1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * 4 * Copyright (C) 2011 Novell Inc. 5 */ 6 7 #include <uapi/linux/magic.h> 8 #include <linux/fs.h> 9 #include <linux/namei.h> 10 #include <linux/xattr.h> 11 #include <linux/mount.h> 12 #include <linux/parser.h> 13 #include <linux/module.h> 14 #include <linux/statfs.h> 15 #include <linux/seq_file.h> 16 #include <linux/posix_acl_xattr.h> 17 #include <linux/exportfs.h> 18 #include "overlayfs.h" 19 20 MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>"); 21 MODULE_DESCRIPTION("Overlay filesystem"); 22 MODULE_LICENSE("GPL"); 23 24 25 struct ovl_dir_cache; 26 27 #define OVL_MAX_STACK 500 28 29 static bool ovl_redirect_dir_def = IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_DIR); 30 module_param_named(redirect_dir, ovl_redirect_dir_def, bool, 0644); 31 MODULE_PARM_DESC(redirect_dir, 32 "Default to on or off for the redirect_dir feature"); 33 34 static bool ovl_redirect_always_follow = 35 IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW); 36 module_param_named(redirect_always_follow, ovl_redirect_always_follow, 37 bool, 0644); 38 MODULE_PARM_DESC(redirect_always_follow, 39 "Follow redirects even if redirect_dir feature is turned off"); 40 41 static bool ovl_index_def = IS_ENABLED(CONFIG_OVERLAY_FS_INDEX); 42 module_param_named(index, ovl_index_def, bool, 0644); 43 MODULE_PARM_DESC(index, 44 "Default to on or off for the inodes index feature"); 45 46 static bool ovl_nfs_export_def = IS_ENABLED(CONFIG_OVERLAY_FS_NFS_EXPORT); 47 module_param_named(nfs_export, ovl_nfs_export_def, bool, 0644); 48 MODULE_PARM_DESC(nfs_export, 49 "Default to on or off for the NFS export feature"); 50 51 static bool ovl_xino_auto_def = IS_ENABLED(CONFIG_OVERLAY_FS_XINO_AUTO); 52 module_param_named(xino_auto, ovl_xino_auto_def, bool, 0644); 53 MODULE_PARM_DESC(xino_auto, 54 "Auto enable xino feature"); 55 56 static void ovl_entry_stack_free(struct ovl_entry *oe) 57 { 58 unsigned int i; 59 60 for (i = 0; i < oe->numlower; i++) 61 dput(oe->lowerstack[i].dentry); 62 } 63 64 static bool ovl_metacopy_def = IS_ENABLED(CONFIG_OVERLAY_FS_METACOPY); 65 module_param_named(metacopy, ovl_metacopy_def, bool, 0644); 66 MODULE_PARM_DESC(metacopy, 67 "Default to on or off for the metadata only copy up feature"); 68 69 static void ovl_dentry_release(struct dentry *dentry) 70 { 71 struct ovl_entry *oe = dentry->d_fsdata; 72 73 if (oe) { 74 ovl_entry_stack_free(oe); 75 kfree_rcu(oe, rcu); 76 } 77 } 78 79 static struct dentry *ovl_d_real(struct dentry *dentry, 80 const struct inode *inode) 81 { 82 struct dentry *real = NULL, *lower; 83 84 /* It's an overlay file */ 85 if (inode && d_inode(dentry) == inode) 86 return dentry; 87 88 if (!d_is_reg(dentry)) { 89 if (!inode || inode == d_inode(dentry)) 90 return dentry; 91 goto bug; 92 } 93 94 real = ovl_dentry_upper(dentry); 95 if (real && (inode == d_inode(real))) 96 return real; 97 98 if (real && !inode && ovl_has_upperdata(d_inode(dentry))) 99 return real; 100 101 lower = ovl_dentry_lowerdata(dentry); 102 if (!lower) 103 goto bug; 104 real = lower; 105 106 /* Handle recursion */ 107 real = d_real(real, inode); 108 109 if (!inode || inode == d_inode(real)) 110 return real; 111 bug: 112 WARN(1, "%s(%pd4, %s:%lu): real dentry (%p/%lu) not found\n", 113 __func__, dentry, inode ? inode->i_sb->s_id : "NULL", 114 inode ? inode->i_ino : 0, real, 115 real && d_inode(real) ? d_inode(real)->i_ino : 0); 116 return dentry; 117 } 118 119 static int ovl_revalidate_real(struct dentry *d, unsigned int flags, bool weak) 120 { 121 int ret = 1; 122 123 if (weak) { 124 if (d->d_flags & DCACHE_OP_WEAK_REVALIDATE) 125 ret = d->d_op->d_weak_revalidate(d, flags); 126 } else if (d->d_flags & DCACHE_OP_REVALIDATE) { 127 ret = d->d_op->d_revalidate(d, flags); 128 if (!ret) { 129 if (!(flags & LOOKUP_RCU)) 130 d_invalidate(d); 131 ret = -ESTALE; 132 } 133 } 134 return ret; 135 } 136 137 static int ovl_dentry_revalidate_common(struct dentry *dentry, 138 unsigned int flags, bool weak) 139 { 140 struct ovl_entry *oe = dentry->d_fsdata; 141 struct dentry *upper; 142 unsigned int i; 143 int ret = 1; 144 145 upper = ovl_dentry_upper(dentry); 146 if (upper) 147 ret = ovl_revalidate_real(upper, flags, weak); 148 149 for (i = 0; ret > 0 && i < oe->numlower; i++) { 150 ret = ovl_revalidate_real(oe->lowerstack[i].dentry, flags, 151 weak); 152 } 153 return ret; 154 } 155 156 static int ovl_dentry_revalidate(struct dentry *dentry, unsigned int flags) 157 { 158 return ovl_dentry_revalidate_common(dentry, flags, false); 159 } 160 161 static int ovl_dentry_weak_revalidate(struct dentry *dentry, unsigned int flags) 162 { 163 return ovl_dentry_revalidate_common(dentry, flags, true); 164 } 165 166 static const struct dentry_operations ovl_dentry_operations = { 167 .d_release = ovl_dentry_release, 168 .d_real = ovl_d_real, 169 .d_revalidate = ovl_dentry_revalidate, 170 .d_weak_revalidate = ovl_dentry_weak_revalidate, 171 }; 172 173 static struct kmem_cache *ovl_inode_cachep; 174 175 static struct inode *ovl_alloc_inode(struct super_block *sb) 176 { 177 struct ovl_inode *oi = kmem_cache_alloc(ovl_inode_cachep, GFP_KERNEL); 178 179 if (!oi) 180 return NULL; 181 182 oi->cache = NULL; 183 oi->redirect = NULL; 184 oi->version = 0; 185 oi->flags = 0; 186 oi->__upperdentry = NULL; 187 oi->lower = NULL; 188 oi->lowerdata = NULL; 189 mutex_init(&oi->lock); 190 191 return &oi->vfs_inode; 192 } 193 194 static void ovl_free_inode(struct inode *inode) 195 { 196 struct ovl_inode *oi = OVL_I(inode); 197 198 kfree(oi->redirect); 199 mutex_destroy(&oi->lock); 200 kmem_cache_free(ovl_inode_cachep, oi); 201 } 202 203 static void ovl_destroy_inode(struct inode *inode) 204 { 205 struct ovl_inode *oi = OVL_I(inode); 206 207 dput(oi->__upperdentry); 208 iput(oi->lower); 209 if (S_ISDIR(inode->i_mode)) 210 ovl_dir_cache_free(inode); 211 else 212 iput(oi->lowerdata); 213 } 214 215 static void ovl_free_fs(struct ovl_fs *ofs) 216 { 217 struct vfsmount **mounts; 218 unsigned i; 219 220 iput(ofs->workbasedir_trap); 221 iput(ofs->indexdir_trap); 222 iput(ofs->workdir_trap); 223 dput(ofs->whiteout); 224 dput(ofs->indexdir); 225 dput(ofs->workdir); 226 if (ofs->workdir_locked) 227 ovl_inuse_unlock(ofs->workbasedir); 228 dput(ofs->workbasedir); 229 if (ofs->upperdir_locked) 230 ovl_inuse_unlock(ovl_upper_mnt(ofs)->mnt_root); 231 232 /* Hack! Reuse ofs->layers as a vfsmount array before freeing it */ 233 mounts = (struct vfsmount **) ofs->layers; 234 for (i = 0; i < ofs->numlayer; i++) { 235 iput(ofs->layers[i].trap); 236 mounts[i] = ofs->layers[i].mnt; 237 } 238 kern_unmount_array(mounts, ofs->numlayer); 239 kfree(ofs->layers); 240 for (i = 0; i < ofs->numfs; i++) 241 free_anon_bdev(ofs->fs[i].pseudo_dev); 242 kfree(ofs->fs); 243 244 kfree(ofs->config.lowerdir); 245 kfree(ofs->config.upperdir); 246 kfree(ofs->config.workdir); 247 kfree(ofs->config.redirect_mode); 248 if (ofs->creator_cred) 249 put_cred(ofs->creator_cred); 250 kfree(ofs); 251 } 252 253 static void ovl_put_super(struct super_block *sb) 254 { 255 struct ovl_fs *ofs = sb->s_fs_info; 256 257 ovl_free_fs(ofs); 258 } 259 260 /* Sync real dirty inodes in upper filesystem (if it exists) */ 261 static int ovl_sync_fs(struct super_block *sb, int wait) 262 { 263 struct ovl_fs *ofs = sb->s_fs_info; 264 struct super_block *upper_sb; 265 int ret; 266 267 if (!ovl_upper_mnt(ofs)) 268 return 0; 269 270 if (!ovl_should_sync(ofs)) 271 return 0; 272 /* 273 * Not called for sync(2) call or an emergency sync (SB_I_SKIP_SYNC). 274 * All the super blocks will be iterated, including upper_sb. 275 * 276 * If this is a syncfs(2) call, then we do need to call 277 * sync_filesystem() on upper_sb, but enough if we do it when being 278 * called with wait == 1. 279 */ 280 if (!wait) 281 return 0; 282 283 upper_sb = ovl_upper_mnt(ofs)->mnt_sb; 284 285 down_read(&upper_sb->s_umount); 286 ret = sync_filesystem(upper_sb); 287 up_read(&upper_sb->s_umount); 288 289 return ret; 290 } 291 292 /** 293 * ovl_statfs 294 * @sb: The overlayfs super block 295 * @buf: The struct kstatfs to fill in with stats 296 * 297 * Get the filesystem statistics. As writes always target the upper layer 298 * filesystem pass the statfs to the upper filesystem (if it exists) 299 */ 300 static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf) 301 { 302 struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 303 struct dentry *root_dentry = dentry->d_sb->s_root; 304 struct path path; 305 int err; 306 307 ovl_path_real(root_dentry, &path); 308 309 err = vfs_statfs(&path, buf); 310 if (!err) { 311 buf->f_namelen = ofs->namelen; 312 buf->f_type = OVERLAYFS_SUPER_MAGIC; 313 } 314 315 return err; 316 } 317 318 /* Will this overlay be forced to mount/remount ro? */ 319 static bool ovl_force_readonly(struct ovl_fs *ofs) 320 { 321 return (!ovl_upper_mnt(ofs) || !ofs->workdir); 322 } 323 324 static const char *ovl_redirect_mode_def(void) 325 { 326 return ovl_redirect_dir_def ? "on" : "off"; 327 } 328 329 static const char * const ovl_xino_str[] = { 330 "off", 331 "auto", 332 "on", 333 }; 334 335 static inline int ovl_xino_def(void) 336 { 337 return ovl_xino_auto_def ? OVL_XINO_AUTO : OVL_XINO_OFF; 338 } 339 340 /** 341 * ovl_show_options 342 * 343 * Prints the mount options for a given superblock. 344 * Returns zero; does not fail. 345 */ 346 static int ovl_show_options(struct seq_file *m, struct dentry *dentry) 347 { 348 struct super_block *sb = dentry->d_sb; 349 struct ovl_fs *ofs = sb->s_fs_info; 350 351 seq_show_option(m, "lowerdir", ofs->config.lowerdir); 352 if (ofs->config.upperdir) { 353 seq_show_option(m, "upperdir", ofs->config.upperdir); 354 seq_show_option(m, "workdir", ofs->config.workdir); 355 } 356 if (ofs->config.default_permissions) 357 seq_puts(m, ",default_permissions"); 358 if (strcmp(ofs->config.redirect_mode, ovl_redirect_mode_def()) != 0) 359 seq_printf(m, ",redirect_dir=%s", ofs->config.redirect_mode); 360 if (ofs->config.index != ovl_index_def) 361 seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off"); 362 if (!ofs->config.uuid) 363 seq_puts(m, ",uuid=off"); 364 if (ofs->config.nfs_export != ovl_nfs_export_def) 365 seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ? 366 "on" : "off"); 367 if (ofs->config.xino != ovl_xino_def() && !ovl_same_fs(sb)) 368 seq_printf(m, ",xino=%s", ovl_xino_str[ofs->config.xino]); 369 if (ofs->config.metacopy != ovl_metacopy_def) 370 seq_printf(m, ",metacopy=%s", 371 ofs->config.metacopy ? "on" : "off"); 372 if (ofs->config.ovl_volatile) 373 seq_puts(m, ",volatile"); 374 return 0; 375 } 376 377 static int ovl_remount(struct super_block *sb, int *flags, char *data) 378 { 379 struct ovl_fs *ofs = sb->s_fs_info; 380 struct super_block *upper_sb; 381 int ret = 0; 382 383 if (!(*flags & SB_RDONLY) && ovl_force_readonly(ofs)) 384 return -EROFS; 385 386 if (*flags & SB_RDONLY && !sb_rdonly(sb)) { 387 upper_sb = ovl_upper_mnt(ofs)->mnt_sb; 388 if (ovl_should_sync(ofs)) { 389 down_read(&upper_sb->s_umount); 390 ret = sync_filesystem(upper_sb); 391 up_read(&upper_sb->s_umount); 392 } 393 } 394 395 return ret; 396 } 397 398 static const struct super_operations ovl_super_operations = { 399 .alloc_inode = ovl_alloc_inode, 400 .free_inode = ovl_free_inode, 401 .destroy_inode = ovl_destroy_inode, 402 .drop_inode = generic_delete_inode, 403 .put_super = ovl_put_super, 404 .sync_fs = ovl_sync_fs, 405 .statfs = ovl_statfs, 406 .show_options = ovl_show_options, 407 .remount_fs = ovl_remount, 408 }; 409 410 enum { 411 OPT_LOWERDIR, 412 OPT_UPPERDIR, 413 OPT_WORKDIR, 414 OPT_DEFAULT_PERMISSIONS, 415 OPT_REDIRECT_DIR, 416 OPT_INDEX_ON, 417 OPT_INDEX_OFF, 418 OPT_UUID_ON, 419 OPT_UUID_OFF, 420 OPT_NFS_EXPORT_ON, 421 OPT_USERXATTR, 422 OPT_NFS_EXPORT_OFF, 423 OPT_XINO_ON, 424 OPT_XINO_OFF, 425 OPT_XINO_AUTO, 426 OPT_METACOPY_ON, 427 OPT_METACOPY_OFF, 428 OPT_VOLATILE, 429 OPT_ERR, 430 }; 431 432 static const match_table_t ovl_tokens = { 433 {OPT_LOWERDIR, "lowerdir=%s"}, 434 {OPT_UPPERDIR, "upperdir=%s"}, 435 {OPT_WORKDIR, "workdir=%s"}, 436 {OPT_DEFAULT_PERMISSIONS, "default_permissions"}, 437 {OPT_REDIRECT_DIR, "redirect_dir=%s"}, 438 {OPT_INDEX_ON, "index=on"}, 439 {OPT_INDEX_OFF, "index=off"}, 440 {OPT_USERXATTR, "userxattr"}, 441 {OPT_UUID_ON, "uuid=on"}, 442 {OPT_UUID_OFF, "uuid=off"}, 443 {OPT_NFS_EXPORT_ON, "nfs_export=on"}, 444 {OPT_NFS_EXPORT_OFF, "nfs_export=off"}, 445 {OPT_XINO_ON, "xino=on"}, 446 {OPT_XINO_OFF, "xino=off"}, 447 {OPT_XINO_AUTO, "xino=auto"}, 448 {OPT_METACOPY_ON, "metacopy=on"}, 449 {OPT_METACOPY_OFF, "metacopy=off"}, 450 {OPT_VOLATILE, "volatile"}, 451 {OPT_ERR, NULL} 452 }; 453 454 static char *ovl_next_opt(char **s) 455 { 456 char *sbegin = *s; 457 char *p; 458 459 if (sbegin == NULL) 460 return NULL; 461 462 for (p = sbegin; *p; p++) { 463 if (*p == '\\') { 464 p++; 465 if (!*p) 466 break; 467 } else if (*p == ',') { 468 *p = '\0'; 469 *s = p + 1; 470 return sbegin; 471 } 472 } 473 *s = NULL; 474 return sbegin; 475 } 476 477 static int ovl_parse_redirect_mode(struct ovl_config *config, const char *mode) 478 { 479 if (strcmp(mode, "on") == 0) { 480 config->redirect_dir = true; 481 /* 482 * Does not make sense to have redirect creation without 483 * redirect following. 484 */ 485 config->redirect_follow = true; 486 } else if (strcmp(mode, "follow") == 0) { 487 config->redirect_follow = true; 488 } else if (strcmp(mode, "off") == 0) { 489 if (ovl_redirect_always_follow) 490 config->redirect_follow = true; 491 } else if (strcmp(mode, "nofollow") != 0) { 492 pr_err("bad mount option \"redirect_dir=%s\"\n", 493 mode); 494 return -EINVAL; 495 } 496 497 return 0; 498 } 499 500 static int ovl_parse_opt(char *opt, struct ovl_config *config) 501 { 502 char *p; 503 int err; 504 bool metacopy_opt = false, redirect_opt = false; 505 bool nfs_export_opt = false, index_opt = false; 506 507 config->redirect_mode = kstrdup(ovl_redirect_mode_def(), GFP_KERNEL); 508 if (!config->redirect_mode) 509 return -ENOMEM; 510 511 while ((p = ovl_next_opt(&opt)) != NULL) { 512 int token; 513 substring_t args[MAX_OPT_ARGS]; 514 515 if (!*p) 516 continue; 517 518 token = match_token(p, ovl_tokens, args); 519 switch (token) { 520 case OPT_UPPERDIR: 521 kfree(config->upperdir); 522 config->upperdir = match_strdup(&args[0]); 523 if (!config->upperdir) 524 return -ENOMEM; 525 break; 526 527 case OPT_LOWERDIR: 528 kfree(config->lowerdir); 529 config->lowerdir = match_strdup(&args[0]); 530 if (!config->lowerdir) 531 return -ENOMEM; 532 break; 533 534 case OPT_WORKDIR: 535 kfree(config->workdir); 536 config->workdir = match_strdup(&args[0]); 537 if (!config->workdir) 538 return -ENOMEM; 539 break; 540 541 case OPT_DEFAULT_PERMISSIONS: 542 config->default_permissions = true; 543 break; 544 545 case OPT_REDIRECT_DIR: 546 kfree(config->redirect_mode); 547 config->redirect_mode = match_strdup(&args[0]); 548 if (!config->redirect_mode) 549 return -ENOMEM; 550 redirect_opt = true; 551 break; 552 553 case OPT_INDEX_ON: 554 config->index = true; 555 index_opt = true; 556 break; 557 558 case OPT_INDEX_OFF: 559 config->index = false; 560 index_opt = true; 561 break; 562 563 case OPT_UUID_ON: 564 config->uuid = true; 565 break; 566 567 case OPT_UUID_OFF: 568 config->uuid = false; 569 break; 570 571 case OPT_NFS_EXPORT_ON: 572 config->nfs_export = true; 573 nfs_export_opt = true; 574 break; 575 576 case OPT_NFS_EXPORT_OFF: 577 config->nfs_export = false; 578 nfs_export_opt = true; 579 break; 580 581 case OPT_XINO_ON: 582 config->xino = OVL_XINO_ON; 583 break; 584 585 case OPT_XINO_OFF: 586 config->xino = OVL_XINO_OFF; 587 break; 588 589 case OPT_XINO_AUTO: 590 config->xino = OVL_XINO_AUTO; 591 break; 592 593 case OPT_METACOPY_ON: 594 config->metacopy = true; 595 metacopy_opt = true; 596 break; 597 598 case OPT_METACOPY_OFF: 599 config->metacopy = false; 600 metacopy_opt = true; 601 break; 602 603 case OPT_VOLATILE: 604 config->ovl_volatile = true; 605 break; 606 607 case OPT_USERXATTR: 608 config->userxattr = true; 609 break; 610 611 default: 612 pr_err("unrecognized mount option \"%s\" or missing value\n", 613 p); 614 return -EINVAL; 615 } 616 } 617 618 /* Workdir/index are useless in non-upper mount */ 619 if (!config->upperdir) { 620 if (config->workdir) { 621 pr_info("option \"workdir=%s\" is useless in a non-upper mount, ignore\n", 622 config->workdir); 623 kfree(config->workdir); 624 config->workdir = NULL; 625 } 626 if (config->index && index_opt) { 627 pr_info("option \"index=on\" is useless in a non-upper mount, ignore\n"); 628 index_opt = false; 629 } 630 config->index = false; 631 } 632 633 if (!config->upperdir && config->ovl_volatile) { 634 pr_info("option \"volatile\" is meaningless in a non-upper mount, ignoring it.\n"); 635 config->ovl_volatile = false; 636 } 637 638 err = ovl_parse_redirect_mode(config, config->redirect_mode); 639 if (err) 640 return err; 641 642 /* 643 * This is to make the logic below simpler. It doesn't make any other 644 * difference, since config->redirect_dir is only used for upper. 645 */ 646 if (!config->upperdir && config->redirect_follow) 647 config->redirect_dir = true; 648 649 /* Resolve metacopy -> redirect_dir dependency */ 650 if (config->metacopy && !config->redirect_dir) { 651 if (metacopy_opt && redirect_opt) { 652 pr_err("conflicting options: metacopy=on,redirect_dir=%s\n", 653 config->redirect_mode); 654 return -EINVAL; 655 } 656 if (redirect_opt) { 657 /* 658 * There was an explicit redirect_dir=... that resulted 659 * in this conflict. 660 */ 661 pr_info("disabling metacopy due to redirect_dir=%s\n", 662 config->redirect_mode); 663 config->metacopy = false; 664 } else { 665 /* Automatically enable redirect otherwise. */ 666 config->redirect_follow = config->redirect_dir = true; 667 } 668 } 669 670 /* Resolve nfs_export -> index dependency */ 671 if (config->nfs_export && !config->index) { 672 if (!config->upperdir && config->redirect_follow) { 673 pr_info("NFS export requires \"redirect_dir=nofollow\" on non-upper mount, falling back to nfs_export=off.\n"); 674 config->nfs_export = false; 675 } else if (nfs_export_opt && index_opt) { 676 pr_err("conflicting options: nfs_export=on,index=off\n"); 677 return -EINVAL; 678 } else if (index_opt) { 679 /* 680 * There was an explicit index=off that resulted 681 * in this conflict. 682 */ 683 pr_info("disabling nfs_export due to index=off\n"); 684 config->nfs_export = false; 685 } else { 686 /* Automatically enable index otherwise. */ 687 config->index = true; 688 } 689 } 690 691 /* Resolve nfs_export -> !metacopy dependency */ 692 if (config->nfs_export && config->metacopy) { 693 if (nfs_export_opt && metacopy_opt) { 694 pr_err("conflicting options: nfs_export=on,metacopy=on\n"); 695 return -EINVAL; 696 } 697 if (metacopy_opt) { 698 /* 699 * There was an explicit metacopy=on that resulted 700 * in this conflict. 701 */ 702 pr_info("disabling nfs_export due to metacopy=on\n"); 703 config->nfs_export = false; 704 } else { 705 /* 706 * There was an explicit nfs_export=on that resulted 707 * in this conflict. 708 */ 709 pr_info("disabling metacopy due to nfs_export=on\n"); 710 config->metacopy = false; 711 } 712 } 713 714 715 /* Resolve userxattr -> !redirect && !metacopy dependency */ 716 if (config->userxattr) { 717 if (config->redirect_follow && redirect_opt) { 718 pr_err("conflicting options: userxattr,redirect_dir=%s\n", 719 config->redirect_mode); 720 return -EINVAL; 721 } 722 if (config->metacopy && metacopy_opt) { 723 pr_err("conflicting options: userxattr,metacopy=on\n"); 724 return -EINVAL; 725 } 726 /* 727 * Silently disable default setting of redirect and metacopy. 728 * This shall be the default in the future as well: these 729 * options must be explicitly enabled if used together with 730 * userxattr. 731 */ 732 config->redirect_dir = config->redirect_follow = false; 733 config->metacopy = false; 734 } 735 736 return 0; 737 } 738 739 #define OVL_WORKDIR_NAME "work" 740 #define OVL_INDEXDIR_NAME "index" 741 742 static struct dentry *ovl_workdir_create(struct ovl_fs *ofs, 743 const char *name, bool persist) 744 { 745 struct inode *dir = ofs->workbasedir->d_inode; 746 struct vfsmount *mnt = ovl_upper_mnt(ofs); 747 struct dentry *work; 748 int err; 749 bool retried = false; 750 751 inode_lock_nested(dir, I_MUTEX_PARENT); 752 retry: 753 work = lookup_one_len(name, ofs->workbasedir, strlen(name)); 754 755 if (!IS_ERR(work)) { 756 struct iattr attr = { 757 .ia_valid = ATTR_MODE, 758 .ia_mode = S_IFDIR | 0, 759 }; 760 761 if (work->d_inode) { 762 err = -EEXIST; 763 if (retried) 764 goto out_dput; 765 766 if (persist) 767 goto out_unlock; 768 769 retried = true; 770 err = ovl_workdir_cleanup(dir, mnt, work, 0); 771 dput(work); 772 if (err == -EINVAL) { 773 work = ERR_PTR(err); 774 goto out_unlock; 775 } 776 goto retry; 777 } 778 779 work = ovl_create_real(dir, work, OVL_CATTR(attr.ia_mode)); 780 err = PTR_ERR(work); 781 if (IS_ERR(work)) 782 goto out_err; 783 784 /* 785 * Try to remove POSIX ACL xattrs from workdir. We are good if: 786 * 787 * a) success (there was a POSIX ACL xattr and was removed) 788 * b) -ENODATA (there was no POSIX ACL xattr) 789 * c) -EOPNOTSUPP (POSIX ACL xattrs are not supported) 790 * 791 * There are various other error values that could effectively 792 * mean that the xattr doesn't exist (e.g. -ERANGE is returned 793 * if the xattr name is too long), but the set of filesystems 794 * allowed as upper are limited to "normal" ones, where checking 795 * for the above two errors is sufficient. 796 */ 797 err = vfs_removexattr(work, XATTR_NAME_POSIX_ACL_DEFAULT); 798 if (err && err != -ENODATA && err != -EOPNOTSUPP) 799 goto out_dput; 800 801 err = vfs_removexattr(work, XATTR_NAME_POSIX_ACL_ACCESS); 802 if (err && err != -ENODATA && err != -EOPNOTSUPP) 803 goto out_dput; 804 805 /* Clear any inherited mode bits */ 806 inode_lock(work->d_inode); 807 err = notify_change(work, &attr, NULL); 808 inode_unlock(work->d_inode); 809 if (err) 810 goto out_dput; 811 } else { 812 err = PTR_ERR(work); 813 goto out_err; 814 } 815 out_unlock: 816 inode_unlock(dir); 817 return work; 818 819 out_dput: 820 dput(work); 821 out_err: 822 pr_warn("failed to create directory %s/%s (errno: %i); mounting read-only\n", 823 ofs->config.workdir, name, -err); 824 work = NULL; 825 goto out_unlock; 826 } 827 828 static void ovl_unescape(char *s) 829 { 830 char *d = s; 831 832 for (;; s++, d++) { 833 if (*s == '\\') 834 s++; 835 *d = *s; 836 if (!*s) 837 break; 838 } 839 } 840 841 static int ovl_mount_dir_noesc(const char *name, struct path *path) 842 { 843 int err = -EINVAL; 844 845 if (!*name) { 846 pr_err("empty lowerdir\n"); 847 goto out; 848 } 849 err = kern_path(name, LOOKUP_FOLLOW, path); 850 if (err) { 851 pr_err("failed to resolve '%s': %i\n", name, err); 852 goto out; 853 } 854 err = -EINVAL; 855 if (ovl_dentry_weird(path->dentry)) { 856 pr_err("filesystem on '%s' not supported\n", name); 857 goto out_put; 858 } 859 if (!d_is_dir(path->dentry)) { 860 pr_err("'%s' not a directory\n", name); 861 goto out_put; 862 } 863 return 0; 864 865 out_put: 866 path_put_init(path); 867 out: 868 return err; 869 } 870 871 static int ovl_mount_dir(const char *name, struct path *path) 872 { 873 int err = -ENOMEM; 874 char *tmp = kstrdup(name, GFP_KERNEL); 875 876 if (tmp) { 877 ovl_unescape(tmp); 878 err = ovl_mount_dir_noesc(tmp, path); 879 880 if (!err && path->dentry->d_flags & DCACHE_OP_REAL) { 881 pr_err("filesystem on '%s' not supported as upperdir\n", 882 tmp); 883 path_put_init(path); 884 err = -EINVAL; 885 } 886 kfree(tmp); 887 } 888 return err; 889 } 890 891 static int ovl_check_namelen(struct path *path, struct ovl_fs *ofs, 892 const char *name) 893 { 894 struct kstatfs statfs; 895 int err = vfs_statfs(path, &statfs); 896 897 if (err) 898 pr_err("statfs failed on '%s'\n", name); 899 else 900 ofs->namelen = max(ofs->namelen, statfs.f_namelen); 901 902 return err; 903 } 904 905 static int ovl_lower_dir(const char *name, struct path *path, 906 struct ovl_fs *ofs, int *stack_depth) 907 { 908 int fh_type; 909 int err; 910 911 err = ovl_mount_dir_noesc(name, path); 912 if (err) 913 return err; 914 915 err = ovl_check_namelen(path, ofs, name); 916 if (err) 917 return err; 918 919 *stack_depth = max(*stack_depth, path->mnt->mnt_sb->s_stack_depth); 920 921 /* 922 * The inodes index feature and NFS export need to encode and decode 923 * file handles, so they require that all layers support them. 924 */ 925 fh_type = ovl_can_decode_fh(path->dentry->d_sb); 926 if ((ofs->config.nfs_export || 927 (ofs->config.index && ofs->config.upperdir)) && !fh_type) { 928 ofs->config.index = false; 929 ofs->config.nfs_export = false; 930 pr_warn("fs on '%s' does not support file handles, falling back to index=off,nfs_export=off.\n", 931 name); 932 } 933 934 /* Check if lower fs has 32bit inode numbers */ 935 if (fh_type != FILEID_INO32_GEN) 936 ofs->xino_mode = -1; 937 938 return 0; 939 } 940 941 /* Workdir should not be subdir of upperdir and vice versa */ 942 static bool ovl_workdir_ok(struct dentry *workdir, struct dentry *upperdir) 943 { 944 bool ok = false; 945 946 if (workdir != upperdir) { 947 ok = (lock_rename(workdir, upperdir) == NULL); 948 unlock_rename(workdir, upperdir); 949 } 950 return ok; 951 } 952 953 static unsigned int ovl_split_lowerdirs(char *str) 954 { 955 unsigned int ctr = 1; 956 char *s, *d; 957 958 for (s = d = str;; s++, d++) { 959 if (*s == '\\') { 960 s++; 961 } else if (*s == ':') { 962 *d = '\0'; 963 ctr++; 964 continue; 965 } 966 *d = *s; 967 if (!*s) 968 break; 969 } 970 return ctr; 971 } 972 973 static int __maybe_unused 974 ovl_posix_acl_xattr_get(const struct xattr_handler *handler, 975 struct dentry *dentry, struct inode *inode, 976 const char *name, void *buffer, size_t size) 977 { 978 return ovl_xattr_get(dentry, inode, handler->name, buffer, size); 979 } 980 981 static int __maybe_unused 982 ovl_posix_acl_xattr_set(const struct xattr_handler *handler, 983 struct dentry *dentry, struct inode *inode, 984 const char *name, const void *value, 985 size_t size, int flags) 986 { 987 struct dentry *workdir = ovl_workdir(dentry); 988 struct inode *realinode = ovl_inode_real(inode); 989 struct posix_acl *acl = NULL; 990 int err; 991 992 /* Check that everything is OK before copy-up */ 993 if (value) { 994 acl = posix_acl_from_xattr(&init_user_ns, value, size); 995 if (IS_ERR(acl)) 996 return PTR_ERR(acl); 997 } 998 err = -EOPNOTSUPP; 999 if (!IS_POSIXACL(d_inode(workdir))) 1000 goto out_acl_release; 1001 if (!realinode->i_op->set_acl) 1002 goto out_acl_release; 1003 if (handler->flags == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) { 1004 err = acl ? -EACCES : 0; 1005 goto out_acl_release; 1006 } 1007 err = -EPERM; 1008 if (!inode_owner_or_capable(inode)) 1009 goto out_acl_release; 1010 1011 posix_acl_release(acl); 1012 1013 /* 1014 * Check if sgid bit needs to be cleared (actual setacl operation will 1015 * be done with mounter's capabilities and so that won't do it for us). 1016 */ 1017 if (unlikely(inode->i_mode & S_ISGID) && 1018 handler->flags == ACL_TYPE_ACCESS && 1019 !in_group_p(inode->i_gid) && 1020 !capable_wrt_inode_uidgid(inode, CAP_FSETID)) { 1021 struct iattr iattr = { .ia_valid = ATTR_KILL_SGID }; 1022 1023 err = ovl_setattr(dentry, &iattr); 1024 if (err) 1025 return err; 1026 } 1027 1028 err = ovl_xattr_set(dentry, inode, handler->name, value, size, flags); 1029 if (!err) 1030 ovl_copyattr(ovl_inode_real(inode), inode); 1031 1032 return err; 1033 1034 out_acl_release: 1035 posix_acl_release(acl); 1036 return err; 1037 } 1038 1039 static int ovl_own_xattr_get(const struct xattr_handler *handler, 1040 struct dentry *dentry, struct inode *inode, 1041 const char *name, void *buffer, size_t size) 1042 { 1043 return -EOPNOTSUPP; 1044 } 1045 1046 static int ovl_own_xattr_set(const struct xattr_handler *handler, 1047 struct dentry *dentry, struct inode *inode, 1048 const char *name, const void *value, 1049 size_t size, int flags) 1050 { 1051 return -EOPNOTSUPP; 1052 } 1053 1054 static int ovl_other_xattr_get(const struct xattr_handler *handler, 1055 struct dentry *dentry, struct inode *inode, 1056 const char *name, void *buffer, size_t size) 1057 { 1058 return ovl_xattr_get(dentry, inode, name, buffer, size); 1059 } 1060 1061 static int ovl_other_xattr_set(const struct xattr_handler *handler, 1062 struct dentry *dentry, struct inode *inode, 1063 const char *name, const void *value, 1064 size_t size, int flags) 1065 { 1066 return ovl_xattr_set(dentry, inode, name, value, size, flags); 1067 } 1068 1069 static const struct xattr_handler __maybe_unused 1070 ovl_posix_acl_access_xattr_handler = { 1071 .name = XATTR_NAME_POSIX_ACL_ACCESS, 1072 .flags = ACL_TYPE_ACCESS, 1073 .get = ovl_posix_acl_xattr_get, 1074 .set = ovl_posix_acl_xattr_set, 1075 }; 1076 1077 static const struct xattr_handler __maybe_unused 1078 ovl_posix_acl_default_xattr_handler = { 1079 .name = XATTR_NAME_POSIX_ACL_DEFAULT, 1080 .flags = ACL_TYPE_DEFAULT, 1081 .get = ovl_posix_acl_xattr_get, 1082 .set = ovl_posix_acl_xattr_set, 1083 }; 1084 1085 static const struct xattr_handler ovl_own_trusted_xattr_handler = { 1086 .prefix = OVL_XATTR_TRUSTED_PREFIX, 1087 .get = ovl_own_xattr_get, 1088 .set = ovl_own_xattr_set, 1089 }; 1090 1091 static const struct xattr_handler ovl_own_user_xattr_handler = { 1092 .prefix = OVL_XATTR_USER_PREFIX, 1093 .get = ovl_own_xattr_get, 1094 .set = ovl_own_xattr_set, 1095 }; 1096 1097 static const struct xattr_handler ovl_other_xattr_handler = { 1098 .prefix = "", /* catch all */ 1099 .get = ovl_other_xattr_get, 1100 .set = ovl_other_xattr_set, 1101 }; 1102 1103 static const struct xattr_handler *ovl_trusted_xattr_handlers[] = { 1104 #ifdef CONFIG_FS_POSIX_ACL 1105 &ovl_posix_acl_access_xattr_handler, 1106 &ovl_posix_acl_default_xattr_handler, 1107 #endif 1108 &ovl_own_trusted_xattr_handler, 1109 &ovl_other_xattr_handler, 1110 NULL 1111 }; 1112 1113 static const struct xattr_handler *ovl_user_xattr_handlers[] = { 1114 #ifdef CONFIG_FS_POSIX_ACL 1115 &ovl_posix_acl_access_xattr_handler, 1116 &ovl_posix_acl_default_xattr_handler, 1117 #endif 1118 &ovl_own_user_xattr_handler, 1119 &ovl_other_xattr_handler, 1120 NULL 1121 }; 1122 1123 static int ovl_setup_trap(struct super_block *sb, struct dentry *dir, 1124 struct inode **ptrap, const char *name) 1125 { 1126 struct inode *trap; 1127 int err; 1128 1129 trap = ovl_get_trap_inode(sb, dir); 1130 err = PTR_ERR_OR_ZERO(trap); 1131 if (err) { 1132 if (err == -ELOOP) 1133 pr_err("conflicting %s path\n", name); 1134 return err; 1135 } 1136 1137 *ptrap = trap; 1138 return 0; 1139 } 1140 1141 /* 1142 * Determine how we treat concurrent use of upperdir/workdir based on the 1143 * index feature. This is papering over mount leaks of container runtimes, 1144 * for example, an old overlay mount is leaked and now its upperdir is 1145 * attempted to be used as a lower layer in a new overlay mount. 1146 */ 1147 static int ovl_report_in_use(struct ovl_fs *ofs, const char *name) 1148 { 1149 if (ofs->config.index) { 1150 pr_err("%s is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.\n", 1151 name); 1152 return -EBUSY; 1153 } else { 1154 pr_warn("%s is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.\n", 1155 name); 1156 return 0; 1157 } 1158 } 1159 1160 static int ovl_get_upper(struct super_block *sb, struct ovl_fs *ofs, 1161 struct ovl_layer *upper_layer, struct path *upperpath) 1162 { 1163 struct vfsmount *upper_mnt; 1164 int err; 1165 1166 err = ovl_mount_dir(ofs->config.upperdir, upperpath); 1167 if (err) 1168 goto out; 1169 1170 /* Upper fs should not be r/o */ 1171 if (sb_rdonly(upperpath->mnt->mnt_sb)) { 1172 pr_err("upper fs is r/o, try multi-lower layers mount\n"); 1173 err = -EINVAL; 1174 goto out; 1175 } 1176 1177 err = ovl_check_namelen(upperpath, ofs, ofs->config.upperdir); 1178 if (err) 1179 goto out; 1180 1181 err = ovl_setup_trap(sb, upperpath->dentry, &upper_layer->trap, 1182 "upperdir"); 1183 if (err) 1184 goto out; 1185 1186 upper_mnt = clone_private_mount(upperpath); 1187 err = PTR_ERR(upper_mnt); 1188 if (IS_ERR(upper_mnt)) { 1189 pr_err("failed to clone upperpath\n"); 1190 goto out; 1191 } 1192 1193 /* Don't inherit atime flags */ 1194 upper_mnt->mnt_flags &= ~(MNT_NOATIME | MNT_NODIRATIME | MNT_RELATIME); 1195 upper_layer->mnt = upper_mnt; 1196 upper_layer->idx = 0; 1197 upper_layer->fsid = 0; 1198 1199 /* 1200 * Inherit SB_NOSEC flag from upperdir. 1201 * 1202 * This optimization changes behavior when a security related attribute 1203 * (suid/sgid/security.*) is changed on an underlying layer. This is 1204 * okay because we don't yet have guarantees in that case, but it will 1205 * need careful treatment once we want to honour changes to underlying 1206 * filesystems. 1207 */ 1208 if (upper_mnt->mnt_sb->s_flags & SB_NOSEC) 1209 sb->s_flags |= SB_NOSEC; 1210 1211 if (ovl_inuse_trylock(ovl_upper_mnt(ofs)->mnt_root)) { 1212 ofs->upperdir_locked = true; 1213 } else { 1214 err = ovl_report_in_use(ofs, "upperdir"); 1215 if (err) 1216 goto out; 1217 } 1218 1219 err = 0; 1220 out: 1221 return err; 1222 } 1223 1224 /* 1225 * Returns 1 if RENAME_WHITEOUT is supported, 0 if not supported and 1226 * negative values if error is encountered. 1227 */ 1228 static int ovl_check_rename_whiteout(struct dentry *workdir) 1229 { 1230 struct inode *dir = d_inode(workdir); 1231 struct dentry *temp; 1232 struct dentry *dest; 1233 struct dentry *whiteout; 1234 struct name_snapshot name; 1235 int err; 1236 1237 inode_lock_nested(dir, I_MUTEX_PARENT); 1238 1239 temp = ovl_create_temp(workdir, OVL_CATTR(S_IFREG | 0)); 1240 err = PTR_ERR(temp); 1241 if (IS_ERR(temp)) 1242 goto out_unlock; 1243 1244 dest = ovl_lookup_temp(workdir); 1245 err = PTR_ERR(dest); 1246 if (IS_ERR(dest)) { 1247 dput(temp); 1248 goto out_unlock; 1249 } 1250 1251 /* Name is inline and stable - using snapshot as a copy helper */ 1252 take_dentry_name_snapshot(&name, temp); 1253 err = ovl_do_rename(dir, temp, dir, dest, RENAME_WHITEOUT); 1254 if (err) { 1255 if (err == -EINVAL) 1256 err = 0; 1257 goto cleanup_temp; 1258 } 1259 1260 whiteout = lookup_one_len(name.name.name, workdir, name.name.len); 1261 err = PTR_ERR(whiteout); 1262 if (IS_ERR(whiteout)) 1263 goto cleanup_temp; 1264 1265 err = ovl_is_whiteout(whiteout); 1266 1267 /* Best effort cleanup of whiteout and temp file */ 1268 if (err) 1269 ovl_cleanup(dir, whiteout); 1270 dput(whiteout); 1271 1272 cleanup_temp: 1273 ovl_cleanup(dir, temp); 1274 release_dentry_name_snapshot(&name); 1275 dput(temp); 1276 dput(dest); 1277 1278 out_unlock: 1279 inode_unlock(dir); 1280 1281 return err; 1282 } 1283 1284 static struct dentry *ovl_lookup_or_create(struct dentry *parent, 1285 const char *name, umode_t mode) 1286 { 1287 size_t len = strlen(name); 1288 struct dentry *child; 1289 1290 inode_lock_nested(parent->d_inode, I_MUTEX_PARENT); 1291 child = lookup_one_len(name, parent, len); 1292 if (!IS_ERR(child) && !child->d_inode) 1293 child = ovl_create_real(parent->d_inode, child, 1294 OVL_CATTR(mode)); 1295 inode_unlock(parent->d_inode); 1296 dput(parent); 1297 1298 return child; 1299 } 1300 1301 /* 1302 * Creates $workdir/work/incompat/volatile/dirty file if it is not already 1303 * present. 1304 */ 1305 static int ovl_create_volatile_dirty(struct ovl_fs *ofs) 1306 { 1307 unsigned int ctr; 1308 struct dentry *d = dget(ofs->workbasedir); 1309 static const char *const volatile_path[] = { 1310 OVL_WORKDIR_NAME, "incompat", "volatile", "dirty" 1311 }; 1312 const char *const *name = volatile_path; 1313 1314 for (ctr = ARRAY_SIZE(volatile_path); ctr; ctr--, name++) { 1315 d = ovl_lookup_or_create(d, *name, ctr > 1 ? S_IFDIR : S_IFREG); 1316 if (IS_ERR(d)) 1317 return PTR_ERR(d); 1318 } 1319 dput(d); 1320 return 0; 1321 } 1322 1323 static int ovl_make_workdir(struct super_block *sb, struct ovl_fs *ofs, 1324 struct path *workpath) 1325 { 1326 struct vfsmount *mnt = ovl_upper_mnt(ofs); 1327 struct dentry *temp, *workdir; 1328 bool rename_whiteout; 1329 bool d_type; 1330 int fh_type; 1331 int err; 1332 1333 err = mnt_want_write(mnt); 1334 if (err) 1335 return err; 1336 1337 workdir = ovl_workdir_create(ofs, OVL_WORKDIR_NAME, false); 1338 err = PTR_ERR(workdir); 1339 if (IS_ERR_OR_NULL(workdir)) 1340 goto out; 1341 1342 ofs->workdir = workdir; 1343 1344 err = ovl_setup_trap(sb, ofs->workdir, &ofs->workdir_trap, "workdir"); 1345 if (err) 1346 goto out; 1347 1348 /* 1349 * Upper should support d_type, else whiteouts are visible. Given 1350 * workdir and upper are on same fs, we can do iterate_dir() on 1351 * workdir. This check requires successful creation of workdir in 1352 * previous step. 1353 */ 1354 err = ovl_check_d_type_supported(workpath); 1355 if (err < 0) 1356 goto out; 1357 1358 d_type = err; 1359 if (!d_type) 1360 pr_warn("upper fs needs to support d_type.\n"); 1361 1362 /* Check if upper/work fs supports O_TMPFILE */ 1363 temp = ovl_do_tmpfile(ofs->workdir, S_IFREG | 0); 1364 ofs->tmpfile = !IS_ERR(temp); 1365 if (ofs->tmpfile) 1366 dput(temp); 1367 else 1368 pr_warn("upper fs does not support tmpfile.\n"); 1369 1370 1371 /* Check if upper/work fs supports RENAME_WHITEOUT */ 1372 err = ovl_check_rename_whiteout(ofs->workdir); 1373 if (err < 0) 1374 goto out; 1375 1376 rename_whiteout = err; 1377 if (!rename_whiteout) 1378 pr_warn("upper fs does not support RENAME_WHITEOUT.\n"); 1379 1380 /* 1381 * Check if upper/work fs supports (trusted|user).overlay.* xattr 1382 */ 1383 err = ovl_do_setxattr(ofs, ofs->workdir, OVL_XATTR_OPAQUE, "0", 1); 1384 if (err) { 1385 ofs->noxattr = true; 1386 ofs->config.index = false; 1387 ofs->config.metacopy = false; 1388 pr_warn("upper fs does not support xattr, falling back to index=off and metacopy=off.\n"); 1389 err = 0; 1390 } else { 1391 ovl_do_removexattr(ofs, ofs->workdir, OVL_XATTR_OPAQUE); 1392 } 1393 1394 /* 1395 * We allowed sub-optimal upper fs configuration and don't want to break 1396 * users over kernel upgrade, but we never allowed remote upper fs, so 1397 * we can enforce strict requirements for remote upper fs. 1398 */ 1399 if (ovl_dentry_remote(ofs->workdir) && 1400 (!d_type || !rename_whiteout || ofs->noxattr)) { 1401 pr_err("upper fs missing required features.\n"); 1402 err = -EINVAL; 1403 goto out; 1404 } 1405 1406 /* 1407 * For volatile mount, create a incompat/volatile/dirty file to keep 1408 * track of it. 1409 */ 1410 if (ofs->config.ovl_volatile) { 1411 err = ovl_create_volatile_dirty(ofs); 1412 if (err < 0) { 1413 pr_err("Failed to create volatile/dirty file.\n"); 1414 goto out; 1415 } 1416 } 1417 1418 /* Check if upper/work fs supports file handles */ 1419 fh_type = ovl_can_decode_fh(ofs->workdir->d_sb); 1420 if (ofs->config.index && !fh_type) { 1421 ofs->config.index = false; 1422 pr_warn("upper fs does not support file handles, falling back to index=off.\n"); 1423 } 1424 1425 /* Check if upper fs has 32bit inode numbers */ 1426 if (fh_type != FILEID_INO32_GEN) 1427 ofs->xino_mode = -1; 1428 1429 /* NFS export of r/w mount depends on index */ 1430 if (ofs->config.nfs_export && !ofs->config.index) { 1431 pr_warn("NFS export requires \"index=on\", falling back to nfs_export=off.\n"); 1432 ofs->config.nfs_export = false; 1433 } 1434 out: 1435 mnt_drop_write(mnt); 1436 return err; 1437 } 1438 1439 static int ovl_get_workdir(struct super_block *sb, struct ovl_fs *ofs, 1440 struct path *upperpath) 1441 { 1442 int err; 1443 struct path workpath = { }; 1444 1445 err = ovl_mount_dir(ofs->config.workdir, &workpath); 1446 if (err) 1447 goto out; 1448 1449 err = -EINVAL; 1450 if (upperpath->mnt != workpath.mnt) { 1451 pr_err("workdir and upperdir must reside under the same mount\n"); 1452 goto out; 1453 } 1454 if (!ovl_workdir_ok(workpath.dentry, upperpath->dentry)) { 1455 pr_err("workdir and upperdir must be separate subtrees\n"); 1456 goto out; 1457 } 1458 1459 ofs->workbasedir = dget(workpath.dentry); 1460 1461 if (ovl_inuse_trylock(ofs->workbasedir)) { 1462 ofs->workdir_locked = true; 1463 } else { 1464 err = ovl_report_in_use(ofs, "workdir"); 1465 if (err) 1466 goto out; 1467 } 1468 1469 err = ovl_setup_trap(sb, ofs->workbasedir, &ofs->workbasedir_trap, 1470 "workdir"); 1471 if (err) 1472 goto out; 1473 1474 err = ovl_make_workdir(sb, ofs, &workpath); 1475 1476 out: 1477 path_put(&workpath); 1478 1479 return err; 1480 } 1481 1482 static int ovl_get_indexdir(struct super_block *sb, struct ovl_fs *ofs, 1483 struct ovl_entry *oe, struct path *upperpath) 1484 { 1485 struct vfsmount *mnt = ovl_upper_mnt(ofs); 1486 struct dentry *indexdir; 1487 int err; 1488 1489 err = mnt_want_write(mnt); 1490 if (err) 1491 return err; 1492 1493 /* Verify lower root is upper root origin */ 1494 err = ovl_verify_origin(ofs, upperpath->dentry, 1495 oe->lowerstack[0].dentry, true); 1496 if (err) { 1497 pr_err("failed to verify upper root origin\n"); 1498 goto out; 1499 } 1500 1501 /* index dir will act also as workdir */ 1502 iput(ofs->workdir_trap); 1503 ofs->workdir_trap = NULL; 1504 dput(ofs->workdir); 1505 ofs->workdir = NULL; 1506 indexdir = ovl_workdir_create(ofs, OVL_INDEXDIR_NAME, true); 1507 if (IS_ERR(indexdir)) { 1508 err = PTR_ERR(indexdir); 1509 } else if (indexdir) { 1510 ofs->indexdir = indexdir; 1511 ofs->workdir = dget(indexdir); 1512 1513 err = ovl_setup_trap(sb, ofs->indexdir, &ofs->indexdir_trap, 1514 "indexdir"); 1515 if (err) 1516 goto out; 1517 1518 /* 1519 * Verify upper root is exclusively associated with index dir. 1520 * Older kernels stored upper fh in ".overlay.origin" 1521 * xattr. If that xattr exists, verify that it is a match to 1522 * upper dir file handle. In any case, verify or set xattr 1523 * ".overlay.upper" to indicate that index may have 1524 * directory entries. 1525 */ 1526 if (ovl_check_origin_xattr(ofs, ofs->indexdir)) { 1527 err = ovl_verify_set_fh(ofs, ofs->indexdir, 1528 OVL_XATTR_ORIGIN, 1529 upperpath->dentry, true, false); 1530 if (err) 1531 pr_err("failed to verify index dir 'origin' xattr\n"); 1532 } 1533 err = ovl_verify_upper(ofs, ofs->indexdir, upperpath->dentry, 1534 true); 1535 if (err) 1536 pr_err("failed to verify index dir 'upper' xattr\n"); 1537 1538 /* Cleanup bad/stale/orphan index entries */ 1539 if (!err) 1540 err = ovl_indexdir_cleanup(ofs); 1541 } 1542 if (err || !ofs->indexdir) 1543 pr_warn("try deleting index dir or mounting with '-o index=off' to disable inodes index.\n"); 1544 1545 out: 1546 mnt_drop_write(mnt); 1547 return err; 1548 } 1549 1550 static bool ovl_lower_uuid_ok(struct ovl_fs *ofs, const uuid_t *uuid) 1551 { 1552 unsigned int i; 1553 1554 if (!ofs->config.nfs_export && !ovl_upper_mnt(ofs)) 1555 return true; 1556 1557 /* 1558 * We allow using single lower with null uuid for index and nfs_export 1559 * for example to support those features with single lower squashfs. 1560 * To avoid regressions in setups of overlay with re-formatted lower 1561 * squashfs, do not allow decoding origin with lower null uuid unless 1562 * user opted-in to one of the new features that require following the 1563 * lower inode of non-dir upper. 1564 */ 1565 if (!ofs->config.index && !ofs->config.metacopy && !ofs->config.xino && 1566 uuid_is_null(uuid)) 1567 return false; 1568 1569 for (i = 0; i < ofs->numfs; i++) { 1570 /* 1571 * We use uuid to associate an overlay lower file handle with a 1572 * lower layer, so we can accept lower fs with null uuid as long 1573 * as all lower layers with null uuid are on the same fs. 1574 * if we detect multiple lower fs with the same uuid, we 1575 * disable lower file handle decoding on all of them. 1576 */ 1577 if (ofs->fs[i].is_lower && 1578 uuid_equal(&ofs->fs[i].sb->s_uuid, uuid)) { 1579 ofs->fs[i].bad_uuid = true; 1580 return false; 1581 } 1582 } 1583 return true; 1584 } 1585 1586 /* Get a unique fsid for the layer */ 1587 static int ovl_get_fsid(struct ovl_fs *ofs, const struct path *path) 1588 { 1589 struct super_block *sb = path->mnt->mnt_sb; 1590 unsigned int i; 1591 dev_t dev; 1592 int err; 1593 bool bad_uuid = false; 1594 1595 for (i = 0; i < ofs->numfs; i++) { 1596 if (ofs->fs[i].sb == sb) 1597 return i; 1598 } 1599 1600 if (!ovl_lower_uuid_ok(ofs, &sb->s_uuid)) { 1601 bad_uuid = true; 1602 if (ofs->config.index || ofs->config.nfs_export) { 1603 ofs->config.index = false; 1604 ofs->config.nfs_export = false; 1605 pr_warn("%s uuid detected in lower fs '%pd2', falling back to index=off,nfs_export=off.\n", 1606 uuid_is_null(&sb->s_uuid) ? "null" : 1607 "conflicting", 1608 path->dentry); 1609 } 1610 } 1611 1612 err = get_anon_bdev(&dev); 1613 if (err) { 1614 pr_err("failed to get anonymous bdev for lowerpath\n"); 1615 return err; 1616 } 1617 1618 ofs->fs[ofs->numfs].sb = sb; 1619 ofs->fs[ofs->numfs].pseudo_dev = dev; 1620 ofs->fs[ofs->numfs].bad_uuid = bad_uuid; 1621 1622 return ofs->numfs++; 1623 } 1624 1625 static int ovl_get_layers(struct super_block *sb, struct ovl_fs *ofs, 1626 struct path *stack, unsigned int numlower, 1627 struct ovl_layer *layers) 1628 { 1629 int err; 1630 unsigned int i; 1631 1632 err = -ENOMEM; 1633 ofs->fs = kcalloc(numlower + 1, sizeof(struct ovl_sb), GFP_KERNEL); 1634 if (ofs->fs == NULL) 1635 goto out; 1636 1637 /* idx/fsid 0 are reserved for upper fs even with lower only overlay */ 1638 ofs->numfs++; 1639 1640 /* 1641 * All lower layers that share the same fs as upper layer, use the same 1642 * pseudo_dev as upper layer. Allocate fs[0].pseudo_dev even for lower 1643 * only overlay to simplify ovl_fs_free(). 1644 * is_lower will be set if upper fs is shared with a lower layer. 1645 */ 1646 err = get_anon_bdev(&ofs->fs[0].pseudo_dev); 1647 if (err) { 1648 pr_err("failed to get anonymous bdev for upper fs\n"); 1649 goto out; 1650 } 1651 1652 if (ovl_upper_mnt(ofs)) { 1653 ofs->fs[0].sb = ovl_upper_mnt(ofs)->mnt_sb; 1654 ofs->fs[0].is_lower = false; 1655 } 1656 1657 for (i = 0; i < numlower; i++) { 1658 struct vfsmount *mnt; 1659 struct inode *trap; 1660 int fsid; 1661 1662 err = fsid = ovl_get_fsid(ofs, &stack[i]); 1663 if (err < 0) 1664 goto out; 1665 1666 /* 1667 * Check if lower root conflicts with this overlay layers before 1668 * checking if it is in-use as upperdir/workdir of "another" 1669 * mount, because we do not bother to check in ovl_is_inuse() if 1670 * the upperdir/workdir is in fact in-use by our 1671 * upperdir/workdir. 1672 */ 1673 err = ovl_setup_trap(sb, stack[i].dentry, &trap, "lowerdir"); 1674 if (err) 1675 goto out; 1676 1677 if (ovl_is_inuse(stack[i].dentry)) { 1678 err = ovl_report_in_use(ofs, "lowerdir"); 1679 if (err) { 1680 iput(trap); 1681 goto out; 1682 } 1683 } 1684 1685 mnt = clone_private_mount(&stack[i]); 1686 err = PTR_ERR(mnt); 1687 if (IS_ERR(mnt)) { 1688 pr_err("failed to clone lowerpath\n"); 1689 iput(trap); 1690 goto out; 1691 } 1692 1693 /* 1694 * Make lower layers R/O. That way fchmod/fchown on lower file 1695 * will fail instead of modifying lower fs. 1696 */ 1697 mnt->mnt_flags |= MNT_READONLY | MNT_NOATIME; 1698 1699 layers[ofs->numlayer].trap = trap; 1700 layers[ofs->numlayer].mnt = mnt; 1701 layers[ofs->numlayer].idx = ofs->numlayer; 1702 layers[ofs->numlayer].fsid = fsid; 1703 layers[ofs->numlayer].fs = &ofs->fs[fsid]; 1704 ofs->numlayer++; 1705 ofs->fs[fsid].is_lower = true; 1706 } 1707 1708 /* 1709 * When all layers on same fs, overlay can use real inode numbers. 1710 * With mount option "xino=<on|auto>", mounter declares that there are 1711 * enough free high bits in underlying fs to hold the unique fsid. 1712 * If overlayfs does encounter underlying inodes using the high xino 1713 * bits reserved for fsid, it emits a warning and uses the original 1714 * inode number or a non persistent inode number allocated from a 1715 * dedicated range. 1716 */ 1717 if (ofs->numfs - !ovl_upper_mnt(ofs) == 1) { 1718 if (ofs->config.xino == OVL_XINO_ON) 1719 pr_info("\"xino=on\" is useless with all layers on same fs, ignore.\n"); 1720 ofs->xino_mode = 0; 1721 } else if (ofs->config.xino == OVL_XINO_OFF) { 1722 ofs->xino_mode = -1; 1723 } else if (ofs->xino_mode < 0) { 1724 /* 1725 * This is a roundup of number of bits needed for encoding 1726 * fsid, where fsid 0 is reserved for upper fs (even with 1727 * lower only overlay) +1 extra bit is reserved for the non 1728 * persistent inode number range that is used for resolving 1729 * xino lower bits overflow. 1730 */ 1731 BUILD_BUG_ON(ilog2(OVL_MAX_STACK) > 30); 1732 ofs->xino_mode = ilog2(ofs->numfs - 1) + 2; 1733 } 1734 1735 if (ofs->xino_mode > 0) { 1736 pr_info("\"xino\" feature enabled using %d upper inode bits.\n", 1737 ofs->xino_mode); 1738 } 1739 1740 err = 0; 1741 out: 1742 return err; 1743 } 1744 1745 static struct ovl_entry *ovl_get_lowerstack(struct super_block *sb, 1746 const char *lower, unsigned int numlower, 1747 struct ovl_fs *ofs, struct ovl_layer *layers) 1748 { 1749 int err; 1750 struct path *stack = NULL; 1751 unsigned int i; 1752 struct ovl_entry *oe; 1753 1754 if (!ofs->config.upperdir && numlower == 1) { 1755 pr_err("at least 2 lowerdir are needed while upperdir nonexistent\n"); 1756 return ERR_PTR(-EINVAL); 1757 } 1758 1759 stack = kcalloc(numlower, sizeof(struct path), GFP_KERNEL); 1760 if (!stack) 1761 return ERR_PTR(-ENOMEM); 1762 1763 err = -EINVAL; 1764 for (i = 0; i < numlower; i++) { 1765 err = ovl_lower_dir(lower, &stack[i], ofs, &sb->s_stack_depth); 1766 if (err) 1767 goto out_err; 1768 1769 lower = strchr(lower, '\0') + 1; 1770 } 1771 1772 err = -EINVAL; 1773 sb->s_stack_depth++; 1774 if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) { 1775 pr_err("maximum fs stacking depth exceeded\n"); 1776 goto out_err; 1777 } 1778 1779 err = ovl_get_layers(sb, ofs, stack, numlower, layers); 1780 if (err) 1781 goto out_err; 1782 1783 err = -ENOMEM; 1784 oe = ovl_alloc_entry(numlower); 1785 if (!oe) 1786 goto out_err; 1787 1788 for (i = 0; i < numlower; i++) { 1789 oe->lowerstack[i].dentry = dget(stack[i].dentry); 1790 oe->lowerstack[i].layer = &ofs->layers[i+1]; 1791 } 1792 1793 out: 1794 for (i = 0; i < numlower; i++) 1795 path_put(&stack[i]); 1796 kfree(stack); 1797 1798 return oe; 1799 1800 out_err: 1801 oe = ERR_PTR(err); 1802 goto out; 1803 } 1804 1805 /* 1806 * Check if this layer root is a descendant of: 1807 * - another layer of this overlayfs instance 1808 * - upper/work dir of any overlayfs instance 1809 */ 1810 static int ovl_check_layer(struct super_block *sb, struct ovl_fs *ofs, 1811 struct dentry *dentry, const char *name) 1812 { 1813 struct dentry *next = dentry, *parent; 1814 int err = 0; 1815 1816 if (!dentry) 1817 return 0; 1818 1819 parent = dget_parent(next); 1820 1821 /* Walk back ancestors to root (inclusive) looking for traps */ 1822 while (!err && parent != next) { 1823 if (ovl_lookup_trap_inode(sb, parent)) { 1824 err = -ELOOP; 1825 pr_err("overlapping %s path\n", name); 1826 } else if (ovl_is_inuse(parent)) { 1827 err = ovl_report_in_use(ofs, name); 1828 } 1829 next = parent; 1830 parent = dget_parent(next); 1831 dput(next); 1832 } 1833 1834 dput(parent); 1835 1836 return err; 1837 } 1838 1839 /* 1840 * Check if any of the layers or work dirs overlap. 1841 */ 1842 static int ovl_check_overlapping_layers(struct super_block *sb, 1843 struct ovl_fs *ofs) 1844 { 1845 int i, err; 1846 1847 if (ovl_upper_mnt(ofs)) { 1848 err = ovl_check_layer(sb, ofs, ovl_upper_mnt(ofs)->mnt_root, 1849 "upperdir"); 1850 if (err) 1851 return err; 1852 1853 /* 1854 * Checking workbasedir avoids hitting ovl_is_inuse(parent) of 1855 * this instance and covers overlapping work and index dirs, 1856 * unless work or index dir have been moved since created inside 1857 * workbasedir. In that case, we already have their traps in 1858 * inode cache and we will catch that case on lookup. 1859 */ 1860 err = ovl_check_layer(sb, ofs, ofs->workbasedir, "workdir"); 1861 if (err) 1862 return err; 1863 } 1864 1865 for (i = 1; i < ofs->numlayer; i++) { 1866 err = ovl_check_layer(sb, ofs, 1867 ofs->layers[i].mnt->mnt_root, 1868 "lowerdir"); 1869 if (err) 1870 return err; 1871 } 1872 1873 return 0; 1874 } 1875 1876 static struct dentry *ovl_get_root(struct super_block *sb, 1877 struct dentry *upperdentry, 1878 struct ovl_entry *oe) 1879 { 1880 struct dentry *root; 1881 struct ovl_path *lowerpath = &oe->lowerstack[0]; 1882 unsigned long ino = d_inode(lowerpath->dentry)->i_ino; 1883 int fsid = lowerpath->layer->fsid; 1884 struct ovl_inode_params oip = { 1885 .upperdentry = upperdentry, 1886 .lowerpath = lowerpath, 1887 }; 1888 1889 root = d_make_root(ovl_new_inode(sb, S_IFDIR, 0)); 1890 if (!root) 1891 return NULL; 1892 1893 root->d_fsdata = oe; 1894 1895 if (upperdentry) { 1896 /* Root inode uses upper st_ino/i_ino */ 1897 ino = d_inode(upperdentry)->i_ino; 1898 fsid = 0; 1899 ovl_dentry_set_upper_alias(root); 1900 if (ovl_is_impuredir(sb, upperdentry)) 1901 ovl_set_flag(OVL_IMPURE, d_inode(root)); 1902 } 1903 1904 /* Root is always merge -> can have whiteouts */ 1905 ovl_set_flag(OVL_WHITEOUTS, d_inode(root)); 1906 ovl_dentry_set_flag(OVL_E_CONNECTED, root); 1907 ovl_set_upperdata(d_inode(root)); 1908 ovl_inode_init(d_inode(root), &oip, ino, fsid); 1909 ovl_dentry_update_reval(root, upperdentry, DCACHE_OP_WEAK_REVALIDATE); 1910 1911 return root; 1912 } 1913 1914 static int ovl_fill_super(struct super_block *sb, void *data, int silent) 1915 { 1916 struct path upperpath = { }; 1917 struct dentry *root_dentry; 1918 struct ovl_entry *oe; 1919 struct ovl_fs *ofs; 1920 struct ovl_layer *layers; 1921 struct cred *cred; 1922 char *splitlower = NULL; 1923 unsigned int numlower; 1924 int err; 1925 1926 sb->s_d_op = &ovl_dentry_operations; 1927 1928 err = -ENOMEM; 1929 ofs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL); 1930 if (!ofs) 1931 goto out; 1932 1933 ofs->creator_cred = cred = prepare_creds(); 1934 if (!cred) 1935 goto out_err; 1936 1937 /* Is there a reason anyone would want not to share whiteouts? */ 1938 ofs->share_whiteout = true; 1939 1940 ofs->config.index = ovl_index_def; 1941 ofs->config.uuid = true; 1942 ofs->config.nfs_export = ovl_nfs_export_def; 1943 ofs->config.xino = ovl_xino_def(); 1944 ofs->config.metacopy = ovl_metacopy_def; 1945 err = ovl_parse_opt((char *) data, &ofs->config); 1946 if (err) 1947 goto out_err; 1948 1949 err = -EINVAL; 1950 if (!ofs->config.lowerdir) { 1951 if (!silent) 1952 pr_err("missing 'lowerdir'\n"); 1953 goto out_err; 1954 } 1955 1956 err = -ENOMEM; 1957 splitlower = kstrdup(ofs->config.lowerdir, GFP_KERNEL); 1958 if (!splitlower) 1959 goto out_err; 1960 1961 numlower = ovl_split_lowerdirs(splitlower); 1962 if (numlower > OVL_MAX_STACK) { 1963 pr_err("too many lower directories, limit is %d\n", 1964 OVL_MAX_STACK); 1965 goto out_err; 1966 } 1967 1968 layers = kcalloc(numlower + 1, sizeof(struct ovl_layer), GFP_KERNEL); 1969 if (!layers) 1970 goto out_err; 1971 1972 ofs->layers = layers; 1973 /* Layer 0 is reserved for upper even if there's no upper */ 1974 ofs->numlayer = 1; 1975 1976 sb->s_stack_depth = 0; 1977 sb->s_maxbytes = MAX_LFS_FILESIZE; 1978 atomic_long_set(&ofs->last_ino, 1); 1979 /* Assume underlaying fs uses 32bit inodes unless proven otherwise */ 1980 if (ofs->config.xino != OVL_XINO_OFF) { 1981 ofs->xino_mode = BITS_PER_LONG - 32; 1982 if (!ofs->xino_mode) { 1983 pr_warn("xino not supported on 32bit kernel, falling back to xino=off.\n"); 1984 ofs->config.xino = OVL_XINO_OFF; 1985 } 1986 } 1987 1988 /* alloc/destroy_inode needed for setting up traps in inode cache */ 1989 sb->s_op = &ovl_super_operations; 1990 1991 if (ofs->config.upperdir) { 1992 if (!ofs->config.workdir) { 1993 pr_err("missing 'workdir'\n"); 1994 goto out_err; 1995 } 1996 1997 err = ovl_get_upper(sb, ofs, &layers[0], &upperpath); 1998 if (err) 1999 goto out_err; 2000 2001 err = ovl_get_workdir(sb, ofs, &upperpath); 2002 if (err) 2003 goto out_err; 2004 2005 if (!ofs->workdir) 2006 sb->s_flags |= SB_RDONLY; 2007 2008 sb->s_stack_depth = ovl_upper_mnt(ofs)->mnt_sb->s_stack_depth; 2009 sb->s_time_gran = ovl_upper_mnt(ofs)->mnt_sb->s_time_gran; 2010 2011 } 2012 oe = ovl_get_lowerstack(sb, splitlower, numlower, ofs, layers); 2013 err = PTR_ERR(oe); 2014 if (IS_ERR(oe)) 2015 goto out_err; 2016 2017 /* If the upper fs is nonexistent, we mark overlayfs r/o too */ 2018 if (!ovl_upper_mnt(ofs)) 2019 sb->s_flags |= SB_RDONLY; 2020 2021 if (!ofs->config.uuid && ofs->numfs > 1) { 2022 pr_warn("The uuid=off requires a single fs for lower and upper, falling back to uuid=on.\n"); 2023 ofs->config.uuid = true; 2024 } 2025 2026 if (!ovl_force_readonly(ofs) && ofs->config.index) { 2027 err = ovl_get_indexdir(sb, ofs, oe, &upperpath); 2028 if (err) 2029 goto out_free_oe; 2030 2031 /* Force r/o mount with no index dir */ 2032 if (!ofs->indexdir) 2033 sb->s_flags |= SB_RDONLY; 2034 } 2035 2036 err = ovl_check_overlapping_layers(sb, ofs); 2037 if (err) 2038 goto out_free_oe; 2039 2040 /* Show index=off in /proc/mounts for forced r/o mount */ 2041 if (!ofs->indexdir) { 2042 ofs->config.index = false; 2043 if (ovl_upper_mnt(ofs) && ofs->config.nfs_export) { 2044 pr_warn("NFS export requires an index dir, falling back to nfs_export=off.\n"); 2045 ofs->config.nfs_export = false; 2046 } 2047 } 2048 2049 if (ofs->config.metacopy && ofs->config.nfs_export) { 2050 pr_warn("NFS export is not supported with metadata only copy up, falling back to nfs_export=off.\n"); 2051 ofs->config.nfs_export = false; 2052 } 2053 2054 if (ofs->config.nfs_export) 2055 sb->s_export_op = &ovl_export_operations; 2056 2057 /* Never override disk quota limits or use reserved space */ 2058 cap_lower(cred->cap_effective, CAP_SYS_RESOURCE); 2059 2060 sb->s_magic = OVERLAYFS_SUPER_MAGIC; 2061 sb->s_xattr = ofs->config.userxattr ? ovl_user_xattr_handlers : 2062 ovl_trusted_xattr_handlers; 2063 sb->s_fs_info = ofs; 2064 sb->s_flags |= SB_POSIXACL; 2065 sb->s_iflags |= SB_I_SKIP_SYNC; 2066 2067 err = -ENOMEM; 2068 root_dentry = ovl_get_root(sb, upperpath.dentry, oe); 2069 if (!root_dentry) 2070 goto out_free_oe; 2071 2072 mntput(upperpath.mnt); 2073 kfree(splitlower); 2074 2075 sb->s_root = root_dentry; 2076 2077 return 0; 2078 2079 out_free_oe: 2080 ovl_entry_stack_free(oe); 2081 kfree(oe); 2082 out_err: 2083 kfree(splitlower); 2084 path_put(&upperpath); 2085 ovl_free_fs(ofs); 2086 out: 2087 return err; 2088 } 2089 2090 static struct dentry *ovl_mount(struct file_system_type *fs_type, int flags, 2091 const char *dev_name, void *raw_data) 2092 { 2093 return mount_nodev(fs_type, flags, raw_data, ovl_fill_super); 2094 } 2095 2096 static struct file_system_type ovl_fs_type = { 2097 .owner = THIS_MODULE, 2098 .name = "overlay", 2099 .fs_flags = FS_USERNS_MOUNT, 2100 .mount = ovl_mount, 2101 .kill_sb = kill_anon_super, 2102 }; 2103 MODULE_ALIAS_FS("overlay"); 2104 2105 static void ovl_inode_init_once(void *foo) 2106 { 2107 struct ovl_inode *oi = foo; 2108 2109 inode_init_once(&oi->vfs_inode); 2110 } 2111 2112 static int __init ovl_init(void) 2113 { 2114 int err; 2115 2116 ovl_inode_cachep = kmem_cache_create("ovl_inode", 2117 sizeof(struct ovl_inode), 0, 2118 (SLAB_RECLAIM_ACCOUNT| 2119 SLAB_MEM_SPREAD|SLAB_ACCOUNT), 2120 ovl_inode_init_once); 2121 if (ovl_inode_cachep == NULL) 2122 return -ENOMEM; 2123 2124 err = ovl_aio_request_cache_init(); 2125 if (!err) { 2126 err = register_filesystem(&ovl_fs_type); 2127 if (!err) 2128 return 0; 2129 2130 ovl_aio_request_cache_destroy(); 2131 } 2132 kmem_cache_destroy(ovl_inode_cachep); 2133 2134 return err; 2135 } 2136 2137 static void __exit ovl_exit(void) 2138 { 2139 unregister_filesystem(&ovl_fs_type); 2140 2141 /* 2142 * Make sure all delayed rcu free inodes are flushed before we 2143 * destroy cache. 2144 */ 2145 rcu_barrier(); 2146 kmem_cache_destroy(ovl_inode_cachep); 2147 ovl_aio_request_cache_destroy(); 2148 } 2149 2150 module_init(ovl_init); 2151 module_exit(ovl_exit); 2152