2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/file.h>
13 #include <linux/fs_context.h>
14 #include <linux/sched.h>
15 #include <linux/namei.h>
16 #include <linux/slab.h>
17 #include <linux/xattr.h>
18 #include <linux/iversion.h>
19 #include <linux/posix_acl.h>
21 static void fuse_advise_use_readdirplus(struct inode *dir)
23 struct fuse_inode *fi = get_fuse_inode(dir);
25 set_bit(FUSE_I_ADVISE_RDPLUS, &fi->state);
28 #if BITS_PER_LONG >= 64
29 static inline void __fuse_dentry_settime(struct dentry *entry, u64 time)
31 entry->d_fsdata = (void *) time;
34 static inline u64 fuse_dentry_time(const struct dentry *entry)
36 return (u64)entry->d_fsdata;
45 static inline void __fuse_dentry_settime(struct dentry *dentry, u64 time)
47 ((union fuse_dentry *) dentry->d_fsdata)->time = time;
50 static inline u64 fuse_dentry_time(const struct dentry *entry)
52 return ((union fuse_dentry *) entry->d_fsdata)->time;
56 static void fuse_dentry_settime(struct dentry *dentry, u64 time)
58 struct fuse_conn *fc = get_fuse_conn_super(dentry->d_sb);
59 bool delete = !time && fc->delete_stale;
61 * Mess with DCACHE_OP_DELETE because dput() will be faster without it.
62 * Don't care about races, either way it's just an optimization
64 if ((!delete && (dentry->d_flags & DCACHE_OP_DELETE)) ||
65 (delete && !(dentry->d_flags & DCACHE_OP_DELETE))) {
66 spin_lock(&dentry->d_lock);
68 dentry->d_flags &= ~DCACHE_OP_DELETE;
70 dentry->d_flags |= DCACHE_OP_DELETE;
71 spin_unlock(&dentry->d_lock);
74 __fuse_dentry_settime(dentry, time);
78 * FUSE caches dentries and attributes with separate timeout. The
79 * time in jiffies until the dentry/attributes are valid is stored in
80 * dentry->d_fsdata and fuse_inode->i_time respectively.
84 * Calculate the time in jiffies until a dentry/attributes are valid
86 static u64 time_to_jiffies(u64 sec, u32 nsec)
89 struct timespec64 ts = {
91 min_t(u32, nsec, NSEC_PER_SEC - 1)
94 return get_jiffies_64() + timespec64_to_jiffies(&ts);
100 * Set dentry and possibly attribute timeouts from the lookup/mk*
103 void fuse_change_entry_timeout(struct dentry *entry, struct fuse_entry_out *o)
105 fuse_dentry_settime(entry,
106 time_to_jiffies(o->entry_valid, o->entry_valid_nsec));
109 static u64 attr_timeout(struct fuse_attr_out *o)
111 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
114 u64 entry_attr_timeout(struct fuse_entry_out *o)
116 return time_to_jiffies(o->attr_valid, o->attr_valid_nsec);
119 static void fuse_invalidate_attr_mask(struct inode *inode, u32 mask)
121 set_mask_bits(&get_fuse_inode(inode)->inval_mask, 0, mask);
125 * Mark the attributes as stale, so that at the next call to
126 * ->getattr() they will be fetched from userspace
128 void fuse_invalidate_attr(struct inode *inode)
130 fuse_invalidate_attr_mask(inode, STATX_BASIC_STATS);
133 static void fuse_dir_changed(struct inode *dir)
135 fuse_invalidate_attr(dir);
136 inode_maybe_inc_iversion(dir, false);
140 * Mark the attributes as stale due to an atime change. Avoid the invalidate if
143 void fuse_invalidate_atime(struct inode *inode)
145 if (!IS_RDONLY(inode))
146 fuse_invalidate_attr_mask(inode, STATX_ATIME);
150 * Just mark the entry as stale, so that a next attempt to look it up
151 * will result in a new lookup call to userspace
153 * This is called when a dentry is about to become negative and the
154 * timeout is unknown (unlink, rmdir, rename and in some cases
157 void fuse_invalidate_entry_cache(struct dentry *entry)
159 fuse_dentry_settime(entry, 0);
163 * Same as fuse_invalidate_entry_cache(), but also try to remove the
164 * dentry from the hash
166 static void fuse_invalidate_entry(struct dentry *entry)
169 fuse_invalidate_entry_cache(entry);
172 static void fuse_lookup_init(struct fuse_conn *fc, struct fuse_args *args,
173 u64 nodeid, const struct qstr *name,
174 struct fuse_entry_out *outarg)
176 memset(outarg, 0, sizeof(struct fuse_entry_out));
177 args->opcode = FUSE_LOOKUP;
178 args->nodeid = nodeid;
179 args->in_numargs = 1;
180 args->in_args[0].size = name->len + 1;
181 args->in_args[0].value = name->name;
182 args->out_numargs = 1;
183 args->out_args[0].size = sizeof(struct fuse_entry_out);
184 args->out_args[0].value = outarg;
188 * Check whether the dentry is still valid
190 * If the entry validity timeout has expired and the dentry is
191 * positive, try to redo the lookup. If the lookup results in a
192 * different inode, then let the VFS invalidate the dentry and redo
193 * the lookup once more. If the lookup results in the same inode,
194 * then refresh the attributes, timeouts and mark the dentry valid.
196 static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags)
199 struct dentry *parent;
200 struct fuse_mount *fm;
201 struct fuse_inode *fi;
204 inode = d_inode_rcu(entry);
205 if (inode && fuse_is_bad(inode))
207 else if (time_before64(fuse_dentry_time(entry), get_jiffies_64()) ||
208 (flags & (LOOKUP_EXCL | LOOKUP_REVAL))) {
209 struct fuse_entry_out outarg;
211 struct fuse_forget_link *forget;
214 /* For negative dentries, always do a fresh lookup */
219 if (flags & LOOKUP_RCU)
222 fm = get_fuse_mount(inode);
224 forget = fuse_alloc_forget();
229 attr_version = fuse_get_attr_version(fm->fc);
231 parent = dget_parent(entry);
232 fuse_lookup_init(fm->fc, &args, get_node_id(d_inode(parent)),
233 &entry->d_name, &outarg);
234 ret = fuse_simple_request(fm, &args);
236 /* Zero nodeid is same as -ENOENT */
237 if (!ret && !outarg.nodeid)
240 fi = get_fuse_inode(inode);
241 if (outarg.nodeid != get_node_id(inode) ||
242 (bool) IS_AUTOMOUNT(inode) != (bool) (outarg.attr.flags & FUSE_ATTR_SUBMOUNT)) {
243 fuse_queue_forget(fm->fc, forget,
247 spin_lock(&fi->lock);
249 spin_unlock(&fi->lock);
254 if (ret || fuse_invalid_attr(&outarg.attr) ||
255 fuse_stale_inode(inode, outarg.generation, &outarg.attr))
258 forget_all_cached_acls(inode);
259 fuse_change_attributes(inode, &outarg.attr,
260 entry_attr_timeout(&outarg),
262 fuse_change_entry_timeout(entry, &outarg);
264 fi = get_fuse_inode(inode);
265 if (flags & LOOKUP_RCU) {
266 if (test_bit(FUSE_I_INIT_RDPLUS, &fi->state))
268 } else if (test_and_clear_bit(FUSE_I_INIT_RDPLUS, &fi->state)) {
269 parent = dget_parent(entry);
270 fuse_advise_use_readdirplus(d_inode(parent));
283 #if BITS_PER_LONG < 64
284 static int fuse_dentry_init(struct dentry *dentry)
286 dentry->d_fsdata = kzalloc(sizeof(union fuse_dentry),
287 GFP_KERNEL_ACCOUNT | __GFP_RECLAIMABLE);
289 return dentry->d_fsdata ? 0 : -ENOMEM;
291 static void fuse_dentry_release(struct dentry *dentry)
293 union fuse_dentry *fd = dentry->d_fsdata;
299 static int fuse_dentry_delete(const struct dentry *dentry)
301 return time_before64(fuse_dentry_time(dentry), get_jiffies_64());
305 * Create a fuse_mount object with a new superblock (with path->dentry
306 * as the root), and return that mount so it can be auto-mounted on
309 static struct vfsmount *fuse_dentry_automount(struct path *path)
311 struct fs_context *fsc;
312 struct fuse_mount *parent_fm = get_fuse_mount_super(path->mnt->mnt_sb);
313 struct fuse_conn *fc = parent_fm->fc;
314 struct fuse_mount *fm;
315 struct vfsmount *mnt;
316 struct fuse_inode *mp_fi = get_fuse_inode(d_inode(path->dentry));
317 struct super_block *sb;
320 fsc = fs_context_for_submount(path->mnt->mnt_sb->s_type, path->dentry);
327 fm = kzalloc(sizeof(struct fuse_mount), GFP_KERNEL);
332 sb = sget_fc(fsc, NULL, set_anon_super_fc);
338 fm->fc = fuse_conn_get(fc);
340 /* Initialize superblock, making @mp_fi its root */
341 err = fuse_fill_super_submount(sb, mp_fi);
345 sb->s_fs_info = NULL;
349 down_write(&fc->killsb);
350 list_add_tail(&fm->fc_entry, &fc->mounts);
351 up_write(&fc->killsb);
353 sb->s_flags |= SB_ACTIVE;
354 fsc->root = dget(sb->s_root);
357 * FIXME: setting SB_BORN requires a write barrier for
358 * super_cache_count(). We should actually come
359 * up with a proper ->get_tree() implementation
360 * for submounts and call vfs_get_tree() to take
361 * care of the write barrier.
364 sb->s_flags |= SB_BORN;
366 /* We are done configuring the superblock, so unlock it */
367 up_write(&sb->s_umount);
369 /* Create the submount */
370 mnt = vfs_create_mount(fsc);
381 * Only jump here when fsc->root is NULL and sb is still locked
382 * (otherwise put_fs_context() will put the superblock)
384 deactivate_locked_super(sb);
391 const struct dentry_operations fuse_dentry_operations = {
392 .d_revalidate = fuse_dentry_revalidate,
393 .d_delete = fuse_dentry_delete,
394 #if BITS_PER_LONG < 64
395 .d_init = fuse_dentry_init,
396 .d_release = fuse_dentry_release,
398 .d_automount = fuse_dentry_automount,
401 const struct dentry_operations fuse_root_dentry_operations = {
402 #if BITS_PER_LONG < 64
403 .d_init = fuse_dentry_init,
404 .d_release = fuse_dentry_release,
408 int fuse_valid_type(int m)
410 return S_ISREG(m) || S_ISDIR(m) || S_ISLNK(m) || S_ISCHR(m) ||
411 S_ISBLK(m) || S_ISFIFO(m) || S_ISSOCK(m);
414 bool fuse_invalid_attr(struct fuse_attr *attr)
416 return !fuse_valid_type(attr->mode) ||
417 attr->size > LLONG_MAX;
420 int fuse_lookup_name(struct super_block *sb, u64 nodeid, const struct qstr *name,
421 struct fuse_entry_out *outarg, struct inode **inode)
423 struct fuse_mount *fm = get_fuse_mount_super(sb);
425 struct fuse_forget_link *forget;
431 if (name->len > FUSE_NAME_MAX)
435 forget = fuse_alloc_forget();
440 attr_version = fuse_get_attr_version(fm->fc);
442 fuse_lookup_init(fm->fc, &args, nodeid, name, outarg);
443 err = fuse_simple_request(fm, &args);
444 /* Zero nodeid is same as -ENOENT, but with valid timeout */
445 if (err || !outarg->nodeid)
451 if (fuse_invalid_attr(&outarg->attr))
454 *inode = fuse_iget(sb, outarg->nodeid, outarg->generation,
455 &outarg->attr, entry_attr_timeout(outarg),
459 fuse_queue_forget(fm->fc, forget, outarg->nodeid, 1);
470 static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry,
474 struct fuse_entry_out outarg;
476 struct dentry *newent;
477 bool outarg_valid = true;
480 if (fuse_is_bad(dir))
481 return ERR_PTR(-EIO);
483 locked = fuse_lock_inode(dir);
484 err = fuse_lookup_name(dir->i_sb, get_node_id(dir), &entry->d_name,
486 fuse_unlock_inode(dir, locked);
487 if (err == -ENOENT) {
488 outarg_valid = false;
495 if (inode && get_node_id(inode) == FUSE_ROOT_ID)
498 newent = d_splice_alias(inode, entry);
499 err = PTR_ERR(newent);
503 entry = newent ? newent : entry;
505 fuse_change_entry_timeout(entry, &outarg);
507 fuse_invalidate_entry_cache(entry);
510 fuse_advise_use_readdirplus(dir);
520 * Atomic create+open operation
522 * If the filesystem doesn't support this, then fall back to separate
523 * 'mknod' + 'open' requests.
525 static int fuse_create_open(struct inode *dir, struct dentry *entry,
526 struct file *file, unsigned int flags,
531 struct fuse_mount *fm = get_fuse_mount(dir);
533 struct fuse_forget_link *forget;
534 struct fuse_create_in inarg;
535 struct fuse_open_out outopen;
536 struct fuse_entry_out outentry;
537 struct fuse_inode *fi;
538 struct fuse_file *ff;
540 /* Userspace expects S_IFREG in create mode */
541 BUG_ON((mode & S_IFMT) != S_IFREG);
543 forget = fuse_alloc_forget();
549 ff = fuse_file_alloc(fm);
551 goto out_put_forget_req;
553 if (!fm->fc->dont_mask)
554 mode &= ~current_umask();
557 memset(&inarg, 0, sizeof(inarg));
558 memset(&outentry, 0, sizeof(outentry));
561 inarg.umask = current_umask();
563 if (fm->fc->handle_killpriv_v2 && (flags & O_TRUNC) &&
564 !(flags & O_EXCL) && !capable(CAP_FSETID)) {
565 inarg.open_flags |= FUSE_OPEN_KILL_SUIDGID;
568 args.opcode = FUSE_CREATE;
569 args.nodeid = get_node_id(dir);
571 args.in_args[0].size = sizeof(inarg);
572 args.in_args[0].value = &inarg;
573 args.in_args[1].size = entry->d_name.len + 1;
574 args.in_args[1].value = entry->d_name.name;
575 args.out_numargs = 2;
576 args.out_args[0].size = sizeof(outentry);
577 args.out_args[0].value = &outentry;
578 args.out_args[1].size = sizeof(outopen);
579 args.out_args[1].value = &outopen;
580 err = fuse_simple_request(fm, &args);
585 if (!S_ISREG(outentry.attr.mode) || invalid_nodeid(outentry.nodeid) ||
586 fuse_invalid_attr(&outentry.attr))
590 ff->nodeid = outentry.nodeid;
591 ff->open_flags = outopen.open_flags;
592 inode = fuse_iget(dir->i_sb, outentry.nodeid, outentry.generation,
593 &outentry.attr, entry_attr_timeout(&outentry), 0);
595 flags &= ~(O_CREAT | O_EXCL | O_TRUNC);
596 fuse_sync_release(NULL, ff, flags);
597 fuse_queue_forget(fm->fc, forget, outentry.nodeid, 1);
602 d_instantiate(entry, inode);
603 fuse_change_entry_timeout(entry, &outentry);
604 fuse_dir_changed(dir);
605 err = finish_open(file, entry, generic_file_open);
607 fi = get_fuse_inode(inode);
608 fuse_sync_release(fi, ff, flags);
610 file->private_data = ff;
611 fuse_finish_open(inode, file);
623 static int fuse_mknod(struct user_namespace *, struct inode *, struct dentry *,
625 static int fuse_atomic_open(struct inode *dir, struct dentry *entry,
626 struct file *file, unsigned flags,
630 struct fuse_conn *fc = get_fuse_conn(dir);
631 struct dentry *res = NULL;
633 if (fuse_is_bad(dir))
636 if (d_in_lookup(entry)) {
637 res = fuse_lookup(dir, entry, 0);
645 if (!(flags & O_CREAT) || d_really_is_positive(entry))
649 file->f_mode |= FMODE_CREATED;
654 err = fuse_create_open(dir, entry, file, flags, mode);
655 if (err == -ENOSYS) {
664 err = fuse_mknod(&init_user_ns, dir, entry, mode, 0);
668 return finish_no_open(file, res);
672 * Code shared between mknod, mkdir, symlink and link
674 static int create_new_entry(struct fuse_mount *fm, struct fuse_args *args,
675 struct inode *dir, struct dentry *entry,
678 struct fuse_entry_out outarg;
682 struct fuse_forget_link *forget;
684 if (fuse_is_bad(dir))
687 forget = fuse_alloc_forget();
691 memset(&outarg, 0, sizeof(outarg));
692 args->nodeid = get_node_id(dir);
693 args->out_numargs = 1;
694 args->out_args[0].size = sizeof(outarg);
695 args->out_args[0].value = &outarg;
696 err = fuse_simple_request(fm, args);
698 goto out_put_forget_req;
701 if (invalid_nodeid(outarg.nodeid) || fuse_invalid_attr(&outarg.attr))
702 goto out_put_forget_req;
704 if ((outarg.attr.mode ^ mode) & S_IFMT)
705 goto out_put_forget_req;
707 inode = fuse_iget(dir->i_sb, outarg.nodeid, outarg.generation,
708 &outarg.attr, entry_attr_timeout(&outarg), 0);
710 fuse_queue_forget(fm->fc, forget, outarg.nodeid, 1);
716 d = d_splice_alias(inode, entry);
721 fuse_change_entry_timeout(d, &outarg);
724 fuse_change_entry_timeout(entry, &outarg);
726 fuse_dir_changed(dir);
734 static int fuse_mknod(struct user_namespace *mnt_userns, struct inode *dir,
735 struct dentry *entry, umode_t mode, dev_t rdev)
737 struct fuse_mknod_in inarg;
738 struct fuse_mount *fm = get_fuse_mount(dir);
741 if (!fm->fc->dont_mask)
742 mode &= ~current_umask();
744 memset(&inarg, 0, sizeof(inarg));
746 inarg.rdev = new_encode_dev(rdev);
747 inarg.umask = current_umask();
748 args.opcode = FUSE_MKNOD;
750 args.in_args[0].size = sizeof(inarg);
751 args.in_args[0].value = &inarg;
752 args.in_args[1].size = entry->d_name.len + 1;
753 args.in_args[1].value = entry->d_name.name;
754 return create_new_entry(fm, &args, dir, entry, mode);
757 static int fuse_create(struct user_namespace *mnt_userns, struct inode *dir,
758 struct dentry *entry, umode_t mode, bool excl)
760 return fuse_mknod(&init_user_ns, dir, entry, mode, 0);
763 static int fuse_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
764 struct dentry *entry, umode_t mode)
766 struct fuse_mkdir_in inarg;
767 struct fuse_mount *fm = get_fuse_mount(dir);
770 if (!fm->fc->dont_mask)
771 mode &= ~current_umask();
773 memset(&inarg, 0, sizeof(inarg));
775 inarg.umask = current_umask();
776 args.opcode = FUSE_MKDIR;
778 args.in_args[0].size = sizeof(inarg);
779 args.in_args[0].value = &inarg;
780 args.in_args[1].size = entry->d_name.len + 1;
781 args.in_args[1].value = entry->d_name.name;
782 return create_new_entry(fm, &args, dir, entry, S_IFDIR);
785 static int fuse_symlink(struct user_namespace *mnt_userns, struct inode *dir,
786 struct dentry *entry, const char *link)
788 struct fuse_mount *fm = get_fuse_mount(dir);
789 unsigned len = strlen(link) + 1;
792 args.opcode = FUSE_SYMLINK;
794 args.in_args[0].size = entry->d_name.len + 1;
795 args.in_args[0].value = entry->d_name.name;
796 args.in_args[1].size = len;
797 args.in_args[1].value = link;
798 return create_new_entry(fm, &args, dir, entry, S_IFLNK);
801 void fuse_update_ctime(struct inode *inode)
803 if (!IS_NOCMTIME(inode)) {
804 inode->i_ctime = current_time(inode);
805 mark_inode_dirty_sync(inode);
809 static int fuse_unlink(struct inode *dir, struct dentry *entry)
812 struct fuse_mount *fm = get_fuse_mount(dir);
815 if (fuse_is_bad(dir))
818 args.opcode = FUSE_UNLINK;
819 args.nodeid = get_node_id(dir);
821 args.in_args[0].size = entry->d_name.len + 1;
822 args.in_args[0].value = entry->d_name.name;
823 err = fuse_simple_request(fm, &args);
825 struct inode *inode = d_inode(entry);
826 struct fuse_inode *fi = get_fuse_inode(inode);
828 spin_lock(&fi->lock);
829 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version);
831 * If i_nlink == 0 then unlink doesn't make sense, yet this can
832 * happen if userspace filesystem is careless. It would be
833 * difficult to enforce correct nlink usage so just ignore this
836 if (inode->i_nlink > 0)
838 spin_unlock(&fi->lock);
839 fuse_invalidate_attr(inode);
840 fuse_dir_changed(dir);
841 fuse_invalidate_entry_cache(entry);
842 fuse_update_ctime(inode);
843 } else if (err == -EINTR)
844 fuse_invalidate_entry(entry);
848 static int fuse_rmdir(struct inode *dir, struct dentry *entry)
851 struct fuse_mount *fm = get_fuse_mount(dir);
854 if (fuse_is_bad(dir))
857 args.opcode = FUSE_RMDIR;
858 args.nodeid = get_node_id(dir);
860 args.in_args[0].size = entry->d_name.len + 1;
861 args.in_args[0].value = entry->d_name.name;
862 err = fuse_simple_request(fm, &args);
864 clear_nlink(d_inode(entry));
865 fuse_dir_changed(dir);
866 fuse_invalidate_entry_cache(entry);
867 } else if (err == -EINTR)
868 fuse_invalidate_entry(entry);
872 static int fuse_rename_common(struct inode *olddir, struct dentry *oldent,
873 struct inode *newdir, struct dentry *newent,
874 unsigned int flags, int opcode, size_t argsize)
877 struct fuse_rename2_in inarg;
878 struct fuse_mount *fm = get_fuse_mount(olddir);
881 memset(&inarg, 0, argsize);
882 inarg.newdir = get_node_id(newdir);
884 args.opcode = opcode;
885 args.nodeid = get_node_id(olddir);
887 args.in_args[0].size = argsize;
888 args.in_args[0].value = &inarg;
889 args.in_args[1].size = oldent->d_name.len + 1;
890 args.in_args[1].value = oldent->d_name.name;
891 args.in_args[2].size = newent->d_name.len + 1;
892 args.in_args[2].value = newent->d_name.name;
893 err = fuse_simple_request(fm, &args);
896 fuse_invalidate_attr(d_inode(oldent));
897 fuse_update_ctime(d_inode(oldent));
899 if (flags & RENAME_EXCHANGE) {
900 fuse_invalidate_attr(d_inode(newent));
901 fuse_update_ctime(d_inode(newent));
904 fuse_dir_changed(olddir);
905 if (olddir != newdir)
906 fuse_dir_changed(newdir);
908 /* newent will end up negative */
909 if (!(flags & RENAME_EXCHANGE) && d_really_is_positive(newent)) {
910 fuse_invalidate_attr(d_inode(newent));
911 fuse_invalidate_entry_cache(newent);
912 fuse_update_ctime(d_inode(newent));
914 } else if (err == -EINTR) {
915 /* If request was interrupted, DEITY only knows if the
916 rename actually took place. If the invalidation
917 fails (e.g. some process has CWD under the renamed
918 directory), then there can be inconsistency between
919 the dcache and the real filesystem. Tough luck. */
920 fuse_invalidate_entry(oldent);
921 if (d_really_is_positive(newent))
922 fuse_invalidate_entry(newent);
928 static int fuse_rename2(struct user_namespace *mnt_userns, struct inode *olddir,
929 struct dentry *oldent, struct inode *newdir,
930 struct dentry *newent, unsigned int flags)
932 struct fuse_conn *fc = get_fuse_conn(olddir);
935 if (fuse_is_bad(olddir))
938 if (flags & ~(RENAME_NOREPLACE | RENAME_EXCHANGE | RENAME_WHITEOUT))
942 if (fc->no_rename2 || fc->minor < 23)
945 err = fuse_rename_common(olddir, oldent, newdir, newent, flags,
947 sizeof(struct fuse_rename2_in));
948 if (err == -ENOSYS) {
953 err = fuse_rename_common(olddir, oldent, newdir, newent, 0,
955 sizeof(struct fuse_rename_in));
961 static int fuse_link(struct dentry *entry, struct inode *newdir,
962 struct dentry *newent)
965 struct fuse_link_in inarg;
966 struct inode *inode = d_inode(entry);
967 struct fuse_mount *fm = get_fuse_mount(inode);
970 memset(&inarg, 0, sizeof(inarg));
971 inarg.oldnodeid = get_node_id(inode);
972 args.opcode = FUSE_LINK;
974 args.in_args[0].size = sizeof(inarg);
975 args.in_args[0].value = &inarg;
976 args.in_args[1].size = newent->d_name.len + 1;
977 args.in_args[1].value = newent->d_name.name;
978 err = create_new_entry(fm, &args, newdir, newent, inode->i_mode);
979 /* Contrary to "normal" filesystems it can happen that link
980 makes two "logical" inodes point to the same "physical"
981 inode. We invalidate the attributes of the old one, so it
982 will reflect changes in the backing inode (link count,
986 struct fuse_inode *fi = get_fuse_inode(inode);
988 spin_lock(&fi->lock);
989 fi->attr_version = atomic64_inc_return(&fm->fc->attr_version);
990 if (likely(inode->i_nlink < UINT_MAX))
992 spin_unlock(&fi->lock);
993 fuse_invalidate_attr(inode);
994 fuse_update_ctime(inode);
995 } else if (err == -EINTR) {
996 fuse_invalidate_attr(inode);
1001 static void fuse_fillattr(struct inode *inode, struct fuse_attr *attr,
1004 unsigned int blkbits;
1005 struct fuse_conn *fc = get_fuse_conn(inode);
1007 /* see the comment in fuse_change_attributes() */
1008 if (fc->writeback_cache && S_ISREG(inode->i_mode)) {
1009 attr->size = i_size_read(inode);
1010 attr->mtime = inode->i_mtime.tv_sec;
1011 attr->mtimensec = inode->i_mtime.tv_nsec;
1012 attr->ctime = inode->i_ctime.tv_sec;
1013 attr->ctimensec = inode->i_ctime.tv_nsec;
1016 stat->dev = inode->i_sb->s_dev;
1017 stat->ino = attr->ino;
1018 stat->mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
1019 stat->nlink = attr->nlink;
1020 stat->uid = make_kuid(fc->user_ns, attr->uid);
1021 stat->gid = make_kgid(fc->user_ns, attr->gid);
1022 stat->rdev = inode->i_rdev;
1023 stat->atime.tv_sec = attr->atime;
1024 stat->atime.tv_nsec = attr->atimensec;
1025 stat->mtime.tv_sec = attr->mtime;
1026 stat->mtime.tv_nsec = attr->mtimensec;
1027 stat->ctime.tv_sec = attr->ctime;
1028 stat->ctime.tv_nsec = attr->ctimensec;
1029 stat->size = attr->size;
1030 stat->blocks = attr->blocks;
1032 if (attr->blksize != 0)
1033 blkbits = ilog2(attr->blksize);
1035 blkbits = inode->i_sb->s_blocksize_bits;
1037 stat->blksize = 1 << blkbits;
1040 static int fuse_do_getattr(struct inode *inode, struct kstat *stat,
1044 struct fuse_getattr_in inarg;
1045 struct fuse_attr_out outarg;
1046 struct fuse_mount *fm = get_fuse_mount(inode);
1050 attr_version = fuse_get_attr_version(fm->fc);
1052 memset(&inarg, 0, sizeof(inarg));
1053 memset(&outarg, 0, sizeof(outarg));
1054 /* Directories have separate file-handle space */
1055 if (file && S_ISREG(inode->i_mode)) {
1056 struct fuse_file *ff = file->private_data;
1058 inarg.getattr_flags |= FUSE_GETATTR_FH;
1061 args.opcode = FUSE_GETATTR;
1062 args.nodeid = get_node_id(inode);
1063 args.in_numargs = 1;
1064 args.in_args[0].size = sizeof(inarg);
1065 args.in_args[0].value = &inarg;
1066 args.out_numargs = 1;
1067 args.out_args[0].size = sizeof(outarg);
1068 args.out_args[0].value = &outarg;
1069 err = fuse_simple_request(fm, &args);
1071 if (fuse_invalid_attr(&outarg.attr) ||
1072 inode_wrong_type(inode, outarg.attr.mode)) {
1073 fuse_make_bad(inode);
1076 fuse_change_attributes(inode, &outarg.attr,
1077 attr_timeout(&outarg),
1080 fuse_fillattr(inode, &outarg.attr, stat);
1086 static int fuse_update_get_attr(struct inode *inode, struct file *file,
1087 struct kstat *stat, u32 request_mask,
1090 struct fuse_inode *fi = get_fuse_inode(inode);
1094 if (flags & AT_STATX_FORCE_SYNC)
1096 else if (flags & AT_STATX_DONT_SYNC)
1098 else if (request_mask & READ_ONCE(fi->inval_mask))
1101 sync = time_before64(fi->i_time, get_jiffies_64());
1104 forget_all_cached_acls(inode);
1105 err = fuse_do_getattr(inode, stat, file);
1107 generic_fillattr(&init_user_ns, inode, stat);
1108 stat->mode = fi->orig_i_mode;
1109 stat->ino = fi->orig_ino;
1115 int fuse_update_attributes(struct inode *inode, struct file *file)
1117 /* Do *not* need to get atime for internal purposes */
1118 return fuse_update_get_attr(inode, file, NULL,
1119 STATX_BASIC_STATS & ~STATX_ATIME, 0);
1122 int fuse_reverse_inval_entry(struct fuse_conn *fc, u64 parent_nodeid,
1123 u64 child_nodeid, struct qstr *name)
1126 struct inode *parent;
1128 struct dentry *entry;
1130 parent = fuse_ilookup(fc, parent_nodeid, NULL);
1135 if (!S_ISDIR(parent->i_mode))
1139 dir = d_find_alias(parent);
1143 name->hash = full_name_hash(dir, name->name, name->len);
1144 entry = d_lookup(dir, name);
1149 fuse_dir_changed(parent);
1150 fuse_invalidate_entry(entry);
1152 if (child_nodeid != 0 && d_really_is_positive(entry)) {
1153 inode_lock(d_inode(entry));
1154 if (get_node_id(d_inode(entry)) != child_nodeid) {
1158 if (d_mountpoint(entry)) {
1162 if (d_is_dir(entry)) {
1163 shrink_dcache_parent(entry);
1164 if (!simple_empty(entry)) {
1168 d_inode(entry)->i_flags |= S_DEAD;
1171 clear_nlink(d_inode(entry));
1174 inode_unlock(d_inode(entry));
1183 inode_unlock(parent);
1189 * Calling into a user-controlled filesystem gives the filesystem
1190 * daemon ptrace-like capabilities over the current process. This
1191 * means, that the filesystem daemon is able to record the exact
1192 * filesystem operations performed, and can also control the behavior
1193 * of the requester process in otherwise impossible ways. For example
1194 * it can delay the operation for arbitrary length of time allowing
1195 * DoS against the requester.
1197 * For this reason only those processes can call into the filesystem,
1198 * for which the owner of the mount has ptrace privilege. This
1199 * excludes processes started by other users, suid or sgid processes.
1201 int fuse_allow_current_process(struct fuse_conn *fc)
1203 const struct cred *cred;
1205 if (fc->allow_other)
1206 return current_in_userns(fc->user_ns);
1208 cred = current_cred();
1209 if (uid_eq(cred->euid, fc->user_id) &&
1210 uid_eq(cred->suid, fc->user_id) &&
1211 uid_eq(cred->uid, fc->user_id) &&
1212 gid_eq(cred->egid, fc->group_id) &&
1213 gid_eq(cred->sgid, fc->group_id) &&
1214 gid_eq(cred->gid, fc->group_id))
1220 static int fuse_access(struct inode *inode, int mask)
1222 struct fuse_mount *fm = get_fuse_mount(inode);
1224 struct fuse_access_in inarg;
1227 BUG_ON(mask & MAY_NOT_BLOCK);
1229 if (fm->fc->no_access)
1232 memset(&inarg, 0, sizeof(inarg));
1233 inarg.mask = mask & (MAY_READ | MAY_WRITE | MAY_EXEC);
1234 args.opcode = FUSE_ACCESS;
1235 args.nodeid = get_node_id(inode);
1236 args.in_numargs = 1;
1237 args.in_args[0].size = sizeof(inarg);
1238 args.in_args[0].value = &inarg;
1239 err = fuse_simple_request(fm, &args);
1240 if (err == -ENOSYS) {
1241 fm->fc->no_access = 1;
1247 static int fuse_perm_getattr(struct inode *inode, int mask)
1249 if (mask & MAY_NOT_BLOCK)
1252 forget_all_cached_acls(inode);
1253 return fuse_do_getattr(inode, NULL, NULL);
1257 * Check permission. The two basic access models of FUSE are:
1259 * 1) Local access checking ('default_permissions' mount option) based
1260 * on file mode. This is the plain old disk filesystem permission
1263 * 2) "Remote" access checking, where server is responsible for
1264 * checking permission in each inode operation. An exception to this
1265 * is if ->permission() was invoked from sys_access() in which case an
1266 * access request is sent. Execute permission is still checked
1267 * locally based on file mode.
1269 static int fuse_permission(struct user_namespace *mnt_userns,
1270 struct inode *inode, int mask)
1272 struct fuse_conn *fc = get_fuse_conn(inode);
1273 bool refreshed = false;
1276 if (fuse_is_bad(inode))
1279 if (!fuse_allow_current_process(fc))
1283 * If attributes are needed, refresh them before proceeding
1285 if (fc->default_permissions ||
1286 ((mask & MAY_EXEC) && S_ISREG(inode->i_mode))) {
1287 struct fuse_inode *fi = get_fuse_inode(inode);
1288 u32 perm_mask = STATX_MODE | STATX_UID | STATX_GID;
1290 if (perm_mask & READ_ONCE(fi->inval_mask) ||
1291 time_before64(fi->i_time, get_jiffies_64())) {
1294 err = fuse_perm_getattr(inode, mask);
1300 if (fc->default_permissions) {
1301 err = generic_permission(&init_user_ns, inode, mask);
1303 /* If permission is denied, try to refresh file
1304 attributes. This is also needed, because the root
1305 node will at first have no permissions */
1306 if (err == -EACCES && !refreshed) {
1307 err = fuse_perm_getattr(inode, mask);
1309 err = generic_permission(&init_user_ns,
1313 /* Note: the opposite of the above test does not
1314 exist. So if permissions are revoked this won't be
1315 noticed immediately, only after the attribute
1316 timeout has expired */
1317 } else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
1318 err = fuse_access(inode, mask);
1319 } else if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) {
1320 if (!(inode->i_mode & S_IXUGO)) {
1324 err = fuse_perm_getattr(inode, mask);
1325 if (!err && !(inode->i_mode & S_IXUGO))
1332 static int fuse_readlink_page(struct inode *inode, struct page *page)
1334 struct fuse_mount *fm = get_fuse_mount(inode);
1335 struct fuse_page_desc desc = { .length = PAGE_SIZE - 1 };
1336 struct fuse_args_pages ap = {
1344 ap.args.opcode = FUSE_READLINK;
1345 ap.args.nodeid = get_node_id(inode);
1346 ap.args.out_pages = true;
1347 ap.args.out_argvar = true;
1348 ap.args.page_zeroing = true;
1349 ap.args.out_numargs = 1;
1350 ap.args.out_args[0].size = desc.length;
1351 res = fuse_simple_request(fm, &ap.args);
1353 fuse_invalidate_atime(inode);
1358 if (WARN_ON(res >= PAGE_SIZE))
1361 link = page_address(page);
1367 static const char *fuse_get_link(struct dentry *dentry, struct inode *inode,
1368 struct delayed_call *callback)
1370 struct fuse_conn *fc = get_fuse_conn(inode);
1375 if (fuse_is_bad(inode))
1378 if (fc->cache_symlinks)
1379 return page_get_link(dentry, inode, callback);
1385 page = alloc_page(GFP_KERNEL);
1390 err = fuse_readlink_page(inode, page);
1396 set_delayed_call(callback, page_put_link, page);
1398 return page_address(page);
1401 return ERR_PTR(err);
1404 static int fuse_dir_open(struct inode *inode, struct file *file)
1406 return fuse_open_common(inode, file, true);
1409 static int fuse_dir_release(struct inode *inode, struct file *file)
1411 fuse_release_common(file, true);
1416 static int fuse_dir_fsync(struct file *file, loff_t start, loff_t end,
1419 struct inode *inode = file->f_mapping->host;
1420 struct fuse_conn *fc = get_fuse_conn(inode);
1423 if (fuse_is_bad(inode))
1426 if (fc->no_fsyncdir)
1430 err = fuse_fsync_common(file, start, end, datasync, FUSE_FSYNCDIR);
1431 if (err == -ENOSYS) {
1432 fc->no_fsyncdir = 1;
1435 inode_unlock(inode);
1440 static long fuse_dir_ioctl(struct file *file, unsigned int cmd,
1443 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1445 /* FUSE_IOCTL_DIR only supported for API version >= 7.18 */
1449 return fuse_ioctl_common(file, cmd, arg, FUSE_IOCTL_DIR);
1452 static long fuse_dir_compat_ioctl(struct file *file, unsigned int cmd,
1455 struct fuse_conn *fc = get_fuse_conn(file->f_mapping->host);
1460 return fuse_ioctl_common(file, cmd, arg,
1461 FUSE_IOCTL_COMPAT | FUSE_IOCTL_DIR);
1464 static bool update_mtime(unsigned ivalid, bool trust_local_mtime)
1466 /* Always update if mtime is explicitly set */
1467 if (ivalid & ATTR_MTIME_SET)
1470 /* Or if kernel i_mtime is the official one */
1471 if (trust_local_mtime)
1474 /* If it's an open(O_TRUNC) or an ftruncate(), don't update */
1475 if ((ivalid & ATTR_SIZE) && (ivalid & (ATTR_OPEN | ATTR_FILE)))
1478 /* In all other cases update */
1482 static void iattr_to_fattr(struct fuse_conn *fc, struct iattr *iattr,
1483 struct fuse_setattr_in *arg, bool trust_local_cmtime)
1485 unsigned ivalid = iattr->ia_valid;
1487 if (ivalid & ATTR_MODE)
1488 arg->valid |= FATTR_MODE, arg->mode = iattr->ia_mode;
1489 if (ivalid & ATTR_UID)
1490 arg->valid |= FATTR_UID, arg->uid = from_kuid(fc->user_ns, iattr->ia_uid);
1491 if (ivalid & ATTR_GID)
1492 arg->valid |= FATTR_GID, arg->gid = from_kgid(fc->user_ns, iattr->ia_gid);
1493 if (ivalid & ATTR_SIZE)
1494 arg->valid |= FATTR_SIZE, arg->size = iattr->ia_size;
1495 if (ivalid & ATTR_ATIME) {
1496 arg->valid |= FATTR_ATIME;
1497 arg->atime = iattr->ia_atime.tv_sec;
1498 arg->atimensec = iattr->ia_atime.tv_nsec;
1499 if (!(ivalid & ATTR_ATIME_SET))
1500 arg->valid |= FATTR_ATIME_NOW;
1502 if ((ivalid & ATTR_MTIME) && update_mtime(ivalid, trust_local_cmtime)) {
1503 arg->valid |= FATTR_MTIME;
1504 arg->mtime = iattr->ia_mtime.tv_sec;
1505 arg->mtimensec = iattr->ia_mtime.tv_nsec;
1506 if (!(ivalid & ATTR_MTIME_SET) && !trust_local_cmtime)
1507 arg->valid |= FATTR_MTIME_NOW;
1509 if ((ivalid & ATTR_CTIME) && trust_local_cmtime) {
1510 arg->valid |= FATTR_CTIME;
1511 arg->ctime = iattr->ia_ctime.tv_sec;
1512 arg->ctimensec = iattr->ia_ctime.tv_nsec;
1517 * Prevent concurrent writepages on inode
1519 * This is done by adding a negative bias to the inode write counter
1520 * and waiting for all pending writes to finish.
1522 void fuse_set_nowrite(struct inode *inode)
1524 struct fuse_inode *fi = get_fuse_inode(inode);
1526 BUG_ON(!inode_is_locked(inode));
1528 spin_lock(&fi->lock);
1529 BUG_ON(fi->writectr < 0);
1530 fi->writectr += FUSE_NOWRITE;
1531 spin_unlock(&fi->lock);
1532 wait_event(fi->page_waitq, fi->writectr == FUSE_NOWRITE);
1536 * Allow writepages on inode
1538 * Remove the bias from the writecounter and send any queued
1541 static void __fuse_release_nowrite(struct inode *inode)
1543 struct fuse_inode *fi = get_fuse_inode(inode);
1545 BUG_ON(fi->writectr != FUSE_NOWRITE);
1547 fuse_flush_writepages(inode);
1550 void fuse_release_nowrite(struct inode *inode)
1552 struct fuse_inode *fi = get_fuse_inode(inode);
1554 spin_lock(&fi->lock);
1555 __fuse_release_nowrite(inode);
1556 spin_unlock(&fi->lock);
1559 static void fuse_setattr_fill(struct fuse_conn *fc, struct fuse_args *args,
1560 struct inode *inode,
1561 struct fuse_setattr_in *inarg_p,
1562 struct fuse_attr_out *outarg_p)
1564 args->opcode = FUSE_SETATTR;
1565 args->nodeid = get_node_id(inode);
1566 args->in_numargs = 1;
1567 args->in_args[0].size = sizeof(*inarg_p);
1568 args->in_args[0].value = inarg_p;
1569 args->out_numargs = 1;
1570 args->out_args[0].size = sizeof(*outarg_p);
1571 args->out_args[0].value = outarg_p;
1575 * Flush inode->i_mtime to the server
1577 int fuse_flush_times(struct inode *inode, struct fuse_file *ff)
1579 struct fuse_mount *fm = get_fuse_mount(inode);
1581 struct fuse_setattr_in inarg;
1582 struct fuse_attr_out outarg;
1584 memset(&inarg, 0, sizeof(inarg));
1585 memset(&outarg, 0, sizeof(outarg));
1587 inarg.valid = FATTR_MTIME;
1588 inarg.mtime = inode->i_mtime.tv_sec;
1589 inarg.mtimensec = inode->i_mtime.tv_nsec;
1590 if (fm->fc->minor >= 23) {
1591 inarg.valid |= FATTR_CTIME;
1592 inarg.ctime = inode->i_ctime.tv_sec;
1593 inarg.ctimensec = inode->i_ctime.tv_nsec;
1596 inarg.valid |= FATTR_FH;
1599 fuse_setattr_fill(fm->fc, &args, inode, &inarg, &outarg);
1601 return fuse_simple_request(fm, &args);
1605 * Set attributes, and at the same time refresh them.
1607 * Truncation is slightly complicated, because the 'truncate' request
1608 * may fail, in which case we don't want to touch the mapping.
1609 * vmtruncate() doesn't allow for this case, so do the rlimit checking
1610 * and the actual truncation by hand.
1612 int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
1615 struct inode *inode = d_inode(dentry);
1616 struct fuse_mount *fm = get_fuse_mount(inode);
1617 struct fuse_conn *fc = fm->fc;
1618 struct fuse_inode *fi = get_fuse_inode(inode);
1620 struct fuse_setattr_in inarg;
1621 struct fuse_attr_out outarg;
1622 bool is_truncate = false;
1623 bool is_wb = fc->writeback_cache;
1626 bool trust_local_cmtime = is_wb && S_ISREG(inode->i_mode);
1627 bool fault_blocked = false;
1629 if (!fc->default_permissions)
1630 attr->ia_valid |= ATTR_FORCE;
1632 err = setattr_prepare(&init_user_ns, dentry, attr);
1636 if (attr->ia_valid & ATTR_SIZE) {
1637 if (WARN_ON(!S_ISREG(inode->i_mode)))
1642 if (FUSE_IS_DAX(inode) && is_truncate) {
1643 down_write(&fi->i_mmap_sem);
1644 fault_blocked = true;
1645 err = fuse_dax_break_layouts(inode, 0, 0);
1647 up_write(&fi->i_mmap_sem);
1652 if (attr->ia_valid & ATTR_OPEN) {
1653 /* This is coming from open(..., ... | O_TRUNC); */
1654 WARN_ON(!(attr->ia_valid & ATTR_SIZE));
1655 WARN_ON(attr->ia_size != 0);
1656 if (fc->atomic_o_trunc) {
1658 * No need to send request to userspace, since actual
1659 * truncation has already been done by OPEN. But still
1660 * need to truncate page cache.
1662 i_size_write(inode, 0);
1663 truncate_pagecache(inode, 0);
1669 /* Flush dirty data/metadata before non-truncate SETATTR */
1670 if (is_wb && S_ISREG(inode->i_mode) &&
1672 (ATTR_MODE | ATTR_UID | ATTR_GID | ATTR_MTIME_SET |
1674 err = write_inode_now(inode, true);
1678 fuse_set_nowrite(inode);
1679 fuse_release_nowrite(inode);
1683 fuse_set_nowrite(inode);
1684 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1685 if (trust_local_cmtime && attr->ia_size != inode->i_size)
1686 attr->ia_valid |= ATTR_MTIME | ATTR_CTIME;
1689 memset(&inarg, 0, sizeof(inarg));
1690 memset(&outarg, 0, sizeof(outarg));
1691 iattr_to_fattr(fc, attr, &inarg, trust_local_cmtime);
1693 struct fuse_file *ff = file->private_data;
1694 inarg.valid |= FATTR_FH;
1698 /* Kill suid/sgid for non-directory chown unconditionally */
1699 if (fc->handle_killpriv_v2 && !S_ISDIR(inode->i_mode) &&
1700 attr->ia_valid & (ATTR_UID | ATTR_GID))
1701 inarg.valid |= FATTR_KILL_SUIDGID;
1703 if (attr->ia_valid & ATTR_SIZE) {
1704 /* For mandatory locking in truncate */
1705 inarg.valid |= FATTR_LOCKOWNER;
1706 inarg.lock_owner = fuse_lock_owner_id(fc, current->files);
1708 /* Kill suid/sgid for truncate only if no CAP_FSETID */
1709 if (fc->handle_killpriv_v2 && !capable(CAP_FSETID))
1710 inarg.valid |= FATTR_KILL_SUIDGID;
1712 fuse_setattr_fill(fc, &args, inode, &inarg, &outarg);
1713 err = fuse_simple_request(fm, &args);
1716 fuse_invalidate_attr(inode);
1720 if (fuse_invalid_attr(&outarg.attr) ||
1721 inode_wrong_type(inode, outarg.attr.mode)) {
1722 fuse_make_bad(inode);
1727 spin_lock(&fi->lock);
1728 /* the kernel maintains i_mtime locally */
1729 if (trust_local_cmtime) {
1730 if (attr->ia_valid & ATTR_MTIME)
1731 inode->i_mtime = attr->ia_mtime;
1732 if (attr->ia_valid & ATTR_CTIME)
1733 inode->i_ctime = attr->ia_ctime;
1734 /* FIXME: clear I_DIRTY_SYNC? */
1737 fuse_change_attributes_common(inode, &outarg.attr,
1738 attr_timeout(&outarg));
1739 oldsize = inode->i_size;
1740 /* see the comment in fuse_change_attributes() */
1741 if (!is_wb || is_truncate || !S_ISREG(inode->i_mode))
1742 i_size_write(inode, outarg.attr.size);
1745 /* NOTE: this may release/reacquire fi->lock */
1746 __fuse_release_nowrite(inode);
1748 spin_unlock(&fi->lock);
1751 * Only call invalidate_inode_pages2() after removing
1752 * FUSE_NOWRITE, otherwise fuse_launder_page() would deadlock.
1754 if ((is_truncate || !is_wb) &&
1755 S_ISREG(inode->i_mode) && oldsize != outarg.attr.size) {
1756 truncate_pagecache(inode, outarg.attr.size);
1757 invalidate_inode_pages2(inode->i_mapping);
1760 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1763 up_write(&fi->i_mmap_sem);
1769 fuse_release_nowrite(inode);
1771 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
1774 up_write(&fi->i_mmap_sem);
1778 static int fuse_setattr(struct user_namespace *mnt_userns, struct dentry *entry,
1781 struct inode *inode = d_inode(entry);
1782 struct fuse_conn *fc = get_fuse_conn(inode);
1783 struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
1786 if (fuse_is_bad(inode))
1789 if (!fuse_allow_current_process(get_fuse_conn(inode)))
1792 if (attr->ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) {
1793 attr->ia_valid &= ~(ATTR_KILL_SUID | ATTR_KILL_SGID |
1797 * The only sane way to reliably kill suid/sgid is to do it in
1798 * the userspace filesystem
1800 * This should be done on write(), truncate() and chown().
1802 if (!fc->handle_killpriv && !fc->handle_killpriv_v2) {
1804 * ia_mode calculation may have used stale i_mode.
1805 * Refresh and recalculate.
1807 ret = fuse_do_getattr(inode, NULL, file);
1811 attr->ia_mode = inode->i_mode;
1812 if (inode->i_mode & S_ISUID) {
1813 attr->ia_valid |= ATTR_MODE;
1814 attr->ia_mode &= ~S_ISUID;
1816 if ((inode->i_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
1817 attr->ia_valid |= ATTR_MODE;
1818 attr->ia_mode &= ~S_ISGID;
1822 if (!attr->ia_valid)
1825 ret = fuse_do_setattr(entry, attr, file);
1828 * If filesystem supports acls it may have updated acl xattrs in
1829 * the filesystem, so forget cached acls for the inode.
1832 forget_all_cached_acls(inode);
1834 /* Directory mode changed, may need to revalidate access */
1835 if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
1836 fuse_invalidate_entry_cache(entry);
1841 static int fuse_getattr(struct user_namespace *mnt_userns,
1842 const struct path *path, struct kstat *stat,
1843 u32 request_mask, unsigned int flags)
1845 struct inode *inode = d_inode(path->dentry);
1846 struct fuse_conn *fc = get_fuse_conn(inode);
1848 if (fuse_is_bad(inode))
1851 if (!fuse_allow_current_process(fc)) {
1852 if (!request_mask) {
1854 * If user explicitly requested *nothing* then don't
1855 * error out, but return st_dev only.
1857 stat->result_mask = 0;
1858 stat->dev = inode->i_sb->s_dev;
1864 return fuse_update_get_attr(inode, NULL, stat, request_mask, flags);
1867 static const struct inode_operations fuse_dir_inode_operations = {
1868 .lookup = fuse_lookup,
1869 .mkdir = fuse_mkdir,
1870 .symlink = fuse_symlink,
1871 .unlink = fuse_unlink,
1872 .rmdir = fuse_rmdir,
1873 .rename = fuse_rename2,
1875 .setattr = fuse_setattr,
1876 .create = fuse_create,
1877 .atomic_open = fuse_atomic_open,
1878 .mknod = fuse_mknod,
1879 .permission = fuse_permission,
1880 .getattr = fuse_getattr,
1881 .listxattr = fuse_listxattr,
1882 .get_acl = fuse_get_acl,
1883 .set_acl = fuse_set_acl,
1884 .fileattr_get = fuse_fileattr_get,
1885 .fileattr_set = fuse_fileattr_set,
1888 static const struct file_operations fuse_dir_operations = {
1889 .llseek = generic_file_llseek,
1890 .read = generic_read_dir,
1891 .iterate_shared = fuse_readdir,
1892 .open = fuse_dir_open,
1893 .release = fuse_dir_release,
1894 .fsync = fuse_dir_fsync,
1895 .unlocked_ioctl = fuse_dir_ioctl,
1896 .compat_ioctl = fuse_dir_compat_ioctl,
1899 static const struct inode_operations fuse_common_inode_operations = {
1900 .setattr = fuse_setattr,
1901 .permission = fuse_permission,
1902 .getattr = fuse_getattr,
1903 .listxattr = fuse_listxattr,
1904 .get_acl = fuse_get_acl,
1905 .set_acl = fuse_set_acl,
1906 .fileattr_get = fuse_fileattr_get,
1907 .fileattr_set = fuse_fileattr_set,
1910 static const struct inode_operations fuse_symlink_inode_operations = {
1911 .setattr = fuse_setattr,
1912 .get_link = fuse_get_link,
1913 .getattr = fuse_getattr,
1914 .listxattr = fuse_listxattr,
1917 void fuse_init_common(struct inode *inode)
1919 inode->i_op = &fuse_common_inode_operations;
1922 void fuse_init_dir(struct inode *inode)
1924 struct fuse_inode *fi = get_fuse_inode(inode);
1926 inode->i_op = &fuse_dir_inode_operations;
1927 inode->i_fop = &fuse_dir_operations;
1929 spin_lock_init(&fi->rdc.lock);
1930 fi->rdc.cached = false;
1933 fi->rdc.version = 0;
1936 static int fuse_symlink_readpage(struct file *null, struct page *page)
1938 int err = fuse_readlink_page(page->mapping->host, page);
1941 SetPageUptodate(page);
1948 static const struct address_space_operations fuse_symlink_aops = {
1949 .readpage = fuse_symlink_readpage,
1952 void fuse_init_symlink(struct inode *inode)
1954 inode->i_op = &fuse_symlink_inode_operations;
1955 inode->i_data.a_ops = &fuse_symlink_aops;
1956 inode_nohighmem(inode);