Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame^] | 1 | /* |
| 2 | * fs/sdcardfs/inode.c |
| 3 | * |
| 4 | * Copyright (c) 2013 Samsung Electronics Co. Ltd |
| 5 | * Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun, |
| 6 | * Sunghwan Yun, Sungjong Seo |
| 7 | * |
| 8 | * This program has been developed as a stackable file system based on |
| 9 | * the WrapFS which written by |
| 10 | * |
| 11 | * Copyright (c) 1998-2011 Erez Zadok |
| 12 | * Copyright (c) 2009 Shrikar Archak |
| 13 | * Copyright (c) 2003-2011 Stony Brook University |
| 14 | * Copyright (c) 2003-2011 The Research Foundation of SUNY |
| 15 | * |
| 16 | * This file is dual licensed. It may be redistributed and/or modified |
| 17 | * under the terms of the Apache 2.0 License OR version 2 of the GNU |
| 18 | * General Public License. |
| 19 | */ |
| 20 | |
| 21 | #include "sdcardfs.h" |
| 22 | |
| 23 | /* Do not directly use this function. Use OVERRIDE_CRED() instead. */ |
| 24 | const struct cred * override_fsids(struct sdcardfs_sb_info* sbi) |
| 25 | { |
| 26 | struct cred * cred; |
| 27 | const struct cred * old_cred; |
| 28 | |
| 29 | cred = prepare_creds(); |
| 30 | if (!cred) |
| 31 | return NULL; |
| 32 | |
| 33 | cred->fsuid = sbi->options.fs_low_uid; |
| 34 | cred->fsgid = sbi->options.fs_low_gid; |
| 35 | |
| 36 | old_cred = override_creds(cred); |
| 37 | |
| 38 | return old_cred; |
| 39 | } |
| 40 | |
| 41 | /* Do not directly use this function, use REVERT_CRED() instead. */ |
| 42 | void revert_fsids(const struct cred * old_cred) |
| 43 | { |
| 44 | const struct cred * cur_cred; |
| 45 | |
| 46 | cur_cred = current->cred; |
| 47 | revert_creds(old_cred); |
| 48 | put_cred(cur_cred); |
| 49 | } |
| 50 | |
| 51 | static int sdcardfs_create(struct inode *dir, struct dentry *dentry, |
| 52 | int mode, struct nameidata *nd) |
| 53 | { |
| 54 | int err = 0; |
| 55 | struct dentry *lower_dentry; |
| 56 | struct dentry *lower_parent_dentry = NULL; |
| 57 | struct path lower_path, saved_path; |
| 58 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 59 | const struct cred *saved_cred = NULL; |
| 60 | |
| 61 | int has_rw = get_caller_has_rw_locked(sbi->pkgl_id, sbi->options.derive); |
| 62 | if(!check_caller_access_to_name(dir, dentry->d_name.name, sbi->options.derive, 1, has_rw)) { |
| 63 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 64 | " dentry: %s, task:%s\n", |
| 65 | __func__, dentry->d_name.name, current->comm); |
| 66 | err = -EACCES; |
| 67 | goto out_eacces; |
| 68 | } |
| 69 | |
| 70 | /* save current_cred and override it */ |
| 71 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 72 | |
| 73 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 74 | lower_dentry = lower_path.dentry; |
| 75 | lower_parent_dentry = lock_parent(lower_dentry); |
| 76 | |
| 77 | err = mnt_want_write(lower_path.mnt); |
| 78 | if (err) |
| 79 | goto out_unlock; |
| 80 | |
| 81 | pathcpy(&saved_path, &nd->path); |
| 82 | pathcpy(&nd->path, &lower_path); |
| 83 | |
| 84 | /* set last 16bytes of mode field to 0664 */ |
| 85 | mode = (mode & S_IFMT) | 00664; |
| 86 | err = vfs_create(lower_parent_dentry->d_inode, lower_dentry, mode, nd); |
| 87 | |
| 88 | pathcpy(&nd->path, &saved_path); |
| 89 | if (err) |
| 90 | goto out; |
| 91 | |
| 92 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path); |
| 93 | if (err) |
| 94 | goto out; |
| 95 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
| 96 | fsstack_copy_inode_size(dir, lower_parent_dentry->d_inode); |
| 97 | |
| 98 | out: |
| 99 | mnt_drop_write(lower_path.mnt); |
| 100 | out_unlock: |
| 101 | unlock_dir(lower_parent_dentry); |
| 102 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 103 | REVERT_CRED(saved_cred); |
| 104 | out_eacces: |
| 105 | return err; |
| 106 | } |
| 107 | |
| 108 | #if 0 |
| 109 | static int sdcardfs_link(struct dentry *old_dentry, struct inode *dir, |
| 110 | struct dentry *new_dentry) |
| 111 | { |
| 112 | struct dentry *lower_old_dentry; |
| 113 | struct dentry *lower_new_dentry; |
| 114 | struct dentry *lower_dir_dentry; |
| 115 | u64 file_size_save; |
| 116 | int err; |
| 117 | struct path lower_old_path, lower_new_path; |
| 118 | |
| 119 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb)); |
| 120 | |
| 121 | file_size_save = i_size_read(old_dentry->d_inode); |
| 122 | sdcardfs_get_lower_path(old_dentry, &lower_old_path); |
| 123 | sdcardfs_get_lower_path(new_dentry, &lower_new_path); |
| 124 | lower_old_dentry = lower_old_path.dentry; |
| 125 | lower_new_dentry = lower_new_path.dentry; |
| 126 | lower_dir_dentry = lock_parent(lower_new_dentry); |
| 127 | |
| 128 | err = mnt_want_write(lower_new_path.mnt); |
| 129 | if (err) |
| 130 | goto out_unlock; |
| 131 | |
| 132 | err = vfs_link(lower_old_dentry, lower_dir_dentry->d_inode, |
| 133 | lower_new_dentry); |
| 134 | if (err || !lower_new_dentry->d_inode) |
| 135 | goto out; |
| 136 | |
| 137 | err = sdcardfs_interpose(new_dentry, dir->i_sb, &lower_new_path); |
| 138 | if (err) |
| 139 | goto out; |
| 140 | fsstack_copy_attr_times(dir, lower_new_dentry->d_inode); |
| 141 | fsstack_copy_inode_size(dir, lower_new_dentry->d_inode); |
| 142 | old_dentry->d_inode->i_nlink = |
| 143 | sdcardfs_lower_inode(old_dentry->d_inode)->i_nlink; |
| 144 | i_size_write(new_dentry->d_inode, file_size_save); |
| 145 | out: |
| 146 | mnt_drop_write(lower_new_path.mnt); |
| 147 | out_unlock: |
| 148 | unlock_dir(lower_dir_dentry); |
| 149 | sdcardfs_put_lower_path(old_dentry, &lower_old_path); |
| 150 | sdcardfs_put_lower_path(new_dentry, &lower_new_path); |
| 151 | REVERT_CRED(); |
| 152 | return err; |
| 153 | } |
| 154 | #endif |
| 155 | |
| 156 | static int sdcardfs_unlink(struct inode *dir, struct dentry *dentry) |
| 157 | { |
| 158 | int err; |
| 159 | struct dentry *lower_dentry; |
| 160 | struct inode *lower_dir_inode = sdcardfs_lower_inode(dir); |
| 161 | struct dentry *lower_dir_dentry; |
| 162 | struct path lower_path; |
| 163 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 164 | const struct cred *saved_cred = NULL; |
| 165 | |
| 166 | int has_rw = get_caller_has_rw_locked(sbi->pkgl_id, sbi->options.derive); |
| 167 | if(!check_caller_access_to_name(dir, dentry->d_name.name, sbi->options.derive, 1, has_rw)) { |
| 168 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 169 | " dentry: %s, task:%s\n", |
| 170 | __func__, dentry->d_name.name, current->comm); |
| 171 | err = -EACCES; |
| 172 | goto out_eacces; |
| 173 | } |
| 174 | |
| 175 | /* save current_cred and override it */ |
| 176 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 177 | |
| 178 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 179 | lower_dentry = lower_path.dentry; |
| 180 | dget(lower_dentry); |
| 181 | lower_dir_dentry = lock_parent(lower_dentry); |
| 182 | |
| 183 | err = mnt_want_write(lower_path.mnt); |
| 184 | if (err) |
| 185 | goto out_unlock; |
| 186 | err = vfs_unlink(lower_dir_inode, lower_dentry); |
| 187 | |
| 188 | /* |
| 189 | * Note: unlinking on top of NFS can cause silly-renamed files. |
| 190 | * Trying to delete such files results in EBUSY from NFS |
| 191 | * below. Silly-renamed files will get deleted by NFS later on, so |
| 192 | * we just need to detect them here and treat such EBUSY errors as |
| 193 | * if the upper file was successfully deleted. |
| 194 | */ |
| 195 | if (err == -EBUSY && lower_dentry->d_flags & DCACHE_NFSFS_RENAMED) |
| 196 | err = 0; |
| 197 | if (err) |
| 198 | goto out; |
| 199 | fsstack_copy_attr_times(dir, lower_dir_inode); |
| 200 | fsstack_copy_inode_size(dir, lower_dir_inode); |
| 201 | dentry->d_inode->i_nlink = |
| 202 | sdcardfs_lower_inode(dentry->d_inode)->i_nlink; |
| 203 | dentry->d_inode->i_ctime = dir->i_ctime; |
| 204 | d_drop(dentry); /* this is needed, else LTP fails (VFS won't do it) */ |
| 205 | out: |
| 206 | mnt_drop_write(lower_path.mnt); |
| 207 | out_unlock: |
| 208 | unlock_dir(lower_dir_dentry); |
| 209 | dput(lower_dentry); |
| 210 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 211 | REVERT_CRED(saved_cred); |
| 212 | out_eacces: |
| 213 | return err; |
| 214 | } |
| 215 | |
| 216 | #if 0 |
| 217 | static int sdcardfs_symlink(struct inode *dir, struct dentry *dentry, |
| 218 | const char *symname) |
| 219 | { |
| 220 | int err = 0; |
| 221 | struct dentry *lower_dentry; |
| 222 | struct dentry *lower_parent_dentry = NULL; |
| 223 | struct path lower_path; |
| 224 | |
| 225 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb)); |
| 226 | |
| 227 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 228 | lower_dentry = lower_path.dentry; |
| 229 | lower_parent_dentry = lock_parent(lower_dentry); |
| 230 | |
| 231 | err = mnt_want_write(lower_path.mnt); |
| 232 | if (err) |
| 233 | goto out_unlock; |
| 234 | err = vfs_symlink(lower_parent_dentry->d_inode, lower_dentry, symname); |
| 235 | if (err) |
| 236 | goto out; |
| 237 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path); |
| 238 | if (err) |
| 239 | goto out; |
| 240 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
| 241 | fsstack_copy_inode_size(dir, lower_parent_dentry->d_inode); |
| 242 | |
| 243 | out: |
| 244 | mnt_drop_write(lower_path.mnt); |
| 245 | out_unlock: |
| 246 | unlock_dir(lower_parent_dentry); |
| 247 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 248 | REVERT_CRED(); |
| 249 | return err; |
| 250 | } |
| 251 | #endif |
| 252 | |
| 253 | static int touch(char *abs_path, mode_t mode) { |
| 254 | struct file *filp = filp_open(abs_path, O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW, mode); |
| 255 | if (IS_ERR(filp)) { |
| 256 | if (PTR_ERR(filp) == -EEXIST) { |
| 257 | return 0; |
| 258 | } |
| 259 | else { |
| 260 | printk(KERN_ERR "sdcardfs: failed to open(%s): %ld\n", |
| 261 | abs_path, PTR_ERR(filp)); |
| 262 | return PTR_ERR(filp); |
| 263 | } |
| 264 | } |
| 265 | filp_close(filp, current->files); |
| 266 | return 0; |
| 267 | } |
| 268 | |
| 269 | static int sdcardfs_mkdir(struct inode *dir, struct dentry *dentry, int mode) |
| 270 | { |
| 271 | int err = 0; |
| 272 | int make_nomedia_in_obb = 0; |
| 273 | struct dentry *lower_dentry; |
| 274 | struct dentry *lower_parent_dentry = NULL; |
| 275 | struct path lower_path; |
| 276 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 277 | const struct cred *saved_cred = NULL; |
| 278 | struct sdcardfs_inode_info *pi = SDCARDFS_I(dir); |
| 279 | char *page_buf; |
| 280 | char *nomedia_dir_name; |
| 281 | char *nomedia_fullpath; |
| 282 | int fullpath_namelen; |
| 283 | int touch_err = 0; |
| 284 | |
| 285 | int has_rw = get_caller_has_rw_locked(sbi->pkgl_id, sbi->options.derive); |
| 286 | if(!check_caller_access_to_name(dir, dentry->d_name.name, sbi->options.derive, 1, has_rw)) { |
| 287 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 288 | " dentry: %s, task:%s\n", |
| 289 | __func__, dentry->d_name.name, current->comm); |
| 290 | err = -EACCES; |
| 291 | goto out_eacces; |
| 292 | } |
| 293 | |
| 294 | /* save current_cred and override it */ |
| 295 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 296 | |
| 297 | /* check disk space */ |
| 298 | if (!check_min_free_space(dentry, 0, 1)) { |
| 299 | printk(KERN_INFO "sdcardfs: No minimum free space.\n"); |
| 300 | err = -ENOSPC; |
| 301 | goto out_revert; |
| 302 | } |
| 303 | |
| 304 | /* the lower_dentry is negative here */ |
| 305 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 306 | lower_dentry = lower_path.dentry; |
| 307 | lower_parent_dentry = lock_parent(lower_dentry); |
| 308 | |
| 309 | err = mnt_want_write(lower_path.mnt); |
| 310 | if (err) |
| 311 | goto out_unlock; |
| 312 | |
| 313 | /* set last 16bytes of mode field to 0775 */ |
| 314 | mode = (mode & S_IFMT) | 00775; |
| 315 | err = vfs_mkdir(lower_parent_dentry->d_inode, lower_dentry, mode); |
| 316 | |
| 317 | if (err) |
| 318 | goto out; |
| 319 | |
| 320 | /* if it is a local obb dentry, setup it with the base obbpath */ |
| 321 | if(need_graft_path(dentry)) { |
| 322 | |
| 323 | err = setup_obb_dentry(dentry, &lower_path); |
| 324 | if(err) { |
| 325 | /* if the sbi->obbpath is not available, the lower_path won't be |
| 326 | * changed by setup_obb_dentry() but the lower path is saved to |
| 327 | * its orig_path. this dentry will be revalidated later. |
| 328 | * but now, the lower_path should be NULL */ |
| 329 | sdcardfs_put_reset_lower_path(dentry); |
| 330 | |
| 331 | /* the newly created lower path which saved to its orig_path or |
| 332 | * the lower_path is the base obbpath. |
| 333 | * therefore, an additional path_get is required */ |
| 334 | path_get(&lower_path); |
| 335 | } else |
| 336 | make_nomedia_in_obb = 1; |
| 337 | } |
| 338 | |
| 339 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path); |
| 340 | if (err) |
| 341 | goto out; |
| 342 | |
| 343 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
| 344 | fsstack_copy_inode_size(dir, lower_parent_dentry->d_inode); |
| 345 | /* update number of links on parent directory */ |
| 346 | dir->i_nlink = sdcardfs_lower_inode(dir)->i_nlink; |
| 347 | |
| 348 | if ((sbi->options.derive == DERIVE_UNIFIED) && (!strcasecmp(dentry->d_name.name, "obb")) |
| 349 | && (pi->perm == PERM_ANDROID) && (pi->userid == 0)) |
| 350 | make_nomedia_in_obb = 1; |
| 351 | |
| 352 | /* When creating /Android/data and /Android/obb, mark them as .nomedia */ |
| 353 | if (make_nomedia_in_obb || |
| 354 | ((pi->perm == PERM_ANDROID) && (!strcasecmp(dentry->d_name.name, "data")))) { |
| 355 | |
| 356 | page_buf = (char *)__get_free_page(GFP_KERNEL); |
| 357 | if (!page_buf) { |
| 358 | printk(KERN_ERR "sdcardfs: failed to allocate page buf\n"); |
| 359 | goto out; |
| 360 | } |
| 361 | |
| 362 | nomedia_dir_name = d_absolute_path(&lower_path, page_buf, PAGE_SIZE); |
| 363 | if (IS_ERR(nomedia_dir_name)) { |
| 364 | free_page((unsigned long)page_buf); |
| 365 | printk(KERN_ERR "sdcardfs: failed to get .nomedia dir name\n"); |
| 366 | goto out; |
| 367 | } |
| 368 | |
| 369 | fullpath_namelen = page_buf + PAGE_SIZE - nomedia_dir_name - 1; |
| 370 | fullpath_namelen += strlen("/.nomedia"); |
| 371 | nomedia_fullpath = kzalloc(fullpath_namelen + 1, GFP_KERNEL); |
| 372 | if (!nomedia_fullpath) { |
| 373 | free_page((unsigned long)page_buf); |
| 374 | printk(KERN_ERR "sdcardfs: failed to allocate .nomedia fullpath buf\n"); |
| 375 | goto out; |
| 376 | } |
| 377 | |
| 378 | strcpy(nomedia_fullpath, nomedia_dir_name); |
| 379 | free_page((unsigned long)page_buf); |
| 380 | strcat(nomedia_fullpath, "/.nomedia"); |
| 381 | touch_err = touch(nomedia_fullpath, 0664); |
| 382 | if (touch_err) { |
| 383 | printk(KERN_ERR "sdcardfs: failed to touch(%s): %d\n", |
| 384 | nomedia_fullpath, touch_err); |
| 385 | kfree(nomedia_fullpath); |
| 386 | goto out; |
| 387 | } |
| 388 | kfree(nomedia_fullpath); |
| 389 | } |
| 390 | out: |
| 391 | mnt_drop_write(lower_path.mnt); |
| 392 | out_unlock: |
| 393 | unlock_dir(lower_parent_dentry); |
| 394 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 395 | out_revert: |
| 396 | REVERT_CRED(saved_cred); |
| 397 | out_eacces: |
| 398 | return err; |
| 399 | } |
| 400 | |
| 401 | static int sdcardfs_rmdir(struct inode *dir, struct dentry *dentry) |
| 402 | { |
| 403 | struct dentry *lower_dentry; |
| 404 | struct dentry *lower_dir_dentry; |
| 405 | int err; |
| 406 | struct path lower_path; |
| 407 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 408 | const struct cred *saved_cred = NULL; |
| 409 | //char *path_s = NULL; |
| 410 | |
| 411 | int has_rw = get_caller_has_rw_locked(sbi->pkgl_id, sbi->options.derive); |
| 412 | if(!check_caller_access_to_name(dir, dentry->d_name.name, sbi->options.derive, 1, has_rw)) { |
| 413 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 414 | " dentry: %s, task:%s\n", |
| 415 | __func__, dentry->d_name.name, current->comm); |
| 416 | err = -EACCES; |
| 417 | goto out_eacces; |
| 418 | } |
| 419 | |
| 420 | /* save current_cred and override it */ |
| 421 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 422 | |
| 423 | /* sdcardfs_get_real_lower(): in case of remove an user's obb dentry |
| 424 | * the dentry on the original path should be deleted. */ |
| 425 | sdcardfs_get_real_lower(dentry, &lower_path); |
| 426 | |
| 427 | lower_dentry = lower_path.dentry; |
| 428 | lower_dir_dentry = lock_parent(lower_dentry); |
| 429 | |
| 430 | err = mnt_want_write(lower_path.mnt); |
| 431 | if (err) |
| 432 | goto out_unlock; |
| 433 | err = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry); |
| 434 | if (err) |
| 435 | goto out; |
| 436 | |
| 437 | d_drop(dentry); /* drop our dentry on success (why not VFS's job?) */ |
| 438 | if (dentry->d_inode) |
| 439 | clear_nlink(dentry->d_inode); |
| 440 | fsstack_copy_attr_times(dir, lower_dir_dentry->d_inode); |
| 441 | fsstack_copy_inode_size(dir, lower_dir_dentry->d_inode); |
| 442 | dir->i_nlink = lower_dir_dentry->d_inode->i_nlink; |
| 443 | |
| 444 | out: |
| 445 | mnt_drop_write(lower_path.mnt); |
| 446 | out_unlock: |
| 447 | unlock_dir(lower_dir_dentry); |
| 448 | sdcardfs_put_real_lower(dentry, &lower_path); |
| 449 | REVERT_CRED(saved_cred); |
| 450 | out_eacces: |
| 451 | return err; |
| 452 | } |
| 453 | |
| 454 | #if 0 |
| 455 | static int sdcardfs_mknod(struct inode *dir, struct dentry *dentry, int mode, |
| 456 | dev_t dev) |
| 457 | { |
| 458 | int err = 0; |
| 459 | struct dentry *lower_dentry; |
| 460 | struct dentry *lower_parent_dentry = NULL; |
| 461 | struct path lower_path; |
| 462 | |
| 463 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb)); |
| 464 | |
| 465 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 466 | lower_dentry = lower_path.dentry; |
| 467 | lower_parent_dentry = lock_parent(lower_dentry); |
| 468 | |
| 469 | err = mnt_want_write(lower_path.mnt); |
| 470 | if (err) |
| 471 | goto out_unlock; |
| 472 | err = vfs_mknod(lower_parent_dentry->d_inode, lower_dentry, mode, dev); |
| 473 | if (err) |
| 474 | goto out; |
| 475 | |
| 476 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path); |
| 477 | if (err) |
| 478 | goto out; |
| 479 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
| 480 | fsstack_copy_inode_size(dir, lower_parent_dentry->d_inode); |
| 481 | |
| 482 | out: |
| 483 | mnt_drop_write(lower_path.mnt); |
| 484 | out_unlock: |
| 485 | unlock_dir(lower_parent_dentry); |
| 486 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 487 | REVERT_CRED(); |
| 488 | return err; |
| 489 | } |
| 490 | #endif |
| 491 | |
| 492 | /* |
| 493 | * The locking rules in sdcardfs_rename are complex. We could use a simpler |
| 494 | * superblock-level name-space lock for renames and copy-ups. |
| 495 | */ |
| 496 | static int sdcardfs_rename(struct inode *old_dir, struct dentry *old_dentry, |
| 497 | struct inode *new_dir, struct dentry *new_dentry) |
| 498 | { |
| 499 | int err = 0; |
| 500 | struct dentry *lower_old_dentry = NULL; |
| 501 | struct dentry *lower_new_dentry = NULL; |
| 502 | struct dentry *lower_old_dir_dentry = NULL; |
| 503 | struct dentry *lower_new_dir_dentry = NULL; |
| 504 | struct dentry *trap = NULL; |
| 505 | struct dentry *new_parent = NULL; |
| 506 | struct path lower_old_path, lower_new_path; |
| 507 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(old_dentry->d_sb); |
| 508 | const struct cred *saved_cred = NULL; |
| 509 | |
| 510 | int has_rw = get_caller_has_rw_locked(sbi->pkgl_id, sbi->options.derive); |
| 511 | if(!check_caller_access_to_name(old_dir, old_dentry->d_name.name, |
| 512 | sbi->options.derive, 1, has_rw) || |
| 513 | !check_caller_access_to_name(new_dir, new_dentry->d_name.name, |
| 514 | sbi->options.derive, 1, has_rw)) { |
| 515 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 516 | " new_dentry: %s, task:%s\n", |
| 517 | __func__, new_dentry->d_name.name, current->comm); |
| 518 | err = -EACCES; |
| 519 | goto out_eacces; |
| 520 | } |
| 521 | |
| 522 | /* save current_cred and override it */ |
| 523 | OVERRIDE_CRED(SDCARDFS_SB(old_dir->i_sb), saved_cred); |
| 524 | |
| 525 | sdcardfs_get_real_lower(old_dentry, &lower_old_path); |
| 526 | sdcardfs_get_lower_path(new_dentry, &lower_new_path); |
| 527 | lower_old_dentry = lower_old_path.dentry; |
| 528 | lower_new_dentry = lower_new_path.dentry; |
| 529 | lower_old_dir_dentry = dget_parent(lower_old_dentry); |
| 530 | lower_new_dir_dentry = dget_parent(lower_new_dentry); |
| 531 | |
| 532 | trap = lock_rename(lower_old_dir_dentry, lower_new_dir_dentry); |
| 533 | /* source should not be ancestor of target */ |
| 534 | if (trap == lower_old_dentry) { |
| 535 | err = -EINVAL; |
| 536 | goto out; |
| 537 | } |
| 538 | /* target should not be ancestor of source */ |
| 539 | if (trap == lower_new_dentry) { |
| 540 | err = -ENOTEMPTY; |
| 541 | goto out; |
| 542 | } |
| 543 | |
| 544 | err = mnt_want_write(lower_old_path.mnt); |
| 545 | if (err) |
| 546 | goto out; |
| 547 | err = mnt_want_write(lower_new_path.mnt); |
| 548 | if (err) |
| 549 | goto out_drop_old_write; |
| 550 | |
| 551 | err = vfs_rename(lower_old_dir_dentry->d_inode, lower_old_dentry, |
| 552 | lower_new_dir_dentry->d_inode, lower_new_dentry); |
| 553 | if (err) |
| 554 | goto out_err; |
| 555 | |
| 556 | /* Copy attrs from lower dir, but i_uid/i_gid */ |
| 557 | fsstack_copy_attr_all(new_dir, lower_new_dir_dentry->d_inode); |
| 558 | fsstack_copy_inode_size(new_dir, lower_new_dir_dentry->d_inode); |
| 559 | fix_derived_permission(new_dir); |
| 560 | if (new_dir != old_dir) { |
| 561 | fsstack_copy_attr_all(old_dir, lower_old_dir_dentry->d_inode); |
| 562 | fsstack_copy_inode_size(old_dir, lower_old_dir_dentry->d_inode); |
| 563 | fix_derived_permission(old_dir); |
| 564 | /* update the derived permission of the old_dentry |
| 565 | * with its new parent |
| 566 | */ |
| 567 | new_parent = dget_parent(new_dentry); |
| 568 | if(new_parent) { |
| 569 | if(old_dentry->d_inode) { |
| 570 | get_derived_permission(new_parent, old_dentry); |
| 571 | fix_derived_permission(old_dentry->d_inode); |
| 572 | } |
| 573 | dput(new_parent); |
| 574 | } |
| 575 | } |
| 576 | |
| 577 | out_err: |
| 578 | mnt_drop_write(lower_new_path.mnt); |
| 579 | out_drop_old_write: |
| 580 | mnt_drop_write(lower_old_path.mnt); |
| 581 | out: |
| 582 | unlock_rename(lower_old_dir_dentry, lower_new_dir_dentry); |
| 583 | dput(lower_old_dir_dentry); |
| 584 | dput(lower_new_dir_dentry); |
| 585 | sdcardfs_put_real_lower(old_dentry, &lower_old_path); |
| 586 | sdcardfs_put_lower_path(new_dentry, &lower_new_path); |
| 587 | REVERT_CRED(saved_cred); |
| 588 | out_eacces: |
| 589 | return err; |
| 590 | } |
| 591 | |
| 592 | #if 0 |
| 593 | static int sdcardfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) |
| 594 | { |
| 595 | int err; |
| 596 | struct dentry *lower_dentry; |
| 597 | struct path lower_path; |
| 598 | /* XXX readlink does not requires overriding credential */ |
| 599 | |
| 600 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 601 | lower_dentry = lower_path.dentry; |
| 602 | if (!lower_dentry->d_inode->i_op || |
| 603 | !lower_dentry->d_inode->i_op->readlink) { |
| 604 | err = -EINVAL; |
| 605 | goto out; |
| 606 | } |
| 607 | |
| 608 | err = lower_dentry->d_inode->i_op->readlink(lower_dentry, |
| 609 | buf, bufsiz); |
| 610 | if (err < 0) |
| 611 | goto out; |
| 612 | fsstack_copy_attr_atime(dentry->d_inode, lower_dentry->d_inode); |
| 613 | |
| 614 | out: |
| 615 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 616 | return err; |
| 617 | } |
| 618 | #endif |
| 619 | |
| 620 | #if 0 |
| 621 | static void *sdcardfs_follow_link(struct dentry *dentry, struct nameidata *nd) |
| 622 | { |
| 623 | char *buf; |
| 624 | int len = PAGE_SIZE, err; |
| 625 | mm_segment_t old_fs; |
| 626 | |
| 627 | /* This is freed by the put_link method assuming a successful call. */ |
| 628 | buf = kmalloc(len, GFP_KERNEL); |
| 629 | if (!buf) { |
| 630 | buf = ERR_PTR(-ENOMEM); |
| 631 | goto out; |
| 632 | } |
| 633 | |
| 634 | /* read the symlink, and then we will follow it */ |
| 635 | old_fs = get_fs(); |
| 636 | set_fs(KERNEL_DS); |
| 637 | err = sdcardfs_readlink(dentry, buf, len); |
| 638 | set_fs(old_fs); |
| 639 | if (err < 0) { |
| 640 | kfree(buf); |
| 641 | buf = ERR_PTR(err); |
| 642 | } else { |
| 643 | buf[err] = '\0'; |
| 644 | } |
| 645 | out: |
| 646 | nd_set_link(nd, buf); |
| 647 | return NULL; |
| 648 | } |
| 649 | #endif |
| 650 | |
| 651 | #if 0 |
| 652 | /* this @nd *IS* still used */ |
| 653 | static void sdcardfs_put_link(struct dentry *dentry, struct nameidata *nd, |
| 654 | void *cookie) |
| 655 | { |
| 656 | char *buf = nd_get_link(nd); |
| 657 | if (!IS_ERR(buf)) /* free the char* */ |
| 658 | kfree(buf); |
| 659 | } |
| 660 | #endif |
| 661 | |
| 662 | static int sdcardfs_permission(struct inode *inode, int mask, unsigned int flags) |
| 663 | { |
| 664 | int err; |
| 665 | |
| 666 | if (flags & IPERM_FLAG_RCU) |
| 667 | return -ECHILD; |
| 668 | |
| 669 | /* |
| 670 | * Permission check on sdcardfs inode. |
| 671 | * Calling process should have AID_SDCARD_RW permission |
| 672 | */ |
| 673 | err = generic_permission(inode, mask, 0, inode->i_op->check_acl); |
| 674 | |
| 675 | /* XXX |
| 676 | * Original sdcardfs code calls inode_permission(lower_inode,.. ) |
| 677 | * for checking inode permission. But doing such things here seems |
| 678 | * duplicated work, because the functions called after this func, |
| 679 | * such as vfs_create, vfs_unlink, vfs_rename, and etc, |
| 680 | * does exactly same thing, i.e., they calls inode_permission(). |
| 681 | * So we just let they do the things. |
| 682 | * If there are any security hole, just uncomment following if block. |
| 683 | */ |
| 684 | #if 0 |
| 685 | if (!err) { |
| 686 | /* |
| 687 | * Permission check on lower_inode(=EXT4). |
| 688 | * we check it with AID_MEDIA_RW permission |
| 689 | */ |
| 690 | struct inode *lower_inode; |
| 691 | OVERRIDE_CRED(SDCARDFS_SB(inode->sb)); |
| 692 | |
| 693 | lower_inode = sdcardfs_lower_inode(inode); |
| 694 | err = inode_permission(lower_inode, mask); |
| 695 | |
| 696 | REVERT_CRED(); |
| 697 | } |
| 698 | #endif |
| 699 | return err; |
| 700 | |
| 701 | } |
| 702 | |
| 703 | static int sdcardfs_getattr(struct vfsmount *mnt, struct dentry *dentry, |
| 704 | struct kstat *stat) |
| 705 | { |
| 706 | struct dentry *lower_dentry; |
| 707 | struct inode *inode; |
| 708 | struct inode *lower_inode; |
| 709 | struct path lower_path; |
| 710 | struct dentry *parent; |
| 711 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 712 | |
| 713 | parent = dget_parent(dentry); |
| 714 | if(!check_caller_access_to_name(parent->d_inode, dentry->d_name.name, |
| 715 | sbi->options.derive, 0, 0)) { |
| 716 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 717 | " dentry: %s, task:%s\n", |
| 718 | __func__, dentry->d_name.name, current->comm); |
| 719 | dput(parent); |
| 720 | return -EACCES; |
| 721 | } |
| 722 | dput(parent); |
| 723 | |
| 724 | inode = dentry->d_inode; |
| 725 | |
| 726 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 727 | lower_dentry = lower_path.dentry; |
| 728 | lower_inode = sdcardfs_lower_inode(inode); |
| 729 | |
| 730 | fsstack_copy_attr_all(inode, lower_inode); |
| 731 | fsstack_copy_inode_size(inode, lower_inode); |
| 732 | /* if the dentry has been moved from other location |
| 733 | * so, on this stage, its derived permission must be |
| 734 | * rechecked from its private field. |
| 735 | */ |
| 736 | fix_derived_permission(inode); |
| 737 | |
| 738 | generic_fillattr(inode, stat); |
| 739 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 740 | return 0; |
| 741 | } |
| 742 | |
| 743 | static int sdcardfs_setattr(struct dentry *dentry, struct iattr *ia) |
| 744 | { |
| 745 | int err = 0; |
| 746 | struct dentry *lower_dentry; |
| 747 | struct inode *inode; |
| 748 | struct inode *lower_inode; |
| 749 | struct path lower_path; |
| 750 | struct iattr lower_ia; |
| 751 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 752 | struct dentry *parent; |
| 753 | int has_rw; |
| 754 | |
| 755 | inode = dentry->d_inode; |
| 756 | |
| 757 | /* |
| 758 | * Check if user has permission to change inode. We don't check if |
| 759 | * this user can change the lower inode: that should happen when |
| 760 | * calling notify_change on the lower inode. |
| 761 | */ |
| 762 | err = inode_change_ok(inode, ia); |
| 763 | |
| 764 | /* no vfs_XXX operations required, cred overriding will be skipped. wj*/ |
| 765 | if (!err) { |
| 766 | /* check the Android group ID */ |
| 767 | has_rw = get_caller_has_rw_locked(sbi->pkgl_id, sbi->options.derive); |
| 768 | parent = dget_parent(dentry); |
| 769 | if(!check_caller_access_to_name(parent->d_inode, dentry->d_name.name, |
| 770 | sbi->options.derive, 1, has_rw)) { |
| 771 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 772 | " dentry: %s, task:%s\n", |
| 773 | __func__, dentry->d_name.name, current->comm); |
| 774 | err = -EACCES; |
| 775 | } |
| 776 | dput(parent); |
| 777 | } |
| 778 | |
| 779 | if (err) |
| 780 | goto out_err; |
| 781 | |
| 782 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 783 | lower_dentry = lower_path.dentry; |
| 784 | lower_inode = sdcardfs_lower_inode(inode); |
| 785 | |
| 786 | /* prepare our own lower struct iattr (with the lower file) */ |
| 787 | memcpy(&lower_ia, ia, sizeof(lower_ia)); |
| 788 | if (ia->ia_valid & ATTR_FILE) |
| 789 | lower_ia.ia_file = sdcardfs_lower_file(ia->ia_file); |
| 790 | |
| 791 | lower_ia.ia_valid &= ~(ATTR_UID | ATTR_GID | ATTR_MODE); |
| 792 | |
| 793 | /* |
| 794 | * If shrinking, first truncate upper level to cancel writing dirty |
| 795 | * pages beyond the new eof; and also if its' maxbytes is more |
| 796 | * limiting (fail with -EFBIG before making any change to the lower |
| 797 | * level). There is no need to vmtruncate the upper level |
| 798 | * afterwards in the other cases: we fsstack_copy_inode_size from |
| 799 | * the lower level. |
| 800 | */ |
| 801 | if (current->mm) |
| 802 | down_write(¤t->mm->mmap_sem); |
| 803 | if (ia->ia_valid & ATTR_SIZE) { |
| 804 | err = inode_newsize_ok(inode, ia->ia_size); |
| 805 | if (err) { |
| 806 | if (current->mm) |
| 807 | up_write(¤t->mm->mmap_sem); |
| 808 | goto out; |
| 809 | } |
| 810 | truncate_setsize(inode, ia->ia_size); |
| 811 | } |
| 812 | |
| 813 | /* |
| 814 | * mode change is for clearing setuid/setgid bits. Allow lower fs |
| 815 | * to interpret this in its own way. |
| 816 | */ |
| 817 | if (lower_ia.ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) |
| 818 | lower_ia.ia_valid &= ~ATTR_MODE; |
| 819 | |
| 820 | /* notify the (possibly copied-up) lower inode */ |
| 821 | /* |
| 822 | * Note: we use lower_dentry->d_inode, because lower_inode may be |
| 823 | * unlinked (no inode->i_sb and i_ino==0. This happens if someone |
| 824 | * tries to open(), unlink(), then ftruncate() a file. |
| 825 | */ |
| 826 | mutex_lock(&lower_dentry->d_inode->i_mutex); |
| 827 | err = notify_change(lower_dentry, &lower_ia); /* note: lower_ia */ |
| 828 | mutex_unlock(&lower_dentry->d_inode->i_mutex); |
| 829 | if (current->mm) |
| 830 | up_write(¤t->mm->mmap_sem); |
| 831 | if (err) |
| 832 | goto out; |
| 833 | |
| 834 | /* get attributes from the lower inode */ |
| 835 | fsstack_copy_attr_all(inode, lower_inode); |
| 836 | /* update derived permission of the upper inode */ |
| 837 | fix_derived_permission(inode); |
| 838 | |
| 839 | /* |
| 840 | * Not running fsstack_copy_inode_size(inode, lower_inode), because |
| 841 | * VFS should update our inode size, and notify_change on |
| 842 | * lower_inode should update its size. |
| 843 | */ |
| 844 | |
| 845 | out: |
| 846 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 847 | out_err: |
| 848 | return err; |
| 849 | } |
| 850 | |
| 851 | const struct inode_operations sdcardfs_symlink_iops = { |
| 852 | .permission = sdcardfs_permission, |
| 853 | .setattr = sdcardfs_setattr, |
| 854 | /* XXX Following operations are implemented, |
| 855 | * but FUSE(sdcard) or FAT does not support them |
| 856 | * These methods are *NOT* perfectly tested. |
| 857 | .readlink = sdcardfs_readlink, |
| 858 | .follow_link = sdcardfs_follow_link, |
| 859 | .put_link = sdcardfs_put_link, |
| 860 | */ |
| 861 | }; |
| 862 | |
| 863 | const struct inode_operations sdcardfs_dir_iops = { |
| 864 | .create = sdcardfs_create, |
| 865 | .lookup = sdcardfs_lookup, |
| 866 | .permission = sdcardfs_permission, |
| 867 | .unlink = sdcardfs_unlink, |
| 868 | .mkdir = sdcardfs_mkdir, |
| 869 | .rmdir = sdcardfs_rmdir, |
| 870 | .rename = sdcardfs_rename, |
| 871 | .setattr = sdcardfs_setattr, |
| 872 | .getattr = sdcardfs_getattr, |
| 873 | /* XXX Following operations are implemented, |
| 874 | * but FUSE(sdcard) or FAT does not support them |
| 875 | * These methods are *NOT* perfectly tested. |
| 876 | .symlink = sdcardfs_symlink, |
| 877 | .link = sdcardfs_link, |
| 878 | .mknod = sdcardfs_mknod, |
| 879 | */ |
| 880 | }; |
| 881 | |
| 882 | const struct inode_operations sdcardfs_main_iops = { |
| 883 | .permission = sdcardfs_permission, |
| 884 | .setattr = sdcardfs_setattr, |
| 885 | .getattr = sdcardfs_getattr, |
| 886 | }; |