xref: /openbmc/linux/fs/overlayfs/inode.c (revision fceef393a538134f03b778c5d2519e670269342f) 
1 /*
2  *
3  * Copyright (C) 2011 Novell Inc.
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 as published by
7  * the Free Software Foundation.
8  */
9 
10 #include <linux/fs.h>
11 #include <linux/slab.h>
12 #include <linux/xattr.h>
13 #include "overlayfs.h"
14 
15 static int ovl_copy_up_truncate(struct dentry *dentry)
16 {
17 	int err;
18 	struct dentry *parent;
19 	struct kstat stat;
20 	struct path lowerpath;
21 
22 	parent = dget_parent(dentry);
23 	err = ovl_copy_up(parent);
24 	if (err)
25 		goto out_dput_parent;
26 
27 	ovl_path_lower(dentry, &lowerpath);
28 	err = vfs_getattr(&lowerpath, &stat);
29 	if (err)
30 		goto out_dput_parent;
31 
32 	stat.size = 0;
33 	err = ovl_copy_up_one(parent, dentry, &lowerpath, &stat);
34 
35 out_dput_parent:
36 	dput(parent);
37 	return err;
38 }
39 
40 int ovl_setattr(struct dentry *dentry, struct iattr *attr)
41 {
42 	int err;
43 	struct dentry *upperdentry;
44 
45 	err = ovl_want_write(dentry);
46 	if (err)
47 		goto out;
48 
49 	err = ovl_copy_up(dentry);
50 	if (!err) {
51 		upperdentry = ovl_dentry_upper(dentry);
52 
53 		mutex_lock(&upperdentry->d_inode->i_mutex);
54 		err = notify_change(upperdentry, attr, NULL);
55 		mutex_unlock(&upperdentry->d_inode->i_mutex);
56 	}
57 	ovl_drop_write(dentry);
58 out:
59 	return err;
60 }
61 
62 static int ovl_getattr(struct vfsmount *mnt, struct dentry *dentry,
63 			 struct kstat *stat)
64 {
65 	struct path realpath;
66 
67 	ovl_path_real(dentry, &realpath);
68 	return vfs_getattr(&realpath, stat);
69 }
70 
71 int ovl_permission(struct inode *inode, int mask)
72 {
73 	struct ovl_entry *oe;
74 	struct dentry *alias = NULL;
75 	struct inode *realinode;
76 	struct dentry *realdentry;
77 	bool is_upper;
78 	int err;
79 
80 	if (S_ISDIR(inode->i_mode)) {
81 		oe = inode->i_private;
82 	} else if (mask & MAY_NOT_BLOCK) {
83 		return -ECHILD;
84 	} else {
85 		/*
86 		 * For non-directories find an alias and get the info
87 		 * from there.
88 		 */
89 		alias = d_find_any_alias(inode);
90 		if (WARN_ON(!alias))
91 			return -ENOENT;
92 
93 		oe = alias->d_fsdata;
94 	}
95 
96 	realdentry = ovl_entry_real(oe, &is_upper);
97 
98 	/* Careful in RCU walk mode */
99 	realinode = ACCESS_ONCE(realdentry->d_inode);
100 	if (!realinode) {
101 		WARN_ON(!(mask & MAY_NOT_BLOCK));
102 		err = -ENOENT;
103 		goto out_dput;
104 	}
105 
106 	if (mask & MAY_WRITE) {
107 		umode_t mode = realinode->i_mode;
108 
109 		/*
110 		 * Writes will always be redirected to upper layer, so
111 		 * ignore lower layer being read-only.
112 		 *
113 		 * If the overlay itself is read-only then proceed
114 		 * with the permission check, don't return EROFS.
115 		 * This will only happen if this is the lower layer of
116 		 * another overlayfs.
117 		 *
118 		 * If upper fs becomes read-only after the overlay was
119 		 * constructed return EROFS to prevent modification of
120 		 * upper layer.
121 		 */
122 		err = -EROFS;
123 		if (is_upper && !IS_RDONLY(inode) && IS_RDONLY(realinode) &&
124 		    (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
125 			goto out_dput;
126 	}
127 
128 	err = __inode_permission(realinode, mask);
129 out_dput:
130 	dput(alias);
131 	return err;
132 }
133 
134 static const char *ovl_get_link(struct dentry *dentry,
135 				struct inode *inode,
136 				struct delayed_call *done)
137 {
138 	struct dentry *realdentry;
139 	struct inode *realinode;
140 
141 	if (!dentry)
142 		return ERR_PTR(-ECHILD);
143 
144 	realdentry = ovl_dentry_real(dentry);
145 	realinode = realdentry->d_inode;
146 
147 	if (WARN_ON(!realinode->i_op->get_link))
148 		return ERR_PTR(-EPERM);
149 
150 	return realinode->i_op->get_link(realdentry, realinode, done);
151 }
152 
153 static int ovl_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
154 {
155 	struct path realpath;
156 	struct inode *realinode;
157 
158 	ovl_path_real(dentry, &realpath);
159 	realinode = realpath.dentry->d_inode;
160 
161 	if (!realinode->i_op->readlink)
162 		return -EINVAL;
163 
164 	touch_atime(&realpath);
165 
166 	return realinode->i_op->readlink(realpath.dentry, buf, bufsiz);
167 }
168 
169 
170 static bool ovl_is_private_xattr(const char *name)
171 {
172 	return strncmp(name, OVL_XATTR_PRE_NAME, OVL_XATTR_PRE_LEN) == 0;
173 }
174 
175 int ovl_setxattr(struct dentry *dentry, const char *name,
176 		 const void *value, size_t size, int flags)
177 {
178 	int err;
179 	struct dentry *upperdentry;
180 
181 	err = ovl_want_write(dentry);
182 	if (err)
183 		goto out;
184 
185 	err = -EPERM;
186 	if (ovl_is_private_xattr(name))
187 		goto out_drop_write;
188 
189 	err = ovl_copy_up(dentry);
190 	if (err)
191 		goto out_drop_write;
192 
193 	upperdentry = ovl_dentry_upper(dentry);
194 	err = vfs_setxattr(upperdentry, name, value, size, flags);
195 
196 out_drop_write:
197 	ovl_drop_write(dentry);
198 out:
199 	return err;
200 }
201 
202 static bool ovl_need_xattr_filter(struct dentry *dentry,
203 				  enum ovl_path_type type)
204 {
205 	if ((type & (__OVL_PATH_PURE | __OVL_PATH_UPPER)) == __OVL_PATH_UPPER)
206 		return S_ISDIR(dentry->d_inode->i_mode);
207 	else
208 		return false;
209 }
210 
211 ssize_t ovl_getxattr(struct dentry *dentry, const char *name,
212 		     void *value, size_t size)
213 {
214 	struct path realpath;
215 	enum ovl_path_type type = ovl_path_real(dentry, &realpath);
216 
217 	if (ovl_need_xattr_filter(dentry, type) && ovl_is_private_xattr(name))
218 		return -ENODATA;
219 
220 	return vfs_getxattr(realpath.dentry, name, value, size);
221 }
222 
223 ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
224 {
225 	struct path realpath;
226 	enum ovl_path_type type = ovl_path_real(dentry, &realpath);
227 	ssize_t res;
228 	int off;
229 
230 	res = vfs_listxattr(realpath.dentry, list, size);
231 	if (res <= 0 || size == 0)
232 		return res;
233 
234 	if (!ovl_need_xattr_filter(dentry, type))
235 		return res;
236 
237 	/* filter out private xattrs */
238 	for (off = 0; off < res;) {
239 		char *s = list + off;
240 		size_t slen = strlen(s) + 1;
241 
242 		BUG_ON(off + slen > res);
243 
244 		if (ovl_is_private_xattr(s)) {
245 			res -= slen;
246 			memmove(s, s + slen, res - off);
247 		} else {
248 			off += slen;
249 		}
250 	}
251 
252 	return res;
253 }
254 
255 int ovl_removexattr(struct dentry *dentry, const char *name)
256 {
257 	int err;
258 	struct path realpath;
259 	enum ovl_path_type type = ovl_path_real(dentry, &realpath);
260 
261 	err = ovl_want_write(dentry);
262 	if (err)
263 		goto out;
264 
265 	err = -ENODATA;
266 	if (ovl_need_xattr_filter(dentry, type) && ovl_is_private_xattr(name))
267 		goto out_drop_write;
268 
269 	if (!OVL_TYPE_UPPER(type)) {
270 		err = vfs_getxattr(realpath.dentry, name, NULL, 0);
271 		if (err < 0)
272 			goto out_drop_write;
273 
274 		err = ovl_copy_up(dentry);
275 		if (err)
276 			goto out_drop_write;
277 
278 		ovl_path_upper(dentry, &realpath);
279 	}
280 
281 	err = vfs_removexattr(realpath.dentry, name);
282 out_drop_write:
283 	ovl_drop_write(dentry);
284 out:
285 	return err;
286 }
287 
288 static bool ovl_open_need_copy_up(int flags, enum ovl_path_type type,
289 				  struct dentry *realdentry)
290 {
291 	if (OVL_TYPE_UPPER(type))
292 		return false;
293 
294 	if (special_file(realdentry->d_inode->i_mode))
295 		return false;
296 
297 	if (!(OPEN_FMODE(flags) & FMODE_WRITE) && !(flags & O_TRUNC))
298 		return false;
299 
300 	return true;
301 }
302 
303 struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags)
304 {
305 	int err;
306 	struct path realpath;
307 	enum ovl_path_type type;
308 
309 	if (d_is_dir(dentry))
310 		return d_backing_inode(dentry);
311 
312 	type = ovl_path_real(dentry, &realpath);
313 	if (ovl_open_need_copy_up(file_flags, type, realpath.dentry)) {
314 		err = ovl_want_write(dentry);
315 		if (err)
316 			return ERR_PTR(err);
317 
318 		if (file_flags & O_TRUNC)
319 			err = ovl_copy_up_truncate(dentry);
320 		else
321 			err = ovl_copy_up(dentry);
322 		ovl_drop_write(dentry);
323 		if (err)
324 			return ERR_PTR(err);
325 
326 		ovl_path_upper(dentry, &realpath);
327 	}
328 
329 	if (realpath.dentry->d_flags & DCACHE_OP_SELECT_INODE)
330 		return realpath.dentry->d_op->d_select_inode(realpath.dentry, file_flags);
331 
332 	return d_backing_inode(realpath.dentry);
333 }
334 
335 static const struct inode_operations ovl_file_inode_operations = {
336 	.setattr	= ovl_setattr,
337 	.permission	= ovl_permission,
338 	.getattr	= ovl_getattr,
339 	.setxattr	= ovl_setxattr,
340 	.getxattr	= ovl_getxattr,
341 	.listxattr	= ovl_listxattr,
342 	.removexattr	= ovl_removexattr,
343 };
344 
345 static const struct inode_operations ovl_symlink_inode_operations = {
346 	.setattr	= ovl_setattr,
347 	.get_link	= ovl_get_link,
348 	.readlink	= ovl_readlink,
349 	.getattr	= ovl_getattr,
350 	.setxattr	= ovl_setxattr,
351 	.getxattr	= ovl_getxattr,
352 	.listxattr	= ovl_listxattr,
353 	.removexattr	= ovl_removexattr,
354 };
355 
356 struct inode *ovl_new_inode(struct super_block *sb, umode_t mode,
357 			    struct ovl_entry *oe)
358 {
359 	struct inode *inode;
360 
361 	inode = new_inode(sb);
362 	if (!inode)
363 		return NULL;
364 
365 	mode &= S_IFMT;
366 
367 	inode->i_ino = get_next_ino();
368 	inode->i_mode = mode;
369 	inode->i_flags |= S_NOATIME | S_NOCMTIME;
370 
371 	switch (mode) {
372 	case S_IFDIR:
373 		inode->i_private = oe;
374 		inode->i_op = &ovl_dir_inode_operations;
375 		inode->i_fop = &ovl_dir_operations;
376 		break;
377 
378 	case S_IFLNK:
379 		inode->i_op = &ovl_symlink_inode_operations;
380 		break;
381 
382 	case S_IFREG:
383 	case S_IFSOCK:
384 	case S_IFBLK:
385 	case S_IFCHR:
386 	case S_IFIFO:
387 		inode->i_op = &ovl_file_inode_operations;
388 		break;
389 
390 	default:
391 		WARN(1, "illegal file type: %i\n", mode);
392 		iput(inode);
393 		inode = NULL;
394 	}
395 
396 	return inode;
397 }
398