Blame view
fs/open.c
30.2 KB
457c89965 treewide: Add SPD... |
1 |
// SPDX-License-Identifier: GPL-2.0-only |
1da177e4c Linux-2.6.12-rc2 |
2 3 4 5 6 7 8 9 |
/* * linux/fs/open.c * * Copyright (C) 1991, 1992 Linus Torvalds */ #include <linux/string.h> #include <linux/mm.h> |
1da177e4c Linux-2.6.12-rc2 |
10 |
#include <linux/file.h> |
9f3acc314 [PATCH] split lin... |
11 |
#include <linux/fdtable.h> |
0eeca2830 [PATCH] inotify |
12 |
#include <linux/fsnotify.h> |
1da177e4c Linux-2.6.12-rc2 |
13 |
#include <linux/module.h> |
1da177e4c Linux-2.6.12-rc2 |
14 15 16 |
#include <linux/tty.h> #include <linux/namei.h> #include <linux/backing-dev.h> |
16f7e0fe2 [PATCH] capable/c... |
17 |
#include <linux/capability.h> |
086f7316f security: filesys... |
18 |
#include <linux/securebits.h> |
1da177e4c Linux-2.6.12-rc2 |
19 20 |
#include <linux/security.h> #include <linux/mount.h> |
5590ff0d5 [PATCH] vfs: *at ... |
21 |
#include <linux/fcntl.h> |
5a0e3ad6a include cleanup: ... |
22 |
#include <linux/slab.h> |
7c0f6ba68 Replace <asm/uacc... |
23 |
#include <linux/uaccess.h> |
1da177e4c Linux-2.6.12-rc2 |
24 |
#include <linux/fs.h> |
ef3daeda7 [PATCH] Don't for... |
25 |
#include <linux/personality.h> |
1da177e4c Linux-2.6.12-rc2 |
26 27 |
#include <linux/pagemap.h> #include <linux/syscalls.h> |
ab2af1f50 [PATCH] files: fi... |
28 |
#include <linux/rcupdate.h> |
73241ccca [PATCH] Collect m... |
29 |
#include <linux/audit.h> |
97ac73506 sys_fallocate() i... |
30 |
#include <linux/falloc.h> |
5ad4e53bd Get rid of indire... |
31 |
#include <linux/fs_struct.h> |
b65a9cfc2 Untangling ima me... |
32 |
#include <linux/ima.h> |
2dfc1cae4 inotify: remove i... |
33 |
#include <linux/dnotify.h> |
3f6d078d4 fix compat trunca... |
34 |
#include <linux/compat.h> |
1da177e4c Linux-2.6.12-rc2 |
35 |
|
e81e3f4dc fs: move get_empt... |
36 |
#include "internal.h" |
4a30131e7 [PATCH] Fix some ... |
37 38 |
int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs, struct file *filp) |
1da177e4c Linux-2.6.12-rc2 |
39 |
{ |
939a9421e vfs: allow file t... |
40 |
int ret; |
1da177e4c Linux-2.6.12-rc2 |
41 42 43 44 45 46 47 |
struct iattr newattrs; /* Not pretty: "inode->i_size" shouldn't really be signed. But it is. */ if (length < 0) return -EINVAL; newattrs.ia_size = length; |
4a30131e7 [PATCH] Fix some ... |
48 |
newattrs.ia_valid = ATTR_SIZE | time_attrs; |
cc4e69dee [PATCH] VFS: pass... |
49 50 51 52 |
if (filp) { newattrs.ia_file = filp; newattrs.ia_valid |= ATTR_FILE; } |
1da177e4c Linux-2.6.12-rc2 |
53 |
|
45f147a1b fs: Call security... |
54 55 56 57 |
/* Remove suid, sgid, and file capabilities on truncate too */ ret = dentry_needs_remove_privs(dentry); if (ret < 0) return ret; |
939a9421e vfs: allow file t... |
58 59 |
if (ret) newattrs.ia_valid |= ret | ATTR_FORCE; |
7b82dc0e6 Remove suid/sgid ... |
60 |
|
5955102c9 wrappers for ->i_... |
61 |
inode_lock(dentry->d_inode); |
27ac0ffea locks: break dele... |
62 63 |
/* Note any delegations or leases have already been broken: */ ret = notify_change(dentry, &newattrs, NULL); |
5955102c9 wrappers for ->i_... |
64 |
inode_unlock(dentry->d_inode); |
939a9421e vfs: allow file t... |
65 |
return ret; |
1da177e4c Linux-2.6.12-rc2 |
66 |
} |
7df818b23 constify vfs_trun... |
67 |
long vfs_truncate(const struct path *path, loff_t length) |
1da177e4c Linux-2.6.12-rc2 |
68 |
{ |
2d8f30380 [PATCH] sanitize ... |
69 |
struct inode *inode; |
a02de9608 VFS: Make more co... |
70 |
long error; |
1da177e4c Linux-2.6.12-rc2 |
71 |
|
a02de9608 VFS: Make more co... |
72 |
inode = path->dentry->d_inode; |
1da177e4c Linux-2.6.12-rc2 |
73 74 |
/* For directories it's -EISDIR, for other non-regulars - -EINVAL */ |
1da177e4c Linux-2.6.12-rc2 |
75 |
if (S_ISDIR(inode->i_mode)) |
a02de9608 VFS: Make more co... |
76 |
return -EISDIR; |
1da177e4c Linux-2.6.12-rc2 |
77 |
if (!S_ISREG(inode->i_mode)) |
a02de9608 VFS: Make more co... |
78 |
return -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
79 |
|
a02de9608 VFS: Make more co... |
80 |
error = mnt_want_write(path->mnt); |
1da177e4c Linux-2.6.12-rc2 |
81 |
if (error) |
a02de9608 VFS: Make more co... |
82 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
83 |
|
256984a83 [PATCH] preparati... |
84 |
error = inode_permission(inode, MAY_WRITE); |
9ac9b8474 [PATCH] r/o bind ... |
85 86 |
if (error) goto mnt_drop_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
87 88 |
error = -EPERM; |
c82e42da8 [patch 1/5] vfs: ... |
89 |
if (IS_APPEND(inode)) |
9ac9b8474 [PATCH] r/o bind ... |
90 |
goto mnt_drop_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
91 |
|
8cf9ee506 Revert "vfs: do g... |
92 |
error = get_write_access(inode); |
1da177e4c Linux-2.6.12-rc2 |
93 |
if (error) |
9ac9b8474 [PATCH] r/o bind ... |
94 |
goto mnt_drop_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
95 |
|
9700382c3 VFS: fix a race i... |
96 97 98 99 |
/* * Make sure that there are no leases. get_write_access() protects * against the truncate racing with a lease-granting setlease(). */ |
8737c9305 Switch may_open()... |
100 |
error = break_lease(inode, O_WRONLY); |
1da177e4c Linux-2.6.12-rc2 |
101 |
if (error) |
9700382c3 VFS: fix a race i... |
102 |
goto put_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
103 104 |
error = locks_verify_truncate(inode, NULL, length); |
be6d3e56a introduce new LSM... |
105 |
if (!error) |
a02de9608 VFS: Make more co... |
106 |
error = security_path_truncate(path); |
907f4554e dquot: move dquot... |
107 |
if (!error) |
a02de9608 VFS: Make more co... |
108 |
error = do_truncate(path->dentry, length, 0, NULL); |
1da177e4c Linux-2.6.12-rc2 |
109 |
|
9700382c3 VFS: fix a race i... |
110 |
put_write_and_out: |
8cf9ee506 Revert "vfs: do g... |
111 |
put_write_access(inode); |
9ac9b8474 [PATCH] r/o bind ... |
112 |
mnt_drop_write_and_out: |
a02de9608 VFS: Make more co... |
113 |
mnt_drop_write(path->mnt); |
1da177e4c Linux-2.6.12-rc2 |
114 115 116 |
out: return error; } |
a02de9608 VFS: Make more co... |
117 |
EXPORT_SYMBOL_GPL(vfs_truncate); |
df260e21e fs: add ksys_trun... |
118 |
long do_sys_truncate(const char __user *pathname, loff_t length) |
a02de9608 VFS: Make more co... |
119 |
{ |
48f7530d3 vfs: have do_sys_... |
120 |
unsigned int lookup_flags = LOOKUP_FOLLOW; |
a02de9608 VFS: Make more co... |
121 122 123 124 125 |
struct path path; int error; if (length < 0) /* sorry, but loff_t says... */ return -EINVAL; |
48f7530d3 vfs: have do_sys_... |
126 127 |
retry: error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); |
a02de9608 VFS: Make more co... |
128 129 130 131 |
if (!error) { error = vfs_truncate(&path, length); path_put(&path); } |
48f7530d3 vfs: have do_sys_... |
132 133 134 135 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
a02de9608 VFS: Make more co... |
136 137 |
return error; } |
1da177e4c Linux-2.6.12-rc2 |
138 |
|
4fd8da8d6 fs: change sys_tr... |
139 |
SYSCALL_DEFINE2(truncate, const char __user *, path, long, length) |
1da177e4c Linux-2.6.12-rc2 |
140 |
{ |
4fd8da8d6 fs: change sys_tr... |
141 |
return do_sys_truncate(path, length); |
1da177e4c Linux-2.6.12-rc2 |
142 |
} |
3f6d078d4 fix compat trunca... |
143 144 145 146 147 148 |
#ifdef CONFIG_COMPAT COMPAT_SYSCALL_DEFINE2(truncate, const char __user *, path, compat_off_t, length) { return do_sys_truncate(path, length); } #endif |
411d9475c fs: add ksys_ftru... |
149 |
long do_sys_ftruncate(unsigned int fd, loff_t length, int small) |
1da177e4c Linux-2.6.12-rc2 |
150 |
{ |
bf2965d5b switch ftruncate(... |
151 |
struct inode *inode; |
1da177e4c Linux-2.6.12-rc2 |
152 |
struct dentry *dentry; |
2903ff019 switch simple cas... |
153 |
struct fd f; |
1da177e4c Linux-2.6.12-rc2 |
154 155 156 157 158 159 |
int error; error = -EINVAL; if (length < 0) goto out; error = -EBADF; |
2903ff019 switch simple cas... |
160 161 |
f = fdget(fd); if (!f.file) |
1da177e4c Linux-2.6.12-rc2 |
162 163 164 |
goto out; /* explicitly opened as large or we are on 64-bit box */ |
2903ff019 switch simple cas... |
165 |
if (f.file->f_flags & O_LARGEFILE) |
1da177e4c Linux-2.6.12-rc2 |
166 |
small = 0; |
2903ff019 switch simple cas... |
167 |
dentry = f.file->f_path.dentry; |
1da177e4c Linux-2.6.12-rc2 |
168 169 |
inode = dentry->d_inode; error = -EINVAL; |
2903ff019 switch simple cas... |
170 |
if (!S_ISREG(inode->i_mode) || !(f.file->f_mode & FMODE_WRITE)) |
1da177e4c Linux-2.6.12-rc2 |
171 172 173 174 175 176 177 178 |
goto out_putf; error = -EINVAL; /* Cannot ftruncate over 2^31 bytes without large file support */ if (small && length > MAX_NON_LFS) goto out_putf; error = -EPERM; |
78757af65 vfs: ftruncate ch... |
179 180 |
/* Check IS_APPEND on real upper inode */ if (IS_APPEND(file_inode(f.file))) |
1da177e4c Linux-2.6.12-rc2 |
181 |
goto out_putf; |
14da92001 fs: Protect write... |
182 |
sb_start_write(inode->i_sb); |
2903ff019 switch simple cas... |
183 |
error = locks_verify_truncate(inode, f.file, length); |
1da177e4c Linux-2.6.12-rc2 |
184 |
if (!error) |
2903ff019 switch simple cas... |
185 |
error = security_path_truncate(&f.file->f_path); |
be6d3e56a introduce new LSM... |
186 |
if (!error) |
2903ff019 switch simple cas... |
187 |
error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, f.file); |
14da92001 fs: Protect write... |
188 |
sb_end_write(inode->i_sb); |
1da177e4c Linux-2.6.12-rc2 |
189 |
out_putf: |
2903ff019 switch simple cas... |
190 |
fdput(f); |
1da177e4c Linux-2.6.12-rc2 |
191 192 193 |
out: return error; } |
bdc480e3b [CVE-2009-0029] S... |
194 |
SYSCALL_DEFINE2(ftruncate, unsigned int, fd, unsigned long, length) |
1da177e4c Linux-2.6.12-rc2 |
195 |
{ |
2cf096668 make SYSCALL_DEFI... |
196 |
return do_sys_ftruncate(fd, length, 1); |
1da177e4c Linux-2.6.12-rc2 |
197 |
} |
3f6d078d4 fix compat trunca... |
198 199 200 201 202 203 |
#ifdef CONFIG_COMPAT COMPAT_SYSCALL_DEFINE2(ftruncate, unsigned int, fd, compat_ulong_t, length) { return do_sys_ftruncate(fd, length, 1); } #endif |
1da177e4c Linux-2.6.12-rc2 |
204 205 |
/* LFS versions of truncate are only needed on 32 bit machines */ #if BITS_PER_LONG == 32 |
4a0fd5bf0 teach SYSCALL_DEF... |
206 |
SYSCALL_DEFINE2(truncate64, const char __user *, path, loff_t, length) |
1da177e4c Linux-2.6.12-rc2 |
207 208 209 |
{ return do_sys_truncate(path, length); } |
4a0fd5bf0 teach SYSCALL_DEF... |
210 |
SYSCALL_DEFINE2(ftruncate64, unsigned int, fd, loff_t, length) |
1da177e4c Linux-2.6.12-rc2 |
211 |
{ |
2cf096668 make SYSCALL_DEFI... |
212 |
return do_sys_ftruncate(fd, length, 0); |
1da177e4c Linux-2.6.12-rc2 |
213 |
} |
6673e0c3f [CVE-2009-0029] S... |
214 |
#endif /* BITS_PER_LONG == 32 */ |
1da177e4c Linux-2.6.12-rc2 |
215 |
|
3e63cbb1e fs: Add new pre-a... |
216 |
|
72c72bdf7 VFS: Rename do_fa... |
217 |
int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) |
97ac73506 sys_fallocate() i... |
218 |
{ |
496ad9aa8 new helper: file_... |
219 |
struct inode *inode = file_inode(file); |
3e63cbb1e fs: Add new pre-a... |
220 |
long ret; |
97ac73506 sys_fallocate() i... |
221 222 |
if (offset < 0 || len <= 0) |
3e63cbb1e fs: Add new pre-a... |
223 |
return -EINVAL; |
97ac73506 sys_fallocate() i... |
224 225 |
/* Return error if mode is not supported */ |
dd46c7877 fs: Add support F... |
226 |
if (mode & ~FALLOC_FL_SUPPORTED_MASK) |
409332b65 fs: Introduce FAL... |
227 228 229 230 231 |
return -EOPNOTSUPP; /* Punch hole and zero range are mutually exclusive */ if ((mode & (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_ZERO_RANGE)) == (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_ZERO_RANGE)) |
79124f18b fs: add hole punc... |
232 233 234 235 236 |
return -EOPNOTSUPP; /* Punch hole must have keep size set */ if ((mode & FALLOC_FL_PUNCH_HOLE) && !(mode & FALLOC_FL_KEEP_SIZE)) |
3e63cbb1e fs: Add new pre-a... |
237 |
return -EOPNOTSUPP; |
97ac73506 sys_fallocate() i... |
238 |
|
00f5e6199 fs: Add new flag(... |
239 240 241 242 |
/* Collapse range should only be used exclusively. */ if ((mode & FALLOC_FL_COLLAPSE_RANGE) && (mode & ~FALLOC_FL_COLLAPSE_RANGE)) return -EINVAL; |
dd46c7877 fs: Add support F... |
243 244 245 246 |
/* Insert range should only be used exclusively. */ if ((mode & FALLOC_FL_INSERT_RANGE) && (mode & ~FALLOC_FL_INSERT_RANGE)) return -EINVAL; |
71be6b494 vfs: add a FALLOC... |
247 248 249 250 |
/* Unshare range should only be used with allocate mode. */ if ((mode & FALLOC_FL_UNSHARE_RANGE) && (mode & ~(FALLOC_FL_UNSHARE_RANGE | FALLOC_FL_KEEP_SIZE))) return -EINVAL; |
97ac73506 sys_fallocate() i... |
251 |
if (!(file->f_mode & FMODE_WRITE)) |
3e63cbb1e fs: Add new pre-a... |
252 |
return -EBADF; |
1ca551c6c Check for immutab... |
253 |
|
00f5e6199 fs: Add new flag(... |
254 |
/* |
8fc61d926 fs: prevent doing... |
255 |
* We can only allow pure fallocate on append only files |
00f5e6199 fs: Add new flag(... |
256 |
*/ |
8fc61d926 fs: prevent doing... |
257 |
if ((mode & ~FALLOC_FL_KEEP_SIZE) && IS_APPEND(inode)) |
1ca551c6c Check for immutab... |
258 259 260 261 |
return -EPERM; if (IS_IMMUTABLE(inode)) return -EPERM; |
97ac73506 sys_fallocate() i... |
262 |
/* |
6d2b6170c vfs: fix check fo... |
263 |
* We cannot allow any fallocate operation on an active swapfile |
0790b31b6 fs: disallow all ... |
264 265 |
*/ if (IS_SWAPFILE(inode)) |
6d2b6170c vfs: fix check fo... |
266 |
return -ETXTBSY; |
0790b31b6 fs: disallow all ... |
267 268 |
/* |
97ac73506 sys_fallocate() i... |
269 270 271 272 273 |
* Revalidate the write permissions, in case security policy has * changed since the files were opened. */ ret = security_file_permission(file, MAY_WRITE); if (ret) |
3e63cbb1e fs: Add new pre-a... |
274 |
return ret; |
97ac73506 sys_fallocate() i... |
275 |
|
97ac73506 sys_fallocate() i... |
276 |
if (S_ISFIFO(inode->i_mode)) |
3e63cbb1e fs: Add new pre-a... |
277 |
return -ESPIPE; |
97ac73506 sys_fallocate() i... |
278 |
|
9e79b1326 vfs: deny falloca... |
279 280 281 282 |
if (S_ISDIR(inode->i_mode)) return -EISDIR; if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode)) |
3e63cbb1e fs: Add new pre-a... |
283 |
return -ENODEV; |
97ac73506 sys_fallocate() i... |
284 |
|
97ac73506 sys_fallocate() i... |
285 286 |
/* Check for wrap through zero too */ if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) |
3e63cbb1e fs: Add new pre-a... |
287 |
return -EFBIG; |
97ac73506 sys_fallocate() i... |
288 |
|
2fe17c107 fallocate should ... |
289 |
if (!file->f_op->fallocate) |
3e63cbb1e fs: Add new pre-a... |
290 |
return -EOPNOTSUPP; |
97ac73506 sys_fallocate() i... |
291 |
|
bfe219d37 vfs: wrap write f... |
292 |
file_start_write(file); |
14da92001 fs: Protect write... |
293 |
ret = file->f_op->fallocate(file, mode, offset, len); |
820c12d5d fallocate: create... |
294 295 296 297 298 299 300 301 302 303 |
/* * Create inotify and fanotify events. * * To keep the logic simple always create events if fallocate succeeds. * This implies that events are even created if the file size remains * unchanged, e.g. when using flag FALLOC_FL_KEEP_SIZE. */ if (ret == 0) fsnotify_modify(file); |
bfe219d37 vfs: wrap write f... |
304 |
file_end_write(file); |
14da92001 fs: Protect write... |
305 |
return ret; |
3e63cbb1e fs: Add new pre-a... |
306 |
} |
72c72bdf7 VFS: Rename do_fa... |
307 |
EXPORT_SYMBOL_GPL(vfs_fallocate); |
3e63cbb1e fs: Add new pre-a... |
308 |
|
edf292c76 fs: add ksys_fall... |
309 |
int ksys_fallocate(int fd, int mode, loff_t offset, loff_t len) |
3e63cbb1e fs: Add new pre-a... |
310 |
{ |
2903ff019 switch simple cas... |
311 |
struct fd f = fdget(fd); |
3e63cbb1e fs: Add new pre-a... |
312 |
int error = -EBADF; |
2903ff019 switch simple cas... |
313 |
if (f.file) { |
72c72bdf7 VFS: Rename do_fa... |
314 |
error = vfs_fallocate(f.file, mode, offset, len); |
2903ff019 switch simple cas... |
315 |
fdput(f); |
3e63cbb1e fs: Add new pre-a... |
316 |
} |
3e63cbb1e fs: Add new pre-a... |
317 |
return error; |
97ac73506 sys_fallocate() i... |
318 |
} |
3e63cbb1e fs: Add new pre-a... |
319 |
|
edf292c76 fs: add ksys_fall... |
320 321 322 323 |
SYSCALL_DEFINE4(fallocate, int, fd, int, mode, loff_t, offset, loff_t, len) { return ksys_fallocate(fd, mode, offset, len); } |
1da177e4c Linux-2.6.12-rc2 |
324 325 326 327 328 |
/* * access() needs to use the real uid/gid, not the effective uid/gid. * We do this by temporarily clearing all FS-related capabilities and * switching the fsuid/fsgid around to the real ones. */ |
cbfe20f56 fs: add do_facces... |
329 |
long do_faccessat(int dfd, const char __user *filename, int mode) |
1da177e4c Linux-2.6.12-rc2 |
330 |
{ |
d84f4f992 CRED: Inaugurate ... |
331 332 |
const struct cred *old_cred; struct cred *override_cred; |
2d8f30380 [PATCH] sanitize ... |
333 |
struct path path; |
256984a83 [PATCH] preparati... |
334 |
struct inode *inode; |
1da177e4c Linux-2.6.12-rc2 |
335 |
int res; |
87fa55952 vfs: have faccess... |
336 |
unsigned int lookup_flags = LOOKUP_FOLLOW; |
1da177e4c Linux-2.6.12-rc2 |
337 338 339 |
if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */ return -EINVAL; |
d84f4f992 CRED: Inaugurate ... |
340 341 342 |
override_cred = prepare_creds(); if (!override_cred) return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
343 |
|
d84f4f992 CRED: Inaugurate ... |
344 345 |
override_cred->fsuid = override_cred->uid; override_cred->fsgid = override_cred->gid; |
1da177e4c Linux-2.6.12-rc2 |
346 |
|
086f7316f security: filesys... |
347 |
if (!issecure(SECURE_NO_SETUID_FIXUP)) { |
1cdcbec1a CRED: Neuter sys_... |
348 |
/* Clear the capabilities if we switch to a non-root user */ |
18815a180 userns: Convert c... |
349 350 |
kuid_t root_uid = make_kuid(override_cred->user_ns, 0); if (!uid_eq(override_cred->uid, root_uid)) |
d84f4f992 CRED: Inaugurate ... |
351 |
cap_clear(override_cred->cap_effective); |
086f7316f security: filesys... |
352 |
else |
d84f4f992 CRED: Inaugurate ... |
353 354 |
override_cred->cap_effective = override_cred->cap_permitted; |
086f7316f security: filesys... |
355 |
} |
1da177e4c Linux-2.6.12-rc2 |
356 |
|
d7852fbd0 access: avoid the... |
357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 |
/* * The new set of credentials can *only* be used in * task-synchronous circumstances, and does not need * RCU freeing, unless somebody then takes a separate * reference to it. * * NOTE! This is _only_ true because this credential * is used purely for override_creds() that installs * it as the subjective cred. Other threads will be * accessing ->real_cred, not the subjective cred. * * If somebody _does_ make a copy of this (using the * 'get_current_cred()' function), that will clear the * non_rcu field, because now that other user may be * expecting RCU freeing. But normal thread-synchronous * cred accesses will keep things non-RCY. */ override_cred->non_rcu = 1; |
d84f4f992 CRED: Inaugurate ... |
375 |
old_cred = override_creds(override_cred); |
87fa55952 vfs: have faccess... |
376 377 |
retry: res = user_path_at(dfd, filename, lookup_flags, &path); |
6902d925d [PATCH] r/o bind ... |
378 379 |
if (res) goto out; |
63afdfc78 VFS: Handle lower... |
380 |
inode = d_backing_inode(path.dentry); |
256984a83 [PATCH] preparati... |
381 382 |
if ((mode & MAY_EXEC) && S_ISREG(inode->i_mode)) { |
30524472c [PATCH] take noex... |
383 384 385 386 387 |
/* * MAY_EXEC on regular files is denied if the fs is mounted * with the "noexec" flag. */ res = -EACCES; |
90f8572b0 vfs: Commit to ne... |
388 |
if (path_noexec(&path)) |
30524472c [PATCH] take noex... |
389 390 |
goto out_path_release; } |
256984a83 [PATCH] preparati... |
391 |
res = inode_permission(inode, mode | MAY_ACCESS); |
6902d925d [PATCH] r/o bind ... |
392 |
/* SuS v2 requires we report a read only fs too */ |
256984a83 [PATCH] preparati... |
393 |
if (res || !(mode & S_IWOTH) || special_file(inode->i_mode)) |
6902d925d [PATCH] r/o bind ... |
394 |
goto out_path_release; |
2f676cbc0 [PATCH] r/o bind ... |
395 396 397 398 399 400 401 402 403 404 |
/* * This is a rare case where using __mnt_is_readonly() * is OK without a mnt_want/drop_write() pair. Since * no actual write to the fs is performed here, we do * not need to telegraph to that to anyone. * * By doing this, we accept that this access is * inherently racy and know that the fs may change * state before we even see this result. */ |
2d8f30380 [PATCH] sanitize ... |
405 |
if (__mnt_is_readonly(path.mnt)) |
6902d925d [PATCH] r/o bind ... |
406 |
res = -EROFS; |
1da177e4c Linux-2.6.12-rc2 |
407 |
|
6902d925d [PATCH] r/o bind ... |
408 |
out_path_release: |
2d8f30380 [PATCH] sanitize ... |
409 |
path_put(&path); |
87fa55952 vfs: have faccess... |
410 411 412 413 |
if (retry_estale(res, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
6902d925d [PATCH] r/o bind ... |
414 |
out: |
d84f4f992 CRED: Inaugurate ... |
415 416 |
revert_creds(old_cred); put_cred(override_cred); |
1da177e4c Linux-2.6.12-rc2 |
417 418 |
return res; } |
cbfe20f56 fs: add do_facces... |
419 420 421 422 |
SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode) { return do_faccessat(dfd, filename, mode); } |
ca013e945 [CVE-2009-0029] S... |
423 |
SYSCALL_DEFINE2(access, const char __user *, filename, int, mode) |
5590ff0d5 [PATCH] vfs: *at ... |
424 |
{ |
cbfe20f56 fs: add do_facces... |
425 |
return do_faccessat(AT_FDCWD, filename, mode); |
5590ff0d5 [PATCH] vfs: *at ... |
426 |
} |
447016e96 fs: add ksys_chdi... |
427 |
int ksys_chdir(const char __user *filename) |
1da177e4c Linux-2.6.12-rc2 |
428 |
{ |
2d8f30380 [PATCH] sanitize ... |
429 |
struct path path; |
1da177e4c Linux-2.6.12-rc2 |
430 |
int error; |
0291c0a55 vfs: have chdir r... |
431 432 433 |
unsigned int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; retry: error = user_path_at(AT_FDCWD, filename, lookup_flags, &path); |
1da177e4c Linux-2.6.12-rc2 |
434 435 |
if (error) goto out; |
9cfcac810 vfs: re-introduce... |
436 |
error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); |
1da177e4c Linux-2.6.12-rc2 |
437 438 |
if (error) goto dput_and_out; |
2d8f30380 [PATCH] sanitize ... |
439 |
set_fs_pwd(current->fs, &path); |
1da177e4c Linux-2.6.12-rc2 |
440 441 |
dput_and_out: |
2d8f30380 [PATCH] sanitize ... |
442 |
path_put(&path); |
0291c0a55 vfs: have chdir r... |
443 444 445 446 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
1da177e4c Linux-2.6.12-rc2 |
447 448 449 |
out: return error; } |
447016e96 fs: add ksys_chdi... |
450 451 452 453 |
SYSCALL_DEFINE1(chdir, const char __user *, filename) { return ksys_chdir(filename); } |
3cdad4288 [CVE-2009-0029] S... |
454 |
SYSCALL_DEFINE1(fchdir, unsigned int, fd) |
1da177e4c Linux-2.6.12-rc2 |
455 |
{ |
2903ff019 switch simple cas... |
456 |
struct fd f = fdget_raw(fd); |
159b09562 make sure that fc... |
457 |
int error; |
1da177e4c Linux-2.6.12-rc2 |
458 459 |
error = -EBADF; |
2903ff019 switch simple cas... |
460 |
if (!f.file) |
1da177e4c Linux-2.6.12-rc2 |
461 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
462 |
error = -ENOTDIR; |
159b09562 make sure that fc... |
463 |
if (!d_can_lookup(f.file->f_path.dentry)) |
1da177e4c Linux-2.6.12-rc2 |
464 |
goto out_putf; |
159b09562 make sure that fc... |
465 |
error = inode_permission(file_inode(f.file), MAY_EXEC | MAY_CHDIR); |
1da177e4c Linux-2.6.12-rc2 |
466 |
if (!error) |
2903ff019 switch simple cas... |
467 |
set_fs_pwd(current->fs, &f.file->f_path); |
1da177e4c Linux-2.6.12-rc2 |
468 |
out_putf: |
2903ff019 switch simple cas... |
469 |
fdput(f); |
1da177e4c Linux-2.6.12-rc2 |
470 471 472 |
out: return error; } |
a16fe33ab fs: add ksys_chro... |
473 |
int ksys_chroot(const char __user *filename) |
1da177e4c Linux-2.6.12-rc2 |
474 |
{ |
2d8f30380 [PATCH] sanitize ... |
475 |
struct path path; |
1da177e4c Linux-2.6.12-rc2 |
476 |
int error; |
2771261ec vfs: have chroot ... |
477 478 479 |
unsigned int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; retry: error = user_path_at(AT_FDCWD, filename, lookup_flags, &path); |
1da177e4c Linux-2.6.12-rc2 |
480 481 |
if (error) goto out; |
9cfcac810 vfs: re-introduce... |
482 |
error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); |
1da177e4c Linux-2.6.12-rc2 |
483 484 485 486 |
if (error) goto dput_and_out; error = -EPERM; |
c7b96acf1 userns: Kill nso... |
487 |
if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT)) |
1da177e4c Linux-2.6.12-rc2 |
488 |
goto dput_and_out; |
8b8efb440 LSM: Add security... |
489 490 491 |
error = security_path_chroot(&path); if (error) goto dput_and_out; |
1da177e4c Linux-2.6.12-rc2 |
492 |
|
2d8f30380 [PATCH] sanitize ... |
493 |
set_fs_root(current->fs, &path); |
1da177e4c Linux-2.6.12-rc2 |
494 495 |
error = 0; dput_and_out: |
2d8f30380 [PATCH] sanitize ... |
496 |
path_put(&path); |
2771261ec vfs: have chroot ... |
497 498 499 500 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
1da177e4c Linux-2.6.12-rc2 |
501 502 503 |
out: return error; } |
a16fe33ab fs: add ksys_chro... |
504 505 506 507 |
SYSCALL_DEFINE1(chroot, const char __user *, filename) { return ksys_chroot(filename); } |
be01f9f28 constify chmod_co... |
508 |
static int chmod_common(const struct path *path, umode_t mode) |
1da177e4c Linux-2.6.12-rc2 |
509 |
{ |
e57712ebe merge fchmod() an... |
510 |
struct inode *inode = path->dentry->d_inode; |
27ac0ffea locks: break dele... |
511 |
struct inode *delegated_inode = NULL; |
1da177e4c Linux-2.6.12-rc2 |
512 |
struct iattr newattrs; |
e57712ebe merge fchmod() an... |
513 |
int error; |
1da177e4c Linux-2.6.12-rc2 |
514 |
|
e57712ebe merge fchmod() an... |
515 516 517 |
error = mnt_want_write(path->mnt); if (error) return error; |
27ac0ffea locks: break dele... |
518 |
retry_deleg: |
5955102c9 wrappers for ->i_... |
519 |
inode_lock(inode); |
cdcf116d4 switch security_p... |
520 |
error = security_path_chmod(path, mode); |
e57712ebe merge fchmod() an... |
521 |
if (error) |
fe542cf59 LSM: Move securit... |
522 |
goto out_unlock; |
1da177e4c Linux-2.6.12-rc2 |
523 524 |
newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO); newattrs.ia_valid = ATTR_MODE | ATTR_CTIME; |
27ac0ffea locks: break dele... |
525 |
error = notify_change(path->dentry, &newattrs, &delegated_inode); |
fe542cf59 LSM: Move securit... |
526 |
out_unlock: |
5955102c9 wrappers for ->i_... |
527 |
inode_unlock(inode); |
27ac0ffea locks: break dele... |
528 529 530 531 532 |
if (delegated_inode) { error = break_deleg_wait(&delegated_inode); if (!error) goto retry_deleg; } |
e57712ebe merge fchmod() an... |
533 534 535 |
mnt_drop_write(path->mnt); return error; } |
03450e271 fs: add ksys_fchm... |
536 |
int ksys_fchmod(unsigned int fd, umode_t mode) |
e57712ebe merge fchmod() an... |
537 |
{ |
173c84012 switch fchmod() t... |
538 |
struct fd f = fdget(fd); |
e57712ebe merge fchmod() an... |
539 |
int err = -EBADF; |
173c84012 switch fchmod() t... |
540 |
if (f.file) { |
9f45f5bf3 new helper: audit... |
541 |
audit_file(f.file); |
173c84012 switch fchmod() t... |
542 543 |
err = chmod_common(&f.file->f_path, mode); fdput(f); |
e57712ebe merge fchmod() an... |
544 |
} |
1da177e4c Linux-2.6.12-rc2 |
545 546 |
return err; } |
03450e271 fs: add ksys_fchm... |
547 548 549 550 551 552 |
SYSCALL_DEFINE2(fchmod, unsigned int, fd, umode_t, mode) { return ksys_fchmod(fd, mode); } int do_fchmodat(int dfd, const char __user *filename, umode_t mode) |
1da177e4c Linux-2.6.12-rc2 |
553 |
{ |
2d8f30380 [PATCH] sanitize ... |
554 |
struct path path; |
1da177e4c Linux-2.6.12-rc2 |
555 |
int error; |
14ff690c0 vfs: make fchmoda... |
556 557 558 |
unsigned int lookup_flags = LOOKUP_FOLLOW; retry: error = user_path_at(dfd, filename, lookup_flags, &path); |
e57712ebe merge fchmod() an... |
559 560 561 |
if (!error) { error = chmod_common(&path, mode); path_put(&path); |
14ff690c0 vfs: make fchmoda... |
562 563 564 565 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
e57712ebe merge fchmod() an... |
566 |
} |
1da177e4c Linux-2.6.12-rc2 |
567 568 |
return error; } |
03450e271 fs: add ksys_fchm... |
569 570 571 572 573 |
SYSCALL_DEFINE3(fchmodat, int, dfd, const char __user *, filename, umode_t, mode) { return do_fchmodat(dfd, filename, mode); } |
49f0a0767 switch sys_chmod(... |
574 |
SYSCALL_DEFINE2(chmod, const char __user *, filename, umode_t, mode) |
5590ff0d5 [PATCH] vfs: *at ... |
575 |
{ |
03450e271 fs: add ksys_fchm... |
576 |
return do_fchmodat(AT_FDCWD, filename, mode); |
5590ff0d5 [PATCH] vfs: *at ... |
577 |
} |
7fd25dac9 constify chown_co... |
578 |
static int chown_common(const struct path *path, uid_t user, gid_t group) |
1da177e4c Linux-2.6.12-rc2 |
579 |
{ |
fe542cf59 LSM: Move securit... |
580 |
struct inode *inode = path->dentry->d_inode; |
27ac0ffea locks: break dele... |
581 |
struct inode *delegated_inode = NULL; |
1da177e4c Linux-2.6.12-rc2 |
582 583 |
int error; struct iattr newattrs; |
52137abe1 userns: Convert u... |
584 585 586 587 588 |
kuid_t uid; kgid_t gid; uid = make_kuid(current_user_ns(), user); gid = make_kgid(current_user_ns(), group); |
1da177e4c Linux-2.6.12-rc2 |
589 |
|
c1b8940b4 NFS: fix BUG() cr... |
590 |
retry_deleg: |
1da177e4c Linux-2.6.12-rc2 |
591 592 |
newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { |
52137abe1 userns: Convert u... |
593 594 |
if (!uid_valid(uid)) return -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
595 |
newattrs.ia_valid |= ATTR_UID; |
52137abe1 userns: Convert u... |
596 |
newattrs.ia_uid = uid; |
1da177e4c Linux-2.6.12-rc2 |
597 598 |
} if (group != (gid_t) -1) { |
52137abe1 userns: Convert u... |
599 600 |
if (!gid_valid(gid)) return -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
601 |
newattrs.ia_valid |= ATTR_GID; |
52137abe1 userns: Convert u... |
602 |
newattrs.ia_gid = gid; |
1da177e4c Linux-2.6.12-rc2 |
603 604 |
} if (!S_ISDIR(inode->i_mode)) |
b53767719 Implement file po... |
605 606 |
newattrs.ia_valid |= ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; |
5955102c9 wrappers for ->i_... |
607 |
inode_lock(inode); |
d2b31ca64 userns: Teach sec... |
608 |
error = security_path_chown(path, uid, gid); |
fe542cf59 LSM: Move securit... |
609 |
if (!error) |
27ac0ffea locks: break dele... |
610 |
error = notify_change(path->dentry, &newattrs, &delegated_inode); |
5955102c9 wrappers for ->i_... |
611 |
inode_unlock(inode); |
27ac0ffea locks: break dele... |
612 613 614 615 616 |
if (delegated_inode) { error = break_deleg_wait(&delegated_inode); if (!error) goto retry_deleg; } |
1da177e4c Linux-2.6.12-rc2 |
617 618 |
return error; } |
55731b3cd fs: add do_fchown... |
619 620 |
int do_fchownat(int dfd, const char __user *filename, uid_t user, gid_t group, int flag) |
5590ff0d5 [PATCH] vfs: *at ... |
621 |
{ |
2d8f30380 [PATCH] sanitize ... |
622 |
struct path path; |
5590ff0d5 [PATCH] vfs: *at ... |
623 |
int error = -EINVAL; |
65cfc6722 readlinkat(), fch... |
624 |
int lookup_flags; |
5590ff0d5 [PATCH] vfs: *at ... |
625 |
|
65cfc6722 readlinkat(), fch... |
626 |
if ((flag & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) != 0) |
5590ff0d5 [PATCH] vfs: *at ... |
627 |
goto out; |
65cfc6722 readlinkat(), fch... |
628 629 630 |
lookup_flags = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW; if (flag & AT_EMPTY_PATH) lookup_flags |= LOOKUP_EMPTY; |
99a5df37a vfs: make fchowna... |
631 |
retry: |
65cfc6722 readlinkat(), fch... |
632 |
error = user_path_at(dfd, filename, lookup_flags, &path); |
6902d925d [PATCH] r/o bind ... |
633 634 |
if (error) goto out; |
2d8f30380 [PATCH] sanitize ... |
635 |
error = mnt_want_write(path.mnt); |
2af482a7e [PATCH] r/o bind ... |
636 637 |
if (error) goto out_release; |
fe542cf59 LSM: Move securit... |
638 |
error = chown_common(&path, user, group); |
2d8f30380 [PATCH] sanitize ... |
639 |
mnt_drop_write(path.mnt); |
2af482a7e [PATCH] r/o bind ... |
640 |
out_release: |
2d8f30380 [PATCH] sanitize ... |
641 |
path_put(&path); |
99a5df37a vfs: make fchowna... |
642 643 644 645 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
5590ff0d5 [PATCH] vfs: *at ... |
646 647 648 |
out: return error; } |
55731b3cd fs: add do_fchown... |
649 650 651 652 653 |
SYSCALL_DEFINE5(fchownat, int, dfd, const char __user *, filename, uid_t, user, gid_t, group, int, flag) { return do_fchownat(dfd, filename, user, group, flag); } |
55e4def0a VFS: Make chown()... |
654 |
SYSCALL_DEFINE3(chown, const char __user *, filename, uid_t, user, gid_t, group) |
1da177e4c Linux-2.6.12-rc2 |
655 |
{ |
55731b3cd fs: add do_fchown... |
656 |
return do_fchownat(AT_FDCWD, filename, user, group, 0); |
55e4def0a VFS: Make chown()... |
657 |
} |
1da177e4c Linux-2.6.12-rc2 |
658 |
|
55e4def0a VFS: Make chown()... |
659 660 |
SYSCALL_DEFINE3(lchown, const char __user *, filename, uid_t, user, gid_t, group) { |
55731b3cd fs: add do_fchown... |
661 662 |
return do_fchownat(AT_FDCWD, filename, user, group, AT_SYMLINK_NOFOLLOW); |
1da177e4c Linux-2.6.12-rc2 |
663 |
} |
55731b3cd fs: add do_fchown... |
664 |
int ksys_fchown(unsigned int fd, uid_t user, gid_t group) |
1da177e4c Linux-2.6.12-rc2 |
665 |
{ |
2903ff019 switch simple cas... |
666 |
struct fd f = fdget(fd); |
1da177e4c Linux-2.6.12-rc2 |
667 |
int error = -EBADF; |
2903ff019 switch simple cas... |
668 |
if (!f.file) |
6902d925d [PATCH] r/o bind ... |
669 |
goto out; |
6742cee04 Revert "ovl: don'... |
670 |
error = mnt_want_write_file(f.file); |
2af482a7e [PATCH] r/o bind ... |
671 672 |
if (error) goto out_fput; |
9f45f5bf3 new helper: audit... |
673 |
audit_file(f.file); |
2903ff019 switch simple cas... |
674 |
error = chown_common(&f.file->f_path, user, group); |
6742cee04 Revert "ovl: don'... |
675 |
mnt_drop_write_file(f.file); |
2af482a7e [PATCH] r/o bind ... |
676 |
out_fput: |
2903ff019 switch simple cas... |
677 |
fdput(f); |
6902d925d [PATCH] r/o bind ... |
678 |
out: |
1da177e4c Linux-2.6.12-rc2 |
679 680 |
return error; } |
55731b3cd fs: add do_fchown... |
681 682 683 684 |
SYSCALL_DEFINE3(fchown, unsigned int, fd, uid_t, user, gid_t, group) { return ksys_fchown(fd, user, group); } |
02e5180d9 do_dentry_open():... |
685 |
static int do_dentry_open(struct file *f, |
4bacc9c92 overlayfs: Make f... |
686 |
struct inode *inode, |
ae2bb293a get rid of cred a... |
687 |
int (*open)(struct inode *, struct file *)) |
1da177e4c Linux-2.6.12-rc2 |
688 |
{ |
1abf0c718 New kind of open ... |
689 |
static const struct file_operations empty_fops = {}; |
1da177e4c Linux-2.6.12-rc2 |
690 |
int error; |
b5bcdda32 take grabbing f->... |
691 |
path_get(&f->f_path); |
4bacc9c92 overlayfs: Make f... |
692 |
f->f_inode = inode; |
1da177e4c Linux-2.6.12-rc2 |
693 |
f->f_mapping = inode->i_mapping; |
1da177e4c Linux-2.6.12-rc2 |
694 |
|
5660e13d2 fs: new infrastru... |
695 696 |
/* Ensure that we skip any errors that predate opening of the file */ f->f_wb_err = filemap_sample_wb_err(f->f_mapping); |
3f4d5a000 tidy do_dentry_op... |
697 |
if (unlikely(f->f_flags & O_PATH)) { |
f5d11409e introduce FMODE_O... |
698 |
f->f_mode = FMODE_PATH | FMODE_OPENED; |
1abf0c718 New kind of open ... |
699 |
f->f_op = &empty_fops; |
af04fadca Revert "fs: fold ... |
700 |
return 0; |
1abf0c718 New kind of open ... |
701 |
} |
73601ea5b fs/open.c: allow ... |
702 703 704 705 706 |
/* Any file opened for execve()/uselib() has to be a regular file. */ if (unlikely(f->f_flags & FMODE_EXEC && !S_ISREG(inode->i_mode))) { error = -EACCES; goto cleanup_file; } |
dd20908a8 don't bother with... |
707 |
if (f->f_mode & FMODE_WRITE && !special_file(inode->i_mode)) { |
0ccb28634 fold __get_file_w... |
708 |
error = get_write_access(inode); |
3f4d5a000 tidy do_dentry_op... |
709 |
if (unlikely(error)) |
1da177e4c Linux-2.6.12-rc2 |
710 |
goto cleanup_file; |
0ccb28634 fold __get_file_w... |
711 |
error = __mnt_want_write(f->f_path.mnt); |
3f4d5a000 tidy do_dentry_op... |
712 |
if (unlikely(error)) { |
0ccb28634 fold __get_file_w... |
713 714 715 |
put_write_access(inode); goto cleanup_file; } |
83f936c75 mark struct file ... |
716 |
f->f_mode |= FMODE_WRITER; |
1da177e4c Linux-2.6.12-rc2 |
717 |
} |
9c225f265 vfs: atomic f_pos... |
718 |
/* POSIX.1-2008/SUSv4 Section XSI 2.9.7 */ |
63b6df141 give readdir(2)/g... |
719 |
if (S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode)) |
9c225f265 vfs: atomic f_pos... |
720 |
f->f_mode |= FMODE_ATOMIC_POS; |
1abf0c718 New kind of open ... |
721 |
f->f_op = fops_get(inode->i_fop); |
7159d5441 fs: remove unlike... |
722 |
if (WARN_ON(!f->f_op)) { |
72c2d5319 file->f_op is nev... |
723 724 725 |
error = -ENODEV; goto cleanup_all; } |
1abf0c718 New kind of open ... |
726 |
|
e3f20ae21 security_file_ope... |
727 |
error = security_file_open(f); |
788e7dd4c SELinux: Improve ... |
728 729 |
if (error) goto cleanup_all; |
c568d6834 locks: fix file l... |
730 |
error = break_lease(locks_inode(f), f->f_flags); |
f3c7691e8 leases: fix write... |
731 732 |
if (error) goto cleanup_all; |
ea73ea727 pass ->f_flags va... |
733 734 |
/* normally all 3 are set; ->open() can clear them if needed */ f->f_mode |= FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE; |
72c2d5319 file->f_op is nev... |
735 |
if (!open) |
834f2a4a1 VFS: Allow the fi... |
736 737 738 |
open = f->f_op->open; if (open) { error = open(inode, f); |
1da177e4c Linux-2.6.12-rc2 |
739 740 741 |
if (error) goto cleanup_all; } |
f5d11409e introduce FMODE_O... |
742 |
f->f_mode |= FMODE_OPENED; |
890275b5e IMA: maintain i_r... |
743 744 |
if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) i_readcount_inc(inode); |
293bc9822 new methods: ->re... |
745 |
if ((f->f_mode & FMODE_READ) && |
843631820 ->aio_read and ->... |
746 |
likely(f->f_op->read || f->f_op->read_iter)) |
7f7f25e82 replace checking ... |
747 |
f->f_mode |= FMODE_CAN_READ; |
293bc9822 new methods: ->re... |
748 |
if ((f->f_mode & FMODE_WRITE) && |
843631820 ->aio_read and ->... |
749 |
likely(f->f_op->write || f->f_op->write_iter)) |
7f7f25e82 replace checking ... |
750 |
f->f_mode |= FMODE_CAN_WRITE; |
834f2a4a1 VFS: Allow the fi... |
751 |
|
c75b1d942 fs: add fcntl() i... |
752 |
f->f_write_hint = WRITE_LIFE_NOT_SET; |
1da177e4c Linux-2.6.12-rc2 |
753 754 755 |
f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping); |
af04fadca Revert "fs: fold ... |
756 |
|
69527c554 now we can fold o... |
757 758 759 760 761 |
/* NB: we're sure to have correct a_ops only after f_op->open */ if (f->f_flags & O_DIRECT) { if (!f->f_mapping->a_ops || !f->f_mapping->a_ops->direct_IO) return -EINVAL; } |
09d91cda0 mm,thp: avoid wri... |
762 763 764 765 766 767 768 |
/* * XXX: Huge page cache doesn't support writing yet. Drop all page * cache for this file before processing writes. */ if ((f->f_mode & FMODE_WRITE) && filemap_nr_thps(inode->i_mapping)) truncate_pagecache(inode, 0); |
96b7e579a switch do_dentry_... |
769 |
return 0; |
1da177e4c Linux-2.6.12-rc2 |
770 771 |
cleanup_all: |
6b4e8085c make sure do_dent... |
772 773 |
if (WARN_ON_ONCE(error > 0)) error = -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
774 |
fops_put(f->f_op); |
83f936c75 mark struct file ... |
775 |
if (f->f_mode & FMODE_WRITER) { |
1da177e4c Linux-2.6.12-rc2 |
776 |
put_write_access(inode); |
83f936c75 mark struct file ... |
777 |
__mnt_drop_write(f->f_path.mnt); |
4a3fd211c [PATCH] r/o bind ... |
778 |
} |
1da177e4c Linux-2.6.12-rc2 |
779 |
cleanup_file: |
02e5180d9 do_dentry_open():... |
780 781 782 |
path_put(&f->f_path); f->f_path.mnt = NULL; f->f_path.dentry = NULL; |
dd37978c5 cache the value o... |
783 |
f->f_inode = NULL; |
96b7e579a switch do_dentry_... |
784 |
return error; |
1da177e4c Linux-2.6.12-rc2 |
785 |
} |
834f2a4a1 VFS: Allow the fi... |
786 |
/** |
d18e9008c vfs: add i_op->at... |
787 |
* finish_open - finish opening a file |
0854d450e vfs: improve i_op... |
788 |
* @file: file pointer |
d18e9008c vfs: add i_op->at... |
789 790 |
* @dentry: pointer to dentry * @open: open callback |
0854d450e vfs: improve i_op... |
791 |
* @opened: state of open |
d18e9008c vfs: add i_op->at... |
792 793 794 795 796 |
* * This can be used to finish opening a file passed to i_op->atomic_open(). * * If the open callback is set to NULL, then the standard f_op->open() * filesystem callback is substituted. |
0854d450e vfs: improve i_op... |
797 798 799 800 801 802 803 804 805 |
* * NB: the dentry reference is _not_ consumed. If, for example, the dentry is * the return value of d_splice_alias(), then the caller needs to perform dput() * on it after finish_open(). * * On successful return @file is a fully instantiated open file. After this, if * an error occurs in ->atomic_open(), it needs to clean up with fput(). * * Returns zero on success or -errno if the open failed. |
d18e9008c vfs: add i_op->at... |
806 |
*/ |
30d904947 kill struct opendata |
807 |
int finish_open(struct file *file, struct dentry *dentry, |
be12af3ef getting rid of 'o... |
808 |
int (*open)(struct inode *, struct file *)) |
d18e9008c vfs: add i_op->at... |
809 |
{ |
aad888f82 switch all remain... |
810 |
BUG_ON(file->f_mode & FMODE_OPENED); /* once it's opened, it's opened */ |
d18e9008c vfs: add i_op->at... |
811 |
|
b5bcdda32 take grabbing f->... |
812 |
file->f_path.dentry = dentry; |
aad888f82 switch all remain... |
813 |
return do_dentry_open(file, d_backing_inode(dentry), open); |
d18e9008c vfs: add i_op->at... |
814 815 816 817 818 819 |
} EXPORT_SYMBOL(finish_open); /** * finish_no_open - finish ->atomic_open() without opening the file * |
0854d450e vfs: improve i_op... |
820 |
* @file: file pointer |
d18e9008c vfs: add i_op->at... |
821 822 823 |
* @dentry: dentry or NULL (as returned from ->lookup()) * * This can be used to set the result of a successful lookup in ->atomic_open(). |
0854d450e vfs: improve i_op... |
824 825 826 827 |
* * NB: unlike finish_open() this function does consume the dentry reference and * the caller need not dput() it. * |
64e1ac4d4 ->atomic_open(): ... |
828 |
* Returns "0" which must be the return value of ->atomic_open() after having |
0854d450e vfs: improve i_op... |
829 |
* called this function. |
d18e9008c vfs: add i_op->at... |
830 |
*/ |
e45198a6a make finish_no_op... |
831 |
int finish_no_open(struct file *file, struct dentry *dentry) |
d18e9008c vfs: add i_op->at... |
832 |
{ |
30d904947 kill struct opendata |
833 |
file->f_path.dentry = dentry; |
64e1ac4d4 ->atomic_open(): ... |
834 |
return 0; |
d18e9008c vfs: add i_op->at... |
835 836 |
} EXPORT_SYMBOL(finish_no_open); |
9bf39ab2a vfs: add file_pat... |
837 838 839 840 841 |
char *file_path(struct file *filp, char *buf, int buflen) { return d_path(&filp->f_path, buf, buflen); } EXPORT_SYMBOL(file_path); |
4bacc9c92 overlayfs: Make f... |
842 843 844 845 846 847 |
/** * vfs_open - open the file at the given path * @path: path to open * @file: newly allocated file with f_flag initialized * @cred: credentials to use */ |
ae2bb293a get rid of cred a... |
848 |
int vfs_open(const struct path *path, struct file *file) |
4bacc9c92 overlayfs: Make f... |
849 |
{ |
54d5ca871 vfs: add vfs_sele... |
850 |
file->f_path = *path; |
a6518f73e vfs: don't open real |
851 |
return do_dentry_open(file, d_backing_inode(path->dentry), NULL); |
4bacc9c92 overlayfs: Make f... |
852 |
} |
765927b2d switch dentry_ope... |
853 |
struct file *dentry_open(const struct path *path, int flags, |
745ca2475 CRED: Pass creden... |
854 |
const struct cred *cred) |
a1a5b3d93 [PATCH] open retu... |
855 856 857 |
{ int error; struct file *f; |
e0e817392 CRED: Add some co... |
858 |
validate_creds(cred); |
c212f9aaf fs: Use BUG_ON(!m... |
859 |
/* We must always pass in a valid mount pointer. */ |
765927b2d switch dentry_ope... |
860 |
BUG_ON(!path->mnt); |
322ee5b36 [PATCH] check for... |
861 |
|
ea73ea727 pass ->f_flags va... |
862 |
f = alloc_empty_file(flags, cred); |
af04fadca Revert "fs: fold ... |
863 |
if (!IS_ERR(f)) { |
ae2bb293a get rid of cred a... |
864 |
error = vfs_open(path, f); |
4d27f3266 fold put_filp() i... |
865 866 |
if (error) { fput(f); |
af04fadca Revert "fs: fold ... |
867 868 |
f = ERR_PTR(error); } |
2a027e7a1 fold __dentry_ope... |
869 870 |
} return f; |
a1a5b3d93 [PATCH] open retu... |
871 |
} |
1da177e4c Linux-2.6.12-rc2 |
872 |
EXPORT_SYMBOL(dentry_open); |
2abc77af8 new helper: open_... |
873 874 875 |
struct file *open_with_fake_path(const struct path *path, int flags, struct inode *inode, const struct cred *cred) { |
d3b1084df vfs: make open_wi... |
876 |
struct file *f = alloc_empty_file_noaccount(flags, cred); |
2abc77af8 new helper: open_... |
877 878 879 880 881 882 883 884 885 886 887 888 889 |
if (!IS_ERR(f)) { int error; f->f_path = *path; error = do_dentry_open(f, inode, NULL); if (error) { fput(f); f = ERR_PTR(error); } } return f; } EXPORT_SYMBOL(open_with_fake_path); |
a218d0fdc switch open and m... |
890 |
static inline int build_open_flags(int flags, umode_t mode, struct open_flags *op) |
47c805dc2 switch do_filp_op... |
891 892 |
{ int lookup_flags = 0; |
62fb4a155 don't carry MAY_O... |
893 |
int acc_mode = ACC_MODE(flags); |
47c805dc2 switch do_filp_op... |
894 |
|
629e014bb fs: completely ig... |
895 896 897 898 899 |
/* * Clear out all open flags we don't know about so that we don't report * them in fcntl(F_GETFD) or similar interfaces. */ flags &= VALID_OPEN_FLAGS; |
e305f48bc fs: Fix file mode... |
900 |
if (flags & (O_CREAT | __O_TMPFILE)) |
e68726ff7 vfs: canonicalize... |
901 902 903 |
op->mode = (mode & S_IALLUGO) | S_IFREG; else op->mode = 0; |
47c805dc2 switch do_filp_op... |
904 905 |
/* Must never be set by userspace */ |
c6f3d8111 don't leak O_CLOE... |
906 |
flags &= ~FMODE_NONOTIFY & ~O_CLOEXEC; |
47c805dc2 switch do_filp_op... |
907 908 909 910 911 912 913 914 915 |
/* * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only * check for O_DSYNC if the need any syncing at all we enforce it's * always set instead of having to deal with possibly weird behaviour * for malicious applications setting only __O_SYNC. */ if (flags & __O_SYNC) flags |= O_DSYNC; |
bb458c644 Safer ABI for O_T... |
916 917 |
if (flags & __O_TMPFILE) { if ((flags & O_TMPFILE_MASK) != O_TMPFILE) |
60545d0d4 [O_TMPFILE] it's ... |
918 |
return -EINVAL; |
ba57ea64c allow O_TMPFILE t... |
919 920 |
if (!(acc_mode & MAY_WRITE)) return -EINVAL; |
60545d0d4 [O_TMPFILE] it's ... |
921 922 923 924 925 |
} else if (flags & O_PATH) { /* * If we have O_PATH in the open flag. Then we * cannot have anything other than the below set of flags */ |
1abf0c718 New kind of open ... |
926 927 |
flags &= O_DIRECTORY | O_NOFOLLOW | O_PATH; acc_mode = 0; |
1abf0c718 New kind of open ... |
928 |
} |
47c805dc2 switch do_filp_op... |
929 |
|
1abf0c718 New kind of open ... |
930 |
op->open_flag = flags; |
47c805dc2 switch do_filp_op... |
931 932 933 934 935 936 937 938 939 940 941 |
/* O_TRUNC implies we need access checks for write permissions */ if (flags & O_TRUNC) acc_mode |= MAY_WRITE; /* Allow the LSM permission hook to distinguish append access from general write access. */ if (flags & O_APPEND) acc_mode |= MAY_APPEND; op->acc_mode = acc_mode; |
1abf0c718 New kind of open ... |
942 |
op->intent = flags & O_PATH ? 0 : LOOKUP_OPEN; |
47c805dc2 switch do_filp_op... |
943 944 945 946 947 948 949 950 951 952 |
if (flags & O_CREAT) { op->intent |= LOOKUP_CREATE; if (flags & O_EXCL) op->intent |= LOOKUP_EXCL; } if (flags & O_DIRECTORY) lookup_flags |= LOOKUP_DIRECTORY; if (!(flags & O_NOFOLLOW)) lookup_flags |= LOOKUP_FOLLOW; |
f9652e10c allow build_open_... |
953 954 |
op->lookup_flags = lookup_flags; return 0; |
47c805dc2 switch do_filp_op... |
955 956 957 |
} /** |
669abf4e5 vfs: make path_op... |
958 959 960 961 962 963 964 965 966 967 968 969 970 |
* file_open_name - open file and return file pointer * * @name: struct filename containing path to open * @flags: open flags as per the open(2) second argument * @mode: mode for the new file if O_CREAT is set, else ignored * * This is the helper to open a file from kernelspace if you really * have to. But in generally you should not do this, so please move * along, nothing to see here.. */ struct file *file_open_name(struct filename *name, int flags, umode_t mode) { struct open_flags op; |
f9652e10c allow build_open_... |
971 972 |
int err = build_open_flags(flags, mode, &op); return err ? ERR_PTR(err) : do_filp_open(AT_FDCWD, name, &op); |
669abf4e5 vfs: make path_op... |
973 974 975 |
} /** |
47c805dc2 switch do_filp_op... |
976 977 978 979 980 981 982 983 984 985 |
* filp_open - open file and return file pointer * * @filename: path to open * @flags: open flags as per the open(2) second argument * @mode: mode for the new file if O_CREAT is set, else ignored * * This is the helper to open a file from kernelspace if you really * have to. But in generally you should not do this, so please move * along, nothing to see here.. */ |
a218d0fdc switch open and m... |
986 |
struct file *filp_open(const char *filename, int flags, umode_t mode) |
47c805dc2 switch do_filp_op... |
987 |
{ |
516891041 fs: create proper... |
988 989 990 991 992 993 994 995 |
struct filename *name = getname_kernel(filename); struct file *file = ERR_CAST(name); if (!IS_ERR(name)) { file = file_open_name(name, flags, mode); putname(name); } return file; |
47c805dc2 switch do_filp_op... |
996 997 |
} EXPORT_SYMBOL(filp_open); |
73d049a40 open-style analog... |
998 |
struct file *file_open_root(struct dentry *dentry, struct vfsmount *mnt, |
378c6520e fs/coredump: prev... |
999 |
const char *filename, int flags, umode_t mode) |
73d049a40 open-style analog... |
1000 1001 |
{ struct open_flags op; |
378c6520e fs/coredump: prev... |
1002 |
int err = build_open_flags(flags, mode, &op); |
f9652e10c allow build_open_... |
1003 1004 |
if (err) return ERR_PTR(err); |
f9652e10c allow build_open_... |
1005 |
return do_file_open_root(dentry, mnt, filename, &op); |
73d049a40 open-style analog... |
1006 1007 |
} EXPORT_SYMBOL(file_open_root); |
a218d0fdc switch open and m... |
1008 |
long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) |
1da177e4c Linux-2.6.12-rc2 |
1009 |
{ |
47c805dc2 switch do_filp_op... |
1010 |
struct open_flags op; |
f9652e10c allow build_open_... |
1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 |
int fd = build_open_flags(flags, mode, &op); struct filename *tmp; if (fd) return fd; tmp = getname(filename); if (IS_ERR(tmp)) return PTR_ERR(tmp); fd = get_unused_fd_flags(flags); if (fd >= 0) { struct file *f = do_filp_open(dfd, tmp, &op); if (IS_ERR(f)) { put_unused_fd(fd); fd = PTR_ERR(f); } else { fsnotify_open(f); fd_install(fd, f); |
1da177e4c Linux-2.6.12-rc2 |
1030 |
} |
1da177e4c Linux-2.6.12-rc2 |
1031 |
} |
f9652e10c allow build_open_... |
1032 |
putname(tmp); |
1da177e4c Linux-2.6.12-rc2 |
1033 |
return fd; |
1da177e4c Linux-2.6.12-rc2 |
1034 |
} |
e922efc34 [PATCH] remove du... |
1035 |
|
a218d0fdc switch open and m... |
1036 |
SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, umode_t, mode) |
e922efc34 [PATCH] remove du... |
1037 1038 1039 |
{ if (force_o_largefile()) flags |= O_LARGEFILE; |
2cf096668 make SYSCALL_DEFI... |
1040 |
return do_sys_open(AT_FDCWD, filename, flags, mode); |
e922efc34 [PATCH] remove du... |
1041 |
} |
1da177e4c Linux-2.6.12-rc2 |
1042 |
|
6559eed8c [CVE-2009-0029] S... |
1043 |
SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags, |
a218d0fdc switch open and m... |
1044 |
umode_t, mode) |
5590ff0d5 [PATCH] vfs: *at ... |
1045 1046 1047 |
{ if (force_o_largefile()) flags |= O_LARGEFILE; |
2cf096668 make SYSCALL_DEFI... |
1048 |
return do_sys_open(dfd, filename, flags, mode); |
5590ff0d5 [PATCH] vfs: *at ... |
1049 |
} |
5590ff0d5 [PATCH] vfs: *at ... |
1050 |
|
e35d49f63 open: move compat... |
1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 |
#ifdef CONFIG_COMPAT /* * Exactly like sys_open(), except that it doesn't set the * O_LARGEFILE flag. */ COMPAT_SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, umode_t, mode) { return do_sys_open(AT_FDCWD, filename, flags, mode); } /* * Exactly like sys_openat(), except that it doesn't set the * O_LARGEFILE flag. */ COMPAT_SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags, umode_t, mode) { return do_sys_open(dfd, filename, flags, mode); } #endif |
1da177e4c Linux-2.6.12-rc2 |
1070 1071 1072 1073 1074 1075 |
#ifndef __alpha__ /* * For backward compatibility? Maybe this should be moved * into arch/i386 instead? */ |
a218d0fdc switch open and m... |
1076 |
SYSCALL_DEFINE2(creat, const char __user *, pathname, umode_t, mode) |
1da177e4c Linux-2.6.12-rc2 |
1077 |
{ |
bae217ea8 fs: add ksys_open... |
1078 |
return ksys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode); |
1da177e4c Linux-2.6.12-rc2 |
1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 |
} #endif /* * "id" is the POSIX thread ID. We use the * files pointer for this.. */ int filp_close(struct file *filp, fl_owner_t id) { |
45778ca81 [PATCH] Remove f_... |
1089 |
int retval = 0; |
1da177e4c Linux-2.6.12-rc2 |
1090 1091 1092 1093 |
if (!file_count(filp)) { printk(KERN_ERR "VFS: Close: file count is 0 "); |
45778ca81 [PATCH] Remove f_... |
1094 |
return 0; |
1da177e4c Linux-2.6.12-rc2 |
1095 |
} |
72c2d5319 file->f_op is nev... |
1096 |
if (filp->f_op->flush) |
75e1fcc0b [PATCH] vfs: add ... |
1097 |
retval = filp->f_op->flush(filp, id); |
1da177e4c Linux-2.6.12-rc2 |
1098 |
|
1abf0c718 New kind of open ... |
1099 1100 1101 1102 |
if (likely(!(filp->f_mode & FMODE_PATH))) { dnotify_flush(filp, id); locks_remove_posix(filp, id); } |
1da177e4c Linux-2.6.12-rc2 |
1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 |
fput(filp); return retval; } EXPORT_SYMBOL(filp_close); /* * Careful here! We test whether the file pointer is NULL before * releasing the fd. This ensures that one clone task can't release * an fd while another clone is opening it. */ |
ca013e945 [CVE-2009-0029] S... |
1114 |
SYSCALL_DEFINE1(close, unsigned int, fd) |
1da177e4c Linux-2.6.12-rc2 |
1115 |
{ |
483ce1d4b take descriptor-r... |
1116 |
int retval = __close_fd(current->files, fd); |
ee731f4f7 [PATCH] fix wrong... |
1117 1118 1119 1120 1121 1122 1123 1124 1125 |
/* can't restart close syscall because file table entry was cleared */ if (unlikely(retval == -ERESTARTSYS || retval == -ERESTARTNOINTR || retval == -ERESTARTNOHAND || retval == -ERESTART_RESTARTBLOCK)) retval = -EINTR; return retval; |
1da177e4c Linux-2.6.12-rc2 |
1126 |
} |
1da177e4c Linux-2.6.12-rc2 |
1127 1128 1129 1130 1131 |
/* * This routine simulates a hangup on the tty, to arrange that users * are given clean terminals at login time. */ |
ca013e945 [CVE-2009-0029] S... |
1132 |
SYSCALL_DEFINE0(vhangup) |
1da177e4c Linux-2.6.12-rc2 |
1133 1134 |
{ if (capable(CAP_SYS_TTY_CONFIG)) { |
2cb5998b5 tty: the vhangup ... |
1135 |
tty_vhangup_self(); |
1da177e4c Linux-2.6.12-rc2 |
1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 |
return 0; } return -EPERM; } /* * Called when an inode is about to be open. * We use this to disallow opening large files on 32bit systems if * the caller didn't specify O_LARGEFILE. On 64bit systems we force * on this flag in sys_open. */ int generic_file_open(struct inode * inode, struct file * filp) { if (!(filp->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS) |
a9c62a18a fs: correct SuS c... |
1150 |
return -EOVERFLOW; |
1da177e4c Linux-2.6.12-rc2 |
1151 1152 1153 1154 1155 1156 1157 |
return 0; } EXPORT_SYMBOL(generic_file_open); /* * This is used by subsystems that don't want seekable |
06b1e104b vfs: clarify that... |
1158 1159 1160 |
* file descriptors. The function is not supposed to ever fail, the only * reason it returns an 'int' and not 'void' is so that it can be plugged * directly into file_operations structure. |
1da177e4c Linux-2.6.12-rc2 |
1161 1162 1163 1164 1165 1166 1167 1168 |
*/ int nonseekable_open(struct inode *inode, struct file *filp) { filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE); return 0; } EXPORT_SYMBOL(nonseekable_open); |
10dce8af3 fs: stream_open -... |
1169 1170 1171 1172 |
/* * stream_open is used by subsystems that want stream-like file descriptors. * Such file descriptors are not seekable and don't have notion of position |
438ab720c vfs: pass ppos=NU... |
1173 1174 1175 |
* (file.f_pos is always 0 and ppos passed to .read()/.write() is always NULL). * Contrary to file descriptors of other regular files, .read() and .write() * can run simultaneously. |
10dce8af3 fs: stream_open -... |
1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 |
* * stream_open never fails and is marked to return int so that it could be * directly used as file_operations.open . */ int stream_open(struct inode *inode, struct file *filp) { filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE | FMODE_ATOMIC_POS); filp->f_mode |= FMODE_STREAM; return 0; } EXPORT_SYMBOL(stream_open); |