Blame - fs/sdcardfs/derived_perm.c - kernel/msm-4.9

blob: 78a669c8a4d6245c230295cc545243f2a44f190d [file] [log] [blame]

Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	1	/*
				2	* fs/sdcardfs/derived_perm.c
				3	*
				4	* Copyright (c) 2013 Samsung Electronics Co. Ltd
				5	* Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun,
				6	* Sunghwan Yun, Sungjong Seo
				7	*
				8	* This program has been developed as a stackable file system based on
				9	* the WrapFS which written by
				10	*
				11	* Copyright (c) 1998-2011 Erez Zadok
				12	* Copyright (c) 2009 Shrikar Archak
				13	* Copyright (c) 2003-2011 Stony Brook University
				14	* Copyright (c) 2003-2011 The Research Foundation of SUNY
				15	*
				16	* This file is dual licensed. It may be redistributed and/or modified
				17	* under the terms of the Apache 2.0 License OR version 2 of the GNU
				18	* General Public License.
				19	*/
				20
				21	#include "sdcardfs.h"
				22
				23	/* copy derived state from parent inode */
				24	static void inherit_derived_state(struct inode parent, struct inode child)
				25	{
				26	struct sdcardfs_inode_info *pi = SDCARDFS_I(parent);
				27	struct sdcardfs_inode_info *ci = SDCARDFS_I(child);
				28
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	29	ci->data->perm = PERM_INHERIT;
				30	ci->data->userid = pi->data->userid;
				31	ci->data->d_uid = pi->data->d_uid;
				32	ci->data->under_android = pi->data->under_android;
				33	ci->data->under_cache = pi->data->under_cache;
				34	ci->data->under_obb = pi->data->under_obb;
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	35	}
				36
				37	/* helper function for derived state */
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	38	void setup_derived_state(struct inode *inode, perm_t perm, userid_t userid,
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	39	uid_t uid)
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	40	{
				41	struct sdcardfs_inode_info *info = SDCARDFS_I(inode);
				42
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	43	info->data->perm = perm;
				44	info->data->userid = userid;
				45	info->data->d_uid = uid;
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	46	info->data->under_android = false;
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	47	info->data->under_cache = false;
				48	info->data->under_obb = false;
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	49	}
				50
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	51	/* While renaming, there is a point where we want the path from dentry,
				52	* but the name from newdentry
				53	*/
				54	void get_derived_permission_new(struct dentry parent, struct dentry dentry,
				55	const struct qstr *name)
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	56	{
Daniel Rosenberg	63d2076	2016-12-01 14:36:29 -0800	[diff] [blame]	57	struct sdcardfs_inode_info *info = SDCARDFS_I(d_inode(dentry));
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	58	struct sdcardfs_inode_info *parent_info = SDCARDFS_I(d_inode(parent));
				59	struct sdcardfs_inode_data *parent_data = parent_info->data;
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	60	appid_t appid;
Daniel Rosenberg	3c42d40	2017-03-16 19:32:59 -0700	[diff] [blame]	61	unsigned long user_num;
				62	int err;
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	63	struct qstr q_Android = QSTR_LITERAL("Android");
				64	struct qstr q_data = QSTR_LITERAL("data");
Daniel Rosenberg	be39872	2018-10-25 16:22:50 -0700	[diff] [blame]	65	struct qstr q_sandbox = QSTR_LITERAL("sandbox");
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	66	struct qstr q_obb = QSTR_LITERAL("obb");
				67	struct qstr q_media = QSTR_LITERAL("media");
				68	struct qstr q_cache = QSTR_LITERAL("cache");
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	69
				70	/* By default, each inode inherits from its parent.
				71	* the properties are maintained on its private fields
				72	* because the inode attributes will be modified with that of
				73	* its lower inode.
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	74	* These values are used by our custom permission call instead
				75	* of using the inode permissions.
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	76	*/
				77
Daniel Rosenberg	63d2076	2016-12-01 14:36:29 -0800	[diff] [blame]	78	inherit_derived_state(d_inode(parent), d_inode(dentry));
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	79
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	80	/* Files don't get special labels */
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	81	if (!S_ISDIR(d_inode(dentry)->i_mode)) {
				82	set_top(info, parent_info);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	83	return;
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	84	}
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	85	/* Derive custom permissions based on parent and current node */
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	86	switch (parent_data->perm) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	87	case PERM_INHERIT:
				88	case PERM_ANDROID_PACKAGE_CACHE:
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	89	set_top(info, parent_info);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	90	break;
				91	case PERM_PRE_ROOT:
				92	/* Legacy internal layout places users at top level */
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	93	info->data->perm = PERM_ROOT;
Daniel Rosenberg	3c42d40	2017-03-16 19:32:59 -0700	[diff] [blame]	94	err = kstrtoul(name->name, 10, &user_num);
				95	if (err)
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	96	info->data->userid = 0;
Daniel Rosenberg	3c42d40	2017-03-16 19:32:59 -0700	[diff] [blame]	97	else
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	98	info->data->userid = user_num;
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	99	break;
				100	case PERM_ROOT:
				101	/* Assume masked off by default. */
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	102	if (qstr_case_eq(name, &q_Android)) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	103	/* App-specific directories inside; let anyone traverse */
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	104	info->data->perm = PERM_ANDROID;
				105	info->data->under_android = true;
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	106	} else {
				107	set_top(info, parent_info);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	108	}
				109	break;
				110	case PERM_ANDROID:
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	111	if (qstr_case_eq(name, &q_data)) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	112	/* App-specific directories inside; let anyone traverse */
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	113	info->data->perm = PERM_ANDROID_DATA;
Daniel Rosenberg	be39872	2018-10-25 16:22:50 -0700	[diff] [blame]	114	} else if (qstr_case_eq(name, &q_sandbox)) {
				115	/* App-specific directories inside; let anyone traverse */
				116	info->data->perm = PERM_ANDROID_DATA;
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	117	} else if (qstr_case_eq(name, &q_obb)) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	118	/* App-specific directories inside; let anyone traverse */
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	119	info->data->perm = PERM_ANDROID_OBB;
				120	info->data->under_obb = true;
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	121	/* Single OBB directory is always shared */
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	122	} else if (qstr_case_eq(name, &q_media)) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	123	/* App-specific directories inside; let anyone traverse */
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	124	info->data->perm = PERM_ANDROID_MEDIA;
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	125	} else {
				126	set_top(info, parent_info);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	127	}
				128	break;
				129	case PERM_ANDROID_OBB:
				130	case PERM_ANDROID_DATA:
				131	case PERM_ANDROID_MEDIA:
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	132	info->data->perm = PERM_ANDROID_PACKAGE;
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	133	appid = get_appid(name->name);
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	134	if (appid != 0 && !is_excluded(name->name, parent_data->userid))
				135	info->data->d_uid =
				136	multiuser_get_uid(parent_data->userid, appid);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	137	break;
				138	case PERM_ANDROID_PACKAGE:
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	139	if (qstr_case_eq(name, &q_cache)) {
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	140	info->data->perm = PERM_ANDROID_PACKAGE_CACHE;
				141	info->data->under_cache = true;
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	142	}
Daniel Rosenberg	47af77b	2018-02-01 16:52:22 -0800	[diff] [blame]	143	set_top(info, parent_info);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	144	break;
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	145	}
				146	}
				147
Daniel Rosenberg	497ac90	2016-02-03 21:08:21 -0800	[diff] [blame]	148	void get_derived_permission(struct dentry parent, struct dentry dentry)
				149	{
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	150	get_derived_permission_new(parent, dentry, &dentry->d_name);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	151	}
				152
				153	static appid_t get_type(const char *name)
				154	{
				155	const char *ext = strrchr(name, '.');
				156	appid_t id;
				157
				158	if (ext && ext[0]) {
				159	ext = &ext[1];
				160	id = get_ext_gid(ext);
				161	return id?:AID_MEDIA_RW;
				162	}
				163	return AID_MEDIA_RW;
				164	}
				165
				166	void fixup_lower_ownership(struct dentry dentry, const char name)
				167	{
				168	struct path path;
				169	struct inode *inode;
				170	struct inode *delegated_inode = NULL;
				171	int error;
				172	struct sdcardfs_inode_info *info;
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	173	struct sdcardfs_inode_data *info_d;
				174	struct sdcardfs_inode_data *info_top;
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	175	perm_t perm;
				176	struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb);
				177	uid_t uid = sbi->options.fs_low_uid;
				178	gid_t gid = sbi->options.fs_low_gid;
				179	struct iattr newattrs;
				180
Daniel Rosenberg	7d10e43	2017-07-19 17:25:07 -0700	[diff] [blame]	181	if (!sbi->options.gid_derivation)
				182	return;
				183
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	184	info = SDCARDFS_I(d_inode(dentry));
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	185	info_d = info->data;
				186	perm = info_d->perm;
				187	if (info_d->under_obb) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	188	perm = PERM_ANDROID_OBB;
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	189	} else if (info_d->under_cache) {
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	190	perm = PERM_ANDROID_PACKAGE_CACHE;
				191	} else if (perm == PERM_INHERIT) {
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	192	info_top = top_data_get(info);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	193	perm = info_top->perm;
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	194	data_put(info_top);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	195	}
				196
				197	switch (perm) {
				198	case PERM_ROOT:
				199	case PERM_ANDROID:
				200	case PERM_ANDROID_DATA:
				201	case PERM_ANDROID_MEDIA:
				202	case PERM_ANDROID_PACKAGE:
				203	case PERM_ANDROID_PACKAGE_CACHE:
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	204	uid = multiuser_get_uid(info_d->userid, uid);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	205	break;
				206	case PERM_ANDROID_OBB:
				207	uid = AID_MEDIA_OBB;
				208	break;
				209	case PERM_PRE_ROOT:
				210	default:
				211	break;
				212	}
				213	switch (perm) {
				214	case PERM_ROOT:
				215	case PERM_ANDROID:
				216	case PERM_ANDROID_DATA:
				217	case PERM_ANDROID_MEDIA:
				218	if (S_ISDIR(d_inode(dentry)->i_mode))
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	219	gid = multiuser_get_uid(info_d->userid, AID_MEDIA_RW);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	220	else
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	221	gid = multiuser_get_uid(info_d->userid, get_type(name));
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	222	break;
				223	case PERM_ANDROID_OBB:
				224	gid = AID_MEDIA_OBB;
				225	break;
				226	case PERM_ANDROID_PACKAGE:
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	227	if (uid_is_app(info_d->d_uid))
				228	gid = multiuser_get_ext_gid(info_d->d_uid);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	229	else
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	230	gid = multiuser_get_uid(info_d->userid, AID_MEDIA_RW);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	231	break;
				232	case PERM_ANDROID_PACKAGE_CACHE:
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	233	if (uid_is_app(info_d->d_uid))
				234	gid = multiuser_get_ext_cache_gid(info_d->d_uid);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	235	else
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	236	gid = multiuser_get_uid(info_d->userid, AID_MEDIA_RW);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	237	break;
				238	case PERM_PRE_ROOT:
				239	default:
				240	break;
				241	}
				242
				243	sdcardfs_get_lower_path(dentry, &path);
				244	inode = d_inode(path.dentry);
				245	if (d_inode(path.dentry)->i_gid.val != gid \|\| d_inode(path.dentry)->i_uid.val != uid) {
				246	retry_deleg:
				247	newattrs.ia_valid = ATTR_GID \| ATTR_UID \| ATTR_FORCE;
				248	newattrs.ia_uid = make_kuid(current_user_ns(), uid);
				249	newattrs.ia_gid = make_kgid(current_user_ns(), gid);
				250	if (!S_ISDIR(inode->i_mode))
				251	newattrs.ia_valid \|=
				252	ATTR_KILL_SUID \| ATTR_KILL_SGID \| ATTR_KILL_PRIV;
				253	inode_lock(inode);
				254	error = security_path_chown(&path, newattrs.ia_uid, newattrs.ia_gid);
				255	if (!error)
				256	error = notify_change2(path.mnt, path.dentry, &newattrs, &delegated_inode);
				257	inode_unlock(inode);
				258	if (delegated_inode) {
				259	error = break_deleg_wait(&delegated_inode);
				260	if (!error)
				261	goto retry_deleg;
				262	}
				263	if (error)
Daniel Rosenberg	33efe54	2017-04-18 22:49:38 -0700	[diff] [blame]	264	pr_debug("sdcardfs: Failed to touch up lower fs gid/uid for %s\n", name);
Daniel Rosenberg	ad90525	2017-01-25 13:48:45 -0800	[diff] [blame]	265	}
Daniel Rosenberg	f61bc5a	2017-02-16 17:55:22 -0800	[diff] [blame]	266	sdcardfs_put_lower_path(dentry, &path);
Daniel Rosenberg	497ac90	2016-02-03 21:08:21 -0800	[diff] [blame]	267	}
				268
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	269	static int descendant_may_need_fixup(struct sdcardfs_inode_data *data,
				270	struct limit_search *limit)
Daniel Rosenberg	d8caaf9	2017-01-22 15:32:49 -0800	[diff] [blame]	271	{
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	272	if (data->perm == PERM_ROOT)
				273	return (limit->flags & BY_USERID) ?
				274	data->userid == limit->userid : 1;
				275	if (data->perm == PERM_PRE_ROOT \|\| data->perm == PERM_ANDROID)
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	276	return 1;
				277	return 0;
				278	}
				279
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	280	static int needs_fixup(perm_t perm)
				281	{
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	282	if (perm == PERM_ANDROID_DATA \|\| perm == PERM_ANDROID_OBB
				283	\|\| perm == PERM_ANDROID_MEDIA)
				284	return 1;
				285	return 0;
				286	}
				287
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	288	static void __fixup_perms_recursive(struct dentry dentry, struct limit_search limit, int depth)
Daniel Rosenberg	d8caaf9	2017-01-22 15:32:49 -0800	[diff] [blame]	289	{
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	290	struct dentry *child;
				291	struct sdcardfs_inode_info *info;
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	292
				293	/*
				294	* All paths will terminate their recursion on hitting PERM_ANDROID_OBB,
				295	* PERM_ANDROID_MEDIA, or PERM_ANDROID_DATA. This happens at a depth of
				296	* at most 3.
				297	*/
				298	WARN(depth > 3, "%s: Max expected depth exceeded!\n", __func__);
				299	spin_lock_nested(&dentry->d_lock, depth);
Daniel Rosenberg	63d2076	2016-12-01 14:36:29 -0800	[diff] [blame]	300	if (!d_inode(dentry)) {
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	301	spin_unlock(&dentry->d_lock);
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	302	return;
				303	}
				304	info = SDCARDFS_I(d_inode(dentry));
				305
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	306	if (needs_fixup(info->data->perm)) {
Daniel Rosenberg	3adfc03	2016-12-27 12:36:29 -0800	[diff] [blame]	307	list_for_each_entry(child, &dentry->d_subdirs, d_child) {
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	308	spin_lock_nested(&child->d_lock, depth + 1);
Daniel Rosenberg	721274a	2017-03-08 17:20:02 -0800	[diff] [blame]	309	if (!(limit->flags & BY_NAME) \|\| qstr_case_eq(&child->d_name, &limit->name)) {
Daniel Rosenberg	d8caaf9	2017-01-22 15:32:49 -0800	[diff] [blame]	310	if (d_inode(child)) {
				311	get_derived_permission(dentry, child);
				312	fixup_tmp_permissions(d_inode(child));
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	313	spin_unlock(&child->d_lock);
Daniel Rosenberg	d8caaf9	2017-01-22 15:32:49 -0800	[diff] [blame]	314	break;
Daniel Rosenberg	3adfc03	2016-12-27 12:36:29 -0800	[diff] [blame]	315	}
Daniel Rosenberg	d8caaf9	2017-01-22 15:32:49 -0800	[diff] [blame]	316	}
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	317	spin_unlock(&child->d_lock);
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	318	}
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	319	} else if (descendant_may_need_fixup(info->data, limit)) {
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	320	list_for_each_entry(child, &dentry->d_subdirs, d_child) {
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	321	__fixup_perms_recursive(child, limit, depth + 1);
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	322	}
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	323	}
Daniel Rosenberg	fb4d191	2017-03-02 15:11:27 -0800	[diff] [blame]	324	spin_unlock(&dentry->d_lock);
				325	}
				326
				327	void fixup_perms_recursive(struct dentry dentry, struct limit_search limit)
				328	{
				329	__fixup_perms_recursive(dentry, limit, 0);
Daniel Rosenberg	5080d24	2016-05-18 16:57:10 -0700	[diff] [blame]	330	}
				331
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	332	/* main function for updating derived permission */
Daniel Rosenberg	497ac90	2016-02-03 21:08:21 -0800	[diff] [blame]	333	inline void update_derived_permission_lock(struct dentry *dentry)
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	334	{
				335	struct dentry *parent;
				336
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	337	if (!dentry \|\| !d_inode(dentry)) {
Daniel Rosenberg	77ecf21	2017-03-16 17:46:13 -0700	[diff] [blame]	338	pr_err("sdcardfs: %s: invalid dentry\n", __func__);
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	339	return;
				340	}
				341	/* FIXME:
				342	* 1. need to check whether the dentry is updated or not
				343	* 2. remove the root dentry update
				344	*/
Daniel Rosenberg	d64126c	2017-03-16 19:33:35 -0700	[diff] [blame]	345	if (!IS_ROOT(dentry)) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	346	parent = dget_parent(dentry);
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	347	if (parent) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	348	get_derived_permission(parent, dentry);
				349	dput(parent);
				350	}
				351	}
Daniel Rosenberg	9021927	2016-10-26 20:27:20 -0700	[diff] [blame]	352	fixup_tmp_permissions(d_inode(dentry));
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	353	}
				354
				355	int need_graft_path(struct dentry *dentry)
				356	{
				357	int ret = 0;
				358	struct dentry *parent = dget_parent(dentry);
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	359	struct sdcardfs_inode_info *parent_info = SDCARDFS_I(d_inode(parent));
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	360	struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb);
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	361	struct qstr obb = QSTR_LITERAL("obb");
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	362
Daniel Rosenberg	961ef0a	2018-10-25 16:25:15 -0700	[diff] [blame]	363	if (!sbi->options.unshared_obb &&
				364	parent_info->data->perm == PERM_ANDROID &&
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	365	qstr_case_eq(&dentry->d_name, &obb)) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	366
				367	/* /Android/obb is the base obbpath of DERIVED_UNIFIED */
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	368	if (!(sbi->options.multiuser == false
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	369	&& parent_info->data->userid == 0)) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	370	ret = 1;
				371	}
				372	}
				373	dput(parent);
				374	return ret;
				375	}
				376
				377	int is_obbpath_invalid(struct dentry *dent)
				378	{
				379	int ret = 0;
				380	struct sdcardfs_dentry_info *di = SDCARDFS_D(dent);
				381	struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dent->d_sb);
				382	char path_buf, obbpath_s;
Daniel Rosenberg	e2538da	2017-03-10 13:54:30 -0800	[diff] [blame]	383	int need_put = 0;
				384	struct path lower_path;
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	385
				386	/* check the base obbpath has been changed.
				387	* this routine can check an uninitialized obb dentry as well.
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	388	* regarding the uninitialized obb, refer to the sdcardfs_mkdir()
				389	*/
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	390	spin_lock(&di->lock);
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	391	if (di->orig_path.dentry) {
				392	if (!di->lower_path.dentry) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	393	ret = 1;
				394	} else {
				395	path_get(&di->lower_path);
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	396
				397	path_buf = kmalloc(PATH_MAX, GFP_ATOMIC);
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	398	if (!path_buf) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	399	ret = 1;
Daniel Rosenberg	77ecf21	2017-03-16 17:46:13 -0700	[diff] [blame]	400	pr_err("sdcardfs: fail to allocate path_buf in %s.\n", __func__);
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	401	} else {
				402	obbpath_s = d_path(&di->lower_path, path_buf, PATH_MAX);
				403	if (d_unhashed(di->lower_path.dentry) \|\|
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	404	!str_case_eq(sbi->obbpath_s, obbpath_s)) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	405	ret = 1;
				406	}
				407	kfree(path_buf);
				408	}
				409
Daniel Rosenberg	e2538da	2017-03-10 13:54:30 -0800	[diff] [blame]	410	pathcpy(&lower_path, &di->lower_path);
				411	need_put = 1;
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	412	}
				413	}
				414	spin_unlock(&di->lock);
Daniel Rosenberg	e2538da	2017-03-10 13:54:30 -0800	[diff] [blame]	415	if (need_put)
				416	path_put(&lower_path);
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	417	return ret;
				418	}
				419
				420	int is_base_obbpath(struct dentry *dentry)
				421	{
				422	int ret = 0;
				423	struct dentry *parent = dget_parent(dentry);
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	424	struct sdcardfs_inode_info *parent_info = SDCARDFS_I(d_inode(parent));
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	425	struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb);
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	426	struct qstr q_obb = QSTR_LITERAL("obb");
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	427
				428	spin_lock(&SDCARDFS_D(dentry)->lock);
Daniel Rosenberg	497ac90	2016-02-03 21:08:21 -0800	[diff] [blame]	429	if (sbi->options.multiuser) {
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	430	if (parent_info->data->perm == PERM_PRE_ROOT &&
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	431	qstr_case_eq(&dentry->d_name, &q_obb)) {
Daniel Rosenberg	497ac90	2016-02-03 21:08:21 -0800	[diff] [blame]	432	ret = 1;
				433	}
Daniel Rosenberg	a56a105	2017-05-15 14:03:15 -0700	[diff] [blame]	434	} else if (parent_info->data->perm == PERM_ANDROID &&
Daniel Rosenberg	5004c5f	2017-01-31 20:07:51 -0800	[diff] [blame]	435	qstr_case_eq(&dentry->d_name, &q_obb)) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	436	ret = 1;
				437	}
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	438	spin_unlock(&SDCARDFS_D(dentry)->lock);
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	439	return ret;
				440	}
				441
				442	/* The lower_path will be stored to the dentry's orig_path
				443	* and the base obbpath will be copyed to the lower_path variable.
				444	* if an error returned, there's no change in the lower_path
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	445	* returns: -ERRNO if error (0: no error)
				446	*/
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	447	int setup_obb_dentry(struct dentry dentry, struct path lower_path)
				448	{
				449	int err = 0;
				450	struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb);
				451	struct path obbpath;
				452
				453	/* A local obb dentry must have its own orig_path to support rmdir
				454	* and mkdir of itself. Usually, we expect that the sbi->obbpath
Daniel Rosenberg	d64126c	2017-03-16 19:33:35 -0700	[diff] [blame]	455	* is avaiable on this stage.
				456	*/
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	457	sdcardfs_set_orig_path(dentry, lower_path);
				458
				459	err = kern_path(sbi->obbpath_s,
				460	LOOKUP_FOLLOW \| LOOKUP_DIRECTORY, &obbpath);
				461
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	462	if (!err) {
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	463	/* the obbpath base has been found */
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	464	pathcpy(lower_path, &obbpath);
				465	} else {
				466	/* if the sbi->obbpath is not available, we can optionally
				467	* setup the lower_path with its orig_path.
				468	* but, the current implementation just returns an error
				469	* because the sdcard daemon also regards this case as
Daniel Rosenberg	5e024f6	2017-03-16 17:42:58 -0700	[diff] [blame]	470	* a lookup fail.
				471	*/
Daniel Rosenberg	77ecf21	2017-03-16 17:46:13 -0700	[diff] [blame]	472	pr_info("sdcardfs: the sbi->obbpath is not available\n");
Daniel Campello	35c9e24	2015-07-20 16:23:50 -0700	[diff] [blame]	473	}
				474	return err;
				475	}
				476
				477