2 FUSE: Filesystem in Userspace
3 Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
5 This program can be distributed under the terms of the GNU GPL.
11 #include <linux/pagemap.h>
12 #include <linux/slab.h>
13 #include <linux/kernel.h>
14 #include <linux/sched.h>
15 #include <linux/module.h>
16 #include <linux/compat.h>
17 #include <linux/swap.h>
19 static const struct file_operations fuse_direct_io_file_operations;
21 static int fuse_send_open(struct fuse_conn *fc, u64 nodeid, struct file *file,
22 int opcode, struct fuse_open_out *outargp)
24 struct fuse_open_in inarg;
28 req = fuse_get_req(fc);
32 memset(&inarg, 0, sizeof(inarg));
33 inarg.flags = file->f_flags & ~(O_CREAT | O_EXCL | O_NOCTTY);
34 if (!fc->atomic_o_trunc)
35 inarg.flags &= ~O_TRUNC;
36 req->in.h.opcode = opcode;
37 req->in.h.nodeid = nodeid;
39 req->in.args[0].size = sizeof(inarg);
40 req->in.args[0].value = &inarg;
42 req->out.args[0].size = sizeof(*outargp);
43 req->out.args[0].value = outargp;
44 fuse_request_send(fc, req);
45 err = req->out.h.error;
46 fuse_put_request(fc, req);
51 struct fuse_file *fuse_file_alloc(struct fuse_conn *fc)
55 ff = kmalloc(sizeof(struct fuse_file), GFP_KERNEL);
60 ff->reserved_req = fuse_request_alloc();
61 if (unlikely(!ff->reserved_req)) {
66 INIT_LIST_HEAD(&ff->write_entry);
67 atomic_set(&ff->count, 0);
68 RB_CLEAR_NODE(&ff->polled_node);
69 init_waitqueue_head(&ff->poll_wait);
73 spin_unlock(&fc->lock);
78 void fuse_file_free(struct fuse_file *ff)
80 fuse_request_free(ff->reserved_req);
84 struct fuse_file *fuse_file_get(struct fuse_file *ff)
86 atomic_inc(&ff->count);
90 static void fuse_release_async(struct work_struct *work)
96 req = container_of(work, struct fuse_req, misc.release.work);
97 path = req->misc.release.path;
98 fc = get_fuse_conn(path.dentry->d_inode);
100 fuse_put_request(fc, req);
104 static void fuse_release_end(struct fuse_conn *fc, struct fuse_req *req)
106 if (fc->destroy_req) {
108 * If this is a fuseblk mount, then it's possible that
109 * releasing the path will result in releasing the
110 * super block and sending the DESTROY request. If
111 * the server is single threaded, this would hang.
112 * For this reason do the path_put() in a separate
115 atomic_inc(&req->count);
116 INIT_WORK(&req->misc.release.work, fuse_release_async);
117 schedule_work(&req->misc.release.work);
119 path_put(&req->misc.release.path);
123 static void fuse_file_put(struct fuse_file *ff, bool sync)
125 if (atomic_dec_and_test(&ff->count)) {
126 struct fuse_req *req = ff->reserved_req;
130 fuse_request_send(ff->fc, req);
131 path_put(&req->misc.release.path);
132 fuse_put_request(ff->fc, req);
134 req->end = fuse_release_end;
135 fuse_request_send_background(ff->fc, req);
141 int fuse_do_open(struct fuse_conn *fc, u64 nodeid, struct file *file,
144 struct fuse_open_out outarg;
145 struct fuse_file *ff;
147 int opcode = isdir ? FUSE_OPENDIR : FUSE_OPEN;
149 ff = fuse_file_alloc(fc);
153 err = fuse_send_open(fc, nodeid, file, opcode, &outarg);
160 outarg.open_flags &= ~FOPEN_DIRECT_IO;
164 ff->open_flags = outarg.open_flags;
165 file->private_data = fuse_file_get(ff);
169 EXPORT_SYMBOL_GPL(fuse_do_open);
171 void fuse_finish_open(struct inode *inode, struct file *file)
173 struct fuse_file *ff = file->private_data;
174 struct fuse_conn *fc = get_fuse_conn(inode);
176 if (ff->open_flags & FOPEN_DIRECT_IO)
177 file->f_op = &fuse_direct_io_file_operations;
178 if (!(ff->open_flags & FOPEN_KEEP_CACHE))
179 invalidate_inode_pages2(inode->i_mapping);
180 if (ff->open_flags & FOPEN_NONSEEKABLE)
181 nonseekable_open(inode, file);
182 if (fc->atomic_o_trunc && (file->f_flags & O_TRUNC)) {
183 struct fuse_inode *fi = get_fuse_inode(inode);
185 spin_lock(&fc->lock);
186 fi->attr_version = ++fc->attr_version;
187 i_size_write(inode, 0);
188 spin_unlock(&fc->lock);
189 fuse_invalidate_attr(inode);
193 int fuse_open_common(struct inode *inode, struct file *file, bool isdir)
195 struct fuse_conn *fc = get_fuse_conn(inode);
198 /* VFS checks this, but only _after_ ->open() */
199 if (file->f_flags & O_DIRECT)
202 err = generic_file_open(inode, file);
206 err = fuse_do_open(fc, get_node_id(inode), file, isdir);
210 fuse_finish_open(inode, file);
215 static void fuse_prepare_release(struct fuse_file *ff, int flags, int opcode)
217 struct fuse_conn *fc = ff->fc;
218 struct fuse_req *req = ff->reserved_req;
219 struct fuse_release_in *inarg = &req->misc.release.in;
221 spin_lock(&fc->lock);
222 list_del(&ff->write_entry);
223 if (!RB_EMPTY_NODE(&ff->polled_node))
224 rb_erase(&ff->polled_node, &fc->polled_files);
225 spin_unlock(&fc->lock);
227 wake_up_interruptible_all(&ff->poll_wait);
230 inarg->flags = flags;
231 req->in.h.opcode = opcode;
232 req->in.h.nodeid = ff->nodeid;
234 req->in.args[0].size = sizeof(struct fuse_release_in);
235 req->in.args[0].value = inarg;
238 void fuse_release_common(struct file *file, int opcode)
240 struct fuse_file *ff;
241 struct fuse_req *req;
243 ff = file->private_data;
247 req = ff->reserved_req;
248 fuse_prepare_release(ff, file->f_flags, opcode);
251 struct fuse_release_in *inarg = &req->misc.release.in;
252 inarg->release_flags |= FUSE_RELEASE_FLOCK_UNLOCK;
253 inarg->lock_owner = fuse_lock_owner_id(ff->fc,
256 /* Hold vfsmount and dentry until release is finished */
257 path_get(&file->f_path);
258 req->misc.release.path = file->f_path;
261 * Normally this will send the RELEASE request, however if
262 * some asynchronous READ or WRITE requests are outstanding,
263 * the sending will be delayed.
265 * Make the release synchronous if this is a fuseblk mount,
266 * synchronous RELEASE is allowed (and desirable) in this case
267 * because the server can be trusted not to screw up.
269 fuse_file_put(ff, ff->fc->destroy_req != NULL);
272 static int fuse_open(struct inode *inode, struct file *file)
274 return fuse_open_common(inode, file, false);
277 static int fuse_release(struct inode *inode, struct file *file)
279 fuse_release_common(file, FUSE_RELEASE);
281 /* return value is ignored by VFS */
285 void fuse_sync_release(struct fuse_file *ff, int flags)
287 WARN_ON(atomic_read(&ff->count) > 1);
288 fuse_prepare_release(ff, flags, FUSE_RELEASE);
289 ff->reserved_req->force = 1;
290 fuse_request_send(ff->fc, ff->reserved_req);
291 fuse_put_request(ff->fc, ff->reserved_req);
294 EXPORT_SYMBOL_GPL(fuse_sync_release);
297 * Scramble the ID space with XTEA, so that the value of the files_struct
298 * pointer is not exposed to userspace.
300 u64 fuse_lock_owner_id(struct fuse_conn *fc, fl_owner_t id)
302 u32 *k = fc->scramble_key;
303 u64 v = (unsigned long) id;
309 for (i = 0; i < 32; i++) {
310 v0 += ((v1 << 4 ^ v1 >> 5) + v1) ^ (sum + k[sum & 3]);
312 v1 += ((v0 << 4 ^ v0 >> 5) + v0) ^ (sum + k[sum>>11 & 3]);
315 return (u64) v0 + ((u64) v1 << 32);
319 * Check if page is under writeback
321 * This is currently done by walking the list of writepage requests
322 * for the inode, which can be pretty inefficient.
324 static bool fuse_page_is_writeback(struct inode *inode, pgoff_t index)
326 struct fuse_conn *fc = get_fuse_conn(inode);
327 struct fuse_inode *fi = get_fuse_inode(inode);
328 struct fuse_req *req;
331 spin_lock(&fc->lock);
332 list_for_each_entry(req, &fi->writepages, writepages_entry) {
335 BUG_ON(req->inode != inode);
336 curr_index = req->misc.write.in.offset >> PAGE_CACHE_SHIFT;
337 if (curr_index == index) {
342 spin_unlock(&fc->lock);
348 * Wait for page writeback to be completed.
350 * Since fuse doesn't rely on the VM writeback tracking, this has to
351 * use some other means.
353 static int fuse_wait_on_page_writeback(struct inode *inode, pgoff_t index)
355 struct fuse_inode *fi = get_fuse_inode(inode);
357 wait_event(fi->page_waitq, !fuse_page_is_writeback(inode, index));
361 static int fuse_flush(struct file *file, fl_owner_t id)
363 struct inode *inode = file->f_path.dentry->d_inode;
364 struct fuse_conn *fc = get_fuse_conn(inode);
365 struct fuse_file *ff = file->private_data;
366 struct fuse_req *req;
367 struct fuse_flush_in inarg;
370 if (is_bad_inode(inode))
376 req = fuse_get_req_nofail(fc, file);
377 memset(&inarg, 0, sizeof(inarg));
379 inarg.lock_owner = fuse_lock_owner_id(fc, id);
380 req->in.h.opcode = FUSE_FLUSH;
381 req->in.h.nodeid = get_node_id(inode);
383 req->in.args[0].size = sizeof(inarg);
384 req->in.args[0].value = &inarg;
386 fuse_request_send(fc, req);
387 err = req->out.h.error;
388 fuse_put_request(fc, req);
389 if (err == -ENOSYS) {
397 * Wait for all pending writepages on the inode to finish.
399 * This is currently done by blocking further writes with FUSE_NOWRITE
400 * and waiting for all sent writes to complete.
402 * This must be called under i_mutex, otherwise the FUSE_NOWRITE usage
403 * could conflict with truncation.
405 static void fuse_sync_writes(struct inode *inode)
407 fuse_set_nowrite(inode);
408 fuse_release_nowrite(inode);
411 int fuse_fsync_common(struct file *file, loff_t start, loff_t end,
412 int datasync, int isdir)
414 struct inode *inode = file->f_mapping->host;
415 struct fuse_conn *fc = get_fuse_conn(inode);
416 struct fuse_file *ff = file->private_data;
417 struct fuse_req *req;
418 struct fuse_fsync_in inarg;
421 if (is_bad_inode(inode))
424 err = filemap_write_and_wait_range(inode->i_mapping, start, end);
428 if ((!isdir && fc->no_fsync) || (isdir && fc->no_fsyncdir))
431 mutex_lock(&inode->i_mutex);
434 * Start writeback against all dirty pages of the inode, then
435 * wait for all outstanding writes, before sending the FSYNC
438 err = write_inode_now(inode, 0);
442 fuse_sync_writes(inode);
444 req = fuse_get_req(fc);
450 memset(&inarg, 0, sizeof(inarg));
452 inarg.fsync_flags = datasync ? 1 : 0;
453 req->in.h.opcode = isdir ? FUSE_FSYNCDIR : FUSE_FSYNC;
454 req->in.h.nodeid = get_node_id(inode);
456 req->in.args[0].size = sizeof(inarg);
457 req->in.args[0].value = &inarg;
458 fuse_request_send(fc, req);
459 err = req->out.h.error;
460 fuse_put_request(fc, req);
461 if (err == -ENOSYS) {
469 mutex_unlock(&inode->i_mutex);
473 static int fuse_fsync(struct file *file, loff_t start, loff_t end,
476 return fuse_fsync_common(file, start, end, datasync, 0);
479 void fuse_read_fill(struct fuse_req *req, struct file *file, loff_t pos,
480 size_t count, int opcode)
482 struct fuse_read_in *inarg = &req->misc.read.in;
483 struct fuse_file *ff = file->private_data;
488 inarg->flags = file->f_flags;
489 req->in.h.opcode = opcode;
490 req->in.h.nodeid = ff->nodeid;
492 req->in.args[0].size = sizeof(struct fuse_read_in);
493 req->in.args[0].value = inarg;
495 req->out.numargs = 1;
496 req->out.args[0].size = count;
499 static size_t fuse_send_read(struct fuse_req *req, struct file *file,
500 loff_t pos, size_t count, fl_owner_t owner)
502 struct fuse_file *ff = file->private_data;
503 struct fuse_conn *fc = ff->fc;
505 fuse_read_fill(req, file, pos, count, FUSE_READ);
507 struct fuse_read_in *inarg = &req->misc.read.in;
509 inarg->read_flags |= FUSE_READ_LOCKOWNER;
510 inarg->lock_owner = fuse_lock_owner_id(fc, owner);
512 fuse_request_send(fc, req);
513 return req->out.args[0].size;
516 static void fuse_read_update_size(struct inode *inode, loff_t size,
519 struct fuse_conn *fc = get_fuse_conn(inode);
520 struct fuse_inode *fi = get_fuse_inode(inode);
522 spin_lock(&fc->lock);
523 if (attr_ver == fi->attr_version && size < inode->i_size &&
524 !test_bit(FUSE_I_SIZE_UNSTABLE, &fi->state)) {
525 fi->attr_version = ++fc->attr_version;
526 i_size_write(inode, size);
528 spin_unlock(&fc->lock);
531 static int fuse_readpage(struct file *file, struct page *page)
533 struct inode *inode = page->mapping->host;
534 struct fuse_conn *fc = get_fuse_conn(inode);
535 struct fuse_req *req;
537 loff_t pos = page_offset(page);
538 size_t count = PAGE_CACHE_SIZE;
543 if (is_bad_inode(inode))
547 * Page writeback can extend beyond the lifetime of the
548 * page-cache page, so make sure we read a properly synced
551 fuse_wait_on_page_writeback(inode, page->index);
553 req = fuse_get_req(fc);
558 attr_ver = fuse_get_attr_version(fc);
560 req->out.page_zeroing = 1;
561 req->out.argpages = 1;
563 req->pages[0] = page;
564 num_read = fuse_send_read(req, file, pos, count, NULL);
565 err = req->out.h.error;
566 fuse_put_request(fc, req);
570 * Short read means EOF. If file size is larger, truncate it
572 if (num_read < count)
573 fuse_read_update_size(inode, pos + num_read, attr_ver);
575 SetPageUptodate(page);
578 fuse_invalidate_attr(inode); /* atime changed */
584 static void fuse_readpages_end(struct fuse_conn *fc, struct fuse_req *req)
587 size_t count = req->misc.read.in.size;
588 size_t num_read = req->out.args[0].size;
589 struct address_space *mapping = NULL;
591 for (i = 0; mapping == NULL && i < req->num_pages; i++)
592 mapping = req->pages[i]->mapping;
595 struct inode *inode = mapping->host;
598 * Short read means EOF. If file size is larger, truncate it
600 if (!req->out.h.error && num_read < count) {
603 pos = page_offset(req->pages[0]) + num_read;
604 fuse_read_update_size(inode, pos,
605 req->misc.read.attr_ver);
607 fuse_invalidate_attr(inode); /* atime changed */
610 for (i = 0; i < req->num_pages; i++) {
611 struct page *page = req->pages[i];
612 if (!req->out.h.error)
613 SetPageUptodate(page);
617 page_cache_release(page);
620 fuse_file_put(req->ff, false);
623 static void fuse_send_readpages(struct fuse_req *req, struct file *file)
625 struct fuse_file *ff = file->private_data;
626 struct fuse_conn *fc = ff->fc;
627 loff_t pos = page_offset(req->pages[0]);
628 size_t count = req->num_pages << PAGE_CACHE_SHIFT;
630 req->out.argpages = 1;
631 req->out.page_zeroing = 1;
632 req->out.page_replace = 1;
633 fuse_read_fill(req, file, pos, count, FUSE_READ);
634 req->misc.read.attr_ver = fuse_get_attr_version(fc);
635 if (fc->async_read) {
636 req->ff = fuse_file_get(ff);
637 req->end = fuse_readpages_end;
638 fuse_request_send_background(fc, req);
640 fuse_request_send(fc, req);
641 fuse_readpages_end(fc, req);
642 fuse_put_request(fc, req);
646 struct fuse_fill_data {
647 struct fuse_req *req;
652 static int fuse_readpages_fill(void *_data, struct page *page)
654 struct fuse_fill_data *data = _data;
655 struct fuse_req *req = data->req;
656 struct inode *inode = data->inode;
657 struct fuse_conn *fc = get_fuse_conn(inode);
659 fuse_wait_on_page_writeback(inode, page->index);
661 if (req->num_pages &&
662 (req->num_pages == FUSE_MAX_PAGES_PER_REQ ||
663 (req->num_pages + 1) * PAGE_CACHE_SIZE > fc->max_read ||
664 req->pages[req->num_pages - 1]->index + 1 != page->index)) {
665 fuse_send_readpages(req, data->file);
666 data->req = req = fuse_get_req(fc);
672 page_cache_get(page);
673 req->pages[req->num_pages] = page;
678 static int fuse_readpages(struct file *file, struct address_space *mapping,
679 struct list_head *pages, unsigned nr_pages)
681 struct inode *inode = mapping->host;
682 struct fuse_conn *fc = get_fuse_conn(inode);
683 struct fuse_fill_data data;
687 if (is_bad_inode(inode))
692 data.req = fuse_get_req(fc);
693 err = PTR_ERR(data.req);
694 if (IS_ERR(data.req))
697 err = read_cache_pages(mapping, pages, fuse_readpages_fill, &data);
699 if (data.req->num_pages)
700 fuse_send_readpages(data.req, file);
702 fuse_put_request(fc, data.req);
708 static ssize_t fuse_file_aio_read(struct kiocb *iocb, const struct iovec *iov,
709 unsigned long nr_segs, loff_t pos)
711 struct inode *inode = iocb->ki_filp->f_mapping->host;
713 if (pos + iov_length(iov, nr_segs) > i_size_read(inode)) {
716 * If trying to read past EOF, make sure the i_size
717 * attribute is up-to-date.
719 err = fuse_update_attributes(inode, NULL, iocb->ki_filp, NULL);
724 return generic_file_aio_read(iocb, iov, nr_segs, pos);
727 static void fuse_write_fill(struct fuse_req *req, struct fuse_file *ff,
728 loff_t pos, size_t count)
730 struct fuse_write_in *inarg = &req->misc.write.in;
731 struct fuse_write_out *outarg = &req->misc.write.out;
736 req->in.h.opcode = FUSE_WRITE;
737 req->in.h.nodeid = ff->nodeid;
739 if (ff->fc->minor < 9)
740 req->in.args[0].size = FUSE_COMPAT_WRITE_IN_SIZE;
742 req->in.args[0].size = sizeof(struct fuse_write_in);
743 req->in.args[0].value = inarg;
744 req->in.args[1].size = count;
745 req->out.numargs = 1;
746 req->out.args[0].size = sizeof(struct fuse_write_out);
747 req->out.args[0].value = outarg;
750 static size_t fuse_send_write(struct fuse_req *req, struct file *file,
751 loff_t pos, size_t count, fl_owner_t owner)
753 struct fuse_file *ff = file->private_data;
754 struct fuse_conn *fc = ff->fc;
755 struct fuse_write_in *inarg = &req->misc.write.in;
757 fuse_write_fill(req, ff, pos, count);
758 inarg->flags = file->f_flags;
760 inarg->write_flags |= FUSE_WRITE_LOCKOWNER;
761 inarg->lock_owner = fuse_lock_owner_id(fc, owner);
763 fuse_request_send(fc, req);
764 return req->misc.write.out.size;
767 void fuse_write_update_size(struct inode *inode, loff_t pos)
769 struct fuse_conn *fc = get_fuse_conn(inode);
770 struct fuse_inode *fi = get_fuse_inode(inode);
772 spin_lock(&fc->lock);
773 fi->attr_version = ++fc->attr_version;
774 if (pos > inode->i_size)
775 i_size_write(inode, pos);
776 spin_unlock(&fc->lock);
779 static size_t fuse_send_write_pages(struct fuse_req *req, struct file *file,
780 struct inode *inode, loff_t pos,
787 for (i = 0; i < req->num_pages; i++)
788 fuse_wait_on_page_writeback(inode, req->pages[i]->index);
790 res = fuse_send_write(req, file, pos, count, NULL);
792 offset = req->page_offset;
794 for (i = 0; i < req->num_pages; i++) {
795 struct page *page = req->pages[i];
797 if (!req->out.h.error && !offset && count >= PAGE_CACHE_SIZE)
798 SetPageUptodate(page);
800 if (count > PAGE_CACHE_SIZE - offset)
801 count -= PAGE_CACHE_SIZE - offset;
807 page_cache_release(page);
813 static ssize_t fuse_fill_write_pages(struct fuse_req *req,
814 struct address_space *mapping,
815 struct iov_iter *ii, loff_t pos)
817 struct fuse_conn *fc = get_fuse_conn(mapping->host);
818 unsigned offset = pos & (PAGE_CACHE_SIZE - 1);
822 req->in.argpages = 1;
823 req->page_offset = offset;
828 pgoff_t index = pos >> PAGE_CACHE_SHIFT;
829 size_t bytes = min_t(size_t, PAGE_CACHE_SIZE - offset,
832 bytes = min_t(size_t, bytes, fc->max_write - count);
836 if (iov_iter_fault_in_readable(ii, bytes))
840 page = grab_cache_page_write_begin(mapping, index, 0);
844 if (mapping_writably_mapped(mapping))
845 flush_dcache_page(page);
848 tmp = iov_iter_copy_from_user_atomic(page, ii, offset, bytes);
850 flush_dcache_page(page);
852 mark_page_accessed(page);
854 iov_iter_advance(ii, tmp);
857 page_cache_release(page);
858 bytes = min(bytes, iov_iter_single_seg_count(ii));
863 req->pages[req->num_pages] = page;
869 if (offset == PAGE_CACHE_SIZE)
874 } while (iov_iter_count(ii) && count < fc->max_write &&
875 req->num_pages < FUSE_MAX_PAGES_PER_REQ && offset == 0);
877 return count > 0 ? count : err;
880 static ssize_t fuse_perform_write(struct file *file,
881 struct address_space *mapping,
882 struct iov_iter *ii, loff_t pos)
884 struct inode *inode = mapping->host;
885 struct fuse_conn *fc = get_fuse_conn(inode);
886 struct fuse_inode *fi = get_fuse_inode(inode);
890 if (is_bad_inode(inode))
893 if (inode->i_size < pos + iov_iter_count(ii))
894 set_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
897 struct fuse_req *req;
900 req = fuse_get_req(fc);
906 count = fuse_fill_write_pages(req, mapping, ii, pos);
912 num_written = fuse_send_write_pages(req, file, inode,
914 err = req->out.h.error;
919 /* break out of the loop on short write */
920 if (num_written != count)
924 fuse_put_request(fc, req);
925 } while (!err && iov_iter_count(ii));
928 fuse_write_update_size(inode, pos);
930 clear_bit(FUSE_I_SIZE_UNSTABLE, &fi->state);
931 fuse_invalidate_attr(inode);
933 return res > 0 ? res : err;
936 static ssize_t fuse_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
937 unsigned long nr_segs, loff_t pos)
939 struct file *file = iocb->ki_filp;
940 struct address_space *mapping = file->f_mapping;
943 struct inode *inode = mapping->host;
947 WARN_ON(iocb->ki_pos != pos);
949 err = generic_segment_checks(iov, &nr_segs, &count, VERIFY_READ);
953 mutex_lock(&inode->i_mutex);
954 vfs_check_frozen(inode->i_sb, SB_FREEZE_WRITE);
956 /* We can write back this queue in page reclaim */
957 current->backing_dev_info = mapping->backing_dev_info;
959 err = generic_write_checks(file, &pos, &count, S_ISBLK(inode->i_mode));
966 err = file_remove_suid(file);
970 file_update_time(file);
972 iov_iter_init(&i, iov, nr_segs, count, 0);
973 written = fuse_perform_write(file, mapping, &i, pos);
975 iocb->ki_pos = pos + written;
978 current->backing_dev_info = NULL;
979 mutex_unlock(&inode->i_mutex);
981 return written ? written : err;
984 static void fuse_release_user_pages(struct fuse_req *req, int write)
988 for (i = 0; i < req->num_pages; i++) {
989 struct page *page = req->pages[i];
991 set_page_dirty_lock(page);
996 static int fuse_get_user_pages(struct fuse_req *req, const char __user *buf,
997 size_t *nbytesp, int write)
999 size_t nbytes = *nbytesp;
1000 unsigned long user_addr = (unsigned long) buf;
1001 unsigned offset = user_addr & ~PAGE_MASK;
1004 /* Special case for kernel I/O: can copy directly into the buffer */
1005 if (segment_eq(get_fs(), KERNEL_DS)) {
1007 req->in.args[1].value = (void *) user_addr;
1009 req->out.args[0].value = (void *) user_addr;
1014 nbytes = min_t(size_t, nbytes, FUSE_MAX_PAGES_PER_REQ << PAGE_SHIFT);
1015 npages = (nbytes + offset + PAGE_SIZE - 1) >> PAGE_SHIFT;
1016 npages = clamp(npages, 1, FUSE_MAX_PAGES_PER_REQ);
1017 npages = get_user_pages_fast(user_addr, npages, !write, req->pages);
1021 req->num_pages = npages;
1022 req->page_offset = offset;
1025 req->in.argpages = 1;
1027 req->out.argpages = 1;
1029 nbytes = (req->num_pages << PAGE_SHIFT) - req->page_offset;
1030 *nbytesp = min(*nbytesp, nbytes);
1035 ssize_t fuse_direct_io(struct file *file, const char __user *buf,
1036 size_t count, loff_t *ppos, int write)
1038 struct fuse_file *ff = file->private_data;
1039 struct fuse_conn *fc = ff->fc;
1040 size_t nmax = write ? fc->max_write : fc->max_read;
1043 struct fuse_req *req;
1045 req = fuse_get_req(fc);
1047 return PTR_ERR(req);
1051 fl_owner_t owner = current->files;
1052 size_t nbytes = min(count, nmax);
1053 int err = fuse_get_user_pages(req, buf, &nbytes, write);
1060 nres = fuse_send_write(req, file, pos, nbytes, owner);
1062 nres = fuse_send_read(req, file, pos, nbytes, owner);
1064 fuse_release_user_pages(req, !write);
1065 if (req->out.h.error) {
1067 res = req->out.h.error;
1069 } else if (nres > nbytes) {
1080 fuse_put_request(fc, req);
1081 req = fuse_get_req(fc);
1087 fuse_put_request(fc, req);
1093 EXPORT_SYMBOL_GPL(fuse_direct_io);
1095 static ssize_t fuse_direct_read(struct file *file, char __user *buf,
1096 size_t count, loff_t *ppos)
1099 struct inode *inode = file->f_path.dentry->d_inode;
1101 if (is_bad_inode(inode))
1104 res = fuse_direct_io(file, buf, count, ppos, 0);
1106 fuse_invalidate_attr(inode);
1111 static ssize_t fuse_direct_write(struct file *file, const char __user *buf,
1112 size_t count, loff_t *ppos)
1114 struct inode *inode = file->f_path.dentry->d_inode;
1117 if (is_bad_inode(inode))
1120 /* Don't allow parallel writes to the same file */
1121 mutex_lock(&inode->i_mutex);
1122 res = generic_write_checks(file, ppos, &count, 0);
1124 res = fuse_direct_io(file, buf, count, ppos, 1);
1126 fuse_write_update_size(inode, *ppos);
1128 mutex_unlock(&inode->i_mutex);
1130 fuse_invalidate_attr(inode);
1135 static void fuse_writepage_free(struct fuse_conn *fc, struct fuse_req *req)
1137 __free_page(req->pages[0]);
1138 fuse_file_put(req->ff, false);
1141 static void fuse_writepage_finish(struct fuse_conn *fc, struct fuse_req *req)
1143 struct inode *inode = req->inode;
1144 struct fuse_inode *fi = get_fuse_inode(inode);
1145 struct backing_dev_info *bdi = inode->i_mapping->backing_dev_info;
1147 list_del(&req->writepages_entry);
1148 dec_bdi_stat(bdi, BDI_WRITEBACK);
1149 dec_zone_page_state(req->pages[0], NR_WRITEBACK_TEMP);
1150 bdi_writeout_inc(bdi);
1151 wake_up(&fi->page_waitq);
1154 /* Called under fc->lock, may release and reacquire it */
1155 static void fuse_send_writepage(struct fuse_conn *fc, struct fuse_req *req)
1156 __releases(fc->lock)
1157 __acquires(fc->lock)
1159 struct fuse_inode *fi = get_fuse_inode(req->inode);
1160 loff_t size = i_size_read(req->inode);
1161 struct fuse_write_in *inarg = &req->misc.write.in;
1166 if (inarg->offset + PAGE_CACHE_SIZE <= size) {
1167 inarg->size = PAGE_CACHE_SIZE;
1168 } else if (inarg->offset < size) {
1169 inarg->size = size & (PAGE_CACHE_SIZE - 1);
1171 /* Got truncated off completely */
1175 req->in.args[1].size = inarg->size;
1177 fuse_request_send_background_locked(fc, req);
1181 fuse_writepage_finish(fc, req);
1182 spin_unlock(&fc->lock);
1183 fuse_writepage_free(fc, req);
1184 fuse_put_request(fc, req);
1185 spin_lock(&fc->lock);
1189 * If fi->writectr is positive (no truncate or fsync going on) send
1190 * all queued writepage requests.
1192 * Called with fc->lock
1194 void fuse_flush_writepages(struct inode *inode)
1195 __releases(fc->lock)
1196 __acquires(fc->lock)
1198 struct fuse_conn *fc = get_fuse_conn(inode);
1199 struct fuse_inode *fi = get_fuse_inode(inode);
1200 struct fuse_req *req;
1202 while (fi->writectr >= 0 && !list_empty(&fi->queued_writes)) {
1203 req = list_entry(fi->queued_writes.next, struct fuse_req, list);
1204 list_del_init(&req->list);
1205 fuse_send_writepage(fc, req);
1209 static void fuse_writepage_end(struct fuse_conn *fc, struct fuse_req *req)
1211 struct inode *inode = req->inode;
1212 struct fuse_inode *fi = get_fuse_inode(inode);
1214 mapping_set_error(inode->i_mapping, req->out.h.error);
1215 spin_lock(&fc->lock);
1217 fuse_writepage_finish(fc, req);
1218 spin_unlock(&fc->lock);
1219 fuse_writepage_free(fc, req);
1222 static int fuse_writepage_locked(struct page *page)
1224 struct address_space *mapping = page->mapping;
1225 struct inode *inode = mapping->host;
1226 struct fuse_conn *fc = get_fuse_conn(inode);
1227 struct fuse_inode *fi = get_fuse_inode(inode);
1228 struct fuse_req *req;
1229 struct fuse_file *ff;
1230 struct page *tmp_page;
1232 set_page_writeback(page);
1234 req = fuse_request_alloc_nofs();
1238 tmp_page = alloc_page(GFP_NOFS | __GFP_HIGHMEM);
1242 spin_lock(&fc->lock);
1243 BUG_ON(list_empty(&fi->write_files));
1244 ff = list_entry(fi->write_files.next, struct fuse_file, write_entry);
1245 req->ff = fuse_file_get(ff);
1246 spin_unlock(&fc->lock);
1248 fuse_write_fill(req, ff, page_offset(page), 0);
1250 copy_highpage(tmp_page, page);
1251 req->misc.write.in.write_flags |= FUSE_WRITE_CACHE;
1252 req->in.argpages = 1;
1254 req->pages[0] = tmp_page;
1255 req->page_offset = 0;
1256 req->end = fuse_writepage_end;
1259 inc_bdi_stat(mapping->backing_dev_info, BDI_WRITEBACK);
1260 inc_zone_page_state(tmp_page, NR_WRITEBACK_TEMP);
1262 spin_lock(&fc->lock);
1263 list_add(&req->writepages_entry, &fi->writepages);
1264 list_add_tail(&req->list, &fi->queued_writes);
1265 fuse_flush_writepages(inode);
1266 spin_unlock(&fc->lock);
1268 end_page_writeback(page);
1273 fuse_request_free(req);
1275 end_page_writeback(page);
1279 static int fuse_writepage(struct page *page, struct writeback_control *wbc)
1283 err = fuse_writepage_locked(page);
1289 static int fuse_launder_page(struct page *page)
1292 if (clear_page_dirty_for_io(page)) {
1293 struct inode *inode = page->mapping->host;
1294 err = fuse_writepage_locked(page);
1296 fuse_wait_on_page_writeback(inode, page->index);
1302 * Write back dirty pages now, because there may not be any suitable
1305 static void fuse_vma_close(struct vm_area_struct *vma)
1307 filemap_write_and_wait(vma->vm_file->f_mapping);
1311 * Wait for writeback against this page to complete before allowing it
1312 * to be marked dirty again, and hence written back again, possibly
1313 * before the previous writepage completed.
1315 * Block here, instead of in ->writepage(), so that the userspace fs
1316 * can only block processes actually operating on the filesystem.
1318 * Otherwise unprivileged userspace fs would be able to block
1323 * - try_to_free_pages() with order > PAGE_ALLOC_COSTLY_ORDER
1325 static int fuse_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf)
1327 struct page *page = vmf->page;
1329 * Don't use page->mapping as it may become NULL from a
1330 * concurrent truncate.
1332 struct inode *inode = vma->vm_file->f_mapping->host;
1334 fuse_wait_on_page_writeback(inode, page->index);
1338 static const struct vm_operations_struct fuse_file_vm_ops = {
1339 .close = fuse_vma_close,
1340 .fault = filemap_fault,
1341 .page_mkwrite = fuse_page_mkwrite,
1344 static int fuse_file_mmap(struct file *file, struct vm_area_struct *vma)
1346 if ((vma->vm_flags & VM_SHARED) && (vma->vm_flags & VM_MAYWRITE)) {
1347 struct inode *inode = file->f_dentry->d_inode;
1348 struct fuse_conn *fc = get_fuse_conn(inode);
1349 struct fuse_inode *fi = get_fuse_inode(inode);
1350 struct fuse_file *ff = file->private_data;
1352 * file may be written through mmap, so chain it onto the
1353 * inodes's write_file list
1355 spin_lock(&fc->lock);
1356 if (list_empty(&ff->write_entry))
1357 list_add(&ff->write_entry, &fi->write_files);
1358 spin_unlock(&fc->lock);
1360 file_accessed(file);
1361 vma->vm_ops = &fuse_file_vm_ops;
1365 static int fuse_direct_mmap(struct file *file, struct vm_area_struct *vma)
1367 /* Can't provide the coherency needed for MAP_SHARED */
1368 if (vma->vm_flags & VM_MAYSHARE)
1371 invalidate_inode_pages2(file->f_mapping);
1373 return generic_file_mmap(file, vma);
1376 static int convert_fuse_file_lock(const struct fuse_file_lock *ffl,
1377 struct file_lock *fl)
1379 switch (ffl->type) {
1385 if (ffl->start > OFFSET_MAX || ffl->end > OFFSET_MAX ||
1386 ffl->end < ffl->start)
1389 fl->fl_start = ffl->start;
1390 fl->fl_end = ffl->end;
1391 fl->fl_pid = ffl->pid;
1397 fl->fl_type = ffl->type;
1401 static void fuse_lk_fill(struct fuse_req *req, struct file *file,
1402 const struct file_lock *fl, int opcode, pid_t pid,
1405 struct inode *inode = file->f_path.dentry->d_inode;
1406 struct fuse_conn *fc = get_fuse_conn(inode);
1407 struct fuse_file *ff = file->private_data;
1408 struct fuse_lk_in *arg = &req->misc.lk_in;
1411 arg->owner = fuse_lock_owner_id(fc, fl->fl_owner);
1412 arg->lk.start = fl->fl_start;
1413 arg->lk.end = fl->fl_end;
1414 arg->lk.type = fl->fl_type;
1417 arg->lk_flags |= FUSE_LK_FLOCK;
1418 req->in.h.opcode = opcode;
1419 req->in.h.nodeid = get_node_id(inode);
1420 req->in.numargs = 1;
1421 req->in.args[0].size = sizeof(*arg);
1422 req->in.args[0].value = arg;
1425 static int fuse_getlk(struct file *file, struct file_lock *fl)
1427 struct inode *inode = file->f_path.dentry->d_inode;
1428 struct fuse_conn *fc = get_fuse_conn(inode);
1429 struct fuse_req *req;
1430 struct fuse_lk_out outarg;
1433 req = fuse_get_req(fc);
1435 return PTR_ERR(req);
1437 fuse_lk_fill(req, file, fl, FUSE_GETLK, 0, 0);
1438 req->out.numargs = 1;
1439 req->out.args[0].size = sizeof(outarg);
1440 req->out.args[0].value = &outarg;
1441 fuse_request_send(fc, req);
1442 err = req->out.h.error;
1443 fuse_put_request(fc, req);
1445 err = convert_fuse_file_lock(&outarg.lk, fl);
1450 static int fuse_setlk(struct file *file, struct file_lock *fl, int flock)
1452 struct inode *inode = file->f_path.dentry->d_inode;
1453 struct fuse_conn *fc = get_fuse_conn(inode);
1454 struct fuse_req *req;
1455 int opcode = (fl->fl_flags & FL_SLEEP) ? FUSE_SETLKW : FUSE_SETLK;
1456 pid_t pid = fl->fl_type != F_UNLCK ? current->tgid : 0;
1459 if (fl->fl_lmops && fl->fl_lmops->lm_grant) {
1460 /* NLM needs asynchronous locks, which we don't support yet */
1464 /* Unlock on close is handled by the flush method */
1465 if (fl->fl_flags & FL_CLOSE)
1468 req = fuse_get_req(fc);
1470 return PTR_ERR(req);
1472 fuse_lk_fill(req, file, fl, opcode, pid, flock);
1473 fuse_request_send(fc, req);
1474 err = req->out.h.error;
1475 /* locking is restartable */
1478 fuse_put_request(fc, req);
1482 static int fuse_file_lock(struct file *file, int cmd, struct file_lock *fl)
1484 struct inode *inode = file->f_path.dentry->d_inode;
1485 struct fuse_conn *fc = get_fuse_conn(inode);
1488 if (cmd == F_CANCELLK) {
1490 } else if (cmd == F_GETLK) {
1492 posix_test_lock(file, fl);
1495 err = fuse_getlk(file, fl);
1498 err = posix_lock_file(file, fl, NULL);
1500 err = fuse_setlk(file, fl, 0);
1505 static int fuse_file_flock(struct file *file, int cmd, struct file_lock *fl)
1507 struct inode *inode = file->f_path.dentry->d_inode;
1508 struct fuse_conn *fc = get_fuse_conn(inode);
1512 err = flock_lock_file_wait(file, fl);
1514 struct fuse_file *ff = file->private_data;
1516 /* emulate flock with POSIX locks */
1517 fl->fl_owner = (fl_owner_t) file;
1519 err = fuse_setlk(file, fl, 1);
1525 static sector_t fuse_bmap(struct address_space *mapping, sector_t block)
1527 struct inode *inode = mapping->host;
1528 struct fuse_conn *fc = get_fuse_conn(inode);
1529 struct fuse_req *req;
1530 struct fuse_bmap_in inarg;
1531 struct fuse_bmap_out outarg;
1534 if (!inode->i_sb->s_bdev || fc->no_bmap)
1537 req = fuse_get_req(fc);
1541 memset(&inarg, 0, sizeof(inarg));
1542 inarg.block = block;
1543 inarg.blocksize = inode->i_sb->s_blocksize;
1544 req->in.h.opcode = FUSE_BMAP;
1545 req->in.h.nodeid = get_node_id(inode);
1546 req->in.numargs = 1;
1547 req->in.args[0].size = sizeof(inarg);
1548 req->in.args[0].value = &inarg;
1549 req->out.numargs = 1;
1550 req->out.args[0].size = sizeof(outarg);
1551 req->out.args[0].value = &outarg;
1552 fuse_request_send(fc, req);
1553 err = req->out.h.error;
1554 fuse_put_request(fc, req);
1558 return err ? 0 : outarg.block;
1561 static loff_t fuse_file_llseek(struct file *file, loff_t offset, int origin)
1564 struct inode *inode = file->f_path.dentry->d_inode;
1566 mutex_lock(&inode->i_mutex);
1567 if (origin != SEEK_CUR && origin != SEEK_SET) {
1568 retval = fuse_update_attributes(inode, NULL, file, NULL);
1575 offset += i_size_read(inode);
1579 retval = file->f_pos;
1582 offset += file->f_pos;
1585 if (offset >= i_size_read(inode)) {
1591 if (offset >= i_size_read(inode)) {
1595 offset = i_size_read(inode);
1599 if (offset >= 0 && offset <= inode->i_sb->s_maxbytes) {
1600 if (offset != file->f_pos) {
1601 file->f_pos = offset;
1602 file->f_version = 0;
1607 mutex_unlock(&inode->i_mutex);
1611 static int fuse_ioctl_copy_user(struct page **pages, struct iovec *iov,
1612 unsigned int nr_segs, size_t bytes, bool to_user)
1620 iov_iter_init(&ii, iov, nr_segs, bytes, 0);
1622 while (iov_iter_count(&ii)) {
1623 struct page *page = pages[page_idx++];
1624 size_t todo = min_t(size_t, PAGE_SIZE, iov_iter_count(&ii));
1630 char __user *uaddr = ii.iov->iov_base + ii.iov_offset;
1631 size_t iov_len = ii.iov->iov_len - ii.iov_offset;
1632 size_t copy = min(todo, iov_len);
1636 left = copy_from_user(kaddr, uaddr, copy);
1638 left = copy_to_user(uaddr, kaddr, copy);
1643 iov_iter_advance(&ii, copy);
1655 * CUSE servers compiled on 32bit broke on 64bit kernels because the
1656 * ABI was defined to be 'struct iovec' which is different on 32bit
1657 * and 64bit. Fortunately we can determine which structure the server
1658 * used from the size of the reply.
1660 static int fuse_copy_ioctl_iovec_old(struct iovec *dst, void *src,
1661 size_t transferred, unsigned count,
1664 #ifdef CONFIG_COMPAT
1665 if (count * sizeof(struct compat_iovec) == transferred) {
1666 struct compat_iovec *ciov = src;
1670 * With this interface a 32bit server cannot support
1671 * non-compat (i.e. ones coming from 64bit apps) ioctl
1677 for (i = 0; i < count; i++) {
1678 dst[i].iov_base = compat_ptr(ciov[i].iov_base);
1679 dst[i].iov_len = ciov[i].iov_len;
1685 if (count * sizeof(struct iovec) != transferred)
1688 memcpy(dst, src, transferred);
1692 /* Make sure iov_length() won't overflow */
1693 static int fuse_verify_ioctl_iov(struct iovec *iov, size_t count)
1696 u32 max = FUSE_MAX_PAGES_PER_REQ << PAGE_SHIFT;
1698 for (n = 0; n < count; n++, iov++) {
1699 if (iov->iov_len > (size_t) max)
1701 max -= iov->iov_len;
1706 static int fuse_copy_ioctl_iovec(struct fuse_conn *fc, struct iovec *dst,
1707 void *src, size_t transferred, unsigned count,
1711 struct fuse_ioctl_iovec *fiov = src;
1713 if (fc->minor < 16) {
1714 return fuse_copy_ioctl_iovec_old(dst, src, transferred,
1718 if (count * sizeof(struct fuse_ioctl_iovec) != transferred)
1721 for (i = 0; i < count; i++) {
1722 /* Did the server supply an inappropriate value? */
1723 if (fiov[i].base != (unsigned long) fiov[i].base ||
1724 fiov[i].len != (unsigned long) fiov[i].len)
1727 dst[i].iov_base = (void __user *) (unsigned long) fiov[i].base;
1728 dst[i].iov_len = (size_t) fiov[i].len;
1730 #ifdef CONFIG_COMPAT
1732 (ptr_to_compat(dst[i].iov_base) != fiov[i].base ||
1733 (compat_size_t) dst[i].iov_len != fiov[i].len))
1743 * For ioctls, there is no generic way to determine how much memory
1744 * needs to be read and/or written. Furthermore, ioctls are allowed
1745 * to dereference the passed pointer, so the parameter requires deep
1746 * copying but FUSE has no idea whatsoever about what to copy in or
1749 * This is solved by allowing FUSE server to retry ioctl with
1750 * necessary in/out iovecs. Let's assume the ioctl implementation
1751 * needs to read in the following structure.
1758 * On the first callout to FUSE server, inarg->in_size and
1759 * inarg->out_size will be NULL; then, the server completes the ioctl
1760 * with FUSE_IOCTL_RETRY set in out->flags, out->in_iovs set to 1 and
1761 * the actual iov array to
1763 * { { .iov_base = inarg.arg, .iov_len = sizeof(struct a) } }
1765 * which tells FUSE to copy in the requested area and retry the ioctl.
1766 * On the second round, the server has access to the structure and
1767 * from that it can tell what to look for next, so on the invocation,
1768 * it sets FUSE_IOCTL_RETRY, out->in_iovs to 2 and iov array to
1770 * { { .iov_base = inarg.arg, .iov_len = sizeof(struct a) },
1771 * { .iov_base = a.buf, .iov_len = a.buflen } }
1773 * FUSE will copy both struct a and the pointed buffer from the
1774 * process doing the ioctl and retry ioctl with both struct a and the
1777 * This time, FUSE server has everything it needs and completes ioctl
1778 * without FUSE_IOCTL_RETRY which finishes the ioctl call.
1780 * Copying data out works the same way.
1782 * Note that if FUSE_IOCTL_UNRESTRICTED is clear, the kernel
1783 * automatically initializes in and out iovs by decoding @cmd with
1784 * _IOC_* macros and the server is not allowed to request RETRY. This
1785 * limits ioctl data transfers to well-formed ioctls and is the forced
1786 * behavior for all FUSE servers.
1788 long fuse_do_ioctl(struct file *file, unsigned int cmd, unsigned long arg,
1791 struct fuse_file *ff = file->private_data;
1792 struct fuse_conn *fc = ff->fc;
1793 struct fuse_ioctl_in inarg = {
1799 struct fuse_ioctl_out outarg;
1800 struct fuse_req *req = NULL;
1801 struct page **pages = NULL;
1802 struct iovec *iov_page = NULL;
1803 struct iovec *in_iov = NULL, *out_iov = NULL;
1804 unsigned int in_iovs = 0, out_iovs = 0, num_pages = 0, max_pages;
1805 size_t in_size, out_size, transferred;
1808 #if BITS_PER_LONG == 32
1809 inarg.flags |= FUSE_IOCTL_32BIT;
1811 if (flags & FUSE_IOCTL_COMPAT)
1812 inarg.flags |= FUSE_IOCTL_32BIT;
1815 /* assume all the iovs returned by client always fits in a page */
1816 BUILD_BUG_ON(sizeof(struct fuse_ioctl_iovec) * FUSE_IOCTL_MAX_IOV > PAGE_SIZE);
1819 pages = kzalloc(sizeof(pages[0]) * FUSE_MAX_PAGES_PER_REQ, GFP_KERNEL);
1820 iov_page = (struct iovec *) __get_free_page(GFP_KERNEL);
1821 if (!pages || !iov_page)
1825 * If restricted, initialize IO parameters as encoded in @cmd.
1826 * RETRY from server is not allowed.
1828 if (!(flags & FUSE_IOCTL_UNRESTRICTED)) {
1829 struct iovec *iov = iov_page;
1831 iov->iov_base = (void __user *)arg;
1832 iov->iov_len = _IOC_SIZE(cmd);
1834 if (_IOC_DIR(cmd) & _IOC_WRITE) {
1839 if (_IOC_DIR(cmd) & _IOC_READ) {
1846 inarg.in_size = in_size = iov_length(in_iov, in_iovs);
1847 inarg.out_size = out_size = iov_length(out_iov, out_iovs);
1850 * Out data can be used either for actual out data or iovs,
1851 * make sure there always is at least one page.
1853 out_size = max_t(size_t, out_size, PAGE_SIZE);
1854 max_pages = DIV_ROUND_UP(max(in_size, out_size), PAGE_SIZE);
1856 /* make sure there are enough buffer pages and init request with them */
1858 if (max_pages > FUSE_MAX_PAGES_PER_REQ)
1860 while (num_pages < max_pages) {
1861 pages[num_pages] = alloc_page(GFP_KERNEL | __GFP_HIGHMEM);
1862 if (!pages[num_pages])
1867 req = fuse_get_req(fc);
1873 memcpy(req->pages, pages, sizeof(req->pages[0]) * num_pages);
1874 req->num_pages = num_pages;
1876 /* okay, let's send it to the client */
1877 req->in.h.opcode = FUSE_IOCTL;
1878 req->in.h.nodeid = ff->nodeid;
1879 req->in.numargs = 1;
1880 req->in.args[0].size = sizeof(inarg);
1881 req->in.args[0].value = &inarg;
1884 req->in.args[1].size = in_size;
1885 req->in.argpages = 1;
1887 err = fuse_ioctl_copy_user(pages, in_iov, in_iovs, in_size,
1893 req->out.numargs = 2;
1894 req->out.args[0].size = sizeof(outarg);
1895 req->out.args[0].value = &outarg;
1896 req->out.args[1].size = out_size;
1897 req->out.argpages = 1;
1898 req->out.argvar = 1;
1900 fuse_request_send(fc, req);
1901 err = req->out.h.error;
1902 transferred = req->out.args[1].size;
1903 fuse_put_request(fc, req);
1908 /* did it ask for retry? */
1909 if (outarg.flags & FUSE_IOCTL_RETRY) {
1912 /* no retry if in restricted mode */
1914 if (!(flags & FUSE_IOCTL_UNRESTRICTED))
1917 in_iovs = outarg.in_iovs;
1918 out_iovs = outarg.out_iovs;
1921 * Make sure things are in boundary, separate checks
1922 * are to protect against overflow.
1925 if (in_iovs > FUSE_IOCTL_MAX_IOV ||
1926 out_iovs > FUSE_IOCTL_MAX_IOV ||
1927 in_iovs + out_iovs > FUSE_IOCTL_MAX_IOV)
1930 vaddr = kmap_atomic(pages[0], KM_USER0);
1931 err = fuse_copy_ioctl_iovec(fc, iov_page, vaddr,
1932 transferred, in_iovs + out_iovs,
1933 (flags & FUSE_IOCTL_COMPAT) != 0);
1934 kunmap_atomic(vaddr, KM_USER0);
1939 out_iov = in_iov + in_iovs;
1941 err = fuse_verify_ioctl_iov(in_iov, in_iovs);
1945 err = fuse_verify_ioctl_iov(out_iov, out_iovs);
1953 if (transferred > inarg.out_size)
1956 err = fuse_ioctl_copy_user(pages, out_iov, out_iovs, transferred, true);
1959 fuse_put_request(fc, req);
1960 free_page((unsigned long) iov_page);
1962 __free_page(pages[--num_pages]);
1965 return err ? err : outarg.result;
1967 EXPORT_SYMBOL_GPL(fuse_do_ioctl);
1969 static long fuse_file_ioctl_common(struct file *file, unsigned int cmd,
1970 unsigned long arg, unsigned int flags)
1972 struct inode *inode = file->f_dentry->d_inode;
1973 struct fuse_conn *fc = get_fuse_conn(inode);
1975 if (!fuse_allow_task(fc, current))
1978 if (is_bad_inode(inode))
1981 return fuse_do_ioctl(file, cmd, arg, flags);
1984 static long fuse_file_ioctl(struct file *file, unsigned int cmd,
1987 return fuse_file_ioctl_common(file, cmd, arg, 0);
1990 static long fuse_file_compat_ioctl(struct file *file, unsigned int cmd,
1993 return fuse_file_ioctl_common(file, cmd, arg, FUSE_IOCTL_COMPAT);
1997 * All files which have been polled are linked to RB tree
1998 * fuse_conn->polled_files which is indexed by kh. Walk the tree and
1999 * find the matching one.
2001 static struct rb_node **fuse_find_polled_node(struct fuse_conn *fc, u64 kh,
2002 struct rb_node **parent_out)
2004 struct rb_node **link = &fc->polled_files.rb_node;
2005 struct rb_node *last = NULL;
2008 struct fuse_file *ff;
2011 ff = rb_entry(last, struct fuse_file, polled_node);
2014 link = &last->rb_left;
2015 else if (kh > ff->kh)
2016 link = &last->rb_right;
2027 * The file is about to be polled. Make sure it's on the polled_files
2028 * RB tree. Note that files once added to the polled_files tree are
2029 * not removed before the file is released. This is because a file
2030 * polled once is likely to be polled again.
2032 static void fuse_register_polled_file(struct fuse_conn *fc,
2033 struct fuse_file *ff)
2035 spin_lock(&fc->lock);
2036 if (RB_EMPTY_NODE(&ff->polled_node)) {
2037 struct rb_node **link, *parent;
2039 link = fuse_find_polled_node(fc, ff->kh, &parent);
2041 rb_link_node(&ff->polled_node, parent, link);
2042 rb_insert_color(&ff->polled_node, &fc->polled_files);
2044 spin_unlock(&fc->lock);
2047 unsigned fuse_file_poll(struct file *file, poll_table *wait)
2049 struct fuse_file *ff = file->private_data;
2050 struct fuse_conn *fc = ff->fc;
2051 struct fuse_poll_in inarg = { .fh = ff->fh, .kh = ff->kh };
2052 struct fuse_poll_out outarg;
2053 struct fuse_req *req;
2057 return DEFAULT_POLLMASK;
2059 poll_wait(file, &ff->poll_wait, wait);
2062 * Ask for notification iff there's someone waiting for it.
2063 * The client may ignore the flag and always notify.
2065 if (waitqueue_active(&ff->poll_wait)) {
2066 inarg.flags |= FUSE_POLL_SCHEDULE_NOTIFY;
2067 fuse_register_polled_file(fc, ff);
2070 req = fuse_get_req(fc);
2074 req->in.h.opcode = FUSE_POLL;
2075 req->in.h.nodeid = ff->nodeid;
2076 req->in.numargs = 1;
2077 req->in.args[0].size = sizeof(inarg);
2078 req->in.args[0].value = &inarg;
2079 req->out.numargs = 1;
2080 req->out.args[0].size = sizeof(outarg);
2081 req->out.args[0].value = &outarg;
2082 fuse_request_send(fc, req);
2083 err = req->out.h.error;
2084 fuse_put_request(fc, req);
2087 return outarg.revents;
2088 if (err == -ENOSYS) {
2090 return DEFAULT_POLLMASK;
2094 EXPORT_SYMBOL_GPL(fuse_file_poll);
2097 * This is called from fuse_handle_notify() on FUSE_NOTIFY_POLL and
2098 * wakes up the poll waiters.
2100 int fuse_notify_poll_wakeup(struct fuse_conn *fc,
2101 struct fuse_notify_poll_wakeup_out *outarg)
2103 u64 kh = outarg->kh;
2104 struct rb_node **link;
2106 spin_lock(&fc->lock);
2108 link = fuse_find_polled_node(fc, kh, NULL);
2110 struct fuse_file *ff;
2112 ff = rb_entry(*link, struct fuse_file, polled_node);
2113 wake_up_interruptible_sync(&ff->poll_wait);
2116 spin_unlock(&fc->lock);
2120 static const struct file_operations fuse_file_operations = {
2121 .llseek = fuse_file_llseek,
2122 .read = do_sync_read,
2123 .aio_read = fuse_file_aio_read,
2124 .write = do_sync_write,
2125 .aio_write = fuse_file_aio_write,
2126 .mmap = fuse_file_mmap,
2128 .flush = fuse_flush,
2129 .release = fuse_release,
2130 .fsync = fuse_fsync,
2131 .lock = fuse_file_lock,
2132 .flock = fuse_file_flock,
2133 .splice_read = generic_file_splice_read,
2134 .unlocked_ioctl = fuse_file_ioctl,
2135 .compat_ioctl = fuse_file_compat_ioctl,
2136 .poll = fuse_file_poll,
2139 static const struct file_operations fuse_direct_io_file_operations = {
2140 .llseek = fuse_file_llseek,
2141 .read = fuse_direct_read,
2142 .write = fuse_direct_write,
2143 .mmap = fuse_direct_mmap,
2145 .flush = fuse_flush,
2146 .release = fuse_release,
2147 .fsync = fuse_fsync,
2148 .lock = fuse_file_lock,
2149 .flock = fuse_file_flock,
2150 .unlocked_ioctl = fuse_file_ioctl,
2151 .compat_ioctl = fuse_file_compat_ioctl,
2152 .poll = fuse_file_poll,
2153 /* no splice_read */
2156 static const struct address_space_operations fuse_file_aops = {
2157 .readpage = fuse_readpage,
2158 .writepage = fuse_writepage,
2159 .launder_page = fuse_launder_page,
2160 .readpages = fuse_readpages,
2161 .set_page_dirty = __set_page_dirty_nobuffers,
2165 void fuse_init_file_inode(struct inode *inode)
2167 inode->i_fop = &fuse_file_operations;
2168 inode->i_data.a_ops = &fuse_file_aops;
git.openpandora.org / pandora-kernel.git / blob