Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0
2 : /*
3 : * linux/fs/fcntl.c
4 : *
5 : * Copyright (C) 1991, 1992 Linus Torvalds
6 : */
7 :
8 : #include <linux/syscalls.h>
9 : #include <linux/init.h>
10 : #include <linux/mm.h>
11 : #include <linux/sched/task.h>
12 : #include <linux/fs.h>
13 : #include <linux/filelock.h>
14 : #include <linux/file.h>
15 : #include <linux/fdtable.h>
16 : #include <linux/capability.h>
17 : #include <linux/dnotify.h>
18 : #include <linux/slab.h>
19 : #include <linux/module.h>
20 : #include <linux/pipe_fs_i.h>
21 : #include <linux/security.h>
22 : #include <linux/ptrace.h>
23 : #include <linux/signal.h>
24 : #include <linux/rcupdate.h>
25 : #include <linux/pid_namespace.h>
26 : #include <linux/user_namespace.h>
27 : #include <linux/memfd.h>
28 : #include <linux/compat.h>
29 : #include <linux/mount.h>
30 :
31 : #include <linux/poll.h>
32 : #include <asm/siginfo.h>
33 : #include <linux/uaccess.h>
34 :
35 : #define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
36 :
37 0 : static int setfl(int fd, struct file * filp, unsigned long arg)
38 : {
39 0 : struct inode * inode = file_inode(filp);
40 0 : int error = 0;
41 :
42 : /*
43 : * O_APPEND cannot be cleared if the file is marked as append-only
44 : * and the file is open for write.
45 : */
46 0 : if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
47 : return -EPERM;
48 :
49 : /* O_NOATIME can only be set by the owner or superuser */
50 0 : if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
51 0 : if (!inode_owner_or_capable(file_mnt_idmap(filp), inode))
52 : return -EPERM;
53 :
54 : /* required for strict SunOS emulation */
55 : if (O_NONBLOCK != O_NDELAY)
56 : if (arg & O_NDELAY)
57 : arg |= O_NONBLOCK;
58 :
59 : /* Pipe packetized mode is controlled by O_DIRECT flag */
60 0 : if (!S_ISFIFO(inode->i_mode) &&
61 0 : (arg & O_DIRECT) &&
62 0 : !(filp->f_mode & FMODE_CAN_ODIRECT))
63 : return -EINVAL;
64 :
65 0 : if (filp->f_op->check_flags)
66 0 : error = filp->f_op->check_flags(arg);
67 0 : if (error)
68 : return error;
69 :
70 : /*
71 : * ->fasync() is responsible for setting the FASYNC bit.
72 : */
73 0 : if (((arg ^ filp->f_flags) & FASYNC) && filp->f_op->fasync) {
74 0 : error = filp->f_op->fasync(fd, filp, (arg & FASYNC) != 0);
75 0 : if (error < 0)
76 : goto out;
77 0 : if (error > 0)
78 0 : error = 0;
79 : }
80 0 : spin_lock(&filp->f_lock);
81 0 : filp->f_flags = (arg & SETFL_MASK) | (filp->f_flags & ~SETFL_MASK);
82 0 : filp->f_iocb_flags = iocb_flags(filp);
83 0 : spin_unlock(&filp->f_lock);
84 :
85 : out:
86 : return error;
87 : }
88 :
89 0 : static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
90 : int force)
91 : {
92 0 : write_lock_irq(&filp->f_owner.lock);
93 0 : if (force || !filp->f_owner.pid) {
94 0 : put_pid(filp->f_owner.pid);
95 0 : filp->f_owner.pid = get_pid(pid);
96 0 : filp->f_owner.pid_type = type;
97 :
98 0 : if (pid) {
99 0 : const struct cred *cred = current_cred();
100 0 : filp->f_owner.uid = cred->uid;
101 0 : filp->f_owner.euid = cred->euid;
102 : }
103 : }
104 0 : write_unlock_irq(&filp->f_owner.lock);
105 0 : }
106 :
107 0 : void __f_setown(struct file *filp, struct pid *pid, enum pid_type type,
108 : int force)
109 : {
110 0 : security_file_set_fowner(filp);
111 0 : f_modown(filp, pid, type, force);
112 0 : }
113 : EXPORT_SYMBOL(__f_setown);
114 :
115 0 : int f_setown(struct file *filp, unsigned long arg, int force)
116 : {
117 : enum pid_type type;
118 0 : struct pid *pid = NULL;
119 0 : int who = arg, ret = 0;
120 :
121 0 : type = PIDTYPE_TGID;
122 0 : if (who < 0) {
123 : /* avoid overflow below */
124 0 : if (who == INT_MIN)
125 : return -EINVAL;
126 :
127 0 : type = PIDTYPE_PGID;
128 0 : who = -who;
129 : }
130 :
131 : rcu_read_lock();
132 0 : if (who) {
133 0 : pid = find_vpid(who);
134 0 : if (!pid)
135 0 : ret = -ESRCH;
136 : }
137 :
138 0 : if (!ret)
139 : __f_setown(filp, pid, type, force);
140 : rcu_read_unlock();
141 :
142 0 : return ret;
143 : }
144 : EXPORT_SYMBOL(f_setown);
145 :
146 0 : void f_delown(struct file *filp)
147 : {
148 0 : f_modown(filp, NULL, PIDTYPE_TGID, 1);
149 0 : }
150 :
151 0 : pid_t f_getown(struct file *filp)
152 : {
153 0 : pid_t pid = 0;
154 :
155 0 : read_lock_irq(&filp->f_owner.lock);
156 : rcu_read_lock();
157 0 : if (pid_task(filp->f_owner.pid, filp->f_owner.pid_type)) {
158 0 : pid = pid_vnr(filp->f_owner.pid);
159 0 : if (filp->f_owner.pid_type == PIDTYPE_PGID)
160 0 : pid = -pid;
161 : }
162 : rcu_read_unlock();
163 0 : read_unlock_irq(&filp->f_owner.lock);
164 0 : return pid;
165 : }
166 :
167 0 : static int f_setown_ex(struct file *filp, unsigned long arg)
168 : {
169 0 : struct f_owner_ex __user *owner_p = (void __user *)arg;
170 : struct f_owner_ex owner;
171 : struct pid *pid;
172 : int type;
173 : int ret;
174 :
175 0 : ret = copy_from_user(&owner, owner_p, sizeof(owner));
176 0 : if (ret)
177 : return -EFAULT;
178 :
179 0 : switch (owner.type) {
180 : case F_OWNER_TID:
181 : type = PIDTYPE_PID;
182 : break;
183 :
184 : case F_OWNER_PID:
185 0 : type = PIDTYPE_TGID;
186 0 : break;
187 :
188 : case F_OWNER_PGRP:
189 0 : type = PIDTYPE_PGID;
190 0 : break;
191 :
192 : default:
193 : return -EINVAL;
194 : }
195 :
196 : rcu_read_lock();
197 0 : pid = find_vpid(owner.pid);
198 0 : if (owner.pid && !pid)
199 : ret = -ESRCH;
200 : else
201 0 : __f_setown(filp, pid, type, 1);
202 : rcu_read_unlock();
203 :
204 0 : return ret;
205 : }
206 :
207 0 : static int f_getown_ex(struct file *filp, unsigned long arg)
208 : {
209 0 : struct f_owner_ex __user *owner_p = (void __user *)arg;
210 0 : struct f_owner_ex owner = {};
211 0 : int ret = 0;
212 :
213 0 : read_lock_irq(&filp->f_owner.lock);
214 : rcu_read_lock();
215 0 : if (pid_task(filp->f_owner.pid, filp->f_owner.pid_type))
216 0 : owner.pid = pid_vnr(filp->f_owner.pid);
217 : rcu_read_unlock();
218 0 : switch (filp->f_owner.pid_type) {
219 : case PIDTYPE_PID:
220 0 : owner.type = F_OWNER_TID;
221 : break;
222 :
223 : case PIDTYPE_TGID:
224 0 : owner.type = F_OWNER_PID;
225 : break;
226 :
227 : case PIDTYPE_PGID:
228 0 : owner.type = F_OWNER_PGRP;
229 : break;
230 :
231 : default:
232 0 : WARN_ON(1);
233 0 : ret = -EINVAL;
234 : break;
235 : }
236 0 : read_unlock_irq(&filp->f_owner.lock);
237 :
238 0 : if (!ret) {
239 0 : ret = copy_to_user(owner_p, &owner, sizeof(owner));
240 0 : if (ret)
241 0 : ret = -EFAULT;
242 : }
243 0 : return ret;
244 : }
245 :
246 : #ifdef CONFIG_CHECKPOINT_RESTORE
247 : static int f_getowner_uids(struct file *filp, unsigned long arg)
248 : {
249 : struct user_namespace *user_ns = current_user_ns();
250 : uid_t __user *dst = (void __user *)arg;
251 : uid_t src[2];
252 : int err;
253 :
254 : read_lock_irq(&filp->f_owner.lock);
255 : src[0] = from_kuid(user_ns, filp->f_owner.uid);
256 : src[1] = from_kuid(user_ns, filp->f_owner.euid);
257 : read_unlock_irq(&filp->f_owner.lock);
258 :
259 : err = put_user(src[0], &dst[0]);
260 : err |= put_user(src[1], &dst[1]);
261 :
262 : return err;
263 : }
264 : #else
265 : static int f_getowner_uids(struct file *filp, unsigned long arg)
266 : {
267 : return -EINVAL;
268 : }
269 : #endif
270 :
271 : static bool rw_hint_valid(enum rw_hint hint)
272 : {
273 0 : switch (hint) {
274 : case RWH_WRITE_LIFE_NOT_SET:
275 : case RWH_WRITE_LIFE_NONE:
276 : case RWH_WRITE_LIFE_SHORT:
277 : case RWH_WRITE_LIFE_MEDIUM:
278 : case RWH_WRITE_LIFE_LONG:
279 : case RWH_WRITE_LIFE_EXTREME:
280 : return true;
281 : default:
282 : return false;
283 : }
284 : }
285 :
286 0 : static long fcntl_rw_hint(struct file *file, unsigned int cmd,
287 : unsigned long arg)
288 : {
289 0 : struct inode *inode = file_inode(file);
290 0 : u64 __user *argp = (u64 __user *)arg;
291 : enum rw_hint hint;
292 : u64 h;
293 :
294 0 : switch (cmd) {
295 : case F_GET_RW_HINT:
296 0 : h = inode->i_write_hint;
297 0 : if (copy_to_user(argp, &h, sizeof(*argp)))
298 : return -EFAULT;
299 0 : return 0;
300 : case F_SET_RW_HINT:
301 0 : if (copy_from_user(&h, argp, sizeof(h)))
302 : return -EFAULT;
303 0 : hint = (enum rw_hint) h;
304 0 : if (!rw_hint_valid(hint))
305 : return -EINVAL;
306 :
307 0 : inode_lock(inode);
308 0 : inode->i_write_hint = hint;
309 0 : inode_unlock(inode);
310 0 : return 0;
311 : default:
312 : return -EINVAL;
313 : }
314 : }
315 :
316 0 : static long do_fcntl(int fd, unsigned int cmd, unsigned long arg,
317 : struct file *filp)
318 : {
319 0 : void __user *argp = (void __user *)arg;
320 : struct flock flock;
321 0 : long err = -EINVAL;
322 :
323 0 : switch (cmd) {
324 : case F_DUPFD:
325 0 : err = f_dupfd(arg, filp, 0);
326 0 : break;
327 : case F_DUPFD_CLOEXEC:
328 0 : err = f_dupfd(arg, filp, O_CLOEXEC);
329 0 : break;
330 : case F_GETFD:
331 0 : err = get_close_on_exec(fd) ? FD_CLOEXEC : 0;
332 0 : break;
333 : case F_SETFD:
334 0 : err = 0;
335 0 : set_close_on_exec(fd, arg & FD_CLOEXEC);
336 0 : break;
337 : case F_GETFL:
338 0 : err = filp->f_flags;
339 0 : break;
340 : case F_SETFL:
341 0 : err = setfl(fd, filp, arg);
342 0 : break;
343 : #if BITS_PER_LONG != 32
344 : /* 32-bit arches must use fcntl64() */
345 : case F_OFD_GETLK:
346 : #endif
347 : case F_GETLK:
348 0 : if (copy_from_user(&flock, argp, sizeof(flock)))
349 : return -EFAULT;
350 0 : err = fcntl_getlk(filp, cmd, &flock);
351 0 : if (!err && copy_to_user(argp, &flock, sizeof(flock)))
352 : return -EFAULT;
353 : break;
354 : #if BITS_PER_LONG != 32
355 : /* 32-bit arches must use fcntl64() */
356 : case F_OFD_SETLK:
357 : case F_OFD_SETLKW:
358 : fallthrough;
359 : #endif
360 : case F_SETLK:
361 : case F_SETLKW:
362 0 : if (copy_from_user(&flock, argp, sizeof(flock)))
363 : return -EFAULT;
364 0 : err = fcntl_setlk(fd, filp, cmd, &flock);
365 0 : break;
366 : case F_GETOWN:
367 : /*
368 : * XXX If f_owner is a process group, the
369 : * negative return value will get converted
370 : * into an error. Oops. If we keep the
371 : * current syscall conventions, the only way
372 : * to fix this will be in libc.
373 : */
374 0 : err = f_getown(filp);
375 : force_successful_syscall_return();
376 0 : break;
377 : case F_SETOWN:
378 0 : err = f_setown(filp, arg, 1);
379 0 : break;
380 : case F_GETOWN_EX:
381 0 : err = f_getown_ex(filp, arg);
382 0 : break;
383 : case F_SETOWN_EX:
384 0 : err = f_setown_ex(filp, arg);
385 0 : break;
386 : case F_GETOWNER_UIDS:
387 : err = f_getowner_uids(filp, arg);
388 : break;
389 : case F_GETSIG:
390 0 : err = filp->f_owner.signum;
391 0 : break;
392 : case F_SETSIG:
393 : /* arg == 0 restores default behaviour. */
394 0 : if (!valid_signal(arg)) {
395 : break;
396 : }
397 0 : err = 0;
398 0 : filp->f_owner.signum = arg;
399 0 : break;
400 : case F_GETLEASE:
401 0 : err = fcntl_getlease(filp);
402 0 : break;
403 : case F_SETLEASE:
404 0 : err = fcntl_setlease(fd, filp, arg);
405 0 : break;
406 : case F_NOTIFY:
407 0 : err = fcntl_dirnotify(fd, filp, arg);
408 0 : break;
409 : case F_SETPIPE_SZ:
410 : case F_GETPIPE_SZ:
411 0 : err = pipe_fcntl(filp, cmd, arg);
412 0 : break;
413 : case F_ADD_SEALS:
414 : case F_GET_SEALS:
415 : err = memfd_fcntl(filp, cmd, arg);
416 : break;
417 : case F_GET_RW_HINT:
418 : case F_SET_RW_HINT:
419 0 : err = fcntl_rw_hint(filp, cmd, arg);
420 0 : break;
421 : default:
422 : break;
423 : }
424 : return err;
425 : }
426 :
427 : static int check_fcntl_cmd(unsigned cmd)
428 : {
429 0 : switch (cmd) {
430 : case F_DUPFD:
431 : case F_DUPFD_CLOEXEC:
432 : case F_GETFD:
433 : case F_SETFD:
434 : case F_GETFL:
435 : return 1;
436 : }
437 : return 0;
438 : }
439 :
440 0 : SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd, unsigned long, arg)
441 : {
442 0 : struct fd f = fdget_raw(fd);
443 0 : long err = -EBADF;
444 :
445 0 : if (!f.file)
446 : goto out;
447 :
448 0 : if (unlikely(f.file->f_mode & FMODE_PATH)) {
449 0 : if (!check_fcntl_cmd(cmd))
450 : goto out1;
451 : }
452 :
453 0 : err = security_file_fcntl(f.file, cmd, arg);
454 : if (!err)
455 0 : err = do_fcntl(fd, cmd, arg, f.file);
456 :
457 : out1:
458 0 : fdput(f);
459 : out:
460 0 : return err;
461 : }
462 :
463 : #if BITS_PER_LONG == 32
464 : SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
465 : unsigned long, arg)
466 : {
467 : void __user *argp = (void __user *)arg;
468 : struct fd f = fdget_raw(fd);
469 : struct flock64 flock;
470 : long err = -EBADF;
471 :
472 : if (!f.file)
473 : goto out;
474 :
475 : if (unlikely(f.file->f_mode & FMODE_PATH)) {
476 : if (!check_fcntl_cmd(cmd))
477 : goto out1;
478 : }
479 :
480 : err = security_file_fcntl(f.file, cmd, arg);
481 : if (err)
482 : goto out1;
483 :
484 : switch (cmd) {
485 : case F_GETLK64:
486 : case F_OFD_GETLK:
487 : err = -EFAULT;
488 : if (copy_from_user(&flock, argp, sizeof(flock)))
489 : break;
490 : err = fcntl_getlk64(f.file, cmd, &flock);
491 : if (!err && copy_to_user(argp, &flock, sizeof(flock)))
492 : err = -EFAULT;
493 : break;
494 : case F_SETLK64:
495 : case F_SETLKW64:
496 : case F_OFD_SETLK:
497 : case F_OFD_SETLKW:
498 : err = -EFAULT;
499 : if (copy_from_user(&flock, argp, sizeof(flock)))
500 : break;
501 : err = fcntl_setlk64(fd, f.file, cmd, &flock);
502 : break;
503 : default:
504 : err = do_fcntl(fd, cmd, arg, f.file);
505 : break;
506 : }
507 : out1:
508 : fdput(f);
509 : out:
510 : return err;
511 : }
512 : #endif
513 :
514 : #ifdef CONFIG_COMPAT
515 : /* careful - don't use anywhere else */
516 : #define copy_flock_fields(dst, src) \
517 : (dst)->l_type = (src)->l_type; \
518 : (dst)->l_whence = (src)->l_whence; \
519 : (dst)->l_start = (src)->l_start; \
520 : (dst)->l_len = (src)->l_len; \
521 : (dst)->l_pid = (src)->l_pid;
522 :
523 : static int get_compat_flock(struct flock *kfl, const struct compat_flock __user *ufl)
524 : {
525 : struct compat_flock fl;
526 :
527 : if (copy_from_user(&fl, ufl, sizeof(struct compat_flock)))
528 : return -EFAULT;
529 : copy_flock_fields(kfl, &fl);
530 : return 0;
531 : }
532 :
533 : static int get_compat_flock64(struct flock *kfl, const struct compat_flock64 __user *ufl)
534 : {
535 : struct compat_flock64 fl;
536 :
537 : if (copy_from_user(&fl, ufl, sizeof(struct compat_flock64)))
538 : return -EFAULT;
539 : copy_flock_fields(kfl, &fl);
540 : return 0;
541 : }
542 :
543 : static int put_compat_flock(const struct flock *kfl, struct compat_flock __user *ufl)
544 : {
545 : struct compat_flock fl;
546 :
547 : memset(&fl, 0, sizeof(struct compat_flock));
548 : copy_flock_fields(&fl, kfl);
549 : if (copy_to_user(ufl, &fl, sizeof(struct compat_flock)))
550 : return -EFAULT;
551 : return 0;
552 : }
553 :
554 : static int put_compat_flock64(const struct flock *kfl, struct compat_flock64 __user *ufl)
555 : {
556 : struct compat_flock64 fl;
557 :
558 : BUILD_BUG_ON(sizeof(kfl->l_start) > sizeof(ufl->l_start));
559 : BUILD_BUG_ON(sizeof(kfl->l_len) > sizeof(ufl->l_len));
560 :
561 : memset(&fl, 0, sizeof(struct compat_flock64));
562 : copy_flock_fields(&fl, kfl);
563 : if (copy_to_user(ufl, &fl, sizeof(struct compat_flock64)))
564 : return -EFAULT;
565 : return 0;
566 : }
567 : #undef copy_flock_fields
568 :
569 : static unsigned int
570 : convert_fcntl_cmd(unsigned int cmd)
571 : {
572 : switch (cmd) {
573 : case F_GETLK64:
574 : return F_GETLK;
575 : case F_SETLK64:
576 : return F_SETLK;
577 : case F_SETLKW64:
578 : return F_SETLKW;
579 : }
580 :
581 : return cmd;
582 : }
583 :
584 : /*
585 : * GETLK was successful and we need to return the data, but it needs to fit in
586 : * the compat structure.
587 : * l_start shouldn't be too big, unless the original start + end is greater than
588 : * COMPAT_OFF_T_MAX, in which case the app was asking for trouble, so we return
589 : * -EOVERFLOW in that case. l_len could be too big, in which case we just
590 : * truncate it, and only allow the app to see that part of the conflicting lock
591 : * that might make sense to it anyway
592 : */
593 : static int fixup_compat_flock(struct flock *flock)
594 : {
595 : if (flock->l_start > COMPAT_OFF_T_MAX)
596 : return -EOVERFLOW;
597 : if (flock->l_len > COMPAT_OFF_T_MAX)
598 : flock->l_len = COMPAT_OFF_T_MAX;
599 : return 0;
600 : }
601 :
602 : static long do_compat_fcntl64(unsigned int fd, unsigned int cmd,
603 : compat_ulong_t arg)
604 : {
605 : struct fd f = fdget_raw(fd);
606 : struct flock flock;
607 : long err = -EBADF;
608 :
609 : if (!f.file)
610 : return err;
611 :
612 : if (unlikely(f.file->f_mode & FMODE_PATH)) {
613 : if (!check_fcntl_cmd(cmd))
614 : goto out_put;
615 : }
616 :
617 : err = security_file_fcntl(f.file, cmd, arg);
618 : if (err)
619 : goto out_put;
620 :
621 : switch (cmd) {
622 : case F_GETLK:
623 : err = get_compat_flock(&flock, compat_ptr(arg));
624 : if (err)
625 : break;
626 : err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
627 : if (err)
628 : break;
629 : err = fixup_compat_flock(&flock);
630 : if (!err)
631 : err = put_compat_flock(&flock, compat_ptr(arg));
632 : break;
633 : case F_GETLK64:
634 : case F_OFD_GETLK:
635 : err = get_compat_flock64(&flock, compat_ptr(arg));
636 : if (err)
637 : break;
638 : err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
639 : if (!err)
640 : err = put_compat_flock64(&flock, compat_ptr(arg));
641 : break;
642 : case F_SETLK:
643 : case F_SETLKW:
644 : err = get_compat_flock(&flock, compat_ptr(arg));
645 : if (err)
646 : break;
647 : err = fcntl_setlk(fd, f.file, convert_fcntl_cmd(cmd), &flock);
648 : break;
649 : case F_SETLK64:
650 : case F_SETLKW64:
651 : case F_OFD_SETLK:
652 : case F_OFD_SETLKW:
653 : err = get_compat_flock64(&flock, compat_ptr(arg));
654 : if (err)
655 : break;
656 : err = fcntl_setlk(fd, f.file, convert_fcntl_cmd(cmd), &flock);
657 : break;
658 : default:
659 : err = do_fcntl(fd, cmd, arg, f.file);
660 : break;
661 : }
662 : out_put:
663 : fdput(f);
664 : return err;
665 : }
666 :
667 : COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
668 : compat_ulong_t, arg)
669 : {
670 : return do_compat_fcntl64(fd, cmd, arg);
671 : }
672 :
673 : COMPAT_SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd,
674 : compat_ulong_t, arg)
675 : {
676 : switch (cmd) {
677 : case F_GETLK64:
678 : case F_SETLK64:
679 : case F_SETLKW64:
680 : case F_OFD_GETLK:
681 : case F_OFD_SETLK:
682 : case F_OFD_SETLKW:
683 : return -EINVAL;
684 : }
685 : return do_compat_fcntl64(fd, cmd, arg);
686 : }
687 : #endif
688 :
689 : /* Table to convert sigio signal codes into poll band bitmaps */
690 :
691 : static const __poll_t band_table[NSIGPOLL] = {
692 : EPOLLIN | EPOLLRDNORM, /* POLL_IN */
693 : EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND, /* POLL_OUT */
694 : EPOLLIN | EPOLLRDNORM | EPOLLMSG, /* POLL_MSG */
695 : EPOLLERR, /* POLL_ERR */
696 : EPOLLPRI | EPOLLRDBAND, /* POLL_PRI */
697 : EPOLLHUP | EPOLLERR /* POLL_HUP */
698 : };
699 :
700 : static inline int sigio_perm(struct task_struct *p,
701 : struct fown_struct *fown, int sig)
702 : {
703 : const struct cred *cred;
704 : int ret;
705 :
706 : rcu_read_lock();
707 0 : cred = __task_cred(p);
708 0 : ret = ((uid_eq(fown->euid, GLOBAL_ROOT_UID) ||
709 0 : uid_eq(fown->euid, cred->suid) || uid_eq(fown->euid, cred->uid) ||
710 0 : uid_eq(fown->uid, cred->suid) || uid_eq(fown->uid, cred->uid)) &&
711 : !security_file_send_sigiotask(p, fown, sig));
712 : rcu_read_unlock();
713 : return ret;
714 : }
715 :
716 0 : static void send_sigio_to_task(struct task_struct *p,
717 : struct fown_struct *fown,
718 : int fd, int reason, enum pid_type type)
719 : {
720 : /*
721 : * F_SETSIG can change ->signum lockless in parallel, make
722 : * sure we read it once and use the same value throughout.
723 : */
724 0 : int signum = READ_ONCE(fown->signum);
725 :
726 0 : if (!sigio_perm(p, fown, signum))
727 : return;
728 :
729 0 : switch (signum) {
730 : default: {
731 : kernel_siginfo_t si;
732 :
733 : /* Queue a rt signal with the appropriate fd as its
734 : value. We use SI_SIGIO as the source, not
735 : SI_KERNEL, since kernel signals always get
736 : delivered even if we can't queue. Failure to
737 : queue in this case _should_ be reported; we fall
738 : back to SIGIO in that case. --sct */
739 0 : clear_siginfo(&si);
740 0 : si.si_signo = signum;
741 0 : si.si_errno = 0;
742 0 : si.si_code = reason;
743 : /*
744 : * Posix definies POLL_IN and friends to be signal
745 : * specific si_codes for SIG_POLL. Linux extended
746 : * these si_codes to other signals in a way that is
747 : * ambiguous if other signals also have signal
748 : * specific si_codes. In that case use SI_SIGIO instead
749 : * to remove the ambiguity.
750 : */
751 0 : if ((signum != SIGPOLL) && sig_specific_sicodes(signum))
752 0 : si.si_code = SI_SIGIO;
753 :
754 : /* Make sure we are called with one of the POLL_*
755 : reasons, otherwise we could leak kernel stack into
756 : userspace. */
757 0 : BUG_ON((reason < POLL_IN) || ((reason - POLL_IN) >= NSIGPOLL));
758 0 : if (reason - POLL_IN >= NSIGPOLL)
759 0 : si.si_band = ~0L;
760 : else
761 0 : si.si_band = mangle_poll(band_table[reason - POLL_IN]);
762 0 : si.si_fd = fd;
763 0 : if (!do_send_sig_info(signum, &si, p, type))
764 : break;
765 : }
766 : fallthrough; /* fall back on the old plain SIGIO signal */
767 : case 0:
768 0 : do_send_sig_info(SIGIO, SEND_SIG_PRIV, p, type);
769 : }
770 : }
771 :
772 0 : void send_sigio(struct fown_struct *fown, int fd, int band)
773 : {
774 : struct task_struct *p;
775 : enum pid_type type;
776 : unsigned long flags;
777 : struct pid *pid;
778 :
779 0 : read_lock_irqsave(&fown->lock, flags);
780 :
781 0 : type = fown->pid_type;
782 0 : pid = fown->pid;
783 0 : if (!pid)
784 : goto out_unlock_fown;
785 :
786 0 : if (type <= PIDTYPE_TGID) {
787 : rcu_read_lock();
788 0 : p = pid_task(pid, PIDTYPE_PID);
789 0 : if (p)
790 0 : send_sigio_to_task(p, fown, fd, band, type);
791 : rcu_read_unlock();
792 : } else {
793 0 : read_lock(&tasklist_lock);
794 0 : do_each_pid_task(pid, type, p) {
795 0 : send_sigio_to_task(p, fown, fd, band, type);
796 0 : } while_each_pid_task(pid, type, p);
797 0 : read_unlock(&tasklist_lock);
798 : }
799 : out_unlock_fown:
800 0 : read_unlock_irqrestore(&fown->lock, flags);
801 0 : }
802 :
803 0 : static void send_sigurg_to_task(struct task_struct *p,
804 : struct fown_struct *fown, enum pid_type type)
805 : {
806 0 : if (sigio_perm(p, fown, SIGURG))
807 0 : do_send_sig_info(SIGURG, SEND_SIG_PRIV, p, type);
808 0 : }
809 :
810 0 : int send_sigurg(struct fown_struct *fown)
811 : {
812 : struct task_struct *p;
813 : enum pid_type type;
814 : struct pid *pid;
815 : unsigned long flags;
816 0 : int ret = 0;
817 :
818 0 : read_lock_irqsave(&fown->lock, flags);
819 :
820 0 : type = fown->pid_type;
821 0 : pid = fown->pid;
822 0 : if (!pid)
823 : goto out_unlock_fown;
824 :
825 0 : ret = 1;
826 :
827 0 : if (type <= PIDTYPE_TGID) {
828 : rcu_read_lock();
829 0 : p = pid_task(pid, PIDTYPE_PID);
830 0 : if (p)
831 0 : send_sigurg_to_task(p, fown, type);
832 : rcu_read_unlock();
833 : } else {
834 0 : read_lock(&tasklist_lock);
835 0 : do_each_pid_task(pid, type, p) {
836 0 : send_sigurg_to_task(p, fown, type);
837 0 : } while_each_pid_task(pid, type, p);
838 0 : read_unlock(&tasklist_lock);
839 : }
840 : out_unlock_fown:
841 0 : read_unlock_irqrestore(&fown->lock, flags);
842 0 : return ret;
843 : }
844 :
845 : static DEFINE_SPINLOCK(fasync_lock);
846 : static struct kmem_cache *fasync_cache __read_mostly;
847 :
848 0 : static void fasync_free_rcu(struct rcu_head *head)
849 : {
850 0 : kmem_cache_free(fasync_cache,
851 0 : container_of(head, struct fasync_struct, fa_rcu));
852 0 : }
853 :
854 : /*
855 : * Remove a fasync entry. If successfully removed, return
856 : * positive and clear the FASYNC flag. If no entry exists,
857 : * do nothing and return 0.
858 : *
859 : * NOTE! It is very important that the FASYNC flag always
860 : * match the state "is the filp on a fasync list".
861 : *
862 : */
863 0 : int fasync_remove_entry(struct file *filp, struct fasync_struct **fapp)
864 : {
865 : struct fasync_struct *fa, **fp;
866 0 : int result = 0;
867 :
868 0 : spin_lock(&filp->f_lock);
869 0 : spin_lock(&fasync_lock);
870 0 : for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
871 0 : if (fa->fa_file != filp)
872 0 : continue;
873 :
874 0 : write_lock_irq(&fa->fa_lock);
875 0 : fa->fa_file = NULL;
876 0 : write_unlock_irq(&fa->fa_lock);
877 :
878 0 : *fp = fa->fa_next;
879 0 : call_rcu(&fa->fa_rcu, fasync_free_rcu);
880 0 : filp->f_flags &= ~FASYNC;
881 0 : result = 1;
882 0 : break;
883 : }
884 0 : spin_unlock(&fasync_lock);
885 0 : spin_unlock(&filp->f_lock);
886 0 : return result;
887 : }
888 :
889 0 : struct fasync_struct *fasync_alloc(void)
890 : {
891 0 : return kmem_cache_alloc(fasync_cache, GFP_KERNEL);
892 : }
893 :
894 : /*
895 : * NOTE! This can be used only for unused fasync entries:
896 : * entries that actually got inserted on the fasync list
897 : * need to be released by rcu - see fasync_remove_entry.
898 : */
899 0 : void fasync_free(struct fasync_struct *new)
900 : {
901 0 : kmem_cache_free(fasync_cache, new);
902 0 : }
903 :
904 : /*
905 : * Insert a new entry into the fasync list. Return the pointer to the
906 : * old one if we didn't use the new one.
907 : *
908 : * NOTE! It is very important that the FASYNC flag always
909 : * match the state "is the filp on a fasync list".
910 : */
911 0 : struct fasync_struct *fasync_insert_entry(int fd, struct file *filp, struct fasync_struct **fapp, struct fasync_struct *new)
912 : {
913 : struct fasync_struct *fa, **fp;
914 :
915 0 : spin_lock(&filp->f_lock);
916 0 : spin_lock(&fasync_lock);
917 0 : for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
918 0 : if (fa->fa_file != filp)
919 0 : continue;
920 :
921 0 : write_lock_irq(&fa->fa_lock);
922 0 : fa->fa_fd = fd;
923 0 : write_unlock_irq(&fa->fa_lock);
924 0 : goto out;
925 : }
926 :
927 : rwlock_init(&new->fa_lock);
928 0 : new->magic = FASYNC_MAGIC;
929 0 : new->fa_file = filp;
930 0 : new->fa_fd = fd;
931 0 : new->fa_next = *fapp;
932 0 : rcu_assign_pointer(*fapp, new);
933 0 : filp->f_flags |= FASYNC;
934 :
935 : out:
936 0 : spin_unlock(&fasync_lock);
937 0 : spin_unlock(&filp->f_lock);
938 0 : return fa;
939 : }
940 :
941 : /*
942 : * Add a fasync entry. Return negative on error, positive if
943 : * added, and zero if did nothing but change an existing one.
944 : */
945 0 : static int fasync_add_entry(int fd, struct file *filp, struct fasync_struct **fapp)
946 : {
947 : struct fasync_struct *new;
948 :
949 0 : new = fasync_alloc();
950 0 : if (!new)
951 : return -ENOMEM;
952 :
953 : /*
954 : * fasync_insert_entry() returns the old (update) entry if
955 : * it existed.
956 : *
957 : * So free the (unused) new entry and return 0 to let the
958 : * caller know that we didn't add any new fasync entries.
959 : */
960 0 : if (fasync_insert_entry(fd, filp, fapp, new)) {
961 0 : fasync_free(new);
962 0 : return 0;
963 : }
964 :
965 : return 1;
966 : }
967 :
968 : /*
969 : * fasync_helper() is used by almost all character device drivers
970 : * to set up the fasync queue, and for regular files by the file
971 : * lease code. It returns negative on error, 0 if it did no changes
972 : * and positive if it added/deleted the entry.
973 : */
974 0 : int fasync_helper(int fd, struct file * filp, int on, struct fasync_struct **fapp)
975 : {
976 0 : if (!on)
977 0 : return fasync_remove_entry(filp, fapp);
978 0 : return fasync_add_entry(fd, filp, fapp);
979 : }
980 :
981 : EXPORT_SYMBOL(fasync_helper);
982 :
983 : /*
984 : * rcu_read_lock() is held
985 : */
986 0 : static void kill_fasync_rcu(struct fasync_struct *fa, int sig, int band)
987 : {
988 0 : while (fa) {
989 : struct fown_struct *fown;
990 : unsigned long flags;
991 :
992 0 : if (fa->magic != FASYNC_MAGIC) {
993 0 : printk(KERN_ERR "kill_fasync: bad magic number in "
994 : "fasync_struct!\n");
995 0 : return;
996 : }
997 0 : read_lock_irqsave(&fa->fa_lock, flags);
998 0 : if (fa->fa_file) {
999 0 : fown = &fa->fa_file->f_owner;
1000 : /* Don't send SIGURG to processes which have not set a
1001 : queued signum: SIGURG has its own default signalling
1002 : mechanism. */
1003 0 : if (!(sig == SIGURG && fown->signum == 0))
1004 0 : send_sigio(fown, fa->fa_fd, band);
1005 : }
1006 0 : read_unlock_irqrestore(&fa->fa_lock, flags);
1007 0 : fa = rcu_dereference(fa->fa_next);
1008 : }
1009 : }
1010 :
1011 1 : void kill_fasync(struct fasync_struct **fp, int sig, int band)
1012 : {
1013 : /* First a quick test without locking: usually
1014 : * the list is empty.
1015 : */
1016 1 : if (*fp) {
1017 : rcu_read_lock();
1018 0 : kill_fasync_rcu(rcu_dereference(*fp), sig, band);
1019 : rcu_read_unlock();
1020 : }
1021 1 : }
1022 : EXPORT_SYMBOL(kill_fasync);
1023 :
1024 1 : static int __init fcntl_init(void)
1025 : {
1026 : /*
1027 : * Please add new bits here to ensure allocation uniqueness.
1028 : * Exceptions: O_NONBLOCK is a two bit define on parisc; O_NDELAY
1029 : * is defined as O_NONBLOCK on some platforms and not on others.
1030 : */
1031 : BUILD_BUG_ON(21 - 1 /* for O_RDONLY being 0 */ !=
1032 : HWEIGHT32(
1033 : (VALID_OPEN_FLAGS & ~(O_NONBLOCK | O_NDELAY)) |
1034 : __FMODE_EXEC | __FMODE_NONOTIFY));
1035 :
1036 1 : fasync_cache = kmem_cache_create("fasync_cache",
1037 : sizeof(struct fasync_struct), 0,
1038 : SLAB_PANIC | SLAB_ACCOUNT, NULL);
1039 1 : return 0;
1040 : }
1041 :
1042 : module_init(fcntl_init)
|