fs/autofs/root.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * Copyright 1997-1998 Transmeta Corporation -- All Rights Reserved
0004  * Copyright 1999-2000 Jeremy Fitzhardinge <jeremy@goop.org>
0005  * Copyright 2001-2006 Ian Kent <raven@themaw.net>
0006  */
0007
0008 #include <linux/capability.h>
0009 #include <linux/compat.h>
0010
0011 #include "autofs_i.h"
0012
0013 static int autofs_dir_permission(struct user_namespace *, struct inode *, int);
0014 static int autofs_dir_symlink(struct user_namespace *, struct inode *,
0015                   struct dentry *, const char *);
0016 static int autofs_dir_unlink(struct inode *, struct dentry *);
0017 static int autofs_dir_rmdir(struct inode *, struct dentry *);
0018 static int autofs_dir_mkdir(struct user_namespace *, struct inode *,
0019                 struct dentry *, umode_t);
0020 static long autofs_root_ioctl(struct file *, unsigned int, unsigned long);
0021 #ifdef CONFIG_COMPAT
0022 static long autofs_root_compat_ioctl(struct file *,
0023                      unsigned int, unsigned long);
0024 #endif
0025 static int autofs_dir_open(struct inode *inode, struct file *file);
0026 static struct dentry *autofs_lookup(struct inode *,
0027                     struct dentry *, unsigned int);
0028 static struct vfsmount *autofs_d_automount(struct path *);
0029 static int autofs_d_manage(const struct path *, bool);
0030 static void autofs_dentry_release(struct dentry *);
0031
0032 const struct file_operations autofs_root_operations = {
0033     .open       = dcache_dir_open,
0034     .release    = dcache_dir_close,
0035     .read       = generic_read_dir,
0036     .iterate_shared = dcache_readdir,
0037     .llseek     = dcache_dir_lseek,
0038     .unlocked_ioctl = autofs_root_ioctl,
0039 #ifdef CONFIG_COMPAT
0040     .compat_ioctl   = autofs_root_compat_ioctl,
0041 #endif
0042 };
0043
0044 const struct file_operations autofs_dir_operations = {
0045     .open       = autofs_dir_open,
0046     .release    = dcache_dir_close,
0047     .read       = generic_read_dir,
0048     .iterate_shared = dcache_readdir,
0049     .llseek     = dcache_dir_lseek,
0050 };
0051
0052 const struct inode_operations autofs_dir_inode_operations = {
0053     .lookup     = autofs_lookup,
0054     .permission = autofs_dir_permission,
0055     .unlink     = autofs_dir_unlink,
0056     .symlink    = autofs_dir_symlink,
0057     .mkdir      = autofs_dir_mkdir,
0058     .rmdir      = autofs_dir_rmdir,
0059 };
0060
0061 const struct dentry_operations autofs_dentry_operations = {
0062     .d_automount    = autofs_d_automount,
0063     .d_manage   = autofs_d_manage,
0064     .d_release  = autofs_dentry_release,
0065 };
0066
0067 static void autofs_del_active(struct dentry *dentry)
0068 {
0069     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0070     struct autofs_info *ino;
0071
0072     ino = autofs_dentry_ino(dentry);
0073     spin_lock(&sbi->lookup_lock);
0074     list_del_init(&ino->active);
0075     spin_unlock(&sbi->lookup_lock);
0076 }
0077
0078 static int autofs_dir_open(struct inode *inode, struct file *file)
0079 {
0080     struct dentry *dentry = file->f_path.dentry;
0081     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0082     struct autofs_info *ino = autofs_dentry_ino(dentry);
0083
0084     pr_debug("file=%p dentry=%p %pd\n", file, dentry, dentry);
0085
0086     if (autofs_oz_mode(sbi))
0087         goto out;
0088
0089     /*
0090      * An empty directory in an autofs file system is always a
0091      * mount point. The daemon must have failed to mount this
0092      * during lookup so it doesn't exist. This can happen, for
0093      * example, if user space returns an incorrect status for a
0094      * mount request. Otherwise we're doing a readdir on the
0095      * autofs file system so just let the libfs routines handle
0096      * it.
0097      */
0098     spin_lock(&sbi->lookup_lock);
0099     if (!path_is_mountpoint(&file->f_path) && autofs_empty(ino)) {
0100         spin_unlock(&sbi->lookup_lock);
0101         return -ENOENT;
0102     }
0103     spin_unlock(&sbi->lookup_lock);
0104
0105 out:
0106     return dcache_dir_open(inode, file);
0107 }
0108
0109 static void autofs_dentry_release(struct dentry *de)
0110 {
0111     struct autofs_info *ino = autofs_dentry_ino(de);
0112     struct autofs_sb_info *sbi = autofs_sbi(de->d_sb);
0113
0114     pr_debug("releasing %p\n", de);
0115
0116     if (!ino)
0117         return;
0118
0119     if (sbi) {
0120         spin_lock(&sbi->lookup_lock);
0121         if (!list_empty(&ino->active))
0122             list_del(&ino->active);
0123         if (!list_empty(&ino->expiring))
0124             list_del(&ino->expiring);
0125         spin_unlock(&sbi->lookup_lock);
0126     }
0127
0128     autofs_free_ino(ino);
0129 }
0130
0131 static struct dentry *autofs_lookup_active(struct dentry *dentry)
0132 {
0133     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0134     struct dentry *parent = dentry->d_parent;
0135     const struct qstr *name = &dentry->d_name;
0136     unsigned int len = name->len;
0137     unsigned int hash = name->hash;
0138     const unsigned char *str = name->name;
0139     struct list_head *p, *head;
0140
0141     head = &sbi->active_list;
0142     if (list_empty(head))
0143         return NULL;
0144     spin_lock(&sbi->lookup_lock);
0145     list_for_each(p, head) {
0146         struct autofs_info *ino;
0147         struct dentry *active;
0148         const struct qstr *qstr;
0149
0150         ino = list_entry(p, struct autofs_info, active);
0151         active = ino->dentry;
0152
0153         spin_lock(&active->d_lock);
0154
0155         /* Already gone? */
0156         if ((int) d_count(active) <= 0)
0157             goto next;
0158
0159         qstr = &active->d_name;
0160
0161         if (active->d_name.hash != hash)
0162             goto next;
0163         if (active->d_parent != parent)
0164             goto next;
0165
0166         if (qstr->len != len)
0167             goto next;
0168         if (memcmp(qstr->name, str, len))
0169             goto next;
0170
0171         if (d_unhashed(active)) {
0172             dget_dlock(active);
0173             spin_unlock(&active->d_lock);
0174             spin_unlock(&sbi->lookup_lock);
0175             return active;
0176         }
0177 next:
0178         spin_unlock(&active->d_lock);
0179     }
0180     spin_unlock(&sbi->lookup_lock);
0181
0182     return NULL;
0183 }
0184
0185 static struct dentry *autofs_lookup_expiring(struct dentry *dentry,
0186                          bool rcu_walk)
0187 {
0188     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0189     struct dentry *parent = dentry->d_parent;
0190     const struct qstr *name = &dentry->d_name;
0191     unsigned int len = name->len;
0192     unsigned int hash = name->hash;
0193     const unsigned char *str = name->name;
0194     struct list_head *p, *head;
0195
0196     head = &sbi->expiring_list;
0197     if (list_empty(head))
0198         return NULL;
0199     spin_lock(&sbi->lookup_lock);
0200     list_for_each(p, head) {
0201         struct autofs_info *ino;
0202         struct dentry *expiring;
0203         const struct qstr *qstr;
0204
0205         if (rcu_walk) {
0206             spin_unlock(&sbi->lookup_lock);
0207             return ERR_PTR(-ECHILD);
0208         }
0209
0210         ino = list_entry(p, struct autofs_info, expiring);
0211         expiring = ino->dentry;
0212
0213         spin_lock(&expiring->d_lock);
0214
0215         /* We've already been dentry_iput or unlinked */
0216         if (d_really_is_negative(expiring))
0217             goto next;
0218
0219         qstr = &expiring->d_name;
0220
0221         if (expiring->d_name.hash != hash)
0222             goto next;
0223         if (expiring->d_parent != parent)
0224             goto next;
0225
0226         if (qstr->len != len)
0227             goto next;
0228         if (memcmp(qstr->name, str, len))
0229             goto next;
0230
0231         if (d_unhashed(expiring)) {
0232             dget_dlock(expiring);
0233             spin_unlock(&expiring->d_lock);
0234             spin_unlock(&sbi->lookup_lock);
0235             return expiring;
0236         }
0237 next:
0238         spin_unlock(&expiring->d_lock);
0239     }
0240     spin_unlock(&sbi->lookup_lock);
0241
0242     return NULL;
0243 }
0244
0245 static int autofs_mount_wait(const struct path *path, bool rcu_walk)
0246 {
0247     struct autofs_sb_info *sbi = autofs_sbi(path->dentry->d_sb);
0248     struct autofs_info *ino = autofs_dentry_ino(path->dentry);
0249     int status = 0;
0250
0251     if (ino->flags & AUTOFS_INF_PENDING) {
0252         if (rcu_walk)
0253             return -ECHILD;
0254         pr_debug("waiting for mount name=%pd\n", path->dentry);
0255         status = autofs_wait(sbi, path, NFY_MOUNT);
0256         pr_debug("mount wait done status=%d\n", status);
0257         ino->last_used = jiffies;
0258         return status;
0259     }
0260     if (!(sbi->flags & AUTOFS_SBI_STRICTEXPIRE))
0261         ino->last_used = jiffies;
0262     return status;
0263 }
0264
0265 static int do_expire_wait(const struct path *path, bool rcu_walk)
0266 {
0267     struct dentry *dentry = path->dentry;
0268     struct dentry *expiring;
0269
0270     expiring = autofs_lookup_expiring(dentry, rcu_walk);
0271     if (IS_ERR(expiring))
0272         return PTR_ERR(expiring);
0273     if (!expiring)
0274         return autofs_expire_wait(path, rcu_walk);
0275     else {
0276         const struct path this = { .mnt = path->mnt, .dentry = expiring };
0277         /*
0278          * If we are racing with expire the request might not
0279          * be quite complete, but the directory has been removed
0280          * so it must have been successful, just wait for it.
0281          */
0282         autofs_expire_wait(&this, 0);
0283         autofs_del_expiring(expiring);
0284         dput(expiring);
0285     }
0286     return 0;
0287 }
0288
0289 static struct dentry *autofs_mountpoint_changed(struct path *path)
0290 {
0291     struct dentry *dentry = path->dentry;
0292     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0293
0294     /* If this is an indirect mount the dentry could have gone away
0295      * and a new one created.
0296      *
0297      * This is unusual and I can't remember the case for which it
0298      * was originally added now. But an example of how this can
0299      * happen is an autofs indirect mount that has the "browse"
0300      * option set and also has the "symlink" option in the autofs
0301      * map entry. In this case the daemon will remove the browse
0302      * directory and create a symlink as the mount leaving the
0303      * struct path stale.
0304      *
0305      * Another not so obvious case is when a mount in an autofs
0306      * indirect mount that uses the "nobrowse" option is being
0307      * expired at the same time as a path walk. If the mount has
0308      * been umounted but the mount point directory seen before
0309      * becoming unhashed (during a lockless path walk) when a stat
0310      * family system call is made the mount won't be re-mounted as
0311      * it should. In this case the mount point that's been removed
0312      * (by the daemon) will be stale and the a new mount point
0313      * dentry created.
0314      */
0315     if (autofs_type_indirect(sbi->type) && d_unhashed(dentry)) {
0316         struct dentry *parent = dentry->d_parent;
0317         struct autofs_info *ino;
0318         struct dentry *new;
0319
0320         new = d_lookup(parent, &dentry->d_name);
0321         if (!new)
0322             return NULL;
0323         ino = autofs_dentry_ino(new);
0324         ino->last_used = jiffies;
0325         dput(path->dentry);
0326         path->dentry = new;
0327     }
0328     return path->dentry;
0329 }
0330
0331 static struct vfsmount *autofs_d_automount(struct path *path)
0332 {
0333     struct dentry *dentry = path->dentry;
0334     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0335     struct autofs_info *ino = autofs_dentry_ino(dentry);
0336     int status;
0337
0338     pr_debug("dentry=%p %pd\n", dentry, dentry);
0339
0340     /* The daemon never triggers a mount. */
0341     if (autofs_oz_mode(sbi))
0342         return NULL;
0343
0344     /*
0345      * If an expire request is pending everyone must wait.
0346      * If the expire fails we're still mounted so continue
0347      * the follow and return. A return of -EAGAIN (which only
0348      * happens with indirect mounts) means the expire completed
0349      * and the directory was removed, so just go ahead and try
0350      * the mount.
0351      */
0352     status = do_expire_wait(path, 0);
0353     if (status && status != -EAGAIN)
0354         return NULL;
0355
0356     /* Callback to the daemon to perform the mount or wait */
0357     spin_lock(&sbi->fs_lock);
0358     if (ino->flags & AUTOFS_INF_PENDING) {
0359         spin_unlock(&sbi->fs_lock);
0360         status = autofs_mount_wait(path, 0);
0361         if (status)
0362             return ERR_PTR(status);
0363         goto done;
0364     }
0365
0366     /*
0367      * If the dentry is a symlink it's equivalent to a directory
0368      * having path_is_mountpoint() true, so there's no need to call
0369      * back to the daemon.
0370      */
0371     if (d_really_is_positive(dentry) && d_is_symlink(dentry)) {
0372         spin_unlock(&sbi->fs_lock);
0373         goto done;
0374     }
0375
0376     if (!path_is_mountpoint(path)) {
0377         /*
0378          * It's possible that user space hasn't removed directories
0379          * after umounting a rootless multi-mount, although it
0380          * should. For v5 path_has_submounts() is sufficient to
0381          * handle this because the leaves of the directory tree under
0382          * the mount never trigger mounts themselves (they have an
0383          * autofs trigger mount mounted on them). But v4 pseudo direct
0384          * mounts do need the leaves to trigger mounts. In this case
0385          * we have no choice but to use the autofs_empty() check and
0386          * require user space behave.
0387          */
0388         if (sbi->version > 4) {
0389             if (path_has_submounts(path)) {
0390                 spin_unlock(&sbi->fs_lock);
0391                 goto done;
0392             }
0393         } else {
0394             if (!autofs_empty(ino)) {
0395                 spin_unlock(&sbi->fs_lock);
0396                 goto done;
0397             }
0398         }
0399         ino->flags |= AUTOFS_INF_PENDING;
0400         spin_unlock(&sbi->fs_lock);
0401         status = autofs_mount_wait(path, 0);
0402         spin_lock(&sbi->fs_lock);
0403         ino->flags &= ~AUTOFS_INF_PENDING;
0404         if (status) {
0405             spin_unlock(&sbi->fs_lock);
0406             return ERR_PTR(status);
0407         }
0408     }
0409     spin_unlock(&sbi->fs_lock);
0410 done:
0411     /* Mount succeeded, check if we ended up with a new dentry */
0412     dentry = autofs_mountpoint_changed(path);
0413     if (!dentry)
0414         return ERR_PTR(-ENOENT);
0415
0416     return NULL;
0417 }
0418
0419 static int autofs_d_manage(const struct path *path, bool rcu_walk)
0420 {
0421     struct dentry *dentry = path->dentry;
0422     struct autofs_sb_info *sbi = autofs_sbi(dentry->d_sb);
0423     struct autofs_info *ino = autofs_dentry_ino(dentry);
0424     int status;
0425
0426     pr_debug("dentry=%p %pd\n", dentry, dentry);
0427
0428     /* The daemon never waits. */
0429     if (autofs_oz_mode(sbi)) {
0430         if (!path_is_mountpoint(path))
0431             return -EISDIR;
0432         return 0;
0433     }
0434
0435     /* Wait for pending expires */
0436     if (do_expire_wait(path, rcu_walk) == -ECHILD)
0437         return -ECHILD;
0438
0439     /*
0440      * This dentry may be under construction so wait on mount
0441      * completion.
0442      */
0443     status = autofs_mount_wait(path, rcu_walk);
0444     if (status)
0445         return status;
0446
0447     if (rcu_walk) {
0448         /* We don't need fs_lock in rcu_walk mode,
0449          * just testing 'AUTOFS_INF_WANT_EXPIRE' is enough.
0450          *
0451          * We only return -EISDIR when certain this isn't
0452          * a mount-trap.
0453          */
0454         struct inode *inode;
0455
0456         if (ino->flags & AUTOFS_INF_WANT_EXPIRE)
0457             return 0;
0458         if (path_is_mountpoint(path))
0459             return 0;
0460         inode = d_inode_rcu(dentry);
0461         if (inode && S_ISLNK(inode->i_mode))
0462             return -EISDIR;
0463         if (!autofs_empty(ino))
0464             return -EISDIR;
0465         return 0;
0466     }
0467
0468     spin_lock(&sbi->fs_lock);
0469     /*
0470      * If the dentry has been selected for expire while we slept
0471      * on the lock then it might go away. We'll deal with that in
0472      * ->d_automount() and wait on a new mount if the expire
0473      * succeeds or return here if it doesn't (since there's no
0474      * mount to follow with a rootless multi-mount).
0475      */
0476     if (!(ino->flags & AUTOFS_INF_EXPIRING)) {
0477         /*
0478          * Any needed mounting has been completed and the path
0479          * updated so check if this is a rootless multi-mount so
0480          * we can avoid needless calls ->d_automount() and avoid
0481          * an incorrect ELOOP error return.
0482          */
0483         if ((!path_is_mountpoint(path) && !autofs_empty(ino)) ||
0484             (d_really_is_positive(dentry) && d_is_symlink(dentry)))
0485             status = -EISDIR;
0486     }
0487     spin_unlock(&sbi->fs_lock);
0488
0489     return status;
0490 }
0491
0492 /* Lookups in the root directory */
0493 static struct dentry *autofs_lookup(struct inode *dir,
0494                     struct dentry *dentry, unsigned int flags)
0495 {
0496     struct autofs_sb_info *sbi;
0497     struct autofs_info *ino;
0498     struct dentry *active;
0499
0500     pr_debug("name = %pd\n", dentry);
0501
0502     /* File name too long to exist */
0503     if (dentry->d_name.len > NAME_MAX)
0504         return ERR_PTR(-ENAMETOOLONG);
0505
0506     sbi = autofs_sbi(dir->i_sb);
0507
0508     pr_debug("pid = %u, pgrp = %u, catatonic = %d, oz_mode = %d\n",
0509          current->pid, task_pgrp_nr(current),
0510          sbi->flags & AUTOFS_SBI_CATATONIC,
0511          autofs_oz_mode(sbi));
0512
0513     active = autofs_lookup_active(dentry);
0514     if (active)
0515         return active;
0516     else {
0517         /*
0518          * A dentry that is not within the root can never trigger a
0519          * mount operation, unless the directory already exists, so we
0520          * can return fail immediately.  The daemon however does need
0521          * to create directories within the file system.
0522          */
0523         if (!autofs_oz_mode(sbi) && !IS_ROOT(dentry->d_parent))
0524             return ERR_PTR(-ENOENT);
0525
0526         ino = autofs_new_ino(sbi);
0527         if (!ino)
0528             return ERR_PTR(-ENOMEM);
0529
0530         spin_lock(&sbi->lookup_lock);
0531         spin_lock(&dentry->d_lock);
0532         /* Mark entries in the root as mount triggers */
0533         if (IS_ROOT(dentry->d_parent) &&
0534             autofs_type_indirect(sbi->type))
0535             __managed_dentry_set_managed(dentry);
0536         dentry->d_fsdata = ino;
0537         ino->dentry = dentry;
0538
0539         list_add(&ino->active, &sbi->active_list);
0540         spin_unlock(&sbi->lookup_lock);
0541         spin_unlock(&dentry->d_lock);
0542     }
0543     return NULL;
0544 }
0545
0546 static int autofs_dir_permission(struct user_namespace *mnt_userns,
0547                  struct inode *inode, int mask)
0548 {
0549     if (mask & MAY_WRITE) {
0550         struct autofs_sb_info *sbi = autofs_sbi(inode->i_sb);
0551
0552         if (!autofs_oz_mode(sbi))
0553             return -EACCES;
0554
0555         /* autofs_oz_mode() needs to allow path walks when the
0556          * autofs mount is catatonic but the state of an autofs
0557          * file system needs to be preserved over restarts.
0558          */
0559         if (sbi->flags & AUTOFS_SBI_CATATONIC)
0560             return -EACCES;
0561     }
0562
0563     return generic_permission(mnt_userns, inode, mask);
0564 }
0565
0566 static int autofs_dir_symlink(struct user_namespace *mnt_userns,
0567                   struct inode *dir, struct dentry *dentry,
0568                   const char *symname)
0569 {
0570     struct autofs_info *ino = autofs_dentry_ino(dentry);
0571     struct autofs_info *p_ino;
0572     struct inode *inode;
0573     size_t size = strlen(symname);
0574     char *cp;
0575
0576     pr_debug("%s <- %pd\n", symname, dentry);
0577
0578     BUG_ON(!ino);
0579
0580     autofs_clean_ino(ino);
0581
0582     autofs_del_active(dentry);
0583
0584     cp = kmalloc(size + 1, GFP_KERNEL);
0585     if (!cp)
0586         return -ENOMEM;
0587
0588     strcpy(cp, symname);
0589
0590     inode = autofs_get_inode(dir->i_sb, S_IFLNK | 0555);
0591     if (!inode) {
0592         kfree(cp);
0593         return -ENOMEM;
0594     }
0595     inode->i_private = cp;
0596     inode->i_size = size;
0597     d_add(dentry, inode);
0598
0599     dget(dentry);
0600     p_ino = autofs_dentry_ino(dentry->d_parent);
0601     p_ino->count++;
0602
0603     dir->i_mtime = current_time(dir);
0604
0605     return 0;
0606 }
0607
0608 /*
0609  * NOTE!
0610  *
0611  * Normal filesystems would do a "d_delete()" to tell the VFS dcache
0612  * that the file no longer exists. However, doing that means that the
0613  * VFS layer can turn the dentry into a negative dentry.  We don't want
0614  * this, because the unlink is probably the result of an expire.
0615  * We simply d_drop it and add it to a expiring list in the super block,
0616  * which allows the dentry lookup to check for an incomplete expire.
0617  *
0618  * If a process is blocked on the dentry waiting for the expire to finish,
0619  * it will invalidate the dentry and try to mount with a new one.
0620  *
0621  * Also see autofs_dir_rmdir()..
0622  */
0623 static int autofs_dir_unlink(struct inode *dir, struct dentry *dentry)
0624 {
0625     struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb);
0626     struct autofs_info *ino = autofs_dentry_ino(dentry);
0627     struct autofs_info *p_ino;
0628
0629     p_ino = autofs_dentry_ino(dentry->d_parent);
0630     p_ino->count--;
0631     dput(ino->dentry);
0632
0633     d_inode(dentry)->i_size = 0;
0634     clear_nlink(d_inode(dentry));
0635
0636     dir->i_mtime = current_time(dir);
0637
0638     spin_lock(&sbi->lookup_lock);
0639     __autofs_add_expiring(dentry);
0640     d_drop(dentry);
0641     spin_unlock(&sbi->lookup_lock);
0642
0643     return 0;
0644 }
0645
0646 /*
0647  * Version 4 of autofs provides a pseudo direct mount implementation
0648  * that relies on directories at the leaves of a directory tree under
0649  * an indirect mount to trigger mounts. To allow for this we need to
0650  * set the DMANAGED_AUTOMOUNT and DMANAGED_TRANSIT flags on the leaves
0651  * of the directory tree. There is no need to clear the automount flag
0652  * following a mount or restore it after an expire because these mounts
0653  * are always covered. However, it is necessary to ensure that these
0654  * flags are clear on non-empty directories to avoid unnecessary calls
0655  * during path walks.
0656  */
0657 static void autofs_set_leaf_automount_flags(struct dentry *dentry)
0658 {
0659     struct dentry *parent;
0660
0661     /* root and dentrys in the root are already handled */
0662     if (IS_ROOT(dentry->d_parent))
0663         return;
0664
0665     managed_dentry_set_managed(dentry);
0666
0667     parent = dentry->d_parent;
0668     /* only consider parents below dentrys in the root */
0669     if (IS_ROOT(parent->d_parent))
0670         return;
0671     managed_dentry_clear_managed(parent);
0672 }
0673
0674 static void autofs_clear_leaf_automount_flags(struct dentry *dentry)
0675 {
0676     struct dentry *parent;
0677
0678     /* flags for dentrys in the root are handled elsewhere */
0679     if (IS_ROOT(dentry->d_parent))
0680         return;
0681
0682     managed_dentry_clear_managed(dentry);
0683
0684     parent = dentry->d_parent;
0685     /* only consider parents below dentrys in the root */
0686     if (IS_ROOT(parent->d_parent))
0687         return;
0688     if (autofs_dentry_ino(parent)->count == 2)
0689         managed_dentry_set_managed(parent);
0690 }
0691
0692 static int autofs_dir_rmdir(struct inode *dir, struct dentry *dentry)
0693 {
0694     struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb);
0695     struct autofs_info *ino = autofs_dentry_ino(dentry);
0696     struct autofs_info *p_ino;
0697
0698     pr_debug("dentry %p, removing %pd\n", dentry, dentry);
0699
0700     if (ino->count != 1)
0701         return -ENOTEMPTY;
0702
0703     spin_lock(&sbi->lookup_lock);
0704     __autofs_add_expiring(dentry);
0705     d_drop(dentry);
0706     spin_unlock(&sbi->lookup_lock);
0707
0708     if (sbi->version < 5)
0709         autofs_clear_leaf_automount_flags(dentry);
0710
0711     p_ino = autofs_dentry_ino(dentry->d_parent);
0712     p_ino->count--;
0713     dput(ino->dentry);
0714     d_inode(dentry)->i_size = 0;
0715     clear_nlink(d_inode(dentry));
0716
0717     if (dir->i_nlink)
0718         drop_nlink(dir);
0719
0720     return 0;
0721 }
0722
0723 static int autofs_dir_mkdir(struct user_namespace *mnt_userns,
0724                 struct inode *dir, struct dentry *dentry,
0725                 umode_t mode)
0726 {
0727     struct autofs_sb_info *sbi = autofs_sbi(dir->i_sb);
0728     struct autofs_info *ino = autofs_dentry_ino(dentry);
0729     struct autofs_info *p_ino;
0730     struct inode *inode;
0731
0732     pr_debug("dentry %p, creating %pd\n", dentry, dentry);
0733
0734     BUG_ON(!ino);
0735
0736     autofs_clean_ino(ino);
0737
0738     autofs_del_active(dentry);
0739
0740     inode = autofs_get_inode(dir->i_sb, S_IFDIR | mode);
0741     if (!inode)
0742         return -ENOMEM;
0743     d_add(dentry, inode);
0744
0745     if (sbi->version < 5)
0746         autofs_set_leaf_automount_flags(dentry);
0747
0748     dget(dentry);
0749     p_ino = autofs_dentry_ino(dentry->d_parent);
0750     p_ino->count++;
0751     inc_nlink(dir);
0752     dir->i_mtime = current_time(dir);
0753
0754     return 0;
0755 }
0756
0757 /* Get/set timeout ioctl() operation */
0758 #ifdef CONFIG_COMPAT
0759 static inline int autofs_compat_get_set_timeout(struct autofs_sb_info *sbi,
0760                          compat_ulong_t __user *p)
0761 {
0762     unsigned long ntimeout;
0763     int rv;
0764
0765     rv = get_user(ntimeout, p);
0766     if (rv)
0767         goto error;
0768
0769     rv = put_user(sbi->exp_timeout/HZ, p);
0770     if (rv)
0771         goto error;
0772
0773     if (ntimeout > UINT_MAX/HZ)
0774         sbi->exp_timeout = 0;
0775     else
0776         sbi->exp_timeout = ntimeout * HZ;
0777
0778     return 0;
0779 error:
0780     return rv;
0781 }
0782 #endif
0783
0784 static inline int autofs_get_set_timeout(struct autofs_sb_info *sbi,
0785                       unsigned long __user *p)
0786 {
0787     unsigned long ntimeout;
0788     int rv;
0789
0790     rv = get_user(ntimeout, p);
0791     if (rv)
0792         goto error;
0793
0794     rv = put_user(sbi->exp_timeout/HZ, p);
0795     if (rv)
0796         goto error;
0797
0798     if (ntimeout > ULONG_MAX/HZ)
0799         sbi->exp_timeout = 0;
0800     else
0801         sbi->exp_timeout = ntimeout * HZ;
0802
0803     return 0;
0804 error:
0805     return rv;
0806 }
0807
0808 /* Return protocol version */
0809 static inline int autofs_get_protover(struct autofs_sb_info *sbi,
0810                        int __user *p)
0811 {
0812     return put_user(sbi->version, p);
0813 }
0814
0815 /* Return protocol sub version */
0816 static inline int autofs_get_protosubver(struct autofs_sb_info *sbi,
0817                       int __user *p)
0818 {
0819     return put_user(sbi->sub_version, p);
0820 }
0821
0822 /*
0823 * Tells the daemon whether it can umount the autofs mount.
0824 */
0825 static inline int autofs_ask_umount(struct vfsmount *mnt, int __user *p)
0826 {
0827     int status = 0;
0828
0829     if (may_umount(mnt))
0830         status = 1;
0831
0832     pr_debug("may umount %d\n", status);
0833
0834     status = put_user(status, p);
0835
0836     return status;
0837 }
0838
0839 /* Identify autofs_dentries - this is so we can tell if there's
0840  * an extra dentry refcount or not.  We only hold a refcount on the
0841  * dentry if its non-negative (ie, d_inode != NULL)
0842  */
0843 int is_autofs_dentry(struct dentry *dentry)
0844 {
0845     return dentry && d_really_is_positive(dentry) &&
0846         dentry->d_op == &autofs_dentry_operations &&
0847         dentry->d_fsdata != NULL;
0848 }
0849
0850 /*
0851  * ioctl()'s on the root directory is the chief method for the daemon to
0852  * generate kernel reactions
0853  */
0854 static int autofs_root_ioctl_unlocked(struct inode *inode, struct file *filp,
0855                        unsigned int cmd, unsigned long arg)
0856 {
0857     struct autofs_sb_info *sbi = autofs_sbi(inode->i_sb);
0858     void __user *p = (void __user *)arg;
0859
0860     pr_debug("cmd = 0x%08x, arg = 0x%08lx, sbi = %p, pgrp = %u\n",
0861          cmd, arg, sbi, task_pgrp_nr(current));
0862
0863     if (_IOC_TYPE(cmd) != _IOC_TYPE(AUTOFS_IOC_FIRST) ||
0864          _IOC_NR(cmd) - _IOC_NR(AUTOFS_IOC_FIRST) >= AUTOFS_IOC_COUNT)
0865         return -ENOTTY;
0866
0867     if (!autofs_oz_mode(sbi) && !capable(CAP_SYS_ADMIN))
0868         return -EPERM;
0869
0870     switch (cmd) {
0871     case AUTOFS_IOC_READY:  /* Wait queue: go ahead and retry */
0872         return autofs_wait_release(sbi, (autofs_wqt_t) arg, 0);
0873     case AUTOFS_IOC_FAIL:   /* Wait queue: fail with ENOENT */
0874         return autofs_wait_release(sbi, (autofs_wqt_t) arg, -ENOENT);
0875     case AUTOFS_IOC_CATATONIC: /* Enter catatonic mode (daemon shutdown) */
0876         autofs_catatonic_mode(sbi);
0877         return 0;
0878     case AUTOFS_IOC_PROTOVER: /* Get protocol version */
0879         return autofs_get_protover(sbi, p);
0880     case AUTOFS_IOC_PROTOSUBVER: /* Get protocol sub version */
0881         return autofs_get_protosubver(sbi, p);
0882     case AUTOFS_IOC_SETTIMEOUT:
0883         return autofs_get_set_timeout(sbi, p);
0884 #ifdef CONFIG_COMPAT
0885     case AUTOFS_IOC_SETTIMEOUT32:
0886         return autofs_compat_get_set_timeout(sbi, p);
0887 #endif
0888
0889     case AUTOFS_IOC_ASKUMOUNT:
0890         return autofs_ask_umount(filp->f_path.mnt, p);
0891
0892     /* return a single thing to expire */
0893     case AUTOFS_IOC_EXPIRE:
0894         return autofs_expire_run(inode->i_sb, filp->f_path.mnt, sbi, p);
0895     /* same as above, but can send multiple expires through pipe */
0896     case AUTOFS_IOC_EXPIRE_MULTI:
0897         return autofs_expire_multi(inode->i_sb,
0898                        filp->f_path.mnt, sbi, p);
0899
0900     default:
0901         return -EINVAL;
0902     }
0903 }
0904
0905 static long autofs_root_ioctl(struct file *filp,
0906                    unsigned int cmd, unsigned long arg)
0907 {
0908     struct inode *inode = file_inode(filp);
0909
0910     return autofs_root_ioctl_unlocked(inode, filp, cmd, arg);
0911 }
0912
0913 #ifdef CONFIG_COMPAT
0914 static long autofs_root_compat_ioctl(struct file *filp,
0915                       unsigned int cmd, unsigned long arg)
0916 {
0917     struct inode *inode = file_inode(filp);
0918     int ret;
0919
0920     if (cmd == AUTOFS_IOC_READY || cmd == AUTOFS_IOC_FAIL)
0921         ret = autofs_root_ioctl_unlocked(inode, filp, cmd, arg);
0922     else
0923         ret = autofs_root_ioctl_unlocked(inode, filp, cmd,
0924                           (unsigned long) compat_ptr(arg));
0925
0926     return ret;
0927 }
0928 #endif