2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/slab.h>
13 #include <linux/file.h>
14 #include <linux/seq_file.h>
15 #include <linux/init.h>
16 #include <linux/module.h>
17 #include <linux/moduleparam.h>
18 #include <linux/fs_context.h>
19 #include <linux/fs_parser.h>
20 #include <linux/statfs.h>
21 #include <linux/random.h>
22 #include <linux/sched.h>
23 #include <linux/exportfs.h>
24 #include <linux/posix_acl.h>
25 #include <linux/pid_namespace.h>
26 #include <uapi/linux/magic.h>
28 MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>");
29 MODULE_DESCRIPTION("Filesystem in Userspace");
30 MODULE_LICENSE("GPL");
32 static struct kmem_cache *fuse_inode_cachep;
33 struct list_head fuse_conn_list;
34 DEFINE_MUTEX(fuse_mutex);
36 static int set_global_limit(const char *val, const struct kernel_param *kp);
38 unsigned max_user_bgreq;
39 module_param_call(max_user_bgreq, set_global_limit, param_get_uint,
40 &max_user_bgreq, 0644);
41 __MODULE_PARM_TYPE(max_user_bgreq, "uint");
42 MODULE_PARM_DESC(max_user_bgreq,
43 "Global limit for the maximum number of backgrounded requests an "
44 "unprivileged user can set");
46 unsigned max_user_congthresh;
47 module_param_call(max_user_congthresh, set_global_limit, param_get_uint,
48 &max_user_congthresh, 0644);
49 __MODULE_PARM_TYPE(max_user_congthresh, "uint");
50 MODULE_PARM_DESC(max_user_congthresh,
51 "Global limit for the maximum congestion threshold an "
52 "unprivileged user can set");
54 #define FUSE_DEFAULT_BLKSIZE 512
56 /** Maximum number of outstanding background requests */
57 #define FUSE_DEFAULT_MAX_BACKGROUND 12
59 /** Congestion starts at 75% of maximum */
60 #define FUSE_DEFAULT_CONGESTION_THRESHOLD (FUSE_DEFAULT_MAX_BACKGROUND * 3 / 4)
63 static struct file_system_type fuseblk_fs_type;
66 struct fuse_forget_link *fuse_alloc_forget(void)
68 return kzalloc(sizeof(struct fuse_forget_link), GFP_KERNEL_ACCOUNT);
71 static struct fuse_submount_lookup *fuse_alloc_submount_lookup(void)
73 struct fuse_submount_lookup *sl;
75 sl = kzalloc(sizeof(struct fuse_submount_lookup), GFP_KERNEL_ACCOUNT);
78 sl->forget = fuse_alloc_forget();
89 static struct inode *fuse_alloc_inode(struct super_block *sb)
91 struct fuse_inode *fi;
93 fi = alloc_inode_sb(sb, fuse_inode_cachep, GFP_KERNEL);
101 fi->attr_version = 0;
104 fi->submount_lookup = NULL;
105 mutex_init(&fi->mutex);
106 spin_lock_init(&fi->lock);
107 fi->forget = fuse_alloc_forget();
111 if (IS_ENABLED(CONFIG_FUSE_DAX) && !fuse_dax_inode_alloc(sb, fi))
112 goto out_free_forget;
119 kmem_cache_free(fuse_inode_cachep, fi);
123 static void fuse_free_inode(struct inode *inode)
125 struct fuse_inode *fi = get_fuse_inode(inode);
127 mutex_destroy(&fi->mutex);
129 #ifdef CONFIG_FUSE_DAX
132 kmem_cache_free(fuse_inode_cachep, fi);
135 static void fuse_cleanup_submount_lookup(struct fuse_conn *fc,
136 struct fuse_submount_lookup *sl)
138 if (!refcount_dec_and_test(&sl->count))
141 fuse_queue_forget(fc, sl->forget, sl->nodeid, 1);
146 static void fuse_evict_inode(struct inode *inode)
148 struct fuse_inode *fi = get_fuse_inode(inode);
150 /* Will write inode on close/munmap and in all other dirtiers */
151 WARN_ON(inode->i_state & I_DIRTY_INODE);
153 truncate_inode_pages_final(&inode->i_data);
155 if (inode->i_sb->s_flags & SB_ACTIVE) {
156 struct fuse_conn *fc = get_fuse_conn(inode);
158 if (FUSE_IS_DAX(inode))
159 fuse_dax_inode_cleanup(inode);
161 fuse_queue_forget(fc, fi->forget, fi->nodeid,
166 if (fi->submount_lookup) {
167 fuse_cleanup_submount_lookup(fc, fi->submount_lookup);
168 fi->submount_lookup = NULL;
171 if (S_ISREG(inode->i_mode) && !fuse_is_bad(inode)) {
172 WARN_ON(!list_empty(&fi->write_files));
173 WARN_ON(!list_empty(&fi->queued_writes));
177 static int fuse_reconfigure(struct fs_context *fsc)
179 struct super_block *sb = fsc->root->d_sb;
182 if (fsc->sb_flags & SB_MANDLOCK)
189 * ino_t is 32-bits on 32-bit arch. We have to squash the 64-bit value down
190 * so that it will fit.
192 static ino_t fuse_squash_ino(u64 ino64)
194 ino_t ino = (ino_t) ino64;
195 if (sizeof(ino_t) < sizeof(u64))
196 ino ^= ino64 >> (sizeof(u64) - sizeof(ino_t)) * 8;
200 void fuse_change_attributes_common(struct inode *inode, struct fuse_attr *attr,
201 u64 attr_valid, u32 cache_mask)
203 struct fuse_conn *fc = get_fuse_conn(inode);
204 struct fuse_inode *fi = get_fuse_inode(inode);
206 lockdep_assert_held(&fi->lock);
208 fi->attr_version = atomic64_inc_return(&fc->attr_version);
209 fi->i_time = attr_valid;
210 WRITE_ONCE(fi->inval_mask, 0);
212 inode->i_ino = fuse_squash_ino(attr->ino);
213 inode->i_mode = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
214 set_nlink(inode, attr->nlink);
215 inode->i_uid = make_kuid(fc->user_ns, attr->uid);
216 inode->i_gid = make_kgid(fc->user_ns, attr->gid);
217 inode->i_blocks = attr->blocks;
220 attr->atimensec = min_t(u32, attr->atimensec, NSEC_PER_SEC - 1);
221 attr->mtimensec = min_t(u32, attr->mtimensec, NSEC_PER_SEC - 1);
222 attr->ctimensec = min_t(u32, attr->ctimensec, NSEC_PER_SEC - 1);
224 inode->i_atime.tv_sec = attr->atime;
225 inode->i_atime.tv_nsec = attr->atimensec;
226 /* mtime from server may be stale due to local buffered write */
227 if (!(cache_mask & STATX_MTIME)) {
228 inode->i_mtime.tv_sec = attr->mtime;
229 inode->i_mtime.tv_nsec = attr->mtimensec;
231 if (!(cache_mask & STATX_CTIME)) {
232 inode->i_ctime.tv_sec = attr->ctime;
233 inode->i_ctime.tv_nsec = attr->ctimensec;
236 if (attr->blksize != 0)
237 inode->i_blkbits = ilog2(attr->blksize);
239 inode->i_blkbits = inode->i_sb->s_blocksize_bits;
242 * Don't set the sticky bit in i_mode, unless we want the VFS
243 * to check permissions. This prevents failures due to the
244 * check in may_delete().
246 fi->orig_i_mode = inode->i_mode;
247 if (!fc->default_permissions)
248 inode->i_mode &= ~S_ISVTX;
250 fi->orig_ino = attr->ino;
253 * We are refreshing inode data and it is possible that another
254 * client set suid/sgid or security.capability xattr. So clear
255 * S_NOSEC. Ideally, we could have cleared it only if suid/sgid
256 * was set or if security.capability xattr was set. But we don't
257 * know if security.capability has been set or not. So clear it
258 * anyway. Its less efficient but should be safe.
260 inode->i_flags &= ~S_NOSEC;
263 u32 fuse_get_cache_mask(struct inode *inode)
265 struct fuse_conn *fc = get_fuse_conn(inode);
267 if (!fc->writeback_cache || !S_ISREG(inode->i_mode))
270 return STATX_MTIME | STATX_CTIME | STATX_SIZE;
273 void fuse_change_attributes(struct inode *inode, struct fuse_attr *attr,
274 u64 attr_valid, u64 attr_version)
276 struct fuse_conn *fc = get_fuse_conn(inode);
277 struct fuse_inode *fi = get_fuse_inode(inode);
280 struct timespec64 old_mtime;
282 spin_lock(&fi->lock);
284 * In case of writeback_cache enabled, writes update mtime, ctime and
285 * may update i_size. In these cases trust the cached value in the
288 cache_mask = fuse_get_cache_mask(inode);
289 if (cache_mask & STATX_SIZE)
290 attr->size = i_size_read(inode);
292 if (cache_mask & STATX_MTIME) {
293 attr->mtime = inode->i_mtime.tv_sec;
294 attr->mtimensec = inode->i_mtime.tv_nsec;
296 if (cache_mask & STATX_CTIME) {
297 attr->ctime = inode->i_ctime.tv_sec;
298 attr->ctimensec = inode->i_ctime.tv_nsec;
301 if ((attr_version != 0 && fi->attr_version > attr_version) ||
302 test_bit(FUSE_I_SIZE_UNSTABLE, &fi->state)) {
303 spin_unlock(&fi->lock);
307 old_mtime = inode->i_mtime;
308 fuse_change_attributes_common(inode, attr, attr_valid, cache_mask);
310 oldsize = inode->i_size;
312 * In case of writeback_cache enabled, the cached writes beyond EOF
313 * extend local i_size without keeping userspace server in sync. So,
314 * attr->size coming from server can be stale. We cannot trust it.
316 if (!(cache_mask & STATX_SIZE))
317 i_size_write(inode, attr->size);
318 spin_unlock(&fi->lock);
320 if (!cache_mask && S_ISREG(inode->i_mode)) {
323 if (oldsize != attr->size) {
324 truncate_pagecache(inode, attr->size);
325 if (!fc->explicit_inval_data)
327 } else if (fc->auto_inval_data) {
328 struct timespec64 new_mtime = {
329 .tv_sec = attr->mtime,
330 .tv_nsec = attr->mtimensec,
334 * Auto inval mode also checks and invalidates if mtime
337 if (!timespec64_equal(&old_mtime, &new_mtime))
342 invalidate_inode_pages2(inode->i_mapping);
345 if (IS_ENABLED(CONFIG_FUSE_DAX))
346 fuse_dax_dontcache(inode, attr->flags);
349 static void fuse_init_submount_lookup(struct fuse_submount_lookup *sl,
353 refcount_set(&sl->count, 1);
356 static void fuse_init_inode(struct inode *inode, struct fuse_attr *attr)
358 inode->i_mode = attr->mode & S_IFMT;
359 inode->i_size = attr->size;
360 inode->i_mtime.tv_sec = attr->mtime;
361 inode->i_mtime.tv_nsec = attr->mtimensec;
362 inode->i_ctime.tv_sec = attr->ctime;
363 inode->i_ctime.tv_nsec = attr->ctimensec;
364 if (S_ISREG(inode->i_mode)) {
365 fuse_init_common(inode);
366 fuse_init_file_inode(inode, attr->flags);
367 } else if (S_ISDIR(inode->i_mode))
368 fuse_init_dir(inode);
369 else if (S_ISLNK(inode->i_mode))
370 fuse_init_symlink(inode);
371 else if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode) ||
372 S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) {
373 fuse_init_common(inode);
374 init_special_inode(inode, inode->i_mode,
375 new_decode_dev(attr->rdev));
380 static int fuse_inode_eq(struct inode *inode, void *_nodeidp)
382 u64 nodeid = *(u64 *) _nodeidp;
383 if (get_node_id(inode) == nodeid)
389 static int fuse_inode_set(struct inode *inode, void *_nodeidp)
391 u64 nodeid = *(u64 *) _nodeidp;
392 get_fuse_inode(inode)->nodeid = nodeid;
396 struct inode *fuse_iget(struct super_block *sb, u64 nodeid,
397 int generation, struct fuse_attr *attr,
398 u64 attr_valid, u64 attr_version)
401 struct fuse_inode *fi;
402 struct fuse_conn *fc = get_fuse_conn_super(sb);
405 * Auto mount points get their node id from the submount root, which is
406 * not a unique identifier within this filesystem.
408 * To avoid conflicts, do not place submount points into the inode hash
411 if (fc->auto_submounts && (attr->flags & FUSE_ATTR_SUBMOUNT) &&
412 S_ISDIR(attr->mode)) {
413 struct fuse_inode *fi;
415 inode = new_inode(sb);
419 fuse_init_inode(inode, attr);
420 fi = get_fuse_inode(inode);
422 fi->submount_lookup = fuse_alloc_submount_lookup();
423 if (!fi->submount_lookup) {
427 /* Sets nlookup = 1 on fi->submount_lookup->nlookup */
428 fuse_init_submount_lookup(fi->submount_lookup, nodeid);
429 inode->i_flags |= S_AUTOMOUNT;
434 inode = iget5_locked(sb, nodeid, fuse_inode_eq, fuse_inode_set, &nodeid);
438 if ((inode->i_state & I_NEW)) {
439 inode->i_flags |= S_NOATIME;
440 if (!fc->writeback_cache || !S_ISREG(attr->mode))
441 inode->i_flags |= S_NOCMTIME;
442 inode->i_generation = generation;
443 fuse_init_inode(inode, attr);
444 unlock_new_inode(inode);
445 } else if (fuse_stale_inode(inode, generation, attr)) {
446 /* nodeid was reused, any I/O on the old inode should fail */
447 fuse_make_bad(inode);
448 if (inode != d_inode(sb->s_root)) {
449 remove_inode_hash(inode);
454 fi = get_fuse_inode(inode);
455 spin_lock(&fi->lock);
457 spin_unlock(&fi->lock);
459 fuse_change_attributes(inode, attr, attr_valid, attr_version);
464 struct inode *fuse_ilookup(struct fuse_conn *fc, u64 nodeid,
465 struct fuse_mount **fm)
467 struct fuse_mount *fm_iter;
470 WARN_ON(!rwsem_is_locked(&fc->killsb));
471 list_for_each_entry(fm_iter, &fc->mounts, fc_entry) {
475 inode = ilookup5(fm_iter->sb, nodeid, fuse_inode_eq, &nodeid);
486 int fuse_reverse_inval_inode(struct fuse_conn *fc, u64 nodeid,
487 loff_t offset, loff_t len)
489 struct fuse_inode *fi;
494 inode = fuse_ilookup(fc, nodeid, NULL);
498 fi = get_fuse_inode(inode);
499 spin_lock(&fi->lock);
500 fi->attr_version = atomic64_inc_return(&fc->attr_version);
501 spin_unlock(&fi->lock);
503 fuse_invalidate_attr(inode);
504 forget_all_cached_acls(inode);
506 pg_start = offset >> PAGE_SHIFT;
510 pg_end = (offset + len - 1) >> PAGE_SHIFT;
511 invalidate_inode_pages2_range(inode->i_mapping,
518 bool fuse_lock_inode(struct inode *inode)
522 if (!get_fuse_conn(inode)->parallel_dirops) {
523 mutex_lock(&get_fuse_inode(inode)->mutex);
530 void fuse_unlock_inode(struct inode *inode, bool locked)
533 mutex_unlock(&get_fuse_inode(inode)->mutex);
536 static void fuse_umount_begin(struct super_block *sb)
538 struct fuse_conn *fc = get_fuse_conn_super(sb);
540 if (fc->no_force_umount)
545 // Only retire block-device-based superblocks.
546 if (sb->s_bdev != NULL)
550 static void fuse_send_destroy(struct fuse_mount *fm)
552 if (fm->fc->conn_init) {
555 args.opcode = FUSE_DESTROY;
558 fuse_simple_request(fm, &args);
562 static void convert_fuse_statfs(struct kstatfs *stbuf, struct fuse_kstatfs *attr)
564 stbuf->f_type = FUSE_SUPER_MAGIC;
565 stbuf->f_bsize = attr->bsize;
566 stbuf->f_frsize = attr->frsize;
567 stbuf->f_blocks = attr->blocks;
568 stbuf->f_bfree = attr->bfree;
569 stbuf->f_bavail = attr->bavail;
570 stbuf->f_files = attr->files;
571 stbuf->f_ffree = attr->ffree;
572 stbuf->f_namelen = attr->namelen;
573 /* fsid is left zero */
576 static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf)
578 struct super_block *sb = dentry->d_sb;
579 struct fuse_mount *fm = get_fuse_mount_super(sb);
581 struct fuse_statfs_out outarg;
584 if (!fuse_allow_current_process(fm->fc)) {
585 buf->f_type = FUSE_SUPER_MAGIC;
589 memset(&outarg, 0, sizeof(outarg));
591 args.opcode = FUSE_STATFS;
592 args.nodeid = get_node_id(d_inode(dentry));
593 args.out_numargs = 1;
594 args.out_args[0].size = sizeof(outarg);
595 args.out_args[0].value = &outarg;
596 err = fuse_simple_request(fm, &args);
598 convert_fuse_statfs(buf, &outarg.st);
602 static struct fuse_sync_bucket *fuse_sync_bucket_alloc(void)
604 struct fuse_sync_bucket *bucket;
606 bucket = kzalloc(sizeof(*bucket), GFP_KERNEL | __GFP_NOFAIL);
608 init_waitqueue_head(&bucket->waitq);
609 /* Initial active count */
610 atomic_set(&bucket->count, 1);
615 static void fuse_sync_fs_writes(struct fuse_conn *fc)
617 struct fuse_sync_bucket *bucket, *new_bucket;
620 new_bucket = fuse_sync_bucket_alloc();
621 spin_lock(&fc->lock);
622 bucket = rcu_dereference_protected(fc->curr_bucket, 1);
623 count = atomic_read(&bucket->count);
625 /* No outstanding writes? */
627 spin_unlock(&fc->lock);
633 * Completion of new bucket depends on completion of this bucket, so add
636 atomic_inc(&new_bucket->count);
637 rcu_assign_pointer(fc->curr_bucket, new_bucket);
638 spin_unlock(&fc->lock);
640 * Drop initial active count. At this point if all writes in this and
641 * ancestor buckets complete, the count will go to zero and this task
644 atomic_dec(&bucket->count);
646 wait_event(bucket->waitq, atomic_read(&bucket->count) == 0);
648 /* Drop temp count on descendant bucket */
649 fuse_sync_bucket_dec(new_bucket);
650 kfree_rcu(bucket, rcu);
653 static int fuse_sync_fs(struct super_block *sb, int wait)
655 struct fuse_mount *fm = get_fuse_mount_super(sb);
656 struct fuse_conn *fc = fm->fc;
657 struct fuse_syncfs_in inarg;
662 * Userspace cannot handle the wait == 0 case. Avoid a
663 * gratuitous roundtrip.
668 /* The filesystem is being unmounted. Nothing to do. */
675 fuse_sync_fs_writes(fc);
677 memset(&inarg, 0, sizeof(inarg));
679 args.in_args[0].size = sizeof(inarg);
680 args.in_args[0].value = &inarg;
681 args.opcode = FUSE_SYNCFS;
682 args.nodeid = get_node_id(sb->s_root->d_inode);
683 args.out_numargs = 0;
685 err = fuse_simple_request(fm, &args);
686 if (err == -ENOSYS) {
701 OPT_DEFAULT_PERMISSIONS,
708 static const struct fs_parameter_spec fuse_fs_parameters[] = {
709 fsparam_string ("source", OPT_SOURCE),
710 fsparam_u32 ("fd", OPT_FD),
711 fsparam_u32oct ("rootmode", OPT_ROOTMODE),
712 fsparam_u32 ("user_id", OPT_USER_ID),
713 fsparam_u32 ("group_id", OPT_GROUP_ID),
714 fsparam_flag ("default_permissions", OPT_DEFAULT_PERMISSIONS),
715 fsparam_flag ("allow_other", OPT_ALLOW_OTHER),
716 fsparam_u32 ("max_read", OPT_MAX_READ),
717 fsparam_u32 ("blksize", OPT_BLKSIZE),
718 fsparam_string ("subtype", OPT_SUBTYPE),
722 static int fuse_parse_param(struct fs_context *fsc, struct fs_parameter *param)
724 struct fs_parse_result result;
725 struct fuse_fs_context *ctx = fsc->fs_private;
728 if (fsc->purpose == FS_CONTEXT_FOR_RECONFIGURE) {
730 * Ignore options coming from mount(MS_REMOUNT) for backward
736 return invalfc(fsc, "No changes allowed in reconfigure");
739 opt = fs_parse(fsc, fuse_fs_parameters, param, &result);
746 return invalfc(fsc, "Multiple sources specified");
747 fsc->source = param->string;
748 param->string = NULL;
753 return invalfc(fsc, "Multiple subtypes specified");
754 ctx->subtype = param->string;
755 param->string = NULL;
759 ctx->fd = result.uint_32;
760 ctx->fd_present = true;
764 if (!fuse_valid_type(result.uint_32))
765 return invalfc(fsc, "Invalid rootmode");
766 ctx->rootmode = result.uint_32;
767 ctx->rootmode_present = true;
771 ctx->user_id = make_kuid(fsc->user_ns, result.uint_32);
772 if (!uid_valid(ctx->user_id))
773 return invalfc(fsc, "Invalid user_id");
774 ctx->user_id_present = true;
778 ctx->group_id = make_kgid(fsc->user_ns, result.uint_32);
779 if (!gid_valid(ctx->group_id))
780 return invalfc(fsc, "Invalid group_id");
781 ctx->group_id_present = true;
784 case OPT_DEFAULT_PERMISSIONS:
785 ctx->default_permissions = true;
788 case OPT_ALLOW_OTHER:
789 ctx->allow_other = true;
793 ctx->max_read = result.uint_32;
798 return invalfc(fsc, "blksize only supported for fuseblk");
799 ctx->blksize = result.uint_32;
809 static void fuse_free_fsc(struct fs_context *fsc)
811 struct fuse_fs_context *ctx = fsc->fs_private;
819 static int fuse_show_options(struct seq_file *m, struct dentry *root)
821 struct super_block *sb = root->d_sb;
822 struct fuse_conn *fc = get_fuse_conn_super(sb);
824 if (fc->legacy_opts_show) {
825 seq_printf(m, ",user_id=%u",
826 from_kuid_munged(fc->user_ns, fc->user_id));
827 seq_printf(m, ",group_id=%u",
828 from_kgid_munged(fc->user_ns, fc->group_id));
829 if (fc->default_permissions)
830 seq_puts(m, ",default_permissions");
832 seq_puts(m, ",allow_other");
833 if (fc->max_read != ~0)
834 seq_printf(m, ",max_read=%u", fc->max_read);
835 if (sb->s_bdev && sb->s_blocksize != FUSE_DEFAULT_BLKSIZE)
836 seq_printf(m, ",blksize=%lu", sb->s_blocksize);
838 #ifdef CONFIG_FUSE_DAX
839 if (fc->dax_mode == FUSE_DAX_ALWAYS)
840 seq_puts(m, ",dax=always");
841 else if (fc->dax_mode == FUSE_DAX_NEVER)
842 seq_puts(m, ",dax=never");
843 else if (fc->dax_mode == FUSE_DAX_INODE_USER)
844 seq_puts(m, ",dax=inode");
850 static void fuse_iqueue_init(struct fuse_iqueue *fiq,
851 const struct fuse_iqueue_ops *ops,
854 memset(fiq, 0, sizeof(struct fuse_iqueue));
855 spin_lock_init(&fiq->lock);
856 init_waitqueue_head(&fiq->waitq);
857 INIT_LIST_HEAD(&fiq->pending);
858 INIT_LIST_HEAD(&fiq->interrupts);
859 fiq->forget_list_tail = &fiq->forget_list_head;
865 static void fuse_pqueue_init(struct fuse_pqueue *fpq)
869 spin_lock_init(&fpq->lock);
870 for (i = 0; i < FUSE_PQ_HASH_SIZE; i++)
871 INIT_LIST_HEAD(&fpq->processing[i]);
872 INIT_LIST_HEAD(&fpq->io);
876 void fuse_conn_init(struct fuse_conn *fc, struct fuse_mount *fm,
877 struct user_namespace *user_ns,
878 const struct fuse_iqueue_ops *fiq_ops, void *fiq_priv)
880 memset(fc, 0, sizeof(*fc));
881 spin_lock_init(&fc->lock);
882 spin_lock_init(&fc->bg_lock);
883 init_rwsem(&fc->killsb);
884 refcount_set(&fc->count, 1);
885 atomic_set(&fc->dev_count, 1);
886 init_waitqueue_head(&fc->blocked_waitq);
887 fuse_iqueue_init(&fc->iq, fiq_ops, fiq_priv);
888 INIT_LIST_HEAD(&fc->bg_queue);
889 INIT_LIST_HEAD(&fc->entry);
890 INIT_LIST_HEAD(&fc->devices);
891 atomic_set(&fc->num_waiting, 0);
892 fc->max_background = FUSE_DEFAULT_MAX_BACKGROUND;
893 fc->congestion_threshold = FUSE_DEFAULT_CONGESTION_THRESHOLD;
894 atomic64_set(&fc->khctr, 0);
895 fc->polled_files = RB_ROOT;
899 atomic64_set(&fc->attr_version, 1);
900 get_random_bytes(&fc->scramble_key, sizeof(fc->scramble_key));
901 fc->pid_ns = get_pid_ns(task_active_pid_ns(current));
902 fc->user_ns = get_user_ns(user_ns);
903 fc->max_pages = FUSE_DEFAULT_MAX_PAGES_PER_REQ;
904 fc->max_pages_limit = FUSE_MAX_MAX_PAGES;
906 INIT_LIST_HEAD(&fc->mounts);
907 list_add(&fm->fc_entry, &fc->mounts);
910 EXPORT_SYMBOL_GPL(fuse_conn_init);
912 void fuse_conn_put(struct fuse_conn *fc)
914 if (refcount_dec_and_test(&fc->count)) {
915 struct fuse_iqueue *fiq = &fc->iq;
916 struct fuse_sync_bucket *bucket;
918 if (IS_ENABLED(CONFIG_FUSE_DAX))
919 fuse_dax_conn_free(fc);
920 if (fiq->ops->release)
921 fiq->ops->release(fiq);
922 put_pid_ns(fc->pid_ns);
923 put_user_ns(fc->user_ns);
924 bucket = rcu_dereference_protected(fc->curr_bucket, 1);
926 WARN_ON(atomic_read(&bucket->count) != 1);
932 EXPORT_SYMBOL_GPL(fuse_conn_put);
934 struct fuse_conn *fuse_conn_get(struct fuse_conn *fc)
936 refcount_inc(&fc->count);
939 EXPORT_SYMBOL_GPL(fuse_conn_get);
941 static struct inode *fuse_get_root_inode(struct super_block *sb, unsigned mode)
943 struct fuse_attr attr;
944 memset(&attr, 0, sizeof(attr));
947 attr.ino = FUSE_ROOT_ID;
949 return fuse_iget(sb, 1, 0, &attr, 0, 0);
952 struct fuse_inode_handle {
957 static struct dentry *fuse_get_dentry(struct super_block *sb,
958 struct fuse_inode_handle *handle)
960 struct fuse_conn *fc = get_fuse_conn_super(sb);
962 struct dentry *entry;
965 if (handle->nodeid == 0)
968 inode = ilookup5(sb, handle->nodeid, fuse_inode_eq, &handle->nodeid);
970 struct fuse_entry_out outarg;
971 const struct qstr name = QSTR_INIT(".", 1);
973 if (!fc->export_support)
976 err = fuse_lookup_name(sb, handle->nodeid, &name, &outarg,
978 if (err && err != -ENOENT)
985 if (get_node_id(inode) != handle->nodeid)
989 if (inode->i_generation != handle->generation)
992 entry = d_obtain_alias(inode);
993 if (!IS_ERR(entry) && get_node_id(inode) != FUSE_ROOT_ID)
994 fuse_invalidate_entry_cache(entry);
1001 return ERR_PTR(err);
1004 static int fuse_encode_fh(struct inode *inode, u32 *fh, int *max_len,
1005 struct inode *parent)
1007 int len = parent ? 6 : 3;
1011 if (*max_len < len) {
1013 return FILEID_INVALID;
1016 nodeid = get_fuse_inode(inode)->nodeid;
1017 generation = inode->i_generation;
1019 fh[0] = (u32)(nodeid >> 32);
1020 fh[1] = (u32)(nodeid & 0xffffffff);
1024 nodeid = get_fuse_inode(parent)->nodeid;
1025 generation = parent->i_generation;
1027 fh[3] = (u32)(nodeid >> 32);
1028 fh[4] = (u32)(nodeid & 0xffffffff);
1033 return parent ? 0x82 : 0x81;
1036 static struct dentry *fuse_fh_to_dentry(struct super_block *sb,
1037 struct fid *fid, int fh_len, int fh_type)
1039 struct fuse_inode_handle handle;
1041 if ((fh_type != 0x81 && fh_type != 0x82) || fh_len < 3)
1044 handle.nodeid = (u64) fid->raw[0] << 32;
1045 handle.nodeid |= (u64) fid->raw[1];
1046 handle.generation = fid->raw[2];
1047 return fuse_get_dentry(sb, &handle);
1050 static struct dentry *fuse_fh_to_parent(struct super_block *sb,
1051 struct fid *fid, int fh_len, int fh_type)
1053 struct fuse_inode_handle parent;
1055 if (fh_type != 0x82 || fh_len < 6)
1058 parent.nodeid = (u64) fid->raw[3] << 32;
1059 parent.nodeid |= (u64) fid->raw[4];
1060 parent.generation = fid->raw[5];
1061 return fuse_get_dentry(sb, &parent);
1064 static struct dentry *fuse_get_parent(struct dentry *child)
1066 struct inode *child_inode = d_inode(child);
1067 struct fuse_conn *fc = get_fuse_conn(child_inode);
1068 struct inode *inode;
1069 struct dentry *parent;
1070 struct fuse_entry_out outarg;
1073 if (!fc->export_support)
1074 return ERR_PTR(-ESTALE);
1076 err = fuse_lookup_name(child_inode->i_sb, get_node_id(child_inode),
1077 &dotdot_name, &outarg, &inode);
1080 return ERR_PTR(-ESTALE);
1081 return ERR_PTR(err);
1084 parent = d_obtain_alias(inode);
1085 if (!IS_ERR(parent) && get_node_id(inode) != FUSE_ROOT_ID)
1086 fuse_invalidate_entry_cache(parent);
1091 static const struct export_operations fuse_export_operations = {
1092 .fh_to_dentry = fuse_fh_to_dentry,
1093 .fh_to_parent = fuse_fh_to_parent,
1094 .encode_fh = fuse_encode_fh,
1095 .get_parent = fuse_get_parent,
1098 static const struct super_operations fuse_super_operations = {
1099 .alloc_inode = fuse_alloc_inode,
1100 .free_inode = fuse_free_inode,
1101 .evict_inode = fuse_evict_inode,
1102 .write_inode = fuse_write_inode,
1103 .drop_inode = generic_delete_inode,
1104 .umount_begin = fuse_umount_begin,
1105 .statfs = fuse_statfs,
1106 .sync_fs = fuse_sync_fs,
1107 .show_options = fuse_show_options,
1110 static void sanitize_global_limit(unsigned *limit)
1113 * The default maximum number of async requests is calculated to consume
1114 * 1/2^13 of the total memory, assuming 392 bytes per request.
1117 *limit = ((totalram_pages() << PAGE_SHIFT) >> 13) / 392;
1119 if (*limit >= 1 << 16)
1120 *limit = (1 << 16) - 1;
1123 static int set_global_limit(const char *val, const struct kernel_param *kp)
1127 rv = param_set_uint(val, kp);
1131 sanitize_global_limit((unsigned *)kp->arg);
1136 static void process_init_limits(struct fuse_conn *fc, struct fuse_init_out *arg)
1138 int cap_sys_admin = capable(CAP_SYS_ADMIN);
1140 if (arg->minor < 13)
1143 sanitize_global_limit(&max_user_bgreq);
1144 sanitize_global_limit(&max_user_congthresh);
1146 spin_lock(&fc->bg_lock);
1147 if (arg->max_background) {
1148 fc->max_background = arg->max_background;
1150 if (!cap_sys_admin && fc->max_background > max_user_bgreq)
1151 fc->max_background = max_user_bgreq;
1153 if (arg->congestion_threshold) {
1154 fc->congestion_threshold = arg->congestion_threshold;
1156 if (!cap_sys_admin &&
1157 fc->congestion_threshold > max_user_congthresh)
1158 fc->congestion_threshold = max_user_congthresh;
1160 spin_unlock(&fc->bg_lock);
1163 struct fuse_init_args {
1164 struct fuse_args args;
1165 struct fuse_init_in in;
1166 struct fuse_init_out out;
1169 static void process_init_reply(struct fuse_mount *fm, struct fuse_args *args,
1172 struct fuse_conn *fc = fm->fc;
1173 struct fuse_init_args *ia = container_of(args, typeof(*ia), args);
1174 struct fuse_init_out *arg = &ia->out;
1177 if (error || arg->major != FUSE_KERNEL_VERSION)
1180 unsigned long ra_pages;
1182 process_init_limits(fc, arg);
1184 if (arg->minor >= 6) {
1185 u64 flags = arg->flags;
1187 if (flags & FUSE_INIT_EXT)
1188 flags |= (u64) arg->flags2 << 32;
1190 ra_pages = arg->max_readahead / PAGE_SIZE;
1191 if (flags & FUSE_ASYNC_READ)
1193 if (!(flags & FUSE_POSIX_LOCKS))
1195 if (arg->minor >= 17) {
1196 if (!(flags & FUSE_FLOCK_LOCKS))
1199 if (!(flags & FUSE_POSIX_LOCKS))
1202 if (flags & FUSE_ATOMIC_O_TRUNC)
1203 fc->atomic_o_trunc = 1;
1204 if (arg->minor >= 9) {
1205 /* LOOKUP has dependency on proto version */
1206 if (flags & FUSE_EXPORT_SUPPORT)
1207 fc->export_support = 1;
1209 if (flags & FUSE_BIG_WRITES)
1211 if (flags & FUSE_DONT_MASK)
1213 if (flags & FUSE_AUTO_INVAL_DATA)
1214 fc->auto_inval_data = 1;
1215 else if (flags & FUSE_EXPLICIT_INVAL_DATA)
1216 fc->explicit_inval_data = 1;
1217 if (flags & FUSE_DO_READDIRPLUS) {
1218 fc->do_readdirplus = 1;
1219 if (flags & FUSE_READDIRPLUS_AUTO)
1220 fc->readdirplus_auto = 1;
1222 if (flags & FUSE_ASYNC_DIO)
1224 if (flags & FUSE_WRITEBACK_CACHE)
1225 fc->writeback_cache = 1;
1226 if (flags & FUSE_PARALLEL_DIROPS)
1227 fc->parallel_dirops = 1;
1228 if (flags & FUSE_HANDLE_KILLPRIV)
1229 fc->handle_killpriv = 1;
1230 if (arg->time_gran && arg->time_gran <= 1000000000)
1231 fm->sb->s_time_gran = arg->time_gran;
1232 if ((flags & FUSE_POSIX_ACL)) {
1233 fc->default_permissions = 1;
1235 fm->sb->s_xattr = fuse_acl_xattr_handlers;
1237 if (flags & FUSE_CACHE_SYMLINKS)
1238 fc->cache_symlinks = 1;
1239 if (flags & FUSE_ABORT_ERROR)
1241 if (flags & FUSE_MAX_PAGES) {
1243 min_t(unsigned int, fc->max_pages_limit,
1244 max_t(unsigned int, arg->max_pages, 1));
1246 if (IS_ENABLED(CONFIG_FUSE_DAX)) {
1247 if (flags & FUSE_MAP_ALIGNMENT &&
1248 !fuse_dax_check_alignment(fc, arg->map_alignment)) {
1251 if (flags & FUSE_HAS_INODE_DAX)
1254 if (flags & FUSE_HANDLE_KILLPRIV_V2) {
1255 fc->handle_killpriv_v2 = 1;
1256 fm->sb->s_flags |= SB_NOSEC;
1258 if (flags & FUSE_SETXATTR_EXT)
1259 fc->setxattr_ext = 1;
1260 if (flags & FUSE_SECURITY_CTX)
1261 fc->init_security = 1;
1263 ra_pages = fc->max_read / PAGE_SIZE;
1268 fm->sb->s_bdi->ra_pages =
1269 min(fm->sb->s_bdi->ra_pages, ra_pages);
1270 fc->minor = arg->minor;
1271 fc->max_write = arg->minor < 5 ? 4096 : arg->max_write;
1272 fc->max_write = max_t(unsigned, 4096, fc->max_write);
1282 fuse_set_initialized(fc);
1283 wake_up_all(&fc->blocked_waitq);
1286 void fuse_send_init(struct fuse_mount *fm)
1288 struct fuse_init_args *ia;
1291 ia = kzalloc(sizeof(*ia), GFP_KERNEL | __GFP_NOFAIL);
1293 ia->in.major = FUSE_KERNEL_VERSION;
1294 ia->in.minor = FUSE_KERNEL_MINOR_VERSION;
1295 ia->in.max_readahead = fm->sb->s_bdi->ra_pages * PAGE_SIZE;
1297 FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_ATOMIC_O_TRUNC |
1298 FUSE_EXPORT_SUPPORT | FUSE_BIG_WRITES | FUSE_DONT_MASK |
1299 FUSE_SPLICE_WRITE | FUSE_SPLICE_MOVE | FUSE_SPLICE_READ |
1300 FUSE_FLOCK_LOCKS | FUSE_HAS_IOCTL_DIR | FUSE_AUTO_INVAL_DATA |
1301 FUSE_DO_READDIRPLUS | FUSE_READDIRPLUS_AUTO | FUSE_ASYNC_DIO |
1302 FUSE_WRITEBACK_CACHE | FUSE_NO_OPEN_SUPPORT |
1303 FUSE_PARALLEL_DIROPS | FUSE_HANDLE_KILLPRIV | FUSE_POSIX_ACL |
1304 FUSE_ABORT_ERROR | FUSE_MAX_PAGES | FUSE_CACHE_SYMLINKS |
1305 FUSE_NO_OPENDIR_SUPPORT | FUSE_EXPLICIT_INVAL_DATA |
1306 FUSE_HANDLE_KILLPRIV_V2 | FUSE_SETXATTR_EXT | FUSE_INIT_EXT |
1308 #ifdef CONFIG_FUSE_DAX
1310 flags |= FUSE_MAP_ALIGNMENT;
1311 if (fuse_is_inode_dax_mode(fm->fc->dax_mode))
1312 flags |= FUSE_HAS_INODE_DAX;
1314 if (fm->fc->auto_submounts)
1315 flags |= FUSE_SUBMOUNTS;
1317 ia->in.flags = flags;
1318 ia->in.flags2 = flags >> 32;
1320 ia->args.opcode = FUSE_INIT;
1321 ia->args.in_numargs = 1;
1322 ia->args.in_args[0].size = sizeof(ia->in);
1323 ia->args.in_args[0].value = &ia->in;
1324 ia->args.out_numargs = 1;
1325 /* Variable length argument used for backward compatibility
1326 with interface version < 7.5. Rest of init_out is zeroed
1327 by do_get_request(), so a short reply is not a problem */
1328 ia->args.out_argvar = true;
1329 ia->args.out_args[0].size = sizeof(ia->out);
1330 ia->args.out_args[0].value = &ia->out;
1331 ia->args.force = true;
1332 ia->args.nocreds = true;
1333 ia->args.end = process_init_reply;
1335 if (fuse_simple_background(fm, &ia->args, GFP_KERNEL) != 0)
1336 process_init_reply(fm, &ia->args, -ENOTCONN);
1338 EXPORT_SYMBOL_GPL(fuse_send_init);
1340 void fuse_free_conn(struct fuse_conn *fc)
1342 WARN_ON(!list_empty(&fc->devices));
1345 EXPORT_SYMBOL_GPL(fuse_free_conn);
1347 static int fuse_bdi_init(struct fuse_conn *fc, struct super_block *sb)
1353 suffix = "-fuseblk";
1355 * sb->s_bdi points to blkdev's bdi however we want to redirect
1356 * it to our private bdi...
1359 sb->s_bdi = &noop_backing_dev_info;
1361 err = super_setup_bdi_name(sb, "%u:%u%s", MAJOR(fc->dev),
1362 MINOR(fc->dev), suffix);
1366 /* fuse does it's own writeback accounting */
1367 sb->s_bdi->capabilities &= ~BDI_CAP_WRITEBACK_ACCT;
1368 sb->s_bdi->capabilities |= BDI_CAP_STRICTLIMIT;
1371 * For a single fuse filesystem use max 1% of dirty +
1372 * writeback threshold.
1374 * This gives about 1M of write buffer for memory maps on a
1375 * machine with 1G and 10% dirty_ratio, which should be more
1378 * Privileged users can raise it by writing to
1380 * /sys/class/bdi/<bdi>/max_ratio
1382 bdi_set_max_ratio(sb->s_bdi, 1);
1387 struct fuse_dev *fuse_dev_alloc(void)
1389 struct fuse_dev *fud;
1390 struct list_head *pq;
1392 fud = kzalloc(sizeof(struct fuse_dev), GFP_KERNEL);
1396 pq = kcalloc(FUSE_PQ_HASH_SIZE, sizeof(struct list_head), GFP_KERNEL);
1402 fud->pq.processing = pq;
1403 fuse_pqueue_init(&fud->pq);
1407 EXPORT_SYMBOL_GPL(fuse_dev_alloc);
1409 void fuse_dev_install(struct fuse_dev *fud, struct fuse_conn *fc)
1411 fud->fc = fuse_conn_get(fc);
1412 spin_lock(&fc->lock);
1413 list_add_tail(&fud->entry, &fc->devices);
1414 spin_unlock(&fc->lock);
1416 EXPORT_SYMBOL_GPL(fuse_dev_install);
1418 struct fuse_dev *fuse_dev_alloc_install(struct fuse_conn *fc)
1420 struct fuse_dev *fud;
1422 fud = fuse_dev_alloc();
1426 fuse_dev_install(fud, fc);
1429 EXPORT_SYMBOL_GPL(fuse_dev_alloc_install);
1431 void fuse_dev_free(struct fuse_dev *fud)
1433 struct fuse_conn *fc = fud->fc;
1436 spin_lock(&fc->lock);
1437 list_del(&fud->entry);
1438 spin_unlock(&fc->lock);
1442 kfree(fud->pq.processing);
1445 EXPORT_SYMBOL_GPL(fuse_dev_free);
1447 static void fuse_fill_attr_from_inode(struct fuse_attr *attr,
1448 const struct fuse_inode *fi)
1450 *attr = (struct fuse_attr){
1451 .ino = fi->inode.i_ino,
1452 .size = fi->inode.i_size,
1453 .blocks = fi->inode.i_blocks,
1454 .atime = fi->inode.i_atime.tv_sec,
1455 .mtime = fi->inode.i_mtime.tv_sec,
1456 .ctime = fi->inode.i_ctime.tv_sec,
1457 .atimensec = fi->inode.i_atime.tv_nsec,
1458 .mtimensec = fi->inode.i_mtime.tv_nsec,
1459 .ctimensec = fi->inode.i_ctime.tv_nsec,
1460 .mode = fi->inode.i_mode,
1461 .nlink = fi->inode.i_nlink,
1462 .uid = fi->inode.i_uid.val,
1463 .gid = fi->inode.i_gid.val,
1464 .rdev = fi->inode.i_rdev,
1465 .blksize = 1u << fi->inode.i_blkbits,
1469 static void fuse_sb_defaults(struct super_block *sb)
1471 sb->s_magic = FUSE_SUPER_MAGIC;
1472 sb->s_op = &fuse_super_operations;
1473 sb->s_xattr = fuse_xattr_handlers;
1474 sb->s_maxbytes = MAX_LFS_FILESIZE;
1475 sb->s_time_gran = 1;
1476 sb->s_export_op = &fuse_export_operations;
1477 sb->s_iflags |= SB_I_IMA_UNVERIFIABLE_SIGNATURE;
1478 if (sb->s_user_ns != &init_user_ns)
1479 sb->s_iflags |= SB_I_UNTRUSTED_MOUNTER;
1480 sb->s_flags &= ~(SB_NOSEC | SB_I_VERSION);
1483 * If we are not in the initial user namespace posix
1484 * acls must be translated.
1486 if (sb->s_user_ns != &init_user_ns)
1487 sb->s_xattr = fuse_no_acl_xattr_handlers;
1490 static int fuse_fill_super_submount(struct super_block *sb,
1491 struct fuse_inode *parent_fi)
1493 struct fuse_mount *fm = get_fuse_mount_super(sb);
1494 struct super_block *parent_sb = parent_fi->inode.i_sb;
1495 struct fuse_attr root_attr;
1497 struct fuse_submount_lookup *sl;
1498 struct fuse_inode *fi;
1500 fuse_sb_defaults(sb);
1503 WARN_ON(sb->s_bdi != &noop_backing_dev_info);
1504 sb->s_bdi = bdi_get(parent_sb->s_bdi);
1506 sb->s_xattr = parent_sb->s_xattr;
1507 sb->s_time_gran = parent_sb->s_time_gran;
1508 sb->s_blocksize = parent_sb->s_blocksize;
1509 sb->s_blocksize_bits = parent_sb->s_blocksize_bits;
1510 sb->s_subtype = kstrdup(parent_sb->s_subtype, GFP_KERNEL);
1511 if (parent_sb->s_subtype && !sb->s_subtype)
1514 fuse_fill_attr_from_inode(&root_attr, parent_fi);
1515 root = fuse_iget(sb, parent_fi->nodeid, 0, &root_attr, 0, 0);
1517 * This inode is just a duplicate, so it is not looked up and
1518 * its nlookup should not be incremented. fuse_iget() does
1519 * that, though, so undo it here.
1521 fi = get_fuse_inode(root);
1524 sb->s_d_op = &fuse_dentry_operations;
1525 sb->s_root = d_make_root(root);
1530 * Grab the parent's submount_lookup pointer and take a
1531 * reference on the shared nlookup from the parent. This is to
1532 * prevent the last forget for this nodeid from getting
1533 * triggered until all users have finished with it.
1535 sl = parent_fi->submount_lookup;
1538 refcount_inc(&sl->count);
1539 fi->submount_lookup = sl;
1545 /* Filesystem context private data holds the FUSE inode of the mount point */
1546 static int fuse_get_tree_submount(struct fs_context *fsc)
1548 struct fuse_mount *fm;
1549 struct fuse_inode *mp_fi = fsc->fs_private;
1550 struct fuse_conn *fc = get_fuse_conn(&mp_fi->inode);
1551 struct super_block *sb;
1554 fm = kzalloc(sizeof(struct fuse_mount), GFP_KERNEL);
1558 fm->fc = fuse_conn_get(fc);
1559 fsc->s_fs_info = fm;
1560 sb = sget_fc(fsc, NULL, set_anon_super_fc);
1562 fuse_mount_destroy(fm);
1566 /* Initialize superblock, making @mp_fi its root */
1567 err = fuse_fill_super_submount(sb, mp_fi);
1569 deactivate_locked_super(sb);
1573 down_write(&fc->killsb);
1574 list_add_tail(&fm->fc_entry, &fc->mounts);
1575 up_write(&fc->killsb);
1577 sb->s_flags |= SB_ACTIVE;
1578 fsc->root = dget(sb->s_root);
1583 static const struct fs_context_operations fuse_context_submount_ops = {
1584 .get_tree = fuse_get_tree_submount,
1587 int fuse_init_fs_context_submount(struct fs_context *fsc)
1589 fsc->ops = &fuse_context_submount_ops;
1592 EXPORT_SYMBOL_GPL(fuse_init_fs_context_submount);
1594 int fuse_fill_super_common(struct super_block *sb, struct fuse_fs_context *ctx)
1596 struct fuse_dev *fud = NULL;
1597 struct fuse_mount *fm = get_fuse_mount_super(sb);
1598 struct fuse_conn *fc = fm->fc;
1600 struct dentry *root_dentry;
1604 if (sb->s_flags & SB_MANDLOCK)
1607 rcu_assign_pointer(fc->curr_bucket, fuse_sync_bucket_alloc());
1608 fuse_sb_defaults(sb);
1613 if (!sb_set_blocksize(sb, ctx->blksize))
1617 sb->s_blocksize = PAGE_SIZE;
1618 sb->s_blocksize_bits = PAGE_SHIFT;
1621 sb->s_subtype = ctx->subtype;
1622 ctx->subtype = NULL;
1623 if (IS_ENABLED(CONFIG_FUSE_DAX)) {
1624 err = fuse_dax_conn_alloc(fc, ctx->dax_mode, ctx->dax_dev);
1631 fud = fuse_dev_alloc_install(fc);
1636 fc->dev = sb->s_dev;
1638 err = fuse_bdi_init(fc, sb);
1642 /* Handle umasking inside the fuse code */
1643 if (sb->s_flags & SB_POSIXACL)
1645 sb->s_flags |= SB_POSIXACL;
1647 fc->default_permissions = ctx->default_permissions;
1648 fc->allow_other = ctx->allow_other;
1649 fc->user_id = ctx->user_id;
1650 fc->group_id = ctx->group_id;
1651 fc->legacy_opts_show = ctx->legacy_opts_show;
1652 fc->max_read = max_t(unsigned int, 4096, ctx->max_read);
1653 fc->destroy = ctx->destroy;
1654 fc->no_control = ctx->no_control;
1655 fc->no_force_umount = ctx->no_force_umount;
1658 root = fuse_get_root_inode(sb, ctx->rootmode);
1659 sb->s_d_op = &fuse_root_dentry_operations;
1660 root_dentry = d_make_root(root);
1663 /* Root dentry doesn't have .d_revalidate */
1664 sb->s_d_op = &fuse_dentry_operations;
1666 mutex_lock(&fuse_mutex);
1668 if (ctx->fudptr && *ctx->fudptr)
1671 err = fuse_ctl_add_conn(fc);
1675 list_add_tail(&fc->entry, &fuse_conn_list);
1676 sb->s_root = root_dentry;
1679 mutex_unlock(&fuse_mutex);
1683 mutex_unlock(&fuse_mutex);
1689 if (IS_ENABLED(CONFIG_FUSE_DAX))
1690 fuse_dax_conn_free(fc);
1694 EXPORT_SYMBOL_GPL(fuse_fill_super_common);
1696 static int fuse_fill_super(struct super_block *sb, struct fs_context *fsc)
1698 struct fuse_fs_context *ctx = fsc->fs_private;
1701 if (!ctx->file || !ctx->rootmode_present ||
1702 !ctx->user_id_present || !ctx->group_id_present)
1706 * Require mount to happen from the same user namespace which
1707 * opened /dev/fuse to prevent potential attacks.
1709 if ((ctx->file->f_op != &fuse_dev_operations) ||
1710 (ctx->file->f_cred->user_ns != sb->s_user_ns))
1712 ctx->fudptr = &ctx->file->private_data;
1714 err = fuse_fill_super_common(sb, ctx);
1717 /* file->private_data shall be visible on all CPUs after this */
1719 fuse_send_init(get_fuse_mount_super(sb));
1724 * This is the path where user supplied an already initialized fuse dev. In
1725 * this case never create a new super if the old one is gone.
1727 static int fuse_set_no_super(struct super_block *sb, struct fs_context *fsc)
1732 static int fuse_test_super(struct super_block *sb, struct fs_context *fsc)
1735 return fsc->sget_key == get_fuse_conn_super(sb);
1738 static int fuse_get_tree(struct fs_context *fsc)
1740 struct fuse_fs_context *ctx = fsc->fs_private;
1741 struct fuse_dev *fud;
1742 struct fuse_conn *fc;
1743 struct fuse_mount *fm;
1744 struct super_block *sb;
1747 fc = kmalloc(sizeof(*fc), GFP_KERNEL);
1751 fm = kzalloc(sizeof(*fm), GFP_KERNEL);
1757 fuse_conn_init(fc, fm, fsc->user_ns, &fuse_dev_fiq_ops, NULL);
1758 fc->release = fuse_free_conn;
1760 fsc->s_fs_info = fm;
1762 if (ctx->fd_present)
1763 ctx->file = fget(ctx->fd);
1765 if (IS_ENABLED(CONFIG_BLOCK) && ctx->is_bdev) {
1766 err = get_tree_bdev(fsc, fuse_fill_super);
1770 * While block dev mount can be initialized with a dummy device fd
1771 * (found by device name), normal fuse mounts can't
1778 * Allow creating a fuse mount with an already initialized fuse
1781 fud = READ_ONCE(ctx->file->private_data);
1782 if (ctx->file->f_op == &fuse_dev_operations && fud) {
1783 fsc->sget_key = fud->fc;
1784 sb = sget_fc(fsc, fuse_test_super, fuse_set_no_super);
1785 err = PTR_ERR_OR_ZERO(sb);
1787 fsc->root = dget(sb->s_root);
1789 err = get_tree_nodev(fsc, fuse_fill_super);
1793 fuse_mount_destroy(fm);
1799 static const struct fs_context_operations fuse_context_ops = {
1800 .free = fuse_free_fsc,
1801 .parse_param = fuse_parse_param,
1802 .reconfigure = fuse_reconfigure,
1803 .get_tree = fuse_get_tree,
1807 * Set up the filesystem mount context.
1809 static int fuse_init_fs_context(struct fs_context *fsc)
1811 struct fuse_fs_context *ctx;
1813 ctx = kzalloc(sizeof(struct fuse_fs_context), GFP_KERNEL);
1818 ctx->blksize = FUSE_DEFAULT_BLKSIZE;
1819 ctx->legacy_opts_show = true;
1822 if (fsc->fs_type == &fuseblk_fs_type) {
1823 ctx->is_bdev = true;
1824 ctx->destroy = true;
1828 fsc->fs_private = ctx;
1829 fsc->ops = &fuse_context_ops;
1833 bool fuse_mount_remove(struct fuse_mount *fm)
1835 struct fuse_conn *fc = fm->fc;
1838 down_write(&fc->killsb);
1839 list_del_init(&fm->fc_entry);
1840 if (list_empty(&fc->mounts))
1842 up_write(&fc->killsb);
1846 EXPORT_SYMBOL_GPL(fuse_mount_remove);
1848 void fuse_conn_destroy(struct fuse_mount *fm)
1850 struct fuse_conn *fc = fm->fc;
1853 fuse_send_destroy(fm);
1855 fuse_abort_conn(fc);
1856 fuse_wait_aborted(fc);
1858 if (!list_empty(&fc->entry)) {
1859 mutex_lock(&fuse_mutex);
1860 list_del(&fc->entry);
1861 fuse_ctl_remove_conn(fc);
1862 mutex_unlock(&fuse_mutex);
1865 EXPORT_SYMBOL_GPL(fuse_conn_destroy);
1867 static void fuse_sb_destroy(struct super_block *sb)
1869 struct fuse_mount *fm = get_fuse_mount_super(sb);
1873 last = fuse_mount_remove(fm);
1875 fuse_conn_destroy(fm);
1879 void fuse_mount_destroy(struct fuse_mount *fm)
1881 fuse_conn_put(fm->fc);
1884 EXPORT_SYMBOL(fuse_mount_destroy);
1886 static void fuse_kill_sb_anon(struct super_block *sb)
1888 fuse_sb_destroy(sb);
1889 kill_anon_super(sb);
1890 fuse_mount_destroy(get_fuse_mount_super(sb));
1893 static struct file_system_type fuse_fs_type = {
1894 .owner = THIS_MODULE,
1896 .fs_flags = FS_HAS_SUBTYPE | FS_USERNS_MOUNT,
1897 .init_fs_context = fuse_init_fs_context,
1898 .parameters = fuse_fs_parameters,
1899 .kill_sb = fuse_kill_sb_anon,
1901 MODULE_ALIAS_FS("fuse");
1904 static void fuse_kill_sb_blk(struct super_block *sb)
1906 fuse_sb_destroy(sb);
1907 kill_block_super(sb);
1908 fuse_mount_destroy(get_fuse_mount_super(sb));
1911 static struct file_system_type fuseblk_fs_type = {
1912 .owner = THIS_MODULE,
1914 .init_fs_context = fuse_init_fs_context,
1915 .parameters = fuse_fs_parameters,
1916 .kill_sb = fuse_kill_sb_blk,
1917 .fs_flags = FS_REQUIRES_DEV | FS_HAS_SUBTYPE,
1919 MODULE_ALIAS_FS("fuseblk");
1921 static inline int register_fuseblk(void)
1923 return register_filesystem(&fuseblk_fs_type);
1926 static inline void unregister_fuseblk(void)
1928 unregister_filesystem(&fuseblk_fs_type);
1931 static inline int register_fuseblk(void)
1936 static inline void unregister_fuseblk(void)
1941 static void fuse_inode_init_once(void *foo)
1943 struct inode *inode = foo;
1945 inode_init_once(inode);
1948 static int __init fuse_fs_init(void)
1952 fuse_inode_cachep = kmem_cache_create("fuse_inode",
1953 sizeof(struct fuse_inode), 0,
1954 SLAB_HWCACHE_ALIGN|SLAB_ACCOUNT|SLAB_RECLAIM_ACCOUNT,
1955 fuse_inode_init_once);
1957 if (!fuse_inode_cachep)
1960 err = register_fuseblk();
1964 err = register_filesystem(&fuse_fs_type);
1971 unregister_fuseblk();
1973 kmem_cache_destroy(fuse_inode_cachep);
1978 static void fuse_fs_cleanup(void)
1980 unregister_filesystem(&fuse_fs_type);
1981 unregister_fuseblk();
1984 * Make sure all delayed rcu free inodes are flushed before we
1988 kmem_cache_destroy(fuse_inode_cachep);
1991 static struct kobject *fuse_kobj;
1993 static int fuse_sysfs_init(void)
1997 fuse_kobj = kobject_create_and_add("fuse", fs_kobj);
2003 err = sysfs_create_mount_point(fuse_kobj, "connections");
2005 goto out_fuse_unregister;
2009 out_fuse_unregister:
2010 kobject_put(fuse_kobj);
2015 static void fuse_sysfs_cleanup(void)
2017 sysfs_remove_mount_point(fuse_kobj, "connections");
2018 kobject_put(fuse_kobj);
2021 static int __init fuse_init(void)
2025 pr_info("init (API version %i.%i)\n",
2026 FUSE_KERNEL_VERSION, FUSE_KERNEL_MINOR_VERSION);
2028 INIT_LIST_HEAD(&fuse_conn_list);
2029 res = fuse_fs_init();
2033 res = fuse_dev_init();
2035 goto err_fs_cleanup;
2037 res = fuse_sysfs_init();
2039 goto err_dev_cleanup;
2041 res = fuse_ctl_init();
2043 goto err_sysfs_cleanup;
2045 sanitize_global_limit(&max_user_bgreq);
2046 sanitize_global_limit(&max_user_congthresh);
2051 fuse_sysfs_cleanup();
2060 static void __exit fuse_exit(void)
2065 fuse_sysfs_cleanup();
2070 module_init(fuse_init);
2071 module_exit(fuse_exit);
projects / releases.git / blob