Commit | Line | Data |
---|---|---|
d2912cb1 | 1 | // SPDX-License-Identifier: GPL-2.0-only |
b2197755 DB |
2 | /* |
3 | * Minimal file system backend for holding eBPF maps and programs, | |
4 | * used by bpf(2) object pinning. | |
5 | * | |
6 | * Authors: | |
7 | * | |
8 | * Daniel Borkmann <daniel@iogearbox.net> | |
b2197755 DB |
9 | */ |
10 | ||
a536a6e1 | 11 | #include <linux/init.h> |
b2197755 DB |
12 | #include <linux/magic.h> |
13 | #include <linux/major.h> | |
14 | #include <linux/mount.h> | |
15 | #include <linux/namei.h> | |
16 | #include <linux/fs.h> | |
d2935de7 DH |
17 | #include <linux/fs_context.h> |
18 | #include <linux/fs_parser.h> | |
b2197755 DB |
19 | #include <linux/kdev_t.h> |
20 | #include <linux/filter.h> | |
21 | #include <linux/bpf.h> | |
a67edbf4 | 22 | #include <linux/bpf_trace.h> |
b2197755 DB |
23 | |
24 | enum bpf_type { | |
25 | BPF_TYPE_UNSPEC = 0, | |
26 | BPF_TYPE_PROG, | |
27 | BPF_TYPE_MAP, | |
28 | }; | |
29 | ||
30 | static void *bpf_any_get(void *raw, enum bpf_type type) | |
31 | { | |
32 | switch (type) { | |
33 | case BPF_TYPE_PROG: | |
92117d84 | 34 | raw = bpf_prog_inc(raw); |
b2197755 DB |
35 | break; |
36 | case BPF_TYPE_MAP: | |
92117d84 | 37 | raw = bpf_map_inc(raw, true); |
b2197755 DB |
38 | break; |
39 | default: | |
40 | WARN_ON_ONCE(1); | |
41 | break; | |
42 | } | |
43 | ||
44 | return raw; | |
45 | } | |
46 | ||
47 | static void bpf_any_put(void *raw, enum bpf_type type) | |
48 | { | |
49 | switch (type) { | |
50 | case BPF_TYPE_PROG: | |
51 | bpf_prog_put(raw); | |
52 | break; | |
53 | case BPF_TYPE_MAP: | |
c9da161c | 54 | bpf_map_put_with_uref(raw); |
b2197755 DB |
55 | break; |
56 | default: | |
57 | WARN_ON_ONCE(1); | |
58 | break; | |
59 | } | |
60 | } | |
61 | ||
62 | static void *bpf_fd_probe_obj(u32 ufd, enum bpf_type *type) | |
63 | { | |
64 | void *raw; | |
65 | ||
66 | *type = BPF_TYPE_MAP; | |
c9da161c | 67 | raw = bpf_map_get_with_uref(ufd); |
b2197755 DB |
68 | if (IS_ERR(raw)) { |
69 | *type = BPF_TYPE_PROG; | |
70 | raw = bpf_prog_get(ufd); | |
71 | } | |
72 | ||
73 | return raw; | |
74 | } | |
75 | ||
76 | static const struct inode_operations bpf_dir_iops; | |
77 | ||
78 | static const struct inode_operations bpf_prog_iops = { }; | |
79 | static const struct inode_operations bpf_map_iops = { }; | |
80 | ||
81 | static struct inode *bpf_get_inode(struct super_block *sb, | |
82 | const struct inode *dir, | |
83 | umode_t mode) | |
84 | { | |
85 | struct inode *inode; | |
86 | ||
87 | switch (mode & S_IFMT) { | |
88 | case S_IFDIR: | |
89 | case S_IFREG: | |
0f98621b | 90 | case S_IFLNK: |
b2197755 DB |
91 | break; |
92 | default: | |
93 | return ERR_PTR(-EINVAL); | |
94 | } | |
95 | ||
96 | inode = new_inode(sb); | |
97 | if (!inode) | |
98 | return ERR_PTR(-ENOSPC); | |
99 | ||
100 | inode->i_ino = get_next_ino(); | |
078cd827 | 101 | inode->i_atime = current_time(inode); |
b2197755 DB |
102 | inode->i_mtime = inode->i_atime; |
103 | inode->i_ctime = inode->i_atime; | |
104 | ||
105 | inode_init_owner(inode, dir, mode); | |
106 | ||
107 | return inode; | |
108 | } | |
109 | ||
110 | static int bpf_inode_type(const struct inode *inode, enum bpf_type *type) | |
111 | { | |
112 | *type = BPF_TYPE_UNSPEC; | |
113 | if (inode->i_op == &bpf_prog_iops) | |
114 | *type = BPF_TYPE_PROG; | |
115 | else if (inode->i_op == &bpf_map_iops) | |
116 | *type = BPF_TYPE_MAP; | |
117 | else | |
118 | return -EACCES; | |
119 | ||
120 | return 0; | |
121 | } | |
122 | ||
0f98621b DB |
123 | static void bpf_dentry_finalize(struct dentry *dentry, struct inode *inode, |
124 | struct inode *dir) | |
125 | { | |
126 | d_instantiate(dentry, inode); | |
127 | dget(dentry); | |
128 | ||
129 | dir->i_mtime = current_time(dir); | |
130 | dir->i_ctime = dir->i_mtime; | |
131 | } | |
132 | ||
b2197755 DB |
133 | static int bpf_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) |
134 | { | |
135 | struct inode *inode; | |
136 | ||
b2197755 DB |
137 | inode = bpf_get_inode(dir->i_sb, dir, mode | S_IFDIR); |
138 | if (IS_ERR(inode)) | |
139 | return PTR_ERR(inode); | |
140 | ||
141 | inode->i_op = &bpf_dir_iops; | |
142 | inode->i_fop = &simple_dir_operations; | |
143 | ||
144 | inc_nlink(inode); | |
145 | inc_nlink(dir); | |
146 | ||
0f98621b | 147 | bpf_dentry_finalize(dentry, inode, dir); |
b2197755 DB |
148 | return 0; |
149 | } | |
150 | ||
a26ca7c9 MKL |
151 | struct map_iter { |
152 | void *key; | |
153 | bool done; | |
154 | }; | |
155 | ||
156 | static struct map_iter *map_iter(struct seq_file *m) | |
157 | { | |
158 | return m->private; | |
159 | } | |
160 | ||
161 | static struct bpf_map *seq_file_to_map(struct seq_file *m) | |
162 | { | |
163 | return file_inode(m->file)->i_private; | |
164 | } | |
165 | ||
166 | static void map_iter_free(struct map_iter *iter) | |
167 | { | |
168 | if (iter) { | |
169 | kfree(iter->key); | |
170 | kfree(iter); | |
171 | } | |
172 | } | |
173 | ||
174 | static struct map_iter *map_iter_alloc(struct bpf_map *map) | |
175 | { | |
176 | struct map_iter *iter; | |
177 | ||
178 | iter = kzalloc(sizeof(*iter), GFP_KERNEL | __GFP_NOWARN); | |
179 | if (!iter) | |
180 | goto error; | |
181 | ||
182 | iter->key = kzalloc(map->key_size, GFP_KERNEL | __GFP_NOWARN); | |
183 | if (!iter->key) | |
184 | goto error; | |
185 | ||
186 | return iter; | |
187 | ||
188 | error: | |
189 | map_iter_free(iter); | |
190 | return NULL; | |
191 | } | |
192 | ||
193 | static void *map_seq_next(struct seq_file *m, void *v, loff_t *pos) | |
194 | { | |
195 | struct bpf_map *map = seq_file_to_map(m); | |
196 | void *key = map_iter(m)->key; | |
dc1508a5 | 197 | void *prev_key; |
a26ca7c9 MKL |
198 | |
199 | if (map_iter(m)->done) | |
200 | return NULL; | |
201 | ||
202 | if (unlikely(v == SEQ_START_TOKEN)) | |
dc1508a5 YS |
203 | prev_key = NULL; |
204 | else | |
205 | prev_key = key; | |
a26ca7c9 | 206 | |
dc1508a5 | 207 | if (map->ops->map_get_next_key(map, prev_key, key)) { |
a26ca7c9 MKL |
208 | map_iter(m)->done = true; |
209 | return NULL; | |
210 | } | |
211 | ||
a26ca7c9 MKL |
212 | ++(*pos); |
213 | return key; | |
214 | } | |
215 | ||
216 | static void *map_seq_start(struct seq_file *m, loff_t *pos) | |
217 | { | |
218 | if (map_iter(m)->done) | |
219 | return NULL; | |
220 | ||
221 | return *pos ? map_iter(m)->key : SEQ_START_TOKEN; | |
222 | } | |
223 | ||
224 | static void map_seq_stop(struct seq_file *m, void *v) | |
225 | { | |
226 | } | |
227 | ||
228 | static int map_seq_show(struct seq_file *m, void *v) | |
229 | { | |
230 | struct bpf_map *map = seq_file_to_map(m); | |
231 | void *key = map_iter(m)->key; | |
232 | ||
233 | if (unlikely(v == SEQ_START_TOKEN)) { | |
234 | seq_puts(m, "# WARNING!! The output is for debug purpose only\n"); | |
235 | seq_puts(m, "# WARNING!! The output format will change\n"); | |
236 | } else { | |
237 | map->ops->map_seq_show_elem(map, key, m); | |
238 | } | |
239 | ||
240 | return 0; | |
241 | } | |
242 | ||
243 | static const struct seq_operations bpffs_map_seq_ops = { | |
244 | .start = map_seq_start, | |
245 | .next = map_seq_next, | |
246 | .show = map_seq_show, | |
247 | .stop = map_seq_stop, | |
248 | }; | |
249 | ||
250 | static int bpffs_map_open(struct inode *inode, struct file *file) | |
251 | { | |
252 | struct bpf_map *map = inode->i_private; | |
253 | struct map_iter *iter; | |
254 | struct seq_file *m; | |
255 | int err; | |
256 | ||
257 | iter = map_iter_alloc(map); | |
258 | if (!iter) | |
259 | return -ENOMEM; | |
260 | ||
261 | err = seq_open(file, &bpffs_map_seq_ops); | |
262 | if (err) { | |
263 | map_iter_free(iter); | |
264 | return err; | |
265 | } | |
266 | ||
267 | m = file->private_data; | |
268 | m->private = iter; | |
269 | ||
270 | return 0; | |
271 | } | |
272 | ||
273 | static int bpffs_map_release(struct inode *inode, struct file *file) | |
274 | { | |
275 | struct seq_file *m = file->private_data; | |
276 | ||
277 | map_iter_free(map_iter(m)); | |
278 | ||
279 | return seq_release(inode, file); | |
280 | } | |
281 | ||
282 | /* bpffs_map_fops should only implement the basic | |
283 | * read operation for a BPF map. The purpose is to | |
284 | * provide a simple user intuitive way to do | |
285 | * "cat bpffs/pathto/a-pinned-map". | |
286 | * | |
287 | * Other operations (e.g. write, lookup...) should be realized by | |
288 | * the userspace tools (e.g. bpftool) through the | |
289 | * BPF_OBJ_GET_INFO_BY_FD and the map's lookup/update | |
290 | * interface. | |
291 | */ | |
292 | static const struct file_operations bpffs_map_fops = { | |
293 | .open = bpffs_map_open, | |
294 | .read = seq_read, | |
295 | .release = bpffs_map_release, | |
296 | }; | |
297 | ||
b1655857 DB |
298 | static int bpffs_obj_open(struct inode *inode, struct file *file) |
299 | { | |
300 | return -EIO; | |
301 | } | |
302 | ||
303 | static const struct file_operations bpffs_obj_fops = { | |
304 | .open = bpffs_obj_open, | |
305 | }; | |
306 | ||
a4a0683f | 307 | static int bpf_mkobj_ops(struct dentry *dentry, umode_t mode, void *raw, |
a26ca7c9 MKL |
308 | const struct inode_operations *iops, |
309 | const struct file_operations *fops) | |
b2197755 | 310 | { |
a4a0683f AV |
311 | struct inode *dir = dentry->d_parent->d_inode; |
312 | struct inode *inode = bpf_get_inode(dir->i_sb, dir, mode); | |
b2197755 DB |
313 | if (IS_ERR(inode)) |
314 | return PTR_ERR(inode); | |
315 | ||
316 | inode->i_op = iops; | |
a26ca7c9 | 317 | inode->i_fop = fops; |
a4a0683f | 318 | inode->i_private = raw; |
b2197755 | 319 | |
0f98621b | 320 | bpf_dentry_finalize(dentry, inode, dir); |
b2197755 DB |
321 | return 0; |
322 | } | |
323 | ||
a4a0683f | 324 | static int bpf_mkprog(struct dentry *dentry, umode_t mode, void *arg) |
b2197755 | 325 | { |
b1655857 DB |
326 | return bpf_mkobj_ops(dentry, mode, arg, &bpf_prog_iops, |
327 | &bpffs_obj_fops); | |
a4a0683f | 328 | } |
b2197755 | 329 | |
a4a0683f AV |
330 | static int bpf_mkmap(struct dentry *dentry, umode_t mode, void *arg) |
331 | { | |
a26ca7c9 MKL |
332 | struct bpf_map *map = arg; |
333 | ||
334 | return bpf_mkobj_ops(dentry, mode, arg, &bpf_map_iops, | |
e8d2bec0 DB |
335 | bpf_map_support_seq_show(map) ? |
336 | &bpffs_map_fops : &bpffs_obj_fops); | |
b2197755 DB |
337 | } |
338 | ||
0c93b7d8 AV |
339 | static struct dentry * |
340 | bpf_lookup(struct inode *dir, struct dentry *dentry, unsigned flags) | |
bb35a6ef | 341 | { |
6d8cb045 QM |
342 | /* Dots in names (e.g. "/sys/fs/bpf/foo.bar") are reserved for future |
343 | * extensions. | |
344 | */ | |
0c93b7d8 AV |
345 | if (strchr(dentry->d_name.name, '.')) |
346 | return ERR_PTR(-EPERM); | |
0f98621b | 347 | |
0c93b7d8 | 348 | return simple_lookup(dir, dentry, flags); |
bb35a6ef DB |
349 | } |
350 | ||
0f98621b DB |
351 | static int bpf_symlink(struct inode *dir, struct dentry *dentry, |
352 | const char *target) | |
353 | { | |
354 | char *link = kstrdup(target, GFP_USER | __GFP_NOWARN); | |
355 | struct inode *inode; | |
356 | ||
357 | if (!link) | |
358 | return -ENOMEM; | |
359 | ||
360 | inode = bpf_get_inode(dir->i_sb, dir, S_IRWXUGO | S_IFLNK); | |
361 | if (IS_ERR(inode)) { | |
362 | kfree(link); | |
363 | return PTR_ERR(inode); | |
364 | } | |
365 | ||
366 | inode->i_op = &simple_symlink_inode_operations; | |
367 | inode->i_link = link; | |
368 | ||
369 | bpf_dentry_finalize(dentry, inode, dir); | |
370 | return 0; | |
371 | } | |
372 | ||
b2197755 | 373 | static const struct inode_operations bpf_dir_iops = { |
0c93b7d8 | 374 | .lookup = bpf_lookup, |
b2197755 | 375 | .mkdir = bpf_mkdir, |
0f98621b | 376 | .symlink = bpf_symlink, |
b2197755 | 377 | .rmdir = simple_rmdir, |
0c93b7d8 AV |
378 | .rename = simple_rename, |
379 | .link = simple_link, | |
b2197755 DB |
380 | .unlink = simple_unlink, |
381 | }; | |
382 | ||
383 | static int bpf_obj_do_pin(const struct filename *pathname, void *raw, | |
384 | enum bpf_type type) | |
385 | { | |
386 | struct dentry *dentry; | |
387 | struct inode *dir; | |
388 | struct path path; | |
389 | umode_t mode; | |
b2197755 DB |
390 | int ret; |
391 | ||
392 | dentry = kern_path_create(AT_FDCWD, pathname->name, &path, 0); | |
393 | if (IS_ERR(dentry)) | |
394 | return PTR_ERR(dentry); | |
395 | ||
396 | mode = S_IFREG | ((S_IRUSR | S_IWUSR) & ~current_umask()); | |
b2197755 | 397 | |
a4a0683f | 398 | ret = security_path_mknod(&path, dentry, mode, 0); |
b2197755 DB |
399 | if (ret) |
400 | goto out; | |
401 | ||
402 | dir = d_inode(path.dentry); | |
403 | if (dir->i_op != &bpf_dir_iops) { | |
404 | ret = -EPERM; | |
405 | goto out; | |
406 | } | |
407 | ||
a4a0683f AV |
408 | switch (type) { |
409 | case BPF_TYPE_PROG: | |
410 | ret = vfs_mkobj(dentry, mode, bpf_mkprog, raw); | |
411 | break; | |
412 | case BPF_TYPE_MAP: | |
413 | ret = vfs_mkobj(dentry, mode, bpf_mkmap, raw); | |
414 | break; | |
415 | default: | |
416 | ret = -EPERM; | |
417 | } | |
b2197755 DB |
418 | out: |
419 | done_path_create(&path, dentry); | |
420 | return ret; | |
421 | } | |
422 | ||
423 | int bpf_obj_pin_user(u32 ufd, const char __user *pathname) | |
424 | { | |
425 | struct filename *pname; | |
426 | enum bpf_type type; | |
427 | void *raw; | |
428 | int ret; | |
429 | ||
430 | pname = getname(pathname); | |
431 | if (IS_ERR(pname)) | |
432 | return PTR_ERR(pname); | |
433 | ||
434 | raw = bpf_fd_probe_obj(ufd, &type); | |
435 | if (IS_ERR(raw)) { | |
436 | ret = PTR_ERR(raw); | |
437 | goto out; | |
438 | } | |
439 | ||
440 | ret = bpf_obj_do_pin(pname, raw, type); | |
441 | if (ret != 0) | |
442 | bpf_any_put(raw, type); | |
443 | out: | |
444 | putname(pname); | |
445 | return ret; | |
446 | } | |
447 | ||
448 | static void *bpf_obj_do_get(const struct filename *pathname, | |
6e71b04a | 449 | enum bpf_type *type, int flags) |
b2197755 DB |
450 | { |
451 | struct inode *inode; | |
452 | struct path path; | |
453 | void *raw; | |
454 | int ret; | |
455 | ||
456 | ret = kern_path(pathname->name, LOOKUP_FOLLOW, &path); | |
457 | if (ret) | |
458 | return ERR_PTR(ret); | |
459 | ||
460 | inode = d_backing_inode(path.dentry); | |
6e71b04a | 461 | ret = inode_permission(inode, ACC_MODE(flags)); |
b2197755 DB |
462 | if (ret) |
463 | goto out; | |
464 | ||
465 | ret = bpf_inode_type(inode, type); | |
466 | if (ret) | |
467 | goto out; | |
468 | ||
469 | raw = bpf_any_get(inode->i_private, *type); | |
92117d84 AS |
470 | if (!IS_ERR(raw)) |
471 | touch_atime(&path); | |
b2197755 DB |
472 | |
473 | path_put(&path); | |
474 | return raw; | |
475 | out: | |
476 | path_put(&path); | |
477 | return ERR_PTR(ret); | |
478 | } | |
479 | ||
6e71b04a | 480 | int bpf_obj_get_user(const char __user *pathname, int flags) |
b2197755 DB |
481 | { |
482 | enum bpf_type type = BPF_TYPE_UNSPEC; | |
483 | struct filename *pname; | |
484 | int ret = -ENOENT; | |
6e71b04a | 485 | int f_flags; |
b2197755 DB |
486 | void *raw; |
487 | ||
6e71b04a CF |
488 | f_flags = bpf_get_file_flag(flags); |
489 | if (f_flags < 0) | |
490 | return f_flags; | |
491 | ||
b2197755 DB |
492 | pname = getname(pathname); |
493 | if (IS_ERR(pname)) | |
494 | return PTR_ERR(pname); | |
495 | ||
6e71b04a | 496 | raw = bpf_obj_do_get(pname, &type, f_flags); |
b2197755 DB |
497 | if (IS_ERR(raw)) { |
498 | ret = PTR_ERR(raw); | |
499 | goto out; | |
500 | } | |
501 | ||
502 | if (type == BPF_TYPE_PROG) | |
503 | ret = bpf_prog_new_fd(raw); | |
504 | else if (type == BPF_TYPE_MAP) | |
6e71b04a | 505 | ret = bpf_map_new_fd(raw, f_flags); |
b2197755 DB |
506 | else |
507 | goto out; | |
508 | ||
4d220ed0 | 509 | if (ret < 0) |
b2197755 DB |
510 | bpf_any_put(raw, type); |
511 | out: | |
512 | putname(pname); | |
513 | return ret; | |
514 | } | |
040ee692 AV |
515 | |
516 | static struct bpf_prog *__get_prog_inode(struct inode *inode, enum bpf_prog_type type) | |
517 | { | |
518 | struct bpf_prog *prog; | |
e547ff3f | 519 | int ret = inode_permission(inode, MAY_READ); |
040ee692 AV |
520 | if (ret) |
521 | return ERR_PTR(ret); | |
522 | ||
523 | if (inode->i_op == &bpf_map_iops) | |
524 | return ERR_PTR(-EINVAL); | |
525 | if (inode->i_op != &bpf_prog_iops) | |
526 | return ERR_PTR(-EACCES); | |
527 | ||
528 | prog = inode->i_private; | |
529 | ||
530 | ret = security_bpf_prog(prog); | |
531 | if (ret < 0) | |
532 | return ERR_PTR(ret); | |
533 | ||
534 | if (!bpf_prog_get_ok(prog, &type, false)) | |
535 | return ERR_PTR(-EINVAL); | |
536 | ||
537 | return bpf_prog_inc(prog); | |
538 | } | |
539 | ||
540 | struct bpf_prog *bpf_prog_get_type_path(const char *name, enum bpf_prog_type type) | |
541 | { | |
542 | struct bpf_prog *prog; | |
543 | struct path path; | |
544 | int ret = kern_path(name, LOOKUP_FOLLOW, &path); | |
545 | if (ret) | |
546 | return ERR_PTR(ret); | |
547 | prog = __get_prog_inode(d_backing_inode(path.dentry), type); | |
548 | if (!IS_ERR(prog)) | |
549 | touch_atime(&path); | |
550 | path_put(&path); | |
551 | return prog; | |
552 | } | |
553 | EXPORT_SYMBOL(bpf_prog_get_type_path); | |
b2197755 | 554 | |
4cc7c186 DH |
555 | /* |
556 | * Display the mount options in /proc/mounts. | |
557 | */ | |
558 | static int bpf_show_options(struct seq_file *m, struct dentry *root) | |
559 | { | |
560 | umode_t mode = d_inode(root)->i_mode & S_IALLUGO & ~S_ISVTX; | |
561 | ||
562 | if (mode != S_IRWXUGO) | |
563 | seq_printf(m, ",mode=%o", mode); | |
564 | return 0; | |
565 | } | |
566 | ||
524845ff | 567 | static void bpf_free_inode(struct inode *inode) |
1da6c4d9 | 568 | { |
1da6c4d9 DB |
569 | enum bpf_type type; |
570 | ||
571 | if (S_ISLNK(inode->i_mode)) | |
572 | kfree(inode->i_link); | |
573 | if (!bpf_inode_type(inode, &type)) | |
574 | bpf_any_put(inode->i_private, type); | |
575 | free_inode_nonrcu(inode); | |
576 | } | |
577 | ||
b2197755 DB |
578 | static const struct super_operations bpf_super_ops = { |
579 | .statfs = simple_statfs, | |
580 | .drop_inode = generic_delete_inode, | |
4cc7c186 | 581 | .show_options = bpf_show_options, |
524845ff | 582 | .free_inode = bpf_free_inode, |
b2197755 DB |
583 | }; |
584 | ||
a3af5f80 DB |
585 | enum { |
586 | OPT_MODE, | |
a3af5f80 DB |
587 | }; |
588 | ||
d2935de7 DH |
589 | static const struct fs_parameter_spec bpf_param_specs[] = { |
590 | fsparam_u32oct ("mode", OPT_MODE), | |
591 | {} | |
592 | }; | |
593 | ||
594 | static const struct fs_parameter_description bpf_fs_parameters = { | |
595 | .name = "bpf", | |
596 | .specs = bpf_param_specs, | |
a3af5f80 DB |
597 | }; |
598 | ||
599 | struct bpf_mount_opts { | |
600 | umode_t mode; | |
601 | }; | |
602 | ||
d2935de7 | 603 | static int bpf_parse_param(struct fs_context *fc, struct fs_parameter *param) |
a3af5f80 | 604 | { |
d2935de7 DH |
605 | struct bpf_mount_opts *opts = fc->fs_private; |
606 | struct fs_parse_result result; | |
607 | int opt; | |
a3af5f80 | 608 | |
d2935de7 DH |
609 | opt = fs_parse(fc, &bpf_fs_parameters, param, &result); |
610 | if (opt < 0) | |
a3af5f80 DB |
611 | /* We might like to report bad mount options here, but |
612 | * traditionally we've ignored all mount options, so we'd | |
613 | * better continue to ignore non-existing options for bpf. | |
614 | */ | |
d2935de7 DH |
615 | return opt == -ENOPARAM ? 0 : opt; |
616 | ||
617 | switch (opt) { | |
618 | case OPT_MODE: | |
619 | opts->mode = result.uint_32 & S_IALLUGO; | |
620 | break; | |
a3af5f80 DB |
621 | } |
622 | ||
623 | return 0; | |
624 | } | |
625 | ||
d2935de7 | 626 | static int bpf_fill_super(struct super_block *sb, struct fs_context *fc) |
b2197755 | 627 | { |
cda37124 | 628 | static const struct tree_descr bpf_rfiles[] = { { "" } }; |
d2935de7 | 629 | struct bpf_mount_opts *opts = fc->fs_private; |
b2197755 DB |
630 | struct inode *inode; |
631 | int ret; | |
632 | ||
633 | ret = simple_fill_super(sb, BPF_FS_MAGIC, bpf_rfiles); | |
634 | if (ret) | |
635 | return ret; | |
636 | ||
637 | sb->s_op = &bpf_super_ops; | |
638 | ||
639 | inode = sb->s_root->d_inode; | |
640 | inode->i_op = &bpf_dir_iops; | |
641 | inode->i_mode &= ~S_IALLUGO; | |
d2935de7 | 642 | inode->i_mode |= S_ISVTX | opts->mode; |
b2197755 DB |
643 | |
644 | return 0; | |
645 | } | |
646 | ||
d2935de7 DH |
647 | static int bpf_get_tree(struct fs_context *fc) |
648 | { | |
649 | return get_tree_nodev(fc, bpf_fill_super); | |
650 | } | |
651 | ||
652 | static void bpf_free_fc(struct fs_context *fc) | |
b2197755 | 653 | { |
d2935de7 DH |
654 | kfree(fc->fs_private); |
655 | } | |
656 | ||
657 | static const struct fs_context_operations bpf_context_ops = { | |
658 | .free = bpf_free_fc, | |
659 | .parse_param = bpf_parse_param, | |
660 | .get_tree = bpf_get_tree, | |
661 | }; | |
662 | ||
663 | /* | |
664 | * Set up the filesystem mount context. | |
665 | */ | |
666 | static int bpf_init_fs_context(struct fs_context *fc) | |
667 | { | |
668 | struct bpf_mount_opts *opts; | |
669 | ||
670 | opts = kzalloc(sizeof(struct bpf_mount_opts), GFP_KERNEL); | |
671 | if (!opts) | |
672 | return -ENOMEM; | |
673 | ||
674 | opts->mode = S_IRWXUGO; | |
675 | ||
676 | fc->fs_private = opts; | |
677 | fc->ops = &bpf_context_ops; | |
678 | return 0; | |
b2197755 DB |
679 | } |
680 | ||
681 | static struct file_system_type bpf_fs_type = { | |
682 | .owner = THIS_MODULE, | |
683 | .name = "bpf", | |
d2935de7 DH |
684 | .init_fs_context = bpf_init_fs_context, |
685 | .parameters = &bpf_fs_parameters, | |
b2197755 | 686 | .kill_sb = kill_litter_super, |
b2197755 DB |
687 | }; |
688 | ||
b2197755 DB |
689 | static int __init bpf_init(void) |
690 | { | |
691 | int ret; | |
692 | ||
693 | ret = sysfs_create_mount_point(fs_kobj, "bpf"); | |
694 | if (ret) | |
695 | return ret; | |
696 | ||
697 | ret = register_filesystem(&bpf_fs_type); | |
698 | if (ret) | |
699 | sysfs_remove_mount_point(fs_kobj, "bpf"); | |
700 | ||
701 | return ret; | |
702 | } | |
703 | fs_initcall(bpf_init); |