enable docker ppp

hc

2023-12-09 95099d4622f8cb224d94e314c7a8e0df60b13f87

 kernel/fs/fuse/inode.c
..
..
@@ -15,7 +15,8 @@
15
15
 #include <linux/init.h>
16
16
 #include <linux/module.h>
17
17
 #include <linux/moduleparam.h>
18
-#include <linux/parser.h>
18
+#include <linux/fs_context.h>
19
+#include <linux/fs_parser.h>
19
20
 #include <linux/statfs.h>
20
21
 #include <linux/random.h>
21
22
 #include <linux/sched.h>
..
..
@@ -26,6 +27,7 @@
26
27
 MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>");
27
28
 MODULE_DESCRIPTION("Filesystem in Userspace");
28
29
 MODULE_LICENSE("GPL");
30
+MODULE_IMPORT_NS(ANDROID_GKI_VFS_EXPORT_ONLY);
29
31
 
30
32
 static struct kmem_cache *fuse_inode_cachep;
31
33
 struct list_head fuse_conn_list;
..
..
@@ -59,89 +61,93 @@
59
61
 /** Congestion starts at 75% of maximum */
60
62
 #define FUSE_DEFAULT_CONGESTION_THRESHOLD (FUSE_DEFAULT_MAX_BACKGROUND * 3 / 4)
61
63
 
62
-struct fuse_mount_data {
63
-	int fd;
64
-	unsigned rootmode;
65
-	kuid_t user_id;
66
-	kgid_t group_id;
67
-	unsigned fd_present:1;
68
-	unsigned rootmode_present:1;
69
-	unsigned user_id_present:1;
70
-	unsigned group_id_present:1;
71
-	unsigned default_permissions:1;
72
-	unsigned allow_other:1;
73
-	unsigned max_read;
74
-	unsigned blksize;
75
-};
64
+#ifdef CONFIG_BLOCK
65
+static struct file_system_type fuseblk_fs_type;
66
+#endif
76
67
 
77
68
 struct fuse_forget_link *fuse_alloc_forget(void)
78
69
 {
79
-	return kzalloc(sizeof(struct fuse_forget_link), GFP_KERNEL);
70
+	return kzalloc(sizeof(struct fuse_forget_link), GFP_KERNEL_ACCOUNT);
80
71
 }
81
72
 
82
73
 static struct inode *fuse_alloc_inode(struct super_block *sb)
83
74
 {
84
-	struct inode *inode;
85
75
 	struct fuse_inode *fi;
86
76
 
87
-	inode = kmem_cache_alloc(fuse_inode_cachep, GFP_KERNEL);
88
-	if (!inode)
77
+	fi = kmem_cache_alloc(fuse_inode_cachep, GFP_KERNEL);
78
+	if (!fi)
89
79
 		return NULL;
90
80
 
91
-	fi = get_fuse_inode(inode);
92
81
 	fi->i_time = 0;
82
+	fi->inval_mask = 0;
93
83
 	fi->nodeid = 0;
94
84
 	fi->nlookup = 0;
95
85
 	fi->attr_version = 0;
96
-	fi->writectr = 0;
97
86
 	fi->orig_ino = 0;
98
87
 	fi->state = 0;
99
-	INIT_LIST_HEAD(&fi->write_files);
100
-	INIT_LIST_HEAD(&fi->queued_writes);
101
-	INIT_LIST_HEAD(&fi->writepages);
102
-	init_waitqueue_head(&fi->page_waitq);
103
88
 	mutex_init(&fi->mutex);
89
+	init_rwsem(&fi->i_mmap_sem);
90
+	spin_lock_init(&fi->lock);
104
91
 	fi->forget = fuse_alloc_forget();
105
-	if (!fi->forget) {
106
-		kmem_cache_free(fuse_inode_cachep, inode);
107
-		return NULL;
108
-	}
92
+	if (!fi->forget)
93
+		goto out_free;
109
94
 
110
-	return inode;
95
+	if (IS_ENABLED(CONFIG_FUSE_DAX) && !fuse_dax_inode_alloc(sb, fi))
96
+		goto out_free_forget;
97
+
98
+	return &fi->inode;
99
+
100
+out_free_forget:
101
+	kfree(fi->forget);
102
+out_free:
103
+	kmem_cache_free(fuse_inode_cachep, fi);
104
+	return NULL;
111
105
 }
112
106
 
113
-static void fuse_i_callback(struct rcu_head *head)
114
-{
115
-	struct inode *inode = container_of(head, struct inode, i_rcu);
116
-	kmem_cache_free(fuse_inode_cachep, inode);
117
-}
118
-
119
-static void fuse_destroy_inode(struct inode *inode)
107
+static void fuse_free_inode(struct inode *inode)
120
108
 {
121
109
 	struct fuse_inode *fi = get_fuse_inode(inode);
122
-	BUG_ON(!list_empty(&fi->write_files));
123
-	BUG_ON(!list_empty(&fi->queued_writes));
110
+
124
111
 	mutex_destroy(&fi->mutex);
125
112
 	kfree(fi->forget);
126
-	call_rcu(&inode->i_rcu, fuse_i_callback);
113
+#ifdef CONFIG_FUSE_DAX
114
+	kfree(fi->dax);
115
+#endif
116
+	kmem_cache_free(fuse_inode_cachep, fi);
127
117
 }
128
118
 
129
119
 static void fuse_evict_inode(struct inode *inode)
130
120
 {
121
+	struct fuse_inode *fi = get_fuse_inode(inode);
122
+
123
+	/* Will write inode on close/munmap and in all other dirtiers */
124
+	WARN_ON(inode->i_state & I_DIRTY_INODE);
125
+
131
126
 	truncate_inode_pages_final(&inode->i_data);
132
127
 	clear_inode(inode);
133
128
 	if (inode->i_sb->s_flags & SB_ACTIVE) {
134
129
 		struct fuse_conn *fc = get_fuse_conn(inode);
135
-		struct fuse_inode *fi = get_fuse_inode(inode);
136
-		fuse_queue_forget(fc, fi->forget, fi->nodeid, fi->nlookup);
137
-		fi->forget = NULL;
130
+
131
+		if (FUSE_IS_DAX(inode))
132
+			fuse_dax_inode_cleanup(inode);
133
+		if (fi->nlookup) {
134
+			fuse_queue_forget(fc, fi->forget, fi->nodeid,
135
+					  fi->nlookup);
136
+			fi->forget = NULL;
137
+		}
138
+	}
139
+	if (S_ISREG(inode->i_mode) && !fuse_is_bad(inode)) {
140
+		WARN_ON(!list_empty(&fi->write_files));
141
+		WARN_ON(!list_empty(&fi->queued_writes));
138
142
 	}
139
143
 }
140
144
 
141
-static int fuse_remount_fs(struct super_block *sb, int *flags, char *data)
145
+static int fuse_reconfigure(struct fs_context *fc)
142
146
 {
147
+	struct super_block *sb = fc->root->d_sb;
148
+
143
149
 	sync_filesystem(sb);
144
-	if (*flags & SB_MANDLOCK)
150
+	if (fc->sb_flags & SB_MANDLOCK)
145
151
 		return -EINVAL;
146
152
 
147
153
 	return 0;
..
..
@@ -165,8 +171,11 @@
165
171
 	struct fuse_conn *fc = get_fuse_conn(inode);
166
172
 	struct fuse_inode *fi = get_fuse_inode(inode);
167
173
 
168
-	fi->attr_version = ++fc->attr_version;
174
+	lockdep_assert_held(&fi->lock);
175
+
176
+	fi->attr_version = atomic64_inc_return(&fc->attr_version);
169
177
 	fi->i_time = attr_valid;
178
+	WRITE_ONCE(fi->inval_mask, 0);
170
179
 
171
180
 	inode->i_ino     = fuse_squash_ino(attr->ino);
172
181
 	inode->i_mode    = (inode->i_mode & S_IFMT) | (attr->mode & 07777);
..
..
@@ -174,6 +183,12 @@
174
183
 	inode->i_uid     = make_kuid(fc->user_ns, attr->uid);
175
184
 	inode->i_gid     = make_kgid(fc->user_ns, attr->gid);
176
185
 	inode->i_blocks  = attr->blocks;
186
+
187
+	/* Sanitize nsecs */
188
+	attr->atimensec = min_t(u32, attr->atimensec, NSEC_PER_SEC - 1);
189
+	attr->mtimensec = min_t(u32, attr->mtimensec, NSEC_PER_SEC - 1);
190
+	attr->ctimensec = min_t(u32, attr->ctimensec, NSEC_PER_SEC - 1);
191
+
177
192
 	inode->i_atime.tv_sec   = attr->atime;
178
193
 	inode->i_atime.tv_nsec  = attr->atimensec;
179
194
 	/* mtime from server may be stale due to local buffered write */
..
..
@@ -210,10 +225,10 @@
210
225
 	loff_t oldsize;
211
226
 	struct timespec64 old_mtime;
212
227
 
213
-	spin_lock(&fc->lock);
228
+	spin_lock(&fi->lock);
214
229
 	if ((attr_version != 0 && fi->attr_version > attr_version) ||
215
230
 	    test_bit(FUSE_I_SIZE_UNSTABLE, &fi->state)) {
216
-		spin_unlock(&fc->lock);
231
+		spin_unlock(&fi->lock);
217
232
 		return;
218
233
 	}
219
234
 
..
..
@@ -228,14 +243,15 @@
228
243
 	 */
229
244
 	if (!is_wb || !S_ISREG(inode->i_mode))
230
245
 		i_size_write(inode, attr->size);
231
-	spin_unlock(&fc->lock);
246
+	spin_unlock(&fi->lock);
232
247
 
233
248
 	if (!is_wb && S_ISREG(inode->i_mode)) {
234
249
 		bool inval = false;
235
250
 
236
251
 		if (oldsize != attr->size) {
237
252
 			truncate_pagecache(inode, attr->size);
238
-			inval = true;
253
+			if (!fc->explicit_inval_data)
254
+				inval = true;
239
255
 		} else if (fc->auto_inval_data) {
240
256
 			struct timespec64 new_mtime = {
241
257
 				.tv_sec = attr->mtime,
..
..
@@ -279,7 +295,7 @@
279
295
 		BUG();
280
296
 }
281
297
 
282
-int fuse_inode_eq(struct inode *inode, void *_nodeidp)
298
+static int fuse_inode_eq(struct inode *inode, void *_nodeidp)
283
299
 {
284
300
 	u64 nodeid = *(u64 *) _nodeidp;
285
301
 	if (get_node_id(inode) == nodeid)
..
..
@@ -303,7 +319,26 @@
303
319
 	struct fuse_inode *fi;
304
320
 	struct fuse_conn *fc = get_fuse_conn_super(sb);
305
321
 
306
- retry:
322
+	/*
323
+	 * Auto mount points get their node id from the submount root, which is
324
+	 * not a unique identifier within this filesystem.
325
+	 *
326
+	 * To avoid conflicts, do not place submount points into the inode hash
327
+	 * table.
328
+	 */
329
+	if (fc->auto_submounts && (attr->flags & FUSE_ATTR_SUBMOUNT) &&
330
+	    S_ISDIR(attr->mode)) {
331
+		inode = new_inode(sb);
332
+		if (!inode)
333
+			return NULL;
334
+
335
+		fuse_init_inode(inode, attr);
336
+		get_fuse_inode(inode)->nodeid = nodeid;
337
+		inode->i_flags |= S_AUTOMOUNT;
338
+		goto done;
339
+	}
340
+
341
+retry:
307
342
 	inode = iget5_locked(sb, nodeid, fuse_inode_eq, fuse_inode_set, &nodeid);
308
343
 	if (!inode)
309
344
 		return NULL;
..
..
@@ -315,32 +350,60 @@
315
350
 		inode->i_generation = generation;
316
351
 		fuse_init_inode(inode, attr);
317
352
 		unlock_new_inode(inode);
318
-	} else if ((inode->i_mode ^ attr->mode) & S_IFMT) {
319
-		/* Inode has changed type, any I/O on the old should fail */
353
+	} else if (fuse_stale_inode(inode, generation, attr)) {
354
+		/* nodeid was reused, any I/O on the old inode should fail */
320
355
 		fuse_make_bad(inode);
321
356
 		iput(inode);
322
357
 		goto retry;
323
358
 	}
324
-
359
+done:
325
360
 	fi = get_fuse_inode(inode);
326
-	spin_lock(&fc->lock);
361
+	spin_lock(&fi->lock);
327
362
 	fi->nlookup++;
328
-	spin_unlock(&fc->lock);
363
+	spin_unlock(&fi->lock);
329
364
 	fuse_change_attributes(inode, attr, attr_valid, attr_version);
330
365
 
331
366
 	return inode;
332
367
 }
333
368
 
334
-int fuse_reverse_inval_inode(struct super_block *sb, u64 nodeid,
369
+struct inode *fuse_ilookup(struct fuse_conn *fc, u64 nodeid,
370
+			   struct fuse_mount **fm)
371
+{
372
+	struct fuse_mount *fm_iter;
373
+	struct inode *inode;
374
+
375
+	WARN_ON(!rwsem_is_locked(&fc->killsb));
376
+	list_for_each_entry(fm_iter, &fc->mounts, fc_entry) {
377
+		if (!fm_iter->sb)
378
+			continue;
379
+
380
+		inode = ilookup5(fm_iter->sb, nodeid, fuse_inode_eq, &nodeid);
381
+		if (inode) {
382
+			if (fm)
383
+				*fm = fm_iter;
384
+			return inode;
385
+		}
386
+	}
387
+
388
+	return NULL;
389
+}
390
+
391
+int fuse_reverse_inval_inode(struct fuse_conn *fc, u64 nodeid,
335
392
 			     loff_t offset, loff_t len)
336
393
 {
394
+	struct fuse_inode *fi;
337
395
 	struct inode *inode;
338
396
 	pgoff_t pg_start;
339
397
 	pgoff_t pg_end;
340
398
 
341
-	inode = ilookup5(sb, nodeid, fuse_inode_eq, &nodeid);
399
+	inode = fuse_ilookup(fc, nodeid, NULL);
342
400
 	if (!inode)
343
401
 		return -ENOENT;
402
+
403
+	fi = get_fuse_inode(inode);
404
+	spin_lock(&fi->lock);
405
+	fi->attr_version = atomic64_inc_return(&fc->attr_version);
406
+	spin_unlock(&fi->lock);
344
407
 
345
408
 	fuse_invalidate_attr(inode);
346
409
 	forget_all_cached_acls(inode);
..
..
@@ -377,32 +440,29 @@
377
440
 
378
441
 static void fuse_umount_begin(struct super_block *sb)
379
442
 {
380
-	fuse_abort_conn(get_fuse_conn_super(sb), false);
443
+	struct fuse_conn *fc = get_fuse_conn_super(sb);
444
+
445
+	if (!fc->no_force_umount)
446
+		fuse_abort_conn(fc);
381
447
 }
382
448
 
383
-static void fuse_send_destroy(struct fuse_conn *fc)
449
+static void fuse_send_destroy(struct fuse_mount *fm)
384
450
 {
385
-	struct fuse_req *req = fc->destroy_req;
386
-	if (req && fc->conn_init) {
387
-		fc->destroy_req = NULL;
388
-		req->in.h.opcode = FUSE_DESTROY;
389
-		__set_bit(FR_FORCE, &req->flags);
390
-		__clear_bit(FR_BACKGROUND, &req->flags);
391
-		fuse_request_send(fc, req);
392
-		fuse_put_request(fc, req);
451
+	if (fm->fc->conn_init) {
452
+		FUSE_ARGS(args);
453
+
454
+		args.opcode = FUSE_DESTROY;
455
+		args.force = true;
456
+		args.nocreds = true;
457
+		fuse_simple_request(fm, &args);
393
458
 	}
394
459
 }
395
460
 
396
461
 static void fuse_put_super(struct super_block *sb)
397
462
 {
398
-	struct fuse_conn *fc = get_fuse_conn_super(sb);
463
+	struct fuse_mount *fm = get_fuse_mount_super(sb);
399
464
 
400
-	mutex_lock(&fuse_mutex);
401
-	list_del(&fc->entry);
402
-	fuse_ctl_remove_conn(fc);
403
-	mutex_unlock(&fuse_mutex);
404
-
405
-	fuse_conn_put(fc);
465
+	fuse_mount_put(fm);
406
466
 }
407
467
 
408
468
 static void convert_fuse_statfs(struct kstatfs *stbuf, struct fuse_kstatfs *attr)
..
..
@@ -422,30 +482,32 @@
422
482
 static int fuse_statfs(struct dentry *dentry, struct kstatfs *buf)
423
483
 {
424
484
 	struct super_block *sb = dentry->d_sb;
425
-	struct fuse_conn *fc = get_fuse_conn_super(sb);
485
+	struct fuse_mount *fm = get_fuse_mount_super(sb);
426
486
 	FUSE_ARGS(args);
427
487
 	struct fuse_statfs_out outarg;
428
488
 	int err;
429
489
 
430
-	if (!fuse_allow_current_process(fc)) {
490
+	if (!fuse_allow_current_process(fm->fc)) {
431
491
 		buf->f_type = FUSE_SUPER_MAGIC;
432
492
 		return 0;
433
493
 	}
434
494
 
435
495
 	memset(&outarg, 0, sizeof(outarg));
436
-	args.in.numargs = 0;
437
-	args.in.h.opcode = FUSE_STATFS;
438
-	args.in.h.nodeid = get_node_id(d_inode(dentry));
439
-	args.out.numargs = 1;
440
-	args.out.args[0].size = sizeof(outarg);
441
-	args.out.args[0].value = &outarg;
442
-	err = fuse_simple_request(fc, &args);
496
+	args.in_numargs = 0;
497
+	args.opcode = FUSE_STATFS;
498
+	args.nodeid = get_node_id(d_inode(dentry));
499
+	args.out_numargs = 1;
500
+	args.out_args[0].size = sizeof(outarg);
501
+	args.out_args[0].value = &outarg;
502
+	err = fuse_simple_request(fm, &args);
443
503
 	if (!err)
444
504
 		convert_fuse_statfs(buf, &outarg.st);
445
505
 	return err;
446
506
 }
447
507
 
448
508
 enum {
509
+	OPT_SOURCE,
510
+	OPT_SUBTYPE,
449
511
 	OPT_FD,
450
512
 	OPT_ROOTMODE,
451
513
 	OPT_USER_ID,
..
..
@@ -457,111 +519,115 @@
457
519
 	OPT_ERR
458
520
 };
459
521
 
460
-static const match_table_t tokens = {
461
-	{OPT_FD,			"fd=%u"},
462
-	{OPT_ROOTMODE,			"rootmode=%o"},
463
-	{OPT_USER_ID,			"user_id=%u"},
464
-	{OPT_GROUP_ID,			"group_id=%u"},
465
-	{OPT_DEFAULT_PERMISSIONS,	"default_permissions"},
466
-	{OPT_ALLOW_OTHER,		"allow_other"},
467
-	{OPT_MAX_READ,			"max_read=%u"},
468
-	{OPT_BLKSIZE,			"blksize=%u"},
469
-	{OPT_ERR,			NULL}
522
+static const struct fs_parameter_spec fuse_fs_parameters[] = {
523
+	fsparam_string	("source",		OPT_SOURCE),
524
+	fsparam_u32	("fd",			OPT_FD),
525
+	fsparam_u32oct	("rootmode",		OPT_ROOTMODE),
526
+	fsparam_u32	("user_id",		OPT_USER_ID),
527
+	fsparam_u32	("group_id",		OPT_GROUP_ID),
528
+	fsparam_flag	("default_permissions",	OPT_DEFAULT_PERMISSIONS),
529
+	fsparam_flag	("allow_other",		OPT_ALLOW_OTHER),
530
+	fsparam_u32	("max_read",		OPT_MAX_READ),
531
+	fsparam_u32	("blksize",		OPT_BLKSIZE),
532
+	fsparam_string	("subtype",		OPT_SUBTYPE),
533
+	{}
470
534
 };
471
535
 
472
-static int fuse_match_uint(substring_t *s, unsigned int *res)
536
+static int fuse_parse_param(struct fs_context *fc, struct fs_parameter *param)
473
537
 {
474
-	int err = -ENOMEM;
475
-	char *buf = match_strdup(s);
476
-	if (buf) {
477
-		err = kstrtouint(buf, 10, res);
478
-		kfree(buf);
479
-	}
480
-	return err;
481
-}
538
+	struct fs_parse_result result;
539
+	struct fuse_fs_context *ctx = fc->fs_private;
540
+	int opt;
482
541
 
483
-static int parse_fuse_opt(char *opt, struct fuse_mount_data *d, int is_bdev,
484
-			  struct user_namespace *user_ns)
485
-{
486
-	char *p;
487
-	memset(d, 0, sizeof(struct fuse_mount_data));
488
-	d->max_read = ~0;
489
-	d->blksize = FUSE_DEFAULT_BLKSIZE;
490
-
491
-	while ((p = strsep(&opt, ",")) != NULL) {
492
-		int token;
493
-		int value;
494
-		unsigned uv;
495
-		substring_t args[MAX_OPT_ARGS];
496
-		if (!*p)
497
-			continue;
498
-
499
-		token = match_token(p, tokens, args);
500
-		switch (token) {
501
-		case OPT_FD:
502
-			if (match_int(&args[0], &value))
503
-				return 0;
504
-			d->fd = value;
505
-			d->fd_present = 1;
506
-			break;
507
-
508
-		case OPT_ROOTMODE:
509
-			if (match_octal(&args[0], &value))
510
-				return 0;
511
-			if (!fuse_valid_type(value))
512
-				return 0;
513
-			d->rootmode = value;
514
-			d->rootmode_present = 1;
515
-			break;
516
-
517
-		case OPT_USER_ID:
518
-			if (fuse_match_uint(&args[0], &uv))
519
-				return 0;
520
-			d->user_id = make_kuid(user_ns, uv);
521
-			if (!uid_valid(d->user_id))
522
-				return 0;
523
-			d->user_id_present = 1;
524
-			break;
525
-
526
-		case OPT_GROUP_ID:
527
-			if (fuse_match_uint(&args[0], &uv))
528
-				return 0;
529
-			d->group_id = make_kgid(user_ns, uv);
530
-			if (!gid_valid(d->group_id))
531
-				return 0;
532
-			d->group_id_present = 1;
533
-			break;
534
-
535
-		case OPT_DEFAULT_PERMISSIONS:
536
-			d->default_permissions = 1;
537
-			break;
538
-
539
-		case OPT_ALLOW_OTHER:
540
-			d->allow_other = 1;
541
-			break;
542
-
543
-		case OPT_MAX_READ:
544
-			if (match_int(&args[0], &value))
545
-				return 0;
546
-			d->max_read = value;
547
-			break;
548
-
549
-		case OPT_BLKSIZE:
550
-			if (!is_bdev || match_int(&args[0], &value))
551
-				return 0;
552
-			d->blksize = value;
553
-			break;
554
-
555
-		default:
542
+	if (fc->purpose == FS_CONTEXT_FOR_RECONFIGURE) {
543
+		/*
544
+		 * Ignore options coming from mount(MS_REMOUNT) for backward
545
+		 * compatibility.
546
+		 */
547
+		if (fc->oldapi)
556
548
 			return 0;
557
-		}
549
+
550
+		return invalfc(fc, "No changes allowed in reconfigure");
558
551
 	}
559
552
 
560
-	if (!d->fd_present || !d->rootmode_present ||
561
-	    !d->user_id_present || !d->group_id_present)
553
+	opt = fs_parse(fc, fuse_fs_parameters, param, &result);
554
+	if (opt < 0)
555
+		return opt;
556
+
557
+	switch (opt) {
558
+	case OPT_SOURCE:
559
+		if (fc->source)
560
+			return invalfc(fc, "Multiple sources specified");
561
+		fc->source = param->string;
562
+		param->string = NULL;
563
+		break;
564
+
565
+	case OPT_SUBTYPE:
566
+		if (ctx->subtype)
567
+			return invalfc(fc, "Multiple subtypes specified");
568
+		ctx->subtype = param->string;
569
+		param->string = NULL;
562
570
 		return 0;
563
571
 
564
-	return 1;
572
+	case OPT_FD:
573
+		ctx->fd = result.uint_32;
574
+		ctx->fd_present = true;
575
+		break;
576
+
577
+	case OPT_ROOTMODE:
578
+		if (!fuse_valid_type(result.uint_32))
579
+			return invalfc(fc, "Invalid rootmode");
580
+		ctx->rootmode = result.uint_32;
581
+		ctx->rootmode_present = true;
582
+		break;
583
+
584
+	case OPT_USER_ID:
585
+		ctx->user_id = make_kuid(fc->user_ns, result.uint_32);
586
+		if (!uid_valid(ctx->user_id))
587
+			return invalfc(fc, "Invalid user_id");
588
+		ctx->user_id_present = true;
589
+		break;
590
+
591
+	case OPT_GROUP_ID:
592
+		ctx->group_id = make_kgid(fc->user_ns, result.uint_32);
593
+		if (!gid_valid(ctx->group_id))
594
+			return invalfc(fc, "Invalid group_id");
595
+		ctx->group_id_present = true;
596
+		break;
597
+
598
+	case OPT_DEFAULT_PERMISSIONS:
599
+		ctx->default_permissions = true;
600
+		break;
601
+
602
+	case OPT_ALLOW_OTHER:
603
+		ctx->allow_other = true;
604
+		break;
605
+
606
+	case OPT_MAX_READ:
607
+		ctx->max_read = result.uint_32;
608
+		break;
609
+
610
+	case OPT_BLKSIZE:
611
+		if (!ctx->is_bdev)
612
+			return invalfc(fc, "blksize only supported for fuseblk");
613
+		ctx->blksize = result.uint_32;
614
+		break;
615
+
616
+	default:
617
+		return -EINVAL;
618
+	}
619
+
620
+	return 0;
621
+}
622
+
623
+static void fuse_free_fc(struct fs_context *fc)
624
+{
625
+	struct fuse_fs_context *ctx = fc->fs_private;
626
+
627
+	if (ctx) {
628
+		kfree(ctx->subtype);
629
+		kfree(ctx);
630
+	}
565
631
 }
566
632
 
567
633
 static int fuse_show_options(struct seq_file *m, struct dentry *root)
..
..
@@ -569,20 +635,31 @@
569
635
 	struct super_block *sb = root->d_sb;
570
636
 	struct fuse_conn *fc = get_fuse_conn_super(sb);
571
637
 
572
-	seq_printf(m, ",user_id=%u", from_kuid_munged(fc->user_ns, fc->user_id));
573
-	seq_printf(m, ",group_id=%u", from_kgid_munged(fc->user_ns, fc->group_id));
574
-	if (fc->default_permissions)
575
-		seq_puts(m, ",default_permissions");
576
-	if (fc->allow_other)
577
-		seq_puts(m, ",allow_other");
578
-	if (fc->max_read != ~0)
579
-		seq_printf(m, ",max_read=%u", fc->max_read);
580
-	if (sb->s_bdev && sb->s_blocksize != FUSE_DEFAULT_BLKSIZE)
581
-		seq_printf(m, ",blksize=%lu", sb->s_blocksize);
638
+	if (fc->legacy_opts_show) {
639
+		seq_printf(m, ",user_id=%u",
640
+			   from_kuid_munged(fc->user_ns, fc->user_id));
641
+		seq_printf(m, ",group_id=%u",
642
+			   from_kgid_munged(fc->user_ns, fc->group_id));
643
+		if (fc->default_permissions)
644
+			seq_puts(m, ",default_permissions");
645
+		if (fc->allow_other)
646
+			seq_puts(m, ",allow_other");
647
+		if (fc->max_read != ~0)
648
+			seq_printf(m, ",max_read=%u", fc->max_read);
649
+		if (sb->s_bdev && sb->s_blocksize != FUSE_DEFAULT_BLKSIZE)
650
+			seq_printf(m, ",blksize=%lu", sb->s_blocksize);
651
+	}
652
+#ifdef CONFIG_FUSE_DAX
653
+	if (fc->dax)
654
+		seq_puts(m, ",dax");
655
+#endif
656
+
582
657
 	return 0;
583
658
 }
584
659
 
585
-static void fuse_iqueue_init(struct fuse_iqueue *fiq)
660
+static void fuse_iqueue_init(struct fuse_iqueue *fiq,
661
+			     const struct fuse_iqueue_ops *ops,
662
+			     void *priv)
586
663
 {
587
664
 	memset(fiq, 0, sizeof(struct fuse_iqueue));
588
665
 	spin_lock_init(&fiq->lock);
..
..
@@ -591,50 +668,68 @@
591
668
 	INIT_LIST_HEAD(&fiq->interrupts);
592
669
 	fiq->forget_list_tail = &fiq->forget_list_head;
593
670
 	fiq->connected = 1;
671
+	fiq->ops = ops;
672
+	fiq->priv = priv;
594
673
 }
595
674
 
596
675
 static void fuse_pqueue_init(struct fuse_pqueue *fpq)
597
676
 {
598
-	memset(fpq, 0, sizeof(struct fuse_pqueue));
677
+	unsigned int i;
678
+
599
679
 	spin_lock_init(&fpq->lock);
600
-	INIT_LIST_HEAD(&fpq->processing);
680
+	for (i = 0; i < FUSE_PQ_HASH_SIZE; i++)
681
+		INIT_LIST_HEAD(&fpq->processing[i]);
601
682
 	INIT_LIST_HEAD(&fpq->io);
602
683
 	fpq->connected = 1;
603
684
 }
604
685
 
605
-void fuse_conn_init(struct fuse_conn *fc, struct user_namespace *user_ns)
686
+void fuse_conn_init(struct fuse_conn *fc, struct fuse_mount *fm,
687
+		    struct user_namespace *user_ns,
688
+		    const struct fuse_iqueue_ops *fiq_ops, void *fiq_priv)
606
689
 {
607
690
 	memset(fc, 0, sizeof(*fc));
608
691
 	spin_lock_init(&fc->lock);
692
+	spin_lock_init(&fc->bg_lock);
693
+	spin_lock_init(&fc->passthrough_req_lock);
609
694
 	init_rwsem(&fc->killsb);
610
695
 	refcount_set(&fc->count, 1);
611
696
 	atomic_set(&fc->dev_count, 1);
612
697
 	init_waitqueue_head(&fc->blocked_waitq);
613
-	init_waitqueue_head(&fc->reserved_req_waitq);
614
-	fuse_iqueue_init(&fc->iq);
698
+	fuse_iqueue_init(&fc->iq, fiq_ops, fiq_priv);
615
699
 	INIT_LIST_HEAD(&fc->bg_queue);
616
700
 	INIT_LIST_HEAD(&fc->entry);
617
701
 	INIT_LIST_HEAD(&fc->devices);
702
+	idr_init(&fc->passthrough_req);
618
703
 	atomic_set(&fc->num_waiting, 0);
619
704
 	fc->max_background = FUSE_DEFAULT_MAX_BACKGROUND;
620
705
 	fc->congestion_threshold = FUSE_DEFAULT_CONGESTION_THRESHOLD;
621
-	fc->khctr = 0;
706
+	atomic64_set(&fc->khctr, 0);
622
707
 	fc->polled_files = RB_ROOT;
623
708
 	fc->blocked = 0;
624
709
 	fc->initialized = 0;
625
710
 	fc->connected = 1;
626
-	fc->attr_version = 1;
711
+	atomic64_set(&fc->attr_version, 1);
627
712
 	get_random_bytes(&fc->scramble_key, sizeof(fc->scramble_key));
628
713
 	fc->pid_ns = get_pid_ns(task_active_pid_ns(current));
629
714
 	fc->user_ns = get_user_ns(user_ns);
715
+	fc->max_pages = FUSE_DEFAULT_MAX_PAGES_PER_REQ;
716
+
717
+	INIT_LIST_HEAD(&fc->mounts);
718
+	list_add(&fm->fc_entry, &fc->mounts);
719
+	fm->fc = fc;
720
+	refcount_set(&fm->count, 1);
630
721
 }
631
722
 EXPORT_SYMBOL_GPL(fuse_conn_init);
632
723
 
633
724
 void fuse_conn_put(struct fuse_conn *fc)
634
725
 {
635
726
 	if (refcount_dec_and_test(&fc->count)) {
636
-		if (fc->destroy_req)
637
-			fuse_request_free(fc->destroy_req);
727
+		struct fuse_iqueue *fiq = &fc->iq;
728
+
729
+		if (IS_ENABLED(CONFIG_FUSE_DAX))
730
+			fuse_dax_conn_free(fc);
731
+		if (fiq->ops->release)
732
+			fiq->ops->release(fiq);
638
733
 		put_pid_ns(fc->pid_ns);
639
734
 		put_user_ns(fc->user_ns);
640
735
 		fc->release(fc);
..
..
@@ -648,6 +743,23 @@
648
743
 	return fc;
649
744
 }
650
745
 EXPORT_SYMBOL_GPL(fuse_conn_get);
746
+
747
+void fuse_mount_put(struct fuse_mount *fm)
748
+{
749
+	if (refcount_dec_and_test(&fm->count)) {
750
+		if (fm->fc)
751
+			fuse_conn_put(fm->fc);
752
+		kfree(fm);
753
+	}
754
+}
755
+EXPORT_SYMBOL_GPL(fuse_mount_put);
756
+
757
+struct fuse_mount *fuse_mount_get(struct fuse_mount *fm)
758
+{
759
+	refcount_inc(&fm->count);
760
+	return fm;
761
+}
762
+EXPORT_SYMBOL_GPL(fuse_mount_get);
651
763
 
652
764
 static struct inode *fuse_get_root_inode(struct super_block *sb, unsigned mode)
653
765
 {
..
..
@@ -809,11 +921,10 @@
809
921
 
810
922
 static const struct super_operations fuse_super_operations = {
811
923
 	.alloc_inode    = fuse_alloc_inode,
812
-	.destroy_inode  = fuse_destroy_inode,
924
+	.free_inode     = fuse_free_inode,
813
925
 	.evict_inode	= fuse_evict_inode,
814
926
 	.write_inode	= fuse_write_inode,
815
927
 	.drop_inode	= generic_delete_inode,
816
-	.remount_fs	= fuse_remount_fs,
817
928
 	.put_super	= fuse_put_super,
818
929
 	.umount_begin	= fuse_umount_begin,
819
930
 	.statfs		= fuse_statfs,
..
..
@@ -822,9 +933,12 @@
822
933
 
823
934
 static void sanitize_global_limit(unsigned *limit)
824
935
 {
936
+	/*
937
+	 * The default maximum number of async requests is calculated to consume
938
+	 * 1/2^13 of the total memory, assuming 392 bytes per request.
939
+	 */
825
940
 	if (*limit == 0)
826
-		*limit = ((totalram_pages << PAGE_SHIFT) >> 13) /
827
-			 sizeof(struct fuse_req);
941
+		*limit = ((totalram_pages() << PAGE_SHIFT) >> 13) / 392;
828
942
 
829
943
 	if (*limit >= 1 << 16)
830
944
 		*limit = (1 << 16) - 1;
..
..
@@ -853,6 +967,7 @@
853
967
 	sanitize_global_limit(&max_user_bgreq);
854
968
 	sanitize_global_limit(&max_user_congthresh);
855
969
 
970
+	spin_lock(&fc->bg_lock);
856
971
 	if (arg->max_background) {
857
972
 		fc->max_background = arg->max_background;
858
973
 
..
..
@@ -866,14 +981,25 @@
866
981
 		    fc->congestion_threshold > max_user_congthresh)
867
982
 			fc->congestion_threshold = max_user_congthresh;
868
983
 	}
984
+	spin_unlock(&fc->bg_lock);
869
985
 }
870
986
 
871
-static void process_init_reply(struct fuse_conn *fc, struct fuse_req *req)
872
-{
873
-	struct fuse_init_out *arg = &req->misc.init_out;
987
+struct fuse_init_args {
988
+	struct fuse_args args;
989
+	struct fuse_init_in in;
990
+	struct fuse_init_out out;
991
+};
874
992
 
875
-	if (req->out.h.error || arg->major != FUSE_KERNEL_VERSION)
876
-		fc->conn_error = 1;
993
+static void process_init_reply(struct fuse_mount *fm, struct fuse_args *args,
994
+			       int error)
995
+{
996
+	struct fuse_conn *fc = fm->fc;
997
+	struct fuse_init_args *ia = container_of(args, typeof(*ia), args);
998
+	struct fuse_init_out *arg = &ia->out;
999
+	bool ok = true;
1000
+
1001
+	if (error || arg->major != FUSE_KERNEL_VERSION)
1002
+		ok = false;
877
1003
 	else {
878
1004
 		unsigned long ra_pages;
879
1005
 
..
..
@@ -905,6 +1031,8 @@
905
1031
 				fc->dont_mask = 1;
906
1032
 			if (arg->flags & FUSE_AUTO_INVAL_DATA)
907
1033
 				fc->auto_inval_data = 1;
1034
+			else if (arg->flags & FUSE_EXPLICIT_INVAL_DATA)
1035
+				fc->explicit_inval_data = 1;
908
1036
 			if (arg->flags & FUSE_DO_READDIRPLUS) {
909
1037
 				fc->do_readdirplus = 1;
910
1038
 				if (arg->flags & FUSE_READDIRPLUS_AUTO)
..
..
@@ -919,66 +1047,121 @@
919
1047
 			if (arg->flags & FUSE_HANDLE_KILLPRIV)
920
1048
 				fc->handle_killpriv = 1;
921
1049
 			if (arg->time_gran && arg->time_gran <= 1000000000)
922
-				fc->sb->s_time_gran = arg->time_gran;
1050
+				fm->sb->s_time_gran = arg->time_gran;
923
1051
 			if ((arg->flags & FUSE_POSIX_ACL)) {
924
1052
 				fc->default_permissions = 1;
925
1053
 				fc->posix_acl = 1;
926
-				fc->sb->s_xattr = fuse_acl_xattr_handlers;
1054
+				fm->sb->s_xattr = fuse_acl_xattr_handlers;
927
1055
 			}
1056
+			if (arg->flags & FUSE_CACHE_SYMLINKS)
1057
+				fc->cache_symlinks = 1;
928
1058
 			if (arg->flags & FUSE_ABORT_ERROR)
929
1059
 				fc->abort_err = 1;
1060
+			if (arg->flags & FUSE_MAX_PAGES) {
1061
+				fc->max_pages =
1062
+					min_t(unsigned int, FUSE_MAX_MAX_PAGES,
1063
+					max_t(unsigned int, arg->max_pages, 1));
1064
+			}
1065
+			if (IS_ENABLED(CONFIG_FUSE_DAX) &&
1066
+			    arg->flags & FUSE_MAP_ALIGNMENT &&
1067
+			    !fuse_dax_check_alignment(fc, arg->map_alignment)) {
1068
+				ok = false;
1069
+			}
1070
+			if (arg->flags & FUSE_PASSTHROUGH) {
1071
+				fc->passthrough = 1;
1072
+				/* Prevent further stacking */
1073
+				fm->sb->s_stack_depth =
1074
+					FILESYSTEM_MAX_STACK_DEPTH;
1075
+			}
930
1076
 		} else {
931
1077
 			ra_pages = fc->max_read / PAGE_SIZE;
932
1078
 			fc->no_lock = 1;
933
1079
 			fc->no_flock = 1;
934
1080
 		}
935
1081
 
936
-		fc->sb->s_bdi->ra_pages =
937
-				min(fc->sb->s_bdi->ra_pages, ra_pages);
1082
+		fm->sb->s_bdi->ra_pages =
1083
+				min(fm->sb->s_bdi->ra_pages, ra_pages);
938
1084
 		fc->minor = arg->minor;
939
1085
 		fc->max_write = arg->minor < 5 ? 4096 : arg->max_write;
940
1086
 		fc->max_write = max_t(unsigned, 4096, fc->max_write);
941
1087
 		fc->conn_init = 1;
942
1088
 	}
1089
+	kfree(ia);
1090
+
1091
+	if (!ok) {
1092
+		fc->conn_init = 0;
1093
+		fc->conn_error = 1;
1094
+	}
1095
+
943
1096
 	fuse_set_initialized(fc);
944
1097
 	wake_up_all(&fc->blocked_waitq);
945
1098
 }
946
1099
 
947
-static void fuse_send_init(struct fuse_conn *fc, struct fuse_req *req)
1100
+void fuse_send_init(struct fuse_mount *fm)
948
1101
 {
949
-	struct fuse_init_in *arg = &req->misc.init_in;
1102
+	struct fuse_init_args *ia;
950
1103
 
951
-	arg->major = FUSE_KERNEL_VERSION;
952
-	arg->minor = FUSE_KERNEL_MINOR_VERSION;
953
-	arg->max_readahead = fc->sb->s_bdi->ra_pages * PAGE_SIZE;
954
-	arg->flags |= FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_ATOMIC_O_TRUNC |
1104
+	ia = kzalloc(sizeof(*ia), GFP_KERNEL | __GFP_NOFAIL);
1105
+
1106
+	ia->in.major = FUSE_KERNEL_VERSION;
1107
+	ia->in.minor = FUSE_KERNEL_MINOR_VERSION;
1108
+	ia->in.max_readahead = fm->sb->s_bdi->ra_pages * PAGE_SIZE;
1109
+	ia->in.flags |=
1110
+		FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_ATOMIC_O_TRUNC |
955
1111
 		FUSE_EXPORT_SUPPORT | FUSE_BIG_WRITES | FUSE_DONT_MASK |
956
1112
 		FUSE_SPLICE_WRITE | FUSE_SPLICE_MOVE | FUSE_SPLICE_READ |
957
1113
 		FUSE_FLOCK_LOCKS | FUSE_HAS_IOCTL_DIR | FUSE_AUTO_INVAL_DATA |
958
1114
 		FUSE_DO_READDIRPLUS | FUSE_READDIRPLUS_AUTO | FUSE_ASYNC_DIO |
959
1115
 		FUSE_WRITEBACK_CACHE | FUSE_NO_OPEN_SUPPORT |
960
1116
 		FUSE_PARALLEL_DIROPS | FUSE_HANDLE_KILLPRIV | FUSE_POSIX_ACL |
961
-		FUSE_ABORT_ERROR;
962
-	req->in.h.opcode = FUSE_INIT;
963
-	req->in.numargs = 1;
964
-	req->in.args[0].size = sizeof(*arg);
965
-	req->in.args[0].value = arg;
966
-	req->out.numargs = 1;
1117
+		FUSE_ABORT_ERROR | FUSE_MAX_PAGES | FUSE_CACHE_SYMLINKS |
1118
+		FUSE_NO_OPENDIR_SUPPORT | FUSE_EXPLICIT_INVAL_DATA |
1119
+		FUSE_PASSTHROUGH;
1120
+#ifdef CONFIG_FUSE_DAX
1121
+	if (fm->fc->dax)
1122
+		ia->in.flags |= FUSE_MAP_ALIGNMENT;
1123
+#endif
1124
+	if (fm->fc->auto_submounts)
1125
+		ia->in.flags |= FUSE_SUBMOUNTS;
1126
+
1127
+	ia->args.opcode = FUSE_INIT;
1128
+	ia->args.in_numargs = 1;
1129
+	ia->args.in_args[0].size = sizeof(ia->in);
1130
+	ia->args.in_args[0].value = &ia->in;
1131
+	ia->args.out_numargs = 1;
967
1132
 	/* Variable length argument used for backward compatibility
968
1133
 	   with interface version < 7.5.  Rest of init_out is zeroed
969
1134
 	   by do_get_request(), so a short reply is not a problem */
970
-	req->out.argvar = 1;
971
-	req->out.args[0].size = sizeof(struct fuse_init_out);
972
-	req->out.args[0].value = &req->misc.init_out;
973
-	req->end = process_init_reply;
974
-	fuse_request_send_background(fc, req);
1135
+	ia->args.out_argvar = true;
1136
+	ia->args.out_args[0].size = sizeof(ia->out);
1137
+	ia->args.out_args[0].value = &ia->out;
1138
+	ia->args.force = true;
1139
+	ia->args.nocreds = true;
1140
+	ia->args.end = process_init_reply;
1141
+
1142
+	if (fuse_simple_background(fm, &ia->args, GFP_KERNEL) != 0)
1143
+		process_init_reply(fm, &ia->args, -ENOTCONN);
1144
+}
1145
+EXPORT_SYMBOL_GPL(fuse_send_init);
1146
+
1147
+static int free_fuse_passthrough(int id, void *p, void *data)
1148
+{
1149
+	struct fuse_passthrough *passthrough = (struct fuse_passthrough *)p;
1150
+
1151
+	fuse_passthrough_release(passthrough);
1152
+	kfree(p);
1153
+
1154
+	return 0;
975
1155
 }
976
1156
 
977
-static void fuse_free_conn(struct fuse_conn *fc)
1157
+void fuse_free_conn(struct fuse_conn *fc)
978
1158
 {
979
1159
 	WARN_ON(!list_empty(&fc->devices));
1160
+	idr_for_each(&fc->passthrough_req, free_fuse_passthrough, NULL);
1161
+	idr_destroy(&fc->passthrough_req);
980
1162
 	kfree_rcu(fc, rcu);
981
1163
 }
1164
+EXPORT_SYMBOL_GPL(fuse_free_conn);
982
1165
 
983
1166
 static int fuse_bdi_init(struct fuse_conn *fc, struct super_block *sb)
984
1167
 {
..
..
@@ -999,9 +1182,9 @@
999
1182
 	if (err)
1000
1183
 		return err;
1001
1184
 
1002
-	sb->s_bdi->ra_pages = (VM_MAX_READAHEAD * 1024) / PAGE_SIZE;
1003
1185
 	/* fuse does it's own writeback accounting */
1004
-	sb->s_bdi->capabilities = BDI_CAP_NO_ACCT_WB | BDI_CAP_STRICTLIMIT;
1186
+	sb->s_bdi->capabilities &= ~BDI_CAP_WRITEBACK_ACCT;
1187
+	sb->s_bdi->capabilities |= BDI_CAP_STRICTLIMIT;
1005
1188
 
1006
1189
 	/*
1007
1190
 	 * For a single fuse filesystem use max 1% of dirty +
..
..
@@ -1020,23 +1203,49 @@
1020
1203
 	return 0;
1021
1204
 }
1022
1205
 
1023
-struct fuse_dev *fuse_dev_alloc(struct fuse_conn *fc)
1206
+struct fuse_dev *fuse_dev_alloc(void)
1024
1207
 {
1025
1208
 	struct fuse_dev *fud;
1209
+	struct list_head *pq;
1026
1210
 
1027
1211
 	fud = kzalloc(sizeof(struct fuse_dev), GFP_KERNEL);
1028
-	if (fud) {
1029
-		fud->fc = fuse_conn_get(fc);
1030
-		fuse_pqueue_init(&fud->pq);
1212
+	if (!fud)
1213
+		return NULL;
1031
1214
 
1032
-		spin_lock(&fc->lock);
1033
-		list_add_tail(&fud->entry, &fc->devices);
1034
-		spin_unlock(&fc->lock);
1215
+	pq = kcalloc(FUSE_PQ_HASH_SIZE, sizeof(struct list_head), GFP_KERNEL);
1216
+	if (!pq) {
1217
+		kfree(fud);
1218
+		return NULL;
1035
1219
 	}
1220
+
1221
+	fud->pq.processing = pq;
1222
+	fuse_pqueue_init(&fud->pq);
1036
1223
 
1037
1224
 	return fud;
1038
1225
 }
1039
1226
 EXPORT_SYMBOL_GPL(fuse_dev_alloc);
1227
+
1228
+void fuse_dev_install(struct fuse_dev *fud, struct fuse_conn *fc)
1229
+{
1230
+	fud->fc = fuse_conn_get(fc);
1231
+	spin_lock(&fc->lock);
1232
+	list_add_tail(&fud->entry, &fc->devices);
1233
+	spin_unlock(&fc->lock);
1234
+}
1235
+EXPORT_SYMBOL_GPL(fuse_dev_install);
1236
+
1237
+struct fuse_dev *fuse_dev_alloc_install(struct fuse_conn *fc)
1238
+{
1239
+	struct fuse_dev *fud;
1240
+
1241
+	fud = fuse_dev_alloc();
1242
+	if (!fud)
1243
+		return NULL;
1244
+
1245
+	fuse_dev_install(fud, fc);
1246
+	return fud;
1247
+}
1248
+EXPORT_SYMBOL_GPL(fuse_dev_alloc_install);
1040
1249
 
1041
1250
 void fuse_dev_free(struct fuse_dev *fud)
1042
1251
 {
..
..
@@ -1049,41 +1258,35 @@
1049
1258
 
1050
1259
 		fuse_conn_put(fc);
1051
1260
 	}
1261
+	kfree(fud->pq.processing);
1052
1262
 	kfree(fud);
1053
1263
 }
1054
1264
 EXPORT_SYMBOL_GPL(fuse_dev_free);
1055
1265
 
1056
-static int fuse_fill_super(struct super_block *sb, void *data, int silent)
1266
+static void fuse_fill_attr_from_inode(struct fuse_attr *attr,
1267
+				      const struct fuse_inode *fi)
1057
1268
 {
1058
-	struct fuse_dev *fud;
1059
-	struct fuse_conn *fc;
1060
-	struct inode *root;
1061
-	struct fuse_mount_data d;
1062
-	struct file *file;
1063
-	struct dentry *root_dentry;
1064
-	struct fuse_req *init_req;
1065
-	int err;
1066
-	int is_bdev = sb->s_bdev != NULL;
1269
+	*attr = (struct fuse_attr){
1270
+		.ino		= fi->inode.i_ino,
1271
+		.size		= fi->inode.i_size,
1272
+		.blocks		= fi->inode.i_blocks,
1273
+		.atime		= fi->inode.i_atime.tv_sec,
1274
+		.mtime		= fi->inode.i_mtime.tv_sec,
1275
+		.ctime		= fi->inode.i_ctime.tv_sec,
1276
+		.atimensec	= fi->inode.i_atime.tv_nsec,
1277
+		.mtimensec	= fi->inode.i_mtime.tv_nsec,
1278
+		.ctimensec	= fi->inode.i_ctime.tv_nsec,
1279
+		.mode		= fi->inode.i_mode,
1280
+		.nlink		= fi->inode.i_nlink,
1281
+		.uid		= fi->inode.i_uid.val,
1282
+		.gid		= fi->inode.i_gid.val,
1283
+		.rdev		= fi->inode.i_rdev,
1284
+		.blksize	= 1u << fi->inode.i_blkbits,
1285
+	};
1286
+}
1067
1287
 
1068
-	err = -EINVAL;
1069
-	if (sb->s_flags & SB_MANDLOCK)
1070
-		goto err;
1071
-
1072
-	sb->s_flags &= ~(SB_NOSEC | SB_I_VERSION);
1073
-
1074
-	if (!parse_fuse_opt(data, &d, is_bdev, sb->s_user_ns))
1075
-		goto err;
1076
-
1077
-	if (is_bdev) {
1078
-#ifdef CONFIG_BLOCK
1079
-		err = -EINVAL;
1080
-		if (!sb_set_blocksize(sb, d.blksize))
1081
-			goto err;
1082
-#endif
1083
-	} else {
1084
-		sb->s_blocksize = PAGE_SIZE;
1085
-		sb->s_blocksize_bits = PAGE_SHIFT;
1086
-	}
1288
+static void fuse_sb_defaults(struct super_block *sb)
1289
+{
1087
1290
 	sb->s_magic = FUSE_SUPER_MAGIC;
1088
1291
 	sb->s_op = &fuse_super_operations;
1089
1292
 	sb->s_xattr = fuse_xattr_handlers;
..
..
@@ -1093,19 +1296,7 @@
1093
1296
 	sb->s_iflags |= SB_I_IMA_UNVERIFIABLE_SIGNATURE;
1094
1297
 	if (sb->s_user_ns != &init_user_ns)
1095
1298
 		sb->s_iflags |= SB_I_UNTRUSTED_MOUNTER;
1096
-
1097
-	file = fget(d.fd);
1098
-	err = -EINVAL;
1099
-	if (!file)
1100
-		goto err;
1101
-
1102
-	/*
1103
-	 * Require mount to happen from the same user namespace which
1104
-	 * opened /dev/fuse to prevent potential attacks.
1105
-	 */
1106
-	if (file->f_op != &fuse_dev_operations ||
1107
-	    file->f_cred->user_ns != sb->s_user_ns)
1108
-		goto err_fput;
1299
+	sb->s_flags &= ~(SB_NOSEC | SB_I_VERSION);
1109
1300
 
1110
1301
 	/*
1111
1302
 	 * If we are not in the initial user namespace posix
..
..
@@ -1113,21 +1304,89 @@
1113
1304
 	 */
1114
1305
 	if (sb->s_user_ns != &init_user_ns)
1115
1306
 		sb->s_xattr = fuse_no_acl_xattr_handlers;
1307
+}
1116
1308
 
1117
-	fc = kmalloc(sizeof(*fc), GFP_KERNEL);
1118
-	err = -ENOMEM;
1119
-	if (!fc)
1120
-		goto err_fput;
1309
+int fuse_fill_super_submount(struct super_block *sb,
1310
+			     struct fuse_inode *parent_fi)
1311
+{
1312
+	struct fuse_mount *fm = get_fuse_mount_super(sb);
1313
+	struct super_block *parent_sb = parent_fi->inode.i_sb;
1314
+	struct fuse_attr root_attr;
1315
+	struct inode *root;
1121
1316
 
1122
-	fuse_conn_init(fc, sb->s_user_ns);
1123
-	fc->release = fuse_free_conn;
1317
+	fuse_sb_defaults(sb);
1318
+	fm->sb = sb;
1124
1319
 
1125
-	fud = fuse_dev_alloc(fc);
1126
-	if (!fud)
1127
-		goto err_put_conn;
1320
+	WARN_ON(sb->s_bdi != &noop_backing_dev_info);
1321
+	sb->s_bdi = bdi_get(parent_sb->s_bdi);
1322
+
1323
+	sb->s_xattr = parent_sb->s_xattr;
1324
+	sb->s_time_gran = parent_sb->s_time_gran;
1325
+	sb->s_blocksize = parent_sb->s_blocksize;
1326
+	sb->s_blocksize_bits = parent_sb->s_blocksize_bits;
1327
+	sb->s_subtype = kstrdup(parent_sb->s_subtype, GFP_KERNEL);
1328
+	if (parent_sb->s_subtype && !sb->s_subtype)
1329
+		return -ENOMEM;
1330
+
1331
+	fuse_fill_attr_from_inode(&root_attr, parent_fi);
1332
+	root = fuse_iget(sb, parent_fi->nodeid, 0, &root_attr, 0, 0);
1333
+	/*
1334
+	 * This inode is just a duplicate, so it is not looked up and
1335
+	 * its nlookup should not be incremented.  fuse_iget() does
1336
+	 * that, though, so undo it here.
1337
+	 */
1338
+	get_fuse_inode(root)->nlookup--;
1339
+	sb->s_d_op = &fuse_dentry_operations;
1340
+	sb->s_root = d_make_root(root);
1341
+	if (!sb->s_root)
1342
+		return -ENOMEM;
1343
+
1344
+	return 0;
1345
+}
1346
+
1347
+int fuse_fill_super_common(struct super_block *sb, struct fuse_fs_context *ctx)
1348
+{
1349
+	struct fuse_dev *fud = NULL;
1350
+	struct fuse_mount *fm = get_fuse_mount_super(sb);
1351
+	struct fuse_conn *fc = fm->fc;
1352
+	struct inode *root;
1353
+	struct dentry *root_dentry;
1354
+	int err;
1355
+
1356
+	err = -EINVAL;
1357
+	if (sb->s_flags & SB_MANDLOCK)
1358
+		goto err;
1359
+
1360
+	fuse_sb_defaults(sb);
1361
+
1362
+	if (ctx->is_bdev) {
1363
+#ifdef CONFIG_BLOCK
1364
+		err = -EINVAL;
1365
+		if (!sb_set_blocksize(sb, ctx->blksize))
1366
+			goto err;
1367
+#endif
1368
+	} else {
1369
+		sb->s_blocksize = PAGE_SIZE;
1370
+		sb->s_blocksize_bits = PAGE_SHIFT;
1371
+	}
1372
+
1373
+	sb->s_subtype = ctx->subtype;
1374
+	ctx->subtype = NULL;
1375
+	if (IS_ENABLED(CONFIG_FUSE_DAX)) {
1376
+		err = fuse_dax_conn_alloc(fc, ctx->dax_dev);
1377
+		if (err)
1378
+			goto err;
1379
+	}
1380
+
1381
+	if (ctx->fudptr) {
1382
+		err = -ENOMEM;
1383
+		fud = fuse_dev_alloc_install(fc);
1384
+		if (!fud)
1385
+			goto err_free_dax;
1386
+	}
1128
1387
 
1129
1388
 	fc->dev = sb->s_dev;
1130
-	fc->sb = sb;
1389
+	fm->sb = sb;
1131
1390
 	err = fuse_bdi_init(fc, sb);
1132
1391
 	if (err)
1133
1392
 		goto err_dev_free;
..
..
@@ -1137,17 +1396,18 @@
1137
1396
 		fc->dont_mask = 1;
1138
1397
 	sb->s_flags |= SB_POSIXACL;
1139
1398
 
1140
-	fc->default_permissions = d.default_permissions;
1141
-	fc->allow_other = d.allow_other;
1142
-	fc->user_id = d.user_id;
1143
-	fc->group_id = d.group_id;
1144
-	fc->max_read = max_t(unsigned, 4096, d.max_read);
1145
-
1146
-	/* Used by get_root_inode() */
1147
-	sb->s_fs_info = fc;
1399
+	fc->default_permissions = ctx->default_permissions;
1400
+	fc->allow_other = ctx->allow_other;
1401
+	fc->user_id = ctx->user_id;
1402
+	fc->group_id = ctx->group_id;
1403
+	fc->legacy_opts_show = ctx->legacy_opts_show;
1404
+	fc->max_read = max_t(unsigned int, 4096, ctx->max_read);
1405
+	fc->destroy = ctx->destroy;
1406
+	fc->no_control = ctx->no_control;
1407
+	fc->no_force_umount = ctx->no_force_umount;
1148
1408
 
1149
1409
 	err = -ENOMEM;
1150
-	root = fuse_get_root_inode(sb, d.rootmode);
1410
+	root = fuse_get_root_inode(sb, ctx->rootmode);
1151
1411
 	sb->s_d_op = &fuse_root_dentry_operations;
1152
1412
 	root_dentry = d_make_root(root);
1153
1413
 	if (!root_dentry)
..
..
@@ -1155,20 +1415,9 @@
1155
1415
 	/* Root dentry doesn't have .d_revalidate */
1156
1416
 	sb->s_d_op = &fuse_dentry_operations;
1157
1417
 
1158
-	init_req = fuse_request_alloc(0);
1159
-	if (!init_req)
1160
-		goto err_put_root;
1161
-	__set_bit(FR_BACKGROUND, &init_req->flags);
1162
-
1163
-	if (is_bdev) {
1164
-		fc->destroy_req = fuse_request_alloc(0);
1165
-		if (!fc->destroy_req)
1166
-			goto err_free_init_req;
1167
-	}
1168
-
1169
1418
 	mutex_lock(&fuse_mutex);
1170
1419
 	err = -EINVAL;
1171
-	if (file->private_data)
1420
+	if (ctx->fudptr && *ctx->fudptr)
1172
1421
 		goto err_unlock;
1173
1422
 
1174
1423
 	err = fuse_ctl_add_conn(fc);
..
..
@@ -1177,29 +1426,77 @@
1177
1426
 
1178
1427
 	list_add_tail(&fc->entry, &fuse_conn_list);
1179
1428
 	sb->s_root = root_dentry;
1180
-	file->private_data = fud;
1429
+	if (ctx->fudptr)
1430
+		*ctx->fudptr = fud;
1181
1431
 	mutex_unlock(&fuse_mutex);
1432
+	return 0;
1433
+
1434
+ err_unlock:
1435
+	mutex_unlock(&fuse_mutex);
1436
+	dput(root_dentry);
1437
+ err_dev_free:
1438
+	if (fud)
1439
+		fuse_dev_free(fud);
1440
+ err_free_dax:
1441
+	if (IS_ENABLED(CONFIG_FUSE_DAX))
1442
+		fuse_dax_conn_free(fc);
1443
+ err:
1444
+	return err;
1445
+}
1446
+EXPORT_SYMBOL_GPL(fuse_fill_super_common);
1447
+
1448
+static int fuse_fill_super(struct super_block *sb, struct fs_context *fsc)
1449
+{
1450
+	struct fuse_fs_context *ctx = fsc->fs_private;
1451
+	struct file *file;
1452
+	int err;
1453
+	struct fuse_conn *fc;
1454
+	struct fuse_mount *fm;
1455
+
1456
+	err = -EINVAL;
1457
+	file = fget(ctx->fd);
1458
+	if (!file)
1459
+		goto err;
1460
+
1461
+	/*
1462
+	 * Require mount to happen from the same user namespace which
1463
+	 * opened /dev/fuse to prevent potential attacks.
1464
+	 */
1465
+	if ((file->f_op != &fuse_dev_operations) ||
1466
+	    (file->f_cred->user_ns != sb->s_user_ns))
1467
+		goto err_fput;
1468
+	ctx->fudptr = &file->private_data;
1469
+
1470
+	fc = kmalloc(sizeof(*fc), GFP_KERNEL);
1471
+	err = -ENOMEM;
1472
+	if (!fc)
1473
+		goto err_fput;
1474
+
1475
+	fm = kzalloc(sizeof(*fm), GFP_KERNEL);
1476
+	if (!fm) {
1477
+		kfree(fc);
1478
+		goto err_fput;
1479
+	}
1480
+
1481
+	fuse_conn_init(fc, fm, sb->s_user_ns, &fuse_dev_fiq_ops, NULL);
1482
+	fc->release = fuse_free_conn;
1483
+
1484
+	sb->s_fs_info = fm;
1485
+
1486
+	err = fuse_fill_super_common(sb, ctx);
1487
+	if (err)
1488
+		goto err_put_conn;
1182
1489
 	/*
1183
1490
 	 * atomic_dec_and_test() in fput() provides the necessary
1184
1491
 	 * memory barrier for file->private_data to be visible on all
1185
1492
 	 * CPUs after this
1186
1493
 	 */
1187
1494
 	fput(file);
1188
-
1189
-	fuse_send_init(fc, init_req);
1190
-
1495
+	fuse_send_init(get_fuse_mount_super(sb));
1191
1496
 	return 0;
1192
1497
 
1193
- err_unlock:
1194
-	mutex_unlock(&fuse_mutex);
1195
- err_free_init_req:
1196
-	fuse_request_free(init_req);
1197
- err_put_root:
1198
-	dput(root_dentry);
1199
- err_dev_free:
1200
-	fuse_dev_free(fud);
1201
1498
  err_put_conn:
1202
-	fuse_conn_put(fc);
1499
+	fuse_mount_put(fm);
1203
1500
 	sb->s_fs_info = NULL;
1204
1501
  err_fput:
1205
1502
 	fput(file);
..
..
@@ -1207,32 +1504,100 @@
1207
1504
 	return err;
1208
1505
 }
1209
1506
 
1210
-static struct dentry *fuse_mount(struct file_system_type *fs_type,
1211
-		       int flags, const char *dev_name,
1212
-		       void *raw_data)
1507
+static int fuse_get_tree(struct fs_context *fc)
1213
1508
 {
1214
-	return mount_nodev(fs_type, flags, raw_data, fuse_fill_super);
1509
+	struct fuse_fs_context *ctx = fc->fs_private;
1510
+
1511
+	if (!ctx->fd_present || !ctx->rootmode_present ||
1512
+	    !ctx->user_id_present || !ctx->group_id_present)
1513
+		return -EINVAL;
1514
+
1515
+#ifdef CONFIG_BLOCK
1516
+	if (ctx->is_bdev)
1517
+		return get_tree_bdev(fc, fuse_fill_super);
1518
+#endif
1519
+
1520
+	return get_tree_nodev(fc, fuse_fill_super);
1215
1521
 }
1216
1522
 
1217
-static void fuse_sb_destroy(struct super_block *sb)
1523
+static const struct fs_context_operations fuse_context_ops = {
1524
+	.free		= fuse_free_fc,
1525
+	.parse_param	= fuse_parse_param,
1526
+	.reconfigure	= fuse_reconfigure,
1527
+	.get_tree	= fuse_get_tree,
1528
+};
1529
+
1530
+/*
1531
+ * Set up the filesystem mount context.
1532
+ */
1533
+static int fuse_init_fs_context(struct fs_context *fc)
1218
1534
 {
1219
-	struct fuse_conn *fc = get_fuse_conn_super(sb);
1535
+	struct fuse_fs_context *ctx;
1220
1536
 
1221
-	if (fc) {
1222
-		fuse_send_destroy(fc);
1537
+	ctx = kzalloc(sizeof(struct fuse_fs_context), GFP_KERNEL);
1538
+	if (!ctx)
1539
+		return -ENOMEM;
1223
1540
 
1224
-		fuse_abort_conn(fc, false);
1225
-		fuse_wait_aborted(fc);
1541
+	ctx->max_read = ~0;
1542
+	ctx->blksize = FUSE_DEFAULT_BLKSIZE;
1543
+	ctx->legacy_opts_show = true;
1226
1544
 
1227
-		down_write(&fc->killsb);
1228
-		fc->sb = NULL;
1229
-		up_write(&fc->killsb);
1545
+#ifdef CONFIG_BLOCK
1546
+	if (fc->fs_type == &fuseblk_fs_type) {
1547
+		ctx->is_bdev = true;
1548
+		ctx->destroy = true;
1549
+	}
1550
+#endif
1551
+
1552
+	fc->fs_private = ctx;
1553
+	fc->ops = &fuse_context_ops;
1554
+	return 0;
1555
+}
1556
+
1557
+bool fuse_mount_remove(struct fuse_mount *fm)
1558
+{
1559
+	struct fuse_conn *fc = fm->fc;
1560
+	bool last = false;
1561
+
1562
+	down_write(&fc->killsb);
1563
+	list_del_init(&fm->fc_entry);
1564
+	if (list_empty(&fc->mounts))
1565
+		last = true;
1566
+	up_write(&fc->killsb);
1567
+
1568
+	return last;
1569
+}
1570
+EXPORT_SYMBOL_GPL(fuse_mount_remove);
1571
+
1572
+void fuse_conn_destroy(struct fuse_mount *fm)
1573
+{
1574
+	struct fuse_conn *fc = fm->fc;
1575
+
1576
+	if (fc->destroy)
1577
+		fuse_send_destroy(fm);
1578
+
1579
+	fuse_abort_conn(fc);
1580
+	fuse_wait_aborted(fc);
1581
+
1582
+	if (!list_empty(&fc->entry)) {
1583
+		mutex_lock(&fuse_mutex);
1584
+		list_del(&fc->entry);
1585
+		fuse_ctl_remove_conn(fc);
1586
+		mutex_unlock(&fuse_mutex);
1230
1587
 	}
1231
1588
 }
1589
+EXPORT_SYMBOL_GPL(fuse_conn_destroy);
1232
1590
 
1233
1591
 static void fuse_kill_sb_anon(struct super_block *sb)
1234
1592
 {
1235
-	fuse_sb_destroy(sb);
1593
+	struct fuse_mount *fm = get_fuse_mount_super(sb);
1594
+	bool last;
1595
+
1596
+	if (fm) {
1597
+		last = fuse_mount_remove(fm);
1598
+		if (last)
1599
+			fuse_conn_destroy(fm);
1600
+	}
1236
1601
 	kill_anon_super(sb);
1237
1602
 }
1238
1603
 
..
..
@@ -1240,29 +1605,31 @@
1240
1605
 	.owner		= THIS_MODULE,
1241
1606
 	.name		= "fuse",
1242
1607
 	.fs_flags	= FS_HAS_SUBTYPE | FS_USERNS_MOUNT,
1243
-	.mount		= fuse_mount,
1608
+	.init_fs_context = fuse_init_fs_context,
1609
+	.parameters	= fuse_fs_parameters,
1244
1610
 	.kill_sb	= fuse_kill_sb_anon,
1245
1611
 };
1246
1612
 MODULE_ALIAS_FS("fuse");
1247
1613
 
1248
1614
 #ifdef CONFIG_BLOCK
1249
-static struct dentry *fuse_mount_blk(struct file_system_type *fs_type,
1250
-			   int flags, const char *dev_name,
1251
-			   void *raw_data)
1252
-{
1253
-	return mount_bdev(fs_type, flags, dev_name, raw_data, fuse_fill_super);
1254
-}
1255
-
1256
1615
 static void fuse_kill_sb_blk(struct super_block *sb)
1257
1616
 {
1258
-	fuse_sb_destroy(sb);
1617
+	struct fuse_mount *fm = get_fuse_mount_super(sb);
1618
+	bool last;
1619
+
1620
+	if (fm) {
1621
+		last = fuse_mount_remove(fm);
1622
+		if (last)
1623
+			fuse_conn_destroy(fm);
1624
+	}
1259
1625
 	kill_block_super(sb);
1260
1626
 }
1261
1627
 
1262
1628
 static struct file_system_type fuseblk_fs_type = {
1263
1629
 	.owner		= THIS_MODULE,
1264
1630
 	.name		= "fuseblk",
1265
-	.mount		= fuse_mount_blk,
1631
+	.init_fs_context = fuse_init_fs_context,
1632
+	.parameters	= fuse_fs_parameters,
1266
1633
 	.kill_sb	= fuse_kill_sb_blk,
1267
1634
 	.fs_flags	= FS_REQUIRES_DEV | FS_HAS_SUBTYPE,
1268
1635
 };
..
..
@@ -1372,8 +1739,8 @@
1372
1739
 {
1373
1740
 	int res;
1374
1741
 
1375
-	printk(KERN_INFO "fuse init (API version %i.%i)\n",
1376
-	       FUSE_KERNEL_VERSION, FUSE_KERNEL_MINOR_VERSION);
1742
+	pr_info("init (API version %i.%i)\n",
1743
+		FUSE_KERNEL_VERSION, FUSE_KERNEL_MINOR_VERSION);
1377
1744
 
1378
1745
 	INIT_LIST_HEAD(&fuse_conn_list);
1379
1746
 	res = fuse_fs_init();
..
..
@@ -1409,7 +1776,7 @@
1409
1776
 
1410
1777
 static void __exit fuse_exit(void)
1411
1778
 {
1412
-	printk(KERN_DEBUG "fuse exit\n");
1779
+	pr_debug("exit\n");
1413
1780
 
1414
1781
 	fuse_ctl_cleanup();
1415
1782
 	fuse_sysfs_cleanup();