3 * Copyright (C) 2011 Novell Inc.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
11 #include <linux/namei.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/cred.h>
15 #include <linux/atomic.h>
16 #include "overlayfs.h"
18 void ovl_cleanup(struct inode *wdir, struct dentry *wdentry)
23 if (d_is_dir(wdentry))
24 err = ovl_do_rmdir(wdir, wdentry);
26 err = ovl_do_unlink(wdir, wdentry);
30 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
35 struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry)
39 static atomic_t temp_id = ATOMIC_INIT(0);
41 /* counter is allowed to wrap, since temp dentries are ephemeral */
42 snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id));
44 temp = lookup_one_len(name, workdir, strlen(name));
45 if (!IS_ERR(temp) && temp->d_inode) {
46 pr_err("overlayfs: workdir/%s already exists\n", name);
54 /* caller holds i_mutex on workdir */
55 static struct dentry *ovl_whiteout(struct dentry *workdir,
56 struct dentry *dentry)
59 struct dentry *whiteout;
60 struct inode *wdir = workdir->d_inode;
62 whiteout = ovl_lookup_temp(workdir, dentry);
66 err = ovl_do_whiteout(wdir, whiteout);
69 whiteout = ERR_PTR(err);
75 int ovl_create_real(struct inode *dir, struct dentry *newdentry,
76 struct kstat *stat, const char *link,
77 struct dentry *hardlink, bool debug)
81 if (newdentry->d_inode)
85 err = ovl_do_link(hardlink, dir, newdentry, debug);
87 switch (stat->mode & S_IFMT) {
89 err = ovl_do_create(dir, newdentry, stat->mode, debug);
93 err = ovl_do_mkdir(dir, newdentry, stat->mode, debug);
100 err = ovl_do_mknod(dir, newdentry,
101 stat->mode, stat->rdev, debug);
105 err = ovl_do_symlink(dir, newdentry, link, debug);
112 if (!err && WARN_ON(!newdentry->d_inode)) {
114 * Not quite sure if non-instantiated dentry is legal or not.
115 * VFS doesn't seem to care so check and warn here.
122 static int ovl_set_opaque(struct dentry *upperdentry)
124 return ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0);
127 static void ovl_remove_opaque(struct dentry *upperdentry)
131 err = ovl_do_removexattr(upperdentry, OVL_XATTR_OPAQUE);
133 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n",
134 upperdentry->d_name.name, err);
138 static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry,
142 enum ovl_path_type type;
143 struct path realpath;
145 type = ovl_path_real(dentry, &realpath);
146 err = vfs_getattr(&realpath, stat);
150 stat->dev = dentry->d_sb->s_dev;
151 stat->ino = dentry->d_inode->i_ino;
154 * It's probably not worth it to count subdirs to get the
155 * correct link count. nlink=1 seems to pacify 'find' and
158 if (OVL_TYPE_MERGE(type))
164 static int ovl_create_upper(struct dentry *dentry, struct inode *inode,
165 struct kstat *stat, const char *link,
166 struct dentry *hardlink)
168 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
169 struct inode *udir = upperdir->d_inode;
170 struct dentry *newdentry;
173 mutex_lock_nested(&udir->i_mutex, I_MUTEX_PARENT);
174 newdentry = lookup_one_len(dentry->d_name.name, upperdir,
176 err = PTR_ERR(newdentry);
177 if (IS_ERR(newdentry))
179 err = ovl_create_real(udir, newdentry, stat, link, hardlink, false);
183 ovl_dentry_version_inc(dentry->d_parent);
184 ovl_dentry_update(dentry, newdentry);
185 ovl_copyattr(newdentry->d_inode, inode);
186 d_instantiate(dentry, inode);
191 mutex_unlock(&udir->i_mutex);
195 static int ovl_lock_rename_workdir(struct dentry *workdir,
196 struct dentry *upperdir)
198 /* Workdir should not be the same as upperdir */
199 if (workdir == upperdir)
202 /* Workdir should not be subdir of upperdir and vice versa */
203 if (lock_rename(workdir, upperdir) != NULL)
209 unlock_rename(workdir, upperdir);
211 pr_err("overlayfs: failed to lock workdir+upperdir\n");
215 static struct dentry *ovl_clear_empty(struct dentry *dentry,
216 struct list_head *list)
218 struct dentry *workdir = ovl_workdir(dentry);
219 struct inode *wdir = workdir->d_inode;
220 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
221 struct inode *udir = upperdir->d_inode;
222 struct path upperpath;
223 struct dentry *upper;
224 struct dentry *opaquedir;
228 if (WARN_ON(!workdir))
229 return ERR_PTR(-EROFS);
231 err = ovl_lock_rename_workdir(workdir, upperdir);
235 ovl_path_upper(dentry, &upperpath);
236 err = vfs_getattr(&upperpath, &stat);
241 if (!S_ISDIR(stat.mode))
243 upper = upperpath.dentry;
244 if (upper->d_parent->d_inode != udir)
247 opaquedir = ovl_lookup_temp(workdir, dentry);
248 err = PTR_ERR(opaquedir);
249 if (IS_ERR(opaquedir))
252 err = ovl_create_real(wdir, opaquedir, &stat, NULL, NULL, true);
256 err = ovl_copy_xattr(upper, opaquedir);
260 err = ovl_set_opaque(opaquedir);
264 mutex_lock(&opaquedir->d_inode->i_mutex);
265 err = ovl_set_attr(opaquedir, &stat);
266 mutex_unlock(&opaquedir->d_inode->i_mutex);
270 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE);
274 ovl_cleanup_whiteouts(upper, list);
275 ovl_cleanup(wdir, upper);
276 unlock_rename(workdir, upperdir);
278 /* dentry's upper doesn't match now, get rid of it */
284 ovl_cleanup(wdir, opaquedir);
288 unlock_rename(workdir, upperdir);
293 static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry)
296 struct dentry *ret = NULL;
299 err = ovl_check_empty_dir(dentry, &list);
304 * If no upperdentry then skip clearing whiteouts.
306 * Can race with copy-up, since we don't hold the upperdir
307 * mutex. Doesn't matter, since copy-up can't create a
308 * non-empty directory from an empty one.
310 if (ovl_dentry_upper(dentry))
311 ret = ovl_clear_empty(dentry, &list);
314 ovl_cache_free(&list);
319 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode,
320 struct kstat *stat, const char *link,
321 struct dentry *hardlink)
323 struct dentry *workdir = ovl_workdir(dentry);
324 struct inode *wdir = workdir->d_inode;
325 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
326 struct inode *udir = upperdir->d_inode;
327 struct dentry *upper;
328 struct dentry *newdentry;
331 if (WARN_ON(!workdir))
334 err = ovl_lock_rename_workdir(workdir, upperdir);
338 newdentry = ovl_lookup_temp(workdir, dentry);
339 err = PTR_ERR(newdentry);
340 if (IS_ERR(newdentry))
343 upper = lookup_one_len(dentry->d_name.name, upperdir,
345 err = PTR_ERR(upper);
349 err = ovl_create_real(wdir, newdentry, stat, link, hardlink, true);
353 if (S_ISDIR(stat->mode)) {
354 err = ovl_set_opaque(newdentry);
358 err = ovl_do_rename(wdir, newdentry, udir, upper,
363 ovl_cleanup(wdir, upper);
365 err = ovl_do_rename(wdir, newdentry, udir, upper, 0);
369 ovl_dentry_version_inc(dentry->d_parent);
370 ovl_dentry_update(dentry, newdentry);
371 ovl_copyattr(newdentry->d_inode, inode);
372 d_instantiate(dentry, inode);
379 unlock_rename(workdir, upperdir);
384 ovl_cleanup(wdir, newdentry);
388 static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev,
389 const char *link, struct dentry *hardlink)
393 struct kstat stat = {
399 inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata);
403 err = ovl_copy_up(dentry->d_parent);
407 if (!ovl_dentry_is_opaque(dentry)) {
408 err = ovl_create_upper(dentry, inode, &stat, link, hardlink);
410 const struct cred *old_cred;
411 struct cred *override_cred;
414 override_cred = prepare_creds();
419 * CAP_SYS_ADMIN for setting opaque xattr
420 * CAP_DAC_OVERRIDE for create in workdir, rename
421 * CAP_FOWNER for removing whiteout from sticky dir
423 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
424 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
425 cap_raise(override_cred->cap_effective, CAP_FOWNER);
426 old_cred = override_creds(override_cred);
428 err = ovl_create_over_whiteout(dentry, inode, &stat, link,
431 revert_creds(old_cred);
432 put_cred(override_cred);
443 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
448 err = ovl_want_write(dentry);
450 err = ovl_create_or_link(dentry, mode, rdev, link, NULL);
451 ovl_drop_write(dentry);
457 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode,
460 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
463 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
465 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
468 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode,
471 /* Don't allow creation of "whiteout" on overlay */
472 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV)
475 return ovl_create_object(dentry, mode, rdev, NULL);
478 static int ovl_symlink(struct inode *dir, struct dentry *dentry,
481 return ovl_create_object(dentry, S_IFLNK, 0, link);
484 static int ovl_link(struct dentry *old, struct inode *newdir,
488 struct dentry *upper;
490 err = ovl_want_write(old);
494 err = ovl_copy_up(old);
498 upper = ovl_dentry_upper(old);
499 err = ovl_create_or_link(new, upper->d_inode->i_mode, 0, NULL, upper);
507 static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir)
509 struct dentry *workdir = ovl_workdir(dentry);
510 struct inode *wdir = workdir->d_inode;
511 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
512 struct inode *udir = upperdir->d_inode;
513 struct dentry *whiteout;
514 struct dentry *upper;
515 struct dentry *opaquedir = NULL;
519 if (WARN_ON(!workdir))
523 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry))) {
524 opaquedir = ovl_check_empty_and_clear(dentry);
525 err = PTR_ERR(opaquedir);
526 if (IS_ERR(opaquedir))
532 * When removing an empty opaque directory, then it
533 * makes no sense to replace it with an exact replica of
534 * itself. But emptiness still needs to be checked.
536 err = ovl_check_empty_dir(dentry, &list);
537 ovl_cache_free(&list);
543 err = ovl_lock_rename_workdir(workdir, upperdir);
547 upper = lookup_one_len(dentry->d_name.name, upperdir,
549 err = PTR_ERR(upper);
554 if ((opaquedir && upper != opaquedir) ||
555 (!opaquedir && ovl_dentry_upper(dentry) &&
556 upper != ovl_dentry_upper(dentry))) {
560 whiteout = ovl_whiteout(workdir, dentry);
561 err = PTR_ERR(whiteout);
562 if (IS_ERR(whiteout))
566 flags = RENAME_EXCHANGE;
568 err = ovl_do_rename(wdir, whiteout, udir, upper, flags);
572 ovl_cleanup(wdir, upper);
574 ovl_dentry_version_inc(dentry->d_parent);
581 unlock_rename(workdir, upperdir);
588 ovl_cleanup(wdir, whiteout);
592 static int ovl_remove_upper(struct dentry *dentry, bool is_dir)
594 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
595 struct inode *dir = upperdir->d_inode;
596 struct dentry *upper;
599 mutex_lock_nested(&dir->i_mutex, I_MUTEX_PARENT);
600 upper = lookup_one_len(dentry->d_name.name, upperdir,
602 err = PTR_ERR(upper);
607 if (upper == ovl_dentry_upper(dentry)) {
609 err = vfs_rmdir(dir, upper);
611 err = vfs_unlink(dir, upper, NULL);
612 ovl_dentry_version_inc(dentry->d_parent);
617 * Keeping this dentry hashed would mean having to release
618 * upperpath/lowerpath, which could only be done if we are the
619 * sole user of this dentry. Too tricky... Just unhash for
625 mutex_unlock(&dir->i_mutex);
630 static inline int ovl_check_sticky(struct dentry *dentry)
632 struct inode *dir = ovl_dentry_real(dentry->d_parent)->d_inode;
633 struct inode *inode = ovl_dentry_real(dentry)->d_inode;
635 if (check_sticky(dir, inode))
641 static int ovl_do_remove(struct dentry *dentry, bool is_dir)
643 enum ovl_path_type type;
646 err = ovl_check_sticky(dentry);
650 err = ovl_want_write(dentry);
654 err = ovl_copy_up(dentry->d_parent);
658 type = ovl_path_type(dentry);
659 if (OVL_TYPE_PURE_UPPER(type)) {
660 err = ovl_remove_upper(dentry, is_dir);
662 const struct cred *old_cred;
663 struct cred *override_cred;
666 override_cred = prepare_creds();
671 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
672 * CAP_DAC_OVERRIDE for create in workdir, rename
673 * CAP_FOWNER for removing whiteout from sticky dir
674 * CAP_FSETID for chmod of opaque dir
675 * CAP_CHOWN for chown of opaque dir
677 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
678 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
679 cap_raise(override_cred->cap_effective, CAP_FOWNER);
680 cap_raise(override_cred->cap_effective, CAP_FSETID);
681 cap_raise(override_cred->cap_effective, CAP_CHOWN);
682 old_cred = override_creds(override_cred);
684 err = ovl_remove_and_whiteout(dentry, is_dir);
686 revert_creds(old_cred);
687 put_cred(override_cred);
690 ovl_drop_write(dentry);
695 static int ovl_unlink(struct inode *dir, struct dentry *dentry)
697 return ovl_do_remove(dentry, false);
700 static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
702 return ovl_do_remove(dentry, true);
705 static int ovl_rename2(struct inode *olddir, struct dentry *old,
706 struct inode *newdir, struct dentry *new,
710 enum ovl_path_type old_type;
711 enum ovl_path_type new_type;
712 struct dentry *old_upperdir;
713 struct dentry *new_upperdir;
714 struct dentry *olddentry;
715 struct dentry *newdentry;
719 bool new_create = false;
720 bool cleanup_whiteout = false;
721 bool overwrite = !(flags & RENAME_EXCHANGE);
722 bool is_dir = d_is_dir(old);
723 bool new_is_dir = false;
724 struct dentry *opaquedir = NULL;
725 const struct cred *old_cred = NULL;
726 struct cred *override_cred = NULL;
729 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
732 flags &= ~RENAME_NOREPLACE;
734 err = ovl_check_sticky(old);
738 /* Don't copy up directory trees */
739 old_type = ovl_path_type(old);
741 if (OVL_TYPE_MERGE_OR_LOWER(old_type) && is_dir)
745 err = ovl_check_sticky(new);
752 new_type = ovl_path_type(new);
754 if (!overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir)
758 if (!OVL_TYPE_UPPER(new_type) && !OVL_TYPE_UPPER(old_type)) {
759 if (ovl_dentry_lower(old)->d_inode ==
760 ovl_dentry_lower(new)->d_inode)
763 if (OVL_TYPE_UPPER(new_type) && OVL_TYPE_UPPER(old_type)) {
764 if (ovl_dentry_upper(old)->d_inode ==
765 ovl_dentry_upper(new)->d_inode)
769 if (ovl_dentry_is_opaque(new))
770 new_type = __OVL_PATH_UPPER;
772 new_type = __OVL_PATH_UPPER | __OVL_PATH_PURE;
775 err = ovl_want_write(old);
779 err = ovl_copy_up(old);
783 err = ovl_copy_up(new->d_parent);
787 err = ovl_copy_up(new);
792 old_opaque = !OVL_TYPE_PURE_UPPER(old_type);
793 new_opaque = !OVL_TYPE_PURE_UPPER(new_type);
795 if (old_opaque || new_opaque) {
797 override_cred = prepare_creds();
802 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
803 * CAP_DAC_OVERRIDE for create in workdir
804 * CAP_FOWNER for removing whiteout from sticky dir
805 * CAP_FSETID for chmod of opaque dir
806 * CAP_CHOWN for chown of opaque dir
808 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
809 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
810 cap_raise(override_cred->cap_effective, CAP_FOWNER);
811 cap_raise(override_cred->cap_effective, CAP_FSETID);
812 cap_raise(override_cred->cap_effective, CAP_CHOWN);
813 old_cred = override_creds(override_cred);
816 if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) {
817 opaquedir = ovl_check_empty_and_clear(new);
818 err = PTR_ERR(opaquedir);
819 if (IS_ERR(opaquedir)) {
821 goto out_revert_creds;
827 if (new->d_inode || !new_opaque) {
828 /* Whiteout source */
829 flags |= RENAME_WHITEOUT;
831 /* Switch whiteouts */
832 flags |= RENAME_EXCHANGE;
834 } else if (is_dir && !new->d_inode && new_opaque) {
835 flags |= RENAME_EXCHANGE;
836 cleanup_whiteout = true;
840 old_upperdir = ovl_dentry_upper(old->d_parent);
841 new_upperdir = ovl_dentry_upper(new->d_parent);
843 trap = lock_rename(new_upperdir, old_upperdir);
846 olddentry = lookup_one_len(old->d_name.name, old_upperdir,
848 err = PTR_ERR(olddentry);
849 if (IS_ERR(olddentry))
853 if (olddentry != ovl_dentry_upper(old))
856 newdentry = lookup_one_len(new->d_name.name, new_upperdir,
858 err = PTR_ERR(newdentry);
859 if (IS_ERR(newdentry))
863 if (ovl_dentry_upper(new)) {
865 if (newdentry != opaquedir)
868 if (newdentry != ovl_dentry_upper(new))
873 if (!d_is_negative(newdentry) &&
874 (!new_opaque || !ovl_is_whiteout(newdentry)))
878 if (olddentry == trap)
880 if (newdentry == trap)
883 if (is_dir && !old_opaque && new_opaque) {
884 err = ovl_set_opaque(olddentry);
888 if (!overwrite && new_is_dir && old_opaque && !new_opaque) {
889 err = ovl_set_opaque(newdentry);
894 if (old_opaque || new_opaque) {
895 err = ovl_do_rename(old_upperdir->d_inode, olddentry,
896 new_upperdir->d_inode, newdentry,
899 /* No debug for the plain case */
900 BUG_ON(flags & ~RENAME_EXCHANGE);
901 err = vfs_rename(old_upperdir->d_inode, olddentry,
902 new_upperdir->d_inode, newdentry,
907 if (is_dir && !old_opaque && new_opaque)
908 ovl_remove_opaque(olddentry);
909 if (!overwrite && new_is_dir && old_opaque && !new_opaque)
910 ovl_remove_opaque(newdentry);
914 if (is_dir && old_opaque && !new_opaque)
915 ovl_remove_opaque(olddentry);
916 if (!overwrite && new_is_dir && !old_opaque && new_opaque)
917 ovl_remove_opaque(newdentry);
920 * Old dentry now lives in different location. Dentries in
921 * lowerstack are stale. We cannot drop them here because
922 * access to them is lockless. This could be only pure upper
923 * or opaque directory - numlower is zero. Or upper non-dir
924 * entry - its pureness is tracked by flag opaque.
926 if (old_opaque != new_opaque) {
927 ovl_dentry_set_opaque(old, new_opaque);
929 ovl_dentry_set_opaque(new, old_opaque);
932 if (cleanup_whiteout)
933 ovl_cleanup(old_upperdir->d_inode, newdentry);
935 ovl_dentry_version_inc(old->d_parent);
936 ovl_dentry_version_inc(new->d_parent);
943 unlock_rename(new_upperdir, old_upperdir);
945 if (old_opaque || new_opaque) {
946 revert_creds(old_cred);
947 put_cred(override_cred);
956 const struct inode_operations ovl_dir_inode_operations = {
957 .lookup = ovl_lookup,
959 .symlink = ovl_symlink,
960 .unlink = ovl_unlink,
962 .rename2 = ovl_rename2,
964 .setattr = ovl_setattr,
965 .create = ovl_create,
967 .permission = ovl_permission,
968 .getattr = ovl_dir_getattr,
969 .setxattr = ovl_setxattr,
970 .getxattr = ovl_getxattr,
971 .listxattr = ovl_listxattr,
972 .removexattr = ovl_removexattr,
Code Review / kvmfornfv.git / blob