Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0
2 : /*
3 : * linux/fs/fcntl.c
4 : *
5 : * Copyright (C) 1991, 1992 Linus Torvalds
6 : */
7 :
8 : #include <linux/syscalls.h>
9 : #include <linux/init.h>
10 : #include <linux/mm.h>
11 : #include <linux/sched/task.h>
12 : #include <linux/fs.h>
13 : #include <linux/file.h>
14 : #include <linux/fdtable.h>
15 : #include <linux/capability.h>
16 : #include <linux/dnotify.h>
17 : #include <linux/slab.h>
18 : #include <linux/module.h>
19 : #include <linux/pipe_fs_i.h>
20 : #include <linux/security.h>
21 : #include <linux/ptrace.h>
22 : #include <linux/signal.h>
23 : #include <linux/rcupdate.h>
24 : #include <linux/pid_namespace.h>
25 : #include <linux/user_namespace.h>
26 : #include <linux/memfd.h>
27 : #include <linux/compat.h>
28 : #include <linux/mount.h>
29 :
30 : #include <linux/poll.h>
31 : #include <asm/siginfo.h>
32 : #include <linux/uaccess.h>
33 :
34 : #define SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT | O_NOATIME)
35 :
36 0 : static int setfl(int fd, struct file * filp, unsigned long arg)
37 : {
38 0 : struct inode * inode = file_inode(filp);
39 0 : int error = 0;
40 :
41 : /*
42 : * O_APPEND cannot be cleared if the file is marked as append-only
43 : * and the file is open for write.
44 : */
45 0 : if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
46 : return -EPERM;
47 :
48 : /* O_NOATIME can only be set by the owner or superuser */
49 0 : if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
50 0 : if (!inode_owner_or_capable(file_mnt_user_ns(filp), inode))
51 : return -EPERM;
52 :
53 : /* required for strict SunOS emulation */
54 : if (O_NONBLOCK != O_NDELAY)
55 : if (arg & O_NDELAY)
56 : arg |= O_NONBLOCK;
57 :
58 : /* Pipe packetized mode is controlled by O_DIRECT flag */
59 0 : if (!S_ISFIFO(inode->i_mode) && (arg & O_DIRECT)) {
60 0 : if (!filp->f_mapping || !filp->f_mapping->a_ops ||
61 0 : !filp->f_mapping->a_ops->direct_IO)
62 : return -EINVAL;
63 : }
64 :
65 0 : if (filp->f_op->check_flags)
66 0 : error = filp->f_op->check_flags(arg);
67 0 : if (error)
68 : return error;
69 :
70 : /*
71 : * ->fasync() is responsible for setting the FASYNC bit.
72 : */
73 0 : if (((arg ^ filp->f_flags) & FASYNC) && filp->f_op->fasync) {
74 0 : error = filp->f_op->fasync(fd, filp, (arg & FASYNC) != 0);
75 0 : if (error < 0)
76 : goto out;
77 0 : if (error > 0)
78 0 : error = 0;
79 : }
80 0 : spin_lock(&filp->f_lock);
81 0 : filp->f_flags = (arg & SETFL_MASK) | (filp->f_flags & ~SETFL_MASK);
82 0 : spin_unlock(&filp->f_lock);
83 :
84 : out:
85 : return error;
86 : }
87 :
88 0 : static void f_modown(struct file *filp, struct pid *pid, enum pid_type type,
89 : int force)
90 : {
91 0 : write_lock_irq(&filp->f_owner.lock);
92 0 : if (force || !filp->f_owner.pid) {
93 0 : put_pid(filp->f_owner.pid);
94 0 : filp->f_owner.pid = get_pid(pid);
95 0 : filp->f_owner.pid_type = type;
96 :
97 0 : if (pid) {
98 0 : const struct cred *cred = current_cred();
99 0 : filp->f_owner.uid = cred->uid;
100 0 : filp->f_owner.euid = cred->euid;
101 : }
102 : }
103 0 : write_unlock_irq(&filp->f_owner.lock);
104 0 : }
105 :
106 0 : void __f_setown(struct file *filp, struct pid *pid, enum pid_type type,
107 : int force)
108 : {
109 0 : security_file_set_fowner(filp);
110 0 : f_modown(filp, pid, type, force);
111 0 : }
112 : EXPORT_SYMBOL(__f_setown);
113 :
114 0 : int f_setown(struct file *filp, unsigned long arg, int force)
115 : {
116 : enum pid_type type;
117 0 : struct pid *pid = NULL;
118 0 : int who = arg, ret = 0;
119 :
120 0 : type = PIDTYPE_TGID;
121 0 : if (who < 0) {
122 : /* avoid overflow below */
123 0 : if (who == INT_MIN)
124 : return -EINVAL;
125 :
126 0 : type = PIDTYPE_PGID;
127 0 : who = -who;
128 : }
129 :
130 : rcu_read_lock();
131 0 : if (who) {
132 0 : pid = find_vpid(who);
133 0 : if (!pid)
134 0 : ret = -ESRCH;
135 : }
136 :
137 0 : if (!ret)
138 : __f_setown(filp, pid, type, force);
139 : rcu_read_unlock();
140 :
141 0 : return ret;
142 : }
143 : EXPORT_SYMBOL(f_setown);
144 :
145 0 : void f_delown(struct file *filp)
146 : {
147 0 : f_modown(filp, NULL, PIDTYPE_TGID, 1);
148 0 : }
149 :
150 0 : pid_t f_getown(struct file *filp)
151 : {
152 0 : pid_t pid = 0;
153 :
154 0 : read_lock_irq(&filp->f_owner.lock);
155 : rcu_read_lock();
156 0 : if (pid_task(filp->f_owner.pid, filp->f_owner.pid_type)) {
157 0 : pid = pid_vnr(filp->f_owner.pid);
158 0 : if (filp->f_owner.pid_type == PIDTYPE_PGID)
159 0 : pid = -pid;
160 : }
161 : rcu_read_unlock();
162 0 : read_unlock_irq(&filp->f_owner.lock);
163 0 : return pid;
164 : }
165 :
166 0 : static int f_setown_ex(struct file *filp, unsigned long arg)
167 : {
168 0 : struct f_owner_ex __user *owner_p = (void __user *)arg;
169 : struct f_owner_ex owner;
170 : struct pid *pid;
171 : int type;
172 : int ret;
173 :
174 0 : ret = copy_from_user(&owner, owner_p, sizeof(owner));
175 0 : if (ret)
176 : return -EFAULT;
177 :
178 0 : switch (owner.type) {
179 : case F_OWNER_TID:
180 : type = PIDTYPE_PID;
181 : break;
182 :
183 : case F_OWNER_PID:
184 0 : type = PIDTYPE_TGID;
185 0 : break;
186 :
187 : case F_OWNER_PGRP:
188 0 : type = PIDTYPE_PGID;
189 0 : break;
190 :
191 : default:
192 : return -EINVAL;
193 : }
194 :
195 : rcu_read_lock();
196 0 : pid = find_vpid(owner.pid);
197 0 : if (owner.pid && !pid)
198 : ret = -ESRCH;
199 : else
200 0 : __f_setown(filp, pid, type, 1);
201 : rcu_read_unlock();
202 :
203 0 : return ret;
204 : }
205 :
206 0 : static int f_getown_ex(struct file *filp, unsigned long arg)
207 : {
208 0 : struct f_owner_ex __user *owner_p = (void __user *)arg;
209 0 : struct f_owner_ex owner = {};
210 0 : int ret = 0;
211 :
212 0 : read_lock_irq(&filp->f_owner.lock);
213 : rcu_read_lock();
214 0 : if (pid_task(filp->f_owner.pid, filp->f_owner.pid_type))
215 0 : owner.pid = pid_vnr(filp->f_owner.pid);
216 : rcu_read_unlock();
217 0 : switch (filp->f_owner.pid_type) {
218 : case PIDTYPE_PID:
219 0 : owner.type = F_OWNER_TID;
220 : break;
221 :
222 : case PIDTYPE_TGID:
223 0 : owner.type = F_OWNER_PID;
224 : break;
225 :
226 : case PIDTYPE_PGID:
227 0 : owner.type = F_OWNER_PGRP;
228 : break;
229 :
230 : default:
231 0 : WARN_ON(1);
232 0 : ret = -EINVAL;
233 : break;
234 : }
235 0 : read_unlock_irq(&filp->f_owner.lock);
236 :
237 0 : if (!ret) {
238 0 : ret = copy_to_user(owner_p, &owner, sizeof(owner));
239 0 : if (ret)
240 0 : ret = -EFAULT;
241 : }
242 0 : return ret;
243 : }
244 :
245 : #ifdef CONFIG_CHECKPOINT_RESTORE
246 : static int f_getowner_uids(struct file *filp, unsigned long arg)
247 : {
248 : struct user_namespace *user_ns = current_user_ns();
249 : uid_t __user *dst = (void __user *)arg;
250 : uid_t src[2];
251 : int err;
252 :
253 : read_lock_irq(&filp->f_owner.lock);
254 : src[0] = from_kuid(user_ns, filp->f_owner.uid);
255 : src[1] = from_kuid(user_ns, filp->f_owner.euid);
256 : read_unlock_irq(&filp->f_owner.lock);
257 :
258 : err = put_user(src[0], &dst[0]);
259 : err |= put_user(src[1], &dst[1]);
260 :
261 : return err;
262 : }
263 : #else
264 : static int f_getowner_uids(struct file *filp, unsigned long arg)
265 : {
266 : return -EINVAL;
267 : }
268 : #endif
269 :
270 : static bool rw_hint_valid(enum rw_hint hint)
271 : {
272 0 : switch (hint) {
273 : case RWH_WRITE_LIFE_NOT_SET:
274 : case RWH_WRITE_LIFE_NONE:
275 : case RWH_WRITE_LIFE_SHORT:
276 : case RWH_WRITE_LIFE_MEDIUM:
277 : case RWH_WRITE_LIFE_LONG:
278 : case RWH_WRITE_LIFE_EXTREME:
279 : return true;
280 : default:
281 : return false;
282 : }
283 : }
284 :
285 0 : static long fcntl_rw_hint(struct file *file, unsigned int cmd,
286 : unsigned long arg)
287 : {
288 0 : struct inode *inode = file_inode(file);
289 0 : u64 __user *argp = (u64 __user *)arg;
290 : enum rw_hint hint;
291 : u64 h;
292 :
293 0 : switch (cmd) {
294 : case F_GET_RW_HINT:
295 0 : h = inode->i_write_hint;
296 0 : if (copy_to_user(argp, &h, sizeof(*argp)))
297 : return -EFAULT;
298 0 : return 0;
299 : case F_SET_RW_HINT:
300 0 : if (copy_from_user(&h, argp, sizeof(h)))
301 : return -EFAULT;
302 0 : hint = (enum rw_hint) h;
303 0 : if (!rw_hint_valid(hint))
304 : return -EINVAL;
305 :
306 0 : inode_lock(inode);
307 0 : inode->i_write_hint = hint;
308 0 : inode_unlock(inode);
309 0 : return 0;
310 : default:
311 : return -EINVAL;
312 : }
313 : }
314 :
315 0 : static long do_fcntl(int fd, unsigned int cmd, unsigned long arg,
316 : struct file *filp)
317 : {
318 0 : void __user *argp = (void __user *)arg;
319 : struct flock flock;
320 0 : long err = -EINVAL;
321 :
322 0 : switch (cmd) {
323 : case F_DUPFD:
324 0 : err = f_dupfd(arg, filp, 0);
325 0 : break;
326 : case F_DUPFD_CLOEXEC:
327 0 : err = f_dupfd(arg, filp, O_CLOEXEC);
328 0 : break;
329 : case F_GETFD:
330 0 : err = get_close_on_exec(fd) ? FD_CLOEXEC : 0;
331 0 : break;
332 : case F_SETFD:
333 0 : err = 0;
334 0 : set_close_on_exec(fd, arg & FD_CLOEXEC);
335 0 : break;
336 : case F_GETFL:
337 0 : err = filp->f_flags;
338 0 : break;
339 : case F_SETFL:
340 0 : err = setfl(fd, filp, arg);
341 0 : break;
342 : #if BITS_PER_LONG != 32
343 : /* 32-bit arches must use fcntl64() */
344 : case F_OFD_GETLK:
345 : #endif
346 : case F_GETLK:
347 0 : if (copy_from_user(&flock, argp, sizeof(flock)))
348 : return -EFAULT;
349 0 : err = fcntl_getlk(filp, cmd, &flock);
350 0 : if (!err && copy_to_user(argp, &flock, sizeof(flock)))
351 : return -EFAULT;
352 : break;
353 : #if BITS_PER_LONG != 32
354 : /* 32-bit arches must use fcntl64() */
355 : case F_OFD_SETLK:
356 : case F_OFD_SETLKW:
357 : fallthrough;
358 : #endif
359 : case F_SETLK:
360 : case F_SETLKW:
361 0 : if (copy_from_user(&flock, argp, sizeof(flock)))
362 : return -EFAULT;
363 0 : err = fcntl_setlk(fd, filp, cmd, &flock);
364 0 : break;
365 : case F_GETOWN:
366 : /*
367 : * XXX If f_owner is a process group, the
368 : * negative return value will get converted
369 : * into an error. Oops. If we keep the
370 : * current syscall conventions, the only way
371 : * to fix this will be in libc.
372 : */
373 0 : err = f_getown(filp);
374 : force_successful_syscall_return();
375 0 : break;
376 : case F_SETOWN:
377 0 : err = f_setown(filp, arg, 1);
378 0 : break;
379 : case F_GETOWN_EX:
380 0 : err = f_getown_ex(filp, arg);
381 0 : break;
382 : case F_SETOWN_EX:
383 0 : err = f_setown_ex(filp, arg);
384 0 : break;
385 : case F_GETOWNER_UIDS:
386 : err = f_getowner_uids(filp, arg);
387 : break;
388 : case F_GETSIG:
389 0 : err = filp->f_owner.signum;
390 0 : break;
391 : case F_SETSIG:
392 : /* arg == 0 restores default behaviour. */
393 0 : if (!valid_signal(arg)) {
394 : break;
395 : }
396 0 : err = 0;
397 0 : filp->f_owner.signum = arg;
398 0 : break;
399 : case F_GETLEASE:
400 0 : err = fcntl_getlease(filp);
401 0 : break;
402 : case F_SETLEASE:
403 0 : err = fcntl_setlease(fd, filp, arg);
404 0 : break;
405 : case F_NOTIFY:
406 0 : err = fcntl_dirnotify(fd, filp, arg);
407 0 : break;
408 : case F_SETPIPE_SZ:
409 : case F_GETPIPE_SZ:
410 0 : err = pipe_fcntl(filp, cmd, arg);
411 0 : break;
412 : case F_ADD_SEALS:
413 : case F_GET_SEALS:
414 : err = memfd_fcntl(filp, cmd, arg);
415 : break;
416 : case F_GET_RW_HINT:
417 : case F_SET_RW_HINT:
418 0 : err = fcntl_rw_hint(filp, cmd, arg);
419 0 : break;
420 : default:
421 : break;
422 : }
423 : return err;
424 : }
425 :
426 : static int check_fcntl_cmd(unsigned cmd)
427 : {
428 0 : switch (cmd) {
429 : case F_DUPFD:
430 : case F_DUPFD_CLOEXEC:
431 : case F_GETFD:
432 : case F_SETFD:
433 : case F_GETFL:
434 : return 1;
435 : }
436 : return 0;
437 : }
438 :
439 0 : SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd, unsigned long, arg)
440 : {
441 0 : struct fd f = fdget_raw(fd);
442 0 : long err = -EBADF;
443 :
444 0 : if (!f.file)
445 : goto out;
446 :
447 0 : if (unlikely(f.file->f_mode & FMODE_PATH)) {
448 0 : if (!check_fcntl_cmd(cmd))
449 : goto out1;
450 : }
451 :
452 0 : err = security_file_fcntl(f.file, cmd, arg);
453 : if (!err)
454 0 : err = do_fcntl(fd, cmd, arg, f.file);
455 :
456 : out1:
457 0 : fdput(f);
458 : out:
459 0 : return err;
460 : }
461 :
462 : #if BITS_PER_LONG == 32
463 : SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
464 : unsigned long, arg)
465 : {
466 : void __user *argp = (void __user *)arg;
467 : struct fd f = fdget_raw(fd);
468 : struct flock64 flock;
469 : long err = -EBADF;
470 :
471 : if (!f.file)
472 : goto out;
473 :
474 : if (unlikely(f.file->f_mode & FMODE_PATH)) {
475 : if (!check_fcntl_cmd(cmd))
476 : goto out1;
477 : }
478 :
479 : err = security_file_fcntl(f.file, cmd, arg);
480 : if (err)
481 : goto out1;
482 :
483 : switch (cmd) {
484 : case F_GETLK64:
485 : case F_OFD_GETLK:
486 : err = -EFAULT;
487 : if (copy_from_user(&flock, argp, sizeof(flock)))
488 : break;
489 : err = fcntl_getlk64(f.file, cmd, &flock);
490 : if (!err && copy_to_user(argp, &flock, sizeof(flock)))
491 : err = -EFAULT;
492 : break;
493 : case F_SETLK64:
494 : case F_SETLKW64:
495 : case F_OFD_SETLK:
496 : case F_OFD_SETLKW:
497 : err = -EFAULT;
498 : if (copy_from_user(&flock, argp, sizeof(flock)))
499 : break;
500 : err = fcntl_setlk64(fd, f.file, cmd, &flock);
501 : break;
502 : default:
503 : err = do_fcntl(fd, cmd, arg, f.file);
504 : break;
505 : }
506 : out1:
507 : fdput(f);
508 : out:
509 : return err;
510 : }
511 : #endif
512 :
513 : #ifdef CONFIG_COMPAT
514 : /* careful - don't use anywhere else */
515 : #define copy_flock_fields(dst, src) \
516 : (dst)->l_type = (src)->l_type; \
517 : (dst)->l_whence = (src)->l_whence; \
518 : (dst)->l_start = (src)->l_start; \
519 : (dst)->l_len = (src)->l_len; \
520 : (dst)->l_pid = (src)->l_pid;
521 :
522 : static int get_compat_flock(struct flock *kfl, const struct compat_flock __user *ufl)
523 : {
524 : struct compat_flock fl;
525 :
526 : if (copy_from_user(&fl, ufl, sizeof(struct compat_flock)))
527 : return -EFAULT;
528 : copy_flock_fields(kfl, &fl);
529 : return 0;
530 : }
531 :
532 : static int get_compat_flock64(struct flock *kfl, const struct compat_flock64 __user *ufl)
533 : {
534 : struct compat_flock64 fl;
535 :
536 : if (copy_from_user(&fl, ufl, sizeof(struct compat_flock64)))
537 : return -EFAULT;
538 : copy_flock_fields(kfl, &fl);
539 : return 0;
540 : }
541 :
542 : static int put_compat_flock(const struct flock *kfl, struct compat_flock __user *ufl)
543 : {
544 : struct compat_flock fl;
545 :
546 : memset(&fl, 0, sizeof(struct compat_flock));
547 : copy_flock_fields(&fl, kfl);
548 : if (copy_to_user(ufl, &fl, sizeof(struct compat_flock)))
549 : return -EFAULT;
550 : return 0;
551 : }
552 :
553 : static int put_compat_flock64(const struct flock *kfl, struct compat_flock64 __user *ufl)
554 : {
555 : struct compat_flock64 fl;
556 :
557 : BUILD_BUG_ON(sizeof(kfl->l_start) > sizeof(ufl->l_start));
558 : BUILD_BUG_ON(sizeof(kfl->l_len) > sizeof(ufl->l_len));
559 :
560 : memset(&fl, 0, sizeof(struct compat_flock64));
561 : copy_flock_fields(&fl, kfl);
562 : if (copy_to_user(ufl, &fl, sizeof(struct compat_flock64)))
563 : return -EFAULT;
564 : return 0;
565 : }
566 : #undef copy_flock_fields
567 :
568 : static unsigned int
569 : convert_fcntl_cmd(unsigned int cmd)
570 : {
571 : switch (cmd) {
572 : case F_GETLK64:
573 : return F_GETLK;
574 : case F_SETLK64:
575 : return F_SETLK;
576 : case F_SETLKW64:
577 : return F_SETLKW;
578 : }
579 :
580 : return cmd;
581 : }
582 :
583 : /*
584 : * GETLK was successful and we need to return the data, but it needs to fit in
585 : * the compat structure.
586 : * l_start shouldn't be too big, unless the original start + end is greater than
587 : * COMPAT_OFF_T_MAX, in which case the app was asking for trouble, so we return
588 : * -EOVERFLOW in that case. l_len could be too big, in which case we just
589 : * truncate it, and only allow the app to see that part of the conflicting lock
590 : * that might make sense to it anyway
591 : */
592 : static int fixup_compat_flock(struct flock *flock)
593 : {
594 : if (flock->l_start > COMPAT_OFF_T_MAX)
595 : return -EOVERFLOW;
596 : if (flock->l_len > COMPAT_OFF_T_MAX)
597 : flock->l_len = COMPAT_OFF_T_MAX;
598 : return 0;
599 : }
600 :
601 : static long do_compat_fcntl64(unsigned int fd, unsigned int cmd,
602 : compat_ulong_t arg)
603 : {
604 : struct fd f = fdget_raw(fd);
605 : struct flock flock;
606 : long err = -EBADF;
607 :
608 : if (!f.file)
609 : return err;
610 :
611 : if (unlikely(f.file->f_mode & FMODE_PATH)) {
612 : if (!check_fcntl_cmd(cmd))
613 : goto out_put;
614 : }
615 :
616 : err = security_file_fcntl(f.file, cmd, arg);
617 : if (err)
618 : goto out_put;
619 :
620 : switch (cmd) {
621 : case F_GETLK:
622 : err = get_compat_flock(&flock, compat_ptr(arg));
623 : if (err)
624 : break;
625 : err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
626 : if (err)
627 : break;
628 : err = fixup_compat_flock(&flock);
629 : if (!err)
630 : err = put_compat_flock(&flock, compat_ptr(arg));
631 : break;
632 : case F_GETLK64:
633 : case F_OFD_GETLK:
634 : err = get_compat_flock64(&flock, compat_ptr(arg));
635 : if (err)
636 : break;
637 : err = fcntl_getlk(f.file, convert_fcntl_cmd(cmd), &flock);
638 : if (!err)
639 : err = put_compat_flock64(&flock, compat_ptr(arg));
640 : break;
641 : case F_SETLK:
642 : case F_SETLKW:
643 : err = get_compat_flock(&flock, compat_ptr(arg));
644 : if (err)
645 : break;
646 : err = fcntl_setlk(fd, f.file, convert_fcntl_cmd(cmd), &flock);
647 : break;
648 : case F_SETLK64:
649 : case F_SETLKW64:
650 : case F_OFD_SETLK:
651 : case F_OFD_SETLKW:
652 : err = get_compat_flock64(&flock, compat_ptr(arg));
653 : if (err)
654 : break;
655 : err = fcntl_setlk(fd, f.file, convert_fcntl_cmd(cmd), &flock);
656 : break;
657 : default:
658 : err = do_fcntl(fd, cmd, arg, f.file);
659 : break;
660 : }
661 : out_put:
662 : fdput(f);
663 : return err;
664 : }
665 :
666 : COMPAT_SYSCALL_DEFINE3(fcntl64, unsigned int, fd, unsigned int, cmd,
667 : compat_ulong_t, arg)
668 : {
669 : return do_compat_fcntl64(fd, cmd, arg);
670 : }
671 :
672 : COMPAT_SYSCALL_DEFINE3(fcntl, unsigned int, fd, unsigned int, cmd,
673 : compat_ulong_t, arg)
674 : {
675 : switch (cmd) {
676 : case F_GETLK64:
677 : case F_SETLK64:
678 : case F_SETLKW64:
679 : case F_OFD_GETLK:
680 : case F_OFD_SETLK:
681 : case F_OFD_SETLKW:
682 : return -EINVAL;
683 : }
684 : return do_compat_fcntl64(fd, cmd, arg);
685 : }
686 : #endif
687 :
688 : /* Table to convert sigio signal codes into poll band bitmaps */
689 :
690 : static const __poll_t band_table[NSIGPOLL] = {
691 : EPOLLIN | EPOLLRDNORM, /* POLL_IN */
692 : EPOLLOUT | EPOLLWRNORM | EPOLLWRBAND, /* POLL_OUT */
693 : EPOLLIN | EPOLLRDNORM | EPOLLMSG, /* POLL_MSG */
694 : EPOLLERR, /* POLL_ERR */
695 : EPOLLPRI | EPOLLRDBAND, /* POLL_PRI */
696 : EPOLLHUP | EPOLLERR /* POLL_HUP */
697 : };
698 :
699 : static inline int sigio_perm(struct task_struct *p,
700 : struct fown_struct *fown, int sig)
701 : {
702 : const struct cred *cred;
703 : int ret;
704 :
705 : rcu_read_lock();
706 0 : cred = __task_cred(p);
707 0 : ret = ((uid_eq(fown->euid, GLOBAL_ROOT_UID) ||
708 0 : uid_eq(fown->euid, cred->suid) || uid_eq(fown->euid, cred->uid) ||
709 0 : uid_eq(fown->uid, cred->suid) || uid_eq(fown->uid, cred->uid)) &&
710 : !security_file_send_sigiotask(p, fown, sig));
711 : rcu_read_unlock();
712 : return ret;
713 : }
714 :
715 0 : static void send_sigio_to_task(struct task_struct *p,
716 : struct fown_struct *fown,
717 : int fd, int reason, enum pid_type type)
718 : {
719 : /*
720 : * F_SETSIG can change ->signum lockless in parallel, make
721 : * sure we read it once and use the same value throughout.
722 : */
723 0 : int signum = READ_ONCE(fown->signum);
724 :
725 0 : if (!sigio_perm(p, fown, signum))
726 : return;
727 :
728 0 : switch (signum) {
729 : default: {
730 : kernel_siginfo_t si;
731 :
732 : /* Queue a rt signal with the appropriate fd as its
733 : value. We use SI_SIGIO as the source, not
734 : SI_KERNEL, since kernel signals always get
735 : delivered even if we can't queue. Failure to
736 : queue in this case _should_ be reported; we fall
737 : back to SIGIO in that case. --sct */
738 0 : clear_siginfo(&si);
739 0 : si.si_signo = signum;
740 0 : si.si_errno = 0;
741 0 : si.si_code = reason;
742 : /*
743 : * Posix definies POLL_IN and friends to be signal
744 : * specific si_codes for SIG_POLL. Linux extended
745 : * these si_codes to other signals in a way that is
746 : * ambiguous if other signals also have signal
747 : * specific si_codes. In that case use SI_SIGIO instead
748 : * to remove the ambiguity.
749 : */
750 0 : if ((signum != SIGPOLL) && sig_specific_sicodes(signum))
751 0 : si.si_code = SI_SIGIO;
752 :
753 : /* Make sure we are called with one of the POLL_*
754 : reasons, otherwise we could leak kernel stack into
755 : userspace. */
756 0 : BUG_ON((reason < POLL_IN) || ((reason - POLL_IN) >= NSIGPOLL));
757 0 : if (reason - POLL_IN >= NSIGPOLL)
758 0 : si.si_band = ~0L;
759 : else
760 0 : si.si_band = mangle_poll(band_table[reason - POLL_IN]);
761 0 : si.si_fd = fd;
762 0 : if (!do_send_sig_info(signum, &si, p, type))
763 : break;
764 : }
765 : fallthrough; /* fall back on the old plain SIGIO signal */
766 : case 0:
767 0 : do_send_sig_info(SIGIO, SEND_SIG_PRIV, p, type);
768 : }
769 : }
770 :
771 0 : void send_sigio(struct fown_struct *fown, int fd, int band)
772 : {
773 : struct task_struct *p;
774 : enum pid_type type;
775 : unsigned long flags;
776 : struct pid *pid;
777 :
778 0 : read_lock_irqsave(&fown->lock, flags);
779 :
780 0 : type = fown->pid_type;
781 0 : pid = fown->pid;
782 0 : if (!pid)
783 : goto out_unlock_fown;
784 :
785 0 : if (type <= PIDTYPE_TGID) {
786 : rcu_read_lock();
787 0 : p = pid_task(pid, PIDTYPE_PID);
788 0 : if (p)
789 0 : send_sigio_to_task(p, fown, fd, band, type);
790 : rcu_read_unlock();
791 : } else {
792 0 : read_lock(&tasklist_lock);
793 0 : do_each_pid_task(pid, type, p) {
794 0 : send_sigio_to_task(p, fown, fd, band, type);
795 0 : } while_each_pid_task(pid, type, p);
796 0 : read_unlock(&tasklist_lock);
797 : }
798 : out_unlock_fown:
799 0 : read_unlock_irqrestore(&fown->lock, flags);
800 0 : }
801 :
802 0 : static void send_sigurg_to_task(struct task_struct *p,
803 : struct fown_struct *fown, enum pid_type type)
804 : {
805 0 : if (sigio_perm(p, fown, SIGURG))
806 0 : do_send_sig_info(SIGURG, SEND_SIG_PRIV, p, type);
807 0 : }
808 :
809 0 : int send_sigurg(struct fown_struct *fown)
810 : {
811 : struct task_struct *p;
812 : enum pid_type type;
813 : struct pid *pid;
814 : unsigned long flags;
815 0 : int ret = 0;
816 :
817 0 : read_lock_irqsave(&fown->lock, flags);
818 :
819 0 : type = fown->pid_type;
820 0 : pid = fown->pid;
821 0 : if (!pid)
822 : goto out_unlock_fown;
823 :
824 0 : ret = 1;
825 :
826 0 : if (type <= PIDTYPE_TGID) {
827 : rcu_read_lock();
828 0 : p = pid_task(pid, PIDTYPE_PID);
829 0 : if (p)
830 0 : send_sigurg_to_task(p, fown, type);
831 : rcu_read_unlock();
832 : } else {
833 0 : read_lock(&tasklist_lock);
834 0 : do_each_pid_task(pid, type, p) {
835 0 : send_sigurg_to_task(p, fown, type);
836 0 : } while_each_pid_task(pid, type, p);
837 0 : read_unlock(&tasklist_lock);
838 : }
839 : out_unlock_fown:
840 0 : read_unlock_irqrestore(&fown->lock, flags);
841 0 : return ret;
842 : }
843 :
844 : static DEFINE_SPINLOCK(fasync_lock);
845 : static struct kmem_cache *fasync_cache __read_mostly;
846 :
847 0 : static void fasync_free_rcu(struct rcu_head *head)
848 : {
849 0 : kmem_cache_free(fasync_cache,
850 0 : container_of(head, struct fasync_struct, fa_rcu));
851 0 : }
852 :
853 : /*
854 : * Remove a fasync entry. If successfully removed, return
855 : * positive and clear the FASYNC flag. If no entry exists,
856 : * do nothing and return 0.
857 : *
858 : * NOTE! It is very important that the FASYNC flag always
859 : * match the state "is the filp on a fasync list".
860 : *
861 : */
862 0 : int fasync_remove_entry(struct file *filp, struct fasync_struct **fapp)
863 : {
864 : struct fasync_struct *fa, **fp;
865 0 : int result = 0;
866 :
867 0 : spin_lock(&filp->f_lock);
868 0 : spin_lock(&fasync_lock);
869 0 : for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
870 0 : if (fa->fa_file != filp)
871 0 : continue;
872 :
873 0 : write_lock_irq(&fa->fa_lock);
874 0 : fa->fa_file = NULL;
875 0 : write_unlock_irq(&fa->fa_lock);
876 :
877 0 : *fp = fa->fa_next;
878 0 : call_rcu(&fa->fa_rcu, fasync_free_rcu);
879 0 : filp->f_flags &= ~FASYNC;
880 0 : result = 1;
881 0 : break;
882 : }
883 0 : spin_unlock(&fasync_lock);
884 0 : spin_unlock(&filp->f_lock);
885 0 : return result;
886 : }
887 :
888 0 : struct fasync_struct *fasync_alloc(void)
889 : {
890 0 : return kmem_cache_alloc(fasync_cache, GFP_KERNEL);
891 : }
892 :
893 : /*
894 : * NOTE! This can be used only for unused fasync entries:
895 : * entries that actually got inserted on the fasync list
896 : * need to be released by rcu - see fasync_remove_entry.
897 : */
898 0 : void fasync_free(struct fasync_struct *new)
899 : {
900 0 : kmem_cache_free(fasync_cache, new);
901 0 : }
902 :
903 : /*
904 : * Insert a new entry into the fasync list. Return the pointer to the
905 : * old one if we didn't use the new one.
906 : *
907 : * NOTE! It is very important that the FASYNC flag always
908 : * match the state "is the filp on a fasync list".
909 : */
910 0 : struct fasync_struct *fasync_insert_entry(int fd, struct file *filp, struct fasync_struct **fapp, struct fasync_struct *new)
911 : {
912 : struct fasync_struct *fa, **fp;
913 :
914 0 : spin_lock(&filp->f_lock);
915 0 : spin_lock(&fasync_lock);
916 0 : for (fp = fapp; (fa = *fp) != NULL; fp = &fa->fa_next) {
917 0 : if (fa->fa_file != filp)
918 0 : continue;
919 :
920 0 : write_lock_irq(&fa->fa_lock);
921 0 : fa->fa_fd = fd;
922 0 : write_unlock_irq(&fa->fa_lock);
923 0 : goto out;
924 : }
925 :
926 : rwlock_init(&new->fa_lock);
927 0 : new->magic = FASYNC_MAGIC;
928 0 : new->fa_file = filp;
929 0 : new->fa_fd = fd;
930 0 : new->fa_next = *fapp;
931 0 : rcu_assign_pointer(*fapp, new);
932 0 : filp->f_flags |= FASYNC;
933 :
934 : out:
935 0 : spin_unlock(&fasync_lock);
936 0 : spin_unlock(&filp->f_lock);
937 0 : return fa;
938 : }
939 :
940 : /*
941 : * Add a fasync entry. Return negative on error, positive if
942 : * added, and zero if did nothing but change an existing one.
943 : */
944 0 : static int fasync_add_entry(int fd, struct file *filp, struct fasync_struct **fapp)
945 : {
946 : struct fasync_struct *new;
947 :
948 0 : new = fasync_alloc();
949 0 : if (!new)
950 : return -ENOMEM;
951 :
952 : /*
953 : * fasync_insert_entry() returns the old (update) entry if
954 : * it existed.
955 : *
956 : * So free the (unused) new entry and return 0 to let the
957 : * caller know that we didn't add any new fasync entries.
958 : */
959 0 : if (fasync_insert_entry(fd, filp, fapp, new)) {
960 0 : fasync_free(new);
961 0 : return 0;
962 : }
963 :
964 : return 1;
965 : }
966 :
967 : /*
968 : * fasync_helper() is used by almost all character device drivers
969 : * to set up the fasync queue, and for regular files by the file
970 : * lease code. It returns negative on error, 0 if it did no changes
971 : * and positive if it added/deleted the entry.
972 : */
973 0 : int fasync_helper(int fd, struct file * filp, int on, struct fasync_struct **fapp)
974 : {
975 0 : if (!on)
976 0 : return fasync_remove_entry(filp, fapp);
977 0 : return fasync_add_entry(fd, filp, fapp);
978 : }
979 :
980 : EXPORT_SYMBOL(fasync_helper);
981 :
982 : /*
983 : * rcu_read_lock() is held
984 : */
985 0 : static void kill_fasync_rcu(struct fasync_struct *fa, int sig, int band)
986 : {
987 0 : while (fa) {
988 : struct fown_struct *fown;
989 : unsigned long flags;
990 :
991 0 : if (fa->magic != FASYNC_MAGIC) {
992 0 : printk(KERN_ERR "kill_fasync: bad magic number in "
993 : "fasync_struct!\n");
994 0 : return;
995 : }
996 0 : read_lock_irqsave(&fa->fa_lock, flags);
997 0 : if (fa->fa_file) {
998 0 : fown = &fa->fa_file->f_owner;
999 : /* Don't send SIGURG to processes which have not set a
1000 : queued signum: SIGURG has its own default signalling
1001 : mechanism. */
1002 0 : if (!(sig == SIGURG && fown->signum == 0))
1003 0 : send_sigio(fown, fa->fa_fd, band);
1004 : }
1005 0 : read_unlock_irqrestore(&fa->fa_lock, flags);
1006 0 : fa = rcu_dereference(fa->fa_next);
1007 : }
1008 : }
1009 :
1010 0 : void kill_fasync(struct fasync_struct **fp, int sig, int band)
1011 : {
1012 : /* First a quick test without locking: usually
1013 : * the list is empty.
1014 : */
1015 0 : if (*fp) {
1016 : rcu_read_lock();
1017 0 : kill_fasync_rcu(rcu_dereference(*fp), sig, band);
1018 : rcu_read_unlock();
1019 : }
1020 0 : }
1021 : EXPORT_SYMBOL(kill_fasync);
1022 :
1023 1 : static int __init fcntl_init(void)
1024 : {
1025 : /*
1026 : * Please add new bits here to ensure allocation uniqueness.
1027 : * Exceptions: O_NONBLOCK is a two bit define on parisc; O_NDELAY
1028 : * is defined as O_NONBLOCK on some platforms and not on others.
1029 : */
1030 : BUILD_BUG_ON(21 - 1 /* for O_RDONLY being 0 */ !=
1031 : HWEIGHT32(
1032 : (VALID_OPEN_FLAGS & ~(O_NONBLOCK | O_NDELAY)) |
1033 : __FMODE_EXEC | __FMODE_NONOTIFY));
1034 :
1035 1 : fasync_cache = kmem_cache_create("fasync_cache",
1036 : sizeof(struct fasync_struct), 0,
1037 : SLAB_PANIC | SLAB_ACCOUNT, NULL);
1038 1 : return 0;
1039 : }
1040 :
1041 : module_init(fcntl_init)
|
