3 * Copyright (C) 2011 Novell Inc.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
11 #include <linux/namei.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/cred.h>
15 #include "overlayfs.h"
17 void ovl_cleanup(struct inode
*wdir
, struct dentry
*wdentry
)
22 if (S_ISDIR(wdentry
->d_inode
->i_mode
))
23 err
= ovl_do_rmdir(wdir
, wdentry
);
25 err
= ovl_do_unlink(wdir
, wdentry
);
29 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
34 struct dentry
*ovl_lookup_temp(struct dentry
*workdir
, struct dentry
*dentry
)
39 snprintf(name
, sizeof(name
), "#%lx", (unsigned long) dentry
);
41 temp
= lookup_one_len(name
, workdir
, strlen(name
));
42 if (!IS_ERR(temp
) && temp
->d_inode
) {
43 pr_err("overlayfs: workdir/%s already exists\n", name
);
51 /* caller holds i_mutex on workdir */
52 static struct dentry
*ovl_whiteout(struct dentry
*workdir
,
53 struct dentry
*dentry
)
56 struct dentry
*whiteout
;
57 struct inode
*wdir
= workdir
->d_inode
;
59 whiteout
= ovl_lookup_temp(workdir
, dentry
);
63 err
= ovl_do_whiteout(wdir
, whiteout
);
66 whiteout
= ERR_PTR(err
);
72 int ovl_create_real(struct inode
*dir
, struct dentry
*newdentry
,
73 struct kstat
*stat
, const char *link
,
74 struct dentry
*hardlink
, bool debug
)
78 if (newdentry
->d_inode
)
82 err
= ovl_do_link(hardlink
, dir
, newdentry
, debug
);
84 switch (stat
->mode
& S_IFMT
) {
86 err
= ovl_do_create(dir
, newdentry
, stat
->mode
, debug
);
90 err
= ovl_do_mkdir(dir
, newdentry
, stat
->mode
, debug
);
97 err
= ovl_do_mknod(dir
, newdentry
,
98 stat
->mode
, stat
->rdev
, debug
);
102 err
= ovl_do_symlink(dir
, newdentry
, link
, debug
);
109 if (!err
&& WARN_ON(!newdentry
->d_inode
)) {
111 * Not quite sure if non-instantiated dentry is legal or not.
112 * VFS doesn't seem to care so check and warn here.
119 static int ovl_set_opaque(struct dentry
*upperdentry
)
121 return ovl_do_setxattr(upperdentry
, ovl_opaque_xattr
, "y", 1, 0);
124 static void ovl_remove_opaque(struct dentry
*upperdentry
)
128 err
= ovl_do_removexattr(upperdentry
, ovl_opaque_xattr
);
130 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n",
131 upperdentry
->d_name
.name
, err
);
135 static int ovl_dir_getattr(struct vfsmount
*mnt
, struct dentry
*dentry
,
139 enum ovl_path_type type
;
140 struct path realpath
;
142 type
= ovl_path_real(dentry
, &realpath
);
143 err
= vfs_getattr(&realpath
, stat
);
147 stat
->dev
= dentry
->d_sb
->s_dev
;
148 stat
->ino
= dentry
->d_inode
->i_ino
;
151 * It's probably not worth it to count subdirs to get the
152 * correct link count. nlink=1 seems to pacify 'find' and
155 if (type
== OVL_PATH_MERGE
)
161 static int ovl_create_upper(struct dentry
*dentry
, struct inode
*inode
,
162 struct kstat
*stat
, const char *link
,
163 struct dentry
*hardlink
)
165 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
166 struct inode
*udir
= upperdir
->d_inode
;
167 struct dentry
*newdentry
;
170 mutex_lock_nested(&udir
->i_mutex
, I_MUTEX_PARENT
);
171 newdentry
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
173 err
= PTR_ERR(newdentry
);
174 if (IS_ERR(newdentry
))
176 err
= ovl_create_real(udir
, newdentry
, stat
, link
, hardlink
, false);
180 ovl_dentry_version_inc(dentry
->d_parent
);
181 ovl_dentry_update(dentry
, newdentry
);
182 ovl_copyattr(newdentry
->d_inode
, inode
);
183 d_instantiate(dentry
, inode
);
188 mutex_unlock(&udir
->i_mutex
);
192 static int ovl_lock_rename_workdir(struct dentry
*workdir
,
193 struct dentry
*upperdir
)
195 /* Workdir should not be the same as upperdir */
196 if (workdir
== upperdir
)
199 /* Workdir should not be subdir of upperdir and vice versa */
200 if (lock_rename(workdir
, upperdir
) != NULL
)
206 unlock_rename(workdir
, upperdir
);
208 pr_err("overlayfs: failed to lock workdir+upperdir\n");
212 static struct dentry
*ovl_clear_empty(struct dentry
*dentry
,
213 struct list_head
*list
)
215 struct dentry
*workdir
= ovl_workdir(dentry
);
216 struct inode
*wdir
= workdir
->d_inode
;
217 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
218 struct inode
*udir
= upperdir
->d_inode
;
219 struct path upperpath
;
220 struct dentry
*upper
;
221 struct dentry
*opaquedir
;
225 err
= ovl_lock_rename_workdir(workdir
, upperdir
);
229 ovl_path_upper(dentry
, &upperpath
);
230 err
= vfs_getattr(&upperpath
, &stat
);
235 if (!S_ISDIR(stat
.mode
))
237 upper
= upperpath
.dentry
;
238 if (upper
->d_parent
->d_inode
!= udir
)
241 opaquedir
= ovl_lookup_temp(workdir
, dentry
);
242 err
= PTR_ERR(opaquedir
);
243 if (IS_ERR(opaquedir
))
246 err
= ovl_create_real(wdir
, opaquedir
, &stat
, NULL
, NULL
, true);
250 err
= ovl_copy_xattr(upper
, opaquedir
);
254 err
= ovl_set_opaque(opaquedir
);
258 mutex_lock(&opaquedir
->d_inode
->i_mutex
);
259 err
= ovl_set_attr(opaquedir
, &stat
);
260 mutex_unlock(&opaquedir
->d_inode
->i_mutex
);
264 err
= ovl_do_rename(wdir
, opaquedir
, udir
, upper
, RENAME_EXCHANGE
);
268 ovl_cleanup_whiteouts(upper
, list
);
269 ovl_cleanup(wdir
, upper
);
270 unlock_rename(workdir
, upperdir
);
272 /* dentry's upper doesn't match now, get rid of it */
278 ovl_cleanup(wdir
, opaquedir
);
282 unlock_rename(workdir
, upperdir
);
287 static struct dentry
*ovl_check_empty_and_clear(struct dentry
*dentry
)
290 struct dentry
*ret
= NULL
;
293 err
= ovl_check_empty_dir(dentry
, &list
);
298 * If no upperdentry then skip clearing whiteouts.
300 * Can race with copy-up, since we don't hold the upperdir
301 * mutex. Doesn't matter, since copy-up can't create a
302 * non-empty directory from an empty one.
304 if (ovl_dentry_upper(dentry
))
305 ret
= ovl_clear_empty(dentry
, &list
);
308 ovl_cache_free(&list
);
313 static int ovl_create_over_whiteout(struct dentry
*dentry
, struct inode
*inode
,
314 struct kstat
*stat
, const char *link
,
315 struct dentry
*hardlink
)
317 struct dentry
*workdir
= ovl_workdir(dentry
);
318 struct inode
*wdir
= workdir
->d_inode
;
319 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
320 struct inode
*udir
= upperdir
->d_inode
;
321 struct dentry
*upper
;
322 struct dentry
*newdentry
;
325 err
= ovl_lock_rename_workdir(workdir
, upperdir
);
329 newdentry
= ovl_lookup_temp(workdir
, dentry
);
330 err
= PTR_ERR(newdentry
);
331 if (IS_ERR(newdentry
))
334 upper
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
336 err
= PTR_ERR(upper
);
340 err
= ovl_create_real(wdir
, newdentry
, stat
, link
, hardlink
, true);
344 if (S_ISDIR(stat
->mode
)) {
345 err
= ovl_set_opaque(newdentry
);
349 err
= ovl_do_rename(wdir
, newdentry
, udir
, upper
,
354 ovl_cleanup(wdir
, upper
);
356 err
= ovl_do_rename(wdir
, newdentry
, udir
, upper
, 0);
360 ovl_dentry_version_inc(dentry
->d_parent
);
361 ovl_dentry_update(dentry
, newdentry
);
362 ovl_copyattr(newdentry
->d_inode
, inode
);
363 d_instantiate(dentry
, inode
);
370 unlock_rename(workdir
, upperdir
);
375 ovl_cleanup(wdir
, newdentry
);
379 static int ovl_create_or_link(struct dentry
*dentry
, int mode
, dev_t rdev
,
380 const char *link
, struct dentry
*hardlink
)
384 struct kstat stat
= {
390 inode
= ovl_new_inode(dentry
->d_sb
, mode
, dentry
->d_fsdata
);
394 err
= ovl_copy_up(dentry
->d_parent
);
398 if (!ovl_dentry_is_opaque(dentry
)) {
399 err
= ovl_create_upper(dentry
, inode
, &stat
, link
, hardlink
);
401 const struct cred
*old_cred
;
402 struct cred
*override_cred
;
405 override_cred
= prepare_creds();
410 * CAP_SYS_ADMIN for setting opaque xattr
411 * CAP_DAC_OVERRIDE for create in workdir, rename
412 * CAP_FOWNER for removing whiteout from sticky dir
414 cap_raise(override_cred
->cap_effective
, CAP_SYS_ADMIN
);
415 cap_raise(override_cred
->cap_effective
, CAP_DAC_OVERRIDE
);
416 cap_raise(override_cred
->cap_effective
, CAP_FOWNER
);
417 old_cred
= override_creds(override_cred
);
419 err
= ovl_create_over_whiteout(dentry
, inode
, &stat
, link
,
422 revert_creds(old_cred
);
423 put_cred(override_cred
);
434 static int ovl_create_object(struct dentry
*dentry
, int mode
, dev_t rdev
,
439 err
= ovl_want_write(dentry
);
441 err
= ovl_create_or_link(dentry
, mode
, rdev
, link
, NULL
);
442 ovl_drop_write(dentry
);
448 static int ovl_create(struct inode
*dir
, struct dentry
*dentry
, umode_t mode
,
451 return ovl_create_object(dentry
, (mode
& 07777) | S_IFREG
, 0, NULL
);
454 static int ovl_mkdir(struct inode
*dir
, struct dentry
*dentry
, umode_t mode
)
456 return ovl_create_object(dentry
, (mode
& 07777) | S_IFDIR
, 0, NULL
);
459 static int ovl_mknod(struct inode
*dir
, struct dentry
*dentry
, umode_t mode
,
462 /* Don't allow creation of "whiteout" on overlay */
463 if (S_ISCHR(mode
) && rdev
== WHITEOUT_DEV
)
466 return ovl_create_object(dentry
, mode
, rdev
, NULL
);
469 static int ovl_symlink(struct inode
*dir
, struct dentry
*dentry
,
472 return ovl_create_object(dentry
, S_IFLNK
, 0, link
);
475 static int ovl_link(struct dentry
*old
, struct inode
*newdir
,
479 struct dentry
*upper
;
481 err
= ovl_want_write(old
);
485 err
= ovl_copy_up(old
);
489 upper
= ovl_dentry_upper(old
);
490 err
= ovl_create_or_link(new, upper
->d_inode
->i_mode
, 0, NULL
, upper
);
498 static int ovl_remove_and_whiteout(struct dentry
*dentry
, bool is_dir
)
500 struct dentry
*workdir
= ovl_workdir(dentry
);
501 struct inode
*wdir
= workdir
->d_inode
;
502 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
503 struct inode
*udir
= upperdir
->d_inode
;
504 struct dentry
*whiteout
;
505 struct dentry
*upper
;
506 struct dentry
*opaquedir
= NULL
;
510 opaquedir
= ovl_check_empty_and_clear(dentry
);
511 err
= PTR_ERR(opaquedir
);
512 if (IS_ERR(opaquedir
))
516 err
= ovl_lock_rename_workdir(workdir
, upperdir
);
520 whiteout
= ovl_whiteout(workdir
, dentry
);
521 err
= PTR_ERR(whiteout
);
522 if (IS_ERR(whiteout
))
525 upper
= ovl_dentry_upper(dentry
);
527 upper
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
529 err
= PTR_ERR(upper
);
533 err
= ovl_do_rename(wdir
, whiteout
, udir
, upper
, 0);
543 if (upper
->d_parent
!= upperdir
)
547 flags
|= RENAME_EXCHANGE
;
549 err
= ovl_do_rename(wdir
, whiteout
, udir
, upper
, flags
);
554 ovl_cleanup(wdir
, upper
);
556 ovl_dentry_version_inc(dentry
->d_parent
);
561 unlock_rename(workdir
, upperdir
);
568 ovl_cleanup(wdir
, whiteout
);
572 static int ovl_remove_upper(struct dentry
*dentry
, bool is_dir
)
574 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
575 struct inode
*dir
= upperdir
->d_inode
;
576 struct dentry
*upper
= ovl_dentry_upper(dentry
);
579 mutex_lock_nested(&dir
->i_mutex
, I_MUTEX_PARENT
);
581 if (upper
->d_parent
== upperdir
) {
582 /* Don't let d_delete() think it can reset d_inode */
585 err
= vfs_rmdir(dir
, upper
);
587 err
= vfs_unlink(dir
, upper
, NULL
);
589 ovl_dentry_version_inc(dentry
->d_parent
);
593 * Keeping this dentry hashed would mean having to release
594 * upperpath/lowerpath, which could only be done if we are the
595 * sole user of this dentry. Too tricky... Just unhash for
599 mutex_unlock(&dir
->i_mutex
);
604 static inline int ovl_check_sticky(struct dentry
*dentry
)
606 struct inode
*dir
= ovl_dentry_real(dentry
->d_parent
)->d_inode
;
607 struct inode
*inode
= ovl_dentry_real(dentry
)->d_inode
;
609 if (check_sticky(dir
, inode
))
615 static int ovl_do_remove(struct dentry
*dentry
, bool is_dir
)
617 enum ovl_path_type type
;
620 err
= ovl_check_sticky(dentry
);
624 err
= ovl_want_write(dentry
);
628 err
= ovl_copy_up(dentry
->d_parent
);
632 type
= ovl_path_type(dentry
);
633 if (type
== OVL_PATH_PURE_UPPER
) {
634 err
= ovl_remove_upper(dentry
, is_dir
);
636 const struct cred
*old_cred
;
637 struct cred
*override_cred
;
640 override_cred
= prepare_creds();
645 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
646 * CAP_DAC_OVERRIDE for create in workdir, rename
647 * CAP_FOWNER for removing whiteout from sticky dir
648 * CAP_FSETID for chmod of opaque dir
649 * CAP_CHOWN for chown of opaque dir
651 cap_raise(override_cred
->cap_effective
, CAP_SYS_ADMIN
);
652 cap_raise(override_cred
->cap_effective
, CAP_DAC_OVERRIDE
);
653 cap_raise(override_cred
->cap_effective
, CAP_FOWNER
);
654 cap_raise(override_cred
->cap_effective
, CAP_FSETID
);
655 cap_raise(override_cred
->cap_effective
, CAP_CHOWN
);
656 old_cred
= override_creds(override_cred
);
658 err
= ovl_remove_and_whiteout(dentry
, is_dir
);
660 revert_creds(old_cred
);
661 put_cred(override_cred
);
664 ovl_drop_write(dentry
);
669 static int ovl_unlink(struct inode
*dir
, struct dentry
*dentry
)
671 return ovl_do_remove(dentry
, false);
674 static int ovl_rmdir(struct inode
*dir
, struct dentry
*dentry
)
676 return ovl_do_remove(dentry
, true);
679 static int ovl_rename2(struct inode
*olddir
, struct dentry
*old
,
680 struct inode
*newdir
, struct dentry
*new,
684 enum ovl_path_type old_type
;
685 enum ovl_path_type new_type
;
686 struct dentry
*old_upperdir
;
687 struct dentry
*new_upperdir
;
688 struct dentry
*olddentry
;
689 struct dentry
*newdentry
;
693 bool new_create
= false;
694 bool cleanup_whiteout
= false;
695 bool overwrite
= !(flags
& RENAME_EXCHANGE
);
696 bool is_dir
= S_ISDIR(old
->d_inode
->i_mode
);
697 bool new_is_dir
= false;
698 struct dentry
*opaquedir
= NULL
;
699 const struct cred
*old_cred
= NULL
;
700 struct cred
*override_cred
= NULL
;
703 if (flags
& ~(RENAME_EXCHANGE
| RENAME_NOREPLACE
))
706 flags
&= ~RENAME_NOREPLACE
;
708 err
= ovl_check_sticky(old
);
712 /* Don't copy up directory trees */
713 old_type
= ovl_path_type(old
);
715 if ((old_type
== OVL_PATH_LOWER
|| old_type
== OVL_PATH_MERGE
) && is_dir
)
719 err
= ovl_check_sticky(new);
723 if (S_ISDIR(new->d_inode
->i_mode
))
726 new_type
= ovl_path_type(new);
728 if (!overwrite
&& (new_type
== OVL_PATH_LOWER
|| new_type
== OVL_PATH_MERGE
) && new_is_dir
)
732 if (new_type
== OVL_PATH_LOWER
&& old_type
== OVL_PATH_LOWER
) {
733 if (ovl_dentry_lower(old
)->d_inode
==
734 ovl_dentry_lower(new)->d_inode
)
737 if (new_type
!= OVL_PATH_LOWER
&& old_type
!= OVL_PATH_LOWER
) {
738 if (ovl_dentry_upper(old
)->d_inode
==
739 ovl_dentry_upper(new)->d_inode
)
743 if (ovl_dentry_is_opaque(new))
744 new_type
= OVL_PATH_UPPER
;
746 new_type
= OVL_PATH_PURE_UPPER
;
749 err
= ovl_want_write(old
);
753 err
= ovl_copy_up(old
);
757 err
= ovl_copy_up(new->d_parent
);
761 err
= ovl_copy_up(new);
766 old_opaque
= old_type
!= OVL_PATH_PURE_UPPER
;
767 new_opaque
= new_type
!= OVL_PATH_PURE_UPPER
;
769 if (old_opaque
|| new_opaque
) {
771 override_cred
= prepare_creds();
776 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
777 * CAP_DAC_OVERRIDE for create in workdir
778 * CAP_FOWNER for removing whiteout from sticky dir
779 * CAP_FSETID for chmod of opaque dir
780 * CAP_CHOWN for chown of opaque dir
782 cap_raise(override_cred
->cap_effective
, CAP_SYS_ADMIN
);
783 cap_raise(override_cred
->cap_effective
, CAP_DAC_OVERRIDE
);
784 cap_raise(override_cred
->cap_effective
, CAP_FOWNER
);
785 cap_raise(override_cred
->cap_effective
, CAP_FSETID
);
786 cap_raise(override_cred
->cap_effective
, CAP_CHOWN
);
787 old_cred
= override_creds(override_cred
);
790 if (overwrite
&& (new_type
== OVL_PATH_LOWER
|| new_type
== OVL_PATH_MERGE
) && new_is_dir
) {
791 opaquedir
= ovl_check_empty_and_clear(new);
792 err
= PTR_ERR(opaquedir
);
793 if (IS_ERR(opaquedir
)) {
795 goto out_revert_creds
;
801 if (new->d_inode
|| !new_opaque
) {
802 /* Whiteout source */
803 flags
|= RENAME_WHITEOUT
;
805 /* Switch whiteouts */
806 flags
|= RENAME_EXCHANGE
;
808 } else if (is_dir
&& !new->d_inode
&& new_opaque
) {
809 flags
|= RENAME_EXCHANGE
;
810 cleanup_whiteout
= true;
814 old_upperdir
= ovl_dentry_upper(old
->d_parent
);
815 new_upperdir
= ovl_dentry_upper(new->d_parent
);
817 trap
= lock_rename(new_upperdir
, old_upperdir
);
819 olddentry
= ovl_dentry_upper(old
);
820 newdentry
= ovl_dentry_upper(new);
823 newdentry
= opaquedir
;
830 newdentry
= lookup_one_len(new->d_name
.name
, new_upperdir
,
832 err
= PTR_ERR(newdentry
);
833 if (IS_ERR(newdentry
))
838 if (olddentry
->d_parent
!= old_upperdir
)
840 if (newdentry
->d_parent
!= new_upperdir
)
842 if (olddentry
== trap
)
844 if (newdentry
== trap
)
847 if (is_dir
&& !old_opaque
&& new_opaque
) {
848 err
= ovl_set_opaque(olddentry
);
852 if (!overwrite
&& new_is_dir
&& old_opaque
&& !new_opaque
) {
853 err
= ovl_set_opaque(newdentry
);
858 if (old_opaque
|| new_opaque
) {
859 err
= ovl_do_rename(old_upperdir
->d_inode
, olddentry
,
860 new_upperdir
->d_inode
, newdentry
,
863 /* No debug for the plain case */
864 BUG_ON(flags
& ~RENAME_EXCHANGE
);
865 err
= vfs_rename(old_upperdir
->d_inode
, olddentry
,
866 new_upperdir
->d_inode
, newdentry
,
871 if (is_dir
&& !old_opaque
&& new_opaque
)
872 ovl_remove_opaque(olddentry
);
873 if (!overwrite
&& new_is_dir
&& old_opaque
&& !new_opaque
)
874 ovl_remove_opaque(newdentry
);
878 if (is_dir
&& old_opaque
&& !new_opaque
)
879 ovl_remove_opaque(olddentry
);
880 if (!overwrite
&& new_is_dir
&& !old_opaque
&& new_opaque
)
881 ovl_remove_opaque(newdentry
);
883 if (old_opaque
!= new_opaque
) {
884 ovl_dentry_set_opaque(old
, new_opaque
);
886 ovl_dentry_set_opaque(new, old_opaque
);
889 if (cleanup_whiteout
)
890 ovl_cleanup(old_upperdir
->d_inode
, newdentry
);
892 ovl_dentry_version_inc(old
->d_parent
);
893 ovl_dentry_version_inc(new->d_parent
);
898 unlock_rename(new_upperdir
, old_upperdir
);
900 if (old_opaque
|| new_opaque
) {
901 revert_creds(old_cred
);
902 put_cred(override_cred
);
911 const struct inode_operations ovl_dir_inode_operations
= {
912 .lookup
= ovl_lookup
,
914 .symlink
= ovl_symlink
,
915 .unlink
= ovl_unlink
,
917 .rename2
= ovl_rename2
,
919 .setattr
= ovl_setattr
,
920 .create
= ovl_create
,
922 .permission
= ovl_permission
,
923 .getattr
= ovl_dir_getattr
,
924 .setxattr
= ovl_setxattr
,
925 .getxattr
= ovl_getxattr
,
926 .listxattr
= ovl_listxattr
,
927 .removexattr
= ovl_removexattr
,