/*
* our custom d_alloc_root work-alike
*
* we can't use d_alloc_root if we want to use our own interpose function
* unchanged, so we simply call our own "fake" d_alloc_root
*/
static struct dentry *unionfs_d_alloc_root(struct super_block *sb)
{
struct dentry *ret = NULL;
if (sb) {
static const struct qstr name = {
.name = "/",
.len = 1
};
ret = d_alloc(NULL, &name);
if (likely(ret)) {
ret->d_op = &unionfs_dops;
ret->d_sb = sb;
ret->d_parent = ret;
}
}
return ret;
}
/*
* There is no need to lock the unionfs_super_info's rwsem as there is no
* way anyone can have a reference to the superblock at this point in time.
*/
static int unionfs_read_super(struct super_block *sb, void *raw_data,
int silent)
{
int err = 0;
struct unionfs_dentry_info *lower_root_info = NULL;
int bindex, bstart, bend;
if (!raw_data) {
printk(KERN_ERR
"unionfs: read_super: missing data argument\n");
err = -EINVAL;
goto out;
}
/* Allocate superblock private data */
sb->s_fs_info = kzalloc(sizeof(struct unionfs_sb_info), GFP_KERNEL);
if (unlikely(!UNIONFS_SB(sb))) {
printk(KERN_CRIT "unionfs: read_super: out of memory\n");
err = -ENOMEM;
goto out;
}
UNIONFS_SB(sb)->bend = -1;
atomic_set(&UNIONFS_SB(sb)->generation, 1);
init_rwsem(&UNIONFS_SB(sb)->rwsem);
UNIONFS_SB(sb)->high_branch_id = -1; /* -1 == invalid branch ID */
lower_root_info = unionfs_parse_options(sb, raw_data);
if (IS_ERR(lower_root_info)) {
printk(KERN_ERR
"unionfs: read_super: error while parsing options "
"(err = %ld)\n", PTR_ERR(lower_root_info));
err = PTR_ERR(lower_root_info);
lower_root_info = NULL;
goto out_free;
}
if (lower_root_info->bstart == -1) {
err = -ENOENT;
goto out_free;
}
/* set the lower superblock field of upper superblock */
bstart = lower_root_info->bstart;
BUG_ON(bstart != 0);
sbend(sb) = bend = lower_root_info->bend;
for (bindex = bstart; bindex <= bend; bindex++) {
struct dentry *d = lower_root_info->lower_paths[bindex].dentry;
atomic_inc(&d->d_sb->s_active);
unionfs_set_lower_super_idx(sb, bindex, d->d_sb);
}
/* max Bytes is the maximum bytes from highest priority branch */
sb->s_maxbytes = unionfs_lower_super_idx(sb, 0)->s_maxbytes;
/*
* Our c/m/atime granularity is 1 ns because we may stack on file
* systems whose granularity is as good. This is important for our
* time-based cache coherency.
*/
sb->s_time_gran = 1;
sb->s_op = &unionfs_sops;
/* See comment next to the definition of unionfs_d_alloc_root */
sb->s_root = unionfs_d_alloc_root(sb);
if (unlikely(!sb->s_root)) {
err = -ENOMEM;
goto out_dput;
}
/* link the upper and lower dentries */
sb->s_root->d_fsdata = NULL;
err = new_dentry_private_data(sb->s_root, UNIONFS_DMUTEX_ROOT);
if (unlikely(err))
goto out_freedpd;
/* Set the lower dentries for s_root */
for (bindex = bstart; bindex <= bend; bindex++) {
struct dentry *d;
struct vfsmount *m;
d = lower_root_info->lower_paths[bindex].dentry;
m = lower_root_info->lower_paths[bindex].mnt;
unionfs_set_lower_dentry_idx(sb->s_root, bindex, d);
unionfs_set_lower_mnt_idx(sb->s_root, bindex, m);
}
dbstart(sb->s_root) = bstart;
dbend(sb->s_root) = bend;
/* Set the generation number to one, since this is for the mount. */
atomic_set(&UNIONFS_D(sb->s_root)->generation, 1);
/*
* Call interpose to create the upper level inode. Only
* INTERPOSE_LOOKUP can return a value other than 0 on err.
*/
err = PTR_ERR(unionfs_interpose(sb->s_root, sb, 0));
unionfs_unlock_dentry(sb->s_root);
if (!err)
goto out;
/* else fall through */
out_freedpd:
if (UNIONFS_D(sb->s_root)) {
kfree(UNIONFS_D(sb->s_root)->lower_paths);
free_dentry_private_data(sb->s_root);
}
dput(sb->s_root);
out_dput:
if (lower_root_info && !IS_ERR(lower_root_info)) {
for (bindex = lower_root_info->bstart;
bindex <= lower_root_info->bend; bindex++) {
struct dentry *d;
d = lower_root_info->lower_paths[bindex].dentry;
/* drop refs we took earlier */
atomic_dec(&d->d_sb->s_active);
path_put(&lower_root_info->lower_paths[bindex]);
}
kfree(lower_root_info->lower_paths);
kfree(lower_root_info);
lower_root_info = NULL;
}
out_free:
kfree(UNIONFS_SB(sb)->data);
kfree(UNIONFS_SB(sb));
sb->s_fs_info = NULL;
out:
if (lower_root_info && !IS_ERR(lower_root_info)) {
kfree(lower_root_info->lower_paths);
kfree(lower_root_info);
}
return err;
}
/**
* ccs_get_absolute_path - Get the path of a dentry but ignores chroot'ed root.
*
* @path: Pointer to "struct path".
* @buffer: Pointer to buffer to return value in.
* @buflen: Sizeof @buffer.
*
* Returns the buffer on success, an error code otherwise.
*
* Caller holds the dcache_lock and vfsmount_lock.
* Based on __d_path() in fs/dcache.c
*
* If dentry is a directory, trailing '/' is appended.
*/
static char *ccs_get_absolute_path(struct path *path, char * const buffer,
const int buflen)
{
#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 2, 0)
char *pos = ERR_PTR(-ENOMEM);
if (buflen >= 256) {
pos = ccsecurity_exports.d_absolute_path(path, buffer,
buflen - 1);
if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
struct inode *inode = path->dentry->d_inode;
if (inode && S_ISDIR(inode->i_mode)) {
buffer[buflen - 2] = '/';
buffer[buflen - 1] = '\0';
}
}
}
return pos;
#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 36)
/*
* __d_path() will start returning NULL by backporting commit 02125a82
* "fix apparmor dereferencing potentially freed dentry, sanitize
* __d_path() API".
*
* Unfortunately, __d_path() after applying that commit always returns
* NULL when root is empty. d_absolute_path() is provided for TOMOYO
* 2.x and AppArmor but TOMOYO 1.x does not use it, for TOMOYO 1.x
* might be built as a loadable kernel module and there is no warrantee
* that TOMOYO 1.x is recompiled after applying that commit. Also,
* I don't want to search /proc/kallsyms for d_absolute_path() because
* I want to keep TOMOYO 1.x architecture independent. Thus, supply
* non empty root like AppArmor's d_namespace_path() did.
*/
char *pos = ERR_PTR(-ENOMEM);
if (buflen >= 256) {
static bool ccs_no_empty;
if (!ccs_no_empty) {
struct path root = { };
pos = ccsecurity_exports.__d_path(path, &root, buffer,
buflen - 1);
} else {
pos = NULL;
}
if (!pos) {
struct task_struct *task = current;
struct path root;
struct path tmp;
spin_lock(&task->fs->lock);
root.mnt = task->nsproxy->mnt_ns->root;
root.dentry = root.mnt->mnt_root;
path_get(&root);
spin_unlock(&task->fs->lock);
tmp = root;
pos = ccsecurity_exports.__d_path(path, &tmp, buffer,
buflen - 1);
path_put(&root);
if (!pos)
return ERR_PTR(-EINVAL);
/* Remember if __d_path() needs non empty root. */
ccs_no_empty = true;
}
if (!IS_ERR(pos) && *pos == '/' && pos[1]) {
struct inode *inode = path->dentry->d_inode;
if (inode && S_ISDIR(inode->i_mode)) {
buffer[buflen - 2] = '/';
buffer[buflen - 1] = '\0';
}
}
}
return pos;
#else
char *pos = buffer + buflen - 1;
struct dentry *dentry = path->dentry;
struct vfsmount *vfsmnt = path->mnt;
const char *name;
int len;
if (buflen < 256)
goto out;
*pos = '\0';
if (dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode))
*--pos = '/';
for (;;) {
struct dentry *parent;
if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) {
if (vfsmnt->mnt_parent == vfsmnt)
break;
dentry = vfsmnt->mnt_mountpoint;
vfsmnt = vfsmnt->mnt_parent;
continue;
}
parent = dentry->d_parent;
name = dentry->d_name.name;
len = dentry->d_name.len;
pos -= len;
if (pos <= buffer)
goto out;
memmove(pos, name, len);
*--pos = '/';
dentry = parent;
}
if (*pos == '/')
pos++;
len = dentry->d_name.len;
pos -= len;
if (pos < buffer)
goto out;
memmove(pos, dentry->d_name.name, len);
return pos;
out:
return ERR_PTR(-ENOMEM);
#endif
}
/*
* xfs_find_handle maps from userspace xfs_fsop_handlereq structure to
* a file or fs handle.
*
* XFS_IOC_PATH_TO_FSHANDLE
* returns fs handle for a mount point or path within that mount point
* XFS_IOC_FD_TO_HANDLE
* returns full handle for a FD opened in user space
* XFS_IOC_PATH_TO_HANDLE
* returns full handle for a path
*/
int
xfs_find_handle(
unsigned int cmd,
xfs_fsop_handlereq_t *hreq)
{
int hsize;
xfs_handle_t handle;
struct inode *inode;
struct file *file = NULL;
struct path path;
int error;
struct xfs_inode *ip;
if (cmd == XFS_IOC_FD_TO_HANDLE) {
file = fget(hreq->fd);
if (!file)
return -EBADF;
inode = file->f_path.dentry->d_inode;
} else {
error = user_lpath((const char __user *)hreq->path, &path);
if (error)
return error;
inode = path.dentry->d_inode;
}
ip = XFS_I(inode);
/*
* We can only generate handles for inodes residing on a XFS filesystem,
* and only for regular files, directories or symbolic links.
*/
error = -EINVAL;
if (inode->i_sb->s_magic != XFS_SB_MAGIC)
goto out_put;
error = -EBADF;
if (!S_ISREG(inode->i_mode) &&
!S_ISDIR(inode->i_mode) &&
!S_ISLNK(inode->i_mode))
goto out_put;
memcpy(&handle.ha_fsid, ip->i_mount->m_fixedfsid, sizeof(xfs_fsid_t));
if (cmd == XFS_IOC_PATH_TO_FSHANDLE) {
/*
* This handle only contains an fsid, zero the rest.
*/
memset(&handle.ha_fid, 0, sizeof(handle.ha_fid));
hsize = sizeof(xfs_fsid_t);
} else {
int lock_mode;
lock_mode = xfs_ilock_map_shared(ip);
handle.ha_fid.fid_len = sizeof(xfs_fid_t) -
sizeof(handle.ha_fid.fid_len);
handle.ha_fid.fid_pad = 0;
handle.ha_fid.fid_gen = ip->i_d.di_gen;
handle.ha_fid.fid_ino = ip->i_ino;
xfs_iunlock_map_shared(ip, lock_mode);
hsize = XFS_HSIZE(handle);
}
error = -EFAULT;
if (copy_to_user(hreq->ohandle, &handle, hsize) ||
copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32)))
goto out_put;
error = 0;
out_put:
if (cmd == XFS_IOC_FD_TO_HANDLE)
fput(file);
else
path_put(&path);
return error;
}
static int do_dentry_open(struct file *f,
int (*open)(struct inode *, struct file *),
const struct cred *cred)
{
static const struct file_operations empty_fops = {};
struct inode *inode;
int error;
f->f_mode = OPEN_FMODE(f->f_flags) | FMODE_LSEEK |
FMODE_PREAD | FMODE_PWRITE;
if (unlikely(f->f_flags & O_PATH))
f->f_mode = FMODE_PATH;
path_get(&f->f_path);
inode = f->f_path.dentry->d_inode;
if (f->f_mode & FMODE_WRITE) {
error = __get_file_write_access(inode, f->f_path.mnt);
if (error)
goto cleanup_file;
if (!special_file(inode->i_mode))
file_take_write(f);
}
f->f_mapping = inode->i_mapping;
f->f_pos = 0;
file_sb_list_add(f, inode->i_sb);
if (unlikely(f->f_mode & FMODE_PATH)) {
f->f_op = &empty_fops;
return 0;
}
f->f_op = fops_get(inode->i_fop);
error = security_file_open(f, cred);
if (error)
goto cleanup_all;
error = break_lease(inode, f->f_flags);
if (error)
goto cleanup_all;
if (!open && f->f_op)
open = f->f_op->open;
if (open) {
error = open(inode, f);
if (error)
goto cleanup_all;
}
if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
i_readcount_inc(inode);
f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping);
return 0;
cleanup_all:
fops_put(f->f_op);
file_sb_list_del(f);
if (f->f_mode & FMODE_WRITE) {
put_write_access(inode);
if (!special_file(inode->i_mode)) {
/*
* We don't consider this a real
* mnt_want/drop_write() pair
* because it all happenend right
* here, so just reset the state.
*/
file_reset_write(f);
__mnt_drop_write(f->f_path.mnt);
}
}
cleanup_file:
path_put(&f->f_path);
f->f_path.mnt = NULL;
f->f_path.dentry = NULL;
return error;
}
/*
* access() needs to use the real uid/gid, not the effective uid/gid.
* We do this by temporarily clearing all FS-related capabilities and
* switching the fsuid/fsgid around to the real ones.
*/
SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode)
{
const struct cred *old_cred;
struct cred *override_cred;
struct path path;
struct inode *inode;
int res;
if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */
return -EINVAL;
override_cred = prepare_creds();
if (!override_cred)
return -ENOMEM;
override_cred->fsuid = override_cred->uid;
override_cred->fsgid = override_cred->gid;
if (!issecure(SECURE_NO_SETUID_FIXUP)) {
/* Clear the capabilities if we switch to a non-root user */
if (override_cred->uid)
cap_clear(override_cred->cap_effective);
else
override_cred->cap_effective =
override_cred->cap_permitted;
}
old_cred = override_creds(override_cred);
res = user_path_at(dfd, filename, LOOKUP_FOLLOW, &path);
if (res)
goto out;
inode = path.dentry->d_inode;
if ((mode & MAY_EXEC) && S_ISREG(inode->i_mode)) {
/*
* MAY_EXEC on regular files is denied if the fs is mounted
* with the "noexec" flag.
*/
res = -EACCES;
if (path.mnt->mnt_flags & MNT_NOEXEC)
goto out_path_release;
}
res = inode_permission(inode, mode | MAY_ACCESS);
/* SuS v2 requires we report a read only fs too */
if (res || !(mode & S_IWOTH) || special_file(inode->i_mode))
goto out_path_release;
/*
* This is a rare case where using __mnt_is_readonly()
* is OK without a mnt_want/drop_write() pair. Since
* no actual write to the fs is performed here, we do
* not need to telegraph to that to anyone.
*
* By doing this, we accept that this access is
* inherently racy and know that the fs may change
* state before we even see this result.
*/
if (__mnt_is_readonly(path.mnt))
res = -EROFS;
out_path_release:
path_put(&path);
out:
revert_creds(old_cred);
put_cred(override_cred);
return res;
}
static int ovl_fill_super(struct super_block *sb, void *data, int silent)
{
struct path lowerpath;
struct path upperpath;
struct path workpath;
struct inode *root_inode;
struct dentry *root_dentry;
struct ovl_entry *oe;
struct ovl_fs *ufs;
struct kstatfs statfs;
int err;
err = -ENOMEM;
ufs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL);
if (!ufs)
goto out;
err = ovl_parse_opt((char *) data, &ufs->config);
if (err)
goto out_free_config;
/* FIXME: workdir is not needed for a R/O mount */
err = -EINVAL;
if (!ufs->config.upperdir || !ufs->config.lowerdir ||
!ufs->config.workdir) {
pr_err("overlayfs: missing upperdir or lowerdir or workdir\n");
goto out_free_config;
}
err = -ENOMEM;
oe = ovl_alloc_entry();
if (oe == NULL)
goto out_free_config;
err = ovl_mount_dir(ufs->config.upperdir, &upperpath);
if (err)
goto out_free_oe;
err = ovl_mount_dir(ufs->config.lowerdir, &lowerpath);
if (err)
goto out_put_upperpath;
err = ovl_mount_dir(ufs->config.workdir, &workpath);
if (err)
goto out_put_lowerpath;
err = -EINVAL;
if (!S_ISDIR(upperpath.dentry->d_inode->i_mode) ||
!S_ISDIR(lowerpath.dentry->d_inode->i_mode) ||
!S_ISDIR(workpath.dentry->d_inode->i_mode)) {
pr_err("overlayfs: upperdir or lowerdir or workdir not a directory\n");
goto out_put_workpath;
}
if (upperpath.mnt != workpath.mnt) {
pr_err("overlayfs: workdir and upperdir must reside under the same mount\n");
goto out_put_workpath;
}
if (!ovl_workdir_ok(workpath.dentry, upperpath.dentry)) {
pr_err("overlayfs: workdir and upperdir must be separate subtrees\n");
goto out_put_workpath;
}
if (!ovl_is_allowed_fs_type(upperpath.dentry)) {
pr_err("overlayfs: filesystem of upperdir is not supported\n");
goto out_put_workpath;
}
if (!ovl_is_allowed_fs_type(lowerpath.dentry)) {
pr_err("overlayfs: filesystem of lowerdir is not supported\n");
goto out_put_workpath;
}
err = vfs_statfs(&lowerpath, &statfs);
if (err) {
pr_err("overlayfs: statfs failed on lowerpath\n");
goto out_put_workpath;
}
ufs->lower_namelen = statfs.f_namelen;
sb->s_stack_depth = max(upperpath.mnt->mnt_sb->s_stack_depth,
lowerpath.mnt->mnt_sb->s_stack_depth) + 1;
err = -EINVAL;
if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
pr_err("overlayfs: maximum fs stacking depth exceeded\n");
goto out_put_workpath;
}
ufs->upper_mnt = clone_private_mount(&upperpath);
err = PTR_ERR(ufs->upper_mnt);
if (IS_ERR(ufs->upper_mnt)) {
pr_err("overlayfs: failed to clone upperpath\n");
goto out_put_workpath;
}
ufs->lower_mnt = clone_private_mount(&lowerpath);
err = PTR_ERR(ufs->lower_mnt);
if (IS_ERR(ufs->lower_mnt)) {
pr_err("overlayfs: failed to clone lowerpath\n");
goto out_put_upper_mnt;
}
ufs->workdir = ovl_workdir_create(ufs->upper_mnt, workpath.dentry);
err = PTR_ERR(ufs->workdir);
if (IS_ERR(ufs->workdir)) {
if (err == -ENOSPC || err == -EROFS) {
pr_warning("overlayfs: failed to create work directory (%s), mounting read-only\n", err == ENOSPC ? "ENOSPC" : "EROFS");
sb->s_flags |= MS_RDONLY;
ufs->workdir = NULL;
} else {
pr_err("overlayfs: failed to create directory %s/%s\n",
ufs->config.workdir, OVL_WORKDIR_NAME);
goto out_put_lower_mnt;
}
}
/*
* Make lower_mnt R/O. That way fchmod/fchown on lower file
* will fail instead of modifying lower fs.
*/
ufs->lower_mnt->mnt_flags |= MNT_READONLY;
/* If the upper fs is r/o, we mark overlayfs r/o too */
if (ufs->upper_mnt->mnt_sb->s_flags & MS_RDONLY)
sb->s_flags |= MS_RDONLY;
sb->s_d_op = &ovl_dentry_operations;
err = -ENOMEM;
root_inode = ovl_new_inode(sb, S_IFDIR, oe);
if (!root_inode)
goto out_put_workdir;
root_dentry = d_make_root(root_inode);
if (!root_dentry)
goto out_put_workdir;
mntput(upperpath.mnt);
mntput(lowerpath.mnt);
path_put(&workpath);
oe->__upperdentry = upperpath.dentry;
oe->lowerdentry = lowerpath.dentry;
root_dentry->d_fsdata = oe;
sb->s_magic = OVERLAYFS_SUPER_MAGIC;
sb->s_op = &ovl_super_operations;
sb->s_root = root_dentry;
sb->s_fs_info = ufs;
return 0;
out_put_workdir:
dput(ufs->workdir);
out_put_lower_mnt:
mntput(ufs->lower_mnt);
out_put_upper_mnt:
mntput(ufs->upper_mnt);
out_put_workpath:
path_put(&workpath);
out_put_lowerpath:
path_put(&lowerpath);
out_put_upperpath:
path_put(&upperpath);
out_free_oe:
kfree(oe);
out_free_config:
kfree(ufs->config.lowerdir);
kfree(ufs->config.upperdir);
kfree(ufs->config.workdir);
kfree(ufs);
out:
return err;
}
int devtmpfs_create_node(struct device *dev)
{
const char *tmp = NULL;
const char *nodename;
const struct cred *curr_cred;
mode_t mode = 0;
struct nameidata nd;
struct dentry *dentry;
int err;
if (!dev_mnt)
return 0;
nodename = device_get_devnode(dev, &mode, &tmp);
if (!nodename)
return -ENOMEM;
if (mode == 0)
mode = 0600;
if (is_blockdev(dev))
mode |= S_IFBLK;
else
mode |= S_IFCHR;
curr_cred = override_creds(&init_cred);
err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt,
nodename, LOOKUP_PARENT, &nd);
if (err == -ENOENT) {
create_path(nodename);
err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt,
nodename, LOOKUP_PARENT, &nd);
}
if (err)
goto out;
dentry = lookup_create(&nd, 0);
if (!IS_ERR(dentry)) {
err = vfs_mknod(nd.path.dentry->d_inode,
dentry, mode, dev->devt);
if (!err) {
struct iattr newattrs;
/* fixup possibly umasked mode */
newattrs.ia_mode = mode;
newattrs.ia_valid = ATTR_MODE;
mutex_lock(&dentry->d_inode->i_mutex);
notify_change(dentry, &newattrs);
mutex_unlock(&dentry->d_inode->i_mutex);
/* mark as kernel-created inode */
dentry->d_inode->i_private = &dev_mnt;
}
dput(dentry);
} else {
err = PTR_ERR(dentry);
}
mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
path_put(&nd.path);
out:
kfree(tmp);
revert_creds(curr_cred);
return err;
}
/**
* d_namespace_path - lookup a name associated with a given path
* @path: path to lookup (NOT NULL)
* @buf: buffer to store path to (NOT NULL)
* @buflen: length of @buf
* @name: Returns - pointer for start of path name with in @buf (NOT NULL)
* @flags: flags controlling path lookup
*
* Handle path name lookup.
*
* Returns: %0 else error code if path lookup fails
* When no error the path name is returned in @name which points to
* to a position in @buf
*/
static int d_namespace_path(struct path *path, char *buf, int buflen,
char **name, int flags)
{
struct path root, tmp;
char *res;
int connected, error = 0;
/* Get the root we want to resolve too, released below */
if (flags & PATH_CHROOT_REL) {
/* resolve paths relative to chroot */
get_fs_root(current->fs, &root);
} else {
/* resolve paths relative to namespace */
root.mnt = current->nsproxy->mnt_ns->root;
root.dentry = root.mnt->mnt_root;
path_get(&root);
}
spin_lock(&dcache_lock);
tmp = root;
res = __d_path(path, &tmp, buf, buflen);
spin_unlock(&dcache_lock);
*name = res;
/* handle error conditions - and still allow a partial path to
* be returned.
*/
if (IS_ERR(res)) {
error = PTR_ERR(res);
*name = buf;
goto out;
}
/* Handle two cases:
* 1. A deleted dentry && profile is not allowing mediation of deleted
* 2. On some filesystems, newly allocated dentries appear to the
* security_path hooks as a deleted dentry except without an inode
* allocated.
*/
if (d_unlinked(path->dentry) && path->dentry->d_inode &&
!(flags & PATH_MEDIATE_DELETED)) {
error = -ENOENT;
goto out;
}
/* Determine if the path is connected to the expected root */
connected = tmp.dentry == root.dentry && tmp.mnt == root.mnt;
/* If the path is not connected,
* check if it is a sysctl and handle specially else remove any
* leading / that __d_path may have returned.
* Unless
* specifically directed to connect the path,
* OR
* if in a chroot and doing chroot relative paths and the path
* resolves to the namespace root (would be connected outside
* of chroot) and specifically directed to connect paths to
* namespace root.
*/
if (!connected) {
/* is the disconnect path a sysctl? */
if (tmp.dentry->d_sb->s_magic == PROC_SUPER_MAGIC &&
strncmp(*name, "/sys/", 5) == 0) {
/* TODO: convert over to using a per namespace
* control instead of hard coded /proc
*/
error = prepend(name, *name - buf, "/proc", 5);
} else if (!(flags & PATH_CONNECT_PATH) &&
!(((flags & CHROOT_NSCONNECT) == CHROOT_NSCONNECT) &&
(tmp.mnt == current->nsproxy->mnt_ns->root &&
tmp.dentry == tmp.mnt->mnt_root))) {
/* disconnected path, don't return pathname starting
* with '/'
*/
error = -ESTALE;
if (*res == '/')
*name = res + 1;
}
}
out:
path_put(&root);
return error;
}
/* Is a directory logically empty? */
int check_empty(struct dentry *dentry, struct dentry *parent,
struct unionfs_dir_state **namelist)
{
int err = 0;
struct dentry *lower_dentry = NULL;
struct vfsmount *mnt;
struct super_block *sb;
struct file *lower_file;
struct unionfs_rdutil_callback buf = {
.ctx.actor = readdir_util_callback,
};
int bindex, bstart, bend, bopaque;
struct path path;
sb = dentry->d_sb;
BUG_ON(!S_ISDIR(dentry->d_inode->i_mode));
err = unionfs_partial_lookup(dentry, parent);
if (err)
goto out;
bstart = dbstart(dentry);
bend = dbend(dentry);
bopaque = dbopaque(dentry);
if (0 <= bopaque && bopaque < bend)
bend = bopaque;
buf.err = 0;
buf.filldir_called = 0;
buf.mode = RD_CHECK_EMPTY;
buf.ctx.pos = 0; /* XXX: needed?! */
buf.rdstate = alloc_rdstate(dentry->d_inode, bstart);
if (unlikely(!buf.rdstate)) {
err = -ENOMEM;
goto out;
}
/* Process the lower directories with rdutil_callback as a filldir. */
for (bindex = bstart; bindex <= bend; bindex++) {
lower_dentry = unionfs_lower_dentry_idx(dentry, bindex);
if (!lower_dentry)
continue;
if (!lower_dentry->d_inode)
continue;
if (!S_ISDIR(lower_dentry->d_inode->i_mode))
continue;
dget(lower_dentry);
mnt = unionfs_mntget(dentry, bindex);
branchget(sb, bindex);
path.dentry = lower_dentry;
path.mnt = mnt;
lower_file = dentry_open(&path, O_RDONLY, current_cred());
path_put(&path);
if (IS_ERR(lower_file)) {
err = PTR_ERR(lower_file);
branchput(sb, bindex);
goto out;
}
do {
buf.filldir_called = 0;
buf.rdstate->bindex = bindex;
err = iterate_dir(lower_file, &buf.ctx);
if (buf.err)
err = buf.err;
} while ((err >= 0) && buf.filldir_called);
/* fput calls dput for lower_dentry */
fput(lower_file);
branchput(sb, bindex);
if (err < 0)
goto out;
}
out:
if (namelist && !err)
*namelist = buf.rdstate;
else if (buf.rdstate)
free_rdstate(buf.rdstate);
return err;
}
/*
* access() needs to use the real uid/gid, not the effective uid/gid.
* We do this by temporarily clearing all FS-related capabilities and
* switching the fsuid/fsgid around to the real ones.
*/
asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
{
struct nameidata nd;
int old_fsuid, old_fsgid;
kernel_cap_t uninitialized_var(old_cap); /* !SECURE_NO_SETUID_FIXUP */
int res;
if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */
return -EINVAL;
old_fsuid = current->fsuid;
old_fsgid = current->fsgid;
current->fsuid = current->uid;
current->fsgid = current->gid;
if (!issecure(SECURE_NO_SETUID_FIXUP)) {
/*
* Clear the capabilities if we switch to a non-root user
*/
#ifndef CONFIG_SECURITY_FILE_CAPABILITIES
/*
* FIXME: There is a race here against sys_capset. The
* capabilities can change yet we will restore the old
* value below. We should hold task_capabilities_lock,
* but we cannot because user_path_walk can sleep.
*/
#endif /* ndef CONFIG_SECURITY_FILE_CAPABILITIES */
if (current->uid)
old_cap = cap_set_effective(__cap_empty_set);
else
old_cap = cap_set_effective(current->cap_permitted);
}
res = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW|LOOKUP_ACCESS, &nd);
if (res)
goto out;
res = vfs_permission(&nd, mode);
/* SuS v2 requires we report a read only fs too */
if(res || !(mode & S_IWOTH) ||
special_file(nd.path.dentry->d_inode->i_mode))
goto out_path_release;
/*
* This is a rare case where using __mnt_is_readonly()
* is OK without a mnt_want/drop_write() pair. Since
* no actual write to the fs is performed here, we do
* not need to telegraph to that to anyone.
*
* By doing this, we accept that this access is
* inherently racy and know that the fs may change
* state before we even see this result.
*/
if (__mnt_is_readonly(nd.path.mnt))
res = -EROFS;
out_path_release:
path_put(&nd.path);
out:
current->fsuid = old_fsuid;
current->fsgid = old_fsgid;
if (!issecure(SECURE_NO_SETUID_FIXUP))
cap_set_effective(old_cap);
return res;
}
static struct dentry *lofs_mount(
struct file_system_type *fs_type,
int flags,
const char *dev_name,
void *raw_data)
{
static const struct qstr slash = { .name = "/", .len = 1 };
struct super_block *s;
struct lofs_sb_info *sbi;
struct lofs_dentry_info *root_info;
struct inode *inode;
const char *err = "Getting sb failed";
struct path path;
int rc;
sbi = kmem_cache_zalloc(lofs_sb_info_cache, GFP_KERNEL);
if (!sbi) {
rc = -ENOMEM;
goto out;
}
s = sget(fs_type, NULL, set_anon_super, NULL);
if (IS_ERR(s)) {
rc = PTR_ERR(s);
goto out;
}
s->s_flags = flags;
#if defined(HAVE_BACKING_DEV)
rc = bdi_setup_and_register(&sbi->bdi, "lofs", BDI_CAP_MAP_COPY);
if (rc)
goto out1;
s->s_bdi = &sbi->bdi;
#endif
lofs_set_superblock_private(s, sbi);
/* ->kill_sb() will take care of sbi after that point */
sbi = NULL;
s->s_op = &lofs_sops;
s->s_d_op = &lofs_dops;
err = "Reading sb failed";
rc = kern_path(slash.name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &path);
if (rc) {
lofs_printk(KERN_WARNING, "kern_path() failed\n");
goto out1;
}
lofs_set_superblock_lower(s, path.dentry->d_sb);
s->s_maxbytes = path.dentry->d_sb->s_maxbytes;
s->s_blocksize = path.dentry->d_sb->s_blocksize;
s->s_magic = 0x10f5;
inode = lofs_get_inode(path.dentry->d_inode, s);
rc = PTR_ERR(inode);
if (IS_ERR(inode)) {
goto out_free;
}
#ifdef HAVE_D_MAKE_ROOT
s->s_root = d_make_root(inode);
#else
s->s_root = d_alloc_root(inode);
if (!s->s_root) {
iput(inode);
}
#endif
if (!s->s_root) {
rc = -ENOMEM;
goto out_free;
}
rc = -ENOMEM;
root_info = kmem_cache_zalloc(lofs_dentry_info_cache, GFP_KERNEL);
if (!root_info)
goto out_free;
/* ->kill_sb() will take care of root_info */
lofs_set_dentry_private(s->s_root, root_info);
lofs_set_dentry_lower(s->s_root, path.dentry);
lofs_set_dentry_lower_mnt(s->s_root, path.mnt);
s->s_flags |= MS_ACTIVE;
return dget(s->s_root);
out_free:
path_put(&path);
out1:
deactivate_locked_super(s);
out:
if (sbi) {
kmem_cache_free(lofs_sb_info_cache, sbi);
}
printk(KERN_ERR "%s; rc = [%d]\n", err, rc);
return ERR_PTR(rc);
}
/**
* lofs_kill_block_super
* @sb: The lofs super block
*
* Used to bring the superblock down and free the private data.
*/
static void lofs_kill_block_super(struct super_block *sb)
{
struct lofs_sb_info *sb_info = lofs_superblock_to_private(sb);
kill_anon_super(sb);
#if defined(HAVE_BACKING_DEV)
if (sb_info) {
bdi_destroy(&sb_info->bdi);
}
#endif
kmem_cache_free(lofs_sb_info_cache, sb_info);
}
#else /* !HAVE_MOUNT_IN_FS_TYPE */
/**
* lofs_fill_super
* @sb: The lofs super block
* @raw_data: The options passed to mount
* @silent: Not used but required by function prototype
*
* Sets up what we can of the sb, rest is done in lofs_read_super
*
* Returns zero on success; non-zero otherwise
*/
static int
lofs_fill_super(struct super_block *sb, void *raw_data, int silent)
{
int rc = 0;
struct inode *inode;
struct nameidata nd;
/* Released in lofs_put_super() */
struct lofs_sb_info *sbi;
sbi = kmem_cache_zalloc(lofs_sb_info_cache, GFP_KERNEL);
if (!sbi) {
lofs_printk(KERN_WARNING, "Out of memory\n");
return -ENOMEM;
}
lofs_set_superblock_private(sb, sbi);
sb->s_op = (struct super_operations *) &lofs_sops;
/* Released through deactivate_super(sb) from get_sb_nodev */
#if defined(HAVE_S_D_OP)
sb->s_d_op = &lofs_dops;
#endif
rc = path_lookup("/", LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &nd);
if (rc) {
lofs_printk(KERN_WARNING, "path_lookup() failed\n");
return rc;
}
lofs_set_superblock_lower(sb, NAMEIDATA_TO_DENTRY(&nd)->d_sb);
sb->s_maxbytes = NAMEIDATA_TO_DENTRY(&nd)->d_sb->s_maxbytes;
sb->s_blocksize = NAMEIDATA_TO_DENTRY(&nd)->d_sb->s_blocksize;
#ifdef HAVE_ADDRESS_SPACE_OPS_EXT
sb->s_flags |= MS_HAS_NEW_AOPS;
#endif
/* Get the root inode and dentry. We have to bootstrap this one,
* since it doesn't get created via the regular lookup mechanism.
*/
inode = lofs_get_inode(NAMEIDATA_TO_DENTRY(&nd)->d_inode, sb);
if (IS_ERR(inode)) {
dput(NAMEIDATA_TO_DENTRY(&nd));
mntput(NAMEIDATA_TO_VFSMNT(&nd));
return PTR_ERR(inode);
}
sb->s_root = d_alloc_root(inode);
if (!sb->s_root) {
iput(inode);
dput(NAMEIDATA_TO_DENTRY(&nd));
mntput(NAMEIDATA_TO_VFSMNT(&nd));
return -ENOMEM;
}
lofs_set_dentry_private(sb->s_root,
kmem_cache_zalloc(lofs_dentry_info_cache, GFP_KERNEL));
lofs_set_dentry_lower(sb->s_root, NAMEIDATA_TO_DENTRY(&nd));
lofs_set_dentry_lower_mnt(sb->s_root, NAMEIDATA_TO_VFSMNT(&nd));
#if !defined(HAVE_S_D_OP)
sb->s_root->d_op = (struct dentry_operations *) &lofs_dops;
#endif
return 0;
}
static long do_sys_truncate(const char __user * path, loff_t length)
{
struct nameidata nd;
struct inode * inode;
int error;
error = -EINVAL;
if (length < 0) /* sorry, but loff_t says... */
goto out;
error = user_path_walk(path, &nd);
if (error)
goto out;
inode = nd.path.dentry->d_inode;
/* For directories it's -EISDIR, for other non-regulars - -EINVAL */
error = -EISDIR;
if (S_ISDIR(inode->i_mode))
goto dput_and_out;
error = -EINVAL;
if (!S_ISREG(inode->i_mode))
goto dput_and_out;
error = mnt_want_write(nd.path.mnt);
if (error)
goto dput_and_out;
error = vfs_permission(&nd, MAY_WRITE);
if (error)
goto mnt_drop_write_and_out;
error = -EPERM;
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
goto mnt_drop_write_and_out;
error = get_write_access(inode);
if (error)
goto mnt_drop_write_and_out;
/*
* Make sure that there are no leases. get_write_access() protects
* against the truncate racing with a lease-granting setlease().
*/
error = break_lease(inode, FMODE_WRITE);
if (error)
goto put_write_and_out;
error = locks_verify_truncate(inode, NULL, length);
if (!error) {
DQUOT_INIT(inode);
error = do_truncate(nd.path.dentry, length, 0, NULL);
}
put_write_and_out:
put_write_access(inode);
mnt_drop_write_and_out:
mnt_drop_write(nd.path.mnt);
dput_and_out:
path_put(&nd.path);
out:
return error;
}
/*
* xfs_find_handle maps from userspace xfs_fsop_handlereq structure to
* a file or fs handle.
*
* XFS_IOC_PATH_TO_FSHANDLE
* returns fs handle for a mount point or path within that mount point
* XFS_IOC_FD_TO_HANDLE
* returns full handle for a FD opened in user space
* XFS_IOC_PATH_TO_HANDLE
* returns full handle for a path
*/
STATIC int
xfs_find_handle(
unsigned int cmd,
void __user *arg)
{
int hsize;
xfs_handle_t handle;
xfs_fsop_handlereq_t hreq;
struct inode *inode;
if (copy_from_user(&hreq, arg, sizeof(hreq)))
return -XFS_ERROR(EFAULT);
memset((char *)&handle, 0, sizeof(handle));
switch (cmd) {
case XFS_IOC_PATH_TO_FSHANDLE:
case XFS_IOC_PATH_TO_HANDLE: {
struct path path;
int error = user_lpath((const char __user *)hreq.path, &path);
if (error)
return error;
ASSERT(path.dentry);
ASSERT(path.dentry->d_inode);
inode = igrab(path.dentry->d_inode);
path_put(&path);
break;
}
case XFS_IOC_FD_TO_HANDLE: {
struct file *file;
file = fget(hreq.fd);
if (!file)
return -EBADF;
ASSERT(file->f_path.dentry);
ASSERT(file->f_path.dentry->d_inode);
inode = igrab(file->f_path.dentry->d_inode);
fput(file);
break;
}
default:
ASSERT(0);
return -XFS_ERROR(EINVAL);
}
if (inode->i_sb->s_magic != XFS_SB_MAGIC) {
/* we're not in XFS anymore, Toto */
iput(inode);
return -XFS_ERROR(EINVAL);
}
switch (inode->i_mode & S_IFMT) {
case S_IFREG:
case S_IFDIR:
case S_IFLNK:
break;
default:
iput(inode);
return -XFS_ERROR(EBADF);
}
/* now we can grab the fsid */
memcpy(&handle.ha_fsid, XFS_I(inode)->i_mount->m_fixedfsid,
sizeof(xfs_fsid_t));
hsize = sizeof(xfs_fsid_t);
if (cmd != XFS_IOC_PATH_TO_FSHANDLE) {
xfs_inode_t *ip = XFS_I(inode);
int lock_mode;
/* need to get access to the xfs_inode to read the generation */
lock_mode = xfs_ilock_map_shared(ip);
/* fill in fid section of handle from inode */
handle.ha_fid.fid_len = sizeof(xfs_fid_t) -
sizeof(handle.ha_fid.fid_len);
handle.ha_fid.fid_pad = 0;
handle.ha_fid.fid_gen = ip->i_d.di_gen;
handle.ha_fid.fid_ino = ip->i_ino;
xfs_iunlock_map_shared(ip, lock_mode);
hsize = XFS_HSIZE(handle);
}
/* now copy our handle into the user buffer & write out the size */
if (copy_to_user(hreq.ohandle, &handle, hsize) ||
copy_to_user(hreq.ohandlen, &hsize, sizeof(__s32))) {
iput(inode);
return -XFS_ERROR(EFAULT);
}
iput(inode);
return 0;
}
static void * nfs_follow_mountpoint(struct dentry *dentry, struct nameidata *nd)
{
struct vfsmount *mnt;
struct nfs_server *server = NFS_SERVER(dentry->d_inode);
struct dentry *parent;
struct nfs_fh *fh = NULL;
struct nfs_fattr *fattr = NULL;
int err;
dprintk("--> nfs_follow_mountpoint()\n");
err = -ESTALE;
if (IS_ROOT(dentry))
goto out_err;
err = -ENOMEM;
fh = nfs_alloc_fhandle();
fattr = nfs_alloc_fattr();
if (fh == NULL || fattr == NULL)
goto out_err;
dprintk("%s: enter\n", __func__);
dput(nd->path.dentry);
nd->path.dentry = dget(dentry);
/* Look it up again */
parent = dget_parent(nd->path.dentry);
err = server->nfs_client->rpc_ops->lookup(parent->d_inode,
&nd->path.dentry->d_name,
fh, fattr);
dput(parent);
if (err != 0)
goto out_err;
if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL)
mnt = nfs_do_refmount(nd->path.mnt, nd->path.dentry);
else
mnt = nfs_do_submount(nd->path.mnt, nd->path.dentry, fh,
fattr);
err = PTR_ERR(mnt);
if (IS_ERR(mnt))
goto out_err;
mntget(mnt);
err = do_add_mount(mnt, &nd->path, nd->path.mnt->mnt_flags|MNT_SHRINKABLE,
&nfs_automount_list);
if (err < 0) {
mntput(mnt);
if (err == -EBUSY)
goto out_follow;
goto out_err;
}
path_put(&nd->path);
nd->path.mnt = mnt;
nd->path.dentry = dget(mnt->mnt_root);
schedule_delayed_work(&nfs_automount_task, nfs_mountpoint_expiry_timeout);
out:
nfs_free_fattr(fattr);
nfs_free_fhandle(fh);
dprintk("%s: done, returned %d\n", __func__, err);
dprintk("<-- nfs_follow_mountpoint() = %d\n", err);
return ERR_PTR(err);
out_err:
path_put(&nd->path);
goto out;
out_follow:
while (d_mountpoint(nd->path.dentry) &&
follow_down(&nd->path))
;
err = 0;
goto out;
}
/**
* lookup_instantiate_filp - instantiates the open intent filp
* @nd: pointer to nameidata
* @dentry: pointer to dentry
* @open: open callback
*
* Helper for filesystems that want to use lookup open intents and pass back
* a fully instantiated struct file to the caller.
* This function is meant to be called from within a filesystem's
* lookup method.
* Beware of calling it for non-regular files! Those ->open methods might block
* (e.g. in fifo_open), leaving you with parent locked (and in case of fifo,
* leading to a deadlock, as nobody can open that fifo anymore, because
* another process to open fifo will block on locked parent when doing lookup).
* Note that in case of error, nd->intent.open.file is destroyed, but the
* path information remains valid.
* If the open callback is set to NULL, then the standard f_op->open()
* filesystem callback is substituted.
*/
struct file *lookup_instantiate_filp(struct nameidata *nd, struct dentry *dentry,
int (*open)(struct inode *, struct file *))
{
struct path path = { .dentry = dentry, .mnt = nd->path.mnt };
const struct cred *cred = current_cred();
if (IS_ERR(nd->intent.open.file))
goto out;
if (IS_ERR(dentry))
goto out_err;
nd->intent.open.file = __dentry_open(&path, nd->intent.open.file,
open, cred);
out:
return nd->intent.open.file;
out_err:
release_open_intent(nd);
nd->intent.open.file = (struct file *)dentry;
goto out;
}
EXPORT_SYMBOL_GPL(lookup_instantiate_filp);
/**
* nameidata_to_filp - convert a nameidata to an open filp.
* @nd: pointer to nameidata
* @flags: open flags
*
* Note that this function destroys the original nameidata
*/
struct file *nameidata_to_filp(struct nameidata *nd)
{
const struct cred *cred = current_cred();
struct file *filp;
/* Pick up the filp from the open intent */
filp = nd->intent.open.file;
nd->intent.open.file = NULL;
/* Has the filesystem initialised the file for us? */
if (filp->f_path.dentry == NULL) {
struct inode *inode = nd->path.dentry->d_inode;
if (inode->i_op->open) {
int flags = filp->f_flags;
put_filp(filp);
filp = inode->i_op->open(nd->path.dentry, flags, cred);
} else {
filp = __dentry_open(&nd->path, filp, NULL, cred);
}
}
return filp;
}
/*
* dentry_open() will have done dput(dentry) and mntput(mnt) if it returns an
* error.
*/
struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags,
const struct cred *cred)
{
struct path path = { .dentry = dentry, .mnt = mnt };
struct file *ret;
/* We must always pass in a valid mount pointer. */
BUG_ON(!mnt);
ret = vfs_open(&path, flags, cred);
path_put(&path);
return ret;
}
EXPORT_SYMBOL(dentry_open);
/**
* vfs_open - open the file at the given path
* @path: path to open
* @flags: open flags
* @cred: credentials to use
*
* Open the file. If successful, the returned file will have acquired
* an additional reference for path.
*/
struct file *vfs_open(struct path *path, int flags, const struct cred *cred)
{
struct file *f;
struct inode *inode = path->dentry->d_inode;
validate_creds(cred);
if (inode->i_op->open)
return inode->i_op->open(path->dentry, flags, cred);
f = get_empty_filp();
if (f == NULL)
return ERR_PTR(-ENFILE);
f->f_flags = flags;
return __dentry_open(path, f, NULL, cred);
}
EXPORT_SYMBOL(vfs_open);
static void __put_unused_fd(struct files_struct *files, unsigned int fd)
{
struct fdtable *fdt = files_fdtable(files);
__FD_CLR(fd, fdt->open_fds);
if (fd < files->next_fd)
files->next_fd = fd;
}
void put_unused_fd(unsigned int fd)
{
struct files_struct *files = current->files;
spin_lock(&files->file_lock);
__put_unused_fd(files, fd);
spin_unlock(&files->file_lock);
}
EXPORT_SYMBOL(put_unused_fd);
/*
* Install a file pointer in the fd array.
*
* The VFS is full of places where we drop the files lock between
* setting the open_fds bitmap and installing the file in the file
* array. At any such point, we are vulnerable to a dup2() race
* installing a file in the array before us. We need to detect this and
* fput() the struct file we are about to overwrite in this case.
*
* It should never happen - if we allow dup2() do it, _really_ bad things
* will follow.
*/
void fd_install(unsigned int fd, struct file *file)
{
struct files_struct *files = current->files;
struct fdtable *fdt;
spin_lock(&files->file_lock);
fdt = files_fdtable(files);
BUG_ON(fdt->fd[fd] != NULL);
rcu_assign_pointer(fdt->fd[fd], file);
spin_unlock(&files->file_lock);
}
EXPORT_SYMBOL(fd_install);
static inline int build_open_flags(int flags, int mode, struct open_flags *op)
{
int lookup_flags = 0;
int acc_mode;
if (!(flags & O_CREAT))
mode = 0;
op->mode = mode;
/* Must never be set by userspace */
flags &= ~FMODE_NONOTIFY;
/*
* O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only
* check for O_DSYNC if the need any syncing at all we enforce it's
* always set instead of having to deal with possibly weird behaviour
* for malicious applications setting only __O_SYNC.
*/
if (flags & __O_SYNC)
flags |= O_DSYNC;
/*
* If we have O_PATH in the open flag. Then we
* cannot have anything other than the below set of flags
*/
if (flags & O_PATH) {
flags &= O_DIRECTORY | O_NOFOLLOW | O_PATH;
acc_mode = 0;
} else {
acc_mode = MAY_OPEN | ACC_MODE(flags);
}
op->open_flag = flags;
/* O_TRUNC implies we need access checks for write permissions */
if (flags & O_TRUNC)
acc_mode |= MAY_WRITE;
/* Allow the LSM permission hook to distinguish append
access from general write access. */
if (flags & O_APPEND)
acc_mode |= MAY_APPEND;
op->acc_mode = acc_mode;
op->intent = flags & O_PATH ? 0 : LOOKUP_OPEN;
if (flags & O_CREAT) {
op->intent |= LOOKUP_CREATE;
if (flags & O_EXCL)
op->intent |= LOOKUP_EXCL;
}
if (flags & O_DIRECTORY)
lookup_flags |= LOOKUP_DIRECTORY;
if (!(flags & O_NOFOLLOW))
lookup_flags |= LOOKUP_FOLLOW;
return lookup_flags;
}
/*
* There is no need to lock the esdfs_super_info's rwsem as there is no
* way anyone can have a reference to the superblock at this point in time.
*/
static int esdfs_read_super(struct super_block *sb, const char *dev_name,
void *raw_data, int silent)
{
int err = 0;
struct super_block *lower_sb;
struct path lower_path;
struct esdfs_sb_info *sbi;
struct inode *inode;
if (!dev_name) {
esdfs_msg(sb, KERN_ERR, "missing dev_name argument\n");
err = -EINVAL;
goto out;
}
/* parse lower path */
err = kern_path(dev_name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
&lower_path);
if (err) {
esdfs_msg(sb, KERN_ERR, "error accessing lower directory '%s'\n",
dev_name);
goto out;
}
/* allocate superblock private data */
sb->s_fs_info = kzalloc(sizeof(struct esdfs_sb_info), GFP_KERNEL);
sbi = ESDFS_SB(sb);
if (!sbi) {
esdfs_msg(sb, KERN_CRIT, "read_super: out of memory\n");
err = -ENOMEM;
goto out_pput;
}
/* set defaults and then parse the mount options */
memcpy(&sbi->lower_perms,
&esdfs_perms_table[ESDFS_PERMS_LOWER_DEFAULT],
sizeof(struct esdfs_perms));
memcpy(&sbi->upper_perms,
&esdfs_perms_table[ESDFS_PERMS_UPPER_LEGACY],
sizeof(struct esdfs_perms));
err = parse_options(sb, (char *)raw_data);
if (err)
goto out_free;
/* set the lower superblock field of upper superblock */
lower_sb = lower_path.dentry->d_sb;
atomic_inc(&lower_sb->s_active);
esdfs_set_lower_super(sb, lower_sb);
/* inherit maxbytes from lower file system */
sb->s_maxbytes = lower_sb->s_maxbytes;
/*
* Our c/m/atime granularity is 1 ns because we may stack on file
* systems whose granularity is as good.
*/
sb->s_time_gran = 1;
sb->s_op = &esdfs_sops;
/* get a new inode and allocate our root dentry */
inode = esdfs_iget(sb, lower_path.dentry->d_inode);
if (IS_ERR(inode)) {
err = PTR_ERR(inode);
goto out_sput;
}
sb->s_root = d_make_root(inode);
if (!sb->s_root) {
err = -ENOMEM;
goto out_iput;
}
d_set_d_op(sb->s_root, &esdfs_dops);
/* link the upper and lower dentries */
sb->s_root->d_fsdata = NULL;
err = new_dentry_private_data(sb->s_root);
if (err)
goto out_freeroot;
/* if get here: cannot have error */
/* set the lower dentries for s_root */
esdfs_set_lower_path(sb->s_root, &lower_path);
#ifdef CONFIG_SECURITY_SELINUX
security_secctx_to_secid(ESDFS_LOWER_SECCTX,
strlen(ESDFS_LOWER_SECCTX),
&sbi->lower_secid);
#endif
/*
* No need to call interpose because we already have a positive
* dentry, which was instantiated by d_make_root. Just need to
* d_rehash it.
*/
d_rehash(sb->s_root);
if (!silent)
esdfs_msg(sb, KERN_INFO, "mounted on top of %s type %s\n",
dev_name, lower_sb->s_type->name);
if (!ESDFS_DERIVE_PERMS(sbi))
goto out;
/* let user know that we ignore this option in derived mode */
if (memcmp(&sbi->upper_perms,
&esdfs_perms_table[ESDFS_PERMS_UPPER_LEGACY],
sizeof(struct esdfs_perms)))
esdfs_msg(sb, KERN_WARNING, "'upper' mount option ignored in derived mode\n");
/* all derived modes start with the same, basic root */
memcpy(&sbi->upper_perms,
&esdfs_perms_table[ESDFS_PERMS_UPPER_DERIVED],
sizeof(struct esdfs_perms));
/*
* In Android 3.0 all user conent in the emulated storage tree was
* stored in /data/media. Android 4.2 introduced multi-user support,
* which required that the primary user's content be migrated from
* /data/media to /data/media/0. The framework then uses bind mounts
* to create per-process namespaces to isolate each user's tree at
* /data/media/N. This approach of having each user in a common root
* is now considered "legacy" by the sdcard service.
*/
if (test_opt(sbi, DERIVE_LEGACY)) {
ESDFS_I(inode)->tree = ESDFS_TREE_ROOT_LEGACY;
sbi->obb_parent = dget(sb->s_root);
/*
* Android 4.4 reorganized this sturcture yet again, so that the
* primary user's content was again at the root. Secondary users'
* content is found in Android/user/N. Emulated internal storage still
* seems to use the legacy tree, but secondary external storage uses
* this method.
*/
} else if (test_opt(sbi, DERIVE_UNIFIED))
ESDFS_I(inode)->tree = ESDFS_TREE_ROOT;
/*
* Later versions of Android organize user content using quantum
* entanglement, which has a low probability of being supported by
* this driver.
*/
else
esdfs_msg(sb, KERN_WARNING, "unsupported derived permissions mode\n");
/* initialize root inode */
esdfs_derive_perms(sb->s_root);
goto out;
out_freeroot:
dput(sb->s_root);
out_iput:
iput(inode);
out_sput:
/* drop refs we took earlier */
atomic_dec(&lower_sb->s_active);
out_free:
kfree(ESDFS_SB(sb));
sb->s_fs_info = NULL;
out_pput:
path_put(&lower_path);
out:
return err;
}
static void*
cifs_dfs_follow_mountpoint(struct dentry *dentry, struct nameidata *nd)
{
struct dfs_info3_param *referrals = NULL;
unsigned int num_referrals = 0;
struct cifs_sb_info *cifs_sb;
struct cifsSesInfo *ses;
char *full_path = NULL;
int xid, i;
int rc = 0;
struct vfsmount *mnt = ERR_PTR(-ENOENT);
cFYI(1, ("in %s", __func__));
BUG_ON(IS_ROOT(dentry));
xid = GetXid();
dput(nd->path.dentry);
nd->path.dentry = dget(dentry);
cifs_sb = CIFS_SB(dentry->d_inode->i_sb);
ses = cifs_sb->tcon->ses;
if (!ses) {
rc = -EINVAL;
goto out_err;
}
full_path = build_path_from_dentry(dentry);
if (full_path == NULL) {
rc = -ENOMEM;
goto out_err;
}
rc = get_dfs_path(xid, ses , full_path, cifs_sb->local_nls,
&num_referrals, &referrals,
cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
for (i = 0; i < num_referrals; i++) {
dump_referral(referrals+i);
/* connect to a storage node */
if (referrals[i].flags & DFSREF_STORAGE_SERVER) {
int len;
len = strlen(referrals[i].node_name);
if (len < 2) {
cERROR(1, ("%s: Net Address path too short: %s",
__func__, referrals[i].node_name));
rc = -EINVAL;
goto out_err;
}
mnt = cifs_dfs_do_refmount(nd->path.mnt,
nd->path.dentry,
referrals + i);
cFYI(1, ("%s: cifs_dfs_do_refmount:%s , mnt:%p",
__func__,
referrals[i].node_name, mnt));
/* complete mount procedure if we accured submount */
if (!IS_ERR(mnt))
break;
}
}
/* we need it cause for() above could exit without valid submount */
rc = PTR_ERR(mnt);
if (IS_ERR(mnt))
goto out_err;
nd->path.mnt->mnt_flags |= MNT_SHRINKABLE;
rc = add_mount_helper(mnt, nd, &cifs_dfs_automount_list);
out:
FreeXid(xid);
free_dfs_info_array(referrals, num_referrals);
kfree(full_path);
cFYI(1, ("leaving %s" , __func__));
return ERR_PTR(rc);
out_err:
path_put(&nd->path);
goto out;
}
static int do_dentry_open(struct file *f,
struct inode *inode,
int (*open)(struct inode *, struct file *),
const struct cred *cred)
{
static const struct file_operations empty_fops = {};
int error;
f->f_mode = OPEN_FMODE(f->f_flags) | FMODE_LSEEK |
FMODE_PREAD | FMODE_PWRITE;
path_get(&f->f_path);
f->f_inode = inode;
f->f_mapping = inode->i_mapping;
if (unlikely(f->f_flags & O_PATH)) {
f->f_mode = FMODE_PATH;
f->f_op = &empty_fops;
return 0;
}
if (f->f_mode & FMODE_WRITE && !special_file(inode->i_mode)) {
error = get_write_access(inode);
if (unlikely(error))
goto cleanup_file;
error = __mnt_want_write(f->f_path.mnt);
if (unlikely(error)) {
put_write_access(inode);
goto cleanup_file;
}
f->f_mode |= FMODE_WRITER;
}
/* POSIX.1-2008/SUSv4 Section XSI 2.9.7 */
if (S_ISREG(inode->i_mode))
f->f_mode |= FMODE_ATOMIC_POS;
f->f_op = fops_get(inode->i_fop);
if (unlikely(WARN_ON(!f->f_op))) {
error = -ENODEV;
goto cleanup_all;
}
error = security_file_open(f, cred);
if (error)
goto cleanup_all;
error = break_lease(inode, f->f_flags);
if (error)
goto cleanup_all;
if (!open)
open = f->f_op->open;
if (open) {
error = open(inode, f);
if (error)
goto cleanup_all;
}
if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
i_readcount_inc(inode);
if ((f->f_mode & FMODE_READ) &&
likely(f->f_op->read || f->f_op->read_iter))
f->f_mode |= FMODE_CAN_READ;
if ((f->f_mode & FMODE_WRITE) &&
likely(f->f_op->write || f->f_op->write_iter))
f->f_mode |= FMODE_CAN_WRITE;
f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping);
return 0;
cleanup_all:
fops_put(f->f_op);
if (f->f_mode & FMODE_WRITER) {
put_write_access(inode);
__mnt_drop_write(f->f_path.mnt);
}
cleanup_file:
path_put(&f->f_path);
f->f_path.mnt = NULL;
f->f_path.dentry = NULL;
f->f_inode = NULL;
return error;
}
/*
* There is no need to lock the wrapfs_super_info's rwsem as there is no
* way anyone can have a reference to the superblock at this point in time.
*/
static int wrapfs_read_super(struct super_block *sb, void *raw_data, int silent)
{
int err = 0;
struct super_block *lower_sb;
struct path lower_path;
char *dev_name = (char *) raw_data;
struct inode *inode;
if (!dev_name) {
printk(KERN_ERR
"wrapfs: read_super: missing dev_name argument\n");
err = -EINVAL;
goto out;
}
/* parse lower path */
err = kern_path(dev_name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
&lower_path);
if (err) {
printk(KERN_ERR "wrapfs: error accessing "
"lower directory '%s'\n", dev_name);
goto out;
}
/* allocate superblock private data */
sb->s_fs_info = kzalloc(sizeof(struct wrapfs_sb_info), GFP_KERNEL);
if (!WRAPFS_SB(sb)) {
printk(KERN_CRIT "wrapfs: read_super: out of memory\n");
err = -ENOMEM;
goto out_free;
}
/* set the lower superblock field of upper superblock */
lower_sb = lower_path.dentry->d_sb;
atomic_inc(&lower_sb->s_active);
wrapfs_set_lower_super(sb, lower_sb);
/* inherit maxbytes from lower file system */
sb->s_maxbytes = lower_sb->s_maxbytes;
/*
* Our c/m/atime granularity is 1 ns because we may stack on file
* systems whose granularity is as good.
*/
sb->s_time_gran = 1;
sb->s_op = &wrapfs_sops;
/* get a new inode and allocate our root dentry */
inode = wrapfs_iget(sb, lower_path.dentry->d_inode);
if (IS_ERR(inode)) {
err = PTR_ERR(inode);
goto out_sput;
}
sb->s_root = d_alloc_root(inode);
if (!sb->s_root) {
err = -ENOMEM;
goto out_iput;
}
d_set_d_op(sb->s_root, &wrapfs_dops);
/* link the upper and lower dentries */
sb->s_root->d_fsdata = NULL;
err = new_dentry_private_data(sb->s_root);
if (err)
goto out_freeroot;
/* if get here: cannot have error */
/* set the lower dentries for s_root */
wrapfs_set_lower_path(sb->s_root, &lower_path);
/*
* No need to call interpose because we already have a positive
* dentry, which was instantiated by d_alloc_root. Just need to
* d_rehash it.
*/
d_rehash(sb->s_root);
if (!silent)
printk(KERN_INFO
"wrapfs: mounted on top of %s type %s\n",
dev_name, lower_sb->s_type->name);
goto out; /* all is well */
/* no longer needed: free_dentry_private_data(sb->s_root); */
out_freeroot:
dput(sb->s_root);
out_iput:
iput(inode);
out_sput:
/* drop refs we took earlier */
atomic_dec(&lower_sb->s_active);
kfree(WRAPFS_SB(sb));
sb->s_fs_info = NULL;
out_free:
path_put(&lower_path);
out:
return err;
}
/*
* Safely creates '/proc/systemtap' (if necessary) and
* '/proc/systemtap/{module_name}'.
*
* NB: this function is suitable to call from early in the the
* module-init function, and doesn't rely on any other facilities
* in our runtime. PR19833. See also PR15408.
*/
static int _stp_mkdir_proc_module(void)
{
int found = 0;
static char proc_root_name[STP_MODULE_NAME_LEN + sizeof("systemtap/")];
#if defined(STAPCONF_PATH_LOOKUP) || defined(STAPCONF_KERN_PATH_PARENT)
struct nameidata nd;
#else /* STAPCONF_VFS_PATH_LOOKUP or STAPCONF_KERN_PATH */
struct path path;
#if defined(STAPCONF_VFS_PATH_LOOKUP)
struct vfsmount *mnt;
#endif
int rc;
#endif /* STAPCONF_VFS_PATH_LOOKUP or STAPCONF_KERN_PATH */
if (_stp_proc_root != NULL)
return 0;
#if defined(STAPCONF_PATH_LOOKUP) || defined(STAPCONF_KERN_PATH_PARENT)
/* Why "/proc/systemtap/foo"? kern_path_parent() is basically
* the same thing as calling the old path_lookup() with flags
* set to LOOKUP_PARENT, which means to look up the parent of
* the path, which in this case is "/proc/systemtap". */
if (! kern_path_parent("/proc/systemtap/foo", &nd)) {
found = 1;
#ifdef STAPCONF_NAMEIDATA_CLEANUP
path_put(&nd.path);
#else /* !STAPCONF_NAMEIDATA_CLEANUP */
path_release(&nd);
#endif /* !STAPCONF_NAMEIDATA_CLEANUP */
}
#elif defined(STAPCONF_KERN_PATH)
/* Prefer kern_path() over vfs_path_lookup(), since on some
* kernels the declaration for vfs_path_lookup() was moved to
* a private header. */
/* See if '/proc/systemtap' exists. */
rc = kern_path("/proc/systemtap", 0, &path);
if (rc == 0) {
found = 1;
path_put (&path);
}
#else /* STAPCONF_VFS_PATH_LOOKUP */
/* See if '/proc/systemtap' exists. */
if (! init_pid_ns.proc_mnt) {
errk("Unable to create '/proc/systemap':"
" '/proc' doesn't exist.\n");
goto done;
}
mnt = init_pid_ns.proc_mnt;
rc = vfs_path_lookup(mnt->mnt_root, mnt, "systemtap", 0, &path);
if (rc == 0) {
found = 1;
path_put (&path);
}
#endif /* STAPCONF_VFS_PATH_LOOKUP */
/* If we couldn't find "/proc/systemtap", create it. */
if (!found) {
struct proc_dir_entry *de;
de = proc_mkdir ("systemtap", NULL);
if (de == NULL) {
errk("Unable to create '/proc/systemap':"
" proc_mkdir failed.\n");
goto done;
}
}
/* Create the "systemtap/{module_name} directory in procfs. */
strlcpy(proc_root_name, "systemtap/", sizeof(proc_root_name));
strlcat(proc_root_name, THIS_MODULE->name, sizeof(proc_root_name));
_stp_proc_root = proc_mkdir(proc_root_name, NULL);
#ifdef STAPCONF_PROCFS_OWNER
if (_stp_proc_root != NULL)
_stp_proc_root->owner = THIS_MODULE;
#endif
if (_stp_proc_root == NULL)
errk("Unable to create '/proc/systemap/%s':"
" proc_mkdir failed.\n", THIS_MODULE->name);
done:
return (_stp_proc_root) ? 0 : -EINVAL;
}
/*
* our custom d_alloc_root work-alike
*
* we can't use d_alloc_root if we want to use our own interpose function
* unchanged, so we simply call our own "fake" d_alloc_root
*/
static struct dentry *sdcardfs_d_alloc_root(struct super_block *sb)
{
struct dentry *ret = NULL;
if (sb) {
static const struct qstr name = {
.name = "/",
.len = 1
};
ret = __d_alloc(sb, &name);
if (ret) {
d_set_d_op(ret, &sdcardfs_ci_dops);
ret->d_parent = ret;
}
}
return ret;
}
/*
* There is no need to lock the sdcardfs_super_info's rwsem as there is no
* way anyone can have a reference to the superblock at this point in time.
*/
static int sdcardfs_read_super(struct super_block *sb, const char *dev_name,
void *raw_data, int silent)
{
int err = 0;
int debug;
struct super_block *lower_sb;
struct path lower_path;
struct sdcardfs_sb_info *sb_info;
void *pkgl_id;
printk(KERN_INFO "sdcardfs: version %s\n", SDCARDFS_VERSION);
if (!dev_name) {
printk(KERN_ERR
"sdcardfs: read_super: missing dev_name argument\n");
err = -EINVAL;
goto out;
}
printk(KERN_INFO "sdcardfs: dev_name -> %s\n", dev_name);
printk(KERN_INFO "sdcardfs: options -> %s\n", (char *)raw_data);
/* parse lower path */
err = kern_path(dev_name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
&lower_path);
if (err) {
printk(KERN_ERR "sdcardfs: error accessing "
"lower directory '%s'\n", dev_name);
goto out;
}
/* allocate superblock private data */
sb->s_fs_info = kzalloc(sizeof(struct sdcardfs_sb_info), GFP_KERNEL);
if (!SDCARDFS_SB(sb)) {
printk(KERN_CRIT "sdcardfs: read_super: out of memory\n");
err = -ENOMEM;
goto out_free;
}
sb_info = sb->s_fs_info;
/* parse options */
err = parse_options(sb, raw_data, silent, &debug, &sb_info->options);
if (err) {
printk(KERN_ERR "sdcardfs: invalid options or out of memory\n");
goto out_freesbi;
}
if (sb_info->options.derive != DERIVE_NONE) {
pkgl_id = packagelist_create(sb_info->options.write_gid);
if(IS_ERR(pkgl_id))
goto out_freesbi;
else
sb_info->pkgl_id = pkgl_id;
}
/* set the lower superblock field of upper superblock */
lower_sb = lower_path.dentry->d_sb;
atomic_inc(&lower_sb->s_active);
sdcardfs_set_lower_super(sb, lower_sb);
/* inherit maxbytes from lower file system */
sb->s_maxbytes = lower_sb->s_maxbytes;
/*
* Our c/m/atime granularity is 1 ns because we may stack on file
* systems whose granularity is as good.
*/
sb->s_time_gran = 1;
sb->s_magic = SDCARDFS_SUPER_MAGIC;
sb->s_op = &sdcardfs_sops;
/* see comment next to the definition of sdcardfs_d_alloc_root */
sb->s_root = sdcardfs_d_alloc_root(sb);
if (!sb->s_root) {
err = -ENOMEM;
goto out_sput;
}
/* link the upper and lower dentries */
sb->s_root->d_fsdata = NULL;
err = new_dentry_private_data(sb->s_root);
if (err)
goto out_freeroot;
/* set the lower dentries for s_root */
sdcardfs_set_lower_path(sb->s_root, &lower_path);
/* call interpose to create the upper level inode */
err = sdcardfs_interpose(sb->s_root, sb, &lower_path);
if (!err) {
/* setup permission policy */
switch(sb_info->options.derive) {
case DERIVE_NONE:
setup_derived_state(sb->s_root->d_inode,
PERM_ROOT, 0, AID_ROOT, AID_SDCARD_RW, 00775);
sb_info->obbpath_s = NULL;
break;
case DERIVE_LEGACY:
/* Legacy behavior used to support internal multiuser layout which
* places user_id at the top directory level, with the actual roots
* just below that. Shared OBB path is also at top level. */
setup_derived_state(sb->s_root->d_inode,
PERM_LEGACY_PRE_ROOT, 0, AID_ROOT, AID_SDCARD_R, 00771);
/* initialize the obbpath string and lookup the path
* sb_info->obb_path will be deactivated by path_put
* on sdcardfs_put_super */
sb_info->obbpath_s = kzalloc(PATH_MAX, GFP_KERNEL);
snprintf(sb_info->obbpath_s, PATH_MAX, "%s/obb", dev_name);
err = prepare_dir(sb_info->obbpath_s,
sb_info->options.fs_low_uid,
sb_info->options.fs_low_gid, 00755);
if(err)
printk(KERN_ERR "sdcardfs: %s: %d, error on creating %s\n",
__func__,__LINE__, sb_info->obbpath_s);
break;
case DERIVE_UNIFIED:
/* Unified multiuser layout which places secondary user_id under
* /Android/user and shared OBB path under /Android/obb. */
setup_derived_state(sb->s_root->d_inode,
PERM_ROOT, 0, AID_ROOT, AID_SDCARD_R, 00771);
sb_info->obbpath_s = kzalloc(PATH_MAX, GFP_KERNEL);
snprintf(sb_info->obbpath_s, PATH_MAX, "%s/Android/obb", dev_name);
break;
}
fix_derived_permission(sb->s_root->d_inode);
sb_info->devpath = kzalloc(PATH_MAX, GFP_KERNEL);
if(sb_info->devpath && dev_name)
memcpy(sb_info->devpath, dev_name, PATH_MAX);
if (!silent && !err)
printk(KERN_INFO "sdcardfs: mounted on top of %s type %s\n",
dev_name, lower_sb->s_type->name);
goto out;
}
/* else error: fall through */
free_dentry_private_data(sb->s_root);
out_freeroot:
dput(sb->s_root);
out_sput:
/* drop refs we took earlier */
atomic_dec(&lower_sb->s_active);
packagelist_destroy(sb_info->pkgl_id);
out_freesbi:
kfree(SDCARDFS_SB(sb));
sb->s_fs_info = NULL;
out_free:
path_put(&lower_path);
out:
return err;
}
/*
* parse the dirs= mount argument
*
* We don't need to lock the superblock private data's rwsem, as we get
* called only by unionfs_read_super - it is still a long time before anyone
* can even get a reference to us.
*/
static int parse_dirs_option(struct super_block *sb, struct unionfs_dentry_info
*lower_root_info, char *options)
{
struct path path;
char *name;
int err = 0;
int branches = 1;
int bindex = 0;
int i = 0;
int j = 0;
struct dentry *dent1;
struct dentry *dent2;
if (options[0] == '\0') {
printk(KERN_ERR "unionfs: no branches specified\n");
err = -EINVAL;
goto out_return;
}
/*
* Each colon means we have a separator, this is really just a rough
* guess, since strsep will handle empty fields for us.
*/
for (i = 0; options[i]; i++)
if (options[i] == ':')
branches++;
/* allocate space for underlying pointers to lower dentry */
UNIONFS_SB(sb)->data =
kcalloc(branches, sizeof(struct unionfs_data), GFP_KERNEL);
if (unlikely(!UNIONFS_SB(sb)->data)) {
err = -ENOMEM;
goto out_return;
}
lower_root_info->lower_paths =
kcalloc(branches, sizeof(struct path), GFP_KERNEL);
if (unlikely(!lower_root_info->lower_paths)) {
err = -ENOMEM;
/* free the underlying pointer array */
kfree(UNIONFS_SB(sb)->data);
UNIONFS_SB(sb)->data = NULL;
goto out_return;
}
/* now parsing a string such as "b1:b2=rw:b3=ro:b4" */
branches = 0;
while ((name = strsep(&options, ":")) != NULL) {
int perms;
char *mode = strchr(name, '=');
if (!name)
continue;
if (!*name) { /* bad use of ':' (extra colons) */
err = -EINVAL;
goto out;
}
branches++;
/* strip off '=' if any */
if (mode)
*mode++ = '\0';
err = parse_branch_mode(mode, &perms);
if (err) {
printk(KERN_ERR "unionfs: invalid mode \"%s\" for "
"branch %d\n", mode, bindex);
goto out;
}
/* ensure that leftmost branch is writeable */
if (!bindex && !(perms & MAY_WRITE)) {
printk(KERN_ERR "unionfs: leftmost branch cannot be "
"read-only (use \"-o ro\" to create a "
"read-only union)\n");
err = -EINVAL;
goto out;
}
err = kern_path(name, LOOKUP_FOLLOW, &path);
if (err) {
printk(KERN_ERR "unionfs: error accessing "
"lower directory '%s' (error %d)\n",
name, err);
goto out;
}
err = check_branch(&path);
if (err) {
printk(KERN_ERR "unionfs: lower directory "
"'%s' is not a valid branch\n", name);
path_put(&path);
goto out;
}
lower_root_info->lower_paths[bindex].dentry = path.dentry;
lower_root_info->lower_paths[bindex].mnt = path.mnt;
set_branchperms(sb, bindex, perms);
set_branch_count(sb, bindex, 0);
new_branch_id(sb, bindex);
if (lower_root_info->bstart < 0)
lower_root_info->bstart = bindex;
lower_root_info->bend = bindex;
bindex++;
}
if (branches == 0) {
printk(KERN_ERR "unionfs: no branches specified\n");
err = -EINVAL;
goto out;
}
BUG_ON(branches != (lower_root_info->bend + 1));
/*
* Ensure that no overlaps exist in the branches.
*
* This test is required because the Linux kernel has no support
* currently for ensuring coherency between stackable layers and
* branches. If we were to allow overlapping branches, it would be
* possible, for example, to delete a file via one branch, which
* would not be reflected in another branch. Such incoherency could
* lead to inconsistencies and even kernel oopses. Rather than
* implement hacks to work around some of these cache-coherency
* problems, we prevent branch overlapping, for now. A complete
* solution will involve proper kernel/VFS support for cache
* coherency, at which time we could safely remove this
* branch-overlapping test.
*/
for (i = 0; i < branches; i++) {
dent1 = lower_root_info->lower_paths[i].dentry;
for (j = i + 1; j < branches; j++) {
dent2 = lower_root_info->lower_paths[j].dentry;
if (is_branch_overlap(dent1, dent2)) {
printk(KERN_ERR "unionfs: branches %d and "
"%d overlap\n", i, j);
err = -EINVAL;
goto out;
}
}
}
out:
if (err) {
for (i = 0; i < branches; i++)
path_put(&lower_root_info->lower_paths[i]);
kfree(lower_root_info->lower_paths);
kfree(UNIONFS_SB(sb)->data);
/*
* MUST clear the pointers to prevent potential double free if
* the caller dies later on
*/
lower_root_info->lower_paths = NULL;
UNIONFS_SB(sb)->data = NULL;
}
out_return:
return err;
}
/**
* tomoyo_mount_acl - Check permission for mount() operation.
*
* @r: Pointer to "struct tomoyo_request_info".
* @dev_name: Name of device file. Maybe NULL.
* @dir: Pointer to "struct path".
* @type: Name of filesystem type.
* @flags: Mount options.
*
* Returns 0 on success, negative value otherwise.
*
* Caller holds tomoyo_read_lock().
*/
static int tomoyo_mount_acl(struct tomoyo_request_info *r, char *dev_name,
struct path *dir, const char *type,
unsigned long flags)
{
struct tomoyo_obj_info obj = { };
struct path path;
struct file_system_type *fstype = NULL;
const char *requested_type = NULL;
const char *requested_dir_name = NULL;
const char *requested_dev_name = NULL;
struct tomoyo_path_info rtype;
struct tomoyo_path_info rdev;
struct tomoyo_path_info rdir;
int need_dev = 0;
int error = -ENOMEM;
r->obj = &obj;
/* Get fstype. */
requested_type = tomoyo_encode(type);
if (!requested_type)
goto out;
rtype.name = requested_type;
tomoyo_fill_path_info(&rtype);
/* Get mount point. */
obj.path2 = *dir;
requested_dir_name = tomoyo_realpath_from_path(dir);
if (!requested_dir_name) {
error = -ENOMEM;
goto out;
}
rdir.name = requested_dir_name;
tomoyo_fill_path_info(&rdir);
/* Compare fs name. */
if (type == tomoyo_mounts[TOMOYO_MOUNT_REMOUNT]) {
/* dev_name is ignored. */
} else if (type == tomoyo_mounts[TOMOYO_MOUNT_MAKE_UNBINDABLE] ||
type == tomoyo_mounts[TOMOYO_MOUNT_MAKE_PRIVATE] ||
type == tomoyo_mounts[TOMOYO_MOUNT_MAKE_SLAVE] ||
type == tomoyo_mounts[TOMOYO_MOUNT_MAKE_SHARED]) {
/* dev_name is ignored. */
} else if (type == tomoyo_mounts[TOMOYO_MOUNT_BIND] ||
type == tomoyo_mounts[TOMOYO_MOUNT_MOVE]) {
need_dev = -1; /* dev_name is a directory */
} else {
fstype = get_fs_type(type);
if (!fstype) {
error = -ENODEV;
goto out;
}
if (fstype->fs_flags & FS_REQUIRES_DEV)
/* dev_name is a block device file. */
need_dev = 1;
}
if (need_dev) {
/* Get mount point or device file. */
if (!dev_name || kern_path(dev_name, LOOKUP_FOLLOW, &path)) {
error = -ENOENT;
goto out;
}
obj.path1 = path;
requested_dev_name = tomoyo_realpath_from_path(&path);
if (!requested_dev_name) {
error = -ENOENT;
goto out;
}
} else {
/* Map dev_name to "<NULL>" if no dev_name given. */
if (!dev_name)
dev_name = "<NULL>";
requested_dev_name = tomoyo_encode(dev_name);
if (!requested_dev_name) {
error = -ENOMEM;
goto out;
}
}
rdev.name = requested_dev_name;
tomoyo_fill_path_info(&rdev);
r->param_type = TOMOYO_TYPE_MOUNT_ACL;
r->param.mount.need_dev = need_dev;
r->param.mount.dev = &rdev;
r->param.mount.dir = &rdir;
r->param.mount.type = &rtype;
r->param.mount.flags = flags;
do {
tomoyo_check_acl(r, tomoyo_check_mount_acl);
error = tomoyo_audit_mount_log(r);
} while (error == TOMOYO_RETRY_REQUEST);
out:
kfree(requested_dev_name);
kfree(requested_dir_name);
if (fstype)
put_filesystem(fstype);
kfree(requested_type);
/* Drop refcount obtained by kern_path(). */
if (obj.path1.dentry)
path_put(&obj.path1);
return error;
}
/*
* Parse mount options. See the manual page for usage instructions.
*
* Returns the dentry object of the lower-level (lower) directory;
* We want to mount our stackable file system on top of that lower directory.
*/
static struct unionfs_dentry_info *unionfs_parse_options(
struct super_block *sb,
char *options)
{
struct unionfs_dentry_info *lower_root_info;
char *optname;
int err = 0;
int bindex;
int dirsfound = 0;
/* allocate private data area */
err = -ENOMEM;
lower_root_info =
kzalloc(sizeof(struct unionfs_dentry_info), GFP_KERNEL);
if (unlikely(!lower_root_info))
goto out_error;
lower_root_info->bstart = -1;
lower_root_info->bend = -1;
lower_root_info->bopaque = -1;
while ((optname = strsep(&options, ",")) != NULL) {
char *optarg;
if (!optname || !*optname)
continue;
optarg = strchr(optname, '=');
if (optarg)
*optarg++ = '\0';
/*
* All of our options take an argument now. Insert ones that
* don't, above this check.
*/
if (!optarg) {
printk(KERN_ERR "unionfs: %s requires an argument\n",
optname);
err = -EINVAL;
goto out_error;
}
if (!strcmp("dirs", optname)) {
if (++dirsfound > 1) {
printk(KERN_ERR
"unionfs: multiple dirs specified\n");
err = -EINVAL;
goto out_error;
}
err = parse_dirs_option(sb, lower_root_info, optarg);
if (err)
goto out_error;
continue;
}
err = -EINVAL;
printk(KERN_ERR
"unionfs: unrecognized option '%s'\n", optname);
goto out_error;
}
if (dirsfound != 1) {
printk(KERN_ERR "unionfs: dirs option required\n");
err = -EINVAL;
goto out_error;
}
goto out;
out_error:
if (lower_root_info && lower_root_info->lower_paths) {
for (bindex = lower_root_info->bstart;
bindex >= 0 && bindex <= lower_root_info->bend;
bindex++)
path_put(&lower_root_info->lower_paths[bindex]);
}
kfree(lower_root_info->lower_paths);
kfree(lower_root_info);
kfree(UNIONFS_SB(sb)->data);
UNIONFS_SB(sb)->data = NULL;
lower_root_info = ERR_PTR(err);
out:
return lower_root_info;
}
static long do_sys_truncate(const char __user *pathname, loff_t length)
{
struct path path;
struct inode *inode;
int error;
error = -EINVAL;
if (length < 0) /* sorry, but loff_t says... */
goto out;
error = user_path(pathname, &path);
if (error)
goto out;
inode = path.dentry->d_inode;
/* For directories it's -EISDIR, for other non-regulars - -EINVAL */
error = -EISDIR;
if (S_ISDIR(inode->i_mode))
goto dput_and_out;
error = -EINVAL;
if (!S_ISREG(inode->i_mode))
goto dput_and_out;
error = mnt_want_write(path.mnt);
if (error)
goto dput_and_out;
error = inode_permission(inode, MAY_WRITE);
if (error)
goto mnt_drop_write_and_out;
error = -EPERM;
if (IS_APPEND(inode))
goto mnt_drop_write_and_out;
error = get_write_access(inode);
if (error)
goto mnt_drop_write_and_out;
/*
* Make sure that there are no leases. get_write_access() protects
* against the truncate racing with a lease-granting setlease().
*/
error = break_lease(inode, O_WRONLY);
if (error)
goto put_write_and_out;
error = locks_verify_truncate(inode, NULL, length);
if (!error)
error = security_path_truncate(&path);
if (!error)
error = do_truncate(path.dentry, length, 0, NULL);
put_write_and_out:
put_write_access(inode);
mnt_drop_write_and_out:
mnt_drop_write(path.mnt);
dput_and_out:
path_put(&path);
out:
return error;
}
/*
* There is no need to lock the unionfs_super_info's rwsem as there is no
* way anyone can have a reference to the superblock at this point in time.
*/
static int unionfs_read_super(struct super_block *sb, void *raw_data,
int silent)
{
int err = 0;
struct unionfs_dentry_info *lower_root_info = NULL;
int bindex, bstart, bend;
struct inode *inode = NULL;
if (!raw_data) {
printk(KERN_ERR
"unionfs: read_super: missing data argument\n");
err = -EINVAL;
goto out;
}
/* Allocate superblock private data */
sb->s_fs_info = kzalloc(sizeof(struct unionfs_sb_info), GFP_KERNEL);
if (unlikely(!UNIONFS_SB(sb))) {
printk(KERN_CRIT "unionfs: read_super: out of memory\n");
err = -ENOMEM;
goto out;
}
UNIONFS_SB(sb)->bend = -1;
atomic_set(&UNIONFS_SB(sb)->generation, 1);
init_rwsem(&UNIONFS_SB(sb)->rwsem);
UNIONFS_SB(sb)->high_branch_id = -1; /* -1 == invalid branch ID */
lower_root_info = unionfs_parse_options(sb, raw_data);
if (IS_ERR(lower_root_info)) {
printk(KERN_ERR
"unionfs: read_super: error while parsing options "
"(err = %ld)\n", PTR_ERR(lower_root_info));
err = PTR_ERR(lower_root_info);
lower_root_info = NULL;
goto out_free;
}
if (lower_root_info->bstart == -1) {
err = -ENOENT;
goto out_free;
}
/* set the lower superblock field of upper superblock */
bstart = lower_root_info->bstart;
BUG_ON(bstart != 0);
sbend(sb) = bend = lower_root_info->bend;
for (bindex = bstart; bindex <= bend; bindex++) {
struct dentry *d = lower_root_info->lower_paths[bindex].dentry;
atomic_inc(&d->d_sb->s_active);
unionfs_set_lower_super_idx(sb, bindex, d->d_sb);
}
/* max Bytes is the maximum bytes from highest priority branch */
sb->s_maxbytes = unionfs_lower_super_idx(sb, 0)->s_maxbytes;
/*
* Our c/m/atime granularity is 1 ns because we may stack on file
* systems whose granularity is as good. This is important for our
* time-based cache coherency.
*/
sb->s_time_gran = 1;
sb->s_op = &unionfs_sops;
/* get a new inode and allocate our root dentry */
inode = unionfs_iget(sb, iunique(sb, UNIONFS_ROOT_INO));
if (IS_ERR(inode)) {
err = PTR_ERR(inode);
goto out_dput;
}
sb->s_root = d_make_root(inode);
if (unlikely(!sb->s_root)) {
err = -ENOMEM;
goto out_iput;
}
d_set_d_op(sb->s_root, &unionfs_dops);
/* link the upper and lower dentries */
sb->s_root->d_fsdata = NULL;
err = new_dentry_private_data(sb->s_root, UNIONFS_DMUTEX_ROOT);
if (unlikely(err))
goto out_freedpd;
/* if get here: cannot have error */
/* Set the lower dentries for s_root */
for (bindex = bstart; bindex <= bend; bindex++) {
struct dentry *d;
struct vfsmount *m;
d = lower_root_info->lower_paths[bindex].dentry;
m = lower_root_info->lower_paths[bindex].mnt;
unionfs_set_lower_dentry_idx(sb->s_root, bindex, d);
unionfs_set_lower_mnt_idx(sb->s_root, bindex, m);
}
dbstart(sb->s_root) = bstart;
dbend(sb->s_root) = bend;
/* Set the generation number to one, since this is for the mount. */
atomic_set(&UNIONFS_D(sb->s_root)->generation, 1);
if (atomic_read(&inode->i_count) <= 1)
unionfs_fill_inode(sb->s_root, inode);
/*
* No need to call interpose because we already have a positive
* dentry, which was instantiated by d_alloc_root. Just need to
* d_rehash it.
*/
d_rehash(sb->s_root);
unionfs_unlock_dentry(sb->s_root);
goto out; /* all is well */
out_freedpd:
if (UNIONFS_D(sb->s_root)) {
kfree(UNIONFS_D(sb->s_root)->lower_paths);
free_dentry_private_data(sb->s_root);
}
dput(sb->s_root);
out_iput:
iput(inode);
out_dput:
if (lower_root_info && !IS_ERR(lower_root_info)) {
for (bindex = lower_root_info->bstart;
bindex <= lower_root_info->bend; bindex++) {
struct dentry *d;
d = lower_root_info->lower_paths[bindex].dentry;
/* drop refs we took earlier */
atomic_dec(&d->d_sb->s_active);
path_put(&lower_root_info->lower_paths[bindex]);
}
kfree(lower_root_info->lower_paths);
kfree(lower_root_info);
lower_root_info = NULL;
}
out_free:
kfree(UNIONFS_SB(sb)->data);
kfree(UNIONFS_SB(sb));
sb->s_fs_info = NULL;
out:
if (lower_root_info && !IS_ERR(lower_root_info)) {
kfree(lower_root_info->lower_paths);
kfree(lower_root_info);
}
return err;
}
static void*
cifs_dfs_follow_mountpoint(struct dentry *dentry, struct nameidata *nd)
{
struct dfs_info3_param *referrals = NULL;
unsigned int num_referrals = 0;
struct cifs_sb_info *cifs_sb;
struct cifsSesInfo *ses;
char *full_path = NULL;
int xid, i;
int rc = 0;
struct vfsmount *mnt = ERR_PTR(-ENOENT);
cFYI(1, ("in %s", __func__));
BUG_ON(IS_ROOT(dentry));
xid = GetXid();
dput(nd->path.dentry);
nd->path.dentry = dget(dentry);
cifs_sb = CIFS_SB(dentry->d_inode->i_sb);
ses = cifs_sb->tcon->ses;
if (!ses) {
rc = -EINVAL;
goto out_err;
}
/*
* The MSDFS spec states that paths in DFS referral requests and
* responses must be prefixed by a single '\' character instead of
* the double backslashes usually used in the UNC. This function
* gives us the latter, so we must adjust the result.
*/
full_path = build_path_from_dentry(dentry);
if (full_path == NULL) {
rc = -ENOMEM;
goto out_err;
}
rc = get_dfs_path(xid, ses , full_path + 1, cifs_sb->local_nls,
&num_referrals, &referrals,
cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
for (i = 0; i < num_referrals; i++) {
int len;
dump_referral(referrals+i);
/* connect to a node */
len = strlen(referrals[i].node_name);
if (len < 2) {
cERROR(1, ("%s: Net Address path too short: %s",
__func__, referrals[i].node_name));
rc = -EINVAL;
goto out_err;
}
mnt = cifs_dfs_do_refmount(nd->path.mnt,
nd->path.dentry, referrals + i);
cFYI(1, ("%s: cifs_dfs_do_refmount:%s , mnt:%p", __func__,
referrals[i].node_name, mnt));
/* complete mount procedure if we accured submount */
if (!IS_ERR(mnt))
break;
}
/* we need it cause for() above could exit without valid submount */
rc = PTR_ERR(mnt);
if (IS_ERR(mnt))
goto out_err;
nd->path.mnt->mnt_flags |= MNT_SHRINKABLE;
rc = add_mount_helper(mnt, nd, &cifs_dfs_automount_list);
out:
FreeXid(xid);
free_dfs_info_array(referrals, num_referrals);
kfree(full_path);
cFYI(1, ("leaving %s" , __func__));
return ERR_PTR(rc);
out_err:
path_put(&nd->path);
goto out;
}
static struct file *__dentry_open(struct path *path, struct file *f,
int (*open)(struct inode *, struct file *),
const struct cred *cred)
{
static const struct file_operations empty_fops = {};
struct inode *inode;
int error;
path_get(path);
f->f_mode = OPEN_FMODE(f->f_flags) | FMODE_LSEEK |
FMODE_PREAD | FMODE_PWRITE;
if (unlikely(f->f_flags & O_PATH))
f->f_mode = FMODE_PATH;
inode = path->dentry->d_inode;
if (f->f_mode & FMODE_WRITE) {
error = __get_file_write_access(inode, path->mnt);
if (error)
goto cleanup_file;
if (!special_file(inode->i_mode))
file_take_write(f);
}
f->f_mapping = inode->i_mapping;
f->f_path = *path;
f->f_pos = 0;
file_sb_list_add(f, inode->i_sb);
if (unlikely(f->f_mode & FMODE_PATH)) {
f->f_op = &empty_fops;
return f;
}
f->f_op = fops_get(inode->i_fop);
error = security_dentry_open(f, cred);
if (error)
goto cleanup_all;
if (!open && f->f_op)
open = f->f_op->open;
if (open) {
error = open(inode, f);
if (error)
goto cleanup_all;
}
if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
i_readcount_inc(inode);
f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping);
/* NB: we're sure to have correct a_ops only after f_op->open */
if (f->f_flags & O_DIRECT) {
if (!f->f_mapping->a_ops ||
((!f->f_mapping->a_ops->direct_IO) &&
(!f->f_mapping->a_ops->get_xip_mem))) {
fput(f);
f = ERR_PTR(-EINVAL);
}
}
return f;
cleanup_all:
fops_put(f->f_op);
if (f->f_mode & FMODE_WRITE) {
put_write_access(inode);
if (!special_file(inode->i_mode)) {
/*
* We don't consider this a real
* mnt_want/drop_write() pair
* because it all happenend right
* here, so just reset the state.
*/
file_reset_write(f);
mnt_drop_write(path->mnt);
}
}
file_sb_list_del(f);
f->f_path.dentry = NULL;
f->f_path.mnt = NULL;
cleanup_file:
put_filp(f);
path_put(path);
return ERR_PTR(error);
}
/*
* Check if the given path is a mountpoint.
*
* If we are supplied with the file descriptor of an autofs
* mount we're looking for a specific mount. In this case
* the path is considered a mountpoint if it is itself a
* mountpoint or contains a mount, such as a multi-mount
* without a root mount. In this case we return 1 if the
* path is a mount point and the super magic of the covering
* mount if there is one or 0 if it isn't a mountpoint.
*
* If we aren't supplied with a file descriptor then we
* lookup the nameidata of the path and check if it is the
* root of a mount. If a type is given we are looking for
* a particular autofs mount and if we don't find a match
* we return fail. If the located nameidata path is the
* root of a mount we return 1 along with the super magic
* of the mount or 0 otherwise.
*
* In both cases the the device number (as returned by
* new_encode_dev()) is also returned.
*/
static int autofs_dev_ioctl_ismountpoint(struct file *fp,
struct autofs_sb_info *sbi,
struct autofs_dev_ioctl *param)
{
struct nameidata nd;
const char *path;
unsigned int type;
unsigned int devid, magic;
int err = -ENOENT;
if (param->size <= sizeof(*param)) {
err = -EINVAL;
goto out;
}
path = param->path;
type = param->ismountpoint.in.type;
param->ismountpoint.out.devid = devid = 0;
param->ismountpoint.out.magic = magic = 0;
if (!fp || param->ioctlfd == -1) {
if (autofs_type_any(type)) {
struct super_block *sb;
err = path_lookup(path, LOOKUP_FOLLOW, &nd);
if (err)
goto out;
sb = nd.path.dentry->d_sb;
devid = new_encode_dev(sb->s_dev);
} else {
struct autofs_info *ino;
err = path_lookup(path, LOOKUP_PARENT, &nd);
if (err)
goto out;
err = autofs_dev_ioctl_find_sbi_type(&nd, type);
if (err)
goto out_release;
ino = autofs4_dentry_ino(nd.path.dentry);
devid = autofs4_get_dev(ino->sbi);
}
err = 0;
if (nd.path.dentry->d_inode &&
nd.path.mnt->mnt_root == nd.path.dentry) {
err = 1;
magic = nd.path.dentry->d_inode->i_sb->s_magic;
}
} else {
dev_t dev = autofs4_get_dev(sbi);
err = path_lookup(path, LOOKUP_PARENT, &nd);
if (err)
goto out;
err = autofs_dev_ioctl_find_super(&nd, dev);
if (err)
goto out_release;
devid = dev;
err = have_submounts(nd.path.dentry);
if (nd.path.mnt->mnt_mountpoint != nd.path.mnt->mnt_root) {
if (follow_down(&nd.path.mnt, &nd.path.dentry)) {
struct inode *inode = nd.path.dentry->d_inode;
magic = inode->i_sb->s_magic;
}
}
}
param->ismountpoint.out.devid = devid;
param->ismountpoint.out.magic = magic;
out_release:
path_put(&nd.path);
out:
return err;
}
static int show_vfsmnt(struct seq_file *m, struct vfsmount *mnt)
{
struct mount *r = real_mount(mnt);
int err = 0;
struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
struct super_block *sb = mnt_path.dentry->d_sb;
if (sb->s_op->show_devname) {
err = sb->s_op->show_devname(m, mnt_path.dentry);
if (err)
goto out;
} else {
mangle(m, r->mnt_devname ? r->mnt_devname : "none");
}
seq_putc(m, ' ');
seq_path(m, &mnt_path, " \t\n\\");
seq_putc(m, ' ');
show_type(m, sb);
seq_puts(m, __mnt_is_readonly(mnt) ? " ro" : " rw");
err = show_sb_opts(m, sb);
if (err)
goto out;
show_mnt_opts(m, mnt);
if (sb->s_op->show_options2)
err = sb->s_op->show_options2(mnt, m, mnt_path.dentry);
else if (sb->s_op->show_options)
err = sb->s_op->show_options(m, mnt_path.dentry);
seq_puts(m, " 0 0\n");
out:
return err;
}
static int show_mountinfo(struct seq_file *m, struct vfsmount *mnt)
{
struct proc_mounts *p = proc_mounts(m);
struct mount *r = real_mount(mnt);
struct super_block *sb = mnt->mnt_sb;
struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
struct path root = p->root;
int err = 0;
seq_printf(m, "%i %i %u:%u ", r->mnt_id, r->mnt_parent->mnt_id,
MAJOR(sb->s_dev), MINOR(sb->s_dev));
if (sb->s_op->show_path)
err = sb->s_op->show_path(m, mnt->mnt_root);
else
seq_dentry(m, mnt->mnt_root, " \t\n\\");
if (err)
goto out;
seq_putc(m, ' ');
/* mountpoints outside of chroot jail will give SEQ_SKIP on this */
err = seq_path_root(m, &mnt_path, &root, " \t\n\\");
if (err)
goto out;
seq_puts(m, mnt->mnt_flags & MNT_READONLY ? " ro" : " rw");
show_mnt_opts(m, mnt);
/* Tagged fields ("foo:X" or "bar") */
if (IS_MNT_SHARED(r))
seq_printf(m, " shared:%i", r->mnt_group_id);
if (IS_MNT_SLAVE(r)) {
int master = r->mnt_master->mnt_group_id;
int dom = get_dominating_id(r, &p->root);
seq_printf(m, " master:%i", master);
if (dom && dom != master)
seq_printf(m, " propagate_from:%i", dom);
}
if (IS_MNT_UNBINDABLE(r))
seq_puts(m, " unbindable");
/* Filesystem specific data */
seq_puts(m, " - ");
show_type(m, sb);
seq_putc(m, ' ');
if (sb->s_op->show_devname)
err = sb->s_op->show_devname(m, mnt->mnt_root);
else
mangle(m, r->mnt_devname ? r->mnt_devname : "none");
if (err)
goto out;
seq_puts(m, sb->s_flags & MS_RDONLY ? " ro" : " rw");
err = show_sb_opts(m, sb);
if (err)
goto out;
if (sb->s_op->show_options2) {
err = sb->s_op->show_options2(mnt, m, mnt->mnt_root);
} else if (sb->s_op->show_options)
err = sb->s_op->show_options(m, mnt->mnt_root);
seq_putc(m, '\n');
out:
return err;
}
static int show_vfsstat(struct seq_file *m, struct vfsmount *mnt)
{
struct mount *r = real_mount(mnt);
struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
struct super_block *sb = mnt_path.dentry->d_sb;
int err = 0;
/* device */
if (sb->s_op->show_devname) {
seq_puts(m, "device ");
err = sb->s_op->show_devname(m, mnt_path.dentry);
} else {
if (r->mnt_devname) {
seq_puts(m, "device ");
mangle(m, r->mnt_devname);
} else
seq_puts(m, "no device");
}
/* mount point */
seq_puts(m, " mounted on ");
seq_path(m, &mnt_path, " \t\n\\");
seq_putc(m, ' ');
/* file system type */
seq_puts(m, "with fstype ");
show_type(m, sb);
/* optional statistics */
if (sb->s_op->show_stats) {
seq_putc(m, ' ');
if (!err)
err = sb->s_op->show_stats(m, mnt_path.dentry);
}
seq_putc(m, '\n');
return err;
}
static int mounts_open_common(struct inode *inode, struct file *file,
int (*show)(struct seq_file *, struct vfsmount *))
{
struct task_struct *task = get_proc_task(inode);
struct nsproxy *nsp;
struct mnt_namespace *ns = NULL;
struct path root;
struct proc_mounts *p;
int ret = -EINVAL;
if (!task)
goto err;
rcu_read_lock();
nsp = task_nsproxy(task);
if (!nsp) {
rcu_read_unlock();
put_task_struct(task);
goto err;
}
ns = nsp->mnt_ns;
if (!ns) {
rcu_read_unlock();
put_task_struct(task);
goto err;
}
get_mnt_ns(ns);
rcu_read_unlock();
task_lock(task);
if (!task->fs) {
task_unlock(task);
put_task_struct(task);
ret = -ENOENT;
goto err_put_ns;
}
get_fs_root(task->fs, &root);
task_unlock(task);
put_task_struct(task);
ret = -ENOMEM;
p = kmalloc(sizeof(struct proc_mounts), GFP_KERNEL);
if (!p)
goto err_put_path;
file->private_data = &p->m;
ret = seq_open(file, &mounts_op);
if (ret)
goto err_free;
p->ns = ns;
p->root = root;
p->m.poll_event = ns->event;
p->show = show;
return 0;
err_free:
kfree(p);
err_put_path:
path_put(&root);
err_put_ns:
put_mnt_ns(ns);
err:
return ret;
}
static int mounts_release(struct inode *inode, struct file *file)
{
struct proc_mounts *p = proc_mounts(file->private_data);
path_put(&p->root);
put_mnt_ns(p->ns);
return seq_release(inode, file);
}
static int mounts_open(struct inode *inode, struct file *file)
{
return mounts_open_common(inode, file, show_vfsmnt);
}
static int mountinfo_open(struct inode *inode, struct file *file)
{
return mounts_open_common(inode, file, show_mountinfo);
}
static int mountstats_open(struct inode *inode, struct file *file)
{
return mounts_open_common(inode, file, show_vfsstat);
}
const struct file_operations proc_mounts_operations = {
.open = mounts_open,
.read = seq_read,
.llseek = seq_lseek,
.release = mounts_release,
.poll = mounts_poll,
};
const struct file_operations proc_mountinfo_operations = {
.open = mountinfo_open,
.read = seq_read,
.llseek = seq_lseek,
.release = mounts_release,
.poll = mounts_poll,
};
const struct file_operations proc_mountstats_operations = {
.open = mountstats_open,
.read = seq_read,
.llseek = seq_lseek,
.release = mounts_release,
};