From 1e1bee0a18c41fab31728fb1cb9b32820bbc6e76 Mon Sep 17 00:00:00 2001 From: Daniel Rosenberg Date: Thu, 17 Feb 2022 16:10:58 -0800 Subject: [PATCH] ANDROID: fuse-bpf: Move bpf earlier in fuse_permission In the backing case, we initially want to call out to the fuse-bpf implementation, and only fall back to userspace if that requests it. Otherwise we end up making requests to userspace that the daemon may not be equiped to respond to. Change-Id: If3780aa8b7c45558717a9efba0b1781e8d63a3c0 Bug: 217570523 Test: generic/099 Signed-off-by: Daniel Rosenberg --- fs/fuse/dir.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index a6e0a3a27007..64b3b8a2718c 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1514,7 +1514,6 @@ static int fuse_perm_getattr(struct inode *inode, int mask) return -ECHILD; forget_all_cached_acls(inode); - /* TODO: BPF stuff here? But we have no dentry for path for vfs_getattr */ return fuse_do_getattr(inode, NULL, NULL); } @@ -1537,6 +1536,9 @@ static int fuse_permission(struct inode *inode, int mask) bool refreshed = false; int err = 0; struct fuse_inode *fi = get_fuse_inode(inode); +#ifdef CONFIG_FUSE_BPF + struct fuse_err_ret fer; +#endif if (fuse_is_bad(inode)) return -EIO; @@ -1544,6 +1546,14 @@ static int fuse_permission(struct inode *inode, int mask) if (!fuse_allow_current_process(fc)) return -EACCES; +#ifdef CONFIG_FUSE_BPF + fer = fuse_bpf_backing(inode, struct fuse_access_in, + fuse_access_initialize, fuse_access_backing, + fuse_access_finalize, inode, mask); + if (fer.ret) + return PTR_ERR(fer.result); +#endif + /* * If attributes are needed, refresh them before proceeding */ @@ -1588,10 +1598,6 @@ static int fuse_permission(struct inode *inode, int mask) if (!err && !(inode->i_mode & S_IXUGO)) return -EACCES; } -#ifdef CONFIG_FUSE_BPF - } else if (!(mask & MAY_NOT_BLOCK) && fi->backing_inode) { - err = fuse_access(inode, mask); -#endif } return err; }