1 /* 2 * 3 * Copyright (C) 2011 Novell Inc. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 as published by 7 * the Free Software Foundation. 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/namei.h> 12 #include <linux/xattr.h> 13 #include <linux/security.h> 14 #include <linux/cred.h> 15 #include <linux/module.h> 16 #include <linux/posix_acl.h> 17 #include <linux/posix_acl_xattr.h> 18 #include <linux/atomic.h> 19 #include <linux/ratelimit.h> 20 #include "overlayfs.h" 21 22 static unsigned short ovl_redirect_max = 256; 23 module_param_named(redirect_max, ovl_redirect_max, ushort, 0644); 24 MODULE_PARM_DESC(ovl_redirect_max, 25 "Maximum length of absolute redirect xattr value"); 26 27 int ovl_cleanup(struct inode *wdir, struct dentry *wdentry) 28 { 29 int err; 30 31 dget(wdentry); 32 if (d_is_dir(wdentry)) 33 err = ovl_do_rmdir(wdir, wdentry); 34 else 35 err = ovl_do_unlink(wdir, wdentry); 36 dput(wdentry); 37 38 if (err) { 39 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n", 40 wdentry, err); 41 } 42 43 return err; 44 } 45 46 struct dentry *ovl_lookup_temp(struct dentry *workdir) 47 { 48 struct dentry *temp; 49 char name[20]; 50 static atomic_t temp_id = ATOMIC_INIT(0); 51 52 /* counter is allowed to wrap, since temp dentries are ephemeral */ 53 snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id)); 54 55 temp = lookup_one_len(name, workdir, strlen(name)); 56 if (!IS_ERR(temp) && temp->d_inode) { 57 pr_err("overlayfs: workdir/%s already exists\n", name); 58 dput(temp); 59 temp = ERR_PTR(-EIO); 60 } 61 62 return temp; 63 } 64 65 /* caller holds i_mutex on workdir */ 66 static struct dentry *ovl_whiteout(struct dentry *workdir, 67 struct dentry *dentry) 68 { 69 int err; 70 struct dentry *whiteout; 71 struct inode *wdir = workdir->d_inode; 72 73 whiteout = ovl_lookup_temp(workdir); 74 if (IS_ERR(whiteout)) 75 return whiteout; 76 77 err = ovl_do_whiteout(wdir, whiteout); 78 if (err) { 79 dput(whiteout); 80 whiteout = ERR_PTR(err); 81 } 82 83 return whiteout; 84 } 85 86 int ovl_create_real(struct inode *dir, struct dentry *newdentry, 87 struct cattr *attr, struct dentry *hardlink, bool debug) 88 { 89 int err; 90 91 if (newdentry->d_inode) 92 return -ESTALE; 93 94 if (hardlink) { 95 err = ovl_do_link(hardlink, dir, newdentry, debug); 96 } else { 97 switch (attr->mode & S_IFMT) { 98 case S_IFREG: 99 err = ovl_do_create(dir, newdentry, attr->mode, debug); 100 break; 101 102 case S_IFDIR: 103 err = ovl_do_mkdir(dir, newdentry, attr->mode, debug); 104 break; 105 106 case S_IFCHR: 107 case S_IFBLK: 108 case S_IFIFO: 109 case S_IFSOCK: 110 err = ovl_do_mknod(dir, newdentry, 111 attr->mode, attr->rdev, debug); 112 break; 113 114 case S_IFLNK: 115 err = ovl_do_symlink(dir, newdentry, attr->link, debug); 116 break; 117 118 default: 119 err = -EPERM; 120 } 121 } 122 if (!err && WARN_ON(!newdentry->d_inode)) { 123 /* 124 * Not quite sure if non-instantiated dentry is legal or not. 125 * VFS doesn't seem to care so check and warn here. 126 */ 127 err = -ENOENT; 128 } 129 return err; 130 } 131 132 static int ovl_set_opaque_xerr(struct dentry *dentry, struct dentry *upper, 133 int xerr) 134 { 135 int err; 136 137 err = ovl_check_setxattr(dentry, upper, OVL_XATTR_OPAQUE, "y", 1, xerr); 138 if (!err) 139 ovl_dentry_set_opaque(dentry); 140 141 return err; 142 } 143 144 static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry) 145 { 146 /* 147 * Fail with -EIO when trying to create opaque dir and upper doesn't 148 * support xattrs. ovl_rename() calls ovl_set_opaque_xerr(-EXDEV) to 149 * return a specific error for noxattr case. 150 */ 151 return ovl_set_opaque_xerr(dentry, upperdentry, -EIO); 152 } 153 154 /* Common operations required to be done after creation of file on upper */ 155 static void ovl_instantiate(struct dentry *dentry, struct inode *inode, 156 struct dentry *newdentry, bool hardlink) 157 { 158 ovl_dentry_version_inc(dentry->d_parent, false); 159 ovl_dentry_set_upper_alias(dentry); 160 if (!hardlink) { 161 ovl_inode_update(inode, newdentry); 162 ovl_copyattr(newdentry->d_inode, inode); 163 } else { 164 WARN_ON(ovl_inode_real(inode) != d_inode(newdentry)); 165 dput(newdentry); 166 inc_nlink(inode); 167 } 168 d_instantiate(dentry, inode); 169 /* Force lookup of new upper hardlink to find its lower */ 170 if (hardlink) 171 d_drop(dentry); 172 } 173 174 static bool ovl_type_merge(struct dentry *dentry) 175 { 176 return OVL_TYPE_MERGE(ovl_path_type(dentry)); 177 } 178 179 static bool ovl_type_origin(struct dentry *dentry) 180 { 181 return OVL_TYPE_ORIGIN(ovl_path_type(dentry)); 182 } 183 184 static int ovl_create_upper(struct dentry *dentry, struct inode *inode, 185 struct cattr *attr, struct dentry *hardlink) 186 { 187 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 188 struct inode *udir = upperdir->d_inode; 189 struct dentry *newdentry; 190 int err; 191 192 if (!hardlink && !IS_POSIXACL(udir)) 193 attr->mode &= ~current_umask(); 194 195 inode_lock_nested(udir, I_MUTEX_PARENT); 196 newdentry = lookup_one_len(dentry->d_name.name, upperdir, 197 dentry->d_name.len); 198 err = PTR_ERR(newdentry); 199 if (IS_ERR(newdentry)) 200 goto out_unlock; 201 err = ovl_create_real(udir, newdentry, attr, hardlink, false); 202 if (err) 203 goto out_dput; 204 205 if (ovl_type_merge(dentry->d_parent) && d_is_dir(newdentry)) { 206 /* Setting opaque here is just an optimization, allow to fail */ 207 ovl_set_opaque(dentry, newdentry); 208 } 209 210 ovl_instantiate(dentry, inode, newdentry, !!hardlink); 211 newdentry = NULL; 212 out_dput: 213 dput(newdentry); 214 out_unlock: 215 inode_unlock(udir); 216 return err; 217 } 218 219 static struct dentry *ovl_clear_empty(struct dentry *dentry, 220 struct list_head *list) 221 { 222 struct dentry *workdir = ovl_workdir(dentry); 223 struct inode *wdir = workdir->d_inode; 224 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 225 struct inode *udir = upperdir->d_inode; 226 struct path upperpath; 227 struct dentry *upper; 228 struct dentry *opaquedir; 229 struct kstat stat; 230 int err; 231 232 if (WARN_ON(!workdir)) 233 return ERR_PTR(-EROFS); 234 235 err = ovl_lock_rename_workdir(workdir, upperdir); 236 if (err) 237 goto out; 238 239 ovl_path_upper(dentry, &upperpath); 240 err = vfs_getattr(&upperpath, &stat, 241 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT); 242 if (err) 243 goto out_unlock; 244 245 err = -ESTALE; 246 if (!S_ISDIR(stat.mode)) 247 goto out_unlock; 248 upper = upperpath.dentry; 249 if (upper->d_parent->d_inode != udir) 250 goto out_unlock; 251 252 opaquedir = ovl_lookup_temp(workdir); 253 err = PTR_ERR(opaquedir); 254 if (IS_ERR(opaquedir)) 255 goto out_unlock; 256 257 err = ovl_create_real(wdir, opaquedir, 258 &(struct cattr){.mode = stat.mode}, NULL, true); 259 if (err) 260 goto out_dput; 261 262 err = ovl_copy_xattr(upper, opaquedir); 263 if (err) 264 goto out_cleanup; 265 266 err = ovl_set_opaque(dentry, opaquedir); 267 if (err) 268 goto out_cleanup; 269 270 inode_lock(opaquedir->d_inode); 271 err = ovl_set_attr(opaquedir, &stat); 272 inode_unlock(opaquedir->d_inode); 273 if (err) 274 goto out_cleanup; 275 276 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE); 277 if (err) 278 goto out_cleanup; 279 280 ovl_cleanup_whiteouts(upper, list); 281 ovl_cleanup(wdir, upper); 282 unlock_rename(workdir, upperdir); 283 284 /* dentry's upper doesn't match now, get rid of it */ 285 d_drop(dentry); 286 287 return opaquedir; 288 289 out_cleanup: 290 ovl_cleanup(wdir, opaquedir); 291 out_dput: 292 dput(opaquedir); 293 out_unlock: 294 unlock_rename(workdir, upperdir); 295 out: 296 return ERR_PTR(err); 297 } 298 299 static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry) 300 { 301 int err; 302 struct dentry *ret = NULL; 303 enum ovl_path_type type = ovl_path_type(dentry); 304 LIST_HEAD(list); 305 306 err = ovl_check_empty_dir(dentry, &list); 307 if (err) { 308 ret = ERR_PTR(err); 309 goto out_free; 310 } 311 312 /* 313 * When removing an empty opaque directory, then it makes no sense to 314 * replace it with an exact replica of itself. 315 * 316 * If no upperdentry then skip clearing whiteouts. 317 * 318 * Can race with copy-up, since we don't hold the upperdir mutex. 319 * Doesn't matter, since copy-up can't create a non-empty directory 320 * from an empty one. 321 */ 322 if (OVL_TYPE_UPPER(type) && OVL_TYPE_MERGE(type)) 323 ret = ovl_clear_empty(dentry, &list); 324 325 out_free: 326 ovl_cache_free(&list); 327 328 return ret; 329 } 330 331 static int ovl_set_upper_acl(struct dentry *upperdentry, const char *name, 332 const struct posix_acl *acl) 333 { 334 void *buffer; 335 size_t size; 336 int err; 337 338 if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !acl) 339 return 0; 340 341 size = posix_acl_to_xattr(NULL, acl, NULL, 0); 342 buffer = kmalloc(size, GFP_KERNEL); 343 if (!buffer) 344 return -ENOMEM; 345 346 size = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); 347 err = size; 348 if (err < 0) 349 goto out_free; 350 351 err = vfs_setxattr(upperdentry, name, buffer, size, XATTR_CREATE); 352 out_free: 353 kfree(buffer); 354 return err; 355 } 356 357 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode, 358 struct cattr *cattr, 359 struct dentry *hardlink) 360 { 361 struct dentry *workdir = ovl_workdir(dentry); 362 struct inode *wdir = workdir->d_inode; 363 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 364 struct inode *udir = upperdir->d_inode; 365 struct dentry *upper; 366 struct dentry *newdentry; 367 int err; 368 struct posix_acl *acl, *default_acl; 369 370 if (WARN_ON(!workdir)) 371 return -EROFS; 372 373 if (!hardlink) { 374 err = posix_acl_create(dentry->d_parent->d_inode, 375 &cattr->mode, &default_acl, &acl); 376 if (err) 377 return err; 378 } 379 380 err = ovl_lock_rename_workdir(workdir, upperdir); 381 if (err) 382 goto out; 383 384 newdentry = ovl_lookup_temp(workdir); 385 err = PTR_ERR(newdentry); 386 if (IS_ERR(newdentry)) 387 goto out_unlock; 388 389 upper = lookup_one_len(dentry->d_name.name, upperdir, 390 dentry->d_name.len); 391 err = PTR_ERR(upper); 392 if (IS_ERR(upper)) 393 goto out_dput; 394 395 err = ovl_create_real(wdir, newdentry, cattr, hardlink, true); 396 if (err) 397 goto out_dput2; 398 399 /* 400 * mode could have been mutilated due to umask (e.g. sgid directory) 401 */ 402 if (!hardlink && 403 !S_ISLNK(cattr->mode) && 404 newdentry->d_inode->i_mode != cattr->mode) { 405 struct iattr attr = { 406 .ia_valid = ATTR_MODE, 407 .ia_mode = cattr->mode, 408 }; 409 inode_lock(newdentry->d_inode); 410 err = notify_change(newdentry, &attr, NULL); 411 inode_unlock(newdentry->d_inode); 412 if (err) 413 goto out_cleanup; 414 } 415 if (!hardlink) { 416 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_ACCESS, 417 acl); 418 if (err) 419 goto out_cleanup; 420 421 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_DEFAULT, 422 default_acl); 423 if (err) 424 goto out_cleanup; 425 } 426 427 if (!hardlink && S_ISDIR(cattr->mode)) { 428 err = ovl_set_opaque(dentry, newdentry); 429 if (err) 430 goto out_cleanup; 431 432 err = ovl_do_rename(wdir, newdentry, udir, upper, 433 RENAME_EXCHANGE); 434 if (err) 435 goto out_cleanup; 436 437 ovl_cleanup(wdir, upper); 438 } else { 439 err = ovl_do_rename(wdir, newdentry, udir, upper, 0); 440 if (err) 441 goto out_cleanup; 442 } 443 ovl_instantiate(dentry, inode, newdentry, !!hardlink); 444 newdentry = NULL; 445 out_dput2: 446 dput(upper); 447 out_dput: 448 dput(newdentry); 449 out_unlock: 450 unlock_rename(workdir, upperdir); 451 out: 452 if (!hardlink) { 453 posix_acl_release(acl); 454 posix_acl_release(default_acl); 455 } 456 return err; 457 458 out_cleanup: 459 ovl_cleanup(wdir, newdentry); 460 goto out_dput2; 461 } 462 463 static int ovl_create_or_link(struct dentry *dentry, struct inode *inode, 464 struct cattr *attr, struct dentry *hardlink, 465 bool origin) 466 { 467 int err; 468 const struct cred *old_cred; 469 struct cred *override_cred; 470 struct dentry *parent = dentry->d_parent; 471 472 err = ovl_copy_up(parent); 473 if (err) 474 return err; 475 476 old_cred = ovl_override_creds(dentry->d_sb); 477 478 /* 479 * When linking a file with copy up origin into a new parent, mark the 480 * new parent dir "impure". 481 */ 482 if (origin) { 483 err = ovl_set_impure(parent, ovl_dentry_upper(parent)); 484 if (err) 485 goto out_revert_creds; 486 } 487 488 err = -ENOMEM; 489 override_cred = prepare_creds(); 490 if (override_cred) { 491 override_cred->fsuid = inode->i_uid; 492 override_cred->fsgid = inode->i_gid; 493 if (!hardlink) { 494 err = security_dentry_create_files_as(dentry, 495 attr->mode, &dentry->d_name, old_cred, 496 override_cred); 497 if (err) { 498 put_cred(override_cred); 499 goto out_revert_creds; 500 } 501 } 502 put_cred(override_creds(override_cred)); 503 put_cred(override_cred); 504 505 if (!ovl_dentry_is_whiteout(dentry)) 506 err = ovl_create_upper(dentry, inode, attr, 507 hardlink); 508 else 509 err = ovl_create_over_whiteout(dentry, inode, attr, 510 hardlink); 511 } 512 out_revert_creds: 513 revert_creds(old_cred); 514 if (!err) { 515 struct inode *realinode = d_inode(ovl_dentry_upper(dentry)); 516 517 WARN_ON(inode->i_mode != realinode->i_mode); 518 WARN_ON(!uid_eq(inode->i_uid, realinode->i_uid)); 519 WARN_ON(!gid_eq(inode->i_gid, realinode->i_gid)); 520 } 521 return err; 522 } 523 524 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev, 525 const char *link) 526 { 527 int err; 528 struct inode *inode; 529 struct cattr attr = { 530 .rdev = rdev, 531 .link = link, 532 }; 533 534 err = ovl_want_write(dentry); 535 if (err) 536 goto out; 537 538 err = -ENOMEM; 539 inode = ovl_new_inode(dentry->d_sb, mode, rdev); 540 if (!inode) 541 goto out_drop_write; 542 543 inode_init_owner(inode, dentry->d_parent->d_inode, mode); 544 attr.mode = inode->i_mode; 545 546 err = ovl_create_or_link(dentry, inode, &attr, NULL, false); 547 if (err) 548 iput(inode); 549 550 out_drop_write: 551 ovl_drop_write(dentry); 552 out: 553 return err; 554 } 555 556 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode, 557 bool excl) 558 { 559 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL); 560 } 561 562 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 563 { 564 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL); 565 } 566 567 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, 568 dev_t rdev) 569 { 570 /* Don't allow creation of "whiteout" on overlay */ 571 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV) 572 return -EPERM; 573 574 return ovl_create_object(dentry, mode, rdev, NULL); 575 } 576 577 static int ovl_symlink(struct inode *dir, struct dentry *dentry, 578 const char *link) 579 { 580 return ovl_create_object(dentry, S_IFLNK, 0, link); 581 } 582 583 static int ovl_link(struct dentry *old, struct inode *newdir, 584 struct dentry *new) 585 { 586 int err; 587 bool locked = false; 588 struct inode *inode; 589 590 err = ovl_want_write(old); 591 if (err) 592 goto out; 593 594 err = ovl_copy_up(old); 595 if (err) 596 goto out_drop_write; 597 598 err = ovl_nlink_start(old, &locked); 599 if (err) 600 goto out_drop_write; 601 602 inode = d_inode(old); 603 ihold(inode); 604 605 err = ovl_create_or_link(new, inode, NULL, ovl_dentry_upper(old), 606 ovl_type_origin(old)); 607 if (err) 608 iput(inode); 609 610 ovl_nlink_end(old, locked); 611 out_drop_write: 612 ovl_drop_write(old); 613 out: 614 return err; 615 } 616 617 static bool ovl_matches_upper(struct dentry *dentry, struct dentry *upper) 618 { 619 return d_inode(ovl_dentry_upper(dentry)) == d_inode(upper); 620 } 621 622 static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir) 623 { 624 struct dentry *workdir = ovl_workdir(dentry); 625 struct inode *wdir = workdir->d_inode; 626 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 627 struct inode *udir = upperdir->d_inode; 628 struct dentry *whiteout; 629 struct dentry *upper; 630 struct dentry *opaquedir = NULL; 631 int err; 632 int flags = 0; 633 634 if (WARN_ON(!workdir)) 635 return -EROFS; 636 637 if (is_dir) { 638 opaquedir = ovl_check_empty_and_clear(dentry); 639 err = PTR_ERR(opaquedir); 640 if (IS_ERR(opaquedir)) 641 goto out; 642 } 643 644 err = ovl_lock_rename_workdir(workdir, upperdir); 645 if (err) 646 goto out_dput; 647 648 upper = lookup_one_len(dentry->d_name.name, upperdir, 649 dentry->d_name.len); 650 err = PTR_ERR(upper); 651 if (IS_ERR(upper)) 652 goto out_unlock; 653 654 err = -ESTALE; 655 if ((opaquedir && upper != opaquedir) || 656 (!opaquedir && ovl_dentry_upper(dentry) && 657 !ovl_matches_upper(dentry, upper))) { 658 goto out_dput_upper; 659 } 660 661 whiteout = ovl_whiteout(workdir, dentry); 662 err = PTR_ERR(whiteout); 663 if (IS_ERR(whiteout)) 664 goto out_dput_upper; 665 666 if (d_is_dir(upper)) 667 flags = RENAME_EXCHANGE; 668 669 err = ovl_do_rename(wdir, whiteout, udir, upper, flags); 670 if (err) 671 goto kill_whiteout; 672 if (flags) 673 ovl_cleanup(wdir, upper); 674 675 ovl_dentry_version_inc(dentry->d_parent, true); 676 out_d_drop: 677 d_drop(dentry); 678 dput(whiteout); 679 out_dput_upper: 680 dput(upper); 681 out_unlock: 682 unlock_rename(workdir, upperdir); 683 out_dput: 684 dput(opaquedir); 685 out: 686 return err; 687 688 kill_whiteout: 689 ovl_cleanup(wdir, whiteout); 690 goto out_d_drop; 691 } 692 693 static int ovl_remove_upper(struct dentry *dentry, bool is_dir) 694 { 695 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 696 struct inode *dir = upperdir->d_inode; 697 struct dentry *upper; 698 struct dentry *opaquedir = NULL; 699 int err; 700 701 /* Redirect dir can be !ovl_lower_positive && OVL_TYPE_MERGE */ 702 if (is_dir && ovl_dentry_get_redirect(dentry)) { 703 opaquedir = ovl_check_empty_and_clear(dentry); 704 err = PTR_ERR(opaquedir); 705 if (IS_ERR(opaquedir)) 706 goto out; 707 } 708 709 inode_lock_nested(dir, I_MUTEX_PARENT); 710 upper = lookup_one_len(dentry->d_name.name, upperdir, 711 dentry->d_name.len); 712 err = PTR_ERR(upper); 713 if (IS_ERR(upper)) 714 goto out_unlock; 715 716 err = -ESTALE; 717 if ((opaquedir && upper != opaquedir) || 718 (!opaquedir && !ovl_matches_upper(dentry, upper))) 719 goto out_dput_upper; 720 721 if (is_dir) 722 err = vfs_rmdir(dir, upper); 723 else 724 err = vfs_unlink(dir, upper, NULL); 725 ovl_dentry_version_inc(dentry->d_parent, ovl_type_origin(dentry)); 726 727 /* 728 * Keeping this dentry hashed would mean having to release 729 * upperpath/lowerpath, which could only be done if we are the 730 * sole user of this dentry. Too tricky... Just unhash for 731 * now. 732 */ 733 if (!err) 734 d_drop(dentry); 735 out_dput_upper: 736 dput(upper); 737 out_unlock: 738 inode_unlock(dir); 739 dput(opaquedir); 740 out: 741 return err; 742 } 743 744 static int ovl_do_remove(struct dentry *dentry, bool is_dir) 745 { 746 int err; 747 bool locked = false; 748 const struct cred *old_cred; 749 750 err = ovl_want_write(dentry); 751 if (err) 752 goto out; 753 754 err = ovl_copy_up(dentry->d_parent); 755 if (err) 756 goto out_drop_write; 757 758 err = ovl_nlink_start(dentry, &locked); 759 if (err) 760 goto out_drop_write; 761 762 old_cred = ovl_override_creds(dentry->d_sb); 763 if (!ovl_lower_positive(dentry)) 764 err = ovl_remove_upper(dentry, is_dir); 765 else 766 err = ovl_remove_and_whiteout(dentry, is_dir); 767 revert_creds(old_cred); 768 if (!err) { 769 if (is_dir) 770 clear_nlink(dentry->d_inode); 771 else 772 drop_nlink(dentry->d_inode); 773 } 774 ovl_nlink_end(dentry, locked); 775 out_drop_write: 776 ovl_drop_write(dentry); 777 out: 778 return err; 779 } 780 781 static int ovl_unlink(struct inode *dir, struct dentry *dentry) 782 { 783 return ovl_do_remove(dentry, false); 784 } 785 786 static int ovl_rmdir(struct inode *dir, struct dentry *dentry) 787 { 788 return ovl_do_remove(dentry, true); 789 } 790 791 static bool ovl_type_merge_or_lower(struct dentry *dentry) 792 { 793 enum ovl_path_type type = ovl_path_type(dentry); 794 795 return OVL_TYPE_MERGE(type) || !OVL_TYPE_UPPER(type); 796 } 797 798 static bool ovl_can_move(struct dentry *dentry) 799 { 800 return ovl_redirect_dir(dentry->d_sb) || 801 !d_is_dir(dentry) || !ovl_type_merge_or_lower(dentry); 802 } 803 804 static char *ovl_get_redirect(struct dentry *dentry, bool samedir) 805 { 806 char *buf, *ret; 807 struct dentry *d, *tmp; 808 int buflen = ovl_redirect_max + 1; 809 810 if (samedir) { 811 ret = kstrndup(dentry->d_name.name, dentry->d_name.len, 812 GFP_KERNEL); 813 goto out; 814 } 815 816 buf = ret = kmalloc(buflen, GFP_KERNEL); 817 if (!buf) 818 goto out; 819 820 buflen--; 821 buf[buflen] = '\0'; 822 for (d = dget(dentry); !IS_ROOT(d);) { 823 const char *name; 824 int thislen; 825 826 spin_lock(&d->d_lock); 827 name = ovl_dentry_get_redirect(d); 828 if (name) { 829 thislen = strlen(name); 830 } else { 831 name = d->d_name.name; 832 thislen = d->d_name.len; 833 } 834 835 /* If path is too long, fall back to userspace move */ 836 if (thislen + (name[0] != '/') > buflen) { 837 ret = ERR_PTR(-EXDEV); 838 spin_unlock(&d->d_lock); 839 goto out_put; 840 } 841 842 buflen -= thislen; 843 memcpy(&buf[buflen], name, thislen); 844 tmp = dget_dlock(d->d_parent); 845 spin_unlock(&d->d_lock); 846 847 dput(d); 848 d = tmp; 849 850 /* Absolute redirect: finished */ 851 if (buf[buflen] == '/') 852 break; 853 buflen--; 854 buf[buflen] = '/'; 855 } 856 ret = kstrdup(&buf[buflen], GFP_KERNEL); 857 out_put: 858 dput(d); 859 kfree(buf); 860 out: 861 return ret ? ret : ERR_PTR(-ENOMEM); 862 } 863 864 static int ovl_set_redirect(struct dentry *dentry, bool samedir) 865 { 866 int err; 867 const char *redirect = ovl_dentry_get_redirect(dentry); 868 869 if (redirect && (samedir || redirect[0] == '/')) 870 return 0; 871 872 redirect = ovl_get_redirect(dentry, samedir); 873 if (IS_ERR(redirect)) 874 return PTR_ERR(redirect); 875 876 err = ovl_check_setxattr(dentry, ovl_dentry_upper(dentry), 877 OVL_XATTR_REDIRECT, 878 redirect, strlen(redirect), -EXDEV); 879 if (!err) { 880 spin_lock(&dentry->d_lock); 881 ovl_dentry_set_redirect(dentry, redirect); 882 spin_unlock(&dentry->d_lock); 883 } else { 884 kfree(redirect); 885 pr_warn_ratelimited("overlay: failed to set redirect (%i)\n", err); 886 /* Fall back to userspace copy-up */ 887 err = -EXDEV; 888 } 889 return err; 890 } 891 892 static int ovl_rename(struct inode *olddir, struct dentry *old, 893 struct inode *newdir, struct dentry *new, 894 unsigned int flags) 895 { 896 int err; 897 bool locked = false; 898 struct dentry *old_upperdir; 899 struct dentry *new_upperdir; 900 struct dentry *olddentry; 901 struct dentry *newdentry; 902 struct dentry *trap; 903 bool old_opaque; 904 bool new_opaque; 905 bool cleanup_whiteout = false; 906 bool overwrite = !(flags & RENAME_EXCHANGE); 907 bool is_dir = d_is_dir(old); 908 bool new_is_dir = d_is_dir(new); 909 bool samedir = olddir == newdir; 910 struct dentry *opaquedir = NULL; 911 const struct cred *old_cred = NULL; 912 913 err = -EINVAL; 914 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE)) 915 goto out; 916 917 flags &= ~RENAME_NOREPLACE; 918 919 /* Don't copy up directory trees */ 920 err = -EXDEV; 921 if (!ovl_can_move(old)) 922 goto out; 923 if (!overwrite && !ovl_can_move(new)) 924 goto out; 925 926 err = ovl_want_write(old); 927 if (err) 928 goto out; 929 930 err = ovl_copy_up(old); 931 if (err) 932 goto out_drop_write; 933 934 err = ovl_copy_up(new->d_parent); 935 if (err) 936 goto out_drop_write; 937 if (!overwrite) { 938 err = ovl_copy_up(new); 939 if (err) 940 goto out_drop_write; 941 } else { 942 err = ovl_nlink_start(new, &locked); 943 if (err) 944 goto out_drop_write; 945 } 946 947 old_cred = ovl_override_creds(old->d_sb); 948 949 if (overwrite && new_is_dir && ovl_type_merge_or_lower(new)) { 950 opaquedir = ovl_check_empty_and_clear(new); 951 err = PTR_ERR(opaquedir); 952 if (IS_ERR(opaquedir)) { 953 opaquedir = NULL; 954 goto out_revert_creds; 955 } 956 } 957 958 if (overwrite) { 959 if (ovl_lower_positive(old)) { 960 if (!ovl_dentry_is_whiteout(new)) { 961 /* Whiteout source */ 962 flags |= RENAME_WHITEOUT; 963 } else { 964 /* Switch whiteouts */ 965 flags |= RENAME_EXCHANGE; 966 } 967 } else if (is_dir && ovl_dentry_is_whiteout(new)) { 968 flags |= RENAME_EXCHANGE; 969 cleanup_whiteout = true; 970 } 971 } 972 973 old_upperdir = ovl_dentry_upper(old->d_parent); 974 new_upperdir = ovl_dentry_upper(new->d_parent); 975 976 if (!samedir) { 977 /* 978 * When moving a merge dir or non-dir with copy up origin into 979 * a new parent, we are marking the new parent dir "impure". 980 * When ovl_iterate() iterates an "impure" upper dir, it will 981 * lookup the origin inodes of the entries to fill d_ino. 982 */ 983 if (ovl_type_origin(old)) { 984 err = ovl_set_impure(new->d_parent, new_upperdir); 985 if (err) 986 goto out_revert_creds; 987 } 988 if (!overwrite && ovl_type_origin(new)) { 989 err = ovl_set_impure(old->d_parent, old_upperdir); 990 if (err) 991 goto out_revert_creds; 992 } 993 } 994 995 trap = lock_rename(new_upperdir, old_upperdir); 996 997 olddentry = lookup_one_len(old->d_name.name, old_upperdir, 998 old->d_name.len); 999 err = PTR_ERR(olddentry); 1000 if (IS_ERR(olddentry)) 1001 goto out_unlock; 1002 1003 err = -ESTALE; 1004 if (!ovl_matches_upper(old, olddentry)) 1005 goto out_dput_old; 1006 1007 newdentry = lookup_one_len(new->d_name.name, new_upperdir, 1008 new->d_name.len); 1009 err = PTR_ERR(newdentry); 1010 if (IS_ERR(newdentry)) 1011 goto out_dput_old; 1012 1013 old_opaque = ovl_dentry_is_opaque(old); 1014 new_opaque = ovl_dentry_is_opaque(new); 1015 1016 err = -ESTALE; 1017 if (d_inode(new) && ovl_dentry_upper(new)) { 1018 if (opaquedir) { 1019 if (newdentry != opaquedir) 1020 goto out_dput; 1021 } else { 1022 if (!ovl_matches_upper(new, newdentry)) 1023 goto out_dput; 1024 } 1025 } else { 1026 if (!d_is_negative(newdentry) && 1027 (!new_opaque || !ovl_is_whiteout(newdentry))) 1028 goto out_dput; 1029 } 1030 1031 if (olddentry == trap) 1032 goto out_dput; 1033 if (newdentry == trap) 1034 goto out_dput; 1035 1036 if (WARN_ON(olddentry->d_inode == newdentry->d_inode)) 1037 goto out_dput; 1038 1039 err = 0; 1040 if (is_dir) { 1041 if (ovl_type_merge_or_lower(old)) 1042 err = ovl_set_redirect(old, samedir); 1043 else if (!old_opaque && ovl_type_merge(new->d_parent)) 1044 err = ovl_set_opaque_xerr(old, olddentry, -EXDEV); 1045 if (err) 1046 goto out_dput; 1047 } 1048 if (!overwrite && new_is_dir) { 1049 if (ovl_type_merge_or_lower(new)) 1050 err = ovl_set_redirect(new, samedir); 1051 else if (!new_opaque && ovl_type_merge(old->d_parent)) 1052 err = ovl_set_opaque_xerr(new, newdentry, -EXDEV); 1053 if (err) 1054 goto out_dput; 1055 } 1056 1057 err = ovl_do_rename(old_upperdir->d_inode, olddentry, 1058 new_upperdir->d_inode, newdentry, flags); 1059 if (err) 1060 goto out_dput; 1061 1062 if (cleanup_whiteout) 1063 ovl_cleanup(old_upperdir->d_inode, newdentry); 1064 1065 if (overwrite && d_inode(new)) { 1066 if (new_is_dir) 1067 clear_nlink(d_inode(new)); 1068 else 1069 drop_nlink(d_inode(new)); 1070 } 1071 1072 ovl_dentry_version_inc(old->d_parent, 1073 !overwrite && ovl_type_origin(new)); 1074 ovl_dentry_version_inc(new->d_parent, ovl_type_origin(old)); 1075 1076 out_dput: 1077 dput(newdentry); 1078 out_dput_old: 1079 dput(olddentry); 1080 out_unlock: 1081 unlock_rename(new_upperdir, old_upperdir); 1082 out_revert_creds: 1083 revert_creds(old_cred); 1084 ovl_nlink_end(new, locked); 1085 out_drop_write: 1086 ovl_drop_write(old); 1087 out: 1088 dput(opaquedir); 1089 return err; 1090 } 1091 1092 const struct inode_operations ovl_dir_inode_operations = { 1093 .lookup = ovl_lookup, 1094 .mkdir = ovl_mkdir, 1095 .symlink = ovl_symlink, 1096 .unlink = ovl_unlink, 1097 .rmdir = ovl_rmdir, 1098 .rename = ovl_rename, 1099 .link = ovl_link, 1100 .setattr = ovl_setattr, 1101 .create = ovl_create, 1102 .mknod = ovl_mknod, 1103 .permission = ovl_permission, 1104 .getattr = ovl_getattr, 1105 .listxattr = ovl_listxattr, 1106 .get_acl = ovl_get_acl, 1107 .update_time = ovl_update_time, 1108 }; 1109