Blame view
fs/open.c
26.7 KB
1da177e4c Linux-2.6.12-rc2 |
1 2 3 4 5 6 7 8 |
/* * linux/fs/open.c * * Copyright (C) 1991, 1992 Linus Torvalds */ #include <linux/string.h> #include <linux/mm.h> |
1da177e4c Linux-2.6.12-rc2 |
9 |
#include <linux/file.h> |
9f3acc314 [PATCH] split lin... |
10 |
#include <linux/fdtable.h> |
0eeca2830 [PATCH] inotify |
11 |
#include <linux/fsnotify.h> |
1da177e4c Linux-2.6.12-rc2 |
12 |
#include <linux/module.h> |
1da177e4c Linux-2.6.12-rc2 |
13 14 15 |
#include <linux/tty.h> #include <linux/namei.h> #include <linux/backing-dev.h> |
16f7e0fe2 [PATCH] capable/c... |
16 |
#include <linux/capability.h> |
086f7316f security: filesys... |
17 |
#include <linux/securebits.h> |
1da177e4c Linux-2.6.12-rc2 |
18 19 |
#include <linux/security.h> #include <linux/mount.h> |
5590ff0d5 [PATCH] vfs: *at ... |
20 |
#include <linux/fcntl.h> |
5a0e3ad6a include cleanup: ... |
21 |
#include <linux/slab.h> |
1da177e4c Linux-2.6.12-rc2 |
22 23 |
#include <asm/uaccess.h> #include <linux/fs.h> |
ef3daeda7 [PATCH] Don't for... |
24 |
#include <linux/personality.h> |
1da177e4c Linux-2.6.12-rc2 |
25 26 |
#include <linux/pagemap.h> #include <linux/syscalls.h> |
ab2af1f50 [PATCH] files: fi... |
27 |
#include <linux/rcupdate.h> |
73241ccca [PATCH] Collect m... |
28 |
#include <linux/audit.h> |
97ac73506 sys_fallocate() i... |
29 |
#include <linux/falloc.h> |
5ad4e53bd Get rid of indire... |
30 |
#include <linux/fs_struct.h> |
b65a9cfc2 Untangling ima me... |
31 |
#include <linux/ima.h> |
2dfc1cae4 inotify: remove i... |
32 |
#include <linux/dnotify.h> |
3f6d078d4 fix compat trunca... |
33 |
#include <linux/compat.h> |
1da177e4c Linux-2.6.12-rc2 |
34 |
|
e81e3f4dc fs: move get_empt... |
35 |
#include "internal.h" |
4a30131e7 [PATCH] Fix some ... |
36 37 |
int do_truncate(struct dentry *dentry, loff_t length, unsigned int time_attrs, struct file *filp) |
1da177e4c Linux-2.6.12-rc2 |
38 |
{ |
939a9421e vfs: allow file t... |
39 |
int ret; |
1da177e4c Linux-2.6.12-rc2 |
40 41 42 43 44 45 46 |
struct iattr newattrs; /* Not pretty: "inode->i_size" shouldn't really be signed. But it is. */ if (length < 0) return -EINVAL; newattrs.ia_size = length; |
4a30131e7 [PATCH] Fix some ... |
47 |
newattrs.ia_valid = ATTR_SIZE | time_attrs; |
cc4e69dee [PATCH] VFS: pass... |
48 49 50 51 |
if (filp) { newattrs.ia_file = filp; newattrs.ia_valid |= ATTR_FILE; } |
1da177e4c Linux-2.6.12-rc2 |
52 |
|
7b82dc0e6 Remove suid/sgid ... |
53 |
/* Remove suid/sgid on truncate too */ |
939a9421e vfs: allow file t... |
54 55 56 |
ret = should_remove_suid(dentry); if (ret) newattrs.ia_valid |= ret | ATTR_FORCE; |
7b82dc0e6 Remove suid/sgid ... |
57 |
|
1b1dcc1b5 [PATCH] mutex sub... |
58 |
mutex_lock(&dentry->d_inode->i_mutex); |
27ac0ffea locks: break dele... |
59 60 |
/* Note any delegations or leases have already been broken: */ ret = notify_change(dentry, &newattrs, NULL); |
1b1dcc1b5 [PATCH] mutex sub... |
61 |
mutex_unlock(&dentry->d_inode->i_mutex); |
939a9421e vfs: allow file t... |
62 |
return ret; |
1da177e4c Linux-2.6.12-rc2 |
63 |
} |
a02de9608 VFS: Make more co... |
64 |
long vfs_truncate(struct path *path, loff_t length) |
1da177e4c Linux-2.6.12-rc2 |
65 |
{ |
2d8f30380 [PATCH] sanitize ... |
66 |
struct inode *inode; |
a02de9608 VFS: Make more co... |
67 |
long error; |
1da177e4c Linux-2.6.12-rc2 |
68 |
|
a02de9608 VFS: Make more co... |
69 |
inode = path->dentry->d_inode; |
1da177e4c Linux-2.6.12-rc2 |
70 71 |
/* For directories it's -EISDIR, for other non-regulars - -EINVAL */ |
1da177e4c Linux-2.6.12-rc2 |
72 |
if (S_ISDIR(inode->i_mode)) |
a02de9608 VFS: Make more co... |
73 |
return -EISDIR; |
1da177e4c Linux-2.6.12-rc2 |
74 |
if (!S_ISREG(inode->i_mode)) |
a02de9608 VFS: Make more co... |
75 |
return -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
76 |
|
a02de9608 VFS: Make more co... |
77 |
error = mnt_want_write(path->mnt); |
1da177e4c Linux-2.6.12-rc2 |
78 |
if (error) |
a02de9608 VFS: Make more co... |
79 |
goto out; |
1da177e4c Linux-2.6.12-rc2 |
80 |
|
256984a83 [PATCH] preparati... |
81 |
error = inode_permission(inode, MAY_WRITE); |
9ac9b8474 [PATCH] r/o bind ... |
82 83 |
if (error) goto mnt_drop_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
84 85 |
error = -EPERM; |
c82e42da8 [patch 1/5] vfs: ... |
86 |
if (IS_APPEND(inode)) |
9ac9b8474 [PATCH] r/o bind ... |
87 |
goto mnt_drop_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
88 |
|
9700382c3 VFS: fix a race i... |
89 |
error = get_write_access(inode); |
1da177e4c Linux-2.6.12-rc2 |
90 |
if (error) |
9ac9b8474 [PATCH] r/o bind ... |
91 |
goto mnt_drop_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
92 |
|
9700382c3 VFS: fix a race i... |
93 94 95 96 |
/* * Make sure that there are no leases. get_write_access() protects * against the truncate racing with a lease-granting setlease(). */ |
8737c9305 Switch may_open()... |
97 |
error = break_lease(inode, O_WRONLY); |
1da177e4c Linux-2.6.12-rc2 |
98 |
if (error) |
9700382c3 VFS: fix a race i... |
99 |
goto put_write_and_out; |
1da177e4c Linux-2.6.12-rc2 |
100 101 |
error = locks_verify_truncate(inode, NULL, length); |
be6d3e56a introduce new LSM... |
102 |
if (!error) |
a02de9608 VFS: Make more co... |
103 |
error = security_path_truncate(path); |
907f4554e dquot: move dquot... |
104 |
if (!error) |
a02de9608 VFS: Make more co... |
105 |
error = do_truncate(path->dentry, length, 0, NULL); |
1da177e4c Linux-2.6.12-rc2 |
106 |
|
9700382c3 VFS: fix a race i... |
107 108 |
put_write_and_out: put_write_access(inode); |
9ac9b8474 [PATCH] r/o bind ... |
109 |
mnt_drop_write_and_out: |
a02de9608 VFS: Make more co... |
110 |
mnt_drop_write(path->mnt); |
1da177e4c Linux-2.6.12-rc2 |
111 112 113 |
out: return error; } |
a02de9608 VFS: Make more co... |
114 115 116 117 |
EXPORT_SYMBOL_GPL(vfs_truncate); static long do_sys_truncate(const char __user *pathname, loff_t length) { |
48f7530d3 vfs: have do_sys_... |
118 |
unsigned int lookup_flags = LOOKUP_FOLLOW; |
a02de9608 VFS: Make more co... |
119 120 121 122 123 |
struct path path; int error; if (length < 0) /* sorry, but loff_t says... */ return -EINVAL; |
48f7530d3 vfs: have do_sys_... |
124 125 |
retry: error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path); |
a02de9608 VFS: Make more co... |
126 127 128 129 |
if (!error) { error = vfs_truncate(&path, length); path_put(&path); } |
48f7530d3 vfs: have do_sys_... |
130 131 132 133 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
a02de9608 VFS: Make more co... |
134 135 |
return error; } |
1da177e4c Linux-2.6.12-rc2 |
136 |
|
4fd8da8d6 fs: change sys_tr... |
137 |
SYSCALL_DEFINE2(truncate, const char __user *, path, long, length) |
1da177e4c Linux-2.6.12-rc2 |
138 |
{ |
4fd8da8d6 fs: change sys_tr... |
139 |
return do_sys_truncate(path, length); |
1da177e4c Linux-2.6.12-rc2 |
140 |
} |
3f6d078d4 fix compat trunca... |
141 142 143 144 145 146 |
#ifdef CONFIG_COMPAT COMPAT_SYSCALL_DEFINE2(truncate, const char __user *, path, compat_off_t, length) { return do_sys_truncate(path, length); } #endif |
b01ec0ef6 [PATCH] tiny: Uni... |
147 |
static long do_sys_ftruncate(unsigned int fd, loff_t length, int small) |
1da177e4c Linux-2.6.12-rc2 |
148 |
{ |
bf2965d5b switch ftruncate(... |
149 |
struct inode *inode; |
1da177e4c Linux-2.6.12-rc2 |
150 |
struct dentry *dentry; |
2903ff019 switch simple cas... |
151 |
struct fd f; |
1da177e4c Linux-2.6.12-rc2 |
152 153 154 155 156 157 |
int error; error = -EINVAL; if (length < 0) goto out; error = -EBADF; |
2903ff019 switch simple cas... |
158 159 |
f = fdget(fd); if (!f.file) |
1da177e4c Linux-2.6.12-rc2 |
160 161 162 |
goto out; /* explicitly opened as large or we are on 64-bit box */ |
2903ff019 switch simple cas... |
163 |
if (f.file->f_flags & O_LARGEFILE) |
1da177e4c Linux-2.6.12-rc2 |
164 |
small = 0; |
2903ff019 switch simple cas... |
165 |
dentry = f.file->f_path.dentry; |
1da177e4c Linux-2.6.12-rc2 |
166 167 |
inode = dentry->d_inode; error = -EINVAL; |
2903ff019 switch simple cas... |
168 |
if (!S_ISREG(inode->i_mode) || !(f.file->f_mode & FMODE_WRITE)) |
1da177e4c Linux-2.6.12-rc2 |
169 170 171 172 173 174 175 176 177 178 |
goto out_putf; error = -EINVAL; /* Cannot ftruncate over 2^31 bytes without large file support */ if (small && length > MAX_NON_LFS) goto out_putf; error = -EPERM; if (IS_APPEND(inode)) goto out_putf; |
14da92001 fs: Protect write... |
179 |
sb_start_write(inode->i_sb); |
2903ff019 switch simple cas... |
180 |
error = locks_verify_truncate(inode, f.file, length); |
1da177e4c Linux-2.6.12-rc2 |
181 |
if (!error) |
2903ff019 switch simple cas... |
182 |
error = security_path_truncate(&f.file->f_path); |
be6d3e56a introduce new LSM... |
183 |
if (!error) |
2903ff019 switch simple cas... |
184 |
error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, f.file); |
14da92001 fs: Protect write... |
185 |
sb_end_write(inode->i_sb); |
1da177e4c Linux-2.6.12-rc2 |
186 |
out_putf: |
2903ff019 switch simple cas... |
187 |
fdput(f); |
1da177e4c Linux-2.6.12-rc2 |
188 189 190 |
out: return error; } |
bdc480e3b [CVE-2009-0029] S... |
191 |
SYSCALL_DEFINE2(ftruncate, unsigned int, fd, unsigned long, length) |
1da177e4c Linux-2.6.12-rc2 |
192 |
{ |
2cf096668 make SYSCALL_DEFI... |
193 |
return do_sys_ftruncate(fd, length, 1); |
1da177e4c Linux-2.6.12-rc2 |
194 |
} |
3f6d078d4 fix compat trunca... |
195 196 197 198 199 200 |
#ifdef CONFIG_COMPAT COMPAT_SYSCALL_DEFINE2(ftruncate, unsigned int, fd, compat_ulong_t, length) { return do_sys_ftruncate(fd, length, 1); } #endif |
1da177e4c Linux-2.6.12-rc2 |
201 202 |
/* LFS versions of truncate are only needed on 32 bit machines */ #if BITS_PER_LONG == 32 |
4a0fd5bf0 teach SYSCALL_DEF... |
203 |
SYSCALL_DEFINE2(truncate64, const char __user *, path, loff_t, length) |
1da177e4c Linux-2.6.12-rc2 |
204 205 206 |
{ return do_sys_truncate(path, length); } |
4a0fd5bf0 teach SYSCALL_DEF... |
207 |
SYSCALL_DEFINE2(ftruncate64, unsigned int, fd, loff_t, length) |
1da177e4c Linux-2.6.12-rc2 |
208 |
{ |
2cf096668 make SYSCALL_DEFI... |
209 |
return do_sys_ftruncate(fd, length, 0); |
1da177e4c Linux-2.6.12-rc2 |
210 |
} |
6673e0c3f [CVE-2009-0029] S... |
211 |
#endif /* BITS_PER_LONG == 32 */ |
1da177e4c Linux-2.6.12-rc2 |
212 |
|
3e63cbb1e fs: Add new pre-a... |
213 |
|
72c72bdf7 VFS: Rename do_fa... |
214 |
int vfs_fallocate(struct file *file, int mode, loff_t offset, loff_t len) |
97ac73506 sys_fallocate() i... |
215 |
{ |
496ad9aa8 new helper: file_... |
216 |
struct inode *inode = file_inode(file); |
3e63cbb1e fs: Add new pre-a... |
217 |
long ret; |
97ac73506 sys_fallocate() i... |
218 219 |
if (offset < 0 || len <= 0) |
3e63cbb1e fs: Add new pre-a... |
220 |
return -EINVAL; |
97ac73506 sys_fallocate() i... |
221 222 |
/* Return error if mode is not supported */ |
00f5e6199 fs: Add new flag(... |
223 |
if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE | |
409332b65 fs: Introduce FAL... |
224 225 226 227 228 229 |
FALLOC_FL_COLLAPSE_RANGE | FALLOC_FL_ZERO_RANGE)) return -EOPNOTSUPP; /* Punch hole and zero range are mutually exclusive */ if ((mode & (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_ZERO_RANGE)) == (FALLOC_FL_PUNCH_HOLE | FALLOC_FL_ZERO_RANGE)) |
79124f18b fs: add hole punc... |
230 231 232 233 234 |
return -EOPNOTSUPP; /* Punch hole must have keep size set */ if ((mode & FALLOC_FL_PUNCH_HOLE) && !(mode & FALLOC_FL_KEEP_SIZE)) |
3e63cbb1e fs: Add new pre-a... |
235 |
return -EOPNOTSUPP; |
97ac73506 sys_fallocate() i... |
236 |
|
00f5e6199 fs: Add new flag(... |
237 238 239 240 |
/* Collapse range should only be used exclusively. */ if ((mode & FALLOC_FL_COLLAPSE_RANGE) && (mode & ~FALLOC_FL_COLLAPSE_RANGE)) return -EINVAL; |
97ac73506 sys_fallocate() i... |
241 |
if (!(file->f_mode & FMODE_WRITE)) |
3e63cbb1e fs: Add new pre-a... |
242 |
return -EBADF; |
1ca551c6c Check for immutab... |
243 |
|
00f5e6199 fs: Add new flag(... |
244 |
/* |
8fc61d926 fs: prevent doing... |
245 |
* We can only allow pure fallocate on append only files |
00f5e6199 fs: Add new flag(... |
246 |
*/ |
8fc61d926 fs: prevent doing... |
247 |
if ((mode & ~FALLOC_FL_KEEP_SIZE) && IS_APPEND(inode)) |
1ca551c6c Check for immutab... |
248 249 250 251 |
return -EPERM; if (IS_IMMUTABLE(inode)) return -EPERM; |
97ac73506 sys_fallocate() i... |
252 |
/* |
6d2b6170c vfs: fix check fo... |
253 |
* We cannot allow any fallocate operation on an active swapfile |
0790b31b6 fs: disallow all ... |
254 255 |
*/ if (IS_SWAPFILE(inode)) |
6d2b6170c vfs: fix check fo... |
256 |
return -ETXTBSY; |
0790b31b6 fs: disallow all ... |
257 258 |
/* |
97ac73506 sys_fallocate() i... |
259 260 261 262 263 |
* Revalidate the write permissions, in case security policy has * changed since the files were opened. */ ret = security_file_permission(file, MAY_WRITE); if (ret) |
3e63cbb1e fs: Add new pre-a... |
264 |
return ret; |
97ac73506 sys_fallocate() i... |
265 |
|
97ac73506 sys_fallocate() i... |
266 |
if (S_ISFIFO(inode->i_mode)) |
3e63cbb1e fs: Add new pre-a... |
267 |
return -ESPIPE; |
97ac73506 sys_fallocate() i... |
268 |
|
97ac73506 sys_fallocate() i... |
269 270 271 272 273 |
/* * Let individual file system decide if it supports preallocation * for directories or not. */ if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) |
3e63cbb1e fs: Add new pre-a... |
274 |
return -ENODEV; |
97ac73506 sys_fallocate() i... |
275 |
|
97ac73506 sys_fallocate() i... |
276 277 |
/* Check for wrap through zero too */ if (((offset + len) > inode->i_sb->s_maxbytes) || ((offset + len) < 0)) |
3e63cbb1e fs: Add new pre-a... |
278 |
return -EFBIG; |
97ac73506 sys_fallocate() i... |
279 |
|
2fe17c107 fallocate should ... |
280 |
if (!file->f_op->fallocate) |
3e63cbb1e fs: Add new pre-a... |
281 |
return -EOPNOTSUPP; |
97ac73506 sys_fallocate() i... |
282 |
|
14da92001 fs: Protect write... |
283 284 |
sb_start_write(inode->i_sb); ret = file->f_op->fallocate(file, mode, offset, len); |
820c12d5d fallocate: create... |
285 286 287 288 289 290 291 292 293 294 |
/* * Create inotify and fanotify events. * * To keep the logic simple always create events if fallocate succeeds. * This implies that events are even created if the file size remains * unchanged, e.g. when using flag FALLOC_FL_KEEP_SIZE. */ if (ret == 0) fsnotify_modify(file); |
14da92001 fs: Protect write... |
295 296 |
sb_end_write(inode->i_sb); return ret; |
3e63cbb1e fs: Add new pre-a... |
297 |
} |
72c72bdf7 VFS: Rename do_fa... |
298 |
EXPORT_SYMBOL_GPL(vfs_fallocate); |
3e63cbb1e fs: Add new pre-a... |
299 |
|
4a0fd5bf0 teach SYSCALL_DEF... |
300 |
SYSCALL_DEFINE4(fallocate, int, fd, int, mode, loff_t, offset, loff_t, len) |
3e63cbb1e fs: Add new pre-a... |
301 |
{ |
2903ff019 switch simple cas... |
302 |
struct fd f = fdget(fd); |
3e63cbb1e fs: Add new pre-a... |
303 |
int error = -EBADF; |
2903ff019 switch simple cas... |
304 |
if (f.file) { |
72c72bdf7 VFS: Rename do_fa... |
305 |
error = vfs_fallocate(f.file, mode, offset, len); |
2903ff019 switch simple cas... |
306 |
fdput(f); |
3e63cbb1e fs: Add new pre-a... |
307 |
} |
3e63cbb1e fs: Add new pre-a... |
308 |
return error; |
97ac73506 sys_fallocate() i... |
309 |
} |
3e63cbb1e fs: Add new pre-a... |
310 |
|
1da177e4c Linux-2.6.12-rc2 |
311 312 313 314 315 |
/* * access() needs to use the real uid/gid, not the effective uid/gid. * We do this by temporarily clearing all FS-related capabilities and * switching the fsuid/fsgid around to the real ones. */ |
6559eed8c [CVE-2009-0029] S... |
316 |
SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode) |
1da177e4c Linux-2.6.12-rc2 |
317 |
{ |
d84f4f992 CRED: Inaugurate ... |
318 319 |
const struct cred *old_cred; struct cred *override_cred; |
2d8f30380 [PATCH] sanitize ... |
320 |
struct path path; |
256984a83 [PATCH] preparati... |
321 |
struct inode *inode; |
1da177e4c Linux-2.6.12-rc2 |
322 |
int res; |
87fa55952 vfs: have faccess... |
323 |
unsigned int lookup_flags = LOOKUP_FOLLOW; |
1da177e4c Linux-2.6.12-rc2 |
324 325 326 |
if (mode & ~S_IRWXO) /* where's F_OK, X_OK, W_OK, R_OK? */ return -EINVAL; |
d84f4f992 CRED: Inaugurate ... |
327 328 329 |
override_cred = prepare_creds(); if (!override_cred) return -ENOMEM; |
1da177e4c Linux-2.6.12-rc2 |
330 |
|
d84f4f992 CRED: Inaugurate ... |
331 332 |
override_cred->fsuid = override_cred->uid; override_cred->fsgid = override_cred->gid; |
1da177e4c Linux-2.6.12-rc2 |
333 |
|
086f7316f security: filesys... |
334 |
if (!issecure(SECURE_NO_SETUID_FIXUP)) { |
1cdcbec1a CRED: Neuter sys_... |
335 |
/* Clear the capabilities if we switch to a non-root user */ |
18815a180 userns: Convert c... |
336 337 |
kuid_t root_uid = make_kuid(override_cred->user_ns, 0); if (!uid_eq(override_cred->uid, root_uid)) |
d84f4f992 CRED: Inaugurate ... |
338 |
cap_clear(override_cred->cap_effective); |
086f7316f security: filesys... |
339 |
else |
d84f4f992 CRED: Inaugurate ... |
340 341 |
override_cred->cap_effective = override_cred->cap_permitted; |
086f7316f security: filesys... |
342 |
} |
1da177e4c Linux-2.6.12-rc2 |
343 |
|
d84f4f992 CRED: Inaugurate ... |
344 |
old_cred = override_creds(override_cred); |
87fa55952 vfs: have faccess... |
345 346 |
retry: res = user_path_at(dfd, filename, lookup_flags, &path); |
6902d925d [PATCH] r/o bind ... |
347 348 |
if (res) goto out; |
2d8f30380 [PATCH] sanitize ... |
349 |
inode = path.dentry->d_inode; |
256984a83 [PATCH] preparati... |
350 351 |
if ((mode & MAY_EXEC) && S_ISREG(inode->i_mode)) { |
30524472c [PATCH] take noex... |
352 353 354 355 356 |
/* * MAY_EXEC on regular files is denied if the fs is mounted * with the "noexec" flag. */ res = -EACCES; |
2d8f30380 [PATCH] sanitize ... |
357 |
if (path.mnt->mnt_flags & MNT_NOEXEC) |
30524472c [PATCH] take noex... |
358 359 |
goto out_path_release; } |
256984a83 [PATCH] preparati... |
360 |
res = inode_permission(inode, mode | MAY_ACCESS); |
6902d925d [PATCH] r/o bind ... |
361 |
/* SuS v2 requires we report a read only fs too */ |
256984a83 [PATCH] preparati... |
362 |
if (res || !(mode & S_IWOTH) || special_file(inode->i_mode)) |
6902d925d [PATCH] r/o bind ... |
363 |
goto out_path_release; |
2f676cbc0 [PATCH] r/o bind ... |
364 365 366 367 368 369 370 371 372 373 |
/* * This is a rare case where using __mnt_is_readonly() * is OK without a mnt_want/drop_write() pair. Since * no actual write to the fs is performed here, we do * not need to telegraph to that to anyone. * * By doing this, we accept that this access is * inherently racy and know that the fs may change * state before we even see this result. */ |
2d8f30380 [PATCH] sanitize ... |
374 |
if (__mnt_is_readonly(path.mnt)) |
6902d925d [PATCH] r/o bind ... |
375 |
res = -EROFS; |
1da177e4c Linux-2.6.12-rc2 |
376 |
|
6902d925d [PATCH] r/o bind ... |
377 |
out_path_release: |
2d8f30380 [PATCH] sanitize ... |
378 |
path_put(&path); |
87fa55952 vfs: have faccess... |
379 380 381 382 |
if (retry_estale(res, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
6902d925d [PATCH] r/o bind ... |
383 |
out: |
d84f4f992 CRED: Inaugurate ... |
384 385 |
revert_creds(old_cred); put_cred(override_cred); |
1da177e4c Linux-2.6.12-rc2 |
386 387 |
return res; } |
ca013e945 [CVE-2009-0029] S... |
388 |
SYSCALL_DEFINE2(access, const char __user *, filename, int, mode) |
5590ff0d5 [PATCH] vfs: *at ... |
389 390 391 |
{ return sys_faccessat(AT_FDCWD, filename, mode); } |
3cdad4288 [CVE-2009-0029] S... |
392 |
SYSCALL_DEFINE1(chdir, const char __user *, filename) |
1da177e4c Linux-2.6.12-rc2 |
393 |
{ |
2d8f30380 [PATCH] sanitize ... |
394 |
struct path path; |
1da177e4c Linux-2.6.12-rc2 |
395 |
int error; |
0291c0a55 vfs: have chdir r... |
396 397 398 |
unsigned int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; retry: error = user_path_at(AT_FDCWD, filename, lookup_flags, &path); |
1da177e4c Linux-2.6.12-rc2 |
399 400 |
if (error) goto out; |
9cfcac810 vfs: re-introduce... |
401 |
error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); |
1da177e4c Linux-2.6.12-rc2 |
402 403 |
if (error) goto dput_and_out; |
2d8f30380 [PATCH] sanitize ... |
404 |
set_fs_pwd(current->fs, &path); |
1da177e4c Linux-2.6.12-rc2 |
405 406 |
dput_and_out: |
2d8f30380 [PATCH] sanitize ... |
407 |
path_put(&path); |
0291c0a55 vfs: have chdir r... |
408 409 410 411 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
1da177e4c Linux-2.6.12-rc2 |
412 413 414 |
out: return error; } |
3cdad4288 [CVE-2009-0029] S... |
415 |
SYSCALL_DEFINE1(fchdir, unsigned int, fd) |
1da177e4c Linux-2.6.12-rc2 |
416 |
{ |
2903ff019 switch simple cas... |
417 |
struct fd f = fdget_raw(fd); |
1da177e4c Linux-2.6.12-rc2 |
418 |
struct inode *inode; |
2903ff019 switch simple cas... |
419 |
int error = -EBADF; |
1da177e4c Linux-2.6.12-rc2 |
420 421 |
error = -EBADF; |
2903ff019 switch simple cas... |
422 |
if (!f.file) |
1da177e4c Linux-2.6.12-rc2 |
423 |
goto out; |
496ad9aa8 new helper: file_... |
424 |
inode = file_inode(f.file); |
1da177e4c Linux-2.6.12-rc2 |
425 426 427 428 |
error = -ENOTDIR; if (!S_ISDIR(inode->i_mode)) goto out_putf; |
9cfcac810 vfs: re-introduce... |
429 |
error = inode_permission(inode, MAY_EXEC | MAY_CHDIR); |
1da177e4c Linux-2.6.12-rc2 |
430 |
if (!error) |
2903ff019 switch simple cas... |
431 |
set_fs_pwd(current->fs, &f.file->f_path); |
1da177e4c Linux-2.6.12-rc2 |
432 |
out_putf: |
2903ff019 switch simple cas... |
433 |
fdput(f); |
1da177e4c Linux-2.6.12-rc2 |
434 435 436 |
out: return error; } |
3480b2574 [CVE-2009-0029] S... |
437 |
SYSCALL_DEFINE1(chroot, const char __user *, filename) |
1da177e4c Linux-2.6.12-rc2 |
438 |
{ |
2d8f30380 [PATCH] sanitize ... |
439 |
struct path path; |
1da177e4c Linux-2.6.12-rc2 |
440 |
int error; |
2771261ec vfs: have chroot ... |
441 442 443 |
unsigned int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; retry: error = user_path_at(AT_FDCWD, filename, lookup_flags, &path); |
1da177e4c Linux-2.6.12-rc2 |
444 445 |
if (error) goto out; |
9cfcac810 vfs: re-introduce... |
446 |
error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); |
1da177e4c Linux-2.6.12-rc2 |
447 448 449 450 |
if (error) goto dput_and_out; error = -EPERM; |
c7b96acf1 userns: Kill nso... |
451 |
if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT)) |
1da177e4c Linux-2.6.12-rc2 |
452 |
goto dput_and_out; |
8b8efb440 LSM: Add security... |
453 454 455 |
error = security_path_chroot(&path); if (error) goto dput_and_out; |
1da177e4c Linux-2.6.12-rc2 |
456 |
|
2d8f30380 [PATCH] sanitize ... |
457 |
set_fs_root(current->fs, &path); |
1da177e4c Linux-2.6.12-rc2 |
458 459 |
error = 0; dput_and_out: |
2d8f30380 [PATCH] sanitize ... |
460 |
path_put(&path); |
2771261ec vfs: have chroot ... |
461 462 463 464 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
1da177e4c Linux-2.6.12-rc2 |
465 466 467 |
out: return error; } |
e57712ebe merge fchmod() an... |
468 |
static int chmod_common(struct path *path, umode_t mode) |
1da177e4c Linux-2.6.12-rc2 |
469 |
{ |
e57712ebe merge fchmod() an... |
470 |
struct inode *inode = path->dentry->d_inode; |
27ac0ffea locks: break dele... |
471 |
struct inode *delegated_inode = NULL; |
1da177e4c Linux-2.6.12-rc2 |
472 |
struct iattr newattrs; |
e57712ebe merge fchmod() an... |
473 |
int error; |
1da177e4c Linux-2.6.12-rc2 |
474 |
|
e57712ebe merge fchmod() an... |
475 476 477 |
error = mnt_want_write(path->mnt); if (error) return error; |
27ac0ffea locks: break dele... |
478 |
retry_deleg: |
fe542cf59 LSM: Move securit... |
479 |
mutex_lock(&inode->i_mutex); |
cdcf116d4 switch security_p... |
480 |
error = security_path_chmod(path, mode); |
e57712ebe merge fchmod() an... |
481 |
if (error) |
fe542cf59 LSM: Move securit... |
482 |
goto out_unlock; |
1da177e4c Linux-2.6.12-rc2 |
483 484 |
newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO); newattrs.ia_valid = ATTR_MODE | ATTR_CTIME; |
27ac0ffea locks: break dele... |
485 |
error = notify_change(path->dentry, &newattrs, &delegated_inode); |
fe542cf59 LSM: Move securit... |
486 |
out_unlock: |
1b1dcc1b5 [PATCH] mutex sub... |
487 |
mutex_unlock(&inode->i_mutex); |
27ac0ffea locks: break dele... |
488 489 490 491 492 |
if (delegated_inode) { error = break_deleg_wait(&delegated_inode); if (!error) goto retry_deleg; } |
e57712ebe merge fchmod() an... |
493 494 495 |
mnt_drop_write(path->mnt); return error; } |
49f0a0767 switch sys_chmod(... |
496 |
SYSCALL_DEFINE2(fchmod, unsigned int, fd, umode_t, mode) |
e57712ebe merge fchmod() an... |
497 |
{ |
173c84012 switch fchmod() t... |
498 |
struct fd f = fdget(fd); |
e57712ebe merge fchmod() an... |
499 |
int err = -EBADF; |
173c84012 switch fchmod() t... |
500 |
if (f.file) { |
9f45f5bf3 new helper: audit... |
501 |
audit_file(f.file); |
173c84012 switch fchmod() t... |
502 503 |
err = chmod_common(&f.file->f_path, mode); fdput(f); |
e57712ebe merge fchmod() an... |
504 |
} |
1da177e4c Linux-2.6.12-rc2 |
505 506 |
return err; } |
49f0a0767 switch sys_chmod(... |
507 |
SYSCALL_DEFINE3(fchmodat, int, dfd, const char __user *, filename, umode_t, mode) |
1da177e4c Linux-2.6.12-rc2 |
508 |
{ |
2d8f30380 [PATCH] sanitize ... |
509 |
struct path path; |
1da177e4c Linux-2.6.12-rc2 |
510 |
int error; |
14ff690c0 vfs: make fchmoda... |
511 512 513 |
unsigned int lookup_flags = LOOKUP_FOLLOW; retry: error = user_path_at(dfd, filename, lookup_flags, &path); |
e57712ebe merge fchmod() an... |
514 515 516 |
if (!error) { error = chmod_common(&path, mode); path_put(&path); |
14ff690c0 vfs: make fchmoda... |
517 518 519 520 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
e57712ebe merge fchmod() an... |
521 |
} |
1da177e4c Linux-2.6.12-rc2 |
522 523 |
return error; } |
49f0a0767 switch sys_chmod(... |
524 |
SYSCALL_DEFINE2(chmod, const char __user *, filename, umode_t, mode) |
5590ff0d5 [PATCH] vfs: *at ... |
525 526 527 |
{ return sys_fchmodat(AT_FDCWD, filename, mode); } |
fe542cf59 LSM: Move securit... |
528 |
static int chown_common(struct path *path, uid_t user, gid_t group) |
1da177e4c Linux-2.6.12-rc2 |
529 |
{ |
fe542cf59 LSM: Move securit... |
530 |
struct inode *inode = path->dentry->d_inode; |
27ac0ffea locks: break dele... |
531 |
struct inode *delegated_inode = NULL; |
1da177e4c Linux-2.6.12-rc2 |
532 533 |
int error; struct iattr newattrs; |
52137abe1 userns: Convert u... |
534 535 536 537 538 |
kuid_t uid; kgid_t gid; uid = make_kuid(current_user_ns(), user); gid = make_kgid(current_user_ns(), group); |
1da177e4c Linux-2.6.12-rc2 |
539 |
|
1da177e4c Linux-2.6.12-rc2 |
540 541 |
newattrs.ia_valid = ATTR_CTIME; if (user != (uid_t) -1) { |
52137abe1 userns: Convert u... |
542 543 |
if (!uid_valid(uid)) return -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
544 |
newattrs.ia_valid |= ATTR_UID; |
52137abe1 userns: Convert u... |
545 |
newattrs.ia_uid = uid; |
1da177e4c Linux-2.6.12-rc2 |
546 547 |
} if (group != (gid_t) -1) { |
52137abe1 userns: Convert u... |
548 549 |
if (!gid_valid(gid)) return -EINVAL; |
1da177e4c Linux-2.6.12-rc2 |
550 |
newattrs.ia_valid |= ATTR_GID; |
52137abe1 userns: Convert u... |
551 |
newattrs.ia_gid = gid; |
1da177e4c Linux-2.6.12-rc2 |
552 553 |
} if (!S_ISDIR(inode->i_mode)) |
b53767719 Implement file po... |
554 555 |
newattrs.ia_valid |= ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; |
27ac0ffea locks: break dele... |
556 |
retry_deleg: |
1b1dcc1b5 [PATCH] mutex sub... |
557 |
mutex_lock(&inode->i_mutex); |
d2b31ca64 userns: Teach sec... |
558 |
error = security_path_chown(path, uid, gid); |
fe542cf59 LSM: Move securit... |
559 |
if (!error) |
27ac0ffea locks: break dele... |
560 |
error = notify_change(path->dentry, &newattrs, &delegated_inode); |
1b1dcc1b5 [PATCH] mutex sub... |
561 |
mutex_unlock(&inode->i_mutex); |
27ac0ffea locks: break dele... |
562 563 564 565 566 |
if (delegated_inode) { error = break_deleg_wait(&delegated_inode); if (!error) goto retry_deleg; } |
1da177e4c Linux-2.6.12-rc2 |
567 568 |
return error; } |
6559eed8c [CVE-2009-0029] S... |
569 570 |
SYSCALL_DEFINE5(fchownat, int, dfd, const char __user *, filename, uid_t, user, gid_t, group, int, flag) |
5590ff0d5 [PATCH] vfs: *at ... |
571 |
{ |
2d8f30380 [PATCH] sanitize ... |
572 |
struct path path; |
5590ff0d5 [PATCH] vfs: *at ... |
573 |
int error = -EINVAL; |
65cfc6722 readlinkat(), fch... |
574 |
int lookup_flags; |
5590ff0d5 [PATCH] vfs: *at ... |
575 |
|
65cfc6722 readlinkat(), fch... |
576 |
if ((flag & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)) != 0) |
5590ff0d5 [PATCH] vfs: *at ... |
577 |
goto out; |
65cfc6722 readlinkat(), fch... |
578 579 580 |
lookup_flags = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW; if (flag & AT_EMPTY_PATH) lookup_flags |= LOOKUP_EMPTY; |
99a5df37a vfs: make fchowna... |
581 |
retry: |
65cfc6722 readlinkat(), fch... |
582 |
error = user_path_at(dfd, filename, lookup_flags, &path); |
6902d925d [PATCH] r/o bind ... |
583 584 |
if (error) goto out; |
2d8f30380 [PATCH] sanitize ... |
585 |
error = mnt_want_write(path.mnt); |
2af482a7e [PATCH] r/o bind ... |
586 587 |
if (error) goto out_release; |
fe542cf59 LSM: Move securit... |
588 |
error = chown_common(&path, user, group); |
2d8f30380 [PATCH] sanitize ... |
589 |
mnt_drop_write(path.mnt); |
2af482a7e [PATCH] r/o bind ... |
590 |
out_release: |
2d8f30380 [PATCH] sanitize ... |
591 |
path_put(&path); |
99a5df37a vfs: make fchowna... |
592 593 594 595 |
if (retry_estale(error, lookup_flags)) { lookup_flags |= LOOKUP_REVAL; goto retry; } |
5590ff0d5 [PATCH] vfs: *at ... |
596 597 598 |
out: return error; } |
55e4def0a VFS: Make chown()... |
599 |
SYSCALL_DEFINE3(chown, const char __user *, filename, uid_t, user, gid_t, group) |
1da177e4c Linux-2.6.12-rc2 |
600 |
{ |
55e4def0a VFS: Make chown()... |
601 602 |
return sys_fchownat(AT_FDCWD, filename, user, group, 0); } |
1da177e4c Linux-2.6.12-rc2 |
603 |
|
55e4def0a VFS: Make chown()... |
604 605 606 607 |
SYSCALL_DEFINE3(lchown, const char __user *, filename, uid_t, user, gid_t, group) { return sys_fchownat(AT_FDCWD, filename, user, group, AT_SYMLINK_NOFOLLOW); |
1da177e4c Linux-2.6.12-rc2 |
608 |
} |
ca013e945 [CVE-2009-0029] S... |
609 |
SYSCALL_DEFINE3(fchown, unsigned int, fd, uid_t, user, gid_t, group) |
1da177e4c Linux-2.6.12-rc2 |
610 |
{ |
2903ff019 switch simple cas... |
611 |
struct fd f = fdget(fd); |
1da177e4c Linux-2.6.12-rc2 |
612 |
int error = -EBADF; |
2903ff019 switch simple cas... |
613 |
if (!f.file) |
6902d925d [PATCH] r/o bind ... |
614 |
goto out; |
2903ff019 switch simple cas... |
615 |
error = mnt_want_write_file(f.file); |
2af482a7e [PATCH] r/o bind ... |
616 617 |
if (error) goto out_fput; |
9f45f5bf3 new helper: audit... |
618 |
audit_file(f.file); |
2903ff019 switch simple cas... |
619 620 |
error = chown_common(&f.file->f_path, user, group); mnt_drop_write_file(f.file); |
2af482a7e [PATCH] r/o bind ... |
621 |
out_fput: |
2903ff019 switch simple cas... |
622 |
fdput(f); |
6902d925d [PATCH] r/o bind ... |
623 |
out: |
1da177e4c Linux-2.6.12-rc2 |
624 625 |
return error; } |
90ad1a8ec vfs: split __dent... |
626 627 628 629 630 631 632 633 634 635 636 637 |
int open_check_o_direct(struct file *f) { /* NB: we're sure to have correct a_ops only after f_op->open */ if (f->f_flags & O_DIRECT) { if (!f->f_mapping->a_ops || ((!f->f_mapping->a_ops->direct_IO) && (!f->f_mapping->a_ops->get_xip_mem))) { return -EINVAL; } } return 0; } |
02e5180d9 do_dentry_open():... |
638 |
static int do_dentry_open(struct file *f, |
96b7e579a switch do_dentry_... |
639 640 |
int (*open)(struct inode *, struct file *), const struct cred *cred) |
1da177e4c Linux-2.6.12-rc2 |
641 |
{ |
1abf0c718 New kind of open ... |
642 |
static const struct file_operations empty_fops = {}; |
1da177e4c Linux-2.6.12-rc2 |
643 644 |
struct inode *inode; int error; |
5300990c0 Sanitize f_flags ... |
645 |
f->f_mode = OPEN_FMODE(f->f_flags) | FMODE_LSEEK | |
a1a5b3d93 [PATCH] open retu... |
646 |
FMODE_PREAD | FMODE_PWRITE; |
1abf0c718 New kind of open ... |
647 |
|
b5bcdda32 take grabbing f->... |
648 |
path_get(&f->f_path); |
dd37978c5 cache the value o... |
649 |
inode = f->f_inode = f->f_path.dentry->d_inode; |
1da177e4c Linux-2.6.12-rc2 |
650 |
f->f_mapping = inode->i_mapping; |
1da177e4c Linux-2.6.12-rc2 |
651 |
|
3f4d5a000 tidy do_dentry_op... |
652 653 |
if (unlikely(f->f_flags & O_PATH)) { f->f_mode = FMODE_PATH; |
1abf0c718 New kind of open ... |
654 |
f->f_op = &empty_fops; |
96b7e579a switch do_dentry_... |
655 |
return 0; |
1abf0c718 New kind of open ... |
656 |
} |
dd20908a8 don't bother with... |
657 |
if (f->f_mode & FMODE_WRITE && !special_file(inode->i_mode)) { |
0ccb28634 fold __get_file_w... |
658 |
error = get_write_access(inode); |
3f4d5a000 tidy do_dentry_op... |
659 |
if (unlikely(error)) |
1da177e4c Linux-2.6.12-rc2 |
660 |
goto cleanup_file; |
0ccb28634 fold __get_file_w... |
661 |
error = __mnt_want_write(f->f_path.mnt); |
3f4d5a000 tidy do_dentry_op... |
662 |
if (unlikely(error)) { |
0ccb28634 fold __get_file_w... |
663 664 665 |
put_write_access(inode); goto cleanup_file; } |
83f936c75 mark struct file ... |
666 |
f->f_mode |= FMODE_WRITER; |
1da177e4c Linux-2.6.12-rc2 |
667 |
} |
9c225f265 vfs: atomic f_pos... |
668 669 670 |
/* POSIX.1-2008/SUSv4 Section XSI 2.9.7 */ if (S_ISREG(inode->i_mode)) f->f_mode |= FMODE_ATOMIC_POS; |
1abf0c718 New kind of open ... |
671 |
f->f_op = fops_get(inode->i_fop); |
72c2d5319 file->f_op is nev... |
672 673 674 675 |
if (unlikely(WARN_ON(!f->f_op))) { error = -ENODEV; goto cleanup_all; } |
1abf0c718 New kind of open ... |
676 |
|
83d498569 SELinux: rename d... |
677 |
error = security_file_open(f, cred); |
788e7dd4c SELinux: Improve ... |
678 679 |
if (error) goto cleanup_all; |
f3c7691e8 leases: fix write... |
680 681 682 |
error = break_lease(inode, f->f_flags); if (error) goto cleanup_all; |
72c2d5319 file->f_op is nev... |
683 |
if (!open) |
834f2a4a1 VFS: Allow the fi... |
684 685 686 |
open = f->f_op->open; if (open) { error = open(inode, f); |
1da177e4c Linux-2.6.12-rc2 |
687 688 689 |
if (error) goto cleanup_all; } |
890275b5e IMA: maintain i_r... |
690 691 |
if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) i_readcount_inc(inode); |
293bc9822 new methods: ->re... |
692 693 |
if ((f->f_mode & FMODE_READ) && likely(f->f_op->read || f->f_op->aio_read || f->f_op->read_iter)) |
7f7f25e82 replace checking ... |
694 |
f->f_mode |= FMODE_CAN_READ; |
293bc9822 new methods: ->re... |
695 696 |
if ((f->f_mode & FMODE_WRITE) && likely(f->f_op->write || f->f_op->aio_write || f->f_op->write_iter)) |
7f7f25e82 replace checking ... |
697 |
f->f_mode |= FMODE_CAN_WRITE; |
834f2a4a1 VFS: Allow the fi... |
698 |
|
1da177e4c Linux-2.6.12-rc2 |
699 700 701 |
f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); file_ra_state_init(&f->f_ra, f->f_mapping->host->i_mapping); |
96b7e579a switch do_dentry_... |
702 |
return 0; |
1da177e4c Linux-2.6.12-rc2 |
703 704 705 |
cleanup_all: fops_put(f->f_op); |
83f936c75 mark struct file ... |
706 |
if (f->f_mode & FMODE_WRITER) { |
1da177e4c Linux-2.6.12-rc2 |
707 |
put_write_access(inode); |
83f936c75 mark struct file ... |
708 |
__mnt_drop_write(f->f_path.mnt); |
4a3fd211c [PATCH] r/o bind ... |
709 |
} |
1da177e4c Linux-2.6.12-rc2 |
710 |
cleanup_file: |
02e5180d9 do_dentry_open():... |
711 712 713 |
path_put(&f->f_path); f->f_path.mnt = NULL; f->f_path.dentry = NULL; |
dd37978c5 cache the value o... |
714 |
f->f_inode = NULL; |
96b7e579a switch do_dentry_... |
715 |
return error; |
1da177e4c Linux-2.6.12-rc2 |
716 |
} |
834f2a4a1 VFS: Allow the fi... |
717 |
/** |
d18e9008c vfs: add i_op->at... |
718 |
* finish_open - finish opening a file |
0854d450e vfs: improve i_op... |
719 |
* @file: file pointer |
d18e9008c vfs: add i_op->at... |
720 721 |
* @dentry: pointer to dentry * @open: open callback |
0854d450e vfs: improve i_op... |
722 |
* @opened: state of open |
d18e9008c vfs: add i_op->at... |
723 724 725 726 727 |
* * This can be used to finish opening a file passed to i_op->atomic_open(). * * If the open callback is set to NULL, then the standard f_op->open() * filesystem callback is substituted. |
0854d450e vfs: improve i_op... |
728 729 730 731 732 733 734 735 736 |
* * NB: the dentry reference is _not_ consumed. If, for example, the dentry is * the return value of d_splice_alias(), then the caller needs to perform dput() * on it after finish_open(). * * On successful return @file is a fully instantiated open file. After this, if * an error occurs in ->atomic_open(), it needs to clean up with fput(). * * Returns zero on success or -errno if the open failed. |
d18e9008c vfs: add i_op->at... |
737 |
*/ |
30d904947 kill struct opendata |
738 739 740 |
int finish_open(struct file *file, struct dentry *dentry, int (*open)(struct inode *, struct file *), int *opened) |
d18e9008c vfs: add i_op->at... |
741 |
{ |
96b7e579a switch do_dentry_... |
742 |
int error; |
3d8a00d20 don't modify od->... |
743 |
BUG_ON(*opened & FILE_OPENED); /* once it's opened, it's opened */ |
d18e9008c vfs: add i_op->at... |
744 |
|
b5bcdda32 take grabbing f->... |
745 |
file->f_path.dentry = dentry; |
02e5180d9 do_dentry_open():... |
746 |
error = do_dentry_open(file, open, current_cred()); |
96b7e579a switch do_dentry_... |
747 |
if (!error) |
47237687d ->atomic_open() p... |
748 |
*opened |= FILE_OPENED; |
d18e9008c vfs: add i_op->at... |
749 |
|
96b7e579a switch do_dentry_... |
750 |
return error; |
d18e9008c vfs: add i_op->at... |
751 752 753 754 755 756 |
} EXPORT_SYMBOL(finish_open); /** * finish_no_open - finish ->atomic_open() without opening the file * |
0854d450e vfs: improve i_op... |
757 |
* @file: file pointer |
d18e9008c vfs: add i_op->at... |
758 759 760 |
* @dentry: dentry or NULL (as returned from ->lookup()) * * This can be used to set the result of a successful lookup in ->atomic_open(). |
0854d450e vfs: improve i_op... |
761 762 763 764 765 766 |
* * NB: unlike finish_open() this function does consume the dentry reference and * the caller need not dput() it. * * Returns "1" which must be the return value of ->atomic_open() after having * called this function. |
d18e9008c vfs: add i_op->at... |
767 |
*/ |
e45198a6a make finish_no_op... |
768 |
int finish_no_open(struct file *file, struct dentry *dentry) |
d18e9008c vfs: add i_op->at... |
769 |
{ |
30d904947 kill struct opendata |
770 |
file->f_path.dentry = dentry; |
e45198a6a make finish_no_op... |
771 |
return 1; |
d18e9008c vfs: add i_op->at... |
772 773 |
} EXPORT_SYMBOL(finish_no_open); |
765927b2d switch dentry_ope... |
774 |
struct file *dentry_open(const struct path *path, int flags, |
745ca2475 CRED: Pass creden... |
775 |
const struct cred *cred) |
a1a5b3d93 [PATCH] open retu... |
776 777 778 |
{ int error; struct file *f; |
e0e817392 CRED: Add some co... |
779 |
validate_creds(cred); |
c212f9aaf fs: Use BUG_ON(!m... |
780 |
/* We must always pass in a valid mount pointer. */ |
765927b2d switch dentry_ope... |
781 |
BUG_ON(!path->mnt); |
322ee5b36 [PATCH] check for... |
782 |
|
a1a5b3d93 [PATCH] open retu... |
783 |
f = get_empty_filp(); |
1afc99bea propagate error f... |
784 785 |
if (!IS_ERR(f)) { f->f_flags = flags; |
4aa7c6346 vfs: add i_op->de... |
786 |
error = vfs_open(path, f, cred); |
1afc99bea propagate error f... |
787 788 789 790 791 792 793 794 795 |
if (!error) { /* from now on we need fput() to dispose of f */ error = open_check_o_direct(f); if (error) { fput(f); f = ERR_PTR(error); } } else { put_filp(f); |
2a027e7a1 fold __dentry_ope... |
796 797 |
f = ERR_PTR(error); } |
2a027e7a1 fold __dentry_ope... |
798 799 |
} return f; |
a1a5b3d93 [PATCH] open retu... |
800 |
} |
1da177e4c Linux-2.6.12-rc2 |
801 |
EXPORT_SYMBOL(dentry_open); |
4aa7c6346 vfs: add i_op->de... |
802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 |
/** * vfs_open - open the file at the given path * @path: path to open * @filp: newly allocated file with f_flag initialized * @cred: credentials to use */ int vfs_open(const struct path *path, struct file *filp, const struct cred *cred) { struct inode *inode = path->dentry->d_inode; if (inode->i_op->dentry_open) return inode->i_op->dentry_open(path->dentry, filp, cred); else { filp->f_path = *path; return do_dentry_open(filp, NULL, cred); } } EXPORT_SYMBOL(vfs_open); |
a218d0fdc switch open and m... |
821 |
static inline int build_open_flags(int flags, umode_t mode, struct open_flags *op) |
47c805dc2 switch do_filp_op... |
822 823 824 |
{ int lookup_flags = 0; int acc_mode; |
e305f48bc fs: Fix file mode... |
825 |
if (flags & (O_CREAT | __O_TMPFILE)) |
e68726ff7 vfs: canonicalize... |
826 827 828 |
op->mode = (mode & S_IALLUGO) | S_IFREG; else op->mode = 0; |
47c805dc2 switch do_filp_op... |
829 830 |
/* Must never be set by userspace */ |
c6f3d8111 don't leak O_CLOE... |
831 |
flags &= ~FMODE_NONOTIFY & ~O_CLOEXEC; |
47c805dc2 switch do_filp_op... |
832 833 834 835 836 837 838 839 840 |
/* * O_SYNC is implemented as __O_SYNC|O_DSYNC. As many places only * check for O_DSYNC if the need any syncing at all we enforce it's * always set instead of having to deal with possibly weird behaviour * for malicious applications setting only __O_SYNC. */ if (flags & __O_SYNC) flags |= O_DSYNC; |
bb458c644 Safer ABI for O_T... |
841 842 |
if (flags & __O_TMPFILE) { if ((flags & O_TMPFILE_MASK) != O_TMPFILE) |
60545d0d4 [O_TMPFILE] it's ... |
843 844 |
return -EINVAL; acc_mode = MAY_OPEN | ACC_MODE(flags); |
ba57ea64c allow O_TMPFILE t... |
845 846 |
if (!(acc_mode & MAY_WRITE)) return -EINVAL; |
60545d0d4 [O_TMPFILE] it's ... |
847 848 849 850 851 |
} else if (flags & O_PATH) { /* * If we have O_PATH in the open flag. Then we * cannot have anything other than the below set of flags */ |
1abf0c718 New kind of open ... |
852 853 854 855 856 |
flags &= O_DIRECTORY | O_NOFOLLOW | O_PATH; acc_mode = 0; } else { acc_mode = MAY_OPEN | ACC_MODE(flags); } |
47c805dc2 switch do_filp_op... |
857 |
|
1abf0c718 New kind of open ... |
858 |
op->open_flag = flags; |
47c805dc2 switch do_filp_op... |
859 860 861 862 863 864 865 866 867 868 869 |
/* O_TRUNC implies we need access checks for write permissions */ if (flags & O_TRUNC) acc_mode |= MAY_WRITE; /* Allow the LSM permission hook to distinguish append access from general write access. */ if (flags & O_APPEND) acc_mode |= MAY_APPEND; op->acc_mode = acc_mode; |
1abf0c718 New kind of open ... |
870 |
op->intent = flags & O_PATH ? 0 : LOOKUP_OPEN; |
47c805dc2 switch do_filp_op... |
871 872 873 874 875 876 877 878 879 880 |
if (flags & O_CREAT) { op->intent |= LOOKUP_CREATE; if (flags & O_EXCL) op->intent |= LOOKUP_EXCL; } if (flags & O_DIRECTORY) lookup_flags |= LOOKUP_DIRECTORY; if (!(flags & O_NOFOLLOW)) lookup_flags |= LOOKUP_FOLLOW; |
f9652e10c allow build_open_... |
881 882 |
op->lookup_flags = lookup_flags; return 0; |
47c805dc2 switch do_filp_op... |
883 884 885 |
} /** |
669abf4e5 vfs: make path_op... |
886 887 888 889 890 891 892 893 894 895 896 897 898 |
* file_open_name - open file and return file pointer * * @name: struct filename containing path to open * @flags: open flags as per the open(2) second argument * @mode: mode for the new file if O_CREAT is set, else ignored * * This is the helper to open a file from kernelspace if you really * have to. But in generally you should not do this, so please move * along, nothing to see here.. */ struct file *file_open_name(struct filename *name, int flags, umode_t mode) { struct open_flags op; |
f9652e10c allow build_open_... |
899 900 |
int err = build_open_flags(flags, mode, &op); return err ? ERR_PTR(err) : do_filp_open(AT_FDCWD, name, &op); |
669abf4e5 vfs: make path_op... |
901 902 903 |
} /** |
47c805dc2 switch do_filp_op... |
904 905 906 907 908 909 910 911 912 913 |
* filp_open - open file and return file pointer * * @filename: path to open * @flags: open flags as per the open(2) second argument * @mode: mode for the new file if O_CREAT is set, else ignored * * This is the helper to open a file from kernelspace if you really * have to. But in generally you should not do this, so please move * along, nothing to see here.. */ |
a218d0fdc switch open and m... |
914 |
struct file *filp_open(const char *filename, int flags, umode_t mode) |
47c805dc2 switch do_filp_op... |
915 |
{ |
669abf4e5 vfs: make path_op... |
916 917 |
struct filename name = {.name = filename}; return file_open_name(&name, flags, mode); |
47c805dc2 switch do_filp_op... |
918 919 |
} EXPORT_SYMBOL(filp_open); |
73d049a40 open-style analog... |
920 921 922 923 |
struct file *file_open_root(struct dentry *dentry, struct vfsmount *mnt, const char *filename, int flags) { struct open_flags op; |
f9652e10c allow build_open_... |
924 925 926 |
int err = build_open_flags(flags, 0, &op); if (err) return ERR_PTR(err); |
73d049a40 open-style analog... |
927 928 929 930 931 |
if (flags & O_CREAT) return ERR_PTR(-EINVAL); if (!filename && (flags & O_DIRECTORY)) if (!dentry->d_inode->i_op->lookup) return ERR_PTR(-ENOTDIR); |
f9652e10c allow build_open_... |
932 |
return do_file_open_root(dentry, mnt, filename, &op); |
73d049a40 open-style analog... |
933 934 |
} EXPORT_SYMBOL(file_open_root); |
a218d0fdc switch open and m... |
935 |
long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) |
1da177e4c Linux-2.6.12-rc2 |
936 |
{ |
47c805dc2 switch do_filp_op... |
937 |
struct open_flags op; |
f9652e10c allow build_open_... |
938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 |
int fd = build_open_flags(flags, mode, &op); struct filename *tmp; if (fd) return fd; tmp = getname(filename); if (IS_ERR(tmp)) return PTR_ERR(tmp); fd = get_unused_fd_flags(flags); if (fd >= 0) { struct file *f = do_filp_open(dfd, tmp, &op); if (IS_ERR(f)) { put_unused_fd(fd); fd = PTR_ERR(f); } else { fsnotify_open(f); fd_install(fd, f); |
1da177e4c Linux-2.6.12-rc2 |
957 |
} |
1da177e4c Linux-2.6.12-rc2 |
958 |
} |
f9652e10c allow build_open_... |
959 |
putname(tmp); |
1da177e4c Linux-2.6.12-rc2 |
960 |
return fd; |
1da177e4c Linux-2.6.12-rc2 |
961 |
} |
e922efc34 [PATCH] remove du... |
962 |
|
a218d0fdc switch open and m... |
963 |
SYSCALL_DEFINE3(open, const char __user *, filename, int, flags, umode_t, mode) |
e922efc34 [PATCH] remove du... |
964 965 966 |
{ if (force_o_largefile()) flags |= O_LARGEFILE; |
2cf096668 make SYSCALL_DEFI... |
967 |
return do_sys_open(AT_FDCWD, filename, flags, mode); |
e922efc34 [PATCH] remove du... |
968 |
} |
1da177e4c Linux-2.6.12-rc2 |
969 |
|
6559eed8c [CVE-2009-0029] S... |
970 |
SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags, |
a218d0fdc switch open and m... |
971 |
umode_t, mode) |
5590ff0d5 [PATCH] vfs: *at ... |
972 973 974 |
{ if (force_o_largefile()) flags |= O_LARGEFILE; |
2cf096668 make SYSCALL_DEFI... |
975 |
return do_sys_open(dfd, filename, flags, mode); |
5590ff0d5 [PATCH] vfs: *at ... |
976 |
} |
5590ff0d5 [PATCH] vfs: *at ... |
977 |
|
1da177e4c Linux-2.6.12-rc2 |
978 979 980 981 982 983 |
#ifndef __alpha__ /* * For backward compatibility? Maybe this should be moved * into arch/i386 instead? */ |
a218d0fdc switch open and m... |
984 |
SYSCALL_DEFINE2(creat, const char __user *, pathname, umode_t, mode) |
1da177e4c Linux-2.6.12-rc2 |
985 986 987 988 989 990 991 992 993 994 995 996 |
{ return sys_open(pathname, O_CREAT | O_WRONLY | O_TRUNC, mode); } #endif /* * "id" is the POSIX thread ID. We use the * files pointer for this.. */ int filp_close(struct file *filp, fl_owner_t id) { |
45778ca81 [PATCH] Remove f_... |
997 |
int retval = 0; |
1da177e4c Linux-2.6.12-rc2 |
998 999 1000 1001 |
if (!file_count(filp)) { printk(KERN_ERR "VFS: Close: file count is 0 "); |
45778ca81 [PATCH] Remove f_... |
1002 |
return 0; |
1da177e4c Linux-2.6.12-rc2 |
1003 |
} |
72c2d5319 file->f_op is nev... |
1004 |
if (filp->f_op->flush) |
75e1fcc0b [PATCH] vfs: add ... |
1005 |
retval = filp->f_op->flush(filp, id); |
1da177e4c Linux-2.6.12-rc2 |
1006 |
|
1abf0c718 New kind of open ... |
1007 1008 1009 1010 |
if (likely(!(filp->f_mode & FMODE_PATH))) { dnotify_flush(filp, id); locks_remove_posix(filp, id); } |
1da177e4c Linux-2.6.12-rc2 |
1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 |
fput(filp); return retval; } EXPORT_SYMBOL(filp_close); /* * Careful here! We test whether the file pointer is NULL before * releasing the fd. This ensures that one clone task can't release * an fd while another clone is opening it. */ |
ca013e945 [CVE-2009-0029] S... |
1022 |
SYSCALL_DEFINE1(close, unsigned int, fd) |
1da177e4c Linux-2.6.12-rc2 |
1023 |
{ |
483ce1d4b take descriptor-r... |
1024 |
int retval = __close_fd(current->files, fd); |
ee731f4f7 [PATCH] fix wrong... |
1025 1026 1027 1028 1029 1030 1031 1032 1033 |
/* can't restart close syscall because file table entry was cleared */ if (unlikely(retval == -ERESTARTSYS || retval == -ERESTARTNOINTR || retval == -ERESTARTNOHAND || retval == -ERESTART_RESTARTBLOCK)) retval = -EINTR; return retval; |
1da177e4c Linux-2.6.12-rc2 |
1034 |
} |
1da177e4c Linux-2.6.12-rc2 |
1035 1036 1037 1038 1039 1040 |
EXPORT_SYMBOL(sys_close); /* * This routine simulates a hangup on the tty, to arrange that users * are given clean terminals at login time. */ |
ca013e945 [CVE-2009-0029] S... |
1041 |
SYSCALL_DEFINE0(vhangup) |
1da177e4c Linux-2.6.12-rc2 |
1042 1043 |
{ if (capable(CAP_SYS_TTY_CONFIG)) { |
2cb5998b5 tty: the vhangup ... |
1044 |
tty_vhangup_self(); |
1da177e4c Linux-2.6.12-rc2 |
1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 |
return 0; } return -EPERM; } /* * Called when an inode is about to be open. * We use this to disallow opening large files on 32bit systems if * the caller didn't specify O_LARGEFILE. On 64bit systems we force * on this flag in sys_open. */ int generic_file_open(struct inode * inode, struct file * filp) { if (!(filp->f_flags & O_LARGEFILE) && i_size_read(inode) > MAX_NON_LFS) |
a9c62a18a fs: correct SuS c... |
1059 |
return -EOVERFLOW; |
1da177e4c Linux-2.6.12-rc2 |
1060 1061 1062 1063 1064 1065 1066 |
return 0; } EXPORT_SYMBOL(generic_file_open); /* * This is used by subsystems that don't want seekable |
06b1e104b vfs: clarify that... |
1067 1068 1069 |
* file descriptors. The function is not supposed to ever fail, the only * reason it returns an 'int' and not 'void' is so that it can be plugged * directly into file_operations structure. |
1da177e4c Linux-2.6.12-rc2 |
1070 1071 1072 1073 1074 1075 1076 1077 |
*/ int nonseekable_open(struct inode *inode, struct file *filp) { filp->f_mode &= ~(FMODE_LSEEK | FMODE_PREAD | FMODE_PWRITE); return 0; } EXPORT_SYMBOL(nonseekable_open); |