1 /* 2 * Copyright (C) 2017 Red Hat, Inc. 3 * 4 * This program is free software; you can redistribute it and/or modify it 5 * under the terms of the GNU General Public License version 2 as published by 6 * the Free Software Foundation. 7 */ 8 9 #include <linux/cred.h> 10 #include <linux/file.h> 11 #include <linux/mount.h> 12 #include <linux/xattr.h> 13 #include <linux/uio.h> 14 #include "overlayfs.h" 15 16 static char ovl_whatisit(struct inode *inode, struct inode *realinode) 17 { 18 if (realinode != ovl_inode_upper(inode)) 19 return 'l'; 20 if (ovl_has_upperdata(inode)) 21 return 'u'; 22 else 23 return 'm'; 24 } 25 26 static struct file *ovl_open_realfile(const struct file *file, 27 struct inode *realinode) 28 { 29 struct inode *inode = file_inode(file); 30 struct file *realfile; 31 const struct cred *old_cred; 32 33 old_cred = ovl_override_creds(inode->i_sb); 34 realfile = open_with_fake_path(&file->f_path, file->f_flags | O_NOATIME, 35 realinode, current_cred()); 36 revert_creds(old_cred); 37 38 pr_debug("open(%p[%pD2/%c], 0%o) -> (%p, 0%o)\n", 39 file, file, ovl_whatisit(inode, realinode), file->f_flags, 40 realfile, IS_ERR(realfile) ? 0 : realfile->f_flags); 41 42 return realfile; 43 } 44 45 #define OVL_SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT) 46 47 static int ovl_change_flags(struct file *file, unsigned int flags) 48 { 49 struct inode *inode = file_inode(file); 50 int err; 51 52 /* No atime modificaton on underlying */ 53 flags |= O_NOATIME; 54 55 /* If some flag changed that cannot be changed then something's amiss */ 56 if (WARN_ON((file->f_flags ^ flags) & ~OVL_SETFL_MASK)) 57 return -EIO; 58 59 flags &= OVL_SETFL_MASK; 60 61 if (((flags ^ file->f_flags) & O_APPEND) && IS_APPEND(inode)) 62 return -EPERM; 63 64 if (flags & O_DIRECT) { 65 if (!file->f_mapping->a_ops || 66 !file->f_mapping->a_ops->direct_IO) 67 return -EINVAL; 68 } 69 70 if (file->f_op->check_flags) { 71 err = file->f_op->check_flags(flags); 72 if (err) 73 return err; 74 } 75 76 spin_lock(&file->f_lock); 77 file->f_flags = (file->f_flags & ~OVL_SETFL_MASK) | flags; 78 spin_unlock(&file->f_lock); 79 80 return 0; 81 } 82 83 static int ovl_real_fdget_meta(const struct file *file, struct fd *real, 84 bool allow_meta) 85 { 86 struct inode *inode = file_inode(file); 87 struct inode *realinode; 88 89 real->flags = 0; 90 real->file = file->private_data; 91 92 if (allow_meta) 93 realinode = ovl_inode_real(inode); 94 else 95 realinode = ovl_inode_realdata(inode); 96 97 /* Has it been copied up since we'd opened it? */ 98 if (unlikely(file_inode(real->file) != realinode)) { 99 real->flags = FDPUT_FPUT; 100 real->file = ovl_open_realfile(file, realinode); 101 102 return PTR_ERR_OR_ZERO(real->file); 103 } 104 105 /* Did the flags change since open? */ 106 if (unlikely((file->f_flags ^ real->file->f_flags) & ~O_NOATIME)) 107 return ovl_change_flags(real->file, file->f_flags); 108 109 return 0; 110 } 111 112 static int ovl_real_fdget(const struct file *file, struct fd *real) 113 { 114 return ovl_real_fdget_meta(file, real, false); 115 } 116 117 static int ovl_open(struct inode *inode, struct file *file) 118 { 119 struct dentry *dentry = file_dentry(file); 120 struct file *realfile; 121 int err; 122 123 err = ovl_open_maybe_copy_up(dentry, file->f_flags); 124 if (err) 125 return err; 126 127 /* No longer need these flags, so don't pass them on to underlying fs */ 128 file->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); 129 130 realfile = ovl_open_realfile(file, ovl_inode_realdata(inode)); 131 if (IS_ERR(realfile)) 132 return PTR_ERR(realfile); 133 134 file->private_data = realfile; 135 136 return 0; 137 } 138 139 static int ovl_release(struct inode *inode, struct file *file) 140 { 141 fput(file->private_data); 142 143 return 0; 144 } 145 146 static loff_t ovl_llseek(struct file *file, loff_t offset, int whence) 147 { 148 struct inode *realinode = ovl_inode_real(file_inode(file)); 149 150 return generic_file_llseek_size(file, offset, whence, 151 realinode->i_sb->s_maxbytes, 152 i_size_read(realinode)); 153 } 154 155 static void ovl_file_accessed(struct file *file) 156 { 157 struct inode *inode, *upperinode; 158 159 if (file->f_flags & O_NOATIME) 160 return; 161 162 inode = file_inode(file); 163 upperinode = ovl_inode_upper(inode); 164 165 if (!upperinode) 166 return; 167 168 if ((!timespec64_equal(&inode->i_mtime, &upperinode->i_mtime) || 169 !timespec64_equal(&inode->i_ctime, &upperinode->i_ctime))) { 170 inode->i_mtime = upperinode->i_mtime; 171 inode->i_ctime = upperinode->i_ctime; 172 } 173 174 touch_atime(&file->f_path); 175 } 176 177 static rwf_t ovl_iocb_to_rwf(struct kiocb *iocb) 178 { 179 int ifl = iocb->ki_flags; 180 rwf_t flags = 0; 181 182 if (ifl & IOCB_NOWAIT) 183 flags |= RWF_NOWAIT; 184 if (ifl & IOCB_HIPRI) 185 flags |= RWF_HIPRI; 186 if (ifl & IOCB_DSYNC) 187 flags |= RWF_DSYNC; 188 if (ifl & IOCB_SYNC) 189 flags |= RWF_SYNC; 190 191 return flags; 192 } 193 194 static ssize_t ovl_read_iter(struct kiocb *iocb, struct iov_iter *iter) 195 { 196 struct file *file = iocb->ki_filp; 197 struct fd real; 198 const struct cred *old_cred; 199 ssize_t ret; 200 201 if (!iov_iter_count(iter)) 202 return 0; 203 204 ret = ovl_real_fdget(file, &real); 205 if (ret) 206 return ret; 207 208 old_cred = ovl_override_creds(file_inode(file)->i_sb); 209 ret = vfs_iter_read(real.file, iter, &iocb->ki_pos, 210 ovl_iocb_to_rwf(iocb)); 211 revert_creds(old_cred); 212 213 ovl_file_accessed(file); 214 215 fdput(real); 216 217 return ret; 218 } 219 220 static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter) 221 { 222 struct file *file = iocb->ki_filp; 223 struct inode *inode = file_inode(file); 224 struct fd real; 225 const struct cred *old_cred; 226 ssize_t ret; 227 228 if (!iov_iter_count(iter)) 229 return 0; 230 231 inode_lock(inode); 232 /* Update mode */ 233 ovl_copyattr(ovl_inode_real(inode), inode); 234 ret = file_remove_privs(file); 235 if (ret) 236 goto out_unlock; 237 238 ret = ovl_real_fdget(file, &real); 239 if (ret) 240 goto out_unlock; 241 242 old_cred = ovl_override_creds(file_inode(file)->i_sb); 243 ret = vfs_iter_write(real.file, iter, &iocb->ki_pos, 244 ovl_iocb_to_rwf(iocb)); 245 revert_creds(old_cred); 246 247 /* Update size */ 248 ovl_copyattr(ovl_inode_real(inode), inode); 249 250 fdput(real); 251 252 out_unlock: 253 inode_unlock(inode); 254 255 return ret; 256 } 257 258 static int ovl_fsync(struct file *file, loff_t start, loff_t end, int datasync) 259 { 260 struct fd real; 261 const struct cred *old_cred; 262 int ret; 263 264 ret = ovl_real_fdget_meta(file, &real, !datasync); 265 if (ret) 266 return ret; 267 268 /* Don't sync lower file for fear of receiving EROFS error */ 269 if (file_inode(real.file) == ovl_inode_upper(file_inode(file))) { 270 old_cred = ovl_override_creds(file_inode(file)->i_sb); 271 ret = vfs_fsync_range(real.file, start, end, datasync); 272 revert_creds(old_cred); 273 } 274 275 fdput(real); 276 277 return ret; 278 } 279 280 static int ovl_mmap(struct file *file, struct vm_area_struct *vma) 281 { 282 struct file *realfile = file->private_data; 283 const struct cred *old_cred; 284 int ret; 285 286 if (!realfile->f_op->mmap) 287 return -ENODEV; 288 289 if (WARN_ON(file != vma->vm_file)) 290 return -EIO; 291 292 vma->vm_file = get_file(realfile); 293 294 old_cred = ovl_override_creds(file_inode(file)->i_sb); 295 ret = call_mmap(vma->vm_file, vma); 296 revert_creds(old_cred); 297 298 if (ret) { 299 /* Drop reference count from new vm_file value */ 300 fput(realfile); 301 } else { 302 /* Drop reference count from previous vm_file value */ 303 fput(file); 304 } 305 306 ovl_file_accessed(file); 307 308 return ret; 309 } 310 311 static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len) 312 { 313 struct inode *inode = file_inode(file); 314 struct fd real; 315 const struct cred *old_cred; 316 int ret; 317 318 ret = ovl_real_fdget(file, &real); 319 if (ret) 320 return ret; 321 322 old_cred = ovl_override_creds(file_inode(file)->i_sb); 323 ret = vfs_fallocate(real.file, mode, offset, len); 324 revert_creds(old_cred); 325 326 /* Update size */ 327 ovl_copyattr(ovl_inode_real(inode), inode); 328 329 fdput(real); 330 331 return ret; 332 } 333 334 static int ovl_fadvise(struct file *file, loff_t offset, loff_t len, int advice) 335 { 336 struct fd real; 337 const struct cred *old_cred; 338 int ret; 339 340 ret = ovl_real_fdget(file, &real); 341 if (ret) 342 return ret; 343 344 old_cred = ovl_override_creds(file_inode(file)->i_sb); 345 ret = vfs_fadvise(real.file, offset, len, advice); 346 revert_creds(old_cred); 347 348 fdput(real); 349 350 return ret; 351 } 352 353 static long ovl_real_ioctl(struct file *file, unsigned int cmd, 354 unsigned long arg) 355 { 356 struct fd real; 357 const struct cred *old_cred; 358 long ret; 359 360 ret = ovl_real_fdget(file, &real); 361 if (ret) 362 return ret; 363 364 old_cred = ovl_override_creds(file_inode(file)->i_sb); 365 ret = vfs_ioctl(real.file, cmd, arg); 366 revert_creds(old_cred); 367 368 fdput(real); 369 370 return ret; 371 } 372 373 static long ovl_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 374 { 375 long ret; 376 struct inode *inode = file_inode(file); 377 378 switch (cmd) { 379 case FS_IOC_GETFLAGS: 380 ret = ovl_real_ioctl(file, cmd, arg); 381 break; 382 383 case FS_IOC_SETFLAGS: 384 if (!inode_owner_or_capable(inode)) 385 return -EACCES; 386 387 ret = mnt_want_write_file(file); 388 if (ret) 389 return ret; 390 391 ret = ovl_copy_up_with_data(file_dentry(file)); 392 if (!ret) { 393 ret = ovl_real_ioctl(file, cmd, arg); 394 395 inode_lock(inode); 396 ovl_copyflags(ovl_inode_real(inode), inode); 397 inode_unlock(inode); 398 } 399 400 mnt_drop_write_file(file); 401 break; 402 403 default: 404 ret = -ENOTTY; 405 } 406 407 return ret; 408 } 409 410 static long ovl_compat_ioctl(struct file *file, unsigned int cmd, 411 unsigned long arg) 412 { 413 switch (cmd) { 414 case FS_IOC32_GETFLAGS: 415 cmd = FS_IOC_GETFLAGS; 416 break; 417 418 case FS_IOC32_SETFLAGS: 419 cmd = FS_IOC_SETFLAGS; 420 break; 421 422 default: 423 return -ENOIOCTLCMD; 424 } 425 426 return ovl_ioctl(file, cmd, arg); 427 } 428 429 enum ovl_copyop { 430 OVL_COPY, 431 OVL_CLONE, 432 OVL_DEDUPE, 433 }; 434 435 static ssize_t ovl_copyfile(struct file *file_in, loff_t pos_in, 436 struct file *file_out, loff_t pos_out, 437 u64 len, unsigned int flags, enum ovl_copyop op) 438 { 439 struct inode *inode_out = file_inode(file_out); 440 struct fd real_in, real_out; 441 const struct cred *old_cred; 442 ssize_t ret; 443 444 ret = ovl_real_fdget(file_out, &real_out); 445 if (ret) 446 return ret; 447 448 ret = ovl_real_fdget(file_in, &real_in); 449 if (ret) { 450 fdput(real_out); 451 return ret; 452 } 453 454 old_cred = ovl_override_creds(file_inode(file_out)->i_sb); 455 switch (op) { 456 case OVL_COPY: 457 ret = vfs_copy_file_range(real_in.file, pos_in, 458 real_out.file, pos_out, len, flags); 459 break; 460 461 case OVL_CLONE: 462 ret = vfs_clone_file_range(real_in.file, pos_in, 463 real_out.file, pos_out, len); 464 break; 465 466 case OVL_DEDUPE: 467 ret = vfs_dedupe_file_range_one(real_in.file, pos_in, 468 real_out.file, pos_out, len); 469 break; 470 } 471 revert_creds(old_cred); 472 473 /* Update size */ 474 ovl_copyattr(ovl_inode_real(inode_out), inode_out); 475 476 fdput(real_in); 477 fdput(real_out); 478 479 return ret; 480 } 481 482 static ssize_t ovl_copy_file_range(struct file *file_in, loff_t pos_in, 483 struct file *file_out, loff_t pos_out, 484 size_t len, unsigned int flags) 485 { 486 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, flags, 487 OVL_COPY); 488 } 489 490 static int ovl_clone_file_range(struct file *file_in, loff_t pos_in, 491 struct file *file_out, loff_t pos_out, u64 len) 492 { 493 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, 0, 494 OVL_CLONE); 495 } 496 497 static int ovl_dedupe_file_range(struct file *file_in, loff_t pos_in, 498 struct file *file_out, loff_t pos_out, u64 len) 499 { 500 /* 501 * Don't copy up because of a dedupe request, this wouldn't make sense 502 * most of the time (data would be duplicated instead of deduplicated). 503 */ 504 if (!ovl_inode_upper(file_inode(file_in)) || 505 !ovl_inode_upper(file_inode(file_out))) 506 return -EPERM; 507 508 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, 0, 509 OVL_DEDUPE); 510 } 511 512 const struct file_operations ovl_file_operations = { 513 .open = ovl_open, 514 .release = ovl_release, 515 .llseek = ovl_llseek, 516 .read_iter = ovl_read_iter, 517 .write_iter = ovl_write_iter, 518 .fsync = ovl_fsync, 519 .mmap = ovl_mmap, 520 .fallocate = ovl_fallocate, 521 .fadvise = ovl_fadvise, 522 .unlocked_ioctl = ovl_ioctl, 523 .compat_ioctl = ovl_compat_ioctl, 524 525 .copy_file_range = ovl_copy_file_range, 526 .clone_file_range = ovl_clone_file_range, 527 .dedupe_file_range = ovl_dedupe_file_range, 528 }; 529