tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1/*
2 * fs/inotify_user.c - inotify support for userspace
3 *
4 * Authors:
5 * John McCutchan <ttb@tentacle.dhs.org>
6 * Robert Love <rml@novell.com>
7 *
8 * Copyright (C) 2005 John McCutchan
9 * Copyright 2006 Hewlett-Packard Development Company, L.P.
10 *
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the
13 * Free Software Foundation; either version 2, or (at your option) any
14 * later version.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 */
21
22#include <linux/kernel.h>
23#include <linux/sched.h>
24#include <linux/slab.h>
25#include <linux/fs.h>
26#include <linux/file.h>
27#include <linux/mount.h>
28#include <linux/namei.h>
29#include <linux/poll.h>
30#include <linux/init.h>
31#include <linux/list.h>
32#include <linux/inotify.h>
33#include <linux/syscalls.h>
34#include <linux/magic.h>
35
36#include <asm/ioctls.h>
37
38static struct kmem_cache *watch_cachep __read_mostly;
39static struct kmem_cache *event_cachep __read_mostly;
40
41static struct vfsmount *inotify_mnt __read_mostly;
42
43/* these are configurable via /proc/sys/fs/inotify/ */
44static int inotify_max_user_instances __read_mostly;
45static int inotify_max_user_watches __read_mostly;
46static int inotify_max_queued_events __read_mostly;
47
48/*
49 * Lock ordering:
50 *
51 * inotify_dev->up_mutex (ensures we don't re-add the same watch)
52 * inode->inotify_mutex (protects inode's watch list)
53 * inotify_handle->mutex (protects inotify_handle's watch list)
54 * inotify_dev->ev_mutex (protects device's event queue)
55 */
56
57/*
58 * Lifetimes of the main data structures:
59 *
60 * inotify_device: Lifetime is managed by reference count, from
61 * sys_inotify_init() until release. Additional references can bump the count
62 * via get_inotify_dev() and drop the count via put_inotify_dev().
63 *
64 * inotify_user_watch: Lifetime is from create_watch() to the receipt of an
65 * IN_IGNORED event from inotify, or when using IN_ONESHOT, to receipt of the
66 * first event, or to inotify_destroy().
67 */
68
69/*
70 * struct inotify_device - represents an inotify instance
71 *
72 * This structure is protected by the mutex 'mutex'.
73 */
74struct inotify_device {
75 wait_queue_head_t wq; /* wait queue for i/o */
76 struct mutex ev_mutex; /* protects event queue */
77 struct mutex up_mutex; /* synchronizes watch updates */
78 struct list_head events; /* list of queued events */
79 atomic_t count; /* reference count */
80 struct user_struct *user; /* user who opened this dev */
81 struct inotify_handle *ih; /* inotify handle */
82 struct fasync_struct *fa; /* async notification */
83 unsigned int queue_size; /* size of the queue (bytes) */
84 unsigned int event_count; /* number of pending events */
85 unsigned int max_events; /* maximum number of events */
86};
87
88/*
89 * struct inotify_kernel_event - An inotify event, originating from a watch and
90 * queued for user-space. A list of these is attached to each instance of the
91 * device. In read(), this list is walked and all events that can fit in the
92 * buffer are returned.
93 *
94 * Protected by dev->ev_mutex of the device in which we are queued.
95 */
96struct inotify_kernel_event {
97 struct inotify_event event; /* the user-space event */
98 struct list_head list; /* entry in inotify_device's list */
99 char *name; /* filename, if any */
100};
101
102/*
103 * struct inotify_user_watch - our version of an inotify_watch, we add
104 * a reference to the associated inotify_device.
105 */
106struct inotify_user_watch {
107 struct inotify_device *dev; /* associated device */
108 struct inotify_watch wdata; /* inotify watch data */
109};
110
111#ifdef CONFIG_SYSCTL
112
113#include <linux/sysctl.h>
114
115static int zero;
116
117ctl_table inotify_table[] = {
118 {
119 .ctl_name = INOTIFY_MAX_USER_INSTANCES,
120 .procname = "max_user_instances",
121 .data = &inotify_max_user_instances,
122 .maxlen = sizeof(int),
123 .mode = 0644,
124 .proc_handler = &proc_dointvec_minmax,
125 .strategy = &sysctl_intvec,
126 .extra1 = &zero,
127 },
128 {
129 .ctl_name = INOTIFY_MAX_USER_WATCHES,
130 .procname = "max_user_watches",
131 .data = &inotify_max_user_watches,
132 .maxlen = sizeof(int),
133 .mode = 0644,
134 .proc_handler = &proc_dointvec_minmax,
135 .strategy = &sysctl_intvec,
136 .extra1 = &zero,
137 },
138 {
139 .ctl_name = INOTIFY_MAX_QUEUED_EVENTS,
140 .procname = "max_queued_events",
141 .data = &inotify_max_queued_events,
142 .maxlen = sizeof(int),
143 .mode = 0644,
144 .proc_handler = &proc_dointvec_minmax,
145 .strategy = &sysctl_intvec,
146 .extra1 = &zero
147 },
148 { .ctl_name = 0 }
149};
150#endif /* CONFIG_SYSCTL */
151
152static inline void get_inotify_dev(struct inotify_device *dev)
153{
154 atomic_inc(&dev->count);
155}
156
157static inline void put_inotify_dev(struct inotify_device *dev)
158{
159 if (atomic_dec_and_test(&dev->count)) {
160 atomic_dec(&dev->user->inotify_devs);
161 free_uid(dev->user);
162 kfree(dev);
163 }
164}
165
166/*
167 * free_inotify_user_watch - cleans up the watch and its references
168 */
169static void free_inotify_user_watch(struct inotify_watch *w)
170{
171 struct inotify_user_watch *watch;
172 struct inotify_device *dev;
173
174 watch = container_of(w, struct inotify_user_watch, wdata);
175 dev = watch->dev;
176
177 atomic_dec(&dev->user->inotify_watches);
178 put_inotify_dev(dev);
179 kmem_cache_free(watch_cachep, watch);
180}
181
182/*
183 * kernel_event - create a new kernel event with the given parameters
184 *
185 * This function can sleep.
186 */
187static struct inotify_kernel_event * kernel_event(s32 wd, u32 mask, u32 cookie,
188 const char *name)
189{
190 struct inotify_kernel_event *kevent;
191
192 kevent = kmem_cache_alloc(event_cachep, GFP_NOFS);
193 if (unlikely(!kevent))
194 return NULL;
195
196 /* we hand this out to user-space, so zero it just in case */
197 memset(&kevent->event, 0, sizeof(struct inotify_event));
198
199 kevent->event.wd = wd;
200 kevent->event.mask = mask;
201 kevent->event.cookie = cookie;
202
203 INIT_LIST_HEAD(&kevent->list);
204
205 if (name) {
206 size_t len, rem, event_size = sizeof(struct inotify_event);
207
208 /*
209 * We need to pad the filename so as to properly align an
210 * array of inotify_event structures. Because the structure is
211 * small and the common case is a small filename, we just round
212 * up to the next multiple of the structure's sizeof. This is
213 * simple and safe for all architectures.
214 */
215 len = strlen(name) + 1;
216 rem = event_size - len;
217 if (len > event_size) {
218 rem = event_size - (len % event_size);
219 if (len % event_size == 0)
220 rem = 0;
221 }
222
223 kevent->name = kmalloc(len + rem, GFP_KERNEL);
224 if (unlikely(!kevent->name)) {
225 kmem_cache_free(event_cachep, kevent);
226 return NULL;
227 }
228 memcpy(kevent->name, name, len);
229 if (rem)
230 memset(kevent->name + len, 0, rem);
231 kevent->event.len = len + rem;
232 } else {
233 kevent->event.len = 0;
234 kevent->name = NULL;
235 }
236
237 return kevent;
238}
239
240/*
241 * inotify_dev_get_event - return the next event in the given dev's queue
242 *
243 * Caller must hold dev->ev_mutex.
244 */
245static inline struct inotify_kernel_event *
246inotify_dev_get_event(struct inotify_device *dev)
247{
248 return list_entry(dev->events.next, struct inotify_kernel_event, list);
249}
250
251/*
252 * inotify_dev_get_last_event - return the last event in the given dev's queue
253 *
254 * Caller must hold dev->ev_mutex.
255 */
256static inline struct inotify_kernel_event *
257inotify_dev_get_last_event(struct inotify_device *dev)
258{
259 if (list_empty(&dev->events))
260 return NULL;
261 return list_entry(dev->events.prev, struct inotify_kernel_event, list);
262}
263
264/*
265 * inotify_dev_queue_event - event handler registered with core inotify, adds
266 * a new event to the given device
267 *
268 * Can sleep (calls kernel_event()).
269 */
270static void inotify_dev_queue_event(struct inotify_watch *w, u32 wd, u32 mask,
271 u32 cookie, const char *name,
272 struct inode *ignored)
273{
274 struct inotify_user_watch *watch;
275 struct inotify_device *dev;
276 struct inotify_kernel_event *kevent, *last;
277
278 watch = container_of(w, struct inotify_user_watch, wdata);
279 dev = watch->dev;
280
281 mutex_lock(&dev->ev_mutex);
282
283 /* we can safely put the watch as we don't reference it while
284 * generating the event
285 */
286 if (mask & IN_IGNORED || w->mask & IN_ONESHOT)
287 put_inotify_watch(w); /* final put */
288
289 /* coalescing: drop this event if it is a dupe of the previous */
290 last = inotify_dev_get_last_event(dev);
291 if (last && last->event.mask == mask && last->event.wd == wd &&
292 last->event.cookie == cookie) {
293 const char *lastname = last->name;
294
295 if (!name && !lastname)
296 goto out;
297 if (name && lastname && !strcmp(lastname, name))
298 goto out;
299 }
300
301 /* the queue overflowed and we already sent the Q_OVERFLOW event */
302 if (unlikely(dev->event_count > dev->max_events))
303 goto out;
304
305 /* if the queue overflows, we need to notify user space */
306 if (unlikely(dev->event_count == dev->max_events))
307 kevent = kernel_event(-1, IN_Q_OVERFLOW, cookie, NULL);
308 else
309 kevent = kernel_event(wd, mask, cookie, name);
310
311 if (unlikely(!kevent))
312 goto out;
313
314 /* queue the event and wake up anyone waiting */
315 dev->event_count++;
316 dev->queue_size += sizeof(struct inotify_event) + kevent->event.len;
317 list_add_tail(&kevent->list, &dev->events);
318 wake_up_interruptible(&dev->wq);
319 kill_fasync(&dev->fa, SIGIO, POLL_IN);
320
321out:
322 mutex_unlock(&dev->ev_mutex);
323}
324
325/*
326 * remove_kevent - cleans up and ultimately frees the given kevent
327 *
328 * Caller must hold dev->ev_mutex.
329 */
330static void remove_kevent(struct inotify_device *dev,
331 struct inotify_kernel_event *kevent)
332{
333 list_del(&kevent->list);
334
335 dev->event_count--;
336 dev->queue_size -= sizeof(struct inotify_event) + kevent->event.len;
337
338 kfree(kevent->name);
339 kmem_cache_free(event_cachep, kevent);
340}
341
342/*
343 * inotify_dev_event_dequeue - destroy an event on the given device
344 *
345 * Caller must hold dev->ev_mutex.
346 */
347static void inotify_dev_event_dequeue(struct inotify_device *dev)
348{
349 if (!list_empty(&dev->events)) {
350 struct inotify_kernel_event *kevent;
351 kevent = inotify_dev_get_event(dev);
352 remove_kevent(dev, kevent);
353 }
354}
355
356/*
357 * find_inode - resolve a user-given path to a specific inode and return a nd
358 */
359static int find_inode(const char __user *dirname, struct nameidata *nd,
360 unsigned flags)
361{
362 int error;
363
364 error = __user_walk(dirname, flags, nd);
365 if (error)
366 return error;
367 /* you can only watch an inode if you have read permissions on it */
368 error = vfs_permission(nd, MAY_READ);
369 if (error)
370 path_put(&nd->path);
371 return error;
372}
373
374/*
375 * create_watch - creates a watch on the given device.
376 *
377 * Callers must hold dev->up_mutex.
378 */
379static int create_watch(struct inotify_device *dev, struct inode *inode,
380 u32 mask)
381{
382 struct inotify_user_watch *watch;
383 int ret;
384
385 if (atomic_read(&dev->user->inotify_watches) >=
386 inotify_max_user_watches)
387 return -ENOSPC;
388
389 watch = kmem_cache_alloc(watch_cachep, GFP_KERNEL);
390 if (unlikely(!watch))
391 return -ENOMEM;
392
393 /* save a reference to device and bump the count to make it official */
394 get_inotify_dev(dev);
395 watch->dev = dev;
396
397 atomic_inc(&dev->user->inotify_watches);
398
399 inotify_init_watch(&watch->wdata);
400 ret = inotify_add_watch(dev->ih, &watch->wdata, inode, mask);
401 if (ret < 0)
402 free_inotify_user_watch(&watch->wdata);
403
404 return ret;
405}
406
407/* Device Interface */
408
409static unsigned int inotify_poll(struct file *file, poll_table *wait)
410{
411 struct inotify_device *dev = file->private_data;
412 int ret = 0;
413
414 poll_wait(file, &dev->wq, wait);
415 mutex_lock(&dev->ev_mutex);
416 if (!list_empty(&dev->events))
417 ret = POLLIN | POLLRDNORM;
418 mutex_unlock(&dev->ev_mutex);
419
420 return ret;
421}
422
423static ssize_t inotify_read(struct file *file, char __user *buf,
424 size_t count, loff_t *pos)
425{
426 size_t event_size = sizeof (struct inotify_event);
427 struct inotify_device *dev;
428 char __user *start;
429 int ret;
430 DEFINE_WAIT(wait);
431
432 start = buf;
433 dev = file->private_data;
434
435 while (1) {
436 int events;
437
438 prepare_to_wait(&dev->wq, &wait, TASK_INTERRUPTIBLE);
439
440 mutex_lock(&dev->ev_mutex);
441 events = !list_empty(&dev->events);
442 mutex_unlock(&dev->ev_mutex);
443 if (events) {
444 ret = 0;
445 break;
446 }
447
448 if (file->f_flags & O_NONBLOCK) {
449 ret = -EAGAIN;
450 break;
451 }
452
453 if (signal_pending(current)) {
454 ret = -EINTR;
455 break;
456 }
457
458 schedule();
459 }
460
461 finish_wait(&dev->wq, &wait);
462 if (ret)
463 return ret;
464
465 mutex_lock(&dev->ev_mutex);
466 while (1) {
467 struct inotify_kernel_event *kevent;
468
469 ret = buf - start;
470 if (list_empty(&dev->events))
471 break;
472
473 kevent = inotify_dev_get_event(dev);
474 if (event_size + kevent->event.len > count) {
475 if (ret == 0 && count > 0) {
476 /*
477 * could not get a single event because we
478 * didn't have enough buffer space.
479 */
480 ret = -EINVAL;
481 }
482 break;
483 }
484
485 if (copy_to_user(buf, &kevent->event, event_size)) {
486 ret = -EFAULT;
487 break;
488 }
489 buf += event_size;
490 count -= event_size;
491
492 if (kevent->name) {
493 if (copy_to_user(buf, kevent->name, kevent->event.len)){
494 ret = -EFAULT;
495 break;
496 }
497 buf += kevent->event.len;
498 count -= kevent->event.len;
499 }
500
501 remove_kevent(dev, kevent);
502 }
503 mutex_unlock(&dev->ev_mutex);
504
505 return ret;
506}
507
508static int inotify_fasync(int fd, struct file *file, int on)
509{
510 struct inotify_device *dev = file->private_data;
511
512 return fasync_helper(fd, file, on, &dev->fa) >= 0 ? 0 : -EIO;
513}
514
515static int inotify_release(struct inode *ignored, struct file *file)
516{
517 struct inotify_device *dev = file->private_data;
518
519 inotify_destroy(dev->ih);
520
521 /* destroy all of the events on this device */
522 mutex_lock(&dev->ev_mutex);
523 while (!list_empty(&dev->events))
524 inotify_dev_event_dequeue(dev);
525 mutex_unlock(&dev->ev_mutex);
526
527 if (file->f_flags & FASYNC)
528 inotify_fasync(-1, file, 0);
529
530 /* free this device: the put matching the get in inotify_init() */
531 put_inotify_dev(dev);
532
533 return 0;
534}
535
536static long inotify_ioctl(struct file *file, unsigned int cmd,
537 unsigned long arg)
538{
539 struct inotify_device *dev;
540 void __user *p;
541 int ret = -ENOTTY;
542
543 dev = file->private_data;
544 p = (void __user *) arg;
545
546 switch (cmd) {
547 case FIONREAD:
548 ret = put_user(dev->queue_size, (int __user *) p);
549 break;
550 }
551
552 return ret;
553}
554
555static const struct file_operations inotify_fops = {
556 .poll = inotify_poll,
557 .read = inotify_read,
558 .fasync = inotify_fasync,
559 .release = inotify_release,
560 .unlocked_ioctl = inotify_ioctl,
561 .compat_ioctl = inotify_ioctl,
562};
563
564static const struct inotify_operations inotify_user_ops = {
565 .handle_event = inotify_dev_queue_event,
566 .destroy_watch = free_inotify_user_watch,
567};
568
569asmlinkage long sys_inotify_init(void)
570{
571 struct inotify_device *dev;
572 struct inotify_handle *ih;
573 struct user_struct *user;
574 struct file *filp;
575 int fd, ret;
576
577 fd = get_unused_fd();
578 if (fd < 0)
579 return fd;
580
581 filp = get_empty_filp();
582 if (!filp) {
583 ret = -ENFILE;
584 goto out_put_fd;
585 }
586
587 user = get_uid(current->user);
588 if (unlikely(atomic_read(&user->inotify_devs) >=
589 inotify_max_user_instances)) {
590 ret = -EMFILE;
591 goto out_free_uid;
592 }
593
594 dev = kmalloc(sizeof(struct inotify_device), GFP_KERNEL);
595 if (unlikely(!dev)) {
596 ret = -ENOMEM;
597 goto out_free_uid;
598 }
599
600 ih = inotify_init(&inotify_user_ops);
601 if (IS_ERR(ih)) {
602 ret = PTR_ERR(ih);
603 goto out_free_dev;
604 }
605 dev->ih = ih;
606 dev->fa = NULL;
607
608 filp->f_op = &inotify_fops;
609 filp->f_path.mnt = mntget(inotify_mnt);
610 filp->f_path.dentry = dget(inotify_mnt->mnt_root);
611 filp->f_mapping = filp->f_path.dentry->d_inode->i_mapping;
612 filp->f_mode = FMODE_READ;
613 filp->f_flags = O_RDONLY;
614 filp->private_data = dev;
615
616 INIT_LIST_HEAD(&dev->events);
617 init_waitqueue_head(&dev->wq);
618 mutex_init(&dev->ev_mutex);
619 mutex_init(&dev->up_mutex);
620 dev->event_count = 0;
621 dev->queue_size = 0;
622 dev->max_events = inotify_max_queued_events;
623 dev->user = user;
624 atomic_set(&dev->count, 0);
625
626 get_inotify_dev(dev);
627 atomic_inc(&user->inotify_devs);
628 fd_install(fd, filp);
629
630 return fd;
631out_free_dev:
632 kfree(dev);
633out_free_uid:
634 free_uid(user);
635 put_filp(filp);
636out_put_fd:
637 put_unused_fd(fd);
638 return ret;
639}
640
641asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
642{
643 struct inode *inode;
644 struct inotify_device *dev;
645 struct nameidata nd;
646 struct file *filp;
647 int ret, fput_needed;
648 unsigned flags = 0;
649
650 filp = fget_light(fd, &fput_needed);
651 if (unlikely(!filp))
652 return -EBADF;
653
654 /* verify that this is indeed an inotify instance */
655 if (unlikely(filp->f_op != &inotify_fops)) {
656 ret = -EINVAL;
657 goto fput_and_out;
658 }
659
660 if (!(mask & IN_DONT_FOLLOW))
661 flags |= LOOKUP_FOLLOW;
662 if (mask & IN_ONLYDIR)
663 flags |= LOOKUP_DIRECTORY;
664
665 ret = find_inode(path, &nd, flags);
666 if (unlikely(ret))
667 goto fput_and_out;
668
669 /* inode held in place by reference to nd; dev by fget on fd */
670 inode = nd.path.dentry->d_inode;
671 dev = filp->private_data;
672
673 mutex_lock(&dev->up_mutex);
674 ret = inotify_find_update_watch(dev->ih, inode, mask);
675 if (ret == -ENOENT)
676 ret = create_watch(dev, inode, mask);
677 mutex_unlock(&dev->up_mutex);
678
679 path_put(&nd.path);
680fput_and_out:
681 fput_light(filp, fput_needed);
682 return ret;
683}
684
685asmlinkage long sys_inotify_rm_watch(int fd, u32 wd)
686{
687 struct file *filp;
688 struct inotify_device *dev;
689 int ret, fput_needed;
690
691 filp = fget_light(fd, &fput_needed);
692 if (unlikely(!filp))
693 return -EBADF;
694
695 /* verify that this is indeed an inotify instance */
696 if (unlikely(filp->f_op != &inotify_fops)) {
697 ret = -EINVAL;
698 goto out;
699 }
700
701 dev = filp->private_data;
702
703 /* we free our watch data when we get IN_IGNORED */
704 ret = inotify_rm_wd(dev->ih, wd);
705
706out:
707 fput_light(filp, fput_needed);
708 return ret;
709}
710
711static int
712inotify_get_sb(struct file_system_type *fs_type, int flags,
713 const char *dev_name, void *data, struct vfsmount *mnt)
714{
715 return get_sb_pseudo(fs_type, "inotify", NULL,
716 INOTIFYFS_SUPER_MAGIC, mnt);
717}
718
719static struct file_system_type inotify_fs_type = {
720 .name = "inotifyfs",
721 .get_sb = inotify_get_sb,
722 .kill_sb = kill_anon_super,
723};
724
725/*
726 * inotify_user_setup - Our initialization function. Note that we cannnot return
727 * error because we have compiled-in VFS hooks. So an (unlikely) failure here
728 * must result in panic().
729 */
730static int __init inotify_user_setup(void)
731{
732 int ret;
733
734 ret = register_filesystem(&inotify_fs_type);
735 if (unlikely(ret))
736 panic("inotify: register_filesystem returned %d!\n", ret);
737
738 inotify_mnt = kern_mount(&inotify_fs_type);
739 if (IS_ERR(inotify_mnt))
740 panic("inotify: kern_mount ret %ld!\n", PTR_ERR(inotify_mnt));
741
742 inotify_max_queued_events = 16384;
743 inotify_max_user_instances = 128;
744 inotify_max_user_watches = 8192;
745
746 watch_cachep = kmem_cache_create("inotify_watch_cache",
747 sizeof(struct inotify_user_watch),
748 0, SLAB_PANIC, NULL);
749 event_cachep = kmem_cache_create("inotify_event_cache",
750 sizeof(struct inotify_kernel_event),
751 0, SLAB_PANIC, NULL);
752
753 return 0;
754}
755
756module_init(inotify_user_setup);