blob: b3fc0a35bf6242b4bc3cfc9144bcc2e3ae638713 [file] [log] [blame]
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001/*
2 *
3 * Copyright (C) 2011 Novell Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
8 */
9
10#include <linux/fs.h>
11#include <linux/namei.h>
12#include <linux/xattr.h>
13#include <linux/security.h>
14#include <linux/cred.h>
15#include "overlayfs.h"
16
17void ovl_cleanup(struct inode *wdir, struct dentry *wdentry)
18{
19 int err;
20
21 dget(wdentry);
David Howellse36cb0b2015-01-29 12:02:35 +000022 if (d_is_dir(wdentry))
Miklos Szeredie9be9d52014-10-24 00:14:38 +020023 err = ovl_do_rmdir(wdir, wdentry);
24 else
25 err = ovl_do_unlink(wdir, wdentry);
26 dput(wdentry);
27
28 if (err) {
29 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
30 wdentry, err);
31 }
32}
33
34struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry)
35{
36 struct dentry *temp;
37 char name[20];
38
39 snprintf(name, sizeof(name), "#%lx", (unsigned long) dentry);
40
41 temp = lookup_one_len(name, workdir, strlen(name));
42 if (!IS_ERR(temp) && temp->d_inode) {
43 pr_err("overlayfs: workdir/%s already exists\n", name);
44 dput(temp);
45 temp = ERR_PTR(-EIO);
46 }
47
48 return temp;
49}
50
51/* caller holds i_mutex on workdir */
52static struct dentry *ovl_whiteout(struct dentry *workdir,
53 struct dentry *dentry)
54{
55 int err;
56 struct dentry *whiteout;
57 struct inode *wdir = workdir->d_inode;
58
59 whiteout = ovl_lookup_temp(workdir, dentry);
60 if (IS_ERR(whiteout))
61 return whiteout;
62
63 err = ovl_do_whiteout(wdir, whiteout);
64 if (err) {
65 dput(whiteout);
66 whiteout = ERR_PTR(err);
67 }
68
69 return whiteout;
70}
71
72int ovl_create_real(struct inode *dir, struct dentry *newdentry,
73 struct kstat *stat, const char *link,
74 struct dentry *hardlink, bool debug)
75{
76 int err;
77
78 if (newdentry->d_inode)
79 return -ESTALE;
80
81 if (hardlink) {
82 err = ovl_do_link(hardlink, dir, newdentry, debug);
83 } else {
84 switch (stat->mode & S_IFMT) {
85 case S_IFREG:
86 err = ovl_do_create(dir, newdentry, stat->mode, debug);
87 break;
88
89 case S_IFDIR:
90 err = ovl_do_mkdir(dir, newdentry, stat->mode, debug);
91 break;
92
93 case S_IFCHR:
94 case S_IFBLK:
95 case S_IFIFO:
96 case S_IFSOCK:
97 err = ovl_do_mknod(dir, newdentry,
98 stat->mode, stat->rdev, debug);
99 break;
100
101 case S_IFLNK:
102 err = ovl_do_symlink(dir, newdentry, link, debug);
103 break;
104
105 default:
106 err = -EPERM;
107 }
108 }
109 if (!err && WARN_ON(!newdentry->d_inode)) {
110 /*
111 * Not quite sure if non-instantiated dentry is legal or not.
112 * VFS doesn't seem to care so check and warn here.
113 */
114 err = -ENOENT;
115 }
116 return err;
117}
118
119static int ovl_set_opaque(struct dentry *upperdentry)
120{
hujianyangcead89b2014-11-24 18:25:21 +0800121 return ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200122}
123
124static void ovl_remove_opaque(struct dentry *upperdentry)
125{
126 int err;
127
hujianyangcead89b2014-11-24 18:25:21 +0800128 err = ovl_do_removexattr(upperdentry, OVL_XATTR_OPAQUE);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200129 if (err) {
130 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n",
131 upperdentry->d_name.name, err);
132 }
133}
134
135static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry,
136 struct kstat *stat)
137{
138 int err;
139 enum ovl_path_type type;
140 struct path realpath;
141
142 type = ovl_path_real(dentry, &realpath);
143 err = vfs_getattr(&realpath, stat);
144 if (err)
145 return err;
146
147 stat->dev = dentry->d_sb->s_dev;
148 stat->ino = dentry->d_inode->i_ino;
149
150 /*
151 * It's probably not worth it to count subdirs to get the
152 * correct link count. nlink=1 seems to pacify 'find' and
153 * other utilities.
154 */
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100155 if (OVL_TYPE_MERGE(type))
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200156 stat->nlink = 1;
157
158 return 0;
159}
160
161static int ovl_create_upper(struct dentry *dentry, struct inode *inode,
162 struct kstat *stat, const char *link,
163 struct dentry *hardlink)
164{
165 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
166 struct inode *udir = upperdir->d_inode;
167 struct dentry *newdentry;
168 int err;
169
Al Viro59551022016-01-22 15:40:57 -0500170 inode_lock_nested(udir, I_MUTEX_PARENT);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200171 newdentry = lookup_one_len(dentry->d_name.name, upperdir,
172 dentry->d_name.len);
173 err = PTR_ERR(newdentry);
174 if (IS_ERR(newdentry))
175 goto out_unlock;
176 err = ovl_create_real(udir, newdentry, stat, link, hardlink, false);
177 if (err)
178 goto out_dput;
179
180 ovl_dentry_version_inc(dentry->d_parent);
181 ovl_dentry_update(dentry, newdentry);
182 ovl_copyattr(newdentry->d_inode, inode);
183 d_instantiate(dentry, inode);
184 newdentry = NULL;
185out_dput:
186 dput(newdentry);
187out_unlock:
Al Viro59551022016-01-22 15:40:57 -0500188 inode_unlock(udir);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200189 return err;
190}
191
192static int ovl_lock_rename_workdir(struct dentry *workdir,
193 struct dentry *upperdir)
194{
195 /* Workdir should not be the same as upperdir */
196 if (workdir == upperdir)
197 goto err;
198
199 /* Workdir should not be subdir of upperdir and vice versa */
200 if (lock_rename(workdir, upperdir) != NULL)
201 goto err_unlock;
202
203 return 0;
204
205err_unlock:
206 unlock_rename(workdir, upperdir);
207err:
208 pr_err("overlayfs: failed to lock workdir+upperdir\n");
209 return -EIO;
210}
211
212static struct dentry *ovl_clear_empty(struct dentry *dentry,
213 struct list_head *list)
214{
215 struct dentry *workdir = ovl_workdir(dentry);
216 struct inode *wdir = workdir->d_inode;
217 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
218 struct inode *udir = upperdir->d_inode;
219 struct path upperpath;
220 struct dentry *upper;
221 struct dentry *opaquedir;
222 struct kstat stat;
223 int err;
224
Miklos Szeredicc6f67b2015-05-19 14:30:12 +0200225 if (WARN_ON(!workdir))
226 return ERR_PTR(-EROFS);
227
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200228 err = ovl_lock_rename_workdir(workdir, upperdir);
229 if (err)
230 goto out;
231
232 ovl_path_upper(dentry, &upperpath);
233 err = vfs_getattr(&upperpath, &stat);
234 if (err)
235 goto out_unlock;
236
237 err = -ESTALE;
238 if (!S_ISDIR(stat.mode))
239 goto out_unlock;
240 upper = upperpath.dentry;
241 if (upper->d_parent->d_inode != udir)
242 goto out_unlock;
243
244 opaquedir = ovl_lookup_temp(workdir, dentry);
245 err = PTR_ERR(opaquedir);
246 if (IS_ERR(opaquedir))
247 goto out_unlock;
248
249 err = ovl_create_real(wdir, opaquedir, &stat, NULL, NULL, true);
250 if (err)
251 goto out_dput;
252
253 err = ovl_copy_xattr(upper, opaquedir);
254 if (err)
255 goto out_cleanup;
256
257 err = ovl_set_opaque(opaquedir);
258 if (err)
259 goto out_cleanup;
260
Al Viro59551022016-01-22 15:40:57 -0500261 inode_lock(opaquedir->d_inode);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200262 err = ovl_set_attr(opaquedir, &stat);
Al Viro59551022016-01-22 15:40:57 -0500263 inode_unlock(opaquedir->d_inode);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200264 if (err)
265 goto out_cleanup;
266
267 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE);
268 if (err)
269 goto out_cleanup;
270
271 ovl_cleanup_whiteouts(upper, list);
272 ovl_cleanup(wdir, upper);
273 unlock_rename(workdir, upperdir);
274
275 /* dentry's upper doesn't match now, get rid of it */
276 d_drop(dentry);
277
278 return opaquedir;
279
280out_cleanup:
281 ovl_cleanup(wdir, opaquedir);
282out_dput:
283 dput(opaquedir);
284out_unlock:
285 unlock_rename(workdir, upperdir);
286out:
287 return ERR_PTR(err);
288}
289
Miklos Szeredia105d682014-11-20 16:39:59 +0100290static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry)
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200291{
292 int err;
293 struct dentry *ret = NULL;
294 LIST_HEAD(list);
295
296 err = ovl_check_empty_dir(dentry, &list);
297 if (err)
298 ret = ERR_PTR(err);
Miklos Szeredia105d682014-11-20 16:39:59 +0100299 else {
300 /*
301 * If no upperdentry then skip clearing whiteouts.
302 *
303 * Can race with copy-up, since we don't hold the upperdir
304 * mutex. Doesn't matter, since copy-up can't create a
305 * non-empty directory from an empty one.
306 */
307 if (ovl_dentry_upper(dentry))
308 ret = ovl_clear_empty(dentry, &list);
309 }
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200310
311 ovl_cache_free(&list);
312
313 return ret;
314}
315
316static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode,
317 struct kstat *stat, const char *link,
318 struct dentry *hardlink)
319{
320 struct dentry *workdir = ovl_workdir(dentry);
321 struct inode *wdir = workdir->d_inode;
322 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
323 struct inode *udir = upperdir->d_inode;
324 struct dentry *upper;
325 struct dentry *newdentry;
326 int err;
327
Miklos Szeredicc6f67b2015-05-19 14:30:12 +0200328 if (WARN_ON(!workdir))
329 return -EROFS;
330
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200331 err = ovl_lock_rename_workdir(workdir, upperdir);
332 if (err)
333 goto out;
334
335 newdentry = ovl_lookup_temp(workdir, dentry);
336 err = PTR_ERR(newdentry);
337 if (IS_ERR(newdentry))
338 goto out_unlock;
339
340 upper = lookup_one_len(dentry->d_name.name, upperdir,
341 dentry->d_name.len);
342 err = PTR_ERR(upper);
343 if (IS_ERR(upper))
344 goto out_dput;
345
346 err = ovl_create_real(wdir, newdentry, stat, link, hardlink, true);
347 if (err)
348 goto out_dput2;
349
350 if (S_ISDIR(stat->mode)) {
351 err = ovl_set_opaque(newdentry);
352 if (err)
353 goto out_cleanup;
354
355 err = ovl_do_rename(wdir, newdentry, udir, upper,
356 RENAME_EXCHANGE);
357 if (err)
358 goto out_cleanup;
359
360 ovl_cleanup(wdir, upper);
361 } else {
362 err = ovl_do_rename(wdir, newdentry, udir, upper, 0);
363 if (err)
364 goto out_cleanup;
365 }
366 ovl_dentry_version_inc(dentry->d_parent);
367 ovl_dentry_update(dentry, newdentry);
368 ovl_copyattr(newdentry->d_inode, inode);
369 d_instantiate(dentry, inode);
370 newdentry = NULL;
371out_dput2:
372 dput(upper);
373out_dput:
374 dput(newdentry);
375out_unlock:
376 unlock_rename(workdir, upperdir);
377out:
378 return err;
379
380out_cleanup:
381 ovl_cleanup(wdir, newdentry);
382 goto out_dput2;
383}
384
385static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev,
386 const char *link, struct dentry *hardlink)
387{
388 int err;
389 struct inode *inode;
390 struct kstat stat = {
391 .mode = mode,
392 .rdev = rdev,
393 };
394
395 err = -ENOMEM;
396 inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata);
397 if (!inode)
398 goto out;
399
400 err = ovl_copy_up(dentry->d_parent);
401 if (err)
402 goto out_iput;
403
404 if (!ovl_dentry_is_opaque(dentry)) {
405 err = ovl_create_upper(dentry, inode, &stat, link, hardlink);
406 } else {
407 const struct cred *old_cred;
408 struct cred *override_cred;
409
410 err = -ENOMEM;
411 override_cred = prepare_creds();
412 if (!override_cred)
413 goto out_iput;
414
415 /*
416 * CAP_SYS_ADMIN for setting opaque xattr
417 * CAP_DAC_OVERRIDE for create in workdir, rename
418 * CAP_FOWNER for removing whiteout from sticky dir
419 */
420 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
421 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
422 cap_raise(override_cred->cap_effective, CAP_FOWNER);
423 old_cred = override_creds(override_cred);
424
425 err = ovl_create_over_whiteout(dentry, inode, &stat, link,
426 hardlink);
427
428 revert_creds(old_cred);
429 put_cred(override_cred);
430 }
431
432 if (!err)
433 inode = NULL;
434out_iput:
435 iput(inode);
436out:
437 return err;
438}
439
440static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
441 const char *link)
442{
443 int err;
444
445 err = ovl_want_write(dentry);
446 if (!err) {
447 err = ovl_create_or_link(dentry, mode, rdev, link, NULL);
448 ovl_drop_write(dentry);
449 }
450
451 return err;
452}
453
454static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode,
455 bool excl)
456{
457 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
458}
459
460static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
461{
462 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
463}
464
465static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode,
466 dev_t rdev)
467{
468 /* Don't allow creation of "whiteout" on overlay */
469 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV)
470 return -EPERM;
471
472 return ovl_create_object(dentry, mode, rdev, NULL);
473}
474
475static int ovl_symlink(struct inode *dir, struct dentry *dentry,
476 const char *link)
477{
478 return ovl_create_object(dentry, S_IFLNK, 0, link);
479}
480
481static int ovl_link(struct dentry *old, struct inode *newdir,
482 struct dentry *new)
483{
484 int err;
485 struct dentry *upper;
486
487 err = ovl_want_write(old);
488 if (err)
489 goto out;
490
491 err = ovl_copy_up(old);
492 if (err)
493 goto out_drop_write;
494
495 upper = ovl_dentry_upper(old);
496 err = ovl_create_or_link(new, upper->d_inode->i_mode, 0, NULL, upper);
497
498out_drop_write:
499 ovl_drop_write(old);
500out:
501 return err;
502}
503
Miklos Szeredia105d682014-11-20 16:39:59 +0100504static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir)
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200505{
506 struct dentry *workdir = ovl_workdir(dentry);
507 struct inode *wdir = workdir->d_inode;
508 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
509 struct inode *udir = upperdir->d_inode;
510 struct dentry *whiteout;
511 struct dentry *upper;
512 struct dentry *opaquedir = NULL;
513 int err;
514
Miklos Szeredicc6f67b2015-05-19 14:30:12 +0200515 if (WARN_ON(!workdir))
516 return -EROFS;
517
Miklos Szeredid377c5e2015-05-14 10:04:44 +0200518 if (is_dir) {
519 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry))) {
520 opaquedir = ovl_check_empty_and_clear(dentry);
521 err = PTR_ERR(opaquedir);
522 if (IS_ERR(opaquedir))
523 goto out;
524 } else {
525 LIST_HEAD(list);
526
527 /*
528 * When removing an empty opaque directory, then it
529 * makes no sense to replace it with an exact replica of
530 * itself. But emptiness still needs to be checked.
531 */
532 err = ovl_check_empty_dir(dentry, &list);
533 ovl_cache_free(&list);
534 if (err)
535 goto out;
536 }
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200537 }
538
539 err = ovl_lock_rename_workdir(workdir, upperdir);
540 if (err)
541 goto out_dput;
542
543 whiteout = ovl_whiteout(workdir, dentry);
544 err = PTR_ERR(whiteout);
545 if (IS_ERR(whiteout))
546 goto out_unlock;
547
Miklos Szeredia105d682014-11-20 16:39:59 +0100548 upper = ovl_dentry_upper(dentry);
549 if (!upper) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200550 upper = lookup_one_len(dentry->d_name.name, upperdir,
Miklos Szeredia105d682014-11-20 16:39:59 +0100551 dentry->d_name.len);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200552 err = PTR_ERR(upper);
553 if (IS_ERR(upper))
554 goto kill_whiteout;
555
556 err = ovl_do_rename(wdir, whiteout, udir, upper, 0);
557 dput(upper);
558 if (err)
559 goto kill_whiteout;
560 } else {
561 int flags = 0;
562
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200563 if (opaquedir)
564 upper = opaquedir;
565 err = -ESTALE;
566 if (upper->d_parent != upperdir)
567 goto kill_whiteout;
568
569 if (is_dir)
570 flags |= RENAME_EXCHANGE;
571
572 err = ovl_do_rename(wdir, whiteout, udir, upper, flags);
573 if (err)
574 goto kill_whiteout;
575
576 if (is_dir)
577 ovl_cleanup(wdir, upper);
578 }
579 ovl_dentry_version_inc(dentry->d_parent);
580out_d_drop:
581 d_drop(dentry);
582 dput(whiteout);
583out_unlock:
584 unlock_rename(workdir, upperdir);
585out_dput:
586 dput(opaquedir);
587out:
588 return err;
589
590kill_whiteout:
591 ovl_cleanup(wdir, whiteout);
592 goto out_d_drop;
593}
594
595static int ovl_remove_upper(struct dentry *dentry, bool is_dir)
596{
597 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
598 struct inode *dir = upperdir->d_inode;
Miklos Szeredi11f37102016-03-21 17:31:44 +0100599 struct dentry *upper;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200600 int err;
601
Al Viro59551022016-01-22 15:40:57 -0500602 inode_lock_nested(dir, I_MUTEX_PARENT);
Miklos Szeredi11f37102016-03-21 17:31:44 +0100603 upper = lookup_one_len(dentry->d_name.name, upperdir,
604 dentry->d_name.len);
605 err = PTR_ERR(upper);
606 if (IS_ERR(upper))
607 goto out_unlock;
608
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200609 err = -ESTALE;
Miklos Szeredi11f37102016-03-21 17:31:44 +0100610 if (upper == ovl_dentry_upper(dentry)) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200611 if (is_dir)
612 err = vfs_rmdir(dir, upper);
613 else
614 err = vfs_unlink(dir, upper, NULL);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200615 ovl_dentry_version_inc(dentry->d_parent);
616 }
Miklos Szeredi11f37102016-03-21 17:31:44 +0100617 dput(upper);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200618
619 /*
620 * Keeping this dentry hashed would mean having to release
621 * upperpath/lowerpath, which could only be done if we are the
622 * sole user of this dentry. Too tricky... Just unhash for
623 * now.
624 */
Rui Wangce9113b2016-01-08 23:09:59 +0800625 if (!err)
626 d_drop(dentry);
Miklos Szeredi11f37102016-03-21 17:31:44 +0100627out_unlock:
Al Viro59551022016-01-22 15:40:57 -0500628 inode_unlock(dir);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200629
630 return err;
631}
632
633static inline int ovl_check_sticky(struct dentry *dentry)
634{
635 struct inode *dir = ovl_dentry_real(dentry->d_parent)->d_inode;
636 struct inode *inode = ovl_dentry_real(dentry)->d_inode;
637
638 if (check_sticky(dir, inode))
639 return -EPERM;
640
641 return 0;
642}
643
644static int ovl_do_remove(struct dentry *dentry, bool is_dir)
645{
646 enum ovl_path_type type;
647 int err;
648
649 err = ovl_check_sticky(dentry);
650 if (err)
651 goto out;
652
653 err = ovl_want_write(dentry);
654 if (err)
655 goto out;
656
657 err = ovl_copy_up(dentry->d_parent);
658 if (err)
659 goto out_drop_write;
660
661 type = ovl_path_type(dentry);
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100662 if (OVL_TYPE_PURE_UPPER(type)) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200663 err = ovl_remove_upper(dentry, is_dir);
664 } else {
665 const struct cred *old_cred;
666 struct cred *override_cred;
667
668 err = -ENOMEM;
669 override_cred = prepare_creds();
670 if (!override_cred)
671 goto out_drop_write;
672
673 /*
674 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
675 * CAP_DAC_OVERRIDE for create in workdir, rename
676 * CAP_FOWNER for removing whiteout from sticky dir
677 * CAP_FSETID for chmod of opaque dir
678 * CAP_CHOWN for chown of opaque dir
679 */
680 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
681 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
682 cap_raise(override_cred->cap_effective, CAP_FOWNER);
683 cap_raise(override_cred->cap_effective, CAP_FSETID);
684 cap_raise(override_cred->cap_effective, CAP_CHOWN);
685 old_cred = override_creds(override_cred);
686
Miklos Szeredia105d682014-11-20 16:39:59 +0100687 err = ovl_remove_and_whiteout(dentry, is_dir);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200688
689 revert_creds(old_cred);
690 put_cred(override_cred);
691 }
692out_drop_write:
693 ovl_drop_write(dentry);
694out:
695 return err;
696}
697
698static int ovl_unlink(struct inode *dir, struct dentry *dentry)
699{
700 return ovl_do_remove(dentry, false);
701}
702
703static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
704{
705 return ovl_do_remove(dentry, true);
706}
707
708static int ovl_rename2(struct inode *olddir, struct dentry *old,
709 struct inode *newdir, struct dentry *new,
710 unsigned int flags)
711{
712 int err;
713 enum ovl_path_type old_type;
714 enum ovl_path_type new_type;
715 struct dentry *old_upperdir;
716 struct dentry *new_upperdir;
717 struct dentry *olddentry;
718 struct dentry *newdentry;
719 struct dentry *trap;
720 bool old_opaque;
721 bool new_opaque;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200722 bool cleanup_whiteout = false;
723 bool overwrite = !(flags & RENAME_EXCHANGE);
David Howellse36cb0b2015-01-29 12:02:35 +0000724 bool is_dir = d_is_dir(old);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200725 bool new_is_dir = false;
726 struct dentry *opaquedir = NULL;
727 const struct cred *old_cred = NULL;
728 struct cred *override_cred = NULL;
729
730 err = -EINVAL;
731 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
732 goto out;
733
734 flags &= ~RENAME_NOREPLACE;
735
736 err = ovl_check_sticky(old);
737 if (err)
738 goto out;
739
740 /* Don't copy up directory trees */
741 old_type = ovl_path_type(old);
742 err = -EXDEV;
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100743 if (OVL_TYPE_MERGE_OR_LOWER(old_type) && is_dir)
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200744 goto out;
745
746 if (new->d_inode) {
747 err = ovl_check_sticky(new);
748 if (err)
749 goto out;
750
David Howellse36cb0b2015-01-29 12:02:35 +0000751 if (d_is_dir(new))
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200752 new_is_dir = true;
753
754 new_type = ovl_path_type(new);
755 err = -EXDEV;
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100756 if (!overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir)
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200757 goto out;
758
759 err = 0;
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100760 if (!OVL_TYPE_UPPER(new_type) && !OVL_TYPE_UPPER(old_type)) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200761 if (ovl_dentry_lower(old)->d_inode ==
762 ovl_dentry_lower(new)->d_inode)
763 goto out;
764 }
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100765 if (OVL_TYPE_UPPER(new_type) && OVL_TYPE_UPPER(old_type)) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200766 if (ovl_dentry_upper(old)->d_inode ==
767 ovl_dentry_upper(new)->d_inode)
768 goto out;
769 }
770 } else {
771 if (ovl_dentry_is_opaque(new))
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100772 new_type = __OVL_PATH_UPPER;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200773 else
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100774 new_type = __OVL_PATH_UPPER | __OVL_PATH_PURE;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200775 }
776
777 err = ovl_want_write(old);
778 if (err)
779 goto out;
780
781 err = ovl_copy_up(old);
782 if (err)
783 goto out_drop_write;
784
785 err = ovl_copy_up(new->d_parent);
786 if (err)
787 goto out_drop_write;
788 if (!overwrite) {
789 err = ovl_copy_up(new);
790 if (err)
791 goto out_drop_write;
792 }
793
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100794 old_opaque = !OVL_TYPE_PURE_UPPER(old_type);
795 new_opaque = !OVL_TYPE_PURE_UPPER(new_type);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200796
797 if (old_opaque || new_opaque) {
798 err = -ENOMEM;
799 override_cred = prepare_creds();
800 if (!override_cred)
801 goto out_drop_write;
802
803 /*
804 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
805 * CAP_DAC_OVERRIDE for create in workdir
806 * CAP_FOWNER for removing whiteout from sticky dir
807 * CAP_FSETID for chmod of opaque dir
808 * CAP_CHOWN for chown of opaque dir
809 */
810 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
811 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
812 cap_raise(override_cred->cap_effective, CAP_FOWNER);
813 cap_raise(override_cred->cap_effective, CAP_FSETID);
814 cap_raise(override_cred->cap_effective, CAP_CHOWN);
815 old_cred = override_creds(override_cred);
816 }
817
Miklos Szeredi1afaba12014-12-13 00:59:42 +0100818 if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) {
Miklos Szeredia105d682014-11-20 16:39:59 +0100819 opaquedir = ovl_check_empty_and_clear(new);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200820 err = PTR_ERR(opaquedir);
821 if (IS_ERR(opaquedir)) {
822 opaquedir = NULL;
823 goto out_revert_creds;
824 }
825 }
826
827 if (overwrite) {
828 if (old_opaque) {
829 if (new->d_inode || !new_opaque) {
830 /* Whiteout source */
831 flags |= RENAME_WHITEOUT;
832 } else {
833 /* Switch whiteouts */
834 flags |= RENAME_EXCHANGE;
835 }
836 } else if (is_dir && !new->d_inode && new_opaque) {
837 flags |= RENAME_EXCHANGE;
838 cleanup_whiteout = true;
839 }
840 }
841
842 old_upperdir = ovl_dentry_upper(old->d_parent);
843 new_upperdir = ovl_dentry_upper(new->d_parent);
844
845 trap = lock_rename(new_upperdir, old_upperdir);
846
Miklos Szeredi11f37102016-03-21 17:31:44 +0100847
848 olddentry = lookup_one_len(old->d_name.name, old_upperdir,
849 old->d_name.len);
850 err = PTR_ERR(olddentry);
851 if (IS_ERR(olddentry))
852 goto out_unlock;
853
854 err = -ESTALE;
855 if (olddentry != ovl_dentry_upper(old))
856 goto out_dput_old;
857
858 newdentry = lookup_one_len(new->d_name.name, new_upperdir,
859 new->d_name.len);
860 err = PTR_ERR(newdentry);
861 if (IS_ERR(newdentry))
862 goto out_dput_old;
863
864 err = -ESTALE;
865 if (ovl_dentry_upper(new)) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200866 if (opaquedir) {
Miklos Szeredi11f37102016-03-21 17:31:44 +0100867 if (newdentry != opaquedir)
868 goto out_dput;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200869 } else {
Miklos Szeredi11f37102016-03-21 17:31:44 +0100870 if (newdentry != ovl_dentry_upper(new))
871 goto out_dput;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200872 }
873 } else {
Miklos Szeredi11f37102016-03-21 17:31:44 +0100874 if (!d_is_negative(newdentry) &&
875 (!new_opaque || !ovl_is_whiteout(newdentry)))
876 goto out_dput;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200877 }
878
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200879 if (olddentry == trap)
880 goto out_dput;
881 if (newdentry == trap)
882 goto out_dput;
883
884 if (is_dir && !old_opaque && new_opaque) {
885 err = ovl_set_opaque(olddentry);
886 if (err)
887 goto out_dput;
888 }
889 if (!overwrite && new_is_dir && old_opaque && !new_opaque) {
890 err = ovl_set_opaque(newdentry);
891 if (err)
892 goto out_dput;
893 }
894
895 if (old_opaque || new_opaque) {
896 err = ovl_do_rename(old_upperdir->d_inode, olddentry,
897 new_upperdir->d_inode, newdentry,
898 flags);
899 } else {
900 /* No debug for the plain case */
901 BUG_ON(flags & ~RENAME_EXCHANGE);
902 err = vfs_rename(old_upperdir->d_inode, olddentry,
903 new_upperdir->d_inode, newdentry,
904 NULL, flags);
905 }
906
907 if (err) {
908 if (is_dir && !old_opaque && new_opaque)
909 ovl_remove_opaque(olddentry);
910 if (!overwrite && new_is_dir && old_opaque && !new_opaque)
911 ovl_remove_opaque(newdentry);
912 goto out_dput;
913 }
914
915 if (is_dir && old_opaque && !new_opaque)
916 ovl_remove_opaque(olddentry);
917 if (!overwrite && new_is_dir && !old_opaque && new_opaque)
918 ovl_remove_opaque(newdentry);
919
Konstantin Khlebnikov45d11732016-01-31 16:17:53 +0300920 /*
921 * Old dentry now lives in different location. Dentries in
922 * lowerstack are stale. We cannot drop them here because
923 * access to them is lockless. This could be only pure upper
924 * or opaque directory - numlower is zero. Or upper non-dir
925 * entry - its pureness is tracked by flag opaque.
926 */
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200927 if (old_opaque != new_opaque) {
928 ovl_dentry_set_opaque(old, new_opaque);
929 if (!overwrite)
930 ovl_dentry_set_opaque(new, old_opaque);
931 }
932
933 if (cleanup_whiteout)
934 ovl_cleanup(old_upperdir->d_inode, newdentry);
935
936 ovl_dentry_version_inc(old->d_parent);
937 ovl_dentry_version_inc(new->d_parent);
938
939out_dput:
940 dput(newdentry);
Miklos Szeredi11f37102016-03-21 17:31:44 +0100941out_dput_old:
942 dput(olddentry);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200943out_unlock:
944 unlock_rename(new_upperdir, old_upperdir);
945out_revert_creds:
946 if (old_opaque || new_opaque) {
947 revert_creds(old_cred);
948 put_cred(override_cred);
949 }
950out_drop_write:
951 ovl_drop_write(old);
952out:
953 dput(opaquedir);
954 return err;
955}
956
957const struct inode_operations ovl_dir_inode_operations = {
958 .lookup = ovl_lookup,
959 .mkdir = ovl_mkdir,
960 .symlink = ovl_symlink,
961 .unlink = ovl_unlink,
962 .rmdir = ovl_rmdir,
963 .rename2 = ovl_rename2,
964 .link = ovl_link,
965 .setattr = ovl_setattr,
966 .create = ovl_create,
967 .mknod = ovl_mknod,
968 .permission = ovl_permission,
969 .getattr = ovl_dir_getattr,
970 .setxattr = ovl_setxattr,
971 .getxattr = ovl_getxattr,
972 .listxattr = ovl_listxattr,
973 .removexattr = ovl_removexattr,
974};