inode.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572
  1. // SPDX-License-Identifier: GPL-2.0-or-later
  2. /* -*- linux-c -*- --------------------------------------------------------- *
  3. *
  4. * linux/fs/devpts/inode.c
  5. *
  6. * Copyright 1998-2004 H. Peter Anvin -- All Rights Reserved
  7. *
  8. * ------------------------------------------------------------------------- */
  9. #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  10. #include <linux/module.h>
  11. #include <linux/init.h>
  12. #include <linux/fs.h>
  13. #include <linux/fs_context.h>
  14. #include <linux/fs_parser.h>
  15. #include <linux/sched.h>
  16. #include <linux/namei.h>
  17. #include <linux/slab.h>
  18. #include <linux/mount.h>
  19. #include <linux/tty.h>
  20. #include <linux/mutex.h>
  21. #include <linux/magic.h>
  22. #include <linux/idr.h>
  23. #include <linux/devpts_fs.h>
  24. #include <linux/fsnotify.h>
  25. #include <linux/seq_file.h>
  26. #define DEVPTS_DEFAULT_MODE 0600
  27. /*
  28. * ptmx is a new node in /dev/pts and will be unused in legacy (single-
  29. * instance) mode. To prevent surprises in user space, set permissions of
  30. * ptmx to 0. Use 'chmod' or remount with '-o ptmxmode' to set meaningful
  31. * permissions.
  32. */
  33. #define DEVPTS_DEFAULT_PTMX_MODE 0000
  34. #define PTMX_MINOR 2
  35. /*
  36. * sysctl support for setting limits on the number of Unix98 ptys allocated.
  37. * Otherwise one can eat up all kernel memory by opening /dev/ptmx repeatedly.
  38. */
  39. static int pty_limit = NR_UNIX98_PTY_DEFAULT;
  40. static int pty_reserve = NR_UNIX98_PTY_RESERVE;
  41. static int pty_limit_min;
  42. static int pty_limit_max = INT_MAX;
  43. static atomic_t pty_count = ATOMIC_INIT(0);
  44. static const struct ctl_table pty_table[] = {
  45. {
  46. .procname = "max",
  47. .maxlen = sizeof(int),
  48. .mode = 0644,
  49. .data = &pty_limit,
  50. .proc_handler = proc_dointvec_minmax,
  51. .extra1 = &pty_limit_min,
  52. .extra2 = &pty_limit_max,
  53. }, {
  54. .procname = "reserve",
  55. .maxlen = sizeof(int),
  56. .mode = 0644,
  57. .data = &pty_reserve,
  58. .proc_handler = proc_dointvec_minmax,
  59. .extra1 = &pty_limit_min,
  60. .extra2 = &pty_limit_max,
  61. }, {
  62. .procname = "nr",
  63. .maxlen = sizeof(int),
  64. .mode = 0444,
  65. .data = &pty_count,
  66. .proc_handler = proc_dointvec,
  67. },
  68. };
  69. struct pts_mount_opts {
  70. int setuid;
  71. int setgid;
  72. kuid_t uid;
  73. kgid_t gid;
  74. umode_t mode;
  75. umode_t ptmxmode;
  76. int reserve;
  77. int max;
  78. };
  79. enum {
  80. Opt_uid, Opt_gid, Opt_mode, Opt_ptmxmode, Opt_newinstance, Opt_max,
  81. Opt_err
  82. };
  83. static const struct fs_parameter_spec devpts_param_specs[] = {
  84. fsparam_gid ("gid", Opt_gid),
  85. fsparam_s32 ("max", Opt_max),
  86. fsparam_u32oct ("mode", Opt_mode),
  87. fsparam_flag ("newinstance", Opt_newinstance),
  88. fsparam_u32oct ("ptmxmode", Opt_ptmxmode),
  89. fsparam_uid ("uid", Opt_uid),
  90. {}
  91. };
  92. struct pts_fs_info {
  93. struct ida allocated_ptys;
  94. struct pts_mount_opts mount_opts;
  95. struct super_block *sb;
  96. struct inode *ptmx_inode; // borrowed
  97. };
  98. static inline struct pts_fs_info *DEVPTS_SB(struct super_block *sb)
  99. {
  100. return sb->s_fs_info;
  101. }
  102. static int devpts_ptmx_path(struct path *path)
  103. {
  104. struct super_block *sb;
  105. int err;
  106. /* Is a devpts filesystem at "pts" in the same directory? */
  107. err = path_pts(path);
  108. if (err)
  109. return err;
  110. /* Is the path the root of a devpts filesystem? */
  111. sb = path->mnt->mnt_sb;
  112. if ((sb->s_magic != DEVPTS_SUPER_MAGIC) ||
  113. (path->mnt->mnt_root != sb->s_root))
  114. return -ENODEV;
  115. return 0;
  116. }
  117. /*
  118. * Try to find a suitable devpts filesystem. We support the following
  119. * scenarios:
  120. * - The ptmx device node is located in the same directory as the devpts
  121. * mount where the pts device nodes are located.
  122. * This is e.g. the case when calling open on the /dev/pts/ptmx device
  123. * node when the devpts filesystem is mounted at /dev/pts.
  124. * - The ptmx device node is located outside the devpts filesystem mount
  125. * where the pts device nodes are located. For example, the ptmx device
  126. * is a symlink, separate device node, or bind-mount.
  127. * A supported scenario is bind-mounting /dev/pts/ptmx to /dev/ptmx and
  128. * then calling open on /dev/ptmx. In this case a suitable pts
  129. * subdirectory can be found in the common parent directory /dev of the
  130. * devpts mount and the ptmx bind-mount, after resolving the /dev/ptmx
  131. * bind-mount.
  132. * If no suitable pts subdirectory can be found this function will fail.
  133. * This is e.g. the case when bind-mounting /dev/pts/ptmx to /ptmx.
  134. */
  135. struct vfsmount *devpts_mntget(struct file *filp, struct pts_fs_info *fsi)
  136. {
  137. struct path path;
  138. int err = 0;
  139. path = filp->f_path;
  140. path_get(&path);
  141. /* Walk upward while the start point is a bind mount of
  142. * a single file.
  143. */
  144. while (path.mnt->mnt_root == path.dentry)
  145. if (follow_up(&path) == 0)
  146. break;
  147. /* devpts_ptmx_path() finds a devpts fs or returns an error. */
  148. if ((path.mnt->mnt_sb->s_magic != DEVPTS_SUPER_MAGIC) ||
  149. (DEVPTS_SB(path.mnt->mnt_sb) != fsi))
  150. err = devpts_ptmx_path(&path);
  151. dput(path.dentry);
  152. if (!err) {
  153. if (DEVPTS_SB(path.mnt->mnt_sb) == fsi)
  154. return path.mnt;
  155. err = -ENODEV;
  156. }
  157. mntput(path.mnt);
  158. return ERR_PTR(err);
  159. }
  160. struct pts_fs_info *devpts_acquire(struct file *filp)
  161. {
  162. struct pts_fs_info *result;
  163. struct path path;
  164. struct super_block *sb;
  165. path = filp->f_path;
  166. path_get(&path);
  167. /* Has the devpts filesystem already been found? */
  168. if (path.mnt->mnt_sb->s_magic != DEVPTS_SUPER_MAGIC) {
  169. int err;
  170. err = devpts_ptmx_path(&path);
  171. if (err) {
  172. result = ERR_PTR(err);
  173. goto out;
  174. }
  175. }
  176. /*
  177. * pty code needs to hold extra references in case of last /dev/tty close
  178. */
  179. sb = path.mnt->mnt_sb;
  180. atomic_inc(&sb->s_active);
  181. result = DEVPTS_SB(sb);
  182. out:
  183. path_put(&path);
  184. return result;
  185. }
  186. void devpts_release(struct pts_fs_info *fsi)
  187. {
  188. deactivate_super(fsi->sb);
  189. }
  190. /*
  191. * devpts_parse_param - Parse mount parameters
  192. */
  193. static int devpts_parse_param(struct fs_context *fc, struct fs_parameter *param)
  194. {
  195. struct pts_fs_info *fsi = fc->s_fs_info;
  196. struct pts_mount_opts *opts = &fsi->mount_opts;
  197. struct fs_parse_result result;
  198. int opt;
  199. opt = fs_parse(fc, devpts_param_specs, param, &result);
  200. if (opt < 0)
  201. return opt;
  202. switch (opt) {
  203. case Opt_uid:
  204. opts->uid = result.uid;
  205. opts->setuid = 1;
  206. break;
  207. case Opt_gid:
  208. opts->gid = result.gid;
  209. opts->setgid = 1;
  210. break;
  211. case Opt_mode:
  212. opts->mode = result.uint_32 & S_IALLUGO;
  213. break;
  214. case Opt_ptmxmode:
  215. opts->ptmxmode = result.uint_32 & S_IALLUGO;
  216. break;
  217. case Opt_newinstance:
  218. break;
  219. case Opt_max:
  220. if (result.uint_32 > NR_UNIX98_PTY_MAX)
  221. return invalf(fc, "max out of range");
  222. opts->max = result.uint_32;
  223. break;
  224. }
  225. return 0;
  226. }
  227. static int mknod_ptmx(struct super_block *sb, struct fs_context *fc)
  228. {
  229. int mode;
  230. struct dentry *dentry;
  231. struct inode *inode;
  232. struct dentry *root = sb->s_root;
  233. struct pts_fs_info *fsi = DEVPTS_SB(sb);
  234. struct pts_mount_opts *opts = &fsi->mount_opts;
  235. kuid_t ptmx_uid = current_fsuid();
  236. kgid_t ptmx_gid = current_fsgid();
  237. dentry = simple_start_creating(root, "ptmx");
  238. if (IS_ERR(dentry)) {
  239. pr_err("Unable to alloc dentry for ptmx node\n");
  240. return PTR_ERR(dentry);
  241. }
  242. /*
  243. * Create a new 'ptmx' node in this mount of devpts.
  244. */
  245. inode = new_inode(sb);
  246. if (!inode) {
  247. simple_done_creating(dentry);
  248. pr_err("Unable to alloc inode for ptmx node\n");
  249. return -ENOMEM;
  250. }
  251. inode->i_ino = 2;
  252. simple_inode_init_ts(inode);
  253. mode = S_IFCHR|opts->ptmxmode;
  254. init_special_inode(inode, mode, MKDEV(TTYAUX_MAJOR, 2));
  255. inode->i_uid = ptmx_uid;
  256. inode->i_gid = ptmx_gid;
  257. fsi->ptmx_inode = inode;
  258. d_make_persistent(dentry, inode);
  259. simple_done_creating(dentry);
  260. return 0;
  261. }
  262. static void update_ptmx_mode(struct pts_fs_info *fsi)
  263. {
  264. fsi->ptmx_inode->i_mode = S_IFCHR|fsi->mount_opts.ptmxmode;
  265. }
  266. static int devpts_reconfigure(struct fs_context *fc)
  267. {
  268. struct pts_fs_info *fsi = DEVPTS_SB(fc->root->d_sb);
  269. struct pts_fs_info *new = fc->s_fs_info;
  270. /* Apply the revised options. We don't want to change ->reserve.
  271. * Ideally, we'd update each option conditionally on it having been
  272. * explicitly changed, but the default is to reset everything so that
  273. * would break UAPI...
  274. */
  275. fsi->mount_opts.setuid = new->mount_opts.setuid;
  276. fsi->mount_opts.setgid = new->mount_opts.setgid;
  277. fsi->mount_opts.uid = new->mount_opts.uid;
  278. fsi->mount_opts.gid = new->mount_opts.gid;
  279. fsi->mount_opts.mode = new->mount_opts.mode;
  280. fsi->mount_opts.ptmxmode = new->mount_opts.ptmxmode;
  281. fsi->mount_opts.max = new->mount_opts.max;
  282. /*
  283. * parse_mount_options() restores options to default values
  284. * before parsing and may have changed ptmxmode. So, update the
  285. * mode in the inode too. Bogus options don't fail the remount,
  286. * so do this even on error return.
  287. */
  288. update_ptmx_mode(fsi);
  289. return 0;
  290. }
  291. static int devpts_show_options(struct seq_file *seq, struct dentry *root)
  292. {
  293. struct pts_fs_info *fsi = DEVPTS_SB(root->d_sb);
  294. struct pts_mount_opts *opts = &fsi->mount_opts;
  295. if (opts->setuid)
  296. seq_printf(seq, ",uid=%u",
  297. from_kuid_munged(&init_user_ns, opts->uid));
  298. if (opts->setgid)
  299. seq_printf(seq, ",gid=%u",
  300. from_kgid_munged(&init_user_ns, opts->gid));
  301. seq_printf(seq, ",mode=%03o", opts->mode);
  302. seq_printf(seq, ",ptmxmode=%03o", opts->ptmxmode);
  303. if (opts->max < NR_UNIX98_PTY_MAX)
  304. seq_printf(seq, ",max=%d", opts->max);
  305. return 0;
  306. }
  307. static const struct super_operations devpts_sops = {
  308. .statfs = simple_statfs,
  309. .show_options = devpts_show_options,
  310. };
  311. static int devpts_fill_super(struct super_block *s, struct fs_context *fc)
  312. {
  313. struct pts_fs_info *fsi = DEVPTS_SB(s);
  314. struct inode *inode;
  315. s->s_iflags &= ~SB_I_NODEV;
  316. s->s_blocksize = 1024;
  317. s->s_blocksize_bits = 10;
  318. s->s_magic = DEVPTS_SUPER_MAGIC;
  319. s->s_op = &devpts_sops;
  320. s->s_d_flags = DCACHE_DONTCACHE;
  321. s->s_time_gran = 1;
  322. fsi->sb = s;
  323. inode = new_inode(s);
  324. if (!inode)
  325. return -ENOMEM;
  326. inode->i_ino = 1;
  327. simple_inode_init_ts(inode);
  328. inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR;
  329. inode->i_op = &simple_dir_inode_operations;
  330. inode->i_fop = &simple_dir_operations;
  331. set_nlink(inode, 2);
  332. s->s_root = d_make_root(inode);
  333. if (!s->s_root) {
  334. pr_err("get root dentry failed\n");
  335. return -ENOMEM;
  336. }
  337. return mknod_ptmx(s, fc);
  338. }
  339. /*
  340. * devpts_get_tree()
  341. *
  342. * Mount a new (private) instance of devpts. PTYs created in this
  343. * instance are independent of the PTYs in other devpts instances.
  344. */
  345. static int devpts_get_tree(struct fs_context *fc)
  346. {
  347. return get_tree_nodev(fc, devpts_fill_super);
  348. }
  349. static void devpts_free_fc(struct fs_context *fc)
  350. {
  351. kfree(fc->s_fs_info);
  352. }
  353. static const struct fs_context_operations devpts_context_ops = {
  354. .free = devpts_free_fc,
  355. .parse_param = devpts_parse_param,
  356. .get_tree = devpts_get_tree,
  357. .reconfigure = devpts_reconfigure,
  358. };
  359. /*
  360. * Set up the filesystem mount context.
  361. */
  362. static int devpts_init_fs_context(struct fs_context *fc)
  363. {
  364. struct pts_fs_info *fsi;
  365. fsi = kzalloc_obj(struct pts_fs_info);
  366. if (!fsi)
  367. return -ENOMEM;
  368. ida_init(&fsi->allocated_ptys);
  369. fsi->mount_opts.uid = GLOBAL_ROOT_UID;
  370. fsi->mount_opts.gid = GLOBAL_ROOT_GID;
  371. fsi->mount_opts.mode = DEVPTS_DEFAULT_MODE;
  372. fsi->mount_opts.ptmxmode = DEVPTS_DEFAULT_PTMX_MODE;
  373. fsi->mount_opts.max = NR_UNIX98_PTY_MAX;
  374. if (fc->purpose == FS_CONTEXT_FOR_MOUNT &&
  375. current->nsproxy->mnt_ns == init_task.nsproxy->mnt_ns)
  376. fsi->mount_opts.reserve = true;
  377. fc->s_fs_info = fsi;
  378. fc->ops = &devpts_context_ops;
  379. return 0;
  380. }
  381. static void devpts_kill_sb(struct super_block *sb)
  382. {
  383. struct pts_fs_info *fsi = DEVPTS_SB(sb);
  384. if (fsi)
  385. ida_destroy(&fsi->allocated_ptys);
  386. kfree(fsi);
  387. kill_anon_super(sb);
  388. }
  389. static struct file_system_type devpts_fs_type = {
  390. .name = "devpts",
  391. .init_fs_context = devpts_init_fs_context,
  392. .parameters = devpts_param_specs,
  393. .kill_sb = devpts_kill_sb,
  394. .fs_flags = FS_USERNS_MOUNT,
  395. };
  396. /*
  397. * The normal naming convention is simply /dev/pts/<number>; this conforms
  398. * to the System V naming convention
  399. */
  400. int devpts_new_index(struct pts_fs_info *fsi)
  401. {
  402. int index = -ENOSPC;
  403. if (atomic_inc_return(&pty_count) >= (pty_limit -
  404. (fsi->mount_opts.reserve ? 0 : pty_reserve)))
  405. goto out;
  406. index = ida_alloc_max(&fsi->allocated_ptys, fsi->mount_opts.max - 1,
  407. GFP_KERNEL);
  408. out:
  409. if (index < 0)
  410. atomic_dec(&pty_count);
  411. return index;
  412. }
  413. void devpts_kill_index(struct pts_fs_info *fsi, int idx)
  414. {
  415. ida_free(&fsi->allocated_ptys, idx);
  416. atomic_dec(&pty_count);
  417. }
  418. /**
  419. * devpts_pty_new -- create a new inode in /dev/pts/
  420. * @fsi: Filesystem info for this instance.
  421. * @index: used as a name of the node
  422. * @priv: what's given back by devpts_get_priv
  423. *
  424. * The dentry for the created inode is returned.
  425. * Remove it from /dev/pts/ with devpts_pty_kill().
  426. */
  427. struct dentry *devpts_pty_new(struct pts_fs_info *fsi, int index, void *priv)
  428. {
  429. struct dentry *dentry;
  430. struct super_block *sb = fsi->sb;
  431. struct inode *inode;
  432. struct dentry *root;
  433. struct pts_mount_opts *opts;
  434. char s[12];
  435. root = sb->s_root;
  436. opts = &fsi->mount_opts;
  437. inode = new_inode(sb);
  438. if (!inode)
  439. return ERR_PTR(-ENOMEM);
  440. inode->i_ino = index + 3;
  441. inode->i_uid = opts->setuid ? opts->uid : current_fsuid();
  442. inode->i_gid = opts->setgid ? opts->gid : current_fsgid();
  443. simple_inode_init_ts(inode);
  444. init_special_inode(inode, S_IFCHR|opts->mode, MKDEV(UNIX98_PTY_SLAVE_MAJOR, index));
  445. sprintf(s, "%d", index);
  446. dentry = d_alloc_name(root, s);
  447. if (!dentry) {
  448. iput(inode);
  449. return ERR_PTR(-ENOMEM);
  450. }
  451. dentry->d_fsdata = priv;
  452. d_make_persistent(dentry, inode);
  453. fsnotify_create(d_inode(root), dentry);
  454. dput(dentry);
  455. return dentry; // borrowed
  456. }
  457. /**
  458. * devpts_get_priv -- get private data for a slave
  459. * @dentry: dentry of the slave
  460. *
  461. * Returns whatever was passed as priv in devpts_pty_new for a given inode.
  462. */
  463. void *devpts_get_priv(struct dentry *dentry)
  464. {
  465. if (dentry->d_sb->s_magic != DEVPTS_SUPER_MAGIC)
  466. return NULL;
  467. return dentry->d_fsdata;
  468. }
  469. /**
  470. * devpts_pty_kill -- remove inode form /dev/pts/
  471. * @dentry: dentry of the slave to be removed
  472. *
  473. * This is an inverse operation of devpts_pty_new.
  474. */
  475. void devpts_pty_kill(struct dentry *dentry)
  476. {
  477. WARN_ON_ONCE(dentry->d_sb->s_magic != DEVPTS_SUPER_MAGIC);
  478. dentry->d_fsdata = NULL;
  479. drop_nlink(dentry->d_inode);
  480. d_drop(dentry);
  481. fsnotify_unlink(d_inode(dentry->d_parent), dentry);
  482. d_make_discardable(dentry);
  483. }
  484. static int __init init_devpts_fs(void)
  485. {
  486. int err = register_filesystem(&devpts_fs_type);
  487. if (!err) {
  488. register_sysctl("kernel/pty", pty_table);
  489. }
  490. return err;
  491. }
  492. module_init(init_devpts_fs)