1 #include <linux/fcntl.h>
2 #include <linux/file.h>
4 #include <linux/anon_inodes.h>
5 #include <linux/fsnotify_backend.h>
6 #include <linux/init.h>
7 #include <linux/mount.h>
8 #include <linux/namei.h>
9 #include <linux/poll.h>
10 #include <linux/security.h>
11 #include <linux/syscalls.h>
12 #include <linux/types.h>
13 #include <linux/uaccess.h>
15 #include <asm/ioctls.h>
19 static struct kmem_cache
*fanotify_mark_cache __read_mostly
;
22 * Get an fsnotify notification event if one exists and is small
23 * enough to fit in "count". Return an error pointer if the count
24 * is not large enough.
26 * Called with the group->notification_mutex held.
28 static struct fsnotify_event
*get_one_event(struct fsnotify_group
*group
,
31 BUG_ON(!mutex_is_locked(&group
->notification_mutex
));
33 pr_debug("%s: group=%p count=%zd\n", __func__
, group
, count
);
35 if (fsnotify_notify_queue_is_empty(group
))
38 if (FAN_EVENT_METADATA_LEN
> count
)
39 return ERR_PTR(-EINVAL
);
41 /* held the notification_mutex the whole time, so this is the
42 * same event we peeked above */
43 return fsnotify_remove_notify_event(group
);
46 static int create_and_fill_fd(struct fsnotify_group
*group
,
47 struct fanotify_event_metadata
*metadata
,
48 struct fsnotify_event
*event
)
51 struct dentry
*dentry
;
53 struct file
*new_file
;
55 pr_debug("%s: group=%p metadata=%p event=%p\n", __func__
, group
,
58 client_fd
= get_unused_fd();
62 if (event
->data_type
!= FSNOTIFY_EVENT_PATH
) {
64 put_unused_fd(client_fd
);
69 * we need a new file handle for the userspace program so it can read even if it was
70 * originally opened O_WRONLY.
72 dentry
= dget(event
->path
.dentry
);
73 mnt
= mntget(event
->path
.mnt
);
74 /* it's possible this event was an overflow event. in that case dentry and mnt
75 * are NULL; That's fine, just don't call dentry open */
77 new_file
= dentry_open(dentry
, mnt
,
78 O_RDONLY
| O_LARGEFILE
| FMODE_NONOTIFY
,
81 new_file
= ERR_PTR(-EOVERFLOW
);
82 if (IS_ERR(new_file
)) {
84 * we still send an event even if we can't open the file. this
85 * can happen when say tasks are gone and we try to open their
86 * /proc files or we try to open a WRONLY file like in sysfs
87 * we just send the errno to userspace since there isn't much
90 put_unused_fd(client_fd
);
91 client_fd
= PTR_ERR(new_file
);
93 fd_install(client_fd
, new_file
);
96 metadata
->fd
= client_fd
;
101 static ssize_t
fill_event_metadata(struct fsnotify_group
*group
,
102 struct fanotify_event_metadata
*metadata
,
103 struct fsnotify_event
*event
)
105 pr_debug("%s: group=%p metadata=%p event=%p\n", __func__
,
106 group
, metadata
, event
);
108 metadata
->event_len
= FAN_EVENT_METADATA_LEN
;
109 metadata
->vers
= FANOTIFY_METADATA_VERSION
;
110 metadata
->mask
= fanotify_outgoing_mask(event
->mask
);
112 return create_and_fill_fd(group
, metadata
, event
);
116 static ssize_t
copy_event_to_user(struct fsnotify_group
*group
,
117 struct fsnotify_event
*event
,
120 struct fanotify_event_metadata fanotify_event_metadata
;
123 pr_debug("%s: group=%p event=%p\n", __func__
, group
, event
);
125 ret
= fill_event_metadata(group
, &fanotify_event_metadata
, event
);
129 if (copy_to_user(buf
, &fanotify_event_metadata
, FAN_EVENT_METADATA_LEN
))
132 return FAN_EVENT_METADATA_LEN
;
135 /* intofiy userspace file descriptor functions */
136 static unsigned int fanotify_poll(struct file
*file
, poll_table
*wait
)
138 struct fsnotify_group
*group
= file
->private_data
;
141 poll_wait(file
, &group
->notification_waitq
, wait
);
142 mutex_lock(&group
->notification_mutex
);
143 if (!fsnotify_notify_queue_is_empty(group
))
144 ret
= POLLIN
| POLLRDNORM
;
145 mutex_unlock(&group
->notification_mutex
);
150 static ssize_t
fanotify_read(struct file
*file
, char __user
*buf
,
151 size_t count
, loff_t
*pos
)
153 struct fsnotify_group
*group
;
154 struct fsnotify_event
*kevent
;
160 group
= file
->private_data
;
162 pr_debug("%s: group=%p\n", __func__
, group
);
165 prepare_to_wait(&group
->notification_waitq
, &wait
, TASK_INTERRUPTIBLE
);
167 mutex_lock(&group
->notification_mutex
);
168 kevent
= get_one_event(group
, count
);
169 mutex_unlock(&group
->notification_mutex
);
172 ret
= PTR_ERR(kevent
);
175 ret
= copy_event_to_user(group
, kevent
, buf
);
176 fsnotify_put_event(kevent
);
185 if (file
->f_flags
& O_NONBLOCK
)
188 if (signal_pending(current
))
197 finish_wait(&group
->notification_waitq
, &wait
);
198 if (start
!= buf
&& ret
!= -EFAULT
)
203 static int fanotify_release(struct inode
*ignored
, struct file
*file
)
205 struct fsnotify_group
*group
= file
->private_data
;
207 pr_debug("%s: file=%p group=%p\n", __func__
, file
, group
);
209 /* matches the fanotify_init->fsnotify_alloc_group */
210 fsnotify_put_group(group
);
215 static long fanotify_ioctl(struct file
*file
, unsigned int cmd
, unsigned long arg
)
217 struct fsnotify_group
*group
;
218 struct fsnotify_event_holder
*holder
;
223 group
= file
->private_data
;
225 p
= (void __user
*) arg
;
229 mutex_lock(&group
->notification_mutex
);
230 list_for_each_entry(holder
, &group
->notification_list
, event_list
)
231 send_len
+= FAN_EVENT_METADATA_LEN
;
232 mutex_unlock(&group
->notification_mutex
);
233 ret
= put_user(send_len
, (int __user
*) p
);
240 static const struct file_operations fanotify_fops
= {
241 .poll
= fanotify_poll
,
242 .read
= fanotify_read
,
244 .release
= fanotify_release
,
245 .unlocked_ioctl
= fanotify_ioctl
,
246 .compat_ioctl
= fanotify_ioctl
,
249 static void fanotify_free_mark(struct fsnotify_mark
*fsn_mark
)
251 kmem_cache_free(fanotify_mark_cache
, fsn_mark
);
254 static int fanotify_find_path(int dfd
, const char __user
*filename
,
255 struct path
*path
, unsigned int flags
)
259 pr_debug("%s: dfd=%d filename=%p flags=%x\n", __func__
,
260 dfd
, filename
, flags
);
262 if (filename
== NULL
) {
267 file
= fget_light(dfd
, &fput_needed
);
272 if ((flags
& FAN_MARK_ONLYDIR
) &&
273 !(S_ISDIR(file
->f_path
.dentry
->d_inode
->i_mode
))) {
274 fput_light(file
, fput_needed
);
278 *path
= file
->f_path
;
280 fput_light(file
, fput_needed
);
282 unsigned int lookup_flags
= 0;
284 if (!(flags
& FAN_MARK_DONT_FOLLOW
))
285 lookup_flags
|= LOOKUP_FOLLOW
;
286 if (flags
& FAN_MARK_ONLYDIR
)
287 lookup_flags
|= LOOKUP_DIRECTORY
;
289 ret
= user_path_at(dfd
, filename
, lookup_flags
, path
);
294 /* you can only watch an inode if you have read permissions on it */
295 ret
= inode_permission(path
->dentry
->d_inode
, MAY_READ
);
302 static int fanotify_remove_mark(struct fsnotify_group
*group
,
306 struct fsnotify_mark
*fsn_mark
;
309 pr_debug("%s: group=%p inode=%p mask=%x\n", __func__
,
312 fsn_mark
= fsnotify_find_mark(group
, inode
);
316 spin_lock(&fsn_mark
->lock
);
317 fsn_mark
->mask
&= ~mask
;
318 new_mask
= fsn_mark
->mask
;
319 spin_unlock(&fsn_mark
->lock
);
322 fsnotify_destroy_mark(fsn_mark
);
324 fsnotify_recalc_inode_mask(inode
);
326 fsnotify_recalc_group_mask(group
);
328 /* matches the fsnotify_find_mark() */
329 fsnotify_put_mark(fsn_mark
);
334 static int fanotify_add_mark(struct fsnotify_group
*group
,
338 struct fsnotify_mark
*fsn_mark
;
339 __u32 old_mask
, new_mask
;
342 pr_debug("%s: group=%p inode=%p mask=%x\n", __func__
,
345 fsn_mark
= fsnotify_find_mark(group
, inode
);
347 struct fsnotify_mark
*new_fsn_mark
;
350 new_fsn_mark
= kmem_cache_alloc(fanotify_mark_cache
, GFP_KERNEL
);
354 fsnotify_init_mark(new_fsn_mark
, fanotify_free_mark
);
355 ret
= fsnotify_add_mark(new_fsn_mark
, group
, inode
, 0);
357 fanotify_free_mark(new_fsn_mark
);
361 fsn_mark
= new_fsn_mark
;
366 spin_lock(&fsn_mark
->lock
);
367 old_mask
= fsn_mark
->mask
;
368 fsn_mark
->mask
|= mask
;
369 new_mask
= fsn_mark
->mask
;
370 spin_unlock(&fsn_mark
->lock
);
372 /* we made changes to a mask, update the group mask and the inode mask
373 * so things happen quickly. */
374 if (old_mask
!= new_mask
) {
375 /* more bits in old than in new? */
376 int dropped
= (old_mask
& ~new_mask
);
377 /* more bits in this mark than the inode's mask? */
378 int do_inode
= (new_mask
& ~inode
->i_fsnotify_mask
);
379 /* more bits in this mark than the group? */
380 int do_group
= (new_mask
& ~group
->mask
);
382 /* update the inode with this new mark */
383 if (dropped
|| do_inode
)
384 fsnotify_recalc_inode_mask(inode
);
386 /* update the group mask with the new mask */
387 if (dropped
|| do_group
)
388 fsnotify_recalc_group_mask(group
);
391 /* match the init or the find.... */
392 fsnotify_put_mark(fsn_mark
);
397 static int fanotify_update_mark(struct fsnotify_group
*group
,
398 struct inode
*inode
, int flags
,
401 pr_debug("%s: group=%p inode=%p flags=%x mask=%x\n", __func__
,
402 group
, inode
, flags
, mask
);
404 if (flags
& FAN_MARK_ADD
)
405 fanotify_add_mark(group
, inode
, mask
);
406 else if (flags
& FAN_MARK_REMOVE
)
407 fanotify_remove_mark(group
, inode
, mask
);
414 static bool fanotify_mark_validate_input(int flags
,
417 pr_debug("%s: flags=%x mask=%x\n", __func__
, flags
, mask
);
419 /* are flags valid of this operation? */
420 if (!fanotify_mark_flags_valid(flags
))
422 /* is the mask valid? */
423 if (!fanotify_mask_valid(mask
))
428 /* fanotify syscalls */
429 SYSCALL_DEFINE3(fanotify_init
, unsigned int, flags
, unsigned int, event_f_flags
,
430 unsigned int, priority
)
432 struct fsnotify_group
*group
;
435 pr_debug("%s: flags=%d event_f_flags=%d priority=%d\n",
436 __func__
, flags
, event_f_flags
, priority
);
443 if (!capable(CAP_SYS_ADMIN
))
446 if (flags
& ~FAN_ALL_INIT_FLAGS
)
449 f_flags
= (O_RDONLY
| FMODE_NONOTIFY
);
450 if (flags
& FAN_CLOEXEC
)
451 f_flags
|= O_CLOEXEC
;
452 if (flags
& FAN_NONBLOCK
)
453 f_flags
|= O_NONBLOCK
;
455 /* fsnotify_alloc_group takes a ref. Dropped in fanotify_release */
456 group
= fsnotify_alloc_group(&fanotify_fsnotify_ops
);
458 return PTR_ERR(group
);
460 fd
= anon_inode_getfd("[fanotify]", &fanotify_fops
, group
, f_flags
);
467 fsnotify_put_group(group
);
471 SYSCALL_DEFINE5(fanotify_mark
, int, fanotify_fd
, unsigned int, flags
,
472 __u64
, mask
, int, dfd
, const char __user
*, pathname
)
475 struct fsnotify_group
*group
;
478 int ret
, fput_needed
;
480 pr_debug("%s: fanotify_fd=%d flags=%x dfd=%d pathname=%p mask=%llx\n",
481 __func__
, fanotify_fd
, flags
, dfd
, pathname
, mask
);
483 /* we only use the lower 32 bits as of right now. */
484 if (mask
& ((__u64
)0xffffffff << 32))
487 if (!fanotify_mark_validate_input(flags
, mask
))
490 filp
= fget_light(fanotify_fd
, &fput_needed
);
494 /* verify that this is indeed an fanotify instance */
496 if (unlikely(filp
->f_op
!= &fanotify_fops
))
499 ret
= fanotify_find_path(dfd
, pathname
, &path
, flags
);
503 /* inode held in place by reference to path; group by fget on fd */
504 inode
= path
.dentry
->d_inode
;
505 group
= filp
->private_data
;
507 /* create/update an inode mark */
508 ret
= fanotify_update_mark(group
, inode
, flags
, mask
);
512 fput_light(filp
, fput_needed
);
517 * fanotify_user_setup - Our initialization function. Note that we cannnot return
518 * error because we have compiled-in VFS hooks. So an (unlikely) failure here
519 * must result in panic().
521 static int __init
fanotify_user_setup(void)
523 fanotify_mark_cache
= KMEM_CACHE(fsnotify_mark
, SLAB_PANIC
);
527 device_initcall(fanotify_user_setup
);