1 /* 2 * 3 * Copyright (C) 2011 Novell Inc. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 as published by 7 * the Free Software Foundation. 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/namei.h> 12 #include <linux/xattr.h> 13 #include <linux/security.h> 14 #include <linux/cred.h> 15 #include "overlayfs.h" 16 17 void ovl_cleanup(struct inode *wdir, struct dentry *wdentry) 18 { 19 int err; 20 21 dget(wdentry); 22 if (d_is_dir(wdentry)) 23 err = ovl_do_rmdir(wdir, wdentry); 24 else 25 err = ovl_do_unlink(wdir, wdentry); 26 dput(wdentry); 27 28 if (err) { 29 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n", 30 wdentry, err); 31 } 32 } 33 34 struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry) 35 { 36 struct dentry *temp; 37 char name[20]; 38 39 snprintf(name, sizeof(name), "#%lx", (unsigned long) dentry); 40 41 temp = lookup_one_len(name, workdir, strlen(name)); 42 if (!IS_ERR(temp) && temp->d_inode) { 43 pr_err("overlayfs: workdir/%s already exists\n", name); 44 dput(temp); 45 temp = ERR_PTR(-EIO); 46 } 47 48 return temp; 49 } 50 51 /* caller holds i_mutex on workdir */ 52 static struct dentry *ovl_whiteout(struct dentry *workdir, 53 struct dentry *dentry) 54 { 55 int err; 56 struct dentry *whiteout; 57 struct inode *wdir = workdir->d_inode; 58 59 whiteout = ovl_lookup_temp(workdir, dentry); 60 if (IS_ERR(whiteout)) 61 return whiteout; 62 63 err = ovl_do_whiteout(wdir, whiteout); 64 if (err) { 65 dput(whiteout); 66 whiteout = ERR_PTR(err); 67 } 68 69 return whiteout; 70 } 71 72 int ovl_create_real(struct inode *dir, struct dentry *newdentry, 73 struct kstat *stat, const char *link, 74 struct dentry *hardlink, bool debug) 75 { 76 int err; 77 78 if (newdentry->d_inode) 79 return -ESTALE; 80 81 if (hardlink) { 82 err = ovl_do_link(hardlink, dir, newdentry, debug); 83 } else { 84 switch (stat->mode & S_IFMT) { 85 case S_IFREG: 86 err = ovl_do_create(dir, newdentry, stat->mode, debug); 87 break; 88 89 case S_IFDIR: 90 err = ovl_do_mkdir(dir, newdentry, stat->mode, debug); 91 break; 92 93 case S_IFCHR: 94 case S_IFBLK: 95 case S_IFIFO: 96 case S_IFSOCK: 97 err = ovl_do_mknod(dir, newdentry, 98 stat->mode, stat->rdev, debug); 99 break; 100 101 case S_IFLNK: 102 err = ovl_do_symlink(dir, newdentry, link, debug); 103 break; 104 105 default: 106 err = -EPERM; 107 } 108 } 109 if (!err && WARN_ON(!newdentry->d_inode)) { 110 /* 111 * Not quite sure if non-instantiated dentry is legal or not. 112 * VFS doesn't seem to care so check and warn here. 113 */ 114 err = -ENOENT; 115 } 116 return err; 117 } 118 119 static int ovl_set_opaque(struct dentry *upperdentry) 120 { 121 return ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0); 122 } 123 124 static void ovl_remove_opaque(struct dentry *upperdentry) 125 { 126 int err; 127 128 err = ovl_do_removexattr(upperdentry, OVL_XATTR_OPAQUE); 129 if (err) { 130 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n", 131 upperdentry->d_name.name, err); 132 } 133 } 134 135 static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry, 136 struct kstat *stat) 137 { 138 int err; 139 enum ovl_path_type type; 140 struct path realpath; 141 142 type = ovl_path_real(dentry, &realpath); 143 err = vfs_getattr(&realpath, stat); 144 if (err) 145 return err; 146 147 stat->dev = dentry->d_sb->s_dev; 148 stat->ino = dentry->d_inode->i_ino; 149 150 /* 151 * It's probably not worth it to count subdirs to get the 152 * correct link count. nlink=1 seems to pacify 'find' and 153 * other utilities. 154 */ 155 if (OVL_TYPE_MERGE(type)) 156 stat->nlink = 1; 157 158 return 0; 159 } 160 161 static int ovl_create_upper(struct dentry *dentry, struct inode *inode, 162 struct kstat *stat, const char *link, 163 struct dentry *hardlink) 164 { 165 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 166 struct inode *udir = upperdir->d_inode; 167 struct dentry *newdentry; 168 int err; 169 170 inode_lock_nested(udir, I_MUTEX_PARENT); 171 newdentry = lookup_one_len(dentry->d_name.name, upperdir, 172 dentry->d_name.len); 173 err = PTR_ERR(newdentry); 174 if (IS_ERR(newdentry)) 175 goto out_unlock; 176 err = ovl_create_real(udir, newdentry, stat, link, hardlink, false); 177 if (err) 178 goto out_dput; 179 180 ovl_dentry_version_inc(dentry->d_parent); 181 ovl_dentry_update(dentry, newdentry); 182 ovl_copyattr(newdentry->d_inode, inode); 183 d_instantiate(dentry, inode); 184 newdentry = NULL; 185 out_dput: 186 dput(newdentry); 187 out_unlock: 188 inode_unlock(udir); 189 return err; 190 } 191 192 static int ovl_lock_rename_workdir(struct dentry *workdir, 193 struct dentry *upperdir) 194 { 195 /* Workdir should not be the same as upperdir */ 196 if (workdir == upperdir) 197 goto err; 198 199 /* Workdir should not be subdir of upperdir and vice versa */ 200 if (lock_rename(workdir, upperdir) != NULL) 201 goto err_unlock; 202 203 return 0; 204 205 err_unlock: 206 unlock_rename(workdir, upperdir); 207 err: 208 pr_err("overlayfs: failed to lock workdir+upperdir\n"); 209 return -EIO; 210 } 211 212 static struct dentry *ovl_clear_empty(struct dentry *dentry, 213 struct list_head *list) 214 { 215 struct dentry *workdir = ovl_workdir(dentry); 216 struct inode *wdir = workdir->d_inode; 217 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 218 struct inode *udir = upperdir->d_inode; 219 struct path upperpath; 220 struct dentry *upper; 221 struct dentry *opaquedir; 222 struct kstat stat; 223 int err; 224 225 if (WARN_ON(!workdir)) 226 return ERR_PTR(-EROFS); 227 228 err = ovl_lock_rename_workdir(workdir, upperdir); 229 if (err) 230 goto out; 231 232 ovl_path_upper(dentry, &upperpath); 233 err = vfs_getattr(&upperpath, &stat); 234 if (err) 235 goto out_unlock; 236 237 err = -ESTALE; 238 if (!S_ISDIR(stat.mode)) 239 goto out_unlock; 240 upper = upperpath.dentry; 241 if (upper->d_parent->d_inode != udir) 242 goto out_unlock; 243 244 opaquedir = ovl_lookup_temp(workdir, dentry); 245 err = PTR_ERR(opaquedir); 246 if (IS_ERR(opaquedir)) 247 goto out_unlock; 248 249 err = ovl_create_real(wdir, opaquedir, &stat, NULL, NULL, true); 250 if (err) 251 goto out_dput; 252 253 err = ovl_copy_xattr(upper, opaquedir); 254 if (err) 255 goto out_cleanup; 256 257 err = ovl_set_opaque(opaquedir); 258 if (err) 259 goto out_cleanup; 260 261 inode_lock(opaquedir->d_inode); 262 err = ovl_set_attr(opaquedir, &stat); 263 inode_unlock(opaquedir->d_inode); 264 if (err) 265 goto out_cleanup; 266 267 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE); 268 if (err) 269 goto out_cleanup; 270 271 ovl_cleanup_whiteouts(upper, list); 272 ovl_cleanup(wdir, upper); 273 unlock_rename(workdir, upperdir); 274 275 /* dentry's upper doesn't match now, get rid of it */ 276 d_drop(dentry); 277 278 return opaquedir; 279 280 out_cleanup: 281 ovl_cleanup(wdir, opaquedir); 282 out_dput: 283 dput(opaquedir); 284 out_unlock: 285 unlock_rename(workdir, upperdir); 286 out: 287 return ERR_PTR(err); 288 } 289 290 static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry) 291 { 292 int err; 293 struct dentry *ret = NULL; 294 LIST_HEAD(list); 295 296 err = ovl_check_empty_dir(dentry, &list); 297 if (err) 298 ret = ERR_PTR(err); 299 else { 300 /* 301 * If no upperdentry then skip clearing whiteouts. 302 * 303 * Can race with copy-up, since we don't hold the upperdir 304 * mutex. Doesn't matter, since copy-up can't create a 305 * non-empty directory from an empty one. 306 */ 307 if (ovl_dentry_upper(dentry)) 308 ret = ovl_clear_empty(dentry, &list); 309 } 310 311 ovl_cache_free(&list); 312 313 return ret; 314 } 315 316 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode, 317 struct kstat *stat, const char *link, 318 struct dentry *hardlink) 319 { 320 struct dentry *workdir = ovl_workdir(dentry); 321 struct inode *wdir = workdir->d_inode; 322 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 323 struct inode *udir = upperdir->d_inode; 324 struct dentry *upper; 325 struct dentry *newdentry; 326 int err; 327 328 if (WARN_ON(!workdir)) 329 return -EROFS; 330 331 err = ovl_lock_rename_workdir(workdir, upperdir); 332 if (err) 333 goto out; 334 335 newdentry = ovl_lookup_temp(workdir, dentry); 336 err = PTR_ERR(newdentry); 337 if (IS_ERR(newdentry)) 338 goto out_unlock; 339 340 upper = lookup_one_len(dentry->d_name.name, upperdir, 341 dentry->d_name.len); 342 err = PTR_ERR(upper); 343 if (IS_ERR(upper)) 344 goto out_dput; 345 346 err = ovl_create_real(wdir, newdentry, stat, link, hardlink, true); 347 if (err) 348 goto out_dput2; 349 350 if (S_ISDIR(stat->mode)) { 351 err = ovl_set_opaque(newdentry); 352 if (err) 353 goto out_cleanup; 354 355 err = ovl_do_rename(wdir, newdentry, udir, upper, 356 RENAME_EXCHANGE); 357 if (err) 358 goto out_cleanup; 359 360 ovl_cleanup(wdir, upper); 361 } else { 362 err = ovl_do_rename(wdir, newdentry, udir, upper, 0); 363 if (err) 364 goto out_cleanup; 365 } 366 ovl_dentry_version_inc(dentry->d_parent); 367 ovl_dentry_update(dentry, newdentry); 368 ovl_copyattr(newdentry->d_inode, inode); 369 d_instantiate(dentry, inode); 370 newdentry = NULL; 371 out_dput2: 372 dput(upper); 373 out_dput: 374 dput(newdentry); 375 out_unlock: 376 unlock_rename(workdir, upperdir); 377 out: 378 return err; 379 380 out_cleanup: 381 ovl_cleanup(wdir, newdentry); 382 goto out_dput2; 383 } 384 385 static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev, 386 const char *link, struct dentry *hardlink) 387 { 388 int err; 389 struct inode *inode; 390 struct kstat stat = { 391 .mode = mode, 392 .rdev = rdev, 393 }; 394 395 err = -ENOMEM; 396 inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata); 397 if (!inode) 398 goto out; 399 400 err = ovl_copy_up(dentry->d_parent); 401 if (err) 402 goto out_iput; 403 404 if (!ovl_dentry_is_opaque(dentry)) { 405 err = ovl_create_upper(dentry, inode, &stat, link, hardlink); 406 } else { 407 const struct cred *old_cred; 408 struct cred *override_cred; 409 410 err = -ENOMEM; 411 override_cred = prepare_creds(); 412 if (!override_cred) 413 goto out_iput; 414 415 /* 416 * CAP_SYS_ADMIN for setting opaque xattr 417 * CAP_DAC_OVERRIDE for create in workdir, rename 418 * CAP_FOWNER for removing whiteout from sticky dir 419 */ 420 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 421 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 422 cap_raise(override_cred->cap_effective, CAP_FOWNER); 423 old_cred = override_creds(override_cred); 424 425 err = ovl_create_over_whiteout(dentry, inode, &stat, link, 426 hardlink); 427 428 revert_creds(old_cred); 429 put_cred(override_cred); 430 } 431 432 if (!err) 433 inode = NULL; 434 out_iput: 435 iput(inode); 436 out: 437 return err; 438 } 439 440 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev, 441 const char *link) 442 { 443 int err; 444 445 err = ovl_want_write(dentry); 446 if (!err) { 447 err = ovl_create_or_link(dentry, mode, rdev, link, NULL); 448 ovl_drop_write(dentry); 449 } 450 451 return err; 452 } 453 454 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode, 455 bool excl) 456 { 457 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL); 458 } 459 460 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 461 { 462 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL); 463 } 464 465 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, 466 dev_t rdev) 467 { 468 /* Don't allow creation of "whiteout" on overlay */ 469 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV) 470 return -EPERM; 471 472 return ovl_create_object(dentry, mode, rdev, NULL); 473 } 474 475 static int ovl_symlink(struct inode *dir, struct dentry *dentry, 476 const char *link) 477 { 478 return ovl_create_object(dentry, S_IFLNK, 0, link); 479 } 480 481 static int ovl_link(struct dentry *old, struct inode *newdir, 482 struct dentry *new) 483 { 484 int err; 485 struct dentry *upper; 486 487 err = ovl_want_write(old); 488 if (err) 489 goto out; 490 491 err = ovl_copy_up(old); 492 if (err) 493 goto out_drop_write; 494 495 upper = ovl_dentry_upper(old); 496 err = ovl_create_or_link(new, upper->d_inode->i_mode, 0, NULL, upper); 497 498 out_drop_write: 499 ovl_drop_write(old); 500 out: 501 return err; 502 } 503 504 static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir) 505 { 506 struct dentry *workdir = ovl_workdir(dentry); 507 struct inode *wdir = workdir->d_inode; 508 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 509 struct inode *udir = upperdir->d_inode; 510 struct dentry *whiteout; 511 struct dentry *upper; 512 struct dentry *opaquedir = NULL; 513 int err; 514 515 if (WARN_ON(!workdir)) 516 return -EROFS; 517 518 if (is_dir) { 519 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry))) { 520 opaquedir = ovl_check_empty_and_clear(dentry); 521 err = PTR_ERR(opaquedir); 522 if (IS_ERR(opaquedir)) 523 goto out; 524 } else { 525 LIST_HEAD(list); 526 527 /* 528 * When removing an empty opaque directory, then it 529 * makes no sense to replace it with an exact replica of 530 * itself. But emptiness still needs to be checked. 531 */ 532 err = ovl_check_empty_dir(dentry, &list); 533 ovl_cache_free(&list); 534 if (err) 535 goto out; 536 } 537 } 538 539 err = ovl_lock_rename_workdir(workdir, upperdir); 540 if (err) 541 goto out_dput; 542 543 whiteout = ovl_whiteout(workdir, dentry); 544 err = PTR_ERR(whiteout); 545 if (IS_ERR(whiteout)) 546 goto out_unlock; 547 548 upper = ovl_dentry_upper(dentry); 549 if (!upper) { 550 upper = lookup_one_len(dentry->d_name.name, upperdir, 551 dentry->d_name.len); 552 err = PTR_ERR(upper); 553 if (IS_ERR(upper)) 554 goto kill_whiteout; 555 556 err = ovl_do_rename(wdir, whiteout, udir, upper, 0); 557 dput(upper); 558 if (err) 559 goto kill_whiteout; 560 } else { 561 int flags = 0; 562 563 if (opaquedir) 564 upper = opaquedir; 565 err = -ESTALE; 566 if (upper->d_parent != upperdir) 567 goto kill_whiteout; 568 569 if (is_dir) 570 flags |= RENAME_EXCHANGE; 571 572 err = ovl_do_rename(wdir, whiteout, udir, upper, flags); 573 if (err) 574 goto kill_whiteout; 575 576 if (is_dir) 577 ovl_cleanup(wdir, upper); 578 } 579 ovl_dentry_version_inc(dentry->d_parent); 580 out_d_drop: 581 d_drop(dentry); 582 dput(whiteout); 583 out_unlock: 584 unlock_rename(workdir, upperdir); 585 out_dput: 586 dput(opaquedir); 587 out: 588 return err; 589 590 kill_whiteout: 591 ovl_cleanup(wdir, whiteout); 592 goto out_d_drop; 593 } 594 595 static int ovl_remove_upper(struct dentry *dentry, bool is_dir) 596 { 597 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 598 struct inode *dir = upperdir->d_inode; 599 struct dentry *upper; 600 int err; 601 602 inode_lock_nested(dir, I_MUTEX_PARENT); 603 upper = lookup_one_len(dentry->d_name.name, upperdir, 604 dentry->d_name.len); 605 err = PTR_ERR(upper); 606 if (IS_ERR(upper)) 607 goto out_unlock; 608 609 err = -ESTALE; 610 if (upper == ovl_dentry_upper(dentry)) { 611 if (is_dir) 612 err = vfs_rmdir(dir, upper); 613 else 614 err = vfs_unlink(dir, upper, NULL); 615 ovl_dentry_version_inc(dentry->d_parent); 616 } 617 dput(upper); 618 619 /* 620 * Keeping this dentry hashed would mean having to release 621 * upperpath/lowerpath, which could only be done if we are the 622 * sole user of this dentry. Too tricky... Just unhash for 623 * now. 624 */ 625 if (!err) 626 d_drop(dentry); 627 out_unlock: 628 inode_unlock(dir); 629 630 return err; 631 } 632 633 static inline int ovl_check_sticky(struct dentry *dentry) 634 { 635 struct inode *dir = ovl_dentry_real(dentry->d_parent)->d_inode; 636 struct inode *inode = ovl_dentry_real(dentry)->d_inode; 637 638 if (check_sticky(dir, inode)) 639 return -EPERM; 640 641 return 0; 642 } 643 644 static int ovl_do_remove(struct dentry *dentry, bool is_dir) 645 { 646 enum ovl_path_type type; 647 int err; 648 649 err = ovl_check_sticky(dentry); 650 if (err) 651 goto out; 652 653 err = ovl_want_write(dentry); 654 if (err) 655 goto out; 656 657 err = ovl_copy_up(dentry->d_parent); 658 if (err) 659 goto out_drop_write; 660 661 type = ovl_path_type(dentry); 662 if (OVL_TYPE_PURE_UPPER(type)) { 663 err = ovl_remove_upper(dentry, is_dir); 664 } else { 665 const struct cred *old_cred; 666 struct cred *override_cred; 667 668 err = -ENOMEM; 669 override_cred = prepare_creds(); 670 if (!override_cred) 671 goto out_drop_write; 672 673 /* 674 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir 675 * CAP_DAC_OVERRIDE for create in workdir, rename 676 * CAP_FOWNER for removing whiteout from sticky dir 677 * CAP_FSETID for chmod of opaque dir 678 * CAP_CHOWN for chown of opaque dir 679 */ 680 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 681 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 682 cap_raise(override_cred->cap_effective, CAP_FOWNER); 683 cap_raise(override_cred->cap_effective, CAP_FSETID); 684 cap_raise(override_cred->cap_effective, CAP_CHOWN); 685 old_cred = override_creds(override_cred); 686 687 err = ovl_remove_and_whiteout(dentry, is_dir); 688 689 revert_creds(old_cred); 690 put_cred(override_cred); 691 } 692 out_drop_write: 693 ovl_drop_write(dentry); 694 out: 695 return err; 696 } 697 698 static int ovl_unlink(struct inode *dir, struct dentry *dentry) 699 { 700 return ovl_do_remove(dentry, false); 701 } 702 703 static int ovl_rmdir(struct inode *dir, struct dentry *dentry) 704 { 705 return ovl_do_remove(dentry, true); 706 } 707 708 static int ovl_rename2(struct inode *olddir, struct dentry *old, 709 struct inode *newdir, struct dentry *new, 710 unsigned int flags) 711 { 712 int err; 713 enum ovl_path_type old_type; 714 enum ovl_path_type new_type; 715 struct dentry *old_upperdir; 716 struct dentry *new_upperdir; 717 struct dentry *olddentry; 718 struct dentry *newdentry; 719 struct dentry *trap; 720 bool old_opaque; 721 bool new_opaque; 722 bool cleanup_whiteout = false; 723 bool overwrite = !(flags & RENAME_EXCHANGE); 724 bool is_dir = d_is_dir(old); 725 bool new_is_dir = false; 726 struct dentry *opaquedir = NULL; 727 const struct cred *old_cred = NULL; 728 struct cred *override_cred = NULL; 729 730 err = -EINVAL; 731 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE)) 732 goto out; 733 734 flags &= ~RENAME_NOREPLACE; 735 736 err = ovl_check_sticky(old); 737 if (err) 738 goto out; 739 740 /* Don't copy up directory trees */ 741 old_type = ovl_path_type(old); 742 err = -EXDEV; 743 if (OVL_TYPE_MERGE_OR_LOWER(old_type) && is_dir) 744 goto out; 745 746 if (new->d_inode) { 747 err = ovl_check_sticky(new); 748 if (err) 749 goto out; 750 751 if (d_is_dir(new)) 752 new_is_dir = true; 753 754 new_type = ovl_path_type(new); 755 err = -EXDEV; 756 if (!overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) 757 goto out; 758 759 err = 0; 760 if (!OVL_TYPE_UPPER(new_type) && !OVL_TYPE_UPPER(old_type)) { 761 if (ovl_dentry_lower(old)->d_inode == 762 ovl_dentry_lower(new)->d_inode) 763 goto out; 764 } 765 if (OVL_TYPE_UPPER(new_type) && OVL_TYPE_UPPER(old_type)) { 766 if (ovl_dentry_upper(old)->d_inode == 767 ovl_dentry_upper(new)->d_inode) 768 goto out; 769 } 770 } else { 771 if (ovl_dentry_is_opaque(new)) 772 new_type = __OVL_PATH_UPPER; 773 else 774 new_type = __OVL_PATH_UPPER | __OVL_PATH_PURE; 775 } 776 777 err = ovl_want_write(old); 778 if (err) 779 goto out; 780 781 err = ovl_copy_up(old); 782 if (err) 783 goto out_drop_write; 784 785 err = ovl_copy_up(new->d_parent); 786 if (err) 787 goto out_drop_write; 788 if (!overwrite) { 789 err = ovl_copy_up(new); 790 if (err) 791 goto out_drop_write; 792 } 793 794 old_opaque = !OVL_TYPE_PURE_UPPER(old_type); 795 new_opaque = !OVL_TYPE_PURE_UPPER(new_type); 796 797 if (old_opaque || new_opaque) { 798 err = -ENOMEM; 799 override_cred = prepare_creds(); 800 if (!override_cred) 801 goto out_drop_write; 802 803 /* 804 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir 805 * CAP_DAC_OVERRIDE for create in workdir 806 * CAP_FOWNER for removing whiteout from sticky dir 807 * CAP_FSETID for chmod of opaque dir 808 * CAP_CHOWN for chown of opaque dir 809 */ 810 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 811 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 812 cap_raise(override_cred->cap_effective, CAP_FOWNER); 813 cap_raise(override_cred->cap_effective, CAP_FSETID); 814 cap_raise(override_cred->cap_effective, CAP_CHOWN); 815 old_cred = override_creds(override_cred); 816 } 817 818 if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) { 819 opaquedir = ovl_check_empty_and_clear(new); 820 err = PTR_ERR(opaquedir); 821 if (IS_ERR(opaquedir)) { 822 opaquedir = NULL; 823 goto out_revert_creds; 824 } 825 } 826 827 if (overwrite) { 828 if (old_opaque) { 829 if (new->d_inode || !new_opaque) { 830 /* Whiteout source */ 831 flags |= RENAME_WHITEOUT; 832 } else { 833 /* Switch whiteouts */ 834 flags |= RENAME_EXCHANGE; 835 } 836 } else if (is_dir && !new->d_inode && new_opaque) { 837 flags |= RENAME_EXCHANGE; 838 cleanup_whiteout = true; 839 } 840 } 841 842 old_upperdir = ovl_dentry_upper(old->d_parent); 843 new_upperdir = ovl_dentry_upper(new->d_parent); 844 845 trap = lock_rename(new_upperdir, old_upperdir); 846 847 848 olddentry = lookup_one_len(old->d_name.name, old_upperdir, 849 old->d_name.len); 850 err = PTR_ERR(olddentry); 851 if (IS_ERR(olddentry)) 852 goto out_unlock; 853 854 err = -ESTALE; 855 if (olddentry != ovl_dentry_upper(old)) 856 goto out_dput_old; 857 858 newdentry = lookup_one_len(new->d_name.name, new_upperdir, 859 new->d_name.len); 860 err = PTR_ERR(newdentry); 861 if (IS_ERR(newdentry)) 862 goto out_dput_old; 863 864 err = -ESTALE; 865 if (ovl_dentry_upper(new)) { 866 if (opaquedir) { 867 if (newdentry != opaquedir) 868 goto out_dput; 869 } else { 870 if (newdentry != ovl_dentry_upper(new)) 871 goto out_dput; 872 } 873 } else { 874 if (!d_is_negative(newdentry) && 875 (!new_opaque || !ovl_is_whiteout(newdentry))) 876 goto out_dput; 877 } 878 879 if (olddentry == trap) 880 goto out_dput; 881 if (newdentry == trap) 882 goto out_dput; 883 884 if (is_dir && !old_opaque && new_opaque) { 885 err = ovl_set_opaque(olddentry); 886 if (err) 887 goto out_dput; 888 } 889 if (!overwrite && new_is_dir && old_opaque && !new_opaque) { 890 err = ovl_set_opaque(newdentry); 891 if (err) 892 goto out_dput; 893 } 894 895 if (old_opaque || new_opaque) { 896 err = ovl_do_rename(old_upperdir->d_inode, olddentry, 897 new_upperdir->d_inode, newdentry, 898 flags); 899 } else { 900 /* No debug for the plain case */ 901 BUG_ON(flags & ~RENAME_EXCHANGE); 902 err = vfs_rename(old_upperdir->d_inode, olddentry, 903 new_upperdir->d_inode, newdentry, 904 NULL, flags); 905 } 906 907 if (err) { 908 if (is_dir && !old_opaque && new_opaque) 909 ovl_remove_opaque(olddentry); 910 if (!overwrite && new_is_dir && old_opaque && !new_opaque) 911 ovl_remove_opaque(newdentry); 912 goto out_dput; 913 } 914 915 if (is_dir && old_opaque && !new_opaque) 916 ovl_remove_opaque(olddentry); 917 if (!overwrite && new_is_dir && !old_opaque && new_opaque) 918 ovl_remove_opaque(newdentry); 919 920 /* 921 * Old dentry now lives in different location. Dentries in 922 * lowerstack are stale. We cannot drop them here because 923 * access to them is lockless. This could be only pure upper 924 * or opaque directory - numlower is zero. Or upper non-dir 925 * entry - its pureness is tracked by flag opaque. 926 */ 927 if (old_opaque != new_opaque) { 928 ovl_dentry_set_opaque(old, new_opaque); 929 if (!overwrite) 930 ovl_dentry_set_opaque(new, old_opaque); 931 } 932 933 if (cleanup_whiteout) 934 ovl_cleanup(old_upperdir->d_inode, newdentry); 935 936 ovl_dentry_version_inc(old->d_parent); 937 ovl_dentry_version_inc(new->d_parent); 938 939 out_dput: 940 dput(newdentry); 941 out_dput_old: 942 dput(olddentry); 943 out_unlock: 944 unlock_rename(new_upperdir, old_upperdir); 945 out_revert_creds: 946 if (old_opaque || new_opaque) { 947 revert_creds(old_cred); 948 put_cred(override_cred); 949 } 950 out_drop_write: 951 ovl_drop_write(old); 952 out: 953 dput(opaquedir); 954 return err; 955 } 956 957 const struct inode_operations ovl_dir_inode_operations = { 958 .lookup = ovl_lookup, 959 .mkdir = ovl_mkdir, 960 .symlink = ovl_symlink, 961 .unlink = ovl_unlink, 962 .rmdir = ovl_rmdir, 963 .rename2 = ovl_rename2, 964 .link = ovl_link, 965 .setattr = ovl_setattr, 966 .create = ovl_create, 967 .mknod = ovl_mknod, 968 .permission = ovl_permission, 969 .getattr = ovl_dir_getattr, 970 .setxattr = ovl_setxattr, 971 .getxattr = ovl_getxattr, 972 .listxattr = ovl_listxattr, 973 .removexattr = ovl_removexattr, 974 }; 975