2 * fs/sdcardfs/sdcardfs.h
5 * This file system replaces the sdcard daemon on Android
6 * On version 2.0, some of the daemon functions have been ported
7 * to support the multi-user concepts of Android 4.4
9 * Copyright (c) 2013 Samsung Electronics Co. Ltd
10 * Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun,
11 * Sunghwan Yun, Sungjong Seo
13 * This program has been developed as a stackable file system based on
14 * the WrapFS which written by
16 * Copyright (c) 1998-2011 Erez Zadok
17 * Copyright (c) 2009 Shrikar Archak
18 * Copyright (c) 2003-2011 Stony Brook University
19 * Copyright (c) 2003-2011 The Research Foundation of SUNY
21 * This file is dual licensed. It may be redistributed and/or modified
22 * under the terms of the Apache 2.0 License OR version 2 of the GNU
23 * General Public License.
29 #include <linux/dcache.h>
30 #include <linux/file.h>
32 #include <linux/aio.h>
33 #include <linux/kref.h>
35 #include <linux/mount.h>
36 #include <linux/namei.h>
37 #include <linux/seq_file.h>
38 #include <linux/statfs.h>
39 #include <linux/fs_stack.h>
40 #include <linux/magic.h>
41 #include <linux/uaccess.h>
42 #include <linux/slab.h>
43 #include <linux/sched.h>
44 #include <linux/types.h>
45 #include <linux/security.h>
46 #include <linux/string.h>
47 #include <linux/list.h>
48 #include "multiuser.h"
50 /* the file system name */
51 #define SDCARDFS_NAME "sdcardfs"
53 /* sdcardfs root inode number */
54 #define SDCARDFS_ROOT_INO 1
56 /* useful for tracking code reachability */
57 #define UDBG pr_default("DBG:%s:%s:%d\n", __FILE__, __func__, __LINE__)
59 #define SDCARDFS_DIRENT_SIZE 256
61 /* temporary static uid settings for development */
62 #define AID_ROOT 0 /* uid for accessing /mnt/sdcard & extSdcard */
63 #define AID_MEDIA_RW 1023 /* internal media storage write access */
65 #define AID_SDCARD_RW 1015 /* external storage write access */
66 #define AID_SDCARD_R 1028 /* external storage read access */
67 #define AID_SDCARD_PICS 1033 /* external storage photos access */
68 #define AID_SDCARD_AV 1034 /* external storage audio/video access */
69 #define AID_SDCARD_ALL 1035 /* access all users external storage */
70 #define AID_MEDIA_OBB 1059 /* obb files */
72 #define AID_SDCARD_IMAGE 1057
74 #define AID_PACKAGE_INFO 1027
78 * Permissions are handled by our permission function.
79 * We don't want anyone who happens to look at our inode value to prematurely
80 * block access, so store more permissive values. These are probably never
83 #define fixup_tmp_permissions(x) \
85 (x)->i_uid = SDCARDFS_I(x)->data->d_uid; \
86 (x)->i_gid = AID_SDCARD_RW; \
87 (x)->i_mode = ((x)->i_mode & S_IFMT) | 0775;\
90 /* Android 5.0 support */
92 /* Permission mode for a specific node. Controls how file permissions
93 * are derived for children nodes.
96 /* Nothing special; this node should just inherit from its parent. */
98 /* This node is one level above a normal root; used for legacy layouts
99 * which use the first level to represent user_id.
102 /* This node is "/" */
104 /* This node is "/Android" */
106 /* This node is "/Android/data" */
108 /* This node is "/Android/obb" */
110 /* This node is "/Android/media" */
112 /* This node is "/Android/[data|media|obb]/[package]" */
113 PERM_ANDROID_PACKAGE
,
114 /* This node is "/Android/[data|media|obb]/[package]/cache" */
115 PERM_ANDROID_PACKAGE_CACHE
,
118 struct sdcardfs_sb_info
;
119 struct sdcardfs_mount_options
;
120 struct sdcardfs_inode_info
;
121 struct sdcardfs_inode_data
;
123 /* Do not directly use this function. Use OVERRIDE_CRED() instead. */
124 const struct cred
*override_fsids(struct sdcardfs_sb_info
*sbi
,
125 struct sdcardfs_inode_data
*data
);
126 /* Do not directly use this function, use REVERT_CRED() instead. */
127 void revert_fsids(const struct cred
*old_cred
);
129 /* operations vectors defined in specific files */
130 extern const struct file_operations sdcardfs_main_fops
;
131 extern const struct file_operations sdcardfs_dir_fops
;
132 extern const struct inode_operations sdcardfs_main_iops
;
133 extern const struct inode_operations sdcardfs_dir_iops
;
134 extern const struct inode_operations sdcardfs_symlink_iops
;
135 extern const struct super_operations sdcardfs_sops
;
136 extern const struct dentry_operations sdcardfs_ci_dops
;
137 extern const struct address_space_operations sdcardfs_aops
, sdcardfs_dummy_aops
;
138 extern const struct vm_operations_struct sdcardfs_vm_ops
;
140 extern int sdcardfs_init_inode_cache(void);
141 extern void sdcardfs_destroy_inode_cache(void);
142 extern int sdcardfs_init_dentry_cache(void);
143 extern void sdcardfs_destroy_dentry_cache(void);
144 extern int new_dentry_private_data(struct dentry
*dentry
);
145 extern void free_dentry_private_data(struct dentry
*dentry
);
146 extern struct dentry
*sdcardfs_lookup(struct inode
*dir
, struct dentry
*dentry
,
148 extern struct inode
*sdcardfs_iget(struct super_block
*sb
,
149 struct inode
*lower_inode
, userid_t id
);
150 extern int sdcardfs_interpose(struct dentry
*dentry
, struct super_block
*sb
,
151 struct path
*lower_path
, userid_t id
);
153 /* file private data */
154 struct sdcardfs_file_info
{
155 struct file
*lower_file
;
156 const struct vm_operations_struct
*lower_vm_ops
;
159 struct sdcardfs_inode_data
{
160 struct kref refcount
;
171 /* sdcardfs inode data in memory */
172 struct sdcardfs_inode_info
{
173 struct inode
*lower_inode
;
174 /* state derived based on current position in hierarchy */
175 struct sdcardfs_inode_data
*data
;
177 /* top folder for ownership */
179 struct sdcardfs_inode_data
*top_data
;
181 struct inode vfs_inode
;
185 /* sdcardfs dentry data in memory */
186 struct sdcardfs_dentry_info
{
187 spinlock_t lock
; /* protects lower_path */
188 struct path lower_path
;
189 struct path orig_path
;
192 struct sdcardfs_mount_options
{
200 unsigned int reserved_mb
;
204 struct sdcardfs_vfsmount_options
{
209 extern int parse_options_remount(struct super_block
*sb
, char *options
, int silent
,
210 struct sdcardfs_vfsmount_options
*vfsopts
);
212 /* sdcardfs super-block data in memory */
213 struct sdcardfs_sb_info
{
214 struct super_block
*sb
;
215 struct super_block
*lower_sb
;
216 /* derived perm policy : some of options have been added
217 * to sdcardfs_mount_options (Android 4.4 support)
219 struct sdcardfs_mount_options options
;
220 spinlock_t lock
; /* protects obbpath */
224 struct list_head list
;
228 * inode to private data
230 * Since we use containers and the struct inode is _inside_ the
231 * sdcardfs_inode_info structure, SDCARDFS_I will always (given a non-NULL
232 * inode pointer), return a valid non-NULL pointer.
234 static inline struct sdcardfs_inode_info
*SDCARDFS_I(const struct inode
*inode
)
236 return container_of(inode
, struct sdcardfs_inode_info
, vfs_inode
);
239 /* dentry to private data */
240 #define SDCARDFS_D(dent) ((struct sdcardfs_dentry_info *)(dent)->d_fsdata)
242 /* superblock to private data */
243 #define SDCARDFS_SB(super) ((struct sdcardfs_sb_info *)(super)->s_fs_info)
245 /* file to private Data */
246 #define SDCARDFS_F(file) ((struct sdcardfs_file_info *)((file)->private_data))
248 /* file to lower file */
249 static inline struct file
*sdcardfs_lower_file(const struct file
*f
)
251 return SDCARDFS_F(f
)->lower_file
;
254 static inline void sdcardfs_set_lower_file(struct file
*f
, struct file
*val
)
256 SDCARDFS_F(f
)->lower_file
= val
;
259 /* inode to lower inode. */
260 static inline struct inode
*sdcardfs_lower_inode(const struct inode
*i
)
262 return SDCARDFS_I(i
)->lower_inode
;
265 static inline void sdcardfs_set_lower_inode(struct inode
*i
, struct inode
*val
)
267 SDCARDFS_I(i
)->lower_inode
= val
;
270 /* superblock to lower superblock */
271 static inline struct super_block
*sdcardfs_lower_super(
272 const struct super_block
*sb
)
274 return SDCARDFS_SB(sb
)->lower_sb
;
277 static inline void sdcardfs_set_lower_super(struct super_block
*sb
,
278 struct super_block
*val
)
280 SDCARDFS_SB(sb
)->lower_sb
= val
;
283 /* path based (dentry/mnt) macros */
284 static inline void pathcpy(struct path
*dst
, const struct path
*src
)
286 dst
->dentry
= src
->dentry
;
290 /* sdcardfs_get_pname functions calls path_get()
291 * therefore, the caller must call "proper" path_put functions
293 #define SDCARDFS_DENT_FUNC(pname) \
294 static inline void sdcardfs_get_##pname(const struct dentry *dent, \
295 struct path *pname) \
297 spin_lock(&SDCARDFS_D(dent)->lock); \
298 pathcpy(pname, &SDCARDFS_D(dent)->pname); \
300 spin_unlock(&SDCARDFS_D(dent)->lock); \
303 static inline void sdcardfs_put_##pname(const struct dentry *dent, \
304 struct path *pname) \
309 static inline void sdcardfs_set_##pname(const struct dentry *dent, \
310 struct path *pname) \
312 spin_lock(&SDCARDFS_D(dent)->lock); \
313 pathcpy(&SDCARDFS_D(dent)->pname, pname); \
314 spin_unlock(&SDCARDFS_D(dent)->lock); \
317 static inline void sdcardfs_reset_##pname(const struct dentry *dent) \
319 spin_lock(&SDCARDFS_D(dent)->lock); \
320 SDCARDFS_D(dent)->pname.dentry = NULL; \
321 SDCARDFS_D(dent)->pname.mnt = NULL; \
322 spin_unlock(&SDCARDFS_D(dent)->lock); \
325 static inline void sdcardfs_put_reset_##pname(const struct dentry *dent) \
328 spin_lock(&SDCARDFS_D(dent)->lock); \
329 if (SDCARDFS_D(dent)->pname.dentry) { \
330 pathcpy(&pname, &SDCARDFS_D(dent)->pname); \
331 SDCARDFS_D(dent)->pname.dentry = NULL; \
332 SDCARDFS_D(dent)->pname.mnt = NULL; \
333 spin_unlock(&SDCARDFS_D(dent)->lock); \
336 spin_unlock(&SDCARDFS_D(dent)->lock); \
340 SDCARDFS_DENT_FUNC(lower_path
)
341 SDCARDFS_DENT_FUNC(orig_path
)
343 static inline bool sbinfo_has_sdcard_magic(struct sdcardfs_sb_info
*sbinfo
)
345 return sbinfo
&& sbinfo
->sb
346 && sbinfo
->sb
->s_magic
== SDCARDFS_SUPER_MAGIC
;
349 static inline struct sdcardfs_inode_data
*data_get(
350 struct sdcardfs_inode_data
*data
)
353 kref_get(&data
->refcount
);
357 static inline struct sdcardfs_inode_data
*top_data_get(
358 struct sdcardfs_inode_info
*info
)
360 struct sdcardfs_inode_data
*top_data
;
362 spin_lock(&info
->top_lock
);
363 top_data
= data_get(info
->top_data
);
364 spin_unlock(&info
->top_lock
);
368 extern void data_release(struct kref
*ref
);
370 static inline void data_put(struct sdcardfs_inode_data
*data
)
372 kref_put(&data
->refcount
, data_release
);
375 static inline void release_own_data(struct sdcardfs_inode_info
*info
)
378 * This happens exactly once per inode. At this point, the inode that
379 * originally held this data is about to be freed, and all references
380 * to it are held as a top value, and will likely be released soon.
382 info
->data
->abandoned
= true;
383 data_put(info
->data
);
386 static inline void set_top(struct sdcardfs_inode_info
*info
,
387 struct sdcardfs_inode_info
*top_owner
)
389 struct sdcardfs_inode_data
*old_top
;
390 struct sdcardfs_inode_data
*new_top
= NULL
;
393 new_top
= top_data_get(top_owner
);
395 spin_lock(&info
->top_lock
);
396 old_top
= info
->top_data
;
397 info
->top_data
= new_top
;
400 spin_unlock(&info
->top_lock
);
403 static inline int get_gid(struct vfsmount
*mnt
,
404 struct super_block
*sb
,
405 struct sdcardfs_inode_data
*data
)
407 struct sdcardfs_vfsmount_options
*vfsopts
= mnt
->data
;
408 struct sdcardfs_sb_info
*sbi
= SDCARDFS_SB(sb
);
410 if (vfsopts
->gid
== AID_SDCARD_RW
&& !sbi
->options
.default_normal
)
411 /* As an optimization, certain trusted system components only run
412 * as owner but operate across all users. Since we're now handing
413 * out the sdcard_rw GID only to trusted apps, we're okay relaxing
414 * the user boundary enforcement for the default view. The UIDs
415 * assigned to app directories are still multiuser aware.
417 return AID_SDCARD_RW
;
419 return multiuser_get_uid(data
->userid
, vfsopts
->gid
);
422 static inline int get_mode(struct vfsmount
*mnt
,
423 struct sdcardfs_inode_info
*info
,
424 struct sdcardfs_inode_data
*data
)
428 struct sdcardfs_vfsmount_options
*opts
= mnt
->data
;
429 int visible_mode
= 0775 & ~opts
->mask
;
432 if (data
->perm
== PERM_PRE_ROOT
) {
433 /* Top of multi-user view should always be visible to ensure
434 * secondary users can traverse inside.
437 } else if (data
->under_android
) {
438 /* Block "other" access to Android directories, since only apps
439 * belonging to a specific user should be in there; we still
440 * leave +x open for the default view.
442 if (opts
->gid
== AID_SDCARD_RW
)
443 visible_mode
= visible_mode
& ~0006;
445 visible_mode
= visible_mode
& ~0007;
447 owner_mode
= info
->lower_inode
->i_mode
& 0700;
448 filtered_mode
= visible_mode
& (owner_mode
| (owner_mode
>> 3) | (owner_mode
>> 6));
449 return filtered_mode
;
452 static inline int has_graft_path(const struct dentry
*dent
)
456 spin_lock(&SDCARDFS_D(dent
)->lock
);
457 if (SDCARDFS_D(dent
)->orig_path
.dentry
!= NULL
)
459 spin_unlock(&SDCARDFS_D(dent
)->lock
);
464 static inline void sdcardfs_get_real_lower(const struct dentry
*dent
,
465 struct path
*real_lower
)
467 /* in case of a local obb dentry
468 * the orig_path should be returned
470 if (has_graft_path(dent
))
471 sdcardfs_get_orig_path(dent
, real_lower
);
473 sdcardfs_get_lower_path(dent
, real_lower
);
476 static inline void sdcardfs_put_real_lower(const struct dentry
*dent
,
477 struct path
*real_lower
)
479 if (has_graft_path(dent
))
480 sdcardfs_put_orig_path(dent
, real_lower
);
482 sdcardfs_put_lower_path(dent
, real_lower
);
485 extern struct mutex sdcardfs_super_list_lock
;
486 extern struct list_head sdcardfs_super_list
;
488 /* for packagelist.c */
489 extern appid_t
get_appid(const char *app_name
);
490 extern appid_t
get_ext_gid(const char *app_name
);
491 extern appid_t
is_excluded(const char *app_name
, userid_t userid
);
492 extern int check_caller_access_to_name(struct inode
*parent_node
, const struct qstr
*name
);
493 extern int packagelist_init(void);
494 extern void packagelist_exit(void);
496 /* for derived_perm.c */
497 #define BY_NAME (1 << 0)
498 #define BY_USERID (1 << 1)
499 struct limit_search
{
505 extern void setup_derived_state(struct inode
*inode
, perm_t perm
,
506 userid_t userid
, uid_t uid
);
507 extern void get_derived_permission(struct dentry
*parent
, struct dentry
*dentry
);
508 extern void get_derived_permission_new(struct dentry
*parent
, struct dentry
*dentry
, const struct qstr
*name
);
509 extern void fixup_perms_recursive(struct dentry
*dentry
, struct limit_search
*limit
);
511 extern void update_derived_permission_lock(struct dentry
*dentry
);
512 void fixup_lower_ownership(struct dentry
*dentry
, const char *name
);
513 extern int need_graft_path(struct dentry
*dentry
);
514 extern int is_base_obbpath(struct dentry
*dentry
);
515 extern int is_obbpath_invalid(struct dentry
*dentry
);
516 extern int setup_obb_dentry(struct dentry
*dentry
, struct path
*lower_path
);
518 /* locking helpers */
519 static inline struct dentry
*lock_parent(struct dentry
*dentry
)
521 struct dentry
*dir
= dget_parent(dentry
);
523 mutex_lock_nested(&dir
->d_inode
->i_mutex
, I_MUTEX_PARENT
);
527 static inline void unlock_dir(struct dentry
*dir
)
529 mutex_unlock(&dir
->d_inode
->i_mutex
);
533 static inline int prepare_dir(const char *path_s
, uid_t uid
, gid_t gid
, mode_t mode
)
540 dent
= kern_path_locked(path_s
, &parent
);
548 err
= vfs_mkdir2(parent
.mnt
, parent
.dentry
->d_inode
, dent
, mode
);
557 attrs
.ia_valid
= ATTR_UID
| ATTR_GID
;
558 mutex_lock(&dent
->d_inode
->i_mutex
);
559 notify_change2(parent
.mnt
, dent
, &attrs
);
560 mutex_unlock(&dent
->d_inode
->i_mutex
);
566 /* parent dentry locked by lookup_create */
567 mutex_unlock(&parent
.dentry
->d_inode
->i_mutex
);
573 * Return 1, if a disk has enough free space, otherwise 0.
574 * We assume that any files can not be overwritten.
576 static inline int check_min_free_space(struct dentry
*dentry
, size_t size
, int dir
)
579 struct path lower_path
;
580 struct kstatfs statfs
;
582 struct sdcardfs_sb_info
*sbi
= SDCARDFS_SB(dentry
->d_sb
);
584 if (sbi
->options
.reserved_mb
) {
585 /* Get fs stat of lower filesystem. */
586 sdcardfs_get_lower_path(dentry
, &lower_path
);
587 err
= vfs_statfs(&lower_path
, &statfs
);
588 sdcardfs_put_lower_path(dentry
, &lower_path
);
593 /* Invalid statfs informations. */
594 if (unlikely(statfs
.f_bsize
== 0))
597 /* if you are checking directory, set size to f_bsize. */
599 size
= statfs
.f_bsize
;
602 avail
= statfs
.f_bavail
* statfs
.f_bsize
;
604 /* not enough space */
605 if ((u64
)size
> avail
)
609 if ((avail
- size
) > (sbi
->options
.reserved_mb
* 1024 * 1024))
618 * Copies attrs and maintains sdcardfs managed attrs
619 * Since our permission check handles all special permissions, set those to be open
621 static inline void sdcardfs_copy_and_fix_attrs(struct inode
*dest
, const struct inode
*src
)
624 dest
->i_mode
= (src
->i_mode
& S_IFMT
) | S_IRWXU
| S_IRWXG
|
625 S_IROTH
| S_IXOTH
; /* 0775 */
626 dest
->i_uid
= SDCARDFS_I(dest
)->data
->d_uid
;
627 dest
->i_gid
= AID_SDCARD_RW
;
628 dest
->i_rdev
= src
->i_rdev
;
629 dest
->i_atime
= src
->i_atime
;
630 dest
->i_mtime
= src
->i_mtime
;
631 dest
->i_ctime
= src
->i_ctime
;
632 dest
->i_blkbits
= src
->i_blkbits
;
633 dest
->i_flags
= src
->i_flags
;
634 set_nlink(dest
, src
->i_nlink
);
637 static inline bool str_case_eq(const char *s1
, const char *s2
)
639 return !strcasecmp(s1
, s2
);
642 static inline bool str_n_case_eq(const char *s1
, const char *s2
, size_t len
)
644 return !strncasecmp(s1
, s2
, len
);
647 static inline bool qstr_case_eq(const struct qstr
*q1
, const struct qstr
*q2
)
649 return q1
->len
== q2
->len
&& str_n_case_eq(q1
->name
, q2
->name
, q2
->len
);
652 #define QSTR_LITERAL(string) QSTR_INIT(string, sizeof(string)-1)
654 #endif /* not _SDCARDFS_H_ */