fs/autofs/waitq.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * Copyright 1997-1998 Transmeta Corporation -- All Rights Reserved
0004  * Copyright 2001-2006 Ian Kent <raven@themaw.net>
0005  */
0006
0007 #include <linux/sched/signal.h>
0008 #include "autofs_i.h"
0009
0010 /* We make this a static variable rather than a part of the superblock; it
0011  * is better if we don't reassign numbers easily even across filesystems
0012  */
0013 static autofs_wqt_t autofs_next_wait_queue = 1;
0014
0015 void autofs_catatonic_mode(struct autofs_sb_info *sbi)
0016 {
0017     struct autofs_wait_queue *wq, *nwq;
0018
0019     mutex_lock(&sbi->wq_mutex);
0020     if (sbi->flags & AUTOFS_SBI_CATATONIC) {
0021         mutex_unlock(&sbi->wq_mutex);
0022         return;
0023     }
0024
0025     pr_debug("entering catatonic mode\n");
0026
0027     sbi->flags |= AUTOFS_SBI_CATATONIC;
0028     wq = sbi->queues;
0029     sbi->queues = NULL; /* Erase all wait queues */
0030     while (wq) {
0031         nwq = wq->next;
0032         wq->status = -ENOENT; /* Magic is gone - report failure */
0033         kfree(wq->name.name - wq->offset);
0034         wq->name.name = NULL;
0035         wq->wait_ctr--;
0036         wake_up_interruptible(&wq->queue);
0037         wq = nwq;
0038     }
0039     fput(sbi->pipe);    /* Close the pipe */
0040     sbi->pipe = NULL;
0041     sbi->pipefd = -1;
0042     mutex_unlock(&sbi->wq_mutex);
0043 }
0044
0045 static int autofs_write(struct autofs_sb_info *sbi,
0046             struct file *file, const void *addr, int bytes)
0047 {
0048     unsigned long sigpipe, flags;
0049     const char *data = (const char *)addr;
0050     ssize_t wr = 0;
0051
0052     sigpipe = sigismember(&current->pending.signal, SIGPIPE);
0053
0054     mutex_lock(&sbi->pipe_mutex);
0055     while (bytes) {
0056         wr = __kernel_write(file, data, bytes, NULL);
0057         if (wr <= 0)
0058             break;
0059         data += wr;
0060         bytes -= wr;
0061     }
0062     mutex_unlock(&sbi->pipe_mutex);
0063
0064     /* Keep the currently executing process from receiving a
0065      * SIGPIPE unless it was already supposed to get one
0066      */
0067     if (wr == -EPIPE && !sigpipe) {
0068         spin_lock_irqsave(&current->sighand->siglock, flags);
0069         sigdelset(&current->pending.signal, SIGPIPE);
0070         recalc_sigpending();
0071         spin_unlock_irqrestore(&current->sighand->siglock, flags);
0072     }
0073
0074     /* if 'wr' returned 0 (impossible) we assume -EIO (safe) */
0075     return bytes == 0 ? 0 : wr < 0 ? wr : -EIO;
0076 }
0077
0078 static void autofs_notify_daemon(struct autofs_sb_info *sbi,
0079                  struct autofs_wait_queue *wq,
0080                  int type)
0081 {
0082     union {
0083         struct autofs_packet_hdr hdr;
0084         union autofs_packet_union v4_pkt;
0085         union autofs_v5_packet_union v5_pkt;
0086     } pkt;
0087     struct file *pipe = NULL;
0088     size_t pktsz;
0089     int ret;
0090
0091     pr_debug("wait id = 0x%08lx, name = %.*s, type=%d\n",
0092          (unsigned long) wq->wait_queue_token,
0093          wq->name.len, wq->name.name, type);
0094
0095     memset(&pkt, 0, sizeof(pkt)); /* For security reasons */
0096
0097     pkt.hdr.proto_version = sbi->version;
0098     pkt.hdr.type = type;
0099
0100     switch (type) {
0101     /* Kernel protocol v4 missing and expire packets */
0102     case autofs_ptype_missing:
0103     {
0104         struct autofs_packet_missing *mp = &pkt.v4_pkt.missing;
0105
0106         pktsz = sizeof(*mp);
0107
0108         mp->wait_queue_token = wq->wait_queue_token;
0109         mp->len = wq->name.len;
0110         memcpy(mp->name, wq->name.name, wq->name.len);
0111         mp->name[wq->name.len] = '\0';
0112         break;
0113     }
0114     case autofs_ptype_expire_multi:
0115     {
0116         struct autofs_packet_expire_multi *ep =
0117                     &pkt.v4_pkt.expire_multi;
0118
0119         pktsz = sizeof(*ep);
0120
0121         ep->wait_queue_token = wq->wait_queue_token;
0122         ep->len = wq->name.len;
0123         memcpy(ep->name, wq->name.name, wq->name.len);
0124         ep->name[wq->name.len] = '\0';
0125         break;
0126     }
0127     /*
0128      * Kernel protocol v5 packet for handling indirect and direct
0129      * mount missing and expire requests
0130      */
0131     case autofs_ptype_missing_indirect:
0132     case autofs_ptype_expire_indirect:
0133     case autofs_ptype_missing_direct:
0134     case autofs_ptype_expire_direct:
0135     {
0136         struct autofs_v5_packet *packet = &pkt.v5_pkt.v5_packet;
0137         struct user_namespace *user_ns = sbi->pipe->f_cred->user_ns;
0138
0139         pktsz = sizeof(*packet);
0140
0141         packet->wait_queue_token = wq->wait_queue_token;
0142         packet->len = wq->name.len;
0143         memcpy(packet->name, wq->name.name, wq->name.len);
0144         packet->name[wq->name.len] = '\0';
0145         packet->dev = wq->dev;
0146         packet->ino = wq->ino;
0147         packet->uid = from_kuid_munged(user_ns, wq->uid);
0148         packet->gid = from_kgid_munged(user_ns, wq->gid);
0149         packet->pid = wq->pid;
0150         packet->tgid = wq->tgid;
0151         break;
0152     }
0153     default:
0154         pr_warn("bad type %d!\n", type);
0155         mutex_unlock(&sbi->wq_mutex);
0156         return;
0157     }
0158
0159     pipe = get_file(sbi->pipe);
0160
0161     mutex_unlock(&sbi->wq_mutex);
0162
0163     switch (ret = autofs_write(sbi, pipe, &pkt, pktsz)) {
0164     case 0:
0165         break;
0166     case -ENOMEM:
0167     case -ERESTARTSYS:
0168         /* Just fail this one */
0169         autofs_wait_release(sbi, wq->wait_queue_token, ret);
0170         break;
0171     default:
0172         autofs_catatonic_mode(sbi);
0173         break;
0174     }
0175     fput(pipe);
0176 }
0177
0178 static struct autofs_wait_queue *
0179 autofs_find_wait(struct autofs_sb_info *sbi, const struct qstr *qstr)
0180 {
0181     struct autofs_wait_queue *wq;
0182
0183     for (wq = sbi->queues; wq; wq = wq->next) {
0184         if (wq->name.hash == qstr->hash &&
0185             wq->name.len == qstr->len &&
0186             wq->name.name &&
0187             !memcmp(wq->name.name, qstr->name, qstr->len))
0188             break;
0189     }
0190     return wq;
0191 }
0192
0193 /*
0194  * Check if we have a valid request.
0195  * Returns
0196  * 1 if the request should continue.
0197  *   In this case we can return an autofs_wait_queue entry if one is
0198  *   found or NULL to idicate a new wait needs to be created.
0199  * 0 or a negative errno if the request shouldn't continue.
0200  */
0201 static int validate_request(struct autofs_wait_queue **wait,
0202                 struct autofs_sb_info *sbi,
0203                 const struct qstr *qstr,
0204                 const struct path *path, enum autofs_notify notify)
0205 {
0206     struct dentry *dentry = path->dentry;
0207     struct autofs_wait_queue *wq;
0208     struct autofs_info *ino;
0209
0210     if (sbi->flags & AUTOFS_SBI_CATATONIC)
0211         return -ENOENT;
0212
0213     /* Wait in progress, continue; */
0214     wq = autofs_find_wait(sbi, qstr);
0215     if (wq) {
0216         *wait = wq;
0217         return 1;
0218     }
0219
0220     *wait = NULL;
0221
0222     /* If we don't yet have any info this is a new request */
0223     ino = autofs_dentry_ino(dentry);
0224     if (!ino)
0225         return 1;
0226
0227     /*
0228      * If we've been asked to wait on an existing expire (NFY_NONE)
0229      * but there is no wait in the queue ...
0230      */
0231     if (notify == NFY_NONE) {
0232         /*
0233          * Either we've betean the pending expire to post it's
0234          * wait or it finished while we waited on the mutex.
0235          * So we need to wait till either, the wait appears
0236          * or the expire finishes.
0237          */
0238
0239         while (ino->flags & AUTOFS_INF_EXPIRING) {
0240             mutex_unlock(&sbi->wq_mutex);
0241             schedule_timeout_interruptible(HZ/10);
0242             if (mutex_lock_interruptible(&sbi->wq_mutex))
0243                 return -EINTR;
0244
0245             if (sbi->flags & AUTOFS_SBI_CATATONIC)
0246                 return -ENOENT;
0247
0248             wq = autofs_find_wait(sbi, qstr);
0249             if (wq) {
0250                 *wait = wq;
0251                 return 1;
0252             }
0253         }
0254
0255         /*
0256          * Not ideal but the status has already gone. Of the two
0257          * cases where we wait on NFY_NONE neither depend on the
0258          * return status of the wait.
0259          */
0260         return 0;
0261     }
0262
0263     /*
0264      * If we've been asked to trigger a mount and the request
0265      * completed while we waited on the mutex ...
0266      */
0267     if (notify == NFY_MOUNT) {
0268         struct dentry *new = NULL;
0269         struct path this;
0270         int valid = 1;
0271
0272         /*
0273          * If the dentry was successfully mounted while we slept
0274          * on the wait queue mutex we can return success. If it
0275          * isn't mounted (doesn't have submounts for the case of
0276          * a multi-mount with no mount at it's base) we can
0277          * continue on and create a new request.
0278          */
0279         if (!IS_ROOT(dentry)) {
0280             if (d_unhashed(dentry) &&
0281                 d_really_is_positive(dentry)) {
0282                 struct dentry *parent = dentry->d_parent;
0283
0284                 new = d_lookup(parent, &dentry->d_name);
0285                 if (new)
0286                     dentry = new;
0287             }
0288         }
0289         this.mnt = path->mnt;
0290         this.dentry = dentry;
0291         if (path_has_submounts(&this))
0292             valid = 0;
0293
0294         if (new)
0295             dput(new);
0296         return valid;
0297     }
0298
0299     return 1;
0300 }
0301
0302 int autofs_wait(struct autofs_sb_info *sbi,
0303          const struct path *path, enum autofs_notify notify)
0304 {
0305     struct dentry *dentry = path->dentry;
0306     struct autofs_wait_queue *wq;
0307     struct qstr qstr;
0308     char *name;
0309     int status, ret, type;
0310     unsigned int offset = 0;
0311     pid_t pid;
0312     pid_t tgid;
0313
0314     /* In catatonic mode, we don't wait for nobody */
0315     if (sbi->flags & AUTOFS_SBI_CATATONIC)
0316         return -ENOENT;
0317
0318     /*
0319      * Try translating pids to the namespace of the daemon.
0320      *
0321      * Zero means failure: we are in an unrelated pid namespace.
0322      */
0323     pid = task_pid_nr_ns(current, ns_of_pid(sbi->oz_pgrp));
0324     tgid = task_tgid_nr_ns(current, ns_of_pid(sbi->oz_pgrp));
0325     if (pid == 0 || tgid == 0)
0326         return -ENOENT;
0327
0328     if (d_really_is_negative(dentry)) {
0329         /*
0330          * A wait for a negative dentry is invalid for certain
0331          * cases. A direct or offset mount "always" has its mount
0332          * point directory created and so the request dentry must
0333          * be positive or the map key doesn't exist. The situation
0334          * is very similar for indirect mounts except only dentrys
0335          * in the root of the autofs file system may be negative.
0336          */
0337         if (autofs_type_trigger(sbi->type))
0338             return -ENOENT;
0339         else if (!IS_ROOT(dentry->d_parent))
0340             return -ENOENT;
0341     }
0342
0343     name = kmalloc(NAME_MAX + 1, GFP_KERNEL);
0344     if (!name)
0345         return -ENOMEM;
0346
0347     /* If this is a direct mount request create a dummy name */
0348     if (IS_ROOT(dentry) && autofs_type_trigger(sbi->type)) {
0349         qstr.name = name;
0350         qstr.len = sprintf(name, "%p", dentry);
0351     } else {
0352         char *p = dentry_path_raw(dentry, name, NAME_MAX);
0353         if (IS_ERR(p)) {
0354             kfree(name);
0355             return -ENOENT;
0356         }
0357         qstr.name = ++p; // skip the leading slash
0358         qstr.len = strlen(p);
0359         offset = p - name;
0360     }
0361     qstr.hash = full_name_hash(dentry, qstr.name, qstr.len);
0362
0363     if (mutex_lock_interruptible(&sbi->wq_mutex)) {
0364         kfree(name);
0365         return -EINTR;
0366     }
0367
0368     ret = validate_request(&wq, sbi, &qstr, path, notify);
0369     if (ret <= 0) {
0370         if (ret != -EINTR)
0371             mutex_unlock(&sbi->wq_mutex);
0372         kfree(name);
0373         return ret;
0374     }
0375
0376     if (!wq) {
0377         /* Create a new wait queue */
0378         wq = kmalloc(sizeof(struct autofs_wait_queue), GFP_KERNEL);
0379         if (!wq) {
0380             kfree(name);
0381             mutex_unlock(&sbi->wq_mutex);
0382             return -ENOMEM;
0383         }
0384
0385         wq->wait_queue_token = autofs_next_wait_queue;
0386         if (++autofs_next_wait_queue == 0)
0387             autofs_next_wait_queue = 1;
0388         wq->next = sbi->queues;
0389         sbi->queues = wq;
0390         init_waitqueue_head(&wq->queue);
0391         memcpy(&wq->name, &qstr, sizeof(struct qstr));
0392         wq->offset = offset;
0393         wq->dev = autofs_get_dev(sbi);
0394         wq->ino = autofs_get_ino(sbi);
0395         wq->uid = current_uid();
0396         wq->gid = current_gid();
0397         wq->pid = pid;
0398         wq->tgid = tgid;
0399         wq->status = -EINTR; /* Status return if interrupted */
0400         wq->wait_ctr = 2;
0401
0402         if (sbi->version < 5) {
0403             if (notify == NFY_MOUNT)
0404                 type = autofs_ptype_missing;
0405             else
0406                 type = autofs_ptype_expire_multi;
0407         } else {
0408             if (notify == NFY_MOUNT)
0409                 type = autofs_type_trigger(sbi->type) ?
0410                     autofs_ptype_missing_direct :
0411                      autofs_ptype_missing_indirect;
0412             else
0413                 type = autofs_type_trigger(sbi->type) ?
0414                     autofs_ptype_expire_direct :
0415                     autofs_ptype_expire_indirect;
0416         }
0417
0418         pr_debug("new wait id = 0x%08lx, name = %.*s, nfy=%d\n",
0419              (unsigned long) wq->wait_queue_token, wq->name.len,
0420              wq->name.name, notify);
0421
0422         /*
0423          * autofs_notify_daemon() may block; it will unlock ->wq_mutex
0424          */
0425         autofs_notify_daemon(sbi, wq, type);
0426     } else {
0427         wq->wait_ctr++;
0428         pr_debug("existing wait id = 0x%08lx, name = %.*s, nfy=%d\n",
0429              (unsigned long) wq->wait_queue_token, wq->name.len,
0430              wq->name.name, notify);
0431         mutex_unlock(&sbi->wq_mutex);
0432         kfree(name);
0433     }
0434
0435     /*
0436      * wq->name.name is NULL iff the lock is already released
0437      * or the mount has been made catatonic.
0438      */
0439     wait_event_killable(wq->queue, wq->name.name == NULL);
0440     status = wq->status;
0441
0442     /*
0443      * For direct and offset mounts we need to track the requester's
0444      * uid and gid in the dentry info struct. This is so it can be
0445      * supplied, on request, by the misc device ioctl interface.
0446      * This is needed during daemon resatart when reconnecting
0447      * to existing, active, autofs mounts. The uid and gid (and
0448      * related string values) may be used for macro substitution
0449      * in autofs mount maps.
0450      */
0451     if (!status) {
0452         struct autofs_info *ino;
0453         struct dentry *de = NULL;
0454
0455         /* direct mount or browsable map */
0456         ino = autofs_dentry_ino(dentry);
0457         if (!ino) {
0458             /* If not lookup actual dentry used */
0459             de = d_lookup(dentry->d_parent, &dentry->d_name);
0460             if (de)
0461                 ino = autofs_dentry_ino(de);
0462         }
0463
0464         /* Set mount requester */
0465         if (ino) {
0466             spin_lock(&sbi->fs_lock);
0467             ino->uid = wq->uid;
0468             ino->gid = wq->gid;
0469             spin_unlock(&sbi->fs_lock);
0470         }
0471
0472         if (de)
0473             dput(de);
0474     }
0475
0476     /* Are we the last process to need status? */
0477     mutex_lock(&sbi->wq_mutex);
0478     if (!--wq->wait_ctr)
0479         kfree(wq);
0480     mutex_unlock(&sbi->wq_mutex);
0481
0482     return status;
0483 }
0484
0485
0486 int autofs_wait_release(struct autofs_sb_info *sbi,
0487             autofs_wqt_t wait_queue_token, int status)
0488 {
0489     struct autofs_wait_queue *wq, **wql;
0490
0491     mutex_lock(&sbi->wq_mutex);
0492     for (wql = &sbi->queues; (wq = *wql) != NULL; wql = &wq->next) {
0493         if (wq->wait_queue_token == wait_queue_token)
0494             break;
0495     }
0496
0497     if (!wq) {
0498         mutex_unlock(&sbi->wq_mutex);
0499         return -EINVAL;
0500     }
0501
0502     *wql = wq->next;    /* Unlink from chain */
0503     kfree(wq->name.name - wq->offset);
0504     wq->name.name = NULL;   /* Do not wait on this queue */
0505     wq->status = status;
0506     wake_up(&wq->queue);
0507     if (!--wq->wait_ctr)
0508         kfree(wq);
0509     mutex_unlock(&sbi->wq_mutex);
0510
0511     return 0;
0512 }