Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/fs/anon_inodes.c
26131 views
1
// SPDX-License-Identifier: GPL-2.0-only

2
/*

3
 *  fs/anon_inodes.c

4
 *

5
 *  Copyright (C) 2007  Davide Libenzi <[email protected]>

6
 *

7
 *  Thanks to Arnd Bergmann for code review and suggestions.

8
 *  More changes for Thomas Gleixner suggestions.

9
 *

10
 */

11


12
#include <linux/cred.h>

13
#include <linux/file.h>

14
#include <linux/poll.h>

15
#include <linux/sched.h>

16
#include <linux/init.h>

17
#include <linux/fs.h>

18
#include <linux/mount.h>

19
#include <linux/module.h>

20
#include <linux/kernel.h>

21
#include <linux/magic.h>

22
#include <linux/anon_inodes.h>

23
#include <linux/pseudo_fs.h>

24


25
#include <linux/uaccess.h>

26


27
#include "internal.h"

28


29
static struct vfsmount *anon_inode_mnt __ro_after_init;

30
static struct inode *anon_inode_inode __ro_after_init;

31


32
/*

33
 * User space expects anonymous inodes to have no file type in st_mode.

34
 *

35
 * In particular, 'lsof' has this legacy logic:

36
 *

37
 *	type = s->st_mode & S_IFMT;

38
 *	switch (type) {

39
 *	  ...

40
 *	case 0:

41
 *		if (!strcmp(p, "anon_inode"))

42
 *			Lf->ntype = Ntype = N_ANON_INODE;

43
 *

44
 * to detect our old anon_inode logic.

45
 *

46
 * Rather than mess with our internal sane inode data, just fix it

47
 * up here in getattr() by masking off the format bits.

48
 */

49
int anon_inode_getattr(struct mnt_idmap *idmap, const struct path *path,

50
		       struct kstat *stat, u32 request_mask,

51
		       unsigned int query_flags)

52
{

53
	struct inode *inode = d_inode(path->dentry);

54


55
	generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat);

56
	stat->mode &= ~S_IFMT;

57
	return 0;

58
}

59


60
int anon_inode_setattr(struct mnt_idmap *idmap, struct dentry *dentry,

61
		       struct iattr *attr)

62
{

63
	return -EOPNOTSUPP;

64
}

65


66
static const struct inode_operations anon_inode_operations = {

67
	.getattr = anon_inode_getattr,

68
	.setattr = anon_inode_setattr,

69
};

70


71
/*

72
 * anon_inodefs_dname() is called from d_path().

73
 */

74
static char *anon_inodefs_dname(struct dentry *dentry, char *buffer, int buflen)

75
{

76
	return dynamic_dname(buffer, buflen, "anon_inode:%s",

77
				dentry->d_name.name);

78
}

79


80
static const struct dentry_operations anon_inodefs_dentry_operations = {

81
	.d_dname	= anon_inodefs_dname,

82
};

83


84
static int anon_inodefs_init_fs_context(struct fs_context *fc)

85
{

86
	struct pseudo_fs_context *ctx = init_pseudo(fc, ANON_INODE_FS_MAGIC);

87
	if (!ctx)

88
		return -ENOMEM;

89
	fc->s_iflags |= SB_I_NOEXEC;

90
	fc->s_iflags |= SB_I_NODEV;

91
	ctx->dops = &anon_inodefs_dentry_operations;

92
	return 0;

93
}

94


95
static struct file_system_type anon_inode_fs_type = {

96
	.name		= "anon_inodefs",

97
	.init_fs_context = anon_inodefs_init_fs_context,

98
	.kill_sb	= kill_anon_super,

99
};

100


101
/**

102
 * anon_inode_make_secure_inode - allocate an anonymous inode with security context

103
 * @sb:		[in]	Superblock to allocate from

104
 * @name:	[in]	Name of the class of the newfile (e.g., "secretmem")

105
 * @context_inode:

106
 *		[in]	Optional parent inode for security inheritance

107
 *

108
 * The function ensures proper security initialization through the LSM hook

109
 * security_inode_init_security_anon().

110
 *

111
 * Return:	Pointer to new inode on success, ERR_PTR on failure.

112
 */

113
struct inode *anon_inode_make_secure_inode(struct super_block *sb, const char *name,

114
					   const struct inode *context_inode)

115
{

116
	struct inode *inode;

117
	int error;

118


119
	inode = alloc_anon_inode(sb);

120
	if (IS_ERR(inode))

121
		return inode;

122
	inode->i_flags &= ~S_PRIVATE;

123
	inode->i_op = &anon_inode_operations;

124
	error =	security_inode_init_security_anon(inode, &QSTR(name),

125
						  context_inode);

126
	if (error) {

127
		iput(inode);

128
		return ERR_PTR(error);

129
	}

130
	return inode;

131
}

132
EXPORT_SYMBOL_FOR_MODULES(anon_inode_make_secure_inode, "kvm");

133


134
static struct file *__anon_inode_getfile(const char *name,

135
					 const struct file_operations *fops,

136
					 void *priv, int flags,

137
					 const struct inode *context_inode,

138
					 bool make_inode)

139
{

140
	struct inode *inode;

141
	struct file *file;

142


143
	if (fops->owner && !try_module_get(fops->owner))

144
		return ERR_PTR(-ENOENT);

145


146
	if (make_inode) {

147
		inode =	anon_inode_make_secure_inode(anon_inode_mnt->mnt_sb,

148
						     name, context_inode);

149
		if (IS_ERR(inode)) {

150
			file = ERR_CAST(inode);

151
			goto err;

152
		}

153
	} else {

154
		inode =	anon_inode_inode;

155
		if (IS_ERR(inode)) {

156
			file = ERR_PTR(-ENODEV);

157
			goto err;

158
		}

159
		/*

160
		 * We know the anon_inode inode count is always

161
		 * greater than zero, so ihold() is safe.

162
		 */

163
		ihold(inode);

164
	}

165


166
	file = alloc_file_pseudo(inode, anon_inode_mnt, name,

167
				 flags & (O_ACCMODE | O_NONBLOCK), fops);

168
	if (IS_ERR(file))

169
		goto err_iput;

170


171
	file->f_mapping = inode->i_mapping;

172


173
	file->private_data = priv;

174


175
	return file;

176


177
err_iput:

178
	iput(inode);

179
err:

180
	module_put(fops->owner);

181
	return file;

182
}

183


184
/**

185
 * anon_inode_getfile - creates a new file instance by hooking it up to an

186
 *                      anonymous inode, and a dentry that describe the "class"

187
 *                      of the file

188
 *

189
 * @name:    [in]    name of the "class" of the new file

190
 * @fops:    [in]    file operations for the new file

191
 * @priv:    [in]    private data for the new file (will be file's private_data)

192
 * @flags:   [in]    flags

193
 *

194
 * Creates a new file by hooking it on a single inode. This is useful for files

195
 * that do not need to have a full-fledged inode in order to operate correctly.

196
 * All the files created with anon_inode_getfile() will share a single inode,

197
 * hence saving memory and avoiding code duplication for the file/inode/dentry

198
 * setup.  Returns the newly created file* or an error pointer.

199
 */

200
struct file *anon_inode_getfile(const char *name,

201
				const struct file_operations *fops,

202
				void *priv, int flags)

203
{

204
	return __anon_inode_getfile(name, fops, priv, flags, NULL, false);

205
}

206
EXPORT_SYMBOL_GPL(anon_inode_getfile);

207


208
/**

209
 * anon_inode_getfile_fmode - creates a new file instance by hooking it up to an

210
 *                      anonymous inode, and a dentry that describe the "class"

211
 *                      of the file

212
 *

213
 * @name:    [in]    name of the "class" of the new file

214
 * @fops:    [in]    file operations for the new file

215
 * @priv:    [in]    private data for the new file (will be file's private_data)

216
 * @flags:   [in]    flags

217
 * @f_mode:  [in]    fmode

218
 *

219
 * Creates a new file by hooking it on a single inode. This is useful for files

220
 * that do not need to have a full-fledged inode in order to operate correctly.

221
 * All the files created with anon_inode_getfile() will share a single inode,

222
 * hence saving memory and avoiding code duplication for the file/inode/dentry

223
 * setup. Allows setting the fmode. Returns the newly created file* or an error

224
 * pointer.

225
 */

226
struct file *anon_inode_getfile_fmode(const char *name,

227
				const struct file_operations *fops,

228
				void *priv, int flags, fmode_t f_mode)

229
{

230
	struct file *file;

231


232
	file = __anon_inode_getfile(name, fops, priv, flags, NULL, false);

233
	if (!IS_ERR(file))

234
		file->f_mode |= f_mode;

235


236
	return file;

237
}

238
EXPORT_SYMBOL_GPL(anon_inode_getfile_fmode);

239


240
/**

241
 * anon_inode_create_getfile - Like anon_inode_getfile(), but creates a new

242
 *                             !S_PRIVATE anon inode rather than reuse the

243
 *                             singleton anon inode and calls the

244
 *                             inode_init_security_anon() LSM hook.

245
 *

246
 * @name:    [in]    name of the "class" of the new file

247
 * @fops:    [in]    file operations for the new file

248
 * @priv:    [in]    private data for the new file (will be file's private_data)

249
 * @flags:   [in]    flags

250
 * @context_inode:

251
 *           [in]    the logical relationship with the new inode (optional)

252
 *

253
 * Create a new anonymous inode and file pair.  This can be done for two

254
 * reasons:

255
 *

256
 * - for the inode to have its own security context, so that LSMs can enforce

257
 *   policy on the inode's creation;

258
 *

259
 * - if the caller needs a unique inode, for example in order to customize

260
 *   the size returned by fstat()

261
 *

262
 * The LSM may use @context_inode in inode_init_security_anon(), but a

263
 * reference to it is not held.

264
 *

265
 * Returns the newly created file* or an error pointer.

266
 */

267
struct file *anon_inode_create_getfile(const char *name,

268
				       const struct file_operations *fops,

269
				       void *priv, int flags,

270
				       const struct inode *context_inode)

271
{

272
	return __anon_inode_getfile(name, fops, priv, flags,

273
				    context_inode, true);

274
}

275
EXPORT_SYMBOL_GPL(anon_inode_create_getfile);

276


277
static int __anon_inode_getfd(const char *name,

278
			      const struct file_operations *fops,

279
			      void *priv, int flags,

280
			      const struct inode *context_inode,

281
			      bool make_inode)

282
{

283
	int error, fd;

284
	struct file *file;

285


286
	error = get_unused_fd_flags(flags);

287
	if (error < 0)

288
		return error;

289
	fd = error;

290


291
	file = __anon_inode_getfile(name, fops, priv, flags, context_inode,

292
				    make_inode);

293
	if (IS_ERR(file)) {

294
		error = PTR_ERR(file);

295
		goto err_put_unused_fd;

296
	}

297
	fd_install(fd, file);

298


299
	return fd;

300


301
err_put_unused_fd:

302
	put_unused_fd(fd);

303
	return error;

304
}

305


306
/**

307
 * anon_inode_getfd - creates a new file instance by hooking it up to

308
 *                    an anonymous inode and a dentry that describe

309
 *                    the "class" of the file

310
 *

311
 * @name:    [in]    name of the "class" of the new file

312
 * @fops:    [in]    file operations for the new file

313
 * @priv:    [in]    private data for the new file (will be file's private_data)

314
 * @flags:   [in]    flags

315
 *

316
 * Creates a new file by hooking it on a single inode. This is

317
 * useful for files that do not need to have a full-fledged inode in

318
 * order to operate correctly.  All the files created with

319
 * anon_inode_getfd() will use the same singleton inode, reducing

320
 * memory use and avoiding code duplication for the file/inode/dentry

321
 * setup.  Returns a newly created file descriptor or an error code.

322
 */

323
int anon_inode_getfd(const char *name, const struct file_operations *fops,

324
		     void *priv, int flags)

325
{

326
	return __anon_inode_getfd(name, fops, priv, flags, NULL, false);

327
}

328
EXPORT_SYMBOL_GPL(anon_inode_getfd);

329


330
/**

331
 * anon_inode_create_getfd - Like anon_inode_getfd(), but creates a new

332
 * !S_PRIVATE anon inode rather than reuse the singleton anon inode, and calls

333
 * the inode_init_security_anon() LSM hook.

334
 *

335
 * @name:    [in]    name of the "class" of the new file

336
 * @fops:    [in]    file operations for the new file

337
 * @priv:    [in]    private data for the new file (will be file's private_data)

338
 * @flags:   [in]    flags

339
 * @context_inode:

340
 *           [in]    the logical relationship with the new inode (optional)

341
 *

342
 * Create a new anonymous inode and file pair.  This can be done for two

343
 * reasons:

344
 *

345
 * - for the inode to have its own security context, so that LSMs can enforce

346
 *   policy on the inode's creation;

347
 *

348
 * - if the caller needs a unique inode, for example in order to customize

349
 *   the size returned by fstat()

350
 *

351
 * The LSM may use @context_inode in inode_init_security_anon(), but a

352
 * reference to it is not held.

353
 *

354
 * Returns a newly created file descriptor or an error code.

355
 */

356
int anon_inode_create_getfd(const char *name, const struct file_operations *fops,

357
			    void *priv, int flags,

358
			    const struct inode *context_inode)

359
{

360
	return __anon_inode_getfd(name, fops, priv, flags, context_inode, true);

361
}

362


363


364
static int __init anon_inode_init(void)

365
{

366
	anon_inode_mnt = kern_mount(&anon_inode_fs_type);

367
	if (IS_ERR(anon_inode_mnt))

368
		panic("anon_inode_init() kernel mount failed (%ld)\n", PTR_ERR(anon_inode_mnt));

369


370
	anon_inode_inode = alloc_anon_inode(anon_inode_mnt->mnt_sb);

371
	if (IS_ERR(anon_inode_inode))

372
		panic("anon_inode_init() inode allocation failed (%ld)\n", PTR_ERR(anon_inode_inode));

373
	anon_inode_inode->i_op = &anon_inode_operations;

374


375
	return 0;

376
}

377


378
fs_initcall(anon_inode_init);

379


380


381