diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2011-06-27 16:25:29 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-07-20 01:44:09 -0400 |
| commit | 2780f1ff6aec0cf708a61c022d475bfcaa648965 (patch) | |
| tree | c8c65497d2ab7c56bde6fc6166489d9caf9386e9 | |
| parent | 6657719390cd05be45f4e3b501d8bb46889c0a19 (diff) | |
switch devtmpfs object creation/removal to separate kernel thread
... and give it a namespace where devtmpfs would be mounted on root,
thus avoiding abuses of vfs_path_lookup() (it was never intended to
be used with LOOKUP_PARENT). Games with credentials are also gone.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
| -rw-r--r-- | drivers/base/devtmpfs.c | 222 |
1 files changed, 149 insertions, 73 deletions
diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c index 82bbb5967aa9..1a16e1fd7f8a 100644 --- a/drivers/base/devtmpfs.c +++ b/drivers/base/devtmpfs.c | |||
| @@ -21,12 +21,11 @@ | |||
| 21 | #include <linux/fs.h> | 21 | #include <linux/fs.h> |
| 22 | #include <linux/shmem_fs.h> | 22 | #include <linux/shmem_fs.h> |
| 23 | #include <linux/ramfs.h> | 23 | #include <linux/ramfs.h> |
| 24 | #include <linux/cred.h> | ||
| 25 | #include <linux/sched.h> | 24 | #include <linux/sched.h> |
| 26 | #include <linux/init_task.h> | ||
| 27 | #include <linux/slab.h> | 25 | #include <linux/slab.h> |
| 26 | #include <linux/kthread.h> | ||
| 28 | 27 | ||
| 29 | static struct vfsmount *dev_mnt; | 28 | static struct task_struct *thread; |
| 30 | 29 | ||
| 31 | #if defined CONFIG_DEVTMPFS_MOUNT | 30 | #if defined CONFIG_DEVTMPFS_MOUNT |
| 32 | static int mount_dev = 1; | 31 | static int mount_dev = 1; |
| @@ -34,7 +33,16 @@ static int mount_dev = 1; | |||
| 34 | static int mount_dev; | 33 | static int mount_dev; |
| 35 | #endif | 34 | #endif |
| 36 | 35 | ||
| 37 | static DEFINE_MUTEX(dirlock); | 36 | static DEFINE_SPINLOCK(req_lock); |
| 37 | |||
| 38 | static struct req { | ||
| 39 | struct req *next; | ||
| 40 | struct completion done; | ||
| 41 | int err; | ||
| 42 | const char *name; | ||
| 43 | mode_t mode; /* 0 => delete */ | ||
| 44 | struct device *dev; | ||
| 45 | } *requests; | ||
| 38 | 46 | ||
| 39 | static int __init mount_param(char *str) | 47 | static int __init mount_param(char *str) |
| 40 | { | 48 | { |
| @@ -68,14 +76,79 @@ static inline int is_blockdev(struct device *dev) | |||
| 68 | static inline int is_blockdev(struct device *dev) { return 0; } | 76 | static inline int is_blockdev(struct device *dev) { return 0; } |
| 69 | #endif | 77 | #endif |
| 70 | 78 | ||
| 79 | int devtmpfs_create_node(struct device *dev) | ||
| 80 | { | ||
| 81 | const char *tmp = NULL; | ||
| 82 | struct req req; | ||
| 83 | |||
| 84 | if (!thread) | ||
| 85 | return 0; | ||
| 86 | |||
| 87 | req.mode = 0; | ||
| 88 | req.name = device_get_devnode(dev, &req.mode, &tmp); | ||
| 89 | if (!req.name) | ||
| 90 | return -ENOMEM; | ||
| 91 | |||
| 92 | if (req.mode == 0) | ||
| 93 | req.mode = 0600; | ||
| 94 | if (is_blockdev(dev)) | ||
| 95 | req.mode |= S_IFBLK; | ||
| 96 | else | ||
| 97 | req.mode |= S_IFCHR; | ||
| 98 | |||
| 99 | req.dev = dev; | ||
| 100 | |||
| 101 | init_completion(&req.done); | ||
| 102 | |||
| 103 | spin_lock(&req_lock); | ||
| 104 | req.next = requests; | ||
| 105 | requests = &req; | ||
| 106 | spin_unlock(&req_lock); | ||
| 107 | |||
| 108 | wake_up_process(thread); | ||
| 109 | wait_for_completion(&req.done); | ||
| 110 | |||
| 111 | kfree(tmp); | ||
| 112 | |||
| 113 | return req.err; | ||
| 114 | } | ||
| 115 | |||
| 116 | int devtmpfs_delete_node(struct device *dev) | ||
| 117 | { | ||
| 118 | const char *tmp = NULL; | ||
| 119 | struct req req; | ||
| 120 | |||
| 121 | if (!thread) | ||
| 122 | return 0; | ||
| 123 | |||
| 124 | req.name = device_get_devnode(dev, NULL, &tmp); | ||
| 125 | if (!req.name) | ||
| 126 | return -ENOMEM; | ||
| 127 | |||
| 128 | req.mode = 0; | ||
| 129 | req.dev = dev; | ||
| 130 | |||
| 131 | init_completion(&req.done); | ||
| 132 | |||
| 133 | spin_lock(&req_lock); | ||
| 134 | req.next = requests; | ||
| 135 | requests = &req; | ||
| 136 | spin_unlock(&req_lock); | ||
| 137 | |||
| 138 | wake_up_process(thread); | ||
| 139 | wait_for_completion(&req.done); | ||
| 140 | |||
| 141 | kfree(tmp); | ||
| 142 | return req.err; | ||
| 143 | } | ||
| 144 | |||
| 71 | static int dev_mkdir(const char *name, mode_t mode) | 145 | static int dev_mkdir(const char *name, mode_t mode) |
| 72 | { | 146 | { |
| 73 | struct nameidata nd; | 147 | struct nameidata nd; |
| 74 | struct dentry *dentry; | 148 | struct dentry *dentry; |
| 75 | int err; | 149 | int err; |
| 76 | 150 | ||
| 77 | err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt, | 151 | err = kern_path_parent(name, &nd); |
| 78 | name, LOOKUP_PARENT, &nd); | ||
| 79 | if (err) | 152 | if (err) |
| 80 | return err; | 153 | return err; |
| 81 | 154 | ||
| @@ -84,7 +157,7 @@ static int dev_mkdir(const char *name, mode_t mode) | |||
| 84 | err = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode); | 157 | err = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode); |
| 85 | if (!err) | 158 | if (!err) |
| 86 | /* mark as kernel-created inode */ | 159 | /* mark as kernel-created inode */ |
| 87 | dentry->d_inode->i_private = &dev_mnt; | 160 | dentry->d_inode->i_private = &thread; |
| 88 | dput(dentry); | 161 | dput(dentry); |
| 89 | } else { | 162 | } else { |
| 90 | err = PTR_ERR(dentry); | 163 | err = PTR_ERR(dentry); |
| @@ -99,7 +172,6 @@ static int create_path(const char *nodepath) | |||
| 99 | { | 172 | { |
| 100 | int err; | 173 | int err; |
| 101 | 174 | ||
| 102 | mutex_lock(&dirlock); | ||
| 103 | err = dev_mkdir(nodepath, 0755); | 175 | err = dev_mkdir(nodepath, 0755); |
| 104 | if (err == -ENOENT) { | 176 | if (err == -ENOENT) { |
| 105 | char *path; | 177 | char *path; |
| @@ -126,45 +198,22 @@ static int create_path(const char *nodepath) | |||
| 126 | kfree(path); | 198 | kfree(path); |
| 127 | } | 199 | } |
| 128 | out: | 200 | out: |
| 129 | mutex_unlock(&dirlock); | ||
| 130 | return err; | 201 | return err; |
| 131 | } | 202 | } |
| 132 | 203 | ||
| 133 | int devtmpfs_create_node(struct device *dev) | 204 | static int handle_create(const char *nodename, mode_t mode, struct device *dev) |
| 134 | { | 205 | { |
| 135 | const char *tmp = NULL; | ||
| 136 | const char *nodename; | ||
| 137 | const struct cred *curr_cred; | ||
| 138 | mode_t mode = 0; | ||
| 139 | struct nameidata nd; | 206 | struct nameidata nd; |
| 140 | struct dentry *dentry; | 207 | struct dentry *dentry; |
| 141 | int err; | 208 | int err; |
| 142 | 209 | ||
| 143 | if (!dev_mnt) | 210 | err = kern_path_parent(nodename, &nd); |
| 144 | return 0; | ||
| 145 | |||
| 146 | nodename = device_get_devnode(dev, &mode, &tmp); | ||
| 147 | if (!nodename) | ||
| 148 | return -ENOMEM; | ||
| 149 | |||
| 150 | if (mode == 0) | ||
| 151 | mode = 0600; | ||
| 152 | if (is_blockdev(dev)) | ||
| 153 | mode |= S_IFBLK; | ||
| 154 | else | ||
| 155 | mode |= S_IFCHR; | ||
| 156 | |||
| 157 | curr_cred = override_creds(&init_cred); | ||
| 158 | |||
| 159 | err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt, | ||
| 160 | nodename, LOOKUP_PARENT, &nd); | ||
| 161 | if (err == -ENOENT) { | 211 | if (err == -ENOENT) { |
| 162 | create_path(nodename); | 212 | create_path(nodename); |
| 163 | err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt, | 213 | err = kern_path_parent(nodename, &nd); |
| 164 | nodename, LOOKUP_PARENT, &nd); | ||
| 165 | } | 214 | } |
| 166 | if (err) | 215 | if (err) |
| 167 | goto out; | 216 | return err; |
| 168 | 217 | ||
| 169 | dentry = lookup_create(&nd, 0); | 218 | dentry = lookup_create(&nd, 0); |
| 170 | if (!IS_ERR(dentry)) { | 219 | if (!IS_ERR(dentry)) { |
| @@ -181,7 +230,7 @@ int devtmpfs_create_node(struct device *dev) | |||
| 181 | mutex_unlock(&dentry->d_inode->i_mutex); | 230 | mutex_unlock(&dentry->d_inode->i_mutex); |
| 182 | 231 | ||
| 183 | /* mark as kernel-created inode */ | 232 | /* mark as kernel-created inode */ |
| 184 | dentry->d_inode->i_private = &dev_mnt; | 233 | dentry->d_inode->i_private = &thread; |
| 185 | } | 234 | } |
| 186 | dput(dentry); | 235 | dput(dentry); |
| 187 | } else { | 236 | } else { |
| @@ -190,9 +239,6 @@ int devtmpfs_create_node(struct device *dev) | |||
| 190 | 239 | ||
| 191 | mutex_unlock(&nd.path.dentry->d_inode->i_mutex); | 240 | mutex_unlock(&nd.path.dentry->d_inode->i_mutex); |
| 192 | path_put(&nd.path); | 241 | path_put(&nd.path); |
| 193 | out: | ||
| 194 | kfree(tmp); | ||
| 195 | revert_creds(curr_cred); | ||
| 196 | return err; | 242 | return err; |
| 197 | } | 243 | } |
| 198 | 244 | ||
| @@ -202,8 +248,7 @@ static int dev_rmdir(const char *name) | |||
| 202 | struct dentry *dentry; | 248 | struct dentry *dentry; |
| 203 | int err; | 249 | int err; |
| 204 | 250 | ||
| 205 | err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt, | 251 | err = kern_path_parent(name, &nd); |
| 206 | name, LOOKUP_PARENT, &nd); | ||
| 207 | if (err) | 252 | if (err) |
| 208 | return err; | 253 | return err; |
| 209 | 254 | ||
| @@ -211,7 +256,7 @@ static int dev_rmdir(const char *name) | |||
| 211 | dentry = lookup_one_len(nd.last.name, nd.path.dentry, nd.last.len); | 256 | dentry = lookup_one_len(nd.last.name, nd.path.dentry, nd.last.len); |
| 212 | if (!IS_ERR(dentry)) { | 257 | if (!IS_ERR(dentry)) { |
| 213 | if (dentry->d_inode) { | 258 | if (dentry->d_inode) { |
| 214 | if (dentry->d_inode->i_private == &dev_mnt) | 259 | if (dentry->d_inode->i_private == &thread) |
| 215 | err = vfs_rmdir(nd.path.dentry->d_inode, | 260 | err = vfs_rmdir(nd.path.dentry->d_inode, |
| 216 | dentry); | 261 | dentry); |
| 217 | else | 262 | else |
| @@ -238,7 +283,6 @@ static int delete_path(const char *nodepath) | |||
| 238 | if (!path) | 283 | if (!path) |
| 239 | return -ENOMEM; | 284 | return -ENOMEM; |
| 240 | 285 | ||
| 241 | mutex_lock(&dirlock); | ||
| 242 | for (;;) { | 286 | for (;;) { |
| 243 | char *base; | 287 | char *base; |
| 244 | 288 | ||
| @@ -250,7 +294,6 @@ static int delete_path(const char *nodepath) | |||
| 250 | if (err) | 294 | if (err) |
| 251 | break; | 295 | break; |
| 252 | } | 296 | } |
| 253 | mutex_unlock(&dirlock); | ||
| 254 | 297 | ||
| 255 | kfree(path); | 298 | kfree(path); |
| 256 | return err; | 299 | return err; |
| @@ -259,7 +302,7 @@ static int delete_path(const char *nodepath) | |||
| 259 | static int dev_mynode(struct device *dev, struct inode *inode, struct kstat *stat) | 302 | static int dev_mynode(struct device *dev, struct inode *inode, struct kstat *stat) |
| 260 | { | 303 | { |
| 261 | /* did we create it */ | 304 | /* did we create it */ |
| 262 | if (inode->i_private != &dev_mnt) | 305 | if (inode->i_private != &thread) |
| 263 | return 0; | 306 | return 0; |
| 264 | 307 | ||
| 265 | /* does the dev_t match */ | 308 | /* does the dev_t match */ |
| @@ -277,29 +320,17 @@ static int dev_mynode(struct device *dev, struct inode *inode, struct kstat *sta | |||
| 277 | return 1; | 320 | return 1; |
| 278 | } | 321 | } |
| 279 | 322 | ||
| 280 | int devtmpfs_delete_node(struct device *dev) | 323 | static int handle_remove(const char *nodename, struct device *dev) |
| 281 | { | 324 | { |
| 282 | const char *tmp = NULL; | ||
| 283 | const char *nodename; | ||
| 284 | const struct cred *curr_cred; | ||
| 285 | struct nameidata nd; | 325 | struct nameidata nd; |
| 286 | struct dentry *dentry; | 326 | struct dentry *dentry; |
| 287 | struct kstat stat; | 327 | struct kstat stat; |
| 288 | int deleted = 1; | 328 | int deleted = 1; |
| 289 | int err; | 329 | int err; |
| 290 | 330 | ||
| 291 | if (!dev_mnt) | 331 | err = kern_path_parent(nodename, &nd); |
| 292 | return 0; | ||
| 293 | |||
| 294 | nodename = device_get_devnode(dev, NULL, &tmp); | ||
| 295 | if (!nodename) | ||
| 296 | return -ENOMEM; | ||
| 297 | |||
| 298 | curr_cred = override_creds(&init_cred); | ||
| 299 | err = vfs_path_lookup(dev_mnt->mnt_root, dev_mnt, | ||
| 300 | nodename, LOOKUP_PARENT, &nd); | ||
| 301 | if (err) | 332 | if (err) |
| 302 | goto out; | 333 | return err; |
| 303 | 334 | ||
| 304 | mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); | 335 | mutex_lock_nested(&nd.path.dentry->d_inode->i_mutex, I_MUTEX_PARENT); |
| 305 | dentry = lookup_one_len(nd.last.name, nd.path.dentry, nd.last.len); | 336 | dentry = lookup_one_len(nd.last.name, nd.path.dentry, nd.last.len); |
| @@ -337,9 +368,6 @@ int devtmpfs_delete_node(struct device *dev) | |||
| 337 | path_put(&nd.path); | 368 | path_put(&nd.path); |
| 338 | if (deleted && strchr(nodename, '/')) | 369 | if (deleted && strchr(nodename, '/')) |
| 339 | delete_path(nodename); | 370 | delete_path(nodename); |
| 340 | out: | ||
| 341 | kfree(tmp); | ||
| 342 | revert_creds(curr_cred); | ||
| 343 | return err; | 371 | return err; |
| 344 | } | 372 | } |
| 345 | 373 | ||
| @@ -354,7 +382,7 @@ int devtmpfs_mount(const char *mntdir) | |||
| 354 | if (!mount_dev) | 382 | if (!mount_dev) |
| 355 | return 0; | 383 | return 0; |
| 356 | 384 | ||
| 357 | if (!dev_mnt) | 385 | if (!thread) |
| 358 | return 0; | 386 | return 0; |
| 359 | 387 | ||
| 360 | err = sys_mount("devtmpfs", (char *)mntdir, "devtmpfs", MS_SILENT, NULL); | 388 | err = sys_mount("devtmpfs", (char *)mntdir, "devtmpfs", MS_SILENT, NULL); |
| @@ -365,31 +393,79 @@ int devtmpfs_mount(const char *mntdir) | |||
| 365 | return err; | 393 | return err; |
| 366 | } | 394 | } |
| 367 | 395 | ||
| 396 | static __initdata DECLARE_COMPLETION(setup_done); | ||
| 397 | |||
| 398 | static int handle(const char *name, mode_t mode, struct device *dev) | ||
| 399 | { | ||
| 400 | if (mode) | ||
| 401 | return handle_create(name, mode, dev); | ||
| 402 | else | ||
| 403 | return handle_remove(name, dev); | ||
| 404 | } | ||
| 405 | |||
| 406 | static int devtmpfsd(void *p) | ||
| 407 | { | ||
| 408 | char options[] = "mode=0755"; | ||
| 409 | int *err = p; | ||
| 410 | *err = sys_unshare(CLONE_NEWNS); | ||
| 411 | if (*err) | ||
| 412 | goto out; | ||
| 413 | *err = sys_mount("devtmpfs", "/", "devtmpfs", MS_SILENT, options); | ||
| 414 | if (*err) | ||
| 415 | goto out; | ||
| 416 | sys_chdir("/.."); /* will traverse into overmounted root */ | ||
| 417 | sys_chroot("."); | ||
| 418 | complete(&setup_done); | ||
| 419 | while (1) { | ||
| 420 | spin_lock(&req_lock); | ||
| 421 | while (requests) { | ||
| 422 | struct req *req = requests; | ||
| 423 | requests = NULL; | ||
| 424 | spin_unlock(&req_lock); | ||
| 425 | while (req) { | ||
| 426 | req->err = handle(req->name, req->mode, req->dev); | ||
| 427 | complete(&req->done); | ||
| 428 | req = req->next; | ||
| 429 | } | ||
| 430 | spin_lock(&req_lock); | ||
| 431 | } | ||
| 432 | set_current_state(TASK_INTERRUPTIBLE); | ||
| 433 | spin_unlock(&req_lock); | ||
| 434 | schedule(); | ||
| 435 | __set_current_state(TASK_RUNNING); | ||
| 436 | } | ||
| 437 | return 0; | ||
| 438 | out: | ||
| 439 | complete(&setup_done); | ||
| 440 | return *err; | ||
| 441 | } | ||
| 442 | |||
| 368 | /* | 443 | /* |
| 369 | * Create devtmpfs instance, driver-core devices will add their device | 444 | * Create devtmpfs instance, driver-core devices will add their device |
| 370 | * nodes here. | 445 | * nodes here. |
| 371 | */ | 446 | */ |
| 372 | int __init devtmpfs_init(void) | 447 | int __init devtmpfs_init(void) |
| 373 | { | 448 | { |
| 374 | int err; | 449 | int err = register_filesystem(&dev_fs_type); |
| 375 | struct vfsmount *mnt; | ||
| 376 | char options[] = "mode=0755"; | ||
| 377 | |||
| 378 | err = register_filesystem(&dev_fs_type); | ||
| 379 | if (err) { | 450 | if (err) { |
| 380 | printk(KERN_ERR "devtmpfs: unable to register devtmpfs " | 451 | printk(KERN_ERR "devtmpfs: unable to register devtmpfs " |
| 381 | "type %i\n", err); | 452 | "type %i\n", err); |
| 382 | return err; | 453 | return err; |
| 383 | } | 454 | } |
| 384 | 455 | ||
| 385 | mnt = kern_mount_data(&dev_fs_type, options); | 456 | thread = kthread_run(devtmpfsd, &err, "kdevtmpfs"); |
| 386 | if (IS_ERR(mnt)) { | 457 | if (!IS_ERR(thread)) { |
| 387 | err = PTR_ERR(mnt); | 458 | wait_for_completion(&setup_done); |
| 459 | } else { | ||
| 460 | err = PTR_ERR(thread); | ||
| 461 | thread = NULL; | ||
| 462 | } | ||
| 463 | |||
| 464 | if (err) { | ||
| 388 | printk(KERN_ERR "devtmpfs: unable to create devtmpfs %i\n", err); | 465 | printk(KERN_ERR "devtmpfs: unable to create devtmpfs %i\n", err); |
| 389 | unregister_filesystem(&dev_fs_type); | 466 | unregister_filesystem(&dev_fs_type); |
| 390 | return err; | 467 | return err; |
| 391 | } | 468 | } |
| 392 | dev_mnt = mnt; | ||
| 393 | 469 | ||
| 394 | printk(KERN_INFO "devtmpfs: initialized\n"); | 470 | printk(KERN_INFO "devtmpfs: initialized\n"); |
| 395 | return 0; | 471 | return 0; |