Commit | Line | Data |
---|---|---|
9bc61ab1 DH |
1 | /* Provide a way to create a superblock configuration context within the kernel |
2 | * that allows a superblock to be set up prior to mounting. | |
3 | * | |
4 | * Copyright (C) 2017 Red Hat, Inc. All Rights Reserved. | |
5 | * Written by David Howells (dhowells@redhat.com) | |
6 | * | |
7 | * This program is free software; you can redistribute it and/or | |
8 | * modify it under the terms of the GNU General Public Licence | |
9 | * as published by the Free Software Foundation; either version | |
10 | * 2 of the Licence, or (at your option) any later version. | |
11 | */ | |
12 | ||
13 | #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt | |
007ec26c | 14 | #include <linux/module.h> |
9bc61ab1 | 15 | #include <linux/fs_context.h> |
3e1aeb00 | 16 | #include <linux/fs_parser.h> |
9bc61ab1 DH |
17 | #include <linux/fs.h> |
18 | #include <linux/mount.h> | |
19 | #include <linux/nsproxy.h> | |
20 | #include <linux/slab.h> | |
21 | #include <linux/magic.h> | |
22 | #include <linux/security.h> | |
23 | #include <linux/mnt_namespace.h> | |
24 | #include <linux/pid_namespace.h> | |
25 | #include <linux/user_namespace.h> | |
26 | #include <net/net_namespace.h> | |
007ec26c | 27 | #include <asm/sections.h> |
9bc61ab1 DH |
28 | #include "mount.h" |
29 | #include "internal.h" | |
30 | ||
3e1aeb00 DH |
31 | enum legacy_fs_param { |
32 | LEGACY_FS_UNSET_PARAMS, | |
33 | LEGACY_FS_MONOLITHIC_PARAMS, | |
34 | LEGACY_FS_INDIVIDUAL_PARAMS, | |
35 | }; | |
36 | ||
9bc61ab1 DH |
37 | struct legacy_fs_context { |
38 | char *legacy_data; /* Data page for legacy filesystems */ | |
39 | size_t data_size; | |
3e1aeb00 | 40 | enum legacy_fs_param param_type; |
9bc61ab1 DH |
41 | }; |
42 | ||
43 | static int legacy_init_fs_context(struct fs_context *fc); | |
44 | ||
3e1aeb00 DH |
45 | static const struct constant_table common_set_sb_flag[] = { |
46 | { "dirsync", SB_DIRSYNC }, | |
47 | { "lazytime", SB_LAZYTIME }, | |
48 | { "mand", SB_MANDLOCK }, | |
49 | { "posixacl", SB_POSIXACL }, | |
50 | { "ro", SB_RDONLY }, | |
51 | { "sync", SB_SYNCHRONOUS }, | |
52 | }; | |
53 | ||
54 | static const struct constant_table common_clear_sb_flag[] = { | |
55 | { "async", SB_SYNCHRONOUS }, | |
56 | { "nolazytime", SB_LAZYTIME }, | |
57 | { "nomand", SB_MANDLOCK }, | |
58 | { "rw", SB_RDONLY }, | |
59 | { "silent", SB_SILENT }, | |
60 | }; | |
61 | ||
62 | static const char *const forbidden_sb_flag[] = { | |
63 | "bind", | |
64 | "dev", | |
65 | "exec", | |
66 | "move", | |
67 | "noatime", | |
68 | "nodev", | |
69 | "nodiratime", | |
70 | "noexec", | |
71 | "norelatime", | |
72 | "nostrictatime", | |
73 | "nosuid", | |
74 | "private", | |
75 | "rec", | |
76 | "relatime", | |
77 | "remount", | |
78 | "shared", | |
79 | "slave", | |
80 | "strictatime", | |
81 | "suid", | |
82 | "unbindable", | |
83 | }; | |
84 | ||
85 | /* | |
86 | * Check for a common mount option that manipulates s_flags. | |
87 | */ | |
88 | static int vfs_parse_sb_flag(struct fs_context *fc, const char *key) | |
89 | { | |
90 | unsigned int token; | |
91 | unsigned int i; | |
92 | ||
93 | for (i = 0; i < ARRAY_SIZE(forbidden_sb_flag); i++) | |
94 | if (strcmp(key, forbidden_sb_flag[i]) == 0) | |
95 | return -EINVAL; | |
96 | ||
97 | token = lookup_constant(common_set_sb_flag, key, 0); | |
98 | if (token) { | |
99 | fc->sb_flags |= token; | |
100 | fc->sb_flags_mask |= token; | |
101 | return 0; | |
102 | } | |
103 | ||
104 | token = lookup_constant(common_clear_sb_flag, key, 0); | |
105 | if (token) { | |
106 | fc->sb_flags &= ~token; | |
107 | fc->sb_flags_mask |= token; | |
108 | return 0; | |
109 | } | |
110 | ||
111 | return -ENOPARAM; | |
112 | } | |
113 | ||
114 | /** | |
115 | * vfs_parse_fs_param - Add a single parameter to a superblock config | |
116 | * @fc: The filesystem context to modify | |
117 | * @param: The parameter | |
118 | * | |
119 | * A single mount option in string form is applied to the filesystem context | |
120 | * being set up. Certain standard options (for example "ro") are translated | |
121 | * into flag bits without going to the filesystem. The active security module | |
122 | * is allowed to observe and poach options. Any other options are passed over | |
123 | * to the filesystem to parse. | |
124 | * | |
125 | * This may be called multiple times for a context. | |
126 | * | |
127 | * Returns 0 on success and a negative error code on failure. In the event of | |
128 | * failure, supplementary error information may have been set. | |
129 | */ | |
130 | int vfs_parse_fs_param(struct fs_context *fc, struct fs_parameter *param) | |
131 | { | |
132 | int ret; | |
133 | ||
134 | if (!param->key) | |
135 | return invalf(fc, "Unnamed parameter\n"); | |
136 | ||
137 | ret = vfs_parse_sb_flag(fc, param->key); | |
138 | if (ret != -ENOPARAM) | |
139 | return ret; | |
140 | ||
141 | ret = security_fs_context_parse_param(fc, param); | |
142 | if (ret != -ENOPARAM) | |
143 | /* Param belongs to the LSM or is disallowed by the LSM; so | |
144 | * don't pass to the FS. | |
145 | */ | |
146 | return ret; | |
147 | ||
148 | if (fc->ops->parse_param) { | |
149 | ret = fc->ops->parse_param(fc, param); | |
150 | if (ret != -ENOPARAM) | |
151 | return ret; | |
152 | } | |
153 | ||
154 | /* If the filesystem doesn't take any arguments, give it the | |
155 | * default handling of source. | |
156 | */ | |
157 | if (strcmp(param->key, "source") == 0) { | |
158 | if (param->type != fs_value_is_string) | |
159 | return invalf(fc, "VFS: Non-string source"); | |
160 | if (fc->source) | |
161 | return invalf(fc, "VFS: Multiple sources"); | |
162 | fc->source = param->string; | |
163 | param->string = NULL; | |
164 | return 0; | |
165 | } | |
166 | ||
167 | return invalf(fc, "%s: Unknown parameter '%s'", | |
168 | fc->fs_type->name, param->key); | |
169 | } | |
170 | EXPORT_SYMBOL(vfs_parse_fs_param); | |
171 | ||
172 | /** | |
173 | * vfs_parse_fs_string - Convenience function to just parse a string. | |
174 | */ | |
175 | int vfs_parse_fs_string(struct fs_context *fc, const char *key, | |
176 | const char *value, size_t v_size) | |
177 | { | |
178 | int ret; | |
179 | ||
180 | struct fs_parameter param = { | |
181 | .key = key, | |
182 | .type = fs_value_is_string, | |
183 | .size = v_size, | |
184 | }; | |
185 | ||
186 | if (v_size > 0) { | |
187 | param.string = kmemdup_nul(value, v_size, GFP_KERNEL); | |
188 | if (!param.string) | |
189 | return -ENOMEM; | |
190 | } | |
191 | ||
192 | ret = vfs_parse_fs_param(fc, ¶m); | |
193 | kfree(param.string); | |
194 | return ret; | |
195 | } | |
196 | EXPORT_SYMBOL(vfs_parse_fs_string); | |
197 | ||
198 | /** | |
199 | * generic_parse_monolithic - Parse key[=val][,key[=val]]* mount data | |
200 | * @ctx: The superblock configuration to fill in. | |
201 | * @data: The data to parse | |
202 | * | |
203 | * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be | |
204 | * called from the ->monolithic_mount_data() fs_context operation. | |
205 | * | |
206 | * Returns 0 on success or the error returned by the ->parse_option() fs_context | |
207 | * operation on failure. | |
208 | */ | |
209 | int generic_parse_monolithic(struct fs_context *fc, void *data) | |
210 | { | |
211 | char *options = data, *key; | |
212 | int ret = 0; | |
213 | ||
214 | if (!options) | |
215 | return 0; | |
216 | ||
217 | ret = security_sb_eat_lsm_opts(options, &fc->security); | |
218 | if (ret) | |
219 | return ret; | |
220 | ||
221 | while ((key = strsep(&options, ",")) != NULL) { | |
222 | if (*key) { | |
223 | size_t v_len = 0; | |
224 | char *value = strchr(key, '='); | |
225 | ||
226 | if (value) { | |
227 | if (value == key) | |
228 | continue; | |
229 | *value++ = 0; | |
230 | v_len = strlen(value); | |
231 | } | |
232 | ret = vfs_parse_fs_string(fc, key, value, v_len); | |
233 | if (ret < 0) | |
234 | break; | |
235 | } | |
236 | } | |
237 | ||
238 | return ret; | |
239 | } | |
240 | EXPORT_SYMBOL(generic_parse_monolithic); | |
241 | ||
9bc61ab1 DH |
242 | /** |
243 | * alloc_fs_context - Create a filesystem context. | |
244 | * @fs_type: The filesystem type. | |
245 | * @reference: The dentry from which this one derives (or NULL) | |
246 | * @sb_flags: Filesystem/superblock flags (SB_*) | |
247 | * @sb_flags_mask: Applicable members of @sb_flags | |
248 | * @purpose: The purpose that this configuration shall be used for. | |
249 | * | |
250 | * Open a filesystem and create a mount context. The mount context is | |
251 | * initialised with the supplied flags and, if a submount/automount from | |
252 | * another superblock (referred to by @reference) is supplied, may have | |
253 | * parameters such as namespaces copied across from that superblock. | |
254 | */ | |
255 | static struct fs_context *alloc_fs_context(struct file_system_type *fs_type, | |
256 | struct dentry *reference, | |
257 | unsigned int sb_flags, | |
258 | unsigned int sb_flags_mask, | |
259 | enum fs_context_purpose purpose) | |
260 | { | |
f3a09c92 | 261 | int (*init_fs_context)(struct fs_context *); |
9bc61ab1 DH |
262 | struct fs_context *fc; |
263 | int ret = -ENOMEM; | |
264 | ||
265 | fc = kzalloc(sizeof(struct fs_context), GFP_KERNEL); | |
266 | if (!fc) | |
267 | return ERR_PTR(-ENOMEM); | |
268 | ||
269 | fc->purpose = purpose; | |
270 | fc->sb_flags = sb_flags; | |
271 | fc->sb_flags_mask = sb_flags_mask; | |
272 | fc->fs_type = get_filesystem(fs_type); | |
273 | fc->cred = get_current_cred(); | |
274 | fc->net_ns = get_net(current->nsproxy->net_ns); | |
275 | ||
24dcb3d9 DH |
276 | mutex_init(&fc->uapi_mutex); |
277 | ||
9bc61ab1 DH |
278 | switch (purpose) { |
279 | case FS_CONTEXT_FOR_MOUNT: | |
280 | fc->user_ns = get_user_ns(fc->cred->user_ns); | |
281 | break; | |
e1a91586 AV |
282 | case FS_CONTEXT_FOR_SUBMOUNT: |
283 | fc->user_ns = get_user_ns(reference->d_sb->s_user_ns); | |
284 | break; | |
8d0347f6 DH |
285 | case FS_CONTEXT_FOR_RECONFIGURE: |
286 | /* We don't pin any namespaces as the superblock's | |
287 | * subscriptions cannot be changed at this point. | |
288 | */ | |
289 | atomic_inc(&reference->d_sb->s_active); | |
290 | fc->root = dget(reference); | |
291 | break; | |
9bc61ab1 DH |
292 | } |
293 | ||
f3a09c92 AV |
294 | /* TODO: Make all filesystems support this unconditionally */ |
295 | init_fs_context = fc->fs_type->init_fs_context; | |
296 | if (!init_fs_context) | |
297 | init_fs_context = legacy_init_fs_context; | |
298 | ||
299 | ret = init_fs_context(fc); | |
9bc61ab1 DH |
300 | if (ret < 0) |
301 | goto err_fc; | |
302 | fc->need_free = true; | |
303 | return fc; | |
304 | ||
305 | err_fc: | |
306 | put_fs_context(fc); | |
307 | return ERR_PTR(ret); | |
308 | } | |
309 | ||
310 | struct fs_context *fs_context_for_mount(struct file_system_type *fs_type, | |
311 | unsigned int sb_flags) | |
312 | { | |
313 | return alloc_fs_context(fs_type, NULL, sb_flags, 0, | |
314 | FS_CONTEXT_FOR_MOUNT); | |
315 | } | |
316 | EXPORT_SYMBOL(fs_context_for_mount); | |
317 | ||
8d0347f6 DH |
318 | struct fs_context *fs_context_for_reconfigure(struct dentry *dentry, |
319 | unsigned int sb_flags, | |
320 | unsigned int sb_flags_mask) | |
321 | { | |
322 | return alloc_fs_context(dentry->d_sb->s_type, dentry, sb_flags, | |
323 | sb_flags_mask, FS_CONTEXT_FOR_RECONFIGURE); | |
324 | } | |
325 | EXPORT_SYMBOL(fs_context_for_reconfigure); | |
326 | ||
e1a91586 AV |
327 | struct fs_context *fs_context_for_submount(struct file_system_type *type, |
328 | struct dentry *reference) | |
329 | { | |
330 | return alloc_fs_context(type, reference, 0, 0, FS_CONTEXT_FOR_SUBMOUNT); | |
331 | } | |
332 | EXPORT_SYMBOL(fs_context_for_submount); | |
333 | ||
c9ce29ed AV |
334 | void fc_drop_locked(struct fs_context *fc) |
335 | { | |
336 | struct super_block *sb = fc->root->d_sb; | |
337 | dput(fc->root); | |
338 | fc->root = NULL; | |
339 | deactivate_locked_super(sb); | |
340 | } | |
341 | ||
9bc61ab1 | 342 | static void legacy_fs_context_free(struct fs_context *fc); |
8d0347f6 | 343 | |
0b52075e AV |
344 | /** |
345 | * vfs_dup_fc_config: Duplicate a filesystem context. | |
346 | * @src_fc: The context to copy. | |
347 | */ | |
348 | struct fs_context *vfs_dup_fs_context(struct fs_context *src_fc) | |
349 | { | |
350 | struct fs_context *fc; | |
351 | int ret; | |
352 | ||
353 | if (!src_fc->ops->dup) | |
354 | return ERR_PTR(-EOPNOTSUPP); | |
355 | ||
356 | fc = kmemdup(src_fc, sizeof(struct fs_context), GFP_KERNEL); | |
357 | if (!fc) | |
358 | return ERR_PTR(-ENOMEM); | |
359 | ||
24dcb3d9 DH |
360 | mutex_init(&fc->uapi_mutex); |
361 | ||
0b52075e AV |
362 | fc->fs_private = NULL; |
363 | fc->s_fs_info = NULL; | |
364 | fc->source = NULL; | |
365 | fc->security = NULL; | |
366 | get_filesystem(fc->fs_type); | |
367 | get_net(fc->net_ns); | |
368 | get_user_ns(fc->user_ns); | |
369 | get_cred(fc->cred); | |
007ec26c DH |
370 | if (fc->log) |
371 | refcount_inc(&fc->log->usage); | |
0b52075e AV |
372 | |
373 | /* Can't call put until we've called ->dup */ | |
374 | ret = fc->ops->dup(fc, src_fc); | |
375 | if (ret < 0) | |
376 | goto err_fc; | |
377 | ||
378 | ret = security_fs_context_dup(fc, src_fc); | |
379 | if (ret < 0) | |
380 | goto err_fc; | |
381 | return fc; | |
382 | ||
383 | err_fc: | |
384 | put_fs_context(fc); | |
385 | return ERR_PTR(ret); | |
386 | } | |
387 | EXPORT_SYMBOL(vfs_dup_fs_context); | |
388 | ||
e7582e16 DH |
389 | /** |
390 | * logfc - Log a message to a filesystem context | |
391 | * @fc: The filesystem context to log to. | |
392 | * @fmt: The format of the buffer. | |
393 | */ | |
394 | void logfc(struct fs_context *fc, const char *fmt, ...) | |
395 | { | |
007ec26c DH |
396 | static const char store_failure[] = "OOM: Can't store error string"; |
397 | struct fc_log *log = fc ? fc->log : NULL; | |
398 | const char *p; | |
e7582e16 | 399 | va_list va; |
007ec26c DH |
400 | char *q; |
401 | u8 freeable; | |
e7582e16 DH |
402 | |
403 | va_start(va, fmt); | |
007ec26c DH |
404 | if (!strchr(fmt, '%')) { |
405 | p = fmt; | |
406 | goto unformatted_string; | |
e7582e16 | 407 | } |
007ec26c DH |
408 | if (strcmp(fmt, "%s") == 0) { |
409 | p = va_arg(va, const char *); | |
410 | goto unformatted_string; | |
411 | } | |
412 | ||
413 | q = kvasprintf(GFP_KERNEL, fmt, va); | |
414 | copied_string: | |
415 | if (!q) | |
416 | goto store_failure; | |
417 | freeable = 1; | |
418 | goto store_string; | |
419 | ||
420 | unformatted_string: | |
421 | if ((unsigned long)p >= (unsigned long)__start_rodata && | |
422 | (unsigned long)p < (unsigned long)__end_rodata) | |
423 | goto const_string; | |
424 | if (log && within_module_core((unsigned long)p, log->owner)) | |
425 | goto const_string; | |
426 | q = kstrdup(p, GFP_KERNEL); | |
427 | goto copied_string; | |
428 | ||
429 | store_failure: | |
430 | p = store_failure; | |
431 | const_string: | |
432 | q = (char *)p; | |
433 | freeable = 0; | |
434 | store_string: | |
435 | if (!log) { | |
436 | switch (fmt[0]) { | |
437 | case 'w': | |
438 | printk(KERN_WARNING "%s\n", q + 2); | |
439 | break; | |
440 | case 'e': | |
441 | printk(KERN_ERR "%s\n", q + 2); | |
442 | break; | |
443 | default: | |
444 | printk(KERN_NOTICE "%s\n", q + 2); | |
445 | break; | |
446 | } | |
447 | if (freeable) | |
448 | kfree(q); | |
449 | } else { | |
450 | unsigned int logsize = ARRAY_SIZE(log->buffer); | |
451 | u8 index; | |
452 | ||
453 | index = log->head & (logsize - 1); | |
454 | BUILD_BUG_ON(sizeof(log->head) != sizeof(u8) || | |
455 | sizeof(log->tail) != sizeof(u8)); | |
456 | if ((u8)(log->head - log->tail) == logsize) { | |
457 | /* The buffer is full, discard the oldest message */ | |
458 | if (log->need_free & (1 << index)) | |
459 | kfree(log->buffer[index]); | |
460 | log->tail++; | |
461 | } | |
e7582e16 | 462 | |
007ec26c DH |
463 | log->buffer[index] = q; |
464 | log->need_free &= ~(1 << index); | |
465 | log->need_free |= freeable << index; | |
466 | log->head++; | |
467 | } | |
e7582e16 DH |
468 | va_end(va); |
469 | } | |
470 | EXPORT_SYMBOL(logfc); | |
007ec26c DH |
471 | |
472 | /* | |
473 | * Free a logging structure. | |
474 | */ | |
475 | static void put_fc_log(struct fs_context *fc) | |
476 | { | |
477 | struct fc_log *log = fc->log; | |
478 | int i; | |
479 | ||
480 | if (log) { | |
481 | if (refcount_dec_and_test(&log->usage)) { | |
482 | fc->log = NULL; | |
483 | for (i = 0; i <= 7; i++) | |
484 | if (log->need_free & (1 << i)) | |
485 | kfree(log->buffer[i]); | |
486 | kfree(log); | |
487 | } | |
488 | } | |
489 | } | |
e7582e16 | 490 | |
9bc61ab1 DH |
491 | /** |
492 | * put_fs_context - Dispose of a superblock configuration context. | |
493 | * @fc: The context to dispose of. | |
494 | */ | |
495 | void put_fs_context(struct fs_context *fc) | |
496 | { | |
497 | struct super_block *sb; | |
498 | ||
499 | if (fc->root) { | |
500 | sb = fc->root->d_sb; | |
501 | dput(fc->root); | |
502 | fc->root = NULL; | |
503 | deactivate_super(sb); | |
504 | } | |
505 | ||
f3a09c92 AV |
506 | if (fc->need_free && fc->ops && fc->ops->free) |
507 | fc->ops->free(fc); | |
9bc61ab1 DH |
508 | |
509 | security_free_mnt_opts(&fc->security); | |
8d0347f6 | 510 | put_net(fc->net_ns); |
9bc61ab1 DH |
511 | put_user_ns(fc->user_ns); |
512 | put_cred(fc->cred); | |
513 | kfree(fc->subtype); | |
007ec26c | 514 | put_fc_log(fc); |
9bc61ab1 DH |
515 | put_filesystem(fc->fs_type); |
516 | kfree(fc->source); | |
517 | kfree(fc); | |
518 | } | |
519 | EXPORT_SYMBOL(put_fs_context); | |
520 | ||
521 | /* | |
522 | * Free the config for a filesystem that doesn't support fs_context. | |
523 | */ | |
524 | static void legacy_fs_context_free(struct fs_context *fc) | |
525 | { | |
3e1aeb00 DH |
526 | struct legacy_fs_context *ctx = fc->fs_private; |
527 | ||
528 | if (ctx) { | |
529 | if (ctx->param_type == LEGACY_FS_INDIVIDUAL_PARAMS) | |
530 | kfree(ctx->legacy_data); | |
531 | kfree(ctx); | |
532 | } | |
533 | } | |
534 | ||
0b52075e AV |
535 | /* |
536 | * Duplicate a legacy config. | |
537 | */ | |
538 | static int legacy_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) | |
539 | { | |
540 | struct legacy_fs_context *ctx; | |
541 | struct legacy_fs_context *src_ctx = src_fc->fs_private; | |
542 | ||
543 | ctx = kmemdup(src_ctx, sizeof(*src_ctx), GFP_KERNEL); | |
544 | if (!ctx) | |
545 | return -ENOMEM; | |
546 | ||
547 | if (ctx->param_type == LEGACY_FS_INDIVIDUAL_PARAMS) { | |
548 | ctx->legacy_data = kmemdup(src_ctx->legacy_data, | |
549 | src_ctx->data_size, GFP_KERNEL); | |
550 | if (!ctx->legacy_data) { | |
551 | kfree(ctx); | |
552 | return -ENOMEM; | |
553 | } | |
554 | } | |
555 | ||
556 | fc->fs_private = ctx; | |
557 | return 0; | |
558 | } | |
559 | ||
3e1aeb00 DH |
560 | /* |
561 | * Add a parameter to a legacy config. We build up a comma-separated list of | |
562 | * options. | |
563 | */ | |
564 | static int legacy_parse_param(struct fs_context *fc, struct fs_parameter *param) | |
565 | { | |
566 | struct legacy_fs_context *ctx = fc->fs_private; | |
567 | unsigned int size = ctx->data_size; | |
568 | size_t len = 0; | |
569 | ||
570 | if (strcmp(param->key, "source") == 0) { | |
571 | if (param->type != fs_value_is_string) | |
572 | return invalf(fc, "VFS: Legacy: Non-string source"); | |
573 | if (fc->source) | |
574 | return invalf(fc, "VFS: Legacy: Multiple sources"); | |
575 | fc->source = param->string; | |
576 | param->string = NULL; | |
577 | return 0; | |
578 | } | |
579 | ||
580 | if ((fc->fs_type->fs_flags & FS_HAS_SUBTYPE) && | |
581 | strcmp(param->key, "subtype") == 0) { | |
582 | if (param->type != fs_value_is_string) | |
583 | return invalf(fc, "VFS: Legacy: Non-string subtype"); | |
584 | if (fc->subtype) | |
585 | return invalf(fc, "VFS: Legacy: Multiple subtype"); | |
586 | fc->subtype = param->string; | |
587 | param->string = NULL; | |
588 | return 0; | |
589 | } | |
590 | ||
591 | if (ctx->param_type == LEGACY_FS_MONOLITHIC_PARAMS) | |
592 | return invalf(fc, "VFS: Legacy: Can't mix monolithic and individual options"); | |
593 | ||
594 | switch (param->type) { | |
595 | case fs_value_is_string: | |
596 | len = 1 + param->size; | |
597 | /* Fall through */ | |
598 | case fs_value_is_flag: | |
599 | len += strlen(param->key); | |
600 | break; | |
601 | default: | |
602 | return invalf(fc, "VFS: Legacy: Parameter type for '%s' not supported", | |
603 | param->key); | |
604 | } | |
605 | ||
606 | if (len > PAGE_SIZE - 2 - size) | |
607 | return invalf(fc, "VFS: Legacy: Cumulative options too large"); | |
608 | if (strchr(param->key, ',') || | |
609 | (param->type == fs_value_is_string && | |
610 | memchr(param->string, ',', param->size))) | |
611 | return invalf(fc, "VFS: Legacy: Option '%s' contained comma", | |
612 | param->key); | |
613 | if (!ctx->legacy_data) { | |
614 | ctx->legacy_data = kmalloc(PAGE_SIZE, GFP_KERNEL); | |
615 | if (!ctx->legacy_data) | |
616 | return -ENOMEM; | |
617 | } | |
618 | ||
619 | ctx->legacy_data[size++] = ','; | |
620 | len = strlen(param->key); | |
621 | memcpy(ctx->legacy_data + size, param->key, len); | |
622 | size += len; | |
623 | if (param->type == fs_value_is_string) { | |
624 | ctx->legacy_data[size++] = '='; | |
625 | memcpy(ctx->legacy_data + size, param->string, param->size); | |
626 | size += param->size; | |
627 | } | |
628 | ctx->legacy_data[size] = '\0'; | |
629 | ctx->data_size = size; | |
630 | ctx->param_type = LEGACY_FS_INDIVIDUAL_PARAMS; | |
631 | return 0; | |
9bc61ab1 DH |
632 | } |
633 | ||
634 | /* | |
635 | * Add monolithic mount data. | |
636 | */ | |
637 | static int legacy_parse_monolithic(struct fs_context *fc, void *data) | |
638 | { | |
639 | struct legacy_fs_context *ctx = fc->fs_private; | |
3e1aeb00 DH |
640 | |
641 | if (ctx->param_type != LEGACY_FS_UNSET_PARAMS) { | |
642 | pr_warn("VFS: Can't mix monolithic and individual options\n"); | |
643 | return -EINVAL; | |
644 | } | |
645 | ||
9bc61ab1 | 646 | ctx->legacy_data = data; |
3e1aeb00 | 647 | ctx->param_type = LEGACY_FS_MONOLITHIC_PARAMS; |
9bc61ab1 DH |
648 | if (!ctx->legacy_data) |
649 | return 0; | |
3e1aeb00 | 650 | |
9bc61ab1 DH |
651 | if (fc->fs_type->fs_flags & FS_BINARY_MOUNTDATA) |
652 | return 0; | |
653 | return security_sb_eat_lsm_opts(ctx->legacy_data, &fc->security); | |
654 | } | |
655 | ||
656 | /* | |
657 | * Get a mountable root with the legacy mount command. | |
658 | */ | |
f3a09c92 | 659 | static int legacy_get_tree(struct fs_context *fc) |
9bc61ab1 DH |
660 | { |
661 | struct legacy_fs_context *ctx = fc->fs_private; | |
662 | struct super_block *sb; | |
663 | struct dentry *root; | |
664 | ||
665 | root = fc->fs_type->mount(fc->fs_type, fc->sb_flags, | |
666 | fc->source, ctx->legacy_data); | |
667 | if (IS_ERR(root)) | |
668 | return PTR_ERR(root); | |
669 | ||
670 | sb = root->d_sb; | |
671 | BUG_ON(!sb); | |
672 | ||
673 | fc->root = root; | |
674 | return 0; | |
675 | } | |
676 | ||
8d0347f6 DH |
677 | /* |
678 | * Handle remount. | |
679 | */ | |
f3a09c92 | 680 | static int legacy_reconfigure(struct fs_context *fc) |
8d0347f6 DH |
681 | { |
682 | struct legacy_fs_context *ctx = fc->fs_private; | |
683 | struct super_block *sb = fc->root->d_sb; | |
684 | ||
685 | if (!sb->s_op->remount_fs) | |
686 | return 0; | |
687 | ||
688 | return sb->s_op->remount_fs(sb, &fc->sb_flags, | |
689 | ctx ? ctx->legacy_data : NULL); | |
690 | } | |
691 | ||
f3a09c92 AV |
692 | const struct fs_context_operations legacy_fs_context_ops = { |
693 | .free = legacy_fs_context_free, | |
0b52075e | 694 | .dup = legacy_fs_context_dup, |
3e1aeb00 | 695 | .parse_param = legacy_parse_param, |
f3a09c92 AV |
696 | .parse_monolithic = legacy_parse_monolithic, |
697 | .get_tree = legacy_get_tree, | |
698 | .reconfigure = legacy_reconfigure, | |
699 | }; | |
700 | ||
9bc61ab1 DH |
701 | /* |
702 | * Initialise a legacy context for a filesystem that doesn't support | |
703 | * fs_context. | |
704 | */ | |
705 | static int legacy_init_fs_context(struct fs_context *fc) | |
706 | { | |
707 | fc->fs_private = kzalloc(sizeof(struct legacy_fs_context), GFP_KERNEL); | |
708 | if (!fc->fs_private) | |
709 | return -ENOMEM; | |
f3a09c92 | 710 | fc->ops = &legacy_fs_context_ops; |
9bc61ab1 DH |
711 | return 0; |
712 | } | |
713 | ||
714 | int parse_monolithic_mount_data(struct fs_context *fc, void *data) | |
715 | { | |
f3a09c92 | 716 | int (*monolithic_mount_data)(struct fs_context *, void *); |
3e1aeb00 | 717 | |
f3a09c92 | 718 | monolithic_mount_data = fc->ops->parse_monolithic; |
3e1aeb00 DH |
719 | if (!monolithic_mount_data) |
720 | monolithic_mount_data = generic_parse_monolithic; | |
721 | ||
f3a09c92 | 722 | return monolithic_mount_data(fc, data); |
9bc61ab1 | 723 | } |
ecdab150 DH |
724 | |
725 | /* | |
726 | * Clean up a context after performing an action on it and put it into a state | |
727 | * from where it can be used to reconfigure a superblock. | |
728 | * | |
729 | * Note that here we do only the parts that can't fail; the rest is in | |
730 | * finish_clean_context() below and in between those fs_context is marked | |
731 | * FS_CONTEXT_AWAITING_RECONF. The reason for splitup is that after | |
732 | * successful mount or remount we need to report success to userland. | |
733 | * Trying to do full reinit (for the sake of possible subsequent remount) | |
734 | * and failing to allocate memory would've put us into a nasty situation. | |
735 | * So here we only discard the old state and reinitialization is left | |
736 | * until we actually try to reconfigure. | |
737 | */ | |
738 | void vfs_clean_context(struct fs_context *fc) | |
739 | { | |
740 | if (fc->need_free && fc->ops && fc->ops->free) | |
741 | fc->ops->free(fc); | |
742 | fc->need_free = false; | |
743 | fc->fs_private = NULL; | |
744 | fc->s_fs_info = NULL; | |
745 | fc->sb_flags = 0; | |
746 | security_free_mnt_opts(&fc->security); | |
747 | kfree(fc->subtype); | |
748 | fc->subtype = NULL; | |
749 | kfree(fc->source); | |
750 | fc->source = NULL; | |
751 | ||
752 | fc->purpose = FS_CONTEXT_FOR_RECONFIGURE; | |
753 | fc->phase = FS_CONTEXT_AWAITING_RECONF; | |
754 | } | |
755 | ||
756 | int finish_clean_context(struct fs_context *fc) | |
757 | { | |
758 | int error; | |
759 | ||
760 | if (fc->phase != FS_CONTEXT_AWAITING_RECONF) | |
761 | return 0; | |
762 | ||
763 | if (fc->fs_type->init_fs_context) | |
764 | error = fc->fs_type->init_fs_context(fc); | |
765 | else | |
766 | error = legacy_init_fs_context(fc); | |
767 | if (unlikely(error)) { | |
768 | fc->phase = FS_CONTEXT_FAILED; | |
769 | return error; | |
770 | } | |
771 | fc->need_free = true; | |
772 | fc->phase = FS_CONTEXT_RECONF_PARAMS; | |
773 | return 0; | |
774 | } |