Thomas Gleixner | 457c899 | 2019-05-19 13:08:55 +0100 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0-only |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 2 | /* |
| 3 | * linux/fs/open.c |
| 4 | * |
| 5 | * Copyright (C) 1991, 1992 Linus Torvalds |
| 6 | */ |
| 7 | |
| 8 | #include <linux/string.h> |
| 9 | #include <linux/mm.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 10 | #include <linux/file.h> |
Al Viro | 9f3acc3 | 2008-04-24 07:44:08 -0400 | [diff] [blame] | 11 | #include <linux/fdtable.h> |
Robert Love | 0eeca28 | 2005-07-12 17:06:03 -0400 | [diff] [blame] | 12 | #include <linux/fsnotify.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 13 | #include <linux/module.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 14 | #include <linux/tty.h> |
| 15 | #include <linux/namei.h> |
| 16 | #include <linux/backing-dev.h> |
Randy Dunlap | 16f7e0f | 2006-01-11 12:17:46 -0800 | [diff] [blame] | 17 | #include <linux/capability.h> |
Andrew G. Morgan | 086f731 | 2008-07-04 09:59:58 -0700 | [diff] [blame] | 18 | #include <linux/securebits.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 19 | #include <linux/security.h> |
| 20 | #include <linux/mount.h> |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 21 | #include <linux/fcntl.h> |
Tejun Heo | 5a0e3ad | 2010-03-24 17:04:11 +0900 | [diff] [blame] | 22 | #include <linux/slab.h> |
Linus Torvalds | 7c0f6ba | 2016-12-24 11:46:01 -0800 | [diff] [blame] | 23 | #include <linux/uaccess.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 24 | #include <linux/fs.h> |
Yoav Zach | ef3daed | 2005-06-23 00:09:58 -0700 | [diff] [blame] | 25 | #include <linux/personality.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 26 | #include <linux/pagemap.h> |
| 27 | #include <linux/syscalls.h> |
Dipankar Sarma | ab2af1f | 2005-09-09 13:04:13 -0700 | [diff] [blame] | 28 | #include <linux/rcupdate.h> |
Amy Griffis | 73241cc | 2005-11-03 16:00:25 +0000 | [diff] [blame] | 29 | #include <linux/audit.h> |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 30 | #include <linux/falloc.h> |
Al Viro | 5ad4e53 | 2009-03-29 19:50:06 -0400 | [diff] [blame] | 31 | #include <linux/fs_struct.h> |
Al Viro | b65a9cf | 2009-12-16 06:27:40 -0500 | [diff] [blame] | 32 | #include <linux/ima.h> |
Eric Paris | 2dfc1ca | 2009-12-17 20:30:52 -0500 | [diff] [blame] | 33 | #include <linux/dnotify.h> |
Al Viro | 3f6d078 | 2013-02-24 13:49:08 -0500 | [diff] [blame] | 34 | #include <linux/compat.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 35 | |
Eric Paris | e81e3f4 | 2009-12-04 15:47:36 -0500 | [diff] [blame] | 36 | #include "internal.h" |
| 37 | |
NeilBrown | 4a30131 | 2006-01-08 01:02:39 -0800 | [diff] [blame] | 38 | int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs, |
| 39 | struct file *filp) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 40 | { |
Amerigo Wang | 939a942 | 2009-08-20 19:29:03 -0700 | [diff] [blame] | 41 | int ret; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 42 | struct iattr newattrs; |
| 43 | |
| 44 | /* Not pretty: "inode->i_size" shouldn't really be signed. But it is. */ |
| 45 | if (length < 0) |
| 46 | return -EINVAL; |
| 47 | |
| 48 | newattrs.ia_size = length; |
NeilBrown | 4a30131 | 2006-01-08 01:02:39 -0800 | [diff] [blame] | 49 | newattrs.ia_valid = ATTR_SIZE | time_attrs; |
Miklos Szeredi | cc4e69d | 2005-11-07 00:59:49 -0800 | [diff] [blame] | 50 | if (filp) { |
| 51 | newattrs.ia_file = filp; |
| 52 | newattrs.ia_valid |= ATTR_FILE; |
| 53 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 54 | |
Jan Kara | 45f147a | 2015-05-21 16:05:55 +0200 | [diff] [blame] | 55 | /* Remove suid, sgid, and file capabilities on truncate too */ |
| 56 | ret = dentry_needs_remove_privs(dentry); |
| 57 | if (ret < 0) |
| 58 | return ret; |
Amerigo Wang | 939a942 | 2009-08-20 19:29:03 -0700 | [diff] [blame] | 59 | if (ret) |
| 60 | newattrs.ia_valid |= ret | ATTR_FORCE; |
Linus Torvalds | 7b82dc0 | 2007-05-08 20:10:00 -0700 | [diff] [blame] | 61 | |
Al Viro | 5955102 | 2016-01-22 15:40:57 -0500 | [diff] [blame] | 62 | inode_lock(dentry->d_inode); |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 63 | /* Note any delegations or leases have already been broken: */ |
| 64 | ret = notify_change(dentry, &newattrs, NULL); |
Al Viro | 5955102 | 2016-01-22 15:40:57 -0500 | [diff] [blame] | 65 | inode_unlock(dentry->d_inode); |
Amerigo Wang | 939a942 | 2009-08-20 19:29:03 -0700 | [diff] [blame] | 66 | return ret; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 67 | } |
| 68 | |
Al Viro | 7df818b | 2016-03-25 14:24:09 -0400 | [diff] [blame] | 69 | long vfs_truncate(const struct path *path, loff_t length) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 70 | { |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 71 | struct inode *inode; |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 72 | long error; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 73 | |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 74 | inode = path->dentry->d_inode; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 75 | |
| 76 | /* For directories it's -EISDIR, for other non-regulars - -EINVAL */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 77 | if (S_ISDIR(inode->i_mode)) |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 78 | return -EISDIR; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 79 | if (!S_ISREG(inode->i_mode)) |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 80 | return -EINVAL; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 81 | |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 82 | error = mnt_want_write(path->mnt); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 83 | if (error) |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 84 | goto out; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 85 | |
Al Viro | 256984a | 2008-07-22 08:09:30 -0400 | [diff] [blame] | 86 | error = inode_permission(inode, MAY_WRITE); |
Dave Hansen | 9ac9b84 | 2008-02-15 14:37:52 -0800 | [diff] [blame] | 87 | if (error) |
| 88 | goto mnt_drop_write_and_out; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 89 | |
| 90 | error = -EPERM; |
Miklos Szeredi | c82e42d | 2008-06-24 16:50:12 +0200 | [diff] [blame] | 91 | if (IS_APPEND(inode)) |
Dave Hansen | 9ac9b84 | 2008-02-15 14:37:52 -0800 | [diff] [blame] | 92 | goto mnt_drop_write_and_out; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 93 | |
Miklos Szeredi | 8cf9ee5 | 2018-07-18 15:44:43 +0200 | [diff] [blame] | 94 | error = get_write_access(inode); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 95 | if (error) |
Dave Hansen | 9ac9b84 | 2008-02-15 14:37:52 -0800 | [diff] [blame] | 96 | goto mnt_drop_write_and_out; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 97 | |
david m. richter | 9700382 | 2007-07-31 00:39:12 -0700 | [diff] [blame] | 98 | /* |
| 99 | * Make sure that there are no leases. get_write_access() protects |
| 100 | * against the truncate racing with a lease-granting setlease(). |
| 101 | */ |
Al Viro | 8737c93 | 2009-12-24 06:47:55 -0500 | [diff] [blame] | 102 | error = break_lease(inode, O_WRONLY); |
david m. richter | 9700382 | 2007-07-31 00:39:12 -0700 | [diff] [blame] | 103 | if (error) |
| 104 | goto put_write_and_out; |
| 105 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 106 | error = locks_verify_truncate(inode, NULL, length); |
Kentaro Takeda | be6d3e5 | 2008-12-17 13:24:15 +0900 | [diff] [blame] | 107 | if (!error) |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 108 | error = security_path_truncate(path); |
Christoph Hellwig | 907f455 | 2010-03-03 09:05:06 -0500 | [diff] [blame] | 109 | if (!error) |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 110 | error = do_truncate(path->dentry, length, 0, NULL); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 111 | |
david m. richter | 9700382 | 2007-07-31 00:39:12 -0700 | [diff] [blame] | 112 | put_write_and_out: |
Miklos Szeredi | 8cf9ee5 | 2018-07-18 15:44:43 +0200 | [diff] [blame] | 113 | put_write_access(inode); |
Dave Hansen | 9ac9b84 | 2008-02-15 14:37:52 -0800 | [diff] [blame] | 114 | mnt_drop_write_and_out: |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 115 | mnt_drop_write(path->mnt); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 116 | out: |
| 117 | return error; |
| 118 | } |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 119 | EXPORT_SYMBOL_GPL(vfs_truncate); |
| 120 | |
Dominik Brodowski | df260e2 | 2018-03-19 17:32:11 +0100 | [diff] [blame] | 121 | long do_sys_truncate(const char __user *pathname, loff_t length) |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 122 | { |
Jeff Layton | 48f7530 | 2012-12-11 12:10:11 -0500 | [diff] [blame] | 123 | unsigned int lookup_flags = LOOKUP_FOLLOW; |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 124 | struct path path; |
| 125 | int error; |
| 126 | |
| 127 | if (length < 0) /* sorry, but loff_t says... */ |
| 128 | return -EINVAL; |
| 129 | |
Jeff Layton | 48f7530 | 2012-12-11 12:10:11 -0500 | [diff] [blame] | 130 | retry: |
| 131 | error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 132 | if (!error) { |
| 133 | error = vfs_truncate(&path, length); |
| 134 | path_put(&path); |
| 135 | } |
Jeff Layton | 48f7530 | 2012-12-11 12:10:11 -0500 | [diff] [blame] | 136 | if (retry_estale(error, lookup_flags)) { |
| 137 | lookup_flags |= LOOKUP_REVAL; |
| 138 | goto retry; |
| 139 | } |
David Howells | a02de96 | 2012-12-20 21:52:36 +0000 | [diff] [blame] | 140 | return error; |
| 141 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 142 | |
Heiko Carstens | 4fd8da8 | 2009-09-23 17:49:55 +0200 | [diff] [blame] | 143 | SYSCALL_DEFINE2(truncate, const char __user *, path, long, length) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 144 | { |
Heiko Carstens | 4fd8da8 | 2009-09-23 17:49:55 +0200 | [diff] [blame] | 145 | return do_sys_truncate(path, length); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 146 | } |
| 147 | |
Al Viro | 3f6d078 | 2013-02-24 13:49:08 -0500 | [diff] [blame] | 148 | #ifdef CONFIG_COMPAT |
| 149 | COMPAT_SYSCALL_DEFINE2(truncate, const char __user *, path, compat_off_t, length) |
| 150 | { |
| 151 | return do_sys_truncate(path, length); |
| 152 | } |
| 153 | #endif |
| 154 | |
Dominik Brodowski | 411d947 | 2018-03-11 11:34:54 +0100 | [diff] [blame] | 155 | long do_sys_ftruncate(unsigned int fd, loff_t length, int small) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 156 | { |
Al Viro | bf2965d | 2012-08-26 20:13:36 -0400 | [diff] [blame] | 157 | struct inode *inode; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 158 | struct dentry *dentry; |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 159 | struct fd f; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 160 | int error; |
| 161 | |
| 162 | error = -EINVAL; |
| 163 | if (length < 0) |
| 164 | goto out; |
| 165 | error = -EBADF; |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 166 | f = fdget(fd); |
| 167 | if (!f.file) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 168 | goto out; |
| 169 | |
| 170 | /* explicitly opened as large or we are on 64-bit box */ |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 171 | if (f.file->f_flags & O_LARGEFILE) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 172 | small = 0; |
| 173 | |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 174 | dentry = f.file->f_path.dentry; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 175 | inode = dentry->d_inode; |
| 176 | error = -EINVAL; |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 177 | if (!S_ISREG(inode->i_mode) || !(f.file->f_mode & FMODE_WRITE)) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 178 | goto out_putf; |
| 179 | |
| 180 | error = -EINVAL; |
| 181 | /* Cannot ftruncate over 2^31 bytes without large file support */ |
| 182 | if (small && length > MAX_NON_LFS) |
| 183 | goto out_putf; |
| 184 | |
| 185 | error = -EPERM; |
Amir Goldstein | 78757af | 2017-04-08 14:49:06 +0300 | [diff] [blame] | 186 | /* Check IS_APPEND on real upper inode */ |
| 187 | if (IS_APPEND(file_inode(f.file))) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 188 | goto out_putf; |
| 189 | |
Jan Kara | 14da920 | 2012-06-12 16:20:37 +0200 | [diff] [blame] | 190 | sb_start_write(inode->i_sb); |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 191 | error = locks_verify_truncate(inode, f.file, length); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 192 | if (!error) |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 193 | error = security_path_truncate(&f.file->f_path); |
Kentaro Takeda | be6d3e5 | 2008-12-17 13:24:15 +0900 | [diff] [blame] | 194 | if (!error) |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 195 | error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, f.file); |
Jan Kara | 14da920 | 2012-06-12 16:20:37 +0200 | [diff] [blame] | 196 | sb_end_write(inode->i_sb); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 197 | out_putf: |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 198 | fdput(f); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 199 | out: |
| 200 | return error; |
| 201 | } |
| 202 | |
Heiko Carstens | bdc480e | 2009-01-14 14:14:12 +0100 | [diff] [blame] | 203 | SYSCALL_DEFINE2(ftruncate, unsigned int, fd, unsigned long, length) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 204 | { |
Al Viro | 2cf0966 | 2013-01-21 15:25:54 -0500 | [diff] [blame] | 205 | return do_sys_ftruncate(fd, length, 1); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 206 | } |
| 207 | |
Al Viro | 3f6d078 | 2013-02-24 13:49:08 -0500 | [diff] [blame] | 208 | #ifdef CONFIG_COMPAT |
| 209 | COMPAT_SYSCALL_DEFINE2(ftruncate, unsigned int, fd, compat_ulong_t, length) |
| 210 | { |
| 211 | return do_sys_ftruncate(fd, length, 1); |
| 212 | } |
| 213 | #endif |
| 214 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 215 | /* LFS versions of truncate are only needed on 32 bit machines */ |
| 216 | #if BITS_PER_LONG == 32 |
Al Viro | 4a0fd5b | 2013-01-21 15:16:58 -0500 | [diff] [blame] | 217 | SYSCALL_DEFINE2(truncate64, const char __user *, path, loff_t, length) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 218 | { |
| 219 | return do_sys_truncate(path, length); |
| 220 | } |
| 221 | |
Al Viro | 4a0fd5b | 2013-01-21 15:16:58 -0500 | [diff] [blame] | 222 | SYSCALL_DEFINE2(ftruncate64, unsigned int, fd, loff_t, length) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 223 | { |
Al Viro | 2cf0966 | 2013-01-21 15:25:54 -0500 | [diff] [blame] | 224 | return do_sys_ftruncate(fd, length, 0); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 225 | } |
Heiko Carstens | 6673e0c | 2009-01-14 14:14:02 +0100 | [diff] [blame] | 226 | #endif /* BITS_PER_LONG == 32 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 227 | |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 228 | |
Anna Schumaker | 72c72bd | 2014-11-07 14:44:25 -0500 | [diff] [blame] | 229 | int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 230 | { |
Al Viro | 496ad9a | 2013-01-23 17:07:38 -0500 | [diff] [blame] | 231 | struct inode *inode = file_inode(file); |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 232 | long ret; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 233 | |
| 234 | if (offset < 0 || len <= 0) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 235 | return -EINVAL; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 236 | |
| 237 | /* Return error if mode is not supported */ |
Namjae Jeon | dd46c78 | 2015-03-25 15:07:05 +1100 | [diff] [blame] | 238 | if (mode & ~FALLOC_FL_SUPPORTED_MASK) |
Lukas Czerner | 409332b | 2014-03-13 19:07:42 +1100 | [diff] [blame] | 239 | return -EOPNOTSUPP; |
| 240 | |
| 241 | /* Punch hole and zero range are mutually exclusive */ |
| 242 | if ((mode & (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_ZERO_RANGE)) == |
| 243 | (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_ZERO_RANGE)) |
Josef Bacik | 79124f18 | 2010-11-17 20:46:15 -0500 | [diff] [blame] | 244 | return -EOPNOTSUPP; |
| 245 | |
| 246 | /* Punch hole must have keep size set */ |
| 247 | if ((mode & FALLOC_FL_PUNCH_HOLE) && |
| 248 | !(mode & FALLOC_FL_KEEP_SIZE)) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 249 | return -EOPNOTSUPP; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 250 | |
Namjae Jeon | 00f5e61 | 2014-02-24 10:58:15 +1100 | [diff] [blame] | 251 | /* Collapse range should only be used exclusively. */ |
| 252 | if ((mode & FALLOC_FL_COLLAPSE_RANGE) && |
| 253 | (mode & ~FALLOC_FL_COLLAPSE_RANGE)) |
| 254 | return -EINVAL; |
| 255 | |
Namjae Jeon | dd46c78 | 2015-03-25 15:07:05 +1100 | [diff] [blame] | 256 | /* Insert range should only be used exclusively. */ |
| 257 | if ((mode & FALLOC_FL_INSERT_RANGE) && |
| 258 | (mode & ~FALLOC_FL_INSERT_RANGE)) |
| 259 | return -EINVAL; |
| 260 | |
Darrick J. Wong | 71be6b4 | 2016-10-03 09:11:14 -0700 | [diff] [blame] | 261 | /* Unshare range should only be used with allocate mode. */ |
| 262 | if ((mode & FALLOC_FL_UNSHARE_RANGE) && |
| 263 | (mode & ~(FALLOC_FL_UNSHARE_RANGE | FALLOC_FL_KEEP_SIZE))) |
| 264 | return -EINVAL; |
| 265 | |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 266 | if (!(file->f_mode & FMODE_WRITE)) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 267 | return -EBADF; |
Marco Stornelli | 1ca551c | 2011-03-05 11:10:19 +0100 | [diff] [blame] | 268 | |
Namjae Jeon | 00f5e61 | 2014-02-24 10:58:15 +1100 | [diff] [blame] | 269 | /* |
Lukas Czerner | 8fc61d9 | 2014-04-12 09:51:34 -0400 | [diff] [blame] | 270 | * We can only allow pure fallocate on append only files |
Namjae Jeon | 00f5e61 | 2014-02-24 10:58:15 +1100 | [diff] [blame] | 271 | */ |
Lukas Czerner | 8fc61d9 | 2014-04-12 09:51:34 -0400 | [diff] [blame] | 272 | if ((mode & ~FALLOC_FL_KEEP_SIZE) && IS_APPEND(inode)) |
Marco Stornelli | 1ca551c | 2011-03-05 11:10:19 +0100 | [diff] [blame] | 273 | return -EPERM; |
| 274 | |
| 275 | if (IS_IMMUTABLE(inode)) |
| 276 | return -EPERM; |
| 277 | |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 278 | /* |
Eric Biggers | 6d2b617 | 2014-06-24 23:45:08 -0500 | [diff] [blame] | 279 | * We cannot allow any fallocate operation on an active swapfile |
Lukas Czerner | 0790b31 | 2014-04-12 10:05:37 -0400 | [diff] [blame] | 280 | */ |
| 281 | if (IS_SWAPFILE(inode)) |
Eric Biggers | 6d2b617 | 2014-06-24 23:45:08 -0500 | [diff] [blame] | 282 | return -ETXTBSY; |
Lukas Czerner | 0790b31 | 2014-04-12 10:05:37 -0400 | [diff] [blame] | 283 | |
| 284 | /* |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 285 | * Revalidate the write permissions, in case security policy has |
| 286 | * changed since the files were opened. |
| 287 | */ |
| 288 | ret = security_file_permission(file, MAY_WRITE); |
| 289 | if (ret) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 290 | return ret; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 291 | |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 292 | if (S_ISFIFO(inode->i_mode)) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 293 | return -ESPIPE; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 294 | |
Amir Goldstein | 9e79b13 | 2017-01-31 10:34:55 +0200 | [diff] [blame] | 295 | if (S_ISDIR(inode->i_mode)) |
| 296 | return -EISDIR; |
| 297 | |
| 298 | if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode)) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 299 | return -ENODEV; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 300 | |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 301 | /* Check for wrap through zero too */ |
| 302 | if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 303 | return -EFBIG; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 304 | |
Christoph Hellwig | 2fe17c1 | 2011-01-14 13:07:43 +0100 | [diff] [blame] | 305 | if (!file->f_op->fallocate) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 306 | return -EOPNOTSUPP; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 307 | |
Amir Goldstein | bfe219d | 2017-01-31 10:34:57 +0200 | [diff] [blame] | 308 | file_start_write(file); |
Jan Kara | 14da920 | 2012-06-12 16:20:37 +0200 | [diff] [blame] | 309 | ret = file->f_op->fallocate(file, mode, offset, len); |
Heinrich Schuchardt | 820c12d | 2014-12-12 16:58:34 -0800 | [diff] [blame] | 310 | |
| 311 | /* |
| 312 | * Create inotify and fanotify events. |
| 313 | * |
| 314 | * To keep the logic simple always create events if fallocate succeeds. |
| 315 | * This implies that events are even created if the file size remains |
| 316 | * unchanged, e.g. when using flag FALLOC_FL_KEEP_SIZE. |
| 317 | */ |
| 318 | if (ret == 0) |
| 319 | fsnotify_modify(file); |
| 320 | |
Amir Goldstein | bfe219d | 2017-01-31 10:34:57 +0200 | [diff] [blame] | 321 | file_end_write(file); |
Jan Kara | 14da920 | 2012-06-12 16:20:37 +0200 | [diff] [blame] | 322 | return ret; |
Amit Arora | 97ac735 | 2007-07-17 21:42:44 -0400 | [diff] [blame] | 323 | } |
Anna Schumaker | 72c72bd | 2014-11-07 14:44:25 -0500 | [diff] [blame] | 324 | EXPORT_SYMBOL_GPL(vfs_fallocate); |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 325 | |
Dominik Brodowski | edf292c | 2018-03-19 17:46:32 +0100 | [diff] [blame] | 326 | int ksys_fallocate(int fd, int mode, loff_t offset, loff_t len) |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 327 | { |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 328 | struct fd f = fdget(fd); |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 329 | int error = -EBADF; |
| 330 | |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 331 | if (f.file) { |
Anna Schumaker | 72c72bd | 2014-11-07 14:44:25 -0500 | [diff] [blame] | 332 | error = vfs_fallocate(f.file, mode, offset, len); |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 333 | fdput(f); |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 334 | } |
Ankit Jain | 3e63cbb | 2009-06-19 14:28:07 -0400 | [diff] [blame] | 335 | return error; |
| 336 | } |
| 337 | |
Dominik Brodowski | edf292c | 2018-03-19 17:46:32 +0100 | [diff] [blame] | 338 | SYSCALL_DEFINE4(fallocate, int, fd, int, mode, loff_t, offset, loff_t, len) |
| 339 | { |
| 340 | return ksys_fallocate(fd, mode, offset, len); |
| 341 | } |
| 342 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 343 | /* |
| 344 | * access() needs to use the real uid/gid, not the effective uid/gid. |
| 345 | * We do this by temporarily clearing all FS-related capabilities and |
| 346 | * switching the fsuid/fsgid around to the real ones. |
| 347 | */ |
Dominik Brodowski | cbfe20f | 2018-03-11 11:34:54 +0100 | [diff] [blame] | 348 | long do_faccessat(int dfd, const char __user *filename, int mode) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 349 | { |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 350 | const struct cred *old_cred; |
| 351 | struct cred *override_cred; |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 352 | struct path path; |
Al Viro | 256984a | 2008-07-22 08:09:30 -0400 | [diff] [blame] | 353 | struct inode *inode; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 354 | int res; |
Jeff Layton | 87fa559 | 2012-12-11 12:10:11 -0500 | [diff] [blame] | 355 | unsigned int lookup_flags = LOOKUP_FOLLOW; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 356 | |
| 357 | if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */ |
| 358 | return -EINVAL; |
| 359 | |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 360 | override_cred = prepare_creds(); |
| 361 | if (!override_cred) |
| 362 | return -ENOMEM; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 363 | |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 364 | override_cred->fsuid = override_cred->uid; |
| 365 | override_cred->fsgid = override_cred->gid; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 366 | |
Andrew G. Morgan | 086f731 | 2008-07-04 09:59:58 -0700 | [diff] [blame] | 367 | if (!issecure(SECURE_NO_SETUID_FIXUP)) { |
David Howells | 1cdcbec | 2008-11-14 10:39:14 +1100 | [diff] [blame] | 368 | /* Clear the capabilities if we switch to a non-root user */ |
Eric W. Biederman | 18815a1 | 2012-02-07 16:45:47 -0800 | [diff] [blame] | 369 | kuid_t root_uid = make_kuid(override_cred->user_ns, 0); |
| 370 | if (!uid_eq(override_cred->uid, root_uid)) |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 371 | cap_clear(override_cred->cap_effective); |
Andrew G. Morgan | 086f731 | 2008-07-04 09:59:58 -0700 | [diff] [blame] | 372 | else |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 373 | override_cred->cap_effective = |
| 374 | override_cred->cap_permitted; |
Andrew G. Morgan | 086f731 | 2008-07-04 09:59:58 -0700 | [diff] [blame] | 375 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 376 | |
Linus Torvalds | d7852fb | 2019-07-11 09:54:40 -0700 | [diff] [blame] | 377 | /* |
| 378 | * The new set of credentials can *only* be used in |
| 379 | * task-synchronous circumstances, and does not need |
| 380 | * RCU freeing, unless somebody then takes a separate |
| 381 | * reference to it. |
| 382 | * |
| 383 | * NOTE! This is _only_ true because this credential |
| 384 | * is used purely for override_creds() that installs |
| 385 | * it as the subjective cred. Other threads will be |
| 386 | * accessing ->real_cred, not the subjective cred. |
| 387 | * |
| 388 | * If somebody _does_ make a copy of this (using the |
| 389 | * 'get_current_cred()' function), that will clear the |
| 390 | * non_rcu field, because now that other user may be |
| 391 | * expecting RCU freeing. But normal thread-synchronous |
| 392 | * cred accesses will keep things non-RCY. |
| 393 | */ |
| 394 | override_cred->non_rcu = 1; |
| 395 | |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 396 | old_cred = override_creds(override_cred); |
Jeff Layton | 87fa559 | 2012-12-11 12:10:11 -0500 | [diff] [blame] | 397 | retry: |
| 398 | res = user_path_at(dfd, filename, lookup_flags, &path); |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 399 | if (res) |
| 400 | goto out; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 401 | |
David Howells | 63afdfc | 2015-05-06 15:59:00 +0100 | [diff] [blame] | 402 | inode = d_backing_inode(path.dentry); |
Al Viro | 256984a | 2008-07-22 08:09:30 -0400 | [diff] [blame] | 403 | |
| 404 | if ((mode & MAY_EXEC) && S_ISREG(inode->i_mode)) { |
Al Viro | 3052447 | 2008-07-22 00:02:33 -0400 | [diff] [blame] | 405 | /* |
| 406 | * MAY_EXEC on regular files is denied if the fs is mounted |
| 407 | * with the "noexec" flag. |
| 408 | */ |
| 409 | res = -EACCES; |
Eric W. Biederman | 90f8572 | 2015-06-29 14:42:03 -0500 | [diff] [blame] | 410 | if (path_noexec(&path)) |
Al Viro | 3052447 | 2008-07-22 00:02:33 -0400 | [diff] [blame] | 411 | goto out_path_release; |
| 412 | } |
| 413 | |
Al Viro | 256984a | 2008-07-22 08:09:30 -0400 | [diff] [blame] | 414 | res = inode_permission(inode, mode | MAY_ACCESS); |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 415 | /* SuS v2 requires we report a read only fs too */ |
Al Viro | 256984a | 2008-07-22 08:09:30 -0400 | [diff] [blame] | 416 | if (res || !(mode & S_IWOTH) || special_file(inode->i_mode)) |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 417 | goto out_path_release; |
Dave Hansen | 2f676cb | 2008-02-15 14:37:55 -0800 | [diff] [blame] | 418 | /* |
| 419 | * This is a rare case where using __mnt_is_readonly() |
| 420 | * is OK without a mnt_want/drop_write() pair. Since |
| 421 | * no actual write to the fs is performed here, we do |
| 422 | * not need to telegraph to that to anyone. |
| 423 | * |
| 424 | * By doing this, we accept that this access is |
| 425 | * inherently racy and know that the fs may change |
| 426 | * state before we even see this result. |
| 427 | */ |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 428 | if (__mnt_is_readonly(path.mnt)) |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 429 | res = -EROFS; |
| 430 | |
| 431 | out_path_release: |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 432 | path_put(&path); |
Jeff Layton | 87fa559 | 2012-12-11 12:10:11 -0500 | [diff] [blame] | 433 | if (retry_estale(res, lookup_flags)) { |
| 434 | lookup_flags |= LOOKUP_REVAL; |
| 435 | goto retry; |
| 436 | } |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 437 | out: |
David Howells | d84f4f9 | 2008-11-14 10:39:23 +1100 | [diff] [blame] | 438 | revert_creds(old_cred); |
| 439 | put_cred(override_cred); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 440 | return res; |
| 441 | } |
| 442 | |
Dominik Brodowski | cbfe20f | 2018-03-11 11:34:54 +0100 | [diff] [blame] | 443 | SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode) |
| 444 | { |
| 445 | return do_faccessat(dfd, filename, mode); |
| 446 | } |
| 447 | |
Heiko Carstens | ca013e9 | 2009-01-14 14:14:19 +0100 | [diff] [blame] | 448 | SYSCALL_DEFINE2(access, const char __user *, filename, int, mode) |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 449 | { |
Dominik Brodowski | cbfe20f | 2018-03-11 11:34:54 +0100 | [diff] [blame] | 450 | return do_faccessat(AT_FDCWD, filename, mode); |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 451 | } |
| 452 | |
Dominik Brodowski | 447016e | 2018-03-11 11:34:46 +0100 | [diff] [blame] | 453 | int ksys_chdir(const char __user *filename) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 454 | { |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 455 | struct path path; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 456 | int error; |
Jeff Layton | 0291c0a | 2012-12-11 12:10:12 -0500 | [diff] [blame] | 457 | unsigned int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; |
| 458 | retry: |
| 459 | error = user_path_at(AT_FDCWD, filename, lookup_flags, &path); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 460 | if (error) |
| 461 | goto out; |
| 462 | |
Eric Paris | 9cfcac8 | 2010-07-23 11:43:51 -0400 | [diff] [blame] | 463 | error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 464 | if (error) |
| 465 | goto dput_and_out; |
| 466 | |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 467 | set_fs_pwd(current->fs, &path); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 468 | |
| 469 | dput_and_out: |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 470 | path_put(&path); |
Jeff Layton | 0291c0a | 2012-12-11 12:10:12 -0500 | [diff] [blame] | 471 | if (retry_estale(error, lookup_flags)) { |
| 472 | lookup_flags |= LOOKUP_REVAL; |
| 473 | goto retry; |
| 474 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 475 | out: |
| 476 | return error; |
| 477 | } |
| 478 | |
Dominik Brodowski | 447016e | 2018-03-11 11:34:46 +0100 | [diff] [blame] | 479 | SYSCALL_DEFINE1(chdir, const char __user *, filename) |
| 480 | { |
| 481 | return ksys_chdir(filename); |
| 482 | } |
| 483 | |
Heiko Carstens | 3cdad42 | 2009-01-14 14:14:22 +0100 | [diff] [blame] | 484 | SYSCALL_DEFINE1(fchdir, unsigned int, fd) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 485 | { |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 486 | struct fd f = fdget_raw(fd); |
Al Viro | 159b095 | 2017-04-15 15:58:56 -0400 | [diff] [blame] | 487 | int error; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 488 | |
| 489 | error = -EBADF; |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 490 | if (!f.file) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 491 | goto out; |
| 492 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 493 | error = -ENOTDIR; |
Al Viro | 159b095 | 2017-04-15 15:58:56 -0400 | [diff] [blame] | 494 | if (!d_can_lookup(f.file->f_path.dentry)) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 495 | goto out_putf; |
| 496 | |
Al Viro | 159b095 | 2017-04-15 15:58:56 -0400 | [diff] [blame] | 497 | error = inode_permission(file_inode(f.file), MAY_EXEC | MAY_CHDIR); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 498 | if (!error) |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 499 | set_fs_pwd(current->fs, &f.file->f_path); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 500 | out_putf: |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 501 | fdput(f); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 502 | out: |
| 503 | return error; |
| 504 | } |
| 505 | |
Dominik Brodowski | a16fe33 | 2018-03-11 11:34:41 +0100 | [diff] [blame] | 506 | int ksys_chroot(const char __user *filename) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 507 | { |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 508 | struct path path; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 509 | int error; |
Jeff Layton | 2771261 | 2012-12-20 17:08:32 -0500 | [diff] [blame] | 510 | unsigned int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; |
| 511 | retry: |
| 512 | error = user_path_at(AT_FDCWD, filename, lookup_flags, &path); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 513 | if (error) |
| 514 | goto out; |
| 515 | |
Eric Paris | 9cfcac8 | 2010-07-23 11:43:51 -0400 | [diff] [blame] | 516 | error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 517 | if (error) |
| 518 | goto dput_and_out; |
| 519 | |
| 520 | error = -EPERM; |
Eric W. Biederman | c7b96ac | 2013-03-20 12:49:49 -0700 | [diff] [blame] | 521 | if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT)) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 522 | goto dput_and_out; |
Tetsuo Handa | 8b8efb4 | 2009-10-04 21:49:48 +0900 | [diff] [blame] | 523 | error = security_path_chroot(&path); |
| 524 | if (error) |
| 525 | goto dput_and_out; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 526 | |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 527 | set_fs_root(current->fs, &path); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 528 | error = 0; |
| 529 | dput_and_out: |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 530 | path_put(&path); |
Jeff Layton | 2771261 | 2012-12-20 17:08:32 -0500 | [diff] [blame] | 531 | if (retry_estale(error, lookup_flags)) { |
| 532 | lookup_flags |= LOOKUP_REVAL; |
| 533 | goto retry; |
| 534 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 535 | out: |
| 536 | return error; |
| 537 | } |
| 538 | |
Dominik Brodowski | a16fe33 | 2018-03-11 11:34:41 +0100 | [diff] [blame] | 539 | SYSCALL_DEFINE1(chroot, const char __user *, filename) |
| 540 | { |
| 541 | return ksys_chroot(filename); |
| 542 | } |
| 543 | |
Al Viro | be01f9f | 2016-03-25 14:56:23 -0400 | [diff] [blame] | 544 | static int chmod_common(const struct path *path, umode_t mode) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 545 | { |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 546 | struct inode *inode = path->dentry->d_inode; |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 547 | struct inode *delegated_inode = NULL; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 548 | struct iattr newattrs; |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 549 | int error; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 550 | |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 551 | error = mnt_want_write(path->mnt); |
| 552 | if (error) |
| 553 | return error; |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 554 | retry_deleg: |
Al Viro | 5955102 | 2016-01-22 15:40:57 -0500 | [diff] [blame] | 555 | inode_lock(inode); |
Al Viro | cdcf116 | 2011-12-08 10:51:53 -0500 | [diff] [blame] | 556 | error = security_path_chmod(path, mode); |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 557 | if (error) |
Tetsuo Handa | fe542cf | 2009-11-22 11:49:55 +0900 | [diff] [blame] | 558 | goto out_unlock; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 559 | newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO); |
| 560 | newattrs.ia_valid = ATTR_MODE | ATTR_CTIME; |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 561 | error = notify_change(path->dentry, &newattrs, &delegated_inode); |
Tetsuo Handa | fe542cf | 2009-11-22 11:49:55 +0900 | [diff] [blame] | 562 | out_unlock: |
Al Viro | 5955102 | 2016-01-22 15:40:57 -0500 | [diff] [blame] | 563 | inode_unlock(inode); |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 564 | if (delegated_inode) { |
| 565 | error = break_deleg_wait(&delegated_inode); |
| 566 | if (!error) |
| 567 | goto retry_deleg; |
| 568 | } |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 569 | mnt_drop_write(path->mnt); |
| 570 | return error; |
| 571 | } |
| 572 | |
Dominik Brodowski | 03450e2 | 2018-03-11 11:34:53 +0100 | [diff] [blame] | 573 | int ksys_fchmod(unsigned int fd, umode_t mode) |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 574 | { |
Al Viro | 173c840 | 2013-08-30 12:48:53 -0400 | [diff] [blame] | 575 | struct fd f = fdget(fd); |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 576 | int err = -EBADF; |
| 577 | |
Al Viro | 173c840 | 2013-08-30 12:48:53 -0400 | [diff] [blame] | 578 | if (f.file) { |
Al Viro | 9f45f5b | 2014-10-31 17:44:57 -0400 | [diff] [blame] | 579 | audit_file(f.file); |
Al Viro | 173c840 | 2013-08-30 12:48:53 -0400 | [diff] [blame] | 580 | err = chmod_common(&f.file->f_path, mode); |
| 581 | fdput(f); |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 582 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 583 | return err; |
| 584 | } |
| 585 | |
Dominik Brodowski | 03450e2 | 2018-03-11 11:34:53 +0100 | [diff] [blame] | 586 | SYSCALL_DEFINE2(fchmod, unsigned int, fd, umode_t, mode) |
| 587 | { |
| 588 | return ksys_fchmod(fd, mode); |
| 589 | } |
| 590 | |
| 591 | int do_fchmodat(int dfd, const char __user *filename, umode_t mode) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 592 | { |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 593 | struct path path; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 594 | int error; |
Jeff Layton | 14ff690 | 2012-12-11 12:10:13 -0500 | [diff] [blame] | 595 | unsigned int lookup_flags = LOOKUP_FOLLOW; |
| 596 | retry: |
| 597 | error = user_path_at(dfd, filename, lookup_flags, &path); |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 598 | if (!error) { |
| 599 | error = chmod_common(&path, mode); |
| 600 | path_put(&path); |
Jeff Layton | 14ff690 | 2012-12-11 12:10:13 -0500 | [diff] [blame] | 601 | if (retry_estale(error, lookup_flags)) { |
| 602 | lookup_flags |= LOOKUP_REVAL; |
| 603 | goto retry; |
| 604 | } |
Al Viro | e57712e | 2011-07-26 04:15:54 -0400 | [diff] [blame] | 605 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 606 | return error; |
| 607 | } |
| 608 | |
Dominik Brodowski | 03450e2 | 2018-03-11 11:34:53 +0100 | [diff] [blame] | 609 | SYSCALL_DEFINE3(fchmodat, int, dfd, const char __user *, filename, |
| 610 | umode_t, mode) |
| 611 | { |
| 612 | return do_fchmodat(dfd, filename, mode); |
| 613 | } |
| 614 | |
Al Viro | 49f0a07 | 2011-07-26 04:22:01 -0400 | [diff] [blame] | 615 | SYSCALL_DEFINE2(chmod, const char __user *, filename, umode_t, mode) |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 616 | { |
Dominik Brodowski | 03450e2 | 2018-03-11 11:34:53 +0100 | [diff] [blame] | 617 | return do_fchmodat(AT_FDCWD, filename, mode); |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 618 | } |
| 619 | |
Al Viro | 7fd25da | 2016-03-25 14:44:41 -0400 | [diff] [blame] | 620 | static int chown_common(const struct path *path, uid_t user, gid_t group) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 621 | { |
Tetsuo Handa | fe542cf | 2009-11-22 11:49:55 +0900 | [diff] [blame] | 622 | struct inode *inode = path->dentry->d_inode; |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 623 | struct inode *delegated_inode = NULL; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 624 | int error; |
| 625 | struct iattr newattrs; |
Eric W. Biederman | 52137ab | 2012-03-03 19:52:01 -0800 | [diff] [blame] | 626 | kuid_t uid; |
| 627 | kgid_t gid; |
| 628 | |
| 629 | uid = make_kuid(current_user_ns(), user); |
| 630 | gid = make_kgid(current_user_ns(), group); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 631 | |
Andrew Elble | c1b8940 | 2015-02-23 08:51:24 -0500 | [diff] [blame] | 632 | retry_deleg: |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 633 | newattrs.ia_valid = ATTR_CTIME; |
| 634 | if (user != (uid_t) -1) { |
Eric W. Biederman | 52137ab | 2012-03-03 19:52:01 -0800 | [diff] [blame] | 635 | if (!uid_valid(uid)) |
| 636 | return -EINVAL; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 637 | newattrs.ia_valid |= ATTR_UID; |
Eric W. Biederman | 52137ab | 2012-03-03 19:52:01 -0800 | [diff] [blame] | 638 | newattrs.ia_uid = uid; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 639 | } |
| 640 | if (group != (gid_t) -1) { |
Eric W. Biederman | 52137ab | 2012-03-03 19:52:01 -0800 | [diff] [blame] | 641 | if (!gid_valid(gid)) |
| 642 | return -EINVAL; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 643 | newattrs.ia_valid |= ATTR_GID; |
Eric W. Biederman | 52137ab | 2012-03-03 19:52:01 -0800 | [diff] [blame] | 644 | newattrs.ia_gid = gid; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 645 | } |
| 646 | if (!S_ISDIR(inode->i_mode)) |
Serge E. Hallyn | b537677 | 2007-10-16 23:31:36 -0700 | [diff] [blame] | 647 | newattrs.ia_valid |= |
| 648 | ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; |
Al Viro | 5955102 | 2016-01-22 15:40:57 -0500 | [diff] [blame] | 649 | inode_lock(inode); |
Eric W. Biederman | d2b31ca | 2012-06-01 16:14:19 -0600 | [diff] [blame] | 650 | error = security_path_chown(path, uid, gid); |
Tetsuo Handa | fe542cf | 2009-11-22 11:49:55 +0900 | [diff] [blame] | 651 | if (!error) |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 652 | error = notify_change(path->dentry, &newattrs, &delegated_inode); |
Al Viro | 5955102 | 2016-01-22 15:40:57 -0500 | [diff] [blame] | 653 | inode_unlock(inode); |
J. Bruce Fields | 27ac0ff | 2011-09-20 17:19:26 -0400 | [diff] [blame] | 654 | if (delegated_inode) { |
| 655 | error = break_deleg_wait(&delegated_inode); |
| 656 | if (!error) |
| 657 | goto retry_deleg; |
| 658 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 659 | return error; |
| 660 | } |
| 661 | |
Dominik Brodowski | 55731b3 | 2018-03-11 11:34:55 +0100 | [diff] [blame] | 662 | int do_fchownat(int dfd, const char __user *filename, uid_t user, gid_t group, |
| 663 | int flag) |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 664 | { |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 665 | struct path path; |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 666 | int error = -EINVAL; |
Al Viro | 65cfc67 | 2011-03-13 15:56:26 -0400 | [diff] [blame] | 667 | int lookup_flags; |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 668 | |
Al Viro | 65cfc67 | 2011-03-13 15:56:26 -0400 | [diff] [blame] | 669 | if ((flag & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) != 0) |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 670 | goto out; |
| 671 | |
Al Viro | 65cfc67 | 2011-03-13 15:56:26 -0400 | [diff] [blame] | 672 | lookup_flags = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW; |
| 673 | if (flag & AT_EMPTY_PATH) |
| 674 | lookup_flags |= LOOKUP_EMPTY; |
Jeff Layton | 99a5df3 | 2012-12-11 12:10:13 -0500 | [diff] [blame] | 675 | retry: |
Al Viro | 65cfc67 | 2011-03-13 15:56:26 -0400 | [diff] [blame] | 676 | error = user_path_at(dfd, filename, lookup_flags, &path); |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 677 | if (error) |
| 678 | goto out; |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 679 | error = mnt_want_write(path.mnt); |
Dave Hansen | 2af482a | 2008-02-15 14:37:50 -0800 | [diff] [blame] | 680 | if (error) |
| 681 | goto out_release; |
Tetsuo Handa | fe542cf | 2009-11-22 11:49:55 +0900 | [diff] [blame] | 682 | error = chown_common(&path, user, group); |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 683 | mnt_drop_write(path.mnt); |
Dave Hansen | 2af482a | 2008-02-15 14:37:50 -0800 | [diff] [blame] | 684 | out_release: |
Al Viro | 2d8f303 | 2008-07-22 09:59:21 -0400 | [diff] [blame] | 685 | path_put(&path); |
Jeff Layton | 99a5df3 | 2012-12-11 12:10:13 -0500 | [diff] [blame] | 686 | if (retry_estale(error, lookup_flags)) { |
| 687 | lookup_flags |= LOOKUP_REVAL; |
| 688 | goto retry; |
| 689 | } |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 690 | out: |
| 691 | return error; |
| 692 | } |
| 693 | |
Dominik Brodowski | 55731b3 | 2018-03-11 11:34:55 +0100 | [diff] [blame] | 694 | SYSCALL_DEFINE5(fchownat, int, dfd, const char __user *, filename, uid_t, user, |
| 695 | gid_t, group, int, flag) |
| 696 | { |
| 697 | return do_fchownat(dfd, filename, user, group, flag); |
| 698 | } |
| 699 | |
David Howells | 55e4def | 2012-06-25 12:55:09 +0100 | [diff] [blame] | 700 | SYSCALL_DEFINE3(chown, const char __user *, filename, uid_t, user, gid_t, group) |
| 701 | { |
Dominik Brodowski | 55731b3 | 2018-03-11 11:34:55 +0100 | [diff] [blame] | 702 | return do_fchownat(AT_FDCWD, filename, user, group, 0); |
David Howells | 55e4def | 2012-06-25 12:55:09 +0100 | [diff] [blame] | 703 | } |
| 704 | |
Heiko Carstens | ca013e9 | 2009-01-14 14:14:19 +0100 | [diff] [blame] | 705 | SYSCALL_DEFINE3(lchown, const char __user *, filename, uid_t, user, gid_t, group) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 706 | { |
Dominik Brodowski | 55731b3 | 2018-03-11 11:34:55 +0100 | [diff] [blame] | 707 | return do_fchownat(AT_FDCWD, filename, user, group, |
| 708 | AT_SYMLINK_NOFOLLOW); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 709 | } |
| 710 | |
Dominik Brodowski | 55731b3 | 2018-03-11 11:34:55 +0100 | [diff] [blame] | 711 | int ksys_fchown(unsigned int fd, uid_t user, gid_t group) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 712 | { |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 713 | struct fd f = fdget(fd); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 714 | int error = -EBADF; |
| 715 | |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 716 | if (!f.file) |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 717 | goto out; |
| 718 | |
Miklos Szeredi | 6742cee | 2018-07-18 15:44:43 +0200 | [diff] [blame] | 719 | error = mnt_want_write_file(f.file); |
Dave Hansen | 2af482a | 2008-02-15 14:37:50 -0800 | [diff] [blame] | 720 | if (error) |
| 721 | goto out_fput; |
Al Viro | 9f45f5b | 2014-10-31 17:44:57 -0400 | [diff] [blame] | 722 | audit_file(f.file); |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 723 | error = chown_common(&f.file->f_path, user, group); |
Miklos Szeredi | 6742cee | 2018-07-18 15:44:43 +0200 | [diff] [blame] | 724 | mnt_drop_write_file(f.file); |
Dave Hansen | 2af482a | 2008-02-15 14:37:50 -0800 | [diff] [blame] | 725 | out_fput: |
Al Viro | 2903ff0 | 2012-08-28 12:52:22 -0400 | [diff] [blame] | 726 | fdput(f); |
Dave Hansen | 6902d92 | 2006-09-30 23:29:01 -0700 | [diff] [blame] | 727 | out: |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 728 | return error; |
| 729 | } |
| 730 | |
Dominik Brodowski | 55731b3 | 2018-03-11 11:34:55 +0100 | [diff] [blame] | 731 | SYSCALL_DEFINE3(fchown, unsigned int, fd, uid_t, user, gid_t, group) |
| 732 | { |
| 733 | return ksys_fchown(fd, user, group); |
| 734 | } |
| 735 | |
Al Viro | 02e5180 | 2012-06-10 14:32:45 -0400 | [diff] [blame] | 736 | static int do_dentry_open(struct file *f, |
David Howells | 4bacc9c | 2015-06-18 14:32:31 +0100 | [diff] [blame] | 737 | struct inode *inode, |
Al Viro | ae2bb29 | 2018-07-10 13:22:28 -0400 | [diff] [blame] | 738 | int (*open)(struct inode *, struct file *)) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 739 | { |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 740 | static const struct file_operations empty_fops = {}; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 741 | int error; |
| 742 | |
Al Viro | b5bcdda | 2012-07-20 23:28:46 +0400 | [diff] [blame] | 743 | path_get(&f->f_path); |
David Howells | 4bacc9c | 2015-06-18 14:32:31 +0100 | [diff] [blame] | 744 | f->f_inode = inode; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 745 | f->f_mapping = inode->i_mapping; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 746 | |
Jeff Layton | 5660e13 | 2017-07-06 07:02:25 -0400 | [diff] [blame] | 747 | /* Ensure that we skip any errors that predate opening of the file */ |
| 748 | f->f_wb_err = filemap_sample_wb_err(f->f_mapping); |
| 749 | |
Al Viro | 3f4d5a0 | 2014-03-14 09:43:29 -0400 | [diff] [blame] | 750 | if (unlikely(f->f_flags & O_PATH)) { |
Al Viro | f5d1140 | 2018-07-09 02:35:08 -0400 | [diff] [blame] | 751 | f->f_mode = FMODE_PATH | FMODE_OPENED; |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 752 | f->f_op = &empty_fops; |
Al Viro | af04fad | 2018-06-02 01:31:02 -0400 | [diff] [blame] | 753 | return 0; |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 754 | } |
| 755 | |
Tetsuo Handa | 73601ea | 2019-03-28 20:43:30 -0700 | [diff] [blame] | 756 | /* Any file opened for execve()/uselib() has to be a regular file. */ |
| 757 | if (unlikely(f->f_flags & FMODE_EXEC && !S_ISREG(inode->i_mode))) { |
| 758 | error = -EACCES; |
| 759 | goto cleanup_file; |
| 760 | } |
| 761 | |
Al Viro | dd20908 | 2014-03-14 10:56:20 -0400 | [diff] [blame] | 762 | if (f->f_mode & FMODE_WRITE && !special_file(inode->i_mode)) { |
Al Viro | 0ccb286 | 2014-03-14 10:40:46 -0400 | [diff] [blame] | 763 | error = get_write_access(inode); |
Al Viro | 3f4d5a0 | 2014-03-14 09:43:29 -0400 | [diff] [blame] | 764 | if (unlikely(error)) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 765 | goto cleanup_file; |
Al Viro | 0ccb286 | 2014-03-14 10:40:46 -0400 | [diff] [blame] | 766 | error = __mnt_want_write(f->f_path.mnt); |
Al Viro | 3f4d5a0 | 2014-03-14 09:43:29 -0400 | [diff] [blame] | 767 | if (unlikely(error)) { |
Al Viro | 0ccb286 | 2014-03-14 10:40:46 -0400 | [diff] [blame] | 768 | put_write_access(inode); |
| 769 | goto cleanup_file; |
| 770 | } |
Al Viro | 83f936c | 2014-03-14 12:02:47 -0400 | [diff] [blame] | 771 | f->f_mode |= FMODE_WRITER; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 772 | } |
| 773 | |
Linus Torvalds | 2be7d34 | 2019-11-26 11:34:06 -0800 | [diff] [blame] | 774 | /* POSIX.1-2008/SUSv4 Section XSI 2.9.7 */ |
| 775 | if (S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode)) |
| 776 | f->f_mode |= FMODE_ATOMIC_POS; |
| 777 | |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 778 | f->f_op = fops_get(inode->i_fop); |
Denis Efremov | 7159d54 | 2019-09-25 16:49:31 -0700 | [diff] [blame] | 779 | if (WARN_ON(!f->f_op)) { |
Al Viro | 72c2d53 | 2013-09-22 16:27:52 -0400 | [diff] [blame] | 780 | error = -ENODEV; |
| 781 | goto cleanup_all; |
| 782 | } |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 783 | |
Al Viro | e3f20ae | 2018-07-10 13:25:29 -0400 | [diff] [blame] | 784 | error = security_file_open(f); |
Yuichi Nakamura | 788e7dd | 2007-09-14 09:27:07 +0900 | [diff] [blame] | 785 | if (error) |
| 786 | goto cleanup_all; |
| 787 | |
Miklos Szeredi | c568d68 | 2016-09-16 12:44:20 +0200 | [diff] [blame] | 788 | error = break_lease(locks_inode(f), f->f_flags); |
J. Bruce Fields | f3c7691e | 2011-09-21 10:58:13 -0400 | [diff] [blame] | 789 | if (error) |
| 790 | goto cleanup_all; |
| 791 | |
Al Viro | ea73ea7 | 2018-07-11 15:00:04 -0400 | [diff] [blame] | 792 | /* normally all 3 are set; ->open() can clear them if needed */ |
| 793 | f->f_mode |= FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE; |
Al Viro | 72c2d53 | 2013-09-22 16:27:52 -0400 | [diff] [blame] | 794 | if (!open) |
Trond Myklebust | 834f2a4 | 2005-10-18 14:20:16 -0700 | [diff] [blame] | 795 | open = f->f_op->open; |
| 796 | if (open) { |
| 797 | error = open(inode, f); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 798 | if (error) |
| 799 | goto cleanup_all; |
| 800 | } |
Al Viro | f5d1140 | 2018-07-09 02:35:08 -0400 | [diff] [blame] | 801 | f->f_mode |= FMODE_OPENED; |
Mimi Zohar | 890275b5 | 2010-11-02 10:13:07 -0400 | [diff] [blame] | 802 | if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
| 803 | i_readcount_inc(inode); |
Al Viro | 293bc98 | 2014-02-11 18:37:41 -0500 | [diff] [blame] | 804 | if ((f->f_mode & FMODE_READ) && |
Al Viro | 8436318 | 2015-04-04 01:14:53 -0400 | [diff] [blame] | 805 | likely(f->f_op->read || f->f_op->read_iter)) |
Al Viro | 7f7f25e | 2014-02-11 17:49:24 -0500 | [diff] [blame] | 806 | f->f_mode |= FMODE_CAN_READ; |
Al Viro | 293bc98 | 2014-02-11 18:37:41 -0500 | [diff] [blame] | 807 | if ((f->f_mode & FMODE_WRITE) && |
Al Viro | 8436318 | 2015-04-04 01:14:53 -0400 | [diff] [blame] | 808 | likely(f->f_op->write || f->f_op->write_iter)) |
Al Viro | 7f7f25e | 2014-02-11 17:49:24 -0500 | [diff] [blame] | 809 | f->f_mode |= FMODE_CAN_WRITE; |
Trond Myklebust | 834f2a4 | 2005-10-18 14:20:16 -0700 | [diff] [blame] | 810 | |
Jens Axboe | c75b1d9 | 2017-06-27 11:47:04 -0600 | [diff] [blame] | 811 | f->f_write_hint = WRITE_LIFE_NOT_SET; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 812 | f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); |
| 813 | |
| 814 | file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping); |
Al Viro | af04fad | 2018-06-02 01:31:02 -0400 | [diff] [blame] | 815 | |
Al Viro | 69527c5 | 2018-06-08 13:01:49 -0400 | [diff] [blame] | 816 | /* NB: we're sure to have correct a_ops only after f_op->open */ |
| 817 | if (f->f_flags & O_DIRECT) { |
| 818 | if (!f->f_mapping->a_ops || !f->f_mapping->a_ops->direct_IO) |
| 819 | return -EINVAL; |
| 820 | } |
Song Liu | 09d91cd | 2019-09-23 15:38:03 -0700 | [diff] [blame] | 821 | |
| 822 | /* |
| 823 | * XXX: Huge page cache doesn't support writing yet. Drop all page |
| 824 | * cache for this file before processing writes. |
| 825 | */ |
| 826 | if ((f->f_mode & FMODE_WRITE) && filemap_nr_thps(inode->i_mapping)) |
| 827 | truncate_pagecache(inode, 0); |
| 828 | |
Al Viro | 96b7e57 | 2012-06-10 14:22:04 -0400 | [diff] [blame] | 829 | return 0; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 830 | |
| 831 | cleanup_all: |
Al Viro | 6b4e808 | 2018-07-08 21:45:07 -0400 | [diff] [blame] | 832 | if (WARN_ON_ONCE(error > 0)) |
| 833 | error = -EINVAL; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 834 | fops_put(f->f_op); |
Al Viro | 83f936c | 2014-03-14 12:02:47 -0400 | [diff] [blame] | 835 | if (f->f_mode & FMODE_WRITER) { |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 836 | put_write_access(inode); |
Al Viro | 83f936c | 2014-03-14 12:02:47 -0400 | [diff] [blame] | 837 | __mnt_drop_write(f->f_path.mnt); |
Dave Hansen | 4a3fd21 | 2008-02-15 14:37:48 -0800 | [diff] [blame] | 838 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 839 | cleanup_file: |
Al Viro | 02e5180 | 2012-06-10 14:32:45 -0400 | [diff] [blame] | 840 | path_put(&f->f_path); |
| 841 | f->f_path.mnt = NULL; |
| 842 | f->f_path.dentry = NULL; |
Al Viro | dd37978 | 2013-03-01 19:48:30 -0500 | [diff] [blame] | 843 | f->f_inode = NULL; |
Al Viro | 96b7e57 | 2012-06-10 14:22:04 -0400 | [diff] [blame] | 844 | return error; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 845 | } |
| 846 | |
Trond Myklebust | 834f2a4 | 2005-10-18 14:20:16 -0700 | [diff] [blame] | 847 | /** |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 848 | * finish_open - finish opening a file |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 849 | * @file: file pointer |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 850 | * @dentry: pointer to dentry |
| 851 | * @open: open callback |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 852 | * @opened: state of open |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 853 | * |
| 854 | * This can be used to finish opening a file passed to i_op->atomic_open(). |
| 855 | * |
| 856 | * If the open callback is set to NULL, then the standard f_op->open() |
| 857 | * filesystem callback is substituted. |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 858 | * |
| 859 | * NB: the dentry reference is _not_ consumed. If, for example, the dentry is |
| 860 | * the return value of d_splice_alias(), then the caller needs to perform dput() |
| 861 | * on it after finish_open(). |
| 862 | * |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 863 | * Returns zero on success or -errno if the open failed. |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 864 | */ |
Al Viro | 30d9049 | 2012-06-22 12:40:19 +0400 | [diff] [blame] | 865 | int finish_open(struct file *file, struct dentry *dentry, |
Al Viro | be12af3 | 2018-06-08 11:44:56 -0400 | [diff] [blame] | 866 | int (*open)(struct inode *, struct file *)) |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 867 | { |
Al Viro | aad888f | 2018-06-08 12:58:04 -0400 | [diff] [blame] | 868 | BUG_ON(file->f_mode & FMODE_OPENED); /* once it's opened, it's opened */ |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 869 | |
Al Viro | b5bcdda | 2012-07-20 23:28:46 +0400 | [diff] [blame] | 870 | file->f_path.dentry = dentry; |
Al Viro | aad888f | 2018-06-08 12:58:04 -0400 | [diff] [blame] | 871 | return do_dentry_open(file, d_backing_inode(dentry), open); |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 872 | } |
| 873 | EXPORT_SYMBOL(finish_open); |
| 874 | |
| 875 | /** |
| 876 | * finish_no_open - finish ->atomic_open() without opening the file |
| 877 | * |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 878 | * @file: file pointer |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 879 | * @dentry: dentry or NULL (as returned from ->lookup()) |
| 880 | * |
| 881 | * This can be used to set the result of a successful lookup in ->atomic_open(). |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 882 | * |
| 883 | * NB: unlike finish_open() this function does consume the dentry reference and |
| 884 | * the caller need not dput() it. |
| 885 | * |
Al Viro | 64e1ac4 | 2018-07-09 19:17:52 -0400 | [diff] [blame] | 886 | * Returns "0" which must be the return value of ->atomic_open() after having |
Miklos Szeredi | 0854d45 | 2013-09-16 14:51:55 +0200 | [diff] [blame] | 887 | * called this function. |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 888 | */ |
Al Viro | e45198a | 2012-06-10 06:48:09 -0400 | [diff] [blame] | 889 | int finish_no_open(struct file *file, struct dentry *dentry) |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 890 | { |
Al Viro | 30d9049 | 2012-06-22 12:40:19 +0400 | [diff] [blame] | 891 | file->f_path.dentry = dentry; |
Al Viro | 64e1ac4 | 2018-07-09 19:17:52 -0400 | [diff] [blame] | 892 | return 0; |
Miklos Szeredi | d18e900 | 2012-06-05 15:10:17 +0200 | [diff] [blame] | 893 | } |
| 894 | EXPORT_SYMBOL(finish_no_open); |
| 895 | |
Miklos Szeredi | 9bf39ab | 2015-06-19 10:29:13 +0200 | [diff] [blame] | 896 | char *file_path(struct file *filp, char *buf, int buflen) |
| 897 | { |
| 898 | return d_path(&filp->f_path, buf, buflen); |
| 899 | } |
| 900 | EXPORT_SYMBOL(file_path); |
| 901 | |
David Howells | 4bacc9c | 2015-06-18 14:32:31 +0100 | [diff] [blame] | 902 | /** |
| 903 | * vfs_open - open the file at the given path |
| 904 | * @path: path to open |
| 905 | * @file: newly allocated file with f_flag initialized |
| 906 | * @cred: credentials to use |
| 907 | */ |
Al Viro | ae2bb29 | 2018-07-10 13:22:28 -0400 | [diff] [blame] | 908 | int vfs_open(const struct path *path, struct file *file) |
David Howells | 4bacc9c | 2015-06-18 14:32:31 +0100 | [diff] [blame] | 909 | { |
David Howells | 4bacc9c | 2015-06-18 14:32:31 +0100 | [diff] [blame] | 910 | file->f_path = *path; |
Miklos Szeredi | a6518f7 | 2018-07-06 23:57:06 +0200 | [diff] [blame] | 911 | return do_dentry_open(file, d_backing_inode(path->dentry), NULL); |
David Howells | 4bacc9c | 2015-06-18 14:32:31 +0100 | [diff] [blame] | 912 | } |
| 913 | |
Al Viro | 765927b | 2012-06-26 21:58:53 +0400 | [diff] [blame] | 914 | struct file *dentry_open(const struct path *path, int flags, |
David Howells | 745ca24 | 2008-11-14 10:39:22 +1100 | [diff] [blame] | 915 | const struct cred *cred) |
Peter Staubach | a1a5b3d | 2005-09-13 01:25:12 -0700 | [diff] [blame] | 916 | { |
| 917 | int error; |
| 918 | struct file *f; |
| 919 | |
David Howells | e0e8173 | 2009-09-02 09:13:40 +0100 | [diff] [blame] | 920 | validate_creds(cred); |
| 921 | |
Tetsuo Handa | c212f9a | 2011-01-19 21:08:41 +0900 | [diff] [blame] | 922 | /* We must always pass in a valid mount pointer. */ |
Al Viro | 765927b | 2012-06-26 21:58:53 +0400 | [diff] [blame] | 923 | BUG_ON(!path->mnt); |
Christoph Hellwig | 322ee5b | 2008-02-15 14:37:24 -0800 | [diff] [blame] | 924 | |
Al Viro | ea73ea7 | 2018-07-11 15:00:04 -0400 | [diff] [blame] | 925 | f = alloc_empty_file(flags, cred); |
Al Viro | af04fad | 2018-06-02 01:31:02 -0400 | [diff] [blame] | 926 | if (!IS_ERR(f)) { |
Al Viro | ae2bb29 | 2018-07-10 13:22:28 -0400 | [diff] [blame] | 927 | error = vfs_open(path, f); |
Al Viro | 4d27f32 | 2018-07-09 11:14:39 -0400 | [diff] [blame] | 928 | if (error) { |
| 929 | fput(f); |
Al Viro | af04fad | 2018-06-02 01:31:02 -0400 | [diff] [blame] | 930 | f = ERR_PTR(error); |
| 931 | } |
Al Viro | 2a027e7 | 2012-06-10 14:24:38 -0400 | [diff] [blame] | 932 | } |
| 933 | return f; |
Peter Staubach | a1a5b3d | 2005-09-13 01:25:12 -0700 | [diff] [blame] | 934 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 935 | EXPORT_SYMBOL(dentry_open); |
| 936 | |
Al Viro | 2abc77a | 2018-07-12 11:18:42 -0400 | [diff] [blame] | 937 | struct file *open_with_fake_path(const struct path *path, int flags, |
| 938 | struct inode *inode, const struct cred *cred) |
| 939 | { |
Miklos Szeredi | d3b1084 | 2018-07-18 15:44:40 +0200 | [diff] [blame] | 940 | struct file *f = alloc_empty_file_noaccount(flags, cred); |
Al Viro | 2abc77a | 2018-07-12 11:18:42 -0400 | [diff] [blame] | 941 | if (!IS_ERR(f)) { |
| 942 | int error; |
| 943 | |
| 944 | f->f_path = *path; |
| 945 | error = do_dentry_open(f, inode, NULL); |
| 946 | if (error) { |
| 947 | fput(f); |
| 948 | f = ERR_PTR(error); |
| 949 | } |
| 950 | } |
| 951 | return f; |
| 952 | } |
| 953 | EXPORT_SYMBOL(open_with_fake_path); |
| 954 | |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 955 | #define WILL_CREATE(flags) (flags & (O_CREAT | __O_TMPFILE)) |
| 956 | #define O_PATH_FLAGS (O_DIRECTORY | O_NOFOLLOW | O_PATH | O_CLOEXEC) |
| 957 | |
Jens Axboe | 35cb6d5 | 2019-12-13 11:10:11 -0700 | [diff] [blame] | 958 | inline struct open_how build_open_how(int flags, umode_t mode) |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 959 | { |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 960 | struct open_how how = { |
| 961 | .flags = flags & VALID_OPEN_FLAGS, |
| 962 | .mode = mode & S_IALLUGO, |
| 963 | }; |
| 964 | |
| 965 | /* O_PATH beats everything else. */ |
| 966 | if (how.flags & O_PATH) |
| 967 | how.flags &= O_PATH_FLAGS; |
| 968 | /* Modes should only be set for create-like flags. */ |
| 969 | if (!WILL_CREATE(how.flags)) |
| 970 | how.mode = 0; |
| 971 | return how; |
| 972 | } |
| 973 | |
Jens Axboe | 35cb6d5 | 2019-12-13 11:10:11 -0700 | [diff] [blame] | 974 | inline int build_open_flags(const struct open_how *how, struct open_flags *op) |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 975 | { |
| 976 | int flags = how->flags; |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 977 | int lookup_flags = 0; |
Al Viro | 62fb4a1 | 2015-12-26 22:33:24 -0500 | [diff] [blame] | 978 | int acc_mode = ACC_MODE(flags); |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 979 | |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 980 | /* Must never be set by userspace */ |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 981 | flags &= ~(FMODE_NONOTIFY | O_CLOEXEC); |
| 982 | |
| 983 | /* |
| 984 | * Older syscalls implicitly clear all of the invalid flags or argument |
| 985 | * values before calling build_open_flags(), but openat2(2) checks all |
| 986 | * of its arguments. |
| 987 | */ |
| 988 | if (flags & ~VALID_OPEN_FLAGS) |
| 989 | return -EINVAL; |
| 990 | if (how->resolve & ~VALID_RESOLVE_FLAGS) |
| 991 | return -EINVAL; |
| 992 | |
| 993 | /* Deal with the mode. */ |
| 994 | if (WILL_CREATE(flags)) { |
| 995 | if (how->mode & ~S_IALLUGO) |
| 996 | return -EINVAL; |
| 997 | op->mode = how->mode | S_IFREG; |
| 998 | } else { |
| 999 | if (how->mode != 0) |
| 1000 | return -EINVAL; |
| 1001 | op->mode = 0; |
| 1002 | } |
| 1003 | |
| 1004 | /* |
| 1005 | * In order to ensure programs get explicit errors when trying to use |
| 1006 | * O_TMPFILE on old kernels, O_TMPFILE is implemented such that it |
| 1007 | * looks like (O_DIRECTORY|O_RDWR & ~O_CREAT) to old kernels. But we |
| 1008 | * have to require userspace to explicitly set it. |
| 1009 | */ |
| 1010 | if (flags & __O_TMPFILE) { |
| 1011 | if ((flags & O_TMPFILE_MASK) != O_TMPFILE) |
| 1012 | return -EINVAL; |
| 1013 | if (!(acc_mode & MAY_WRITE)) |
| 1014 | return -EINVAL; |
| 1015 | } |
| 1016 | if (flags & O_PATH) { |
| 1017 | /* O_PATH only permits certain other flags to be set. */ |
| 1018 | if (flags & ~O_PATH_FLAGS) |
| 1019 | return -EINVAL; |
| 1020 | acc_mode = 0; |
| 1021 | } |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1022 | |
| 1023 | /* |
| 1024 | * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only |
| 1025 | * check for O_DSYNC if the need any syncing at all we enforce it's |
| 1026 | * always set instead of having to deal with possibly weird behaviour |
| 1027 | * for malicious applications setting only __O_SYNC. |
| 1028 | */ |
| 1029 | if (flags & __O_SYNC) |
| 1030 | flags |= O_DSYNC; |
| 1031 | |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 1032 | op->open_flag = flags; |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1033 | |
| 1034 | /* O_TRUNC implies we need access checks for write permissions */ |
| 1035 | if (flags & O_TRUNC) |
| 1036 | acc_mode |= MAY_WRITE; |
| 1037 | |
| 1038 | /* Allow the LSM permission hook to distinguish append |
| 1039 | access from general write access. */ |
| 1040 | if (flags & O_APPEND) |
| 1041 | acc_mode |= MAY_APPEND; |
| 1042 | |
| 1043 | op->acc_mode = acc_mode; |
| 1044 | |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 1045 | op->intent = flags & O_PATH ? 0 : LOOKUP_OPEN; |
| 1046 | |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1047 | if (flags & O_CREAT) { |
| 1048 | op->intent |= LOOKUP_CREATE; |
Al Viro | 31d1726 | 2020-01-08 20:19:38 -0500 | [diff] [blame] | 1049 | if (flags & O_EXCL) { |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1050 | op->intent |= LOOKUP_EXCL; |
Al Viro | 31d1726 | 2020-01-08 20:19:38 -0500 | [diff] [blame] | 1051 | flags |= O_NOFOLLOW; |
| 1052 | } |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1053 | } |
| 1054 | |
| 1055 | if (flags & O_DIRECTORY) |
| 1056 | lookup_flags |= LOOKUP_DIRECTORY; |
| 1057 | if (!(flags & O_NOFOLLOW)) |
| 1058 | lookup_flags |= LOOKUP_FOLLOW; |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1059 | |
| 1060 | if (how->resolve & RESOLVE_NO_XDEV) |
| 1061 | lookup_flags |= LOOKUP_NO_XDEV; |
| 1062 | if (how->resolve & RESOLVE_NO_MAGICLINKS) |
| 1063 | lookup_flags |= LOOKUP_NO_MAGICLINKS; |
| 1064 | if (how->resolve & RESOLVE_NO_SYMLINKS) |
| 1065 | lookup_flags |= LOOKUP_NO_SYMLINKS; |
| 1066 | if (how->resolve & RESOLVE_BENEATH) |
| 1067 | lookup_flags |= LOOKUP_BENEATH; |
| 1068 | if (how->resolve & RESOLVE_IN_ROOT) |
| 1069 | lookup_flags |= LOOKUP_IN_ROOT; |
| 1070 | |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1071 | op->lookup_flags = lookup_flags; |
| 1072 | return 0; |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1073 | } |
| 1074 | |
| 1075 | /** |
Jeff Layton | 669abf4 | 2012-10-10 16:43:10 -0400 | [diff] [blame] | 1076 | * file_open_name - open file and return file pointer |
| 1077 | * |
| 1078 | * @name: struct filename containing path to open |
| 1079 | * @flags: open flags as per the open(2) second argument |
| 1080 | * @mode: mode for the new file if O_CREAT is set, else ignored |
| 1081 | * |
| 1082 | * This is the helper to open a file from kernelspace if you really |
| 1083 | * have to. But in generally you should not do this, so please move |
| 1084 | * along, nothing to see here.. |
| 1085 | */ |
| 1086 | struct file *file_open_name(struct filename *name, int flags, umode_t mode) |
| 1087 | { |
| 1088 | struct open_flags op; |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1089 | struct open_how how = build_open_how(flags, mode); |
| 1090 | int err = build_open_flags(&how, &op); |
| 1091 | if (err) |
| 1092 | return ERR_PTR(err); |
| 1093 | return do_filp_open(AT_FDCWD, name, &op); |
Jeff Layton | 669abf4 | 2012-10-10 16:43:10 -0400 | [diff] [blame] | 1094 | } |
| 1095 | |
| 1096 | /** |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1097 | * filp_open - open file and return file pointer |
| 1098 | * |
| 1099 | * @filename: path to open |
| 1100 | * @flags: open flags as per the open(2) second argument |
| 1101 | * @mode: mode for the new file if O_CREAT is set, else ignored |
| 1102 | * |
| 1103 | * This is the helper to open a file from kernelspace if you really |
| 1104 | * have to. But in generally you should not do this, so please move |
| 1105 | * along, nothing to see here.. |
| 1106 | */ |
Al Viro | a218d0f | 2011-11-21 14:59:34 -0500 | [diff] [blame] | 1107 | struct file *filp_open(const char *filename, int flags, umode_t mode) |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1108 | { |
Paul Moore | 5168910 | 2015-01-22 00:00:03 -0500 | [diff] [blame] | 1109 | struct filename *name = getname_kernel(filename); |
| 1110 | struct file *file = ERR_CAST(name); |
| 1111 | |
| 1112 | if (!IS_ERR(name)) { |
| 1113 | file = file_open_name(name, flags, mode); |
| 1114 | putname(name); |
| 1115 | } |
| 1116 | return file; |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1117 | } |
| 1118 | EXPORT_SYMBOL(filp_open); |
| 1119 | |
Al Viro | 73d049a | 2011-03-11 12:08:24 -0500 | [diff] [blame] | 1120 | struct file *file_open_root(struct dentry *dentry, struct vfsmount *mnt, |
Jann Horn | 378c652 | 2016-03-22 14:25:36 -0700 | [diff] [blame] | 1121 | const char *filename, int flags, umode_t mode) |
Al Viro | 73d049a | 2011-03-11 12:08:24 -0500 | [diff] [blame] | 1122 | { |
| 1123 | struct open_flags op; |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1124 | struct open_how how = build_open_how(flags, mode); |
| 1125 | int err = build_open_flags(&how, &op); |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1126 | if (err) |
| 1127 | return ERR_PTR(err); |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1128 | return do_file_open_root(dentry, mnt, filename, &op); |
Al Viro | 73d049a | 2011-03-11 12:08:24 -0500 | [diff] [blame] | 1129 | } |
| 1130 | EXPORT_SYMBOL(file_open_root); |
| 1131 | |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1132 | static long do_sys_openat2(int dfd, const char __user *filename, |
| 1133 | struct open_how *how) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1134 | { |
Al Viro | 47c805d | 2011-02-23 17:44:09 -0500 | [diff] [blame] | 1135 | struct open_flags op; |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1136 | int fd = build_open_flags(how, &op); |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1137 | struct filename *tmp; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1138 | |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1139 | if (fd) |
| 1140 | return fd; |
| 1141 | |
| 1142 | tmp = getname(filename); |
| 1143 | if (IS_ERR(tmp)) |
| 1144 | return PTR_ERR(tmp); |
| 1145 | |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1146 | fd = get_unused_fd_flags(how->flags); |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1147 | if (fd >= 0) { |
| 1148 | struct file *f = do_filp_open(dfd, tmp, &op); |
| 1149 | if (IS_ERR(f)) { |
| 1150 | put_unused_fd(fd); |
| 1151 | fd = PTR_ERR(f); |
| 1152 | } else { |
| 1153 | fsnotify_open(f); |
| 1154 | fd_install(fd, f); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1155 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1156 | } |
Al Viro | f9652e1 | 2013-06-11 08:23:01 +0400 | [diff] [blame] | 1157 | putname(tmp); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1158 | return fd; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1159 | } |
Miklos Szeredi | e922efc | 2005-09-06 15:18:25 -0700 | [diff] [blame] | 1160 | |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1161 | long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) |
| 1162 | { |
| 1163 | struct open_how how = build_open_how(flags, mode); |
| 1164 | return do_sys_openat2(dfd, filename, &how); |
| 1165 | } |
| 1166 | |
| 1167 | |
Al Viro | a218d0f | 2011-11-21 14:59:34 -0500 | [diff] [blame] | 1168 | SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, umode_t, mode) |
Miklos Szeredi | e922efc | 2005-09-06 15:18:25 -0700 | [diff] [blame] | 1169 | { |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1170 | return ksys_open(filename, flags, mode); |
Miklos Szeredi | e922efc | 2005-09-06 15:18:25 -0700 | [diff] [blame] | 1171 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1172 | |
Heiko Carstens | 6559eed8 | 2009-01-14 14:14:32 +0100 | [diff] [blame] | 1173 | SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags, |
Al Viro | a218d0f | 2011-11-21 14:59:34 -0500 | [diff] [blame] | 1174 | umode_t, mode) |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 1175 | { |
| 1176 | if (force_o_largefile()) |
| 1177 | flags |= O_LARGEFILE; |
Al Viro | 2cf0966 | 2013-01-21 15:25:54 -0500 | [diff] [blame] | 1178 | return do_sys_open(dfd, filename, flags, mode); |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 1179 | } |
Ulrich Drepper | 5590ff0 | 2006-01-18 17:43:53 -0800 | [diff] [blame] | 1180 | |
Aleksa Sarai | fddb5d4 | 2020-01-18 23:07:59 +1100 | [diff] [blame] | 1181 | SYSCALL_DEFINE4(openat2, int, dfd, const char __user *, filename, |
| 1182 | struct open_how __user *, how, size_t, usize) |
| 1183 | { |
| 1184 | int err; |
| 1185 | struct open_how tmp; |
| 1186 | |
| 1187 | BUILD_BUG_ON(sizeof(struct open_how) < OPEN_HOW_SIZE_VER0); |
| 1188 | BUILD_BUG_ON(sizeof(struct open_how) != OPEN_HOW_SIZE_LATEST); |
| 1189 | |
| 1190 | if (unlikely(usize < OPEN_HOW_SIZE_VER0)) |
| 1191 | return -EINVAL; |
| 1192 | |
| 1193 | err = copy_struct_from_user(&tmp, sizeof(tmp), how, usize); |
| 1194 | if (err) |
| 1195 | return err; |
| 1196 | |
| 1197 | /* O_LARGEFILE is only allowed for non-O_PATH. */ |
| 1198 | if (!(tmp.flags & O_PATH) && force_o_largefile()) |
| 1199 | tmp.flags |= O_LARGEFILE; |
| 1200 | |
| 1201 | return do_sys_openat2(dfd, filename, &tmp); |
| 1202 | } |
| 1203 | |
Al Viro | e35d49f | 2017-04-08 18:15:12 -0400 | [diff] [blame] | 1204 | #ifdef CONFIG_COMPAT |
| 1205 | /* |
| 1206 | * Exactly like sys_open(), except that it doesn't set the |
| 1207 | * O_LARGEFILE flag. |
| 1208 | */ |
| 1209 | COMPAT_SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, umode_t, mode) |
| 1210 | { |
| 1211 | return do_sys_open(AT_FDCWD, filename, flags, mode); |
| 1212 | } |
| 1213 | |
| 1214 | /* |
| 1215 | * Exactly like sys_openat(), except that it doesn't set the |
| 1216 | * O_LARGEFILE flag. |
| 1217 | */ |
| 1218 | COMPAT_SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags, umode_t, mode) |
| 1219 | { |
| 1220 | return do_sys_open(dfd, filename, flags, mode); |
| 1221 | } |
| 1222 | #endif |
| 1223 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1224 | #ifndef __alpha__ |
| 1225 | |
| 1226 | /* |
| 1227 | * For backward compatibility? Maybe this should be moved |
| 1228 | * into arch/i386 instead? |
| 1229 | */ |
Al Viro | a218d0f | 2011-11-21 14:59:34 -0500 | [diff] [blame] | 1230 | SYSCALL_DEFINE2(creat, const char __user *, pathname, umode_t, mode) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1231 | { |
Dominik Brodowski | bae217e | 2018-03-11 11:34:56 +0100 | [diff] [blame] | 1232 | return ksys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1233 | } |
| 1234 | |
| 1235 | #endif |
| 1236 | |
| 1237 | /* |
| 1238 | * "id" is the POSIX thread ID. We use the |
| 1239 | * files pointer for this.. |
| 1240 | */ |
| 1241 | int filp_close(struct file *filp, fl_owner_t id) |
| 1242 | { |
Christoph Lameter | 45778ca | 2005-06-23 00:10:17 -0700 | [diff] [blame] | 1243 | int retval = 0; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1244 | |
| 1245 | if (!file_count(filp)) { |
| 1246 | printk(KERN_ERR "VFS: Close: file count is 0\n"); |
Christoph Lameter | 45778ca | 2005-06-23 00:10:17 -0700 | [diff] [blame] | 1247 | return 0; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1248 | } |
| 1249 | |
Al Viro | 72c2d53 | 2013-09-22 16:27:52 -0400 | [diff] [blame] | 1250 | if (filp->f_op->flush) |
Miklos Szeredi | 75e1fcc | 2006-06-23 02:05:12 -0700 | [diff] [blame] | 1251 | retval = filp->f_op->flush(filp, id); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1252 | |
Al Viro | 1abf0c7 | 2011-03-13 03:51:11 -0400 | [diff] [blame] | 1253 | if (likely(!(filp->f_mode & FMODE_PATH))) { |
| 1254 | dnotify_flush(filp, id); |
| 1255 | locks_remove_posix(filp, id); |
| 1256 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1257 | fput(filp); |
| 1258 | return retval; |
| 1259 | } |
| 1260 | |
| 1261 | EXPORT_SYMBOL(filp_close); |
| 1262 | |
| 1263 | /* |
| 1264 | * Careful here! We test whether the file pointer is NULL before |
| 1265 | * releasing the fd. This ensures that one clone task can't release |
| 1266 | * an fd while another clone is opening it. |
| 1267 | */ |
Heiko Carstens | ca013e9 | 2009-01-14 14:14:19 +0100 | [diff] [blame] | 1268 | SYSCALL_DEFINE1(close, unsigned int, fd) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1269 | { |
Al Viro | 483ce1d | 2012-08-19 12:04:24 -0400 | [diff] [blame] | 1270 | int retval = __close_fd(current->files, fd); |
Ernie Petrides | ee731f4 | 2006-09-29 02:00:13 -0700 | [diff] [blame] | 1271 | |
| 1272 | /* can't restart close syscall because file table entry was cleared */ |
| 1273 | if (unlikely(retval == -ERESTARTSYS || |
| 1274 | retval == -ERESTARTNOINTR || |
| 1275 | retval == -ERESTARTNOHAND || |
| 1276 | retval == -ERESTART_RESTARTBLOCK)) |
| 1277 | retval = -EINTR; |
| 1278 | |
| 1279 | return retval; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1280 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1281 | |
| 1282 | /* |
| 1283 | * This routine simulates a hangup on the tty, to arrange that users |
| 1284 | * are given clean terminals at login time. |
| 1285 | */ |
Heiko Carstens | ca013e9 | 2009-01-14 14:14:19 +0100 | [diff] [blame] | 1286 | SYSCALL_DEFINE0(vhangup) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1287 | { |
| 1288 | if (capable(CAP_SYS_TTY_CONFIG)) { |
Alan Cox | 2cb5998 | 2008-10-13 10:40:30 +0100 | [diff] [blame] | 1289 | tty_vhangup_self(); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1290 | return 0; |
| 1291 | } |
| 1292 | return -EPERM; |
| 1293 | } |
| 1294 | |
| 1295 | /* |
| 1296 | * Called when an inode is about to be open. |
| 1297 | * We use this to disallow opening large files on 32bit systems if |
| 1298 | * the caller didn't specify O_LARGEFILE. On 64bit systems we force |
| 1299 | * on this flag in sys_open. |
| 1300 | */ |
| 1301 | int generic_file_open(struct inode * inode, struct file * filp) |
| 1302 | { |
| 1303 | if (!(filp->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS) |
Alan Cox | a9c62a1 | 2007-10-16 23:30:22 -0700 | [diff] [blame] | 1304 | return -EOVERFLOW; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1305 | return 0; |
| 1306 | } |
| 1307 | |
| 1308 | EXPORT_SYMBOL(generic_file_open); |
| 1309 | |
| 1310 | /* |
| 1311 | * This is used by subsystems that don't want seekable |
Dmitry Torokhov | 06b1e10 | 2010-08-10 18:01:33 -0700 | [diff] [blame] | 1312 | * file descriptors. The function is not supposed to ever fail, the only |
| 1313 | * reason it returns an 'int' and not 'void' is so that it can be plugged |
| 1314 | * directly into file_operations structure. |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1315 | */ |
| 1316 | int nonseekable_open(struct inode *inode, struct file *filp) |
| 1317 | { |
| 1318 | filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE); |
| 1319 | return 0; |
| 1320 | } |
| 1321 | |
| 1322 | EXPORT_SYMBOL(nonseekable_open); |
Kirill Smelkov | 10dce8a | 2019-03-26 22:20:43 +0000 | [diff] [blame] | 1323 | |
| 1324 | /* |
| 1325 | * stream_open is used by subsystems that want stream-like file descriptors. |
| 1326 | * Such file descriptors are not seekable and don't have notion of position |
Kirill Smelkov | 438ab72 | 2019-04-12 12:31:57 +0300 | [diff] [blame] | 1327 | * (file.f_pos is always 0 and ppos passed to .read()/.write() is always NULL). |
| 1328 | * Contrary to file descriptors of other regular files, .read() and .write() |
| 1329 | * can run simultaneously. |
Kirill Smelkov | 10dce8a | 2019-03-26 22:20:43 +0000 | [diff] [blame] | 1330 | * |
| 1331 | * stream_open never fails and is marked to return int so that it could be |
| 1332 | * directly used as file_operations.open . |
| 1333 | */ |
| 1334 | int stream_open(struct inode *inode, struct file *filp) |
| 1335 | { |
Linus Torvalds | 2be7d34 | 2019-11-26 11:34:06 -0800 | [diff] [blame] | 1336 | filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE | FMODE_ATOMIC_POS); |
Kirill Smelkov | 10dce8a | 2019-03-26 22:20:43 +0000 | [diff] [blame] | 1337 | filp->f_mode |= FMODE_STREAM; |
| 1338 | return 0; |
| 1339 | } |
| 1340 | |
| 1341 | EXPORT_SYMBOL(stream_open); |