2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/fs_context.h>
14 #include <linux/moduleparam.h>
15 #include <linux/sched.h>
16 #include <linux/namei.h>
17 #include <linux/slab.h>
18 #include <linux/xattr.h>
19 #include <linux/iversion.h>
20 #include <linux/posix_acl.h>
21 #include <linux/security.h>
22 #include <linux/types.h>
23 #include <linux/kernel.h>
25 static bool __read_mostly allow_sys_admin_access;
26 module_param(allow_sys_admin_access, bool, 0644);
27 MODULE_PARM_DESC(allow_sys_admin_access,
28 "Allow users with CAP_SYS_ADMIN in initial userns to bypass allow_other access check");
30 static void fuse_advise_use_readdirplus(struct inode *dir)
32 struct fuse_inode *fi = get_fuse_inode(dir);
34 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
37 #if BITS_PER_LONG >= 64
38 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
40 entry->d_fsdata = (void *) time;
43 static inline u64 fuse_dentry_time(const struct dentry *entry)
45 return (u64)entry->d_fsdata;
54 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
56 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
59 static inline u64 fuse_dentry_time(const struct dentry *entry)
61 return ((union fuse_dentry *) entry->d_fsdata)->time;
65 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
67 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
68 bool delete = !time && fc->delete_stale;
70 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
71 * Don't care about races, either way it's just an optimization
73 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
74 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
75 spin_lock(&dentry->d_lock);
77 dentry->d_flags &= ~DCACHE_OP_DELETE;
79 dentry->d_flags |= DCACHE_OP_DELETE;
80 spin_unlock(&dentry->d_lock);
83 __fuse_dentry_settime(dentry, time);
87 * FUSE caches dentries and attributes with separate timeout. The
88 * time in jiffies until the dentry/attributes are valid is stored in
89 * dentry->d_fsdata and fuse_inode->i_time respectively.
93 * Calculate the time in jiffies until a dentry/attributes are valid
95 u64 fuse_time_to_jiffies(u64 sec, u32 nsec)
98 struct timespec64 ts = {
100 min_t(u32, nsec, NSEC_PER_SEC - 1)
103 return get_jiffies_64() + timespec64_to_jiffies(&ts);
109 * Set dentry and possibly attribute timeouts from the lookup/mk*
112 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
114 fuse_dentry_settime(entry,
115 fuse_time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
118 void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
120 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
124 * Mark the attributes as stale, so that at the next call to
125 * ->getattr() they will be fetched from userspace
127 void fuse_invalidate_attr(struct inode *inode)
129 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
132 static void fuse_dir_changed(struct inode *dir)
134 fuse_invalidate_attr(dir);
135 inode_maybe_inc_iversion(dir, false);
139 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
142 void fuse_invalidate_atime(struct inode *inode)
144 if (!IS_RDONLY(inode))
145 fuse_invalidate_attr_mask(inode, STATX_ATIME);
149 * Just mark the entry as stale, so that a next attempt to look it up
150 * will result in a new lookup call to userspace
152 * This is called when a dentry is about to become negative and the
153 * timeout is unknown (unlink, rmdir, rename and in some cases
156 void fuse_invalidate_entry_cache(struct dentry *entry)
158 fuse_dentry_settime(entry, 0);
162 * Same as fuse_invalidate_entry_cache(), but also try to remove the
163 * dentry from the hash
165 static void fuse_invalidate_entry(struct dentry *entry)
168 fuse_invalidate_entry_cache(entry);
171 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
172 u64 nodeid, const struct qstr *name,
173 struct fuse_entry_out *outarg)
175 memset(outarg, 0, sizeof(struct fuse_entry_out));
176 args->opcode = FUSE_LOOKUP;
177 args->nodeid = nodeid;
178 args->in_numargs = 1;
179 args->in_args[0].size = name->len + 1;
180 args->in_args[0].value = name->name;
181 args->out_numargs = 1;
182 args->out_args[0].size = sizeof(struct fuse_entry_out);
183 args->out_args[0].value = outarg;
187 * Check whether the dentry is still valid
189 * If the entry validity timeout has expired and the dentry is
190 * positive, try to redo the lookup. If the lookup results in a
191 * different inode, then let the VFS invalidate the dentry and redo
192 * the lookup once more. If the lookup results in the same inode,
193 * then refresh the attributes, timeouts and mark the dentry valid.
195 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
198 struct dentry *parent;
199 struct fuse_mount *fm;
200 struct fuse_inode *fi;
203 inode = d_inode_rcu(entry);
204 if (inode && fuse_is_bad(inode))
206 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
207 (flags & (LOOKUP_EXCL | LOOKUP_REVAL | LOOKUP_RENAME_TARGET))) {
208 struct fuse_entry_out outarg;
210 struct fuse_forget_link *forget;
213 /* For negative dentries, always do a fresh lookup */
218 if (flags & LOOKUP_RCU)
221 fm = get_fuse_mount(inode);
223 forget = fuse_alloc_forget();
228 attr_version = fuse_get_attr_version(fm->fc);
230 parent = dget_parent(entry);
231 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
232 &entry->d_name, &outarg);
233 ret = fuse_simple_request(fm, &args);
235 /* Zero nodeid is same as -ENOENT */
236 if (!ret && !outarg.nodeid)
239 fi = get_fuse_inode(inode);
240 if (outarg.nodeid != get_node_id(inode) ||
241 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
242 fuse_queue_forget(fm->fc, forget,
246 spin_lock(&fi->lock);
248 spin_unlock(&fi->lock);
251 if (ret == -ENOMEM || ret == -EINTR)
253 if (ret || fuse_invalid_attr(&outarg.attr) ||
254 fuse_stale_inode(inode, outarg.generation, &outarg.attr))
257 forget_all_cached_acls(inode);
258 fuse_change_attributes(inode, &outarg.attr, NULL,
259 ATTR_TIMEOUT(&outarg),
261 fuse_change_entry_timeout(entry, &outarg);
263 fi = get_fuse_inode(inode);
264 if (flags & LOOKUP_RCU) {
265 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
267 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
268 parent = dget_parent(entry);
269 fuse_advise_use_readdirplus(d_inode(parent));
282 #if BITS_PER_LONG < 64
283 static int fuse_dentry_init(struct dentry *dentry)
285 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
286 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
288 return dentry->d_fsdata ? 0 : -ENOMEM;
290 static void fuse_dentry_release(struct dentry *dentry)
292 union fuse_dentry *fd = dentry->d_fsdata;
298 static int fuse_dentry_delete(const struct dentry *dentry)
300 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
304 * Create a fuse_mount object with a new superblock (with path->dentry
305 * as the root), and return that mount so it can be auto-mounted on
308 static struct vfsmount *fuse_dentry_automount(struct path *path)
310 struct fs_context *fsc;
311 struct vfsmount *mnt;
312 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
314 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
316 return ERR_CAST(fsc);
318 /* Pass the FUSE inode of the mount for fuse_get_tree_submount() */
319 fsc->fs_private = mp_fi;
321 /* Create the submount */
330 const struct dentry_operations fuse_dentry_operations = {
331 .d_revalidate = fuse_dentry_revalidate,
332 .d_delete = fuse_dentry_delete,
333 #if BITS_PER_LONG < 64
334 .d_init = fuse_dentry_init,
335 .d_release = fuse_dentry_release,
337 .d_automount = fuse_dentry_automount,
340 const struct dentry_operations fuse_root_dentry_operations = {
341 #if BITS_PER_LONG < 64
342 .d_init = fuse_dentry_init,
343 .d_release = fuse_dentry_release,
347 int fuse_valid_type(int m)
349 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
350 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
353 static bool fuse_valid_size(u64 size)
355 return size <= LLONG_MAX;
358 bool fuse_invalid_attr(struct fuse_attr *attr)
360 return !fuse_valid_type(attr->mode) || !fuse_valid_size(attr->size);
363 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
364 struct fuse_entry_out *outarg, struct inode **inode)
366 struct fuse_mount *fm = get_fuse_mount_super(sb);
368 struct fuse_forget_link *forget;
374 if (name->len > FUSE_NAME_MAX)
378 forget = fuse_alloc_forget();
383 attr_version = fuse_get_attr_version(fm->fc);
385 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg);
386 err = fuse_simple_request(fm, &args);
387 /* Zero nodeid is same as -ENOENT, but with valid timeout */
388 if (err || !outarg->nodeid)
392 if (fuse_invalid_attr(&outarg->attr))
394 if (outarg->nodeid == FUSE_ROOT_ID && outarg->generation != 0) {
395 pr_warn_once("root generation should be zero\n");
396 outarg->generation = 0;
399 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
400 &outarg->attr, ATTR_TIMEOUT(outarg),
404 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
415 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
419 struct fuse_entry_out outarg;
421 struct dentry *newent;
422 bool outarg_valid = true;
425 if (fuse_is_bad(dir))
426 return ERR_PTR(-EIO);
428 locked = fuse_lock_inode(dir);
429 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
431 fuse_unlock_inode(dir, locked);
432 if (err == -ENOENT) {
433 outarg_valid = false;
440 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
443 newent = d_splice_alias(inode, entry);
444 err = PTR_ERR(newent);
448 entry = newent ? newent : entry;
450 fuse_change_entry_timeout(entry, &outarg);
452 fuse_invalidate_entry_cache(entry);
455 fuse_advise_use_readdirplus(dir);
464 static int get_security_context(struct dentry *entry, umode_t mode,
465 struct fuse_in_arg *ext)
467 struct fuse_secctx *fctx;
468 struct fuse_secctx_header *header;
469 void *ctx = NULL, *ptr;
470 u32 ctxlen, total_len = sizeof(*header);
475 err = security_dentry_init_security(entry, mode, &entry->d_name,
476 &name, &ctx, &ctxlen);
478 if (err != -EOPNOTSUPP)
480 /* No LSM is supporting this security hook. Ignore error */
487 namelen = strlen(name) + 1;
489 if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || ctxlen > S32_MAX))
491 total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + ctxlen);
495 header = ptr = kzalloc(total_len, GFP_KERNEL);
499 header->nr_secctx = nr_ctx;
500 header->size = total_len;
501 ptr += sizeof(*header);
505 ptr += sizeof(*fctx);
510 memcpy(ptr, ctx, ctxlen);
512 ext->size = total_len;
520 static void *extend_arg(struct fuse_in_arg *buf, u32 bytes)
523 u32 newlen = buf->size + bytes;
525 p = krealloc(buf->value, newlen, GFP_KERNEL);
533 memset(p + buf->size, 0, bytes);
537 return p + newlen - bytes;
540 static u32 fuse_ext_size(size_t size)
542 return FUSE_REC_ALIGN(sizeof(struct fuse_ext_header) + size);
546 * This adds just a single supplementary group that matches the parent's group.
548 static int get_create_supp_group(struct inode *dir, struct fuse_in_arg *ext)
550 struct fuse_conn *fc = get_fuse_conn(dir);
551 struct fuse_ext_header *xh;
552 struct fuse_supp_groups *sg;
553 kgid_t kgid = dir->i_gid;
554 gid_t parent_gid = from_kgid(fc->user_ns, kgid);
555 u32 sg_len = fuse_ext_size(sizeof(*sg) + sizeof(sg->groups[0]));
557 if (parent_gid == (gid_t) -1 || gid_eq(kgid, current_fsgid()) ||
561 xh = extend_arg(ext, sg_len);
566 xh->type = FUSE_EXT_GROUPS;
568 sg = (struct fuse_supp_groups *) &xh[1];
570 sg->groups[0] = parent_gid;
575 static int get_create_ext(struct fuse_args *args,
576 struct inode *dir, struct dentry *dentry,
579 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
580 struct fuse_in_arg ext = { .size = 0, .value = NULL };
583 if (fc->init_security)
584 err = get_security_context(dentry, mode, &ext);
585 if (!err && fc->create_supp_group)
586 err = get_create_supp_group(dir, &ext);
588 if (!err && ext.size) {
589 WARN_ON(args->in_numargs >= ARRAY_SIZE(args->in_args));
591 args->ext_idx = args->in_numargs++;
592 args->in_args[args->ext_idx] = ext;
600 static void free_ext_value(struct fuse_args *args)
603 kfree(args->in_args[args->ext_idx].value);
607 * Atomic create+open operation
609 * If the filesystem doesn't support this, then fall back to separate
610 * 'mknod' + 'open' requests.
612 static int fuse_create_open(struct inode *dir, struct dentry *entry,
613 struct file *file, unsigned int flags,
614 umode_t mode, u32 opcode)
618 struct fuse_mount *fm = get_fuse_mount(dir);
620 struct fuse_forget_link *forget;
621 struct fuse_create_in inarg;
622 struct fuse_open_out outopen;
623 struct fuse_entry_out outentry;
624 struct fuse_inode *fi;
625 struct fuse_file *ff;
626 bool trunc = flags & O_TRUNC;
628 /* Userspace expects S_IFREG in create mode */
629 BUG_ON((mode & S_IFMT) != S_IFREG);
631 forget = fuse_alloc_forget();
637 ff = fuse_file_alloc(fm);
639 goto out_put_forget_req;
641 if (!fm->fc->dont_mask)
642 mode &= ~current_umask();
645 memset(&inarg, 0, sizeof(inarg));
646 memset(&outentry, 0, sizeof(outentry));
649 inarg.umask = current_umask();
651 if (fm->fc->handle_killpriv_v2 && trunc &&
652 !(flags & O_EXCL) && !capable(CAP_FSETID)) {
653 inarg.open_flags |= FUSE_OPEN_KILL_SUIDGID;
656 args.opcode = opcode;
657 args.nodeid = get_node_id(dir);
659 args.in_args[0].size = sizeof(inarg);
660 args.in_args[0].value = &inarg;
661 args.in_args[1].size = entry->d_name.len + 1;
662 args.in_args[1].value = entry->d_name.name;
663 args.out_numargs = 2;
664 args.out_args[0].size = sizeof(outentry);
665 args.out_args[0].value = &outentry;
666 args.out_args[1].size = sizeof(outopen);
667 args.out_args[1].value = &outopen;
669 err = get_create_ext(&args, dir, entry, mode);
671 goto out_put_forget_req;
673 err = fuse_simple_request(fm, &args);
674 free_ext_value(&args);
679 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
680 fuse_invalid_attr(&outentry.attr))
684 ff->nodeid = outentry.nodeid;
685 ff->open_flags = outopen.open_flags;
686 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
687 &outentry.attr, ATTR_TIMEOUT(&outentry), 0);
689 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
690 fuse_sync_release(NULL, ff, flags);
691 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
696 d_instantiate(entry, inode);
697 fuse_change_entry_timeout(entry, &outentry);
698 fuse_dir_changed(dir);
699 err = finish_open(file, entry, generic_file_open);
701 fi = get_fuse_inode(inode);
702 fuse_sync_release(fi, ff, flags);
704 file->private_data = ff;
705 fuse_finish_open(inode, file);
706 if (fm->fc->atomic_o_trunc && trunc)
707 truncate_pagecache(inode, 0);
708 else if (!(ff->open_flags & FOPEN_KEEP_CACHE))
709 invalidate_inode_pages2(inode->i_mapping);
721 static int fuse_mknod(struct mnt_idmap *, struct inode *, struct dentry *,
723 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
724 struct file *file, unsigned flags,
728 struct fuse_conn *fc = get_fuse_conn(dir);
729 struct dentry *res = NULL;
731 if (fuse_is_bad(dir))
734 if (d_in_lookup(entry)) {
735 res = fuse_lookup(dir, entry, 0);
743 if (!(flags & O_CREAT) || d_really_is_positive(entry))
747 file->f_mode |= FMODE_CREATED;
752 err = fuse_create_open(dir, entry, file, flags, mode, FUSE_CREATE);
753 if (err == -ENOSYS) {
756 } else if (err == -EEXIST)
757 fuse_invalidate_entry(entry);
763 err = fuse_mknod(&nop_mnt_idmap, dir, entry, mode, 0);
767 return finish_no_open(file, res);
771 * Code shared between mknod, mkdir, symlink and link
773 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args,
774 struct inode *dir, struct dentry *entry,
777 struct fuse_entry_out outarg;
781 struct fuse_forget_link *forget;
783 if (fuse_is_bad(dir))
786 forget = fuse_alloc_forget();
790 memset(&outarg, 0, sizeof(outarg));
791 args->nodeid = get_node_id(dir);
792 args->out_numargs = 1;
793 args->out_args[0].size = sizeof(outarg);
794 args->out_args[0].value = &outarg;
796 if (args->opcode != FUSE_LINK) {
797 err = get_create_ext(args, dir, entry, mode);
799 goto out_put_forget_req;
802 err = fuse_simple_request(fm, args);
803 free_ext_value(args);
805 goto out_put_forget_req;
808 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
809 goto out_put_forget_req;
811 if ((outarg.attr.mode ^ mode) & S_IFMT)
812 goto out_put_forget_req;
814 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
815 &outarg.attr, ATTR_TIMEOUT(&outarg), 0);
817 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
823 d = d_splice_alias(inode, entry);
828 fuse_change_entry_timeout(d, &outarg);
831 fuse_change_entry_timeout(entry, &outarg);
833 fuse_dir_changed(dir);
838 fuse_invalidate_entry(entry);
843 static int fuse_mknod(struct mnt_idmap *idmap, struct inode *dir,
844 struct dentry *entry, umode_t mode, dev_t rdev)
846 struct fuse_mknod_in inarg;
847 struct fuse_mount *fm = get_fuse_mount(dir);
850 if (!fm->fc->dont_mask)
851 mode &= ~current_umask();
853 memset(&inarg, 0, sizeof(inarg));
855 inarg.rdev = new_encode_dev(rdev);
856 inarg.umask = current_umask();
857 args.opcode = FUSE_MKNOD;
859 args.in_args[0].size = sizeof(inarg);
860 args.in_args[0].value = &inarg;
861 args.in_args[1].size = entry->d_name.len + 1;
862 args.in_args[1].value = entry->d_name.name;
863 return create_new_entry(fm, &args, dir, entry, mode);
866 static int fuse_create(struct mnt_idmap *idmap, struct inode *dir,
867 struct dentry *entry, umode_t mode, bool excl)
869 return fuse_mknod(&nop_mnt_idmap, dir, entry, mode, 0);
872 static int fuse_tmpfile(struct mnt_idmap *idmap, struct inode *dir,
873 struct file *file, umode_t mode)
875 struct fuse_conn *fc = get_fuse_conn(dir);
881 err = fuse_create_open(dir, file->f_path.dentry, file, file->f_flags, mode, FUSE_TMPFILE);
882 if (err == -ENOSYS) {
889 static int fuse_mkdir(struct mnt_idmap *idmap, struct inode *dir,
890 struct dentry *entry, umode_t mode)
892 struct fuse_mkdir_in inarg;
893 struct fuse_mount *fm = get_fuse_mount(dir);
896 if (!fm->fc->dont_mask)
897 mode &= ~current_umask();
899 memset(&inarg, 0, sizeof(inarg));
901 inarg.umask = current_umask();
902 args.opcode = FUSE_MKDIR;
904 args.in_args[0].size = sizeof(inarg);
905 args.in_args[0].value = &inarg;
906 args.in_args[1].size = entry->d_name.len + 1;
907 args.in_args[1].value = entry->d_name.name;
908 return create_new_entry(fm, &args, dir, entry, S_IFDIR);
911 static int fuse_symlink(struct mnt_idmap *idmap, struct inode *dir,
912 struct dentry *entry, const char *link)
914 struct fuse_mount *fm = get_fuse_mount(dir);
915 unsigned len = strlen(link) + 1;
918 args.opcode = FUSE_SYMLINK;
920 args.in_args[0].size = entry->d_name.len + 1;
921 args.in_args[0].value = entry->d_name.name;
922 args.in_args[1].size = len;
923 args.in_args[1].value = link;
924 return create_new_entry(fm, &args, dir, entry, S_IFLNK);
927 void fuse_flush_time_update(struct inode *inode)
929 int err = sync_inode_metadata(inode, 1);
931 mapping_set_error(inode->i_mapping, err);
934 static void fuse_update_ctime_in_cache(struct inode *inode)
936 if (!IS_NOCMTIME(inode)) {
937 inode_set_ctime_current(inode);
938 mark_inode_dirty_sync(inode);
939 fuse_flush_time_update(inode);
943 void fuse_update_ctime(struct inode *inode)
945 fuse_invalidate_attr_mask(inode, STATX_CTIME);
946 fuse_update_ctime_in_cache(inode);
949 static void fuse_entry_unlinked(struct dentry *entry)
951 struct inode *inode = d_inode(entry);
952 struct fuse_conn *fc = get_fuse_conn(inode);
953 struct fuse_inode *fi = get_fuse_inode(inode);
955 spin_lock(&fi->lock);
956 fi->attr_version = atomic64_inc_return(&fc->attr_version);
958 * If i_nlink == 0 then unlink doesn't make sense, yet this can
959 * happen if userspace filesystem is careless. It would be
960 * difficult to enforce correct nlink usage so just ignore this
963 if (S_ISDIR(inode->i_mode))
965 else if (inode->i_nlink > 0)
967 spin_unlock(&fi->lock);
968 fuse_invalidate_entry_cache(entry);
969 fuse_update_ctime(inode);
972 static int fuse_unlink(struct inode *dir, struct dentry *entry)
975 struct fuse_mount *fm = get_fuse_mount(dir);
978 if (fuse_is_bad(dir))
981 args.opcode = FUSE_UNLINK;
982 args.nodeid = get_node_id(dir);
984 args.in_args[0].size = entry->d_name.len + 1;
985 args.in_args[0].value = entry->d_name.name;
986 err = fuse_simple_request(fm, &args);
988 fuse_dir_changed(dir);
989 fuse_entry_unlinked(entry);
990 } else if (err == -EINTR || err == -ENOENT)
991 fuse_invalidate_entry(entry);
995 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
998 struct fuse_mount *fm = get_fuse_mount(dir);
1001 if (fuse_is_bad(dir))
1004 args.opcode = FUSE_RMDIR;
1005 args.nodeid = get_node_id(dir);
1006 args.in_numargs = 1;
1007 args.in_args[0].size = entry->d_name.len + 1;
1008 args.in_args[0].value = entry->d_name.name;
1009 err = fuse_simple_request(fm, &args);
1011 fuse_dir_changed(dir);
1012 fuse_entry_unlinked(entry);
1013 } else if (err == -EINTR || err == -ENOENT)
1014 fuse_invalidate_entry(entry);
1018 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
1019 struct inode *newdir, struct dentry *newent,
1020 unsigned int flags, int opcode, size_t argsize)
1023 struct fuse_rename2_in inarg;
1024 struct fuse_mount *fm = get_fuse_mount(olddir);
1027 memset(&inarg, 0, argsize);
1028 inarg.newdir = get_node_id(newdir);
1029 inarg.flags = flags;
1030 args.opcode = opcode;
1031 args.nodeid = get_node_id(olddir);
1032 args.in_numargs = 3;
1033 args.in_args[0].size = argsize;
1034 args.in_args[0].value = &inarg;
1035 args.in_args[1].size = oldent->d_name.len + 1;
1036 args.in_args[1].value = oldent->d_name.name;
1037 args.in_args[2].size = newent->d_name.len + 1;
1038 args.in_args[2].value = newent->d_name.name;
1039 err = fuse_simple_request(fm, &args);
1042 fuse_update_ctime(d_inode(oldent));
1044 if (flags & RENAME_EXCHANGE)
1045 fuse_update_ctime(d_inode(newent));
1047 fuse_dir_changed(olddir);
1048 if (olddir != newdir)
1049 fuse_dir_changed(newdir);
1051 /* newent will end up negative */
1052 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent))
1053 fuse_entry_unlinked(newent);
1054 } else if (err == -EINTR || err == -ENOENT) {
1055 /* If request was interrupted, DEITY only knows if the
1056 rename actually took place. If the invalidation
1057 fails (e.g. some process has CWD under the renamed
1058 directory), then there can be inconsistency between
1059 the dcache and the real filesystem. Tough luck. */
1060 fuse_invalidate_entry(oldent);
1061 if (d_really_is_positive(newent))
1062 fuse_invalidate_entry(newent);
1068 static int fuse_rename2(struct mnt_idmap *idmap, struct inode *olddir,
1069 struct dentry *oldent, struct inode *newdir,
1070 struct dentry *newent, unsigned int flags)
1072 struct fuse_conn *fc = get_fuse_conn(olddir);
1075 if (fuse_is_bad(olddir))
1078 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
1082 if (fc->no_rename2 || fc->minor < 23)
1085 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
1087 sizeof(struct fuse_rename2_in));
1088 if (err == -ENOSYS) {
1093 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
1095 sizeof(struct fuse_rename_in));
1101 static int fuse_link(struct dentry *entry, struct inode *newdir,
1102 struct dentry *newent)
1105 struct fuse_link_in inarg;
1106 struct inode *inode = d_inode(entry);
1107 struct fuse_mount *fm = get_fuse_mount(inode);
1110 memset(&inarg, 0, sizeof(inarg));
1111 inarg.oldnodeid = get_node_id(inode);
1112 args.opcode = FUSE_LINK;
1113 args.in_numargs = 2;
1114 args.in_args[0].size = sizeof(inarg);
1115 args.in_args[0].value = &inarg;
1116 args.in_args[1].size = newent->d_name.len + 1;
1117 args.in_args[1].value = newent->d_name.name;
1118 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode);
1120 fuse_update_ctime_in_cache(inode);
1121 else if (err == -EINTR)
1122 fuse_invalidate_attr(inode);
1127 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
1130 unsigned int blkbits;
1131 struct fuse_conn *fc = get_fuse_conn(inode);
1133 stat->dev = inode->i_sb->s_dev;
1134 stat->ino = attr->ino;
1135 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
1136 stat->nlink = attr->nlink;
1137 stat->uid = make_kuid(fc->user_ns, attr->uid);
1138 stat->gid = make_kgid(fc->user_ns, attr->gid);
1139 stat->rdev = inode->i_rdev;
1140 stat->atime.tv_sec = attr->atime;
1141 stat->atime.tv_nsec = attr->atimensec;
1142 stat->mtime.tv_sec = attr->mtime;
1143 stat->mtime.tv_nsec = attr->mtimensec;
1144 stat->ctime.tv_sec = attr->ctime;
1145 stat->ctime.tv_nsec = attr->ctimensec;
1146 stat->size = attr->size;
1147 stat->blocks = attr->blocks;
1149 if (attr->blksize != 0)
1150 blkbits = ilog2(attr->blksize);
1152 blkbits = inode->i_sb->s_blocksize_bits;
1154 stat->blksize = 1 << blkbits;
1157 static void fuse_statx_to_attr(struct fuse_statx *sx, struct fuse_attr *attr)
1159 memset(attr, 0, sizeof(*attr));
1160 attr->ino = sx->ino;
1161 attr->size = sx->size;
1162 attr->blocks = sx->blocks;
1163 attr->atime = sx->atime.tv_sec;
1164 attr->mtime = sx->mtime.tv_sec;
1165 attr->ctime = sx->ctime.tv_sec;
1166 attr->atimensec = sx->atime.tv_nsec;
1167 attr->mtimensec = sx->mtime.tv_nsec;
1168 attr->ctimensec = sx->ctime.tv_nsec;
1169 attr->mode = sx->mode;
1170 attr->nlink = sx->nlink;
1171 attr->uid = sx->uid;
1172 attr->gid = sx->gid;
1173 attr->rdev = new_encode_dev(MKDEV(sx->rdev_major, sx->rdev_minor));
1174 attr->blksize = sx->blksize;
1177 static int fuse_do_statx(struct inode *inode, struct file *file,
1181 struct fuse_attr attr;
1182 struct fuse_statx *sx;
1183 struct fuse_statx_in inarg;
1184 struct fuse_statx_out outarg;
1185 struct fuse_mount *fm = get_fuse_mount(inode);
1186 u64 attr_version = fuse_get_attr_version(fm->fc);
1189 memset(&inarg, 0, sizeof(inarg));
1190 memset(&outarg, 0, sizeof(outarg));
1191 /* Directories have separate file-handle space */
1192 if (file && S_ISREG(inode->i_mode)) {
1193 struct fuse_file *ff = file->private_data;
1195 inarg.getattr_flags |= FUSE_GETATTR_FH;
1198 /* For now leave sync hints as the default, request all stats. */
1200 inarg.sx_mask = STATX_BASIC_STATS | STATX_BTIME;
1201 args.opcode = FUSE_STATX;
1202 args.nodeid = get_node_id(inode);
1203 args.in_numargs = 1;
1204 args.in_args[0].size = sizeof(inarg);
1205 args.in_args[0].value = &inarg;
1206 args.out_numargs = 1;
1207 args.out_args[0].size = sizeof(outarg);
1208 args.out_args[0].value = &outarg;
1209 err = fuse_simple_request(fm, &args);
1214 if (((sx->mask & STATX_SIZE) && !fuse_valid_size(sx->size)) ||
1215 ((sx->mask & STATX_TYPE) && (!fuse_valid_type(sx->mode) ||
1216 inode_wrong_type(inode, sx->mode)))) {
1217 fuse_make_bad(inode);
1221 fuse_statx_to_attr(&outarg.stat, &attr);
1222 if ((sx->mask & STATX_BASIC_STATS) == STATX_BASIC_STATS) {
1223 fuse_change_attributes(inode, &attr, &outarg.stat,
1224 ATTR_TIMEOUT(&outarg), attr_version);
1228 stat->result_mask = sx->mask & (STATX_BASIC_STATS | STATX_BTIME);
1229 stat->btime.tv_sec = sx->btime.tv_sec;
1230 stat->btime.tv_nsec = min_t(u32, sx->btime.tv_nsec, NSEC_PER_SEC - 1);
1231 fuse_fillattr(inode, &attr, stat);
1232 stat->result_mask |= STATX_TYPE;
1238 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
1242 struct fuse_getattr_in inarg;
1243 struct fuse_attr_out outarg;
1244 struct fuse_mount *fm = get_fuse_mount(inode);
1248 attr_version = fuse_get_attr_version(fm->fc);
1250 memset(&inarg, 0, sizeof(inarg));
1251 memset(&outarg, 0, sizeof(outarg));
1252 /* Directories have separate file-handle space */
1253 if (file && S_ISREG(inode->i_mode)) {
1254 struct fuse_file *ff = file->private_data;
1256 inarg.getattr_flags |= FUSE_GETATTR_FH;
1259 args.opcode = FUSE_GETATTR;
1260 args.nodeid = get_node_id(inode);
1261 args.in_numargs = 1;
1262 args.in_args[0].size = sizeof(inarg);
1263 args.in_args[0].value = &inarg;
1264 args.out_numargs = 1;
1265 args.out_args[0].size = sizeof(outarg);
1266 args.out_args[0].value = &outarg;
1267 err = fuse_simple_request(fm, &args);
1269 if (fuse_invalid_attr(&outarg.attr) ||
1270 inode_wrong_type(inode, outarg.attr.mode)) {
1271 fuse_make_bad(inode);
1274 fuse_change_attributes(inode, &outarg.attr, NULL,
1275 ATTR_TIMEOUT(&outarg),
1278 fuse_fillattr(inode, &outarg.attr, stat);
1284 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1285 struct kstat *stat, u32 request_mask,
1288 struct fuse_inode *fi = get_fuse_inode(inode);
1289 struct fuse_conn *fc = get_fuse_conn(inode);
1292 u32 inval_mask = READ_ONCE(fi->inval_mask);
1293 u32 cache_mask = fuse_get_cache_mask(inode);
1296 /* FUSE only supports basic stats and possibly btime */
1297 request_mask &= STATX_BASIC_STATS | STATX_BTIME;
1300 request_mask &= STATX_BASIC_STATS;
1304 else if (flags & AT_STATX_FORCE_SYNC)
1306 else if (flags & AT_STATX_DONT_SYNC)
1308 else if (request_mask & inval_mask & ~cache_mask)
1311 sync = time_before64(fi->i_time, get_jiffies_64());
1314 forget_all_cached_acls(inode);
1315 /* Try statx if BTIME is requested */
1316 if (!fc->no_statx && (request_mask & ~STATX_BASIC_STATS)) {
1317 err = fuse_do_statx(inode, file, stat);
1318 if (err == -ENOSYS) {
1324 err = fuse_do_getattr(inode, stat, file);
1327 generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat);
1328 stat->mode = fi->orig_i_mode;
1329 stat->ino = fi->orig_ino;
1330 if (test_bit(FUSE_I_BTIME, &fi->state)) {
1331 stat->btime = fi->i_btime;
1332 stat->result_mask |= STATX_BTIME;
1339 int fuse_update_attributes(struct inode *inode, struct file *file, u32 mask)
1341 return fuse_update_get_attr(inode, file, NULL, mask, 0);
1344 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1345 u64 child_nodeid, struct qstr *name, u32 flags)
1348 struct inode *parent;
1350 struct dentry *entry;
1352 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1356 inode_lock_nested(parent, I_MUTEX_PARENT);
1357 if (!S_ISDIR(parent->i_mode))
1361 dir = d_find_alias(parent);
1365 name->hash = full_name_hash(dir, name->name, name->len);
1366 entry = d_lookup(dir, name);
1371 fuse_dir_changed(parent);
1372 if (!(flags & FUSE_EXPIRE_ONLY))
1373 d_invalidate(entry);
1374 fuse_invalidate_entry_cache(entry);
1376 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1377 inode_lock(d_inode(entry));
1378 if (get_node_id(d_inode(entry)) != child_nodeid) {
1382 if (d_mountpoint(entry)) {
1386 if (d_is_dir(entry)) {
1387 shrink_dcache_parent(entry);
1388 if (!simple_empty(entry)) {
1392 d_inode(entry)->i_flags |= S_DEAD;
1395 clear_nlink(d_inode(entry));
1398 inode_unlock(d_inode(entry));
1407 inode_unlock(parent);
1412 static inline bool fuse_permissible_uidgid(struct fuse_conn *fc)
1414 const struct cred *cred = current_cred();
1416 return (uid_eq(cred->euid, fc->user_id) &&
1417 uid_eq(cred->suid, fc->user_id) &&
1418 uid_eq(cred->uid, fc->user_id) &&
1419 gid_eq(cred->egid, fc->group_id) &&
1420 gid_eq(cred->sgid, fc->group_id) &&
1421 gid_eq(cred->gid, fc->group_id));
1425 * Calling into a user-controlled filesystem gives the filesystem
1426 * daemon ptrace-like capabilities over the current process. This
1427 * means, that the filesystem daemon is able to record the exact
1428 * filesystem operations performed, and can also control the behavior
1429 * of the requester process in otherwise impossible ways. For example
1430 * it can delay the operation for arbitrary length of time allowing
1431 * DoS against the requester.
1433 * For this reason only those processes can call into the filesystem,
1434 * for which the owner of the mount has ptrace privilege. This
1435 * excludes processes started by other users, suid or sgid processes.
1437 bool fuse_allow_current_process(struct fuse_conn *fc)
1441 if (fc->allow_other)
1442 allow = current_in_userns(fc->user_ns);
1444 allow = fuse_permissible_uidgid(fc);
1446 if (!allow && allow_sys_admin_access && capable(CAP_SYS_ADMIN))
1452 static int fuse_access(struct inode *inode, int mask)
1454 struct fuse_mount *fm = get_fuse_mount(inode);
1456 struct fuse_access_in inarg;
1459 BUG_ON(mask & MAY_NOT_BLOCK);
1461 if (fm->fc->no_access)
1464 memset(&inarg, 0, sizeof(inarg));
1465 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1466 args.opcode = FUSE_ACCESS;
1467 args.nodeid = get_node_id(inode);
1468 args.in_numargs = 1;
1469 args.in_args[0].size = sizeof(inarg);
1470 args.in_args[0].value = &inarg;
1471 err = fuse_simple_request(fm, &args);
1472 if (err == -ENOSYS) {
1473 fm->fc->no_access = 1;
1479 static int fuse_perm_getattr(struct inode *inode, int mask)
1481 if (mask & MAY_NOT_BLOCK)
1484 forget_all_cached_acls(inode);
1485 return fuse_do_getattr(inode, NULL, NULL);
1489 * Check permission. The two basic access models of FUSE are:
1491 * 1) Local access checking ('default_permissions' mount option) based
1492 * on file mode. This is the plain old disk filesystem permission
1495 * 2) "Remote" access checking, where server is responsible for
1496 * checking permission in each inode operation. An exception to this
1497 * is if ->permission() was invoked from sys_access() in which case an
1498 * access request is sent. Execute permission is still checked
1499 * locally based on file mode.
1501 static int fuse_permission(struct mnt_idmap *idmap,
1502 struct inode *inode, int mask)
1504 struct fuse_conn *fc = get_fuse_conn(inode);
1505 bool refreshed = false;
1508 if (fuse_is_bad(inode))
1511 if (!fuse_allow_current_process(fc))
1515 * If attributes are needed, refresh them before proceeding
1517 if (fc->default_permissions ||
1518 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1519 struct fuse_inode *fi = get_fuse_inode(inode);
1520 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1522 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1523 time_before64(fi->i_time, get_jiffies_64())) {
1526 err = fuse_perm_getattr(inode, mask);
1532 if (fc->default_permissions) {
1533 err = generic_permission(&nop_mnt_idmap, inode, mask);
1535 /* If permission is denied, try to refresh file
1536 attributes. This is also needed, because the root
1537 node will at first have no permissions */
1538 if (err == -EACCES && !refreshed) {
1539 err = fuse_perm_getattr(inode, mask);
1541 err = generic_permission(&nop_mnt_idmap,
1545 /* Note: the opposite of the above test does not
1546 exist. So if permissions are revoked this won't be
1547 noticed immediately, only after the attribute
1548 timeout has expired */
1549 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1550 err = fuse_access(inode, mask);
1551 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1552 if (!(inode->i_mode & S_IXUGO)) {
1556 err = fuse_perm_getattr(inode, mask);
1557 if (!err && !(inode->i_mode & S_IXUGO))
1564 static int fuse_readlink_page(struct inode *inode, struct page *page)
1566 struct fuse_mount *fm = get_fuse_mount(inode);
1567 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1568 struct fuse_args_pages ap = {
1576 ap.args.opcode = FUSE_READLINK;
1577 ap.args.nodeid = get_node_id(inode);
1578 ap.args.out_pages = true;
1579 ap.args.out_argvar = true;
1580 ap.args.page_zeroing = true;
1581 ap.args.out_numargs = 1;
1582 ap.args.out_args[0].size = desc.length;
1583 res = fuse_simple_request(fm, &ap.args);
1585 fuse_invalidate_atime(inode);
1590 if (WARN_ON(res >= PAGE_SIZE))
1593 link = page_address(page);
1599 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1600 struct delayed_call *callback)
1602 struct fuse_conn *fc = get_fuse_conn(inode);
1607 if (fuse_is_bad(inode))
1610 if (fc->cache_symlinks)
1611 return page_get_link(dentry, inode, callback);
1617 page = alloc_page(GFP_KERNEL);
1622 err = fuse_readlink_page(inode, page);
1628 set_delayed_call(callback, page_put_link, page);
1630 return page_address(page);
1633 return ERR_PTR(err);
1636 static int fuse_dir_open(struct inode *inode, struct file *file)
1638 return fuse_open_common(inode, file, true);
1641 static int fuse_dir_release(struct inode *inode, struct file *file)
1643 fuse_release_common(file, true);
1648 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1651 struct inode *inode = file->f_mapping->host;
1652 struct fuse_conn *fc = get_fuse_conn(inode);
1655 if (fuse_is_bad(inode))
1658 if (fc->no_fsyncdir)
1662 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1663 if (err == -ENOSYS) {
1664 fc->no_fsyncdir = 1;
1667 inode_unlock(inode);
1672 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1675 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1677 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1681 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1684 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1687 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1692 return fuse_ioctl_common(file, cmd, arg,
1693 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1696 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1698 /* Always update if mtime is explicitly set */
1699 if (ivalid & ATTR_MTIME_SET)
1702 /* Or if kernel i_mtime is the official one */
1703 if (trust_local_mtime)
1706 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1707 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1710 /* In all other cases update */
1714 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1715 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1717 unsigned ivalid = iattr->ia_valid;
1719 if (ivalid & ATTR_MODE)
1720 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1721 if (ivalid & ATTR_UID)
1722 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1723 if (ivalid & ATTR_GID)
1724 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1725 if (ivalid & ATTR_SIZE)
1726 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1727 if (ivalid & ATTR_ATIME) {
1728 arg->valid |= FATTR_ATIME;
1729 arg->atime = iattr->ia_atime.tv_sec;
1730 arg->atimensec = iattr->ia_atime.tv_nsec;
1731 if (!(ivalid & ATTR_ATIME_SET))
1732 arg->valid |= FATTR_ATIME_NOW;
1734 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1735 arg->valid |= FATTR_MTIME;
1736 arg->mtime = iattr->ia_mtime.tv_sec;
1737 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1738 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1739 arg->valid |= FATTR_MTIME_NOW;
1741 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1742 arg->valid |= FATTR_CTIME;
1743 arg->ctime = iattr->ia_ctime.tv_sec;
1744 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1749 * Prevent concurrent writepages on inode
1751 * This is done by adding a negative bias to the inode write counter
1752 * and waiting for all pending writes to finish.
1754 void fuse_set_nowrite(struct inode *inode)
1756 struct fuse_inode *fi = get_fuse_inode(inode);
1758 BUG_ON(!inode_is_locked(inode));
1760 spin_lock(&fi->lock);
1761 BUG_ON(fi->writectr < 0);
1762 fi->writectr += FUSE_NOWRITE;
1763 spin_unlock(&fi->lock);
1764 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1768 * Allow writepages on inode
1770 * Remove the bias from the writecounter and send any queued
1773 static void __fuse_release_nowrite(struct inode *inode)
1775 struct fuse_inode *fi = get_fuse_inode(inode);
1777 BUG_ON(fi->writectr != FUSE_NOWRITE);
1779 fuse_flush_writepages(inode);
1782 void fuse_release_nowrite(struct inode *inode)
1784 struct fuse_inode *fi = get_fuse_inode(inode);
1786 spin_lock(&fi->lock);
1787 __fuse_release_nowrite(inode);
1788 spin_unlock(&fi->lock);
1791 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1792 struct inode *inode,
1793 struct fuse_setattr_in *inarg_p,
1794 struct fuse_attr_out *outarg_p)
1796 args->opcode = FUSE_SETATTR;
1797 args->nodeid = get_node_id(inode);
1798 args->in_numargs = 1;
1799 args->in_args[0].size = sizeof(*inarg_p);
1800 args->in_args[0].value = inarg_p;
1801 args->out_numargs = 1;
1802 args->out_args[0].size = sizeof(*outarg_p);
1803 args->out_args[0].value = outarg_p;
1807 * Flush inode->i_mtime to the server
1809 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1811 struct fuse_mount *fm = get_fuse_mount(inode);
1813 struct fuse_setattr_in inarg;
1814 struct fuse_attr_out outarg;
1816 memset(&inarg, 0, sizeof(inarg));
1817 memset(&outarg, 0, sizeof(outarg));
1819 inarg.valid = FATTR_MTIME;
1820 inarg.mtime = inode->i_mtime.tv_sec;
1821 inarg.mtimensec = inode->i_mtime.tv_nsec;
1822 if (fm->fc->minor >= 23) {
1823 inarg.valid |= FATTR_CTIME;
1824 inarg.ctime = inode_get_ctime(inode).tv_sec;
1825 inarg.ctimensec = inode_get_ctime(inode).tv_nsec;
1828 inarg.valid |= FATTR_FH;
1831 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1833 return fuse_simple_request(fm, &args);
1837 * Set attributes, and at the same time refresh them.
1839 * Truncation is slightly complicated, because the 'truncate' request
1840 * may fail, in which case we don't want to touch the mapping.
1841 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1842 * and the actual truncation by hand.
1844 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1847 struct inode *inode = d_inode(dentry);
1848 struct fuse_mount *fm = get_fuse_mount(inode);
1849 struct fuse_conn *fc = fm->fc;
1850 struct fuse_inode *fi = get_fuse_inode(inode);
1851 struct address_space *mapping = inode->i_mapping;
1853 struct fuse_setattr_in inarg;
1854 struct fuse_attr_out outarg;
1855 bool is_truncate = false;
1856 bool is_wb = fc->writeback_cache && S_ISREG(inode->i_mode);
1859 bool trust_local_cmtime = is_wb;
1860 bool fault_blocked = false;
1862 if (!fc->default_permissions)
1863 attr->ia_valid |= ATTR_FORCE;
1865 err = setattr_prepare(&nop_mnt_idmap, dentry, attr);
1869 if (attr->ia_valid & ATTR_SIZE) {
1870 if (WARN_ON(!S_ISREG(inode->i_mode)))
1875 if (FUSE_IS_DAX(inode) && is_truncate) {
1876 filemap_invalidate_lock(mapping);
1877 fault_blocked = true;
1878 err = fuse_dax_break_layouts(inode, 0, 0);
1880 filemap_invalidate_unlock(mapping);
1885 if (attr->ia_valid & ATTR_OPEN) {
1886 /* This is coming from open(..., ... | O_TRUNC); */
1887 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1888 WARN_ON(attr->ia_size != 0);
1889 if (fc->atomic_o_trunc) {
1891 * No need to send request to userspace, since actual
1892 * truncation has already been done by OPEN. But still
1893 * need to truncate page cache.
1895 i_size_write(inode, 0);
1896 truncate_pagecache(inode, 0);
1902 /* Flush dirty data/metadata before non-truncate SETATTR */
1905 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1907 err = write_inode_now(inode, true);
1911 fuse_set_nowrite(inode);
1912 fuse_release_nowrite(inode);
1916 fuse_set_nowrite(inode);
1917 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1918 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1919 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1922 memset(&inarg, 0, sizeof(inarg));
1923 memset(&outarg, 0, sizeof(outarg));
1924 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1926 struct fuse_file *ff = file->private_data;
1927 inarg.valid |= FATTR_FH;
1931 /* Kill suid/sgid for non-directory chown unconditionally */
1932 if (fc->handle_killpriv_v2 && !S_ISDIR(inode->i_mode) &&
1933 attr->ia_valid & (ATTR_UID | ATTR_GID))
1934 inarg.valid |= FATTR_KILL_SUIDGID;
1936 if (attr->ia_valid & ATTR_SIZE) {
1937 /* For mandatory locking in truncate */
1938 inarg.valid |= FATTR_LOCKOWNER;
1939 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1941 /* Kill suid/sgid for truncate only if no CAP_FSETID */
1942 if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
1943 inarg.valid |= FATTR_KILL_SUIDGID;
1945 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1946 err = fuse_simple_request(fm, &args);
1949 fuse_invalidate_attr(inode);
1953 if (fuse_invalid_attr(&outarg.attr) ||
1954 inode_wrong_type(inode, outarg.attr.mode)) {
1955 fuse_make_bad(inode);
1960 spin_lock(&fi->lock);
1961 /* the kernel maintains i_mtime locally */
1962 if (trust_local_cmtime) {
1963 if (attr->ia_valid & ATTR_MTIME)
1964 inode->i_mtime = attr->ia_mtime;
1965 if (attr->ia_valid & ATTR_CTIME)
1966 inode_set_ctime_to_ts(inode, attr->ia_ctime);
1967 /* FIXME: clear I_DIRTY_SYNC? */
1970 fuse_change_attributes_common(inode, &outarg.attr, NULL,
1971 ATTR_TIMEOUT(&outarg),
1972 fuse_get_cache_mask(inode));
1973 oldsize = inode->i_size;
1974 /* see the comment in fuse_change_attributes() */
1975 if (!is_wb || is_truncate)
1976 i_size_write(inode, outarg.attr.size);
1979 /* NOTE: this may release/reacquire fi->lock */
1980 __fuse_release_nowrite(inode);
1982 spin_unlock(&fi->lock);
1985 * Only call invalidate_inode_pages2() after removing
1986 * FUSE_NOWRITE, otherwise fuse_launder_folio() would deadlock.
1988 if ((is_truncate || !is_wb) &&
1989 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1990 truncate_pagecache(inode, outarg.attr.size);
1991 invalidate_inode_pages2(mapping);
1994 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1997 filemap_invalidate_unlock(mapping);
2003 fuse_release_nowrite(inode);
2005 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
2008 filemap_invalidate_unlock(mapping);
2012 static int fuse_setattr(struct mnt_idmap *idmap, struct dentry *entry,
2015 struct inode *inode = d_inode(entry);
2016 struct fuse_conn *fc = get_fuse_conn(inode);
2017 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
2020 if (fuse_is_bad(inode))
2023 if (!fuse_allow_current_process(get_fuse_conn(inode)))
2026 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
2027 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
2031 * The only sane way to reliably kill suid/sgid is to do it in
2032 * the userspace filesystem
2034 * This should be done on write(), truncate() and chown().
2036 if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
2038 * ia_mode calculation may have used stale i_mode.
2039 * Refresh and recalculate.
2041 ret = fuse_do_getattr(inode, NULL, file);
2045 attr->ia_mode = inode->i_mode;
2046 if (inode->i_mode & S_ISUID) {
2047 attr->ia_valid |= ATTR_MODE;
2048 attr->ia_mode &= ~S_ISUID;
2050 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
2051 attr->ia_valid |= ATTR_MODE;
2052 attr->ia_mode &= ~S_ISGID;
2056 if (!attr->ia_valid)
2059 ret = fuse_do_setattr(entry, attr, file);
2062 * If filesystem supports acls it may have updated acl xattrs in
2063 * the filesystem, so forget cached acls for the inode.
2066 forget_all_cached_acls(inode);
2068 /* Directory mode changed, may need to revalidate access */
2069 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
2070 fuse_invalidate_entry_cache(entry);
2075 static int fuse_getattr(struct mnt_idmap *idmap,
2076 const struct path *path, struct kstat *stat,
2077 u32 request_mask, unsigned int flags)
2079 struct inode *inode = d_inode(path->dentry);
2080 struct fuse_conn *fc = get_fuse_conn(inode);
2082 if (fuse_is_bad(inode))
2085 if (!fuse_allow_current_process(fc)) {
2086 if (!request_mask) {
2088 * If user explicitly requested *nothing* then don't
2089 * error out, but return st_dev only.
2091 stat->result_mask = 0;
2092 stat->dev = inode->i_sb->s_dev;
2098 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
2101 static const struct inode_operations fuse_dir_inode_operations = {
2102 .lookup = fuse_lookup,
2103 .mkdir = fuse_mkdir,
2104 .symlink = fuse_symlink,
2105 .unlink = fuse_unlink,
2106 .rmdir = fuse_rmdir,
2107 .rename = fuse_rename2,
2109 .setattr = fuse_setattr,
2110 .create = fuse_create,
2111 .atomic_open = fuse_atomic_open,
2112 .tmpfile = fuse_tmpfile,
2113 .mknod = fuse_mknod,
2114 .permission = fuse_permission,
2115 .getattr = fuse_getattr,
2116 .listxattr = fuse_listxattr,
2117 .get_inode_acl = fuse_get_inode_acl,
2118 .get_acl = fuse_get_acl,
2119 .set_acl = fuse_set_acl,
2120 .fileattr_get = fuse_fileattr_get,
2121 .fileattr_set = fuse_fileattr_set,
2124 static const struct file_operations fuse_dir_operations = {
2125 .llseek = generic_file_llseek,
2126 .read = generic_read_dir,
2127 .iterate_shared = fuse_readdir,
2128 .open = fuse_dir_open,
2129 .release = fuse_dir_release,
2130 .fsync = fuse_dir_fsync,
2131 .unlocked_ioctl = fuse_dir_ioctl,
2132 .compat_ioctl = fuse_dir_compat_ioctl,
2135 static const struct inode_operations fuse_common_inode_operations = {
2136 .setattr = fuse_setattr,
2137 .permission = fuse_permission,
2138 .getattr = fuse_getattr,
2139 .listxattr = fuse_listxattr,
2140 .get_inode_acl = fuse_get_inode_acl,
2141 .get_acl = fuse_get_acl,
2142 .set_acl = fuse_set_acl,
2143 .fileattr_get = fuse_fileattr_get,
2144 .fileattr_set = fuse_fileattr_set,
2147 static const struct inode_operations fuse_symlink_inode_operations = {
2148 .setattr = fuse_setattr,
2149 .get_link = fuse_get_link,
2150 .getattr = fuse_getattr,
2151 .listxattr = fuse_listxattr,
2154 void fuse_init_common(struct inode *inode)
2156 inode->i_op = &fuse_common_inode_operations;
2159 void fuse_init_dir(struct inode *inode)
2161 struct fuse_inode *fi = get_fuse_inode(inode);
2163 inode->i_op = &fuse_dir_inode_operations;
2164 inode->i_fop = &fuse_dir_operations;
2166 spin_lock_init(&fi->rdc.lock);
2167 fi->rdc.cached = false;
2170 fi->rdc.version = 0;
2173 static int fuse_symlink_read_folio(struct file *null, struct folio *folio)
2175 int err = fuse_readlink_page(folio->mapping->host, &folio->page);
2178 folio_mark_uptodate(folio);
2180 folio_unlock(folio);
2185 static const struct address_space_operations fuse_symlink_aops = {
2186 .read_folio = fuse_symlink_read_folio,
2189 void fuse_init_symlink(struct inode *inode)
2191 inode->i_op = &fuse_symlink_inode_operations;
2192 inode->i_data.a_ops = &fuse_symlink_aops;
2193 inode_nohighmem(inode);