839 840 841
		}
	}
	return err;
}

Miklos Szeredi's avatar
Miklos Szeredi committed
842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866
int fuse_update_attributes(struct inode *inode, struct kstat *stat,
			   struct file *file, bool *refreshed)
{
	struct fuse_inode *fi = get_fuse_inode(inode);
	int err;
	bool r;

	if (fi->i_time < get_jiffies_64()) {
		r = true;
		err = fuse_do_getattr(inode, stat, file);
	} else {
		r = false;
		err = 0;
		if (stat) {
			generic_fillattr(inode, stat);
			stat->mode = fi->orig_i_mode;
		}
	}

	if (refreshed != NULL)
		*refreshed = r;

	return err;
}

John Muir's avatar
John Muir committed
867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903
int fuse_reverse_inval_entry(struct super_block *sb, u64 parent_nodeid,
			     struct qstr *name)
{
	int err = -ENOTDIR;
	struct inode *parent;
	struct dentry *dir;
	struct dentry *entry;

	parent = ilookup5(sb, parent_nodeid, fuse_inode_eq, &parent_nodeid);
	if (!parent)
		return -ENOENT;

	mutex_lock(&parent->i_mutex);
	if (!S_ISDIR(parent->i_mode))
		goto unlock;

	err = -ENOENT;
	dir = d_find_alias(parent);
	if (!dir)
		goto unlock;

	entry = d_lookup(dir, name);
	dput(dir);
	if (!entry)
		goto unlock;

	fuse_invalidate_attr(parent);
	fuse_invalidate_entry(entry);
	dput(entry);
	err = 0;

 unlock:
	mutex_unlock(&parent->i_mutex);
	iput(parent);
	return err;
}

904 905 906 907 908 909 910 911 912 913 914 915 916
/*
 * Calling into a user-controlled filesystem gives the filesystem
 * daemon ptrace-like capabilities over the requester process.  This
 * means, that the filesystem daemon is able to record the exact
 * filesystem operations performed, and can also control the behavior
 * of the requester process in otherwise impossible ways.  For example
 * it can delay the operation for arbitrary length of time allowing
 * DoS against the requester.
 *
 * For this reason only those processes can call into the filesystem,
 * for which the owner of the mount has ptrace privilege.  This
 * excludes processes started by other users, suid or sgid processes.
 */
Miklos Szeredi's avatar
Miklos Szeredi committed
917
int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task)
918
{
919 920
	const struct cred *cred;
	int ret;
921

922
	if (fc->flags & FUSE_ALLOW_OTHER)
923 924
		return 1;

925 926 927 928 929 930 931 932 933 934 935 936 937
	rcu_read_lock();
	ret = 0;
	cred = __task_cred(task);
	if (cred->euid == fc->user_id &&
	    cred->suid == fc->user_id &&
	    cred->uid  == fc->user_id &&
	    cred->egid == fc->group_id &&
	    cred->sgid == fc->group_id &&
	    cred->gid  == fc->group_id)
		ret = 1;
	rcu_read_unlock();

	return ret;
938 939
}

Miklos Szeredi's avatar
Miklos Szeredi committed
940 941 942 943 944 945 946 947 948 949
static int fuse_access(struct inode *inode, int mask)
{
	struct fuse_conn *fc = get_fuse_conn(inode);
	struct fuse_req *req;
	struct fuse_access_in inarg;
	int err;

	if (fc->no_access)
		return 0;

950 951 952
	req = fuse_get_req(fc);
	if (IS_ERR(req))
		return PTR_ERR(req);
Miklos Szeredi's avatar
Miklos Szeredi committed
953 954

	memset(&inarg, 0, sizeof(inarg));
955
	inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
Miklos Szeredi's avatar
Miklos Szeredi committed
956 957 958 959 960
	req->in.h.opcode = FUSE_ACCESS;
	req->in.h.nodeid = get_node_id(inode);
	req->in.numargs = 1;
	req->in.args[0].size = sizeof(inarg);
	req->in.args[0].value = &inarg;
961
	fuse_request_send(fc, req);
Miklos Szeredi's avatar
Miklos Szeredi committed
962 963 964 965 966 967 968 969 970
	err = req->out.h.error;
	fuse_put_request(fc, req);
	if (err == -ENOSYS) {
		fc->no_access = 1;
		err = 0;
	}
	return err;
}

971 972 973 974 975 976 977 978 979 980 981 982 983
/*
 * Check permission.  The two basic access models of FUSE are:
 *
 * 1) Local access checking ('default_permissions' mount option) based
 * on file mode.  This is the plain old disk filesystem permission
 * modell.
 *
 * 2) "Remote" access checking, where server is responsible for
 * checking permission in each inode operation.  An exception to this
 * is if ->permission() was invoked from sys_access() in which case an
 * access request is sent.  Execute permission is still checked
 * locally based on file mode.
 */
984
static int fuse_permission(struct inode *inode, int mask)
985 986
{
	struct fuse_conn *fc = get_fuse_conn(inode);
987 988
	bool refreshed = false;
	int err = 0;
989

990
	if (!fuse_allow_task(fc, current))
991
		return -EACCES;
992 993

	/*
994
	 * If attributes are needed, refresh them before proceeding
995
	 */
996 997
	if ((fc->flags & FUSE_DEFAULT_PERMISSIONS) ||
	    ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
Miklos Szeredi's avatar
Miklos Szeredi committed
998 999 1000
		err = fuse_update_attributes(inode, NULL, NULL, &refreshed);
		if (err)
			return err;
1001 1002 1003
	}

	if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
Miklos Szeredi's avatar
Miklos Szeredi committed
1004
		err = generic_permission(inode, mask, NULL);
Miklos Szeredi's avatar
Miklos Szeredi committed
1005 1006 1007 1008

		/* If permission is denied, try to refresh file
		   attributes.  This is also needed, because the root
		   node will at first have no permissions */
1009
		if (err == -EACCES && !refreshed) {
1010
			err = fuse_do_getattr(inode, NULL, NULL);
Miklos Szeredi's avatar
Miklos Szeredi committed
1011 1012 1013 1014
			if (!err)
				err = generic_permission(inode, mask, NULL);
		}

1015 1016 1017 1018
		/* Note: the opposite of the above test does not
		   exist.  So if permissions are revoked this won't be
		   noticed immediately, only after the attribute
		   timeout has expired */
Eric Paris's avatar
Eric Paris committed
1019
	} else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1020 1021 1022 1023 1024 1025
		err = fuse_access(inode, mask);
	} else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
		if (!(inode->i_mode & S_IXUGO)) {
			if (refreshed)
				return -EACCES;

1026
			err = fuse_do_getattr(inode, NULL, NULL);
1027 1028 1029
			if (!err && !(inode->i_mode & S_IXUGO))
				return -EACCES;
		}
1030
	}
1031
	return err;
1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058
}

static int parse_dirfile(char *buf, size_t nbytes, struct file *file,
			 void *dstbuf, filldir_t filldir)
{
	while (nbytes >= FUSE_NAME_OFFSET) {
		struct fuse_dirent *dirent = (struct fuse_dirent *) buf;
		size_t reclen = FUSE_DIRENT_SIZE(dirent);
		int over;
		if (!dirent->namelen || dirent->namelen > FUSE_NAME_MAX)
			return -EIO;
		if (reclen > nbytes)
			break;

		over = filldir(dstbuf, dirent->name, dirent->namelen,
			       file->f_pos, dirent->ino, dirent->type);
		if (over)
			break;

		buf += reclen;
		nbytes -= reclen;
		file->f_pos = dirent->off;
	}

	return 0;
}

1059
static int fuse_readdir(struct file *file, void *dstbuf, filldir_t filldir)
1060
{