1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* AFS dynamic root handling |
3 | * |
4 | * Copyright (C) 2018 Red Hat, Inc. All Rights Reserved. |
5 | * Written by David Howells (dhowells@redhat.com) |
6 | */ |
7 | |
8 | #include <linux/fs.h> |
9 | #include <linux/namei.h> |
10 | #include <linux/dns_resolver.h> |
11 | #include "internal.h" |
12 | |
13 | static atomic_t afs_autocell_ino; |
14 | |
15 | /* |
16 | * iget5() comparator for inode created by autocell operations |
17 | * |
18 | * These pseudo inodes don't match anything. |
19 | */ |
20 | static int afs_iget5_pseudo_test(struct inode *inode, void *opaque) |
21 | { |
22 | return 0; |
23 | } |
24 | |
25 | /* |
26 | * iget5() inode initialiser |
27 | */ |
28 | static int afs_iget5_pseudo_set(struct inode *inode, void *opaque) |
29 | { |
30 | struct afs_super_info *as = AFS_FS_S(sb: inode->i_sb); |
31 | struct afs_vnode *vnode = AFS_FS_I(inode); |
32 | struct afs_fid *fid = opaque; |
33 | |
34 | vnode->volume = as->volume; |
35 | vnode->fid = *fid; |
36 | inode->i_ino = fid->vnode; |
37 | inode->i_generation = fid->unique; |
38 | return 0; |
39 | } |
40 | |
41 | /* |
42 | * Create an inode for a dynamic root directory or an autocell dynamic |
43 | * automount dir. |
44 | */ |
45 | struct inode *afs_iget_pseudo_dir(struct super_block *sb, bool root) |
46 | { |
47 | struct afs_super_info *as = AFS_FS_S(sb); |
48 | struct afs_vnode *vnode; |
49 | struct inode *inode; |
50 | struct afs_fid fid = {}; |
51 | |
52 | _enter("" ); |
53 | |
54 | if (as->volume) |
55 | fid.vid = as->volume->vid; |
56 | if (root) { |
57 | fid.vnode = 1; |
58 | fid.unique = 1; |
59 | } else { |
60 | fid.vnode = atomic_inc_return(v: &afs_autocell_ino); |
61 | fid.unique = 0; |
62 | } |
63 | |
64 | inode = iget5_locked(sb, fid.vnode, |
65 | test: afs_iget5_pseudo_test, set: afs_iget5_pseudo_set, &fid); |
66 | if (!inode) { |
67 | _leave(" = -ENOMEM" ); |
68 | return ERR_PTR(error: -ENOMEM); |
69 | } |
70 | |
71 | _debug("GOT INODE %p { ino=%lu, vl=%llx, vn=%llx, u=%x }" , |
72 | inode, inode->i_ino, fid.vid, fid.vnode, fid.unique); |
73 | |
74 | vnode = AFS_FS_I(inode); |
75 | |
76 | /* there shouldn't be an existing inode */ |
77 | BUG_ON(!(inode->i_state & I_NEW)); |
78 | |
79 | netfs_inode_init(ctx: &vnode->netfs, NULL, use_zero_point: false); |
80 | inode->i_size = 0; |
81 | inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO; |
82 | if (root) { |
83 | inode->i_op = &afs_dynroot_inode_operations; |
84 | inode->i_fop = &simple_dir_operations; |
85 | } else { |
86 | inode->i_op = &afs_autocell_inode_operations; |
87 | } |
88 | set_nlink(inode, nlink: 2); |
89 | inode->i_uid = GLOBAL_ROOT_UID; |
90 | inode->i_gid = GLOBAL_ROOT_GID; |
91 | simple_inode_init_ts(inode); |
92 | inode->i_blocks = 0; |
93 | inode->i_generation = 0; |
94 | |
95 | set_bit(AFS_VNODE_PSEUDODIR, &vnode->flags); |
96 | if (!root) { |
97 | set_bit(AFS_VNODE_MOUNTPOINT, &vnode->flags); |
98 | inode->i_flags |= S_AUTOMOUNT; |
99 | } |
100 | |
101 | inode->i_flags |= S_NOATIME; |
102 | unlock_new_inode(inode); |
103 | _leave(" = %p" , inode); |
104 | return inode; |
105 | } |
106 | |
107 | /* |
108 | * Probe to see if a cell may exist. This prevents positive dentries from |
109 | * being created unnecessarily. |
110 | */ |
111 | static int afs_probe_cell_name(struct dentry *dentry) |
112 | { |
113 | struct afs_cell *cell; |
114 | struct afs_net *net = afs_d2net(dentry); |
115 | const char *name = dentry->d_name.name; |
116 | size_t len = dentry->d_name.len; |
117 | char *result = NULL; |
118 | int ret; |
119 | |
120 | /* Names prefixed with a dot are R/W mounts. */ |
121 | if (name[0] == '.') { |
122 | if (len == 1) |
123 | return -EINVAL; |
124 | name++; |
125 | len--; |
126 | } |
127 | |
128 | cell = afs_find_cell(net, name, len, afs_cell_trace_use_probe); |
129 | if (!IS_ERR(ptr: cell)) { |
130 | afs_unuse_cell(net, cell, afs_cell_trace_unuse_probe); |
131 | return 0; |
132 | } |
133 | |
134 | ret = dns_query(net: net->net, type: "afsdb" , name, namelen: len, options: "srv=1" , |
135 | result: &result, NULL, invalidate: false); |
136 | if (ret == -ENODATA || ret == -ENOKEY || ret == 0) |
137 | ret = -ENOENT; |
138 | if (ret > 0 && ret >= sizeof(struct dns_server_list_v1_header)) { |
139 | struct dns_server_list_v1_header *v1 = (void *)result; |
140 | |
141 | if (v1->hdr.zero == 0 && |
142 | v1->hdr.content == DNS_PAYLOAD_IS_SERVER_LIST && |
143 | v1->hdr.version == 1 && |
144 | (v1->status != DNS_LOOKUP_GOOD && |
145 | v1->status != DNS_LOOKUP_GOOD_WITH_BAD)) |
146 | return -ENOENT; |
147 | |
148 | } |
149 | |
150 | kfree(objp: result); |
151 | return ret; |
152 | } |
153 | |
154 | /* |
155 | * Try to auto mount the mountpoint with pseudo directory, if the autocell |
156 | * operation is setted. |
157 | */ |
158 | struct inode *afs_try_auto_mntpt(struct dentry *dentry, struct inode *dir) |
159 | { |
160 | struct afs_vnode *vnode = AFS_FS_I(inode: dir); |
161 | struct inode *inode; |
162 | int ret = -ENOENT; |
163 | |
164 | _enter("%p{%pd}, {%llx:%llu}" , |
165 | dentry, dentry, vnode->fid.vid, vnode->fid.vnode); |
166 | |
167 | if (!test_bit(AFS_VNODE_AUTOCELL, &vnode->flags)) |
168 | goto out; |
169 | |
170 | ret = afs_probe_cell_name(dentry); |
171 | if (ret < 0) |
172 | goto out; |
173 | |
174 | inode = afs_iget_pseudo_dir(sb: dir->i_sb, root: false); |
175 | if (IS_ERR(ptr: inode)) { |
176 | ret = PTR_ERR(ptr: inode); |
177 | goto out; |
178 | } |
179 | |
180 | _leave("= %p" , inode); |
181 | return inode; |
182 | |
183 | out: |
184 | _leave("= %d" , ret); |
185 | return ret == -ENOENT ? NULL : ERR_PTR(error: ret); |
186 | } |
187 | |
188 | /* |
189 | * Look up @cell in a dynroot directory. This is a substitution for the |
190 | * local cell name for the net namespace. |
191 | */ |
192 | static struct dentry *afs_lookup_atcell(struct dentry *dentry) |
193 | { |
194 | struct afs_cell *cell; |
195 | struct afs_net *net = afs_d2net(dentry); |
196 | struct dentry *ret; |
197 | char *name; |
198 | int len; |
199 | |
200 | if (!net->ws_cell) |
201 | return ERR_PTR(error: -ENOENT); |
202 | |
203 | ret = ERR_PTR(error: -ENOMEM); |
204 | name = kmalloc(AFS_MAXCELLNAME + 1, GFP_KERNEL); |
205 | if (!name) |
206 | goto out_p; |
207 | |
208 | down_read(sem: &net->cells_lock); |
209 | cell = net->ws_cell; |
210 | if (cell) { |
211 | len = cell->name_len; |
212 | memcpy(name, cell->name, len + 1); |
213 | } |
214 | up_read(sem: &net->cells_lock); |
215 | |
216 | ret = ERR_PTR(error: -ENOENT); |
217 | if (!cell) |
218 | goto out_n; |
219 | |
220 | ret = lookup_one_len(name, dentry->d_parent, len); |
221 | |
222 | /* We don't want to d_add() the @cell dentry here as we don't want to |
223 | * the cached dentry to hide changes to the local cell name. |
224 | */ |
225 | |
226 | out_n: |
227 | kfree(objp: name); |
228 | out_p: |
229 | return ret; |
230 | } |
231 | |
232 | /* |
233 | * Look up an entry in a dynroot directory. |
234 | */ |
235 | static struct dentry *afs_dynroot_lookup(struct inode *dir, struct dentry *dentry, |
236 | unsigned int flags) |
237 | { |
238 | _enter("%pd" , dentry); |
239 | |
240 | ASSERTCMP(d_inode(dentry), ==, NULL); |
241 | |
242 | if (flags & LOOKUP_CREATE) |
243 | return ERR_PTR(error: -EOPNOTSUPP); |
244 | |
245 | if (dentry->d_name.len >= AFSNAMEMAX) { |
246 | _leave(" = -ENAMETOOLONG" ); |
247 | return ERR_PTR(error: -ENAMETOOLONG); |
248 | } |
249 | |
250 | if (dentry->d_name.len == 5 && |
251 | memcmp(p: dentry->d_name.name, q: "@cell" , size: 5) == 0) |
252 | return afs_lookup_atcell(dentry); |
253 | |
254 | return d_splice_alias(afs_try_auto_mntpt(dentry, dir), dentry); |
255 | } |
256 | |
257 | const struct inode_operations afs_dynroot_inode_operations = { |
258 | .lookup = afs_dynroot_lookup, |
259 | }; |
260 | |
261 | const struct dentry_operations afs_dynroot_dentry_operations = { |
262 | .d_delete = always_delete_dentry, |
263 | .d_release = afs_d_release, |
264 | .d_automount = afs_d_automount, |
265 | }; |
266 | |
267 | /* |
268 | * Create a manually added cell mount directory. |
269 | * - The caller must hold net->proc_cells_lock |
270 | */ |
271 | int afs_dynroot_mkdir(struct afs_net *net, struct afs_cell *cell) |
272 | { |
273 | struct super_block *sb = net->dynroot_sb; |
274 | struct dentry *root, *subdir; |
275 | int ret; |
276 | |
277 | if (!sb || atomic_read(v: &sb->s_active) == 0) |
278 | return 0; |
279 | |
280 | /* Let the ->lookup op do the creation */ |
281 | root = sb->s_root; |
282 | inode_lock(inode: root->d_inode); |
283 | subdir = lookup_one_len(cell->name, root, cell->name_len); |
284 | if (IS_ERR(ptr: subdir)) { |
285 | ret = PTR_ERR(ptr: subdir); |
286 | goto unlock; |
287 | } |
288 | |
289 | /* Note that we're retaining an extra ref on the dentry */ |
290 | subdir->d_fsdata = (void *)1UL; |
291 | ret = 0; |
292 | unlock: |
293 | inode_unlock(inode: root->d_inode); |
294 | return ret; |
295 | } |
296 | |
297 | /* |
298 | * Remove a manually added cell mount directory. |
299 | * - The caller must hold net->proc_cells_lock |
300 | */ |
301 | void afs_dynroot_rmdir(struct afs_net *net, struct afs_cell *cell) |
302 | { |
303 | struct super_block *sb = net->dynroot_sb; |
304 | struct dentry *root, *subdir; |
305 | |
306 | if (!sb || atomic_read(v: &sb->s_active) == 0) |
307 | return; |
308 | |
309 | root = sb->s_root; |
310 | inode_lock(inode: root->d_inode); |
311 | |
312 | /* Don't want to trigger a lookup call, which will re-add the cell */ |
313 | subdir = try_lookup_one_len(cell->name, root, cell->name_len); |
314 | if (IS_ERR_OR_NULL(ptr: subdir)) { |
315 | _debug("lookup %ld" , PTR_ERR(subdir)); |
316 | goto no_dentry; |
317 | } |
318 | |
319 | _debug("rmdir %pd %u" , subdir, d_count(subdir)); |
320 | |
321 | if (subdir->d_fsdata) { |
322 | _debug("unpin %u" , d_count(subdir)); |
323 | subdir->d_fsdata = NULL; |
324 | dput(subdir); |
325 | } |
326 | dput(subdir); |
327 | no_dentry: |
328 | inode_unlock(inode: root->d_inode); |
329 | _leave("" ); |
330 | } |
331 | |
332 | /* |
333 | * Populate a newly created dynamic root with cell names. |
334 | */ |
335 | int afs_dynroot_populate(struct super_block *sb) |
336 | { |
337 | struct afs_cell *cell; |
338 | struct afs_net *net = afs_sb2net(sb); |
339 | int ret; |
340 | |
341 | mutex_lock(&net->proc_cells_lock); |
342 | |
343 | net->dynroot_sb = sb; |
344 | hlist_for_each_entry(cell, &net->proc_cells, proc_link) { |
345 | ret = afs_dynroot_mkdir(net, cell); |
346 | if (ret < 0) |
347 | goto error; |
348 | } |
349 | |
350 | ret = 0; |
351 | out: |
352 | mutex_unlock(lock: &net->proc_cells_lock); |
353 | return ret; |
354 | |
355 | error: |
356 | net->dynroot_sb = NULL; |
357 | goto out; |
358 | } |
359 | |
360 | /* |
361 | * When a dynamic root that's in the process of being destroyed, depopulate it |
362 | * of pinned directories. |
363 | */ |
364 | void afs_dynroot_depopulate(struct super_block *sb) |
365 | { |
366 | struct afs_net *net = afs_sb2net(sb); |
367 | struct dentry *root = sb->s_root, *subdir; |
368 | |
369 | /* Prevent more subdirs from being created */ |
370 | mutex_lock(&net->proc_cells_lock); |
371 | if (net->dynroot_sb == sb) |
372 | net->dynroot_sb = NULL; |
373 | mutex_unlock(lock: &net->proc_cells_lock); |
374 | |
375 | if (root) { |
376 | struct hlist_node *n; |
377 | inode_lock(inode: root->d_inode); |
378 | |
379 | /* Remove all the pins for dirs created for manually added cells */ |
380 | hlist_for_each_entry_safe(subdir, n, &root->d_children, d_sib) { |
381 | if (subdir->d_fsdata) { |
382 | subdir->d_fsdata = NULL; |
383 | dput(subdir); |
384 | } |
385 | } |
386 | |
387 | inode_unlock(inode: root->d_inode); |
388 | } |
389 | } |
390 | |