Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 1 | /* |
| 2 | * fs/sdcardfs/inode.c |
| 3 | * |
| 4 | * Copyright (c) 2013 Samsung Electronics Co. Ltd |
| 5 | * Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun, |
| 6 | * Sunghwan Yun, Sungjong Seo |
| 7 | * |
| 8 | * This program has been developed as a stackable file system based on |
| 9 | * the WrapFS which written by |
| 10 | * |
| 11 | * Copyright (c) 1998-2011 Erez Zadok |
| 12 | * Copyright (c) 2009 Shrikar Archak |
| 13 | * Copyright (c) 2003-2011 Stony Brook University |
| 14 | * Copyright (c) 2003-2011 The Research Foundation of SUNY |
| 15 | * |
| 16 | * This file is dual licensed. It may be redistributed and/or modified |
| 17 | * under the terms of the Apache 2.0 License OR version 2 of the GNU |
| 18 | * General Public License. |
| 19 | */ |
| 20 | |
| 21 | #include "sdcardfs.h" |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 22 | #include <linux/fs_struct.h> |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 23 | |
| 24 | /* Do not directly use this function. Use OVERRIDE_CRED() instead. */ |
| 25 | const struct cred * override_fsids(struct sdcardfs_sb_info* sbi) |
| 26 | { |
| 27 | struct cred * cred; |
| 28 | const struct cred * old_cred; |
| 29 | |
| 30 | cred = prepare_creds(); |
| 31 | if (!cred) |
| 32 | return NULL; |
| 33 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 34 | cred->fsuid = make_kuid(&init_user_ns, sbi->options.fs_low_uid); |
| 35 | cred->fsgid = make_kgid(&init_user_ns, sbi->options.fs_low_gid); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 36 | |
| 37 | old_cred = override_creds(cred); |
| 38 | |
| 39 | return old_cred; |
| 40 | } |
| 41 | |
| 42 | /* Do not directly use this function, use REVERT_CRED() instead. */ |
| 43 | void revert_fsids(const struct cred * old_cred) |
| 44 | { |
| 45 | const struct cred * cur_cred; |
| 46 | |
| 47 | cur_cred = current->cred; |
| 48 | revert_creds(old_cred); |
| 49 | put_cred(cur_cred); |
| 50 | } |
| 51 | |
| 52 | static int sdcardfs_create(struct inode *dir, struct dentry *dentry, |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 53 | umode_t mode, bool want_excl) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 54 | { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 55 | int err; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 56 | struct dentry *lower_dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 57 | struct vfsmount *lower_dentry_mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 58 | struct dentry *lower_parent_dentry = NULL; |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 59 | struct path lower_path; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 60 | const struct cred *saved_cred = NULL; |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 61 | struct fs_struct *saved_fs; |
| 62 | struct fs_struct *copied_fs; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 63 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 64 | if(!check_caller_access_to_name(dir, dentry->d_name.name)) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 65 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 66 | " dentry: %s, task:%s\n", |
| 67 | __func__, dentry->d_name.name, current->comm); |
| 68 | err = -EACCES; |
| 69 | goto out_eacces; |
| 70 | } |
| 71 | |
| 72 | /* save current_cred and override it */ |
| 73 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 74 | |
| 75 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 76 | lower_dentry = lower_path.dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 77 | lower_dentry_mnt = lower_path.mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 78 | lower_parent_dentry = lock_parent(lower_dentry); |
| 79 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 80 | /* set last 16bytes of mode field to 0664 */ |
| 81 | mode = (mode & S_IFMT) | 00664; |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 82 | |
| 83 | /* temporarily change umask for lower fs write */ |
| 84 | saved_fs = current->fs; |
| 85 | copied_fs = copy_fs_struct(current->fs); |
| 86 | if (!copied_fs) { |
| 87 | err = -ENOMEM; |
| 88 | goto out_unlock; |
| 89 | } |
| 90 | current->fs = copied_fs; |
| 91 | current->fs->umask = 0; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 92 | err = vfs_create2(lower_dentry_mnt, d_inode(lower_parent_dentry), lower_dentry, mode, want_excl); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 93 | if (err) |
| 94 | goto out; |
| 95 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 96 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path, SDCARDFS_I(dir)->userid); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 97 | if (err) |
| 98 | goto out; |
| 99 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 100 | fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 101 | |
| 102 | out: |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 103 | current->fs = saved_fs; |
| 104 | free_fs_struct(copied_fs); |
| 105 | out_unlock: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 106 | unlock_dir(lower_parent_dentry); |
| 107 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 108 | REVERT_CRED(saved_cred); |
| 109 | out_eacces: |
| 110 | return err; |
| 111 | } |
| 112 | |
| 113 | #if 0 |
| 114 | static int sdcardfs_link(struct dentry *old_dentry, struct inode *dir, |
| 115 | struct dentry *new_dentry) |
| 116 | { |
| 117 | struct dentry *lower_old_dentry; |
| 118 | struct dentry *lower_new_dentry; |
| 119 | struct dentry *lower_dir_dentry; |
| 120 | u64 file_size_save; |
| 121 | int err; |
| 122 | struct path lower_old_path, lower_new_path; |
| 123 | |
| 124 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb)); |
| 125 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 126 | file_size_save = i_size_read(d_inode(old_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 127 | sdcardfs_get_lower_path(old_dentry, &lower_old_path); |
| 128 | sdcardfs_get_lower_path(new_dentry, &lower_new_path); |
| 129 | lower_old_dentry = lower_old_path.dentry; |
| 130 | lower_new_dentry = lower_new_path.dentry; |
| 131 | lower_dir_dentry = lock_parent(lower_new_dentry); |
| 132 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 133 | err = vfs_link(lower_old_dentry, d_inode(lower_dir_dentry), |
| 134 | lower_new_dentry, NULL); |
| 135 | if (err || !d_inode(lower_new_dentry)) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 136 | goto out; |
| 137 | |
| 138 | err = sdcardfs_interpose(new_dentry, dir->i_sb, &lower_new_path); |
| 139 | if (err) |
| 140 | goto out; |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 141 | fsstack_copy_attr_times(dir, d_inode(lower_new_dentry)); |
| 142 | fsstack_copy_inode_size(dir, d_inode(lower_new_dentry)); |
| 143 | set_nlink(d_inode(old_dentry), |
| 144 | sdcardfs_lower_inode(d_inode(old_dentry))->i_nlink); |
| 145 | i_size_write(d_inode(new_dentry), file_size_save); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 146 | out: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 147 | unlock_dir(lower_dir_dentry); |
| 148 | sdcardfs_put_lower_path(old_dentry, &lower_old_path); |
| 149 | sdcardfs_put_lower_path(new_dentry, &lower_new_path); |
| 150 | REVERT_CRED(); |
| 151 | return err; |
| 152 | } |
| 153 | #endif |
| 154 | |
| 155 | static int sdcardfs_unlink(struct inode *dir, struct dentry *dentry) |
| 156 | { |
| 157 | int err; |
| 158 | struct dentry *lower_dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 159 | struct vfsmount *lower_mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 160 | struct inode *lower_dir_inode = sdcardfs_lower_inode(dir); |
| 161 | struct dentry *lower_dir_dentry; |
| 162 | struct path lower_path; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 163 | const struct cred *saved_cred = NULL; |
| 164 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 165 | if(!check_caller_access_to_name(dir, dentry->d_name.name)) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 166 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 167 | " dentry: %s, task:%s\n", |
| 168 | __func__, dentry->d_name.name, current->comm); |
| 169 | err = -EACCES; |
| 170 | goto out_eacces; |
| 171 | } |
| 172 | |
| 173 | /* save current_cred and override it */ |
| 174 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 175 | |
| 176 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 177 | lower_dentry = lower_path.dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 178 | lower_mnt = lower_path.mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 179 | dget(lower_dentry); |
| 180 | lower_dir_dentry = lock_parent(lower_dentry); |
| 181 | |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 182 | err = vfs_unlink2(lower_mnt, lower_dir_inode, lower_dentry, NULL); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 183 | |
| 184 | /* |
| 185 | * Note: unlinking on top of NFS can cause silly-renamed files. |
| 186 | * Trying to delete such files results in EBUSY from NFS |
| 187 | * below. Silly-renamed files will get deleted by NFS later on, so |
| 188 | * we just need to detect them here and treat such EBUSY errors as |
| 189 | * if the upper file was successfully deleted. |
| 190 | */ |
| 191 | if (err == -EBUSY && lower_dentry->d_flags & DCACHE_NFSFS_RENAMED) |
| 192 | err = 0; |
| 193 | if (err) |
| 194 | goto out; |
| 195 | fsstack_copy_attr_times(dir, lower_dir_inode); |
| 196 | fsstack_copy_inode_size(dir, lower_dir_inode); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 197 | set_nlink(d_inode(dentry), |
| 198 | sdcardfs_lower_inode(d_inode(dentry))->i_nlink); |
| 199 | d_inode(dentry)->i_ctime = dir->i_ctime; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 200 | d_drop(dentry); /* this is needed, else LTP fails (VFS won't do it) */ |
| 201 | out: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 202 | unlock_dir(lower_dir_dentry); |
| 203 | dput(lower_dentry); |
| 204 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 205 | REVERT_CRED(saved_cred); |
| 206 | out_eacces: |
| 207 | return err; |
| 208 | } |
| 209 | |
| 210 | #if 0 |
| 211 | static int sdcardfs_symlink(struct inode *dir, struct dentry *dentry, |
| 212 | const char *symname) |
| 213 | { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 214 | int err; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 215 | struct dentry *lower_dentry; |
| 216 | struct dentry *lower_parent_dentry = NULL; |
| 217 | struct path lower_path; |
| 218 | |
| 219 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb)); |
| 220 | |
| 221 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 222 | lower_dentry = lower_path.dentry; |
| 223 | lower_parent_dentry = lock_parent(lower_dentry); |
| 224 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 225 | err = vfs_symlink(d_inode(lower_parent_dentry), lower_dentry, symname); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 226 | if (err) |
| 227 | goto out; |
| 228 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path); |
| 229 | if (err) |
| 230 | goto out; |
| 231 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 232 | fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 233 | |
| 234 | out: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 235 | unlock_dir(lower_parent_dentry); |
| 236 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 237 | REVERT_CRED(); |
| 238 | return err; |
| 239 | } |
| 240 | #endif |
| 241 | |
| 242 | static int touch(char *abs_path, mode_t mode) { |
| 243 | struct file *filp = filp_open(abs_path, O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW, mode); |
| 244 | if (IS_ERR(filp)) { |
| 245 | if (PTR_ERR(filp) == -EEXIST) { |
| 246 | return 0; |
| 247 | } |
| 248 | else { |
| 249 | printk(KERN_ERR "sdcardfs: failed to open(%s): %ld\n", |
| 250 | abs_path, PTR_ERR(filp)); |
| 251 | return PTR_ERR(filp); |
| 252 | } |
| 253 | } |
| 254 | filp_close(filp, current->files); |
| 255 | return 0; |
| 256 | } |
| 257 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 258 | static int sdcardfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 259 | { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 260 | int err; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 261 | int make_nomedia_in_obb = 0; |
| 262 | struct dentry *lower_dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 263 | struct vfsmount *lower_mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 264 | struct dentry *lower_parent_dentry = NULL; |
| 265 | struct path lower_path; |
| 266 | struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb); |
| 267 | const struct cred *saved_cred = NULL; |
| 268 | struct sdcardfs_inode_info *pi = SDCARDFS_I(dir); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 269 | int touch_err = 0; |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 270 | struct fs_struct *saved_fs; |
| 271 | struct fs_struct *copied_fs; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 272 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 273 | if(!check_caller_access_to_name(dir, dentry->d_name.name)) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 274 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 275 | " dentry: %s, task:%s\n", |
| 276 | __func__, dentry->d_name.name, current->comm); |
| 277 | err = -EACCES; |
| 278 | goto out_eacces; |
| 279 | } |
| 280 | |
| 281 | /* save current_cred and override it */ |
| 282 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 283 | |
| 284 | /* check disk space */ |
| 285 | if (!check_min_free_space(dentry, 0, 1)) { |
| 286 | printk(KERN_INFO "sdcardfs: No minimum free space.\n"); |
| 287 | err = -ENOSPC; |
| 288 | goto out_revert; |
| 289 | } |
| 290 | |
| 291 | /* the lower_dentry is negative here */ |
| 292 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 293 | lower_dentry = lower_path.dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 294 | lower_mnt = lower_path.mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 295 | lower_parent_dentry = lock_parent(lower_dentry); |
| 296 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 297 | /* set last 16bytes of mode field to 0775 */ |
| 298 | mode = (mode & S_IFMT) | 00775; |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 299 | |
| 300 | /* temporarily change umask for lower fs write */ |
| 301 | saved_fs = current->fs; |
| 302 | copied_fs = copy_fs_struct(current->fs); |
| 303 | if (!copied_fs) { |
| 304 | err = -ENOMEM; |
Daniel Rosenberg | 9480415 | 2016-09-26 14:48:22 -0700 | [diff] [blame] | 305 | unlock_dir(lower_parent_dentry); |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 306 | goto out_unlock; |
| 307 | } |
| 308 | current->fs = copied_fs; |
| 309 | current->fs->umask = 0; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 310 | err = vfs_mkdir2(lower_mnt, d_inode(lower_parent_dentry), lower_dentry, mode); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 311 | |
Daniel Rosenberg | 9480415 | 2016-09-26 14:48:22 -0700 | [diff] [blame] | 312 | if (err) { |
| 313 | unlock_dir(lower_parent_dentry); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 314 | goto out; |
Daniel Rosenberg | 9480415 | 2016-09-26 14:48:22 -0700 | [diff] [blame] | 315 | } |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 316 | |
| 317 | /* if it is a local obb dentry, setup it with the base obbpath */ |
| 318 | if(need_graft_path(dentry)) { |
| 319 | |
| 320 | err = setup_obb_dentry(dentry, &lower_path); |
| 321 | if(err) { |
| 322 | /* if the sbi->obbpath is not available, the lower_path won't be |
| 323 | * changed by setup_obb_dentry() but the lower path is saved to |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 324 | * its orig_path. this dentry will be revalidated later. |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 325 | * but now, the lower_path should be NULL */ |
| 326 | sdcardfs_put_reset_lower_path(dentry); |
| 327 | |
| 328 | /* the newly created lower path which saved to its orig_path or |
| 329 | * the lower_path is the base obbpath. |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 330 | * therefore, an additional path_get is required */ |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 331 | path_get(&lower_path); |
| 332 | } else |
| 333 | make_nomedia_in_obb = 1; |
| 334 | } |
| 335 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 336 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path, pi->userid); |
Daniel Rosenberg | 9480415 | 2016-09-26 14:48:22 -0700 | [diff] [blame] | 337 | if (err) { |
| 338 | unlock_dir(lower_parent_dentry); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 339 | goto out; |
Daniel Rosenberg | 9480415 | 2016-09-26 14:48:22 -0700 | [diff] [blame] | 340 | } |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 341 | |
| 342 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 343 | fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 344 | /* update number of links on parent directory */ |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 345 | set_nlink(dir, sdcardfs_lower_inode(dir)->i_nlink); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 346 | |
Daniel Rosenberg | 9480415 | 2016-09-26 14:48:22 -0700 | [diff] [blame] | 347 | unlock_dir(lower_parent_dentry); |
| 348 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 349 | if ((!sbi->options.multiuser) && (!strcasecmp(dentry->d_name.name, "obb")) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 350 | && (pi->perm == PERM_ANDROID) && (pi->userid == 0)) |
| 351 | make_nomedia_in_obb = 1; |
| 352 | |
| 353 | /* When creating /Android/data and /Android/obb, mark them as .nomedia */ |
| 354 | if (make_nomedia_in_obb || |
| 355 | ((pi->perm == PERM_ANDROID) && (!strcasecmp(dentry->d_name.name, "data")))) { |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 356 | set_fs_pwd(current->fs, &lower_path); |
| 357 | touch_err = touch(".nomedia", 0664); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 358 | if (touch_err) { |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 359 | printk(KERN_ERR "sdcardfs: failed to create .nomedia in %s: %d\n", |
| 360 | lower_path.dentry->d_name.name, touch_err); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 361 | goto out; |
| 362 | } |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 363 | } |
| 364 | out: |
Daniel Rosenberg | 2b31462 | 2016-04-13 16:38:34 -0700 | [diff] [blame] | 365 | current->fs = saved_fs; |
| 366 | free_fs_struct(copied_fs); |
| 367 | out_unlock: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 368 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 369 | out_revert: |
| 370 | REVERT_CRED(saved_cred); |
| 371 | out_eacces: |
| 372 | return err; |
| 373 | } |
| 374 | |
| 375 | static int sdcardfs_rmdir(struct inode *dir, struct dentry *dentry) |
| 376 | { |
| 377 | struct dentry *lower_dentry; |
| 378 | struct dentry *lower_dir_dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 379 | struct vfsmount *lower_mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 380 | int err; |
| 381 | struct path lower_path; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 382 | const struct cred *saved_cred = NULL; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 383 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 384 | if(!check_caller_access_to_name(dir, dentry->d_name.name)) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 385 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 386 | " dentry: %s, task:%s\n", |
| 387 | __func__, dentry->d_name.name, current->comm); |
| 388 | err = -EACCES; |
| 389 | goto out_eacces; |
| 390 | } |
| 391 | |
| 392 | /* save current_cred and override it */ |
| 393 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred); |
| 394 | |
| 395 | /* sdcardfs_get_real_lower(): in case of remove an user's obb dentry |
| 396 | * the dentry on the original path should be deleted. */ |
| 397 | sdcardfs_get_real_lower(dentry, &lower_path); |
| 398 | |
| 399 | lower_dentry = lower_path.dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 400 | lower_mnt = lower_path.mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 401 | lower_dir_dentry = lock_parent(lower_dentry); |
| 402 | |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 403 | err = vfs_rmdir2(lower_mnt, d_inode(lower_dir_dentry), lower_dentry); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 404 | if (err) |
| 405 | goto out; |
| 406 | |
| 407 | d_drop(dentry); /* drop our dentry on success (why not VFS's job?) */ |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 408 | if (d_inode(dentry)) |
| 409 | clear_nlink(d_inode(dentry)); |
| 410 | fsstack_copy_attr_times(dir, d_inode(lower_dir_dentry)); |
| 411 | fsstack_copy_inode_size(dir, d_inode(lower_dir_dentry)); |
| 412 | set_nlink(dir, d_inode(lower_dir_dentry)->i_nlink); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 413 | |
| 414 | out: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 415 | unlock_dir(lower_dir_dentry); |
| 416 | sdcardfs_put_real_lower(dentry, &lower_path); |
| 417 | REVERT_CRED(saved_cred); |
| 418 | out_eacces: |
| 419 | return err; |
| 420 | } |
| 421 | |
| 422 | #if 0 |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 423 | static int sdcardfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 424 | dev_t dev) |
| 425 | { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 426 | int err; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 427 | struct dentry *lower_dentry; |
| 428 | struct dentry *lower_parent_dentry = NULL; |
| 429 | struct path lower_path; |
| 430 | |
| 431 | OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb)); |
| 432 | |
| 433 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 434 | lower_dentry = lower_path.dentry; |
| 435 | lower_parent_dentry = lock_parent(lower_dentry); |
| 436 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 437 | err = vfs_mknod(d_inode(lower_parent_dentry), lower_dentry, mode, dev); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 438 | if (err) |
| 439 | goto out; |
| 440 | |
| 441 | err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path); |
| 442 | if (err) |
| 443 | goto out; |
| 444 | fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir)); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 445 | fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 446 | |
| 447 | out: |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 448 | unlock_dir(lower_parent_dentry); |
| 449 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 450 | REVERT_CRED(); |
| 451 | return err; |
| 452 | } |
| 453 | #endif |
| 454 | |
| 455 | /* |
| 456 | * The locking rules in sdcardfs_rename are complex. We could use a simpler |
| 457 | * superblock-level name-space lock for renames and copy-ups. |
| 458 | */ |
| 459 | static int sdcardfs_rename(struct inode *old_dir, struct dentry *old_dentry, |
Amit Pundir | d4ae31b | 2016-10-16 15:24:15 +0530 | [diff] [blame] | 460 | struct inode *new_dir, struct dentry *new_dentry, |
| 461 | unsigned int flags) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 462 | { |
| 463 | int err = 0; |
| 464 | struct dentry *lower_old_dentry = NULL; |
| 465 | struct dentry *lower_new_dentry = NULL; |
| 466 | struct dentry *lower_old_dir_dentry = NULL; |
| 467 | struct dentry *lower_new_dir_dentry = NULL; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 468 | struct vfsmount *lower_mnt = NULL; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 469 | struct dentry *trap = NULL; |
| 470 | struct dentry *new_parent = NULL; |
| 471 | struct path lower_old_path, lower_new_path; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 472 | const struct cred *saved_cred = NULL; |
| 473 | |
Amit Pundir | d4ae31b | 2016-10-16 15:24:15 +0530 | [diff] [blame] | 474 | if (flags) |
| 475 | return -EINVAL; |
| 476 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 477 | if(!check_caller_access_to_name(old_dir, old_dentry->d_name.name) || |
| 478 | !check_caller_access_to_name(new_dir, new_dentry->d_name.name)) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 479 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 480 | " new_dentry: %s, task:%s\n", |
| 481 | __func__, new_dentry->d_name.name, current->comm); |
| 482 | err = -EACCES; |
| 483 | goto out_eacces; |
| 484 | } |
| 485 | |
| 486 | /* save current_cred and override it */ |
| 487 | OVERRIDE_CRED(SDCARDFS_SB(old_dir->i_sb), saved_cred); |
| 488 | |
| 489 | sdcardfs_get_real_lower(old_dentry, &lower_old_path); |
| 490 | sdcardfs_get_lower_path(new_dentry, &lower_new_path); |
| 491 | lower_old_dentry = lower_old_path.dentry; |
| 492 | lower_new_dentry = lower_new_path.dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 493 | lower_mnt = lower_old_path.mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 494 | lower_old_dir_dentry = dget_parent(lower_old_dentry); |
| 495 | lower_new_dir_dentry = dget_parent(lower_new_dentry); |
| 496 | |
| 497 | trap = lock_rename(lower_old_dir_dentry, lower_new_dir_dentry); |
| 498 | /* source should not be ancestor of target */ |
| 499 | if (trap == lower_old_dentry) { |
| 500 | err = -EINVAL; |
| 501 | goto out; |
| 502 | } |
| 503 | /* target should not be ancestor of source */ |
| 504 | if (trap == lower_new_dentry) { |
| 505 | err = -ENOTEMPTY; |
| 506 | goto out; |
| 507 | } |
| 508 | |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 509 | err = vfs_rename2(lower_mnt, |
| 510 | d_inode(lower_old_dir_dentry), lower_old_dentry, |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 511 | d_inode(lower_new_dir_dentry), lower_new_dentry, |
| 512 | NULL, 0); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 513 | if (err) |
| 514 | goto out; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 515 | |
| 516 | /* Copy attrs from lower dir, but i_uid/i_gid */ |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 517 | sdcardfs_copy_and_fix_attrs(new_dir, d_inode(lower_new_dir_dentry)); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 518 | fsstack_copy_inode_size(new_dir, d_inode(lower_new_dir_dentry)); |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 519 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 520 | if (new_dir != old_dir) { |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 521 | sdcardfs_copy_and_fix_attrs(old_dir, d_inode(lower_old_dir_dentry)); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 522 | fsstack_copy_inode_size(old_dir, d_inode(lower_old_dir_dentry)); |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 523 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 524 | /* update the derived permission of the old_dentry |
| 525 | * with its new parent |
| 526 | */ |
| 527 | new_parent = dget_parent(new_dentry); |
| 528 | if(new_parent) { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 529 | if(d_inode(old_dentry)) { |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 530 | update_derived_permission_lock(old_dentry); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 531 | } |
| 532 | dput(new_parent); |
| 533 | } |
| 534 | } |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 535 | /* At this point, not all dentry information has been moved, so |
| 536 | * we pass along new_dentry for the name.*/ |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 537 | get_derived_permission_new(new_dentry->d_parent, old_dentry, new_dentry); |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 538 | fixup_tmp_permissions(d_inode(old_dentry)); |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 539 | fixup_top_recursive(old_dentry); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 540 | out: |
| 541 | unlock_rename(lower_old_dir_dentry, lower_new_dir_dentry); |
| 542 | dput(lower_old_dir_dentry); |
| 543 | dput(lower_new_dir_dentry); |
| 544 | sdcardfs_put_real_lower(old_dentry, &lower_old_path); |
| 545 | sdcardfs_put_lower_path(new_dentry, &lower_new_path); |
| 546 | REVERT_CRED(saved_cred); |
| 547 | out_eacces: |
| 548 | return err; |
| 549 | } |
| 550 | |
| 551 | #if 0 |
| 552 | static int sdcardfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz) |
| 553 | { |
| 554 | int err; |
| 555 | struct dentry *lower_dentry; |
| 556 | struct path lower_path; |
| 557 | /* XXX readlink does not requires overriding credential */ |
| 558 | |
| 559 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 560 | lower_dentry = lower_path.dentry; |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 561 | if (!d_inode(lower_dentry)->i_op || |
| 562 | !d_inode(lower_dentry)->i_op->readlink) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 563 | err = -EINVAL; |
| 564 | goto out; |
| 565 | } |
| 566 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 567 | err = d_inode(lower_dentry)->i_op->readlink(lower_dentry, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 568 | buf, bufsiz); |
| 569 | if (err < 0) |
| 570 | goto out; |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 571 | fsstack_copy_attr_atime(d_inode(dentry), d_inode(lower_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 572 | |
| 573 | out: |
| 574 | sdcardfs_put_lower_path(dentry, &lower_path); |
| 575 | return err; |
| 576 | } |
| 577 | #endif |
| 578 | |
| 579 | #if 0 |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 580 | static const char *sdcardfs_follow_link(struct dentry *dentry, void **cookie) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 581 | { |
| 582 | char *buf; |
| 583 | int len = PAGE_SIZE, err; |
| 584 | mm_segment_t old_fs; |
| 585 | |
| 586 | /* This is freed by the put_link method assuming a successful call. */ |
| 587 | buf = kmalloc(len, GFP_KERNEL); |
| 588 | if (!buf) { |
| 589 | buf = ERR_PTR(-ENOMEM); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 590 | return buf; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 591 | } |
| 592 | |
| 593 | /* read the symlink, and then we will follow it */ |
| 594 | old_fs = get_fs(); |
| 595 | set_fs(KERNEL_DS); |
| 596 | err = sdcardfs_readlink(dentry, buf, len); |
| 597 | set_fs(old_fs); |
| 598 | if (err < 0) { |
| 599 | kfree(buf); |
| 600 | buf = ERR_PTR(err); |
| 601 | } else { |
| 602 | buf[err] = '\0'; |
| 603 | } |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 604 | return *cookie = buf; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 605 | } |
| 606 | #endif |
| 607 | |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 608 | static int sdcardfs_permission_wrn(struct inode *inode, int mask) |
| 609 | { |
| 610 | WARN(1, "sdcardfs does not support permission. Use permission2.\n"); |
| 611 | return -EINVAL; |
| 612 | } |
| 613 | |
| 614 | void copy_attrs(struct inode *dest, const struct inode *src) |
| 615 | { |
| 616 | dest->i_mode = src->i_mode; |
| 617 | dest->i_uid = src->i_uid; |
| 618 | dest->i_gid = src->i_gid; |
| 619 | dest->i_rdev = src->i_rdev; |
| 620 | dest->i_atime = src->i_atime; |
| 621 | dest->i_mtime = src->i_mtime; |
| 622 | dest->i_ctime = src->i_ctime; |
| 623 | dest->i_blkbits = src->i_blkbits; |
| 624 | dest->i_flags = src->i_flags; |
| 625 | #ifdef CONFIG_FS_POSIX_ACL |
| 626 | dest->i_acl = src->i_acl; |
| 627 | #endif |
| 628 | #ifdef CONFIG_SECURITY |
| 629 | dest->i_security = src->i_security; |
| 630 | #endif |
| 631 | } |
| 632 | |
| 633 | static int sdcardfs_permission(struct vfsmount *mnt, struct inode *inode, int mask) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 634 | { |
| 635 | int err; |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 636 | struct inode tmp; |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 637 | struct inode *top = grab_top(SDCARDFS_I(inode)); |
| 638 | |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 639 | if (!top) { |
| 640 | release_top(SDCARDFS_I(inode)); |
| 641 | WARN(1, "Top value was null!\n"); |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 642 | return -EINVAL; |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 643 | } |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 644 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 645 | /* |
| 646 | * Permission check on sdcardfs inode. |
| 647 | * Calling process should have AID_SDCARD_RW permission |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 648 | * Since generic_permission only needs i_mode, i_uid, |
| 649 | * i_gid, and i_sb, we can create a fake inode to pass |
| 650 | * this information down in. |
| 651 | * |
| 652 | * The underlying code may attempt to take locks in some |
| 653 | * cases for features we're not using, but if that changes, |
| 654 | * locks must be dealt with to avoid undefined behavior. |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 655 | */ |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 656 | copy_attrs(&tmp, inode); |
| 657 | tmp.i_uid = make_kuid(&init_user_ns, SDCARDFS_I(top)->d_uid); |
| 658 | tmp.i_gid = make_kgid(&init_user_ns, get_gid(mnt, SDCARDFS_I(top))); |
| 659 | tmp.i_mode = (inode->i_mode & S_IFMT) | get_mode(mnt, SDCARDFS_I(top)); |
| 660 | release_top(SDCARDFS_I(inode)); |
| 661 | tmp.i_sb = inode->i_sb; |
| 662 | if (IS_POSIXACL(inode)) |
| 663 | printk(KERN_WARNING "%s: This may be undefined behavior... \n", __func__); |
| 664 | err = generic_permission(&tmp, mask); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 665 | /* XXX |
| 666 | * Original sdcardfs code calls inode_permission(lower_inode,.. ) |
| 667 | * for checking inode permission. But doing such things here seems |
| 668 | * duplicated work, because the functions called after this func, |
| 669 | * such as vfs_create, vfs_unlink, vfs_rename, and etc, |
| 670 | * does exactly same thing, i.e., they calls inode_permission(). |
| 671 | * So we just let they do the things. |
| 672 | * If there are any security hole, just uncomment following if block. |
| 673 | */ |
| 674 | #if 0 |
| 675 | if (!err) { |
| 676 | /* |
| 677 | * Permission check on lower_inode(=EXT4). |
| 678 | * we check it with AID_MEDIA_RW permission |
| 679 | */ |
| 680 | struct inode *lower_inode; |
| 681 | OVERRIDE_CRED(SDCARDFS_SB(inode->sb)); |
| 682 | |
| 683 | lower_inode = sdcardfs_lower_inode(inode); |
| 684 | err = inode_permission(lower_inode, mask); |
| 685 | |
| 686 | REVERT_CRED(); |
| 687 | } |
| 688 | #endif |
| 689 | return err; |
| 690 | |
| 691 | } |
| 692 | |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 693 | static int sdcardfs_setattr_wrn(struct dentry *dentry, struct iattr *ia) |
| 694 | { |
| 695 | WARN(1, "sdcardfs does not support setattr. User setattr2.\n"); |
| 696 | return -EINVAL; |
| 697 | } |
| 698 | |
| 699 | static int sdcardfs_setattr(struct vfsmount *mnt, struct dentry *dentry, struct iattr *ia) |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 700 | { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 701 | int err; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 702 | struct dentry *lower_dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 703 | struct vfsmount *lower_mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 704 | struct inode *inode; |
| 705 | struct inode *lower_inode; |
| 706 | struct path lower_path; |
| 707 | struct iattr lower_ia; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 708 | struct dentry *parent; |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 709 | struct inode tmp; |
Amit Pundir | 82a2800 | 2016-10-11 13:26:17 +0530 | [diff] [blame] | 710 | struct dentry tmp_d; |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 711 | struct inode *top; |
| 712 | const struct cred *saved_cred = NULL; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 713 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 714 | inode = d_inode(dentry); |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 715 | top = grab_top(SDCARDFS_I(inode)); |
| 716 | |
| 717 | if (!top) { |
| 718 | release_top(SDCARDFS_I(inode)); |
| 719 | return -EINVAL; |
| 720 | } |
| 721 | |
| 722 | /* |
| 723 | * Permission check on sdcardfs inode. |
| 724 | * Calling process should have AID_SDCARD_RW permission |
| 725 | * Since generic_permission only needs i_mode, i_uid, |
| 726 | * i_gid, and i_sb, we can create a fake inode to pass |
| 727 | * this information down in. |
| 728 | * |
| 729 | * The underlying code may attempt to take locks in some |
| 730 | * cases for features we're not using, but if that changes, |
| 731 | * locks must be dealt with to avoid undefined behavior. |
| 732 | * |
| 733 | */ |
| 734 | copy_attrs(&tmp, inode); |
| 735 | tmp.i_uid = make_kuid(&init_user_ns, SDCARDFS_I(top)->d_uid); |
| 736 | tmp.i_gid = make_kgid(&init_user_ns, get_gid(mnt, SDCARDFS_I(top))); |
| 737 | tmp.i_mode = (inode->i_mode & S_IFMT) | get_mode(mnt, SDCARDFS_I(top)); |
| 738 | tmp.i_size = i_size_read(inode); |
| 739 | release_top(SDCARDFS_I(inode)); |
| 740 | tmp.i_sb = inode->i_sb; |
Amit Pundir | 82a2800 | 2016-10-11 13:26:17 +0530 | [diff] [blame] | 741 | tmp_d.d_inode = &tmp; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 742 | |
| 743 | /* |
Amit Pundir | 82a2800 | 2016-10-11 13:26:17 +0530 | [diff] [blame] | 744 | * Check if user has permission to change dentry. We don't check if |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 745 | * this user can change the lower inode: that should happen when |
| 746 | * calling notify_change on the lower inode. |
| 747 | */ |
Daniel Rosenberg | 83d1cad | 2017-01-20 15:19:13 -0800 | [diff] [blame^] | 748 | /* prepare our own lower struct iattr (with the lower file) */ |
| 749 | memcpy(&lower_ia, ia, sizeof(lower_ia)); |
| 750 | /* Allow touch updating timestamps. A previous permission check ensures |
| 751 | * we have write access. Changes to mode, owner, and group are ignored*/ |
| 752 | ia->ia_valid |= ATTR_FORCE; |
Amit Pundir | 82a2800 | 2016-10-11 13:26:17 +0530 | [diff] [blame] | 753 | err = setattr_prepare(&tmp_d, ia); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 754 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 755 | if (!err) { |
| 756 | /* check the Android group ID */ |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 757 | parent = dget_parent(dentry); |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 758 | if(!check_caller_access_to_name(d_inode(parent), dentry->d_name.name)) { |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 759 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 760 | " dentry: %s, task:%s\n", |
| 761 | __func__, dentry->d_name.name, current->comm); |
| 762 | err = -EACCES; |
| 763 | } |
| 764 | dput(parent); |
| 765 | } |
| 766 | |
| 767 | if (err) |
| 768 | goto out_err; |
| 769 | |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 770 | /* save current_cred and override it */ |
| 771 | OVERRIDE_CRED(SDCARDFS_SB(dentry->d_sb), saved_cred); |
| 772 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 773 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 774 | lower_dentry = lower_path.dentry; |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 775 | lower_mnt = lower_path.mnt; |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 776 | lower_inode = sdcardfs_lower_inode(inode); |
| 777 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 778 | if (ia->ia_valid & ATTR_FILE) |
| 779 | lower_ia.ia_file = sdcardfs_lower_file(ia->ia_file); |
| 780 | |
| 781 | lower_ia.ia_valid &= ~(ATTR_UID | ATTR_GID | ATTR_MODE); |
| 782 | |
| 783 | /* |
| 784 | * If shrinking, first truncate upper level to cancel writing dirty |
| 785 | * pages beyond the new eof; and also if its' maxbytes is more |
| 786 | * limiting (fail with -EFBIG before making any change to the lower |
| 787 | * level). There is no need to vmtruncate the upper level |
| 788 | * afterwards in the other cases: we fsstack_copy_inode_size from |
| 789 | * the lower level. |
| 790 | */ |
| 791 | if (current->mm) |
| 792 | down_write(¤t->mm->mmap_sem); |
| 793 | if (ia->ia_valid & ATTR_SIZE) { |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 794 | err = inode_newsize_ok(&tmp, ia->ia_size); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 795 | if (err) { |
| 796 | if (current->mm) |
| 797 | up_write(¤t->mm->mmap_sem); |
| 798 | goto out; |
| 799 | } |
| 800 | truncate_setsize(inode, ia->ia_size); |
| 801 | } |
| 802 | |
| 803 | /* |
| 804 | * mode change is for clearing setuid/setgid bits. Allow lower fs |
| 805 | * to interpret this in its own way. |
| 806 | */ |
| 807 | if (lower_ia.ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID)) |
| 808 | lower_ia.ia_valid &= ~ATTR_MODE; |
| 809 | |
| 810 | /* notify the (possibly copied-up) lower inode */ |
| 811 | /* |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 812 | * Note: we use d_inode(lower_dentry), because lower_inode may be |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 813 | * unlinked (no inode->i_sb and i_ino==0. This happens if someone |
| 814 | * tries to open(), unlink(), then ftruncate() a file. |
| 815 | */ |
Amit Pundir | b47e110 | 2016-06-01 21:53:20 +0530 | [diff] [blame] | 816 | inode_lock(d_inode(lower_dentry)); |
Daniel Rosenberg | 1844d9e | 2016-10-26 16:48:45 -0700 | [diff] [blame] | 817 | err = notify_change2(lower_mnt, lower_dentry, &lower_ia, /* note: lower_ia */ |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 818 | NULL); |
Amit Pundir | b47e110 | 2016-06-01 21:53:20 +0530 | [diff] [blame] | 819 | inode_unlock(d_inode(lower_dentry)); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 820 | if (current->mm) |
| 821 | up_write(¤t->mm->mmap_sem); |
| 822 | if (err) |
| 823 | goto out; |
| 824 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 825 | /* get attributes from the lower inode and update derived permissions */ |
| 826 | sdcardfs_copy_and_fix_attrs(inode, lower_inode); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 827 | |
| 828 | /* |
| 829 | * Not running fsstack_copy_inode_size(inode, lower_inode), because |
| 830 | * VFS should update our inode size, and notify_change on |
| 831 | * lower_inode should update its size. |
| 832 | */ |
| 833 | |
| 834 | out: |
| 835 | sdcardfs_put_lower_path(dentry, &lower_path); |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 836 | REVERT_CRED(saved_cred); |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 837 | out_err: |
| 838 | return err; |
| 839 | } |
| 840 | |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 841 | static int sdcardfs_fillattr(struct vfsmount *mnt, struct inode *inode, struct kstat *stat) |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 842 | { |
| 843 | struct sdcardfs_inode_info *info = SDCARDFS_I(inode); |
| 844 | struct inode *top = grab_top(info); |
| 845 | if (!top) |
| 846 | return -EINVAL; |
| 847 | |
| 848 | stat->dev = inode->i_sb->s_dev; |
| 849 | stat->ino = inode->i_ino; |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 850 | stat->mode = (inode->i_mode & S_IFMT) | get_mode(mnt, SDCARDFS_I(top)); |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 851 | stat->nlink = inode->i_nlink; |
| 852 | stat->uid = make_kuid(&init_user_ns, SDCARDFS_I(top)->d_uid); |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 853 | stat->gid = make_kgid(&init_user_ns, get_gid(mnt, SDCARDFS_I(top))); |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 854 | stat->rdev = inode->i_rdev; |
| 855 | stat->size = i_size_read(inode); |
| 856 | stat->atime = inode->i_atime; |
| 857 | stat->mtime = inode->i_mtime; |
| 858 | stat->ctime = inode->i_ctime; |
| 859 | stat->blksize = (1 << inode->i_blkbits); |
| 860 | stat->blocks = inode->i_blocks; |
| 861 | release_top(info); |
| 862 | return 0; |
| 863 | } |
| 864 | |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 865 | static int sdcardfs_getattr(struct vfsmount *mnt, struct dentry *dentry, |
| 866 | struct kstat *stat) |
| 867 | { |
| 868 | struct dentry *lower_dentry; |
| 869 | struct inode *inode; |
| 870 | struct inode *lower_inode; |
| 871 | struct path lower_path; |
| 872 | struct dentry *parent; |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 873 | int err; |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 874 | |
| 875 | parent = dget_parent(dentry); |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 876 | if(!check_caller_access_to_name(d_inode(parent), dentry->d_name.name)) { |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 877 | printk(KERN_INFO "%s: need to check the caller's gid in packages.list\n" |
| 878 | " dentry: %s, task:%s\n", |
| 879 | __func__, dentry->d_name.name, current->comm); |
| 880 | dput(parent); |
| 881 | return -EACCES; |
| 882 | } |
| 883 | dput(parent); |
| 884 | |
| 885 | inode = d_inode(dentry); |
| 886 | |
| 887 | sdcardfs_get_lower_path(dentry, &lower_path); |
| 888 | lower_dentry = lower_path.dentry; |
| 889 | lower_inode = sdcardfs_lower_inode(inode); |
| 890 | |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 891 | sdcardfs_copy_and_fix_attrs(inode, lower_inode); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 892 | fsstack_copy_inode_size(inode, lower_inode); |
Daniel Rosenberg | 497ac90 | 2016-02-03 21:08:21 -0800 | [diff] [blame] | 893 | |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 894 | err = sdcardfs_fillattr(mnt, inode, stat); |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 895 | sdcardfs_put_lower_path(dentry, &lower_path); |
Daniel Rosenberg | 5080d24 | 2016-05-18 16:57:10 -0700 | [diff] [blame] | 896 | return err; |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 897 | } |
| 898 | |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 899 | const struct inode_operations sdcardfs_symlink_iops = { |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 900 | .permission2 = sdcardfs_permission, |
| 901 | .setattr2 = sdcardfs_setattr, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 902 | /* XXX Following operations are implemented, |
| 903 | * but FUSE(sdcard) or FAT does not support them |
| 904 | * These methods are *NOT* perfectly tested. |
| 905 | .readlink = sdcardfs_readlink, |
| 906 | .follow_link = sdcardfs_follow_link, |
Daniel Campello | d1d080c | 2015-07-20 16:27:37 -0700 | [diff] [blame] | 907 | .put_link = kfree_put_link, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 908 | */ |
| 909 | }; |
| 910 | |
| 911 | const struct inode_operations sdcardfs_dir_iops = { |
| 912 | .create = sdcardfs_create, |
| 913 | .lookup = sdcardfs_lookup, |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 914 | .permission = sdcardfs_permission_wrn, |
| 915 | .permission2 = sdcardfs_permission, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 916 | .unlink = sdcardfs_unlink, |
| 917 | .mkdir = sdcardfs_mkdir, |
| 918 | .rmdir = sdcardfs_rmdir, |
| 919 | .rename = sdcardfs_rename, |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 920 | .setattr = sdcardfs_setattr_wrn, |
| 921 | .setattr2 = sdcardfs_setattr, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 922 | .getattr = sdcardfs_getattr, |
| 923 | /* XXX Following operations are implemented, |
| 924 | * but FUSE(sdcard) or FAT does not support them |
| 925 | * These methods are *NOT* perfectly tested. |
| 926 | .symlink = sdcardfs_symlink, |
| 927 | .link = sdcardfs_link, |
| 928 | .mknod = sdcardfs_mknod, |
| 929 | */ |
| 930 | }; |
| 931 | |
| 932 | const struct inode_operations sdcardfs_main_iops = { |
Daniel Rosenberg | 9021927 | 2016-10-26 20:27:20 -0700 | [diff] [blame] | 933 | .permission = sdcardfs_permission_wrn, |
| 934 | .permission2 = sdcardfs_permission, |
| 935 | .setattr = sdcardfs_setattr_wrn, |
| 936 | .setattr2 = sdcardfs_setattr, |
Daniel Campello | 35c9e24 | 2015-07-20 16:23:50 -0700 | [diff] [blame] | 937 | .getattr = sdcardfs_getattr, |
| 938 | }; |