evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/sdcardfs/inode.c
Srinivasarao P 38cacfd106 Merge android-4.4.114 (fe09418) into msm-4.4 
* refs/heads/tmp-fe09418
  Linux 4.4.114
  nfsd: auth: Fix gid sorting when rootsquash enabled
  net: tcp: close sock if net namespace is exiting
  flow_dissector: properly cap thoff field
  ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY
  net: Allow neigh contructor functions ability to modify the primary_key
  vmxnet3: repair memory leak
  sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
  sctp: do not allow the v4 socket to bind a v4mapped v6 address
  r8169: fix memory corruption on retrieval of hardware statistics.
  pppoe: take ->needed_headroom of lower device into account on xmit
  net: qdisc_pkt_len_init() should be more robust
  tcp: __tcp_hdrlen() helper
  net: igmp: fix source address check for IGMPv3 reports
  lan78xx: Fix failure in USB Full Speed
  ipv6: ip6_make_skb() needs to clear cork.base.dst
  ipv6: fix udpv6 sendmsg crash caused by too small MTU
  ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
  dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
  hrtimer: Reset hrtimer cpu base proper on CPU hotplug
  x86/microcode/intel: Extend BDW late-loading further with LLC size check
  eventpoll.h: add missing epoll event masks
  vsyscall: Fix permissions for emulate mode with KAISER/PTI
  um: link vmlinux with -no-pie
  usbip: prevent leaking socket pointer address in messages
  usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
  usbip: fix stub_rx: get_pipe() to validate endpoint number
  usb: usbip: Fix possible deadlocks reported by lockdep
  Input: trackpoint - force 3 buttons if 0 button is reported
  Revert "module: Add retpoline tag to VERMAGIC"
  scsi: libiscsi: fix shifting of DID_REQUEUE host byte
  fs/fcntl: f_setown, avoid undefined behaviour
  reiserfs: Don't clear SGID when inheriting ACLs
  reiserfs: don't preallocate blocks for extended attributes
  reiserfs: fix race in prealloc discard
  ext2: Don't clear SGID when inheriting ACLs
  netfilter: xt_osf: Add missing permission checks
  netfilter: nfnetlink_cthelper: Add missing permission checks
  netfilter: fix IS_ERR_VALUE usage
  netfilter: use fwmark_reflect in nf_send_reset
  netfilter: nf_conntrack_sip: extend request line validation
  netfilter: restart search if moved to other chain
  netfilter: nfnetlink_queue: reject verdict request from different portid
  netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
  netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
  netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel
  netfilter: x_tables: speed up jump target validation
  ACPICA: Namespace: fix operand cache leak
  ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
  ACPI / processor: Avoid reserving IO regions too early
  x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
  ipc: msg, make msgrcv work with LONG_MIN
  mm, page_alloc: fix potential false positive in __zone_watermark_ok
  cma: fix calculation of aligned offset
  hwpoison, memcg: forcibly uncharge LRU pages
  mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
  fs/select: add vmalloc fallback for select(2)
  mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
  PCI: layerscape: Fix MSG TLP drop setting
  PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
  drivers: base: cacheinfo: fix boot error message when acpi is enabled
  drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
  Prevent timer value 0 for MWAITX
  timers: Plug locking race vs. timer migration
  time: Avoid undefined behaviour in ktime_add_safe()
  PM / sleep: declare __tracedata symbols as char[] rather than char
  can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
  can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
  sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks
  x86/retpoline: Fill RSB on context switch for affected CPUs
  x86/cpu/intel: Introduce macros for Intel family numbers
  x86/microcode/intel: Fix BDW late-loading revision check
  usbip: Fix potential format overflow in userspace tools
  usbip: Fix implicit fallthrough warning
  usbip: prevent vhci_hcd driver from leaking a socket pointer address
  x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
  ANDROID: sched: EAS: check energy_aware() before calling select_energy_cpu_brute() in up-migrate path
  UPSTREAM: eventpoll.h: add missing epoll event masks
  ANDROID: xattr: Pass EOPNOTSUPP to permission2

Conflicts:
	kernel/sched/fair.c

Change-Id: I15005cb3bc039f4361d25ed2e22f8175b3d7ca96
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
2018-02-01 14:02:45 +05:30

913 lines
26 KiB
C
Raw Blame History

/*
* fs/sdcardfs/inode.c
*
* Copyright (c) 2013 Samsung Electronics Co. Ltd
* Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun,
* Sunghwan Yun, Sungjong Seo
*
* This program has been developed as a stackable file system based on
* the WrapFS which written by
*
* Copyright (c) 1998-2011 Erez Zadok
* Copyright (c) 2009 Shrikar Archak
* Copyright (c) 2003-2011 Stony Brook University
* Copyright (c) 2003-2011 The Research Foundation of SUNY
*
* This file is dual licensed. It may be redistributed and/or modified
* under the terms of the Apache 2.0 License OR version 2 of the GNU
* General Public License.
*/
#include "sdcardfs.h"
#include <linux/fs_struct.h>
#include <linux/ratelimit.h>
/* Do not directly use this function. Use OVERRIDE_CRED() instead. */
const struct cred *override_fsids(struct sdcardfs_sb_info *sbi,
struct sdcardfs_inode_data *data)
{
struct cred *cred;
const struct cred *old_cred;
uid_t uid;
cred = prepare_creds();
if (!cred)
return NULL;
if (sbi->options.gid_derivation) {
if (data->under_obb)
uid = AID_MEDIA_OBB;
else
uid = multiuser_get_uid(data->userid, sbi->options.fs_low_uid);
} else {
uid = sbi->options.fs_low_uid;
}
cred->fsuid = make_kuid(&init_user_ns, uid);
cred->fsgid = make_kgid(&init_user_ns, sbi->options.fs_low_gid);
old_cred = override_creds(cred);
return old_cred;
}
/* Do not directly use this function, use REVERT_CRED() instead. */
void revert_fsids(const struct cred *old_cred)
{
const struct cred *cur_cred;
cur_cred = current->cred;
revert_creds(old_cred);
put_cred(cur_cred);
}
static int sdcardfs_create(struct inode *dir, struct dentry *dentry,
umode_t mode, bool want_excl)
{
int err;
struct dentry *lower_dentry;
struct vfsmount *lower_dentry_mnt;
struct dentry *lower_parent_dentry = NULL;
struct path lower_path;
const struct cred *saved_cred = NULL;
struct fs_struct *saved_fs;
struct fs_struct *copied_fs;
if (!check_caller_access_to_name(dir, &dentry->d_name)) {
err = -EACCES;
goto out_eacces;
}
/* save current_cred and override it */
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred, SDCARDFS_I(dir));
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_dentry_mnt = lower_path.mnt;
lower_parent_dentry = lock_parent(lower_dentry);
/* set last 16bytes of mode field to 0664 */
mode = (mode & S_IFMT) | 00664;
/* temporarily change umask for lower fs write */
saved_fs = current->fs;
copied_fs = copy_fs_struct(current->fs);
if (!copied_fs) {
err = -ENOMEM;
goto out_unlock;
}
current->fs = copied_fs;
current->fs->umask = 0;
err = vfs_create2(lower_dentry_mnt, d_inode(lower_parent_dentry), lower_dentry, mode, want_excl);
if (err)
goto out;
err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path,
SDCARDFS_I(dir)->data->userid);
if (err)
goto out;
fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir));
fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry));
fixup_lower_ownership(dentry, dentry->d_name.name);
out:
current->fs = saved_fs;
free_fs_struct(copied_fs);
out_unlock:
unlock_dir(lower_parent_dentry);
sdcardfs_put_lower_path(dentry, &lower_path);
REVERT_CRED(saved_cred);
out_eacces:
return err;
}
#if 0
static int sdcardfs_link(struct dentry *old_dentry, struct inode *dir,
struct dentry *new_dentry)
{
struct dentry *lower_old_dentry;
struct dentry *lower_new_dentry;
struct dentry *lower_dir_dentry;
u64 file_size_save;
int err;
struct path lower_old_path, lower_new_path;
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb));
file_size_save = i_size_read(d_inode(old_dentry));
sdcardfs_get_lower_path(old_dentry, &lower_old_path);
sdcardfs_get_lower_path(new_dentry, &lower_new_path);
lower_old_dentry = lower_old_path.dentry;
lower_new_dentry = lower_new_path.dentry;
lower_dir_dentry = lock_parent(lower_new_dentry);
err = vfs_link(lower_old_dentry, d_inode(lower_dir_dentry),
lower_new_dentry, NULL);
if (err || !d_inode(lower_new_dentry))
goto out;
err = sdcardfs_interpose(new_dentry, dir->i_sb, &lower_new_path);
if (err)
goto out;
fsstack_copy_attr_times(dir, d_inode(lower_new_dentry));
fsstack_copy_inode_size(dir, d_inode(lower_new_dentry));
set_nlink(d_inode(old_dentry),
sdcardfs_lower_inode(d_inode(old_dentry))->i_nlink);
i_size_write(d_inode(new_dentry), file_size_save);
out:
unlock_dir(lower_dir_dentry);
sdcardfs_put_lower_path(old_dentry, &lower_old_path);
sdcardfs_put_lower_path(new_dentry, &lower_new_path);
REVERT_CRED();
return err;
}
#endif
static int sdcardfs_unlink(struct inode *dir, struct dentry *dentry)
{
int err;
struct dentry *lower_dentry;
struct vfsmount *lower_mnt;
struct inode *lower_dir_inode = sdcardfs_lower_inode(dir);
struct dentry *lower_dir_dentry;
struct path lower_path;
const struct cred *saved_cred = NULL;
if (!check_caller_access_to_name(dir, &dentry->d_name)) {
err = -EACCES;
goto out_eacces;
}
/* save current_cred and override it */
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred, SDCARDFS_I(dir));
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_mnt = lower_path.mnt;
dget(lower_dentry);
lower_dir_dentry = lock_parent(lower_dentry);
err = vfs_unlink2(lower_mnt, lower_dir_inode, lower_dentry, NULL);
/*
* Note: unlinking on top of NFS can cause silly-renamed files.
* Trying to delete such files results in EBUSY from NFS
* below. Silly-renamed files will get deleted by NFS later on, so
* we just need to detect them here and treat such EBUSY errors as
* if the upper file was successfully deleted.
*/
if (err == -EBUSY && lower_dentry->d_flags & DCACHE_NFSFS_RENAMED)
err = 0;
if (err)
goto out;
fsstack_copy_attr_times(dir, lower_dir_inode);
fsstack_copy_inode_size(dir, lower_dir_inode);
set_nlink(d_inode(dentry),
sdcardfs_lower_inode(d_inode(dentry))->i_nlink);
d_inode(dentry)->i_ctime = dir->i_ctime;
d_drop(dentry); /* this is needed, else LTP fails (VFS won't do it) */
out:
unlock_dir(lower_dir_dentry);
dput(lower_dentry);
sdcardfs_put_lower_path(dentry, &lower_path);
REVERT_CRED(saved_cred);
out_eacces:
return err;
}
#if 0
static int sdcardfs_symlink(struct inode *dir, struct dentry *dentry,
const char *symname)
{
int err;
struct dentry *lower_dentry;
struct dentry *lower_parent_dentry = NULL;
struct path lower_path;
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb));
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_parent_dentry = lock_parent(lower_dentry);
err = vfs_symlink(d_inode(lower_parent_dentry), lower_dentry, symname);
if (err)
goto out;
err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path);
if (err)
goto out;
fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir));
fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry));
out:
unlock_dir(lower_parent_dentry);
sdcardfs_put_lower_path(dentry, &lower_path);
REVERT_CRED();
return err;
}
#endif
static int touch(char *abs_path, mode_t mode)
{
struct file *filp = filp_open(abs_path, O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW, mode);
if (IS_ERR(filp)) {
if (PTR_ERR(filp) == -EEXIST) {
return 0;
} else {
pr_err("sdcardfs: failed to open(%s): %ld\n",
abs_path, PTR_ERR(filp));
return PTR_ERR(filp);
}
}
filp_close(filp, current->files);
return 0;
}
static int sdcardfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
{
int err;
int make_nomedia_in_obb = 0;
struct dentry *lower_dentry;
struct vfsmount *lower_mnt;
struct dentry *lower_parent_dentry = NULL;
struct path lower_path;
struct sdcardfs_sb_info *sbi = SDCARDFS_SB(dentry->d_sb);
const struct cred *saved_cred = NULL;
struct sdcardfs_inode_data *pd = SDCARDFS_I(dir)->data;
int touch_err = 0;
struct fs_struct *saved_fs;
struct fs_struct *copied_fs;
struct qstr q_obb = QSTR_LITERAL("obb");
struct qstr q_data = QSTR_LITERAL("data");
if (!check_caller_access_to_name(dir, &dentry->d_name)) {
err = -EACCES;
goto out_eacces;
}
/* save current_cred and override it */
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred, SDCARDFS_I(dir));
/* check disk space */
if (!check_min_free_space(dentry, 0, 1)) {
pr_err("sdcardfs: No minimum free space.\n");
err = -ENOSPC;
goto out_revert;
}
/* the lower_dentry is negative here */
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_mnt = lower_path.mnt;
lower_parent_dentry = lock_parent(lower_dentry);
/* set last 16bytes of mode field to 0775 */
mode = (mode & S_IFMT) | 00775;
/* temporarily change umask for lower fs write */
saved_fs = current->fs;
copied_fs = copy_fs_struct(current->fs);
if (!copied_fs) {
err = -ENOMEM;
unlock_dir(lower_parent_dentry);
goto out_unlock;
}
current->fs = copied_fs;
current->fs->umask = 0;
err = vfs_mkdir2(lower_mnt, d_inode(lower_parent_dentry), lower_dentry, mode);
if (err) {
unlock_dir(lower_parent_dentry);
goto out;
}
/* if it is a local obb dentry, setup it with the base obbpath */
if (need_graft_path(dentry)) {
err = setup_obb_dentry(dentry, &lower_path);
if (err) {
/* if the sbi->obbpath is not available, the lower_path won't be
* changed by setup_obb_dentry() but the lower path is saved to
* its orig_path. this dentry will be revalidated later.
* but now, the lower_path should be NULL
*/
sdcardfs_put_reset_lower_path(dentry);
/* the newly created lower path which saved to its orig_path or
* the lower_path is the base obbpath.
* therefore, an additional path_get is required
*/
path_get(&lower_path);
} else
make_nomedia_in_obb = 1;
}
err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path, pd->userid);
if (err) {
unlock_dir(lower_parent_dentry);
goto out;
}
fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir));
fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry));
/* update number of links on parent directory */
set_nlink(dir, sdcardfs_lower_inode(dir)->i_nlink);
fixup_lower_ownership(dentry, dentry->d_name.name);
unlock_dir(lower_parent_dentry);
if ((!sbi->options.multiuser) && (qstr_case_eq(&dentry->d_name, &q_obb))
&& (pd->perm == PERM_ANDROID) && (pd->userid == 0))
make_nomedia_in_obb = 1;
/* When creating /Android/data and /Android/obb, mark them as .nomedia */
if (make_nomedia_in_obb ||
((pd->perm == PERM_ANDROID)
&& (qstr_case_eq(&dentry->d_name, &q_data)))) {
REVERT_CRED(saved_cred);
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred, SDCARDFS_I(d_inode(dentry)));
set_fs_pwd(current->fs, &lower_path);
touch_err = touch(".nomedia", 0664);
if (touch_err) {
pr_err("sdcardfs: failed to create .nomedia in %s: %d\n",
lower_path.dentry->d_name.name, touch_err);
goto out;
}
}
out:
current->fs = saved_fs;
free_fs_struct(copied_fs);
out_unlock:
sdcardfs_put_lower_path(dentry, &lower_path);
out_revert:
REVERT_CRED(saved_cred);
out_eacces:
return err;
}
static int sdcardfs_rmdir(struct inode *dir, struct dentry *dentry)
{
struct dentry *lower_dentry;
struct dentry *lower_dir_dentry;
struct vfsmount *lower_mnt;
int err;
struct path lower_path;
const struct cred *saved_cred = NULL;
if (!check_caller_access_to_name(dir, &dentry->d_name)) {
err = -EACCES;
goto out_eacces;
}
/* save current_cred and override it */
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb), saved_cred, SDCARDFS_I(dir));
/* sdcardfs_get_real_lower(): in case of remove an user's obb dentry
* the dentry on the original path should be deleted.
*/
sdcardfs_get_real_lower(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_mnt = lower_path.mnt;
lower_dir_dentry = lock_parent(lower_dentry);
err = vfs_rmdir2(lower_mnt, d_inode(lower_dir_dentry), lower_dentry);
if (err)
goto out;
d_drop(dentry); /* drop our dentry on success (why not VFS's job?) */
if (d_inode(dentry))
clear_nlink(d_inode(dentry));
fsstack_copy_attr_times(dir, d_inode(lower_dir_dentry));
fsstack_copy_inode_size(dir, d_inode(lower_dir_dentry));
set_nlink(dir, d_inode(lower_dir_dentry)->i_nlink);
out:
unlock_dir(lower_dir_dentry);
sdcardfs_put_real_lower(dentry, &lower_path);
REVERT_CRED(saved_cred);
out_eacces:
return err;
}
#if 0
static int sdcardfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode,
dev_t dev)
{
int err;
struct dentry *lower_dentry;
struct dentry *lower_parent_dentry = NULL;
struct path lower_path;
OVERRIDE_CRED(SDCARDFS_SB(dir->i_sb));
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_parent_dentry = lock_parent(lower_dentry);
err = vfs_mknod(d_inode(lower_parent_dentry), lower_dentry, mode, dev);
if (err)
goto out;
err = sdcardfs_interpose(dentry, dir->i_sb, &lower_path);
if (err)
goto out;
fsstack_copy_attr_times(dir, sdcardfs_lower_inode(dir));
fsstack_copy_inode_size(dir, d_inode(lower_parent_dentry));
out:
unlock_dir(lower_parent_dentry);
sdcardfs_put_lower_path(dentry, &lower_path);
REVERT_CRED();
return err;
}
#endif
/*
* The locking rules in sdcardfs_rename are complex. We could use a simpler
* superblock-level name-space lock for renames and copy-ups.
*/
static int sdcardfs_rename(struct inode *old_dir, struct dentry *old_dentry,
struct inode *new_dir, struct dentry *new_dentry)
{
int err = 0;
struct dentry *lower_old_dentry = NULL;
struct dentry *lower_new_dentry = NULL;
struct dentry *lower_old_dir_dentry = NULL;
struct dentry *lower_new_dir_dentry = NULL;
struct vfsmount *lower_mnt = NULL;
struct dentry *trap = NULL;
struct path lower_old_path, lower_new_path;
const struct cred *saved_cred = NULL;
if (!check_caller_access_to_name(old_dir, &old_dentry->d_name) ||
!check_caller_access_to_name(new_dir, &new_dentry->d_name)) {
err = -EACCES;
goto out_eacces;
}
/* save current_cred and override it */
OVERRIDE_CRED(SDCARDFS_SB(old_dir->i_sb), saved_cred, SDCARDFS_I(new_dir));
sdcardfs_get_real_lower(old_dentry, &lower_old_path);
sdcardfs_get_lower_path(new_dentry, &lower_new_path);
lower_old_dentry = lower_old_path.dentry;
lower_new_dentry = lower_new_path.dentry;
lower_mnt = lower_old_path.mnt;
lower_old_dir_dentry = dget_parent(lower_old_dentry);
lower_new_dir_dentry = dget_parent(lower_new_dentry);
trap = lock_rename(lower_old_dir_dentry, lower_new_dir_dentry);
/* source should not be ancestor of target */
if (trap == lower_old_dentry) {
err = -EINVAL;
goto out;
}
/* target should not be ancestor of source */
if (trap == lower_new_dentry) {
err = -ENOTEMPTY;
goto out;
}
err = vfs_rename2(lower_mnt,
d_inode(lower_old_dir_dentry), lower_old_dentry,
d_inode(lower_new_dir_dentry), lower_new_dentry,
NULL, 0);
if (err)
goto out;
/* Copy attrs from lower dir, but i_uid/i_gid */
sdcardfs_copy_and_fix_attrs(new_dir, d_inode(lower_new_dir_dentry));
fsstack_copy_inode_size(new_dir, d_inode(lower_new_dir_dentry));
if (new_dir != old_dir) {
sdcardfs_copy_and_fix_attrs(old_dir, d_inode(lower_old_dir_dentry));
fsstack_copy_inode_size(old_dir, d_inode(lower_old_dir_dentry));
}
get_derived_permission_new(new_dentry->d_parent, old_dentry, &new_dentry->d_name);
fixup_tmp_permissions(d_inode(old_dentry));
fixup_lower_ownership(old_dentry, new_dentry->d_name.name);
d_invalidate(old_dentry); /* Can't fixup ownership recursively :( */
out:
unlock_rename(lower_old_dir_dentry, lower_new_dir_dentry);
dput(lower_old_dir_dentry);
dput(lower_new_dir_dentry);
sdcardfs_put_real_lower(old_dentry, &lower_old_path);
sdcardfs_put_lower_path(new_dentry, &lower_new_path);
REVERT_CRED(saved_cred);
out_eacces:
return err;
}
#if 0
static int sdcardfs_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
{
int err;
struct dentry *lower_dentry;
struct path lower_path;
/* XXX readlink does not requires overriding credential */
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
if (!d_inode(lower_dentry)->i_op ||
!d_inode(lower_dentry)->i_op->readlink) {
err = -EINVAL;
goto out;
}
err = d_inode(lower_dentry)->i_op->readlink(lower_dentry,
buf, bufsiz);
if (err < 0)
goto out;
fsstack_copy_attr_atime(d_inode(dentry), d_inode(lower_dentry));
out:
sdcardfs_put_lower_path(dentry, &lower_path);
return err;
}
#endif
#if 0
static const char *sdcardfs_follow_link(struct dentry *dentry, void **cookie)
{
char *buf;
int len = PAGE_SIZE, err;
mm_segment_t old_fs;
/* This is freed by the put_link method assuming a successful call. */
buf = kmalloc(len, GFP_KERNEL);
if (!buf) {
buf = ERR_PTR(-ENOMEM);
return buf;
}
/* read the symlink, and then we will follow it */
old_fs = get_fs();
set_fs(KERNEL_DS);
err = sdcardfs_readlink(dentry, buf, len);
set_fs(old_fs);
if (err < 0) {
kfree(buf);
buf = ERR_PTR(err);
} else {
buf[err] = '\0';
}
return *cookie = buf;
}
#endif
static int sdcardfs_permission_wrn(struct inode *inode, int mask)
{
pr_debug("sdcardfs does not support permission. Use permission2.\n");
return -EINVAL;
}
void copy_attrs(struct inode *dest, const struct inode *src)
{
dest->i_mode = src->i_mode;
dest->i_uid = src->i_uid;
dest->i_gid = src->i_gid;
dest->i_rdev = src->i_rdev;
dest->i_atime = src->i_atime;
dest->i_mtime = src->i_mtime;
dest->i_ctime = src->i_ctime;
dest->i_blkbits = src->i_blkbits;
dest->i_flags = src->i_flags;
#ifdef CONFIG_FS_POSIX_ACL
dest->i_acl = src->i_acl;
#endif
#ifdef CONFIG_SECURITY
dest->i_security = src->i_security;
#endif
}
static int sdcardfs_permission(struct vfsmount *mnt, struct inode *inode, int mask)
{
int err;
struct inode tmp;
struct sdcardfs_inode_data *top = top_data_get(SDCARDFS_I(inode));
if (IS_ERR(mnt))
return PTR_ERR(mnt);
if (!top)
return -EINVAL;
/*
* Permission check on sdcardfs inode.
* Calling process should have AID_SDCARD_RW permission
* Since generic_permission only needs i_mode, i_uid,
* i_gid, and i_sb, we can create a fake inode to pass
* this information down in.
*
* The underlying code may attempt to take locks in some
* cases for features we're not using, but if that changes,
* locks must be dealt with to avoid undefined behavior.
*/
copy_attrs(&tmp, inode);
tmp.i_uid = make_kuid(&init_user_ns, top->d_uid);
tmp.i_gid = make_kgid(&init_user_ns, get_gid(mnt, inode->i_sb, top));
tmp.i_mode = (inode->i_mode & S_IFMT)
| get_mode(mnt, SDCARDFS_I(inode), top);
data_put(top);
tmp.i_sb = inode->i_sb;
if (IS_POSIXACL(inode))
pr_warn("%s: This may be undefined behavior...\n", __func__);
err = generic_permission(&tmp, mask);
/* XXX
* Original sdcardfs code calls inode_permission(lower_inode,.. )
* for checking inode permission. But doing such things here seems
* duplicated work, because the functions called after this func,
* such as vfs_create, vfs_unlink, vfs_rename, and etc,
* does exactly same thing, i.e., they calls inode_permission().
* So we just let they do the things.
* If there are any security hole, just uncomment following if block.
*/
#if 0
if (!err) {
/*
* Permission check on lower_inode(=EXT4).
* we check it with AID_MEDIA_RW permission
*/
struct inode *lower_inode;
OVERRIDE_CRED(SDCARDFS_SB(inode->sb));
lower_inode = sdcardfs_lower_inode(inode);
err = inode_permission(lower_inode, mask);
REVERT_CRED();
}
#endif
return err;
}
static int sdcardfs_setattr_wrn(struct dentry *dentry, struct iattr *ia)
{
WARN_RATELIMIT(1, "sdcardfs does not support setattr. User setattr2.\n");
return -EINVAL;
}
static int sdcardfs_setattr(struct vfsmount *mnt, struct dentry *dentry, struct iattr *ia)
{
int err;
struct dentry *lower_dentry;
struct vfsmount *lower_mnt;
struct inode *inode;
struct inode *lower_inode;
struct path lower_path;
struct iattr lower_ia;
struct dentry *parent;
struct inode tmp;
struct sdcardfs_inode_data *top;
const struct cred *saved_cred = NULL;
inode = d_inode(dentry);
top = top_data_get(SDCARDFS_I(inode));
if (!top)
return -EINVAL;
/*
* Permission check on sdcardfs inode.
* Calling process should have AID_SDCARD_RW permission
* Since generic_permission only needs i_mode, i_uid,
* i_gid, and i_sb, we can create a fake inode to pass
* this information down in.
*
* The underlying code may attempt to take locks in some
* cases for features we're not using, but if that changes,
* locks must be dealt with to avoid undefined behavior.
*
*/
copy_attrs(&tmp, inode);
tmp.i_uid = make_kuid(&init_user_ns, top->d_uid);
tmp.i_gid = make_kgid(&init_user_ns, get_gid(mnt, dentry->d_sb, top));
tmp.i_mode = (inode->i_mode & S_IFMT)
| get_mode(mnt, SDCARDFS_I(inode), top);
tmp.i_size = i_size_read(inode);
data_put(top);
tmp.i_sb = inode->i_sb;
/*
* Check if user has permission to change inode. We don't check if
* this user can change the lower inode: that should happen when
* calling notify_change on the lower inode.
*/
/* prepare our own lower struct iattr (with the lower file) */
memcpy(&lower_ia, ia, sizeof(lower_ia));
/* Allow touch updating timestamps. A previous permission check ensures
* we have write access. Changes to mode, owner, and group are ignored
*/
ia->ia_valid |= ATTR_FORCE;
err = inode_change_ok(&tmp, ia);
if (!err) {
/* check the Android group ID */
parent = dget_parent(dentry);
if (!check_caller_access_to_name(d_inode(parent), &dentry->d_name))
err = -EACCES;
dput(parent);
}
if (err)
goto out_err;
/* save current_cred and override it */
OVERRIDE_CRED(SDCARDFS_SB(dentry->d_sb), saved_cred, SDCARDFS_I(inode));
sdcardfs_get_lower_path(dentry, &lower_path);
lower_dentry = lower_path.dentry;
lower_mnt = lower_path.mnt;
lower_inode = sdcardfs_lower_inode(inode);
if (ia->ia_valid & ATTR_FILE)
lower_ia.ia_file = sdcardfs_lower_file(ia->ia_file);
lower_ia.ia_valid &= ~(ATTR_UID | ATTR_GID | ATTR_MODE);
/*
* If shrinking, first truncate upper level to cancel writing dirty
* pages beyond the new eof; and also if its' maxbytes is more
* limiting (fail with -EFBIG before making any change to the lower
* level). There is no need to vmtruncate the upper level
* afterwards in the other cases: we fsstack_copy_inode_size from
* the lower level.
*/
if (ia->ia_valid & ATTR_SIZE) {
err = inode_newsize_ok(&tmp, ia->ia_size);
if (err) {
goto out;
}
truncate_setsize(inode, ia->ia_size);
}
/*
* mode change is for clearing setuid/setgid bits. Allow lower fs
* to interpret this in its own way.
*/
if (lower_ia.ia_valid & (ATTR_KILL_SUID | ATTR_KILL_SGID))
lower_ia.ia_valid &= ~ATTR_MODE;
/* notify the (possibly copied-up) lower inode */
/*
* Note: we use d_inode(lower_dentry), because lower_inode may be
* unlinked (no inode->i_sb and i_ino==0. This happens if someone
* tries to open(), unlink(), then ftruncate() a file.
*/
mutex_lock(&d_inode(lower_dentry)->i_mutex);
err = notify_change2(lower_mnt, lower_dentry, &lower_ia, /* note: lower_ia */
NULL);
mutex_unlock(&d_inode(lower_dentry)->i_mutex);
if (err)
goto out;
/* get attributes from the lower inode and update derived permissions */
sdcardfs_copy_and_fix_attrs(inode, lower_inode);
/*
* Not running fsstack_copy_inode_size(inode, lower_inode), because
* VFS should update our inode size, and notify_change on
* lower_inode should update its size.
*/
out:
sdcardfs_put_lower_path(dentry, &lower_path);
REVERT_CRED(saved_cred);
out_err:
return err;
}
static int sdcardfs_fillattr(struct vfsmount *mnt,
struct inode *inode, struct kstat *stat)
{
struct sdcardfs_inode_info *info = SDCARDFS_I(inode);
struct sdcardfs_inode_data *top = top_data_get(info);
struct super_block *sb = inode->i_sb;
if (!top)
return -EINVAL;
stat->dev = inode->i_sb->s_dev;
stat->ino = inode->i_ino;
stat->mode = (inode->i_mode & S_IFMT) | get_mode(mnt, info, top);
stat->nlink = inode->i_nlink;
stat->uid = make_kuid(&init_user_ns, top->d_uid);
stat->gid = make_kgid(&init_user_ns, get_gid(mnt, sb, top));
stat->rdev = inode->i_rdev;
stat->size = i_size_read(inode);
stat->atime = inode->i_atime;
stat->mtime = inode->i_mtime;
stat->ctime = inode->i_ctime;
stat->blksize = (1 << inode->i_blkbits);
stat->blocks = inode->i_blocks;
data_put(top);
return 0;
}
static int sdcardfs_getattr(struct vfsmount *mnt, struct dentry *dentry,
struct kstat *stat)
{
struct kstat lower_stat;
struct path lower_path;
struct dentry *parent;
int err;
parent = dget_parent(dentry);
if (!check_caller_access_to_name(d_inode(parent), &dentry->d_name)) {
dput(parent);
return -EACCES;
}
dput(parent);
sdcardfs_get_lower_path(dentry, &lower_path);
err = vfs_getattr(&lower_path, &lower_stat);
if (err)
goto out;
sdcardfs_copy_and_fix_attrs(d_inode(dentry),
d_inode(lower_path.dentry));
err = sdcardfs_fillattr(mnt, d_inode(dentry), stat);
stat->blocks = lower_stat.blocks;
out:
sdcardfs_put_lower_path(dentry, &lower_path);
return err;
}
const struct inode_operations sdcardfs_symlink_iops = {
.permission2 = sdcardfs_permission,
.setattr2 = sdcardfs_setattr,
/* XXX Following operations are implemented,
* but FUSE(sdcard) or FAT does not support them
* These methods are *NOT* perfectly tested.
.readlink = sdcardfs_readlink,
.follow_link = sdcardfs_follow_link,
.put_link = kfree_put_link,
*/
};
const struct inode_operations sdcardfs_dir_iops = {
.create = sdcardfs_create,
.lookup = sdcardfs_lookup,
.permission = sdcardfs_permission_wrn,
.permission2 = sdcardfs_permission,
.unlink = sdcardfs_unlink,
.mkdir = sdcardfs_mkdir,
.rmdir = sdcardfs_rmdir,
.rename = sdcardfs_rename,
.setattr = sdcardfs_setattr_wrn,
.setattr2 = sdcardfs_setattr,
.getattr = sdcardfs_getattr,
/* XXX Following operations are implemented,
* but FUSE(sdcard) or FAT does not support them
* These methods are *NOT* perfectly tested.
.symlink = sdcardfs_symlink,
.link = sdcardfs_link,
.mknod = sdcardfs_mknod,
*/
};
const struct inode_operations sdcardfs_main_iops = {
.permission = sdcardfs_permission_wrn,
.permission2 = sdcardfs_permission,
.setattr = sdcardfs_setattr_wrn,
.setattr2 = sdcardfs_setattr,
.getattr = sdcardfs_getattr,
};
Reference in a new issue View git blame Copy permalink