Commit graph

781920 commits

Author SHA1 Message Date
Daniel Roseberg
a37e92bf34 ANDROID: sdcardfs: Don't iput if we didn't igrab
If we fail to get top, top is either NULL, or igrab found
that we're in the process of freeing that inode, and did
not grab it. Either way, we didn't grab it, and have no
business putting it.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 38117720
Change-Id: Ie2f587483b9abb5144263156a443e89bc69b767b
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
89c1317b62 ANDROID: sdcardfs: Call lower fs's revalidate
We should be calling the lower filesystem's revalidate
inside of sdcardfs's revalidate, as wrapfs does.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I939d1c4192fafc1e21678aeab43fe3d588b8e2f4
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
1e952e48ac ANDROID: sdcardfs: Avoid setting GIDs outside of valid ranges
When setting up the ownership of files on the lower filesystem,
ensure that these values are in reasonable ranges for apps. If
they aren't, default to AID_MEDIA_RW

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37516160
Change-Id: I0bec76a61ac72aff0b993ab1ad04be8382178a00
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
ecd0dfc494 ANDROID: sdcardfs: Copy meta-data from lower inode
From wrapfs commit 3ee9b365e38c ("Wrapfs: properly copy meta-data after
AIO operations from lower inode")

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I9a789222e27a17b8d85ce61c45397d1839f9a675
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
b56c6fe517 ANDROID: sdcardfs: Use filesystem specific hash
We weren't accounting for FS specific hash functions,
causing us to miss negative dentries for any FS that
had one.

Similar to a patch from esdfs
commit 75bd25a9476d ("esdfs: support lower's own hash")

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I32d1ba304d728e0ca2648cacfb4c2e441ae63608
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
9b806aafea ANDROID: sdcardfs: Don't complain in fixup_lower_ownership
Not all filesystems support changing the owner of a file.
We shouldn't complain if it doesn't happen.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37488099
Change-Id: I403e44ab7230f176e6df82f6adb4e5c82ce57f33
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
1aea6f496e ANDROID: sdcardfs: Don't do d_add for lower fs
For file based encryption, ext4 explicitly does not
create negative dentries for encrypted files. If you
force one over it, the decrypted file will be hidden
until the cache is cleared. Instead, just fail out.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37231161
Change-Id: Id2a9708dfa75e1c22f89915c529789caadd2ca4b
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
a7752d7f51 ANDROID: sdcardfs: ->iget fixes
Adapted from wrapfs
commit 8c49eaa0sb9c ("Wrapfs: ->iget fixes")

Change where we igrab/iput to ensure we always hold a valid lower_inode.
Return ENOMEM (not EACCES) if iget5_locked returns NULL.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959

Change-Id: Id8d4e0c0cbc685a0a77685ce73c923e9a3ddc094
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
20b0033d17 ANDROID: sdcardfs: Change cache GID value
Change-Id: Ieb955dd26493da26a458bc20fbbe75bca32b094f
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37193650
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
c0d27f50d1 ANDROID: sdcardfs: Directly pass lower file for mmap
Instead of relying on a copy hack, pass the lower file
as private data. This lets the kernel find the vma
mapping for pages used by the file, allowing pages
used by mapping to be reclaimed.

This is adapted from following esdfs patches
commit 0647e638d: ("esdfs: store lower file in vm_file for mmap")
commit 064850866: ("esdfs: keep a counter for mmaped file")

Change-Id: I75b74d1e5061db1b8c13be38d184e118c0851a1a
Signed-off-by: Daniel Rosenberg <drosen@google.com>
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
f1ef049be5 ANDROID: sdcardfs: update module info
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I958c7c226d4e9265fea8996803e5b004fb33d8ad
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
2e5e3fd117 ANDROID: sdcardfs: use d_splice_alias
adapted from wrapfs
commit 9671770ff8b9 ("Wrapfs: use d_splice_alias")

Refactor interpose code to allow lookup to use d_splice_alias.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: Icf51db8658202c48456724275b03dc77f73f585b
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
63cd557652 ANDROID: sdcardfs: add read_iter/write_iter opeations
Adapted from wrapfs
commit f398bf6a7377 ("Wrapfs: add read_iter/write_iter opeations")

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Mengyang Li <li.mengyang@stonybrook.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I2b3de59c9682fc705bf21df0de6df81e76fd2e40
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
d73d4fde4c ANDROID: sdcardfs: fix ->llseek to update upper and lower offset
Adapted from wrapfs
commit 1d1d23a47baa ("Wrapfs: fix ->llseek to update upper and lower
offsets")

Fixes bug: xfstests generic/257. f_pos consistently is required by and
only by dir_ops->wrapfs_readdir, main_ops is not affected.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Mengyang Li <li.mengyang@stonybrook.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I360a1368ac37ea8966910a58972b81504031d437
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
bcd422f8db ANDROID: sdcardfs: copy lower inode attributes in ->ioctl
Adapted from wrapfs
commit fbc9c6f83ea6 ("Wrapfs: copy lower inode attributes in ->ioctl")
commit e97d8e26cc9e ("Wrapfs: use file_inode helper")

Some ioctls (e.g., EXT2_IOC_SETFLAGS) can change inode attributes, so copy
them from lower inode.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I0f12684b9dbd4088b4a622c7ea9c03087f40e572
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
8d253f8268 ANDROID: sdcardfs: remove unnecessary call to do_munmap
Adapted from wrapfs
commit 5be6de9ecf02 ("Wrapfs: use vm_munmap in ->mmap")
commit 2c9f6014a8bb ("Wrapfs: remove unnecessary call
to vm_unmap in ->mmap")

Code is unnecessary and causes deadlocks in newer kernels.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: Ia252d60c60799d7e28fc5f1f0f5b5ec2430a2379
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
9f6523661c ANDROID: sdcardfs: Fix style issues in macros
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I89c4035029dc2236081a7685c55cac595d9e7ebf
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
e7ea867bd8 ANDROID: sdcardfs: Use seq_puts over seq_printf
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I3795ec61ce61e324738815b1ce3b0e09b25d723f
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
497e393b31 ANDROID: sdcardfs: Use to kstrout
Switch from deprecated simple_strtoul to kstrout

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: If18bd133b4d2877f71e58b58fc31371ff6613ed5
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
6f2db92586 ANDROID: sdcardfs: Use pr_[...] instead of printk
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: Ibc635ec865750530d32b87067779f681fe58a003
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
464527aa10 ANDROID: sdcardfs: remove unneeded null check
As pointed out by checkpatch, these functions already
handle null inputs, so the checks are not needed.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I189342f032dfcefee36b27648bb512488ad61d20
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
6e8f0a45f9 ANDROID: sdcardfs: Fix style issues with comments
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I8791ef7eac527645ecb9407908e7e5ece35b8f80
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
4704f29d6a ANDROID: sdcardfs: Fix formatting
This fixes various spacing and bracket related issues
pointed out by checkpatch.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I6e248833a7a04e3899f3ae9462d765cfcaa70c96
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
1a14972611 ANDROID: sdcardfs: correct order of descriptors
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: Ia6d16b19c8c911f41231d2a12be0740057edfacf
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
72edd91358 ANDROID: sdcardfs: Fix gid issue
We were already calculating most of these values,
and erroring out because the check was confused by this.
Instead of recalculating, adjust it as needed.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 36160015
Change-Id: I9caf3e2fd32ca2e37ff8ed71b1d392f1761bc9a9
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
21e658825e ANDROID: sdcardfs: Remove uninformative prints
At best these prints do not provide useful information, and
at worst, some allow userspace to abuse the kernel log.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 36138424
Change-Id: I812c57cc6a22b37262935ab77f48f3af4c36827e
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
9db181390d ANDROID: sdcardfs: move path_put outside of spinlock
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35643557
Change-Id: Ib279ebd7dd4e5884d184d67696a93e34993bc1ef
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
7da6922a38 ANDROID: sdcardfs: Use case insensitive hash function
Case insensitive comparisons don't help us much if
we hash to different buckets...

Signed-off-by: Daniel Rosenberg <drosen@google.com>
bug: 36004503
Change-Id: I91e00dbcd860a709cbd4f7fd7fc6d855779f3285
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
75e385dc32 ANDROID: sdcardfs: declare MODULE_ALIAS_FS
From commit ee616b78aa87 ("Wrapfs: declare MODULE_ALIAS_FS")

Signed-off-by: Daniel Rosenberg <drosen@google.com>
bug: 35766959
Change-Id: Ia4728ab49d065b1d2eb27825046f14b97c328cba
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
ca3019310f ANDROID: sdcardfs: Get the blocksize from the lower fs
This changes sdcardfs to be more in line with the
getattr in wrapfs, which calls the lower fs's getattr
to get the block size

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34723223
Change-Id: I1c9e16604ba580a8cdefa17f02dcc489d7351aed
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
a45a1bba60 ANDROID: sdcardfs: Use d_invalidate instead of drop_recurisve
drop_recursive did not properly remove stale dentries.
Instead, we use the vfs's d_invalidate, which does the proper cleanup.

Additionally, remove the no longer used drop_recursive, and
fixup_top_recursive that that are no longer used.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: Ibff61b0c34b725b024a050169047a415bc90f0d8
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
57d6e41ef2 ANDROID: sdcardfs: Switch to internal case insensitive compare
There were still a few places where we called into a case
insensitive lookup that was not defined by sdcardfs.
Moving them all to the same place will allow us to switch
the implementation in the future.

Additionally, the check in fixup_perms_recursive did not
take into account the length of both strings, causing
extraneous matches when the name we were looking for was
a prefix of the child name.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I45ce768cd782cb4ea1ae183772781387c590ecc2
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
6ec792278f ANDROID: sdcardfs: Use spin_lock_nested
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 36007653
Change-Id: I805d5afec797669679853fb2bb993ee38e6276e4
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
7f82ad04c9 ANDROID: sdcardfs: Replace get/put with d_lock
dput cannot be called with a spin_lock. Instead,
we protect our accesses by holding the d_lock.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35643557
Change-Id: I22cf30856d75b5616cbb0c223724f5ab866b5114
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
da6242a966 ANDROID: sdcardfs: rate limit warning print
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35848445
Change-Id: Ida72ea0ece191b2ae4a8babae096b2451eb563f6
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
fc548ee3b1 ANDROID: sdcardfs: Fix case insensitive lookup
The previous case insensitive lookup relied on the
entry being present in the dcache. This instead uses
iterate_dir to find the correct case.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
bug: 35633782
Change-Id: I556f7090773468c1943c89a5e2aa07f746ba49c5
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
41e6f442c9 ANDROID: sdcardfs: support direct-IO (DIO) operations
This comes from the wrapfs
commit 2e346c83b26e ("Wrapfs: support direct-IO (DIO) operations")

Signed-off-by: Li Mengyang <li.mengyang@stonybrook.edu>
Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34133558
Change-Id: I3fd779c510ab70d56b1d918f99c20421b524cdc4
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
1492780c4b ANDROID: sdcardfs: implement vm_ops->page_mkwrite
This comes from wrapfs
commit 3dfec0ffe5e2 ("Wrapfs: implement vm_ops->page_mkwrite")

Some file systems (e.g., ext4) require it.  Reported by Ted Ts'o.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34133558
Change-Id: I1a389b2422c654a6d3046bb8ec3e20511aebfa8e
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
9449afa9b1 ANDROID: sdcardfs: Don't bother deleting freelist
There is no point deleting entries from dlist, as
that is a temporary list on the stack from which
contains only entries that are being deleted.

Not all code paths set up dlist, so those that
don't were performing invalid accesses in
hash_del_rcu. As an additional means to prevent
any other issue, we null out the list entries when
we allocate from the cache.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35666680
Change-Id: Ibb1e28c08c3a600c29418d39ba1c0f3db3bf31e5
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
8a5d838625 ANDROID: sdcardfs: Add missing path_put
"ANDROID: sdcardfs: Add GID Derivation to sdcardfs" introduced
an unbalanced pat_get, leading to storage space not being freed
after deleting a file until rebooting. This adds the missing path_put.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34691169
Change-Id: Ia7ef97ec2eca2c555cc06b235715635afc87940e
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
dc112e1274 ANDROID: sdcardfs: Fix incorrect hash
This adds back the hash calculation removed as part of
the previous patch, as it is in fact necessary.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35307857
Change-Id: Ie607332bcf2c5d2efdf924e4060ef3f576bf25dc
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
f36083a078 ANDROID: sdcardfs: Switch strcasecmp for internal call
This moves our uses of strcasecmp over to an internal call so we can
easily change implementations later if we so desire. Additionally,
we leverage qstr's where appropriate to save time on comparisons.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I32fdc4fd0cd3b7b735dcfd82f60a2516fd8272a5
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
4bc036fa91 ANDROID: sdcardfs: switch to full_name_hash and qstr
Use the kernel's string hash function instead of rolling
our own. Additionally, save a bit of calculation by using
the qstr struct in place of strings.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I0bbeb5ec2a9233f40135ad632e6f22c30ffa95c1
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
dc7a4c4826 ANDROID: sdcardfs: Add GID Derivation to sdcardfs
This changes sdcardfs to modify the user and group in the
underlying filesystem depending on its usage. Ownership is
set by Android user, and package, as well as if the file is
under obb or cache. Other files can be labeled by extension.
Those values are set via the configfs interace.

To add an entry,
mkdir -p [configfs root]/sdcardfs/extensions/[gid]/[ext]

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34262585
Change-Id: I4e030ce84f094a678376349b1a96923e5076a0f4
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
0cc825683b ANDROID: sdcardfs: Remove redundant operation
We call get_derived_permission_new unconditionally, so we don't need
to call update_derived_permission_lock, which does the same thing.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I0748100828c6af806da807241a33bf42be614935
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
dab3789d00 ANDROID: sdcardfs: add support for user permission isolation
This allows you to hide the existence of a package from
a user by adding them to an exclude list. If a user
creates that package's folder and is on the exclude list,
they will not see that package's id.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34542611
Change-Id: I9eb82e0bf2457d7eb81ee56153b9c7d2f6646323
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
4c43f87830 ANDROID: sdcardfs: Refactor configfs interface
This refactors the configfs code to be more easily extended.
It will allow additional files to be added easily.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34542611
Bug: 34262585
Change-Id: I73c9b0ae5ca7eb27f4ebef3e6807f088b512d539
2018-08-28 17:10:42 +05:30
Daniel Rosenberg
080b3fcf03 ANDROID: sdcardfs: Allow non-owners to touch
This modifies the permission checks in setattr to
allow for non-owners to modify the timestamp of
files to things other than the current time.
This still requires write access, as enforced by
the permission call, but relaxes the requirement
that the caller must be the owner, allowing those
with group permissions to change it as well.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 11118565
Change-Id: Ied31f0cce2797675c7ef179eeb4e088185adcbad
2018-08-28 17:10:42 +05:30
Amit Pundir
35be07675d ANDROID: sdcardfs: eliminate the offset argument to ->direct_IO
Eliminate the offset argument to sdcardfs_direct_IO() which is dropped
by upstream commit c8b8e32d70 ("direct-io: eliminate the offset
argument to ->direct_IO"), otherwise we run into following build error:

  CC [M]  fs/sdcardfs/mmap.o
fs/sdcardfs/mmap.c:76:15: error: initialization from incompatible pointer type [-Werror=incompatible-pointer-types]
  .direct_IO = sdcardfs_direct_IO,
               ^
fs/sdcardfs/mmap.c:76:15: note: (near initialization for ‘sdcardfs_aops.direct_IO’)

Change-Id: I292d93bb16365a9fa46494accb2b5da51028b5c1
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
2018-08-28 17:10:42 +05:30
Amit Pundir
69a191f0d1 ANDROID: sdcardfs: make it use new .rename i_op
Since commit 2773bf00ae ("fs: rename "rename2" i_op to "rename""),
syscall rename2 is merged with rename syscall and it broke sdcard_fs
build and we get following build error:

  CC [M]  fs/sdcardfs/inode.o
fs/sdcardfs/inode.c:786:13: error: initialization from incompatible pointer type [-Werror=incompatible-pointer-types]
  .rename  = sdcardfs_rename,
             ^
fs/sdcardfs/inode.c:786:13: note: (near initialization for ‘sdcardfs_dir_iops.rename’)

renameat2 syscall is the same as renameat with an added flags argument
and calling renameat2 with flags=0 is equivalent to calling renameat.

Change-Id: I48f3c76c3af481241188253a76f310670de6bd18
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
2018-08-28 17:10:42 +05:30