Commit Graph

189 Commits

Author SHA1 Message Date
Christian Brauner
549c729771
fs: make helpers idmap mount aware
Extend some inode methods with an additional user namespace argument. A
filesystem that is aware of idmapped mounts will receive the user
namespace the mount has been marked with. This can be used for
additional permission checking and also to enable filesystems to
translate between uids and gids if they need to. We have implemented all
relevant helpers in earlier patches.

As requested we simply extend the exisiting inode method instead of
introducing new ones. This is a little more code churn but it's mostly
mechanical and doesnt't leave us with additional inode methods.

Link: https://lore.kernel.org/r/20210121131959.646623-25-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:20 +01:00
Christian Brauner
2f221d6f7b
attr: handle idmapped mounts
When file attributes are changed most filesystems rely on the
setattr_prepare(), setattr_copy(), and notify_change() helpers for
initialization and permission checking. Let them handle idmapped mounts.
If the inode is accessed through an idmapped mount map it into the
mount's user namespace. Afterwards the checks are identical to
non-idmapped mounts. If the initial user namespace is passed nothing
changes so non-idmapped mounts will see identical behavior as before.

Helpers that perform checks on the ia_uid and ia_gid fields in struct
iattr assume that ia_uid and ia_gid are intended values and have already
been mapped correctly at the userspace-kernelspace boundary as we
already do today. If the initial user namespace is passed nothing
changes so non-idmapped mounts will see identical behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-8-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:16 +01:00
Linus Torvalds
0eac1102e9 Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull misc vfs updates from Al Viro:
 "Assorted stuff all over the place (the largest group here is
  Christoph's stat cleanups)"

* 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  fs: remove KSTAT_QUERY_FLAGS
  fs: remove vfs_stat_set_lookup_flags
  fs: move vfs_fstatat out of line
  fs: implement vfs_stat and vfs_lstat in terms of vfs_fstatat
  fs: remove vfs_statx_fd
  fs: omfs: use kmemdup() rather than kmalloc+memcpy
  [PATCH] reduce boilerplate in fsid handling
  fs: Remove duplicated flag O_NDELAY occurring twice in VALID_OPEN_FLAGS
  selftests: mount: add nosymfollow tests
  Add a "nosymfollow" mount option.
2020-10-24 12:26:05 -07:00
Al Viro
6d1349c769 [PATCH] reduce boilerplate in fsid handling
Get rid of boilerplate in most of ->statfs()
instances...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-09-18 16:45:50 -04:00
Gustavo A. R. Silva
df561f6688 treewide: Use fallthrough pseudo-keyword
Replace the existing /* fall through */ comments and its variants with
the new pseudo-keyword macro fallthrough[1]. Also, remove unnecessary
fall-through markings when it is the case.

[1] https://www.kernel.org/doc/html/v5.7/process/deprecated.html?highlight=fallthrough#implicit-switch-case-fall-through

Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
2020-08-23 17:36:59 -05:00
Christoph Hellwig
621c1f4294 block: move struct block_device to blk_types.h
Move the struct block_device definition together with most of the
block layer definitions, as it has nothing to do with the rest of fs.h.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2020-06-24 09:16:02 -06:00
Mauro Carvalho Chehab
0c1bc6b845 docs: filesystems: fix renamed references
Some filesystem references got broken by a previous patch
series I submitted. Address those.

Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Acked-by: David Sterba <dsterba@suse.com> # fs/affs/Kconfig
Link: https://lore.kernel.org/r/57318c53008dbda7f6f4a5a9e5787f4d37e8565a.1586881715.git.mchehab+huawei@kernel.org
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
2020-04-20 15:45:22 -06:00
Dan Carpenter
587065dcac fs/adfs: bigdir: Fix an error code in adfs_fplus_read()
This code accidentally returns success, but it should return the
-EIO error code from adfs_fplus_validate_header().

Acked-by: Russell King <rmk+kernel@armlinux.org.uk>
Fixes: d79288b4f6 ("fs/adfs: bigdir: calculate and validate directory checkbyte")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-25 11:31:59 -05:00
Russell King
25e5d4df3b fs/adfs: mostly divorse inode number from indirect disc address
Avoid using the inode number as the indirect disc address, even though
these currently have the same value.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
08ead1b8b9 fs/adfs: super: add support for E and E+ floppy image formats
Add support for ADFS E and E+ floppy image formats, which, unlike their
hard disk variants, do not have a filesystem boot block - they have a
single map zone, with the map fragment stored at sector 0.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
e3858e125b fs/adfs: super: extract filesystem block probe
Separate the filesystem block probing from the superblock filling so
we can support other ADFS filesystem formats, such as the single-zone
E and E+ floppy image formats which do not have a boot block.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
ccbc80a89d fs/adfs: dir: remove debug in adfs_dir_update()
Remove the noisy debug in adfs_dir_update().

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
f352064275 fs/adfs: super: fix inode dropping
When we have write support enabled, we must not drop inodes before they
have been written back, otherwise we lose updates to the filesystem on
umount.  Keep the inodes around unless we are built in read-only mode,
or we are mounted read-only.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
a464152f2e fs/adfs: bigdir: implement directory update support
Implement big directory entry update support in the same way that we
do for new directories.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
d79288b4f6 fs/adfs: bigdir: calculate and validate directory checkbyte
When reading a big directory, calculate the validate the directory
checkbyte to ensure that the directory contents are valid.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
aa3d4e0152 fs/adfs: bigdir: directory validation strengthening
Strengthen the directory validation by ensuring that the header fields
contain sensible values that fit inside the directory, and limit the
directory size to 4MB as per RISC OS requirements.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
6674ecab90 fs/adfs: bigdir: extract directory validation
Extract the directory validation from the directory reading function as
we will want to re-use this code.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
0db35a02a1 fs/adfs: bigdir: factor out directory entry offset calculation
Factor out the directory entry byte offset calculation.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
aacc954c1b fs/adfs: newdir: split out directory commit from update
After changing a directory, we need to update the sequence numbers and
calculate the new check byte before the directory is scheduled to be
written back to the media.  Since this needs to happen for any change
to the directory, move this into a separate method.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
cc625ccd0e fs/adfs: newdir: clean up adfs_f_update()
__adfs_dir_put() and adfs_dir_find_entry() are only called from
adfs_f_update(), so move them into this function, removing some
unnecessary entry copying by doing so.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:42 -05:00
Russell King
9318731bec fs/adfs: newdir: merge adfs_dir_read() into adfs_f_read()
adfs_dir_read() is only called from adfs_f_read(), so merge it into
that function.  As new directories are always 2048 bytes in size,
(which we rely on elsewhere) we can consolidate some of the code.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
7a0e4048bf fs/adfs: newdir: improve directory validation
Check that the lastmask and reserved fields are all zero, as per the
documentation.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
ffc8df347e fs/adfs: newdir: factor out directory format validation
We have two locations where we validate the new directory format, so
factor this out to a helper.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
016936b321 fs/adfs: dir: use pointers to access directory head/tails
Add and use pointers in the adfs_dir structure to access the directory
head and tail structures, which will always be contiguous in a buffer.
This allows us to avoid memcpy()ing the data in the new directory code,
making it slightly more efficient.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
4287e4deb1 fs/adfs: dir: add more efficient iterate() per-format method
Rather than using setpos + getnext to iterate through the directory
entries, pass iterate() down to the dir format code to populate the
dirents.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
cdc46e99e1 fs/adfs: dir: switch to iterate_shared method
There is nothing in our readdir (aka iterate) method that relies on
the directory inode being exclusively locked, so switch to using the
iterate_shared() hook rather than iterate().

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
4a0a88b666 fs/adfs: dir: improve compiler coverage in adfs_dir_update
Get rid of the ifdef, using IS_ENABLED() instead to detect whether the
code should be callable.  This allows the compiler to always parse the
following code, reducing the chances of errors being missed.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
f6075c7907 fs/adfs: dir: improve update failure handling
When we update a directory, a number of errors may happen. If we failed
to find the entry to update, we can just release the directory buffers
as normal.

However, if we have some other error, we may have partially updated the
buffers, resulting in an invalid directory. In this case, we need to
discard the buffers to avoid writing the contents back to the media, and
later re-read the directory from the media.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
ae5df41390 fs/adfs: dir: modernise on-disk directory structures
Use __u8 and pack the structures for on-disk directories.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
deed1bfd15 fs/adfs: dir: update directory locking
Update directory locking such that it covers the validation of the
directory, which could fail if another thread is concurrently writing
to the same directory.  Since we may sleep, we need to use a rwsem
rather than a rw spinlock.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
c3c8149b35 fs/adfs: dir: add helper to mark directory buffers dirty
Provide a helper for marking directory buffers dirty so they get
written back to disk.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
90011c7ad9 fs/adfs: dir: add helper to read directory using inode
Add a helper to read a directory using the inode, which we do in two
places.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
419a6e5e82 fs/adfs: dir: add generic directory reading
Both directory formats code the mechanics of fetching the directory
buffers using their own implementations.  Consolidate these into one
implementation.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
a317120bf7 fs/adfs: dir: add generic copy functions
Directories can span multiple buffers, and we currently open-code
memcpy access to these buffers, including dealing with entries that
are split across multiple buffers.  Such code exists in both
directory format implementations.

Provide common functions to allow data to be copied from/to the
directory buffers as if they were a contiguous set of buffers, and
use them when accessing directories.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
acf5f0be8a fs/adfs: dir: add common directory sync method
adfs_fplus_sync() can be used for both directory formats since we now
have a common way to access the buffer heads, so move it into dir.c
and appropriately rename it.  Remove the directory-format specific
implementations.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
1dd9f5babf fs/adfs: dir: add common directory buffer release method
With the bhs pointer in place, we have no need for separate per-format
free() methods, since a generic version will do.  Provide a generic
implementation, remove the format specific implementations and the
method function pointer.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:41 -05:00
Russell King
95fbadbb55 fs/adfs: dir: add common dir object initialisation
Initialise the dir object before we pass it down to the directory format
specific read handler.  This allows us to get rid of the initialisation
inside those handlers.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
71b2612776 fs/adfs: dir: rename bh_fplus to bhs
Rename bh_fplus to bhs in preparation to make some of the directory
handling code sharable between implementations.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
f93793fd73 fs/adfs: map: fix map scanning
When scanning the map for a fragment id, we need to keep track of the
free space links, so we don't inadvertently believe that the freespace
link is a valid fragment id.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
f6f14a0d71 fs/adfs: map: move map-specific sb initialisation to map.c
Move map specific superblock initialisation to map.c, rather than
having it spread into super.c.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
792314f8b2 fs/adfs: map: use find_next_bit_le() rather than open coding it
Use find_next_bit_le() to find the end of a fragment in the map rather
than open-coding this functionality.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
197ba3c519 fs/adfs: map: incorporate map offsets into layout
lookup_zone() and scan_free_map() cope in different ways with the
location of the map data within a zone:

1. lookup_zone() adds a four byte offset to the map data pointer to
   skip over the check and free link bytes.

2. scan_free_map() needs to use the free link pointer, which is an
   offset from itself, so we end up adding a 32-bit offset to the
   end pointer (aka mapsize) which is really confusing.

Rename mapsize to endbit as this is really what it is, and incorporate
the 32-bit offset into the map layout.  This means that both dm_startbit
and dm_endbit are now bit offsets from the start of the buffer, rather
than four bytes in to the buffer.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
7b19526762 fs/adfs: map: factor out map cleanup
We have several places which deal with releasing the map buffers and
freeing the map array.  Provide a helper for this.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
6092b6be30 fs/adfs: map: break up adfs_read_map()
Split up adfs_read_map() into separate helpers to layout the map,
read the map, and release the map buffers.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
e6160e469f fs/adfs: map: rename adfs_map_free() to adfs_map_statfs()
adfs_map_free() is not obvious whether it is freeing the map or
returning the number of free blocks on the filesystem.  Rename it to
the more generic statfs() to make it clear that it's a statistic
function.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
f75d398d6e fs/adfs: map: move map reading and validation to map.c
Keep all the map code together in map.c, rather than having some in
super.c

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
81916245ce fs/adfs: inode: fix adfs_mode2atts()
Fix adfs_mode2atts() to actually update the file permissions on the
media rather than using the current inode mode.  Note also that
directories do not have read/write permissions stored on the media.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Russell King
eeeb9dd98e fs/adfs: inode: update timestamps to centisecond precision
Despite ADFS timestamps having centi-second granularity, and Linux
gaining fine-grained timestamp support in v2.5.48, fs/adfs was never
updated.

Update fs/adfs to centi-second support, and ensure that the inode ctime
always reflects what is written in underlying media.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2020-01-20 20:12:40 -05:00
Linus Torvalds
d2fbf4b6d5 Merge branch 'work.adfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull adfs updates from Al Viro:
 "More ADFS patches from Russell King"

* 'work.adfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  fs/adfs: add time stamp and file type helpers
  fs/adfs: super: limit idlen according to directory type
  fs/adfs: super: fix use-after-free bug
  fs/adfs: super: safely update options on remount
  fs/adfs: super: correct superblock flags
  fs/adfs: clean up indirect disc addresses and fragment IDs
  fs/adfs: clean up error message printing
  fs/adfs: use %pV for error messages
  fs/adfs: use format_version from disc_record
  fs/adfs: add helper to get filesystem size
  fs/adfs: add helper to get discrecord from map
  fs/adfs: correct disc record structure
2019-07-19 11:33:22 -07:00
Russell King
b4ed8f75c8 fs/adfs: add time stamp and file type helpers
Add some helpers to check whether the inode has a time stamp and file
type, and to parse the file type from the load address.

Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2019-06-26 20:14:14 -04:00