blob: 89656abbf4f83d8d954f9b4d78b784907d54ed48 [file] [log] [blame]
Eric Paris5444e292009-12-17 21:24:27 -05001/*
2 * Copyright (C) 2008 Red Hat, Inc., Eric Paris <eparis@redhat.com>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2, or (at your option)
7 * any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; see the file COPYING. If not, write to
16 * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
17 */
18
19/*
20 * fsnotify inode mark locking/lifetime/and refcnting
21 *
22 * REFCNT:
Lino Sanfilippo9756b912013-07-08 15:59:46 -070023 * The group->recnt and mark->refcnt tell how many "things" in the kernel
24 * currently are referencing the objects. Both kind of objects typically will
25 * live inside the kernel with a refcnt of 2, one for its creation and one for
26 * the reference a group and a mark hold to each other.
27 * If you are holding the appropriate locks, you can take a reference and the
28 * object itself is guaranteed to survive until the reference is dropped.
Eric Paris5444e292009-12-17 21:24:27 -050029 *
30 * LOCKING:
Lino Sanfilippo9756b912013-07-08 15:59:46 -070031 * There are 3 locks involved with fsnotify inode marks and they MUST be taken
32 * in order as follows:
Eric Paris5444e292009-12-17 21:24:27 -050033 *
Lino Sanfilippo9756b912013-07-08 15:59:46 -070034 * group->mark_mutex
Eric Paris5444e292009-12-17 21:24:27 -050035 * mark->lock
Jan Kara04662ca2017-02-01 08:19:43 +010036 * mark->connector->lock
Eric Paris5444e292009-12-17 21:24:27 -050037 *
Lino Sanfilippo9756b912013-07-08 15:59:46 -070038 * group->mark_mutex protects the marks_list anchored inside a given group and
39 * each mark is hooked via the g_list. It also protects the groups private
40 * data (i.e group limits).
41
42 * mark->lock protects the marks attributes like its masks and flags.
43 * Furthermore it protects the access to a reference of the group that the mark
44 * is assigned to as well as the access to a reference of the inode/vfsmount
45 * that is being watched by the mark.
Eric Paris5444e292009-12-17 21:24:27 -050046 *
Jan Kara04662ca2017-02-01 08:19:43 +010047 * mark->connector->lock protects the list of marks anchored inside an
48 * inode / vfsmount and each mark is hooked via the i_list.
Eric Paris5444e292009-12-17 21:24:27 -050049 *
Jan Kara04662ca2017-02-01 08:19:43 +010050 * A list of notification marks relating to inode / mnt is contained in
51 * fsnotify_mark_connector. That structure is alive as long as there are any
Jan Kara6b3f05d2016-12-21 12:15:30 +010052 * marks in the list and is also protected by fsnotify_mark_srcu. A mark gets
53 * detached from fsnotify_mark_connector when last reference to the mark is
54 * dropped. Thus having mark reference is enough to protect mark->connector
55 * pointer and to make sure fsnotify_mark_connector cannot disappear. Also
56 * because we remove mark from g_list before dropping mark reference associated
57 * with that, any mark found through g_list is guaranteed to have
58 * mark->connector set until we drop group->mark_mutex.
Eric Paris5444e292009-12-17 21:24:27 -050059 *
60 * LIFETIME:
61 * Inode marks survive between when they are added to an inode and when their
Jan Karac1f33072016-12-16 10:53:32 +010062 * refcnt==0. Marks are also protected by fsnotify_mark_srcu.
Eric Paris5444e292009-12-17 21:24:27 -050063 *
64 * The inode mark can be cleared for a number of different reasons including:
65 * - The inode is unlinked for the last time. (fsnotify_inode_remove)
66 * - The inode is being evicted from cache. (fsnotify_inode_delete)
67 * - The fs the inode is on is unmounted. (fsnotify_inode_delete/fsnotify_unmount_inodes)
68 * - Something explicitly requests that it be removed. (fsnotify_destroy_mark)
69 * - The fsnotify_group associated with the mark is going away and all such marks
Jan Kara18f2e0d2017-01-04 10:33:18 +010070 * need to be cleaned up. (fsnotify_detach_group_marks)
Eric Paris5444e292009-12-17 21:24:27 -050071 *
Eric Paris5444e292009-12-17 21:24:27 -050072 * This has the very interesting property of being able to run concurrently with
73 * any (or all) other directions.
74 */
75
76#include <linux/fs.h>
77#include <linux/init.h>
78#include <linux/kernel.h>
Eric Paris75c1be42010-07-28 10:18:38 -040079#include <linux/kthread.h>
Eric Paris5444e292009-12-17 21:24:27 -050080#include <linux/module.h>
81#include <linux/mutex.h>
82#include <linux/slab.h>
83#include <linux/spinlock.h>
Eric Paris75c1be42010-07-28 10:18:38 -040084#include <linux/srcu.h>
Eric Paris5444e292009-12-17 21:24:27 -050085
Arun Sharma600634972011-07-26 16:09:06 -070086#include <linux/atomic.h>
Eric Paris5444e292009-12-17 21:24:27 -050087
88#include <linux/fsnotify_backend.h>
89#include "fsnotify.h"
90
Jeff Layton0918f1c2016-02-17 13:11:21 -080091#define FSNOTIFY_REAPER_DELAY (1) /* 1 jiffy */
92
Eric Paris75c1be42010-07-28 10:18:38 -040093struct srcu_struct fsnotify_mark_srcu;
Jan Kara9dd813c2017-03-14 12:31:02 +010094struct kmem_cache *fsnotify_mark_connector_cachep;
95
Jeff Layton13d34ac2016-02-17 13:11:18 -080096static DEFINE_SPINLOCK(destroy_lock);
97static LIST_HEAD(destroy_list);
Jan Kara08991e82017-02-01 09:21:58 +010098static struct fsnotify_mark_connector *connector_destroy_list;
Jeff Layton0918f1c2016-02-17 13:11:21 -080099
Jan Kara35e48172016-05-19 17:08:59 -0700100static void fsnotify_mark_destroy_workfn(struct work_struct *work);
101static DECLARE_DELAYED_WORK(reaper_work, fsnotify_mark_destroy_workfn);
Eric Paris75c1be42010-07-28 10:18:38 -0400102
Jan Kara08991e82017-02-01 09:21:58 +0100103static void fsnotify_connector_destroy_workfn(struct work_struct *work);
104static DECLARE_WORK(connector_reaper_work, fsnotify_connector_destroy_workfn);
105
Eric Paris5444e292009-12-17 21:24:27 -0500106void fsnotify_get_mark(struct fsnotify_mark *mark)
107{
Jan Kara11375142016-11-09 14:54:20 +0100108 WARN_ON_ONCE(!atomic_read(&mark->refcnt));
Eric Paris5444e292009-12-17 21:24:27 -0500109 atomic_inc(&mark->refcnt);
110}
111
Jan Karaabc77572016-11-10 16:02:11 +0100112/*
113 * Get mark reference when we found the mark via lockless traversal of object
114 * list. Mark can be already removed from the list by now and on its way to be
115 * destroyed once SRCU period ends.
116 */
117static bool fsnotify_get_mark_safe(struct fsnotify_mark *mark)
118{
119 return atomic_inc_not_zero(&mark->refcnt);
120}
121
Jan Karaa2426772017-03-15 09:16:27 +0100122static void __fsnotify_recalc_mask(struct fsnotify_mark_connector *conn)
Jan Kara0809ab62014-12-12 16:58:36 -0800123{
124 u32 new_mask = 0;
125 struct fsnotify_mark *mark;
126
Jan Kara04662ca2017-02-01 08:19:43 +0100127 assert_spin_locked(&conn->lock);
Jan Kara6b3f05d2016-12-21 12:15:30 +0100128 hlist_for_each_entry(mark, &conn->list, obj_list) {
129 if (mark->flags & FSNOTIFY_MARK_FLAG_ATTACHED)
130 new_mask |= mark->mask;
131 }
Jan Karaa2426772017-03-15 09:16:27 +0100132 if (conn->flags & FSNOTIFY_OBJ_TYPE_INODE)
133 conn->inode->i_fsnotify_mask = new_mask;
134 else if (conn->flags & FSNOTIFY_OBJ_TYPE_VFSMOUNT)
135 real_mount(conn->mnt)->mnt_fsnotify_mask = new_mask;
136}
137
138/*
139 * Calculate mask of events for a list of marks. The caller must make sure
Jan Kara6b3f05d2016-12-21 12:15:30 +0100140 * connector and connector->inode cannot disappear under us. Callers achieve
141 * this by holding a mark->lock or mark->group->mark_mutex for a mark on this
142 * list.
Jan Karaa2426772017-03-15 09:16:27 +0100143 */
144void fsnotify_recalc_mask(struct fsnotify_mark_connector *conn)
145{
146 if (!conn)
147 return;
148
Jan Kara04662ca2017-02-01 08:19:43 +0100149 spin_lock(&conn->lock);
Jan Karaa2426772017-03-15 09:16:27 +0100150 __fsnotify_recalc_mask(conn);
Jan Kara04662ca2017-02-01 08:19:43 +0100151 spin_unlock(&conn->lock);
152 if (conn->flags & FSNOTIFY_OBJ_TYPE_INODE)
Jan Karaa2426772017-03-15 09:16:27 +0100153 __fsnotify_update_child_dentry_flags(conn->inode);
Jan Kara0809ab62014-12-12 16:58:36 -0800154}
155
Jan Kara08991e82017-02-01 09:21:58 +0100156/* Free all connectors queued for freeing once SRCU period ends */
157static void fsnotify_connector_destroy_workfn(struct work_struct *work)
158{
159 struct fsnotify_mark_connector *conn, *free;
160
161 spin_lock(&destroy_lock);
162 conn = connector_destroy_list;
163 connector_destroy_list = NULL;
164 spin_unlock(&destroy_lock);
165
166 synchronize_srcu(&fsnotify_mark_srcu);
167 while (conn) {
168 free = conn;
169 conn = conn->destroy_next;
170 kmem_cache_free(fsnotify_mark_connector_cachep, free);
171 }
172}
173
Jan Kara08991e82017-02-01 09:21:58 +0100174static struct inode *fsnotify_detach_connector_from_object(
175 struct fsnotify_mark_connector *conn)
176{
177 struct inode *inode = NULL;
178
179 if (conn->flags & FSNOTIFY_OBJ_TYPE_INODE) {
180 inode = conn->inode;
181 rcu_assign_pointer(inode->i_fsnotify_marks, NULL);
182 inode->i_fsnotify_mask = 0;
183 conn->inode = NULL;
184 conn->flags &= ~FSNOTIFY_OBJ_TYPE_INODE;
185 } else if (conn->flags & FSNOTIFY_OBJ_TYPE_VFSMOUNT) {
186 rcu_assign_pointer(real_mount(conn->mnt)->mnt_fsnotify_marks,
187 NULL);
188 real_mount(conn->mnt)->mnt_fsnotify_mask = 0;
189 conn->mnt = NULL;
190 conn->flags &= ~FSNOTIFY_OBJ_TYPE_VFSMOUNT;
191 }
192
193 return inode;
194}
195
Jan Kara6b3f05d2016-12-21 12:15:30 +0100196static void fsnotify_final_mark_destroy(struct fsnotify_mark *mark)
197{
198 if (mark->group)
199 fsnotify_put_group(mark->group);
200 mark->free_mark(mark);
201}
202
203void fsnotify_put_mark(struct fsnotify_mark *mark)
Jan Kara8212a602017-03-15 09:48:11 +0100204{
205 struct fsnotify_mark_connector *conn;
206 struct inode *inode = NULL;
Jan Kara08991e82017-02-01 09:21:58 +0100207 bool free_conn = false;
Jan Kara8212a602017-03-15 09:48:11 +0100208
Jan Kara6b3f05d2016-12-21 12:15:30 +0100209 /* Catch marks that were actually never attached to object */
210 if (!mark->connector) {
211 if (atomic_dec_and_test(&mark->refcnt))
212 fsnotify_final_mark_destroy(mark);
213 return;
214 }
215
216 /*
217 * We have to be careful so that traversals of obj_list under lock can
218 * safely grab mark reference.
219 */
220 if (!atomic_dec_and_lock(&mark->refcnt, &mark->connector->lock))
221 return;
222
Jan Kara8212a602017-03-15 09:48:11 +0100223 conn = mark->connector;
Jan Kara8212a602017-03-15 09:48:11 +0100224 hlist_del_init_rcu(&mark->obj_list);
225 if (hlist_empty(&conn->list)) {
Jan Kara08991e82017-02-01 09:21:58 +0100226 inode = fsnotify_detach_connector_from_object(conn);
227 free_conn = true;
228 } else {
229 __fsnotify_recalc_mask(conn);
Jan Kara8212a602017-03-15 09:48:11 +0100230 }
231 mark->connector = NULL;
Jan Kara04662ca2017-02-01 08:19:43 +0100232 spin_unlock(&conn->lock);
Jan Kara8212a602017-03-15 09:48:11 +0100233
Jan Kara6b3f05d2016-12-21 12:15:30 +0100234 iput(inode);
235
Jan Kara08991e82017-02-01 09:21:58 +0100236 if (free_conn) {
237 spin_lock(&destroy_lock);
238 conn->destroy_next = connector_destroy_list;
239 connector_destroy_list = conn;
240 spin_unlock(&destroy_lock);
241 queue_work(system_unbound_wq, &connector_reaper_work);
242 }
Jan Kara6b3f05d2016-12-21 12:15:30 +0100243 /*
244 * Note that we didn't update flags telling whether inode cares about
245 * what's happening with children. We update these flags from
246 * __fsnotify_parent() lazily when next event happens on one of our
247 * children.
248 */
249 spin_lock(&destroy_lock);
250 list_add(&mark->g_list, &destroy_list);
251 spin_unlock(&destroy_lock);
252 queue_delayed_work(system_unbound_wq, &reaper_work,
253 FSNOTIFY_REAPER_DELAY);
Jan Kara8212a602017-03-15 09:48:11 +0100254}
255
Jan Karaabc77572016-11-10 16:02:11 +0100256bool fsnotify_prepare_user_wait(struct fsnotify_iter_info *iter_info)
257{
258 struct fsnotify_group *group;
259
260 if (WARN_ON_ONCE(!iter_info->inode_mark && !iter_info->vfsmount_mark))
261 return false;
262
263 if (iter_info->inode_mark)
264 group = iter_info->inode_mark->group;
265 else
266 group = iter_info->vfsmount_mark->group;
267
268 /*
269 * Since acquisition of mark reference is an atomic op as well, we can
270 * be sure this inc is seen before any effect of refcount increment.
271 */
272 atomic_inc(&group->user_waits);
273
274 if (iter_info->inode_mark) {
275 /* This can fail if mark is being removed */
276 if (!fsnotify_get_mark_safe(iter_info->inode_mark))
277 goto out_wait;
278 }
279 if (iter_info->vfsmount_mark) {
280 if (!fsnotify_get_mark_safe(iter_info->vfsmount_mark))
281 goto out_inode;
282 }
283
284 /*
285 * Now that both marks are pinned by refcount in the inode / vfsmount
286 * lists, we can drop SRCU lock, and safely resume the list iteration
287 * once userspace returns.
288 */
289 srcu_read_unlock(&fsnotify_mark_srcu, iter_info->srcu_idx);
290
291 return true;
292out_inode:
293 if (iter_info->inode_mark)
294 fsnotify_put_mark(iter_info->inode_mark);
295out_wait:
296 if (atomic_dec_and_test(&group->user_waits) && group->shutdown)
297 wake_up(&group->notification_waitq);
298 return false;
299}
300
301void fsnotify_finish_user_wait(struct fsnotify_iter_info *iter_info)
302{
303 struct fsnotify_group *group = NULL;
304
305 iter_info->srcu_idx = srcu_read_lock(&fsnotify_mark_srcu);
306 if (iter_info->inode_mark) {
307 group = iter_info->inode_mark->group;
308 fsnotify_put_mark(iter_info->inode_mark);
309 }
310 if (iter_info->vfsmount_mark) {
311 group = iter_info->vfsmount_mark->group;
312 fsnotify_put_mark(iter_info->vfsmount_mark);
313 }
314 /*
315 * We abuse notification_waitq on group shutdown for waiting for all
316 * marks pinned when waiting for userspace.
317 */
318 if (atomic_dec_and_test(&group->user_waits) && group->shutdown)
319 wake_up(&group->notification_waitq);
320}
321
Eric Paris5444e292009-12-17 21:24:27 -0500322/*
Jan Kara6b3f05d2016-12-21 12:15:30 +0100323 * Mark mark as detached, remove it from group list. Mark still stays in object
324 * list until its last reference is dropped. Note that we rely on mark being
325 * removed from group list before corresponding reference to it is dropped. In
326 * particular we rely on mark->connector being valid while we hold
327 * group->mark_mutex if we found the mark through g_list.
Jan Kara4712e7222015-09-04 15:43:12 -0700328 *
Jan Kara11375142016-11-09 14:54:20 +0100329 * Must be called with group->mark_mutex held. The caller must either hold
330 * reference to the mark or be protected by fsnotify_mark_srcu.
Eric Paris5444e292009-12-17 21:24:27 -0500331 */
Jan Kara4712e7222015-09-04 15:43:12 -0700332void fsnotify_detach_mark(struct fsnotify_mark *mark)
Eric Paris5444e292009-12-17 21:24:27 -0500333{
Jan Kara4712e7222015-09-04 15:43:12 -0700334 struct fsnotify_group *group = mark->group;
Eric Paris5444e292009-12-17 21:24:27 -0500335
Jan Kara11375142016-11-09 14:54:20 +0100336 WARN_ON_ONCE(!mutex_is_locked(&group->mark_mutex));
337 WARN_ON_ONCE(!srcu_read_lock_held(&fsnotify_mark_srcu) &&
338 atomic_read(&mark->refcnt) < 1 +
339 !!(mark->flags & FSNOTIFY_MARK_FLAG_ATTACHED));
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200340
Lino Sanfilippo104d06f2011-06-14 17:29:48 +0200341 spin_lock(&mark->lock);
Eric Paris700307a2010-07-28 10:18:38 -0400342 /* something else already called this function on this mark */
Jan Kara4712e7222015-09-04 15:43:12 -0700343 if (!(mark->flags & FSNOTIFY_MARK_FLAG_ATTACHED)) {
Eric Paris5444e292009-12-17 21:24:27 -0500344 spin_unlock(&mark->lock);
Lino Sanfilippoe2a29942011-06-14 17:29:51 +0200345 return;
Eric Paris5444e292009-12-17 21:24:27 -0500346 }
Jan Kara4712e7222015-09-04 15:43:12 -0700347 mark->flags &= ~FSNOTIFY_MARK_FLAG_ATTACHED;
Eric Paris5444e292009-12-17 21:24:27 -0500348 list_del_init(&mark->g_list);
Eric Paris5444e292009-12-17 21:24:27 -0500349 spin_unlock(&mark->lock);
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200350
Jan Kara4712e7222015-09-04 15:43:12 -0700351 atomic_dec(&group->num_marks);
Jan Kara11375142016-11-09 14:54:20 +0100352
353 /* Drop mark reference acquired in fsnotify_add_mark_locked() */
354 fsnotify_put_mark(mark);
Jan Kara4712e7222015-09-04 15:43:12 -0700355}
356
357/*
Jan Kara11375142016-11-09 14:54:20 +0100358 * Free fsnotify mark. The mark is actually only marked as being freed. The
359 * freeing is actually happening only once last reference to the mark is
360 * dropped from a workqueue which first waits for srcu period end.
Jan Kara35e48172016-05-19 17:08:59 -0700361 *
Jan Kara11375142016-11-09 14:54:20 +0100362 * Caller must have a reference to the mark or be protected by
363 * fsnotify_mark_srcu.
Jan Kara4712e7222015-09-04 15:43:12 -0700364 */
Jan Kara11375142016-11-09 14:54:20 +0100365void fsnotify_free_mark(struct fsnotify_mark *mark)
Jan Kara4712e7222015-09-04 15:43:12 -0700366{
367 struct fsnotify_group *group = mark->group;
368
369 spin_lock(&mark->lock);
370 /* something else already called this function on this mark */
371 if (!(mark->flags & FSNOTIFY_MARK_FLAG_ALIVE)) {
372 spin_unlock(&mark->lock);
Jan Kara11375142016-11-09 14:54:20 +0100373 return;
Jan Kara4712e7222015-09-04 15:43:12 -0700374 }
375 mark->flags &= ~FSNOTIFY_MARK_FLAG_ALIVE;
376 spin_unlock(&mark->lock);
Eric Paris5444e292009-12-17 21:24:27 -0500377
Linus Torvaldsd725e662015-07-21 16:06:53 -0700378 /*
379 * Some groups like to know that marks are being freed. This is a
380 * callback to the group function to let it know that this mark
381 * is being freed.
382 */
383 if (group->ops->freeing_mark)
384 group->ops->freeing_mark(mark, group);
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200385}
386
387void fsnotify_destroy_mark(struct fsnotify_mark *mark,
388 struct fsnotify_group *group)
389{
Lino Sanfilippo6960b0d2011-08-12 01:13:31 +0200390 mutex_lock_nested(&group->mark_mutex, SINGLE_DEPTH_NESTING);
Jan Kara4712e7222015-09-04 15:43:12 -0700391 fsnotify_detach_mark(mark);
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200392 mutex_unlock(&group->mark_mutex);
Jan Kara4712e7222015-09-04 15:43:12 -0700393 fsnotify_free_mark(mark);
Eric Paris5444e292009-12-17 21:24:27 -0500394}
395
396/*
Jan Kara8edc6e12014-11-13 15:19:33 -0800397 * Sorting function for lists of fsnotify marks.
398 *
399 * Fanotify supports different notification classes (reflected as priority of
400 * notification group). Events shall be passed to notification groups in
401 * decreasing priority order. To achieve this marks in notification lists for
402 * inodes and vfsmounts are sorted so that priorities of corresponding groups
403 * are descending.
404 *
405 * Furthermore correct handling of the ignore mask requires processing inode
406 * and vfsmount marks of each group together. Using the group address as
407 * further sort criterion provides a unique sorting order and thus we can
408 * merge inode and vfsmount lists of marks in linear time and find groups
409 * present in both lists.
410 *
411 * A return value of 1 signifies that b has priority over a.
412 * A return value of 0 signifies that the two marks have to be handled together.
413 * A return value of -1 signifies that a has priority over b.
414 */
415int fsnotify_compare_groups(struct fsnotify_group *a, struct fsnotify_group *b)
416{
417 if (a == b)
418 return 0;
419 if (!a)
420 return 1;
421 if (!b)
422 return -1;
423 if (a->priority < b->priority)
424 return 1;
425 if (a->priority > b->priority)
426 return -1;
427 if (a < b)
428 return 1;
429 return -1;
430}
431
Jan Kara9dd813c2017-03-14 12:31:02 +0100432static int fsnotify_attach_connector_to_object(
Jan Kara08991e82017-02-01 09:21:58 +0100433 struct fsnotify_mark_connector __rcu **connp,
434 struct inode *inode,
435 struct vfsmount *mnt)
Jan Kara9dd813c2017-03-14 12:31:02 +0100436{
437 struct fsnotify_mark_connector *conn;
438
Jan Kara755b5bc2017-03-14 16:11:23 +0100439 conn = kmem_cache_alloc(fsnotify_mark_connector_cachep, GFP_KERNEL);
Jan Kara9dd813c2017-03-14 12:31:02 +0100440 if (!conn)
441 return -ENOMEM;
Jan Kara04662ca2017-02-01 08:19:43 +0100442 spin_lock_init(&conn->lock);
Jan Kara9dd813c2017-03-14 12:31:02 +0100443 INIT_HLIST_HEAD(&conn->list);
Jan Kara86ffe242017-03-14 14:29:35 +0100444 if (inode) {
445 conn->flags = FSNOTIFY_OBJ_TYPE_INODE;
Jan Kara08991e82017-02-01 09:21:58 +0100446 conn->inode = igrab(inode);
Jan Kara86ffe242017-03-14 14:29:35 +0100447 } else {
448 conn->flags = FSNOTIFY_OBJ_TYPE_VFSMOUNT;
449 conn->mnt = mnt;
450 }
Jan Kara9dd813c2017-03-14 12:31:02 +0100451 /*
Jan Kara04662ca2017-02-01 08:19:43 +0100452 * cmpxchg() provides the barrier so that readers of *connp can see
453 * only initialized structure
Jan Kara9dd813c2017-03-14 12:31:02 +0100454 */
Jan Kara04662ca2017-02-01 08:19:43 +0100455 if (cmpxchg(connp, NULL, conn)) {
456 /* Someone else created list structure for us */
Jan Kara08991e82017-02-01 09:21:58 +0100457 if (inode)
458 iput(inode);
Jan Kara755b5bc2017-03-14 16:11:23 +0100459 kmem_cache_free(fsnotify_mark_connector_cachep, conn);
Jan Kara04662ca2017-02-01 08:19:43 +0100460 }
Jan Kara9dd813c2017-03-14 12:31:02 +0100461
462 return 0;
463}
464
465/*
Jan Kara08991e82017-02-01 09:21:58 +0100466 * Get mark connector, make sure it is alive and return with its lock held.
467 * This is for users that get connector pointer from inode or mount. Users that
468 * hold reference to a mark on the list may directly lock connector->lock as
469 * they are sure list cannot go away under them.
470 */
471static struct fsnotify_mark_connector *fsnotify_grab_connector(
472 struct fsnotify_mark_connector __rcu **connp)
473{
474 struct fsnotify_mark_connector *conn;
475 int idx;
476
477 idx = srcu_read_lock(&fsnotify_mark_srcu);
478 conn = srcu_dereference(*connp, &fsnotify_mark_srcu);
479 if (!conn)
480 goto out;
481 spin_lock(&conn->lock);
482 if (!(conn->flags & (FSNOTIFY_OBJ_TYPE_INODE |
483 FSNOTIFY_OBJ_TYPE_VFSMOUNT))) {
484 spin_unlock(&conn->lock);
485 srcu_read_unlock(&fsnotify_mark_srcu, idx);
486 return NULL;
487 }
488out:
489 srcu_read_unlock(&fsnotify_mark_srcu, idx);
490 return conn;
491}
492
493/*
Jan Kara9dd813c2017-03-14 12:31:02 +0100494 * Add mark into proper place in given list of marks. These marks may be used
495 * for the fsnotify backend to determine which event types should be delivered
496 * to which group and for which inodes. These marks are ordered according to
497 * priority, highest number first, and then by the group's location in memory.
498 */
Jan Kara755b5bc2017-03-14 16:11:23 +0100499static int fsnotify_add_mark_list(struct fsnotify_mark *mark,
500 struct inode *inode, struct vfsmount *mnt,
501 int allow_dups)
Jan Kara0809ab62014-12-12 16:58:36 -0800502{
503 struct fsnotify_mark *lmark, *last = NULL;
Jan Kara9dd813c2017-03-14 12:31:02 +0100504 struct fsnotify_mark_connector *conn;
Jan Kara08991e82017-02-01 09:21:58 +0100505 struct fsnotify_mark_connector __rcu **connp;
Jan Kara0809ab62014-12-12 16:58:36 -0800506 int cmp;
Jan Kara755b5bc2017-03-14 16:11:23 +0100507 int err = 0;
508
509 if (WARN_ON(!inode && !mnt))
510 return -EINVAL;
Jan Kara04662ca2017-02-01 08:19:43 +0100511 if (inode)
Jan Kara755b5bc2017-03-14 16:11:23 +0100512 connp = &inode->i_fsnotify_marks;
Jan Kara04662ca2017-02-01 08:19:43 +0100513 else
Jan Kara755b5bc2017-03-14 16:11:23 +0100514 connp = &real_mount(mnt)->mnt_fsnotify_marks;
Jan Kara08991e82017-02-01 09:21:58 +0100515restart:
516 spin_lock(&mark->lock);
517 conn = fsnotify_grab_connector(connp);
518 if (!conn) {
519 spin_unlock(&mark->lock);
Jan Kara04662ca2017-02-01 08:19:43 +0100520 err = fsnotify_attach_connector_to_object(connp, inode, mnt);
Jan Kara9dd813c2017-03-14 12:31:02 +0100521 if (err)
522 return err;
Jan Kara08991e82017-02-01 09:21:58 +0100523 goto restart;
Jan Kara9dd813c2017-03-14 12:31:02 +0100524 }
Jan Kara0809ab62014-12-12 16:58:36 -0800525
526 /* is mark the first mark? */
Jan Kara9dd813c2017-03-14 12:31:02 +0100527 if (hlist_empty(&conn->list)) {
528 hlist_add_head_rcu(&mark->obj_list, &conn->list);
Jan Kara86ffe242017-03-14 14:29:35 +0100529 goto added;
Jan Kara0809ab62014-12-12 16:58:36 -0800530 }
531
532 /* should mark be in the middle of the current list? */
Jan Kara9dd813c2017-03-14 12:31:02 +0100533 hlist_for_each_entry(lmark, &conn->list, obj_list) {
Jan Kara0809ab62014-12-12 16:58:36 -0800534 last = lmark;
535
Jan Kara6b3f05d2016-12-21 12:15:30 +0100536 if ((lmark->group == mark->group) &&
537 (lmark->flags & FSNOTIFY_MARK_FLAG_ATTACHED) &&
538 !allow_dups) {
Jan Kara755b5bc2017-03-14 16:11:23 +0100539 err = -EEXIST;
540 goto out_err;
541 }
Jan Kara0809ab62014-12-12 16:58:36 -0800542
543 cmp = fsnotify_compare_groups(lmark->group, mark->group);
544 if (cmp >= 0) {
545 hlist_add_before_rcu(&mark->obj_list, &lmark->obj_list);
Jan Kara86ffe242017-03-14 14:29:35 +0100546 goto added;
Jan Kara0809ab62014-12-12 16:58:36 -0800547 }
548 }
549
550 BUG_ON(last == NULL);
551 /* mark should be the last entry. last is the current last entry */
552 hlist_add_behind_rcu(&mark->obj_list, &last->obj_list);
Jan Kara86ffe242017-03-14 14:29:35 +0100553added:
554 mark->connector = conn;
Jan Kara755b5bc2017-03-14 16:11:23 +0100555out_err:
Jan Kara04662ca2017-02-01 08:19:43 +0100556 spin_unlock(&conn->lock);
Jan Kara755b5bc2017-03-14 16:11:23 +0100557 spin_unlock(&mark->lock);
558 return err;
Jan Kara0809ab62014-12-12 16:58:36 -0800559}
560
Jan Kara8edc6e12014-11-13 15:19:33 -0800561/*
Eric Paris5444e292009-12-17 21:24:27 -0500562 * Attach an initialized mark to a given group and fs object.
563 * These marks may be used for the fsnotify backend to determine which
564 * event types should be delivered to which group.
565 */
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200566int fsnotify_add_mark_locked(struct fsnotify_mark *mark,
567 struct fsnotify_group *group, struct inode *inode,
568 struct vfsmount *mnt, int allow_dups)
Eric Paris5444e292009-12-17 21:24:27 -0500569{
570 int ret = 0;
571
Eric Paris5444e292009-12-17 21:24:27 -0500572 BUG_ON(inode && mnt);
573 BUG_ON(!inode && !mnt);
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200574 BUG_ON(!mutex_is_locked(&group->mark_mutex));
Eric Paris5444e292009-12-17 21:24:27 -0500575
576 /*
Eric Paris5444e292009-12-17 21:24:27 -0500577 * LOCKING ORDER!!!!
Lino Sanfilippo986ab092011-06-14 17:29:50 +0200578 * group->mark_mutex
Lino Sanfilippo104d06f2011-06-14 17:29:48 +0200579 * mark->lock
Jan Kara04662ca2017-02-01 08:19:43 +0100580 * mark->connector->lock
Eric Paris5444e292009-12-17 21:24:27 -0500581 */
Lino Sanfilippo104d06f2011-06-14 17:29:48 +0200582 spin_lock(&mark->lock);
Jan Kara4712e7222015-09-04 15:43:12 -0700583 mark->flags |= FSNOTIFY_MARK_FLAG_ALIVE | FSNOTIFY_MARK_FLAG_ATTACHED;
Eric Paris700307a2010-07-28 10:18:38 -0400584
Lino Sanfilippo23e964c2011-06-14 17:29:47 +0200585 fsnotify_get_group(group);
Eric Paris5444e292009-12-17 21:24:27 -0500586 mark->group = group;
587 list_add(&mark->g_list, &group->marks_list);
588 atomic_inc(&group->num_marks);
Jan Kara6b3f05d2016-12-21 12:15:30 +0100589 fsnotify_get_mark(mark); /* for g_list */
Eric Paris5444e292009-12-17 21:24:27 -0500590 spin_unlock(&mark->lock);
591
Jan Kara755b5bc2017-03-14 16:11:23 +0100592 ret = fsnotify_add_mark_list(mark, inode, mnt, allow_dups);
593 if (ret)
594 goto err;
595
Jan Karaa2426772017-03-15 09:16:27 +0100596 if (mark->mask)
597 fsnotify_recalc_mask(mark->connector);
Eric Paris5444e292009-12-17 21:24:27 -0500598
599 return ret;
600err:
Jan Kara11375142016-11-09 14:54:20 +0100601 mark->flags &= ~(FSNOTIFY_MARK_FLAG_ALIVE |
602 FSNOTIFY_MARK_FLAG_ATTACHED);
Eric Paris5444e292009-12-17 21:24:27 -0500603 list_del_init(&mark->g_list);
604 atomic_dec(&group->num_marks);
Eric Paris5444e292009-12-17 21:24:27 -0500605 spin_unlock(&mark->lock);
606
Jan Kara11375142016-11-09 14:54:20 +0100607 fsnotify_put_mark(mark);
Eric Paris5444e292009-12-17 21:24:27 -0500608 return ret;
609}
610
Lino Sanfilippod5a335b2011-06-14 17:29:52 +0200611int fsnotify_add_mark(struct fsnotify_mark *mark, struct fsnotify_group *group,
612 struct inode *inode, struct vfsmount *mnt, int allow_dups)
613{
614 int ret;
615 mutex_lock(&group->mark_mutex);
616 ret = fsnotify_add_mark_locked(mark, group, inode, mnt, allow_dups);
617 mutex_unlock(&group->mark_mutex);
618 return ret;
619}
620
Eric Paris5444e292009-12-17 21:24:27 -0500621/*
Jan Kara0809ab62014-12-12 16:58:36 -0800622 * Given a list of marks, find the mark associated with given group. If found
623 * take a reference to that mark and return it, else return NULL.
624 */
Jan Kara08991e82017-02-01 09:21:58 +0100625struct fsnotify_mark *fsnotify_find_mark(
626 struct fsnotify_mark_connector __rcu **connp,
627 struct fsnotify_group *group)
Jan Kara0809ab62014-12-12 16:58:36 -0800628{
Jan Kara08991e82017-02-01 09:21:58 +0100629 struct fsnotify_mark_connector *conn;
Jan Kara0809ab62014-12-12 16:58:36 -0800630 struct fsnotify_mark *mark;
631
Jan Kara08991e82017-02-01 09:21:58 +0100632 conn = fsnotify_grab_connector(connp);
Jan Kara9dd813c2017-03-14 12:31:02 +0100633 if (!conn)
634 return NULL;
635
636 hlist_for_each_entry(mark, &conn->list, obj_list) {
Jan Kara6b3f05d2016-12-21 12:15:30 +0100637 if (mark->group == group &&
638 (mark->flags & FSNOTIFY_MARK_FLAG_ATTACHED)) {
Jan Kara0809ab62014-12-12 16:58:36 -0800639 fsnotify_get_mark(mark);
Jan Kara04662ca2017-02-01 08:19:43 +0100640 spin_unlock(&conn->lock);
Jan Kara0809ab62014-12-12 16:58:36 -0800641 return mark;
642 }
643 }
Jan Kara04662ca2017-02-01 08:19:43 +0100644 spin_unlock(&conn->lock);
Jan Kara0809ab62014-12-12 16:58:36 -0800645 return NULL;
646}
647
Jan Kara18f2e0d2017-01-04 10:33:18 +0100648/* Clear any marks in a group with given type */
649void fsnotify_clear_marks_by_group(struct fsnotify_group *group,
650 unsigned int type)
Eric Paris5444e292009-12-17 21:24:27 -0500651{
652 struct fsnotify_mark *lmark, *mark;
Jan Kara8f2f3eb2015-08-06 15:46:42 -0700653 LIST_HEAD(to_free);
Eric Paris5444e292009-12-17 21:24:27 -0500654
Jan Kara8f2f3eb2015-08-06 15:46:42 -0700655 /*
656 * We have to be really careful here. Anytime we drop mark_mutex, e.g.
657 * fsnotify_clear_marks_by_inode() can come and free marks. Even in our
658 * to_free list so we have to use mark_mutex even when accessing that
659 * list. And freeing mark requires us to drop mark_mutex. So we can
660 * reliably free only the first mark in the list. That's why we first
661 * move marks to free to to_free list in one go and then free marks in
662 * to_free list one by one.
663 */
Lino Sanfilippo6960b0d2011-08-12 01:13:31 +0200664 mutex_lock_nested(&group->mark_mutex, SINGLE_DEPTH_NESTING);
Eric Paris5444e292009-12-17 21:24:27 -0500665 list_for_each_entry_safe(mark, lmark, &group->marks_list, g_list) {
Jan Kara18f2e0d2017-01-04 10:33:18 +0100666 if (mark->connector->flags & type)
Jan Kara8f2f3eb2015-08-06 15:46:42 -0700667 list_move(&mark->g_list, &to_free);
Eric Paris5444e292009-12-17 21:24:27 -0500668 }
Lino Sanfilippo986ab092011-06-14 17:29:50 +0200669 mutex_unlock(&group->mark_mutex);
Jan Kara8f2f3eb2015-08-06 15:46:42 -0700670
671 while (1) {
672 mutex_lock_nested(&group->mark_mutex, SINGLE_DEPTH_NESTING);
673 if (list_empty(&to_free)) {
674 mutex_unlock(&group->mark_mutex);
675 break;
676 }
677 mark = list_first_entry(&to_free, struct fsnotify_mark, g_list);
678 fsnotify_get_mark(mark);
Jan Kara4712e7222015-09-04 15:43:12 -0700679 fsnotify_detach_mark(mark);
Jan Kara8f2f3eb2015-08-06 15:46:42 -0700680 mutex_unlock(&group->mark_mutex);
Jan Kara4712e7222015-09-04 15:43:12 -0700681 fsnotify_free_mark(mark);
Jan Kara8f2f3eb2015-08-06 15:46:42 -0700682 fsnotify_put_mark(mark);
683 }
Eric Paris5444e292009-12-17 21:24:27 -0500684}
685
Eric Paris4d926042009-12-17 21:24:34 -0500686/*
Jan Kara35e48172016-05-19 17:08:59 -0700687 * Given a group, prepare for freeing all the marks associated with that group.
688 * The marks are attached to the list of marks prepared for destruction, the
689 * caller is responsible for freeing marks in that list after SRCU period has
690 * ended.
Eric Paris4d926042009-12-17 21:24:34 -0500691 */
Jan Kara35e48172016-05-19 17:08:59 -0700692void fsnotify_detach_group_marks(struct fsnotify_group *group)
Eric Paris4d926042009-12-17 21:24:34 -0500693{
Jan Kara35e48172016-05-19 17:08:59 -0700694 struct fsnotify_mark *mark;
695
696 while (1) {
697 mutex_lock_nested(&group->mark_mutex, SINGLE_DEPTH_NESTING);
698 if (list_empty(&group->marks_list)) {
699 mutex_unlock(&group->mark_mutex);
700 break;
701 }
702 mark = list_first_entry(&group->marks_list,
703 struct fsnotify_mark, g_list);
704 fsnotify_get_mark(mark);
705 fsnotify_detach_mark(mark);
706 mutex_unlock(&group->mark_mutex);
Jan Kara11375142016-11-09 14:54:20 +0100707 fsnotify_free_mark(mark);
Jan Kara35e48172016-05-19 17:08:59 -0700708 fsnotify_put_mark(mark);
709 }
Jan Karaabc77572016-11-10 16:02:11 +0100710 /*
711 * Some marks can still be pinned when waiting for response from
712 * userspace. Wait for those now. fsnotify_prepare_user_wait() will
713 * not succeed now so this wait is race-free.
714 */
715 wait_event(group->notification_waitq, !atomic_read(&group->user_waits));
Eric Paris4d926042009-12-17 21:24:34 -0500716}
717
Jan Kara08991e82017-02-01 09:21:58 +0100718/* Destroy all marks attached to inode / vfsmount */
719void fsnotify_destroy_marks(struct fsnotify_mark_connector __rcu **connp)
Jan Kara0810b4f2017-02-01 09:23:48 +0100720{
Jan Kara08991e82017-02-01 09:21:58 +0100721 struct fsnotify_mark_connector *conn;
Jan Kara6b3f05d2016-12-21 12:15:30 +0100722 struct fsnotify_mark *mark, *old_mark = NULL;
723 struct inode *inode;
Jan Kara0810b4f2017-02-01 09:23:48 +0100724
Jan Kara6b3f05d2016-12-21 12:15:30 +0100725 conn = fsnotify_grab_connector(connp);
726 if (!conn)
727 return;
728 /*
729 * We have to be careful since we can race with e.g.
730 * fsnotify_clear_marks_by_group() and once we drop the conn->lock, the
731 * list can get modified. However we are holding mark reference and
732 * thus our mark cannot be removed from obj_list so we can continue
733 * iteration after regaining conn->lock.
734 */
735 hlist_for_each_entry(mark, &conn->list, obj_list) {
Jan Kara0810b4f2017-02-01 09:23:48 +0100736 fsnotify_get_mark(mark);
Jan Kara04662ca2017-02-01 08:19:43 +0100737 spin_unlock(&conn->lock);
Jan Kara6b3f05d2016-12-21 12:15:30 +0100738 if (old_mark)
739 fsnotify_put_mark(old_mark);
740 old_mark = mark;
Jan Kara0810b4f2017-02-01 09:23:48 +0100741 fsnotify_destroy_mark(mark, mark->group);
Jan Kara6b3f05d2016-12-21 12:15:30 +0100742 spin_lock(&conn->lock);
Jan Kara0810b4f2017-02-01 09:23:48 +0100743 }
Jan Kara6b3f05d2016-12-21 12:15:30 +0100744 /*
745 * Detach list from object now so that we don't pin inode until all
746 * mark references get dropped. It would lead to strange results such
747 * as delaying inode deletion or blocking unmount.
748 */
749 inode = fsnotify_detach_connector_from_object(conn);
750 spin_unlock(&conn->lock);
751 if (old_mark)
752 fsnotify_put_mark(old_mark);
753 iput(inode);
Jan Kara0810b4f2017-02-01 09:23:48 +0100754}
755
Eric Paris5444e292009-12-17 21:24:27 -0500756/*
757 * Nothing fancy, just initialize lists and locks and counters.
758 */
759void fsnotify_init_mark(struct fsnotify_mark *mark,
760 void (*free_mark)(struct fsnotify_mark *mark))
761{
Eric Parisba643f02009-12-17 21:24:27 -0500762 memset(mark, 0, sizeof(*mark));
Eric Paris5444e292009-12-17 21:24:27 -0500763 spin_lock_init(&mark->lock);
764 atomic_set(&mark->refcnt, 1);
Eric Paris5444e292009-12-17 21:24:27 -0500765 mark->free_mark = free_mark;
766}
Jeff Layton13d34ac2016-02-17 13:11:18 -0800767
Jan Kara35e48172016-05-19 17:08:59 -0700768/*
769 * Destroy all marks in destroy_list, waits for SRCU period to finish before
770 * actually freeing marks.
771 */
Jan Karaf09b04a2016-12-21 14:48:18 +0100772static void fsnotify_mark_destroy_workfn(struct work_struct *work)
Jeff Layton13d34ac2016-02-17 13:11:18 -0800773{
774 struct fsnotify_mark *mark, *next;
775 struct list_head private_destroy_list;
776
Jeff Layton0918f1c2016-02-17 13:11:21 -0800777 spin_lock(&destroy_lock);
778 /* exchange the list head */
779 list_replace_init(&destroy_list, &private_destroy_list);
780 spin_unlock(&destroy_lock);
Jeff Layton13d34ac2016-02-17 13:11:18 -0800781
Jeff Layton0918f1c2016-02-17 13:11:21 -0800782 synchronize_srcu(&fsnotify_mark_srcu);
Jeff Layton13d34ac2016-02-17 13:11:18 -0800783
Jeff Layton0918f1c2016-02-17 13:11:21 -0800784 list_for_each_entry_safe(mark, next, &private_destroy_list, g_list) {
785 list_del_init(&mark->g_list);
Jan Kara6b3f05d2016-12-21 12:15:30 +0100786 fsnotify_final_mark_destroy(mark);
Jeff Layton13d34ac2016-02-17 13:11:18 -0800787 }
Jeff Layton13d34ac2016-02-17 13:11:18 -0800788}
Jan Kara35e48172016-05-19 17:08:59 -0700789
Jan Karaf09b04a2016-12-21 14:48:18 +0100790/* Wait for all marks queued for destruction to be actually destroyed */
791void fsnotify_wait_marks_destroyed(void)
Jan Kara35e48172016-05-19 17:08:59 -0700792{
Jan Karaf09b04a2016-12-21 14:48:18 +0100793 flush_delayed_work(&reaper_work);
Jan Kara35e48172016-05-19 17:08:59 -0700794}