3
* Copyright (C) 2011 Novell Inc.
5
* This program is free software; you can redistribute it and/or modify it
6
* under the terms of the GNU General Public License version 2 as published by
7
* the Free Software Foundation.
11
#include <linux/namei.h>
12
#include <linux/xattr.h>
13
#include <linux/security.h>
14
#include "overlayfs.h"
16
static const char *ovl_whiteout_symlink = "(overlay-whiteout)";
18
static int ovl_whiteout(struct dentry *upperdir, struct dentry *dentry)
21
struct dentry *newdentry;
22
const struct cred *old_cred;
23
struct cred *override_cred;
25
/* FIXME: recheck lower dentry to see if whiteout is really needed */
28
override_cred = prepare_creds();
33
* CAP_SYS_ADMIN for setxattr
34
* CAP_DAC_OVERRIDE for symlink creation
35
* CAP_FOWNER for unlink in sticky directory
37
cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
38
cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
39
cap_raise(override_cred->cap_effective, CAP_FOWNER);
40
override_cred->fsuid = 0;
41
override_cred->fsgid = 0;
42
old_cred = override_creds(override_cred);
44
newdentry = lookup_one_len(dentry->d_name.name, upperdir,
46
err = PTR_ERR(newdentry);
47
if (IS_ERR(newdentry))
50
/* Just been removed within the same locked region */
51
WARN_ON(newdentry->d_inode);
53
err = vfs_symlink(upperdir->d_inode, newdentry, ovl_whiteout_symlink);
57
ovl_dentry_version_inc(dentry->d_parent);
59
err = vfs_setxattr(newdentry, ovl_whiteout_xattr, "y", 1, 0);
61
vfs_unlink(upperdir->d_inode, newdentry);
66
revert_creds(old_cred);
67
put_cred(override_cred);
71
* There's no way to recover from failure to whiteout.
72
* What should we do? Log a big fat error and... ?
74
printk(KERN_ERR "overlayfs: ERROR - failed to whiteout '%s'\n",
81
static struct dentry *ovl_lookup_create(struct dentry *upperdir,
82
struct dentry *template)
85
struct dentry *newdentry;
86
struct qstr *name = &template->d_name;
88
newdentry = lookup_one_len(name->name, upperdir, name->len);
89
if (IS_ERR(newdentry))
92
if (newdentry->d_inode) {
93
const struct cred *old_cred;
94
struct cred *override_cred;
96
/* No need to check whiteout if lower parent is non-existent */
98
if (!ovl_dentry_lower(template->d_parent))
101
if (!S_ISLNK(newdentry->d_inode->i_mode))
105
override_cred = prepare_creds();
110
* CAP_SYS_ADMIN for getxattr
111
* CAP_FOWNER for unlink in sticky directory
113
cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
114
cap_raise(override_cred->cap_effective, CAP_FOWNER);
115
old_cred = override_creds(override_cred);
118
if (ovl_is_whiteout(newdentry))
119
err = vfs_unlink(upperdir->d_inode, newdentry);
121
revert_creds(old_cred);
122
put_cred(override_cred);
127
newdentry = lookup_one_len(name->name, upperdir, name->len);
128
if (IS_ERR(newdentry)) {
129
ovl_whiteout(upperdir, template);
134
* Whiteout just been successfully removed, parent
135
* i_mutex is still held, there's no way the lookup
136
* could return positive.
138
WARN_ON(newdentry->d_inode);
148
struct dentry *ovl_upper_create(struct dentry *upperdir, struct dentry *dentry,
149
struct kstat *stat, const char *link)
152
struct dentry *newdentry;
153
struct inode *dir = upperdir->d_inode;
155
newdentry = ovl_lookup_create(upperdir, dentry);
156
if (IS_ERR(newdentry))
159
switch (stat->mode & S_IFMT) {
161
err = vfs_create(dir, newdentry, stat->mode, NULL);
165
err = vfs_mkdir(dir, newdentry, stat->mode);
172
err = vfs_mknod(dir, newdentry, stat->mode, stat->rdev);
176
err = vfs_symlink(dir, newdentry, link);
183
if (ovl_dentry_is_opaque(dentry))
184
ovl_whiteout(upperdir, dentry);
186
newdentry = ERR_PTR(err);
187
} else if (WARN_ON(!newdentry->d_inode)) {
189
* Not quite sure if non-instantiated dentry is legal or not.
190
* VFS doesn't seem to care so check and warn here.
193
newdentry = ERR_PTR(-ENOENT);
201
static int ovl_set_opaque(struct dentry *upperdentry)
204
const struct cred *old_cred;
205
struct cred *override_cred;
207
override_cred = prepare_creds();
211
/* CAP_SYS_ADMIN for setxattr of "trusted" namespace */
212
cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
213
old_cred = override_creds(override_cred);
214
err = vfs_setxattr(upperdentry, ovl_opaque_xattr, "y", 1, 0);
215
revert_creds(old_cred);
216
put_cred(override_cred);
221
static int ovl_remove_opaque(struct dentry *upperdentry)
224
const struct cred *old_cred;
225
struct cred *override_cred;
227
override_cred = prepare_creds();
231
/* CAP_SYS_ADMIN for removexattr of "trusted" namespace */
232
cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
233
old_cred = override_creds(override_cred);
234
err = vfs_removexattr(upperdentry, ovl_opaque_xattr);
235
revert_creds(old_cred);
236
put_cred(override_cred);
241
static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry,
245
enum ovl_path_type type;
246
struct path realpath;
248
type = ovl_path_real(dentry, &realpath);
249
err = vfs_getattr(realpath.mnt, realpath.dentry, stat);
253
stat->dev = dentry->d_sb->s_dev;
254
stat->ino = dentry->d_inode->i_ino;
257
* It's probably not worth it to count subdirs to get the
258
* correct link count. nlink=1 seems to pacify 'find' and
261
if (type == OVL_PATH_MERGE)
267
static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
271
struct dentry *newdentry;
272
struct dentry *upperdir;
274
struct kstat stat = {
280
inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata);
284
err = ovl_copy_up(dentry->d_parent);
288
upperdir = ovl_dentry_upper(dentry->d_parent);
289
mutex_lock_nested(&upperdir->d_inode->i_mutex, I_MUTEX_PARENT);
291
newdentry = ovl_upper_create(upperdir, dentry, &stat, link);
292
err = PTR_ERR(newdentry);
293
if (IS_ERR(newdentry))
296
ovl_dentry_version_inc(dentry->d_parent);
297
if (ovl_dentry_is_opaque(dentry) && S_ISDIR(mode)) {
298
err = ovl_set_opaque(newdentry);
300
vfs_rmdir(upperdir->d_inode, newdentry);
301
ovl_whiteout(upperdir, dentry);
305
ovl_dentry_update(dentry, newdentry);
306
d_instantiate(dentry, inode);
314
mutex_unlock(&upperdir->d_inode->i_mutex);
321
static int ovl_create(struct inode *dir, struct dentry *dentry, int mode,
322
struct nameidata *nd)
324
return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
327
static int ovl_mkdir(struct inode *dir, struct dentry *dentry, int mode)
329
return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
332
static int ovl_mknod(struct inode *dir, struct dentry *dentry, int mode,
335
return ovl_create_object(dentry, mode, rdev, NULL);
338
static int ovl_symlink(struct inode *dir, struct dentry *dentry,
341
return ovl_create_object(dentry, S_IFLNK, 0, link);
344
static int ovl_do_remove(struct dentry *dentry, bool is_dir)
347
enum ovl_path_type type;
348
struct path realpath;
349
struct dentry *upperdir;
351
err = ovl_copy_up(dentry->d_parent);
355
upperdir = ovl_dentry_upper(dentry->d_parent);
356
mutex_lock_nested(&upperdir->d_inode->i_mutex, I_MUTEX_PARENT);
357
type = ovl_path_real(dentry, &realpath);
358
if (type != OVL_PATH_LOWER) {
360
if (realpath.dentry->d_parent != upperdir)
363
/* FIXME: create whiteout up front and rename to target */
366
err = vfs_rmdir(upperdir->d_inode, realpath.dentry);
368
err = vfs_unlink(upperdir->d_inode, realpath.dentry);
372
ovl_dentry_version_inc(dentry->d_parent);
375
if (type != OVL_PATH_UPPER || ovl_dentry_is_opaque(dentry))
376
err = ovl_whiteout(upperdir, dentry);
379
* Keeping this dentry hashed would mean having to release
380
* upperpath/lowerpath, which could only be done if we are the
381
* sole user of this dentry. Too tricky... Just unhash for
386
mutex_unlock(&upperdir->d_inode->i_mutex);
391
static int ovl_unlink(struct inode *dir, struct dentry *dentry)
393
return ovl_do_remove(dentry, false);
397
static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
400
enum ovl_path_type type;
402
type = ovl_path_type(dentry);
403
if (type != OVL_PATH_UPPER) {
404
err = ovl_check_empty_and_clear(dentry, type);
409
return ovl_do_remove(dentry, true);
412
static int ovl_link(struct dentry *old, struct inode *newdir,
416
struct dentry *olddentry;
417
struct dentry *newdentry;
418
struct dentry *upperdir;
420
err = ovl_copy_up(old);
424
err = ovl_copy_up(new->d_parent);
428
upperdir = ovl_dentry_upper(new->d_parent);
429
mutex_lock_nested(&upperdir->d_inode->i_mutex, I_MUTEX_PARENT);
430
newdentry = ovl_lookup_create(upperdir, new);
431
err = PTR_ERR(newdentry);
432
if (IS_ERR(newdentry))
435
olddentry = ovl_dentry_upper(old);
436
err = vfs_link(olddentry, upperdir->d_inode, newdentry);
438
if (WARN_ON(!newdentry->d_inode)) {
444
ovl_dentry_version_inc(new->d_parent);
445
ovl_dentry_update(new, newdentry);
448
d_instantiate(new, old->d_inode);
450
if (ovl_dentry_is_opaque(new))
451
ovl_whiteout(upperdir, new);
455
mutex_unlock(&upperdir->d_inode->i_mutex);
461
static int ovl_rename(struct inode *olddir, struct dentry *old,
462
struct inode *newdir, struct dentry *new)
465
enum ovl_path_type old_type;
466
enum ovl_path_type new_type;
467
struct dentry *old_upperdir;
468
struct dentry *new_upperdir;
469
struct dentry *olddentry;
470
struct dentry *newdentry;
474
bool new_create = false;
475
bool is_dir = S_ISDIR(old->d_inode->i_mode);
477
/* Don't copy up directory trees */
478
old_type = ovl_path_type(old);
479
if (old_type != OVL_PATH_UPPER && is_dir)
483
new_type = ovl_path_type(new);
485
if (new_type == OVL_PATH_LOWER && old_type == OVL_PATH_LOWER) {
486
if (ovl_dentry_lower(old)->d_inode ==
487
ovl_dentry_lower(new)->d_inode)
490
if (new_type != OVL_PATH_LOWER && old_type != OVL_PATH_LOWER) {
491
if (ovl_dentry_upper(old)->d_inode ==
492
ovl_dentry_upper(new)->d_inode)
496
if (new_type != OVL_PATH_UPPER &&
497
S_ISDIR(new->d_inode->i_mode)) {
498
err = ovl_check_empty_and_clear(new, new_type);
503
new_type = OVL_PATH_UPPER;
506
err = ovl_copy_up(old);
510
err = ovl_copy_up(new->d_parent);
514
old_upperdir = ovl_dentry_upper(old->d_parent);
515
new_upperdir = ovl_dentry_upper(new->d_parent);
517
trap = lock_rename(new_upperdir, old_upperdir);
519
olddentry = ovl_dentry_upper(old);
520
newdentry = ovl_dentry_upper(new);
525
newdentry = ovl_lookup_create(new_upperdir, new);
526
err = PTR_ERR(newdentry);
527
if (IS_ERR(newdentry))
532
if (olddentry->d_parent != old_upperdir)
534
if (newdentry->d_parent != new_upperdir)
536
if (olddentry == trap)
538
if (newdentry == trap)
541
old_opaque = ovl_dentry_is_opaque(old);
542
new_opaque = ovl_dentry_is_opaque(new) || new_type != OVL_PATH_UPPER;
544
if (is_dir && !old_opaque && new_opaque) {
545
err = ovl_set_opaque(olddentry);
550
err = vfs_rename(old_upperdir->d_inode, olddentry,
551
new_upperdir->d_inode, newdentry);
554
if (new_create && ovl_dentry_is_opaque(new))
555
ovl_whiteout(new_upperdir, new);
556
if (is_dir && !old_opaque && new_opaque)
557
ovl_remove_opaque(olddentry);
561
if (old_type != OVL_PATH_UPPER || old_opaque)
562
err = ovl_whiteout(old_upperdir, old);
563
if (is_dir && old_opaque && !new_opaque)
564
ovl_remove_opaque(olddentry);
566
if (old_opaque != new_opaque)
567
ovl_dentry_set_opaque(old, new_opaque);
569
ovl_dentry_version_inc(old->d_parent);
570
ovl_dentry_version_inc(new->d_parent);
575
unlock_rename(new_upperdir, old_upperdir);
579
const struct inode_operations ovl_dir_inode_operations = {
580
.lookup = ovl_lookup,
582
.symlink = ovl_symlink,
583
.unlink = ovl_unlink,
585
.rename = ovl_rename,
587
.setattr = ovl_setattr,
588
.create = ovl_create,
590
.permission = ovl_permission,
591
.getattr = ovl_dir_getattr,
592
.setxattr = ovl_setxattr,
593
.getxattr = ovl_getxattr,
594
.listxattr = ovl_listxattr,
595
.removexattr = ovl_removexattr,