2 * fs/sdcardfs/packagelist.c
4 * Copyright (c) 2013 Samsung Electronics Co. Ltd
5 * Authors: Daeho Jeong, Woojoong Lee, Seunghwan Hyun,
6 * Sunghwan Yun, Sungjong Seo
8 * This program has been developed as a stackable file system based on
9 * the WrapFS which written by
11 * Copyright (c) 1998-2011 Erez Zadok
12 * Copyright (c) 2009 Shrikar Archak
13 * Copyright (c) 2003-2011 Stony Brook University
14 * Copyright (c) 2003-2011 The Research Foundation of SUNY
16 * This file is dual licensed. It may be redistributed and/or modified
17 * under the terms of the Apache 2.0 License OR version 2 of the GNU
18 * General Public License.
22 #include <linux/hashtable.h>
23 #include <linux/delay.h>
26 #include <linux/init.h>
27 #include <linux/module.h>
28 #include <linux/slab.h>
30 #include <linux/configfs.h>
32 struct hashtable_entry {
33 struct hlist_node hlist;
38 static DEFINE_HASHTABLE(package_to_appid, 8);
40 static struct kmem_cache *hashtable_entry_cachep;
42 static unsigned int str_hash(const char *key) {
44 unsigned int h = strlen(key);
45 char *data = (char *)key;
47 for (i = 0; i < strlen(key); i++) {
54 appid_t get_appid(const char *app_name)
56 struct hashtable_entry *hash_cur;
57 unsigned int hash = str_hash(app_name);
61 hash_for_each_possible_rcu(package_to_appid, hash_cur, hlist, hash) {
62 if (!strcasecmp(app_name, hash_cur->key)) {
63 ret_id = atomic_read(&hash_cur->value);
72 /* Kernel has already enforced everything we returned through
73 * derive_permissions_locked(), so this is used to lock down access
74 * even further, such as enforcing that apps hold sdcard_rw. */
75 int check_caller_access_to_name(struct inode *parent_node, const char* name) {
77 /* Always block security-sensitive files at root */
78 if (parent_node && SDCARDFS_I(parent_node)->perm == PERM_ROOT) {
79 if (!strcasecmp(name, "autorun.inf")
80 || !strcasecmp(name, ".android_secure")
81 || !strcasecmp(name, "android_secure")) {
86 /* Root always has access; access for any other UIDs should always
87 * be controlled through packages.list. */
88 if (from_kuid(&init_user_ns, current_fsuid()) == 0) {
92 /* No extra permissions to enforce */
96 /* This function is used when file opening. The open flags must be
97 * checked before calling check_caller_access_to_name() */
98 int open_flags_to_access_mode(int open_flags) {
99 if((open_flags & O_ACCMODE) == O_RDONLY) {
101 } else if ((open_flags & O_ACCMODE) == O_WRONLY) {
104 /* Probably O_RDRW, but treat as default to be safe */
105 return 1; /* R_OK | W_OK */
109 static struct hashtable_entry *alloc_packagelist_entry(const char *key,
112 struct hashtable_entry *ret = kmem_cache_alloc(hashtable_entry_cachep,
117 ret->key = kstrdup(key, GFP_KERNEL);
119 kmem_cache_free(hashtable_entry_cachep, ret);
123 atomic_set(&ret->value, value);
127 static int insert_packagelist_entry_locked(const char *key, appid_t value)
129 struct hashtable_entry *hash_cur;
130 struct hashtable_entry *new_entry;
131 unsigned int hash = str_hash(key);
133 hash_for_each_possible_rcu(package_to_appid, hash_cur, hlist, hash) {
134 if (!strcasecmp(key, hash_cur->key)) {
135 atomic_set(&hash_cur->value, value);
139 new_entry = alloc_packagelist_entry(key, value);
142 hash_add_rcu(package_to_appid, &new_entry->hlist, hash);
146 static void fixup_perms(struct super_block *sb, const char *key) {
147 if (sb && sb->s_magic == SDCARDFS_SUPER_MAGIC) {
148 fixup_perms_recursive(sb->s_root, key, strlen(key));
152 static void fixup_all_perms(const char *key)
154 struct sdcardfs_sb_info *sbinfo;
155 list_for_each_entry(sbinfo, &sdcardfs_super_list, list)
157 fixup_perms(sbinfo->sb, key);
160 static int insert_packagelist_entry(const char *key, appid_t value)
164 mutex_lock(&sdcardfs_super_list_lock);
165 err = insert_packagelist_entry_locked(key, value);
167 fixup_all_perms(key);
168 mutex_unlock(&sdcardfs_super_list_lock);
173 static void free_packagelist_entry(struct hashtable_entry *entry)
176 hash_del_rcu(&entry->hlist);
177 kmem_cache_free(hashtable_entry_cachep, entry);
180 static void remove_packagelist_entry_locked(const char *key)
182 struct hashtable_entry *hash_cur;
183 unsigned int hash = str_hash(key);
185 hash_for_each_possible_rcu(package_to_appid, hash_cur, hlist, hash) {
186 if (!strcasecmp(key, hash_cur->key)) {
187 hash_del_rcu(&hash_cur->hlist);
189 free_packagelist_entry(hash_cur);
195 static void remove_packagelist_entry(const char *key)
197 mutex_lock(&sdcardfs_super_list_lock);
198 remove_packagelist_entry_locked(key);
199 fixup_all_perms(key);
200 mutex_unlock(&sdcardfs_super_list_lock);
204 static void packagelist_destroy(void)
206 struct hashtable_entry *hash_cur;
207 struct hlist_node *h_t;
208 HLIST_HEAD(free_list);
210 mutex_lock(&sdcardfs_super_list_lock);
211 hash_for_each_rcu(package_to_appid, i, hash_cur, hlist) {
212 hash_del_rcu(&hash_cur->hlist);
213 hlist_add_head(&hash_cur->hlist, &free_list);
217 hlist_for_each_entry_safe(hash_cur, h_t, &free_list, hlist)
218 free_packagelist_entry(hash_cur);
219 mutex_unlock(&sdcardfs_super_list_lock);
220 printk(KERN_INFO "sdcardfs: destroyed packagelist pkgld\n");
223 struct package_appid {
224 struct config_item item;
228 static inline struct package_appid *to_package_appid(struct config_item *item)
230 return item ? container_of(item, struct package_appid, item) : NULL;
233 static ssize_t package_appid_attr_show(struct config_item *item,
236 return scnprintf(page, PAGE_SIZE, "%u\n", get_appid(item->ci_name));
239 static ssize_t package_appid_attr_store(struct config_item *item,
240 const char *page, size_t count)
242 struct package_appid *package_appid = to_package_appid(item);
246 ret = kstrtouint(page, 10, &tmp);
250 ret = insert_packagelist_entry(item->ci_name, tmp);
251 package_appid->add_pid = tmp;
258 static struct configfs_attribute package_appid_attr_add_pid = {
259 .ca_owner = THIS_MODULE,
261 .ca_mode = S_IRUGO | S_IWUGO,
262 .show = package_appid_attr_show,
263 .store = package_appid_attr_store,
266 static struct configfs_attribute *package_appid_attrs[] = {
267 &package_appid_attr_add_pid,
271 static void package_appid_release(struct config_item *item)
273 printk(KERN_INFO "sdcardfs: removing %s\n", item->ci_dentry->d_name.name);
274 /* item->ci_name is freed already, so we rely on the dentry */
275 remove_packagelist_entry(item->ci_dentry->d_name.name);
276 kfree(to_package_appid(item));
279 static struct configfs_item_operations package_appid_item_ops = {
280 .release = package_appid_release,
283 static struct config_item_type package_appid_type = {
284 .ct_item_ops = &package_appid_item_ops,
285 .ct_attrs = package_appid_attrs,
286 .ct_owner = THIS_MODULE,
290 struct sdcardfs_packages {
291 struct config_group group;
294 static inline struct sdcardfs_packages *to_sdcardfs_packages(struct config_item *item)
296 return item ? container_of(to_config_group(item), struct sdcardfs_packages, group) : NULL;
299 static struct config_item *sdcardfs_packages_make_item(struct config_group *group, const char *name)
301 struct package_appid *package_appid;
303 package_appid = kzalloc(sizeof(struct package_appid), GFP_KERNEL);
305 return ERR_PTR(-ENOMEM);
307 config_item_init_type_name(&package_appid->item, name,
308 &package_appid_type);
310 package_appid->add_pid = 0;
312 return &package_appid->item;
315 static ssize_t packages_attr_show(struct config_item *item,
318 struct hashtable_entry *hash_cur;
320 int count = 0, written = 0;
321 const char errormsg[] = "<truncated>\n";
324 hash_for_each_rcu(package_to_appid, i, hash_cur, hlist) {
325 written = scnprintf(page + count, PAGE_SIZE - sizeof(errormsg) - count, "%s %d\n",
326 (const char *)hash_cur->key, atomic_read(&hash_cur->value));
327 if (count + written == PAGE_SIZE - sizeof(errormsg)) {
328 count += scnprintf(page + count, PAGE_SIZE - count, errormsg);
338 static struct configfs_attribute sdcardfs_packages_attr_description = {
339 .ca_owner = THIS_MODULE,
340 .ca_name = "packages_gid.list",
342 .show = packages_attr_show,
345 static struct configfs_attribute *sdcardfs_packages_attrs[] = {
346 &sdcardfs_packages_attr_description,
350 static void sdcardfs_packages_release(struct config_item *item)
353 printk(KERN_INFO "sdcardfs: destroyed something?\n");
354 kfree(to_sdcardfs_packages(item));
357 static struct configfs_item_operations sdcardfs_packages_item_ops = {
358 .release = sdcardfs_packages_release,
362 * Note that, since no extra work is required on ->drop_item(),
363 * no ->drop_item() is provided.
365 static struct configfs_group_operations sdcardfs_packages_group_ops = {
366 .make_item = sdcardfs_packages_make_item,
369 static struct config_item_type sdcardfs_packages_type = {
370 .ct_item_ops = &sdcardfs_packages_item_ops,
371 .ct_group_ops = &sdcardfs_packages_group_ops,
372 .ct_attrs = sdcardfs_packages_attrs,
373 .ct_owner = THIS_MODULE,
376 static struct configfs_subsystem sdcardfs_packages_subsys = {
379 .ci_namebuf = "sdcardfs",
380 .ci_type = &sdcardfs_packages_type,
385 static int configfs_sdcardfs_init(void)
388 struct configfs_subsystem *subsys = &sdcardfs_packages_subsys;
390 config_group_init(&subsys->su_group);
391 mutex_init(&subsys->su_mutex);
392 ret = configfs_register_subsystem(subsys);
394 printk(KERN_ERR "Error %d while registering subsystem %s\n",
396 subsys->su_group.cg_item.ci_namebuf);
401 static void configfs_sdcardfs_exit(void)
403 configfs_unregister_subsystem(&sdcardfs_packages_subsys);
406 int packagelist_init(void)
408 hashtable_entry_cachep =
409 kmem_cache_create("packagelist_hashtable_entry",
410 sizeof(struct hashtable_entry), 0, 0, NULL);
411 if (!hashtable_entry_cachep) {
412 printk(KERN_ERR "sdcardfs: failed creating pkgl_hashtable entry slab cache\n");
416 configfs_sdcardfs_init();
420 void packagelist_exit(void)
422 configfs_sdcardfs_exit();
423 packagelist_destroy();
424 if (hashtable_entry_cachep)
425 kmem_cache_destroy(hashtable_entry_cachep);