/* * Copyright (c) 2018-2021, Andreas Kling * Copyright (c) 2024, Liav A. * * SPDX-License-Identifier: BSD-2-Clause */ #pragma once #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include namespace Kernel { // Kernel internal options. #define O_NOFOLLOW_NOERROR (1 << 29) #define O_UNLINK_INTERNAL (1 << 30) struct UidAndGid { UserID uid; GroupID gid; }; enum class AccessFlags { None = 0, EffectiveAccess = 1 << 0, DoNotFollowSymlinks = 1 << 1, }; AK_ENUM_BITWISE_OPERATORS(AccessFlags); class VirtualFileSystem { friend class StorageManagement; public: // Required to be at least 8 by POSIX // https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/limits.h.html static constexpr int symlink_recursion_limit = 8; static void initialize(); static VirtualFileSystem& the(); static bool check_matching_absolute_path_hierarchy(Custody const& first_custody, Custody const& second_custody); static ErrorOr find_filesystem_type_initializer(StringView fs_type); VirtualFileSystem(); ~VirtualFileSystem(); SpinlockProtected, LockRank::FileSystem>& all_file_systems_list(Badge) { return m_file_systems_list; } SpinlockProtected, LockRank::FileSystem>& all_root_contexts_list(Badge) { return m_root_contexts; } SpinlockProtected, LockRank::FileSystem>& all_root_contexts_list(Badge) { return m_root_contexts; } ErrorOr mount(VFSRootContext&, MountFile&, OpenFileDescription*, Custody& mount_point, int flags); ErrorOr pivot_root_by_copying_mounted_fs_instance(VFSRootContext&, FileSystem& fs, int root_mount_flags); ErrorOr bind_mount(VFSRootContext&, Custody& source, Custody& mount_point, int flags); ErrorOr remount(VFSRootContext&, Custody& mount_point, int new_flags); ErrorOr unmount(VFSRootContext&, Custody& mount_point); ErrorOr unmount(VFSRootContext&, Inode& guest_inode, StringView custody_path); ErrorOr> open(VFSRootContext const&, Credentials const&, StringView path, int options, mode_t mode, CustodyBase const& base, Optional = {}); ErrorOr> open(Process const&, VFSRootContext const&, Credentials const&, StringView path, int options, mode_t mode, CustodyBase const& base, Optional = {}); ErrorOr> create(Credentials const&, StringView path, int options, mode_t mode, Custody& parent_custody, Optional = {}); ErrorOr> create(Process const&, Credentials const&, StringView path, int options, mode_t mode, Custody& parent_custody, Optional = {}); ErrorOr mkdir(VFSRootContext const&, Credentials const&, StringView path, mode_t mode, CustodyBase const& base); ErrorOr link(VFSRootContext const&, Credentials const&, StringView old_path, StringView new_path, CustodyBase const& base); ErrorOr unlink(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base); ErrorOr symlink(VFSRootContext const&, Credentials const&, StringView target, StringView linkpath, CustodyBase const& base); ErrorOr rmdir(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base); ErrorOr chmod(VFSRootContext const&, Credentials const&, StringView path, mode_t, CustodyBase const& base, int options = 0); ErrorOr chmod(Credentials const&, Custody&, mode_t); ErrorOr chown(VFSRootContext const&, Credentials const&, StringView path, UserID, GroupID, CustodyBase const& base, int options); ErrorOr chown(Credentials const&, Custody&, UserID, GroupID); ErrorOr access(VFSRootContext const&, Credentials const&, StringView path, int mode, CustodyBase const& base, AccessFlags); ErrorOr lookup_metadata(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base, int options = 0); ErrorOr utime(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base, time_t atime, time_t mtime); ErrorOr utimensat(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base, timespec const& atime, timespec const& mtime, int options = 0); ErrorOr do_utimens(Credentials const&, Custody& custody, timespec const& atime, timespec const& mtime); ErrorOr rename(VFSRootContext const&, Credentials const&, CustodyBase const& old_base, StringView oldpath, CustodyBase const& new_base, StringView newpath); ErrorOr mknod(VFSRootContext const&, Credentials const&, StringView path, mode_t, dev_t, CustodyBase const& base); ErrorOr> open_directory(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base); ErrorOr for_each_mount(VFSRootContext& context, Function(Mount const&)>) const; void sync_filesystems(); void lock_all_filesystems(); static void sync(); ErrorOr> resolve_path(VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base, RefPtr* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0); ErrorOr> resolve_path(Process const&, VFSRootContext const&, Credentials const&, StringView path, CustodyBase const& base, RefPtr* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0); ErrorOr> resolve_path_without_veil(VFSRootContext const&, Credentials const&, StringView path, NonnullRefPtr base, RefPtr* out_parent = nullptr, int options = 0, int symlink_recursion_level = 0); private: friend class OpenFileDescription; UnveilNode const& find_matching_unveiled_path(Process const&, StringView path); ErrorOr validate_path_against_process_veil(Process const&, StringView path, int options); ErrorOr validate_path_against_process_veil(Process const& process, Custody const& custody, int options); ErrorOr validate_path_against_process_veil(Custody const& path, int options); ErrorOr validate_path_against_process_veil(StringView path, int options); static void delete_mount_from_list(Mount& mount); ErrorOr remove_mount(Mount& mount, IntrusiveList<&FileBackedFileSystem::m_file_backed_file_system_node>& file_backed_fs_list); static ErrorOr> create_and_initialize_filesystem_from_mount_file(MountFile& mount_file); static ErrorOr> create_and_initialize_filesystem_from_mount_file_and_description(IntrusiveList<&FileBackedFileSystem::m_file_backed_file_system_node>& file_backed_fs_list, MountFile& mount_file, OpenFileDescription& source_description); static ErrorOr verify_mount_file_and_description_requirements(MountFile& mount_file, OpenFileDescription& source_description); ErrorOr traverse_directory_inode(Inode&, Function(FileSystem::DirectoryEntryView const&)>); ErrorOr apply_to_mount_for_host_custody(VFSRootContext&, Custody const& current_custody, Function); // NOTE: The FileBackedFileSystem list is protected by a mutex because we need to scan it // to search for existing filesystems for already used block devices and therefore when doing // that we could fail to find a filesystem so we need to create a new filesystem which might // need to do disk access (i.e. taking Mutexes in other places) and then register that new filesystem // in this list, to avoid TOCTOU bugs. MutexProtected> m_file_backed_file_systems_list {}; SpinlockProtected, LockRank::FileSystem> m_file_systems_list {}; SpinlockProtected, LockRank::FileSystem> m_root_contexts {}; }; }