1 /* 2 * Copyright (C) 2017 Red Hat, Inc. 3 * 4 * This program is free software; you can redistribute it and/or modify it 5 * under the terms of the GNU General Public License version 2 as published by 6 * the Free Software Foundation. 7 */ 8 9 #include <linux/cred.h> 10 #include <linux/file.h> 11 #include <linux/mount.h> 12 #include <linux/xattr.h> 13 #include <linux/uio.h> 14 #include "overlayfs.h" 15 16 static char ovl_whatisit(struct inode *inode, struct inode *realinode) 17 { 18 if (realinode != ovl_inode_upper(inode)) 19 return 'l'; 20 if (ovl_has_upperdata(inode)) 21 return 'u'; 22 else 23 return 'm'; 24 } 25 26 static struct file *ovl_open_realfile(const struct file *file, 27 struct inode *realinode) 28 { 29 struct inode *inode = file_inode(file); 30 struct file *realfile; 31 const struct cred *old_cred; 32 33 old_cred = ovl_override_creds(inode->i_sb); 34 realfile = open_with_fake_path(&file->f_path, file->f_flags | O_NOATIME, 35 realinode, current_cred()); 36 revert_creds(old_cred); 37 38 pr_debug("open(%p[%pD2/%c], 0%o) -> (%p, 0%o)\n", 39 file, file, ovl_whatisit(inode, realinode), file->f_flags, 40 realfile, IS_ERR(realfile) ? 0 : realfile->f_flags); 41 42 return realfile; 43 } 44 45 #define OVL_SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT) 46 47 static int ovl_change_flags(struct file *file, unsigned int flags) 48 { 49 struct inode *inode = file_inode(file); 50 int err; 51 52 /* No atime modificaton on underlying */ 53 flags |= O_NOATIME; 54 55 /* If some flag changed that cannot be changed then something's amiss */ 56 if (WARN_ON((file->f_flags ^ flags) & ~OVL_SETFL_MASK)) 57 return -EIO; 58 59 flags &= OVL_SETFL_MASK; 60 61 if (((flags ^ file->f_flags) & O_APPEND) && IS_APPEND(inode)) 62 return -EPERM; 63 64 if (flags & O_DIRECT) { 65 if (!file->f_mapping->a_ops || 66 !file->f_mapping->a_ops->direct_IO) 67 return -EINVAL; 68 } 69 70 if (file->f_op->check_flags) { 71 err = file->f_op->check_flags(flags); 72 if (err) 73 return err; 74 } 75 76 spin_lock(&file->f_lock); 77 file->f_flags = (file->f_flags & ~OVL_SETFL_MASK) | flags; 78 spin_unlock(&file->f_lock); 79 80 return 0; 81 } 82 83 static int ovl_real_fdget_meta(const struct file *file, struct fd *real, 84 bool allow_meta) 85 { 86 struct inode *inode = file_inode(file); 87 struct inode *realinode; 88 89 real->flags = 0; 90 real->file = file->private_data; 91 92 if (allow_meta) 93 realinode = ovl_inode_real(inode); 94 else 95 realinode = ovl_inode_realdata(inode); 96 97 /* Has it been copied up since we'd opened it? */ 98 if (unlikely(file_inode(real->file) != realinode)) { 99 real->flags = FDPUT_FPUT; 100 real->file = ovl_open_realfile(file, realinode); 101 102 return PTR_ERR_OR_ZERO(real->file); 103 } 104 105 /* Did the flags change since open? */ 106 if (unlikely((file->f_flags ^ real->file->f_flags) & ~O_NOATIME)) 107 return ovl_change_flags(real->file, file->f_flags); 108 109 return 0; 110 } 111 112 static int ovl_real_fdget(const struct file *file, struct fd *real) 113 { 114 return ovl_real_fdget_meta(file, real, false); 115 } 116 117 static int ovl_open(struct inode *inode, struct file *file) 118 { 119 struct dentry *dentry = file_dentry(file); 120 struct file *realfile; 121 int err; 122 123 err = ovl_open_maybe_copy_up(dentry, file->f_flags); 124 if (err) 125 return err; 126 127 /* No longer need these flags, so don't pass them on to underlying fs */ 128 file->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); 129 130 realfile = ovl_open_realfile(file, ovl_inode_realdata(inode)); 131 if (IS_ERR(realfile)) 132 return PTR_ERR(realfile); 133 134 /* For O_DIRECT dentry_open() checks f_mapping->a_ops->direct_IO */ 135 file->f_mapping = realfile->f_mapping; 136 137 file->private_data = realfile; 138 139 return 0; 140 } 141 142 static int ovl_release(struct inode *inode, struct file *file) 143 { 144 fput(file->private_data); 145 146 return 0; 147 } 148 149 static loff_t ovl_llseek(struct file *file, loff_t offset, int whence) 150 { 151 struct inode *realinode = ovl_inode_real(file_inode(file)); 152 153 return generic_file_llseek_size(file, offset, whence, 154 realinode->i_sb->s_maxbytes, 155 i_size_read(realinode)); 156 } 157 158 static void ovl_file_accessed(struct file *file) 159 { 160 struct inode *inode, *upperinode; 161 162 if (file->f_flags & O_NOATIME) 163 return; 164 165 inode = file_inode(file); 166 upperinode = ovl_inode_upper(inode); 167 168 if (!upperinode) 169 return; 170 171 if ((!timespec64_equal(&inode->i_mtime, &upperinode->i_mtime) || 172 !timespec64_equal(&inode->i_ctime, &upperinode->i_ctime))) { 173 inode->i_mtime = upperinode->i_mtime; 174 inode->i_ctime = upperinode->i_ctime; 175 } 176 177 touch_atime(&file->f_path); 178 } 179 180 static rwf_t ovl_iocb_to_rwf(struct kiocb *iocb) 181 { 182 int ifl = iocb->ki_flags; 183 rwf_t flags = 0; 184 185 if (ifl & IOCB_NOWAIT) 186 flags |= RWF_NOWAIT; 187 if (ifl & IOCB_HIPRI) 188 flags |= RWF_HIPRI; 189 if (ifl & IOCB_DSYNC) 190 flags |= RWF_DSYNC; 191 if (ifl & IOCB_SYNC) 192 flags |= RWF_SYNC; 193 194 return flags; 195 } 196 197 static ssize_t ovl_read_iter(struct kiocb *iocb, struct iov_iter *iter) 198 { 199 struct file *file = iocb->ki_filp; 200 struct fd real; 201 const struct cred *old_cred; 202 ssize_t ret; 203 204 if (!iov_iter_count(iter)) 205 return 0; 206 207 ret = ovl_real_fdget(file, &real); 208 if (ret) 209 return ret; 210 211 old_cred = ovl_override_creds(file_inode(file)->i_sb); 212 ret = vfs_iter_read(real.file, iter, &iocb->ki_pos, 213 ovl_iocb_to_rwf(iocb)); 214 revert_creds(old_cred); 215 216 ovl_file_accessed(file); 217 218 fdput(real); 219 220 return ret; 221 } 222 223 static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter) 224 { 225 struct file *file = iocb->ki_filp; 226 struct inode *inode = file_inode(file); 227 struct fd real; 228 const struct cred *old_cred; 229 ssize_t ret; 230 231 if (!iov_iter_count(iter)) 232 return 0; 233 234 inode_lock(inode); 235 /* Update mode */ 236 ovl_copyattr(ovl_inode_real(inode), inode); 237 ret = file_remove_privs(file); 238 if (ret) 239 goto out_unlock; 240 241 ret = ovl_real_fdget(file, &real); 242 if (ret) 243 goto out_unlock; 244 245 old_cred = ovl_override_creds(file_inode(file)->i_sb); 246 ret = vfs_iter_write(real.file, iter, &iocb->ki_pos, 247 ovl_iocb_to_rwf(iocb)); 248 revert_creds(old_cred); 249 250 /* Update size */ 251 ovl_copyattr(ovl_inode_real(inode), inode); 252 253 fdput(real); 254 255 out_unlock: 256 inode_unlock(inode); 257 258 return ret; 259 } 260 261 static int ovl_fsync(struct file *file, loff_t start, loff_t end, int datasync) 262 { 263 struct fd real; 264 const struct cred *old_cred; 265 int ret; 266 267 ret = ovl_real_fdget_meta(file, &real, !datasync); 268 if (ret) 269 return ret; 270 271 /* Don't sync lower file for fear of receiving EROFS error */ 272 if (file_inode(real.file) == ovl_inode_upper(file_inode(file))) { 273 old_cred = ovl_override_creds(file_inode(file)->i_sb); 274 ret = vfs_fsync_range(real.file, start, end, datasync); 275 revert_creds(old_cred); 276 } 277 278 fdput(real); 279 280 return ret; 281 } 282 283 static int ovl_mmap(struct file *file, struct vm_area_struct *vma) 284 { 285 struct file *realfile = file->private_data; 286 const struct cred *old_cred; 287 int ret; 288 289 if (!realfile->f_op->mmap) 290 return -ENODEV; 291 292 if (WARN_ON(file != vma->vm_file)) 293 return -EIO; 294 295 vma->vm_file = get_file(realfile); 296 297 old_cred = ovl_override_creds(file_inode(file)->i_sb); 298 ret = call_mmap(vma->vm_file, vma); 299 revert_creds(old_cred); 300 301 if (ret) { 302 /* Drop reference count from new vm_file value */ 303 fput(realfile); 304 } else { 305 /* Drop reference count from previous vm_file value */ 306 fput(file); 307 } 308 309 ovl_file_accessed(file); 310 311 return ret; 312 } 313 314 static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len) 315 { 316 struct inode *inode = file_inode(file); 317 struct fd real; 318 const struct cred *old_cred; 319 int ret; 320 321 ret = ovl_real_fdget(file, &real); 322 if (ret) 323 return ret; 324 325 old_cred = ovl_override_creds(file_inode(file)->i_sb); 326 ret = vfs_fallocate(real.file, mode, offset, len); 327 revert_creds(old_cred); 328 329 /* Update size */ 330 ovl_copyattr(ovl_inode_real(inode), inode); 331 332 fdput(real); 333 334 return ret; 335 } 336 337 static long ovl_real_ioctl(struct file *file, unsigned int cmd, 338 unsigned long arg) 339 { 340 struct fd real; 341 const struct cred *old_cred; 342 long ret; 343 344 ret = ovl_real_fdget(file, &real); 345 if (ret) 346 return ret; 347 348 old_cred = ovl_override_creds(file_inode(file)->i_sb); 349 ret = vfs_ioctl(real.file, cmd, arg); 350 revert_creds(old_cred); 351 352 fdput(real); 353 354 return ret; 355 } 356 357 static long ovl_ioctl(struct file *file, unsigned int cmd, unsigned long arg) 358 { 359 long ret; 360 struct inode *inode = file_inode(file); 361 362 switch (cmd) { 363 case FS_IOC_GETFLAGS: 364 ret = ovl_real_ioctl(file, cmd, arg); 365 break; 366 367 case FS_IOC_SETFLAGS: 368 if (!inode_owner_or_capable(inode)) 369 return -EACCES; 370 371 ret = mnt_want_write_file(file); 372 if (ret) 373 return ret; 374 375 ret = ovl_copy_up_with_data(file_dentry(file)); 376 if (!ret) { 377 ret = ovl_real_ioctl(file, cmd, arg); 378 379 inode_lock(inode); 380 ovl_copyflags(ovl_inode_real(inode), inode); 381 inode_unlock(inode); 382 } 383 384 mnt_drop_write_file(file); 385 break; 386 387 default: 388 ret = -ENOTTY; 389 } 390 391 return ret; 392 } 393 394 static long ovl_compat_ioctl(struct file *file, unsigned int cmd, 395 unsigned long arg) 396 { 397 switch (cmd) { 398 case FS_IOC32_GETFLAGS: 399 cmd = FS_IOC_GETFLAGS; 400 break; 401 402 case FS_IOC32_SETFLAGS: 403 cmd = FS_IOC_SETFLAGS; 404 break; 405 406 default: 407 return -ENOIOCTLCMD; 408 } 409 410 return ovl_ioctl(file, cmd, arg); 411 } 412 413 enum ovl_copyop { 414 OVL_COPY, 415 OVL_CLONE, 416 OVL_DEDUPE, 417 }; 418 419 static ssize_t ovl_copyfile(struct file *file_in, loff_t pos_in, 420 struct file *file_out, loff_t pos_out, 421 u64 len, unsigned int flags, enum ovl_copyop op) 422 { 423 struct inode *inode_out = file_inode(file_out); 424 struct fd real_in, real_out; 425 const struct cred *old_cred; 426 ssize_t ret; 427 428 ret = ovl_real_fdget(file_out, &real_out); 429 if (ret) 430 return ret; 431 432 ret = ovl_real_fdget(file_in, &real_in); 433 if (ret) { 434 fdput(real_out); 435 return ret; 436 } 437 438 old_cred = ovl_override_creds(file_inode(file_out)->i_sb); 439 switch (op) { 440 case OVL_COPY: 441 ret = vfs_copy_file_range(real_in.file, pos_in, 442 real_out.file, pos_out, len, flags); 443 break; 444 445 case OVL_CLONE: 446 ret = vfs_clone_file_range(real_in.file, pos_in, 447 real_out.file, pos_out, len); 448 break; 449 450 case OVL_DEDUPE: 451 ret = vfs_dedupe_file_range_one(real_in.file, pos_in, 452 real_out.file, pos_out, len); 453 break; 454 } 455 revert_creds(old_cred); 456 457 /* Update size */ 458 ovl_copyattr(ovl_inode_real(inode_out), inode_out); 459 460 fdput(real_in); 461 fdput(real_out); 462 463 return ret; 464 } 465 466 static ssize_t ovl_copy_file_range(struct file *file_in, loff_t pos_in, 467 struct file *file_out, loff_t pos_out, 468 size_t len, unsigned int flags) 469 { 470 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, flags, 471 OVL_COPY); 472 } 473 474 static int ovl_clone_file_range(struct file *file_in, loff_t pos_in, 475 struct file *file_out, loff_t pos_out, u64 len) 476 { 477 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, 0, 478 OVL_CLONE); 479 } 480 481 static int ovl_dedupe_file_range(struct file *file_in, loff_t pos_in, 482 struct file *file_out, loff_t pos_out, u64 len) 483 { 484 /* 485 * Don't copy up because of a dedupe request, this wouldn't make sense 486 * most of the time (data would be duplicated instead of deduplicated). 487 */ 488 if (!ovl_inode_upper(file_inode(file_in)) || 489 !ovl_inode_upper(file_inode(file_out))) 490 return -EPERM; 491 492 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, 0, 493 OVL_DEDUPE); 494 } 495 496 const struct file_operations ovl_file_operations = { 497 .open = ovl_open, 498 .release = ovl_release, 499 .llseek = ovl_llseek, 500 .read_iter = ovl_read_iter, 501 .write_iter = ovl_write_iter, 502 .fsync = ovl_fsync, 503 .mmap = ovl_mmap, 504 .fallocate = ovl_fallocate, 505 .unlocked_ioctl = ovl_ioctl, 506 .compat_ioctl = ovl_compat_ioctl, 507 508 .copy_file_range = ovl_copy_file_range, 509 .clone_file_range = ovl_clone_file_range, 510 .dedupe_file_range = ovl_dedupe_file_range, 511 }; 512