3 * Copyright (C) 2011 Novell Inc.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
11 #include <linux/namei.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/cred.h>
15 #include <linux/module.h>
16 #include <linux/posix_acl.h>
17 #include <linux/posix_acl_xattr.h>
18 #include <linux/atomic.h>
19 #include <linux/ratelimit.h>
20 #include "overlayfs.h"
22 static unsigned short ovl_redirect_max = 256;
23 module_param_named(redirect_max, ovl_redirect_max, ushort, 0644);
24 MODULE_PARM_DESC(ovl_redirect_max,
25 "Maximum length of absolute redirect xattr value");
27 void ovl_cleanup(struct inode *wdir, struct dentry *wdentry)
32 if (d_is_dir(wdentry))
33 err = ovl_do_rmdir(wdir, wdentry);
35 err = ovl_do_unlink(wdir, wdentry);
39 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
44 struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry)
48 static atomic_t temp_id = ATOMIC_INIT(0);
50 /* counter is allowed to wrap, since temp dentries are ephemeral */
51 snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id));
53 temp = lookup_one_len(name, workdir, strlen(name));
54 if (!IS_ERR(temp) && temp->d_inode) {
55 pr_err("overlayfs: workdir/%s already exists\n", name);
63 /* caller holds i_mutex on workdir */
64 static struct dentry *ovl_whiteout(struct dentry *workdir,
65 struct dentry *dentry)
68 struct dentry *whiteout;
69 struct inode *wdir = workdir->d_inode;
71 whiteout = ovl_lookup_temp(workdir, dentry);
75 err = ovl_do_whiteout(wdir, whiteout);
78 whiteout = ERR_PTR(err);
84 int ovl_create_real(struct inode *dir, struct dentry *newdentry,
85 struct cattr *attr, struct dentry *hardlink, bool debug)
89 if (newdentry->d_inode)
93 err = ovl_do_link(hardlink, dir, newdentry, debug);
95 switch (attr->mode & S_IFMT) {
97 err = ovl_do_create(dir, newdentry, attr->mode, debug);
101 err = ovl_do_mkdir(dir, newdentry, attr->mode, debug);
108 err = ovl_do_mknod(dir, newdentry,
109 attr->mode, attr->rdev, debug);
113 err = ovl_do_symlink(dir, newdentry, attr->link, debug);
120 if (!err && WARN_ON(!newdentry->d_inode)) {
122 * Not quite sure if non-instantiated dentry is legal or not.
123 * VFS doesn't seem to care so check and warn here.
130 static int ovl_set_opaque_xerr(struct dentry *dentry, struct dentry *upper,
135 err = ovl_check_setxattr(dentry, upper, OVL_XATTR_OPAQUE, "y", 1, xerr);
137 ovl_dentry_set_opaque(dentry);
142 static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry)
145 * Fail with -EIO when trying to create opaque dir and upper doesn't
146 * support xattrs. ovl_rename() calls ovl_set_opaque_xerr(-EXDEV) to
147 * return a specific error for noxattr case.
149 return ovl_set_opaque_xerr(dentry, upperdentry, -EIO);
152 /* Common operations required to be done after creation of file on upper */
153 static void ovl_instantiate(struct dentry *dentry, struct inode *inode,
154 struct dentry *newdentry, bool hardlink)
156 ovl_dentry_version_inc(dentry->d_parent);
157 ovl_dentry_update(dentry, newdentry);
159 ovl_inode_update(inode, d_inode(newdentry));
160 ovl_copyattr(newdentry->d_inode, inode);
162 WARN_ON(ovl_inode_real(inode, NULL) != d_inode(newdentry));
165 d_instantiate(dentry, inode);
166 /* Force lookup of new upper hardlink to find its lower */
171 static bool ovl_type_merge(struct dentry *dentry)
173 return OVL_TYPE_MERGE(ovl_path_type(dentry));
176 static int ovl_create_upper(struct dentry *dentry, struct inode *inode,
177 struct cattr *attr, struct dentry *hardlink)
179 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
180 struct inode *udir = upperdir->d_inode;
181 struct dentry *newdentry;
184 if (!hardlink && !IS_POSIXACL(udir))
185 attr->mode &= ~current_umask();
187 inode_lock_nested(udir, I_MUTEX_PARENT);
188 newdentry = lookup_one_len(dentry->d_name.name, upperdir,
190 err = PTR_ERR(newdentry);
191 if (IS_ERR(newdentry))
193 err = ovl_create_real(udir, newdentry, attr, hardlink, false);
197 if (ovl_type_merge(dentry->d_parent) && d_is_dir(newdentry)) {
198 /* Setting opaque here is just an optimization, allow to fail */
199 ovl_set_opaque(dentry, newdentry);
202 ovl_instantiate(dentry, inode, newdentry, !!hardlink);
211 static int ovl_lock_rename_workdir(struct dentry *workdir,
212 struct dentry *upperdir)
214 /* Workdir should not be the same as upperdir */
215 if (workdir == upperdir)
218 /* Workdir should not be subdir of upperdir and vice versa */
219 if (lock_rename(workdir, upperdir) != NULL)
225 unlock_rename(workdir, upperdir);
227 pr_err("overlayfs: failed to lock workdir+upperdir\n");
231 static struct dentry *ovl_clear_empty(struct dentry *dentry,
232 struct list_head *list)
234 struct dentry *workdir = ovl_workdir(dentry);
235 struct inode *wdir = workdir->d_inode;
236 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
237 struct inode *udir = upperdir->d_inode;
238 struct path upperpath;
239 struct dentry *upper;
240 struct dentry *opaquedir;
244 if (WARN_ON(!workdir))
245 return ERR_PTR(-EROFS);
247 err = ovl_lock_rename_workdir(workdir, upperdir);
251 ovl_path_upper(dentry, &upperpath);
252 err = vfs_getattr(&upperpath, &stat,
253 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
258 if (!S_ISDIR(stat.mode))
260 upper = upperpath.dentry;
261 if (upper->d_parent->d_inode != udir)
264 opaquedir = ovl_lookup_temp(workdir, dentry);
265 err = PTR_ERR(opaquedir);
266 if (IS_ERR(opaquedir))
269 err = ovl_create_real(wdir, opaquedir,
270 &(struct cattr){.mode = stat.mode}, NULL, true);
274 err = ovl_copy_xattr(upper, opaquedir);
278 err = ovl_set_opaque(dentry, opaquedir);
282 inode_lock(opaquedir->d_inode);
283 err = ovl_set_attr(opaquedir, &stat);
284 inode_unlock(opaquedir->d_inode);
288 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE);
292 ovl_cleanup_whiteouts(upper, list);
293 ovl_cleanup(wdir, upper);
294 unlock_rename(workdir, upperdir);
296 /* dentry's upper doesn't match now, get rid of it */
302 ovl_cleanup(wdir, opaquedir);
306 unlock_rename(workdir, upperdir);
311 static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry)
314 struct dentry *ret = NULL;
315 enum ovl_path_type type = ovl_path_type(dentry);
318 err = ovl_check_empty_dir(dentry, &list);
325 * When removing an empty opaque directory, then it makes no sense to
326 * replace it with an exact replica of itself.
328 * If no upperdentry then skip clearing whiteouts.
330 * Can race with copy-up, since we don't hold the upperdir mutex.
331 * Doesn't matter, since copy-up can't create a non-empty directory
334 if (OVL_TYPE_UPPER(type) && OVL_TYPE_MERGE(type))
335 ret = ovl_clear_empty(dentry, &list);
338 ovl_cache_free(&list);
343 static int ovl_set_upper_acl(struct dentry *upperdentry, const char *name,
344 const struct posix_acl *acl)
350 if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !acl)
353 size = posix_acl_to_xattr(NULL, acl, NULL, 0);
354 buffer = kmalloc(size, GFP_KERNEL);
358 size = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
363 err = vfs_setxattr(upperdentry, name, buffer, size, XATTR_CREATE);
369 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode,
371 struct dentry *hardlink)
373 struct dentry *workdir = ovl_workdir(dentry);
374 struct inode *wdir = workdir->d_inode;
375 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
376 struct inode *udir = upperdir->d_inode;
377 struct dentry *upper;
378 struct dentry *newdentry;
380 struct posix_acl *acl, *default_acl;
382 if (WARN_ON(!workdir))
386 err = posix_acl_create(dentry->d_parent->d_inode,
387 &cattr->mode, &default_acl, &acl);
392 err = ovl_lock_rename_workdir(workdir, upperdir);
396 newdentry = ovl_lookup_temp(workdir, dentry);
397 err = PTR_ERR(newdentry);
398 if (IS_ERR(newdentry))
401 upper = lookup_one_len(dentry->d_name.name, upperdir,
403 err = PTR_ERR(upper);
407 err = ovl_create_real(wdir, newdentry, cattr, hardlink, true);
412 * mode could have been mutilated due to umask (e.g. sgid directory)
415 !S_ISLNK(cattr->mode) &&
416 newdentry->d_inode->i_mode != cattr->mode) {
417 struct iattr attr = {
418 .ia_valid = ATTR_MODE,
419 .ia_mode = cattr->mode,
421 inode_lock(newdentry->d_inode);
422 err = notify_change(newdentry, &attr, NULL);
423 inode_unlock(newdentry->d_inode);
428 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_ACCESS,
433 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_DEFAULT,
439 if (!hardlink && S_ISDIR(cattr->mode)) {
440 err = ovl_set_opaque(dentry, newdentry);
444 err = ovl_do_rename(wdir, newdentry, udir, upper,
449 ovl_cleanup(wdir, upper);
451 err = ovl_do_rename(wdir, newdentry, udir, upper, 0);
455 ovl_instantiate(dentry, inode, newdentry, !!hardlink);
462 unlock_rename(workdir, upperdir);
465 posix_acl_release(acl);
466 posix_acl_release(default_acl);
471 ovl_cleanup(wdir, newdentry);
475 static int ovl_create_or_link(struct dentry *dentry, struct inode *inode,
476 struct cattr *attr, struct dentry *hardlink)
479 const struct cred *old_cred;
480 struct cred *override_cred;
482 err = ovl_copy_up(dentry->d_parent);
486 old_cred = ovl_override_creds(dentry->d_sb);
488 override_cred = prepare_creds();
490 override_cred->fsuid = inode->i_uid;
491 override_cred->fsgid = inode->i_gid;
493 err = security_dentry_create_files_as(dentry,
494 attr->mode, &dentry->d_name, old_cred,
497 put_cred(override_cred);
498 goto out_revert_creds;
501 put_cred(override_creds(override_cred));
502 put_cred(override_cred);
504 if (!ovl_dentry_is_whiteout(dentry))
505 err = ovl_create_upper(dentry, inode, attr,
508 err = ovl_create_over_whiteout(dentry, inode, attr,
512 revert_creds(old_cred);
514 struct inode *realinode = d_inode(ovl_dentry_upper(dentry));
516 WARN_ON(inode->i_mode != realinode->i_mode);
517 WARN_ON(!uid_eq(inode->i_uid, realinode->i_uid));
518 WARN_ON(!gid_eq(inode->i_gid, realinode->i_gid));
523 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
528 struct cattr attr = {
533 err = ovl_want_write(dentry);
538 inode = ovl_new_inode(dentry->d_sb, mode, rdev);
542 inode_init_owner(inode, dentry->d_parent->d_inode, mode);
543 attr.mode = inode->i_mode;
545 err = ovl_create_or_link(dentry, inode, &attr, NULL);
550 ovl_drop_write(dentry);
555 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode,
558 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
561 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
563 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
566 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode,
569 /* Don't allow creation of "whiteout" on overlay */
570 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV)
573 return ovl_create_object(dentry, mode, rdev, NULL);
576 static int ovl_symlink(struct inode *dir, struct dentry *dentry,
579 return ovl_create_object(dentry, S_IFLNK, 0, link);
582 static int ovl_link(struct dentry *old, struct inode *newdir,
588 err = ovl_want_write(old);
592 err = ovl_copy_up(old);
596 inode = d_inode(old);
599 err = ovl_create_or_link(new, inode, NULL, ovl_dentry_upper(old));
609 static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir)
611 struct dentry *workdir = ovl_workdir(dentry);
612 struct inode *wdir = workdir->d_inode;
613 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
614 struct inode *udir = upperdir->d_inode;
615 struct dentry *whiteout;
616 struct dentry *upper;
617 struct dentry *opaquedir = NULL;
621 if (WARN_ON(!workdir))
625 opaquedir = ovl_check_empty_and_clear(dentry);
626 err = PTR_ERR(opaquedir);
627 if (IS_ERR(opaquedir))
631 err = ovl_lock_rename_workdir(workdir, upperdir);
635 upper = lookup_one_len(dentry->d_name.name, upperdir,
637 err = PTR_ERR(upper);
642 if ((opaquedir && upper != opaquedir) ||
643 (!opaquedir && ovl_dentry_upper(dentry) &&
644 upper != ovl_dentry_upper(dentry))) {
648 whiteout = ovl_whiteout(workdir, dentry);
649 err = PTR_ERR(whiteout);
650 if (IS_ERR(whiteout))
654 flags = RENAME_EXCHANGE;
656 err = ovl_do_rename(wdir, whiteout, udir, upper, flags);
660 ovl_cleanup(wdir, upper);
662 ovl_dentry_version_inc(dentry->d_parent);
669 unlock_rename(workdir, upperdir);
676 ovl_cleanup(wdir, whiteout);
680 static int ovl_remove_upper(struct dentry *dentry, bool is_dir)
682 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
683 struct inode *dir = upperdir->d_inode;
684 struct dentry *upper;
685 struct dentry *opaquedir = NULL;
688 /* Redirect dir can be !ovl_lower_positive && OVL_TYPE_MERGE */
689 if (is_dir && ovl_dentry_get_redirect(dentry)) {
690 opaquedir = ovl_check_empty_and_clear(dentry);
691 err = PTR_ERR(opaquedir);
692 if (IS_ERR(opaquedir))
696 inode_lock_nested(dir, I_MUTEX_PARENT);
697 upper = lookup_one_len(dentry->d_name.name, upperdir,
699 err = PTR_ERR(upper);
704 if ((opaquedir && upper != opaquedir) ||
705 (!opaquedir && upper != ovl_dentry_upper(dentry)))
709 err = vfs_rmdir(dir, upper);
711 err = vfs_unlink(dir, upper, NULL);
712 ovl_dentry_version_inc(dentry->d_parent);
715 * Keeping this dentry hashed would mean having to release
716 * upperpath/lowerpath, which could only be done if we are the
717 * sole user of this dentry. Too tricky... Just unhash for
731 static int ovl_do_remove(struct dentry *dentry, bool is_dir)
733 enum ovl_path_type type;
735 const struct cred *old_cred;
737 err = ovl_want_write(dentry);
741 err = ovl_copy_up(dentry->d_parent);
745 type = ovl_path_type(dentry);
747 old_cred = ovl_override_creds(dentry->d_sb);
748 if (!ovl_lower_positive(dentry))
749 err = ovl_remove_upper(dentry, is_dir);
751 err = ovl_remove_and_whiteout(dentry, is_dir);
752 revert_creds(old_cred);
755 clear_nlink(dentry->d_inode);
757 drop_nlink(dentry->d_inode);
760 ovl_drop_write(dentry);
765 static int ovl_unlink(struct inode *dir, struct dentry *dentry)
767 return ovl_do_remove(dentry, false);
770 static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
772 return ovl_do_remove(dentry, true);
775 static bool ovl_type_merge_or_lower(struct dentry *dentry)
777 enum ovl_path_type type = ovl_path_type(dentry);
779 return OVL_TYPE_MERGE(type) || !OVL_TYPE_UPPER(type);
782 static bool ovl_can_move(struct dentry *dentry)
784 return ovl_redirect_dir(dentry->d_sb) ||
785 !d_is_dir(dentry) || !ovl_type_merge_or_lower(dentry);
788 static char *ovl_get_redirect(struct dentry *dentry, bool samedir)
791 struct dentry *d, *tmp;
792 int buflen = ovl_redirect_max + 1;
795 ret = kstrndup(dentry->d_name.name, dentry->d_name.len,
800 buf = ret = kmalloc(buflen, GFP_TEMPORARY);
806 for (d = dget(dentry); !IS_ROOT(d);) {
810 spin_lock(&d->d_lock);
811 name = ovl_dentry_get_redirect(d);
813 thislen = strlen(name);
815 name = d->d_name.name;
816 thislen = d->d_name.len;
819 /* If path is too long, fall back to userspace move */
820 if (thislen + (name[0] != '/') > buflen) {
821 ret = ERR_PTR(-EXDEV);
822 spin_unlock(&d->d_lock);
827 memcpy(&buf[buflen], name, thislen);
828 tmp = dget_dlock(d->d_parent);
829 spin_unlock(&d->d_lock);
834 /* Absolute redirect: finished */
835 if (buf[buflen] == '/')
840 ret = kstrdup(&buf[buflen], GFP_KERNEL);
845 return ret ? ret : ERR_PTR(-ENOMEM);
848 static int ovl_set_redirect(struct dentry *dentry, bool samedir)
851 const char *redirect = ovl_dentry_get_redirect(dentry);
853 if (redirect && (samedir || redirect[0] == '/'))
856 redirect = ovl_get_redirect(dentry, samedir);
857 if (IS_ERR(redirect))
858 return PTR_ERR(redirect);
860 err = ovl_check_setxattr(dentry, ovl_dentry_upper(dentry),
862 redirect, strlen(redirect), -EXDEV);
864 spin_lock(&dentry->d_lock);
865 ovl_dentry_set_redirect(dentry, redirect);
866 spin_unlock(&dentry->d_lock);
869 pr_warn_ratelimited("overlay: failed to set redirect (%i)\n", err);
870 /* Fall back to userspace copy-up */
876 static int ovl_rename(struct inode *olddir, struct dentry *old,
877 struct inode *newdir, struct dentry *new,
881 struct dentry *old_upperdir;
882 struct dentry *new_upperdir;
883 struct dentry *olddentry;
884 struct dentry *newdentry;
888 bool cleanup_whiteout = false;
889 bool overwrite = !(flags & RENAME_EXCHANGE);
890 bool is_dir = d_is_dir(old);
891 bool new_is_dir = d_is_dir(new);
892 bool samedir = olddir == newdir;
893 struct dentry *opaquedir = NULL;
894 const struct cred *old_cred = NULL;
897 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
900 flags &= ~RENAME_NOREPLACE;
902 /* Don't copy up directory trees */
904 if (!ovl_can_move(old))
906 if (!overwrite && !ovl_can_move(new))
909 err = ovl_want_write(old);
913 err = ovl_copy_up(old);
917 err = ovl_copy_up(new->d_parent);
921 err = ovl_copy_up(new);
926 old_cred = ovl_override_creds(old->d_sb);
928 if (overwrite && new_is_dir && ovl_type_merge_or_lower(new)) {
929 opaquedir = ovl_check_empty_and_clear(new);
930 err = PTR_ERR(opaquedir);
931 if (IS_ERR(opaquedir)) {
933 goto out_revert_creds;
938 if (ovl_lower_positive(old)) {
939 if (!ovl_dentry_is_whiteout(new)) {
940 /* Whiteout source */
941 flags |= RENAME_WHITEOUT;
943 /* Switch whiteouts */
944 flags |= RENAME_EXCHANGE;
946 } else if (is_dir && ovl_dentry_is_whiteout(new)) {
947 flags |= RENAME_EXCHANGE;
948 cleanup_whiteout = true;
952 old_upperdir = ovl_dentry_upper(old->d_parent);
953 new_upperdir = ovl_dentry_upper(new->d_parent);
955 trap = lock_rename(new_upperdir, old_upperdir);
957 olddentry = lookup_one_len(old->d_name.name, old_upperdir,
959 err = PTR_ERR(olddentry);
960 if (IS_ERR(olddentry))
964 if (olddentry != ovl_dentry_upper(old))
967 newdentry = lookup_one_len(new->d_name.name, new_upperdir,
969 err = PTR_ERR(newdentry);
970 if (IS_ERR(newdentry))
973 old_opaque = ovl_dentry_is_opaque(old);
974 new_opaque = ovl_dentry_is_opaque(new);
977 if (ovl_dentry_upper(new)) {
979 if (newdentry != opaquedir)
982 if (newdentry != ovl_dentry_upper(new))
986 if (!d_is_negative(newdentry) &&
987 (!new_opaque || !ovl_is_whiteout(newdentry)))
991 if (olddentry == trap)
993 if (newdentry == trap)
996 if (WARN_ON(olddentry->d_inode == newdentry->d_inode))
1001 if (ovl_type_merge_or_lower(old))
1002 err = ovl_set_redirect(old, samedir);
1003 else if (!old_opaque && ovl_type_merge(new->d_parent))
1004 err = ovl_set_opaque_xerr(old, olddentry, -EXDEV);
1008 if (!overwrite && new_is_dir) {
1009 if (ovl_type_merge_or_lower(new))
1010 err = ovl_set_redirect(new, samedir);
1011 else if (!new_opaque && ovl_type_merge(old->d_parent))
1012 err = ovl_set_opaque_xerr(new, newdentry, -EXDEV);
1017 err = ovl_do_rename(old_upperdir->d_inode, olddentry,
1018 new_upperdir->d_inode, newdentry, flags);
1022 if (cleanup_whiteout)
1023 ovl_cleanup(old_upperdir->d_inode, newdentry);
1025 ovl_dentry_version_inc(old->d_parent);
1026 ovl_dentry_version_inc(new->d_parent);
1033 unlock_rename(new_upperdir, old_upperdir);
1035 revert_creds(old_cred);
1037 ovl_drop_write(old);
1043 const struct inode_operations ovl_dir_inode_operations = {
1044 .lookup = ovl_lookup,
1046 .symlink = ovl_symlink,
1047 .unlink = ovl_unlink,
1049 .rename = ovl_rename,
1051 .setattr = ovl_setattr,
1052 .create = ovl_create,
1054 .permission = ovl_permission,
1055 .getattr = ovl_getattr,
1056 .listxattr = ovl_listxattr,
1057 .get_acl = ovl_get_acl,
1058 .update_time = ovl_update_time,
projects / karo-tx-linux.git / blob