1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright 2018 Google LLC
4 */
5
6 #include <linux/blkdev.h>
7 #include <linux/compat.h>
8 #include <linux/file.h>
9 #include <linux/fs.h>
10 #include <linux/fs_stack.h>
11 #include <linux/fsnotify.h>
12 #include <linux/fsverity.h>
13 #include <linux/mmap_lock.h>
14 #include <linux/namei.h>
15 #include <linux/parser.h>
16 #include <linux/seq_file.h>
17
18 #include <uapi/linux/incrementalfs.h>
19
20 #include "vfs.h"
21
22 #include "data_mgmt.h"
23 #include "format.h"
24 #include "internal.h"
25 #include "pseudo_files.h"
26 #include "sysfs.h"
27 #include "verity.h"
28
29 static int incfs_remount_fs(struct super_block *sb, int *flags, char *data);
30
31 static int dentry_revalidate(struct dentry *dentry, unsigned int flags);
32 static void dentry_release(struct dentry *d);
33
34 static int iterate_incfs_dir(struct file *file, struct dir_context *ctx);
35 static struct dentry *dir_lookup(struct inode *dir_inode,
36 struct dentry *dentry, unsigned int flags);
37 static int dir_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode);
38 static int dir_unlink(struct inode *dir, struct dentry *dentry);
39 static int dir_link(struct dentry *old_dentry, struct inode *dir,
40 struct dentry *new_dentry);
41 static int dir_rmdir(struct inode *dir, struct dentry *dentry);
42 static int dir_rename(struct inode *old_dir, struct dentry *old_dentry,
43 struct inode *new_dir, struct dentry *new_dentry);
44
45 static int file_open(struct inode *inode, struct file *file);
46 static int file_release(struct inode *inode, struct file *file);
47 static int read_single_page(struct file *f, struct page *page);
48 static long dispatch_ioctl(struct file *f, unsigned int req, unsigned long arg);
49
50 #ifdef CONFIG_COMPAT
51 static long incfs_compat_ioctl(struct file *file, unsigned int cmd,
52 unsigned long arg);
53 #endif
54
55 static struct inode *alloc_inode(struct super_block *sb);
56 static void free_inode(struct inode *inode);
57 static void evict_inode(struct inode *inode);
58
59 static int incfs_setattr(struct dentry *dentry, struct iattr *ia);
60 static int incfs_getattr(const struct path *path,
61 struct kstat *stat, u32 request_mask,
62 unsigned int query_flags);
63 static ssize_t incfs_getxattr(struct dentry *d, const char *name,
64 void *value, size_t size);
65 static ssize_t incfs_setxattr(struct dentry *d, const char *name,
66 const void *value, size_t size, int flags);
67 static ssize_t incfs_listxattr(struct dentry *d, char *list, size_t size);
68
69 static int show_options(struct seq_file *, struct dentry *);
70
71 static const struct super_operations incfs_super_ops = {
72 .statfs = simple_statfs,
73 .remount_fs = incfs_remount_fs,
74 .alloc_inode = alloc_inode,
75 .destroy_inode = free_inode,
76 .evict_inode = evict_inode,
77 .show_options = show_options
78 };
79
dir_rename_wrap(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry,unsigned int flags)80 static int dir_rename_wrap(struct inode *old_dir, struct dentry *old_dentry,
81 struct inode *new_dir, struct dentry *new_dentry,
82 unsigned int flags)
83 {
84 return dir_rename(old_dir, old_dentry, new_dir, new_dentry);
85 }
86
87 static const struct inode_operations incfs_dir_inode_ops = {
88 .lookup = dir_lookup,
89 .mkdir = dir_mkdir,
90 .rename = dir_rename_wrap,
91 .unlink = dir_unlink,
92 .link = dir_link,
93 .rmdir = dir_rmdir,
94 .setattr = incfs_setattr,
95 };
96
97 static const struct file_operations incfs_dir_fops = {
98 .llseek = generic_file_llseek,
99 .read = generic_read_dir,
100 .iterate = iterate_incfs_dir,
101 .open = file_open,
102 .release = file_release,
103 };
104
105 static const struct dentry_operations incfs_dentry_ops = {
106 .d_revalidate = dentry_revalidate,
107 .d_release = dentry_release
108 };
109
110 static const struct address_space_operations incfs_address_space_ops = {
111 .readpage = read_single_page,
112 /* .readpages = readpages */
113 };
114
incfs_fault(struct vm_fault * vmf)115 static vm_fault_t incfs_fault(struct vm_fault *vmf)
116 {
117 vmf->flags &= ~FAULT_FLAG_ALLOW_RETRY;
118 return filemap_fault(vmf);
119 }
120
121 static const struct vm_operations_struct incfs_file_vm_ops = {
122 .fault = incfs_fault,
123 .map_pages = filemap_map_pages,
124 .page_mkwrite = filemap_page_mkwrite,
125 };
126
127 /* This is used for a general mmap of a disk file */
128
incfs_file_mmap(struct file * file,struct vm_area_struct * vma)129 static int incfs_file_mmap(struct file *file, struct vm_area_struct *vma)
130 {
131 struct address_space *mapping = file->f_mapping;
132
133 if (!mapping->a_ops->readpage)
134 return -ENOEXEC;
135 file_accessed(file);
136 vma->vm_ops = &incfs_file_vm_ops;
137 return 0;
138 }
139
140 const struct file_operations incfs_file_ops = {
141 .open = file_open,
142 .release = file_release,
143 .read_iter = generic_file_read_iter,
144 .mmap = incfs_file_mmap,
145 .splice_read = generic_file_splice_read,
146 .llseek = generic_file_llseek,
147 .unlocked_ioctl = dispatch_ioctl,
148 #ifdef CONFIG_COMPAT
149 .compat_ioctl = incfs_compat_ioctl,
150 #endif
151 };
152
153 const struct inode_operations incfs_file_inode_ops = {
154 .setattr = incfs_setattr,
155 .getattr = incfs_getattr,
156 .listxattr = incfs_listxattr
157 };
158
incfs_handler_getxattr(const struct xattr_handler * xh,struct dentry * d,struct inode * inode,const char * name,void * buffer,size_t size,int flags)159 static int incfs_handler_getxattr(const struct xattr_handler *xh,
160 struct dentry *d, struct inode *inode,
161 const char *name, void *buffer, size_t size,
162 int flags)
163 {
164 return incfs_getxattr(d, name, buffer, size);
165 }
166
incfs_handler_setxattr(const struct xattr_handler * xh,struct dentry * d,struct inode * inode,const char * name,const void * buffer,size_t size,int flags)167 static int incfs_handler_setxattr(const struct xattr_handler *xh,
168 struct dentry *d, struct inode *inode,
169 const char *name, const void *buffer,
170 size_t size, int flags)
171 {
172 return incfs_setxattr(d, name, buffer, size, flags);
173 }
174
175 static const struct xattr_handler incfs_xattr_handler = {
176 .prefix = "", /* AKA all attributes */
177 .get = incfs_handler_getxattr,
178 .set = incfs_handler_setxattr,
179 };
180
181 static const struct xattr_handler *incfs_xattr_ops[] = {
182 &incfs_xattr_handler,
183 NULL,
184 };
185
186 struct inode_search {
187 unsigned long ino;
188
189 struct dentry *backing_dentry;
190
191 size_t size;
192
193 bool verity;
194 };
195
196 enum parse_parameter {
197 Opt_read_timeout,
198 Opt_readahead_pages,
199 Opt_rlog_pages,
200 Opt_rlog_wakeup_cnt,
201 Opt_report_uid,
202 Opt_sysfs_name,
203 Opt_err
204 };
205
206 static const match_table_t option_tokens = {
207 { Opt_read_timeout, "read_timeout_ms=%u" },
208 { Opt_readahead_pages, "readahead=%u" },
209 { Opt_rlog_pages, "rlog_pages=%u" },
210 { Opt_rlog_wakeup_cnt, "rlog_wakeup_cnt=%u" },
211 { Opt_report_uid, "report_uid" },
212 { Opt_sysfs_name, "sysfs_name=%s" },
213 { Opt_err, NULL }
214 };
215
free_options(struct mount_options * opts)216 static void free_options(struct mount_options *opts)
217 {
218 kfree(opts->sysfs_name);
219 opts->sysfs_name = NULL;
220 }
221
parse_options(struct mount_options * opts,char * str)222 static int parse_options(struct mount_options *opts, char *str)
223 {
224 substring_t args[MAX_OPT_ARGS];
225 int value;
226 char *position;
227
228 if (opts == NULL)
229 return -EFAULT;
230
231 *opts = (struct mount_options) {
232 .read_timeout_ms = 1000, /* Default: 1s */
233 .readahead_pages = 10,
234 .read_log_pages = 2,
235 .read_log_wakeup_count = 10,
236 };
237
238 if (str == NULL || *str == 0)
239 return 0;
240
241 while ((position = strsep(&str, ",")) != NULL) {
242 int token;
243
244 if (!*position)
245 continue;
246
247 token = match_token(position, option_tokens, args);
248
249 switch (token) {
250 case Opt_read_timeout:
251 if (match_int(&args[0], &value))
252 return -EINVAL;
253 if (value > 3600000)
254 return -EINVAL;
255 opts->read_timeout_ms = value;
256 break;
257 case Opt_readahead_pages:
258 if (match_int(&args[0], &value))
259 return -EINVAL;
260 opts->readahead_pages = value;
261 break;
262 case Opt_rlog_pages:
263 if (match_int(&args[0], &value))
264 return -EINVAL;
265 opts->read_log_pages = value;
266 break;
267 case Opt_rlog_wakeup_cnt:
268 if (match_int(&args[0], &value))
269 return -EINVAL;
270 opts->read_log_wakeup_count = value;
271 break;
272 case Opt_report_uid:
273 opts->report_uid = true;
274 break;
275 case Opt_sysfs_name:
276 opts->sysfs_name = match_strdup(&args[0]);
277 break;
278 default:
279 free_options(opts);
280 return -EINVAL;
281 }
282 }
283
284 return 0;
285 }
286
287 /* Read file size from the attribute. Quicker than reading the header */
read_size_attr(struct dentry * backing_dentry)288 static u64 read_size_attr(struct dentry *backing_dentry)
289 {
290 __le64 attr_value;
291 ssize_t bytes_read;
292
293 bytes_read = vfs_getxattr(backing_dentry, INCFS_XATTR_SIZE_NAME,
294 (char *)&attr_value, sizeof(attr_value));
295
296 if (bytes_read != sizeof(attr_value))
297 return 0;
298
299 return le64_to_cpu(attr_value);
300 }
301
302 /* Read verity flag from the attribute. Quicker than reading the header */
read_verity_attr(struct dentry * backing_dentry)303 static bool read_verity_attr(struct dentry *backing_dentry)
304 {
305 return vfs_getxattr(backing_dentry, INCFS_XATTR_VERITY_NAME, NULL, 0)
306 >= 0;
307 }
308
inode_test(struct inode * inode,void * opaque)309 static int inode_test(struct inode *inode, void *opaque)
310 {
311 struct inode_search *search = opaque;
312 struct inode_info *node = get_incfs_node(inode);
313 struct inode *backing_inode = d_inode(search->backing_dentry);
314
315 if (!node)
316 return 0;
317
318 return node->n_backing_inode == backing_inode &&
319 inode->i_ino == search->ino;
320 }
321
inode_set(struct inode * inode,void * opaque)322 static int inode_set(struct inode *inode, void *opaque)
323 {
324 struct inode_search *search = opaque;
325 struct inode_info *node = get_incfs_node(inode);
326 struct dentry *backing_dentry = search->backing_dentry;
327 struct inode *backing_inode = d_inode(backing_dentry);
328
329 fsstack_copy_attr_all(inode, backing_inode);
330 if (S_ISREG(inode->i_mode)) {
331 u64 size = search->size;
332
333 inode->i_size = size;
334 inode->i_blocks = get_blocks_count_for_size(size);
335 inode->i_mapping->a_ops = &incfs_address_space_ops;
336 inode->i_op = &incfs_file_inode_ops;
337 inode->i_fop = &incfs_file_ops;
338 inode->i_mode &= ~0222;
339 if (search->verity)
340 inode_set_flags(inode, S_VERITY, S_VERITY);
341 } else if (S_ISDIR(inode->i_mode)) {
342 inode->i_size = 0;
343 inode->i_blocks = 1;
344 inode->i_mapping->a_ops = &incfs_address_space_ops;
345 inode->i_op = &incfs_dir_inode_ops;
346 inode->i_fop = &incfs_dir_fops;
347 } else {
348 pr_warn_once("incfs: Unexpected inode type\n");
349 return -EBADF;
350 }
351
352 ihold(backing_inode);
353 node->n_backing_inode = backing_inode;
354 node->n_mount_info = get_mount_info(inode->i_sb);
355 inode->i_ctime = backing_inode->i_ctime;
356 inode->i_mtime = backing_inode->i_mtime;
357 inode->i_atime = backing_inode->i_atime;
358 inode->i_ino = backing_inode->i_ino;
359 if (backing_inode->i_ino < INCFS_START_INO_RANGE) {
360 pr_warn("incfs: ino conflict with backing FS %ld\n",
361 backing_inode->i_ino);
362 }
363
364 return 0;
365 }
366
fetch_regular_inode(struct super_block * sb,struct dentry * backing_dentry)367 static struct inode *fetch_regular_inode(struct super_block *sb,
368 struct dentry *backing_dentry)
369 {
370 struct inode *backing_inode = d_inode(backing_dentry);
371 struct inode_search search = {
372 .ino = backing_inode->i_ino,
373 .backing_dentry = backing_dentry,
374 .size = read_size_attr(backing_dentry),
375 .verity = read_verity_attr(backing_dentry),
376 };
377 struct inode *inode = iget5_locked(sb, search.ino, inode_test,
378 inode_set, &search);
379
380 if (!inode)
381 return ERR_PTR(-ENOMEM);
382
383 if (inode->i_state & I_NEW)
384 unlock_new_inode(inode);
385
386 return inode;
387 }
388
iterate_incfs_dir(struct file * file,struct dir_context * ctx)389 static int iterate_incfs_dir(struct file *file, struct dir_context *ctx)
390 {
391 struct dir_file *dir = get_incfs_dir_file(file);
392 int error = 0;
393 struct mount_info *mi = get_mount_info(file_superblock(file));
394 bool root;
395
396 if (!dir) {
397 error = -EBADF;
398 goto out;
399 }
400
401 root = dir->backing_dir->f_inode
402 == d_inode(mi->mi_backing_dir_path.dentry);
403
404 if (root) {
405 error = emit_pseudo_files(ctx);
406 if (error)
407 goto out;
408 }
409
410 ctx->pos -= PSEUDO_FILE_COUNT;
411 error = iterate_dir(dir->backing_dir, ctx);
412 ctx->pos += PSEUDO_FILE_COUNT;
413 file->f_pos = dir->backing_dir->f_pos;
414 out:
415 if (error)
416 pr_warn("incfs: %s %s %d\n", __func__,
417 file->f_path.dentry->d_name.name, error);
418 return error;
419 }
420
incfs_init_dentry(struct dentry * dentry,struct path * path)421 static int incfs_init_dentry(struct dentry *dentry, struct path *path)
422 {
423 struct dentry_info *d_info = NULL;
424
425 if (!dentry || !path)
426 return -EFAULT;
427
428 d_info = kzalloc(sizeof(*d_info), GFP_NOFS);
429 if (!d_info)
430 return -ENOMEM;
431
432 d_info->backing_path = *path;
433 path_get(path);
434
435 dentry->d_fsdata = d_info;
436 return 0;
437 }
438
open_or_create_special_dir(struct dentry * backing_dir,const char * name,bool * created)439 static struct dentry *open_or_create_special_dir(struct dentry *backing_dir,
440 const char *name,
441 bool *created)
442 {
443 struct dentry *index_dentry;
444 struct inode *backing_inode = d_inode(backing_dir);
445 int err = 0;
446
447 index_dentry = incfs_lookup_dentry(backing_dir, name);
448 if (!index_dentry) {
449 return ERR_PTR(-EINVAL);
450 } else if (IS_ERR(index_dentry)) {
451 return index_dentry;
452 } else if (d_really_is_positive(index_dentry)) {
453 /* Index already exists. */
454 *created = false;
455 return index_dentry;
456 }
457
458 /* Index needs to be created. */
459 inode_lock_nested(backing_inode, I_MUTEX_PARENT);
460 err = vfs_mkdir(backing_inode, index_dentry, 0777);
461 inode_unlock(backing_inode);
462
463 if (err) {
464 dput(index_dentry);
465 return ERR_PTR(err);
466 }
467
468 if (!d_really_is_positive(index_dentry) ||
469 unlikely(d_unhashed(index_dentry))) {
470 dput(index_dentry);
471 return ERR_PTR(-EINVAL);
472 }
473
474 *created = true;
475 return index_dentry;
476 }
477
read_single_page_timeouts(struct data_file * df,struct file * f,int block_index,struct mem_range range,struct mem_range tmp)478 static int read_single_page_timeouts(struct data_file *df, struct file *f,
479 int block_index, struct mem_range range,
480 struct mem_range tmp)
481 {
482 struct mount_info *mi = df->df_mount_info;
483 struct incfs_read_data_file_timeouts timeouts = {
484 .max_pending_time_us = U32_MAX,
485 };
486 int uid = current_uid().val;
487 int i;
488
489 spin_lock(&mi->mi_per_uid_read_timeouts_lock);
490 for (i = 0; i < mi->mi_per_uid_read_timeouts_size /
491 sizeof(*mi->mi_per_uid_read_timeouts); ++i) {
492 struct incfs_per_uid_read_timeouts *t =
493 &mi->mi_per_uid_read_timeouts[i];
494
495 if(t->uid == uid) {
496 timeouts.min_time_us = t->min_time_us;
497 timeouts.min_pending_time_us = t->min_pending_time_us;
498 timeouts.max_pending_time_us = t->max_pending_time_us;
499 break;
500 }
501 }
502 spin_unlock(&mi->mi_per_uid_read_timeouts_lock);
503 if (timeouts.max_pending_time_us == U32_MAX) {
504 u64 read_timeout_us = (u64)mi->mi_options.read_timeout_ms *
505 1000;
506
507 timeouts.max_pending_time_us = read_timeout_us <= U32_MAX ?
508 read_timeout_us : U32_MAX;
509 }
510
511 return incfs_read_data_file_block(range, f, block_index, tmp,
512 &timeouts);
513 }
514
read_single_page(struct file * f,struct page * page)515 static int read_single_page(struct file *f, struct page *page)
516 {
517 loff_t offset = 0;
518 loff_t size = 0;
519 ssize_t bytes_to_read = 0;
520 ssize_t read_result = 0;
521 struct data_file *df = get_incfs_data_file(f);
522 int result = 0;
523 void *page_start;
524 int block_index;
525
526 if (!df) {
527 SetPageError(page);
528 unlock_page(page);
529 return -EBADF;
530 }
531
532 page_start = kmap(page);
533 offset = page_offset(page);
534 block_index = (offset + df->df_mapped_offset) /
535 INCFS_DATA_FILE_BLOCK_SIZE;
536 size = df->df_size;
537
538 if (offset < size) {
539 struct mem_range tmp = {
540 .len = 2 * INCFS_DATA_FILE_BLOCK_SIZE
541 };
542 tmp.data = (u8 *)__get_free_pages(GFP_NOFS, get_order(tmp.len));
543 if (!tmp.data) {
544 read_result = -ENOMEM;
545 goto err;
546 }
547 bytes_to_read = min_t(loff_t, size - offset, PAGE_SIZE);
548
549 read_result = read_single_page_timeouts(df, f, block_index,
550 range(page_start, bytes_to_read), tmp);
551
552 free_pages((unsigned long)tmp.data, get_order(tmp.len));
553 } else {
554 bytes_to_read = 0;
555 read_result = 0;
556 }
557
558 err:
559 if (read_result < 0)
560 result = read_result;
561 else if (read_result < PAGE_SIZE)
562 zero_user(page, read_result, PAGE_SIZE - read_result);
563
564 if (result == 0)
565 SetPageUptodate(page);
566 else
567 SetPageError(page);
568
569 flush_dcache_page(page);
570 kunmap(page);
571 unlock_page(page);
572 return result;
573 }
574
incfs_link(struct dentry * what,struct dentry * where)575 int incfs_link(struct dentry *what, struct dentry *where)
576 {
577 struct dentry *parent_dentry = dget_parent(where);
578 struct inode *pinode = d_inode(parent_dentry);
579 int error = 0;
580
581 inode_lock_nested(pinode, I_MUTEX_PARENT);
582 error = vfs_link(what, pinode, where, NULL);
583 inode_unlock(pinode);
584
585 dput(parent_dentry);
586 return error;
587 }
588
incfs_unlink(struct dentry * dentry)589 int incfs_unlink(struct dentry *dentry)
590 {
591 struct dentry *parent_dentry = dget_parent(dentry);
592 struct inode *pinode = d_inode(parent_dentry);
593 int error = 0;
594
595 inode_lock_nested(pinode, I_MUTEX_PARENT);
596 error = vfs_unlink(pinode, dentry, NULL);
597 inode_unlock(pinode);
598
599 dput(parent_dentry);
600 return error;
601 }
602
incfs_rmdir(struct dentry * dentry)603 static int incfs_rmdir(struct dentry *dentry)
604 {
605 struct dentry *parent_dentry = dget_parent(dentry);
606 struct inode *pinode = d_inode(parent_dentry);
607 int error = 0;
608
609 inode_lock_nested(pinode, I_MUTEX_PARENT);
610 error = vfs_rmdir(pinode, dentry);
611 inode_unlock(pinode);
612
613 dput(parent_dentry);
614 return error;
615 }
616
notify_unlink(struct dentry * dentry,const char * file_id_str,const char * special_directory)617 static void notify_unlink(struct dentry *dentry, const char *file_id_str,
618 const char *special_directory)
619 {
620 struct dentry *root = dentry;
621 struct dentry *file = NULL;
622 struct dentry *dir = NULL;
623 int error = 0;
624 bool take_lock = root->d_parent != root->d_parent->d_parent;
625
626 while (root != root->d_parent)
627 root = root->d_parent;
628
629 if (take_lock)
630 dir = incfs_lookup_dentry(root, special_directory);
631 else
632 dir = lookup_one_len(special_directory, root,
633 strlen(special_directory));
634
635 if (IS_ERR(dir)) {
636 error = PTR_ERR(dir);
637 goto out;
638 }
639 if (d_is_negative(dir)) {
640 error = -ENOENT;
641 goto out;
642 }
643
644 file = incfs_lookup_dentry(dir, file_id_str);
645 if (IS_ERR(file)) {
646 error = PTR_ERR(file);
647 goto out;
648 }
649 if (d_is_negative(file)) {
650 error = -ENOENT;
651 goto out;
652 }
653
654 fsnotify_unlink(d_inode(dir), file);
655 d_delete(file);
656
657 out:
658 if (error)
659 pr_warn("%s failed with error %d\n", __func__, error);
660
661 dput(dir);
662 dput(file);
663 }
664
maybe_delete_incomplete_file(struct file * f,struct data_file * df)665 static void maybe_delete_incomplete_file(struct file *f,
666 struct data_file *df)
667 {
668 struct backing_file_context *bfc;
669 struct mount_info *mi = df->df_mount_info;
670 char *file_id_str = NULL;
671 struct dentry *incomplete_file_dentry = NULL;
672 const struct cred *old_cred = override_creds(mi->mi_owner);
673 int error;
674
675 if (atomic_read(&df->df_data_blocks_written) < df->df_data_block_count)
676 goto out;
677
678 /* Truncate file to remove any preallocated space */
679 bfc = df->df_backing_file_context;
680 if (bfc) {
681 struct file *f = bfc->bc_file;
682
683 if (f) {
684 loff_t size = i_size_read(file_inode(f));
685
686 error = vfs_truncate(&f->f_path, size);
687 if (error)
688 /* No useful action on failure */
689 pr_warn("incfs: Failed to truncate complete file: %d\n",
690 error);
691 }
692 }
693
694 /* This is best effort - there is no useful action to take on failure */
695 file_id_str = file_id_to_str(df->df_id);
696 if (!file_id_str)
697 goto out;
698
699 incomplete_file_dentry = incfs_lookup_dentry(
700 df->df_mount_info->mi_incomplete_dir,
701 file_id_str);
702 if (!incomplete_file_dentry || IS_ERR(incomplete_file_dentry)) {
703 incomplete_file_dentry = NULL;
704 goto out;
705 }
706
707 if (!d_really_is_positive(incomplete_file_dentry))
708 goto out;
709
710 vfs_fsync(df->df_backing_file_context->bc_file, 0);
711 error = incfs_unlink(incomplete_file_dentry);
712 if (error) {
713 pr_warn("incfs: Deleting incomplete file failed: %d\n", error);
714 goto out;
715 }
716
717 notify_unlink(f->f_path.dentry, file_id_str, INCFS_INCOMPLETE_NAME);
718
719 out:
720 dput(incomplete_file_dentry);
721 kfree(file_id_str);
722 revert_creds(old_cred);
723 }
724
ioctl_fill_blocks(struct file * f,void __user * arg)725 static long ioctl_fill_blocks(struct file *f, void __user *arg)
726 {
727 struct incfs_fill_blocks __user *usr_fill_blocks = arg;
728 struct incfs_fill_blocks fill_blocks;
729 struct incfs_fill_block __user *usr_fill_block_array;
730 struct data_file *df = get_incfs_data_file(f);
731 struct incfs_file_data *fd = f->private_data;
732 const ssize_t data_buf_size = 2 * INCFS_DATA_FILE_BLOCK_SIZE;
733 u8 *data_buf = NULL;
734 ssize_t error = 0;
735 int i = 0;
736
737 if (!df)
738 return -EBADF;
739
740 if (!fd || fd->fd_fill_permission != CAN_FILL)
741 return -EPERM;
742
743 if (copy_from_user(&fill_blocks, usr_fill_blocks, sizeof(fill_blocks)))
744 return -EFAULT;
745
746 usr_fill_block_array = u64_to_user_ptr(fill_blocks.fill_blocks);
747 data_buf = (u8 *)__get_free_pages(GFP_NOFS | __GFP_COMP,
748 get_order(data_buf_size));
749 if (!data_buf)
750 return -ENOMEM;
751
752 for (i = 0; i < fill_blocks.count; i++) {
753 struct incfs_fill_block fill_block = {};
754
755 if (copy_from_user(&fill_block, &usr_fill_block_array[i],
756 sizeof(fill_block)) > 0) {
757 error = -EFAULT;
758 break;
759 }
760
761 if (fill_block.data_len > data_buf_size) {
762 error = -E2BIG;
763 break;
764 }
765
766 if (copy_from_user(data_buf, u64_to_user_ptr(fill_block.data),
767 fill_block.data_len) > 0) {
768 error = -EFAULT;
769 break;
770 }
771 fill_block.data = 0; /* To make sure nobody uses it. */
772 if (fill_block.flags & INCFS_BLOCK_FLAGS_HASH) {
773 error = incfs_process_new_hash_block(df, &fill_block,
774 data_buf);
775 } else {
776 error = incfs_process_new_data_block(df, &fill_block,
777 data_buf);
778 }
779 if (error)
780 break;
781 }
782
783 if (data_buf)
784 free_pages((unsigned long)data_buf, get_order(data_buf_size));
785
786 maybe_delete_incomplete_file(f, df);
787
788 /*
789 * Only report the error if no records were processed, otherwise
790 * just return how many were processed successfully.
791 */
792 if (i == 0)
793 return error;
794
795 return i;
796 }
797
ioctl_read_file_signature(struct file * f,void __user * arg)798 static long ioctl_read_file_signature(struct file *f, void __user *arg)
799 {
800 struct incfs_get_file_sig_args __user *args_usr_ptr = arg;
801 struct incfs_get_file_sig_args args = {};
802 u8 *sig_buffer = NULL;
803 size_t sig_buf_size = 0;
804 int error = 0;
805 int read_result = 0;
806 struct data_file *df = get_incfs_data_file(f);
807
808 if (!df)
809 return -EINVAL;
810
811 if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
812 return -EINVAL;
813
814 sig_buf_size = args.file_signature_buf_size;
815 if (sig_buf_size > INCFS_MAX_SIGNATURE_SIZE)
816 return -E2BIG;
817
818 sig_buffer = kzalloc(sig_buf_size, GFP_NOFS | __GFP_COMP);
819 if (!sig_buffer)
820 return -ENOMEM;
821
822 read_result = incfs_read_file_signature(df,
823 range(sig_buffer, sig_buf_size));
824
825 if (read_result < 0) {
826 error = read_result;
827 goto out;
828 }
829
830 if (copy_to_user(u64_to_user_ptr(args.file_signature), sig_buffer,
831 read_result)) {
832 error = -EFAULT;
833 goto out;
834 }
835
836 args.file_signature_len_out = read_result;
837 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
838 error = -EFAULT;
839
840 out:
841 kfree(sig_buffer);
842
843 return error;
844 }
845
ioctl_get_filled_blocks(struct file * f,void __user * arg)846 static long ioctl_get_filled_blocks(struct file *f, void __user *arg)
847 {
848 struct incfs_get_filled_blocks_args __user *args_usr_ptr = arg;
849 struct incfs_get_filled_blocks_args args = {};
850 struct data_file *df = get_incfs_data_file(f);
851 struct incfs_file_data *fd = f->private_data;
852 int error;
853
854 if (!df || !fd)
855 return -EINVAL;
856
857 if (fd->fd_fill_permission != CAN_FILL)
858 return -EPERM;
859
860 if (copy_from_user(&args, args_usr_ptr, sizeof(args)) > 0)
861 return -EINVAL;
862
863 error = incfs_get_filled_blocks(df, fd, &args);
864
865 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
866 return -EFAULT;
867
868 return error;
869 }
870
ioctl_get_block_count(struct file * f,void __user * arg)871 static long ioctl_get_block_count(struct file *f, void __user *arg)
872 {
873 struct incfs_get_block_count_args __user *args_usr_ptr = arg;
874 struct incfs_get_block_count_args args = {};
875 struct data_file *df = get_incfs_data_file(f);
876
877 if (!df)
878 return -EINVAL;
879
880 args.total_data_blocks_out = df->df_data_block_count;
881 args.filled_data_blocks_out = atomic_read(&df->df_data_blocks_written);
882 args.total_hash_blocks_out = df->df_total_block_count -
883 df->df_data_block_count;
884 args.filled_hash_blocks_out = atomic_read(&df->df_hash_blocks_written);
885
886 if (copy_to_user(args_usr_ptr, &args, sizeof(args)))
887 return -EFAULT;
888
889 return 0;
890 }
891
incfs_ioctl_get_flags(struct file * f,void __user * arg)892 static int incfs_ioctl_get_flags(struct file *f, void __user *arg)
893 {
894 u32 flags = IS_VERITY(file_inode(f)) ? FS_VERITY_FL : 0;
895
896 return put_user(flags, (int __user *) arg);
897 }
898
dispatch_ioctl(struct file * f,unsigned int req,unsigned long arg)899 static long dispatch_ioctl(struct file *f, unsigned int req, unsigned long arg)
900 {
901 switch (req) {
902 case INCFS_IOC_FILL_BLOCKS:
903 return ioctl_fill_blocks(f, (void __user *)arg);
904 case INCFS_IOC_READ_FILE_SIGNATURE:
905 return ioctl_read_file_signature(f, (void __user *)arg);
906 case INCFS_IOC_GET_FILLED_BLOCKS:
907 return ioctl_get_filled_blocks(f, (void __user *)arg);
908 case INCFS_IOC_GET_BLOCK_COUNT:
909 return ioctl_get_block_count(f, (void __user *)arg);
910 case FS_IOC_ENABLE_VERITY:
911 return incfs_ioctl_enable_verity(f, (const void __user *)arg);
912 case FS_IOC_GETFLAGS:
913 return incfs_ioctl_get_flags(f, (void __user *) arg);
914 case FS_IOC_MEASURE_VERITY:
915 return incfs_ioctl_measure_verity(f, (void __user *)arg);
916 case FS_IOC_READ_VERITY_METADATA:
917 return incfs_ioctl_read_verity_metadata(f, (void __user *)arg);
918 default:
919 return -EINVAL;
920 }
921 }
922
923 #ifdef CONFIG_COMPAT
incfs_compat_ioctl(struct file * file,unsigned int cmd,unsigned long arg)924 static long incfs_compat_ioctl(struct file *file, unsigned int cmd,
925 unsigned long arg)
926 {
927 switch (cmd) {
928 case FS_IOC32_GETFLAGS:
929 cmd = FS_IOC_GETFLAGS;
930 break;
931 case INCFS_IOC_FILL_BLOCKS:
932 case INCFS_IOC_READ_FILE_SIGNATURE:
933 case INCFS_IOC_GET_FILLED_BLOCKS:
934 case INCFS_IOC_GET_BLOCK_COUNT:
935 case FS_IOC_ENABLE_VERITY:
936 case FS_IOC_MEASURE_VERITY:
937 case FS_IOC_READ_VERITY_METADATA:
938 break;
939 default:
940 return -ENOIOCTLCMD;
941 }
942 return dispatch_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
943 }
944 #endif
945
dir_lookup(struct inode * dir_inode,struct dentry * dentry,unsigned int flags)946 static struct dentry *dir_lookup(struct inode *dir_inode, struct dentry *dentry,
947 unsigned int flags)
948 {
949 struct mount_info *mi = get_mount_info(dir_inode->i_sb);
950 struct dentry *dir_dentry = NULL;
951 struct dentry *backing_dentry = NULL;
952 struct path dir_backing_path = {};
953 struct inode_info *dir_info = get_incfs_node(dir_inode);
954 int err = 0;
955
956 if (!mi || !dir_info || !dir_info->n_backing_inode)
957 return ERR_PTR(-EBADF);
958
959 if (d_inode(mi->mi_backing_dir_path.dentry) ==
960 dir_info->n_backing_inode) {
961 /* We do lookup in the FS root. Show pseudo files. */
962 err = dir_lookup_pseudo_files(dir_inode->i_sb, dentry);
963 if (err != -ENOENT)
964 goto out;
965 err = 0;
966 }
967
968 dir_dentry = dget_parent(dentry);
969 get_incfs_backing_path(dir_dentry, &dir_backing_path);
970 backing_dentry = incfs_lookup_dentry(dir_backing_path.dentry,
971 dentry->d_name.name);
972
973 if (!backing_dentry || IS_ERR(backing_dentry)) {
974 err = IS_ERR(backing_dentry)
975 ? PTR_ERR(backing_dentry)
976 : -EFAULT;
977 backing_dentry = NULL;
978 goto out;
979 } else {
980 struct inode *inode = NULL;
981 struct path backing_path = {
982 .mnt = dir_backing_path.mnt,
983 .dentry = backing_dentry
984 };
985
986 err = incfs_init_dentry(dentry, &backing_path);
987 if (err)
988 goto out;
989
990 if (!d_really_is_positive(backing_dentry)) {
991 /*
992 * No such entry found in the backing dir.
993 * Create a negative entry.
994 */
995 d_add(dentry, NULL);
996 err = 0;
997 goto out;
998 }
999
1000 if (d_inode(backing_dentry)->i_sb !=
1001 dir_info->n_backing_inode->i_sb) {
1002 /*
1003 * Somehow after the path lookup we ended up in a
1004 * different fs mount. If we keep going it's going
1005 * to end badly.
1006 */
1007 err = -EXDEV;
1008 goto out;
1009 }
1010
1011 inode = fetch_regular_inode(dir_inode->i_sb, backing_dentry);
1012 if (IS_ERR(inode)) {
1013 err = PTR_ERR(inode);
1014 goto out;
1015 }
1016
1017 d_add(dentry, inode);
1018 }
1019
1020 out:
1021 dput(dir_dentry);
1022 dput(backing_dentry);
1023 path_put(&dir_backing_path);
1024 if (err)
1025 pr_debug("incfs: %s %s %d\n", __func__,
1026 dentry->d_name.name, err);
1027 return ERR_PTR(err);
1028 }
1029
dir_mkdir(struct inode * dir,struct dentry * dentry,umode_t mode)1030 static int dir_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
1031 {
1032 struct mount_info *mi = get_mount_info(dir->i_sb);
1033 struct inode_info *dir_node = get_incfs_node(dir);
1034 struct dentry *backing_dentry = NULL;
1035 struct path backing_path = {};
1036 int err = 0;
1037
1038
1039 if (!mi || !dir_node || !dir_node->n_backing_inode)
1040 return -EBADF;
1041
1042 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1043 if (err)
1044 return err;
1045
1046 get_incfs_backing_path(dentry, &backing_path);
1047 backing_dentry = backing_path.dentry;
1048
1049 if (!backing_dentry) {
1050 err = -EBADF;
1051 goto path_err;
1052 }
1053
1054 if (backing_dentry->d_parent == mi->mi_index_dir) {
1055 /* Can't create a subdir inside .index */
1056 err = -EBUSY;
1057 goto out;
1058 }
1059
1060 if (backing_dentry->d_parent == mi->mi_incomplete_dir) {
1061 /* Can't create a subdir inside .incomplete */
1062 err = -EBUSY;
1063 goto out;
1064 }
1065 inode_lock_nested(dir_node->n_backing_inode, I_MUTEX_PARENT);
1066 err = vfs_mkdir(dir_node->n_backing_inode, backing_dentry, mode | 0222);
1067 inode_unlock(dir_node->n_backing_inode);
1068 if (!err) {
1069 struct inode *inode = NULL;
1070
1071 if (d_really_is_negative(backing_dentry) ||
1072 unlikely(d_unhashed(backing_dentry))) {
1073 err = -EINVAL;
1074 goto out;
1075 }
1076
1077 inode = fetch_regular_inode(dir->i_sb, backing_dentry);
1078 if (IS_ERR(inode)) {
1079 err = PTR_ERR(inode);
1080 goto out;
1081 }
1082 d_instantiate(dentry, inode);
1083 }
1084
1085 out:
1086 if (d_really_is_negative(dentry))
1087 d_drop(dentry);
1088 path_put(&backing_path);
1089
1090 path_err:
1091 mutex_unlock(&mi->mi_dir_struct_mutex);
1092 if (err)
1093 pr_debug("incfs: %s err:%d\n", __func__, err);
1094 return err;
1095 }
1096
1097 /*
1098 * Delete file referenced by backing_dentry and if appropriate its hardlink
1099 * from .index and .incomplete
1100 */
file_delete(struct mount_info * mi,struct dentry * dentry,struct dentry * backing_dentry,int nlink)1101 static int file_delete(struct mount_info *mi, struct dentry *dentry,
1102 struct dentry *backing_dentry, int nlink)
1103 {
1104 struct dentry *index_file_dentry = NULL;
1105 struct dentry *incomplete_file_dentry = NULL;
1106 /* 2 chars per byte of file ID + 1 char for \0 */
1107 char file_id_str[2 * sizeof(incfs_uuid_t) + 1] = {0};
1108 ssize_t uuid_size = 0;
1109 int error = 0;
1110
1111 WARN_ON(!mutex_is_locked(&mi->mi_dir_struct_mutex));
1112
1113 if (nlink > 3)
1114 goto just_unlink;
1115
1116 uuid_size = vfs_getxattr(backing_dentry, INCFS_XATTR_ID_NAME,
1117 file_id_str, 2 * sizeof(incfs_uuid_t));
1118 if (uuid_size < 0) {
1119 error = uuid_size;
1120 goto out;
1121 }
1122
1123 if (uuid_size != 2 * sizeof(incfs_uuid_t)) {
1124 error = -EBADMSG;
1125 goto out;
1126 }
1127
1128 index_file_dentry = incfs_lookup_dentry(mi->mi_index_dir, file_id_str);
1129 if (IS_ERR(index_file_dentry)) {
1130 error = PTR_ERR(index_file_dentry);
1131 index_file_dentry = NULL;
1132 goto out;
1133 }
1134
1135 if (d_really_is_positive(index_file_dentry) && nlink > 0)
1136 nlink--;
1137
1138 if (nlink > 2)
1139 goto just_unlink;
1140
1141 incomplete_file_dentry = incfs_lookup_dentry(mi->mi_incomplete_dir,
1142 file_id_str);
1143 if (IS_ERR(incomplete_file_dentry)) {
1144 error = PTR_ERR(incomplete_file_dentry);
1145 incomplete_file_dentry = NULL;
1146 goto out;
1147 }
1148
1149 if (d_really_is_positive(incomplete_file_dentry) && nlink > 0)
1150 nlink--;
1151
1152 if (nlink > 1)
1153 goto just_unlink;
1154
1155 if (d_really_is_positive(index_file_dentry)) {
1156 error = incfs_unlink(index_file_dentry);
1157 if (error)
1158 goto out;
1159 notify_unlink(dentry, file_id_str, INCFS_INDEX_NAME);
1160 }
1161
1162 if (d_really_is_positive(incomplete_file_dentry)) {
1163 error = incfs_unlink(incomplete_file_dentry);
1164 if (error)
1165 goto out;
1166 notify_unlink(dentry, file_id_str, INCFS_INCOMPLETE_NAME);
1167 }
1168
1169 just_unlink:
1170 error = incfs_unlink(backing_dentry);
1171
1172 out:
1173 dput(index_file_dentry);
1174 dput(incomplete_file_dentry);
1175 if (error)
1176 pr_debug("incfs: delete_file_from_index err:%d\n", error);
1177 return error;
1178 }
1179
dir_unlink(struct inode * dir,struct dentry * dentry)1180 static int dir_unlink(struct inode *dir, struct dentry *dentry)
1181 {
1182 struct mount_info *mi = get_mount_info(dir->i_sb);
1183 struct path backing_path = {};
1184 struct kstat stat;
1185 int err = 0;
1186
1187 if (!mi)
1188 return -EBADF;
1189
1190 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1191 if (err)
1192 return err;
1193
1194 get_incfs_backing_path(dentry, &backing_path);
1195 if (!backing_path.dentry) {
1196 err = -EBADF;
1197 goto path_err;
1198 }
1199
1200 if (backing_path.dentry->d_parent == mi->mi_index_dir) {
1201 /* Direct unlink from .index are not allowed. */
1202 err = -EBUSY;
1203 goto out;
1204 }
1205
1206 if (backing_path.dentry->d_parent == mi->mi_incomplete_dir) {
1207 /* Direct unlink from .incomplete are not allowed. */
1208 err = -EBUSY;
1209 goto out;
1210 }
1211
1212 err = vfs_getattr(&backing_path, &stat, STATX_NLINK,
1213 AT_STATX_SYNC_AS_STAT);
1214 if (err)
1215 goto out;
1216
1217 err = file_delete(mi, dentry, backing_path.dentry, stat.nlink);
1218
1219 d_drop(dentry);
1220 out:
1221 path_put(&backing_path);
1222 path_err:
1223 if (err)
1224 pr_debug("incfs: %s err:%d\n", __func__, err);
1225 mutex_unlock(&mi->mi_dir_struct_mutex);
1226 return err;
1227 }
1228
dir_link(struct dentry * old_dentry,struct inode * dir,struct dentry * new_dentry)1229 static int dir_link(struct dentry *old_dentry, struct inode *dir,
1230 struct dentry *new_dentry)
1231 {
1232 struct mount_info *mi = get_mount_info(dir->i_sb);
1233 struct path backing_old_path = {};
1234 struct path backing_new_path = {};
1235 int error = 0;
1236
1237 if (!mi)
1238 return -EBADF;
1239
1240 error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1241 if (error)
1242 return error;
1243
1244 get_incfs_backing_path(old_dentry, &backing_old_path);
1245 get_incfs_backing_path(new_dentry, &backing_new_path);
1246
1247 if (backing_new_path.dentry->d_parent == mi->mi_index_dir) {
1248 /* Can't link to .index */
1249 error = -EBUSY;
1250 goto out;
1251 }
1252
1253 if (backing_new_path.dentry->d_parent == mi->mi_incomplete_dir) {
1254 /* Can't link to .incomplete */
1255 error = -EBUSY;
1256 goto out;
1257 }
1258
1259 error = incfs_link(backing_old_path.dentry, backing_new_path.dentry);
1260 if (!error) {
1261 struct inode *inode = NULL;
1262 struct dentry *bdentry = backing_new_path.dentry;
1263
1264 if (d_really_is_negative(bdentry)) {
1265 error = -EINVAL;
1266 goto out;
1267 }
1268
1269 inode = fetch_regular_inode(dir->i_sb, bdentry);
1270 if (IS_ERR(inode)) {
1271 error = PTR_ERR(inode);
1272 goto out;
1273 }
1274 d_instantiate(new_dentry, inode);
1275 }
1276
1277 out:
1278 path_put(&backing_old_path);
1279 path_put(&backing_new_path);
1280 if (error)
1281 pr_debug("incfs: %s err:%d\n", __func__, error);
1282 mutex_unlock(&mi->mi_dir_struct_mutex);
1283 return error;
1284 }
1285
dir_rmdir(struct inode * dir,struct dentry * dentry)1286 static int dir_rmdir(struct inode *dir, struct dentry *dentry)
1287 {
1288 struct mount_info *mi = get_mount_info(dir->i_sb);
1289 struct path backing_path = {};
1290 int err = 0;
1291
1292 if (!mi)
1293 return -EBADF;
1294
1295 err = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1296 if (err)
1297 return err;
1298
1299 get_incfs_backing_path(dentry, &backing_path);
1300 if (!backing_path.dentry) {
1301 err = -EBADF;
1302 goto path_err;
1303 }
1304
1305 if (backing_path.dentry == mi->mi_index_dir) {
1306 /* Can't delete .index */
1307 err = -EBUSY;
1308 goto out;
1309 }
1310
1311 if (backing_path.dentry == mi->mi_incomplete_dir) {
1312 /* Can't delete .incomplete */
1313 err = -EBUSY;
1314 goto out;
1315 }
1316
1317 err = incfs_rmdir(backing_path.dentry);
1318 if (!err)
1319 d_drop(dentry);
1320 out:
1321 path_put(&backing_path);
1322
1323 path_err:
1324 if (err)
1325 pr_debug("incfs: %s err:%d\n", __func__, err);
1326 mutex_unlock(&mi->mi_dir_struct_mutex);
1327 return err;
1328 }
1329
dir_rename(struct inode * old_dir,struct dentry * old_dentry,struct inode * new_dir,struct dentry * new_dentry)1330 static int dir_rename(struct inode *old_dir, struct dentry *old_dentry,
1331 struct inode *new_dir, struct dentry *new_dentry)
1332 {
1333 struct mount_info *mi = get_mount_info(old_dir->i_sb);
1334 struct dentry *backing_old_dentry;
1335 struct dentry *backing_new_dentry;
1336 struct dentry *backing_old_dir_dentry;
1337 struct dentry *backing_new_dir_dentry;
1338 struct inode *target_inode;
1339 struct dentry *trap;
1340 int error = 0;
1341
1342 error = mutex_lock_interruptible(&mi->mi_dir_struct_mutex);
1343 if (error)
1344 return error;
1345
1346 backing_old_dentry = get_incfs_dentry(old_dentry)->backing_path.dentry;
1347
1348 if (!backing_old_dentry || backing_old_dentry == mi->mi_index_dir ||
1349 backing_old_dentry == mi->mi_incomplete_dir) {
1350 /* Renaming .index or .incomplete not allowed */
1351 error = -EBUSY;
1352 goto exit;
1353 }
1354
1355 backing_new_dentry = get_incfs_dentry(new_dentry)->backing_path.dentry;
1356 dget(backing_old_dentry);
1357 dget(backing_new_dentry);
1358
1359 backing_old_dir_dentry = dget_parent(backing_old_dentry);
1360 backing_new_dir_dentry = dget_parent(backing_new_dentry);
1361 target_inode = d_inode(new_dentry);
1362
1363 if (backing_old_dir_dentry == mi->mi_index_dir ||
1364 backing_old_dir_dentry == mi->mi_incomplete_dir) {
1365 /* Direct moves from .index or .incomplete are not allowed. */
1366 error = -EBUSY;
1367 goto out;
1368 }
1369
1370 trap = lock_rename(backing_old_dir_dentry, backing_new_dir_dentry);
1371
1372 if (trap == backing_old_dentry) {
1373 error = -EINVAL;
1374 goto unlock_out;
1375 }
1376 if (trap == backing_new_dentry) {
1377 error = -ENOTEMPTY;
1378 goto unlock_out;
1379 }
1380
1381 error = vfs_rename(d_inode(backing_old_dir_dentry), backing_old_dentry,
1382 d_inode(backing_new_dir_dentry), backing_new_dentry,
1383 NULL, 0);
1384 if (error)
1385 goto unlock_out;
1386 if (target_inode)
1387 fsstack_copy_attr_all(target_inode,
1388 get_incfs_node(target_inode)->n_backing_inode);
1389 fsstack_copy_attr_all(new_dir, d_inode(backing_new_dir_dentry));
1390 if (new_dir != old_dir)
1391 fsstack_copy_attr_all(old_dir, d_inode(backing_old_dir_dentry));
1392
1393 unlock_out:
1394 unlock_rename(backing_old_dir_dentry, backing_new_dir_dentry);
1395
1396 out:
1397 dput(backing_new_dir_dentry);
1398 dput(backing_old_dir_dentry);
1399 dput(backing_new_dentry);
1400 dput(backing_old_dentry);
1401
1402 exit:
1403 mutex_unlock(&mi->mi_dir_struct_mutex);
1404 if (error)
1405 pr_debug("incfs: %s err:%d\n", __func__, error);
1406 return error;
1407 }
1408
1409
file_open(struct inode * inode,struct file * file)1410 static int file_open(struct inode *inode, struct file *file)
1411 {
1412 struct mount_info *mi = get_mount_info(inode->i_sb);
1413 struct file *backing_file = NULL;
1414 struct path backing_path = {};
1415 int err = 0;
1416 int flags = O_NOATIME | O_LARGEFILE |
1417 (S_ISDIR(inode->i_mode) ? O_RDONLY : O_RDWR);
1418 const struct cred *old_cred;
1419
1420 WARN_ON(file->private_data);
1421
1422 if (!mi)
1423 return -EBADF;
1424
1425 get_incfs_backing_path(file->f_path.dentry, &backing_path);
1426 if (!backing_path.dentry)
1427 return -EBADF;
1428
1429 old_cred = override_creds(mi->mi_owner);
1430 backing_file = dentry_open(&backing_path, flags, current_cred());
1431 revert_creds(old_cred);
1432 path_put(&backing_path);
1433
1434 if (IS_ERR(backing_file)) {
1435 err = PTR_ERR(backing_file);
1436 backing_file = NULL;
1437 goto out;
1438 }
1439
1440 if (S_ISREG(inode->i_mode)) {
1441 struct incfs_file_data *fd = kzalloc(sizeof(*fd), GFP_NOFS);
1442
1443 if (!fd) {
1444 err = -ENOMEM;
1445 goto out;
1446 }
1447
1448 *fd = (struct incfs_file_data) {
1449 .fd_fill_permission = CANT_FILL,
1450 };
1451 file->private_data = fd;
1452
1453 err = make_inode_ready_for_data_ops(mi, inode, backing_file);
1454 if (err)
1455 goto out;
1456
1457 err = incfs_fsverity_file_open(inode, file);
1458 if (err)
1459 goto out;
1460 } else if (S_ISDIR(inode->i_mode)) {
1461 struct dir_file *dir = NULL;
1462
1463 dir = incfs_open_dir_file(mi, backing_file);
1464 if (IS_ERR(dir))
1465 err = PTR_ERR(dir);
1466 else
1467 file->private_data = dir;
1468 } else
1469 err = -EBADF;
1470
1471 out:
1472 if (err) {
1473 pr_debug("name:%s err: %d\n",
1474 file->f_path.dentry->d_name.name, err);
1475 if (S_ISREG(inode->i_mode))
1476 kfree(file->private_data);
1477 else if (S_ISDIR(inode->i_mode))
1478 incfs_free_dir_file(file->private_data);
1479
1480 file->private_data = NULL;
1481 }
1482
1483 if (backing_file)
1484 fput(backing_file);
1485 return err;
1486 }
1487
file_release(struct inode * inode,struct file * file)1488 static int file_release(struct inode *inode, struct file *file)
1489 {
1490 if (S_ISREG(inode->i_mode)) {
1491 kfree(file->private_data);
1492 file->private_data = NULL;
1493 } else if (S_ISDIR(inode->i_mode)) {
1494 struct dir_file *dir = get_incfs_dir_file(file);
1495
1496 incfs_free_dir_file(dir);
1497 }
1498
1499 return 0;
1500 }
1501
dentry_revalidate(struct dentry * d,unsigned int flags)1502 static int dentry_revalidate(struct dentry *d, unsigned int flags)
1503 {
1504 struct path backing_path = {};
1505 struct inode_info *info = get_incfs_node(d_inode(d));
1506 struct inode *binode = (info == NULL) ? NULL : info->n_backing_inode;
1507 struct dentry *backing_dentry = NULL;
1508 int result = 0;
1509
1510 if (flags & LOOKUP_RCU)
1511 return -ECHILD;
1512
1513 get_incfs_backing_path(d, &backing_path);
1514 backing_dentry = backing_path.dentry;
1515 if (!backing_dentry)
1516 goto out;
1517
1518 if (d_inode(backing_dentry) != binode) {
1519 /*
1520 * Backing inodes obtained via dentry and inode don't match.
1521 * It indicates that most likely backing dir has changed
1522 * directly bypassing Incremental FS interface.
1523 */
1524 goto out;
1525 }
1526
1527 if (backing_dentry->d_flags & DCACHE_OP_REVALIDATE) {
1528 result = backing_dentry->d_op->d_revalidate(backing_dentry,
1529 flags);
1530 } else
1531 result = 1;
1532
1533 out:
1534 path_put(&backing_path);
1535 return result;
1536 }
1537
dentry_release(struct dentry * d)1538 static void dentry_release(struct dentry *d)
1539 {
1540 struct dentry_info *di = get_incfs_dentry(d);
1541
1542 if (di)
1543 path_put(&di->backing_path);
1544 kfree(d->d_fsdata);
1545 d->d_fsdata = NULL;
1546 }
1547
alloc_inode(struct super_block * sb)1548 static struct inode *alloc_inode(struct super_block *sb)
1549 {
1550 struct inode_info *node = kzalloc(sizeof(*node), GFP_NOFS);
1551
1552 /* TODO: add a slab-based cache here. */
1553 if (!node)
1554 return NULL;
1555 inode_init_once(&node->n_vfs_inode);
1556 return &node->n_vfs_inode;
1557 }
1558
free_inode(struct inode * inode)1559 static void free_inode(struct inode *inode)
1560 {
1561 struct inode_info *node = get_incfs_node(inode);
1562
1563 kfree(node);
1564 }
1565
evict_inode(struct inode * inode)1566 static void evict_inode(struct inode *inode)
1567 {
1568 struct inode_info *node = get_incfs_node(inode);
1569
1570 if (node) {
1571 if (node->n_backing_inode) {
1572 iput(node->n_backing_inode);
1573 node->n_backing_inode = NULL;
1574 }
1575 if (node->n_file) {
1576 incfs_free_data_file(node->n_file);
1577 node->n_file = NULL;
1578 }
1579 }
1580
1581 truncate_inode_pages(&inode->i_data, 0);
1582 clear_inode(inode);
1583 }
1584
incfs_setattr(struct dentry * dentry,struct iattr * ia)1585 static int incfs_setattr(struct dentry *dentry, struct iattr *ia)
1586 {
1587 struct dentry_info *di = get_incfs_dentry(dentry);
1588 struct dentry *backing_dentry;
1589 struct inode *backing_inode;
1590 int error;
1591
1592 if (ia->ia_valid & ATTR_SIZE)
1593 return -EINVAL;
1594
1595 if ((ia->ia_valid & (ATTR_KILL_SUID|ATTR_KILL_SGID)) &&
1596 (ia->ia_valid & ATTR_MODE))
1597 return -EINVAL;
1598
1599 if (!di)
1600 return -EINVAL;
1601 backing_dentry = di->backing_path.dentry;
1602 if (!backing_dentry)
1603 return -EINVAL;
1604
1605 backing_inode = d_inode(backing_dentry);
1606
1607 /* incfs files are readonly, but the backing files must be writeable */
1608 if (S_ISREG(backing_inode->i_mode)) {
1609 if ((ia->ia_valid & ATTR_MODE) && (ia->ia_mode & 0222))
1610 return -EINVAL;
1611
1612 ia->ia_mode |= 0222;
1613 }
1614
1615 inode_lock(d_inode(backing_dentry));
1616 error = notify_change(backing_dentry, ia, NULL);
1617 inode_unlock(d_inode(backing_dentry));
1618
1619 if (error)
1620 return error;
1621
1622 if (S_ISREG(backing_inode->i_mode))
1623 ia->ia_mode &= ~0222;
1624
1625 return simple_setattr(dentry, ia);
1626 }
1627
1628
incfs_getattr(const struct path * path,struct kstat * stat,u32 request_mask,unsigned int query_flags)1629 static int incfs_getattr(const struct path *path,
1630 struct kstat *stat, u32 request_mask,
1631 unsigned int query_flags)
1632 {
1633 struct inode *inode = d_inode(path->dentry);
1634
1635 generic_fillattr(inode, stat);
1636
1637 if (inode->i_ino < INCFS_START_INO_RANGE)
1638 return 0;
1639
1640 stat->attributes &= ~STATX_ATTR_VERITY;
1641 if (IS_VERITY(inode))
1642 stat->attributes |= STATX_ATTR_VERITY;
1643 stat->attributes_mask |= STATX_ATTR_VERITY;
1644
1645 if (request_mask & STATX_BLOCKS) {
1646 struct kstat backing_kstat;
1647 struct dentry_info *di = get_incfs_dentry(path->dentry);
1648 int error = 0;
1649 struct path *backing_path;
1650
1651 if (!di)
1652 return -EFSCORRUPTED;
1653 backing_path = &di->backing_path;
1654 error = vfs_getattr(backing_path, &backing_kstat, STATX_BLOCKS,
1655 AT_STATX_SYNC_AS_STAT);
1656 if (error)
1657 return error;
1658
1659 stat->blocks = backing_kstat.blocks;
1660 }
1661
1662 return 0;
1663 }
1664
incfs_getxattr(struct dentry * d,const char * name,void * value,size_t size)1665 static ssize_t incfs_getxattr(struct dentry *d, const char *name,
1666 void *value, size_t size)
1667 {
1668 struct dentry_info *di = get_incfs_dentry(d);
1669 struct mount_info *mi = get_mount_info(d->d_sb);
1670 char *stored_value;
1671 size_t stored_size;
1672 int i;
1673
1674 if (di && di->backing_path.dentry)
1675 return vfs_getxattr(di->backing_path.dentry, name, value, size);
1676
1677 if (strcmp(name, "security.selinux"))
1678 return -ENODATA;
1679
1680 for (i = 0; i < PSEUDO_FILE_COUNT; ++i)
1681 if (!strcmp(d->d_iname, incfs_pseudo_file_names[i].data))
1682 break;
1683 if (i == PSEUDO_FILE_COUNT)
1684 return -ENODATA;
1685
1686 stored_value = mi->pseudo_file_xattr[i].data;
1687 stored_size = mi->pseudo_file_xattr[i].len;
1688 if (!stored_value)
1689 return -ENODATA;
1690
1691 if (stored_size > size)
1692 return -E2BIG;
1693
1694 memcpy(value, stored_value, stored_size);
1695 return stored_size;
1696 }
1697
1698
incfs_setxattr(struct dentry * d,const char * name,const void * value,size_t size,int flags)1699 static ssize_t incfs_setxattr(struct dentry *d, const char *name,
1700 const void *value, size_t size, int flags)
1701 {
1702 struct dentry_info *di = get_incfs_dentry(d);
1703 struct mount_info *mi = get_mount_info(d->d_sb);
1704 u8 **stored_value;
1705 size_t *stored_size;
1706 int i;
1707
1708 if (di && di->backing_path.dentry)
1709 return vfs_setxattr(di->backing_path.dentry, name, value, size,
1710 flags);
1711
1712 if (strcmp(name, "security.selinux"))
1713 return -ENODATA;
1714
1715 if (size > INCFS_MAX_FILE_ATTR_SIZE)
1716 return -E2BIG;
1717
1718 for (i = 0; i < PSEUDO_FILE_COUNT; ++i)
1719 if (!strcmp(d->d_iname, incfs_pseudo_file_names[i].data))
1720 break;
1721 if (i == PSEUDO_FILE_COUNT)
1722 return -ENODATA;
1723
1724 stored_value = &mi->pseudo_file_xattr[i].data;
1725 stored_size = &mi->pseudo_file_xattr[i].len;
1726 kfree (*stored_value);
1727 *stored_value = kzalloc(size, GFP_NOFS);
1728 if (!*stored_value)
1729 return -ENOMEM;
1730
1731 memcpy(*stored_value, value, size);
1732 *stored_size = size;
1733 return 0;
1734 }
1735
incfs_listxattr(struct dentry * d,char * list,size_t size)1736 static ssize_t incfs_listxattr(struct dentry *d, char *list, size_t size)
1737 {
1738 struct dentry_info *di = get_incfs_dentry(d);
1739
1740 if (!di || !di->backing_path.dentry)
1741 return -ENODATA;
1742
1743 return vfs_listxattr(di->backing_path.dentry, list, size);
1744 }
1745
incfs_mount_fs(struct file_system_type * type,int flags,const char * dev_name,void * data)1746 struct dentry *incfs_mount_fs(struct file_system_type *type, int flags,
1747 const char *dev_name, void *data)
1748 {
1749 struct mount_options options = {};
1750 struct mount_info *mi = NULL;
1751 struct path backing_dir_path = {};
1752 struct dentry *index_dir = NULL;
1753 struct dentry *incomplete_dir = NULL;
1754 struct super_block *src_fs_sb = NULL;
1755 struct inode *root_inode = NULL;
1756 struct super_block *sb = sget(type, NULL, set_anon_super, flags, NULL);
1757 bool dir_created = false;
1758 int error = 0;
1759
1760 if (IS_ERR(sb))
1761 return ERR_CAST(sb);
1762
1763 sb->s_op = &incfs_super_ops;
1764 sb->s_d_op = &incfs_dentry_ops;
1765 sb->s_flags |= S_NOATIME;
1766 sb->s_magic = INCFS_MAGIC_NUMBER;
1767 sb->s_time_gran = 1;
1768 sb->s_blocksize = INCFS_DATA_FILE_BLOCK_SIZE;
1769 sb->s_blocksize_bits = blksize_bits(sb->s_blocksize);
1770 sb->s_xattr = incfs_xattr_ops;
1771
1772 BUILD_BUG_ON(PAGE_SIZE != INCFS_DATA_FILE_BLOCK_SIZE);
1773
1774 if (!dev_name) {
1775 pr_err("incfs: Backing dir is not set, filesystem can't be mounted.\n");
1776 error = -ENOENT;
1777 goto err_deactivate;
1778 }
1779
1780 error = parse_options(&options, (char *)data);
1781 if (error != 0) {
1782 pr_err("incfs: Options parsing error. %d\n", error);
1783 goto err_deactivate;
1784 }
1785
1786 sb->s_bdi->ra_pages = options.readahead_pages;
1787 if (!dev_name) {
1788 pr_err("incfs: Backing dir is not set, filesystem can't be mounted.\n");
1789 error = -ENOENT;
1790 goto err_free_opts;
1791 }
1792
1793 error = kern_path(dev_name, LOOKUP_FOLLOW | LOOKUP_DIRECTORY,
1794 &backing_dir_path);
1795 if (error || backing_dir_path.dentry == NULL ||
1796 !d_really_is_positive(backing_dir_path.dentry)) {
1797 pr_err("incfs: Error accessing: %s.\n",
1798 dev_name);
1799 goto err_free_opts;
1800 }
1801 src_fs_sb = backing_dir_path.dentry->d_sb;
1802 sb->s_maxbytes = src_fs_sb->s_maxbytes;
1803 sb->s_stack_depth = src_fs_sb->s_stack_depth + 1;
1804
1805 if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
1806 error = -EINVAL;
1807 goto err_put_path;
1808 }
1809
1810 mi = incfs_alloc_mount_info(sb, &options, &backing_dir_path);
1811 if (IS_ERR_OR_NULL(mi)) {
1812 error = PTR_ERR(mi);
1813 pr_err("incfs: Error allocating mount info. %d\n", error);
1814 goto err_put_path;
1815 }
1816
1817 sb->s_fs_info = mi;
1818 mi->mi_backing_dir_path = backing_dir_path;
1819 index_dir = open_or_create_special_dir(backing_dir_path.dentry,
1820 INCFS_INDEX_NAME, &dir_created);
1821 if (IS_ERR_OR_NULL(index_dir)) {
1822 error = PTR_ERR(index_dir);
1823 pr_err("incfs: Can't find or create .index dir in %s\n",
1824 dev_name);
1825 /* No need to null index_dir since we don't put it */
1826 goto err_put_path;
1827 }
1828
1829 mi->mi_index_dir = index_dir;
1830 mi->mi_index_free = dir_created;
1831
1832 incomplete_dir = open_or_create_special_dir(backing_dir_path.dentry,
1833 INCFS_INCOMPLETE_NAME,
1834 &dir_created);
1835 if (IS_ERR_OR_NULL(incomplete_dir)) {
1836 error = PTR_ERR(incomplete_dir);
1837 pr_err("incfs: Can't find or create .incomplete dir in %s\n",
1838 dev_name);
1839 /* No need to null incomplete_dir since we don't put it */
1840 goto err_put_path;
1841 }
1842 mi->mi_incomplete_dir = incomplete_dir;
1843 mi->mi_incomplete_free = dir_created;
1844
1845 root_inode = fetch_regular_inode(sb, backing_dir_path.dentry);
1846 if (IS_ERR(root_inode)) {
1847 error = PTR_ERR(root_inode);
1848 goto err_put_path;
1849 }
1850
1851 sb->s_root = d_make_root(root_inode);
1852 if (!sb->s_root) {
1853 error = -ENOMEM;
1854 goto err_put_path;
1855 }
1856 error = incfs_init_dentry(sb->s_root, &backing_dir_path);
1857 if (error)
1858 goto err_put_path;
1859
1860 path_put(&backing_dir_path);
1861 sb->s_flags |= SB_ACTIVE;
1862
1863 pr_debug("incfs: mount\n");
1864 return dget(sb->s_root);
1865
1866 err_put_path:
1867 path_put(&backing_dir_path);
1868 err_free_opts:
1869 free_options(&options);
1870 err_deactivate:
1871 deactivate_locked_super(sb);
1872 pr_err("incfs: mount failed %d\n", error);
1873 return ERR_PTR(error);
1874 }
1875
incfs_remount_fs(struct super_block * sb,int * flags,char * data)1876 static int incfs_remount_fs(struct super_block *sb, int *flags, char *data)
1877 {
1878 struct mount_options options;
1879 struct mount_info *mi = get_mount_info(sb);
1880 int err = 0;
1881
1882 sync_filesystem(sb);
1883 err = parse_options(&options, (char *)data);
1884 if (err)
1885 return err;
1886
1887 if (options.report_uid != mi->mi_options.report_uid) {
1888 pr_err("incfs: Can't change report_uid mount option on remount\n");
1889 err = -EOPNOTSUPP;
1890 goto out;
1891 }
1892
1893 err = incfs_realloc_mount_info(mi, &options);
1894 if (err)
1895 goto out;
1896
1897 pr_debug("incfs: remount\n");
1898
1899 out:
1900 free_options(&options);
1901 return err;
1902 }
1903
incfs_kill_sb(struct super_block * sb)1904 void incfs_kill_sb(struct super_block *sb)
1905 {
1906 struct mount_info *mi = sb->s_fs_info;
1907 struct inode *dinode = NULL;
1908
1909 pr_debug("incfs: unmount\n");
1910
1911 if (mi) {
1912 if (mi->mi_backing_dir_path.dentry)
1913 dinode = d_inode(mi->mi_backing_dir_path.dentry);
1914
1915 if (dinode) {
1916 if (mi->mi_index_dir && mi->mi_index_free)
1917 vfs_rmdir(dinode, mi->mi_index_dir);
1918
1919 if (mi->mi_incomplete_dir && mi->mi_incomplete_free)
1920 vfs_rmdir(dinode, mi->mi_incomplete_dir);
1921 }
1922
1923 incfs_free_mount_info(mi);
1924 sb->s_fs_info = NULL;
1925 }
1926 kill_anon_super(sb);
1927 }
1928
show_options(struct seq_file * m,struct dentry * root)1929 static int show_options(struct seq_file *m, struct dentry *root)
1930 {
1931 struct mount_info *mi = get_mount_info(root->d_sb);
1932
1933 seq_printf(m, ",read_timeout_ms=%u", mi->mi_options.read_timeout_ms);
1934 seq_printf(m, ",readahead=%u", mi->mi_options.readahead_pages);
1935 if (mi->mi_options.read_log_pages != 0) {
1936 seq_printf(m, ",rlog_pages=%u", mi->mi_options.read_log_pages);
1937 seq_printf(m, ",rlog_wakeup_cnt=%u",
1938 mi->mi_options.read_log_wakeup_count);
1939 }
1940 if (mi->mi_options.report_uid)
1941 seq_puts(m, ",report_uid");
1942
1943 if (mi->mi_sysfs_node)
1944 seq_printf(m, ",sysfs_name=%s",
1945 kobject_name(&mi->mi_sysfs_node->isn_sysfs_node));
1946 return 0;
1947 }
1948