1
2
3
4
5
6
7#include <linux/fs.h>
8#include <linux/namei.h>
9#include <linux/xattr.h>
10#include <linux/security.h>
11#include <linux/cred.h>
12#include <linux/module.h>
13#include <linux/posix_acl.h>
14#include <linux/posix_acl_xattr.h>
15#include <linux/atomic.h>
16#include <linux/ratelimit.h>
17#include "overlayfs.h"
18
19static unsigned short ovl_redirect_max = 256;
20module_param_named(redirect_max, ovl_redirect_max, ushort, 0644);
21MODULE_PARM_DESC(redirect_max,
22 "Maximum length of absolute redirect xattr value");
23
24static int ovl_set_redirect(struct dentry *dentry, bool samedir);
25
26int ovl_cleanup(struct inode *wdir, struct dentry *wdentry)
27{
28 int err;
29
30 dget(wdentry);
31 if (d_is_dir(wdentry))
32 err = ovl_do_rmdir(wdir, wdentry);
33 else
34 err = ovl_do_unlink(wdir, wdentry);
35 dput(wdentry);
36
37 if (err) {
38 pr_err("cleanup of '%pd2' failed (%i)\n",
39 wdentry, err);
40 }
41
42 return err;
43}
44
45struct dentry *ovl_lookup_temp(struct dentry *workdir)
46{
47 struct dentry *temp;
48 char name[20];
49 static atomic_t temp_id = ATOMIC_INIT(0);
50
51
52 snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id));
53
54 temp = lookup_one_len(name, workdir, strlen(name));
55 if (!IS_ERR(temp) && temp->d_inode) {
56 pr_err("workdir/%s already exists\n", name);
57 dput(temp);
58 temp = ERR_PTR(-EIO);
59 }
60
61 return temp;
62}
63
64
65static struct dentry *ovl_whiteout(struct ovl_fs *ofs)
66{
67 int err;
68 struct dentry *whiteout;
69 struct dentry *workdir = ofs->workdir;
70 struct inode *wdir = workdir->d_inode;
71
72 if (!ofs->whiteout) {
73 whiteout = ovl_lookup_temp(workdir);
74 if (IS_ERR(whiteout))
75 goto out;
76
77 err = ovl_do_whiteout(wdir, whiteout);
78 if (err) {
79 dput(whiteout);
80 whiteout = ERR_PTR(err);
81 goto out;
82 }
83 ofs->whiteout = whiteout;
84 }
85
86 if (ofs->share_whiteout) {
87 whiteout = ovl_lookup_temp(workdir);
88 if (IS_ERR(whiteout))
89 goto out;
90
91 err = ovl_do_link(ofs->whiteout, wdir, whiteout);
92 if (!err)
93 goto out;
94
95 if (err != -EMLINK) {
96 pr_warn("Failed to link whiteout - disabling whiteout inode sharing(nlink=%u, err=%i)\n",
97 ofs->whiteout->d_inode->i_nlink, err);
98 ofs->share_whiteout = false;
99 }
100 dput(whiteout);
101 }
102 whiteout = ofs->whiteout;
103 ofs->whiteout = NULL;
104out:
105 return whiteout;
106}
107
108
109int ovl_cleanup_and_whiteout(struct ovl_fs *ofs, struct inode *dir,
110 struct dentry *dentry)
111{
112 struct inode *wdir = ofs->workdir->d_inode;
113 struct dentry *whiteout;
114 int err;
115 int flags = 0;
116
117 whiteout = ovl_whiteout(ofs);
118 err = PTR_ERR(whiteout);
119 if (IS_ERR(whiteout))
120 return err;
121
122 if (d_is_dir(dentry))
123 flags = RENAME_EXCHANGE;
124
125 err = ovl_do_rename(wdir, whiteout, dir, dentry, flags);
126 if (err)
127 goto kill_whiteout;
128 if (flags)
129 ovl_cleanup(wdir, dentry);
130
131out:
132 dput(whiteout);
133 return err;
134
135kill_whiteout:
136 ovl_cleanup(wdir, whiteout);
137 goto out;
138}
139
140int ovl_mkdir_real(struct inode *dir, struct dentry **newdentry, umode_t mode)
141{
142 int err;
143 struct dentry *d, *dentry = *newdentry;
144
145 err = ovl_do_mkdir(dir, dentry, mode);
146 if (err)
147 return err;
148
149 if (likely(!d_unhashed(dentry)))
150 return 0;
151
152
153
154
155
156
157 d = lookup_one_len(dentry->d_name.name, dentry->d_parent,
158 dentry->d_name.len);
159 if (IS_ERR(d)) {
160 pr_warn("failed lookup after mkdir (%pd2, err=%i).\n",
161 dentry, err);
162 return PTR_ERR(d);
163 }
164 dput(dentry);
165 *newdentry = d;
166
167 return 0;
168}
169
170struct dentry *ovl_create_real(struct inode *dir, struct dentry *newdentry,
171 struct ovl_cattr *attr)
172{
173 int err;
174
175 if (IS_ERR(newdentry))
176 return newdentry;
177
178 err = -ESTALE;
179 if (newdentry->d_inode)
180 goto out;
181
182 if (attr->hardlink) {
183 err = ovl_do_link(attr->hardlink, dir, newdentry);
184 } else {
185 switch (attr->mode & S_IFMT) {
186 case S_IFREG:
187 err = ovl_do_create(dir, newdentry, attr->mode);
188 break;
189
190 case S_IFDIR:
191
192 err = ovl_mkdir_real(dir, &newdentry, attr->mode);
193 break;
194
195 case S_IFCHR:
196 case S_IFBLK:
197 case S_IFIFO:
198 case S_IFSOCK:
199 err = ovl_do_mknod(dir, newdentry, attr->mode,
200 attr->rdev);
201 break;
202
203 case S_IFLNK:
204 err = ovl_do_symlink(dir, newdentry, attr->link);
205 break;
206
207 default:
208 err = -EPERM;
209 }
210 }
211 if (!err && WARN_ON(!newdentry->d_inode)) {
212
213
214
215
216 err = -EIO;
217 }
218out:
219 if (err) {
220 dput(newdentry);
221 return ERR_PTR(err);
222 }
223 return newdentry;
224}
225
226struct dentry *ovl_create_temp(struct dentry *workdir, struct ovl_cattr *attr)
227{
228 return ovl_create_real(d_inode(workdir), ovl_lookup_temp(workdir),
229 attr);
230}
231
232static int ovl_set_opaque_xerr(struct dentry *dentry, struct dentry *upper,
233 int xerr)
234{
235 struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
236 int err;
237
238 err = ovl_check_setxattr(ofs, upper, OVL_XATTR_OPAQUE, "y", 1, xerr);
239 if (!err)
240 ovl_dentry_set_opaque(dentry);
241
242 return err;
243}
244
245static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry)
246{
247
248
249
250
251
252 return ovl_set_opaque_xerr(dentry, upperdentry, -EIO);
253}
254
255
256
257
258
259
260static int ovl_instantiate(struct dentry *dentry, struct inode *inode,
261 struct dentry *newdentry, bool hardlink)
262{
263 struct ovl_inode_params oip = {
264 .upperdentry = newdentry,
265 .newinode = inode,
266 };
267
268 ovl_dir_modified(dentry->d_parent, false);
269 ovl_dentry_set_upper_alias(dentry);
270 ovl_dentry_update_reval(dentry, newdentry,
271 DCACHE_OP_REVALIDATE | DCACHE_OP_WEAK_REVALIDATE);
272
273 if (!hardlink) {
274
275
276
277
278
279
280
281
282
283
284
285
286 inode = ovl_get_inode(dentry->d_sb, &oip);
287 if (IS_ERR(inode))
288 return PTR_ERR(inode);
289 if (inode == oip.newinode)
290 ovl_set_flag(OVL_UPPERDATA, inode);
291 } else {
292 WARN_ON(ovl_inode_real(inode) != d_inode(newdentry));
293 dput(newdentry);
294 inc_nlink(inode);
295 }
296
297 d_instantiate(dentry, inode);
298 if (inode != oip.newinode) {
299 pr_warn_ratelimited("newly created inode found in cache (%pd2)\n",
300 dentry);
301 }
302
303
304 if (hardlink)
305 d_drop(dentry);
306
307 return 0;
308}
309
310static bool ovl_type_merge(struct dentry *dentry)
311{
312 return OVL_TYPE_MERGE(ovl_path_type(dentry));
313}
314
315static bool ovl_type_origin(struct dentry *dentry)
316{
317 return OVL_TYPE_ORIGIN(ovl_path_type(dentry));
318}
319
320static int ovl_create_upper(struct dentry *dentry, struct inode *inode,
321 struct ovl_cattr *attr)
322{
323 struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
324 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
325 struct inode *udir = upperdir->d_inode;
326 struct dentry *newdentry;
327 int err;
328
329 if (!attr->hardlink && !IS_POSIXACL(udir))
330 attr->mode &= ~current_umask();
331
332 inode_lock_nested(udir, I_MUTEX_PARENT);
333 newdentry = ovl_create_real(udir,
334 lookup_one_len(dentry->d_name.name,
335 upperdir,
336 dentry->d_name.len),
337 attr);
338 err = PTR_ERR(newdentry);
339 if (IS_ERR(newdentry))
340 goto out_unlock;
341
342 if (ovl_type_merge(dentry->d_parent) && d_is_dir(newdentry) &&
343 !ovl_allow_offline_changes(ofs)) {
344
345 ovl_set_opaque(dentry, newdentry);
346 }
347
348 err = ovl_instantiate(dentry, inode, newdentry, !!attr->hardlink);
349 if (err)
350 goto out_cleanup;
351out_unlock:
352 inode_unlock(udir);
353 return err;
354
355out_cleanup:
356 ovl_cleanup(udir, newdentry);
357 dput(newdentry);
358 goto out_unlock;
359}
360
361static struct dentry *ovl_clear_empty(struct dentry *dentry,
362 struct list_head *list)
363{
364 struct dentry *workdir = ovl_workdir(dentry);
365 struct inode *wdir = workdir->d_inode;
366 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
367 struct inode *udir = upperdir->d_inode;
368 struct path upperpath;
369 struct dentry *upper;
370 struct dentry *opaquedir;
371 struct kstat stat;
372 int err;
373
374 if (WARN_ON(!workdir))
375 return ERR_PTR(-EROFS);
376
377 err = ovl_lock_rename_workdir(workdir, upperdir);
378 if (err)
379 goto out;
380
381 ovl_path_upper(dentry, &upperpath);
382 err = vfs_getattr(&upperpath, &stat,
383 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
384 if (err)
385 goto out_unlock;
386
387 err = -ESTALE;
388 if (!S_ISDIR(stat.mode))
389 goto out_unlock;
390 upper = upperpath.dentry;
391 if (upper->d_parent->d_inode != udir)
392 goto out_unlock;
393
394 opaquedir = ovl_create_temp(workdir, OVL_CATTR(stat.mode));
395 err = PTR_ERR(opaquedir);
396 if (IS_ERR(opaquedir))
397 goto out_unlock;
398
399 err = ovl_copy_xattr(dentry->d_sb, upper, opaquedir);
400 if (err)
401 goto out_cleanup;
402
403 err = ovl_set_opaque(dentry, opaquedir);
404 if (err)
405 goto out_cleanup;
406
407 inode_lock(opaquedir->d_inode);
408 err = ovl_set_attr(opaquedir, &stat);
409 inode_unlock(opaquedir->d_inode);
410 if (err)
411 goto out_cleanup;
412
413 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE);
414 if (err)
415 goto out_cleanup;
416
417 ovl_cleanup_whiteouts(upper, list);
418 ovl_cleanup(wdir, upper);
419 unlock_rename(workdir, upperdir);
420
421
422 d_drop(dentry);
423
424 return opaquedir;
425
426out_cleanup:
427 ovl_cleanup(wdir, opaquedir);
428 dput(opaquedir);
429out_unlock:
430 unlock_rename(workdir, upperdir);
431out:
432 return ERR_PTR(err);
433}
434
435static int ovl_set_upper_acl(struct dentry *upperdentry, const char *name,
436 const struct posix_acl *acl)
437{
438 void *buffer;
439 size_t size;
440 int err;
441
442 if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !acl)
443 return 0;
444
445 size = posix_acl_xattr_size(acl->a_count);
446 buffer = kmalloc(size, GFP_KERNEL);
447 if (!buffer)
448 return -ENOMEM;
449
450 err = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
451 if (err < 0)
452 goto out_free;
453
454 err = vfs_setxattr(&init_user_ns, upperdentry, name, buffer, size, XATTR_CREATE);
455out_free:
456 kfree(buffer);
457 return err;
458}
459
460static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode,
461 struct ovl_cattr *cattr)
462{
463 struct dentry *workdir = ovl_workdir(dentry);
464 struct inode *wdir = workdir->d_inode;
465 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
466 struct inode *udir = upperdir->d_inode;
467 struct dentry *upper;
468 struct dentry *newdentry;
469 int err;
470 struct posix_acl *acl, *default_acl;
471 bool hardlink = !!cattr->hardlink;
472
473 if (WARN_ON(!workdir))
474 return -EROFS;
475
476 if (!hardlink) {
477 err = posix_acl_create(dentry->d_parent->d_inode,
478 &cattr->mode, &default_acl, &acl);
479 if (err)
480 return err;
481 }
482
483 err = ovl_lock_rename_workdir(workdir, upperdir);
484 if (err)
485 goto out;
486
487 upper = lookup_one_len(dentry->d_name.name, upperdir,
488 dentry->d_name.len);
489 err = PTR_ERR(upper);
490 if (IS_ERR(upper))
491 goto out_unlock;
492
493 err = -ESTALE;
494 if (d_is_negative(upper) || !IS_WHITEOUT(d_inode(upper)))
495 goto out_dput;
496
497 newdentry = ovl_create_temp(workdir, cattr);
498 err = PTR_ERR(newdentry);
499 if (IS_ERR(newdentry))
500 goto out_dput;
501
502
503
504
505 if (!hardlink &&
506 !S_ISLNK(cattr->mode) &&
507 newdentry->d_inode->i_mode != cattr->mode) {
508 struct iattr attr = {
509 .ia_valid = ATTR_MODE,
510 .ia_mode = cattr->mode,
511 };
512 inode_lock(newdentry->d_inode);
513 err = notify_change(&init_user_ns, newdentry, &attr, NULL);
514 inode_unlock(newdentry->d_inode);
515 if (err)
516 goto out_cleanup;
517 }
518 if (!hardlink) {
519 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_ACCESS,
520 acl);
521 if (err)
522 goto out_cleanup;
523
524 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_DEFAULT,
525 default_acl);
526 if (err)
527 goto out_cleanup;
528 }
529
530 if (!hardlink && S_ISDIR(cattr->mode)) {
531 err = ovl_set_opaque(dentry, newdentry);
532 if (err)
533 goto out_cleanup;
534
535 err = ovl_do_rename(wdir, newdentry, udir, upper,
536 RENAME_EXCHANGE);
537 if (err)
538 goto out_cleanup;
539
540 ovl_cleanup(wdir, upper);
541 } else {
542 err = ovl_do_rename(wdir, newdentry, udir, upper, 0);
543 if (err)
544 goto out_cleanup;
545 }
546 err = ovl_instantiate(dentry, inode, newdentry, hardlink);
547 if (err) {
548 ovl_cleanup(udir, newdentry);
549 dput(newdentry);
550 }
551out_dput:
552 dput(upper);
553out_unlock:
554 unlock_rename(workdir, upperdir);
555out:
556 if (!hardlink) {
557 posix_acl_release(acl);
558 posix_acl_release(default_acl);
559 }
560 return err;
561
562out_cleanup:
563 ovl_cleanup(wdir, newdentry);
564 dput(newdentry);
565 goto out_dput;
566}
567
568static int ovl_create_or_link(struct dentry *dentry, struct inode *inode,
569 struct ovl_cattr *attr, bool origin)
570{
571 int err;
572 const struct cred *old_cred;
573 struct cred *override_cred;
574 struct dentry *parent = dentry->d_parent;
575
576 err = ovl_copy_up(parent);
577 if (err)
578 return err;
579
580 old_cred = ovl_override_creds(dentry->d_sb);
581
582
583
584
585
586 if (origin) {
587 err = ovl_set_impure(parent, ovl_dentry_upper(parent));
588 if (err)
589 goto out_revert_creds;
590 }
591
592 err = -ENOMEM;
593 override_cred = prepare_creds();
594 if (override_cred) {
595 override_cred->fsuid = inode->i_uid;
596 override_cred->fsgid = inode->i_gid;
597 if (!attr->hardlink) {
598 err = security_dentry_create_files_as(dentry,
599 attr->mode, &dentry->d_name, old_cred,
600 override_cred);
601 if (err) {
602 put_cred(override_cred);
603 goto out_revert_creds;
604 }
605 }
606 put_cred(override_creds(override_cred));
607 put_cred(override_cred);
608
609 if (!ovl_dentry_is_whiteout(dentry))
610 err = ovl_create_upper(dentry, inode, attr);
611 else
612 err = ovl_create_over_whiteout(dentry, inode, attr);
613 }
614out_revert_creds:
615 revert_creds(old_cred);
616 return err;
617}
618
619static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
620 const char *link)
621{
622 int err;
623 struct inode *inode;
624 struct ovl_cattr attr = {
625 .rdev = rdev,
626 .link = link,
627 };
628
629 err = ovl_want_write(dentry);
630 if (err)
631 goto out;
632
633
634 err = -ENOMEM;
635 inode = ovl_new_inode(dentry->d_sb, mode, rdev);
636 if (!inode)
637 goto out_drop_write;
638
639 spin_lock(&inode->i_lock);
640 inode->i_state |= I_CREATING;
641 spin_unlock(&inode->i_lock);
642
643 inode_init_owner(&init_user_ns, inode, dentry->d_parent->d_inode, mode);
644 attr.mode = inode->i_mode;
645
646 err = ovl_create_or_link(dentry, inode, &attr, false);
647
648 if (inode != d_inode(dentry))
649 iput(inode);
650
651out_drop_write:
652 ovl_drop_write(dentry);
653out:
654 return err;
655}
656
657static int ovl_create(struct user_namespace *mnt_userns, struct inode *dir,
658 struct dentry *dentry, umode_t mode, bool excl)
659{
660 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
661}
662
663static int ovl_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
664 struct dentry *dentry, umode_t mode)
665{
666 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
667}
668
669static int ovl_mknod(struct user_namespace *mnt_userns, struct inode *dir,
670 struct dentry *dentry, umode_t mode, dev_t rdev)
671{
672
673 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV)
674 return -EPERM;
675
676 return ovl_create_object(dentry, mode, rdev, NULL);
677}
678
679static int ovl_symlink(struct user_namespace *mnt_userns, struct inode *dir,
680 struct dentry *dentry, const char *link)
681{
682 return ovl_create_object(dentry, S_IFLNK, 0, link);
683}
684
685static int ovl_set_link_redirect(struct dentry *dentry)
686{
687 const struct cred *old_cred;
688 int err;
689
690 old_cred = ovl_override_creds(dentry->d_sb);
691 err = ovl_set_redirect(dentry, false);
692 revert_creds(old_cred);
693
694 return err;
695}
696
697static int ovl_link(struct dentry *old, struct inode *newdir,
698 struct dentry *new)
699{
700 int err;
701 struct inode *inode;
702
703 err = ovl_want_write(old);
704 if (err)
705 goto out;
706
707 err = ovl_copy_up(old);
708 if (err)
709 goto out_drop_write;
710
711 err = ovl_copy_up(new->d_parent);
712 if (err)
713 goto out_drop_write;
714
715 if (ovl_is_metacopy_dentry(old)) {
716 err = ovl_set_link_redirect(old);
717 if (err)
718 goto out_drop_write;
719 }
720
721 err = ovl_nlink_start(old);
722 if (err)
723 goto out_drop_write;
724
725 inode = d_inode(old);
726 ihold(inode);
727
728 err = ovl_create_or_link(new, inode,
729 &(struct ovl_cattr) {.hardlink = ovl_dentry_upper(old)},
730 ovl_type_origin(old));
731 if (err)
732 iput(inode);
733
734 ovl_nlink_end(old);
735out_drop_write:
736 ovl_drop_write(old);
737out:
738 return err;
739}
740
741static bool ovl_matches_upper(struct dentry *dentry, struct dentry *upper)
742{
743 return d_inode(ovl_dentry_upper(dentry)) == d_inode(upper);
744}
745
746static int ovl_remove_and_whiteout(struct dentry *dentry,
747 struct list_head *list)
748{
749 struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
750 struct dentry *workdir = ovl_workdir(dentry);
751 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
752 struct dentry *upper;
753 struct dentry *opaquedir = NULL;
754 int err;
755
756 if (WARN_ON(!workdir))
757 return -EROFS;
758
759 if (!list_empty(list)) {
760 opaquedir = ovl_clear_empty(dentry, list);
761 err = PTR_ERR(opaquedir);
762 if (IS_ERR(opaquedir))
763 goto out;
764 }
765
766 err = ovl_lock_rename_workdir(workdir, upperdir);
767 if (err)
768 goto out_dput;
769
770 upper = lookup_one_len(dentry->d_name.name, upperdir,
771 dentry->d_name.len);
772 err = PTR_ERR(upper);
773 if (IS_ERR(upper))
774 goto out_unlock;
775
776 err = -ESTALE;
777 if ((opaquedir && upper != opaquedir) ||
778 (!opaquedir && ovl_dentry_upper(dentry) &&
779 !ovl_matches_upper(dentry, upper))) {
780 goto out_dput_upper;
781 }
782
783 err = ovl_cleanup_and_whiteout(ofs, d_inode(upperdir), upper);
784 if (err)
785 goto out_d_drop;
786
787 ovl_dir_modified(dentry->d_parent, true);
788out_d_drop:
789 d_drop(dentry);
790out_dput_upper:
791 dput(upper);
792out_unlock:
793 unlock_rename(workdir, upperdir);
794out_dput:
795 dput(opaquedir);
796out:
797 return err;
798}
799
800static int ovl_remove_upper(struct dentry *dentry, bool is_dir,
801 struct list_head *list)
802{
803 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
804 struct inode *dir = upperdir->d_inode;
805 struct dentry *upper;
806 struct dentry *opaquedir = NULL;
807 int err;
808
809 if (!list_empty(list)) {
810 opaquedir = ovl_clear_empty(dentry, list);
811 err = PTR_ERR(opaquedir);
812 if (IS_ERR(opaquedir))
813 goto out;
814 }
815
816 inode_lock_nested(dir, I_MUTEX_PARENT);
817 upper = lookup_one_len(dentry->d_name.name, upperdir,
818 dentry->d_name.len);
819 err = PTR_ERR(upper);
820 if (IS_ERR(upper))
821 goto out_unlock;
822
823 err = -ESTALE;
824 if ((opaquedir && upper != opaquedir) ||
825 (!opaquedir && !ovl_matches_upper(dentry, upper)))
826 goto out_dput_upper;
827
828 if (is_dir)
829 err = vfs_rmdir(&init_user_ns, dir, upper);
830 else
831 err = vfs_unlink(&init_user_ns, dir, upper, NULL);
832 ovl_dir_modified(dentry->d_parent, ovl_type_origin(dentry));
833
834
835
836
837
838
839
840 if (!err)
841 d_drop(dentry);
842out_dput_upper:
843 dput(upper);
844out_unlock:
845 inode_unlock(dir);
846 dput(opaquedir);
847out:
848 return err;
849}
850
851static bool ovl_pure_upper(struct dentry *dentry)
852{
853 return !ovl_dentry_lower(dentry) &&
854 !ovl_test_flag(OVL_WHITEOUTS, d_inode(dentry));
855}
856
857static void ovl_drop_nlink(struct dentry *dentry)
858{
859 struct inode *inode = d_inode(dentry);
860 struct dentry *alias;
861
862
863 spin_lock(&inode->i_lock);
864 hlist_for_each_entry(alias, &inode->i_dentry, d_u.d_alias) {
865 if (alias != dentry && !d_unhashed(alias))
866 break;
867 }
868 spin_unlock(&inode->i_lock);
869
870
871
872
873
874
875 if (inode->i_nlink > !!alias)
876 drop_nlink(inode);
877}
878
879static int ovl_do_remove(struct dentry *dentry, bool is_dir)
880{
881 int err;
882 const struct cred *old_cred;
883 struct dentry *upperdentry;
884 bool lower_positive = ovl_lower_positive(dentry);
885 LIST_HEAD(list);
886
887
888 if (is_dir && (lower_positive || !ovl_pure_upper(dentry))) {
889 err = ovl_check_empty_dir(dentry, &list);
890 if (err)
891 goto out;
892 }
893
894 err = ovl_want_write(dentry);
895 if (err)
896 goto out;
897
898 err = ovl_copy_up(dentry->d_parent);
899 if (err)
900 goto out_drop_write;
901
902 err = ovl_nlink_start(dentry);
903 if (err)
904 goto out_drop_write;
905
906 old_cred = ovl_override_creds(dentry->d_sb);
907 if (!lower_positive)
908 err = ovl_remove_upper(dentry, is_dir, &list);
909 else
910 err = ovl_remove_and_whiteout(dentry, &list);
911 revert_creds(old_cred);
912 if (!err) {
913 if (is_dir)
914 clear_nlink(dentry->d_inode);
915 else
916 ovl_drop_nlink(dentry);
917 }
918 ovl_nlink_end(dentry);
919
920
921
922
923
924
925
926 upperdentry = ovl_dentry_upper(dentry);
927 if (upperdentry)
928 ovl_copyattr(d_inode(upperdentry), d_inode(dentry));
929
930out_drop_write:
931 ovl_drop_write(dentry);
932out:
933 ovl_cache_free(&list);
934 return err;
935}
936
937static int ovl_unlink(struct inode *dir, struct dentry *dentry)
938{
939 return ovl_do_remove(dentry, false);
940}
941
942static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
943{
944 return ovl_do_remove(dentry, true);
945}
946
947static bool ovl_type_merge_or_lower(struct dentry *dentry)
948{
949 enum ovl_path_type type = ovl_path_type(dentry);
950
951 return OVL_TYPE_MERGE(type) || !OVL_TYPE_UPPER(type);
952}
953
954static bool ovl_can_move(struct dentry *dentry)
955{
956 return ovl_redirect_dir(dentry->d_sb) ||
957 !d_is_dir(dentry) || !ovl_type_merge_or_lower(dentry);
958}
959
960static char *ovl_get_redirect(struct dentry *dentry, bool abs_redirect)
961{
962 char *buf, *ret;
963 struct dentry *d, *tmp;
964 int buflen = ovl_redirect_max + 1;
965
966 if (!abs_redirect) {
967 ret = kstrndup(dentry->d_name.name, dentry->d_name.len,
968 GFP_KERNEL);
969 goto out;
970 }
971
972 buf = ret = kmalloc(buflen, GFP_KERNEL);
973 if (!buf)
974 goto out;
975
976 buflen--;
977 buf[buflen] = '\0';
978 for (d = dget(dentry); !IS_ROOT(d);) {
979 const char *name;
980 int thislen;
981
982 spin_lock(&d->d_lock);
983 name = ovl_dentry_get_redirect(d);
984 if (name) {
985 thislen = strlen(name);
986 } else {
987 name = d->d_name.name;
988 thislen = d->d_name.len;
989 }
990
991
992 if (thislen + (name[0] != '/') > buflen) {
993 ret = ERR_PTR(-EXDEV);
994 spin_unlock(&d->d_lock);
995 goto out_put;
996 }
997
998 buflen -= thislen;
999 memcpy(&buf[buflen], name, thislen);
1000 spin_unlock(&d->d_lock);
1001 tmp = dget_parent(d);
1002
1003 dput(d);
1004 d = tmp;
1005
1006
1007 if (buf[buflen] == '/')
1008 break;
1009 buflen--;
1010 buf[buflen] = '/';
1011 }
1012 ret = kstrdup(&buf[buflen], GFP_KERNEL);
1013out_put:
1014 dput(d);
1015 kfree(buf);
1016out:
1017 return ret ? ret : ERR_PTR(-ENOMEM);
1018}
1019
1020static bool ovl_need_absolute_redirect(struct dentry *dentry, bool samedir)
1021{
1022 struct dentry *lowerdentry;
1023
1024 if (!samedir)
1025 return true;
1026
1027 if (d_is_dir(dentry))
1028 return false;
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043 lowerdentry = ovl_dentry_lower(dentry);
1044 return (d_inode(lowerdentry)->i_nlink > 1);
1045}
1046
1047static int ovl_set_redirect(struct dentry *dentry, bool samedir)
1048{
1049 int err;
1050 struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
1051 const char *redirect = ovl_dentry_get_redirect(dentry);
1052 bool absolute_redirect = ovl_need_absolute_redirect(dentry, samedir);
1053
1054 if (redirect && (!absolute_redirect || redirect[0] == '/'))
1055 return 0;
1056
1057 redirect = ovl_get_redirect(dentry, absolute_redirect);
1058 if (IS_ERR(redirect))
1059 return PTR_ERR(redirect);
1060
1061 err = ovl_check_setxattr(ofs, ovl_dentry_upper(dentry),
1062 OVL_XATTR_REDIRECT,
1063 redirect, strlen(redirect), -EXDEV);
1064 if (!err) {
1065 spin_lock(&dentry->d_lock);
1066 ovl_dentry_set_redirect(dentry, redirect);
1067 spin_unlock(&dentry->d_lock);
1068 } else {
1069 kfree(redirect);
1070 pr_warn_ratelimited("failed to set redirect (%i)\n",
1071 err);
1072
1073 err = -EXDEV;
1074 }
1075 return err;
1076}
1077
1078static int ovl_rename(struct user_namespace *mnt_userns, struct inode *olddir,
1079 struct dentry *old, struct inode *newdir,
1080 struct dentry *new, unsigned int flags)
1081{
1082 int err;
1083 struct dentry *old_upperdir;
1084 struct dentry *new_upperdir;
1085 struct dentry *olddentry;
1086 struct dentry *newdentry;
1087 struct dentry *trap;
1088 bool old_opaque;
1089 bool new_opaque;
1090 bool cleanup_whiteout = false;
1091 bool update_nlink = false;
1092 bool overwrite = !(flags & RENAME_EXCHANGE);
1093 bool is_dir = d_is_dir(old);
1094 bool new_is_dir = d_is_dir(new);
1095 bool samedir = olddir == newdir;
1096 struct dentry *opaquedir = NULL;
1097 const struct cred *old_cred = NULL;
1098 LIST_HEAD(list);
1099
1100 err = -EINVAL;
1101 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
1102 goto out;
1103
1104 flags &= ~RENAME_NOREPLACE;
1105
1106
1107 err = -EXDEV;
1108 if (!ovl_can_move(old))
1109 goto out;
1110 if (!overwrite && !ovl_can_move(new))
1111 goto out;
1112
1113 if (overwrite && new_is_dir && !ovl_pure_upper(new)) {
1114 err = ovl_check_empty_dir(new, &list);
1115 if (err)
1116 goto out;
1117 }
1118
1119 if (overwrite) {
1120 if (ovl_lower_positive(old)) {
1121 if (!ovl_dentry_is_whiteout(new)) {
1122
1123 flags |= RENAME_WHITEOUT;
1124 } else {
1125
1126 flags |= RENAME_EXCHANGE;
1127 }
1128 } else if (is_dir && ovl_dentry_is_whiteout(new)) {
1129 flags |= RENAME_EXCHANGE;
1130 cleanup_whiteout = true;
1131 }
1132 }
1133
1134 err = ovl_want_write(old);
1135 if (err)
1136 goto out;
1137
1138 err = ovl_copy_up(old);
1139 if (err)
1140 goto out_drop_write;
1141
1142 err = ovl_copy_up(new->d_parent);
1143 if (err)
1144 goto out_drop_write;
1145 if (!overwrite) {
1146 err = ovl_copy_up(new);
1147 if (err)
1148 goto out_drop_write;
1149 } else if (d_inode(new)) {
1150 err = ovl_nlink_start(new);
1151 if (err)
1152 goto out_drop_write;
1153
1154 update_nlink = true;
1155 }
1156
1157 old_cred = ovl_override_creds(old->d_sb);
1158
1159 if (!list_empty(&list)) {
1160 opaquedir = ovl_clear_empty(new, &list);
1161 err = PTR_ERR(opaquedir);
1162 if (IS_ERR(opaquedir)) {
1163 opaquedir = NULL;
1164 goto out_revert_creds;
1165 }
1166 }
1167
1168 old_upperdir = ovl_dentry_upper(old->d_parent);
1169 new_upperdir = ovl_dentry_upper(new->d_parent);
1170
1171 if (!samedir) {
1172
1173
1174
1175
1176
1177
1178 if (ovl_type_origin(old)) {
1179 err = ovl_set_impure(new->d_parent, new_upperdir);
1180 if (err)
1181 goto out_revert_creds;
1182 }
1183 if (!overwrite && ovl_type_origin(new)) {
1184 err = ovl_set_impure(old->d_parent, old_upperdir);
1185 if (err)
1186 goto out_revert_creds;
1187 }
1188 }
1189
1190 trap = lock_rename(new_upperdir, old_upperdir);
1191
1192 olddentry = lookup_one_len(old->d_name.name, old_upperdir,
1193 old->d_name.len);
1194 err = PTR_ERR(olddentry);
1195 if (IS_ERR(olddentry))
1196 goto out_unlock;
1197
1198 err = -ESTALE;
1199 if (!ovl_matches_upper(old, olddentry))
1200 goto out_dput_old;
1201
1202 newdentry = lookup_one_len(new->d_name.name, new_upperdir,
1203 new->d_name.len);
1204 err = PTR_ERR(newdentry);
1205 if (IS_ERR(newdentry))
1206 goto out_dput_old;
1207
1208 old_opaque = ovl_dentry_is_opaque(old);
1209 new_opaque = ovl_dentry_is_opaque(new);
1210
1211 err = -ESTALE;
1212 if (d_inode(new) && ovl_dentry_upper(new)) {
1213 if (opaquedir) {
1214 if (newdentry != opaquedir)
1215 goto out_dput;
1216 } else {
1217 if (!ovl_matches_upper(new, newdentry))
1218 goto out_dput;
1219 }
1220 } else {
1221 if (!d_is_negative(newdentry)) {
1222 if (!new_opaque || !ovl_is_whiteout(newdentry))
1223 goto out_dput;
1224 } else {
1225 if (flags & RENAME_EXCHANGE)
1226 goto out_dput;
1227 }
1228 }
1229
1230 if (olddentry == trap)
1231 goto out_dput;
1232 if (newdentry == trap)
1233 goto out_dput;
1234
1235 if (olddentry->d_inode == newdentry->d_inode)
1236 goto out_dput;
1237
1238 err = 0;
1239 if (ovl_type_merge_or_lower(old))
1240 err = ovl_set_redirect(old, samedir);
1241 else if (is_dir && !old_opaque && ovl_type_merge(new->d_parent))
1242 err = ovl_set_opaque_xerr(old, olddentry, -EXDEV);
1243 if (err)
1244 goto out_dput;
1245
1246 if (!overwrite && ovl_type_merge_or_lower(new))
1247 err = ovl_set_redirect(new, samedir);
1248 else if (!overwrite && new_is_dir && !new_opaque &&
1249 ovl_type_merge(old->d_parent))
1250 err = ovl_set_opaque_xerr(new, newdentry, -EXDEV);
1251 if (err)
1252 goto out_dput;
1253
1254 err = ovl_do_rename(old_upperdir->d_inode, olddentry,
1255 new_upperdir->d_inode, newdentry, flags);
1256 if (err)
1257 goto out_dput;
1258
1259 if (cleanup_whiteout)
1260 ovl_cleanup(old_upperdir->d_inode, newdentry);
1261
1262 if (overwrite && d_inode(new)) {
1263 if (new_is_dir)
1264 clear_nlink(d_inode(new));
1265 else
1266 ovl_drop_nlink(new);
1267 }
1268
1269 ovl_dir_modified(old->d_parent, ovl_type_origin(old) ||
1270 (!overwrite && ovl_type_origin(new)));
1271 ovl_dir_modified(new->d_parent, ovl_type_origin(old) ||
1272 (d_inode(new) && ovl_type_origin(new)));
1273
1274
1275 ovl_copyattr(d_inode(olddentry), d_inode(old));
1276 if (d_inode(new) && ovl_dentry_upper(new))
1277 ovl_copyattr(d_inode(newdentry), d_inode(new));
1278
1279out_dput:
1280 dput(newdentry);
1281out_dput_old:
1282 dput(olddentry);
1283out_unlock:
1284 unlock_rename(new_upperdir, old_upperdir);
1285out_revert_creds:
1286 revert_creds(old_cred);
1287 if (update_nlink)
1288 ovl_nlink_end(new);
1289out_drop_write:
1290 ovl_drop_write(old);
1291out:
1292 dput(opaquedir);
1293 ovl_cache_free(&list);
1294 return err;
1295}
1296
1297const struct inode_operations ovl_dir_inode_operations = {
1298 .lookup = ovl_lookup,
1299 .mkdir = ovl_mkdir,
1300 .symlink = ovl_symlink,
1301 .unlink = ovl_unlink,
1302 .rmdir = ovl_rmdir,
1303 .rename = ovl_rename,
1304 .link = ovl_link,
1305 .setattr = ovl_setattr,
1306 .create = ovl_create,
1307 .mknod = ovl_mknod,
1308 .permission = ovl_permission,
1309 .getattr = ovl_getattr,
1310 .listxattr = ovl_listxattr,
1311 .get_acl = ovl_get_acl,
1312 .update_time = ovl_update_time,
1313 .fileattr_get = ovl_fileattr_get,
1314 .fileattr_set = ovl_fileattr_set,
1315};
1316
