1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* Provide a way to create a superblock configuration context within the kernel
3 * that allows a superblock to be set up prior to mounting.
5 * Copyright (C) 2017 Red Hat, Inc. All Rights Reserved.
6 * Written by David Howells (dhowells@redhat.com)
9 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10 #include <linux/module.h>
11 #include <linux/fs_context.h>
12 #include <linux/fs_parser.h>
14 #include <linux/mount.h>
15 #include <linux/nsproxy.h>
16 #include <linux/slab.h>
17 #include <linux/magic.h>
18 #include <linux/security.h>
19 #include <linux/mnt_namespace.h>
20 #include <linux/pid_namespace.h>
21 #include <linux/user_namespace.h>
22 #include <net/net_namespace.h>
23 #include <asm/sections.h>
27 enum legacy_fs_param {
28 LEGACY_FS_UNSET_PARAMS,
29 LEGACY_FS_MONOLITHIC_PARAMS,
30 LEGACY_FS_INDIVIDUAL_PARAMS,
33 struct legacy_fs_context {
34 char *legacy_data; /* Data page for legacy filesystems */
36 enum legacy_fs_param param_type;
39 static int legacy_init_fs_context(struct fs_context *fc);
41 static const struct constant_table common_set_sb_flag[] = {
42 { "dirsync", SB_DIRSYNC },
43 { "lazytime", SB_LAZYTIME },
44 { "mand", SB_MANDLOCK },
46 { "sync", SB_SYNCHRONOUS },
50 static const struct constant_table common_clear_sb_flag[] = {
51 { "async", SB_SYNCHRONOUS },
52 { "nolazytime", SB_LAZYTIME },
53 { "nomand", SB_MANDLOCK },
59 * Check for a common mount option that manipulates s_flags.
61 static int vfs_parse_sb_flag(struct fs_context *fc, const char *key)
65 token = lookup_constant(common_set_sb_flag, key, 0);
67 fc->sb_flags |= token;
68 fc->sb_flags_mask |= token;
72 token = lookup_constant(common_clear_sb_flag, key, 0);
74 fc->sb_flags &= ~token;
75 fc->sb_flags_mask |= token;
83 * vfs_parse_fs_param - Add a single parameter to a superblock config
84 * @fc: The filesystem context to modify
85 * @param: The parameter
87 * A single mount option in string form is applied to the filesystem context
88 * being set up. Certain standard options (for example "ro") are translated
89 * into flag bits without going to the filesystem. The active security module
90 * is allowed to observe and poach options. Any other options are passed over
91 * to the filesystem to parse.
93 * This may be called multiple times for a context.
95 * Returns 0 on success and a negative error code on failure. In the event of
96 * failure, supplementary error information may have been set.
98 int vfs_parse_fs_param(struct fs_context *fc, struct fs_parameter *param)
103 return invalf(fc, "Unnamed parameter\n");
105 ret = vfs_parse_sb_flag(fc, param->key);
106 if (ret != -ENOPARAM)
109 ret = security_fs_context_parse_param(fc, param);
110 if (ret != -ENOPARAM)
111 /* Param belongs to the LSM or is disallowed by the LSM; so
112 * don't pass to the FS.
116 if (fc->ops->parse_param) {
117 ret = fc->ops->parse_param(fc, param);
118 if (ret != -ENOPARAM)
122 /* If the filesystem doesn't take any arguments, give it the
123 * default handling of source.
125 if (strcmp(param->key, "source") == 0) {
126 if (param->type != fs_value_is_string)
127 return invalf(fc, "VFS: Non-string source");
129 return invalf(fc, "VFS: Multiple sources");
130 fc->source = param->string;
131 param->string = NULL;
135 return invalf(fc, "%s: Unknown parameter '%s'",
136 fc->fs_type->name, param->key);
138 EXPORT_SYMBOL(vfs_parse_fs_param);
141 * vfs_parse_fs_string - Convenience function to just parse a string.
143 int vfs_parse_fs_string(struct fs_context *fc, const char *key,
144 const char *value, size_t v_size)
148 struct fs_parameter param = {
150 .type = fs_value_is_flag,
155 param.string = kmemdup_nul(value, v_size, GFP_KERNEL);
158 param.type = fs_value_is_string;
161 ret = vfs_parse_fs_param(fc, ¶m);
165 EXPORT_SYMBOL(vfs_parse_fs_string);
168 * generic_parse_monolithic - Parse key[=val][,key[=val]]* mount data
169 * @ctx: The superblock configuration to fill in.
170 * @data: The data to parse
172 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
173 * called from the ->monolithic_mount_data() fs_context operation.
175 * Returns 0 on success or the error returned by the ->parse_option() fs_context
176 * operation on failure.
178 int generic_parse_monolithic(struct fs_context *fc, void *data)
180 char *options = data, *key;
186 ret = security_sb_eat_lsm_opts(options, &fc->security);
190 while ((key = strsep(&options, ",")) != NULL) {
193 char *value = strchr(key, '=');
199 v_len = strlen(value);
201 ret = vfs_parse_fs_string(fc, key, value, v_len);
209 EXPORT_SYMBOL(generic_parse_monolithic);
212 * alloc_fs_context - Create a filesystem context.
213 * @fs_type: The filesystem type.
214 * @reference: The dentry from which this one derives (or NULL)
215 * @sb_flags: Filesystem/superblock flags (SB_*)
216 * @sb_flags_mask: Applicable members of @sb_flags
217 * @purpose: The purpose that this configuration shall be used for.
219 * Open a filesystem and create a mount context. The mount context is
220 * initialised with the supplied flags and, if a submount/automount from
221 * another superblock (referred to by @reference) is supplied, may have
222 * parameters such as namespaces copied across from that superblock.
224 static struct fs_context *alloc_fs_context(struct file_system_type *fs_type,
225 struct dentry *reference,
226 unsigned int sb_flags,
227 unsigned int sb_flags_mask,
228 enum fs_context_purpose purpose)
230 int (*init_fs_context)(struct fs_context *);
231 struct fs_context *fc;
234 fc = kzalloc(sizeof(struct fs_context), GFP_KERNEL);
236 return ERR_PTR(-ENOMEM);
238 fc->purpose = purpose;
239 fc->sb_flags = sb_flags;
240 fc->sb_flags_mask = sb_flags_mask;
241 fc->fs_type = get_filesystem(fs_type);
242 fc->cred = get_current_cred();
243 fc->net_ns = get_net(current->nsproxy->net_ns);
244 fc->log.prefix = fs_type->name;
246 mutex_init(&fc->uapi_mutex);
249 case FS_CONTEXT_FOR_MOUNT:
250 fc->user_ns = get_user_ns(fc->cred->user_ns);
252 case FS_CONTEXT_FOR_SUBMOUNT:
253 fc->user_ns = get_user_ns(reference->d_sb->s_user_ns);
255 case FS_CONTEXT_FOR_RECONFIGURE:
256 atomic_inc(&reference->d_sb->s_active);
257 fc->user_ns = get_user_ns(reference->d_sb->s_user_ns);
258 fc->root = dget(reference);
262 /* TODO: Make all filesystems support this unconditionally */
263 init_fs_context = fc->fs_type->init_fs_context;
264 if (!init_fs_context)
265 init_fs_context = legacy_init_fs_context;
267 ret = init_fs_context(fc);
270 fc->need_free = true;
278 struct fs_context *fs_context_for_mount(struct file_system_type *fs_type,
279 unsigned int sb_flags)
281 return alloc_fs_context(fs_type, NULL, sb_flags, 0,
282 FS_CONTEXT_FOR_MOUNT);
284 EXPORT_SYMBOL(fs_context_for_mount);
286 struct fs_context *fs_context_for_reconfigure(struct dentry *dentry,
287 unsigned int sb_flags,
288 unsigned int sb_flags_mask)
290 return alloc_fs_context(dentry->d_sb->s_type, dentry, sb_flags,
291 sb_flags_mask, FS_CONTEXT_FOR_RECONFIGURE);
293 EXPORT_SYMBOL(fs_context_for_reconfigure);
295 struct fs_context *fs_context_for_submount(struct file_system_type *type,
296 struct dentry *reference)
298 return alloc_fs_context(type, reference, 0, 0, FS_CONTEXT_FOR_SUBMOUNT);
300 EXPORT_SYMBOL(fs_context_for_submount);
302 void fc_drop_locked(struct fs_context *fc)
304 struct super_block *sb = fc->root->d_sb;
307 deactivate_locked_super(sb);
310 static void legacy_fs_context_free(struct fs_context *fc);
313 * vfs_dup_fc_config: Duplicate a filesystem context.
314 * @src_fc: The context to copy.
316 struct fs_context *vfs_dup_fs_context(struct fs_context *src_fc)
318 struct fs_context *fc;
321 if (!src_fc->ops->dup)
322 return ERR_PTR(-EOPNOTSUPP);
324 fc = kmemdup(src_fc, sizeof(struct fs_context), GFP_KERNEL);
326 return ERR_PTR(-ENOMEM);
328 mutex_init(&fc->uapi_mutex);
330 fc->fs_private = NULL;
331 fc->s_fs_info = NULL;
334 get_filesystem(fc->fs_type);
336 get_user_ns(fc->user_ns);
339 refcount_inc(&fc->log.log->usage);
341 /* Can't call put until we've called ->dup */
342 ret = fc->ops->dup(fc, src_fc);
346 ret = security_fs_context_dup(fc, src_fc);
355 EXPORT_SYMBOL(vfs_dup_fs_context);
358 * logfc - Log a message to a filesystem context
359 * @fc: The filesystem context to log to.
360 * @fmt: The format of the buffer.
362 void logfc(struct fc_log *log, const char *prefix, char level, const char *fmt, ...)
365 struct va_format vaf = {.fmt = fmt, .va = &va};
371 printk(KERN_WARNING "%s%s%pV\n", prefix ? prefix : "",
372 prefix ? ": " : "", &vaf);
375 printk(KERN_ERR "%s%s%pV\n", prefix ? prefix : "",
376 prefix ? ": " : "", &vaf);
379 printk(KERN_NOTICE "%s%s%pV\n", prefix ? prefix : "",
380 prefix ? ": " : "", &vaf);
384 unsigned int logsize = ARRAY_SIZE(log->buffer);
386 char *q = kasprintf(GFP_KERNEL, "%c %s%s%pV\n", level,
387 prefix ? prefix : "",
388 prefix ? ": " : "", &vaf);
390 index = log->head & (logsize - 1);
391 BUILD_BUG_ON(sizeof(log->head) != sizeof(u8) ||
392 sizeof(log->tail) != sizeof(u8));
393 if ((u8)(log->head - log->tail) == logsize) {
394 /* The buffer is full, discard the oldest message */
395 if (log->need_free & (1 << index))
396 kfree(log->buffer[index]);
400 log->buffer[index] = q ? q : "OOM: Can't store error string";
402 log->need_free |= 1 << index;
404 log->need_free &= ~(1 << index);
409 EXPORT_SYMBOL(logfc);
412 * Free a logging structure.
414 static void put_fc_log(struct fs_context *fc)
416 struct fc_log *log = fc->log.log;
420 if (refcount_dec_and_test(&log->usage)) {
422 for (i = 0; i <= 7; i++)
423 if (log->need_free & (1 << i))
424 kfree(log->buffer[i]);
431 * put_fs_context - Dispose of a superblock configuration context.
432 * @fc: The context to dispose of.
434 void put_fs_context(struct fs_context *fc)
436 struct super_block *sb;
442 deactivate_super(sb);
445 if (fc->need_free && fc->ops && fc->ops->free)
448 security_free_mnt_opts(&fc->security);
450 put_user_ns(fc->user_ns);
453 put_filesystem(fc->fs_type);
457 EXPORT_SYMBOL(put_fs_context);
460 * Free the config for a filesystem that doesn't support fs_context.
462 static void legacy_fs_context_free(struct fs_context *fc)
464 struct legacy_fs_context *ctx = fc->fs_private;
467 if (ctx->param_type == LEGACY_FS_INDIVIDUAL_PARAMS)
468 kfree(ctx->legacy_data);
474 * Duplicate a legacy config.
476 static int legacy_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
478 struct legacy_fs_context *ctx;
479 struct legacy_fs_context *src_ctx = src_fc->fs_private;
481 ctx = kmemdup(src_ctx, sizeof(*src_ctx), GFP_KERNEL);
485 if (ctx->param_type == LEGACY_FS_INDIVIDUAL_PARAMS) {
486 ctx->legacy_data = kmemdup(src_ctx->legacy_data,
487 src_ctx->data_size, GFP_KERNEL);
488 if (!ctx->legacy_data) {
494 fc->fs_private = ctx;
499 * Add a parameter to a legacy config. We build up a comma-separated list of
502 static int legacy_parse_param(struct fs_context *fc, struct fs_parameter *param)
504 struct legacy_fs_context *ctx = fc->fs_private;
505 unsigned int size = ctx->data_size;
508 if (strcmp(param->key, "source") == 0) {
509 if (param->type != fs_value_is_string)
510 return invalf(fc, "VFS: Legacy: Non-string source");
512 return invalf(fc, "VFS: Legacy: Multiple sources");
513 fc->source = param->string;
514 param->string = NULL;
518 if (ctx->param_type == LEGACY_FS_MONOLITHIC_PARAMS)
519 return invalf(fc, "VFS: Legacy: Can't mix monolithic and individual options");
521 switch (param->type) {
522 case fs_value_is_string:
523 len = 1 + param->size;
525 case fs_value_is_flag:
526 len += strlen(param->key);
529 return invalf(fc, "VFS: Legacy: Parameter type for '%s' not supported",
533 if (len > PAGE_SIZE - 2 - size)
534 return invalf(fc, "VFS: Legacy: Cumulative options too large");
535 if (strchr(param->key, ',') ||
536 (param->type == fs_value_is_string &&
537 memchr(param->string, ',', param->size)))
538 return invalf(fc, "VFS: Legacy: Option '%s' contained comma",
540 if (!ctx->legacy_data) {
541 ctx->legacy_data = kmalloc(PAGE_SIZE, GFP_KERNEL);
542 if (!ctx->legacy_data)
546 ctx->legacy_data[size++] = ',';
547 len = strlen(param->key);
548 memcpy(ctx->legacy_data + size, param->key, len);
550 if (param->type == fs_value_is_string) {
551 ctx->legacy_data[size++] = '=';
552 memcpy(ctx->legacy_data + size, param->string, param->size);
555 ctx->legacy_data[size] = '\0';
556 ctx->data_size = size;
557 ctx->param_type = LEGACY_FS_INDIVIDUAL_PARAMS;
562 * Add monolithic mount data.
564 static int legacy_parse_monolithic(struct fs_context *fc, void *data)
566 struct legacy_fs_context *ctx = fc->fs_private;
568 if (ctx->param_type != LEGACY_FS_UNSET_PARAMS) {
569 pr_warn("VFS: Can't mix monolithic and individual options\n");
573 ctx->legacy_data = data;
574 ctx->param_type = LEGACY_FS_MONOLITHIC_PARAMS;
575 if (!ctx->legacy_data)
578 if (fc->fs_type->fs_flags & FS_BINARY_MOUNTDATA)
580 return security_sb_eat_lsm_opts(ctx->legacy_data, &fc->security);
584 * Get a mountable root with the legacy mount command.
586 static int legacy_get_tree(struct fs_context *fc)
588 struct legacy_fs_context *ctx = fc->fs_private;
589 struct super_block *sb;
592 root = fc->fs_type->mount(fc->fs_type, fc->sb_flags,
593 fc->source, ctx->legacy_data);
595 return PTR_ERR(root);
607 static int legacy_reconfigure(struct fs_context *fc)
609 struct legacy_fs_context *ctx = fc->fs_private;
610 struct super_block *sb = fc->root->d_sb;
612 if (!sb->s_op->remount_fs)
615 return sb->s_op->remount_fs(sb, &fc->sb_flags,
616 ctx ? ctx->legacy_data : NULL);
619 const struct fs_context_operations legacy_fs_context_ops = {
620 .free = legacy_fs_context_free,
621 .dup = legacy_fs_context_dup,
622 .parse_param = legacy_parse_param,
623 .parse_monolithic = legacy_parse_monolithic,
624 .get_tree = legacy_get_tree,
625 .reconfigure = legacy_reconfigure,
629 * Initialise a legacy context for a filesystem that doesn't support
632 static int legacy_init_fs_context(struct fs_context *fc)
634 fc->fs_private = kzalloc(sizeof(struct legacy_fs_context), GFP_KERNEL);
637 fc->ops = &legacy_fs_context_ops;
641 int parse_monolithic_mount_data(struct fs_context *fc, void *data)
643 int (*monolithic_mount_data)(struct fs_context *, void *);
645 monolithic_mount_data = fc->ops->parse_monolithic;
646 if (!monolithic_mount_data)
647 monolithic_mount_data = generic_parse_monolithic;
649 return monolithic_mount_data(fc, data);
653 * Clean up a context after performing an action on it and put it into a state
654 * from where it can be used to reconfigure a superblock.
656 * Note that here we do only the parts that can't fail; the rest is in
657 * finish_clean_context() below and in between those fs_context is marked
658 * FS_CONTEXT_AWAITING_RECONF. The reason for splitup is that after
659 * successful mount or remount we need to report success to userland.
660 * Trying to do full reinit (for the sake of possible subsequent remount)
661 * and failing to allocate memory would've put us into a nasty situation.
662 * So here we only discard the old state and reinitialization is left
663 * until we actually try to reconfigure.
665 void vfs_clean_context(struct fs_context *fc)
667 if (fc->need_free && fc->ops && fc->ops->free)
669 fc->need_free = false;
670 fc->fs_private = NULL;
671 fc->s_fs_info = NULL;
673 security_free_mnt_opts(&fc->security);
677 fc->purpose = FS_CONTEXT_FOR_RECONFIGURE;
678 fc->phase = FS_CONTEXT_AWAITING_RECONF;
681 int finish_clean_context(struct fs_context *fc)
685 if (fc->phase != FS_CONTEXT_AWAITING_RECONF)
688 if (fc->fs_type->init_fs_context)
689 error = fc->fs_type->init_fs_context(fc);
691 error = legacy_init_fs_context(fc);
692 if (unlikely(error)) {
693 fc->phase = FS_CONTEXT_FAILED;
696 fc->need_free = true;
697 fc->phase = FS_CONTEXT_RECONF_PARAMS;
projects / linux-2.6-microblaze.git / blob