1 /* 2 * 3 * Copyright (C) 2011 Novell Inc. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 as published by 7 * the Free Software Foundation. 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/namei.h> 12 #include <linux/xattr.h> 13 #include <linux/security.h> 14 #include <linux/cred.h> 15 #include <linux/module.h> 16 #include <linux/posix_acl.h> 17 #include <linux/posix_acl_xattr.h> 18 #include <linux/atomic.h> 19 #include <linux/ratelimit.h> 20 #include "overlayfs.h" 21 22 static unsigned short ovl_redirect_max = 256; 23 module_param_named(redirect_max, ovl_redirect_max, ushort, 0644); 24 MODULE_PARM_DESC(ovl_redirect_max, 25 "Maximum length of absolute redirect xattr value"); 26 27 int ovl_cleanup(struct inode *wdir, struct dentry *wdentry) 28 { 29 int err; 30 31 dget(wdentry); 32 if (d_is_dir(wdentry)) 33 err = ovl_do_rmdir(wdir, wdentry); 34 else 35 err = ovl_do_unlink(wdir, wdentry); 36 dput(wdentry); 37 38 if (err) { 39 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n", 40 wdentry, err); 41 } 42 43 return err; 44 } 45 46 static struct dentry *ovl_lookup_temp(struct dentry *workdir) 47 { 48 struct dentry *temp; 49 char name[20]; 50 static atomic_t temp_id = ATOMIC_INIT(0); 51 52 /* counter is allowed to wrap, since temp dentries are ephemeral */ 53 snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id)); 54 55 temp = lookup_one_len(name, workdir, strlen(name)); 56 if (!IS_ERR(temp) && temp->d_inode) { 57 pr_err("overlayfs: workdir/%s already exists\n", name); 58 dput(temp); 59 temp = ERR_PTR(-EIO); 60 } 61 62 return temp; 63 } 64 65 /* caller holds i_mutex on workdir */ 66 static struct dentry *ovl_whiteout(struct dentry *workdir) 67 { 68 int err; 69 struct dentry *whiteout; 70 struct inode *wdir = workdir->d_inode; 71 72 whiteout = ovl_lookup_temp(workdir); 73 if (IS_ERR(whiteout)) 74 return whiteout; 75 76 err = ovl_do_whiteout(wdir, whiteout); 77 if (err) { 78 dput(whiteout); 79 whiteout = ERR_PTR(err); 80 } 81 82 return whiteout; 83 } 84 85 /* Caller must hold i_mutex on both workdir and dir */ 86 int ovl_cleanup_and_whiteout(struct dentry *workdir, struct inode *dir, 87 struct dentry *dentry) 88 { 89 struct inode *wdir = workdir->d_inode; 90 struct dentry *whiteout; 91 int err; 92 int flags = 0; 93 94 whiteout = ovl_whiteout(workdir); 95 err = PTR_ERR(whiteout); 96 if (IS_ERR(whiteout)) 97 return err; 98 99 if (d_is_dir(dentry)) 100 flags = RENAME_EXCHANGE; 101 102 err = ovl_do_rename(wdir, whiteout, dir, dentry, flags); 103 if (err) 104 goto kill_whiteout; 105 if (flags) 106 ovl_cleanup(wdir, dentry); 107 108 out: 109 dput(whiteout); 110 return err; 111 112 kill_whiteout: 113 ovl_cleanup(wdir, whiteout); 114 goto out; 115 } 116 117 static int ovl_mkdir_real(struct inode *dir, struct dentry **newdentry, 118 umode_t mode) 119 { 120 int err; 121 struct dentry *d, *dentry = *newdentry; 122 123 err = ovl_do_mkdir(dir, dentry, mode); 124 if (err) 125 return err; 126 127 if (likely(!d_unhashed(dentry))) 128 return 0; 129 130 /* 131 * vfs_mkdir() may succeed and leave the dentry passed 132 * to it unhashed and negative. If that happens, try to 133 * lookup a new hashed and positive dentry. 134 */ 135 d = lookup_one_len(dentry->d_name.name, dentry->d_parent, 136 dentry->d_name.len); 137 if (IS_ERR(d)) { 138 pr_warn("overlayfs: failed lookup after mkdir (%pd2, err=%i).\n", 139 dentry, err); 140 return PTR_ERR(d); 141 } 142 dput(dentry); 143 *newdentry = d; 144 145 return 0; 146 } 147 148 struct dentry *ovl_create_real(struct inode *dir, struct dentry *newdentry, 149 struct ovl_cattr *attr) 150 { 151 int err; 152 153 if (IS_ERR(newdentry)) 154 return newdentry; 155 156 err = -ESTALE; 157 if (newdentry->d_inode) 158 goto out; 159 160 if (attr->hardlink) { 161 err = ovl_do_link(attr->hardlink, dir, newdentry); 162 } else { 163 switch (attr->mode & S_IFMT) { 164 case S_IFREG: 165 err = ovl_do_create(dir, newdentry, attr->mode); 166 break; 167 168 case S_IFDIR: 169 /* mkdir is special... */ 170 err = ovl_mkdir_real(dir, &newdentry, attr->mode); 171 break; 172 173 case S_IFCHR: 174 case S_IFBLK: 175 case S_IFIFO: 176 case S_IFSOCK: 177 err = ovl_do_mknod(dir, newdentry, attr->mode, 178 attr->rdev); 179 break; 180 181 case S_IFLNK: 182 err = ovl_do_symlink(dir, newdentry, attr->link); 183 break; 184 185 default: 186 err = -EPERM; 187 } 188 } 189 if (!err && WARN_ON(!newdentry->d_inode)) { 190 /* 191 * Not quite sure if non-instantiated dentry is legal or not. 192 * VFS doesn't seem to care so check and warn here. 193 */ 194 err = -EIO; 195 } 196 out: 197 if (err) { 198 dput(newdentry); 199 return ERR_PTR(err); 200 } 201 return newdentry; 202 } 203 204 struct dentry *ovl_create_temp(struct dentry *workdir, struct ovl_cattr *attr) 205 { 206 return ovl_create_real(d_inode(workdir), ovl_lookup_temp(workdir), 207 attr); 208 } 209 210 static int ovl_set_opaque_xerr(struct dentry *dentry, struct dentry *upper, 211 int xerr) 212 { 213 int err; 214 215 err = ovl_check_setxattr(dentry, upper, OVL_XATTR_OPAQUE, "y", 1, xerr); 216 if (!err) 217 ovl_dentry_set_opaque(dentry); 218 219 return err; 220 } 221 222 static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry) 223 { 224 /* 225 * Fail with -EIO when trying to create opaque dir and upper doesn't 226 * support xattrs. ovl_rename() calls ovl_set_opaque_xerr(-EXDEV) to 227 * return a specific error for noxattr case. 228 */ 229 return ovl_set_opaque_xerr(dentry, upperdentry, -EIO); 230 } 231 232 /* 233 * Common operations required to be done after creation of file on upper. 234 * If @hardlink is false, then @inode is a pre-allocated inode, we may or 235 * may not use to instantiate the new dentry. 236 */ 237 static int ovl_instantiate(struct dentry *dentry, struct inode *inode, 238 struct dentry *newdentry, bool hardlink) 239 { 240 struct ovl_inode_params oip = { 241 .upperdentry = newdentry, 242 .newinode = inode, 243 }; 244 245 ovl_dir_modified(dentry->d_parent, false); 246 ovl_dentry_set_upper_alias(dentry); 247 if (!hardlink) { 248 /* 249 * ovl_obtain_alias() can be called after ovl_create_real() 250 * and before we get here, so we may get an inode from cache 251 * with the same real upperdentry that is not the inode we 252 * pre-allocated. In this case we will use the cached inode 253 * to instantiate the new dentry. 254 * 255 * XXX: if we ever use ovl_obtain_alias() to decode directory 256 * file handles, need to use ovl_get_inode_locked() and 257 * d_instantiate_new() here to prevent from creating two 258 * hashed directory inode aliases. 259 */ 260 inode = ovl_get_inode(dentry->d_sb, &oip); 261 if (WARN_ON(IS_ERR(inode))) 262 return PTR_ERR(inode); 263 } else { 264 WARN_ON(ovl_inode_real(inode) != d_inode(newdentry)); 265 dput(newdentry); 266 inc_nlink(inode); 267 } 268 269 d_instantiate(dentry, inode); 270 if (inode != oip.newinode) { 271 pr_warn_ratelimited("overlayfs: newly created inode found in cache (%pd2)\n", 272 dentry); 273 } 274 275 /* Force lookup of new upper hardlink to find its lower */ 276 if (hardlink) 277 d_drop(dentry); 278 279 return 0; 280 } 281 282 static bool ovl_type_merge(struct dentry *dentry) 283 { 284 return OVL_TYPE_MERGE(ovl_path_type(dentry)); 285 } 286 287 static bool ovl_type_origin(struct dentry *dentry) 288 { 289 return OVL_TYPE_ORIGIN(ovl_path_type(dentry)); 290 } 291 292 static int ovl_create_upper(struct dentry *dentry, struct inode *inode, 293 struct ovl_cattr *attr) 294 { 295 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 296 struct inode *udir = upperdir->d_inode; 297 struct dentry *newdentry; 298 int err; 299 300 if (!attr->hardlink && !IS_POSIXACL(udir)) 301 attr->mode &= ~current_umask(); 302 303 inode_lock_nested(udir, I_MUTEX_PARENT); 304 newdentry = ovl_create_real(udir, 305 lookup_one_len(dentry->d_name.name, 306 upperdir, 307 dentry->d_name.len), 308 attr); 309 err = PTR_ERR(newdentry); 310 if (IS_ERR(newdentry)) 311 goto out_unlock; 312 313 if (ovl_type_merge(dentry->d_parent) && d_is_dir(newdentry)) { 314 /* Setting opaque here is just an optimization, allow to fail */ 315 ovl_set_opaque(dentry, newdentry); 316 } 317 318 err = ovl_instantiate(dentry, inode, newdentry, !!attr->hardlink); 319 if (err) 320 goto out_cleanup; 321 out_unlock: 322 inode_unlock(udir); 323 return err; 324 325 out_cleanup: 326 ovl_cleanup(udir, newdentry); 327 dput(newdentry); 328 goto out_unlock; 329 } 330 331 static struct dentry *ovl_clear_empty(struct dentry *dentry, 332 struct list_head *list) 333 { 334 struct dentry *workdir = ovl_workdir(dentry); 335 struct inode *wdir = workdir->d_inode; 336 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 337 struct inode *udir = upperdir->d_inode; 338 struct path upperpath; 339 struct dentry *upper; 340 struct dentry *opaquedir; 341 struct kstat stat; 342 int err; 343 344 if (WARN_ON(!workdir)) 345 return ERR_PTR(-EROFS); 346 347 err = ovl_lock_rename_workdir(workdir, upperdir); 348 if (err) 349 goto out; 350 351 ovl_path_upper(dentry, &upperpath); 352 err = vfs_getattr(&upperpath, &stat, 353 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT); 354 if (err) 355 goto out_unlock; 356 357 err = -ESTALE; 358 if (!S_ISDIR(stat.mode)) 359 goto out_unlock; 360 upper = upperpath.dentry; 361 if (upper->d_parent->d_inode != udir) 362 goto out_unlock; 363 364 opaquedir = ovl_create_temp(workdir, OVL_CATTR(stat.mode)); 365 err = PTR_ERR(opaquedir); 366 if (IS_ERR(opaquedir)) 367 goto out_unlock; 368 369 err = ovl_copy_xattr(upper, opaquedir); 370 if (err) 371 goto out_cleanup; 372 373 err = ovl_set_opaque(dentry, opaquedir); 374 if (err) 375 goto out_cleanup; 376 377 inode_lock(opaquedir->d_inode); 378 err = ovl_set_attr(opaquedir, &stat); 379 inode_unlock(opaquedir->d_inode); 380 if (err) 381 goto out_cleanup; 382 383 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE); 384 if (err) 385 goto out_cleanup; 386 387 ovl_cleanup_whiteouts(upper, list); 388 ovl_cleanup(wdir, upper); 389 unlock_rename(workdir, upperdir); 390 391 /* dentry's upper doesn't match now, get rid of it */ 392 d_drop(dentry); 393 394 return opaquedir; 395 396 out_cleanup: 397 ovl_cleanup(wdir, opaquedir); 398 dput(opaquedir); 399 out_unlock: 400 unlock_rename(workdir, upperdir); 401 out: 402 return ERR_PTR(err); 403 } 404 405 static int ovl_set_upper_acl(struct dentry *upperdentry, const char *name, 406 const struct posix_acl *acl) 407 { 408 void *buffer; 409 size_t size; 410 int err; 411 412 if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !acl) 413 return 0; 414 415 size = posix_acl_to_xattr(NULL, acl, NULL, 0); 416 buffer = kmalloc(size, GFP_KERNEL); 417 if (!buffer) 418 return -ENOMEM; 419 420 size = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); 421 err = size; 422 if (err < 0) 423 goto out_free; 424 425 err = vfs_setxattr(upperdentry, name, buffer, size, XATTR_CREATE); 426 out_free: 427 kfree(buffer); 428 return err; 429 } 430 431 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode, 432 struct ovl_cattr *cattr) 433 { 434 struct dentry *workdir = ovl_workdir(dentry); 435 struct inode *wdir = workdir->d_inode; 436 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 437 struct inode *udir = upperdir->d_inode; 438 struct dentry *upper; 439 struct dentry *newdentry; 440 int err; 441 struct posix_acl *acl, *default_acl; 442 bool hardlink = !!cattr->hardlink; 443 444 if (WARN_ON(!workdir)) 445 return -EROFS; 446 447 if (!hardlink) { 448 err = posix_acl_create(dentry->d_parent->d_inode, 449 &cattr->mode, &default_acl, &acl); 450 if (err) 451 return err; 452 } 453 454 err = ovl_lock_rename_workdir(workdir, upperdir); 455 if (err) 456 goto out; 457 458 upper = lookup_one_len(dentry->d_name.name, upperdir, 459 dentry->d_name.len); 460 err = PTR_ERR(upper); 461 if (IS_ERR(upper)) 462 goto out_unlock; 463 464 newdentry = ovl_create_temp(workdir, cattr); 465 err = PTR_ERR(newdentry); 466 if (IS_ERR(newdentry)) 467 goto out_dput; 468 469 /* 470 * mode could have been mutilated due to umask (e.g. sgid directory) 471 */ 472 if (!hardlink && 473 !S_ISLNK(cattr->mode) && 474 newdentry->d_inode->i_mode != cattr->mode) { 475 struct iattr attr = { 476 .ia_valid = ATTR_MODE, 477 .ia_mode = cattr->mode, 478 }; 479 inode_lock(newdentry->d_inode); 480 err = notify_change(newdentry, &attr, NULL); 481 inode_unlock(newdentry->d_inode); 482 if (err) 483 goto out_cleanup; 484 } 485 if (!hardlink) { 486 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_ACCESS, 487 acl); 488 if (err) 489 goto out_cleanup; 490 491 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_DEFAULT, 492 default_acl); 493 if (err) 494 goto out_cleanup; 495 } 496 497 if (!hardlink && S_ISDIR(cattr->mode)) { 498 err = ovl_set_opaque(dentry, newdentry); 499 if (err) 500 goto out_cleanup; 501 502 err = ovl_do_rename(wdir, newdentry, udir, upper, 503 RENAME_EXCHANGE); 504 if (err) 505 goto out_cleanup; 506 507 ovl_cleanup(wdir, upper); 508 } else { 509 err = ovl_do_rename(wdir, newdentry, udir, upper, 0); 510 if (err) 511 goto out_cleanup; 512 } 513 err = ovl_instantiate(dentry, inode, newdentry, hardlink); 514 if (err) 515 goto out_cleanup; 516 out_dput: 517 dput(upper); 518 out_unlock: 519 unlock_rename(workdir, upperdir); 520 out: 521 if (!hardlink) { 522 posix_acl_release(acl); 523 posix_acl_release(default_acl); 524 } 525 return err; 526 527 out_cleanup: 528 ovl_cleanup(wdir, newdentry); 529 dput(newdentry); 530 goto out_dput; 531 } 532 533 static int ovl_create_or_link(struct dentry *dentry, struct inode *inode, 534 struct ovl_cattr *attr, bool origin) 535 { 536 int err; 537 const struct cred *old_cred; 538 struct cred *override_cred; 539 struct dentry *parent = dentry->d_parent; 540 541 err = ovl_copy_up(parent); 542 if (err) 543 return err; 544 545 old_cred = ovl_override_creds(dentry->d_sb); 546 547 /* 548 * When linking a file with copy up origin into a new parent, mark the 549 * new parent dir "impure". 550 */ 551 if (origin) { 552 err = ovl_set_impure(parent, ovl_dentry_upper(parent)); 553 if (err) 554 goto out_revert_creds; 555 } 556 557 err = -ENOMEM; 558 override_cred = prepare_creds(); 559 if (override_cred) { 560 override_cred->fsuid = inode->i_uid; 561 override_cred->fsgid = inode->i_gid; 562 if (!attr->hardlink) { 563 err = security_dentry_create_files_as(dentry, 564 attr->mode, &dentry->d_name, old_cred, 565 override_cred); 566 if (err) { 567 put_cred(override_cred); 568 goto out_revert_creds; 569 } 570 } 571 put_cred(override_creds(override_cred)); 572 put_cred(override_cred); 573 574 if (!ovl_dentry_is_whiteout(dentry)) 575 err = ovl_create_upper(dentry, inode, attr); 576 else 577 err = ovl_create_over_whiteout(dentry, inode, attr); 578 } 579 out_revert_creds: 580 revert_creds(old_cred); 581 return err; 582 } 583 584 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev, 585 const char *link) 586 { 587 int err; 588 struct inode *inode; 589 struct ovl_cattr attr = { 590 .rdev = rdev, 591 .link = link, 592 }; 593 594 err = ovl_want_write(dentry); 595 if (err) 596 goto out; 597 598 /* Preallocate inode to be used by ovl_get_inode() */ 599 err = -ENOMEM; 600 inode = ovl_new_inode(dentry->d_sb, mode, rdev); 601 if (!inode) 602 goto out_drop_write; 603 604 inode_init_owner(inode, dentry->d_parent->d_inode, mode); 605 attr.mode = inode->i_mode; 606 607 err = ovl_create_or_link(dentry, inode, &attr, false); 608 /* Did we end up using the preallocated inode? */ 609 if (inode != d_inode(dentry)) 610 iput(inode); 611 612 out_drop_write: 613 ovl_drop_write(dentry); 614 out: 615 return err; 616 } 617 618 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode, 619 bool excl) 620 { 621 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL); 622 } 623 624 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 625 { 626 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL); 627 } 628 629 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, 630 dev_t rdev) 631 { 632 /* Don't allow creation of "whiteout" on overlay */ 633 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV) 634 return -EPERM; 635 636 return ovl_create_object(dentry, mode, rdev, NULL); 637 } 638 639 static int ovl_symlink(struct inode *dir, struct dentry *dentry, 640 const char *link) 641 { 642 return ovl_create_object(dentry, S_IFLNK, 0, link); 643 } 644 645 static int ovl_link(struct dentry *old, struct inode *newdir, 646 struct dentry *new) 647 { 648 int err; 649 bool locked = false; 650 struct inode *inode; 651 652 err = ovl_want_write(old); 653 if (err) 654 goto out; 655 656 err = ovl_copy_up(old); 657 if (err) 658 goto out_drop_write; 659 660 err = ovl_nlink_start(old, &locked); 661 if (err) 662 goto out_drop_write; 663 664 inode = d_inode(old); 665 ihold(inode); 666 667 err = ovl_create_or_link(new, inode, 668 &(struct ovl_cattr) {.hardlink = ovl_dentry_upper(old)}, 669 ovl_type_origin(old)); 670 if (err) 671 iput(inode); 672 673 ovl_nlink_end(old, locked); 674 out_drop_write: 675 ovl_drop_write(old); 676 out: 677 return err; 678 } 679 680 static bool ovl_matches_upper(struct dentry *dentry, struct dentry *upper) 681 { 682 return d_inode(ovl_dentry_upper(dentry)) == d_inode(upper); 683 } 684 685 static int ovl_remove_and_whiteout(struct dentry *dentry, 686 struct list_head *list) 687 { 688 struct dentry *workdir = ovl_workdir(dentry); 689 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 690 struct dentry *upper; 691 struct dentry *opaquedir = NULL; 692 int err; 693 694 if (WARN_ON(!workdir)) 695 return -EROFS; 696 697 if (!list_empty(list)) { 698 opaquedir = ovl_clear_empty(dentry, list); 699 err = PTR_ERR(opaquedir); 700 if (IS_ERR(opaquedir)) 701 goto out; 702 } 703 704 err = ovl_lock_rename_workdir(workdir, upperdir); 705 if (err) 706 goto out_dput; 707 708 upper = lookup_one_len(dentry->d_name.name, upperdir, 709 dentry->d_name.len); 710 err = PTR_ERR(upper); 711 if (IS_ERR(upper)) 712 goto out_unlock; 713 714 err = -ESTALE; 715 if ((opaquedir && upper != opaquedir) || 716 (!opaquedir && ovl_dentry_upper(dentry) && 717 !ovl_matches_upper(dentry, upper))) { 718 goto out_dput_upper; 719 } 720 721 err = ovl_cleanup_and_whiteout(workdir, d_inode(upperdir), upper); 722 if (err) 723 goto out_d_drop; 724 725 ovl_dir_modified(dentry->d_parent, true); 726 out_d_drop: 727 d_drop(dentry); 728 out_dput_upper: 729 dput(upper); 730 out_unlock: 731 unlock_rename(workdir, upperdir); 732 out_dput: 733 dput(opaquedir); 734 out: 735 return err; 736 } 737 738 static int ovl_remove_upper(struct dentry *dentry, bool is_dir, 739 struct list_head *list) 740 { 741 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 742 struct inode *dir = upperdir->d_inode; 743 struct dentry *upper; 744 struct dentry *opaquedir = NULL; 745 int err; 746 747 if (!list_empty(list)) { 748 opaquedir = ovl_clear_empty(dentry, list); 749 err = PTR_ERR(opaquedir); 750 if (IS_ERR(opaquedir)) 751 goto out; 752 } 753 754 inode_lock_nested(dir, I_MUTEX_PARENT); 755 upper = lookup_one_len(dentry->d_name.name, upperdir, 756 dentry->d_name.len); 757 err = PTR_ERR(upper); 758 if (IS_ERR(upper)) 759 goto out_unlock; 760 761 err = -ESTALE; 762 if ((opaquedir && upper != opaquedir) || 763 (!opaquedir && !ovl_matches_upper(dentry, upper))) 764 goto out_dput_upper; 765 766 if (is_dir) 767 err = vfs_rmdir(dir, upper); 768 else 769 err = vfs_unlink(dir, upper, NULL); 770 ovl_dir_modified(dentry->d_parent, ovl_type_origin(dentry)); 771 772 /* 773 * Keeping this dentry hashed would mean having to release 774 * upperpath/lowerpath, which could only be done if we are the 775 * sole user of this dentry. Too tricky... Just unhash for 776 * now. 777 */ 778 if (!err) 779 d_drop(dentry); 780 out_dput_upper: 781 dput(upper); 782 out_unlock: 783 inode_unlock(dir); 784 dput(opaquedir); 785 out: 786 return err; 787 } 788 789 static bool ovl_pure_upper(struct dentry *dentry) 790 { 791 return !ovl_dentry_lower(dentry) && 792 !ovl_test_flag(OVL_WHITEOUTS, d_inode(dentry)); 793 } 794 795 static int ovl_do_remove(struct dentry *dentry, bool is_dir) 796 { 797 int err; 798 bool locked = false; 799 const struct cred *old_cred; 800 struct dentry *upperdentry; 801 bool lower_positive = ovl_lower_positive(dentry); 802 LIST_HEAD(list); 803 804 /* No need to clean pure upper removed by vfs_rmdir() */ 805 if (is_dir && (lower_positive || !ovl_pure_upper(dentry))) { 806 err = ovl_check_empty_dir(dentry, &list); 807 if (err) 808 goto out; 809 } 810 811 err = ovl_want_write(dentry); 812 if (err) 813 goto out; 814 815 err = ovl_copy_up(dentry->d_parent); 816 if (err) 817 goto out_drop_write; 818 819 err = ovl_nlink_start(dentry, &locked); 820 if (err) 821 goto out_drop_write; 822 823 old_cred = ovl_override_creds(dentry->d_sb); 824 if (!lower_positive) 825 err = ovl_remove_upper(dentry, is_dir, &list); 826 else 827 err = ovl_remove_and_whiteout(dentry, &list); 828 revert_creds(old_cred); 829 if (!err) { 830 if (is_dir) 831 clear_nlink(dentry->d_inode); 832 else 833 drop_nlink(dentry->d_inode); 834 } 835 ovl_nlink_end(dentry, locked); 836 837 /* 838 * Copy ctime 839 * 840 * Note: we fail to update ctime if there was no copy-up, only a 841 * whiteout 842 */ 843 upperdentry = ovl_dentry_upper(dentry); 844 if (upperdentry) 845 ovl_copyattr(d_inode(upperdentry), d_inode(dentry)); 846 847 out_drop_write: 848 ovl_drop_write(dentry); 849 out: 850 ovl_cache_free(&list); 851 return err; 852 } 853 854 static int ovl_unlink(struct inode *dir, struct dentry *dentry) 855 { 856 return ovl_do_remove(dentry, false); 857 } 858 859 static int ovl_rmdir(struct inode *dir, struct dentry *dentry) 860 { 861 return ovl_do_remove(dentry, true); 862 } 863 864 static bool ovl_type_merge_or_lower(struct dentry *dentry) 865 { 866 enum ovl_path_type type = ovl_path_type(dentry); 867 868 return OVL_TYPE_MERGE(type) || !OVL_TYPE_UPPER(type); 869 } 870 871 static bool ovl_can_move(struct dentry *dentry) 872 { 873 return ovl_redirect_dir(dentry->d_sb) || 874 !d_is_dir(dentry) || !ovl_type_merge_or_lower(dentry); 875 } 876 877 static char *ovl_get_redirect(struct dentry *dentry, bool samedir) 878 { 879 char *buf, *ret; 880 struct dentry *d, *tmp; 881 int buflen = ovl_redirect_max + 1; 882 883 if (samedir) { 884 ret = kstrndup(dentry->d_name.name, dentry->d_name.len, 885 GFP_KERNEL); 886 goto out; 887 } 888 889 buf = ret = kmalloc(buflen, GFP_KERNEL); 890 if (!buf) 891 goto out; 892 893 buflen--; 894 buf[buflen] = '\0'; 895 for (d = dget(dentry); !IS_ROOT(d);) { 896 const char *name; 897 int thislen; 898 899 spin_lock(&d->d_lock); 900 name = ovl_dentry_get_redirect(d); 901 if (name) { 902 thislen = strlen(name); 903 } else { 904 name = d->d_name.name; 905 thislen = d->d_name.len; 906 } 907 908 /* If path is too long, fall back to userspace move */ 909 if (thislen + (name[0] != '/') > buflen) { 910 ret = ERR_PTR(-EXDEV); 911 spin_unlock(&d->d_lock); 912 goto out_put; 913 } 914 915 buflen -= thislen; 916 memcpy(&buf[buflen], name, thislen); 917 tmp = dget_dlock(d->d_parent); 918 spin_unlock(&d->d_lock); 919 920 dput(d); 921 d = tmp; 922 923 /* Absolute redirect: finished */ 924 if (buf[buflen] == '/') 925 break; 926 buflen--; 927 buf[buflen] = '/'; 928 } 929 ret = kstrdup(&buf[buflen], GFP_KERNEL); 930 out_put: 931 dput(d); 932 kfree(buf); 933 out: 934 return ret ? ret : ERR_PTR(-ENOMEM); 935 } 936 937 static int ovl_set_redirect(struct dentry *dentry, bool samedir) 938 { 939 int err; 940 const char *redirect = ovl_dentry_get_redirect(dentry); 941 942 if (redirect && (samedir || redirect[0] == '/')) 943 return 0; 944 945 redirect = ovl_get_redirect(dentry, samedir); 946 if (IS_ERR(redirect)) 947 return PTR_ERR(redirect); 948 949 err = ovl_check_setxattr(dentry, ovl_dentry_upper(dentry), 950 OVL_XATTR_REDIRECT, 951 redirect, strlen(redirect), -EXDEV); 952 if (!err) { 953 spin_lock(&dentry->d_lock); 954 ovl_dentry_set_redirect(dentry, redirect); 955 spin_unlock(&dentry->d_lock); 956 } else { 957 kfree(redirect); 958 pr_warn_ratelimited("overlayfs: failed to set redirect (%i)\n", 959 err); 960 /* Fall back to userspace copy-up */ 961 err = -EXDEV; 962 } 963 return err; 964 } 965 966 static int ovl_rename(struct inode *olddir, struct dentry *old, 967 struct inode *newdir, struct dentry *new, 968 unsigned int flags) 969 { 970 int err; 971 bool locked = false; 972 struct dentry *old_upperdir; 973 struct dentry *new_upperdir; 974 struct dentry *olddentry; 975 struct dentry *newdentry; 976 struct dentry *trap; 977 bool old_opaque; 978 bool new_opaque; 979 bool cleanup_whiteout = false; 980 bool overwrite = !(flags & RENAME_EXCHANGE); 981 bool is_dir = d_is_dir(old); 982 bool new_is_dir = d_is_dir(new); 983 bool samedir = olddir == newdir; 984 struct dentry *opaquedir = NULL; 985 const struct cred *old_cred = NULL; 986 LIST_HEAD(list); 987 988 err = -EINVAL; 989 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE)) 990 goto out; 991 992 flags &= ~RENAME_NOREPLACE; 993 994 /* Don't copy up directory trees */ 995 err = -EXDEV; 996 if (!ovl_can_move(old)) 997 goto out; 998 if (!overwrite && !ovl_can_move(new)) 999 goto out; 1000 1001 if (overwrite && new_is_dir && !ovl_pure_upper(new)) { 1002 err = ovl_check_empty_dir(new, &list); 1003 if (err) 1004 goto out; 1005 } 1006 1007 if (overwrite) { 1008 if (ovl_lower_positive(old)) { 1009 if (!ovl_dentry_is_whiteout(new)) { 1010 /* Whiteout source */ 1011 flags |= RENAME_WHITEOUT; 1012 } else { 1013 /* Switch whiteouts */ 1014 flags |= RENAME_EXCHANGE; 1015 } 1016 } else if (is_dir && ovl_dentry_is_whiteout(new)) { 1017 flags |= RENAME_EXCHANGE; 1018 cleanup_whiteout = true; 1019 } 1020 } 1021 1022 err = ovl_want_write(old); 1023 if (err) 1024 goto out; 1025 1026 err = ovl_copy_up(old); 1027 if (err) 1028 goto out_drop_write; 1029 1030 err = ovl_copy_up(new->d_parent); 1031 if (err) 1032 goto out_drop_write; 1033 if (!overwrite) { 1034 err = ovl_copy_up(new); 1035 if (err) 1036 goto out_drop_write; 1037 } else { 1038 err = ovl_nlink_start(new, &locked); 1039 if (err) 1040 goto out_drop_write; 1041 } 1042 1043 old_cred = ovl_override_creds(old->d_sb); 1044 1045 if (!list_empty(&list)) { 1046 opaquedir = ovl_clear_empty(new, &list); 1047 err = PTR_ERR(opaquedir); 1048 if (IS_ERR(opaquedir)) { 1049 opaquedir = NULL; 1050 goto out_revert_creds; 1051 } 1052 } 1053 1054 old_upperdir = ovl_dentry_upper(old->d_parent); 1055 new_upperdir = ovl_dentry_upper(new->d_parent); 1056 1057 if (!samedir) { 1058 /* 1059 * When moving a merge dir or non-dir with copy up origin into 1060 * a new parent, we are marking the new parent dir "impure". 1061 * When ovl_iterate() iterates an "impure" upper dir, it will 1062 * lookup the origin inodes of the entries to fill d_ino. 1063 */ 1064 if (ovl_type_origin(old)) { 1065 err = ovl_set_impure(new->d_parent, new_upperdir); 1066 if (err) 1067 goto out_revert_creds; 1068 } 1069 if (!overwrite && ovl_type_origin(new)) { 1070 err = ovl_set_impure(old->d_parent, old_upperdir); 1071 if (err) 1072 goto out_revert_creds; 1073 } 1074 } 1075 1076 trap = lock_rename(new_upperdir, old_upperdir); 1077 1078 olddentry = lookup_one_len(old->d_name.name, old_upperdir, 1079 old->d_name.len); 1080 err = PTR_ERR(olddentry); 1081 if (IS_ERR(olddentry)) 1082 goto out_unlock; 1083 1084 err = -ESTALE; 1085 if (!ovl_matches_upper(old, olddentry)) 1086 goto out_dput_old; 1087 1088 newdentry = lookup_one_len(new->d_name.name, new_upperdir, 1089 new->d_name.len); 1090 err = PTR_ERR(newdentry); 1091 if (IS_ERR(newdentry)) 1092 goto out_dput_old; 1093 1094 old_opaque = ovl_dentry_is_opaque(old); 1095 new_opaque = ovl_dentry_is_opaque(new); 1096 1097 err = -ESTALE; 1098 if (d_inode(new) && ovl_dentry_upper(new)) { 1099 if (opaquedir) { 1100 if (newdentry != opaquedir) 1101 goto out_dput; 1102 } else { 1103 if (!ovl_matches_upper(new, newdentry)) 1104 goto out_dput; 1105 } 1106 } else { 1107 if (!d_is_negative(newdentry) && 1108 (!new_opaque || !ovl_is_whiteout(newdentry))) 1109 goto out_dput; 1110 } 1111 1112 if (olddentry == trap) 1113 goto out_dput; 1114 if (newdentry == trap) 1115 goto out_dput; 1116 1117 if (WARN_ON(olddentry->d_inode == newdentry->d_inode)) 1118 goto out_dput; 1119 1120 err = 0; 1121 if (is_dir) { 1122 if (ovl_type_merge_or_lower(old)) 1123 err = ovl_set_redirect(old, samedir); 1124 else if (!old_opaque && ovl_type_merge(new->d_parent)) 1125 err = ovl_set_opaque_xerr(old, olddentry, -EXDEV); 1126 if (err) 1127 goto out_dput; 1128 } 1129 if (!overwrite && new_is_dir) { 1130 if (ovl_type_merge_or_lower(new)) 1131 err = ovl_set_redirect(new, samedir); 1132 else if (!new_opaque && ovl_type_merge(old->d_parent)) 1133 err = ovl_set_opaque_xerr(new, newdentry, -EXDEV); 1134 if (err) 1135 goto out_dput; 1136 } 1137 1138 err = ovl_do_rename(old_upperdir->d_inode, olddentry, 1139 new_upperdir->d_inode, newdentry, flags); 1140 if (err) 1141 goto out_dput; 1142 1143 if (cleanup_whiteout) 1144 ovl_cleanup(old_upperdir->d_inode, newdentry); 1145 1146 if (overwrite && d_inode(new)) { 1147 if (new_is_dir) 1148 clear_nlink(d_inode(new)); 1149 else 1150 drop_nlink(d_inode(new)); 1151 } 1152 1153 ovl_dir_modified(old->d_parent, ovl_type_origin(old) || 1154 (!overwrite && ovl_type_origin(new))); 1155 ovl_dir_modified(new->d_parent, ovl_type_origin(old) || 1156 (d_inode(new) && ovl_type_origin(new))); 1157 1158 /* copy ctime: */ 1159 ovl_copyattr(d_inode(olddentry), d_inode(old)); 1160 if (d_inode(new) && ovl_dentry_upper(new)) 1161 ovl_copyattr(d_inode(newdentry), d_inode(new)); 1162 1163 out_dput: 1164 dput(newdentry); 1165 out_dput_old: 1166 dput(olddentry); 1167 out_unlock: 1168 unlock_rename(new_upperdir, old_upperdir); 1169 out_revert_creds: 1170 revert_creds(old_cred); 1171 ovl_nlink_end(new, locked); 1172 out_drop_write: 1173 ovl_drop_write(old); 1174 out: 1175 dput(opaquedir); 1176 ovl_cache_free(&list); 1177 return err; 1178 } 1179 1180 const struct inode_operations ovl_dir_inode_operations = { 1181 .lookup = ovl_lookup, 1182 .mkdir = ovl_mkdir, 1183 .symlink = ovl_symlink, 1184 .unlink = ovl_unlink, 1185 .rmdir = ovl_rmdir, 1186 .rename = ovl_rename, 1187 .link = ovl_link, 1188 .setattr = ovl_setattr, 1189 .create = ovl_create, 1190 .mknod = ovl_mknod, 1191 .permission = ovl_permission, 1192 .getattr = ovl_getattr, 1193 .listxattr = ovl_listxattr, 1194 .get_acl = ovl_get_acl, 1195 .update_time = ovl_update_time, 1196 }; 1197