1d2912cb1SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-only 2e9be9d5eSMiklos Szeredi /* 3e9be9d5eSMiklos Szeredi * 4e9be9d5eSMiklos Szeredi * Copyright (C) 2011 Novell Inc. 5e9be9d5eSMiklos Szeredi */ 6e9be9d5eSMiklos Szeredi 75b825c3aSIngo Molnar #include <uapi/linux/magic.h> 8e9be9d5eSMiklos Szeredi #include <linux/fs.h> 9e9be9d5eSMiklos Szeredi #include <linux/namei.h> 10e9be9d5eSMiklos Szeredi #include <linux/xattr.h> 11e9be9d5eSMiklos Szeredi #include <linux/mount.h> 12e9be9d5eSMiklos Szeredi #include <linux/parser.h> 13e9be9d5eSMiklos Szeredi #include <linux/module.h> 14cc259639SAndy Whitcroft #include <linux/statfs.h> 15f45827e8SErez Zadok #include <linux/seq_file.h> 16d837a49bSMiklos Szeredi #include <linux/posix_acl_xattr.h> 17e487d889SAmir Goldstein #include <linux/exportfs.h> 182b1a7746SMiklos Szeredi #include <linux/file.h> 19e9be9d5eSMiklos Szeredi #include "overlayfs.h" 20e9be9d5eSMiklos Szeredi 21e9be9d5eSMiklos Szeredi MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>"); 22e9be9d5eSMiklos Szeredi MODULE_DESCRIPTION("Overlay filesystem"); 23e9be9d5eSMiklos Szeredi MODULE_LICENSE("GPL"); 24e9be9d5eSMiklos Szeredi 25e9be9d5eSMiklos Szeredi 26e9be9d5eSMiklos Szeredi struct ovl_dir_cache; 27e9be9d5eSMiklos Szeredi 28a78d9f0dSMiklos Szeredi #define OVL_MAX_STACK 500 29a78d9f0dSMiklos Szeredi 30688ea0e5SMiklos Szeredi static bool ovl_redirect_dir_def = IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_DIR); 31688ea0e5SMiklos Szeredi module_param_named(redirect_dir, ovl_redirect_dir_def, bool, 0644); 32253e7483SNicolas Schier MODULE_PARM_DESC(redirect_dir, 33688ea0e5SMiklos Szeredi "Default to on or off for the redirect_dir feature"); 34e9be9d5eSMiklos Szeredi 35438c84c2SMiklos Szeredi static bool ovl_redirect_always_follow = 36438c84c2SMiklos Szeredi IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW); 37438c84c2SMiklos Szeredi module_param_named(redirect_always_follow, ovl_redirect_always_follow, 38438c84c2SMiklos Szeredi bool, 0644); 39253e7483SNicolas Schier MODULE_PARM_DESC(redirect_always_follow, 40438c84c2SMiklos Szeredi "Follow redirects even if redirect_dir feature is turned off"); 41438c84c2SMiklos Szeredi 4202bcd157SAmir Goldstein static bool ovl_index_def = IS_ENABLED(CONFIG_OVERLAY_FS_INDEX); 4302bcd157SAmir Goldstein module_param_named(index, ovl_index_def, bool, 0644); 44253e7483SNicolas Schier MODULE_PARM_DESC(index, 4502bcd157SAmir Goldstein "Default to on or off for the inodes index feature"); 4602bcd157SAmir Goldstein 47f168f109SAmir Goldstein static bool ovl_nfs_export_def = IS_ENABLED(CONFIG_OVERLAY_FS_NFS_EXPORT); 48f168f109SAmir Goldstein module_param_named(nfs_export, ovl_nfs_export_def, bool, 0644); 49253e7483SNicolas Schier MODULE_PARM_DESC(nfs_export, 50f168f109SAmir Goldstein "Default to on or off for the NFS export feature"); 51f168f109SAmir Goldstein 52795939a9SAmir Goldstein static bool ovl_xino_auto_def = IS_ENABLED(CONFIG_OVERLAY_FS_XINO_AUTO); 53795939a9SAmir Goldstein module_param_named(xino_auto, ovl_xino_auto_def, bool, 0644); 54253e7483SNicolas Schier MODULE_PARM_DESC(xino_auto, 55795939a9SAmir Goldstein "Auto enable xino feature"); 56795939a9SAmir Goldstein 57d5791044SVivek Goyal static bool ovl_metacopy_def = IS_ENABLED(CONFIG_OVERLAY_FS_METACOPY); 58d5791044SVivek Goyal module_param_named(metacopy, ovl_metacopy_def, bool, 0644); 59253e7483SNicolas Schier MODULE_PARM_DESC(metacopy, 60d5791044SVivek Goyal "Default to on or off for the metadata only copy up feature"); 61d5791044SVivek Goyal 622d902671SMiklos Szeredi static struct dentry *ovl_d_real(struct dentry *dentry, 63fb16043bSMiklos Szeredi const struct inode *inode) 64d101a125SMiklos Szeredi { 65cef4cbffSMiklos Szeredi struct dentry *real = NULL, *lower; 66d101a125SMiklos Szeredi 67e8c985baSMiklos Szeredi /* It's an overlay file */ 68e8c985baSMiklos Szeredi if (inode && d_inode(dentry) == inode) 69e8c985baSMiklos Szeredi return dentry; 70e8c985baSMiklos Szeredi 71ca4c8a3aSMiklos Szeredi if (!d_is_reg(dentry)) { 72d101a125SMiklos Szeredi if (!inode || inode == d_inode(dentry)) 73d101a125SMiklos Szeredi return dentry; 74d101a125SMiklos Szeredi goto bug; 75d101a125SMiklos Szeredi } 76d101a125SMiklos Szeredi 77d101a125SMiklos Szeredi real = ovl_dentry_upper(dentry); 782c3d7358SVivek Goyal if (real && (inode == d_inode(real))) 79d101a125SMiklos Szeredi return real; 80d101a125SMiklos Szeredi 812c3d7358SVivek Goyal if (real && !inode && ovl_has_upperdata(d_inode(dentry))) 822c3d7358SVivek Goyal return real; 832c3d7358SVivek Goyal 84cef4cbffSMiklos Szeredi lower = ovl_dentry_lowerdata(dentry); 85cef4cbffSMiklos Szeredi if (!lower) 86d101a125SMiklos Szeredi goto bug; 87cef4cbffSMiklos Szeredi real = lower; 88d101a125SMiklos Szeredi 89c4fcfc16SMiklos Szeredi /* Handle recursion */ 90fb16043bSMiklos Szeredi real = d_real(real, inode); 91c4fcfc16SMiklos Szeredi 92d101a125SMiklos Szeredi if (!inode || inode == d_inode(real)) 93d101a125SMiklos Szeredi return real; 94d101a125SMiklos Szeredi bug: 95cef4cbffSMiklos Szeredi WARN(1, "%s(%pd4, %s:%lu): real dentry (%p/%lu) not found\n", 96cef4cbffSMiklos Szeredi __func__, dentry, inode ? inode->i_sb->s_id : "NULL", 97cef4cbffSMiklos Szeredi inode ? inode->i_ino : 0, real, 98cef4cbffSMiklos Szeredi real && d_inode(real) ? d_inode(real)->i_ino : 0); 99d101a125SMiklos Szeredi return dentry; 100d101a125SMiklos Szeredi } 101d101a125SMiklos Szeredi 1023bb7df92SMiklos Szeredi static int ovl_revalidate_real(struct dentry *d, unsigned int flags, bool weak) 1033bb7df92SMiklos Szeredi { 1043bb7df92SMiklos Szeredi int ret = 1; 1053bb7df92SMiklos Szeredi 1063bb7df92SMiklos Szeredi if (weak) { 1073bb7df92SMiklos Szeredi if (d->d_flags & DCACHE_OP_WEAK_REVALIDATE) 1083bb7df92SMiklos Szeredi ret = d->d_op->d_weak_revalidate(d, flags); 1093bb7df92SMiklos Szeredi } else if (d->d_flags & DCACHE_OP_REVALIDATE) { 1103bb7df92SMiklos Szeredi ret = d->d_op->d_revalidate(d, flags); 1113bb7df92SMiklos Szeredi if (!ret) { 1123bb7df92SMiklos Szeredi if (!(flags & LOOKUP_RCU)) 1133bb7df92SMiklos Szeredi d_invalidate(d); 1143bb7df92SMiklos Szeredi ret = -ESTALE; 1153bb7df92SMiklos Szeredi } 1163bb7df92SMiklos Szeredi } 1173bb7df92SMiklos Szeredi return ret; 1183bb7df92SMiklos Szeredi } 1193bb7df92SMiklos Szeredi 1203bb7df92SMiklos Szeredi static int ovl_dentry_revalidate_common(struct dentry *dentry, 1213bb7df92SMiklos Szeredi unsigned int flags, bool weak) 1227c03b5d4SMiklos Szeredi { 123a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 1245522c9c7SAmir Goldstein struct ovl_path *lowerstack = ovl_lowerstack(oe); 125672e4268SChen Zhongjin struct inode *inode = d_inode_rcu(dentry); 126bccece1eSMiklos Szeredi struct dentry *upper; 1277c03b5d4SMiklos Szeredi unsigned int i; 1287c03b5d4SMiklos Szeredi int ret = 1; 1297c03b5d4SMiklos Szeredi 130672e4268SChen Zhongjin /* Careful in RCU mode */ 131672e4268SChen Zhongjin if (!inode) 132672e4268SChen Zhongjin return -ECHILD; 133672e4268SChen Zhongjin 134672e4268SChen Zhongjin upper = ovl_i_dentry_upper(inode); 135bccece1eSMiklos Szeredi if (upper) 136bccece1eSMiklos Szeredi ret = ovl_revalidate_real(upper, flags, weak); 137bccece1eSMiklos Szeredi 1385522c9c7SAmir Goldstein for (i = 0; ret > 0 && i < ovl_numlower(oe); i++) 1395522c9c7SAmir Goldstein ret = ovl_revalidate_real(lowerstack[i].dentry, flags, weak); 1405522c9c7SAmir Goldstein 1417c03b5d4SMiklos Szeredi return ret; 1427c03b5d4SMiklos Szeredi } 1433bb7df92SMiklos Szeredi 1443bb7df92SMiklos Szeredi static int ovl_dentry_revalidate(struct dentry *dentry, unsigned int flags) 1453bb7df92SMiklos Szeredi { 1463bb7df92SMiklos Szeredi return ovl_dentry_revalidate_common(dentry, flags, false); 1477c03b5d4SMiklos Szeredi } 1487c03b5d4SMiklos Szeredi 1497c03b5d4SMiklos Szeredi static int ovl_dentry_weak_revalidate(struct dentry *dentry, unsigned int flags) 1507c03b5d4SMiklos Szeredi { 1513bb7df92SMiklos Szeredi return ovl_dentry_revalidate_common(dentry, flags, true); 1527c03b5d4SMiklos Szeredi } 1537c03b5d4SMiklos Szeredi 154e9be9d5eSMiklos Szeredi static const struct dentry_operations ovl_dentry_operations = { 155d101a125SMiklos Szeredi .d_real = ovl_d_real, 1567c03b5d4SMiklos Szeredi .d_revalidate = ovl_dentry_revalidate, 1577c03b5d4SMiklos Szeredi .d_weak_revalidate = ovl_dentry_weak_revalidate, 1587c03b5d4SMiklos Szeredi }; 1597c03b5d4SMiklos Szeredi 16013cf199dSAmir Goldstein static struct kmem_cache *ovl_inode_cachep; 16113cf199dSAmir Goldstein 16213cf199dSAmir Goldstein static struct inode *ovl_alloc_inode(struct super_block *sb) 16313cf199dSAmir Goldstein { 164fd60b288SMuchun Song struct ovl_inode *oi = alloc_inode_sb(sb, ovl_inode_cachep, GFP_KERNEL); 16513cf199dSAmir Goldstein 166b3885bd6SHirofumi Nakagawa if (!oi) 167b3885bd6SHirofumi Nakagawa return NULL; 168b3885bd6SHirofumi Nakagawa 16904a01ac7SMiklos Szeredi oi->cache = NULL; 170cf31c463SMiklos Szeredi oi->redirect = NULL; 17104a01ac7SMiklos Szeredi oi->version = 0; 17213c72075SMiklos Szeredi oi->flags = 0; 17309d8b586SMiklos Szeredi oi->__upperdentry = NULL; 174*0af950f5SAmir Goldstein oi->oe = NULL; 175ffa5723cSAmir Goldstein oi->lowerpath.dentry = NULL; 176ffa5723cSAmir Goldstein oi->lowerpath.layer = NULL; 1772664bd08SVivek Goyal oi->lowerdata = NULL; 178a015dafcSAmir Goldstein mutex_init(&oi->lock); 17925b7713aSMiklos Szeredi 18013cf199dSAmir Goldstein return &oi->vfs_inode; 18113cf199dSAmir Goldstein } 18213cf199dSAmir Goldstein 1830b269dedSAl Viro static void ovl_free_inode(struct inode *inode) 18413cf199dSAmir Goldstein { 1850b269dedSAl Viro struct ovl_inode *oi = OVL_I(inode); 18613cf199dSAmir Goldstein 1870b269dedSAl Viro kfree(oi->redirect); 1880b269dedSAl Viro mutex_destroy(&oi->lock); 1890b269dedSAl Viro kmem_cache_free(ovl_inode_cachep, oi); 19013cf199dSAmir Goldstein } 19113cf199dSAmir Goldstein 19213cf199dSAmir Goldstein static void ovl_destroy_inode(struct inode *inode) 19313cf199dSAmir Goldstein { 19409d8b586SMiklos Szeredi struct ovl_inode *oi = OVL_I(inode); 19509d8b586SMiklos Szeredi 19609d8b586SMiklos Szeredi dput(oi->__upperdentry); 197ffa5723cSAmir Goldstein dput(oi->lowerpath.dentry); 198*0af950f5SAmir Goldstein ovl_free_entry(oi->oe); 1992664bd08SVivek Goyal if (S_ISDIR(inode->i_mode)) 2004edb83bbSMiklos Szeredi ovl_dir_cache_free(inode); 2012664bd08SVivek Goyal else 2022664bd08SVivek Goyal iput(oi->lowerdata); 20313cf199dSAmir Goldstein } 20413cf199dSAmir Goldstein 205ad204488SMiklos Szeredi static void ovl_free_fs(struct ovl_fs *ofs) 206e9be9d5eSMiklos Szeredi { 207df820f8dSMiklos Szeredi struct vfsmount **mounts; 208dd662667SMiklos Szeredi unsigned i; 209e9be9d5eSMiklos Szeredi 2100be0bfd2SAmir Goldstein iput(ofs->workbasedir_trap); 211146d62e5SAmir Goldstein iput(ofs->indexdir_trap); 212146d62e5SAmir Goldstein iput(ofs->workdir_trap); 213c21c839bSChengguang Xu dput(ofs->whiteout); 214ad204488SMiklos Szeredi dput(ofs->indexdir); 215ad204488SMiklos Szeredi dput(ofs->workdir); 216ad204488SMiklos Szeredi if (ofs->workdir_locked) 217ad204488SMiklos Szeredi ovl_inuse_unlock(ofs->workbasedir); 218ad204488SMiklos Szeredi dput(ofs->workbasedir); 219ad204488SMiklos Szeredi if (ofs->upperdir_locked) 22008f4c7c8SMiklos Szeredi ovl_inuse_unlock(ovl_upper_mnt(ofs)->mnt_root); 221df820f8dSMiklos Szeredi 222df820f8dSMiklos Szeredi /* Hack! Reuse ofs->layers as a vfsmount array before freeing it */ 223df820f8dSMiklos Szeredi mounts = (struct vfsmount **) ofs->layers; 224b8e42a65SMiklos Szeredi for (i = 0; i < ofs->numlayer; i++) { 22594375f9dSAmir Goldstein iput(ofs->layers[i].trap); 226df820f8dSMiklos Szeredi mounts[i] = ofs->layers[i].mnt; 227146d62e5SAmir Goldstein } 228df820f8dSMiklos Szeredi kern_unmount_array(mounts, ofs->numlayer); 22994375f9dSAmir Goldstein kfree(ofs->layers); 230b7bf9908SAmir Goldstein for (i = 0; i < ofs->numfs; i++) 23107f1e596SAmir Goldstein free_anon_bdev(ofs->fs[i].pseudo_dev); 23207f1e596SAmir Goldstein kfree(ofs->fs); 233e9be9d5eSMiklos Szeredi 234ad204488SMiklos Szeredi kfree(ofs->config.lowerdir); 235ad204488SMiklos Szeredi kfree(ofs->config.upperdir); 236ad204488SMiklos Szeredi kfree(ofs->config.workdir); 237438c84c2SMiklos Szeredi kfree(ofs->config.redirect_mode); 238ad204488SMiklos Szeredi if (ofs->creator_cred) 239ad204488SMiklos Szeredi put_cred(ofs->creator_cred); 240ad204488SMiklos Szeredi kfree(ofs); 241e9be9d5eSMiklos Szeredi } 242e9be9d5eSMiklos Szeredi 243a9075cdbSMiklos Szeredi static void ovl_put_super(struct super_block *sb) 244a9075cdbSMiklos Szeredi { 245a9075cdbSMiklos Szeredi struct ovl_fs *ofs = sb->s_fs_info; 246a9075cdbSMiklos Szeredi 247a9075cdbSMiklos Szeredi ovl_free_fs(ofs); 248a9075cdbSMiklos Szeredi } 249a9075cdbSMiklos Szeredi 250e8d4bfe3SChengguang Xu /* Sync real dirty inodes in upper filesystem (if it exists) */ 251e593b2bfSAmir Goldstein static int ovl_sync_fs(struct super_block *sb, int wait) 252e593b2bfSAmir Goldstein { 253ad204488SMiklos Szeredi struct ovl_fs *ofs = sb->s_fs_info; 254e593b2bfSAmir Goldstein struct super_block *upper_sb; 255e593b2bfSAmir Goldstein int ret; 256e593b2bfSAmir Goldstein 257335d3fc5SSargun Dhillon ret = ovl_sync_status(ofs); 258335d3fc5SSargun Dhillon /* 259335d3fc5SSargun Dhillon * We have to always set the err, because the return value isn't 260335d3fc5SSargun Dhillon * checked in syncfs, and instead indirectly return an error via 261335d3fc5SSargun Dhillon * the sb's writeback errseq, which VFS inspects after this call. 262335d3fc5SSargun Dhillon */ 263335d3fc5SSargun Dhillon if (ret < 0) { 264335d3fc5SSargun Dhillon errseq_set(&sb->s_wb_err, -EIO); 265335d3fc5SSargun Dhillon return -EIO; 266335d3fc5SSargun Dhillon } 267e8d4bfe3SChengguang Xu 268335d3fc5SSargun Dhillon if (!ret) 269335d3fc5SSargun Dhillon return ret; 270335d3fc5SSargun Dhillon 271e8d4bfe3SChengguang Xu /* 27232b1924bSKonstantin Khlebnikov * Not called for sync(2) call or an emergency sync (SB_I_SKIP_SYNC). 27332b1924bSKonstantin Khlebnikov * All the super blocks will be iterated, including upper_sb. 274e8d4bfe3SChengguang Xu * 275e8d4bfe3SChengguang Xu * If this is a syncfs(2) call, then we do need to call 276e8d4bfe3SChengguang Xu * sync_filesystem() on upper_sb, but enough if we do it when being 277e8d4bfe3SChengguang Xu * called with wait == 1. 278e8d4bfe3SChengguang Xu */ 279e8d4bfe3SChengguang Xu if (!wait) 280e593b2bfSAmir Goldstein return 0; 281e593b2bfSAmir Goldstein 28208f4c7c8SMiklos Szeredi upper_sb = ovl_upper_mnt(ofs)->mnt_sb; 283e8d4bfe3SChengguang Xu 284e593b2bfSAmir Goldstein down_read(&upper_sb->s_umount); 285e8d4bfe3SChengguang Xu ret = sync_filesystem(upper_sb); 286e593b2bfSAmir Goldstein up_read(&upper_sb->s_umount); 287e8d4bfe3SChengguang Xu 288e593b2bfSAmir Goldstein return ret; 289e593b2bfSAmir Goldstein } 290e593b2bfSAmir Goldstein 291cc259639SAndy Whitcroft /** 292cc259639SAndy Whitcroft * ovl_statfs 2939c5dd803SYang Li * @dentry: The dentry to query 294cc259639SAndy Whitcroft * @buf: The struct kstatfs to fill in with stats 295cc259639SAndy Whitcroft * 296cc259639SAndy Whitcroft * Get the filesystem statistics. As writes always target the upper layer 2974ebc5818SMiklos Szeredi * filesystem pass the statfs to the upper filesystem (if it exists) 298cc259639SAndy Whitcroft */ 299cc259639SAndy Whitcroft static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf) 300cc259639SAndy Whitcroft { 301cc259639SAndy Whitcroft struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 302cc259639SAndy Whitcroft struct dentry *root_dentry = dentry->d_sb->s_root; 303cc259639SAndy Whitcroft struct path path; 304cc259639SAndy Whitcroft int err; 305cc259639SAndy Whitcroft 3064ebc5818SMiklos Szeredi ovl_path_real(root_dentry, &path); 307cc259639SAndy Whitcroft 308cc259639SAndy Whitcroft err = vfs_statfs(&path, buf); 309cc259639SAndy Whitcroft if (!err) { 3106b2d5fe4SMiklos Szeredi buf->f_namelen = ofs->namelen; 311cc259639SAndy Whitcroft buf->f_type = OVERLAYFS_SUPER_MAGIC; 312cc259639SAndy Whitcroft } 313cc259639SAndy Whitcroft 314cc259639SAndy Whitcroft return err; 315cc259639SAndy Whitcroft } 316cc259639SAndy Whitcroft 31702bcd157SAmir Goldstein /* Will this overlay be forced to mount/remount ro? */ 318ad204488SMiklos Szeredi static bool ovl_force_readonly(struct ovl_fs *ofs) 31902bcd157SAmir Goldstein { 32008f4c7c8SMiklos Szeredi return (!ovl_upper_mnt(ofs) || !ofs->workdir); 32102bcd157SAmir Goldstein } 32202bcd157SAmir Goldstein 323438c84c2SMiklos Szeredi static const char *ovl_redirect_mode_def(void) 324438c84c2SMiklos Szeredi { 325438c84c2SMiklos Szeredi return ovl_redirect_dir_def ? "on" : "off"; 326438c84c2SMiklos Szeredi } 327438c84c2SMiklos Szeredi 328795939a9SAmir Goldstein static const char * const ovl_xino_str[] = { 329795939a9SAmir Goldstein "off", 330795939a9SAmir Goldstein "auto", 331795939a9SAmir Goldstein "on", 332795939a9SAmir Goldstein }; 333795939a9SAmir Goldstein 334795939a9SAmir Goldstein static inline int ovl_xino_def(void) 335795939a9SAmir Goldstein { 336795939a9SAmir Goldstein return ovl_xino_auto_def ? OVL_XINO_AUTO : OVL_XINO_OFF; 337795939a9SAmir Goldstein } 338795939a9SAmir Goldstein 339f45827e8SErez Zadok /** 340f45827e8SErez Zadok * ovl_show_options 3419c5dd803SYang Li * @m: the seq_file handle 3429c5dd803SYang Li * @dentry: The dentry to query 343f45827e8SErez Zadok * 344f45827e8SErez Zadok * Prints the mount options for a given superblock. 345f45827e8SErez Zadok * Returns zero; does not fail. 346f45827e8SErez Zadok */ 347f45827e8SErez Zadok static int ovl_show_options(struct seq_file *m, struct dentry *dentry) 348f45827e8SErez Zadok { 349f45827e8SErez Zadok struct super_block *sb = dentry->d_sb; 350ad204488SMiklos Szeredi struct ovl_fs *ofs = sb->s_fs_info; 351f45827e8SErez Zadok 352ad204488SMiklos Szeredi seq_show_option(m, "lowerdir", ofs->config.lowerdir); 353ad204488SMiklos Szeredi if (ofs->config.upperdir) { 354ad204488SMiklos Szeredi seq_show_option(m, "upperdir", ofs->config.upperdir); 355ad204488SMiklos Szeredi seq_show_option(m, "workdir", ofs->config.workdir); 35653a08cb9SMiklos Szeredi } 357ad204488SMiklos Szeredi if (ofs->config.default_permissions) 3588d3095f4SMiklos Szeredi seq_puts(m, ",default_permissions"); 359438c84c2SMiklos Szeredi if (strcmp(ofs->config.redirect_mode, ovl_redirect_mode_def()) != 0) 360438c84c2SMiklos Szeredi seq_printf(m, ",redirect_dir=%s", ofs->config.redirect_mode); 361ad204488SMiklos Szeredi if (ofs->config.index != ovl_index_def) 362438c84c2SMiklos Szeredi seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off"); 3635830fb6bSPavel Tikhomirov if (!ofs->config.uuid) 3645830fb6bSPavel Tikhomirov seq_puts(m, ",uuid=off"); 365f168f109SAmir Goldstein if (ofs->config.nfs_export != ovl_nfs_export_def) 366f168f109SAmir Goldstein seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ? 367f168f109SAmir Goldstein "on" : "off"); 3680f831ec8SAmir Goldstein if (ofs->config.xino != ovl_xino_def() && !ovl_same_fs(sb)) 369795939a9SAmir Goldstein seq_printf(m, ",xino=%s", ovl_xino_str[ofs->config.xino]); 370d5791044SVivek Goyal if (ofs->config.metacopy != ovl_metacopy_def) 371d5791044SVivek Goyal seq_printf(m, ",metacopy=%s", 372d5791044SVivek Goyal ofs->config.metacopy ? "on" : "off"); 373c86243b0SVivek Goyal if (ofs->config.ovl_volatile) 374c86243b0SVivek Goyal seq_puts(m, ",volatile"); 375321b46b9SGiuseppe Scrivano if (ofs->config.userxattr) 376321b46b9SGiuseppe Scrivano seq_puts(m, ",userxattr"); 377f45827e8SErez Zadok return 0; 378f45827e8SErez Zadok } 379f45827e8SErez Zadok 3803cdf6fe9SSeunghun Lee static int ovl_remount(struct super_block *sb, int *flags, char *data) 3813cdf6fe9SSeunghun Lee { 382ad204488SMiklos Szeredi struct ovl_fs *ofs = sb->s_fs_info; 383399c109dSChengguang Xu struct super_block *upper_sb; 384399c109dSChengguang Xu int ret = 0; 3853cdf6fe9SSeunghun Lee 3861751e8a6SLinus Torvalds if (!(*flags & SB_RDONLY) && ovl_force_readonly(ofs)) 3873cdf6fe9SSeunghun Lee return -EROFS; 3883cdf6fe9SSeunghun Lee 389399c109dSChengguang Xu if (*flags & SB_RDONLY && !sb_rdonly(sb)) { 39008f4c7c8SMiklos Szeredi upper_sb = ovl_upper_mnt(ofs)->mnt_sb; 391c86243b0SVivek Goyal if (ovl_should_sync(ofs)) { 392399c109dSChengguang Xu down_read(&upper_sb->s_umount); 393399c109dSChengguang Xu ret = sync_filesystem(upper_sb); 394399c109dSChengguang Xu up_read(&upper_sb->s_umount); 395399c109dSChengguang Xu } 396c86243b0SVivek Goyal } 397399c109dSChengguang Xu 398399c109dSChengguang Xu return ret; 3993cdf6fe9SSeunghun Lee } 4003cdf6fe9SSeunghun Lee 401e9be9d5eSMiklos Szeredi static const struct super_operations ovl_super_operations = { 40213cf199dSAmir Goldstein .alloc_inode = ovl_alloc_inode, 4030b269dedSAl Viro .free_inode = ovl_free_inode, 40413cf199dSAmir Goldstein .destroy_inode = ovl_destroy_inode, 40513cf199dSAmir Goldstein .drop_inode = generic_delete_inode, 406e9be9d5eSMiklos Szeredi .put_super = ovl_put_super, 407e593b2bfSAmir Goldstein .sync_fs = ovl_sync_fs, 408cc259639SAndy Whitcroft .statfs = ovl_statfs, 409f45827e8SErez Zadok .show_options = ovl_show_options, 4103cdf6fe9SSeunghun Lee .remount_fs = ovl_remount, 411e9be9d5eSMiklos Szeredi }; 412e9be9d5eSMiklos Szeredi 413e9be9d5eSMiklos Szeredi enum { 414e9be9d5eSMiklos Szeredi OPT_LOWERDIR, 415e9be9d5eSMiklos Szeredi OPT_UPPERDIR, 416e9be9d5eSMiklos Szeredi OPT_WORKDIR, 4178d3095f4SMiklos Szeredi OPT_DEFAULT_PERMISSIONS, 418438c84c2SMiklos Szeredi OPT_REDIRECT_DIR, 41902bcd157SAmir Goldstein OPT_INDEX_ON, 42002bcd157SAmir Goldstein OPT_INDEX_OFF, 4215830fb6bSPavel Tikhomirov OPT_UUID_ON, 4225830fb6bSPavel Tikhomirov OPT_UUID_OFF, 423f168f109SAmir Goldstein OPT_NFS_EXPORT_ON, 4242d2f2d73SMiklos Szeredi OPT_USERXATTR, 425f168f109SAmir Goldstein OPT_NFS_EXPORT_OFF, 426795939a9SAmir Goldstein OPT_XINO_ON, 427795939a9SAmir Goldstein OPT_XINO_OFF, 428795939a9SAmir Goldstein OPT_XINO_AUTO, 429d5791044SVivek Goyal OPT_METACOPY_ON, 430d5791044SVivek Goyal OPT_METACOPY_OFF, 431c86243b0SVivek Goyal OPT_VOLATILE, 432e9be9d5eSMiklos Szeredi OPT_ERR, 433e9be9d5eSMiklos Szeredi }; 434e9be9d5eSMiklos Szeredi 435e9be9d5eSMiklos Szeredi static const match_table_t ovl_tokens = { 436e9be9d5eSMiklos Szeredi {OPT_LOWERDIR, "lowerdir=%s"}, 437e9be9d5eSMiklos Szeredi {OPT_UPPERDIR, "upperdir=%s"}, 438e9be9d5eSMiklos Szeredi {OPT_WORKDIR, "workdir=%s"}, 4398d3095f4SMiklos Szeredi {OPT_DEFAULT_PERMISSIONS, "default_permissions"}, 440438c84c2SMiklos Szeredi {OPT_REDIRECT_DIR, "redirect_dir=%s"}, 44102bcd157SAmir Goldstein {OPT_INDEX_ON, "index=on"}, 44202bcd157SAmir Goldstein {OPT_INDEX_OFF, "index=off"}, 4432d2f2d73SMiklos Szeredi {OPT_USERXATTR, "userxattr"}, 4445830fb6bSPavel Tikhomirov {OPT_UUID_ON, "uuid=on"}, 4455830fb6bSPavel Tikhomirov {OPT_UUID_OFF, "uuid=off"}, 446f168f109SAmir Goldstein {OPT_NFS_EXPORT_ON, "nfs_export=on"}, 447f168f109SAmir Goldstein {OPT_NFS_EXPORT_OFF, "nfs_export=off"}, 448795939a9SAmir Goldstein {OPT_XINO_ON, "xino=on"}, 449795939a9SAmir Goldstein {OPT_XINO_OFF, "xino=off"}, 450795939a9SAmir Goldstein {OPT_XINO_AUTO, "xino=auto"}, 451d5791044SVivek Goyal {OPT_METACOPY_ON, "metacopy=on"}, 452d5791044SVivek Goyal {OPT_METACOPY_OFF, "metacopy=off"}, 453c86243b0SVivek Goyal {OPT_VOLATILE, "volatile"}, 454e9be9d5eSMiklos Szeredi {OPT_ERR, NULL} 455e9be9d5eSMiklos Szeredi }; 456e9be9d5eSMiklos Szeredi 45791c77947SMiklos Szeredi static char *ovl_next_opt(char **s) 45891c77947SMiklos Szeredi { 45991c77947SMiklos Szeredi char *sbegin = *s; 46091c77947SMiklos Szeredi char *p; 46191c77947SMiklos Szeredi 46291c77947SMiklos Szeredi if (sbegin == NULL) 46391c77947SMiklos Szeredi return NULL; 46491c77947SMiklos Szeredi 46591c77947SMiklos Szeredi for (p = sbegin; *p; p++) { 46691c77947SMiklos Szeredi if (*p == '\\') { 46791c77947SMiklos Szeredi p++; 46891c77947SMiklos Szeredi if (!*p) 46991c77947SMiklos Szeredi break; 47091c77947SMiklos Szeredi } else if (*p == ',') { 47191c77947SMiklos Szeredi *p = '\0'; 47291c77947SMiklos Szeredi *s = p + 1; 47391c77947SMiklos Szeredi return sbegin; 47491c77947SMiklos Szeredi } 47591c77947SMiklos Szeredi } 47691c77947SMiklos Szeredi *s = NULL; 47791c77947SMiklos Szeredi return sbegin; 47891c77947SMiklos Szeredi } 47991c77947SMiklos Szeredi 480438c84c2SMiklos Szeredi static int ovl_parse_redirect_mode(struct ovl_config *config, const char *mode) 481438c84c2SMiklos Szeredi { 482438c84c2SMiklos Szeredi if (strcmp(mode, "on") == 0) { 483438c84c2SMiklos Szeredi config->redirect_dir = true; 484438c84c2SMiklos Szeredi /* 485438c84c2SMiklos Szeredi * Does not make sense to have redirect creation without 486438c84c2SMiklos Szeredi * redirect following. 487438c84c2SMiklos Szeredi */ 488438c84c2SMiklos Szeredi config->redirect_follow = true; 489438c84c2SMiklos Szeredi } else if (strcmp(mode, "follow") == 0) { 490438c84c2SMiklos Szeredi config->redirect_follow = true; 491438c84c2SMiklos Szeredi } else if (strcmp(mode, "off") == 0) { 492438c84c2SMiklos Szeredi if (ovl_redirect_always_follow) 493438c84c2SMiklos Szeredi config->redirect_follow = true; 494438c84c2SMiklos Szeredi } else if (strcmp(mode, "nofollow") != 0) { 4951bd0a3aeSlijiazi pr_err("bad mount option \"redirect_dir=%s\"\n", 496438c84c2SMiklos Szeredi mode); 497438c84c2SMiklos Szeredi return -EINVAL; 498438c84c2SMiklos Szeredi } 499438c84c2SMiklos Szeredi 500438c84c2SMiklos Szeredi return 0; 501438c84c2SMiklos Szeredi } 502438c84c2SMiklos Szeredi 503e9be9d5eSMiklos Szeredi static int ovl_parse_opt(char *opt, struct ovl_config *config) 504e9be9d5eSMiklos Szeredi { 505e9be9d5eSMiklos Szeredi char *p; 506d5791044SVivek Goyal int err; 507d47748e5SMiklos Szeredi bool metacopy_opt = false, redirect_opt = false; 508b0def88dSAmir Goldstein bool nfs_export_opt = false, index_opt = false; 509e9be9d5eSMiklos Szeredi 510438c84c2SMiklos Szeredi config->redirect_mode = kstrdup(ovl_redirect_mode_def(), GFP_KERNEL); 511438c84c2SMiklos Szeredi if (!config->redirect_mode) 512438c84c2SMiklos Szeredi return -ENOMEM; 513438c84c2SMiklos Szeredi 51491c77947SMiklos Szeredi while ((p = ovl_next_opt(&opt)) != NULL) { 515e9be9d5eSMiklos Szeredi int token; 516e9be9d5eSMiklos Szeredi substring_t args[MAX_OPT_ARGS]; 517e9be9d5eSMiklos Szeredi 518e9be9d5eSMiklos Szeredi if (!*p) 519e9be9d5eSMiklos Szeredi continue; 520e9be9d5eSMiklos Szeredi 521e9be9d5eSMiklos Szeredi token = match_token(p, ovl_tokens, args); 522e9be9d5eSMiklos Szeredi switch (token) { 523e9be9d5eSMiklos Szeredi case OPT_UPPERDIR: 524e9be9d5eSMiklos Szeredi kfree(config->upperdir); 525e9be9d5eSMiklos Szeredi config->upperdir = match_strdup(&args[0]); 526e9be9d5eSMiklos Szeredi if (!config->upperdir) 527e9be9d5eSMiklos Szeredi return -ENOMEM; 528e9be9d5eSMiklos Szeredi break; 529e9be9d5eSMiklos Szeredi 530e9be9d5eSMiklos Szeredi case OPT_LOWERDIR: 531e9be9d5eSMiklos Szeredi kfree(config->lowerdir); 532e9be9d5eSMiklos Szeredi config->lowerdir = match_strdup(&args[0]); 533e9be9d5eSMiklos Szeredi if (!config->lowerdir) 534e9be9d5eSMiklos Szeredi return -ENOMEM; 535e9be9d5eSMiklos Szeredi break; 536e9be9d5eSMiklos Szeredi 537e9be9d5eSMiklos Szeredi case OPT_WORKDIR: 538e9be9d5eSMiklos Szeredi kfree(config->workdir); 539e9be9d5eSMiklos Szeredi config->workdir = match_strdup(&args[0]); 540e9be9d5eSMiklos Szeredi if (!config->workdir) 541e9be9d5eSMiklos Szeredi return -ENOMEM; 542e9be9d5eSMiklos Szeredi break; 543e9be9d5eSMiklos Szeredi 5448d3095f4SMiklos Szeredi case OPT_DEFAULT_PERMISSIONS: 5458d3095f4SMiklos Szeredi config->default_permissions = true; 5468d3095f4SMiklos Szeredi break; 5478d3095f4SMiklos Szeredi 548438c84c2SMiklos Szeredi case OPT_REDIRECT_DIR: 549438c84c2SMiklos Szeredi kfree(config->redirect_mode); 550438c84c2SMiklos Szeredi config->redirect_mode = match_strdup(&args[0]); 551438c84c2SMiklos Szeredi if (!config->redirect_mode) 552438c84c2SMiklos Szeredi return -ENOMEM; 553d47748e5SMiklos Szeredi redirect_opt = true; 554a6c60655SMiklos Szeredi break; 555a6c60655SMiklos Szeredi 55602bcd157SAmir Goldstein case OPT_INDEX_ON: 55702bcd157SAmir Goldstein config->index = true; 558b0def88dSAmir Goldstein index_opt = true; 55902bcd157SAmir Goldstein break; 56002bcd157SAmir Goldstein 56102bcd157SAmir Goldstein case OPT_INDEX_OFF: 56202bcd157SAmir Goldstein config->index = false; 563b0def88dSAmir Goldstein index_opt = true; 56402bcd157SAmir Goldstein break; 56502bcd157SAmir Goldstein 5665830fb6bSPavel Tikhomirov case OPT_UUID_ON: 5675830fb6bSPavel Tikhomirov config->uuid = true; 5685830fb6bSPavel Tikhomirov break; 5695830fb6bSPavel Tikhomirov 5705830fb6bSPavel Tikhomirov case OPT_UUID_OFF: 5715830fb6bSPavel Tikhomirov config->uuid = false; 5725830fb6bSPavel Tikhomirov break; 5735830fb6bSPavel Tikhomirov 574f168f109SAmir Goldstein case OPT_NFS_EXPORT_ON: 575f168f109SAmir Goldstein config->nfs_export = true; 576b0def88dSAmir Goldstein nfs_export_opt = true; 577f168f109SAmir Goldstein break; 578f168f109SAmir Goldstein 579f168f109SAmir Goldstein case OPT_NFS_EXPORT_OFF: 580f168f109SAmir Goldstein config->nfs_export = false; 581b0def88dSAmir Goldstein nfs_export_opt = true; 582f168f109SAmir Goldstein break; 583f168f109SAmir Goldstein 584795939a9SAmir Goldstein case OPT_XINO_ON: 585795939a9SAmir Goldstein config->xino = OVL_XINO_ON; 586795939a9SAmir Goldstein break; 587795939a9SAmir Goldstein 588795939a9SAmir Goldstein case OPT_XINO_OFF: 589795939a9SAmir Goldstein config->xino = OVL_XINO_OFF; 590795939a9SAmir Goldstein break; 591795939a9SAmir Goldstein 592795939a9SAmir Goldstein case OPT_XINO_AUTO: 593795939a9SAmir Goldstein config->xino = OVL_XINO_AUTO; 594795939a9SAmir Goldstein break; 595795939a9SAmir Goldstein 596d5791044SVivek Goyal case OPT_METACOPY_ON: 597d5791044SVivek Goyal config->metacopy = true; 598d47748e5SMiklos Szeredi metacopy_opt = true; 599d5791044SVivek Goyal break; 600d5791044SVivek Goyal 601d5791044SVivek Goyal case OPT_METACOPY_OFF: 602d5791044SVivek Goyal config->metacopy = false; 603b0def88dSAmir Goldstein metacopy_opt = true; 604d5791044SVivek Goyal break; 605d5791044SVivek Goyal 606c86243b0SVivek Goyal case OPT_VOLATILE: 607c86243b0SVivek Goyal config->ovl_volatile = true; 608c86243b0SVivek Goyal break; 609c86243b0SVivek Goyal 6102d2f2d73SMiklos Szeredi case OPT_USERXATTR: 6112d2f2d73SMiklos Szeredi config->userxattr = true; 6122d2f2d73SMiklos Szeredi break; 6132d2f2d73SMiklos Szeredi 614e9be9d5eSMiklos Szeredi default: 6151bd0a3aeSlijiazi pr_err("unrecognized mount option \"%s\" or missing value\n", 6161bd0a3aeSlijiazi p); 617e9be9d5eSMiklos Szeredi return -EINVAL; 618e9be9d5eSMiklos Szeredi } 619e9be9d5eSMiklos Szeredi } 62071cbad7eShujianyang 621f0e1266eSAmir Goldstein /* Workdir/index are useless in non-upper mount */ 622f0e1266eSAmir Goldstein if (!config->upperdir) { 623f0e1266eSAmir Goldstein if (config->workdir) { 6241bd0a3aeSlijiazi pr_info("option \"workdir=%s\" is useless in a non-upper mount, ignore\n", 62571cbad7eShujianyang config->workdir); 62671cbad7eShujianyang kfree(config->workdir); 62771cbad7eShujianyang config->workdir = NULL; 62871cbad7eShujianyang } 629f0e1266eSAmir Goldstein if (config->index && index_opt) { 630f0e1266eSAmir Goldstein pr_info("option \"index=on\" is useless in a non-upper mount, ignore\n"); 631f0e1266eSAmir Goldstein index_opt = false; 632f0e1266eSAmir Goldstein } 633f0e1266eSAmir Goldstein config->index = false; 634f0e1266eSAmir Goldstein } 63571cbad7eShujianyang 636c86243b0SVivek Goyal if (!config->upperdir && config->ovl_volatile) { 637c86243b0SVivek Goyal pr_info("option \"volatile\" is meaningless in a non-upper mount, ignoring it.\n"); 638c86243b0SVivek Goyal config->ovl_volatile = false; 639c86243b0SVivek Goyal } 640c86243b0SVivek Goyal 641d5791044SVivek Goyal err = ovl_parse_redirect_mode(config, config->redirect_mode); 642d5791044SVivek Goyal if (err) 643d5791044SVivek Goyal return err; 644d5791044SVivek Goyal 645d47748e5SMiklos Szeredi /* 646d47748e5SMiklos Szeredi * This is to make the logic below simpler. It doesn't make any other 647d47748e5SMiklos Szeredi * difference, since config->redirect_dir is only used for upper. 648d47748e5SMiklos Szeredi */ 649d47748e5SMiklos Szeredi if (!config->upperdir && config->redirect_follow) 650d47748e5SMiklos Szeredi config->redirect_dir = true; 651d47748e5SMiklos Szeredi 652d47748e5SMiklos Szeredi /* Resolve metacopy -> redirect_dir dependency */ 653d47748e5SMiklos Szeredi if (config->metacopy && !config->redirect_dir) { 654d47748e5SMiklos Szeredi if (metacopy_opt && redirect_opt) { 6551bd0a3aeSlijiazi pr_err("conflicting options: metacopy=on,redirect_dir=%s\n", 656d47748e5SMiklos Szeredi config->redirect_mode); 657d47748e5SMiklos Szeredi return -EINVAL; 658d47748e5SMiklos Szeredi } 659d47748e5SMiklos Szeredi if (redirect_opt) { 660d47748e5SMiklos Szeredi /* 661d47748e5SMiklos Szeredi * There was an explicit redirect_dir=... that resulted 662d47748e5SMiklos Szeredi * in this conflict. 663d47748e5SMiklos Szeredi */ 6641bd0a3aeSlijiazi pr_info("disabling metacopy due to redirect_dir=%s\n", 665d47748e5SMiklos Szeredi config->redirect_mode); 666d5791044SVivek Goyal config->metacopy = false; 667d47748e5SMiklos Szeredi } else { 668d47748e5SMiklos Szeredi /* Automatically enable redirect otherwise. */ 669d47748e5SMiklos Szeredi config->redirect_follow = config->redirect_dir = true; 670d47748e5SMiklos Szeredi } 671d5791044SVivek Goyal } 672d5791044SVivek Goyal 673b0def88dSAmir Goldstein /* Resolve nfs_export -> index dependency */ 674b0def88dSAmir Goldstein if (config->nfs_export && !config->index) { 675f0e1266eSAmir Goldstein if (!config->upperdir && config->redirect_follow) { 676f0e1266eSAmir Goldstein pr_info("NFS export requires \"redirect_dir=nofollow\" on non-upper mount, falling back to nfs_export=off.\n"); 677f0e1266eSAmir Goldstein config->nfs_export = false; 678f0e1266eSAmir Goldstein } else if (nfs_export_opt && index_opt) { 679b0def88dSAmir Goldstein pr_err("conflicting options: nfs_export=on,index=off\n"); 680b0def88dSAmir Goldstein return -EINVAL; 681f0e1266eSAmir Goldstein } else if (index_opt) { 682b0def88dSAmir Goldstein /* 683b0def88dSAmir Goldstein * There was an explicit index=off that resulted 684b0def88dSAmir Goldstein * in this conflict. 685b0def88dSAmir Goldstein */ 686b0def88dSAmir Goldstein pr_info("disabling nfs_export due to index=off\n"); 687b0def88dSAmir Goldstein config->nfs_export = false; 688b0def88dSAmir Goldstein } else { 689b0def88dSAmir Goldstein /* Automatically enable index otherwise. */ 690b0def88dSAmir Goldstein config->index = true; 691b0def88dSAmir Goldstein } 692b0def88dSAmir Goldstein } 693b0def88dSAmir Goldstein 694b0def88dSAmir Goldstein /* Resolve nfs_export -> !metacopy dependency */ 695b0def88dSAmir Goldstein if (config->nfs_export && config->metacopy) { 696b0def88dSAmir Goldstein if (nfs_export_opt && metacopy_opt) { 697b0def88dSAmir Goldstein pr_err("conflicting options: nfs_export=on,metacopy=on\n"); 698b0def88dSAmir Goldstein return -EINVAL; 699b0def88dSAmir Goldstein } 700b0def88dSAmir Goldstein if (metacopy_opt) { 701b0def88dSAmir Goldstein /* 702b0def88dSAmir Goldstein * There was an explicit metacopy=on that resulted 703b0def88dSAmir Goldstein * in this conflict. 704b0def88dSAmir Goldstein */ 705b0def88dSAmir Goldstein pr_info("disabling nfs_export due to metacopy=on\n"); 706b0def88dSAmir Goldstein config->nfs_export = false; 707b0def88dSAmir Goldstein } else { 708b0def88dSAmir Goldstein /* 709b0def88dSAmir Goldstein * There was an explicit nfs_export=on that resulted 710b0def88dSAmir Goldstein * in this conflict. 711b0def88dSAmir Goldstein */ 712b0def88dSAmir Goldstein pr_info("disabling metacopy due to nfs_export=on\n"); 713b0def88dSAmir Goldstein config->metacopy = false; 714b0def88dSAmir Goldstein } 715b0def88dSAmir Goldstein } 716b0def88dSAmir Goldstein 7172d2f2d73SMiklos Szeredi 7182d2f2d73SMiklos Szeredi /* Resolve userxattr -> !redirect && !metacopy dependency */ 7192d2f2d73SMiklos Szeredi if (config->userxattr) { 7202d2f2d73SMiklos Szeredi if (config->redirect_follow && redirect_opt) { 7212d2f2d73SMiklos Szeredi pr_err("conflicting options: userxattr,redirect_dir=%s\n", 7222d2f2d73SMiklos Szeredi config->redirect_mode); 7232d2f2d73SMiklos Szeredi return -EINVAL; 7242d2f2d73SMiklos Szeredi } 7252d2f2d73SMiklos Szeredi if (config->metacopy && metacopy_opt) { 7262d2f2d73SMiklos Szeredi pr_err("conflicting options: userxattr,metacopy=on\n"); 7272d2f2d73SMiklos Szeredi return -EINVAL; 7282d2f2d73SMiklos Szeredi } 7292d2f2d73SMiklos Szeredi /* 7302d2f2d73SMiklos Szeredi * Silently disable default setting of redirect and metacopy. 7312d2f2d73SMiklos Szeredi * This shall be the default in the future as well: these 7322d2f2d73SMiklos Szeredi * options must be explicitly enabled if used together with 7332d2f2d73SMiklos Szeredi * userxattr. 7342d2f2d73SMiklos Szeredi */ 7352d2f2d73SMiklos Szeredi config->redirect_dir = config->redirect_follow = false; 7362d2f2d73SMiklos Szeredi config->metacopy = false; 7372d2f2d73SMiklos Szeredi } 7382d2f2d73SMiklos Szeredi 739d5791044SVivek Goyal return 0; 740e9be9d5eSMiklos Szeredi } 741e9be9d5eSMiklos Szeredi 742e9be9d5eSMiklos Szeredi #define OVL_WORKDIR_NAME "work" 74302bcd157SAmir Goldstein #define OVL_INDEXDIR_NAME "index" 744e9be9d5eSMiklos Szeredi 745ad204488SMiklos Szeredi static struct dentry *ovl_workdir_create(struct ovl_fs *ofs, 7466b8aa129SAmir Goldstein const char *name, bool persist) 747e9be9d5eSMiklos Szeredi { 748ad204488SMiklos Szeredi struct inode *dir = ofs->workbasedir->d_inode; 74908f4c7c8SMiklos Szeredi struct vfsmount *mnt = ovl_upper_mnt(ofs); 750e9be9d5eSMiklos Szeredi struct dentry *work; 751e9be9d5eSMiklos Szeredi int err; 752e9be9d5eSMiklos Szeredi bool retried = false; 753e9be9d5eSMiklos Szeredi 7545955102cSAl Viro inode_lock_nested(dir, I_MUTEX_PARENT); 755e9be9d5eSMiklos Szeredi retry: 75622f289ceSChristian Brauner work = ovl_lookup_upper(ofs, name, ofs->workbasedir, strlen(name)); 757e9be9d5eSMiklos Szeredi 758e9be9d5eSMiklos Szeredi if (!IS_ERR(work)) { 759c11b9fddSMiklos Szeredi struct iattr attr = { 760c11b9fddSMiklos Szeredi .ia_valid = ATTR_MODE, 76132a3d848SAl Viro .ia_mode = S_IFDIR | 0, 762c11b9fddSMiklos Szeredi }; 763e9be9d5eSMiklos Szeredi 764e9be9d5eSMiklos Szeredi if (work->d_inode) { 765e9be9d5eSMiklos Szeredi err = -EEXIST; 766e9be9d5eSMiklos Szeredi if (retried) 767e9be9d5eSMiklos Szeredi goto out_dput; 768e9be9d5eSMiklos Szeredi 7696b8aa129SAmir Goldstein if (persist) 7706b8aa129SAmir Goldstein goto out_unlock; 7716b8aa129SAmir Goldstein 772e9be9d5eSMiklos Szeredi retried = true; 773576bb263SChristian Brauner err = ovl_workdir_cleanup(ofs, dir, mnt, work, 0); 774e9be9d5eSMiklos Szeredi dput(work); 775235ce9edSAmir Goldstein if (err == -EINVAL) { 776235ce9edSAmir Goldstein work = ERR_PTR(err); 777235ce9edSAmir Goldstein goto out_unlock; 778235ce9edSAmir Goldstein } 779e9be9d5eSMiklos Szeredi goto retry; 780e9be9d5eSMiklos Szeredi } 781e9be9d5eSMiklos Szeredi 782576bb263SChristian Brauner err = ovl_mkdir_real(ofs, dir, &work, attr.ia_mode); 7831f5573cfSMiklos Szeredi if (err) 7841f5573cfSMiklos Szeredi goto out_dput; 7851f5573cfSMiklos Szeredi 7861f5573cfSMiklos Szeredi /* Weird filesystem returning with hashed negative (kernfs)? */ 7871f5573cfSMiklos Szeredi err = -EINVAL; 7881f5573cfSMiklos Szeredi if (d_really_is_negative(work)) 7891f5573cfSMiklos Szeredi goto out_dput; 790c11b9fddSMiklos Szeredi 791cb348edbSMiklos Szeredi /* 792cb348edbSMiklos Szeredi * Try to remove POSIX ACL xattrs from workdir. We are good if: 793cb348edbSMiklos Szeredi * 794cb348edbSMiklos Szeredi * a) success (there was a POSIX ACL xattr and was removed) 795cb348edbSMiklos Szeredi * b) -ENODATA (there was no POSIX ACL xattr) 796cb348edbSMiklos Szeredi * c) -EOPNOTSUPP (POSIX ACL xattrs are not supported) 797cb348edbSMiklos Szeredi * 798cb348edbSMiklos Szeredi * There are various other error values that could effectively 799cb348edbSMiklos Szeredi * mean that the xattr doesn't exist (e.g. -ERANGE is returned 800cb348edbSMiklos Szeredi * if the xattr name is too long), but the set of filesystems 801cb348edbSMiklos Szeredi * allowed as upper are limited to "normal" ones, where checking 802cb348edbSMiklos Szeredi * for the above two errors is sufficient. 803cb348edbSMiklos Szeredi */ 80431acceb9SChristian Brauner err = ovl_do_remove_acl(ofs, work, XATTR_NAME_POSIX_ACL_DEFAULT); 805e1ff3dd1SMiklos Szeredi if (err && err != -ENODATA && err != -EOPNOTSUPP) 806c11b9fddSMiklos Szeredi goto out_dput; 807c11b9fddSMiklos Szeredi 80831acceb9SChristian Brauner err = ovl_do_remove_acl(ofs, work, XATTR_NAME_POSIX_ACL_ACCESS); 809e1ff3dd1SMiklos Szeredi if (err && err != -ENODATA && err != -EOPNOTSUPP) 810c11b9fddSMiklos Szeredi goto out_dput; 811c11b9fddSMiklos Szeredi 812c11b9fddSMiklos Szeredi /* Clear any inherited mode bits */ 813c11b9fddSMiklos Szeredi inode_lock(work->d_inode); 814a15506eaSChristian Brauner err = ovl_do_notify_change(ofs, work, &attr); 815c11b9fddSMiklos Szeredi inode_unlock(work->d_inode); 816c11b9fddSMiklos Szeredi if (err) 817c11b9fddSMiklos Szeredi goto out_dput; 8186b8aa129SAmir Goldstein } else { 8196b8aa129SAmir Goldstein err = PTR_ERR(work); 8206b8aa129SAmir Goldstein goto out_err; 821e9be9d5eSMiklos Szeredi } 822e9be9d5eSMiklos Szeredi out_unlock: 8236b8aa129SAmir Goldstein inode_unlock(dir); 824e9be9d5eSMiklos Szeredi return work; 825e9be9d5eSMiklos Szeredi 826e9be9d5eSMiklos Szeredi out_dput: 827e9be9d5eSMiklos Szeredi dput(work); 8286b8aa129SAmir Goldstein out_err: 8291bd0a3aeSlijiazi pr_warn("failed to create directory %s/%s (errno: %i); mounting read-only\n", 830ad204488SMiklos Szeredi ofs->config.workdir, name, -err); 8316b8aa129SAmir Goldstein work = NULL; 832e9be9d5eSMiklos Szeredi goto out_unlock; 833e9be9d5eSMiklos Szeredi } 834e9be9d5eSMiklos Szeredi 83591c77947SMiklos Szeredi static void ovl_unescape(char *s) 83691c77947SMiklos Szeredi { 83791c77947SMiklos Szeredi char *d = s; 83891c77947SMiklos Szeredi 83991c77947SMiklos Szeredi for (;; s++, d++) { 84091c77947SMiklos Szeredi if (*s == '\\') 84191c77947SMiklos Szeredi s++; 84291c77947SMiklos Szeredi *d = *s; 84391c77947SMiklos Szeredi if (!*s) 84491c77947SMiklos Szeredi break; 84591c77947SMiklos Szeredi } 84691c77947SMiklos Szeredi } 84791c77947SMiklos Szeredi 848ab508822SMiklos Szeredi static int ovl_mount_dir_noesc(const char *name, struct path *path) 849ab508822SMiklos Szeredi { 850a78d9f0dSMiklos Szeredi int err = -EINVAL; 851ab508822SMiklos Szeredi 852a78d9f0dSMiklos Szeredi if (!*name) { 8531bd0a3aeSlijiazi pr_err("empty lowerdir\n"); 854a78d9f0dSMiklos Szeredi goto out; 855a78d9f0dSMiklos Szeredi } 856ab508822SMiklos Szeredi err = kern_path(name, LOOKUP_FOLLOW, path); 857ab508822SMiklos Szeredi if (err) { 8581bd0a3aeSlijiazi pr_err("failed to resolve '%s': %i\n", name, err); 859ab508822SMiklos Szeredi goto out; 860ab508822SMiklos Szeredi } 861ab508822SMiklos Szeredi err = -EINVAL; 8627c03b5d4SMiklos Szeredi if (ovl_dentry_weird(path->dentry)) { 8631bd0a3aeSlijiazi pr_err("filesystem on '%s' not supported\n", name); 864ab508822SMiklos Szeredi goto out_put; 865ab508822SMiklos Szeredi } 8662b8c30e9SMiklos Szeredi if (!d_is_dir(path->dentry)) { 8671bd0a3aeSlijiazi pr_err("'%s' not a directory\n", name); 868ab508822SMiklos Szeredi goto out_put; 869ab508822SMiklos Szeredi } 870ab508822SMiklos Szeredi return 0; 871ab508822SMiklos Szeredi 872ab508822SMiklos Szeredi out_put: 8738aafcb59SMiklos Szeredi path_put_init(path); 874ab508822SMiklos Szeredi out: 875ab508822SMiklos Szeredi return err; 876ab508822SMiklos Szeredi } 877ab508822SMiklos Szeredi 878ab508822SMiklos Szeredi static int ovl_mount_dir(const char *name, struct path *path) 879ab508822SMiklos Szeredi { 880ab508822SMiklos Szeredi int err = -ENOMEM; 881ab508822SMiklos Szeredi char *tmp = kstrdup(name, GFP_KERNEL); 882ab508822SMiklos Szeredi 883ab508822SMiklos Szeredi if (tmp) { 884ab508822SMiklos Szeredi ovl_unescape(tmp); 885ab508822SMiklos Szeredi err = ovl_mount_dir_noesc(tmp, path); 8867c03b5d4SMiklos Szeredi 887bccece1eSMiklos Szeredi if (!err && path->dentry->d_flags & DCACHE_OP_REAL) { 8881bd0a3aeSlijiazi pr_err("filesystem on '%s' not supported as upperdir\n", 8897c03b5d4SMiklos Szeredi tmp); 8908aafcb59SMiklos Szeredi path_put_init(path); 8917c03b5d4SMiklos Szeredi err = -EINVAL; 8927c03b5d4SMiklos Szeredi } 893ab508822SMiklos Szeredi kfree(tmp); 894ab508822SMiklos Szeredi } 895ab508822SMiklos Szeredi return err; 896ab508822SMiklos Szeredi } 897ab508822SMiklos Szeredi 8982d343087SAl Viro static int ovl_check_namelen(const struct path *path, struct ovl_fs *ofs, 8996b2d5fe4SMiklos Szeredi const char *name) 9006b2d5fe4SMiklos Szeredi { 9016b2d5fe4SMiklos Szeredi struct kstatfs statfs; 9026b2d5fe4SMiklos Szeredi int err = vfs_statfs(path, &statfs); 9036b2d5fe4SMiklos Szeredi 9046b2d5fe4SMiklos Szeredi if (err) 9051bd0a3aeSlijiazi pr_err("statfs failed on '%s'\n", name); 9066b2d5fe4SMiklos Szeredi else 9076b2d5fe4SMiklos Szeredi ofs->namelen = max(ofs->namelen, statfs.f_namelen); 9086b2d5fe4SMiklos Szeredi 9096b2d5fe4SMiklos Szeredi return err; 9106b2d5fe4SMiklos Szeredi } 9116b2d5fe4SMiklos Szeredi 9126b2d5fe4SMiklos Szeredi static int ovl_lower_dir(const char *name, struct path *path, 913f4288844SMiklos Szeredi struct ovl_fs *ofs, int *stack_depth) 914ab508822SMiklos Szeredi { 915e487d889SAmir Goldstein int fh_type; 916ab508822SMiklos Szeredi int err; 917ab508822SMiklos Szeredi 918a78d9f0dSMiklos Szeredi err = ovl_mount_dir_noesc(name, path); 919ab508822SMiklos Szeredi if (err) 920b8e42a65SMiklos Szeredi return err; 921ab508822SMiklos Szeredi 9226b2d5fe4SMiklos Szeredi err = ovl_check_namelen(path, ofs, name); 9236b2d5fe4SMiklos Szeredi if (err) 924b8e42a65SMiklos Szeredi return err; 9256b2d5fe4SMiklos Szeredi 926ab508822SMiklos Szeredi *stack_depth = max(*stack_depth, path->mnt->mnt_sb->s_stack_depth); 927ab508822SMiklos Szeredi 92802bcd157SAmir Goldstein /* 929f168f109SAmir Goldstein * The inodes index feature and NFS export need to encode and decode 930f168f109SAmir Goldstein * file handles, so they require that all layers support them. 93102bcd157SAmir Goldstein */ 932e487d889SAmir Goldstein fh_type = ovl_can_decode_fh(path->dentry->d_sb); 933f168f109SAmir Goldstein if ((ofs->config.nfs_export || 934e487d889SAmir Goldstein (ofs->config.index && ofs->config.upperdir)) && !fh_type) { 93502bcd157SAmir Goldstein ofs->config.index = false; 936f168f109SAmir Goldstein ofs->config.nfs_export = false; 9371bd0a3aeSlijiazi pr_warn("fs on '%s' does not support file handles, falling back to index=off,nfs_export=off.\n", 938f168f109SAmir Goldstein name); 93902bcd157SAmir Goldstein } 940b0e0f697SAmir Goldstein /* 941b0e0f697SAmir Goldstein * Decoding origin file handle is required for persistent st_ino. 942b0e0f697SAmir Goldstein * Without persistent st_ino, xino=auto falls back to xino=off. 943b0e0f697SAmir Goldstein */ 944b0e0f697SAmir Goldstein if (ofs->config.xino == OVL_XINO_AUTO && 945b0e0f697SAmir Goldstein ofs->config.upperdir && !fh_type) { 946b0e0f697SAmir Goldstein ofs->config.xino = OVL_XINO_OFF; 947b0e0f697SAmir Goldstein pr_warn("fs on '%s' does not support file handles, falling back to xino=off.\n", 948b0e0f697SAmir Goldstein name); 949b0e0f697SAmir Goldstein } 95002bcd157SAmir Goldstein 951e487d889SAmir Goldstein /* Check if lower fs has 32bit inode numbers */ 952e487d889SAmir Goldstein if (fh_type != FILEID_INO32_GEN) 9530f831ec8SAmir Goldstein ofs->xino_mode = -1; 954e487d889SAmir Goldstein 955ab508822SMiklos Szeredi return 0; 956ab508822SMiklos Szeredi } 957ab508822SMiklos Szeredi 958e9be9d5eSMiklos Szeredi /* Workdir should not be subdir of upperdir and vice versa */ 959e9be9d5eSMiklos Szeredi static bool ovl_workdir_ok(struct dentry *workdir, struct dentry *upperdir) 960e9be9d5eSMiklos Szeredi { 961e9be9d5eSMiklos Szeredi bool ok = false; 962e9be9d5eSMiklos Szeredi 963e9be9d5eSMiklos Szeredi if (workdir != upperdir) { 964e9be9d5eSMiklos Szeredi ok = (lock_rename(workdir, upperdir) == NULL); 965e9be9d5eSMiklos Szeredi unlock_rename(workdir, upperdir); 966e9be9d5eSMiklos Szeredi } 967e9be9d5eSMiklos Szeredi return ok; 968e9be9d5eSMiklos Szeredi } 969e9be9d5eSMiklos Szeredi 970a78d9f0dSMiklos Szeredi static unsigned int ovl_split_lowerdirs(char *str) 971a78d9f0dSMiklos Szeredi { 972a78d9f0dSMiklos Szeredi unsigned int ctr = 1; 973a78d9f0dSMiklos Szeredi char *s, *d; 974a78d9f0dSMiklos Szeredi 975a78d9f0dSMiklos Szeredi for (s = d = str;; s++, d++) { 976a78d9f0dSMiklos Szeredi if (*s == '\\') { 977a78d9f0dSMiklos Szeredi s++; 978a78d9f0dSMiklos Szeredi } else if (*s == ':') { 979a78d9f0dSMiklos Szeredi *d = '\0'; 980a78d9f0dSMiklos Szeredi ctr++; 981a78d9f0dSMiklos Szeredi continue; 982a78d9f0dSMiklos Szeredi } 983a78d9f0dSMiklos Szeredi *d = *s; 984a78d9f0dSMiklos Szeredi if (!*s) 985a78d9f0dSMiklos Szeredi break; 986a78d9f0dSMiklos Szeredi } 987a78d9f0dSMiklos Szeredi return ctr; 988a78d9f0dSMiklos Szeredi } 989a78d9f0dSMiklos Szeredi 9900eb45fc3SAndreas Gruenbacher static int ovl_own_xattr_get(const struct xattr_handler *handler, 9910eb45fc3SAndreas Gruenbacher struct dentry *dentry, struct inode *inode, 9920eb45fc3SAndreas Gruenbacher const char *name, void *buffer, size_t size) 9930eb45fc3SAndreas Gruenbacher { 99448fab5d7SAmir Goldstein return -EOPNOTSUPP; 9950eb45fc3SAndreas Gruenbacher } 9960eb45fc3SAndreas Gruenbacher 997d837a49bSMiklos Szeredi static int ovl_own_xattr_set(const struct xattr_handler *handler, 99839f60c1cSChristian Brauner struct mnt_idmap *idmap, 999d837a49bSMiklos Szeredi struct dentry *dentry, struct inode *inode, 1000d837a49bSMiklos Szeredi const char *name, const void *value, 1001d837a49bSMiklos Szeredi size_t size, int flags) 1002d837a49bSMiklos Szeredi { 100348fab5d7SAmir Goldstein return -EOPNOTSUPP; 1004d837a49bSMiklos Szeredi } 1005d837a49bSMiklos Szeredi 10060eb45fc3SAndreas Gruenbacher static int ovl_other_xattr_get(const struct xattr_handler *handler, 10070eb45fc3SAndreas Gruenbacher struct dentry *dentry, struct inode *inode, 10080eb45fc3SAndreas Gruenbacher const char *name, void *buffer, size_t size) 10090eb45fc3SAndreas Gruenbacher { 10101d88f183SMiklos Szeredi return ovl_xattr_get(dentry, inode, name, buffer, size); 10110eb45fc3SAndreas Gruenbacher } 10120eb45fc3SAndreas Gruenbacher 10130e585cccSAndreas Gruenbacher static int ovl_other_xattr_set(const struct xattr_handler *handler, 101439f60c1cSChristian Brauner struct mnt_idmap *idmap, 10150e585cccSAndreas Gruenbacher struct dentry *dentry, struct inode *inode, 10160e585cccSAndreas Gruenbacher const char *name, const void *value, 10170e585cccSAndreas Gruenbacher size_t size, int flags) 10180e585cccSAndreas Gruenbacher { 10191d88f183SMiklos Szeredi return ovl_xattr_set(dentry, inode, name, value, size, flags); 10200e585cccSAndreas Gruenbacher } 10210e585cccSAndreas Gruenbacher 10222d2f2d73SMiklos Szeredi static const struct xattr_handler ovl_own_trusted_xattr_handler = { 10232d2f2d73SMiklos Szeredi .prefix = OVL_XATTR_TRUSTED_PREFIX, 10242d2f2d73SMiklos Szeredi .get = ovl_own_xattr_get, 10252d2f2d73SMiklos Szeredi .set = ovl_own_xattr_set, 10262d2f2d73SMiklos Szeredi }; 10272d2f2d73SMiklos Szeredi 10282d2f2d73SMiklos Szeredi static const struct xattr_handler ovl_own_user_xattr_handler = { 10292d2f2d73SMiklos Szeredi .prefix = OVL_XATTR_USER_PREFIX, 10300eb45fc3SAndreas Gruenbacher .get = ovl_own_xattr_get, 1031d837a49bSMiklos Szeredi .set = ovl_own_xattr_set, 1032d837a49bSMiklos Szeredi }; 1033d837a49bSMiklos Szeredi 1034d837a49bSMiklos Szeredi static const struct xattr_handler ovl_other_xattr_handler = { 1035d837a49bSMiklos Szeredi .prefix = "", /* catch all */ 10360eb45fc3SAndreas Gruenbacher .get = ovl_other_xattr_get, 1037d837a49bSMiklos Szeredi .set = ovl_other_xattr_set, 1038d837a49bSMiklos Szeredi }; 1039d837a49bSMiklos Szeredi 10402d2f2d73SMiklos Szeredi static const struct xattr_handler *ovl_trusted_xattr_handlers[] = { 10412d2f2d73SMiklos Szeredi &ovl_own_trusted_xattr_handler, 10422d2f2d73SMiklos Szeredi &ovl_other_xattr_handler, 10432d2f2d73SMiklos Szeredi NULL 10442d2f2d73SMiklos Szeredi }; 10452d2f2d73SMiklos Szeredi 10462d2f2d73SMiklos Szeredi static const struct xattr_handler *ovl_user_xattr_handlers[] = { 10472d2f2d73SMiklos Szeredi &ovl_own_user_xattr_handler, 1048d837a49bSMiklos Szeredi &ovl_other_xattr_handler, 1049d837a49bSMiklos Szeredi NULL 1050d837a49bSMiklos Szeredi }; 1051d837a49bSMiklos Szeredi 1052146d62e5SAmir Goldstein static int ovl_setup_trap(struct super_block *sb, struct dentry *dir, 1053146d62e5SAmir Goldstein struct inode **ptrap, const char *name) 1054146d62e5SAmir Goldstein { 1055146d62e5SAmir Goldstein struct inode *trap; 1056146d62e5SAmir Goldstein int err; 1057146d62e5SAmir Goldstein 1058146d62e5SAmir Goldstein trap = ovl_get_trap_inode(sb, dir); 10591dac6f5bSArnd Bergmann err = PTR_ERR_OR_ZERO(trap); 10601dac6f5bSArnd Bergmann if (err) { 1061146d62e5SAmir Goldstein if (err == -ELOOP) 10621bd0a3aeSlijiazi pr_err("conflicting %s path\n", name); 1063146d62e5SAmir Goldstein return err; 1064146d62e5SAmir Goldstein } 1065146d62e5SAmir Goldstein 1066146d62e5SAmir Goldstein *ptrap = trap; 1067146d62e5SAmir Goldstein return 0; 1068146d62e5SAmir Goldstein } 1069146d62e5SAmir Goldstein 10700be0bfd2SAmir Goldstein /* 10710be0bfd2SAmir Goldstein * Determine how we treat concurrent use of upperdir/workdir based on the 10720be0bfd2SAmir Goldstein * index feature. This is papering over mount leaks of container runtimes, 10730be0bfd2SAmir Goldstein * for example, an old overlay mount is leaked and now its upperdir is 10740be0bfd2SAmir Goldstein * attempted to be used as a lower layer in a new overlay mount. 10750be0bfd2SAmir Goldstein */ 10760be0bfd2SAmir Goldstein static int ovl_report_in_use(struct ovl_fs *ofs, const char *name) 10770be0bfd2SAmir Goldstein { 10780be0bfd2SAmir Goldstein if (ofs->config.index) { 10791bd0a3aeSlijiazi pr_err("%s is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.\n", 10800be0bfd2SAmir Goldstein name); 10810be0bfd2SAmir Goldstein return -EBUSY; 10820be0bfd2SAmir Goldstein } else { 10831bd0a3aeSlijiazi pr_warn("%s is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.\n", 10840be0bfd2SAmir Goldstein name); 10850be0bfd2SAmir Goldstein return 0; 10860be0bfd2SAmir Goldstein } 10870be0bfd2SAmir Goldstein } 10880be0bfd2SAmir Goldstein 1089146d62e5SAmir Goldstein static int ovl_get_upper(struct super_block *sb, struct ovl_fs *ofs, 1090b8e42a65SMiklos Szeredi struct ovl_layer *upper_layer, struct path *upperpath) 10916ee8acf0SMiklos Szeredi { 10925064975eSMiklos Szeredi struct vfsmount *upper_mnt; 10936ee8acf0SMiklos Szeredi int err; 10946ee8acf0SMiklos Szeredi 1095ad204488SMiklos Szeredi err = ovl_mount_dir(ofs->config.upperdir, upperpath); 10966ee8acf0SMiklos Szeredi if (err) 10976ee8acf0SMiklos Szeredi goto out; 10986ee8acf0SMiklos Szeredi 1099e21a6c57SAmir Goldstein /* Upperdir path should not be r/o */ 1100e21a6c57SAmir Goldstein if (__mnt_is_readonly(upperpath->mnt)) { 11011bd0a3aeSlijiazi pr_err("upper fs is r/o, try multi-lower layers mount\n"); 11026ee8acf0SMiklos Szeredi err = -EINVAL; 11036ee8acf0SMiklos Szeredi goto out; 11046ee8acf0SMiklos Szeredi } 11056ee8acf0SMiklos Szeredi 1106ad204488SMiklos Szeredi err = ovl_check_namelen(upperpath, ofs, ofs->config.upperdir); 11076ee8acf0SMiklos Szeredi if (err) 11086ee8acf0SMiklos Szeredi goto out; 11096ee8acf0SMiklos Szeredi 1110b8e42a65SMiklos Szeredi err = ovl_setup_trap(sb, upperpath->dentry, &upper_layer->trap, 1111146d62e5SAmir Goldstein "upperdir"); 1112146d62e5SAmir Goldstein if (err) 1113146d62e5SAmir Goldstein goto out; 1114146d62e5SAmir Goldstein 11155064975eSMiklos Szeredi upper_mnt = clone_private_mount(upperpath); 11165064975eSMiklos Szeredi err = PTR_ERR(upper_mnt); 11175064975eSMiklos Szeredi if (IS_ERR(upper_mnt)) { 11181bd0a3aeSlijiazi pr_err("failed to clone upperpath\n"); 11195064975eSMiklos Szeredi goto out; 11205064975eSMiklos Szeredi } 11215064975eSMiklos Szeredi 11225064975eSMiklos Szeredi /* Don't inherit atime flags */ 11235064975eSMiklos Szeredi upper_mnt->mnt_flags &= ~(MNT_NOATIME | MNT_NODIRATIME | MNT_RELATIME); 1124b8e42a65SMiklos Szeredi upper_layer->mnt = upper_mnt; 1125b8e42a65SMiklos Szeredi upper_layer->idx = 0; 1126b8e42a65SMiklos Szeredi upper_layer->fsid = 0; 11278c25741aSMiklos Szeredi 1128654255faSJeffle Xu /* 1129654255faSJeffle Xu * Inherit SB_NOSEC flag from upperdir. 1130654255faSJeffle Xu * 1131654255faSJeffle Xu * This optimization changes behavior when a security related attribute 1132654255faSJeffle Xu * (suid/sgid/security.*) is changed on an underlying layer. This is 1133654255faSJeffle Xu * okay because we don't yet have guarantees in that case, but it will 1134654255faSJeffle Xu * need careful treatment once we want to honour changes to underlying 1135654255faSJeffle Xu * filesystems. 1136654255faSJeffle Xu */ 1137654255faSJeffle Xu if (upper_mnt->mnt_sb->s_flags & SB_NOSEC) 1138654255faSJeffle Xu sb->s_flags |= SB_NOSEC; 1139654255faSJeffle Xu 114008f4c7c8SMiklos Szeredi if (ovl_inuse_trylock(ovl_upper_mnt(ofs)->mnt_root)) { 11418c25741aSMiklos Szeredi ofs->upperdir_locked = true; 11428c25741aSMiklos Szeredi } else { 11430be0bfd2SAmir Goldstein err = ovl_report_in_use(ofs, "upperdir"); 11440be0bfd2SAmir Goldstein if (err) 11450be0bfd2SAmir Goldstein goto out; 11468c25741aSMiklos Szeredi } 11478c25741aSMiklos Szeredi 11486ee8acf0SMiklos Szeredi err = 0; 11496ee8acf0SMiklos Szeredi out: 11506ee8acf0SMiklos Szeredi return err; 11516ee8acf0SMiklos Szeredi } 11526ee8acf0SMiklos Szeredi 1153cad218abSAmir Goldstein /* 1154cad218abSAmir Goldstein * Returns 1 if RENAME_WHITEOUT is supported, 0 if not supported and 1155cad218abSAmir Goldstein * negative values if error is encountered. 1156cad218abSAmir Goldstein */ 1157576bb263SChristian Brauner static int ovl_check_rename_whiteout(struct ovl_fs *ofs) 1158cad218abSAmir Goldstein { 1159576bb263SChristian Brauner struct dentry *workdir = ofs->workdir; 1160cad218abSAmir Goldstein struct inode *dir = d_inode(workdir); 1161cad218abSAmir Goldstein struct dentry *temp; 1162cad218abSAmir Goldstein struct dentry *dest; 1163cad218abSAmir Goldstein struct dentry *whiteout; 1164cad218abSAmir Goldstein struct name_snapshot name; 1165cad218abSAmir Goldstein int err; 1166cad218abSAmir Goldstein 1167cad218abSAmir Goldstein inode_lock_nested(dir, I_MUTEX_PARENT); 1168cad218abSAmir Goldstein 1169576bb263SChristian Brauner temp = ovl_create_temp(ofs, workdir, OVL_CATTR(S_IFREG | 0)); 1170cad218abSAmir Goldstein err = PTR_ERR(temp); 1171cad218abSAmir Goldstein if (IS_ERR(temp)) 1172cad218abSAmir Goldstein goto out_unlock; 1173cad218abSAmir Goldstein 1174576bb263SChristian Brauner dest = ovl_lookup_temp(ofs, workdir); 1175cad218abSAmir Goldstein err = PTR_ERR(dest); 1176cad218abSAmir Goldstein if (IS_ERR(dest)) { 1177cad218abSAmir Goldstein dput(temp); 1178cad218abSAmir Goldstein goto out_unlock; 1179cad218abSAmir Goldstein } 1180cad218abSAmir Goldstein 1181cad218abSAmir Goldstein /* Name is inline and stable - using snapshot as a copy helper */ 1182cad218abSAmir Goldstein take_dentry_name_snapshot(&name, temp); 1183576bb263SChristian Brauner err = ovl_do_rename(ofs, dir, temp, dir, dest, RENAME_WHITEOUT); 1184cad218abSAmir Goldstein if (err) { 1185cad218abSAmir Goldstein if (err == -EINVAL) 1186cad218abSAmir Goldstein err = 0; 1187cad218abSAmir Goldstein goto cleanup_temp; 1188cad218abSAmir Goldstein } 1189cad218abSAmir Goldstein 119022f289ceSChristian Brauner whiteout = ovl_lookup_upper(ofs, name.name.name, workdir, name.name.len); 1191cad218abSAmir Goldstein err = PTR_ERR(whiteout); 1192cad218abSAmir Goldstein if (IS_ERR(whiteout)) 1193cad218abSAmir Goldstein goto cleanup_temp; 1194cad218abSAmir Goldstein 1195cad218abSAmir Goldstein err = ovl_is_whiteout(whiteout); 1196cad218abSAmir Goldstein 1197cad218abSAmir Goldstein /* Best effort cleanup of whiteout and temp file */ 1198cad218abSAmir Goldstein if (err) 1199576bb263SChristian Brauner ovl_cleanup(ofs, dir, whiteout); 1200cad218abSAmir Goldstein dput(whiteout); 1201cad218abSAmir Goldstein 1202cad218abSAmir Goldstein cleanup_temp: 1203576bb263SChristian Brauner ovl_cleanup(ofs, dir, temp); 1204cad218abSAmir Goldstein release_dentry_name_snapshot(&name); 1205cad218abSAmir Goldstein dput(temp); 1206cad218abSAmir Goldstein dput(dest); 1207cad218abSAmir Goldstein 1208cad218abSAmir Goldstein out_unlock: 1209cad218abSAmir Goldstein inode_unlock(dir); 1210cad218abSAmir Goldstein 1211cad218abSAmir Goldstein return err; 1212cad218abSAmir Goldstein } 1213cad218abSAmir Goldstein 1214576bb263SChristian Brauner static struct dentry *ovl_lookup_or_create(struct ovl_fs *ofs, 1215576bb263SChristian Brauner struct dentry *parent, 1216c86243b0SVivek Goyal const char *name, umode_t mode) 1217c86243b0SVivek Goyal { 1218c86243b0SVivek Goyal size_t len = strlen(name); 1219c86243b0SVivek Goyal struct dentry *child; 1220c86243b0SVivek Goyal 1221c86243b0SVivek Goyal inode_lock_nested(parent->d_inode, I_MUTEX_PARENT); 122222f289ceSChristian Brauner child = ovl_lookup_upper(ofs, name, parent, len); 1223c86243b0SVivek Goyal if (!IS_ERR(child) && !child->d_inode) 1224576bb263SChristian Brauner child = ovl_create_real(ofs, parent->d_inode, child, 1225c86243b0SVivek Goyal OVL_CATTR(mode)); 1226c86243b0SVivek Goyal inode_unlock(parent->d_inode); 1227c86243b0SVivek Goyal dput(parent); 1228c86243b0SVivek Goyal 1229c86243b0SVivek Goyal return child; 1230c86243b0SVivek Goyal } 1231c86243b0SVivek Goyal 1232c86243b0SVivek Goyal /* 1233c86243b0SVivek Goyal * Creates $workdir/work/incompat/volatile/dirty file if it is not already 1234c86243b0SVivek Goyal * present. 1235c86243b0SVivek Goyal */ 1236c86243b0SVivek Goyal static int ovl_create_volatile_dirty(struct ovl_fs *ofs) 1237c86243b0SVivek Goyal { 1238c86243b0SVivek Goyal unsigned int ctr; 1239c86243b0SVivek Goyal struct dentry *d = dget(ofs->workbasedir); 1240c86243b0SVivek Goyal static const char *const volatile_path[] = { 1241c86243b0SVivek Goyal OVL_WORKDIR_NAME, "incompat", "volatile", "dirty" 1242c86243b0SVivek Goyal }; 1243c86243b0SVivek Goyal const char *const *name = volatile_path; 1244c86243b0SVivek Goyal 1245c86243b0SVivek Goyal for (ctr = ARRAY_SIZE(volatile_path); ctr; ctr--, name++) { 1246576bb263SChristian Brauner d = ovl_lookup_or_create(ofs, d, *name, ctr > 1 ? S_IFDIR : S_IFREG); 1247c86243b0SVivek Goyal if (IS_ERR(d)) 1248c86243b0SVivek Goyal return PTR_ERR(d); 1249c86243b0SVivek Goyal } 1250c86243b0SVivek Goyal dput(d); 1251c86243b0SVivek Goyal return 0; 1252c86243b0SVivek Goyal } 1253c86243b0SVivek Goyal 1254146d62e5SAmir Goldstein static int ovl_make_workdir(struct super_block *sb, struct ovl_fs *ofs, 12552d343087SAl Viro const struct path *workpath) 12568ed61dc3SMiklos Szeredi { 125708f4c7c8SMiklos Szeredi struct vfsmount *mnt = ovl_upper_mnt(ofs); 12582b1a7746SMiklos Szeredi struct dentry *workdir; 12592b1a7746SMiklos Szeredi struct file *tmpfile; 1260d80172c2SAmir Goldstein bool rename_whiteout; 1261d80172c2SAmir Goldstein bool d_type; 1262e487d889SAmir Goldstein int fh_type; 12638ed61dc3SMiklos Szeredi int err; 12648ed61dc3SMiklos Szeredi 12652ba9d57eSAmir Goldstein err = mnt_want_write(mnt); 12662ba9d57eSAmir Goldstein if (err) 12672ba9d57eSAmir Goldstein return err; 12682ba9d57eSAmir Goldstein 1269235ce9edSAmir Goldstein workdir = ovl_workdir_create(ofs, OVL_WORKDIR_NAME, false); 1270235ce9edSAmir Goldstein err = PTR_ERR(workdir); 1271235ce9edSAmir Goldstein if (IS_ERR_OR_NULL(workdir)) 12722ba9d57eSAmir Goldstein goto out; 12738ed61dc3SMiklos Szeredi 1274235ce9edSAmir Goldstein ofs->workdir = workdir; 1275235ce9edSAmir Goldstein 1276146d62e5SAmir Goldstein err = ovl_setup_trap(sb, ofs->workdir, &ofs->workdir_trap, "workdir"); 1277146d62e5SAmir Goldstein if (err) 1278146d62e5SAmir Goldstein goto out; 1279146d62e5SAmir Goldstein 12808ed61dc3SMiklos Szeredi /* 12818ed61dc3SMiklos Szeredi * Upper should support d_type, else whiteouts are visible. Given 12828ed61dc3SMiklos Szeredi * workdir and upper are on same fs, we can do iterate_dir() on 12838ed61dc3SMiklos Szeredi * workdir. This check requires successful creation of workdir in 12848ed61dc3SMiklos Szeredi * previous step. 12858ed61dc3SMiklos Szeredi */ 12868ed61dc3SMiklos Szeredi err = ovl_check_d_type_supported(workpath); 12878ed61dc3SMiklos Szeredi if (err < 0) 12882ba9d57eSAmir Goldstein goto out; 12898ed61dc3SMiklos Szeredi 1290d80172c2SAmir Goldstein d_type = err; 1291d80172c2SAmir Goldstein if (!d_type) 12921bd0a3aeSlijiazi pr_warn("upper fs needs to support d_type.\n"); 12938ed61dc3SMiklos Szeredi 12948ed61dc3SMiklos Szeredi /* Check if upper/work fs supports O_TMPFILE */ 12952b1a7746SMiklos Szeredi tmpfile = ovl_do_tmpfile(ofs, ofs->workdir, S_IFREG | 0); 12962b1a7746SMiklos Szeredi ofs->tmpfile = !IS_ERR(tmpfile); 1297ad204488SMiklos Szeredi if (ofs->tmpfile) 12982b1a7746SMiklos Szeredi fput(tmpfile); 12998ed61dc3SMiklos Szeredi else 13001bd0a3aeSlijiazi pr_warn("upper fs does not support tmpfile.\n"); 13018ed61dc3SMiklos Szeredi 1302cad218abSAmir Goldstein 1303cad218abSAmir Goldstein /* Check if upper/work fs supports RENAME_WHITEOUT */ 1304576bb263SChristian Brauner err = ovl_check_rename_whiteout(ofs); 1305cad218abSAmir Goldstein if (err < 0) 1306cad218abSAmir Goldstein goto out; 1307cad218abSAmir Goldstein 1308d80172c2SAmir Goldstein rename_whiteout = err; 1309d80172c2SAmir Goldstein if (!rename_whiteout) 1310cad218abSAmir Goldstein pr_warn("upper fs does not support RENAME_WHITEOUT.\n"); 1311cad218abSAmir Goldstein 13128ed61dc3SMiklos Szeredi /* 13132d2f2d73SMiklos Szeredi * Check if upper/work fs supports (trusted|user).overlay.* xattr 13148ed61dc3SMiklos Szeredi */ 1315c914c0e2SAmir Goldstein err = ovl_setxattr(ofs, ofs->workdir, OVL_XATTR_OPAQUE, "0", 1); 13168ed61dc3SMiklos Szeredi if (err) { 1317b10b85feSMiklos Szeredi pr_warn("failed to set xattr on upper\n"); 1318ad204488SMiklos Szeredi ofs->noxattr = true; 1319b0e0f697SAmir Goldstein if (ofs->config.index || ofs->config.metacopy) { 1320a683737bSAmir Goldstein ofs->config.index = false; 1321d5791044SVivek Goyal ofs->config.metacopy = false; 1322b10b85feSMiklos Szeredi pr_warn("...falling back to index=off,metacopy=off.\n"); 1323b0e0f697SAmir Goldstein } 1324b0e0f697SAmir Goldstein /* 1325b0e0f697SAmir Goldstein * xattr support is required for persistent st_ino. 1326b0e0f697SAmir Goldstein * Without persistent st_ino, xino=auto falls back to xino=off. 1327b0e0f697SAmir Goldstein */ 1328b0e0f697SAmir Goldstein if (ofs->config.xino == OVL_XINO_AUTO) { 1329b0e0f697SAmir Goldstein ofs->config.xino = OVL_XINO_OFF; 1330b10b85feSMiklos Szeredi pr_warn("...falling back to xino=off.\n"); 1331b0e0f697SAmir Goldstein } 1332b10b85feSMiklos Szeredi if (err == -EPERM && !ofs->config.userxattr) 1333b10b85feSMiklos Szeredi pr_info("try mounting with 'userxattr' option\n"); 13342ba9d57eSAmir Goldstein err = 0; 13358ed61dc3SMiklos Szeredi } else { 1336c914c0e2SAmir Goldstein ovl_removexattr(ofs, ofs->workdir, OVL_XATTR_OPAQUE); 13378ed61dc3SMiklos Szeredi } 13388ed61dc3SMiklos Szeredi 1339d80172c2SAmir Goldstein /* 1340d80172c2SAmir Goldstein * We allowed sub-optimal upper fs configuration and don't want to break 1341d80172c2SAmir Goldstein * users over kernel upgrade, but we never allowed remote upper fs, so 1342d80172c2SAmir Goldstein * we can enforce strict requirements for remote upper fs. 1343d80172c2SAmir Goldstein */ 1344d80172c2SAmir Goldstein if (ovl_dentry_remote(ofs->workdir) && 1345d80172c2SAmir Goldstein (!d_type || !rename_whiteout || ofs->noxattr)) { 1346d80172c2SAmir Goldstein pr_err("upper fs missing required features.\n"); 1347d80172c2SAmir Goldstein err = -EINVAL; 1348d80172c2SAmir Goldstein goto out; 1349d80172c2SAmir Goldstein } 1350d80172c2SAmir Goldstein 1351c86243b0SVivek Goyal /* 1352c86243b0SVivek Goyal * For volatile mount, create a incompat/volatile/dirty file to keep 1353c86243b0SVivek Goyal * track of it. 1354c86243b0SVivek Goyal */ 1355c86243b0SVivek Goyal if (ofs->config.ovl_volatile) { 1356c86243b0SVivek Goyal err = ovl_create_volatile_dirty(ofs); 1357c86243b0SVivek Goyal if (err < 0) { 1358c86243b0SVivek Goyal pr_err("Failed to create volatile/dirty file.\n"); 1359c86243b0SVivek Goyal goto out; 1360c86243b0SVivek Goyal } 1361c86243b0SVivek Goyal } 1362c86243b0SVivek Goyal 13638ed61dc3SMiklos Szeredi /* Check if upper/work fs supports file handles */ 1364e487d889SAmir Goldstein fh_type = ovl_can_decode_fh(ofs->workdir->d_sb); 1365e487d889SAmir Goldstein if (ofs->config.index && !fh_type) { 1366ad204488SMiklos Szeredi ofs->config.index = false; 13671bd0a3aeSlijiazi pr_warn("upper fs does not support file handles, falling back to index=off.\n"); 13688ed61dc3SMiklos Szeredi } 13698ed61dc3SMiklos Szeredi 1370e487d889SAmir Goldstein /* Check if upper fs has 32bit inode numbers */ 1371e487d889SAmir Goldstein if (fh_type != FILEID_INO32_GEN) 13720f831ec8SAmir Goldstein ofs->xino_mode = -1; 1373e487d889SAmir Goldstein 1374f168f109SAmir Goldstein /* NFS export of r/w mount depends on index */ 1375f168f109SAmir Goldstein if (ofs->config.nfs_export && !ofs->config.index) { 13761bd0a3aeSlijiazi pr_warn("NFS export requires \"index=on\", falling back to nfs_export=off.\n"); 1377f168f109SAmir Goldstein ofs->config.nfs_export = false; 1378f168f109SAmir Goldstein } 13792ba9d57eSAmir Goldstein out: 13802ba9d57eSAmir Goldstein mnt_drop_write(mnt); 13812ba9d57eSAmir Goldstein return err; 13828ed61dc3SMiklos Szeredi } 13838ed61dc3SMiklos Szeredi 1384146d62e5SAmir Goldstein static int ovl_get_workdir(struct super_block *sb, struct ovl_fs *ofs, 13852d343087SAl Viro const struct path *upperpath) 1386520d7c86SMiklos Szeredi { 1387520d7c86SMiklos Szeredi int err; 1388bca44b52SMiklos Szeredi struct path workpath = { }; 1389520d7c86SMiklos Szeredi 1390ad204488SMiklos Szeredi err = ovl_mount_dir(ofs->config.workdir, &workpath); 1391520d7c86SMiklos Szeredi if (err) 1392520d7c86SMiklos Szeredi goto out; 1393520d7c86SMiklos Szeredi 1394520d7c86SMiklos Szeredi err = -EINVAL; 1395bca44b52SMiklos Szeredi if (upperpath->mnt != workpath.mnt) { 13961bd0a3aeSlijiazi pr_err("workdir and upperdir must reside under the same mount\n"); 1397520d7c86SMiklos Szeredi goto out; 1398520d7c86SMiklos Szeredi } 1399bca44b52SMiklos Szeredi if (!ovl_workdir_ok(workpath.dentry, upperpath->dentry)) { 14001bd0a3aeSlijiazi pr_err("workdir and upperdir must be separate subtrees\n"); 1401520d7c86SMiklos Szeredi goto out; 1402520d7c86SMiklos Szeredi } 1403520d7c86SMiklos Szeredi 14048c25741aSMiklos Szeredi ofs->workbasedir = dget(workpath.dentry); 14058c25741aSMiklos Szeredi 14068c25741aSMiklos Szeredi if (ovl_inuse_trylock(ofs->workbasedir)) { 1407ad204488SMiklos Szeredi ofs->workdir_locked = true; 1408520d7c86SMiklos Szeredi } else { 14090be0bfd2SAmir Goldstein err = ovl_report_in_use(ofs, "workdir"); 14100be0bfd2SAmir Goldstein if (err) 14110be0bfd2SAmir Goldstein goto out; 1412520d7c86SMiklos Szeredi } 1413520d7c86SMiklos Szeredi 14140be0bfd2SAmir Goldstein err = ovl_setup_trap(sb, ofs->workbasedir, &ofs->workbasedir_trap, 14150be0bfd2SAmir Goldstein "workdir"); 14160be0bfd2SAmir Goldstein if (err) 14170be0bfd2SAmir Goldstein goto out; 14180be0bfd2SAmir Goldstein 1419146d62e5SAmir Goldstein err = ovl_make_workdir(sb, ofs, &workpath); 1420bca44b52SMiklos Szeredi 1421520d7c86SMiklos Szeredi out: 1422bca44b52SMiklos Szeredi path_put(&workpath); 1423bca44b52SMiklos Szeredi 1424520d7c86SMiklos Szeredi return err; 1425520d7c86SMiklos Szeredi } 1426520d7c86SMiklos Szeredi 1427146d62e5SAmir Goldstein static int ovl_get_indexdir(struct super_block *sb, struct ovl_fs *ofs, 14282d343087SAl Viro struct ovl_entry *oe, const struct path *upperpath) 1429f7e3a7d9SMiklos Szeredi { 143008f4c7c8SMiklos Szeredi struct vfsmount *mnt = ovl_upper_mnt(ofs); 1431235ce9edSAmir Goldstein struct dentry *indexdir; 1432f7e3a7d9SMiklos Szeredi int err; 1433f7e3a7d9SMiklos Szeredi 14342ba9d57eSAmir Goldstein err = mnt_want_write(mnt); 14352ba9d57eSAmir Goldstein if (err) 14362ba9d57eSAmir Goldstein return err; 14372ba9d57eSAmir Goldstein 1438f7e3a7d9SMiklos Szeredi /* Verify lower root is upper root origin */ 1439610afc0bSMiklos Szeredi err = ovl_verify_origin(ofs, upperpath->dentry, 14405522c9c7SAmir Goldstein ovl_lowerstack(oe)->dentry, true); 1441f7e3a7d9SMiklos Szeredi if (err) { 14421bd0a3aeSlijiazi pr_err("failed to verify upper root origin\n"); 1443f7e3a7d9SMiklos Szeredi goto out; 1444f7e3a7d9SMiklos Szeredi } 1445f7e3a7d9SMiklos Szeredi 144620396365SAmir Goldstein /* index dir will act also as workdir */ 144720396365SAmir Goldstein iput(ofs->workdir_trap); 144820396365SAmir Goldstein ofs->workdir_trap = NULL; 144920396365SAmir Goldstein dput(ofs->workdir); 1450470c1563SAmir Goldstein ofs->workdir = NULL; 1451235ce9edSAmir Goldstein indexdir = ovl_workdir_create(ofs, OVL_INDEXDIR_NAME, true); 1452235ce9edSAmir Goldstein if (IS_ERR(indexdir)) { 1453235ce9edSAmir Goldstein err = PTR_ERR(indexdir); 1454235ce9edSAmir Goldstein } else if (indexdir) { 1455235ce9edSAmir Goldstein ofs->indexdir = indexdir; 1456235ce9edSAmir Goldstein ofs->workdir = dget(indexdir); 145720396365SAmir Goldstein 1458146d62e5SAmir Goldstein err = ovl_setup_trap(sb, ofs->indexdir, &ofs->indexdir_trap, 1459146d62e5SAmir Goldstein "indexdir"); 1460146d62e5SAmir Goldstein if (err) 1461146d62e5SAmir Goldstein goto out; 1462146d62e5SAmir Goldstein 1463ad1d615cSAmir Goldstein /* 1464ad1d615cSAmir Goldstein * Verify upper root is exclusively associated with index dir. 14652d2f2d73SMiklos Szeredi * Older kernels stored upper fh in ".overlay.origin" 1466ad1d615cSAmir Goldstein * xattr. If that xattr exists, verify that it is a match to 1467ad1d615cSAmir Goldstein * upper dir file handle. In any case, verify or set xattr 14682d2f2d73SMiklos Szeredi * ".overlay.upper" to indicate that index may have 1469ad1d615cSAmir Goldstein * directory entries. 1470ad1d615cSAmir Goldstein */ 1471610afc0bSMiklos Szeredi if (ovl_check_origin_xattr(ofs, ofs->indexdir)) { 1472610afc0bSMiklos Szeredi err = ovl_verify_set_fh(ofs, ofs->indexdir, 1473610afc0bSMiklos Szeredi OVL_XATTR_ORIGIN, 1474ad1d615cSAmir Goldstein upperpath->dentry, true, false); 1475f7e3a7d9SMiklos Szeredi if (err) 14761bd0a3aeSlijiazi pr_err("failed to verify index dir 'origin' xattr\n"); 1477ad1d615cSAmir Goldstein } 1478610afc0bSMiklos Szeredi err = ovl_verify_upper(ofs, ofs->indexdir, upperpath->dentry, 1479610afc0bSMiklos Szeredi true); 1480ad1d615cSAmir Goldstein if (err) 14811bd0a3aeSlijiazi pr_err("failed to verify index dir 'upper' xattr\n"); 1482f7e3a7d9SMiklos Szeredi 1483f7e3a7d9SMiklos Szeredi /* Cleanup bad/stale/orphan index entries */ 1484f7e3a7d9SMiklos Szeredi if (!err) 14851eff1a1dSAmir Goldstein err = ovl_indexdir_cleanup(ofs); 1486f7e3a7d9SMiklos Szeredi } 1487ad204488SMiklos Szeredi if (err || !ofs->indexdir) 14881bd0a3aeSlijiazi pr_warn("try deleting index dir or mounting with '-o index=off' to disable inodes index.\n"); 1489f7e3a7d9SMiklos Szeredi 1490f7e3a7d9SMiklos Szeredi out: 14912ba9d57eSAmir Goldstein mnt_drop_write(mnt); 1492f7e3a7d9SMiklos Szeredi return err; 1493f7e3a7d9SMiklos Szeredi } 1494f7e3a7d9SMiklos Szeredi 14959df085f3SAmir Goldstein static bool ovl_lower_uuid_ok(struct ovl_fs *ofs, const uuid_t *uuid) 14965148626bSAmir Goldstein { 14975148626bSAmir Goldstein unsigned int i; 14989df085f3SAmir Goldstein 149908f4c7c8SMiklos Szeredi if (!ofs->config.nfs_export && !ovl_upper_mnt(ofs)) 15009df085f3SAmir Goldstein return true; 15019df085f3SAmir Goldstein 1502a888db31SAmir Goldstein /* 1503a888db31SAmir Goldstein * We allow using single lower with null uuid for index and nfs_export 1504a888db31SAmir Goldstein * for example to support those features with single lower squashfs. 1505a888db31SAmir Goldstein * To avoid regressions in setups of overlay with re-formatted lower 1506a888db31SAmir Goldstein * squashfs, do not allow decoding origin with lower null uuid unless 1507a888db31SAmir Goldstein * user opted-in to one of the new features that require following the 1508a888db31SAmir Goldstein * lower inode of non-dir upper. 1509a888db31SAmir Goldstein */ 1510ca45275cSVyacheslav Yurkov if (ovl_allow_offline_changes(ofs) && uuid_is_null(uuid)) 1511a888db31SAmir Goldstein return false; 1512a888db31SAmir Goldstein 15131b81ddddSAmir Goldstein for (i = 0; i < ofs->numfs; i++) { 15149df085f3SAmir Goldstein /* 15159df085f3SAmir Goldstein * We use uuid to associate an overlay lower file handle with a 15169df085f3SAmir Goldstein * lower layer, so we can accept lower fs with null uuid as long 15179df085f3SAmir Goldstein * as all lower layers with null uuid are on the same fs. 15187e63c87fSAmir Goldstein * if we detect multiple lower fs with the same uuid, we 15197e63c87fSAmir Goldstein * disable lower file handle decoding on all of them. 15209df085f3SAmir Goldstein */ 15211b81ddddSAmir Goldstein if (ofs->fs[i].is_lower && 15221b81ddddSAmir Goldstein uuid_equal(&ofs->fs[i].sb->s_uuid, uuid)) { 152307f1e596SAmir Goldstein ofs->fs[i].bad_uuid = true; 15249df085f3SAmir Goldstein return false; 15259df085f3SAmir Goldstein } 15267e63c87fSAmir Goldstein } 15279df085f3SAmir Goldstein return true; 15289df085f3SAmir Goldstein } 15299df085f3SAmir Goldstein 15309df085f3SAmir Goldstein /* Get a unique fsid for the layer */ 15319df085f3SAmir Goldstein static int ovl_get_fsid(struct ovl_fs *ofs, const struct path *path) 15329df085f3SAmir Goldstein { 15339df085f3SAmir Goldstein struct super_block *sb = path->mnt->mnt_sb; 15349df085f3SAmir Goldstein unsigned int i; 15355148626bSAmir Goldstein dev_t dev; 15365148626bSAmir Goldstein int err; 15377e63c87fSAmir Goldstein bool bad_uuid = false; 1538b0e0f697SAmir Goldstein bool warn = false; 15395148626bSAmir Goldstein 154007f1e596SAmir Goldstein for (i = 0; i < ofs->numfs; i++) { 154107f1e596SAmir Goldstein if (ofs->fs[i].sb == sb) 154207f1e596SAmir Goldstein return i; 15435148626bSAmir Goldstein } 15445148626bSAmir Goldstein 15459df085f3SAmir Goldstein if (!ovl_lower_uuid_ok(ofs, &sb->s_uuid)) { 15467e63c87fSAmir Goldstein bad_uuid = true; 1547b0e0f697SAmir Goldstein if (ofs->config.xino == OVL_XINO_AUTO) { 1548b0e0f697SAmir Goldstein ofs->config.xino = OVL_XINO_OFF; 1549b0e0f697SAmir Goldstein warn = true; 1550b0e0f697SAmir Goldstein } 15517e63c87fSAmir Goldstein if (ofs->config.index || ofs->config.nfs_export) { 15529df085f3SAmir Goldstein ofs->config.index = false; 15539df085f3SAmir Goldstein ofs->config.nfs_export = false; 1554b0e0f697SAmir Goldstein warn = true; 1555b0e0f697SAmir Goldstein } 1556b0e0f697SAmir Goldstein if (warn) { 1557b0e0f697SAmir Goldstein pr_warn("%s uuid detected in lower fs '%pd2', falling back to xino=%s,index=off,nfs_export=off.\n", 15587e63c87fSAmir Goldstein uuid_is_null(&sb->s_uuid) ? "null" : 15597e63c87fSAmir Goldstein "conflicting", 1560b0e0f697SAmir Goldstein path->dentry, ovl_xino_str[ofs->config.xino]); 15619df085f3SAmir Goldstein } 15627e63c87fSAmir Goldstein } 15639df085f3SAmir Goldstein 15645148626bSAmir Goldstein err = get_anon_bdev(&dev); 15655148626bSAmir Goldstein if (err) { 15661bd0a3aeSlijiazi pr_err("failed to get anonymous bdev for lowerpath\n"); 15675148626bSAmir Goldstein return err; 15685148626bSAmir Goldstein } 15695148626bSAmir Goldstein 157007f1e596SAmir Goldstein ofs->fs[ofs->numfs].sb = sb; 157107f1e596SAmir Goldstein ofs->fs[ofs->numfs].pseudo_dev = dev; 157207f1e596SAmir Goldstein ofs->fs[ofs->numfs].bad_uuid = bad_uuid; 15735148626bSAmir Goldstein 157407f1e596SAmir Goldstein return ofs->numfs++; 15755148626bSAmir Goldstein } 15765148626bSAmir Goldstein 157794375f9dSAmir Goldstein static int ovl_get_layers(struct super_block *sb, struct ovl_fs *ofs, 1578b8e42a65SMiklos Szeredi struct path *stack, unsigned int numlower, 1579b8e42a65SMiklos Szeredi struct ovl_layer *layers) 1580520d7c86SMiklos Szeredi { 1581520d7c86SMiklos Szeredi int err; 1582520d7c86SMiklos Szeredi unsigned int i; 1583520d7c86SMiklos Szeredi 1584520d7c86SMiklos Szeredi err = -ENOMEM; 158507f1e596SAmir Goldstein ofs->fs = kcalloc(numlower + 1, sizeof(struct ovl_sb), GFP_KERNEL); 158607f1e596SAmir Goldstein if (ofs->fs == NULL) 15875148626bSAmir Goldstein goto out; 15885148626bSAmir Goldstein 158907f1e596SAmir Goldstein /* idx/fsid 0 are reserved for upper fs even with lower only overlay */ 159007f1e596SAmir Goldstein ofs->numfs++; 159107f1e596SAmir Goldstein 159207f1e596SAmir Goldstein /* 1593b7bf9908SAmir Goldstein * All lower layers that share the same fs as upper layer, use the same 1594b7bf9908SAmir Goldstein * pseudo_dev as upper layer. Allocate fs[0].pseudo_dev even for lower 1595b7bf9908SAmir Goldstein * only overlay to simplify ovl_fs_free(). 15961b81ddddSAmir Goldstein * is_lower will be set if upper fs is shared with a lower layer. 159707f1e596SAmir Goldstein */ 1598b7bf9908SAmir Goldstein err = get_anon_bdev(&ofs->fs[0].pseudo_dev); 1599b7bf9908SAmir Goldstein if (err) { 1600b7bf9908SAmir Goldstein pr_err("failed to get anonymous bdev for upper fs\n"); 1601b7bf9908SAmir Goldstein goto out; 1602b7bf9908SAmir Goldstein } 1603b7bf9908SAmir Goldstein 160408f4c7c8SMiklos Szeredi if (ovl_upper_mnt(ofs)) { 160508f4c7c8SMiklos Szeredi ofs->fs[0].sb = ovl_upper_mnt(ofs)->mnt_sb; 16061b81ddddSAmir Goldstein ofs->fs[0].is_lower = false; 160707f1e596SAmir Goldstein } 160807f1e596SAmir Goldstein 1609520d7c86SMiklos Szeredi for (i = 0; i < numlower; i++) { 1610520d7c86SMiklos Szeredi struct vfsmount *mnt; 1611146d62e5SAmir Goldstein struct inode *trap; 16125148626bSAmir Goldstein int fsid; 1613520d7c86SMiklos Szeredi 16149df085f3SAmir Goldstein err = fsid = ovl_get_fsid(ofs, &stack[i]); 16155148626bSAmir Goldstein if (err < 0) 1616520d7c86SMiklos Szeredi goto out; 1617520d7c86SMiklos Szeredi 161824f14009Syoungjun /* 161924f14009Syoungjun * Check if lower root conflicts with this overlay layers before 162024f14009Syoungjun * checking if it is in-use as upperdir/workdir of "another" 162124f14009Syoungjun * mount, because we do not bother to check in ovl_is_inuse() if 162224f14009Syoungjun * the upperdir/workdir is in fact in-use by our 162324f14009Syoungjun * upperdir/workdir. 162424f14009Syoungjun */ 1625146d62e5SAmir Goldstein err = ovl_setup_trap(sb, stack[i].dentry, &trap, "lowerdir"); 1626146d62e5SAmir Goldstein if (err) 1627146d62e5SAmir Goldstein goto out; 1628146d62e5SAmir Goldstein 16290be0bfd2SAmir Goldstein if (ovl_is_inuse(stack[i].dentry)) { 16300be0bfd2SAmir Goldstein err = ovl_report_in_use(ofs, "lowerdir"); 163124f14009Syoungjun if (err) { 163224f14009Syoungjun iput(trap); 16330be0bfd2SAmir Goldstein goto out; 16340be0bfd2SAmir Goldstein } 163524f14009Syoungjun } 16360be0bfd2SAmir Goldstein 1637520d7c86SMiklos Szeredi mnt = clone_private_mount(&stack[i]); 1638520d7c86SMiklos Szeredi err = PTR_ERR(mnt); 1639520d7c86SMiklos Szeredi if (IS_ERR(mnt)) { 16401bd0a3aeSlijiazi pr_err("failed to clone lowerpath\n"); 1641146d62e5SAmir Goldstein iput(trap); 1642520d7c86SMiklos Szeredi goto out; 1643520d7c86SMiklos Szeredi } 16445148626bSAmir Goldstein 1645520d7c86SMiklos Szeredi /* 1646520d7c86SMiklos Szeredi * Make lower layers R/O. That way fchmod/fchown on lower file 1647520d7c86SMiklos Szeredi * will fail instead of modifying lower fs. 1648520d7c86SMiklos Szeredi */ 1649520d7c86SMiklos Szeredi mnt->mnt_flags |= MNT_READONLY | MNT_NOATIME; 1650520d7c86SMiklos Szeredi 165113464165SMiklos Szeredi layers[ofs->numlayer].trap = trap; 165213464165SMiklos Szeredi layers[ofs->numlayer].mnt = mnt; 165313464165SMiklos Szeredi layers[ofs->numlayer].idx = ofs->numlayer; 165413464165SMiklos Szeredi layers[ofs->numlayer].fsid = fsid; 165513464165SMiklos Szeredi layers[ofs->numlayer].fs = &ofs->fs[fsid]; 165694375f9dSAmir Goldstein ofs->numlayer++; 16571b81ddddSAmir Goldstein ofs->fs[fsid].is_lower = true; 1658520d7c86SMiklos Szeredi } 1659e487d889SAmir Goldstein 1660795939a9SAmir Goldstein /* 1661795939a9SAmir Goldstein * When all layers on same fs, overlay can use real inode numbers. 1662926e94d7SAmir Goldstein * With mount option "xino=<on|auto>", mounter declares that there are 1663926e94d7SAmir Goldstein * enough free high bits in underlying fs to hold the unique fsid. 1664795939a9SAmir Goldstein * If overlayfs does encounter underlying inodes using the high xino 1665795939a9SAmir Goldstein * bits reserved for fsid, it emits a warning and uses the original 1666dfe51d47SAmir Goldstein * inode number or a non persistent inode number allocated from a 1667dfe51d47SAmir Goldstein * dedicated range. 1668795939a9SAmir Goldstein */ 166908f4c7c8SMiklos Szeredi if (ofs->numfs - !ovl_upper_mnt(ofs) == 1) { 16700f831ec8SAmir Goldstein if (ofs->config.xino == OVL_XINO_ON) 16710f831ec8SAmir Goldstein pr_info("\"xino=on\" is useless with all layers on same fs, ignore.\n"); 16720f831ec8SAmir Goldstein ofs->xino_mode = 0; 167353afcd31SAmir Goldstein } else if (ofs->config.xino == OVL_XINO_OFF) { 167453afcd31SAmir Goldstein ofs->xino_mode = -1; 1675926e94d7SAmir Goldstein } else if (ofs->xino_mode < 0) { 1676795939a9SAmir Goldstein /* 167707f1e596SAmir Goldstein * This is a roundup of number of bits needed for encoding 1678dfe51d47SAmir Goldstein * fsid, where fsid 0 is reserved for upper fs (even with 1679dfe51d47SAmir Goldstein * lower only overlay) +1 extra bit is reserved for the non 1680dfe51d47SAmir Goldstein * persistent inode number range that is used for resolving 1681dfe51d47SAmir Goldstein * xino lower bits overflow. 1682795939a9SAmir Goldstein */ 1683dfe51d47SAmir Goldstein BUILD_BUG_ON(ilog2(OVL_MAX_STACK) > 30); 1684dfe51d47SAmir Goldstein ofs->xino_mode = ilog2(ofs->numfs - 1) + 2; 1685795939a9SAmir Goldstein } 1686795939a9SAmir Goldstein 16870f831ec8SAmir Goldstein if (ofs->xino_mode > 0) { 16881bd0a3aeSlijiazi pr_info("\"xino\" feature enabled using %d upper inode bits.\n", 16890f831ec8SAmir Goldstein ofs->xino_mode); 1690795939a9SAmir Goldstein } 1691e487d889SAmir Goldstein 1692520d7c86SMiklos Szeredi err = 0; 1693520d7c86SMiklos Szeredi out: 1694520d7c86SMiklos Szeredi return err; 1695520d7c86SMiklos Szeredi } 1696520d7c86SMiklos Szeredi 16974155c10aSMiklos Szeredi static struct ovl_entry *ovl_get_lowerstack(struct super_block *sb, 1698b8e42a65SMiklos Szeredi const char *lower, unsigned int numlower, 1699b8e42a65SMiklos Szeredi struct ovl_fs *ofs, struct ovl_layer *layers) 170053dbb0b4SMiklos Szeredi { 170153dbb0b4SMiklos Szeredi int err; 17024155c10aSMiklos Szeredi struct path *stack = NULL; 17035522c9c7SAmir Goldstein struct ovl_path *lowerstack; 1704b8e42a65SMiklos Szeredi unsigned int i; 17054155c10aSMiklos Szeredi struct ovl_entry *oe; 170653dbb0b4SMiklos Szeredi 1707b8e42a65SMiklos Szeredi if (!ofs->config.upperdir && numlower == 1) { 17081bd0a3aeSlijiazi pr_err("at least 2 lowerdir are needed while upperdir nonexistent\n"); 1709b8e42a65SMiklos Szeredi return ERR_PTR(-EINVAL); 171053dbb0b4SMiklos Szeredi } 171153dbb0b4SMiklos Szeredi 1712b8e42a65SMiklos Szeredi stack = kcalloc(numlower, sizeof(struct path), GFP_KERNEL); 171353dbb0b4SMiklos Szeredi if (!stack) 1714b8e42a65SMiklos Szeredi return ERR_PTR(-ENOMEM); 171553dbb0b4SMiklos Szeredi 171653dbb0b4SMiklos Szeredi err = -EINVAL; 1717b8e42a65SMiklos Szeredi for (i = 0; i < numlower; i++) { 1718b8e42a65SMiklos Szeredi err = ovl_lower_dir(lower, &stack[i], ofs, &sb->s_stack_depth); 171953dbb0b4SMiklos Szeredi if (err) 17204155c10aSMiklos Szeredi goto out_err; 172153dbb0b4SMiklos Szeredi 172253dbb0b4SMiklos Szeredi lower = strchr(lower, '\0') + 1; 172353dbb0b4SMiklos Szeredi } 172453dbb0b4SMiklos Szeredi 172553dbb0b4SMiklos Szeredi err = -EINVAL; 172653dbb0b4SMiklos Szeredi sb->s_stack_depth++; 172753dbb0b4SMiklos Szeredi if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) { 17281bd0a3aeSlijiazi pr_err("maximum fs stacking depth exceeded\n"); 17294155c10aSMiklos Szeredi goto out_err; 173053dbb0b4SMiklos Szeredi } 173153dbb0b4SMiklos Szeredi 1732b8e42a65SMiklos Szeredi err = ovl_get_layers(sb, ofs, stack, numlower, layers); 17334155c10aSMiklos Szeredi if (err) 17344155c10aSMiklos Szeredi goto out_err; 17354155c10aSMiklos Szeredi 17364155c10aSMiklos Szeredi err = -ENOMEM; 17374155c10aSMiklos Szeredi oe = ovl_alloc_entry(numlower); 17384155c10aSMiklos Szeredi if (!oe) 17394155c10aSMiklos Szeredi goto out_err; 17404155c10aSMiklos Szeredi 17415522c9c7SAmir Goldstein lowerstack = ovl_lowerstack(oe); 17424155c10aSMiklos Szeredi for (i = 0; i < numlower; i++) { 17435522c9c7SAmir Goldstein lowerstack[i].dentry = dget(stack[i].dentry); 17445522c9c7SAmir Goldstein lowerstack[i].layer = &ofs->layers[i+1]; 17454155c10aSMiklos Szeredi } 174653dbb0b4SMiklos Szeredi 174753dbb0b4SMiklos Szeredi out: 174853dbb0b4SMiklos Szeredi for (i = 0; i < numlower; i++) 174953dbb0b4SMiklos Szeredi path_put(&stack[i]); 175053dbb0b4SMiklos Szeredi kfree(stack); 17514155c10aSMiklos Szeredi 17524155c10aSMiklos Szeredi return oe; 17534155c10aSMiklos Szeredi 17544155c10aSMiklos Szeredi out_err: 17554155c10aSMiklos Szeredi oe = ERR_PTR(err); 175653dbb0b4SMiklos Szeredi goto out; 175753dbb0b4SMiklos Szeredi } 175853dbb0b4SMiklos Szeredi 1759146d62e5SAmir Goldstein /* 1760146d62e5SAmir Goldstein * Check if this layer root is a descendant of: 1761146d62e5SAmir Goldstein * - another layer of this overlayfs instance 1762146d62e5SAmir Goldstein * - upper/work dir of any overlayfs instance 1763146d62e5SAmir Goldstein */ 17640be0bfd2SAmir Goldstein static int ovl_check_layer(struct super_block *sb, struct ovl_fs *ofs, 1765708fa015SMiklos Szeredi struct dentry *dentry, const char *name, 1766708fa015SMiklos Szeredi bool is_lower) 1767146d62e5SAmir Goldstein { 17689179c21dSMiklos Szeredi struct dentry *next = dentry, *parent; 1769146d62e5SAmir Goldstein int err = 0; 1770146d62e5SAmir Goldstein 17719179c21dSMiklos Szeredi if (!dentry) 1772146d62e5SAmir Goldstein return 0; 1773146d62e5SAmir Goldstein 1774146d62e5SAmir Goldstein parent = dget_parent(next); 17759179c21dSMiklos Szeredi 17769179c21dSMiklos Szeredi /* Walk back ancestors to root (inclusive) looking for traps */ 17779179c21dSMiklos Szeredi while (!err && parent != next) { 1778708fa015SMiklos Szeredi if (is_lower && ovl_lookup_trap_inode(sb, parent)) { 1779146d62e5SAmir Goldstein err = -ELOOP; 17801bd0a3aeSlijiazi pr_err("overlapping %s path\n", name); 17810be0bfd2SAmir Goldstein } else if (ovl_is_inuse(parent)) { 17820be0bfd2SAmir Goldstein err = ovl_report_in_use(ofs, name); 1783146d62e5SAmir Goldstein } 1784146d62e5SAmir Goldstein next = parent; 17859179c21dSMiklos Szeredi parent = dget_parent(next); 17869179c21dSMiklos Szeredi dput(next); 1787146d62e5SAmir Goldstein } 1788146d62e5SAmir Goldstein 17899179c21dSMiklos Szeredi dput(parent); 1790146d62e5SAmir Goldstein 1791146d62e5SAmir Goldstein return err; 1792146d62e5SAmir Goldstein } 1793146d62e5SAmir Goldstein 1794146d62e5SAmir Goldstein /* 1795146d62e5SAmir Goldstein * Check if any of the layers or work dirs overlap. 1796146d62e5SAmir Goldstein */ 1797146d62e5SAmir Goldstein static int ovl_check_overlapping_layers(struct super_block *sb, 1798146d62e5SAmir Goldstein struct ovl_fs *ofs) 1799146d62e5SAmir Goldstein { 1800146d62e5SAmir Goldstein int i, err; 1801146d62e5SAmir Goldstein 180208f4c7c8SMiklos Szeredi if (ovl_upper_mnt(ofs)) { 180308f4c7c8SMiklos Szeredi err = ovl_check_layer(sb, ofs, ovl_upper_mnt(ofs)->mnt_root, 1804708fa015SMiklos Szeredi "upperdir", false); 1805146d62e5SAmir Goldstein if (err) 1806146d62e5SAmir Goldstein return err; 1807146d62e5SAmir Goldstein 1808146d62e5SAmir Goldstein /* 1809146d62e5SAmir Goldstein * Checking workbasedir avoids hitting ovl_is_inuse(parent) of 1810146d62e5SAmir Goldstein * this instance and covers overlapping work and index dirs, 1811146d62e5SAmir Goldstein * unless work or index dir have been moved since created inside 1812146d62e5SAmir Goldstein * workbasedir. In that case, we already have their traps in 1813146d62e5SAmir Goldstein * inode cache and we will catch that case on lookup. 1814146d62e5SAmir Goldstein */ 1815708fa015SMiklos Szeredi err = ovl_check_layer(sb, ofs, ofs->workbasedir, "workdir", 1816708fa015SMiklos Szeredi false); 1817146d62e5SAmir Goldstein if (err) 1818146d62e5SAmir Goldstein return err; 1819146d62e5SAmir Goldstein } 1820146d62e5SAmir Goldstein 182194375f9dSAmir Goldstein for (i = 1; i < ofs->numlayer; i++) { 18220be0bfd2SAmir Goldstein err = ovl_check_layer(sb, ofs, 182394375f9dSAmir Goldstein ofs->layers[i].mnt->mnt_root, 1824708fa015SMiklos Szeredi "lowerdir", true); 1825146d62e5SAmir Goldstein if (err) 1826146d62e5SAmir Goldstein return err; 1827146d62e5SAmir Goldstein } 1828146d62e5SAmir Goldstein 1829146d62e5SAmir Goldstein return 0; 1830146d62e5SAmir Goldstein } 1831146d62e5SAmir Goldstein 18322effc5c2SAmir Goldstein static struct dentry *ovl_get_root(struct super_block *sb, 18332effc5c2SAmir Goldstein struct dentry *upperdentry, 18342effc5c2SAmir Goldstein struct ovl_entry *oe) 18352effc5c2SAmir Goldstein { 18362effc5c2SAmir Goldstein struct dentry *root; 18375522c9c7SAmir Goldstein struct ovl_path *lowerpath = ovl_lowerstack(oe); 183862c832edSAmir Goldstein unsigned long ino = d_inode(lowerpath->dentry)->i_ino; 183962c832edSAmir Goldstein int fsid = lowerpath->layer->fsid; 184062c832edSAmir Goldstein struct ovl_inode_params oip = { 184162c832edSAmir Goldstein .upperdentry = upperdentry, 184262c832edSAmir Goldstein .lowerpath = lowerpath, 1843*0af950f5SAmir Goldstein .oe = oe, 184462c832edSAmir Goldstein }; 18452effc5c2SAmir Goldstein 18462effc5c2SAmir Goldstein root = d_make_root(ovl_new_inode(sb, S_IFDIR, 0)); 18472effc5c2SAmir Goldstein if (!root) 18482effc5c2SAmir Goldstein return NULL; 18492effc5c2SAmir Goldstein 18502effc5c2SAmir Goldstein if (upperdentry) { 185162c832edSAmir Goldstein /* Root inode uses upper st_ino/i_ino */ 185262c832edSAmir Goldstein ino = d_inode(upperdentry)->i_ino; 185362c832edSAmir Goldstein fsid = 0; 18542effc5c2SAmir Goldstein ovl_dentry_set_upper_alias(root); 1855610afc0bSMiklos Szeredi if (ovl_is_impuredir(sb, upperdentry)) 18562effc5c2SAmir Goldstein ovl_set_flag(OVL_IMPURE, d_inode(root)); 18572effc5c2SAmir Goldstein } 18582effc5c2SAmir Goldstein 18592effc5c2SAmir Goldstein /* Root is always merge -> can have whiteouts */ 18602effc5c2SAmir Goldstein ovl_set_flag(OVL_WHITEOUTS, d_inode(root)); 18612effc5c2SAmir Goldstein ovl_dentry_set_flag(OVL_E_CONNECTED, root); 18622effc5c2SAmir Goldstein ovl_set_upperdata(d_inode(root)); 186362c832edSAmir Goldstein ovl_inode_init(d_inode(root), &oip, ino, fsid); 1864*0af950f5SAmir Goldstein ovl_dentry_init_flags(root, upperdentry, oe, DCACHE_OP_WEAK_REVALIDATE); 18652effc5c2SAmir Goldstein 18662effc5c2SAmir Goldstein return root; 18672effc5c2SAmir Goldstein } 18682effc5c2SAmir Goldstein 1869e9be9d5eSMiklos Szeredi static int ovl_fill_super(struct super_block *sb, void *data, int silent) 1870e9be9d5eSMiklos Szeredi { 187133006cdfSKees Cook struct path upperpath = { }; 1872e9be9d5eSMiklos Szeredi struct dentry *root_dentry; 18734155c10aSMiklos Szeredi struct ovl_entry *oe; 1874ad204488SMiklos Szeredi struct ovl_fs *ofs; 1875b8e42a65SMiklos Szeredi struct ovl_layer *layers; 187651f8f3c4SKonstantin Khlebnikov struct cred *cred; 1877b8e42a65SMiklos Szeredi char *splitlower = NULL; 1878b8e42a65SMiklos Szeredi unsigned int numlower; 1879e9be9d5eSMiklos Szeredi int err; 1880e9be9d5eSMiklos Szeredi 18819efb069dSMiklos Szeredi err = -EIO; 18829efb069dSMiklos Szeredi if (WARN_ON(sb->s_user_ns != current_user_ns())) 18839efb069dSMiklos Szeredi goto out; 18849efb069dSMiklos Szeredi 1885f4288844SMiklos Szeredi sb->s_d_op = &ovl_dentry_operations; 1886f4288844SMiklos Szeredi 1887f45827e8SErez Zadok err = -ENOMEM; 1888ad204488SMiklos Szeredi ofs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL); 1889ad204488SMiklos Szeredi if (!ofs) 1890e9be9d5eSMiklos Szeredi goto out; 1891e9be9d5eSMiklos Szeredi 1892d7b49b10SChengguang Xu err = -ENOMEM; 1893ad204488SMiklos Szeredi ofs->creator_cred = cred = prepare_creds(); 1894c6fe6254SMiklos Szeredi if (!cred) 1895c6fe6254SMiklos Szeredi goto out_err; 1896c6fe6254SMiklos Szeredi 1897c21c839bSChengguang Xu /* Is there a reason anyone would want not to share whiteouts? */ 1898c21c839bSChengguang Xu ofs->share_whiteout = true; 1899c21c839bSChengguang Xu 1900ad204488SMiklos Szeredi ofs->config.index = ovl_index_def; 19015830fb6bSPavel Tikhomirov ofs->config.uuid = true; 1902f168f109SAmir Goldstein ofs->config.nfs_export = ovl_nfs_export_def; 1903795939a9SAmir Goldstein ofs->config.xino = ovl_xino_def(); 1904d5791044SVivek Goyal ofs->config.metacopy = ovl_metacopy_def; 1905ad204488SMiklos Szeredi err = ovl_parse_opt((char *) data, &ofs->config); 1906f45827e8SErez Zadok if (err) 1907a9075cdbSMiklos Szeredi goto out_err; 1908f45827e8SErez Zadok 1909e9be9d5eSMiklos Szeredi err = -EINVAL; 1910ad204488SMiklos Szeredi if (!ofs->config.lowerdir) { 191107f2af7bSKonstantin Khlebnikov if (!silent) 19121bd0a3aeSlijiazi pr_err("missing 'lowerdir'\n"); 1913a9075cdbSMiklos Szeredi goto out_err; 191453a08cb9SMiklos Szeredi } 191553a08cb9SMiklos Szeredi 1916b8e42a65SMiklos Szeredi err = -ENOMEM; 1917b8e42a65SMiklos Szeredi splitlower = kstrdup(ofs->config.lowerdir, GFP_KERNEL); 1918b8e42a65SMiklos Szeredi if (!splitlower) 1919b8e42a65SMiklos Szeredi goto out_err; 1920b8e42a65SMiklos Szeredi 1921d7b49b10SChengguang Xu err = -EINVAL; 1922b8e42a65SMiklos Szeredi numlower = ovl_split_lowerdirs(splitlower); 1923b8e42a65SMiklos Szeredi if (numlower > OVL_MAX_STACK) { 1924b8e42a65SMiklos Szeredi pr_err("too many lower directories, limit is %d\n", 1925b8e42a65SMiklos Szeredi OVL_MAX_STACK); 1926b8e42a65SMiklos Szeredi goto out_err; 1927b8e42a65SMiklos Szeredi } 1928b8e42a65SMiklos Szeredi 1929d7b49b10SChengguang Xu err = -ENOMEM; 1930b8e42a65SMiklos Szeredi layers = kcalloc(numlower + 1, sizeof(struct ovl_layer), GFP_KERNEL); 1931b8e42a65SMiklos Szeredi if (!layers) 1932b8e42a65SMiklos Szeredi goto out_err; 1933b8e42a65SMiklos Szeredi 1934b8e42a65SMiklos Szeredi ofs->layers = layers; 1935b8e42a65SMiklos Szeredi /* Layer 0 is reserved for upper even if there's no upper */ 1936b8e42a65SMiklos Szeredi ofs->numlayer = 1; 1937b8e42a65SMiklos Szeredi 193853a08cb9SMiklos Szeredi sb->s_stack_depth = 0; 1939cf9a6784SMiklos Szeredi sb->s_maxbytes = MAX_LFS_FILESIZE; 19404d314f78SAmir Goldstein atomic_long_set(&ofs->last_ino, 1); 19414f119628SWilliam Dean /* Assume underlying fs uses 32bit inodes unless proven otherwise */ 194253afcd31SAmir Goldstein if (ofs->config.xino != OVL_XINO_OFF) { 19430f831ec8SAmir Goldstein ofs->xino_mode = BITS_PER_LONG - 32; 194453afcd31SAmir Goldstein if (!ofs->xino_mode) { 194553afcd31SAmir Goldstein pr_warn("xino not supported on 32bit kernel, falling back to xino=off.\n"); 194653afcd31SAmir Goldstein ofs->config.xino = OVL_XINO_OFF; 194753afcd31SAmir Goldstein } 194853afcd31SAmir Goldstein } 1949795939a9SAmir Goldstein 1950146d62e5SAmir Goldstein /* alloc/destroy_inode needed for setting up traps in inode cache */ 1951146d62e5SAmir Goldstein sb->s_op = &ovl_super_operations; 1952146d62e5SAmir Goldstein 1953ad204488SMiklos Szeredi if (ofs->config.upperdir) { 1954335d3fc5SSargun Dhillon struct super_block *upper_sb; 1955335d3fc5SSargun Dhillon 1956d7b49b10SChengguang Xu err = -EINVAL; 1957ad204488SMiklos Szeredi if (!ofs->config.workdir) { 19581bd0a3aeSlijiazi pr_err("missing 'workdir'\n"); 1959a9075cdbSMiklos Szeredi goto out_err; 1960e9be9d5eSMiklos Szeredi } 1961e9be9d5eSMiklos Szeredi 1962b8e42a65SMiklos Szeredi err = ovl_get_upper(sb, ofs, &layers[0], &upperpath); 196321a3b317SMiklos Szeredi if (err) 1964a9075cdbSMiklos Szeredi goto out_err; 1965d719e8f2SMiklos Szeredi 1966335d3fc5SSargun Dhillon upper_sb = ovl_upper_mnt(ofs)->mnt_sb; 1967335d3fc5SSargun Dhillon if (!ovl_should_sync(ofs)) { 1968335d3fc5SSargun Dhillon ofs->errseq = errseq_sample(&upper_sb->s_wb_err); 1969335d3fc5SSargun Dhillon if (errseq_check(&upper_sb->s_wb_err, ofs->errseq)) { 1970335d3fc5SSargun Dhillon err = -EIO; 1971335d3fc5SSargun Dhillon pr_err("Cannot mount volatile when upperdir has an unseen error. Sync upperdir fs to clear state.\n"); 1972335d3fc5SSargun Dhillon goto out_err; 1973335d3fc5SSargun Dhillon } 1974335d3fc5SSargun Dhillon } 1975335d3fc5SSargun Dhillon 1976146d62e5SAmir Goldstein err = ovl_get_workdir(sb, ofs, &upperpath); 19778ed61dc3SMiklos Szeredi if (err) 1978a9075cdbSMiklos Szeredi goto out_err; 1979c6fe6254SMiklos Szeredi 1980ad204488SMiklos Szeredi if (!ofs->workdir) 19811751e8a6SLinus Torvalds sb->s_flags |= SB_RDONLY; 19826e88256eSMiklos Szeredi 1983335d3fc5SSargun Dhillon sb->s_stack_depth = upper_sb->s_stack_depth; 1984335d3fc5SSargun Dhillon sb->s_time_gran = upper_sb->s_time_gran; 198521765194SVivek Goyal } 1986b8e42a65SMiklos Szeredi oe = ovl_get_lowerstack(sb, splitlower, numlower, ofs, layers); 19874155c10aSMiklos Szeredi err = PTR_ERR(oe); 19884155c10aSMiklos Szeredi if (IS_ERR(oe)) 1989a9075cdbSMiklos Szeredi goto out_err; 1990e9be9d5eSMiklos Szeredi 199171cbad7eShujianyang /* If the upper fs is nonexistent, we mark overlayfs r/o too */ 199208f4c7c8SMiklos Szeredi if (!ovl_upper_mnt(ofs)) 19931751e8a6SLinus Torvalds sb->s_flags |= SB_RDONLY; 1994e9be9d5eSMiklos Szeredi 19955830fb6bSPavel Tikhomirov if (!ofs->config.uuid && ofs->numfs > 1) { 19965830fb6bSPavel Tikhomirov pr_warn("The uuid=off requires a single fs for lower and upper, falling back to uuid=on.\n"); 19975830fb6bSPavel Tikhomirov ofs->config.uuid = true; 19985830fb6bSPavel Tikhomirov } 19995830fb6bSPavel Tikhomirov 2000470c1563SAmir Goldstein if (!ovl_force_readonly(ofs) && ofs->config.index) { 2001146d62e5SAmir Goldstein err = ovl_get_indexdir(sb, ofs, oe, &upperpath); 200254fb347eSAmir Goldstein if (err) 20034155c10aSMiklos Szeredi goto out_free_oe; 20046e88256eSMiklos Szeredi 2005972d0093SAmir Goldstein /* Force r/o mount with no index dir */ 200620396365SAmir Goldstein if (!ofs->indexdir) 20071751e8a6SLinus Torvalds sb->s_flags |= SB_RDONLY; 200802bcd157SAmir Goldstein } 200902bcd157SAmir Goldstein 2010146d62e5SAmir Goldstein err = ovl_check_overlapping_layers(sb, ofs); 2011146d62e5SAmir Goldstein if (err) 2012146d62e5SAmir Goldstein goto out_free_oe; 2013146d62e5SAmir Goldstein 2014972d0093SAmir Goldstein /* Show index=off in /proc/mounts for forced r/o mount */ 2015f168f109SAmir Goldstein if (!ofs->indexdir) { 2016ad204488SMiklos Szeredi ofs->config.index = false; 201708f4c7c8SMiklos Szeredi if (ovl_upper_mnt(ofs) && ofs->config.nfs_export) { 20181bd0a3aeSlijiazi pr_warn("NFS export requires an index dir, falling back to nfs_export=off.\n"); 2019f168f109SAmir Goldstein ofs->config.nfs_export = false; 2020f168f109SAmir Goldstein } 2021f168f109SAmir Goldstein } 202202bcd157SAmir Goldstein 2023d5791044SVivek Goyal if (ofs->config.metacopy && ofs->config.nfs_export) { 20241bd0a3aeSlijiazi pr_warn("NFS export is not supported with metadata only copy up, falling back to nfs_export=off.\n"); 2025d5791044SVivek Goyal ofs->config.nfs_export = false; 2026d5791044SVivek Goyal } 2027d5791044SVivek Goyal 20288383f174SAmir Goldstein if (ofs->config.nfs_export) 20298383f174SAmir Goldstein sb->s_export_op = &ovl_export_operations; 20308383f174SAmir Goldstein 203151f8f3c4SKonstantin Khlebnikov /* Never override disk quota limits or use reserved space */ 203251f8f3c4SKonstantin Khlebnikov cap_lower(cred->cap_effective, CAP_SYS_RESOURCE); 203351f8f3c4SKonstantin Khlebnikov 2034655042ccSVivek Goyal sb->s_magic = OVERLAYFS_SUPER_MAGIC; 20352d2f2d73SMiklos Szeredi sb->s_xattr = ofs->config.userxattr ? ovl_user_xattr_handlers : 20362d2f2d73SMiklos Szeredi ovl_trusted_xattr_handlers; 2037ad204488SMiklos Szeredi sb->s_fs_info = ofs; 2038de2a4a50SMiklos Szeredi sb->s_flags |= SB_POSIXACL; 203932b1924bSKonstantin Khlebnikov sb->s_iflags |= SB_I_SKIP_SYNC; 2040655042ccSVivek Goyal 2041c6fe6254SMiklos Szeredi err = -ENOMEM; 20422effc5c2SAmir Goldstein root_dentry = ovl_get_root(sb, upperpath.dentry, oe); 2043e9be9d5eSMiklos Szeredi if (!root_dentry) 20444155c10aSMiklos Szeredi goto out_free_oe; 2045e9be9d5eSMiklos Szeredi 2046e9be9d5eSMiklos Szeredi mntput(upperpath.mnt); 2047b8e42a65SMiklos Szeredi kfree(splitlower); 2048ed06e069SMiklos Szeredi 2049e9be9d5eSMiklos Szeredi sb->s_root = root_dentry; 2050e9be9d5eSMiklos Szeredi 2051e9be9d5eSMiklos Szeredi return 0; 2052e9be9d5eSMiklos Szeredi 20534155c10aSMiklos Szeredi out_free_oe: 2054163db0daSAmir Goldstein ovl_free_entry(oe); 20554155c10aSMiklos Szeredi out_err: 2056b8e42a65SMiklos Szeredi kfree(splitlower); 2057e9be9d5eSMiklos Szeredi path_put(&upperpath); 2058ad204488SMiklos Szeredi ovl_free_fs(ofs); 2059e9be9d5eSMiklos Szeredi out: 2060e9be9d5eSMiklos Szeredi return err; 2061e9be9d5eSMiklos Szeredi } 2062e9be9d5eSMiklos Szeredi 2063e9be9d5eSMiklos Szeredi static struct dentry *ovl_mount(struct file_system_type *fs_type, int flags, 2064e9be9d5eSMiklos Szeredi const char *dev_name, void *raw_data) 2065e9be9d5eSMiklos Szeredi { 2066e9be9d5eSMiklos Szeredi return mount_nodev(fs_type, flags, raw_data, ovl_fill_super); 2067e9be9d5eSMiklos Szeredi } 2068e9be9d5eSMiklos Szeredi 2069e9be9d5eSMiklos Szeredi static struct file_system_type ovl_fs_type = { 2070e9be9d5eSMiklos Szeredi .owner = THIS_MODULE, 2071ef94b186SMiklos Szeredi .name = "overlay", 2072459c7c56SMiklos Szeredi .fs_flags = FS_USERNS_MOUNT, 2073e9be9d5eSMiklos Szeredi .mount = ovl_mount, 2074e9be9d5eSMiklos Szeredi .kill_sb = kill_anon_super, 2075e9be9d5eSMiklos Szeredi }; 2076ef94b186SMiklos Szeredi MODULE_ALIAS_FS("overlay"); 2077e9be9d5eSMiklos Szeredi 207813cf199dSAmir Goldstein static void ovl_inode_init_once(void *foo) 207913cf199dSAmir Goldstein { 208013cf199dSAmir Goldstein struct ovl_inode *oi = foo; 208113cf199dSAmir Goldstein 208213cf199dSAmir Goldstein inode_init_once(&oi->vfs_inode); 208313cf199dSAmir Goldstein } 208413cf199dSAmir Goldstein 2085e9be9d5eSMiklos Szeredi static int __init ovl_init(void) 2086e9be9d5eSMiklos Szeredi { 208713cf199dSAmir Goldstein int err; 208813cf199dSAmir Goldstein 208913cf199dSAmir Goldstein ovl_inode_cachep = kmem_cache_create("ovl_inode", 209013cf199dSAmir Goldstein sizeof(struct ovl_inode), 0, 209113cf199dSAmir Goldstein (SLAB_RECLAIM_ACCOUNT| 209213cf199dSAmir Goldstein SLAB_MEM_SPREAD|SLAB_ACCOUNT), 209313cf199dSAmir Goldstein ovl_inode_init_once); 209413cf199dSAmir Goldstein if (ovl_inode_cachep == NULL) 209513cf199dSAmir Goldstein return -ENOMEM; 209613cf199dSAmir Goldstein 20972406a307SJiufei Xue err = ovl_aio_request_cache_init(); 20982406a307SJiufei Xue if (!err) { 209913cf199dSAmir Goldstein err = register_filesystem(&ovl_fs_type); 21002406a307SJiufei Xue if (!err) 21012406a307SJiufei Xue return 0; 21022406a307SJiufei Xue 21032406a307SJiufei Xue ovl_aio_request_cache_destroy(); 21042406a307SJiufei Xue } 210513cf199dSAmir Goldstein kmem_cache_destroy(ovl_inode_cachep); 210613cf199dSAmir Goldstein 210713cf199dSAmir Goldstein return err; 2108e9be9d5eSMiklos Szeredi } 2109e9be9d5eSMiklos Szeredi 2110e9be9d5eSMiklos Szeredi static void __exit ovl_exit(void) 2111e9be9d5eSMiklos Szeredi { 2112e9be9d5eSMiklos Szeredi unregister_filesystem(&ovl_fs_type); 211313cf199dSAmir Goldstein 211413cf199dSAmir Goldstein /* 211513cf199dSAmir Goldstein * Make sure all delayed rcu free inodes are flushed before we 211613cf199dSAmir Goldstein * destroy cache. 211713cf199dSAmir Goldstein */ 211813cf199dSAmir Goldstein rcu_barrier(); 211913cf199dSAmir Goldstein kmem_cache_destroy(ovl_inode_cachep); 21202406a307SJiufei Xue ovl_aio_request_cache_destroy(); 2121e9be9d5eSMiklos Szeredi } 2122e9be9d5eSMiklos Szeredi 2123e9be9d5eSMiklos Szeredi module_init(ovl_init); 2124e9be9d5eSMiklos Szeredi module_exit(ovl_exit); 2125