Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 1 | /* |
| 2 | * CUSE: Character device in Userspace |
| 3 | * |
| 4 | * Copyright (C) 2008-2009 SUSE Linux Products GmbH |
| 5 | * Copyright (C) 2008-2009 Tejun Heo <tj@kernel.org> |
| 6 | * |
| 7 | * This file is released under the GPLv2. |
| 8 | * |
| 9 | * CUSE enables character devices to be implemented from userland much |
| 10 | * like FUSE allows filesystems. On initialization /dev/cuse is |
| 11 | * created. By opening the file and replying to the CUSE_INIT request |
| 12 | * userland CUSE server can create a character device. After that the |
| 13 | * operation is very similar to FUSE. |
| 14 | * |
| 15 | * A CUSE instance involves the following objects. |
| 16 | * |
| 17 | * cuse_conn : contains fuse_conn and serves as bonding structure |
| 18 | * channel : file handle connected to the userland CUSE server |
| 19 | * cdev : the implemented character device |
| 20 | * dev : generic device for cdev |
| 21 | * |
| 22 | * Note that 'channel' is what 'dev' is in FUSE. As CUSE deals with |
| 23 | * devices, it's called 'channel' to reduce confusion. |
| 24 | * |
| 25 | * channel determines when the character device dies. When channel is |
| 26 | * closed, everything begins to destruct. The cuse_conn is taken off |
| 27 | * the lookup table preventing further access from cdev, cdev and |
| 28 | * generic device are removed and the base reference of cuse_conn is |
| 29 | * put. |
| 30 | * |
| 31 | * On each open, the matching cuse_conn is looked up and if found an |
| 32 | * additional reference is taken which is released when the file is |
| 33 | * closed. |
| 34 | */ |
| 35 | |
| 36 | #include <linux/fuse.h> |
| 37 | #include <linux/cdev.h> |
| 38 | #include <linux/device.h> |
| 39 | #include <linux/file.h> |
| 40 | #include <linux/fs.h> |
| 41 | #include <linux/kdev_t.h> |
| 42 | #include <linux/kthread.h> |
| 43 | #include <linux/list.h> |
| 44 | #include <linux/magic.h> |
| 45 | #include <linux/miscdevice.h> |
| 46 | #include <linux/mutex.h> |
Tejun Heo | 5a0e3ad | 2010-03-24 17:04:11 +0900 | [diff] [blame] | 47 | #include <linux/slab.h> |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 48 | #include <linux/stat.h> |
Paul Gortmaker | 143cb49 | 2011-07-01 14:23:34 -0400 | [diff] [blame] | 49 | #include <linux/module.h> |
Christoph Hellwig | e2e40f2 | 2015-02-22 08:58:50 -0800 | [diff] [blame] | 50 | #include <linux/uio.h> |
Eric W. Biederman | 8cb0832 | 2018-02-21 11:18:07 -0600 | [diff] [blame] | 51 | #include <linux/user_namespace.h> |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 52 | |
| 53 | #include "fuse_i.h" |
| 54 | |
| 55 | #define CUSE_CONNTBL_LEN 64 |
| 56 | |
| 57 | struct cuse_conn { |
| 58 | struct list_head list; /* linked on cuse_conntbl */ |
| 59 | struct fuse_conn fc; /* fuse connection */ |
| 60 | struct cdev *cdev; /* associated character device */ |
| 61 | struct device *dev; /* device representing @cdev */ |
| 62 | |
| 63 | /* init parameters, set once during initialization */ |
| 64 | bool unrestricted_ioctl; |
| 65 | }; |
| 66 | |
David Herrmann | 8ce03fd | 2012-11-17 12:45:47 +0100 | [diff] [blame] | 67 | static DEFINE_MUTEX(cuse_lock); /* protects registration */ |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 68 | static struct list_head cuse_conntbl[CUSE_CONNTBL_LEN]; |
| 69 | static struct class *cuse_class; |
| 70 | |
| 71 | static struct cuse_conn *fc_to_cc(struct fuse_conn *fc) |
| 72 | { |
| 73 | return container_of(fc, struct cuse_conn, fc); |
| 74 | } |
| 75 | |
| 76 | static struct list_head *cuse_conntbl_head(dev_t devt) |
| 77 | { |
| 78 | return &cuse_conntbl[(MAJOR(devt) + MINOR(devt)) % CUSE_CONNTBL_LEN]; |
| 79 | } |
| 80 | |
| 81 | |
| 82 | /************************************************************************** |
| 83 | * CUSE frontend operations |
| 84 | * |
| 85 | * These are file operations for the character device. |
| 86 | * |
| 87 | * On open, CUSE opens a file from the FUSE mnt and stores it to |
| 88 | * private_data of the open file. All other ops call FUSE ops on the |
| 89 | * FUSE file. |
| 90 | */ |
| 91 | |
Al Viro | cfa86a7 | 2015-03-21 09:01:45 -0400 | [diff] [blame] | 92 | static ssize_t cuse_read_iter(struct kiocb *kiocb, struct iov_iter *to) |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 93 | { |
Miklos Szeredi | e1c0eec | 2017-09-12 16:57:53 +0200 | [diff] [blame] | 94 | struct fuse_io_priv io = FUSE_IO_PRIV_SYNC(kiocb); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 95 | loff_t pos = 0; |
| 96 | |
Al Viro | cfa86a7 | 2015-03-21 09:01:45 -0400 | [diff] [blame] | 97 | return fuse_direct_io(&io, to, &pos, FUSE_DIO_CUSE); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 98 | } |
| 99 | |
Al Viro | cfa86a7 | 2015-03-21 09:01:45 -0400 | [diff] [blame] | 100 | static ssize_t cuse_write_iter(struct kiocb *kiocb, struct iov_iter *from) |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 101 | { |
Miklos Szeredi | e1c0eec | 2017-09-12 16:57:53 +0200 | [diff] [blame] | 102 | struct fuse_io_priv io = FUSE_IO_PRIV_SYNC(kiocb); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 103 | loff_t pos = 0; |
| 104 | /* |
| 105 | * No locking or generic_write_checks(), the server is |
| 106 | * responsible for locking and sanity checks. |
| 107 | */ |
Al Viro | cfa86a7 | 2015-03-21 09:01:45 -0400 | [diff] [blame] | 108 | return fuse_direct_io(&io, from, &pos, |
Pavel Emelyanov | ea8cd33 | 2013-10-10 17:12:05 +0400 | [diff] [blame] | 109 | FUSE_DIO_WRITE | FUSE_DIO_CUSE); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 110 | } |
| 111 | |
| 112 | static int cuse_open(struct inode *inode, struct file *file) |
| 113 | { |
| 114 | dev_t devt = inode->i_cdev->dev; |
| 115 | struct cuse_conn *cc = NULL, *pos; |
| 116 | int rc; |
| 117 | |
| 118 | /* look up and get the connection */ |
David Herrmann | 8ce03fd | 2012-11-17 12:45:47 +0100 | [diff] [blame] | 119 | mutex_lock(&cuse_lock); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 120 | list_for_each_entry(pos, cuse_conntbl_head(devt), list) |
| 121 | if (pos->dev->devt == devt) { |
| 122 | fuse_conn_get(&pos->fc); |
| 123 | cc = pos; |
| 124 | break; |
| 125 | } |
David Herrmann | 8ce03fd | 2012-11-17 12:45:47 +0100 | [diff] [blame] | 126 | mutex_unlock(&cuse_lock); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 127 | |
| 128 | /* dead? */ |
| 129 | if (!cc) |
| 130 | return -ENODEV; |
| 131 | |
| 132 | /* |
| 133 | * Generic permission check is already done against the chrdev |
| 134 | * file, proceed to open. |
| 135 | */ |
| 136 | rc = fuse_do_open(&cc->fc, 0, file, 0); |
| 137 | if (rc) |
| 138 | fuse_conn_put(&cc->fc); |
| 139 | return rc; |
| 140 | } |
| 141 | |
| 142 | static int cuse_release(struct inode *inode, struct file *file) |
| 143 | { |
| 144 | struct fuse_file *ff = file->private_data; |
| 145 | struct fuse_conn *fc = ff->fc; |
| 146 | |
| 147 | fuse_sync_release(ff, file->f_flags); |
| 148 | fuse_conn_put(fc); |
| 149 | |
| 150 | return 0; |
| 151 | } |
| 152 | |
| 153 | static long cuse_file_ioctl(struct file *file, unsigned int cmd, |
| 154 | unsigned long arg) |
| 155 | { |
| 156 | struct fuse_file *ff = file->private_data; |
| 157 | struct cuse_conn *cc = fc_to_cc(ff->fc); |
| 158 | unsigned int flags = 0; |
| 159 | |
| 160 | if (cc->unrestricted_ioctl) |
| 161 | flags |= FUSE_IOCTL_UNRESTRICTED; |
| 162 | |
| 163 | return fuse_do_ioctl(file, cmd, arg, flags); |
| 164 | } |
| 165 | |
| 166 | static long cuse_file_compat_ioctl(struct file *file, unsigned int cmd, |
| 167 | unsigned long arg) |
| 168 | { |
| 169 | struct fuse_file *ff = file->private_data; |
| 170 | struct cuse_conn *cc = fc_to_cc(ff->fc); |
| 171 | unsigned int flags = FUSE_IOCTL_COMPAT; |
| 172 | |
| 173 | if (cc->unrestricted_ioctl) |
| 174 | flags |= FUSE_IOCTL_UNRESTRICTED; |
| 175 | |
| 176 | return fuse_do_ioctl(file, cmd, arg, flags); |
| 177 | } |
| 178 | |
| 179 | static const struct file_operations cuse_frontend_fops = { |
| 180 | .owner = THIS_MODULE, |
Al Viro | cfa86a7 | 2015-03-21 09:01:45 -0400 | [diff] [blame] | 181 | .read_iter = cuse_read_iter, |
| 182 | .write_iter = cuse_write_iter, |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 183 | .open = cuse_open, |
| 184 | .release = cuse_release, |
| 185 | .unlocked_ioctl = cuse_file_ioctl, |
| 186 | .compat_ioctl = cuse_file_compat_ioctl, |
| 187 | .poll = fuse_file_poll, |
Arnd Bergmann | 6038f37 | 2010-08-15 18:52:59 +0200 | [diff] [blame] | 188 | .llseek = noop_llseek, |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 189 | }; |
| 190 | |
| 191 | |
| 192 | /************************************************************************** |
| 193 | * CUSE channel initialization and destruction |
| 194 | */ |
| 195 | |
| 196 | struct cuse_devinfo { |
| 197 | const char *name; |
| 198 | }; |
| 199 | |
| 200 | /** |
| 201 | * cuse_parse_one - parse one key=value pair |
| 202 | * @pp: i/o parameter for the current position |
| 203 | * @end: points to one past the end of the packed string |
| 204 | * @keyp: out parameter for key |
| 205 | * @valp: out parameter for value |
| 206 | * |
| 207 | * *@pp points to packed strings - "key0=val0\0key1=val1\0" which ends |
| 208 | * at @end - 1. This function parses one pair and set *@keyp to the |
| 209 | * start of the key and *@valp to the start of the value. Note that |
| 210 | * the original string is modified such that the key string is |
| 211 | * terminated with '\0'. *@pp is updated to point to the next string. |
| 212 | * |
| 213 | * RETURNS: |
| 214 | * 1 on successful parse, 0 on EOF, -errno on failure. |
| 215 | */ |
| 216 | static int cuse_parse_one(char **pp, char *end, char **keyp, char **valp) |
| 217 | { |
| 218 | char *p = *pp; |
| 219 | char *key, *val; |
| 220 | |
| 221 | while (p < end && *p == '\0') |
| 222 | p++; |
| 223 | if (p == end) |
| 224 | return 0; |
| 225 | |
| 226 | if (end[-1] != '\0') { |
| 227 | printk(KERN_ERR "CUSE: info not properly terminated\n"); |
| 228 | return -EINVAL; |
| 229 | } |
| 230 | |
| 231 | key = val = p; |
| 232 | p += strlen(p); |
| 233 | |
| 234 | if (valp) { |
| 235 | strsep(&val, "="); |
| 236 | if (!val) |
| 237 | val = key + strlen(key); |
| 238 | key = strstrip(key); |
| 239 | val = strstrip(val); |
| 240 | } else |
| 241 | key = strstrip(key); |
| 242 | |
| 243 | if (!strlen(key)) { |
| 244 | printk(KERN_ERR "CUSE: zero length info key specified\n"); |
| 245 | return -EINVAL; |
| 246 | } |
| 247 | |
| 248 | *pp = p; |
| 249 | *keyp = key; |
| 250 | if (valp) |
| 251 | *valp = val; |
| 252 | |
| 253 | return 1; |
| 254 | } |
| 255 | |
| 256 | /** |
| 257 | * cuse_parse_dev_info - parse device info |
| 258 | * @p: device info string |
| 259 | * @len: length of device info string |
| 260 | * @devinfo: out parameter for parsed device info |
| 261 | * |
| 262 | * Parse @p to extract device info and store it into @devinfo. String |
| 263 | * pointed to by @p is modified by parsing and @devinfo points into |
| 264 | * them, so @p shouldn't be freed while @devinfo is in use. |
| 265 | * |
| 266 | * RETURNS: |
| 267 | * 0 on success, -errno on failure. |
| 268 | */ |
| 269 | static int cuse_parse_devinfo(char *p, size_t len, struct cuse_devinfo *devinfo) |
| 270 | { |
| 271 | char *end = p + len; |
Miklos Szeredi | e256036 | 2013-01-15 12:24:46 +0100 | [diff] [blame] | 272 | char *uninitialized_var(key), *uninitialized_var(val); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 273 | int rc; |
| 274 | |
| 275 | while (true) { |
| 276 | rc = cuse_parse_one(&p, end, &key, &val); |
| 277 | if (rc < 0) |
| 278 | return rc; |
| 279 | if (!rc) |
| 280 | break; |
| 281 | if (strcmp(key, "DEVNAME") == 0) |
| 282 | devinfo->name = val; |
| 283 | else |
| 284 | printk(KERN_WARNING "CUSE: unknown device info \"%s\"\n", |
| 285 | key); |
| 286 | } |
| 287 | |
| 288 | if (!devinfo->name || !strlen(devinfo->name)) { |
| 289 | printk(KERN_ERR "CUSE: DEVNAME unspecified\n"); |
| 290 | return -EINVAL; |
| 291 | } |
| 292 | |
| 293 | return 0; |
| 294 | } |
| 295 | |
| 296 | static void cuse_gendev_release(struct device *dev) |
| 297 | { |
| 298 | kfree(dev); |
| 299 | } |
| 300 | |
| 301 | /** |
| 302 | * cuse_process_init_reply - finish initializing CUSE channel |
| 303 | * |
| 304 | * This function creates the character device and sets up all the |
| 305 | * required data structures for it. Please read the comment at the |
| 306 | * top of this file for high level overview. |
| 307 | */ |
| 308 | static void cuse_process_init_reply(struct fuse_conn *fc, struct fuse_req *req) |
| 309 | { |
David Herrmann | 3078358 | 2012-11-17 12:45:48 +0100 | [diff] [blame] | 310 | struct cuse_conn *cc = fc_to_cc(fc), *pos; |
Miklos Szeredi | 07d5f69 | 2011-03-21 13:58:05 +0100 | [diff] [blame] | 311 | struct cuse_init_out *arg = req->out.args[0].value; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 312 | struct page *page = req->pages[0]; |
| 313 | struct cuse_devinfo devinfo = { }; |
| 314 | struct device *dev; |
| 315 | struct cdev *cdev; |
| 316 | dev_t devt; |
David Herrmann | 3078358 | 2012-11-17 12:45:48 +0100 | [diff] [blame] | 317 | int rc, i; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 318 | |
| 319 | if (req->out.h.error || |
| 320 | arg->major != FUSE_KERNEL_VERSION || arg->minor < 11) { |
| 321 | goto err; |
| 322 | } |
| 323 | |
| 324 | fc->minor = arg->minor; |
| 325 | fc->max_read = max_t(unsigned, arg->max_read, 4096); |
| 326 | fc->max_write = max_t(unsigned, arg->max_write, 4096); |
| 327 | |
| 328 | /* parse init reply */ |
| 329 | cc->unrestricted_ioctl = arg->flags & CUSE_UNRESTRICTED_IOCTL; |
| 330 | |
| 331 | rc = cuse_parse_devinfo(page_address(page), req->out.args[1].size, |
| 332 | &devinfo); |
| 333 | if (rc) |
| 334 | goto err; |
| 335 | |
| 336 | /* determine and reserve devt */ |
| 337 | devt = MKDEV(arg->dev_major, arg->dev_minor); |
| 338 | if (!MAJOR(devt)) |
| 339 | rc = alloc_chrdev_region(&devt, MINOR(devt), 1, devinfo.name); |
| 340 | else |
| 341 | rc = register_chrdev_region(devt, 1, devinfo.name); |
| 342 | if (rc) { |
| 343 | printk(KERN_ERR "CUSE: failed to register chrdev region\n"); |
| 344 | goto err; |
| 345 | } |
| 346 | |
| 347 | /* devt determined, create device */ |
| 348 | rc = -ENOMEM; |
| 349 | dev = kzalloc(sizeof(*dev), GFP_KERNEL); |
| 350 | if (!dev) |
| 351 | goto err_region; |
| 352 | |
| 353 | device_initialize(dev); |
| 354 | dev_set_uevent_suppress(dev, 1); |
| 355 | dev->class = cuse_class; |
| 356 | dev->devt = devt; |
| 357 | dev->release = cuse_gendev_release; |
| 358 | dev_set_drvdata(dev, cc); |
| 359 | dev_set_name(dev, "%s", devinfo.name); |
| 360 | |
David Herrmann | 3078358 | 2012-11-17 12:45:48 +0100 | [diff] [blame] | 361 | mutex_lock(&cuse_lock); |
| 362 | |
| 363 | /* make sure the device-name is unique */ |
| 364 | for (i = 0; i < CUSE_CONNTBL_LEN; ++i) { |
| 365 | list_for_each_entry(pos, &cuse_conntbl[i], list) |
| 366 | if (!strcmp(dev_name(pos->dev), dev_name(dev))) |
| 367 | goto err_unlock; |
| 368 | } |
| 369 | |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 370 | rc = device_add(dev); |
| 371 | if (rc) |
David Herrmann | 3078358 | 2012-11-17 12:45:48 +0100 | [diff] [blame] | 372 | goto err_unlock; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 373 | |
| 374 | /* register cdev */ |
| 375 | rc = -ENOMEM; |
| 376 | cdev = cdev_alloc(); |
| 377 | if (!cdev) |
David Herrmann | 3078358 | 2012-11-17 12:45:48 +0100 | [diff] [blame] | 378 | goto err_unlock; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 379 | |
| 380 | cdev->owner = THIS_MODULE; |
| 381 | cdev->ops = &cuse_frontend_fops; |
| 382 | |
| 383 | rc = cdev_add(cdev, devt, 1); |
| 384 | if (rc) |
| 385 | goto err_cdev; |
| 386 | |
| 387 | cc->dev = dev; |
| 388 | cc->cdev = cdev; |
| 389 | |
| 390 | /* make the device available */ |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 391 | list_add(&cc->list, cuse_conntbl_head(devt)); |
David Herrmann | 8ce03fd | 2012-11-17 12:45:47 +0100 | [diff] [blame] | 392 | mutex_unlock(&cuse_lock); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 393 | |
| 394 | /* announce device availability */ |
| 395 | dev_set_uevent_suppress(dev, 0); |
| 396 | kobject_uevent(&dev->kobj, KOBJ_ADD); |
| 397 | out: |
Miklos Szeredi | 07d5f69 | 2011-03-21 13:58:05 +0100 | [diff] [blame] | 398 | kfree(arg); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 399 | __free_page(page); |
| 400 | return; |
| 401 | |
| 402 | err_cdev: |
| 403 | cdev_del(cdev); |
David Herrmann | 3078358 | 2012-11-17 12:45:48 +0100 | [diff] [blame] | 404 | err_unlock: |
| 405 | mutex_unlock(&cuse_lock); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 406 | put_device(dev); |
| 407 | err_region: |
| 408 | unregister_chrdev_region(devt, 1); |
| 409 | err: |
Szymon Lukasz | 3b7008b | 2017-11-09 21:23:35 +0100 | [diff] [blame] | 410 | fuse_abort_conn(fc, false); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 411 | goto out; |
| 412 | } |
| 413 | |
| 414 | static int cuse_send_init(struct cuse_conn *cc) |
| 415 | { |
| 416 | int rc; |
| 417 | struct fuse_req *req; |
| 418 | struct page *page; |
| 419 | struct fuse_conn *fc = &cc->fc; |
| 420 | struct cuse_init_in *arg; |
Miklos Szeredi | 07d5f69 | 2011-03-21 13:58:05 +0100 | [diff] [blame] | 421 | void *outarg; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 422 | |
| 423 | BUILD_BUG_ON(CUSE_INIT_INFO_MAX > PAGE_SIZE); |
| 424 | |
Maxim Patlasov | 8b41e67 | 2013-03-21 18:02:04 +0400 | [diff] [blame] | 425 | req = fuse_get_req_for_background(fc, 1); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 426 | if (IS_ERR(req)) { |
| 427 | rc = PTR_ERR(req); |
| 428 | goto err; |
| 429 | } |
| 430 | |
| 431 | rc = -ENOMEM; |
| 432 | page = alloc_page(GFP_KERNEL | __GFP_ZERO); |
| 433 | if (!page) |
| 434 | goto err_put_req; |
| 435 | |
Miklos Szeredi | 07d5f69 | 2011-03-21 13:58:05 +0100 | [diff] [blame] | 436 | outarg = kzalloc(sizeof(struct cuse_init_out), GFP_KERNEL); |
| 437 | if (!outarg) |
| 438 | goto err_free_page; |
| 439 | |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 440 | arg = &req->misc.cuse_init_in; |
| 441 | arg->major = FUSE_KERNEL_VERSION; |
| 442 | arg->minor = FUSE_KERNEL_MINOR_VERSION; |
| 443 | arg->flags |= CUSE_UNRESTRICTED_IOCTL; |
| 444 | req->in.h.opcode = CUSE_INIT; |
| 445 | req->in.numargs = 1; |
| 446 | req->in.args[0].size = sizeof(struct cuse_init_in); |
| 447 | req->in.args[0].value = arg; |
| 448 | req->out.numargs = 2; |
| 449 | req->out.args[0].size = sizeof(struct cuse_init_out); |
Miklos Szeredi | 07d5f69 | 2011-03-21 13:58:05 +0100 | [diff] [blame] | 450 | req->out.args[0].value = outarg; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 451 | req->out.args[1].size = CUSE_INIT_INFO_MAX; |
| 452 | req->out.argvar = 1; |
| 453 | req->out.argpages = 1; |
| 454 | req->pages[0] = page; |
Maxim Patlasov | 85f40ae | 2012-10-26 19:49:33 +0400 | [diff] [blame] | 455 | req->page_descs[0].length = req->out.args[1].size; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 456 | req->num_pages = 1; |
| 457 | req->end = cuse_process_init_reply; |
| 458 | fuse_request_send_background(fc, req); |
| 459 | |
| 460 | return 0; |
| 461 | |
Miklos Szeredi | 07d5f69 | 2011-03-21 13:58:05 +0100 | [diff] [blame] | 462 | err_free_page: |
| 463 | __free_page(page); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 464 | err_put_req: |
| 465 | fuse_put_request(fc, req); |
| 466 | err: |
| 467 | return rc; |
| 468 | } |
| 469 | |
| 470 | static void cuse_fc_release(struct fuse_conn *fc) |
| 471 | { |
| 472 | struct cuse_conn *cc = fc_to_cc(fc); |
Al Viro | dd3e2c5 | 2013-10-03 21:21:39 -0400 | [diff] [blame] | 473 | kfree_rcu(cc, fc.rcu); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 474 | } |
| 475 | |
| 476 | /** |
| 477 | * cuse_channel_open - open method for /dev/cuse |
| 478 | * @inode: inode for /dev/cuse |
| 479 | * @file: file struct being opened |
| 480 | * |
| 481 | * Userland CUSE server can create a CUSE device by opening /dev/cuse |
Paul Bolle | 8272f4c | 2011-02-15 00:05:34 +0100 | [diff] [blame] | 482 | * and replying to the initialization request kernel sends. This |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 483 | * function is responsible for handling CUSE device initialization. |
| 484 | * Because the fd opened by this function is used during |
| 485 | * initialization, this function only creates cuse_conn and sends |
| 486 | * init. The rest is delegated to a kthread. |
| 487 | * |
| 488 | * RETURNS: |
| 489 | * 0 on success, -errno on failure. |
| 490 | */ |
| 491 | static int cuse_channel_open(struct inode *inode, struct file *file) |
| 492 | { |
Miklos Szeredi | cc080e9 | 2015-07-01 16:26:08 +0200 | [diff] [blame] | 493 | struct fuse_dev *fud; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 494 | struct cuse_conn *cc; |
| 495 | int rc; |
| 496 | |
| 497 | /* set up cuse_conn */ |
| 498 | cc = kzalloc(sizeof(*cc), GFP_KERNEL); |
| 499 | if (!cc) |
| 500 | return -ENOMEM; |
| 501 | |
Eric W. Biederman | 8cb0832 | 2018-02-21 11:18:07 -0600 | [diff] [blame] | 502 | /* |
| 503 | * Limit the cuse channel to requests that can |
| 504 | * be represented in file->f_cred->user_ns. |
| 505 | */ |
| 506 | fuse_conn_init(&cc->fc, file->f_cred->user_ns); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 507 | |
Miklos Szeredi | cc080e9 | 2015-07-01 16:26:08 +0200 | [diff] [blame] | 508 | fud = fuse_dev_alloc(&cc->fc); |
| 509 | if (!fud) { |
| 510 | kfree(cc); |
| 511 | return -ENOMEM; |
| 512 | } |
| 513 | |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 514 | INIT_LIST_HEAD(&cc->list); |
| 515 | cc->fc.release = cuse_fc_release; |
| 516 | |
Maxim Patlasov | 796523fb | 2013-03-21 18:02:15 +0400 | [diff] [blame] | 517 | cc->fc.initialized = 1; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 518 | rc = cuse_send_init(cc); |
| 519 | if (rc) { |
Miklos Szeredi | cc080e9 | 2015-07-01 16:26:08 +0200 | [diff] [blame] | 520 | fuse_dev_free(fud); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 521 | return rc; |
| 522 | } |
Miklos Szeredi | cc080e9 | 2015-07-01 16:26:08 +0200 | [diff] [blame] | 523 | file->private_data = fud; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 524 | |
| 525 | return 0; |
| 526 | } |
| 527 | |
| 528 | /** |
| 529 | * cuse_channel_release - release method for /dev/cuse |
| 530 | * @inode: inode for /dev/cuse |
| 531 | * @file: file struct being closed |
| 532 | * |
| 533 | * Disconnect the channel, deregister CUSE device and initiate |
| 534 | * destruction by putting the default reference. |
| 535 | * |
| 536 | * RETURNS: |
| 537 | * 0 on success, -errno on failure. |
| 538 | */ |
| 539 | static int cuse_channel_release(struct inode *inode, struct file *file) |
| 540 | { |
Miklos Szeredi | cc080e9 | 2015-07-01 16:26:08 +0200 | [diff] [blame] | 541 | struct fuse_dev *fud = file->private_data; |
| 542 | struct cuse_conn *cc = fc_to_cc(fud->fc); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 543 | int rc; |
| 544 | |
| 545 | /* remove from the conntbl, no more access from this point on */ |
David Herrmann | 8ce03fd | 2012-11-17 12:45:47 +0100 | [diff] [blame] | 546 | mutex_lock(&cuse_lock); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 547 | list_del_init(&cc->list); |
David Herrmann | 8ce03fd | 2012-11-17 12:45:47 +0100 | [diff] [blame] | 548 | mutex_unlock(&cuse_lock); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 549 | |
| 550 | /* remove device */ |
| 551 | if (cc->dev) |
| 552 | device_unregister(cc->dev); |
| 553 | if (cc->cdev) { |
| 554 | unregister_chrdev_region(cc->cdev->dev, 1); |
| 555 | cdev_del(cc->cdev); |
| 556 | } |
Miklos Szeredi | 2c5816b | 2015-11-10 10:32:36 +0100 | [diff] [blame] | 557 | /* Base reference is now owned by "fud" */ |
| 558 | fuse_conn_put(&cc->fc); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 559 | |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 560 | rc = fuse_dev_release(inode, file); /* puts the base reference */ |
| 561 | |
| 562 | return rc; |
| 563 | } |
| 564 | |
| 565 | static struct file_operations cuse_channel_fops; /* initialized during init */ |
| 566 | |
| 567 | |
| 568 | /************************************************************************** |
| 569 | * Misc stuff and module initializatiion |
| 570 | * |
| 571 | * CUSE exports the same set of attributes to sysfs as fusectl. |
| 572 | */ |
| 573 | |
| 574 | static ssize_t cuse_class_waiting_show(struct device *dev, |
| 575 | struct device_attribute *attr, char *buf) |
| 576 | { |
| 577 | struct cuse_conn *cc = dev_get_drvdata(dev); |
| 578 | |
| 579 | return sprintf(buf, "%d\n", atomic_read(&cc->fc.num_waiting)); |
| 580 | } |
Rusty Russell | 58f86cc | 2014-03-24 12:00:34 +1030 | [diff] [blame] | 581 | static DEVICE_ATTR(waiting, 0400, cuse_class_waiting_show, NULL); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 582 | |
| 583 | static ssize_t cuse_class_abort_store(struct device *dev, |
| 584 | struct device_attribute *attr, |
| 585 | const char *buf, size_t count) |
| 586 | { |
| 587 | struct cuse_conn *cc = dev_get_drvdata(dev); |
| 588 | |
Szymon Lukasz | 3b7008b | 2017-11-09 21:23:35 +0100 | [diff] [blame] | 589 | fuse_abort_conn(&cc->fc, false); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 590 | return count; |
| 591 | } |
Rusty Russell | 58f86cc | 2014-03-24 12:00:34 +1030 | [diff] [blame] | 592 | static DEVICE_ATTR(abort, 0200, NULL, cuse_class_abort_store); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 593 | |
Greg Kroah-Hartman | 4183fb9 | 2013-07-24 15:05:24 -0700 | [diff] [blame] | 594 | static struct attribute *cuse_class_dev_attrs[] = { |
| 595 | &dev_attr_waiting.attr, |
| 596 | &dev_attr_abort.attr, |
| 597 | NULL, |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 598 | }; |
Greg Kroah-Hartman | 4183fb9 | 2013-07-24 15:05:24 -0700 | [diff] [blame] | 599 | ATTRIBUTE_GROUPS(cuse_class_dev); |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 600 | |
| 601 | static struct miscdevice cuse_miscdev = { |
Tom Gundersen | cb2ffb2 | 2013-09-09 20:18:27 +0200 | [diff] [blame] | 602 | .minor = CUSE_MINOR, |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 603 | .name = "cuse", |
| 604 | .fops = &cuse_channel_fops, |
| 605 | }; |
| 606 | |
Tom Gundersen | cb2ffb2 | 2013-09-09 20:18:27 +0200 | [diff] [blame] | 607 | MODULE_ALIAS_MISCDEV(CUSE_MINOR); |
| 608 | MODULE_ALIAS("devname:cuse"); |
| 609 | |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 610 | static int __init cuse_init(void) |
| 611 | { |
| 612 | int i, rc; |
| 613 | |
| 614 | /* init conntbl */ |
| 615 | for (i = 0; i < CUSE_CONNTBL_LEN; i++) |
| 616 | INIT_LIST_HEAD(&cuse_conntbl[i]); |
| 617 | |
| 618 | /* inherit and extend fuse_dev_operations */ |
| 619 | cuse_channel_fops = fuse_dev_operations; |
| 620 | cuse_channel_fops.owner = THIS_MODULE; |
| 621 | cuse_channel_fops.open = cuse_channel_open; |
| 622 | cuse_channel_fops.release = cuse_channel_release; |
| 623 | |
| 624 | cuse_class = class_create(THIS_MODULE, "cuse"); |
| 625 | if (IS_ERR(cuse_class)) |
| 626 | return PTR_ERR(cuse_class); |
| 627 | |
Greg Kroah-Hartman | 4183fb9 | 2013-07-24 15:05:24 -0700 | [diff] [blame] | 628 | cuse_class->dev_groups = cuse_class_dev_groups; |
Tejun Heo | 151060a | 2009-04-14 10:54:54 +0900 | [diff] [blame] | 629 | |
| 630 | rc = misc_register(&cuse_miscdev); |
| 631 | if (rc) { |
| 632 | class_destroy(cuse_class); |
| 633 | return rc; |
| 634 | } |
| 635 | |
| 636 | return 0; |
| 637 | } |
| 638 | |
| 639 | static void __exit cuse_exit(void) |
| 640 | { |
| 641 | misc_deregister(&cuse_miscdev); |
| 642 | class_destroy(cuse_class); |
| 643 | } |
| 644 | |
| 645 | module_init(cuse_init); |
| 646 | module_exit(cuse_exit); |
| 647 | |
| 648 | MODULE_AUTHOR("Tejun Heo <tj@kernel.org>"); |
| 649 | MODULE_DESCRIPTION("Character device in Userspace"); |
| 650 | MODULE_LICENSE("GPL"); |