1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 *
4 * Copyright (C) 2011 Novell Inc.
5 */
6
7 #include <linux/module.h>
8 #include <linux/fs.h>
9 #include <linux/slab.h>
10 #include <linux/file.h>
11 #include <linux/splice.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/uaccess.h>
15 #include <linux/sched/signal.h>
16 #include <linux/cred.h>
17 #include <linux/namei.h>
18 #include <linux/fdtable.h>
19 #include <linux/ratelimit.h>
20 #include <linux/exportfs.h>
21 #include "overlayfs.h"
22
23 #define OVL_COPY_UP_CHUNK_SIZE (1 << 20)
24
ovl_ccup_set(const char * buf,const struct kernel_param * param)25 static int ovl_ccup_set(const char *buf, const struct kernel_param *param)
26 {
27 pr_warn("overlayfs: \"check_copy_up\" module option is obsolete\n");
28 return 0;
29 }
30
ovl_ccup_get(char * buf,const struct kernel_param * param)31 static int ovl_ccup_get(char *buf, const struct kernel_param *param)
32 {
33 return sprintf(buf, "N\n");
34 }
35
36 module_param_call(check_copy_up, ovl_ccup_set, ovl_ccup_get, NULL, 0644);
37 MODULE_PARM_DESC(check_copy_up, "Obsolete; does nothing");
38
ovl_copy_xattr(struct dentry * old,struct dentry * new)39 int ovl_copy_xattr(struct dentry *old, struct dentry *new)
40 {
41 ssize_t list_size, size, value_size = 0;
42 char *buf, *name, *value = NULL;
43 int error = 0;
44 size_t slen;
45
46 if (!(old->d_inode->i_opflags & IOP_XATTR) ||
47 !(new->d_inode->i_opflags & IOP_XATTR))
48 return 0;
49
50 list_size = vfs_listxattr(old, NULL, 0);
51 if (list_size <= 0) {
52 if (list_size == -EOPNOTSUPP)
53 return 0;
54 return list_size;
55 }
56
57 buf = kzalloc(list_size, GFP_KERNEL);
58 if (!buf)
59 return -ENOMEM;
60
61 list_size = vfs_listxattr(old, buf, list_size);
62 if (list_size <= 0) {
63 error = list_size;
64 goto out;
65 }
66
67 for (name = buf; list_size; name += slen) {
68 slen = strnlen(name, list_size) + 1;
69
70 /* underlying fs providing us with an broken xattr list? */
71 if (WARN_ON(slen > list_size)) {
72 error = -EIO;
73 break;
74 }
75 list_size -= slen;
76
77 if (ovl_is_private_xattr(name))
78 continue;
79
80 error = security_inode_copy_up_xattr(name);
81 if (error < 0 && error != -EOPNOTSUPP)
82 break;
83 if (error == 1) {
84 error = 0;
85 continue; /* Discard */
86 }
87 retry:
88 size = vfs_getxattr(old, name, value, value_size);
89 if (size == -ERANGE)
90 size = vfs_getxattr(old, name, NULL, 0);
91
92 if (size < 0) {
93 error = size;
94 break;
95 }
96
97 if (size > value_size) {
98 void *new;
99
100 new = krealloc(value, size, GFP_KERNEL);
101 if (!new) {
102 error = -ENOMEM;
103 break;
104 }
105 value = new;
106 value_size = size;
107 goto retry;
108 }
109
110 error = vfs_setxattr(new, name, value, size, 0);
111 if (error)
112 break;
113 }
114 kfree(value);
115 out:
116 kfree(buf);
117 return error;
118 }
119
ovl_copy_up_data(struct path * old,struct path * new,loff_t len)120 static int ovl_copy_up_data(struct path *old, struct path *new, loff_t len)
121 {
122 struct file *old_file;
123 struct file *new_file;
124 loff_t old_pos = 0;
125 loff_t new_pos = 0;
126 loff_t cloned;
127 int error = 0;
128
129 if (len == 0)
130 return 0;
131
132 old_file = ovl_path_open(old, O_LARGEFILE | O_RDONLY);
133 if (IS_ERR(old_file))
134 return PTR_ERR(old_file);
135
136 new_file = ovl_path_open(new, O_LARGEFILE | O_WRONLY);
137 if (IS_ERR(new_file)) {
138 error = PTR_ERR(new_file);
139 goto out_fput;
140 }
141
142 /* Try to use clone_file_range to clone up within the same fs */
143 cloned = do_clone_file_range(old_file, 0, new_file, 0, len, 0);
144 if (cloned == len)
145 goto out;
146 /* Couldn't clone, so now we try to copy the data */
147
148 /* FIXME: copy up sparse files efficiently */
149 while (len) {
150 size_t this_len = OVL_COPY_UP_CHUNK_SIZE;
151 long bytes;
152
153 if (len < this_len)
154 this_len = len;
155
156 if (signal_pending_state(TASK_KILLABLE, current)) {
157 error = -EINTR;
158 break;
159 }
160
161 bytes = do_splice_direct(old_file, &old_pos,
162 new_file, &new_pos,
163 this_len, SPLICE_F_MOVE);
164 if (bytes <= 0) {
165 error = bytes;
166 break;
167 }
168 WARN_ON(old_pos != new_pos);
169
170 len -= bytes;
171 }
172 out:
173 if (!error)
174 error = vfs_fsync(new_file, 0);
175 fput(new_file);
176 out_fput:
177 fput(old_file);
178 return error;
179 }
180
ovl_set_size(struct dentry * upperdentry,struct kstat * stat)181 static int ovl_set_size(struct dentry *upperdentry, struct kstat *stat)
182 {
183 struct iattr attr = {
184 .ia_valid = ATTR_SIZE,
185 .ia_size = stat->size,
186 };
187
188 return notify_change(upperdentry, &attr, NULL);
189 }
190
ovl_set_timestamps(struct dentry * upperdentry,struct kstat * stat)191 static int ovl_set_timestamps(struct dentry *upperdentry, struct kstat *stat)
192 {
193 struct iattr attr = {
194 .ia_valid =
195 ATTR_ATIME | ATTR_MTIME | ATTR_ATIME_SET | ATTR_MTIME_SET | ATTR_CTIME,
196 .ia_atime = stat->atime,
197 .ia_mtime = stat->mtime,
198 };
199
200 return notify_change(upperdentry, &attr, NULL);
201 }
202
ovl_set_attr(struct dentry * upperdentry,struct kstat * stat)203 int ovl_set_attr(struct dentry *upperdentry, struct kstat *stat)
204 {
205 int err = 0;
206
207 if (!S_ISLNK(stat->mode)) {
208 struct iattr attr = {
209 .ia_valid = ATTR_MODE,
210 .ia_mode = stat->mode,
211 };
212 err = notify_change(upperdentry, &attr, NULL);
213 }
214 if (!err) {
215 struct iattr attr = {
216 .ia_valid = ATTR_UID | ATTR_GID,
217 .ia_uid = stat->uid,
218 .ia_gid = stat->gid,
219 };
220 err = notify_change(upperdentry, &attr, NULL);
221 }
222 if (!err)
223 ovl_set_timestamps(upperdentry, stat);
224
225 return err;
226 }
227
ovl_encode_real_fh(struct dentry * real,bool is_upper)228 struct ovl_fh *ovl_encode_real_fh(struct dentry *real, bool is_upper)
229 {
230 struct ovl_fh *fh;
231 int fh_type, fh_len, dwords;
232 void *buf;
233 int buflen = MAX_HANDLE_SZ;
234 uuid_t *uuid = &real->d_sb->s_uuid;
235
236 buf = kmalloc(buflen, GFP_KERNEL);
237 if (!buf)
238 return ERR_PTR(-ENOMEM);
239
240 /*
241 * We encode a non-connectable file handle for non-dir, because we
242 * only need to find the lower inode number and we don't want to pay
243 * the price or reconnecting the dentry.
244 */
245 dwords = buflen >> 2;
246 fh_type = exportfs_encode_fh(real, buf, &dwords, 0);
247 buflen = (dwords << 2);
248
249 fh = ERR_PTR(-EIO);
250 if (WARN_ON(fh_type < 0) ||
251 WARN_ON(buflen > MAX_HANDLE_SZ) ||
252 WARN_ON(fh_type == FILEID_INVALID))
253 goto out;
254
255 BUILD_BUG_ON(MAX_HANDLE_SZ + offsetof(struct ovl_fh, fid) > 255);
256 fh_len = offsetof(struct ovl_fh, fid) + buflen;
257 fh = kmalloc(fh_len, GFP_KERNEL);
258 if (!fh) {
259 fh = ERR_PTR(-ENOMEM);
260 goto out;
261 }
262
263 fh->version = OVL_FH_VERSION;
264 fh->magic = OVL_FH_MAGIC;
265 fh->type = fh_type;
266 fh->flags = OVL_FH_FLAG_CPU_ENDIAN;
267 /*
268 * When we will want to decode an overlay dentry from this handle
269 * and all layers are on the same fs, if we get a disconncted real
270 * dentry when we decode fid, the only way to tell if we should assign
271 * it to upperdentry or to lowerstack is by checking this flag.
272 */
273 if (is_upper)
274 fh->flags |= OVL_FH_FLAG_PATH_UPPER;
275 fh->len = fh_len;
276 fh->uuid = *uuid;
277 memcpy(fh->fid, buf, buflen);
278
279 out:
280 kfree(buf);
281 return fh;
282 }
283
ovl_set_origin(struct dentry * dentry,struct dentry * lower,struct dentry * upper)284 int ovl_set_origin(struct dentry *dentry, struct dentry *lower,
285 struct dentry *upper)
286 {
287 const struct ovl_fh *fh = NULL;
288 int err;
289
290 /*
291 * When lower layer doesn't support export operations store a 'null' fh,
292 * so we can use the overlay.origin xattr to distignuish between a copy
293 * up and a pure upper inode.
294 */
295 if (ovl_can_decode_fh(lower->d_sb)) {
296 fh = ovl_encode_real_fh(lower, false);
297 if (IS_ERR(fh))
298 return PTR_ERR(fh);
299 }
300
301 /*
302 * Do not fail when upper doesn't support xattrs.
303 */
304 err = ovl_check_setxattr(dentry, upper, OVL_XATTR_ORIGIN, fh,
305 fh ? fh->len : 0, 0);
306 kfree(fh);
307
308 return err;
309 }
310
311 /* Store file handle of @upper dir in @index dir entry */
ovl_set_upper_fh(struct dentry * upper,struct dentry * index)312 static int ovl_set_upper_fh(struct dentry *upper, struct dentry *index)
313 {
314 const struct ovl_fh *fh;
315 int err;
316
317 fh = ovl_encode_real_fh(upper, true);
318 if (IS_ERR(fh))
319 return PTR_ERR(fh);
320
321 err = ovl_do_setxattr(index, OVL_XATTR_UPPER, fh, fh->len, 0);
322
323 kfree(fh);
324 return err;
325 }
326
327 /*
328 * Create and install index entry.
329 *
330 * Caller must hold i_mutex on indexdir.
331 */
ovl_create_index(struct dentry * dentry,struct dentry * origin,struct dentry * upper)332 static int ovl_create_index(struct dentry *dentry, struct dentry *origin,
333 struct dentry *upper)
334 {
335 struct dentry *indexdir = ovl_indexdir(dentry->d_sb);
336 struct inode *dir = d_inode(indexdir);
337 struct dentry *index = NULL;
338 struct dentry *temp = NULL;
339 struct qstr name = { };
340 int err;
341
342 /*
343 * For now this is only used for creating index entry for directories,
344 * because non-dir are copied up directly to index and then hardlinked
345 * to upper dir.
346 *
347 * TODO: implement create index for non-dir, so we can call it when
348 * encoding file handle for non-dir in case index does not exist.
349 */
350 if (WARN_ON(!d_is_dir(dentry)))
351 return -EIO;
352
353 /* Directory not expected to be indexed before copy up */
354 if (WARN_ON(ovl_test_flag(OVL_INDEX, d_inode(dentry))))
355 return -EIO;
356
357 err = ovl_get_index_name(origin, &name);
358 if (err)
359 return err;
360
361 temp = ovl_create_temp(indexdir, OVL_CATTR(S_IFDIR | 0));
362 err = PTR_ERR(temp);
363 if (IS_ERR(temp))
364 goto free_name;
365
366 err = ovl_set_upper_fh(upper, temp);
367 if (err)
368 goto out;
369
370 index = lookup_one_len(name.name, indexdir, name.len);
371 if (IS_ERR(index)) {
372 err = PTR_ERR(index);
373 } else {
374 err = ovl_do_rename(dir, temp, dir, index, 0);
375 dput(index);
376 }
377 out:
378 if (err)
379 ovl_cleanup(dir, temp);
380 dput(temp);
381 free_name:
382 kfree(name.name);
383 return err;
384 }
385
386 struct ovl_copy_up_ctx {
387 struct dentry *parent;
388 struct dentry *dentry;
389 struct path lowerpath;
390 struct kstat stat;
391 struct kstat pstat;
392 const char *link;
393 struct dentry *destdir;
394 struct qstr destname;
395 struct dentry *workdir;
396 bool origin;
397 bool indexed;
398 bool metacopy;
399 };
400
ovl_link_up(struct ovl_copy_up_ctx * c)401 static int ovl_link_up(struct ovl_copy_up_ctx *c)
402 {
403 int err;
404 struct dentry *upper;
405 struct dentry *upperdir = ovl_dentry_upper(c->parent);
406 struct inode *udir = d_inode(upperdir);
407
408 /* Mark parent "impure" because it may now contain non-pure upper */
409 err = ovl_set_impure(c->parent, upperdir);
410 if (err)
411 return err;
412
413 err = ovl_set_nlink_lower(c->dentry);
414 if (err)
415 return err;
416
417 inode_lock_nested(udir, I_MUTEX_PARENT);
418 upper = lookup_one_len(c->dentry->d_name.name, upperdir,
419 c->dentry->d_name.len);
420 err = PTR_ERR(upper);
421 if (!IS_ERR(upper)) {
422 err = ovl_do_link(ovl_dentry_upper(c->dentry), udir, upper);
423 dput(upper);
424
425 if (!err) {
426 /* Restore timestamps on parent (best effort) */
427 ovl_set_timestamps(upperdir, &c->pstat);
428 ovl_dentry_set_upper_alias(c->dentry);
429 }
430 }
431 inode_unlock(udir);
432 if (err)
433 return err;
434
435 err = ovl_set_nlink_upper(c->dentry);
436
437 return err;
438 }
439
ovl_copy_up_inode(struct ovl_copy_up_ctx * c,struct dentry * temp)440 static int ovl_copy_up_inode(struct ovl_copy_up_ctx *c, struct dentry *temp)
441 {
442 int err;
443
444 /*
445 * Copy up data first and then xattrs. Writing data after
446 * xattrs will remove security.capability xattr automatically.
447 */
448 if (S_ISREG(c->stat.mode) && !c->metacopy) {
449 struct path upperpath, datapath;
450
451 ovl_path_upper(c->dentry, &upperpath);
452 if (WARN_ON(upperpath.dentry != NULL))
453 return -EIO;
454 upperpath.dentry = temp;
455
456 ovl_path_lowerdata(c->dentry, &datapath);
457 err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
458 if (err)
459 return err;
460 }
461
462 err = ovl_copy_xattr(c->lowerpath.dentry, temp);
463 if (err)
464 return err;
465
466 /*
467 * Store identifier of lower inode in upper inode xattr to
468 * allow lookup of the copy up origin inode.
469 *
470 * Don't set origin when we are breaking the association with a lower
471 * hard link.
472 */
473 if (c->origin) {
474 err = ovl_set_origin(c->dentry, c->lowerpath.dentry, temp);
475 if (err)
476 return err;
477 }
478
479 if (c->metacopy) {
480 err = ovl_check_setxattr(c->dentry, temp, OVL_XATTR_METACOPY,
481 NULL, 0, -EOPNOTSUPP);
482 if (err)
483 return err;
484 }
485
486 inode_lock(temp->d_inode);
487 if (c->metacopy)
488 err = ovl_set_size(temp, &c->stat);
489 if (!err)
490 err = ovl_set_attr(temp, &c->stat);
491 inode_unlock(temp->d_inode);
492
493 return err;
494 }
495
496 struct ovl_cu_creds {
497 const struct cred *old;
498 struct cred *new;
499 };
500
ovl_prep_cu_creds(struct dentry * dentry,struct ovl_cu_creds * cc)501 static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
502 {
503 int err;
504
505 cc->old = cc->new = NULL;
506 err = security_inode_copy_up(dentry, &cc->new);
507 if (err < 0)
508 return err;
509
510 if (cc->new)
511 cc->old = override_creds(cc->new);
512
513 return 0;
514 }
515
ovl_revert_cu_creds(struct ovl_cu_creds * cc)516 static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
517 {
518 if (cc->new) {
519 revert_creds(cc->old);
520 put_cred(cc->new);
521 }
522 }
523
524 /*
525 * Copyup using workdir to prepare temp file. Used when copying up directories,
526 * special files or when upper fs doesn't support O_TMPFILE.
527 */
ovl_copy_up_workdir(struct ovl_copy_up_ctx * c)528 static int ovl_copy_up_workdir(struct ovl_copy_up_ctx *c)
529 {
530 struct inode *inode;
531 struct inode *udir = d_inode(c->destdir), *wdir = d_inode(c->workdir);
532 struct dentry *temp, *upper;
533 struct ovl_cu_creds cc;
534 int err;
535 struct ovl_cattr cattr = {
536 /* Can't properly set mode on creation because of the umask */
537 .mode = c->stat.mode & S_IFMT,
538 .rdev = c->stat.rdev,
539 .link = c->link
540 };
541
542 err = ovl_lock_rename_workdir(c->workdir, c->destdir);
543 if (err)
544 return err;
545
546 err = ovl_prep_cu_creds(c->dentry, &cc);
547 if (err)
548 goto unlock;
549
550 temp = ovl_create_temp(c->workdir, &cattr);
551 ovl_revert_cu_creds(&cc);
552
553 err = PTR_ERR(temp);
554 if (IS_ERR(temp))
555 goto unlock;
556
557 err = ovl_copy_up_inode(c, temp);
558 if (err)
559 goto cleanup;
560
561 if (S_ISDIR(c->stat.mode) && c->indexed) {
562 err = ovl_create_index(c->dentry, c->lowerpath.dentry, temp);
563 if (err)
564 goto cleanup;
565 }
566
567 upper = lookup_one_len(c->destname.name, c->destdir, c->destname.len);
568 err = PTR_ERR(upper);
569 if (IS_ERR(upper))
570 goto cleanup;
571
572 err = ovl_do_rename(wdir, temp, udir, upper, 0);
573 dput(upper);
574 if (err)
575 goto cleanup;
576
577 if (!c->metacopy)
578 ovl_set_upperdata(d_inode(c->dentry));
579 inode = d_inode(c->dentry);
580 ovl_inode_update(inode, temp);
581 if (S_ISDIR(inode->i_mode))
582 ovl_set_flag(OVL_WHITEOUTS, inode);
583 unlock:
584 unlock_rename(c->workdir, c->destdir);
585
586 return err;
587
588 cleanup:
589 ovl_cleanup(wdir, temp);
590 dput(temp);
591 goto unlock;
592 }
593
594 /* Copyup using O_TMPFILE which does not require cross dir locking */
ovl_copy_up_tmpfile(struct ovl_copy_up_ctx * c)595 static int ovl_copy_up_tmpfile(struct ovl_copy_up_ctx *c)
596 {
597 struct inode *udir = d_inode(c->destdir);
598 struct dentry *temp, *upper;
599 struct ovl_cu_creds cc;
600 int err;
601
602 err = ovl_prep_cu_creds(c->dentry, &cc);
603 if (err)
604 return err;
605
606 temp = ovl_do_tmpfile(c->workdir, c->stat.mode);
607 ovl_revert_cu_creds(&cc);
608
609 if (IS_ERR(temp))
610 return PTR_ERR(temp);
611
612 err = ovl_copy_up_inode(c, temp);
613 if (err)
614 goto out_dput;
615
616 inode_lock_nested(udir, I_MUTEX_PARENT);
617
618 upper = lookup_one_len(c->destname.name, c->destdir, c->destname.len);
619 err = PTR_ERR(upper);
620 if (!IS_ERR(upper)) {
621 err = ovl_do_link(temp, udir, upper);
622 dput(upper);
623 }
624 inode_unlock(udir);
625
626 if (err)
627 goto out_dput;
628
629 if (!c->metacopy)
630 ovl_set_upperdata(d_inode(c->dentry));
631 ovl_inode_update(d_inode(c->dentry), temp);
632
633 return 0;
634
635 out_dput:
636 dput(temp);
637 return err;
638 }
639
640 /*
641 * Copy up a single dentry
642 *
643 * All renames start with copy up of source if necessary. The actual
644 * rename will only proceed once the copy up was successful. Copy up uses
645 * upper parent i_mutex for exclusion. Since rename can change d_parent it
646 * is possible that the copy up will lock the old parent. At that point
647 * the file will have already been copied up anyway.
648 */
ovl_do_copy_up(struct ovl_copy_up_ctx * c)649 static int ovl_do_copy_up(struct ovl_copy_up_ctx *c)
650 {
651 int err;
652 struct ovl_fs *ofs = c->dentry->d_sb->s_fs_info;
653 bool to_index = false;
654
655 /*
656 * Indexed non-dir is copied up directly to the index entry and then
657 * hardlinked to upper dir. Indexed dir is copied up to indexdir,
658 * then index entry is created and then copied up dir installed.
659 * Copying dir up to indexdir instead of workdir simplifies locking.
660 */
661 if (ovl_need_index(c->dentry)) {
662 c->indexed = true;
663 if (S_ISDIR(c->stat.mode))
664 c->workdir = ovl_indexdir(c->dentry->d_sb);
665 else
666 to_index = true;
667 }
668
669 if (S_ISDIR(c->stat.mode) || c->stat.nlink == 1 || to_index)
670 c->origin = true;
671
672 if (to_index) {
673 c->destdir = ovl_indexdir(c->dentry->d_sb);
674 err = ovl_get_index_name(c->lowerpath.dentry, &c->destname);
675 if (err)
676 return err;
677 } else if (WARN_ON(!c->parent)) {
678 /* Disconnected dentry must be copied up to index dir */
679 return -EIO;
680 } else {
681 /*
682 * Mark parent "impure" because it may now contain non-pure
683 * upper
684 */
685 err = ovl_set_impure(c->parent, c->destdir);
686 if (err)
687 return err;
688 }
689
690 /* Should we copyup with O_TMPFILE or with workdir? */
691 if (S_ISREG(c->stat.mode) && ofs->tmpfile)
692 err = ovl_copy_up_tmpfile(c);
693 else
694 err = ovl_copy_up_workdir(c);
695 if (err)
696 goto out;
697
698 if (c->indexed)
699 ovl_set_flag(OVL_INDEX, d_inode(c->dentry));
700
701 if (to_index) {
702 /* Initialize nlink for copy up of disconnected dentry */
703 err = ovl_set_nlink_upper(c->dentry);
704 } else {
705 struct inode *udir = d_inode(c->destdir);
706
707 /* Restore timestamps on parent (best effort) */
708 inode_lock(udir);
709 ovl_set_timestamps(c->destdir, &c->pstat);
710 inode_unlock(udir);
711
712 ovl_dentry_set_upper_alias(c->dentry);
713 }
714
715 out:
716 if (to_index)
717 kfree(c->destname.name);
718 return err;
719 }
720
ovl_need_meta_copy_up(struct dentry * dentry,umode_t mode,int flags)721 static bool ovl_need_meta_copy_up(struct dentry *dentry, umode_t mode,
722 int flags)
723 {
724 struct ovl_fs *ofs = dentry->d_sb->s_fs_info;
725
726 if (!ofs->config.metacopy)
727 return false;
728
729 if (!S_ISREG(mode))
730 return false;
731
732 if (flags && ((OPEN_FMODE(flags) & FMODE_WRITE) || (flags & O_TRUNC)))
733 return false;
734
735 return true;
736 }
737
738 /* Copy up data of an inode which was copied up metadata only in the past. */
ovl_copy_up_meta_inode_data(struct ovl_copy_up_ctx * c)739 static int ovl_copy_up_meta_inode_data(struct ovl_copy_up_ctx *c)
740 {
741 struct path upperpath, datapath;
742 int err;
743 char *capability = NULL;
744 ssize_t cap_size;
745
746 ovl_path_upper(c->dentry, &upperpath);
747 if (WARN_ON(upperpath.dentry == NULL))
748 return -EIO;
749
750 ovl_path_lowerdata(c->dentry, &datapath);
751 if (WARN_ON(datapath.dentry == NULL))
752 return -EIO;
753
754 if (c->stat.size) {
755 err = cap_size = ovl_getxattr(upperpath.dentry, XATTR_NAME_CAPS,
756 &capability, 0);
757 if (err < 0 && err != -ENODATA)
758 goto out;
759 }
760
761 err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
762 if (err)
763 goto out_free;
764
765 /*
766 * Writing to upper file will clear security.capability xattr. We
767 * don't want that to happen for normal copy-up operation.
768 */
769 if (capability) {
770 err = ovl_do_setxattr(upperpath.dentry, XATTR_NAME_CAPS,
771 capability, cap_size, 0);
772 if (err)
773 goto out_free;
774 }
775
776
777 err = vfs_removexattr(upperpath.dentry, OVL_XATTR_METACOPY);
778 if (err)
779 goto out_free;
780
781 ovl_set_upperdata(d_inode(c->dentry));
782 out_free:
783 kfree(capability);
784 out:
785 return err;
786 }
787
ovl_copy_up_one(struct dentry * parent,struct dentry * dentry,int flags)788 static int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
789 int flags)
790 {
791 int err;
792 DEFINE_DELAYED_CALL(done);
793 struct path parentpath;
794 struct ovl_copy_up_ctx ctx = {
795 .parent = parent,
796 .dentry = dentry,
797 .workdir = ovl_workdir(dentry),
798 };
799
800 if (WARN_ON(!ctx.workdir))
801 return -EROFS;
802
803 ovl_path_lower(dentry, &ctx.lowerpath);
804 err = vfs_getattr(&ctx.lowerpath, &ctx.stat,
805 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
806 if (err)
807 return err;
808
809 ctx.metacopy = ovl_need_meta_copy_up(dentry, ctx.stat.mode, flags);
810
811 if (parent) {
812 ovl_path_upper(parent, &parentpath);
813 ctx.destdir = parentpath.dentry;
814 ctx.destname = dentry->d_name;
815
816 err = vfs_getattr(&parentpath, &ctx.pstat,
817 STATX_ATIME | STATX_MTIME,
818 AT_STATX_SYNC_AS_STAT);
819 if (err)
820 return err;
821 }
822
823 /* maybe truncate regular file. this has no effect on dirs */
824 if (flags & O_TRUNC)
825 ctx.stat.size = 0;
826
827 if (S_ISLNK(ctx.stat.mode)) {
828 ctx.link = vfs_get_link(ctx.lowerpath.dentry, &done);
829 if (IS_ERR(ctx.link))
830 return PTR_ERR(ctx.link);
831 }
832
833 err = ovl_copy_up_start(dentry, flags);
834 /* err < 0: interrupted, err > 0: raced with another copy-up */
835 if (unlikely(err)) {
836 if (err > 0)
837 err = 0;
838 } else {
839 if (!ovl_dentry_upper(dentry))
840 err = ovl_do_copy_up(&ctx);
841 if (!err && parent && !ovl_dentry_has_upper_alias(dentry))
842 err = ovl_link_up(&ctx);
843 if (!err && ovl_dentry_needs_data_copy_up_locked(dentry, flags))
844 err = ovl_copy_up_meta_inode_data(&ctx);
845 ovl_copy_up_end(dentry);
846 }
847 do_delayed_call(&done);
848
849 return err;
850 }
851
ovl_copy_up_flags(struct dentry * dentry,int flags)852 int ovl_copy_up_flags(struct dentry *dentry, int flags)
853 {
854 int err = 0;
855 const struct cred *old_cred;
856 bool disconnected = (dentry->d_flags & DCACHE_DISCONNECTED);
857
858 /*
859 * With NFS export, copy up can get called for a disconnected non-dir.
860 * In this case, we will copy up lower inode to index dir without
861 * linking it to upper dir.
862 */
863 if (WARN_ON(disconnected && d_is_dir(dentry)))
864 return -EIO;
865
866 old_cred = ovl_override_creds(dentry->d_sb);
867 while (!err) {
868 struct dentry *next;
869 struct dentry *parent = NULL;
870
871 if (ovl_already_copied_up(dentry, flags))
872 break;
873
874 next = dget(dentry);
875 /* find the topmost dentry not yet copied up */
876 for (; !disconnected;) {
877 parent = dget_parent(next);
878
879 if (ovl_dentry_upper(parent))
880 break;
881
882 dput(next);
883 next = parent;
884 }
885
886 err = ovl_copy_up_one(parent, next, flags);
887
888 dput(parent);
889 dput(next);
890 }
891 ovl_revert_creds(dentry->d_sb, old_cred);
892
893 return err;
894 }
895
ovl_open_need_copy_up(struct dentry * dentry,int flags)896 static bool ovl_open_need_copy_up(struct dentry *dentry, int flags)
897 {
898 /* Copy up of disconnected dentry does not set upper alias */
899 if (ovl_already_copied_up(dentry, flags))
900 return false;
901
902 if (special_file(d_inode(dentry)->i_mode))
903 return false;
904
905 if (!ovl_open_flags_need_copy_up(flags))
906 return false;
907
908 return true;
909 }
910
ovl_maybe_copy_up(struct dentry * dentry,int flags)911 int ovl_maybe_copy_up(struct dentry *dentry, int flags)
912 {
913 int err = 0;
914
915 if (ovl_open_need_copy_up(dentry, flags)) {
916 err = ovl_want_write(dentry);
917 if (!err) {
918 err = ovl_copy_up_flags(dentry, flags);
919 ovl_drop_write(dentry);
920 }
921 }
922
923 return err;
924 }
925
ovl_copy_up_with_data(struct dentry * dentry)926 int ovl_copy_up_with_data(struct dentry *dentry)
927 {
928 return ovl_copy_up_flags(dentry, O_WRONLY);
929 }
930
ovl_copy_up(struct dentry * dentry)931 int ovl_copy_up(struct dentry *dentry)
932 {
933 return ovl_copy_up_flags(dentry, 0);
934 }
935