1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0-only
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * dcookies.c
4*4882a593Smuzhiyun *
5*4882a593Smuzhiyun * Copyright 2002 John Levon <levon@movementarian.org>
6*4882a593Smuzhiyun *
7*4882a593Smuzhiyun * Persistent cookie-path mappings. These are used by
8*4882a593Smuzhiyun * profilers to convert a per-task EIP value into something
9*4882a593Smuzhiyun * non-transitory that can be processed at a later date.
10*4882a593Smuzhiyun * This is done by locking the dentry/vfsmnt pair in the
11*4882a593Smuzhiyun * kernel until released by the tasks needing the persistent
12*4882a593Smuzhiyun * objects. The tag is simply an unsigned long that refers
13*4882a593Smuzhiyun * to the pair and can be looked up from userspace.
14*4882a593Smuzhiyun */
15*4882a593Smuzhiyun
16*4882a593Smuzhiyun #include <linux/syscalls.h>
17*4882a593Smuzhiyun #include <linux/export.h>
18*4882a593Smuzhiyun #include <linux/slab.h>
19*4882a593Smuzhiyun #include <linux/list.h>
20*4882a593Smuzhiyun #include <linux/mount.h>
21*4882a593Smuzhiyun #include <linux/capability.h>
22*4882a593Smuzhiyun #include <linux/dcache.h>
23*4882a593Smuzhiyun #include <linux/mm.h>
24*4882a593Smuzhiyun #include <linux/err.h>
25*4882a593Smuzhiyun #include <linux/errno.h>
26*4882a593Smuzhiyun #include <linux/dcookies.h>
27*4882a593Smuzhiyun #include <linux/mutex.h>
28*4882a593Smuzhiyun #include <linux/path.h>
29*4882a593Smuzhiyun #include <linux/compat.h>
30*4882a593Smuzhiyun #include <linux/uaccess.h>
31*4882a593Smuzhiyun
32*4882a593Smuzhiyun /* The dcookies are allocated from a kmem_cache and
33*4882a593Smuzhiyun * hashed onto a small number of lists. None of the
34*4882a593Smuzhiyun * code here is particularly performance critical
35*4882a593Smuzhiyun */
36*4882a593Smuzhiyun struct dcookie_struct {
37*4882a593Smuzhiyun struct path path;
38*4882a593Smuzhiyun struct list_head hash_list;
39*4882a593Smuzhiyun };
40*4882a593Smuzhiyun
41*4882a593Smuzhiyun static LIST_HEAD(dcookie_users);
42*4882a593Smuzhiyun static DEFINE_MUTEX(dcookie_mutex);
43*4882a593Smuzhiyun static struct kmem_cache *dcookie_cache __read_mostly;
44*4882a593Smuzhiyun static struct list_head *dcookie_hashtable __read_mostly;
45*4882a593Smuzhiyun static size_t hash_size __read_mostly;
46*4882a593Smuzhiyun
is_live(void)47*4882a593Smuzhiyun static inline int is_live(void)
48*4882a593Smuzhiyun {
49*4882a593Smuzhiyun return !(list_empty(&dcookie_users));
50*4882a593Smuzhiyun }
51*4882a593Smuzhiyun
52*4882a593Smuzhiyun
53*4882a593Smuzhiyun /* The dentry is locked, its address will do for the cookie */
dcookie_value(struct dcookie_struct * dcs)54*4882a593Smuzhiyun static inline unsigned long dcookie_value(struct dcookie_struct * dcs)
55*4882a593Smuzhiyun {
56*4882a593Smuzhiyun return (unsigned long)dcs->path.dentry;
57*4882a593Smuzhiyun }
58*4882a593Smuzhiyun
59*4882a593Smuzhiyun
dcookie_hash(unsigned long dcookie)60*4882a593Smuzhiyun static size_t dcookie_hash(unsigned long dcookie)
61*4882a593Smuzhiyun {
62*4882a593Smuzhiyun return (dcookie >> L1_CACHE_SHIFT) & (hash_size - 1);
63*4882a593Smuzhiyun }
64*4882a593Smuzhiyun
65*4882a593Smuzhiyun
find_dcookie(unsigned long dcookie)66*4882a593Smuzhiyun static struct dcookie_struct * find_dcookie(unsigned long dcookie)
67*4882a593Smuzhiyun {
68*4882a593Smuzhiyun struct dcookie_struct *found = NULL;
69*4882a593Smuzhiyun struct dcookie_struct * dcs;
70*4882a593Smuzhiyun struct list_head * pos;
71*4882a593Smuzhiyun struct list_head * list;
72*4882a593Smuzhiyun
73*4882a593Smuzhiyun list = dcookie_hashtable + dcookie_hash(dcookie);
74*4882a593Smuzhiyun
75*4882a593Smuzhiyun list_for_each(pos, list) {
76*4882a593Smuzhiyun dcs = list_entry(pos, struct dcookie_struct, hash_list);
77*4882a593Smuzhiyun if (dcookie_value(dcs) == dcookie) {
78*4882a593Smuzhiyun found = dcs;
79*4882a593Smuzhiyun break;
80*4882a593Smuzhiyun }
81*4882a593Smuzhiyun }
82*4882a593Smuzhiyun
83*4882a593Smuzhiyun return found;
84*4882a593Smuzhiyun }
85*4882a593Smuzhiyun
86*4882a593Smuzhiyun
hash_dcookie(struct dcookie_struct * dcs)87*4882a593Smuzhiyun static void hash_dcookie(struct dcookie_struct * dcs)
88*4882a593Smuzhiyun {
89*4882a593Smuzhiyun struct list_head * list = dcookie_hashtable + dcookie_hash(dcookie_value(dcs));
90*4882a593Smuzhiyun list_add(&dcs->hash_list, list);
91*4882a593Smuzhiyun }
92*4882a593Smuzhiyun
93*4882a593Smuzhiyun
alloc_dcookie(const struct path * path)94*4882a593Smuzhiyun static struct dcookie_struct *alloc_dcookie(const struct path *path)
95*4882a593Smuzhiyun {
96*4882a593Smuzhiyun struct dcookie_struct *dcs = kmem_cache_alloc(dcookie_cache,
97*4882a593Smuzhiyun GFP_KERNEL);
98*4882a593Smuzhiyun struct dentry *d;
99*4882a593Smuzhiyun if (!dcs)
100*4882a593Smuzhiyun return NULL;
101*4882a593Smuzhiyun
102*4882a593Smuzhiyun d = path->dentry;
103*4882a593Smuzhiyun spin_lock(&d->d_lock);
104*4882a593Smuzhiyun d->d_flags |= DCACHE_COOKIE;
105*4882a593Smuzhiyun spin_unlock(&d->d_lock);
106*4882a593Smuzhiyun
107*4882a593Smuzhiyun dcs->path = *path;
108*4882a593Smuzhiyun path_get(path);
109*4882a593Smuzhiyun hash_dcookie(dcs);
110*4882a593Smuzhiyun return dcs;
111*4882a593Smuzhiyun }
112*4882a593Smuzhiyun
113*4882a593Smuzhiyun
114*4882a593Smuzhiyun /* This is the main kernel-side routine that retrieves the cookie
115*4882a593Smuzhiyun * value for a dentry/vfsmnt pair.
116*4882a593Smuzhiyun */
get_dcookie(const struct path * path,unsigned long * cookie)117*4882a593Smuzhiyun int get_dcookie(const struct path *path, unsigned long *cookie)
118*4882a593Smuzhiyun {
119*4882a593Smuzhiyun int err = 0;
120*4882a593Smuzhiyun struct dcookie_struct * dcs;
121*4882a593Smuzhiyun
122*4882a593Smuzhiyun mutex_lock(&dcookie_mutex);
123*4882a593Smuzhiyun
124*4882a593Smuzhiyun if (!is_live()) {
125*4882a593Smuzhiyun err = -EINVAL;
126*4882a593Smuzhiyun goto out;
127*4882a593Smuzhiyun }
128*4882a593Smuzhiyun
129*4882a593Smuzhiyun if (path->dentry->d_flags & DCACHE_COOKIE) {
130*4882a593Smuzhiyun dcs = find_dcookie((unsigned long)path->dentry);
131*4882a593Smuzhiyun } else {
132*4882a593Smuzhiyun dcs = alloc_dcookie(path);
133*4882a593Smuzhiyun if (!dcs) {
134*4882a593Smuzhiyun err = -ENOMEM;
135*4882a593Smuzhiyun goto out;
136*4882a593Smuzhiyun }
137*4882a593Smuzhiyun }
138*4882a593Smuzhiyun
139*4882a593Smuzhiyun *cookie = dcookie_value(dcs);
140*4882a593Smuzhiyun
141*4882a593Smuzhiyun out:
142*4882a593Smuzhiyun mutex_unlock(&dcookie_mutex);
143*4882a593Smuzhiyun return err;
144*4882a593Smuzhiyun }
145*4882a593Smuzhiyun
146*4882a593Smuzhiyun
147*4882a593Smuzhiyun /* And here is where the userspace process can look up the cookie value
148*4882a593Smuzhiyun * to retrieve the path.
149*4882a593Smuzhiyun */
do_lookup_dcookie(u64 cookie64,char __user * buf,size_t len)150*4882a593Smuzhiyun static int do_lookup_dcookie(u64 cookie64, char __user *buf, size_t len)
151*4882a593Smuzhiyun {
152*4882a593Smuzhiyun unsigned long cookie = (unsigned long)cookie64;
153*4882a593Smuzhiyun int err = -EINVAL;
154*4882a593Smuzhiyun char * kbuf;
155*4882a593Smuzhiyun char * path;
156*4882a593Smuzhiyun size_t pathlen;
157*4882a593Smuzhiyun struct dcookie_struct * dcs;
158*4882a593Smuzhiyun
159*4882a593Smuzhiyun /* we could leak path information to users
160*4882a593Smuzhiyun * without dir read permission without this
161*4882a593Smuzhiyun */
162*4882a593Smuzhiyun if (!capable(CAP_SYS_ADMIN))
163*4882a593Smuzhiyun return -EPERM;
164*4882a593Smuzhiyun
165*4882a593Smuzhiyun mutex_lock(&dcookie_mutex);
166*4882a593Smuzhiyun
167*4882a593Smuzhiyun if (!is_live()) {
168*4882a593Smuzhiyun err = -EINVAL;
169*4882a593Smuzhiyun goto out;
170*4882a593Smuzhiyun }
171*4882a593Smuzhiyun
172*4882a593Smuzhiyun if (!(dcs = find_dcookie(cookie)))
173*4882a593Smuzhiyun goto out;
174*4882a593Smuzhiyun
175*4882a593Smuzhiyun err = -ENOMEM;
176*4882a593Smuzhiyun kbuf = kmalloc(PAGE_SIZE, GFP_KERNEL);
177*4882a593Smuzhiyun if (!kbuf)
178*4882a593Smuzhiyun goto out;
179*4882a593Smuzhiyun
180*4882a593Smuzhiyun /* FIXME: (deleted) ? */
181*4882a593Smuzhiyun path = d_path(&dcs->path, kbuf, PAGE_SIZE);
182*4882a593Smuzhiyun
183*4882a593Smuzhiyun mutex_unlock(&dcookie_mutex);
184*4882a593Smuzhiyun
185*4882a593Smuzhiyun if (IS_ERR(path)) {
186*4882a593Smuzhiyun err = PTR_ERR(path);
187*4882a593Smuzhiyun goto out_free;
188*4882a593Smuzhiyun }
189*4882a593Smuzhiyun
190*4882a593Smuzhiyun err = -ERANGE;
191*4882a593Smuzhiyun
192*4882a593Smuzhiyun pathlen = kbuf + PAGE_SIZE - path;
193*4882a593Smuzhiyun if (pathlen <= len) {
194*4882a593Smuzhiyun err = pathlen;
195*4882a593Smuzhiyun if (copy_to_user(buf, path, pathlen))
196*4882a593Smuzhiyun err = -EFAULT;
197*4882a593Smuzhiyun }
198*4882a593Smuzhiyun
199*4882a593Smuzhiyun out_free:
200*4882a593Smuzhiyun kfree(kbuf);
201*4882a593Smuzhiyun return err;
202*4882a593Smuzhiyun out:
203*4882a593Smuzhiyun mutex_unlock(&dcookie_mutex);
204*4882a593Smuzhiyun return err;
205*4882a593Smuzhiyun }
206*4882a593Smuzhiyun
SYSCALL_DEFINE3(lookup_dcookie,u64,cookie64,char __user *,buf,size_t,len)207*4882a593Smuzhiyun SYSCALL_DEFINE3(lookup_dcookie, u64, cookie64, char __user *, buf, size_t, len)
208*4882a593Smuzhiyun {
209*4882a593Smuzhiyun return do_lookup_dcookie(cookie64, buf, len);
210*4882a593Smuzhiyun }
211*4882a593Smuzhiyun
212*4882a593Smuzhiyun #ifdef CONFIG_COMPAT
COMPAT_SYSCALL_DEFINE4(lookup_dcookie,u32,w0,u32,w1,char __user *,buf,compat_size_t,len)213*4882a593Smuzhiyun COMPAT_SYSCALL_DEFINE4(lookup_dcookie, u32, w0, u32, w1, char __user *, buf, compat_size_t, len)
214*4882a593Smuzhiyun {
215*4882a593Smuzhiyun #ifdef __BIG_ENDIAN
216*4882a593Smuzhiyun return do_lookup_dcookie(((u64)w0 << 32) | w1, buf, len);
217*4882a593Smuzhiyun #else
218*4882a593Smuzhiyun return do_lookup_dcookie(((u64)w1 << 32) | w0, buf, len);
219*4882a593Smuzhiyun #endif
220*4882a593Smuzhiyun }
221*4882a593Smuzhiyun #endif
222*4882a593Smuzhiyun
dcookie_init(void)223*4882a593Smuzhiyun static int dcookie_init(void)
224*4882a593Smuzhiyun {
225*4882a593Smuzhiyun struct list_head * d;
226*4882a593Smuzhiyun unsigned int i, hash_bits;
227*4882a593Smuzhiyun int err = -ENOMEM;
228*4882a593Smuzhiyun
229*4882a593Smuzhiyun dcookie_cache = kmem_cache_create("dcookie_cache",
230*4882a593Smuzhiyun sizeof(struct dcookie_struct),
231*4882a593Smuzhiyun 0, 0, NULL);
232*4882a593Smuzhiyun
233*4882a593Smuzhiyun if (!dcookie_cache)
234*4882a593Smuzhiyun goto out;
235*4882a593Smuzhiyun
236*4882a593Smuzhiyun dcookie_hashtable = kmalloc(PAGE_SIZE, GFP_KERNEL);
237*4882a593Smuzhiyun if (!dcookie_hashtable)
238*4882a593Smuzhiyun goto out_kmem;
239*4882a593Smuzhiyun
240*4882a593Smuzhiyun err = 0;
241*4882a593Smuzhiyun
242*4882a593Smuzhiyun /*
243*4882a593Smuzhiyun * Find the power-of-two list-heads that can fit into the allocation..
244*4882a593Smuzhiyun * We don't guarantee that "sizeof(struct list_head)" is necessarily
245*4882a593Smuzhiyun * a power-of-two.
246*4882a593Smuzhiyun */
247*4882a593Smuzhiyun hash_size = PAGE_SIZE / sizeof(struct list_head);
248*4882a593Smuzhiyun hash_bits = 0;
249*4882a593Smuzhiyun do {
250*4882a593Smuzhiyun hash_bits++;
251*4882a593Smuzhiyun } while ((hash_size >> hash_bits) != 0);
252*4882a593Smuzhiyun hash_bits--;
253*4882a593Smuzhiyun
254*4882a593Smuzhiyun /*
255*4882a593Smuzhiyun * Re-calculate the actual number of entries and the mask
256*4882a593Smuzhiyun * from the number of bits we can fit.
257*4882a593Smuzhiyun */
258*4882a593Smuzhiyun hash_size = 1UL << hash_bits;
259*4882a593Smuzhiyun
260*4882a593Smuzhiyun /* And initialize the newly allocated array */
261*4882a593Smuzhiyun d = dcookie_hashtable;
262*4882a593Smuzhiyun i = hash_size;
263*4882a593Smuzhiyun do {
264*4882a593Smuzhiyun INIT_LIST_HEAD(d);
265*4882a593Smuzhiyun d++;
266*4882a593Smuzhiyun i--;
267*4882a593Smuzhiyun } while (i);
268*4882a593Smuzhiyun
269*4882a593Smuzhiyun out:
270*4882a593Smuzhiyun return err;
271*4882a593Smuzhiyun out_kmem:
272*4882a593Smuzhiyun kmem_cache_destroy(dcookie_cache);
273*4882a593Smuzhiyun goto out;
274*4882a593Smuzhiyun }
275*4882a593Smuzhiyun
276*4882a593Smuzhiyun
free_dcookie(struct dcookie_struct * dcs)277*4882a593Smuzhiyun static void free_dcookie(struct dcookie_struct * dcs)
278*4882a593Smuzhiyun {
279*4882a593Smuzhiyun struct dentry *d = dcs->path.dentry;
280*4882a593Smuzhiyun
281*4882a593Smuzhiyun spin_lock(&d->d_lock);
282*4882a593Smuzhiyun d->d_flags &= ~DCACHE_COOKIE;
283*4882a593Smuzhiyun spin_unlock(&d->d_lock);
284*4882a593Smuzhiyun
285*4882a593Smuzhiyun path_put(&dcs->path);
286*4882a593Smuzhiyun kmem_cache_free(dcookie_cache, dcs);
287*4882a593Smuzhiyun }
288*4882a593Smuzhiyun
289*4882a593Smuzhiyun
dcookie_exit(void)290*4882a593Smuzhiyun static void dcookie_exit(void)
291*4882a593Smuzhiyun {
292*4882a593Smuzhiyun struct list_head * list;
293*4882a593Smuzhiyun struct list_head * pos;
294*4882a593Smuzhiyun struct list_head * pos2;
295*4882a593Smuzhiyun struct dcookie_struct * dcs;
296*4882a593Smuzhiyun size_t i;
297*4882a593Smuzhiyun
298*4882a593Smuzhiyun for (i = 0; i < hash_size; ++i) {
299*4882a593Smuzhiyun list = dcookie_hashtable + i;
300*4882a593Smuzhiyun list_for_each_safe(pos, pos2, list) {
301*4882a593Smuzhiyun dcs = list_entry(pos, struct dcookie_struct, hash_list);
302*4882a593Smuzhiyun list_del(&dcs->hash_list);
303*4882a593Smuzhiyun free_dcookie(dcs);
304*4882a593Smuzhiyun }
305*4882a593Smuzhiyun }
306*4882a593Smuzhiyun
307*4882a593Smuzhiyun kfree(dcookie_hashtable);
308*4882a593Smuzhiyun kmem_cache_destroy(dcookie_cache);
309*4882a593Smuzhiyun }
310*4882a593Smuzhiyun
311*4882a593Smuzhiyun
312*4882a593Smuzhiyun struct dcookie_user {
313*4882a593Smuzhiyun struct list_head next;
314*4882a593Smuzhiyun };
315*4882a593Smuzhiyun
dcookie_register(void)316*4882a593Smuzhiyun struct dcookie_user * dcookie_register(void)
317*4882a593Smuzhiyun {
318*4882a593Smuzhiyun struct dcookie_user * user;
319*4882a593Smuzhiyun
320*4882a593Smuzhiyun mutex_lock(&dcookie_mutex);
321*4882a593Smuzhiyun
322*4882a593Smuzhiyun user = kmalloc(sizeof(struct dcookie_user), GFP_KERNEL);
323*4882a593Smuzhiyun if (!user)
324*4882a593Smuzhiyun goto out;
325*4882a593Smuzhiyun
326*4882a593Smuzhiyun if (!is_live() && dcookie_init())
327*4882a593Smuzhiyun goto out_free;
328*4882a593Smuzhiyun
329*4882a593Smuzhiyun list_add(&user->next, &dcookie_users);
330*4882a593Smuzhiyun
331*4882a593Smuzhiyun out:
332*4882a593Smuzhiyun mutex_unlock(&dcookie_mutex);
333*4882a593Smuzhiyun return user;
334*4882a593Smuzhiyun out_free:
335*4882a593Smuzhiyun kfree(user);
336*4882a593Smuzhiyun user = NULL;
337*4882a593Smuzhiyun goto out;
338*4882a593Smuzhiyun }
339*4882a593Smuzhiyun
340*4882a593Smuzhiyun
dcookie_unregister(struct dcookie_user * user)341*4882a593Smuzhiyun void dcookie_unregister(struct dcookie_user * user)
342*4882a593Smuzhiyun {
343*4882a593Smuzhiyun mutex_lock(&dcookie_mutex);
344*4882a593Smuzhiyun
345*4882a593Smuzhiyun list_del(&user->next);
346*4882a593Smuzhiyun kfree(user);
347*4882a593Smuzhiyun
348*4882a593Smuzhiyun if (!is_live())
349*4882a593Smuzhiyun dcookie_exit();
350*4882a593Smuzhiyun
351*4882a593Smuzhiyun mutex_unlock(&dcookie_mutex);
352*4882a593Smuzhiyun }
353*4882a593Smuzhiyun
354*4882a593Smuzhiyun EXPORT_SYMBOL_GPL(dcookie_register);
355*4882a593Smuzhiyun EXPORT_SYMBOL_GPL(dcookie_unregister);
356*4882a593Smuzhiyun EXPORT_SYMBOL_GPL(get_dcookie);
357