fs/fuse/inode.c

0001 /*
0002   FUSE: Filesystem in Userspace
0003   Copyright (C) 2001-2008  Miklos Szeredi <miklos@szeredi.hu>
0004
0005   This program can be distributed under the terms of the GNU GPL.
0006   See the file COPYING.
0007 */
0008
0009 #include "fuse_i.h"
0010
0011 #include <linux/pagemap.h>
0012 #include <linux/slab.h>
0013 #include <linux/file.h>
0014 #include <linux/seq_file.h>
0015 #include <linux/init.h>
0016 #include <linux/module.h>
0017 #include <linux/moduleparam.h>
0018 #include <linux/fs_context.h>
0019 #include <linux/fs_parser.h>
0020 #include <linux/statfs.h>
0021 #include <linux/random.h>
0022 #include <linux/sched.h>
0023 #include <linux/exportfs.h>
0024 #include <linux/posix_acl.h>
0025 #include <linux/pid_namespace.h>
0026 #include <uapi/linux/magic.h>
0027
0028 MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>");
0029 MODULE_DESCRIPTION("Filesystem in Userspace");
0030 MODULE_LICENSE("GPL");
0031
0032 static struct kmem_cache *fuse_inode_cachep;
0033 struct list_head fuse_conn_list;
0034 DEFINE_MUTEX(fuse_mutex);
0035
0036 static int set_global_limit(const char *val, const struct kernel_param *kp);
0037
0038 unsigned max_user_bgreq;
0039 module_param_call(max_user_bgreq, set_global_limit, param_get_uint,
0040           &max_user_bgreq, 0644);
0041 __MODULE_PARM_TYPE(max_user_bgreq, "uint");
0042 MODULE_PARM_DESC(max_user_bgreq,
0043  "Global limit for the maximum number of backgrounded requests an "
0044  "unprivileged user can set");
0045
0046 unsigned max_user_congthresh;
0047 module_param_call(max_user_congthresh, set_global_limit, param_get_uint,
0048           &max_user_congthresh, 0644);
0049 __MODULE_PARM_TYPE(max_user_congthresh, "uint");
0050 MODULE_PARM_DESC(max_user_congthresh,
0051  "Global limit for the maximum congestion threshold an "
0052  "unprivileged user can set");
0053
0054 #define FUSE_DEFAULT_BLKSIZE 512
0055
0056 /** Maximum number of outstanding background requests */
0057 #define FUSE_DEFAULT_MAX_BACKGROUND 12
0058
0059 /** Congestion starts at 75% of maximum */
0060 #define FUSE_DEFAULT_CONGESTION_THRESHOLD (FUSE_DEFAULT_MAX_BACKGROUND * 3 / 4)
0061
0062 #ifdef CONFIG_BLOCK
0063 static struct file_system_type fuseblk_fs_type;
0064 #endif
0065
0066 struct fuse_forget_link *fuse_alloc_forget(void)
0067 {
0068     return kzalloc(sizeof(struct fuse_forget_link), GFP_KERNEL_ACCOUNT);
0069 }
0070
0071 static struct inode *fuse_alloc_inode(struct super_block *sb)
0072 {
0073     struct fuse_inode *fi;
0074
0075     fi = alloc_inode_sb(sb, fuse_inode_cachep, GFP_KERNEL);
0076     if (!fi)
0077         return NULL;
0078
0079     fi->i_time = 0;
0080     fi->inval_mask = 0;
0081     fi->nodeid = 0;
0082     fi->nlookup = 0;
0083     fi->attr_version = 0;
0084     fi->orig_ino = 0;
0085     fi->state = 0;
0086     mutex_init(&fi->mutex);
0087     spin_lock_init(&fi->lock);
0088     fi->forget = fuse_alloc_forget();
0089     if (!fi->forget)
0090         goto out_free;
0091
0092     if (IS_ENABLED(CONFIG_FUSE_DAX) && !fuse_dax_inode_alloc(sb, fi))
0093         goto out_free_forget;
0094
0095     return &fi->inode;
0096
0097 out_free_forget:
0098     kfree(fi->forget);
0099 out_free:
0100     kmem_cache_free(fuse_inode_cachep, fi);
0101     return NULL;
0102 }
0103
0104 static void fuse_free_inode(struct inode *inode)
0105 {
0106     struct fuse_inode *fi = get_fuse_inode(inode);
0107
0108     mutex_destroy(&fi->mutex);
0109     kfree(fi->forget);
0110 #ifdef CONFIG_FUSE_DAX
0111     kfree(fi->dax);
0112 #endif
0113     kmem_cache_free(fuse_inode_cachep, fi);
0114 }
0115
0116 static void fuse_evict_inode(struct inode *inode)
0117 {
0118     struct fuse_inode *fi = get_fuse_inode(inode);
0119
0120     /* Will write inode on close/munmap and in all other dirtiers */
0121     WARN_ON(inode->i_state & I_DIRTY_INODE);
0122
0123     truncate_inode_pages_final(&inode->i_data);
0124     clear_inode(inode);
0125     if (inode->i_sb->s_flags & SB_ACTIVE) {
0126         struct fuse_conn *fc = get_fuse_conn(inode);
0127
0128         if (FUSE_IS_DAX(inode))
0129             fuse_dax_inode_cleanup(inode);
0130         if (fi->nlookup) {
0131             fuse_queue_forget(fc, fi->forget, fi->nodeid,
0132                       fi->nlookup);
0133             fi->forget = NULL;
0134         }
0135     }
0136     if (S_ISREG(inode->i_mode) && !fuse_is_bad(inode)) {
0137         WARN_ON(!list_empty(&fi->write_files));
0138         WARN_ON(!list_empty(&fi->queued_writes));
0139     }
0140 }
0141
0142 static int fuse_reconfigure(struct fs_context *fsc)
0143 {
0144     struct super_block *sb = fsc->root->d_sb;
0145
0146     sync_filesystem(sb);
0147     if (fsc->sb_flags & SB_MANDLOCK)
0148         return -EINVAL;
0149
0150     return 0;
0151 }
0152
0153 /*
0154  * ino_t is 32-bits on 32-bit arch. We have to squash the 64-bit value down
0155  * so that it will fit.
0156  */
0157 static ino_t fuse_squash_ino(u64 ino64)
0158 {
0159     ino_t ino = (ino_t) ino64;
0160     if (sizeof(ino_t) < sizeof(u64))
0161         ino ^= ino64 >> (sizeof(u64) - sizeof(ino_t)) * 8;
0162     return ino;
0163 }
0164
0165 void fuse_change_attributes_common(struct inode *inode, struct fuse_attr *attr,
0166                    u64 attr_valid, u32 cache_mask)
0167 {
0168     struct fuse_conn *fc = get_fuse_conn(inode);
0169     struct fuse_inode *fi = get_fuse_inode(inode);
0170
0171     lockdep_assert_held(&fi->lock);
0172
0173     fi->attr_version = atomic64_inc_return(&fc->attr_version);
0174     fi->i_time = attr_valid;
0175     WRITE_ONCE(fi->inval_mask, 0);
0176
0177     inode->i_ino     = fuse_squash_ino(attr->ino);
0178     inode->i_mode    = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
0179     set_nlink(inode, attr->nlink);
0180     inode->i_uid     = make_kuid(fc->user_ns, attr->uid);
0181     inode->i_gid     = make_kgid(fc->user_ns, attr->gid);
0182     inode->i_blocks  = attr->blocks;
0183
0184     /* Sanitize nsecs */
0185     attr->atimensec = min_t(u32, attr->atimensec, NSEC_PER_SEC - 1);
0186     attr->mtimensec = min_t(u32, attr->mtimensec, NSEC_PER_SEC - 1);
0187     attr->ctimensec = min_t(u32, attr->ctimensec, NSEC_PER_SEC - 1);
0188
0189     inode->i_atime.tv_sec   = attr->atime;
0190     inode->i_atime.tv_nsec  = attr->atimensec;
0191     /* mtime from server may be stale due to local buffered write */
0192     if (!(cache_mask & STATX_MTIME)) {
0193         inode->i_mtime.tv_sec   = attr->mtime;
0194         inode->i_mtime.tv_nsec  = attr->mtimensec;
0195     }
0196     if (!(cache_mask & STATX_CTIME)) {
0197         inode->i_ctime.tv_sec   = attr->ctime;
0198         inode->i_ctime.tv_nsec  = attr->ctimensec;
0199     }
0200
0201     if (attr->blksize != 0)
0202         inode->i_blkbits = ilog2(attr->blksize);
0203     else
0204         inode->i_blkbits = inode->i_sb->s_blocksize_bits;
0205
0206     /*
0207      * Don't set the sticky bit in i_mode, unless we want the VFS
0208      * to check permissions.  This prevents failures due to the
0209      * check in may_delete().
0210      */
0211     fi->orig_i_mode = inode->i_mode;
0212     if (!fc->default_permissions)
0213         inode->i_mode &= ~S_ISVTX;
0214
0215     fi->orig_ino = attr->ino;
0216
0217     /*
0218      * We are refreshing inode data and it is possible that another
0219      * client set suid/sgid or security.capability xattr. So clear
0220      * S_NOSEC. Ideally, we could have cleared it only if suid/sgid
0221      * was set or if security.capability xattr was set. But we don't
0222      * know if security.capability has been set or not. So clear it
0223      * anyway. Its less efficient but should be safe.
0224      */
0225     inode->i_flags &= ~S_NOSEC;
0226 }
0227
0228 u32 fuse_get_cache_mask(struct inode *inode)
0229 {
0230     struct fuse_conn *fc = get_fuse_conn(inode);
0231
0232     if (!fc->writeback_cache || !S_ISREG(inode->i_mode))
0233         return 0;
0234
0235     return STATX_MTIME | STATX_CTIME | STATX_SIZE;
0236 }
0237
0238 void fuse_change_attributes(struct inode *inode, struct fuse_attr *attr,
0239                 u64 attr_valid, u64 attr_version)
0240 {
0241     struct fuse_conn *fc = get_fuse_conn(inode);
0242     struct fuse_inode *fi = get_fuse_inode(inode);
0243     u32 cache_mask;
0244     loff_t oldsize;
0245     struct timespec64 old_mtime;
0246
0247     spin_lock(&fi->lock);
0248     /*
0249      * In case of writeback_cache enabled, writes update mtime, ctime and
0250      * may update i_size.  In these cases trust the cached value in the
0251      * inode.
0252      */
0253     cache_mask = fuse_get_cache_mask(inode);
0254     if (cache_mask & STATX_SIZE)
0255         attr->size = i_size_read(inode);
0256
0257     if (cache_mask & STATX_MTIME) {
0258         attr->mtime = inode->i_mtime.tv_sec;
0259         attr->mtimensec = inode->i_mtime.tv_nsec;
0260     }
0261     if (cache_mask & STATX_CTIME) {
0262         attr->ctime = inode->i_ctime.tv_sec;
0263         attr->ctimensec = inode->i_ctime.tv_nsec;
0264     }
0265
0266     if ((attr_version != 0 && fi->attr_version > attr_version) ||
0267         test_bit(FUSE_I_SIZE_UNSTABLE, &fi->state)) {
0268         spin_unlock(&fi->lock);
0269         return;
0270     }
0271
0272     old_mtime = inode->i_mtime;
0273     fuse_change_attributes_common(inode, attr, attr_valid, cache_mask);
0274
0275     oldsize = inode->i_size;
0276     /*
0277      * In case of writeback_cache enabled, the cached writes beyond EOF
0278      * extend local i_size without keeping userspace server in sync. So,
0279      * attr->size coming from server can be stale. We cannot trust it.
0280      */
0281     if (!(cache_mask & STATX_SIZE))
0282         i_size_write(inode, attr->size);
0283     spin_unlock(&fi->lock);
0284
0285     if (!cache_mask && S_ISREG(inode->i_mode)) {
0286         bool inval = false;
0287
0288         if (oldsize != attr->size) {
0289             truncate_pagecache(inode, attr->size);
0290             if (!fc->explicit_inval_data)
0291                 inval = true;
0292         } else if (fc->auto_inval_data) {
0293             struct timespec64 new_mtime = {
0294                 .tv_sec = attr->mtime,
0295                 .tv_nsec = attr->mtimensec,
0296             };
0297
0298             /*
0299              * Auto inval mode also checks and invalidates if mtime
0300              * has changed.
0301              */
0302             if (!timespec64_equal(&old_mtime, &new_mtime))
0303                 inval = true;
0304         }
0305
0306         if (inval)
0307             invalidate_inode_pages2(inode->i_mapping);
0308     }
0309
0310     if (IS_ENABLED(CONFIG_FUSE_DAX))
0311         fuse_dax_dontcache(inode, attr->flags);
0312 }
0313
0314 static void fuse_init_inode(struct inode *inode, struct fuse_attr *attr)
0315 {
0316     inode->i_mode = attr->mode & S_IFMT;
0317     inode->i_size = attr->size;
0318     inode->i_mtime.tv_sec  = attr->mtime;
0319     inode->i_mtime.tv_nsec = attr->mtimensec;
0320     inode->i_ctime.tv_sec  = attr->ctime;
0321     inode->i_ctime.tv_nsec = attr->ctimensec;
0322     if (S_ISREG(inode->i_mode)) {
0323         fuse_init_common(inode);
0324         fuse_init_file_inode(inode, attr->flags);
0325     } else if (S_ISDIR(inode->i_mode))
0326         fuse_init_dir(inode);
0327     else if (S_ISLNK(inode->i_mode))
0328         fuse_init_symlink(inode);
0329     else if (S_ISCHR(inode->i_mode) || S_ISBLK(inode->i_mode) ||
0330          S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) {
0331         fuse_init_common(inode);
0332         init_special_inode(inode, inode->i_mode,
0333                    new_decode_dev(attr->rdev));
0334     } else
0335         BUG();
0336 }
0337
0338 static int fuse_inode_eq(struct inode *inode, void *_nodeidp)
0339 {
0340     u64 nodeid = *(u64 *) _nodeidp;
0341     if (get_node_id(inode) == nodeid)
0342         return 1;
0343     else
0344         return 0;
0345 }
0346
0347 static int fuse_inode_set(struct inode *inode, void *_nodeidp)
0348 {
0349     u64 nodeid = *(u64 *) _nodeidp;
0350     get_fuse_inode(inode)->nodeid = nodeid;
0351     return 0;
0352 }
0353
0354 struct inode *fuse_iget(struct super_block *sb, u64 nodeid,
0355             int generation, struct fuse_attr *attr,
0356             u64 attr_valid, u64 attr_version)
0357 {
0358     struct inode *inode;
0359     struct fuse_inode *fi;
0360     struct fuse_conn *fc = get_fuse_conn_super(sb);
0361
0362     /*
0363      * Auto mount points get their node id from the submount root, which is
0364      * not a unique identifier within this filesystem.
0365      *
0366      * To avoid conflicts, do not place submount points into the inode hash
0367      * table.
0368      */
0369     if (fc->auto_submounts && (attr->flags & FUSE_ATTR_SUBMOUNT) &&
0370         S_ISDIR(attr->mode)) {
0371         inode = new_inode(sb);
0372         if (!inode)
0373             return NULL;
0374
0375         fuse_init_inode(inode, attr);
0376         get_fuse_inode(inode)->nodeid = nodeid;
0377         inode->i_flags |= S_AUTOMOUNT;
0378         goto done;
0379     }
0380
0381 retry:
0382     inode = iget5_locked(sb, nodeid, fuse_inode_eq, fuse_inode_set, &nodeid);
0383     if (!inode)
0384         return NULL;
0385
0386     if ((inode->i_state & I_NEW)) {
0387         inode->i_flags |= S_NOATIME;
0388         if (!fc->writeback_cache || !S_ISREG(attr->mode))
0389             inode->i_flags |= S_NOCMTIME;
0390         inode->i_generation = generation;
0391         fuse_init_inode(inode, attr);
0392         unlock_new_inode(inode);
0393     } else if (fuse_stale_inode(inode, generation, attr)) {
0394         /* nodeid was reused, any I/O on the old inode should fail */
0395         fuse_make_bad(inode);
0396         iput(inode);
0397         goto retry;
0398     }
0399 done:
0400     fi = get_fuse_inode(inode);
0401     spin_lock(&fi->lock);
0402     fi->nlookup++;
0403     spin_unlock(&fi->lock);
0404     fuse_change_attributes(inode, attr, attr_valid, attr_version);
0405
0406     return inode;
0407 }
0408
0409 struct inode *fuse_ilookup(struct fuse_conn *fc, u64 nodeid,
0410                struct fuse_mount **fm)
0411 {
0412     struct fuse_mount *fm_iter;
0413     struct inode *inode;
0414
0415     WARN_ON(!rwsem_is_locked(&fc->killsb));
0416     list_for_each_entry(fm_iter, &fc->mounts, fc_entry) {
0417         if (!fm_iter->sb)
0418             continue;
0419
0420         inode = ilookup5(fm_iter->sb, nodeid, fuse_inode_eq, &nodeid);
0421         if (inode) {
0422             if (fm)
0423                 *fm = fm_iter;
0424             return inode;
0425         }
0426     }
0427
0428     return NULL;
0429 }
0430
0431 int fuse_reverse_inval_inode(struct fuse_conn *fc, u64 nodeid,
0432                  loff_t offset, loff_t len)
0433 {
0434     struct fuse_inode *fi;
0435     struct inode *inode;
0436     pgoff_t pg_start;
0437     pgoff_t pg_end;
0438
0439     inode = fuse_ilookup(fc, nodeid, NULL);
0440     if (!inode)
0441         return -ENOENT;
0442
0443     fi = get_fuse_inode(inode);
0444     spin_lock(&fi->lock);
0445     fi->attr_version = atomic64_inc_return(&fc->attr_version);
0446     spin_unlock(&fi->lock);
0447
0448     fuse_invalidate_attr(inode);
0449     forget_all_cached_acls(inode);
0450     if (offset >= 0) {
0451         pg_start = offset >> PAGE_SHIFT;
0452         if (len <= 0)
0453             pg_end = -1;
0454         else
0455             pg_end = (offset + len - 1) >> PAGE_SHIFT;
0456         invalidate_inode_pages2_range(inode->i_mapping,
0457                           pg_start, pg_end);
0458     }
0459     iput(inode);
0460     return 0;
0461 }
0462
0463 bool fuse_lock_inode(struct inode *inode)
0464 {
0465     bool locked = false;
0466
0467     if (!get_fuse_conn(inode)->parallel_dirops) {
0468         mutex_lock(&get_fuse_inode(inode)->mutex);
0469         locked = true;
0470     }
0471
0472     return locked;
0473 }
0474
0475 void fuse_unlock_inode(struct inode *inode, bool locked)
0476 {
0477     if (locked)
0478         mutex_unlock(&get_fuse_inode(inode)->mutex);
0479 }
0480
0481 static void fuse_umount_begin(struct super_block *sb)
0482 {
0483     struct fuse_conn *fc = get_fuse_conn_super(sb);
0484
0485     if (fc->no_force_umount)
0486         return;
0487
0488     fuse_abort_conn(fc);
0489
0490     // Only retire block-device-based superblocks.
0491     if (sb->s_bdev != NULL)
0492         retire_super(sb);
0493 }
0494
0495 static void fuse_send_destroy(struct fuse_mount *fm)
0496 {
0497     if (fm->fc->conn_init) {
0498         FUSE_ARGS(args);
0499
0500         args.opcode = FUSE_DESTROY;
0501         args.force = true;
0502         args.nocreds = true;
0503         fuse_simple_request(fm, &args);
0504     }
0505 }
0506
0507 static void convert_fuse_statfs(struct kstatfs *stbuf, struct fuse_kstatfs *attr)
0508 {
0509     stbuf->f_type    = FUSE_SUPER_MAGIC;
0510     stbuf->f_bsize   = attr->bsize;
0511     stbuf->f_frsize  = attr->frsize;
0512     stbuf->f_blocks  = attr->blocks;
0513     stbuf->f_bfree   = attr->bfree;
0514     stbuf->f_bavail  = attr->bavail;
0515     stbuf->f_files   = attr->files;
0516     stbuf->f_ffree   = attr->ffree;
0517     stbuf->f_namelen = attr->namelen;
0518     /* fsid is left zero */
0519 }
0520
0521 static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf)
0522 {
0523     struct super_block *sb = dentry->d_sb;
0524     struct fuse_mount *fm = get_fuse_mount_super(sb);
0525     FUSE_ARGS(args);
0526     struct fuse_statfs_out outarg;
0527     int err;
0528
0529     if (!fuse_allow_current_process(fm->fc)) {
0530         buf->f_type = FUSE_SUPER_MAGIC;
0531         return 0;
0532     }
0533
0534     memset(&outarg, 0, sizeof(outarg));
0535     args.in_numargs = 0;
0536     args.opcode = FUSE_STATFS;
0537     args.nodeid = get_node_id(d_inode(dentry));
0538     args.out_numargs = 1;
0539     args.out_args[0].size = sizeof(outarg);
0540     args.out_args[0].value = &outarg;
0541     err = fuse_simple_request(fm, &args);
0542     if (!err)
0543         convert_fuse_statfs(buf, &outarg.st);
0544     return err;
0545 }
0546
0547 static struct fuse_sync_bucket *fuse_sync_bucket_alloc(void)
0548 {
0549     struct fuse_sync_bucket *bucket;
0550
0551     bucket = kzalloc(sizeof(*bucket), GFP_KERNEL | __GFP_NOFAIL);
0552     if (bucket) {
0553         init_waitqueue_head(&bucket->waitq);
0554         /* Initial active count */
0555         atomic_set(&bucket->count, 1);
0556     }
0557     return bucket;
0558 }
0559
0560 static void fuse_sync_fs_writes(struct fuse_conn *fc)
0561 {
0562     struct fuse_sync_bucket *bucket, *new_bucket;
0563     int count;
0564
0565     new_bucket = fuse_sync_bucket_alloc();
0566     spin_lock(&fc->lock);
0567     bucket = rcu_dereference_protected(fc->curr_bucket, 1);
0568     count = atomic_read(&bucket->count);
0569     WARN_ON(count < 1);
0570     /* No outstanding writes? */
0571     if (count == 1) {
0572         spin_unlock(&fc->lock);
0573         kfree(new_bucket);
0574         return;
0575     }
0576
0577     /*
0578      * Completion of new bucket depends on completion of this bucket, so add
0579      * one more count.
0580      */
0581     atomic_inc(&new_bucket->count);
0582     rcu_assign_pointer(fc->curr_bucket, new_bucket);
0583     spin_unlock(&fc->lock);
0584     /*
0585      * Drop initial active count.  At this point if all writes in this and
0586      * ancestor buckets complete, the count will go to zero and this task
0587      * will be woken up.
0588      */
0589     atomic_dec(&bucket->count);
0590
0591     wait_event(bucket->waitq, atomic_read(&bucket->count) == 0);
0592
0593     /* Drop temp count on descendant bucket */
0594     fuse_sync_bucket_dec(new_bucket);
0595     kfree_rcu(bucket, rcu);
0596 }
0597
0598 static int fuse_sync_fs(struct super_block *sb, int wait)
0599 {
0600     struct fuse_mount *fm = get_fuse_mount_super(sb);
0601     struct fuse_conn *fc = fm->fc;
0602     struct fuse_syncfs_in inarg;
0603     FUSE_ARGS(args);
0604     int err;
0605
0606     /*
0607      * Userspace cannot handle the wait == 0 case.  Avoid a
0608      * gratuitous roundtrip.
0609      */
0610     if (!wait)
0611         return 0;
0612
0613     /* The filesystem is being unmounted.  Nothing to do. */
0614     if (!sb->s_root)
0615         return 0;
0616
0617     if (!fc->sync_fs)
0618         return 0;
0619
0620     fuse_sync_fs_writes(fc);
0621
0622     memset(&inarg, 0, sizeof(inarg));
0623     args.in_numargs = 1;
0624     args.in_args[0].size = sizeof(inarg);
0625     args.in_args[0].value = &inarg;
0626     args.opcode = FUSE_SYNCFS;
0627     args.nodeid = get_node_id(sb->s_root->d_inode);
0628     args.out_numargs = 0;
0629
0630     err = fuse_simple_request(fm, &args);
0631     if (err == -ENOSYS) {
0632         fc->sync_fs = 0;
0633         err = 0;
0634     }
0635
0636     return err;
0637 }
0638
0639 enum {
0640     OPT_SOURCE,
0641     OPT_SUBTYPE,
0642     OPT_FD,
0643     OPT_ROOTMODE,
0644     OPT_USER_ID,
0645     OPT_GROUP_ID,
0646     OPT_DEFAULT_PERMISSIONS,
0647     OPT_ALLOW_OTHER,
0648     OPT_MAX_READ,
0649     OPT_BLKSIZE,
0650     OPT_ERR
0651 };
0652
0653 static const struct fs_parameter_spec fuse_fs_parameters[] = {
0654     fsparam_string  ("source",      OPT_SOURCE),
0655     fsparam_u32 ("fd",          OPT_FD),
0656     fsparam_u32oct  ("rootmode",        OPT_ROOTMODE),
0657     fsparam_u32 ("user_id",     OPT_USER_ID),
0658     fsparam_u32 ("group_id",        OPT_GROUP_ID),
0659     fsparam_flag    ("default_permissions", OPT_DEFAULT_PERMISSIONS),
0660     fsparam_flag    ("allow_other",     OPT_ALLOW_OTHER),
0661     fsparam_u32 ("max_read",        OPT_MAX_READ),
0662     fsparam_u32 ("blksize",     OPT_BLKSIZE),
0663     fsparam_string  ("subtype",     OPT_SUBTYPE),
0664     {}
0665 };
0666
0667 static int fuse_parse_param(struct fs_context *fsc, struct fs_parameter *param)
0668 {
0669     struct fs_parse_result result;
0670     struct fuse_fs_context *ctx = fsc->fs_private;
0671     int opt;
0672
0673     if (fsc->purpose == FS_CONTEXT_FOR_RECONFIGURE) {
0674         /*
0675          * Ignore options coming from mount(MS_REMOUNT) for backward
0676          * compatibility.
0677          */
0678         if (fsc->oldapi)
0679             return 0;
0680
0681         return invalfc(fsc, "No changes allowed in reconfigure");
0682     }
0683
0684     opt = fs_parse(fsc, fuse_fs_parameters, param, &result);
0685     if (opt < 0)
0686         return opt;
0687
0688     switch (opt) {
0689     case OPT_SOURCE:
0690         if (fsc->source)
0691             return invalfc(fsc, "Multiple sources specified");
0692         fsc->source = param->string;
0693         param->string = NULL;
0694         break;
0695
0696     case OPT_SUBTYPE:
0697         if (ctx->subtype)
0698             return invalfc(fsc, "Multiple subtypes specified");
0699         ctx->subtype = param->string;
0700         param->string = NULL;
0701         return 0;
0702
0703     case OPT_FD:
0704         ctx->fd = result.uint_32;
0705         ctx->fd_present = true;
0706         break;
0707
0708     case OPT_ROOTMODE:
0709         if (!fuse_valid_type(result.uint_32))
0710             return invalfc(fsc, "Invalid rootmode");
0711         ctx->rootmode = result.uint_32;
0712         ctx->rootmode_present = true;
0713         break;
0714
0715     case OPT_USER_ID:
0716         ctx->user_id = make_kuid(fsc->user_ns, result.uint_32);
0717         if (!uid_valid(ctx->user_id))
0718             return invalfc(fsc, "Invalid user_id");
0719         ctx->user_id_present = true;
0720         break;
0721
0722     case OPT_GROUP_ID:
0723         ctx->group_id = make_kgid(fsc->user_ns, result.uint_32);
0724         if (!gid_valid(ctx->group_id))
0725             return invalfc(fsc, "Invalid group_id");
0726         ctx->group_id_present = true;
0727         break;
0728
0729     case OPT_DEFAULT_PERMISSIONS:
0730         ctx->default_permissions = true;
0731         break;
0732
0733     case OPT_ALLOW_OTHER:
0734         ctx->allow_other = true;
0735         break;
0736
0737     case OPT_MAX_READ:
0738         ctx->max_read = result.uint_32;
0739         break;
0740
0741     case OPT_BLKSIZE:
0742         if (!ctx->is_bdev)
0743             return invalfc(fsc, "blksize only supported for fuseblk");
0744         ctx->blksize = result.uint_32;
0745         break;
0746
0747     default:
0748         return -EINVAL;
0749     }
0750
0751     return 0;
0752 }
0753
0754 static void fuse_free_fsc(struct fs_context *fsc)
0755 {
0756     struct fuse_fs_context *ctx = fsc->fs_private;
0757
0758     if (ctx) {
0759         kfree(ctx->subtype);
0760         kfree(ctx);
0761     }
0762 }
0763
0764 static int fuse_show_options(struct seq_file *m, struct dentry *root)
0765 {
0766     struct super_block *sb = root->d_sb;
0767     struct fuse_conn *fc = get_fuse_conn_super(sb);
0768
0769     if (fc->legacy_opts_show) {
0770         seq_printf(m, ",user_id=%u",
0771                from_kuid_munged(fc->user_ns, fc->user_id));
0772         seq_printf(m, ",group_id=%u",
0773                from_kgid_munged(fc->user_ns, fc->group_id));
0774         if (fc->default_permissions)
0775             seq_puts(m, ",default_permissions");
0776         if (fc->allow_other)
0777             seq_puts(m, ",allow_other");
0778         if (fc->max_read != ~0)
0779             seq_printf(m, ",max_read=%u", fc->max_read);
0780         if (sb->s_bdev && sb->s_blocksize != FUSE_DEFAULT_BLKSIZE)
0781             seq_printf(m, ",blksize=%lu", sb->s_blocksize);
0782     }
0783 #ifdef CONFIG_FUSE_DAX
0784     if (fc->dax_mode == FUSE_DAX_ALWAYS)
0785         seq_puts(m, ",dax=always");
0786     else if (fc->dax_mode == FUSE_DAX_NEVER)
0787         seq_puts(m, ",dax=never");
0788     else if (fc->dax_mode == FUSE_DAX_INODE_USER)
0789         seq_puts(m, ",dax=inode");
0790 #endif
0791
0792     return 0;
0793 }
0794
0795 static void fuse_iqueue_init(struct fuse_iqueue *fiq,
0796                  const struct fuse_iqueue_ops *ops,
0797                  void *priv)
0798 {
0799     memset(fiq, 0, sizeof(struct fuse_iqueue));
0800     spin_lock_init(&fiq->lock);
0801     init_waitqueue_head(&fiq->waitq);
0802     INIT_LIST_HEAD(&fiq->pending);
0803     INIT_LIST_HEAD(&fiq->interrupts);
0804     fiq->forget_list_tail = &fiq->forget_list_head;
0805     fiq->connected = 1;
0806     fiq->ops = ops;
0807     fiq->priv = priv;
0808 }
0809
0810 static void fuse_pqueue_init(struct fuse_pqueue *fpq)
0811 {
0812     unsigned int i;
0813
0814     spin_lock_init(&fpq->lock);
0815     for (i = 0; i < FUSE_PQ_HASH_SIZE; i++)
0816         INIT_LIST_HEAD(&fpq->processing[i]);
0817     INIT_LIST_HEAD(&fpq->io);
0818     fpq->connected = 1;
0819 }
0820
0821 void fuse_conn_init(struct fuse_conn *fc, struct fuse_mount *fm,
0822             struct user_namespace *user_ns,
0823             const struct fuse_iqueue_ops *fiq_ops, void *fiq_priv)
0824 {
0825     memset(fc, 0, sizeof(*fc));
0826     spin_lock_init(&fc->lock);
0827     spin_lock_init(&fc->bg_lock);
0828     init_rwsem(&fc->killsb);
0829     refcount_set(&fc->count, 1);
0830     atomic_set(&fc->dev_count, 1);
0831     init_waitqueue_head(&fc->blocked_waitq);
0832     fuse_iqueue_init(&fc->iq, fiq_ops, fiq_priv);
0833     INIT_LIST_HEAD(&fc->bg_queue);
0834     INIT_LIST_HEAD(&fc->entry);
0835     INIT_LIST_HEAD(&fc->devices);
0836     atomic_set(&fc->num_waiting, 0);
0837     fc->max_background = FUSE_DEFAULT_MAX_BACKGROUND;
0838     fc->congestion_threshold = FUSE_DEFAULT_CONGESTION_THRESHOLD;
0839     atomic64_set(&fc->khctr, 0);
0840     fc->polled_files = RB_ROOT;
0841     fc->blocked = 0;
0842     fc->initialized = 0;
0843     fc->connected = 1;
0844     atomic64_set(&fc->attr_version, 1);
0845     get_random_bytes(&fc->scramble_key, sizeof(fc->scramble_key));
0846     fc->pid_ns = get_pid_ns(task_active_pid_ns(current));
0847     fc->user_ns = get_user_ns(user_ns);
0848     fc->max_pages = FUSE_DEFAULT_MAX_PAGES_PER_REQ;
0849     fc->max_pages_limit = FUSE_MAX_MAX_PAGES;
0850
0851     INIT_LIST_HEAD(&fc->mounts);
0852     list_add(&fm->fc_entry, &fc->mounts);
0853     fm->fc = fc;
0854 }
0855 EXPORT_SYMBOL_GPL(fuse_conn_init);
0856
0857 void fuse_conn_put(struct fuse_conn *fc)
0858 {
0859     if (refcount_dec_and_test(&fc->count)) {
0860         struct fuse_iqueue *fiq = &fc->iq;
0861         struct fuse_sync_bucket *bucket;
0862
0863         if (IS_ENABLED(CONFIG_FUSE_DAX))
0864             fuse_dax_conn_free(fc);
0865         if (fiq->ops->release)
0866             fiq->ops->release(fiq);
0867         put_pid_ns(fc->pid_ns);
0868         put_user_ns(fc->user_ns);
0869         bucket = rcu_dereference_protected(fc->curr_bucket, 1);
0870         if (bucket) {
0871             WARN_ON(atomic_read(&bucket->count) != 1);
0872             kfree(bucket);
0873         }
0874         fc->release(fc);
0875     }
0876 }
0877 EXPORT_SYMBOL_GPL(fuse_conn_put);
0878
0879 struct fuse_conn *fuse_conn_get(struct fuse_conn *fc)
0880 {
0881     refcount_inc(&fc->count);
0882     return fc;
0883 }
0884 EXPORT_SYMBOL_GPL(fuse_conn_get);
0885
0886 static struct inode *fuse_get_root_inode(struct super_block *sb, unsigned mode)
0887 {
0888     struct fuse_attr attr;
0889     memset(&attr, 0, sizeof(attr));
0890
0891     attr.mode = mode;
0892     attr.ino = FUSE_ROOT_ID;
0893     attr.nlink = 1;
0894     return fuse_iget(sb, 1, 0, &attr, 0, 0);
0895 }
0896
0897 struct fuse_inode_handle {
0898     u64 nodeid;
0899     u32 generation;
0900 };
0901
0902 static struct dentry *fuse_get_dentry(struct super_block *sb,
0903                       struct fuse_inode_handle *handle)
0904 {
0905     struct fuse_conn *fc = get_fuse_conn_super(sb);
0906     struct inode *inode;
0907     struct dentry *entry;
0908     int err = -ESTALE;
0909
0910     if (handle->nodeid == 0)
0911         goto out_err;
0912
0913     inode = ilookup5(sb, handle->nodeid, fuse_inode_eq, &handle->nodeid);
0914     if (!inode) {
0915         struct fuse_entry_out outarg;
0916         const struct qstr name = QSTR_INIT(".", 1);
0917
0918         if (!fc->export_support)
0919             goto out_err;
0920
0921         err = fuse_lookup_name(sb, handle->nodeid, &name, &outarg,
0922                        &inode);
0923         if (err && err != -ENOENT)
0924             goto out_err;
0925         if (err || !inode) {
0926             err = -ESTALE;
0927             goto out_err;
0928         }
0929         err = -EIO;
0930         if (get_node_id(inode) != handle->nodeid)
0931             goto out_iput;
0932     }
0933     err = -ESTALE;
0934     if (inode->i_generation != handle->generation)
0935         goto out_iput;
0936
0937     entry = d_obtain_alias(inode);
0938     if (!IS_ERR(entry) && get_node_id(inode) != FUSE_ROOT_ID)
0939         fuse_invalidate_entry_cache(entry);
0940
0941     return entry;
0942
0943  out_iput:
0944     iput(inode);
0945  out_err:
0946     return ERR_PTR(err);
0947 }
0948
0949 static int fuse_encode_fh(struct inode *inode, u32 *fh, int *max_len,
0950                struct inode *parent)
0951 {
0952     int len = parent ? 6 : 3;
0953     u64 nodeid;
0954     u32 generation;
0955
0956     if (*max_len < len) {
0957         *max_len = len;
0958         return  FILEID_INVALID;
0959     }
0960
0961     nodeid = get_fuse_inode(inode)->nodeid;
0962     generation = inode->i_generation;
0963
0964     fh[0] = (u32)(nodeid >> 32);
0965     fh[1] = (u32)(nodeid & 0xffffffff);
0966     fh[2] = generation;
0967
0968     if (parent) {
0969         nodeid = get_fuse_inode(parent)->nodeid;
0970         generation = parent->i_generation;
0971
0972         fh[3] = (u32)(nodeid >> 32);
0973         fh[4] = (u32)(nodeid & 0xffffffff);
0974         fh[5] = generation;
0975     }
0976
0977     *max_len = len;
0978     return parent ? 0x82 : 0x81;
0979 }
0980
0981 static struct dentry *fuse_fh_to_dentry(struct super_block *sb,
0982         struct fid *fid, int fh_len, int fh_type)
0983 {
0984     struct fuse_inode_handle handle;
0985
0986     if ((fh_type != 0x81 && fh_type != 0x82) || fh_len < 3)
0987         return NULL;
0988
0989     handle.nodeid = (u64) fid->raw[0] << 32;
0990     handle.nodeid |= (u64) fid->raw[1];
0991     handle.generation = fid->raw[2];
0992     return fuse_get_dentry(sb, &handle);
0993 }
0994
0995 static struct dentry *fuse_fh_to_parent(struct super_block *sb,
0996         struct fid *fid, int fh_len, int fh_type)
0997 {
0998     struct fuse_inode_handle parent;
0999
1000     if (fh_type != 0x82 || fh_len < 6)
1001         return NULL;
1002
1003     parent.nodeid = (u64) fid->raw[3] << 32;
1004     parent.nodeid |= (u64) fid->raw[4];
1005     parent.generation = fid->raw[5];
1006     return fuse_get_dentry(sb, &parent);
1007 }
1008
1009 static struct dentry *fuse_get_parent(struct dentry *child)
1010 {
1011     struct inode *child_inode = d_inode(child);
1012     struct fuse_conn *fc = get_fuse_conn(child_inode);
1013     struct inode *inode;
1014     struct dentry *parent;
1015     struct fuse_entry_out outarg;
1016     int err;
1017
1018     if (!fc->export_support)
1019         return ERR_PTR(-ESTALE);
1020
1021     err = fuse_lookup_name(child_inode->i_sb, get_node_id(child_inode),
1022                    &dotdot_name, &outarg, &inode);
1023     if (err) {
1024         if (err == -ENOENT)
1025             return ERR_PTR(-ESTALE);
1026         return ERR_PTR(err);
1027     }
1028
1029     parent = d_obtain_alias(inode);
1030     if (!IS_ERR(parent) && get_node_id(inode) != FUSE_ROOT_ID)
1031         fuse_invalidate_entry_cache(parent);
1032
1033     return parent;
1034 }
1035
1036 static const struct export_operations fuse_export_operations = {
1037     .fh_to_dentry   = fuse_fh_to_dentry,
1038     .fh_to_parent   = fuse_fh_to_parent,
1039     .encode_fh  = fuse_encode_fh,
1040     .get_parent = fuse_get_parent,
1041 };
1042
1043 static const struct super_operations fuse_super_operations = {
1044     .alloc_inode    = fuse_alloc_inode,
1045     .free_inode     = fuse_free_inode,
1046     .evict_inode    = fuse_evict_inode,
1047     .write_inode    = fuse_write_inode,
1048     .drop_inode = generic_delete_inode,
1049     .umount_begin   = fuse_umount_begin,
1050     .statfs     = fuse_statfs,
1051     .sync_fs    = fuse_sync_fs,
1052     .show_options   = fuse_show_options,
1053 };
1054
1055 static void sanitize_global_limit(unsigned *limit)
1056 {
1057     /*
1058      * The default maximum number of async requests is calculated to consume
1059      * 1/2^13 of the total memory, assuming 392 bytes per request.
1060      */
1061     if (*limit == 0)
1062         *limit = ((totalram_pages() << PAGE_SHIFT) >> 13) / 392;
1063
1064     if (*limit >= 1 << 16)
1065         *limit = (1 << 16) - 1;
1066 }
1067
1068 static int set_global_limit(const char *val, const struct kernel_param *kp)
1069 {
1070     int rv;
1071
1072     rv = param_set_uint(val, kp);
1073     if (rv)
1074         return rv;
1075
1076     sanitize_global_limit((unsigned *)kp->arg);
1077
1078     return 0;
1079 }
1080
1081 static void process_init_limits(struct fuse_conn *fc, struct fuse_init_out *arg)
1082 {
1083     int cap_sys_admin = capable(CAP_SYS_ADMIN);
1084
1085     if (arg->minor < 13)
1086         return;
1087
1088     sanitize_global_limit(&max_user_bgreq);
1089     sanitize_global_limit(&max_user_congthresh);
1090
1091     spin_lock(&fc->bg_lock);
1092     if (arg->max_background) {
1093         fc->max_background = arg->max_background;
1094
1095         if (!cap_sys_admin && fc->max_background > max_user_bgreq)
1096             fc->max_background = max_user_bgreq;
1097     }
1098     if (arg->congestion_threshold) {
1099         fc->congestion_threshold = arg->congestion_threshold;
1100
1101         if (!cap_sys_admin &&
1102             fc->congestion_threshold > max_user_congthresh)
1103             fc->congestion_threshold = max_user_congthresh;
1104     }
1105     spin_unlock(&fc->bg_lock);
1106 }
1107
1108 struct fuse_init_args {
1109     struct fuse_args args;
1110     struct fuse_init_in in;
1111     struct fuse_init_out out;
1112 };
1113
1114 static void process_init_reply(struct fuse_mount *fm, struct fuse_args *args,
1115                    int error)
1116 {
1117     struct fuse_conn *fc = fm->fc;
1118     struct fuse_init_args *ia = container_of(args, typeof(*ia), args);
1119     struct fuse_init_out *arg = &ia->out;
1120     bool ok = true;
1121
1122     if (error || arg->major != FUSE_KERNEL_VERSION)
1123         ok = false;
1124     else {
1125         unsigned long ra_pages;
1126
1127         process_init_limits(fc, arg);
1128
1129         if (arg->minor >= 6) {
1130             u64 flags = arg->flags | (u64) arg->flags2 << 32;
1131
1132             ra_pages = arg->max_readahead / PAGE_SIZE;
1133             if (flags & FUSE_ASYNC_READ)
1134                 fc->async_read = 1;
1135             if (!(flags & FUSE_POSIX_LOCKS))
1136                 fc->no_lock = 1;
1137             if (arg->minor >= 17) {
1138                 if (!(flags & FUSE_FLOCK_LOCKS))
1139                     fc->no_flock = 1;
1140             } else {
1141                 if (!(flags & FUSE_POSIX_LOCKS))
1142                     fc->no_flock = 1;
1143             }
1144             if (flags & FUSE_ATOMIC_O_TRUNC)
1145                 fc->atomic_o_trunc = 1;
1146             if (arg->minor >= 9) {
1147                 /* LOOKUP has dependency on proto version */
1148                 if (flags & FUSE_EXPORT_SUPPORT)
1149                     fc->export_support = 1;
1150             }
1151             if (flags & FUSE_BIG_WRITES)
1152                 fc->big_writes = 1;
1153             if (flags & FUSE_DONT_MASK)
1154                 fc->dont_mask = 1;
1155             if (flags & FUSE_AUTO_INVAL_DATA)
1156                 fc->auto_inval_data = 1;
1157             else if (flags & FUSE_EXPLICIT_INVAL_DATA)
1158                 fc->explicit_inval_data = 1;
1159             if (flags & FUSE_DO_READDIRPLUS) {
1160                 fc->do_readdirplus = 1;
1161                 if (flags & FUSE_READDIRPLUS_AUTO)
1162                     fc->readdirplus_auto = 1;
1163             }
1164             if (flags & FUSE_ASYNC_DIO)
1165                 fc->async_dio = 1;
1166             if (flags & FUSE_WRITEBACK_CACHE)
1167                 fc->writeback_cache = 1;
1168             if (flags & FUSE_PARALLEL_DIROPS)
1169                 fc->parallel_dirops = 1;
1170             if (flags & FUSE_HANDLE_KILLPRIV)
1171                 fc->handle_killpriv = 1;
1172             if (arg->time_gran && arg->time_gran <= 1000000000)
1173                 fm->sb->s_time_gran = arg->time_gran;
1174             if ((flags & FUSE_POSIX_ACL)) {
1175                 fc->default_permissions = 1;
1176                 fc->posix_acl = 1;
1177                 fm->sb->s_xattr = fuse_acl_xattr_handlers;
1178             }
1179             if (flags & FUSE_CACHE_SYMLINKS)
1180                 fc->cache_symlinks = 1;
1181             if (flags & FUSE_ABORT_ERROR)
1182                 fc->abort_err = 1;
1183             if (flags & FUSE_MAX_PAGES) {
1184                 fc->max_pages =
1185                     min_t(unsigned int, fc->max_pages_limit,
1186                     max_t(unsigned int, arg->max_pages, 1));
1187             }
1188             if (IS_ENABLED(CONFIG_FUSE_DAX)) {
1189                 if (flags & FUSE_MAP_ALIGNMENT &&
1190                     !fuse_dax_check_alignment(fc, arg->map_alignment)) {
1191                     ok = false;
1192                 }
1193                 if (flags & FUSE_HAS_INODE_DAX)
1194                     fc->inode_dax = 1;
1195             }
1196             if (flags & FUSE_HANDLE_KILLPRIV_V2) {
1197                 fc->handle_killpriv_v2 = 1;
1198                 fm->sb->s_flags |= SB_NOSEC;
1199             }
1200             if (flags & FUSE_SETXATTR_EXT)
1201                 fc->setxattr_ext = 1;
1202             if (flags & FUSE_SECURITY_CTX)
1203                 fc->init_security = 1;
1204         } else {
1205             ra_pages = fc->max_read / PAGE_SIZE;
1206             fc->no_lock = 1;
1207             fc->no_flock = 1;
1208         }
1209
1210         fm->sb->s_bdi->ra_pages =
1211                 min(fm->sb->s_bdi->ra_pages, ra_pages);
1212         fc->minor = arg->minor;
1213         fc->max_write = arg->minor < 5 ? 4096 : arg->max_write;
1214         fc->max_write = max_t(unsigned, 4096, fc->max_write);
1215         fc->conn_init = 1;
1216     }
1217     kfree(ia);
1218
1219     if (!ok) {
1220         fc->conn_init = 0;
1221         fc->conn_error = 1;
1222     }
1223
1224     fuse_set_initialized(fc);
1225     wake_up_all(&fc->blocked_waitq);
1226 }
1227
1228 void fuse_send_init(struct fuse_mount *fm)
1229 {
1230     struct fuse_init_args *ia;
1231     u64 flags;
1232
1233     ia = kzalloc(sizeof(*ia), GFP_KERNEL | __GFP_NOFAIL);
1234
1235     ia->in.major = FUSE_KERNEL_VERSION;
1236     ia->in.minor = FUSE_KERNEL_MINOR_VERSION;
1237     ia->in.max_readahead = fm->sb->s_bdi->ra_pages * PAGE_SIZE;
1238     flags =
1239         FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_ATOMIC_O_TRUNC |
1240         FUSE_EXPORT_SUPPORT | FUSE_BIG_WRITES | FUSE_DONT_MASK |
1241         FUSE_SPLICE_WRITE | FUSE_SPLICE_MOVE | FUSE_SPLICE_READ |
1242         FUSE_FLOCK_LOCKS | FUSE_HAS_IOCTL_DIR | FUSE_AUTO_INVAL_DATA |
1243         FUSE_DO_READDIRPLUS | FUSE_READDIRPLUS_AUTO | FUSE_ASYNC_DIO |
1244         FUSE_WRITEBACK_CACHE | FUSE_NO_OPEN_SUPPORT |
1245         FUSE_PARALLEL_DIROPS | FUSE_HANDLE_KILLPRIV | FUSE_POSIX_ACL |
1246         FUSE_ABORT_ERROR | FUSE_MAX_PAGES | FUSE_CACHE_SYMLINKS |
1247         FUSE_NO_OPENDIR_SUPPORT | FUSE_EXPLICIT_INVAL_DATA |
1248         FUSE_HANDLE_KILLPRIV_V2 | FUSE_SETXATTR_EXT | FUSE_INIT_EXT |
1249         FUSE_SECURITY_CTX;
1250 #ifdef CONFIG_FUSE_DAX
1251     if (fm->fc->dax)
1252         flags |= FUSE_MAP_ALIGNMENT;
1253     if (fuse_is_inode_dax_mode(fm->fc->dax_mode))
1254         flags |= FUSE_HAS_INODE_DAX;
1255 #endif
1256     if (fm->fc->auto_submounts)
1257         flags |= FUSE_SUBMOUNTS;
1258
1259     ia->in.flags = flags;
1260     ia->in.flags2 = flags >> 32;
1261
1262     ia->args.opcode = FUSE_INIT;
1263     ia->args.in_numargs = 1;
1264     ia->args.in_args[0].size = sizeof(ia->in);
1265     ia->args.in_args[0].value = &ia->in;
1266     ia->args.out_numargs = 1;
1267     /* Variable length argument used for backward compatibility
1268        with interface version < 7.5.  Rest of init_out is zeroed
1269        by do_get_request(), so a short reply is not a problem */
1270     ia->args.out_argvar = true;
1271     ia->args.out_args[0].size = sizeof(ia->out);
1272     ia->args.out_args[0].value = &ia->out;
1273     ia->args.force = true;
1274     ia->args.nocreds = true;
1275     ia->args.end = process_init_reply;
1276
1277     if (fuse_simple_background(fm, &ia->args, GFP_KERNEL) != 0)
1278         process_init_reply(fm, &ia->args, -ENOTCONN);
1279 }
1280 EXPORT_SYMBOL_GPL(fuse_send_init);
1281
1282 void fuse_free_conn(struct fuse_conn *fc)
1283 {
1284     WARN_ON(!list_empty(&fc->devices));
1285     kfree_rcu(fc, rcu);
1286 }
1287 EXPORT_SYMBOL_GPL(fuse_free_conn);
1288
1289 static int fuse_bdi_init(struct fuse_conn *fc, struct super_block *sb)
1290 {
1291     int err;
1292     char *suffix = "";
1293
1294     if (sb->s_bdev) {
1295         suffix = "-fuseblk";
1296         /*
1297          * sb->s_bdi points to blkdev's bdi however we want to redirect
1298          * it to our private bdi...
1299          */
1300         bdi_put(sb->s_bdi);
1301         sb->s_bdi = &noop_backing_dev_info;
1302     }
1303     err = super_setup_bdi_name(sb, "%u:%u%s", MAJOR(fc->dev),
1304                    MINOR(fc->dev), suffix);
1305     if (err)
1306         return err;
1307
1308     /* fuse does it's own writeback accounting */
1309     sb->s_bdi->capabilities &= ~BDI_CAP_WRITEBACK_ACCT;
1310     sb->s_bdi->capabilities |= BDI_CAP_STRICTLIMIT;
1311
1312     /*
1313      * For a single fuse filesystem use max 1% of dirty +
1314      * writeback threshold.
1315      *
1316      * This gives about 1M of write buffer for memory maps on a
1317      * machine with 1G and 10% dirty_ratio, which should be more
1318      * than enough.
1319      *
1320      * Privileged users can raise it by writing to
1321      *
1322      *    /sys/class/bdi/<bdi>/max_ratio
1323      */
1324     bdi_set_max_ratio(sb->s_bdi, 1);
1325
1326     return 0;
1327 }
1328
1329 struct fuse_dev *fuse_dev_alloc(void)
1330 {
1331     struct fuse_dev *fud;
1332     struct list_head *pq;
1333
1334     fud = kzalloc(sizeof(struct fuse_dev), GFP_KERNEL);
1335     if (!fud)
1336         return NULL;
1337
1338     pq = kcalloc(FUSE_PQ_HASH_SIZE, sizeof(struct list_head), GFP_KERNEL);
1339     if (!pq) {
1340         kfree(fud);
1341         return NULL;
1342     }
1343
1344     fud->pq.processing = pq;
1345     fuse_pqueue_init(&fud->pq);
1346
1347     return fud;
1348 }
1349 EXPORT_SYMBOL_GPL(fuse_dev_alloc);
1350
1351 void fuse_dev_install(struct fuse_dev *fud, struct fuse_conn *fc)
1352 {
1353     fud->fc = fuse_conn_get(fc);
1354     spin_lock(&fc->lock);
1355     list_add_tail(&fud->entry, &fc->devices);
1356     spin_unlock(&fc->lock);
1357 }
1358 EXPORT_SYMBOL_GPL(fuse_dev_install);
1359
1360 struct fuse_dev *fuse_dev_alloc_install(struct fuse_conn *fc)
1361 {
1362     struct fuse_dev *fud;
1363
1364     fud = fuse_dev_alloc();
1365     if (!fud)
1366         return NULL;
1367
1368     fuse_dev_install(fud, fc);
1369     return fud;
1370 }
1371 EXPORT_SYMBOL_GPL(fuse_dev_alloc_install);
1372
1373 void fuse_dev_free(struct fuse_dev *fud)
1374 {
1375     struct fuse_conn *fc = fud->fc;
1376
1377     if (fc) {
1378         spin_lock(&fc->lock);
1379         list_del(&fud->entry);
1380         spin_unlock(&fc->lock);
1381
1382         fuse_conn_put(fc);
1383     }
1384     kfree(fud->pq.processing);
1385     kfree(fud);
1386 }
1387 EXPORT_SYMBOL_GPL(fuse_dev_free);
1388
1389 static void fuse_fill_attr_from_inode(struct fuse_attr *attr,
1390                       const struct fuse_inode *fi)
1391 {
1392     *attr = (struct fuse_attr){
1393         .ino        = fi->inode.i_ino,
1394         .size       = fi->inode.i_size,
1395         .blocks     = fi->inode.i_blocks,
1396         .atime      = fi->inode.i_atime.tv_sec,
1397         .mtime      = fi->inode.i_mtime.tv_sec,
1398         .ctime      = fi->inode.i_ctime.tv_sec,
1399         .atimensec  = fi->inode.i_atime.tv_nsec,
1400         .mtimensec  = fi->inode.i_mtime.tv_nsec,
1401         .ctimensec  = fi->inode.i_ctime.tv_nsec,
1402         .mode       = fi->inode.i_mode,
1403         .nlink      = fi->inode.i_nlink,
1404         .uid        = fi->inode.i_uid.val,
1405         .gid        = fi->inode.i_gid.val,
1406         .rdev       = fi->inode.i_rdev,
1407         .blksize    = 1u << fi->inode.i_blkbits,
1408     };
1409 }
1410
1411 static void fuse_sb_defaults(struct super_block *sb)
1412 {
1413     sb->s_magic = FUSE_SUPER_MAGIC;
1414     sb->s_op = &fuse_super_operations;
1415     sb->s_xattr = fuse_xattr_handlers;
1416     sb->s_maxbytes = MAX_LFS_FILESIZE;
1417     sb->s_time_gran = 1;
1418     sb->s_export_op = &fuse_export_operations;
1419     sb->s_iflags |= SB_I_IMA_UNVERIFIABLE_SIGNATURE;
1420     if (sb->s_user_ns != &init_user_ns)
1421         sb->s_iflags |= SB_I_UNTRUSTED_MOUNTER;
1422     sb->s_flags &= ~(SB_NOSEC | SB_I_VERSION);
1423
1424     /*
1425      * If we are not in the initial user namespace posix
1426      * acls must be translated.
1427      */
1428     if (sb->s_user_ns != &init_user_ns)
1429         sb->s_xattr = fuse_no_acl_xattr_handlers;
1430 }
1431
1432 static int fuse_fill_super_submount(struct super_block *sb,
1433                     struct fuse_inode *parent_fi)
1434 {
1435     struct fuse_mount *fm = get_fuse_mount_super(sb);
1436     struct super_block *parent_sb = parent_fi->inode.i_sb;
1437     struct fuse_attr root_attr;
1438     struct inode *root;
1439
1440     fuse_sb_defaults(sb);
1441     fm->sb = sb;
1442
1443     WARN_ON(sb->s_bdi != &noop_backing_dev_info);
1444     sb->s_bdi = bdi_get(parent_sb->s_bdi);
1445
1446     sb->s_xattr = parent_sb->s_xattr;
1447     sb->s_time_gran = parent_sb->s_time_gran;
1448     sb->s_blocksize = parent_sb->s_blocksize;
1449     sb->s_blocksize_bits = parent_sb->s_blocksize_bits;
1450     sb->s_subtype = kstrdup(parent_sb->s_subtype, GFP_KERNEL);
1451     if (parent_sb->s_subtype && !sb->s_subtype)
1452         return -ENOMEM;
1453
1454     fuse_fill_attr_from_inode(&root_attr, parent_fi);
1455     root = fuse_iget(sb, parent_fi->nodeid, 0, &root_attr, 0, 0);
1456     /*
1457      * This inode is just a duplicate, so it is not looked up and
1458      * its nlookup should not be incremented.  fuse_iget() does
1459      * that, though, so undo it here.
1460      */
1461     get_fuse_inode(root)->nlookup--;
1462     sb->s_d_op = &fuse_dentry_operations;
1463     sb->s_root = d_make_root(root);
1464     if (!sb->s_root)
1465         return -ENOMEM;
1466
1467     return 0;
1468 }
1469
1470 /* Filesystem context private data holds the FUSE inode of the mount point */
1471 static int fuse_get_tree_submount(struct fs_context *fsc)
1472 {
1473     struct fuse_mount *fm;
1474     struct fuse_inode *mp_fi = fsc->fs_private;
1475     struct fuse_conn *fc = get_fuse_conn(&mp_fi->inode);
1476     struct super_block *sb;
1477     int err;
1478
1479     fm = kzalloc(sizeof(struct fuse_mount), GFP_KERNEL);
1480     if (!fm)
1481         return -ENOMEM;
1482
1483     fm->fc = fuse_conn_get(fc);
1484     fsc->s_fs_info = fm;
1485     sb = sget_fc(fsc, NULL, set_anon_super_fc);
1486     if (fsc->s_fs_info)
1487         fuse_mount_destroy(fm);
1488     if (IS_ERR(sb))
1489         return PTR_ERR(sb);
1490
1491     /* Initialize superblock, making @mp_fi its root */
1492     err = fuse_fill_super_submount(sb, mp_fi);
1493     if (err) {
1494         deactivate_locked_super(sb);
1495         return err;
1496     }
1497
1498     down_write(&fc->killsb);
1499     list_add_tail(&fm->fc_entry, &fc->mounts);
1500     up_write(&fc->killsb);
1501
1502     sb->s_flags |= SB_ACTIVE;
1503     fsc->root = dget(sb->s_root);
1504
1505     return 0;
1506 }
1507
1508 static const struct fs_context_operations fuse_context_submount_ops = {
1509     .get_tree   = fuse_get_tree_submount,
1510 };
1511
1512 int fuse_init_fs_context_submount(struct fs_context *fsc)
1513 {
1514     fsc->ops = &fuse_context_submount_ops;
1515     return 0;
1516 }
1517 EXPORT_SYMBOL_GPL(fuse_init_fs_context_submount);
1518
1519 int fuse_fill_super_common(struct super_block *sb, struct fuse_fs_context *ctx)
1520 {
1521     struct fuse_dev *fud = NULL;
1522     struct fuse_mount *fm = get_fuse_mount_super(sb);
1523     struct fuse_conn *fc = fm->fc;
1524     struct inode *root;
1525     struct dentry *root_dentry;
1526     int err;
1527
1528     err = -EINVAL;
1529     if (sb->s_flags & SB_MANDLOCK)
1530         goto err;
1531
1532     rcu_assign_pointer(fc->curr_bucket, fuse_sync_bucket_alloc());
1533     fuse_sb_defaults(sb);
1534
1535     if (ctx->is_bdev) {
1536 #ifdef CONFIG_BLOCK
1537         err = -EINVAL;
1538         if (!sb_set_blocksize(sb, ctx->blksize))
1539             goto err;
1540 #endif
1541     } else {
1542         sb->s_blocksize = PAGE_SIZE;
1543         sb->s_blocksize_bits = PAGE_SHIFT;
1544     }
1545
1546     sb->s_subtype = ctx->subtype;
1547     ctx->subtype = NULL;
1548     if (IS_ENABLED(CONFIG_FUSE_DAX)) {
1549         err = fuse_dax_conn_alloc(fc, ctx->dax_mode, ctx->dax_dev);
1550         if (err)
1551             goto err;
1552     }
1553
1554     if (ctx->fudptr) {
1555         err = -ENOMEM;
1556         fud = fuse_dev_alloc_install(fc);
1557         if (!fud)
1558             goto err_free_dax;
1559     }
1560
1561     fc->dev = sb->s_dev;
1562     fm->sb = sb;
1563     err = fuse_bdi_init(fc, sb);
1564     if (err)
1565         goto err_dev_free;
1566
1567     /* Handle umasking inside the fuse code */
1568     if (sb->s_flags & SB_POSIXACL)
1569         fc->dont_mask = 1;
1570     sb->s_flags |= SB_POSIXACL;
1571
1572     fc->default_permissions = ctx->default_permissions;
1573     fc->allow_other = ctx->allow_other;
1574     fc->user_id = ctx->user_id;
1575     fc->group_id = ctx->group_id;
1576     fc->legacy_opts_show = ctx->legacy_opts_show;
1577     fc->max_read = max_t(unsigned int, 4096, ctx->max_read);
1578     fc->destroy = ctx->destroy;
1579     fc->no_control = ctx->no_control;
1580     fc->no_force_umount = ctx->no_force_umount;
1581
1582     err = -ENOMEM;
1583     root = fuse_get_root_inode(sb, ctx->rootmode);
1584     sb->s_d_op = &fuse_root_dentry_operations;
1585     root_dentry = d_make_root(root);
1586     if (!root_dentry)
1587         goto err_dev_free;
1588     /* Root dentry doesn't have .d_revalidate */
1589     sb->s_d_op = &fuse_dentry_operations;
1590
1591     mutex_lock(&fuse_mutex);
1592     err = -EINVAL;
1593     if (ctx->fudptr && *ctx->fudptr)
1594         goto err_unlock;
1595
1596     err = fuse_ctl_add_conn(fc);
1597     if (err)
1598         goto err_unlock;
1599
1600     list_add_tail(&fc->entry, &fuse_conn_list);
1601     sb->s_root = root_dentry;
1602     if (ctx->fudptr)
1603         *ctx->fudptr = fud;
1604     mutex_unlock(&fuse_mutex);
1605     return 0;
1606
1607  err_unlock:
1608     mutex_unlock(&fuse_mutex);
1609     dput(root_dentry);
1610  err_dev_free:
1611     if (fud)
1612         fuse_dev_free(fud);
1613  err_free_dax:
1614     if (IS_ENABLED(CONFIG_FUSE_DAX))
1615         fuse_dax_conn_free(fc);
1616  err:
1617     return err;
1618 }
1619 EXPORT_SYMBOL_GPL(fuse_fill_super_common);
1620
1621 static int fuse_fill_super(struct super_block *sb, struct fs_context *fsc)
1622 {
1623     struct fuse_fs_context *ctx = fsc->fs_private;
1624     int err;
1625
1626     if (!ctx->file || !ctx->rootmode_present ||
1627         !ctx->user_id_present || !ctx->group_id_present)
1628         return -EINVAL;
1629
1630     /*
1631      * Require mount to happen from the same user namespace which
1632      * opened /dev/fuse to prevent potential attacks.
1633      */
1634     if ((ctx->file->f_op != &fuse_dev_operations) ||
1635         (ctx->file->f_cred->user_ns != sb->s_user_ns))
1636         return -EINVAL;
1637     ctx->fudptr = &ctx->file->private_data;
1638
1639     err = fuse_fill_super_common(sb, ctx);
1640     if (err)
1641         return err;
1642     /* file->private_data shall be visible on all CPUs after this */
1643     smp_mb();
1644     fuse_send_init(get_fuse_mount_super(sb));
1645     return 0;
1646 }
1647
1648 /*
1649  * This is the path where user supplied an already initialized fuse dev.  In
1650  * this case never create a new super if the old one is gone.
1651  */
1652 static int fuse_set_no_super(struct super_block *sb, struct fs_context *fsc)
1653 {
1654     return -ENOTCONN;
1655 }
1656
1657 static int fuse_test_super(struct super_block *sb, struct fs_context *fsc)
1658 {
1659
1660     return fsc->sget_key == get_fuse_conn_super(sb);
1661 }
1662
1663 static int fuse_get_tree(struct fs_context *fsc)
1664 {
1665     struct fuse_fs_context *ctx = fsc->fs_private;
1666     struct fuse_dev *fud;
1667     struct fuse_conn *fc;
1668     struct fuse_mount *fm;
1669     struct super_block *sb;
1670     int err;
1671
1672     fc = kmalloc(sizeof(*fc), GFP_KERNEL);
1673     if (!fc)
1674         return -ENOMEM;
1675
1676     fm = kzalloc(sizeof(*fm), GFP_KERNEL);
1677     if (!fm) {
1678         kfree(fc);
1679         return -ENOMEM;
1680     }
1681
1682     fuse_conn_init(fc, fm, fsc->user_ns, &fuse_dev_fiq_ops, NULL);
1683     fc->release = fuse_free_conn;
1684
1685     fsc->s_fs_info = fm;
1686
1687     if (ctx->fd_present)
1688         ctx->file = fget(ctx->fd);
1689
1690     if (IS_ENABLED(CONFIG_BLOCK) && ctx->is_bdev) {
1691         err = get_tree_bdev(fsc, fuse_fill_super);
1692         goto out;
1693     }
1694     /*
1695      * While block dev mount can be initialized with a dummy device fd
1696      * (found by device name), normal fuse mounts can't
1697      */
1698     err = -EINVAL;
1699     if (!ctx->file)
1700         goto out;
1701
1702     /*
1703      * Allow creating a fuse mount with an already initialized fuse
1704      * connection
1705      */
1706     fud = READ_ONCE(ctx->file->private_data);
1707     if (ctx->file->f_op == &fuse_dev_operations && fud) {
1708         fsc->sget_key = fud->fc;
1709         sb = sget_fc(fsc, fuse_test_super, fuse_set_no_super);
1710         err = PTR_ERR_OR_ZERO(sb);
1711         if (!IS_ERR(sb))
1712             fsc->root = dget(sb->s_root);
1713     } else {
1714         err = get_tree_nodev(fsc, fuse_fill_super);
1715     }
1716 out:
1717     if (fsc->s_fs_info)
1718         fuse_mount_destroy(fm);
1719     if (ctx->file)
1720         fput(ctx->file);
1721     return err;
1722 }
1723
1724 static const struct fs_context_operations fuse_context_ops = {
1725     .free       = fuse_free_fsc,
1726     .parse_param    = fuse_parse_param,
1727     .reconfigure    = fuse_reconfigure,
1728     .get_tree   = fuse_get_tree,
1729 };
1730
1731 /*
1732  * Set up the filesystem mount context.
1733  */
1734 static int fuse_init_fs_context(struct fs_context *fsc)
1735 {
1736     struct fuse_fs_context *ctx;
1737
1738     ctx = kzalloc(sizeof(struct fuse_fs_context), GFP_KERNEL);
1739     if (!ctx)
1740         return -ENOMEM;
1741
1742     ctx->max_read = ~0;
1743     ctx->blksize = FUSE_DEFAULT_BLKSIZE;
1744     ctx->legacy_opts_show = true;
1745
1746 #ifdef CONFIG_BLOCK
1747     if (fsc->fs_type == &fuseblk_fs_type) {
1748         ctx->is_bdev = true;
1749         ctx->destroy = true;
1750     }
1751 #endif
1752
1753     fsc->fs_private = ctx;
1754     fsc->ops = &fuse_context_ops;
1755     return 0;
1756 }
1757
1758 bool fuse_mount_remove(struct fuse_mount *fm)
1759 {
1760     struct fuse_conn *fc = fm->fc;
1761     bool last = false;
1762
1763     down_write(&fc->killsb);
1764     list_del_init(&fm->fc_entry);
1765     if (list_empty(&fc->mounts))
1766         last = true;
1767     up_write(&fc->killsb);
1768
1769     return last;
1770 }
1771 EXPORT_SYMBOL_GPL(fuse_mount_remove);
1772
1773 void fuse_conn_destroy(struct fuse_mount *fm)
1774 {
1775     struct fuse_conn *fc = fm->fc;
1776
1777     if (fc->destroy)
1778         fuse_send_destroy(fm);
1779
1780     fuse_abort_conn(fc);
1781     fuse_wait_aborted(fc);
1782
1783     if (!list_empty(&fc->entry)) {
1784         mutex_lock(&fuse_mutex);
1785         list_del(&fc->entry);
1786         fuse_ctl_remove_conn(fc);
1787         mutex_unlock(&fuse_mutex);
1788     }
1789 }
1790 EXPORT_SYMBOL_GPL(fuse_conn_destroy);
1791
1792 static void fuse_sb_destroy(struct super_block *sb)
1793 {
1794     struct fuse_mount *fm = get_fuse_mount_super(sb);
1795     bool last;
1796
1797     if (sb->s_root) {
1798         last = fuse_mount_remove(fm);
1799         if (last)
1800             fuse_conn_destroy(fm);
1801     }
1802 }
1803
1804 void fuse_mount_destroy(struct fuse_mount *fm)
1805 {
1806     fuse_conn_put(fm->fc);
1807     kfree(fm);
1808 }
1809 EXPORT_SYMBOL(fuse_mount_destroy);
1810
1811 static void fuse_kill_sb_anon(struct super_block *sb)
1812 {
1813     fuse_sb_destroy(sb);
1814     kill_anon_super(sb);
1815     fuse_mount_destroy(get_fuse_mount_super(sb));
1816 }
1817
1818 static struct file_system_type fuse_fs_type = {
1819     .owner      = THIS_MODULE,
1820     .name       = "fuse",
1821     .fs_flags   = FS_HAS_SUBTYPE | FS_USERNS_MOUNT,
1822     .init_fs_context = fuse_init_fs_context,
1823     .parameters = fuse_fs_parameters,
1824     .kill_sb    = fuse_kill_sb_anon,
1825 };
1826 MODULE_ALIAS_FS("fuse");
1827
1828 #ifdef CONFIG_BLOCK
1829 static void fuse_kill_sb_blk(struct super_block *sb)
1830 {
1831     fuse_sb_destroy(sb);
1832     kill_block_super(sb);
1833     fuse_mount_destroy(get_fuse_mount_super(sb));
1834 }
1835
1836 static struct file_system_type fuseblk_fs_type = {
1837     .owner      = THIS_MODULE,
1838     .name       = "fuseblk",
1839     .init_fs_context = fuse_init_fs_context,
1840     .parameters = fuse_fs_parameters,
1841     .kill_sb    = fuse_kill_sb_blk,
1842     .fs_flags   = FS_REQUIRES_DEV | FS_HAS_SUBTYPE,
1843 };
1844 MODULE_ALIAS_FS("fuseblk");
1845
1846 static inline int register_fuseblk(void)
1847 {
1848     return register_filesystem(&fuseblk_fs_type);
1849 }
1850
1851 static inline void unregister_fuseblk(void)
1852 {
1853     unregister_filesystem(&fuseblk_fs_type);
1854 }
1855 #else
1856 static inline int register_fuseblk(void)
1857 {
1858     return 0;
1859 }
1860
1861 static inline void unregister_fuseblk(void)
1862 {
1863 }
1864 #endif
1865
1866 static void fuse_inode_init_once(void *foo)
1867 {
1868     struct inode *inode = foo;
1869
1870     inode_init_once(inode);
1871 }
1872
1873 static int __init fuse_fs_init(void)
1874 {
1875     int err;
1876
1877     fuse_inode_cachep = kmem_cache_create("fuse_inode",
1878             sizeof(struct fuse_inode), 0,
1879             SLAB_HWCACHE_ALIGN|SLAB_ACCOUNT|SLAB_RECLAIM_ACCOUNT,
1880             fuse_inode_init_once);
1881     err = -ENOMEM;
1882     if (!fuse_inode_cachep)
1883         goto out;
1884
1885     err = register_fuseblk();
1886     if (err)
1887         goto out2;
1888
1889     err = register_filesystem(&fuse_fs_type);
1890     if (err)
1891         goto out3;
1892
1893     return 0;
1894
1895  out3:
1896     unregister_fuseblk();
1897  out2:
1898     kmem_cache_destroy(fuse_inode_cachep);
1899  out:
1900     return err;
1901 }
1902
1903 static void fuse_fs_cleanup(void)
1904 {
1905     unregister_filesystem(&fuse_fs_type);
1906     unregister_fuseblk();
1907
1908     /*
1909      * Make sure all delayed rcu free inodes are flushed before we
1910      * destroy cache.
1911      */
1912     rcu_barrier();
1913     kmem_cache_destroy(fuse_inode_cachep);
1914 }
1915
1916 static struct kobject *fuse_kobj;
1917
1918 static int fuse_sysfs_init(void)
1919 {
1920     int err;
1921
1922     fuse_kobj = kobject_create_and_add("fuse", fs_kobj);
1923     if (!fuse_kobj) {
1924         err = -ENOMEM;
1925         goto out_err;
1926     }
1927
1928     err = sysfs_create_mount_point(fuse_kobj, "connections");
1929     if (err)
1930         goto out_fuse_unregister;
1931
1932     return 0;
1933
1934  out_fuse_unregister:
1935     kobject_put(fuse_kobj);
1936  out_err:
1937     return err;
1938 }
1939
1940 static void fuse_sysfs_cleanup(void)
1941 {
1942     sysfs_remove_mount_point(fuse_kobj, "connections");
1943     kobject_put(fuse_kobj);
1944 }
1945
1946 static int __init fuse_init(void)
1947 {
1948     int res;
1949
1950     pr_info("init (API version %i.%i)\n",
1951         FUSE_KERNEL_VERSION, FUSE_KERNEL_MINOR_VERSION);
1952
1953     INIT_LIST_HEAD(&fuse_conn_list);
1954     res = fuse_fs_init();
1955     if (res)
1956         goto err;
1957
1958     res = fuse_dev_init();
1959     if (res)
1960         goto err_fs_cleanup;
1961
1962     res = fuse_sysfs_init();
1963     if (res)
1964         goto err_dev_cleanup;
1965
1966     res = fuse_ctl_init();
1967     if (res)
1968         goto err_sysfs_cleanup;
1969
1970     sanitize_global_limit(&max_user_bgreq);
1971     sanitize_global_limit(&max_user_congthresh);
1972
1973     return 0;
1974
1975  err_sysfs_cleanup:
1976     fuse_sysfs_cleanup();
1977  err_dev_cleanup:
1978     fuse_dev_cleanup();
1979  err_fs_cleanup:
1980     fuse_fs_cleanup();
1981  err:
1982     return res;
1983 }
1984
1985 static void __exit fuse_exit(void)
1986 {
1987     pr_debug("exit\n");
1988
1989     fuse_ctl_cleanup();
1990     fuse_sysfs_cleanup();
1991     fuse_fs_cleanup();
1992     fuse_dev_cleanup();
1993 }
1994
1995 module_init(fuse_init);
1996 module_exit(fuse_exit);