1d2912cb1SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-only 2bbb1e54dSMiklos Szeredi /* 3bbb1e54dSMiklos Szeredi * Copyright (C) 2011 Novell Inc. 4bbb1e54dSMiklos Szeredi * Copyright (C) 2016 Red Hat, Inc. 5bbb1e54dSMiklos Szeredi */ 6bbb1e54dSMiklos Szeredi 7bbb1e54dSMiklos Szeredi #include <linux/fs.h> 8bbb1e54dSMiklos Szeredi #include <linux/mount.h> 9bbb1e54dSMiklos Szeredi #include <linux/slab.h> 105b825c3aSIngo Molnar #include <linux/cred.h> 11bbb1e54dSMiklos Szeredi #include <linux/xattr.h> 1202bcd157SAmir Goldstein #include <linux/exportfs.h> 13184996e9SAlexander Larsson #include <linux/file.h> 14096a218aSAmir Goldstein #include <linux/fileattr.h> 1502bcd157SAmir Goldstein #include <linux/uuid.h> 16caf70cb2SAmir Goldstein #include <linux/namei.h> 17caf70cb2SAmir Goldstein #include <linux/ratelimit.h> 18bbb1e54dSMiklos Szeredi #include "overlayfs.h" 19bbb1e54dSMiklos Szeredi 20bbb1e54dSMiklos Szeredi int ovl_want_write(struct dentry *dentry) 21bbb1e54dSMiklos Szeredi { 22bbb1e54dSMiklos Szeredi struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 2308f4c7c8SMiklos Szeredi return mnt_want_write(ovl_upper_mnt(ofs)); 24bbb1e54dSMiklos Szeredi } 25bbb1e54dSMiklos Szeredi 26bbb1e54dSMiklos Szeredi void ovl_drop_write(struct dentry *dentry) 27bbb1e54dSMiklos Szeredi { 28bbb1e54dSMiklos Szeredi struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 2908f4c7c8SMiklos Szeredi mnt_drop_write(ovl_upper_mnt(ofs)); 30bbb1e54dSMiklos Szeredi } 31bbb1e54dSMiklos Szeredi 32bbb1e54dSMiklos Szeredi struct dentry *ovl_workdir(struct dentry *dentry) 33bbb1e54dSMiklos Szeredi { 34bbb1e54dSMiklos Szeredi struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 35bbb1e54dSMiklos Szeredi return ofs->workdir; 36bbb1e54dSMiklos Szeredi } 37bbb1e54dSMiklos Szeredi 38bbb1e54dSMiklos Szeredi const struct cred *ovl_override_creds(struct super_block *sb) 39bbb1e54dSMiklos Szeredi { 40bbb1e54dSMiklos Szeredi struct ovl_fs *ofs = sb->s_fs_info; 41bbb1e54dSMiklos Szeredi 42bbb1e54dSMiklos Szeredi return override_creds(ofs->creator_cred); 43bbb1e54dSMiklos Szeredi } 44bbb1e54dSMiklos Szeredi 45e487d889SAmir Goldstein /* 46e487d889SAmir Goldstein * Check if underlying fs supports file handles and try to determine encoding 47e487d889SAmir Goldstein * type, in order to deduce maximum inode number used by fs. 48e487d889SAmir Goldstein * 49e487d889SAmir Goldstein * Return 0 if file handles are not supported. 50e487d889SAmir Goldstein * Return 1 (FILEID_INO32_GEN) if fs uses the default 32bit inode encoding. 51e487d889SAmir Goldstein * Return -1 if fs uses a non default encoding with unknown inode size. 52e487d889SAmir Goldstein */ 53e487d889SAmir Goldstein int ovl_can_decode_fh(struct super_block *sb) 5402bcd157SAmir Goldstein { 55c846af05SMiklos Szeredi if (!capable(CAP_DAC_READ_SEARCH)) 56c846af05SMiklos Szeredi return 0; 57c846af05SMiklos Szeredi 589df085f3SAmir Goldstein if (!sb->s_export_op || !sb->s_export_op->fh_to_dentry) 59e487d889SAmir Goldstein return 0; 60e487d889SAmir Goldstein 61e487d889SAmir Goldstein return sb->s_export_op->encode_fh ? -1 : FILEID_INO32_GEN; 6202bcd157SAmir Goldstein } 6302bcd157SAmir Goldstein 6402bcd157SAmir Goldstein struct dentry *ovl_indexdir(struct super_block *sb) 6502bcd157SAmir Goldstein { 6602bcd157SAmir Goldstein struct ovl_fs *ofs = sb->s_fs_info; 6702bcd157SAmir Goldstein 6802bcd157SAmir Goldstein return ofs->indexdir; 6902bcd157SAmir Goldstein } 7002bcd157SAmir Goldstein 71f168f109SAmir Goldstein /* Index all files on copy up. For now only enabled for NFS export */ 72f168f109SAmir Goldstein bool ovl_index_all(struct super_block *sb) 73f168f109SAmir Goldstein { 74f168f109SAmir Goldstein struct ovl_fs *ofs = sb->s_fs_info; 75f168f109SAmir Goldstein 76f168f109SAmir Goldstein return ofs->config.nfs_export && ofs->config.index; 77f168f109SAmir Goldstein } 78f168f109SAmir Goldstein 79f168f109SAmir Goldstein /* Verify lower origin on lookup. For now only enabled for NFS export */ 80f168f109SAmir Goldstein bool ovl_verify_lower(struct super_block *sb) 81f168f109SAmir Goldstein { 82f168f109SAmir Goldstein struct ovl_fs *ofs = sb->s_fs_info; 83f168f109SAmir Goldstein 84f168f109SAmir Goldstein return ofs->config.nfs_export && ofs->config.index; 85f168f109SAmir Goldstein } 86f168f109SAmir Goldstein 87163db0daSAmir Goldstein struct ovl_path *ovl_stack_alloc(unsigned int n) 88163db0daSAmir Goldstein { 89163db0daSAmir Goldstein return kcalloc(n, sizeof(struct ovl_path), GFP_KERNEL); 90163db0daSAmir Goldstein } 91163db0daSAmir Goldstein 92163db0daSAmir Goldstein void ovl_stack_cpy(struct ovl_path *dst, struct ovl_path *src, unsigned int n) 93163db0daSAmir Goldstein { 94163db0daSAmir Goldstein unsigned int i; 95163db0daSAmir Goldstein 96163db0daSAmir Goldstein memcpy(dst, src, sizeof(struct ovl_path) * n); 97163db0daSAmir Goldstein for (i = 0; i < n; i++) 98163db0daSAmir Goldstein dget(src[i].dentry); 99163db0daSAmir Goldstein } 100163db0daSAmir Goldstein 101163db0daSAmir Goldstein void ovl_stack_put(struct ovl_path *stack, unsigned int n) 102163db0daSAmir Goldstein { 103163db0daSAmir Goldstein unsigned int i; 104163db0daSAmir Goldstein 105163db0daSAmir Goldstein for (i = 0; stack && i < n; i++) 106163db0daSAmir Goldstein dput(stack[i].dentry); 107163db0daSAmir Goldstein } 108163db0daSAmir Goldstein 109163db0daSAmir Goldstein void ovl_stack_free(struct ovl_path *stack, unsigned int n) 110163db0daSAmir Goldstein { 111163db0daSAmir Goldstein ovl_stack_put(stack, n); 112163db0daSAmir Goldstein kfree(stack); 113163db0daSAmir Goldstein } 114163db0daSAmir Goldstein 115bbb1e54dSMiklos Szeredi struct ovl_entry *ovl_alloc_entry(unsigned int numlower) 116bbb1e54dSMiklos Szeredi { 1175522c9c7SAmir Goldstein size_t size = offsetof(struct ovl_entry, __lowerstack[numlower]); 118bbb1e54dSMiklos Szeredi struct ovl_entry *oe = kzalloc(size, GFP_KERNEL); 119bbb1e54dSMiklos Szeredi 120bbb1e54dSMiklos Szeredi if (oe) 1215522c9c7SAmir Goldstein oe->__numlower = numlower; 122bbb1e54dSMiklos Szeredi 123bbb1e54dSMiklos Szeredi return oe; 124bbb1e54dSMiklos Szeredi } 125bbb1e54dSMiklos Szeredi 126163db0daSAmir Goldstein void ovl_free_entry(struct ovl_entry *oe) 127163db0daSAmir Goldstein { 128163db0daSAmir Goldstein ovl_stack_put(ovl_lowerstack(oe), ovl_numlower(oe)); 129163db0daSAmir Goldstein kfree(oe); 130163db0daSAmir Goldstein } 131163db0daSAmir Goldstein 132b07d5cc9SAmir Goldstein #define OVL_D_REVALIDATE (DCACHE_OP_REVALIDATE | DCACHE_OP_WEAK_REVALIDATE) 133b07d5cc9SAmir Goldstein 134bbb1e54dSMiklos Szeredi bool ovl_dentry_remote(struct dentry *dentry) 135bbb1e54dSMiklos Szeredi { 136b07d5cc9SAmir Goldstein return dentry->d_flags & OVL_D_REVALIDATE; 137bbb1e54dSMiklos Szeredi } 138bbb1e54dSMiklos Szeredi 139b07d5cc9SAmir Goldstein void ovl_dentry_update_reval(struct dentry *dentry, struct dentry *realdentry) 140b07d5cc9SAmir Goldstein { 141b07d5cc9SAmir Goldstein if (!ovl_dentry_remote(realdentry)) 142b07d5cc9SAmir Goldstein return; 143b07d5cc9SAmir Goldstein 144b07d5cc9SAmir Goldstein spin_lock(&dentry->d_lock); 145b07d5cc9SAmir Goldstein dentry->d_flags |= realdentry->d_flags & OVL_D_REVALIDATE; 146b07d5cc9SAmir Goldstein spin_unlock(&dentry->d_lock); 147b07d5cc9SAmir Goldstein } 148b07d5cc9SAmir Goldstein 1490af950f5SAmir Goldstein void ovl_dentry_init_reval(struct dentry *dentry, struct dentry *upperdentry, 1500af950f5SAmir Goldstein struct ovl_entry *oe) 151b07d5cc9SAmir Goldstein { 1520af950f5SAmir Goldstein return ovl_dentry_init_flags(dentry, upperdentry, oe, OVL_D_REVALIDATE); 153b07d5cc9SAmir Goldstein } 154b07d5cc9SAmir Goldstein 155b07d5cc9SAmir Goldstein void ovl_dentry_init_flags(struct dentry *dentry, struct dentry *upperdentry, 1560af950f5SAmir Goldstein struct ovl_entry *oe, unsigned int mask) 157f4288844SMiklos Szeredi { 1585522c9c7SAmir Goldstein struct ovl_path *lowerstack = ovl_lowerstack(oe); 159f4288844SMiklos Szeredi unsigned int i, flags = 0; 160f4288844SMiklos Szeredi 161bccece1eSMiklos Szeredi if (upperdentry) 162bccece1eSMiklos Szeredi flags |= upperdentry->d_flags; 16341665644SAmir Goldstein for (i = 0; i < ovl_numlower(oe) && lowerstack[i].dentry; i++) 1645522c9c7SAmir Goldstein flags |= lowerstack[i].dentry->d_flags; 165f4288844SMiklos Szeredi 166f4288844SMiklos Szeredi spin_lock(&dentry->d_lock); 167f4288844SMiklos Szeredi dentry->d_flags &= ~mask; 168f4288844SMiklos Szeredi dentry->d_flags |= flags & mask; 169f4288844SMiklos Szeredi spin_unlock(&dentry->d_lock); 170f4288844SMiklos Szeredi } 171f4288844SMiklos Szeredi 172bbb1e54dSMiklos Szeredi bool ovl_dentry_weird(struct dentry *dentry) 173bbb1e54dSMiklos Szeredi { 174bbb1e54dSMiklos Szeredi return dentry->d_flags & (DCACHE_NEED_AUTOMOUNT | 175bbb1e54dSMiklos Szeredi DCACHE_MANAGE_TRANSIT | 176bbb1e54dSMiklos Szeredi DCACHE_OP_HASH | 177bbb1e54dSMiklos Szeredi DCACHE_OP_COMPARE); 178bbb1e54dSMiklos Szeredi } 179bbb1e54dSMiklos Szeredi 180bbb1e54dSMiklos Szeredi enum ovl_path_type ovl_path_type(struct dentry *dentry) 181bbb1e54dSMiklos Szeredi { 182a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 183bbb1e54dSMiklos Szeredi enum ovl_path_type type = 0; 184bbb1e54dSMiklos Szeredi 18509d8b586SMiklos Szeredi if (ovl_dentry_upper(dentry)) { 186bbb1e54dSMiklos Szeredi type = __OVL_PATH_UPPER; 187bbb1e54dSMiklos Szeredi 188bbb1e54dSMiklos Szeredi /* 18959548503SAmir Goldstein * Non-dir dentry can hold lower dentry of its copy up origin. 190bbb1e54dSMiklos Szeredi */ 1915522c9c7SAmir Goldstein if (ovl_numlower(oe)) { 19260124877SVivek Goyal if (ovl_test_flag(OVL_CONST_INO, d_inode(dentry))) 19359548503SAmir Goldstein type |= __OVL_PATH_ORIGIN; 1940b17c28aSVivek Goyal if (d_is_dir(dentry) || 1950b17c28aSVivek Goyal !ovl_has_upperdata(d_inode(dentry))) 196bbb1e54dSMiklos Szeredi type |= __OVL_PATH_MERGE; 19759548503SAmir Goldstein } 198bbb1e54dSMiklos Szeredi } else { 1995522c9c7SAmir Goldstein if (ovl_numlower(oe) > 1) 200bbb1e54dSMiklos Szeredi type |= __OVL_PATH_MERGE; 201bbb1e54dSMiklos Szeredi } 202bbb1e54dSMiklos Szeredi return type; 203bbb1e54dSMiklos Szeredi } 204bbb1e54dSMiklos Szeredi 205bbb1e54dSMiklos Szeredi void ovl_path_upper(struct dentry *dentry, struct path *path) 206bbb1e54dSMiklos Szeredi { 207bbb1e54dSMiklos Szeredi struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 208bbb1e54dSMiklos Szeredi 20908f4c7c8SMiklos Szeredi path->mnt = ovl_upper_mnt(ofs); 21009d8b586SMiklos Szeredi path->dentry = ovl_dentry_upper(dentry); 211bbb1e54dSMiklos Szeredi } 212bbb1e54dSMiklos Szeredi 213bbb1e54dSMiklos Szeredi void ovl_path_lower(struct dentry *dentry, struct path *path) 214bbb1e54dSMiklos Szeredi { 215a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 2165522c9c7SAmir Goldstein struct ovl_path *lowerpath = ovl_lowerstack(oe); 217bbb1e54dSMiklos Szeredi 2185522c9c7SAmir Goldstein if (ovl_numlower(oe)) { 2195522c9c7SAmir Goldstein path->mnt = lowerpath->layer->mnt; 2205522c9c7SAmir Goldstein path->dentry = lowerpath->dentry; 221b9343632SChandan Rajendra } else { 222b9343632SChandan Rajendra *path = (struct path) { }; 223b9343632SChandan Rajendra } 224bbb1e54dSMiklos Szeredi } 225bbb1e54dSMiklos Szeredi 2264f93b426SVivek Goyal void ovl_path_lowerdata(struct dentry *dentry, struct path *path) 2274f93b426SVivek Goyal { 228a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 229ab1eb5ffSAmir Goldstein struct ovl_path *lowerdata = ovl_lowerdata(oe); 2302b21da92SAmir Goldstein struct dentry *lowerdata_dentry = ovl_lowerdata_dentry(oe); 2314f93b426SVivek Goyal 2322b21da92SAmir Goldstein if (lowerdata_dentry) { 2332b21da92SAmir Goldstein path->dentry = lowerdata_dentry; 23442dd69aeSAmir Goldstein /* 23542dd69aeSAmir Goldstein * Pairs with smp_wmb() in ovl_dentry_set_lowerdata(). 23642dd69aeSAmir Goldstein * Make sure that if lowerdata->dentry is visible, then 23742dd69aeSAmir Goldstein * datapath->layer is visible as well. 23842dd69aeSAmir Goldstein */ 23942dd69aeSAmir Goldstein smp_rmb(); 24042dd69aeSAmir Goldstein path->mnt = READ_ONCE(lowerdata->layer)->mnt; 2414f93b426SVivek Goyal } else { 2424f93b426SVivek Goyal *path = (struct path) { }; 2434f93b426SVivek Goyal } 2444f93b426SVivek Goyal } 2454f93b426SVivek Goyal 246bbb1e54dSMiklos Szeredi enum ovl_path_type ovl_path_real(struct dentry *dentry, struct path *path) 247bbb1e54dSMiklos Szeredi { 248bbb1e54dSMiklos Szeredi enum ovl_path_type type = ovl_path_type(dentry); 249bbb1e54dSMiklos Szeredi 250bbb1e54dSMiklos Szeredi if (!OVL_TYPE_UPPER(type)) 251bbb1e54dSMiklos Szeredi ovl_path_lower(dentry, path); 252bbb1e54dSMiklos Szeredi else 253bbb1e54dSMiklos Szeredi ovl_path_upper(dentry, path); 254bbb1e54dSMiklos Szeredi 255bbb1e54dSMiklos Szeredi return type; 256bbb1e54dSMiklos Szeredi } 257bbb1e54dSMiklos Szeredi 2581248ea4bSAmir Goldstein enum ovl_path_type ovl_path_realdata(struct dentry *dentry, struct path *path) 2591248ea4bSAmir Goldstein { 2601248ea4bSAmir Goldstein enum ovl_path_type type = ovl_path_type(dentry); 2611248ea4bSAmir Goldstein 2621248ea4bSAmir Goldstein WARN_ON_ONCE(d_is_dir(dentry)); 2631248ea4bSAmir Goldstein 2641248ea4bSAmir Goldstein if (!OVL_TYPE_UPPER(type) || OVL_TYPE_MERGE(type)) 2651248ea4bSAmir Goldstein ovl_path_lowerdata(dentry, path); 2661248ea4bSAmir Goldstein else 2671248ea4bSAmir Goldstein ovl_path_upper(dentry, path); 2681248ea4bSAmir Goldstein 2691248ea4bSAmir Goldstein return type; 2701248ea4bSAmir Goldstein } 2711248ea4bSAmir Goldstein 272bbb1e54dSMiklos Szeredi struct dentry *ovl_dentry_upper(struct dentry *dentry) 273bbb1e54dSMiklos Szeredi { 27409d8b586SMiklos Szeredi return ovl_upperdentry_dereference(OVL_I(d_inode(dentry))); 275bbb1e54dSMiklos Szeredi } 276bbb1e54dSMiklos Szeredi 277bbb1e54dSMiklos Szeredi struct dentry *ovl_dentry_lower(struct dentry *dentry) 278bbb1e54dSMiklos Szeredi { 279a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 280bbb1e54dSMiklos Szeredi 2815522c9c7SAmir Goldstein return ovl_numlower(oe) ? ovl_lowerstack(oe)->dentry : NULL; 282bbb1e54dSMiklos Szeredi } 283bbb1e54dSMiklos Szeredi 28413464165SMiklos Szeredi const struct ovl_layer *ovl_layer_lower(struct dentry *dentry) 285da309e8cSAmir Goldstein { 286a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 287da309e8cSAmir Goldstein 2885522c9c7SAmir Goldstein return ovl_numlower(oe) ? ovl_lowerstack(oe)->layer : NULL; 289da309e8cSAmir Goldstein } 290da309e8cSAmir Goldstein 291647d253fSVivek Goyal /* 292647d253fSVivek Goyal * ovl_dentry_lower() could return either a data dentry or metacopy dentry 293597534e7SXiong Zhenwu * depending on what is stored in lowerstack[0]. At times we need to find 294647d253fSVivek Goyal * lower dentry which has data (and not metacopy dentry). This helper 295647d253fSVivek Goyal * returns the lower data dentry. 296647d253fSVivek Goyal */ 297647d253fSVivek Goyal struct dentry *ovl_dentry_lowerdata(struct dentry *dentry) 298647d253fSVivek Goyal { 299ab1eb5ffSAmir Goldstein return ovl_lowerdata_dentry(OVL_E(dentry)); 300647d253fSVivek Goyal } 301647d253fSVivek Goyal 30242dd69aeSAmir Goldstein int ovl_dentry_set_lowerdata(struct dentry *dentry, struct ovl_path *datapath) 30342dd69aeSAmir Goldstein { 30442dd69aeSAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 30542dd69aeSAmir Goldstein struct ovl_path *lowerdata = ovl_lowerdata(oe); 30642dd69aeSAmir Goldstein struct dentry *datadentry = datapath->dentry; 30742dd69aeSAmir Goldstein 30842dd69aeSAmir Goldstein if (WARN_ON_ONCE(ovl_numlower(oe) <= 1)) 30942dd69aeSAmir Goldstein return -EIO; 31042dd69aeSAmir Goldstein 31142dd69aeSAmir Goldstein WRITE_ONCE(lowerdata->layer, datapath->layer); 31242dd69aeSAmir Goldstein /* 31342dd69aeSAmir Goldstein * Pairs with smp_rmb() in ovl_path_lowerdata(). 31442dd69aeSAmir Goldstein * Make sure that if lowerdata->dentry is visible, then 31542dd69aeSAmir Goldstein * lowerdata->layer is visible as well. 31642dd69aeSAmir Goldstein */ 31742dd69aeSAmir Goldstein smp_wmb(); 31842dd69aeSAmir Goldstein WRITE_ONCE(lowerdata->dentry, dget(datadentry)); 31942dd69aeSAmir Goldstein 32042dd69aeSAmir Goldstein ovl_dentry_update_reval(dentry, datadentry); 32142dd69aeSAmir Goldstein 32242dd69aeSAmir Goldstein return 0; 32342dd69aeSAmir Goldstein } 32442dd69aeSAmir Goldstein 325bbb1e54dSMiklos Szeredi struct dentry *ovl_dentry_real(struct dentry *dentry) 326bbb1e54dSMiklos Szeredi { 32709d8b586SMiklos Szeredi return ovl_dentry_upper(dentry) ?: ovl_dentry_lower(dentry); 328bbb1e54dSMiklos Szeredi } 329bbb1e54dSMiklos Szeredi 3301d88f183SMiklos Szeredi struct dentry *ovl_i_dentry_upper(struct inode *inode) 3311d88f183SMiklos Szeredi { 3321d88f183SMiklos Szeredi return ovl_upperdentry_dereference(OVL_I(inode)); 3331d88f183SMiklos Szeredi } 3341d88f183SMiklos Szeredi 335b2dd05f1SZhihao Cheng struct inode *ovl_i_path_real(struct inode *inode, struct path *path) 336ffa5723cSAmir Goldstein { 337ac900ed4SAmir Goldstein struct ovl_path *lowerpath = ovl_lowerpath(OVL_I_E(inode)); 338ac900ed4SAmir Goldstein 339ffa5723cSAmir Goldstein path->dentry = ovl_i_dentry_upper(inode); 340ffa5723cSAmir Goldstein if (!path->dentry) { 341ac900ed4SAmir Goldstein path->dentry = lowerpath->dentry; 342ac900ed4SAmir Goldstein path->mnt = lowerpath->layer->mnt; 343ffa5723cSAmir Goldstein } else { 344ffa5723cSAmir Goldstein path->mnt = ovl_upper_mnt(OVL_FS(inode->i_sb)); 345ffa5723cSAmir Goldstein } 346b2dd05f1SZhihao Cheng 347b2dd05f1SZhihao Cheng return path->dentry ? d_inode_rcu(path->dentry) : NULL; 348ffa5723cSAmir Goldstein } 349ffa5723cSAmir Goldstein 35009d8b586SMiklos Szeredi struct inode *ovl_inode_upper(struct inode *inode) 35125b7713aSMiklos Szeredi { 3521d88f183SMiklos Szeredi struct dentry *upperdentry = ovl_i_dentry_upper(inode); 35325b7713aSMiklos Szeredi 35409d8b586SMiklos Szeredi return upperdentry ? d_inode(upperdentry) : NULL; 35525b7713aSMiklos Szeredi } 35625b7713aSMiklos Szeredi 35709d8b586SMiklos Szeredi struct inode *ovl_inode_lower(struct inode *inode) 35809d8b586SMiklos Szeredi { 359ac900ed4SAmir Goldstein struct ovl_path *lowerpath = ovl_lowerpath(OVL_I_E(inode)); 360ffa5723cSAmir Goldstein 361ac900ed4SAmir Goldstein return lowerpath ? d_inode(lowerpath->dentry) : NULL; 36209d8b586SMiklos Szeredi } 36309d8b586SMiklos Szeredi 36409d8b586SMiklos Szeredi struct inode *ovl_inode_real(struct inode *inode) 36509d8b586SMiklos Szeredi { 36609d8b586SMiklos Szeredi return ovl_inode_upper(inode) ?: ovl_inode_lower(inode); 36709d8b586SMiklos Szeredi } 36809d8b586SMiklos Szeredi 3692664bd08SVivek Goyal /* Return inode which contains lower data. Do not return metacopy */ 3702664bd08SVivek Goyal struct inode *ovl_inode_lowerdata(struct inode *inode) 3712664bd08SVivek Goyal { 372ab1eb5ffSAmir Goldstein struct dentry *lowerdata = ovl_lowerdata_dentry(OVL_I_E(inode)); 373ab1eb5ffSAmir Goldstein 3742664bd08SVivek Goyal if (WARN_ON(!S_ISREG(inode->i_mode))) 3752664bd08SVivek Goyal return NULL; 3762664bd08SVivek Goyal 377ab1eb5ffSAmir Goldstein return lowerdata ? d_inode(lowerdata) : NULL; 3782664bd08SVivek Goyal } 37909d8b586SMiklos Szeredi 3804823d49cSVivek Goyal /* Return real inode which contains data. Does not return metacopy inode */ 3814823d49cSVivek Goyal struct inode *ovl_inode_realdata(struct inode *inode) 3824823d49cSVivek Goyal { 3834823d49cSVivek Goyal struct inode *upperinode; 3844823d49cSVivek Goyal 3854823d49cSVivek Goyal upperinode = ovl_inode_upper(inode); 3864823d49cSVivek Goyal if (upperinode && ovl_has_upperdata(inode)) 3874823d49cSVivek Goyal return upperinode; 3884823d49cSVivek Goyal 3894823d49cSVivek Goyal return ovl_inode_lowerdata(inode); 3904823d49cSVivek Goyal } 3914823d49cSVivek Goyal 3922b21da92SAmir Goldstein const char *ovl_lowerdata_redirect(struct inode *inode) 3932b21da92SAmir Goldstein { 3942b21da92SAmir Goldstein return inode && S_ISREG(inode->i_mode) ? 3952b21da92SAmir Goldstein OVL_I(inode)->lowerdata_redirect : NULL; 3962b21da92SAmir Goldstein } 3972b21da92SAmir Goldstein 3984edb83bbSMiklos Szeredi struct ovl_dir_cache *ovl_dir_cache(struct inode *inode) 399bbb1e54dSMiklos Szeredi { 4002b21da92SAmir Goldstein return inode && S_ISDIR(inode->i_mode) ? OVL_I(inode)->cache : NULL; 401bbb1e54dSMiklos Szeredi } 402bbb1e54dSMiklos Szeredi 4034edb83bbSMiklos Szeredi void ovl_set_dir_cache(struct inode *inode, struct ovl_dir_cache *cache) 404bbb1e54dSMiklos Szeredi { 4054edb83bbSMiklos Szeredi OVL_I(inode)->cache = cache; 406bbb1e54dSMiklos Szeredi } 407bbb1e54dSMiklos Szeredi 408c62520a8SAmir Goldstein void ovl_dentry_set_flag(unsigned long flag, struct dentry *dentry) 409c62520a8SAmir Goldstein { 410a6ff2bc0SAmir Goldstein set_bit(flag, OVL_E_FLAGS(dentry)); 411c62520a8SAmir Goldstein } 412c62520a8SAmir Goldstein 413c62520a8SAmir Goldstein void ovl_dentry_clear_flag(unsigned long flag, struct dentry *dentry) 414c62520a8SAmir Goldstein { 415a6ff2bc0SAmir Goldstein clear_bit(flag, OVL_E_FLAGS(dentry)); 416c62520a8SAmir Goldstein } 417c62520a8SAmir Goldstein 418c62520a8SAmir Goldstein bool ovl_dentry_test_flag(unsigned long flag, struct dentry *dentry) 419c62520a8SAmir Goldstein { 420a6ff2bc0SAmir Goldstein return test_bit(flag, OVL_E_FLAGS(dentry)); 421c62520a8SAmir Goldstein } 422c62520a8SAmir Goldstein 423bbb1e54dSMiklos Szeredi bool ovl_dentry_is_opaque(struct dentry *dentry) 424bbb1e54dSMiklos Szeredi { 425c62520a8SAmir Goldstein return ovl_dentry_test_flag(OVL_E_OPAQUE, dentry); 426bbb1e54dSMiklos Szeredi } 427bbb1e54dSMiklos Szeredi 428bbb1e54dSMiklos Szeredi bool ovl_dentry_is_whiteout(struct dentry *dentry) 429bbb1e54dSMiklos Szeredi { 430bbb1e54dSMiklos Szeredi return !dentry->d_inode && ovl_dentry_is_opaque(dentry); 431bbb1e54dSMiklos Szeredi } 432bbb1e54dSMiklos Szeredi 4335cf5b477SMiklos Szeredi void ovl_dentry_set_opaque(struct dentry *dentry) 434bbb1e54dSMiklos Szeredi { 435c62520a8SAmir Goldstein ovl_dentry_set_flag(OVL_E_OPAQUE, dentry); 436bbb1e54dSMiklos Szeredi } 437bbb1e54dSMiklos Szeredi 43855acc661SMiklos Szeredi /* 439aa3ff3c1SAmir Goldstein * For hard links and decoded file handles, it's possible for ovl_dentry_upper() 440aa3ff3c1SAmir Goldstein * to return positive, while there's no actual upper alias for the inode. 441aa3ff3c1SAmir Goldstein * Copy up code needs to know about the existence of the upper alias, so it 442aa3ff3c1SAmir Goldstein * can't use ovl_dentry_upper(). 44355acc661SMiklos Szeredi */ 44455acc661SMiklos Szeredi bool ovl_dentry_has_upper_alias(struct dentry *dentry) 44555acc661SMiklos Szeredi { 446c62520a8SAmir Goldstein return ovl_dentry_test_flag(OVL_E_UPPER_ALIAS, dentry); 44755acc661SMiklos Szeredi } 44855acc661SMiklos Szeredi 44955acc661SMiklos Szeredi void ovl_dentry_set_upper_alias(struct dentry *dentry) 45055acc661SMiklos Szeredi { 451c62520a8SAmir Goldstein ovl_dentry_set_flag(OVL_E_UPPER_ALIAS, dentry); 45255acc661SMiklos Szeredi } 45355acc661SMiklos Szeredi 4540c288874SVivek Goyal static bool ovl_should_check_upperdata(struct inode *inode) 4550c288874SVivek Goyal { 4560c288874SVivek Goyal if (!S_ISREG(inode->i_mode)) 4570c288874SVivek Goyal return false; 4580c288874SVivek Goyal 4590c288874SVivek Goyal if (!ovl_inode_lower(inode)) 4600c288874SVivek Goyal return false; 4610c288874SVivek Goyal 4620c288874SVivek Goyal return true; 4630c288874SVivek Goyal } 4640c288874SVivek Goyal 4650c288874SVivek Goyal bool ovl_has_upperdata(struct inode *inode) 4660c288874SVivek Goyal { 4670c288874SVivek Goyal if (!ovl_should_check_upperdata(inode)) 4680c288874SVivek Goyal return true; 4690c288874SVivek Goyal 4700c288874SVivek Goyal if (!ovl_test_flag(OVL_UPPERDATA, inode)) 4710c288874SVivek Goyal return false; 4720c288874SVivek Goyal /* 4730c288874SVivek Goyal * Pairs with smp_wmb() in ovl_set_upperdata(). Main user of 4740c288874SVivek Goyal * ovl_has_upperdata() is ovl_copy_up_meta_inode_data(). Make sure 4750c288874SVivek Goyal * if setting of OVL_UPPERDATA is visible, then effects of writes 4760c288874SVivek Goyal * before that are visible too. 4770c288874SVivek Goyal */ 4780c288874SVivek Goyal smp_rmb(); 4790c288874SVivek Goyal return true; 4800c288874SVivek Goyal } 4810c288874SVivek Goyal 4820c288874SVivek Goyal void ovl_set_upperdata(struct inode *inode) 4830c288874SVivek Goyal { 4840c288874SVivek Goyal /* 4850c288874SVivek Goyal * Pairs with smp_rmb() in ovl_has_upperdata(). Make sure 4860c288874SVivek Goyal * if OVL_UPPERDATA flag is visible, then effects of write operations 4870c288874SVivek Goyal * before it are visible as well. 4880c288874SVivek Goyal */ 4890c288874SVivek Goyal smp_wmb(); 4900c288874SVivek Goyal ovl_set_flag(OVL_UPPERDATA, inode); 4910c288874SVivek Goyal } 4920c288874SVivek Goyal 4930c288874SVivek Goyal /* Caller should hold ovl_inode->lock */ 4940c288874SVivek Goyal bool ovl_dentry_needs_data_copy_up_locked(struct dentry *dentry, int flags) 4950c288874SVivek Goyal { 4960c288874SVivek Goyal if (!ovl_open_flags_need_copy_up(flags)) 4970c288874SVivek Goyal return false; 4980c288874SVivek Goyal 4990c288874SVivek Goyal return !ovl_test_flag(OVL_UPPERDATA, d_inode(dentry)); 5000c288874SVivek Goyal } 5010c288874SVivek Goyal 5020c288874SVivek Goyal bool ovl_dentry_needs_data_copy_up(struct dentry *dentry, int flags) 5030c288874SVivek Goyal { 5040c288874SVivek Goyal if (!ovl_open_flags_need_copy_up(flags)) 5050c288874SVivek Goyal return false; 5060c288874SVivek Goyal 5070c288874SVivek Goyal return !ovl_has_upperdata(d_inode(dentry)); 5080c288874SVivek Goyal } 5090c288874SVivek Goyal 510a6c60655SMiklos Szeredi const char *ovl_dentry_get_redirect(struct dentry *dentry) 511a6c60655SMiklos Szeredi { 512cf31c463SMiklos Szeredi return OVL_I(d_inode(dentry))->redirect; 513a6c60655SMiklos Szeredi } 514a6c60655SMiklos Szeredi 515a6c60655SMiklos Szeredi void ovl_dentry_set_redirect(struct dentry *dentry, const char *redirect) 516a6c60655SMiklos Szeredi { 517cf31c463SMiklos Szeredi struct ovl_inode *oi = OVL_I(d_inode(dentry)); 518a6c60655SMiklos Szeredi 519cf31c463SMiklos Szeredi kfree(oi->redirect); 520cf31c463SMiklos Szeredi oi->redirect = redirect; 521a6c60655SMiklos Szeredi } 522a6c60655SMiklos Szeredi 52309d8b586SMiklos Szeredi void ovl_inode_update(struct inode *inode, struct dentry *upperdentry) 524bbb1e54dSMiklos Szeredi { 52509d8b586SMiklos Szeredi struct inode *upperinode = d_inode(upperdentry); 526e6d2ebddSMiklos Szeredi 52709d8b586SMiklos Szeredi WARN_ON(OVL_I(inode)->__upperdentry); 52809d8b586SMiklos Szeredi 52925b7713aSMiklos Szeredi /* 53009d8b586SMiklos Szeredi * Make sure upperdentry is consistent before making it visible 53125b7713aSMiklos Szeredi */ 53225b7713aSMiklos Szeredi smp_wmb(); 53309d8b586SMiklos Szeredi OVL_I(inode)->__upperdentry = upperdentry; 53431747edaSAmir Goldstein if (inode_unhashed(inode)) { 53525b7713aSMiklos Szeredi inode->i_private = upperinode; 536bbb1e54dSMiklos Szeredi __insert_inode_hash(inode, (unsigned long) upperinode); 537bbb1e54dSMiklos Szeredi } 53825b7713aSMiklos Szeredi } 539bbb1e54dSMiklos Szeredi 54065cd913eSAmir Goldstein static void ovl_dir_version_inc(struct dentry *dentry, bool impurity) 541bbb1e54dSMiklos Szeredi { 54204a01ac7SMiklos Szeredi struct inode *inode = d_inode(dentry); 543bbb1e54dSMiklos Szeredi 54404a01ac7SMiklos Szeredi WARN_ON(!inode_is_locked(inode)); 54565cd913eSAmir Goldstein WARN_ON(!d_is_dir(dentry)); 5464edb83bbSMiklos Szeredi /* 54765cd913eSAmir Goldstein * Version is used by readdir code to keep cache consistent. 54865cd913eSAmir Goldstein * For merge dirs (or dirs with origin) all changes need to be noted. 54965cd913eSAmir Goldstein * For non-merge dirs, cache contains only impure entries (i.e. ones 55065cd913eSAmir Goldstein * which have been copied up and have origins), so only need to note 55165cd913eSAmir Goldstein * changes to impure entries. 5524edb83bbSMiklos Szeredi */ 5531fa9c5c5SMiklos Szeredi if (!ovl_dir_is_real(inode) || impurity) 55404a01ac7SMiklos Szeredi OVL_I(inode)->version++; 555bbb1e54dSMiklos Szeredi } 556bbb1e54dSMiklos Szeredi 557d9854c87SMiklos Szeredi void ovl_dir_modified(struct dentry *dentry, bool impurity) 558d9854c87SMiklos Szeredi { 559d9854c87SMiklos Szeredi /* Copy mtime/ctime */ 5602878dffcSChristian Brauner ovl_copyattr(d_inode(dentry)); 561d9854c87SMiklos Szeredi 56265cd913eSAmir Goldstein ovl_dir_version_inc(dentry, impurity); 563d9854c87SMiklos Szeredi } 564d9854c87SMiklos Szeredi 5651fa9c5c5SMiklos Szeredi u64 ovl_inode_version_get(struct inode *inode) 566bbb1e54dSMiklos Szeredi { 56704a01ac7SMiklos Szeredi WARN_ON(!inode_is_locked(inode)); 56804a01ac7SMiklos Szeredi return OVL_I(inode)->version; 569bbb1e54dSMiklos Szeredi } 570bbb1e54dSMiklos Szeredi 571bbb1e54dSMiklos Szeredi bool ovl_is_whiteout(struct dentry *dentry) 572bbb1e54dSMiklos Szeredi { 573bbb1e54dSMiklos Szeredi struct inode *inode = dentry->d_inode; 574bbb1e54dSMiklos Szeredi 575bbb1e54dSMiklos Szeredi return inode && IS_WHITEOUT(inode); 576bbb1e54dSMiklos Szeredi } 577bbb1e54dSMiklos Szeredi 5782d343087SAl Viro struct file *ovl_path_open(const struct path *path, int flags) 579bbb1e54dSMiklos Szeredi { 58056230d95SMiklos Szeredi struct inode *inode = d_inode(path->dentry); 5814609e1f1SChristian Brauner struct mnt_idmap *real_idmap = mnt_idmap(path->mnt); 58256230d95SMiklos Szeredi int err, acc_mode; 58356230d95SMiklos Szeredi 58456230d95SMiklos Szeredi if (flags & ~(O_ACCMODE | O_LARGEFILE)) 58556230d95SMiklos Szeredi BUG(); 58656230d95SMiklos Szeredi 58756230d95SMiklos Szeredi switch (flags & O_ACCMODE) { 58856230d95SMiklos Szeredi case O_RDONLY: 58956230d95SMiklos Szeredi acc_mode = MAY_READ; 59056230d95SMiklos Szeredi break; 59156230d95SMiklos Szeredi case O_WRONLY: 59256230d95SMiklos Szeredi acc_mode = MAY_WRITE; 59356230d95SMiklos Szeredi break; 59456230d95SMiklos Szeredi default: 59556230d95SMiklos Szeredi BUG(); 59656230d95SMiklos Szeredi } 59756230d95SMiklos Szeredi 5984609e1f1SChristian Brauner err = inode_permission(real_idmap, inode, acc_mode | MAY_OPEN); 59956230d95SMiklos Szeredi if (err) 60056230d95SMiklos Szeredi return ERR_PTR(err); 60156230d95SMiklos Szeredi 60256230d95SMiklos Szeredi /* O_NOATIME is an optimization, don't fail if not permitted */ 60301beba79SChristian Brauner if (inode_owner_or_capable(real_idmap, inode)) 60456230d95SMiklos Szeredi flags |= O_NOATIME; 60556230d95SMiklos Szeredi 60656230d95SMiklos Szeredi return dentry_open(path, flags, current_cred()); 607bbb1e54dSMiklos Szeredi } 60839d3d60aSAmir Goldstein 6090c288874SVivek Goyal /* Caller should hold ovl_inode->lock */ 6100c288874SVivek Goyal static bool ovl_already_copied_up_locked(struct dentry *dentry, int flags) 6110c288874SVivek Goyal { 6120c288874SVivek Goyal bool disconnected = dentry->d_flags & DCACHE_DISCONNECTED; 6130c288874SVivek Goyal 6140c288874SVivek Goyal if (ovl_dentry_upper(dentry) && 6150c288874SVivek Goyal (ovl_dentry_has_upper_alias(dentry) || disconnected) && 6160c288874SVivek Goyal !ovl_dentry_needs_data_copy_up_locked(dentry, flags)) 6170c288874SVivek Goyal return true; 6180c288874SVivek Goyal 6190c288874SVivek Goyal return false; 6200c288874SVivek Goyal } 6210c288874SVivek Goyal 6220c288874SVivek Goyal bool ovl_already_copied_up(struct dentry *dentry, int flags) 6232002df85SVivek Goyal { 6242002df85SVivek Goyal bool disconnected = dentry->d_flags & DCACHE_DISCONNECTED; 6252002df85SVivek Goyal 6262002df85SVivek Goyal /* 6272002df85SVivek Goyal * Check if copy-up has happened as well as for upper alias (in 6282002df85SVivek Goyal * case of hard links) is there. 6292002df85SVivek Goyal * 6302002df85SVivek Goyal * Both checks are lockless: 6312002df85SVivek Goyal * - false negatives: will recheck under oi->lock 6322002df85SVivek Goyal * - false positives: 6332002df85SVivek Goyal * + ovl_dentry_upper() uses memory barriers to ensure the 6342002df85SVivek Goyal * upper dentry is up-to-date 6352002df85SVivek Goyal * + ovl_dentry_has_upper_alias() relies on locking of 6362002df85SVivek Goyal * upper parent i_rwsem to prevent reordering copy-up 6372002df85SVivek Goyal * with rename. 6382002df85SVivek Goyal */ 6392002df85SVivek Goyal if (ovl_dentry_upper(dentry) && 6400c288874SVivek Goyal (ovl_dentry_has_upper_alias(dentry) || disconnected) && 6410c288874SVivek Goyal !ovl_dentry_needs_data_copy_up(dentry, flags)) 6422002df85SVivek Goyal return true; 6432002df85SVivek Goyal 6442002df85SVivek Goyal return false; 6452002df85SVivek Goyal } 6462002df85SVivek Goyal 6470c288874SVivek Goyal int ovl_copy_up_start(struct dentry *dentry, int flags) 64839d3d60aSAmir Goldstein { 6491e92e307SAmir Goldstein struct inode *inode = d_inode(dentry); 65039d3d60aSAmir Goldstein int err; 65139d3d60aSAmir Goldstein 652531d3040SAmir Goldstein err = ovl_inode_lock_interruptible(inode); 6530c288874SVivek Goyal if (!err && ovl_already_copied_up_locked(dentry, flags)) { 65439d3d60aSAmir Goldstein err = 1; /* Already copied up */ 6551e92e307SAmir Goldstein ovl_inode_unlock(inode); 65639d3d60aSAmir Goldstein } 65739d3d60aSAmir Goldstein 65839d3d60aSAmir Goldstein return err; 65939d3d60aSAmir Goldstein } 66039d3d60aSAmir Goldstein 66139d3d60aSAmir Goldstein void ovl_copy_up_end(struct dentry *dentry) 66239d3d60aSAmir Goldstein { 6631e92e307SAmir Goldstein ovl_inode_unlock(d_inode(dentry)); 66439d3d60aSAmir Goldstein } 66582b749b2SAmir Goldstein 6662d343087SAl Viro bool ovl_path_check_origin_xattr(struct ovl_fs *ofs, const struct path *path) 667b79e05aaSAmir Goldstein { 668b79e05aaSAmir Goldstein int res; 669b79e05aaSAmir Goldstein 670dad7017aSChristian Brauner res = ovl_path_getxattr(ofs, path, OVL_XATTR_ORIGIN, NULL, 0); 671b79e05aaSAmir Goldstein 672b79e05aaSAmir Goldstein /* Zero size value means "copied up but origin unknown" */ 673b79e05aaSAmir Goldstein if (res >= 0) 674b79e05aaSAmir Goldstein return true; 675b79e05aaSAmir Goldstein 676b79e05aaSAmir Goldstein return false; 677b79e05aaSAmir Goldstein } 678b79e05aaSAmir Goldstein 6792d343087SAl Viro bool ovl_path_check_dir_xattr(struct ovl_fs *ofs, const struct path *path, 68043d193f8SMiklos Szeredi enum ovl_xattr ox) 681f3a15685SAmir Goldstein { 682f3a15685SAmir Goldstein int res; 683f3a15685SAmir Goldstein char val; 684f3a15685SAmir Goldstein 685dad7017aSChristian Brauner if (!d_is_dir(path->dentry)) 686f3a15685SAmir Goldstein return false; 687f3a15685SAmir Goldstein 688dad7017aSChristian Brauner res = ovl_path_getxattr(ofs, path, ox, &val, 1); 689f3a15685SAmir Goldstein if (res == 1 && val == 'y') 690f3a15685SAmir Goldstein return true; 691f3a15685SAmir Goldstein 692f3a15685SAmir Goldstein return false; 693f3a15685SAmir Goldstein } 694f3a15685SAmir Goldstein 69543d193f8SMiklos Szeredi #define OVL_XATTR_OPAQUE_POSTFIX "opaque" 69643d193f8SMiklos Szeredi #define OVL_XATTR_REDIRECT_POSTFIX "redirect" 69743d193f8SMiklos Szeredi #define OVL_XATTR_ORIGIN_POSTFIX "origin" 69843d193f8SMiklos Szeredi #define OVL_XATTR_IMPURE_POSTFIX "impure" 69943d193f8SMiklos Szeredi #define OVL_XATTR_NLINK_POSTFIX "nlink" 70043d193f8SMiklos Szeredi #define OVL_XATTR_UPPER_POSTFIX "upper" 70143d193f8SMiklos Szeredi #define OVL_XATTR_METACOPY_POSTFIX "metacopy" 702096a218aSAmir Goldstein #define OVL_XATTR_PROTATTR_POSTFIX "protattr" 70343d193f8SMiklos Szeredi 70443d193f8SMiklos Szeredi #define OVL_XATTR_TAB_ENTRY(x) \ 7052d2f2d73SMiklos Szeredi [x] = { [false] = OVL_XATTR_TRUSTED_PREFIX x ## _POSTFIX, \ 7062d2f2d73SMiklos Szeredi [true] = OVL_XATTR_USER_PREFIX x ## _POSTFIX } 70743d193f8SMiklos Szeredi 7082d2f2d73SMiklos Szeredi const char *const ovl_xattr_table[][2] = { 70943d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_OPAQUE), 71043d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_REDIRECT), 71143d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_ORIGIN), 71243d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_IMPURE), 71343d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_NLINK), 71443d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_UPPER), 71543d193f8SMiklos Szeredi OVL_XATTR_TAB_ENTRY(OVL_XATTR_METACOPY), 716096a218aSAmir Goldstein OVL_XATTR_TAB_ENTRY(OVL_XATTR_PROTATTR), 71743d193f8SMiklos Szeredi }; 71843d193f8SMiklos Szeredi 719a0c236b1SAmir Goldstein int ovl_check_setxattr(struct ovl_fs *ofs, struct dentry *upperdentry, 72043d193f8SMiklos Szeredi enum ovl_xattr ox, const void *value, size_t size, 72182b749b2SAmir Goldstein int xerr) 72282b749b2SAmir Goldstein { 72382b749b2SAmir Goldstein int err; 72482b749b2SAmir Goldstein 72582b749b2SAmir Goldstein if (ofs->noxattr) 72682b749b2SAmir Goldstein return xerr; 72782b749b2SAmir Goldstein 728c914c0e2SAmir Goldstein err = ovl_setxattr(ofs, upperdentry, ox, value, size); 72982b749b2SAmir Goldstein 73082b749b2SAmir Goldstein if (err == -EOPNOTSUPP) { 73143d193f8SMiklos Szeredi pr_warn("cannot set %s xattr on upper\n", ovl_xattr(ofs, ox)); 73282b749b2SAmir Goldstein ofs->noxattr = true; 73382b749b2SAmir Goldstein return xerr; 73482b749b2SAmir Goldstein } 73582b749b2SAmir Goldstein 73682b749b2SAmir Goldstein return err; 73782b749b2SAmir Goldstein } 738f3a15685SAmir Goldstein 739f3a15685SAmir Goldstein int ovl_set_impure(struct dentry *dentry, struct dentry *upperdentry) 740f3a15685SAmir Goldstein { 741a0c236b1SAmir Goldstein struct ovl_fs *ofs = OVL_FS(dentry->d_sb); 742f3a15685SAmir Goldstein int err; 743f3a15685SAmir Goldstein 74413c72075SMiklos Szeredi if (ovl_test_flag(OVL_IMPURE, d_inode(dentry))) 745f3a15685SAmir Goldstein return 0; 746f3a15685SAmir Goldstein 747f3a15685SAmir Goldstein /* 748f3a15685SAmir Goldstein * Do not fail when upper doesn't support xattrs. 749f3a15685SAmir Goldstein * Upper inodes won't have origin nor redirect xattr anyway. 750f3a15685SAmir Goldstein */ 751a0c236b1SAmir Goldstein err = ovl_check_setxattr(ofs, upperdentry, OVL_XATTR_IMPURE, "y", 1, 0); 752f3a15685SAmir Goldstein if (!err) 75313c72075SMiklos Szeredi ovl_set_flag(OVL_IMPURE, d_inode(dentry)); 754f3a15685SAmir Goldstein 755f3a15685SAmir Goldstein return err; 756f3a15685SAmir Goldstein } 75713c72075SMiklos Szeredi 758096a218aSAmir Goldstein 759096a218aSAmir Goldstein #define OVL_PROTATTR_MAX 32 /* Reserved for future flags */ 760096a218aSAmir Goldstein 761096a218aSAmir Goldstein void ovl_check_protattr(struct inode *inode, struct dentry *upper) 762096a218aSAmir Goldstein { 763096a218aSAmir Goldstein struct ovl_fs *ofs = OVL_FS(inode->i_sb); 764096a218aSAmir Goldstein u32 iflags = inode->i_flags & OVL_PROT_I_FLAGS_MASK; 765096a218aSAmir Goldstein char buf[OVL_PROTATTR_MAX+1]; 766096a218aSAmir Goldstein int res, n; 767096a218aSAmir Goldstein 768dad7017aSChristian Brauner res = ovl_getxattr_upper(ofs, upper, OVL_XATTR_PROTATTR, buf, 769096a218aSAmir Goldstein OVL_PROTATTR_MAX); 770096a218aSAmir Goldstein if (res < 0) 771096a218aSAmir Goldstein return; 772096a218aSAmir Goldstein 773096a218aSAmir Goldstein /* 774096a218aSAmir Goldstein * Initialize inode flags from overlay.protattr xattr and upper inode 775096a218aSAmir Goldstein * flags. If upper inode has those fileattr flags set (i.e. from old 776096a218aSAmir Goldstein * kernel), we do not clear them on ovl_get_inode(), but we will clear 777096a218aSAmir Goldstein * them on next fileattr_set(). 778096a218aSAmir Goldstein */ 779096a218aSAmir Goldstein for (n = 0; n < res; n++) { 780096a218aSAmir Goldstein if (buf[n] == 'a') 781096a218aSAmir Goldstein iflags |= S_APPEND; 782096a218aSAmir Goldstein else if (buf[n] == 'i') 783096a218aSAmir Goldstein iflags |= S_IMMUTABLE; 784096a218aSAmir Goldstein else 785096a218aSAmir Goldstein break; 786096a218aSAmir Goldstein } 787096a218aSAmir Goldstein 788096a218aSAmir Goldstein if (!res || n < res) { 789096a218aSAmir Goldstein pr_warn_ratelimited("incompatible overlay.protattr format (%pd2, len=%d)\n", 790096a218aSAmir Goldstein upper, res); 791096a218aSAmir Goldstein } else { 792096a218aSAmir Goldstein inode_set_flags(inode, iflags, OVL_PROT_I_FLAGS_MASK); 793096a218aSAmir Goldstein } 794096a218aSAmir Goldstein } 795096a218aSAmir Goldstein 796096a218aSAmir Goldstein int ovl_set_protattr(struct inode *inode, struct dentry *upper, 797096a218aSAmir Goldstein struct fileattr *fa) 798096a218aSAmir Goldstein { 799096a218aSAmir Goldstein struct ovl_fs *ofs = OVL_FS(inode->i_sb); 800096a218aSAmir Goldstein char buf[OVL_PROTATTR_MAX]; 801096a218aSAmir Goldstein int len = 0, err = 0; 802096a218aSAmir Goldstein u32 iflags = 0; 803096a218aSAmir Goldstein 804096a218aSAmir Goldstein BUILD_BUG_ON(HWEIGHT32(OVL_PROT_FS_FLAGS_MASK) > OVL_PROTATTR_MAX); 805096a218aSAmir Goldstein 806096a218aSAmir Goldstein if (fa->flags & FS_APPEND_FL) { 807096a218aSAmir Goldstein buf[len++] = 'a'; 808096a218aSAmir Goldstein iflags |= S_APPEND; 809096a218aSAmir Goldstein } 810096a218aSAmir Goldstein if (fa->flags & FS_IMMUTABLE_FL) { 811096a218aSAmir Goldstein buf[len++] = 'i'; 812096a218aSAmir Goldstein iflags |= S_IMMUTABLE; 813096a218aSAmir Goldstein } 814096a218aSAmir Goldstein 815096a218aSAmir Goldstein /* 816096a218aSAmir Goldstein * Do not allow to set protection flags when upper doesn't support 817096a218aSAmir Goldstein * xattrs, because we do not set those fileattr flags on upper inode. 818096a218aSAmir Goldstein * Remove xattr if it exist and all protection flags are cleared. 819096a218aSAmir Goldstein */ 820096a218aSAmir Goldstein if (len) { 821096a218aSAmir Goldstein err = ovl_check_setxattr(ofs, upper, OVL_XATTR_PROTATTR, 822096a218aSAmir Goldstein buf, len, -EPERM); 823096a218aSAmir Goldstein } else if (inode->i_flags & OVL_PROT_I_FLAGS_MASK) { 824c914c0e2SAmir Goldstein err = ovl_removexattr(ofs, upper, OVL_XATTR_PROTATTR); 825096a218aSAmir Goldstein if (err == -EOPNOTSUPP || err == -ENODATA) 826096a218aSAmir Goldstein err = 0; 827096a218aSAmir Goldstein } 828096a218aSAmir Goldstein if (err) 829096a218aSAmir Goldstein return err; 830096a218aSAmir Goldstein 831096a218aSAmir Goldstein inode_set_flags(inode, iflags, OVL_PROT_I_FLAGS_MASK); 832096a218aSAmir Goldstein 833096a218aSAmir Goldstein /* Mask out the fileattr flags that should not be set in upper inode */ 834096a218aSAmir Goldstein fa->flags &= ~OVL_PROT_FS_FLAGS_MASK; 835096a218aSAmir Goldstein fa->fsx_xflags &= ~OVL_PROT_FSX_FLAGS_MASK; 836096a218aSAmir Goldstein 837096a218aSAmir Goldstein return 0; 838096a218aSAmir Goldstein } 839096a218aSAmir Goldstein 840ad0af710SAmir Goldstein /** 841ad0af710SAmir Goldstein * Caller must hold a reference to inode to prevent it from being freed while 842ad0af710SAmir Goldstein * it is marked inuse. 843ad0af710SAmir Goldstein */ 844ad0af710SAmir Goldstein bool ovl_inuse_trylock(struct dentry *dentry) 845ad0af710SAmir Goldstein { 846ad0af710SAmir Goldstein struct inode *inode = d_inode(dentry); 847ad0af710SAmir Goldstein bool locked = false; 848ad0af710SAmir Goldstein 849ad0af710SAmir Goldstein spin_lock(&inode->i_lock); 850ad0af710SAmir Goldstein if (!(inode->i_state & I_OVL_INUSE)) { 851ad0af710SAmir Goldstein inode->i_state |= I_OVL_INUSE; 852ad0af710SAmir Goldstein locked = true; 853ad0af710SAmir Goldstein } 854ad0af710SAmir Goldstein spin_unlock(&inode->i_lock); 855ad0af710SAmir Goldstein 856ad0af710SAmir Goldstein return locked; 857ad0af710SAmir Goldstein } 858ad0af710SAmir Goldstein 859ad0af710SAmir Goldstein void ovl_inuse_unlock(struct dentry *dentry) 860ad0af710SAmir Goldstein { 861ad0af710SAmir Goldstein if (dentry) { 862ad0af710SAmir Goldstein struct inode *inode = d_inode(dentry); 863ad0af710SAmir Goldstein 864ad0af710SAmir Goldstein spin_lock(&inode->i_lock); 865ad0af710SAmir Goldstein WARN_ON(!(inode->i_state & I_OVL_INUSE)); 866ad0af710SAmir Goldstein inode->i_state &= ~I_OVL_INUSE; 867ad0af710SAmir Goldstein spin_unlock(&inode->i_lock); 868ad0af710SAmir Goldstein } 869ad0af710SAmir Goldstein } 8705f8415d6SAmir Goldstein 871146d62e5SAmir Goldstein bool ovl_is_inuse(struct dentry *dentry) 872146d62e5SAmir Goldstein { 873146d62e5SAmir Goldstein struct inode *inode = d_inode(dentry); 874146d62e5SAmir Goldstein bool inuse; 875146d62e5SAmir Goldstein 876146d62e5SAmir Goldstein spin_lock(&inode->i_lock); 877146d62e5SAmir Goldstein inuse = (inode->i_state & I_OVL_INUSE); 878146d62e5SAmir Goldstein spin_unlock(&inode->i_lock); 879146d62e5SAmir Goldstein 880146d62e5SAmir Goldstein return inuse; 881146d62e5SAmir Goldstein } 882146d62e5SAmir Goldstein 88324b33ee1SAmir Goldstein /* 88424b33ee1SAmir Goldstein * Does this overlay dentry need to be indexed on copy up? 88524b33ee1SAmir Goldstein */ 88624b33ee1SAmir Goldstein bool ovl_need_index(struct dentry *dentry) 88724b33ee1SAmir Goldstein { 88824b33ee1SAmir Goldstein struct dentry *lower = ovl_dentry_lower(dentry); 88924b33ee1SAmir Goldstein 89024b33ee1SAmir Goldstein if (!lower || !ovl_indexdir(dentry->d_sb)) 89124b33ee1SAmir Goldstein return false; 89224b33ee1SAmir Goldstein 893fbd2d207SAmir Goldstein /* Index all files for NFS export and consistency verification */ 894016b720fSAmir Goldstein if (ovl_index_all(dentry->d_sb)) 895fbd2d207SAmir Goldstein return true; 896fbd2d207SAmir Goldstein 89724b33ee1SAmir Goldstein /* Index only lower hardlinks on copy up */ 89824b33ee1SAmir Goldstein if (!d_is_dir(lower) && d_inode(lower)->i_nlink > 1) 89924b33ee1SAmir Goldstein return true; 90024b33ee1SAmir Goldstein 90124b33ee1SAmir Goldstein return false; 90224b33ee1SAmir Goldstein } 90324b33ee1SAmir Goldstein 9049f4ec904SAmir Goldstein /* Caller must hold OVL_I(inode)->lock */ 905caf70cb2SAmir Goldstein static void ovl_cleanup_index(struct dentry *dentry) 906caf70cb2SAmir Goldstein { 9071cdb0cb6SPavel Tikhomirov struct ovl_fs *ofs = OVL_FS(dentry->d_sb); 908e7dd0e71SAmir Goldstein struct dentry *indexdir = ovl_indexdir(dentry->d_sb); 909e7dd0e71SAmir Goldstein struct inode *dir = indexdir->d_inode; 910caf70cb2SAmir Goldstein struct dentry *lowerdentry = ovl_dentry_lower(dentry); 911caf70cb2SAmir Goldstein struct dentry *upperdentry = ovl_dentry_upper(dentry); 912caf70cb2SAmir Goldstein struct dentry *index = NULL; 913caf70cb2SAmir Goldstein struct inode *inode; 91463e13252SAmir Goldstein struct qstr name = { }; 915caf70cb2SAmir Goldstein int err; 916caf70cb2SAmir Goldstein 9171cdb0cb6SPavel Tikhomirov err = ovl_get_index_name(ofs, lowerdentry, &name); 918caf70cb2SAmir Goldstein if (err) 919caf70cb2SAmir Goldstein goto fail; 920caf70cb2SAmir Goldstein 921caf70cb2SAmir Goldstein inode = d_inode(upperdentry); 92289a17556SAmir Goldstein if (!S_ISDIR(inode->i_mode) && inode->i_nlink != 1) { 9231bd0a3aeSlijiazi pr_warn_ratelimited("cleanup linked index (%pd2, ino=%lu, nlink=%u)\n", 924caf70cb2SAmir Goldstein upperdentry, inode->i_ino, inode->i_nlink); 925caf70cb2SAmir Goldstein /* 926caf70cb2SAmir Goldstein * We either have a bug with persistent union nlink or a lower 927caf70cb2SAmir Goldstein * hardlink was added while overlay is mounted. Adding a lower 928caf70cb2SAmir Goldstein * hardlink and then unlinking all overlay hardlinks would drop 929caf70cb2SAmir Goldstein * overlay nlink to zero before all upper inodes are unlinked. 930caf70cb2SAmir Goldstein * As a safety measure, when that situation is detected, set 931caf70cb2SAmir Goldstein * the overlay nlink to the index inode nlink minus one for the 932caf70cb2SAmir Goldstein * index entry itself. 933caf70cb2SAmir Goldstein */ 934caf70cb2SAmir Goldstein set_nlink(d_inode(dentry), inode->i_nlink - 1); 935caf70cb2SAmir Goldstein ovl_set_nlink_upper(dentry); 936caf70cb2SAmir Goldstein goto out; 937caf70cb2SAmir Goldstein } 938caf70cb2SAmir Goldstein 939caf70cb2SAmir Goldstein inode_lock_nested(dir, I_MUTEX_PARENT); 94022f289ceSChristian Brauner index = ovl_lookup_upper(ofs, name.name, indexdir, name.len); 941caf70cb2SAmir Goldstein err = PTR_ERR(index); 942e7dd0e71SAmir Goldstein if (IS_ERR(index)) { 9439f4ec904SAmir Goldstein index = NULL; 944e7dd0e71SAmir Goldstein } else if (ovl_index_all(dentry->d_sb)) { 945e7dd0e71SAmir Goldstein /* Whiteout orphan index to block future open by handle */ 946c21c839bSChengguang Xu err = ovl_cleanup_and_whiteout(OVL_FS(dentry->d_sb), 947c21c839bSChengguang Xu dir, index); 948e7dd0e71SAmir Goldstein } else { 949e7dd0e71SAmir Goldstein /* Cleanup orphan index entries */ 950576bb263SChristian Brauner err = ovl_cleanup(ofs, dir, index); 951e7dd0e71SAmir Goldstein } 9529f4ec904SAmir Goldstein 953caf70cb2SAmir Goldstein inode_unlock(dir); 954caf70cb2SAmir Goldstein if (err) 955caf70cb2SAmir Goldstein goto fail; 956caf70cb2SAmir Goldstein 957caf70cb2SAmir Goldstein out: 95863e13252SAmir Goldstein kfree(name.name); 959caf70cb2SAmir Goldstein dput(index); 960caf70cb2SAmir Goldstein return; 961caf70cb2SAmir Goldstein 962caf70cb2SAmir Goldstein fail: 9631bd0a3aeSlijiazi pr_err("cleanup index of '%pd2' failed (%i)\n", dentry, err); 964caf70cb2SAmir Goldstein goto out; 965caf70cb2SAmir Goldstein } 966caf70cb2SAmir Goldstein 9675f8415d6SAmir Goldstein /* 9685f8415d6SAmir Goldstein * Operations that change overlay inode and upper inode nlink need to be 9695f8415d6SAmir Goldstein * synchronized with copy up for persistent nlink accounting. 9705f8415d6SAmir Goldstein */ 9710e32992fSAmir Goldstein int ovl_nlink_start(struct dentry *dentry) 9725f8415d6SAmir Goldstein { 9731e92e307SAmir Goldstein struct inode *inode = d_inode(dentry); 9745f8415d6SAmir Goldstein const struct cred *old_cred; 9755f8415d6SAmir Goldstein int err; 9765f8415d6SAmir Goldstein 9771e92e307SAmir Goldstein if (WARN_ON(!inode)) 9780e32992fSAmir Goldstein return -ENOENT; 9795f8415d6SAmir Goldstein 9805f8415d6SAmir Goldstein /* 9815f8415d6SAmir Goldstein * With inodes index is enabled, we store the union overlay nlink 98224b33ee1SAmir Goldstein * in an xattr on the index inode. When whiting out an indexed lower, 9835f8415d6SAmir Goldstein * we need to decrement the overlay persistent nlink, but before the 9845f8415d6SAmir Goldstein * first copy up, we have no upper index inode to store the xattr. 9855f8415d6SAmir Goldstein * 98624b33ee1SAmir Goldstein * As a workaround, before whiteout/rename over an indexed lower, 9875f8415d6SAmir Goldstein * copy up to create the upper index. Creating the upper index will 9885f8415d6SAmir Goldstein * initialize the overlay nlink, so it could be dropped if unlink 9895f8415d6SAmir Goldstein * or rename succeeds. 9905f8415d6SAmir Goldstein * 9915f8415d6SAmir Goldstein * TODO: implement metadata only index copy up when called with 9925f8415d6SAmir Goldstein * ovl_copy_up_flags(dentry, O_PATH). 9935f8415d6SAmir Goldstein */ 99424b33ee1SAmir Goldstein if (ovl_need_index(dentry) && !ovl_dentry_has_upper_alias(dentry)) { 9955f8415d6SAmir Goldstein err = ovl_copy_up(dentry); 9965f8415d6SAmir Goldstein if (err) 9975f8415d6SAmir Goldstein return err; 9985f8415d6SAmir Goldstein } 9995f8415d6SAmir Goldstein 1000531d3040SAmir Goldstein err = ovl_inode_lock_interruptible(inode); 10015f8415d6SAmir Goldstein if (err) 10025f8415d6SAmir Goldstein return err; 10035f8415d6SAmir Goldstein 10041e92e307SAmir Goldstein if (d_is_dir(dentry) || !ovl_test_flag(OVL_INDEX, inode)) 10055f8415d6SAmir Goldstein goto out; 10065f8415d6SAmir Goldstein 10075f8415d6SAmir Goldstein old_cred = ovl_override_creds(dentry->d_sb); 10085f8415d6SAmir Goldstein /* 10095f8415d6SAmir Goldstein * The overlay inode nlink should be incremented/decremented IFF the 10105f8415d6SAmir Goldstein * upper operation succeeds, along with nlink change of upper inode. 10115f8415d6SAmir Goldstein * Therefore, before link/unlink/rename, we store the union nlink 10125f8415d6SAmir Goldstein * value relative to the upper inode nlink in an upper inode xattr. 10135f8415d6SAmir Goldstein */ 10145f8415d6SAmir Goldstein err = ovl_set_nlink_upper(dentry); 10155f8415d6SAmir Goldstein revert_creds(old_cred); 10165f8415d6SAmir Goldstein 10175f8415d6SAmir Goldstein out: 10185f8415d6SAmir Goldstein if (err) 10191e92e307SAmir Goldstein ovl_inode_unlock(inode); 10205f8415d6SAmir Goldstein 10215f8415d6SAmir Goldstein return err; 10225f8415d6SAmir Goldstein } 10235f8415d6SAmir Goldstein 10240e32992fSAmir Goldstein void ovl_nlink_end(struct dentry *dentry) 10255f8415d6SAmir Goldstein { 10261e92e307SAmir Goldstein struct inode *inode = d_inode(dentry); 10271e92e307SAmir Goldstein 10281e92e307SAmir Goldstein if (ovl_test_flag(OVL_INDEX, inode) && inode->i_nlink == 0) { 1029caf70cb2SAmir Goldstein const struct cred *old_cred; 1030caf70cb2SAmir Goldstein 1031caf70cb2SAmir Goldstein old_cred = ovl_override_creds(dentry->d_sb); 1032caf70cb2SAmir Goldstein ovl_cleanup_index(dentry); 1033caf70cb2SAmir Goldstein revert_creds(old_cred); 1034caf70cb2SAmir Goldstein } 1035caf70cb2SAmir Goldstein 10361e92e307SAmir Goldstein ovl_inode_unlock(inode); 10375f8415d6SAmir Goldstein } 10385820dc08SAmir Goldstein 10395820dc08SAmir Goldstein int ovl_lock_rename_workdir(struct dentry *workdir, struct dentry *upperdir) 10405820dc08SAmir Goldstein { 10415820dc08SAmir Goldstein /* Workdir should not be the same as upperdir */ 10425820dc08SAmir Goldstein if (workdir == upperdir) 10435820dc08SAmir Goldstein goto err; 10445820dc08SAmir Goldstein 10455820dc08SAmir Goldstein /* Workdir should not be subdir of upperdir and vice versa */ 10465820dc08SAmir Goldstein if (lock_rename(workdir, upperdir) != NULL) 10475820dc08SAmir Goldstein goto err_unlock; 10485820dc08SAmir Goldstein 10495820dc08SAmir Goldstein return 0; 10505820dc08SAmir Goldstein 10515820dc08SAmir Goldstein err_unlock: 10525820dc08SAmir Goldstein unlock_rename(workdir, upperdir); 10535820dc08SAmir Goldstein err: 10541bd0a3aeSlijiazi pr_err("failed to lock workdir+upperdir\n"); 10555820dc08SAmir Goldstein return -EIO; 10565820dc08SAmir Goldstein } 10579d3dfea3SVivek Goyal 1058bf070890SAlexander Larsson /* 1059bf070890SAlexander Larsson * err < 0, 0 if no metacopy xattr, metacopy data size if xattr found. 1060bf070890SAlexander Larsson * an empty xattr returns OVL_METACOPY_MIN_SIZE to distinguish from no xattr value. 1061bf070890SAlexander Larsson */ 1062bf070890SAlexander Larsson int ovl_check_metacopy_xattr(struct ovl_fs *ofs, const struct path *path, 1063bf070890SAlexander Larsson struct ovl_metacopy *data) 10649d3dfea3SVivek Goyal { 10659d3dfea3SVivek Goyal int res; 10669d3dfea3SVivek Goyal 10679d3dfea3SVivek Goyal /* Only regular files can have metacopy xattr */ 1068dad7017aSChristian Brauner if (!S_ISREG(d_inode(path->dentry)->i_mode)) 10699d3dfea3SVivek Goyal return 0; 10709d3dfea3SVivek Goyal 1071bf070890SAlexander Larsson res = ovl_path_getxattr(ofs, path, OVL_XATTR_METACOPY, 1072bf070890SAlexander Larsson data, data ? OVL_METACOPY_MAX_SIZE : 0); 10739d3dfea3SVivek Goyal if (res < 0) { 10749d3dfea3SVivek Goyal if (res == -ENODATA || res == -EOPNOTSUPP) 10759d3dfea3SVivek Goyal return 0; 107687b2c60cSMiklos Szeredi /* 107787b2c60cSMiklos Szeredi * getxattr on user.* may fail with EACCES in case there's no 107887b2c60cSMiklos Szeredi * read permission on the inode. Not much we can do, other than 107987b2c60cSMiklos Szeredi * tell the caller that this is not a metacopy inode. 108087b2c60cSMiklos Szeredi */ 108187b2c60cSMiklos Szeredi if (ofs->config.userxattr && res == -EACCES) 108287b2c60cSMiklos Szeredi return 0; 10839d3dfea3SVivek Goyal goto out; 10849d3dfea3SVivek Goyal } 10859d3dfea3SVivek Goyal 1086bf070890SAlexander Larsson if (res == 0) { 1087bf070890SAlexander Larsson /* Emulate empty data for zero size metacopy xattr */ 1088bf070890SAlexander Larsson res = OVL_METACOPY_MIN_SIZE; 1089bf070890SAlexander Larsson if (data) { 1090bf070890SAlexander Larsson memset(data, 0, res); 1091bf070890SAlexander Larsson data->len = res; 1092bf070890SAlexander Larsson } 1093bf070890SAlexander Larsson } else if (res < OVL_METACOPY_MIN_SIZE) { 1094bf070890SAlexander Larsson pr_warn_ratelimited("metacopy file '%pd' has too small xattr\n", 1095bf070890SAlexander Larsson path->dentry); 1096bf070890SAlexander Larsson return -EIO; 1097bf070890SAlexander Larsson } else if (data) { 1098bf070890SAlexander Larsson if (data->version != 0) { 1099bf070890SAlexander Larsson pr_warn_ratelimited("metacopy file '%pd' has unsupported version\n", 1100bf070890SAlexander Larsson path->dentry); 1101bf070890SAlexander Larsson return -EIO; 1102bf070890SAlexander Larsson } 1103bf070890SAlexander Larsson if (res != data->len) { 1104bf070890SAlexander Larsson pr_warn_ratelimited("metacopy file '%pd' has invalid xattr size\n", 1105bf070890SAlexander Larsson path->dentry); 1106bf070890SAlexander Larsson return -EIO; 1107bf070890SAlexander Larsson } 1108bf070890SAlexander Larsson } 1109bf070890SAlexander Larsson 1110bf070890SAlexander Larsson return res; 11119d3dfea3SVivek Goyal out: 11121bd0a3aeSlijiazi pr_warn_ratelimited("failed to get metacopy (%i)\n", res); 11139d3dfea3SVivek Goyal return res; 11149d3dfea3SVivek Goyal } 111567d756c2SVivek Goyal 1116184996e9SAlexander Larsson int ovl_set_metacopy_xattr(struct ovl_fs *ofs, struct dentry *d, struct ovl_metacopy *metacopy) 1117184996e9SAlexander Larsson { 1118184996e9SAlexander Larsson size_t len = metacopy->len; 1119184996e9SAlexander Larsson 1120184996e9SAlexander Larsson /* If no flags or digest fall back to empty metacopy file */ 1121184996e9SAlexander Larsson if (metacopy->version == 0 && metacopy->flags == 0 && metacopy->digest_algo == 0) 1122184996e9SAlexander Larsson len = 0; 1123184996e9SAlexander Larsson 1124184996e9SAlexander Larsson return ovl_check_setxattr(ofs, d, OVL_XATTR_METACOPY, 1125184996e9SAlexander Larsson metacopy, len, -EOPNOTSUPP); 1126184996e9SAlexander Larsson } 1127184996e9SAlexander Larsson 112867d756c2SVivek Goyal bool ovl_is_metacopy_dentry(struct dentry *dentry) 112967d756c2SVivek Goyal { 1130a6ff2bc0SAmir Goldstein struct ovl_entry *oe = OVL_E(dentry); 113167d756c2SVivek Goyal 113267d756c2SVivek Goyal if (!d_is_reg(dentry)) 113367d756c2SVivek Goyal return false; 113467d756c2SVivek Goyal 113567d756c2SVivek Goyal if (ovl_dentry_upper(dentry)) { 113667d756c2SVivek Goyal if (!ovl_has_upperdata(d_inode(dentry))) 113767d756c2SVivek Goyal return true; 113867d756c2SVivek Goyal return false; 113967d756c2SVivek Goyal } 114067d756c2SVivek Goyal 11415522c9c7SAmir Goldstein return (ovl_numlower(oe) > 1); 114267d756c2SVivek Goyal } 11430a2d0d3fSVivek Goyal 11442d343087SAl Viro char *ovl_get_redirect_xattr(struct ovl_fs *ofs, const struct path *path, int padding) 11450a2d0d3fSVivek Goyal { 11460a2d0d3fSVivek Goyal int res; 11470a2d0d3fSVivek Goyal char *s, *next, *buf = NULL; 11480a2d0d3fSVivek Goyal 1149dad7017aSChristian Brauner res = ovl_path_getxattr(ofs, path, OVL_XATTR_REDIRECT, NULL, 0); 115092f0d6c9SMiklos Szeredi if (res == -ENODATA || res == -EOPNOTSUPP) 11510a2d0d3fSVivek Goyal return NULL; 11520a2d0d3fSVivek Goyal if (res < 0) 115392f0d6c9SMiklos Szeredi goto fail; 115492f0d6c9SMiklos Szeredi if (res == 0) 115592f0d6c9SMiklos Szeredi goto invalid; 115692f0d6c9SMiklos Szeredi 115792f0d6c9SMiklos Szeredi buf = kzalloc(res + padding + 1, GFP_KERNEL); 115892f0d6c9SMiklos Szeredi if (!buf) 115992f0d6c9SMiklos Szeredi return ERR_PTR(-ENOMEM); 116092f0d6c9SMiklos Szeredi 1161dad7017aSChristian Brauner res = ovl_path_getxattr(ofs, path, OVL_XATTR_REDIRECT, buf, res); 116292f0d6c9SMiklos Szeredi if (res < 0) 116392f0d6c9SMiklos Szeredi goto fail; 11640a2d0d3fSVivek Goyal if (res == 0) 11650a2d0d3fSVivek Goyal goto invalid; 11660a2d0d3fSVivek Goyal 11670a2d0d3fSVivek Goyal if (buf[0] == '/') { 11680a2d0d3fSVivek Goyal for (s = buf; *s++ == '/'; s = next) { 11690a2d0d3fSVivek Goyal next = strchrnul(s, '/'); 11700a2d0d3fSVivek Goyal if (s == next) 11710a2d0d3fSVivek Goyal goto invalid; 11720a2d0d3fSVivek Goyal } 11730a2d0d3fSVivek Goyal } else { 11740a2d0d3fSVivek Goyal if (strchr(buf, '/') != NULL) 11750a2d0d3fSVivek Goyal goto invalid; 11760a2d0d3fSVivek Goyal } 11770a2d0d3fSVivek Goyal 11780a2d0d3fSVivek Goyal return buf; 11790a2d0d3fSVivek Goyal invalid: 11801bd0a3aeSlijiazi pr_warn_ratelimited("invalid redirect (%s)\n", buf); 11810a2d0d3fSVivek Goyal res = -EINVAL; 118292f0d6c9SMiklos Szeredi goto err_free; 118392f0d6c9SMiklos Szeredi fail: 118492f0d6c9SMiklos Szeredi pr_warn_ratelimited("failed to get redirect (%i)\n", res); 118592f0d6c9SMiklos Szeredi err_free: 1186993a0b2aSVivek Goyal kfree(buf); 1187993a0b2aSVivek Goyal return ERR_PTR(res); 11880a2d0d3fSVivek Goyal } 1189335d3fc5SSargun Dhillon 1190184996e9SAlexander Larsson /* Call with mounter creds as it may open the file */ 1191*0c71faf5SAlexander Larsson int ovl_ensure_verity_loaded(struct path *datapath) 1192184996e9SAlexander Larsson { 1193184996e9SAlexander Larsson struct inode *inode = d_inode(datapath->dentry); 1194184996e9SAlexander Larsson struct file *filp; 1195184996e9SAlexander Larsson 1196184996e9SAlexander Larsson if (!fsverity_active(inode) && IS_VERITY(inode)) { 1197184996e9SAlexander Larsson /* 1198184996e9SAlexander Larsson * If this inode was not yet opened, the verity info hasn't been 1199184996e9SAlexander Larsson * loaded yet, so we need to do that here to force it into memory. 1200184996e9SAlexander Larsson */ 1201184996e9SAlexander Larsson filp = kernel_file_open(datapath, O_RDONLY, inode, current_cred()); 1202184996e9SAlexander Larsson if (IS_ERR(filp)) 1203184996e9SAlexander Larsson return PTR_ERR(filp); 1204184996e9SAlexander Larsson fput(filp); 1205184996e9SAlexander Larsson } 1206184996e9SAlexander Larsson 1207184996e9SAlexander Larsson return 0; 1208184996e9SAlexander Larsson } 1209184996e9SAlexander Larsson 1210184996e9SAlexander Larsson int ovl_validate_verity(struct ovl_fs *ofs, 1211184996e9SAlexander Larsson struct path *metapath, 1212184996e9SAlexander Larsson struct path *datapath) 1213184996e9SAlexander Larsson { 1214184996e9SAlexander Larsson struct ovl_metacopy metacopy_data; 1215184996e9SAlexander Larsson u8 actual_digest[FS_VERITY_MAX_DIGEST_SIZE]; 1216184996e9SAlexander Larsson int xattr_digest_size, digest_size; 1217184996e9SAlexander Larsson int xattr_size, err; 1218184996e9SAlexander Larsson u8 verity_algo; 1219184996e9SAlexander Larsson 1220184996e9SAlexander Larsson if (!ofs->config.verity_mode || 1221184996e9SAlexander Larsson /* Verity only works on regular files */ 1222184996e9SAlexander Larsson !S_ISREG(d_inode(metapath->dentry)->i_mode)) 1223184996e9SAlexander Larsson return 0; 1224184996e9SAlexander Larsson 1225184996e9SAlexander Larsson xattr_size = ovl_check_metacopy_xattr(ofs, metapath, &metacopy_data); 1226184996e9SAlexander Larsson if (xattr_size < 0) 1227184996e9SAlexander Larsson return xattr_size; 1228184996e9SAlexander Larsson 1229184996e9SAlexander Larsson if (!xattr_size || !metacopy_data.digest_algo) { 1230184996e9SAlexander Larsson if (ofs->config.verity_mode == OVL_VERITY_REQUIRE) { 1231184996e9SAlexander Larsson pr_warn_ratelimited("metacopy file '%pd' has no digest specified\n", 1232184996e9SAlexander Larsson metapath->dentry); 1233184996e9SAlexander Larsson return -EIO; 1234184996e9SAlexander Larsson } 1235184996e9SAlexander Larsson return 0; 1236184996e9SAlexander Larsson } 1237184996e9SAlexander Larsson 1238184996e9SAlexander Larsson xattr_digest_size = ovl_metadata_digest_size(&metacopy_data); 1239184996e9SAlexander Larsson 1240184996e9SAlexander Larsson err = ovl_ensure_verity_loaded(datapath); 1241184996e9SAlexander Larsson if (err < 0) { 1242184996e9SAlexander Larsson pr_warn_ratelimited("lower file '%pd' failed to load fs-verity info\n", 1243184996e9SAlexander Larsson datapath->dentry); 1244184996e9SAlexander Larsson return -EIO; 1245184996e9SAlexander Larsson } 1246184996e9SAlexander Larsson 1247184996e9SAlexander Larsson digest_size = fsverity_get_digest(d_inode(datapath->dentry), actual_digest, 1248184996e9SAlexander Larsson &verity_algo, NULL); 1249184996e9SAlexander Larsson if (digest_size == 0) { 1250184996e9SAlexander Larsson pr_warn_ratelimited("lower file '%pd' has no fs-verity digest\n", datapath->dentry); 1251184996e9SAlexander Larsson return -EIO; 1252184996e9SAlexander Larsson } 1253184996e9SAlexander Larsson 1254184996e9SAlexander Larsson if (xattr_digest_size != digest_size || 1255184996e9SAlexander Larsson metacopy_data.digest_algo != verity_algo || 1256184996e9SAlexander Larsson memcmp(metacopy_data.digest, actual_digest, xattr_digest_size) != 0) { 1257184996e9SAlexander Larsson pr_warn_ratelimited("lower file '%pd' has the wrong fs-verity digest\n", 1258184996e9SAlexander Larsson datapath->dentry); 1259184996e9SAlexander Larsson return -EIO; 1260184996e9SAlexander Larsson } 1261184996e9SAlexander Larsson 1262184996e9SAlexander Larsson return 0; 1263184996e9SAlexander Larsson } 1264184996e9SAlexander Larsson 1265*0c71faf5SAlexander Larsson int ovl_get_verity_digest(struct ovl_fs *ofs, struct path *src, 1266*0c71faf5SAlexander Larsson struct ovl_metacopy *metacopy) 1267*0c71faf5SAlexander Larsson { 1268*0c71faf5SAlexander Larsson int err, digest_size; 1269*0c71faf5SAlexander Larsson 1270*0c71faf5SAlexander Larsson if (!ofs->config.verity_mode || !S_ISREG(d_inode(src->dentry)->i_mode)) 1271*0c71faf5SAlexander Larsson return 0; 1272*0c71faf5SAlexander Larsson 1273*0c71faf5SAlexander Larsson err = ovl_ensure_verity_loaded(src); 1274*0c71faf5SAlexander Larsson if (err < 0) { 1275*0c71faf5SAlexander Larsson pr_warn_ratelimited("lower file '%pd' failed to load fs-verity info\n", 1276*0c71faf5SAlexander Larsson src->dentry); 1277*0c71faf5SAlexander Larsson return -EIO; 1278*0c71faf5SAlexander Larsson } 1279*0c71faf5SAlexander Larsson 1280*0c71faf5SAlexander Larsson digest_size = fsverity_get_digest(d_inode(src->dentry), 1281*0c71faf5SAlexander Larsson metacopy->digest, &metacopy->digest_algo, NULL); 1282*0c71faf5SAlexander Larsson if (digest_size == 0 || 1283*0c71faf5SAlexander Larsson WARN_ON_ONCE(digest_size > FS_VERITY_MAX_DIGEST_SIZE)) { 1284*0c71faf5SAlexander Larsson if (ofs->config.verity_mode == OVL_VERITY_REQUIRE) { 1285*0c71faf5SAlexander Larsson pr_warn_ratelimited("lower file '%pd' has no fs-verity digest\n", 1286*0c71faf5SAlexander Larsson src->dentry); 1287*0c71faf5SAlexander Larsson return -EIO; 1288*0c71faf5SAlexander Larsson } 1289*0c71faf5SAlexander Larsson return 0; 1290*0c71faf5SAlexander Larsson } 1291*0c71faf5SAlexander Larsson 1292*0c71faf5SAlexander Larsson metacopy->len += digest_size; 1293*0c71faf5SAlexander Larsson return 0; 1294*0c71faf5SAlexander Larsson } 1295*0c71faf5SAlexander Larsson 1296335d3fc5SSargun Dhillon /* 1297335d3fc5SSargun Dhillon * ovl_sync_status() - Check fs sync status for volatile mounts 1298335d3fc5SSargun Dhillon * 1299335d3fc5SSargun Dhillon * Returns 1 if this is not a volatile mount and a real sync is required. 1300335d3fc5SSargun Dhillon * 1301335d3fc5SSargun Dhillon * Returns 0 if syncing can be skipped because mount is volatile, and no errors 1302335d3fc5SSargun Dhillon * have occurred on the upperdir since the mount. 1303335d3fc5SSargun Dhillon * 1304335d3fc5SSargun Dhillon * Returns -errno if it is a volatile mount, and the error that occurred since 1305335d3fc5SSargun Dhillon * the last mount. If the error code changes, it'll return the latest error 1306335d3fc5SSargun Dhillon * code. 1307335d3fc5SSargun Dhillon */ 1308335d3fc5SSargun Dhillon 1309335d3fc5SSargun Dhillon int ovl_sync_status(struct ovl_fs *ofs) 1310335d3fc5SSargun Dhillon { 1311335d3fc5SSargun Dhillon struct vfsmount *mnt; 1312335d3fc5SSargun Dhillon 1313335d3fc5SSargun Dhillon if (ovl_should_sync(ofs)) 1314335d3fc5SSargun Dhillon return 1; 1315335d3fc5SSargun Dhillon 1316335d3fc5SSargun Dhillon mnt = ovl_upper_mnt(ofs); 1317335d3fc5SSargun Dhillon if (!mnt) 1318335d3fc5SSargun Dhillon return 0; 1319335d3fc5SSargun Dhillon 1320335d3fc5SSargun Dhillon return errseq_check(&mnt->mnt_sb->s_wb_err, ofs->errseq); 1321335d3fc5SSargun Dhillon } 13222878dffcSChristian Brauner 13232878dffcSChristian Brauner /* 13242878dffcSChristian Brauner * ovl_copyattr() - copy inode attributes from layer to ovl inode 13252878dffcSChristian Brauner * 13262878dffcSChristian Brauner * When overlay copies inode information from an upper or lower layer to the 13272878dffcSChristian Brauner * relevant overlay inode it will apply the idmapping of the upper or lower 13282878dffcSChristian Brauner * layer when doing so ensuring that the ovl inode ownership will correctly 13292878dffcSChristian Brauner * reflect the ownership of the idmapped upper or lower layer. For example, an 13302878dffcSChristian Brauner * idmapped upper or lower layer mapping id 1001 to id 1000 will take care to 13312878dffcSChristian Brauner * map any lower or upper inode owned by id 1001 to id 1000. These mapping 13322878dffcSChristian Brauner * helpers are nops when the relevant layer isn't idmapped. 13332878dffcSChristian Brauner */ 13342878dffcSChristian Brauner void ovl_copyattr(struct inode *inode) 13352878dffcSChristian Brauner { 13362878dffcSChristian Brauner struct path realpath; 13372878dffcSChristian Brauner struct inode *realinode; 1338e67fe633SChristian Brauner struct mnt_idmap *real_idmap; 133973db6a06SChristian Brauner vfsuid_t vfsuid; 134073db6a06SChristian Brauner vfsgid_t vfsgid; 13412878dffcSChristian Brauner 1342b2dd05f1SZhihao Cheng realinode = ovl_i_path_real(inode, &realpath); 1343e67fe633SChristian Brauner real_idmap = mnt_idmap(realpath.mnt); 13442878dffcSChristian Brauner 1345e67fe633SChristian Brauner vfsuid = i_uid_into_vfsuid(real_idmap, realinode); 1346e67fe633SChristian Brauner vfsgid = i_gid_into_vfsgid(real_idmap, realinode); 134773db6a06SChristian Brauner 134873db6a06SChristian Brauner inode->i_uid = vfsuid_into_kuid(vfsuid); 134973db6a06SChristian Brauner inode->i_gid = vfsgid_into_kgid(vfsgid); 13502878dffcSChristian Brauner inode->i_mode = realinode->i_mode; 13512878dffcSChristian Brauner inode->i_atime = realinode->i_atime; 13522878dffcSChristian Brauner inode->i_mtime = realinode->i_mtime; 13532878dffcSChristian Brauner inode->i_ctime = realinode->i_ctime; 13542878dffcSChristian Brauner i_size_write(inode, i_size_read(realinode)); 13552878dffcSChristian Brauner } 1356