3 * Copyright (C) 2011 Novell Inc.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
11 #include <linux/namei.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/cred.h>
15 #include <linux/atomic.h>
16 #include "overlayfs.h"
18 void ovl_cleanup(struct inode
*wdir
, struct dentry
*wdentry
)
23 if (d_is_dir(wdentry
))
24 err
= ovl_do_rmdir(wdir
, wdentry
);
26 err
= ovl_do_unlink(wdir
, wdentry
);
30 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
35 struct dentry
*ovl_lookup_temp(struct dentry
*workdir
, struct dentry
*dentry
)
39 static atomic_t temp_id
= ATOMIC_INIT(0);
41 /* counter is allowed to wrap, since temp dentries are ephemeral */
42 snprintf(name
, sizeof(name
), "#%x", atomic_inc_return(&temp_id
));
44 temp
= lookup_one_len(name
, workdir
, strlen(name
));
45 if (!IS_ERR(temp
) && temp
->d_inode
) {
46 pr_err("overlayfs: workdir/%s already exists\n", name
);
54 /* caller holds i_mutex on workdir */
55 static struct dentry
*ovl_whiteout(struct dentry
*workdir
,
56 struct dentry
*dentry
)
59 struct dentry
*whiteout
;
60 struct inode
*wdir
= workdir
->d_inode
;
62 whiteout
= ovl_lookup_temp(workdir
, dentry
);
66 err
= ovl_do_whiteout(wdir
, whiteout
);
69 whiteout
= ERR_PTR(err
);
75 int ovl_create_real(struct inode
*dir
, struct dentry
*newdentry
,
76 struct kstat
*stat
, const char *link
,
77 struct dentry
*hardlink
, bool debug
)
81 if (newdentry
->d_inode
)
85 err
= ovl_do_link(hardlink
, dir
, newdentry
, debug
);
87 switch (stat
->mode
& S_IFMT
) {
89 err
= ovl_do_create(dir
, newdentry
, stat
->mode
, debug
);
93 err
= ovl_do_mkdir(dir
, newdentry
, stat
->mode
, debug
);
100 err
= ovl_do_mknod(dir
, newdentry
,
101 stat
->mode
, stat
->rdev
, debug
);
105 err
= ovl_do_symlink(dir
, newdentry
, link
, debug
);
112 if (!err
&& WARN_ON(!newdentry
->d_inode
)) {
114 * Not quite sure if non-instantiated dentry is legal or not.
115 * VFS doesn't seem to care so check and warn here.
122 static int ovl_set_opaque(struct dentry
*upperdentry
)
124 return ovl_do_setxattr(upperdentry
, OVL_XATTR_OPAQUE
, "y", 1, 0);
127 static void ovl_remove_opaque(struct dentry
*upperdentry
)
131 err
= ovl_do_removexattr(upperdentry
, OVL_XATTR_OPAQUE
);
133 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n",
134 upperdentry
->d_name
.name
, err
);
138 static int ovl_dir_getattr(struct vfsmount
*mnt
, struct dentry
*dentry
,
142 enum ovl_path_type type
;
143 struct path realpath
;
145 type
= ovl_path_real(dentry
, &realpath
);
146 err
= vfs_getattr(&realpath
, stat
);
150 stat
->dev
= dentry
->d_sb
->s_dev
;
151 stat
->ino
= dentry
->d_inode
->i_ino
;
154 * It's probably not worth it to count subdirs to get the
155 * correct link count. nlink=1 seems to pacify 'find' and
158 if (OVL_TYPE_MERGE(type
))
164 static int ovl_create_upper(struct dentry
*dentry
, struct inode
*inode
,
165 struct kstat
*stat
, const char *link
,
166 struct dentry
*hardlink
)
168 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
169 struct inode
*udir
= upperdir
->d_inode
;
170 struct dentry
*newdentry
;
173 mutex_lock_nested(&udir
->i_mutex
, I_MUTEX_PARENT
);
174 newdentry
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
176 err
= PTR_ERR(newdentry
);
177 if (IS_ERR(newdentry
))
179 err
= ovl_create_real(udir
, newdentry
, stat
, link
, hardlink
, false);
183 ovl_dentry_version_inc(dentry
->d_parent
);
184 ovl_dentry_update(dentry
, newdentry
);
185 ovl_copyattr(newdentry
->d_inode
, inode
);
186 d_instantiate(dentry
, inode
);
191 mutex_unlock(&udir
->i_mutex
);
195 static int ovl_lock_rename_workdir(struct dentry
*workdir
,
196 struct dentry
*upperdir
)
198 /* Workdir should not be the same as upperdir */
199 if (workdir
== upperdir
)
202 /* Workdir should not be subdir of upperdir and vice versa */
203 if (lock_rename(workdir
, upperdir
) != NULL
)
209 unlock_rename(workdir
, upperdir
);
211 pr_err("overlayfs: failed to lock workdir+upperdir\n");
215 static struct dentry
*ovl_clear_empty(struct dentry
*dentry
,
216 struct list_head
*list
)
218 struct dentry
*workdir
= ovl_workdir(dentry
);
219 struct inode
*wdir
= workdir
->d_inode
;
220 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
221 struct inode
*udir
= upperdir
->d_inode
;
222 struct path upperpath
;
223 struct dentry
*upper
;
224 struct dentry
*opaquedir
;
228 if (WARN_ON(!workdir
))
229 return ERR_PTR(-EROFS
);
231 err
= ovl_lock_rename_workdir(workdir
, upperdir
);
235 ovl_path_upper(dentry
, &upperpath
);
236 err
= vfs_getattr(&upperpath
, &stat
);
241 if (!S_ISDIR(stat
.mode
))
243 upper
= upperpath
.dentry
;
244 if (upper
->d_parent
->d_inode
!= udir
)
247 opaquedir
= ovl_lookup_temp(workdir
, dentry
);
248 err
= PTR_ERR(opaquedir
);
249 if (IS_ERR(opaquedir
))
252 err
= ovl_create_real(wdir
, opaquedir
, &stat
, NULL
, NULL
, true);
256 err
= ovl_copy_xattr(upper
, opaquedir
);
260 err
= ovl_set_opaque(opaquedir
);
264 mutex_lock(&opaquedir
->d_inode
->i_mutex
);
265 err
= ovl_set_attr(opaquedir
, &stat
);
266 mutex_unlock(&opaquedir
->d_inode
->i_mutex
);
270 err
= ovl_do_rename(wdir
, opaquedir
, udir
, upper
, RENAME_EXCHANGE
);
274 ovl_cleanup_whiteouts(upper
, list
);
275 ovl_cleanup(wdir
, upper
);
276 unlock_rename(workdir
, upperdir
);
278 /* dentry's upper doesn't match now, get rid of it */
284 ovl_cleanup(wdir
, opaquedir
);
288 unlock_rename(workdir
, upperdir
);
293 static struct dentry
*ovl_check_empty_and_clear(struct dentry
*dentry
)
296 struct dentry
*ret
= NULL
;
299 err
= ovl_check_empty_dir(dentry
, &list
);
304 * If no upperdentry then skip clearing whiteouts.
306 * Can race with copy-up, since we don't hold the upperdir
307 * mutex. Doesn't matter, since copy-up can't create a
308 * non-empty directory from an empty one.
310 if (ovl_dentry_upper(dentry
))
311 ret
= ovl_clear_empty(dentry
, &list
);
314 ovl_cache_free(&list
);
319 static int ovl_create_over_whiteout(struct dentry
*dentry
, struct inode
*inode
,
320 struct kstat
*stat
, const char *link
,
321 struct dentry
*hardlink
)
323 struct dentry
*workdir
= ovl_workdir(dentry
);
324 struct inode
*wdir
= workdir
->d_inode
;
325 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
326 struct inode
*udir
= upperdir
->d_inode
;
327 struct dentry
*upper
;
328 struct dentry
*newdentry
;
331 if (WARN_ON(!workdir
))
334 err
= ovl_lock_rename_workdir(workdir
, upperdir
);
338 newdentry
= ovl_lookup_temp(workdir
, dentry
);
339 err
= PTR_ERR(newdentry
);
340 if (IS_ERR(newdentry
))
343 upper
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
345 err
= PTR_ERR(upper
);
349 err
= ovl_create_real(wdir
, newdentry
, stat
, link
, hardlink
, true);
353 if (S_ISDIR(stat
->mode
)) {
354 err
= ovl_set_opaque(newdentry
);
358 err
= ovl_do_rename(wdir
, newdentry
, udir
, upper
,
363 ovl_cleanup(wdir
, upper
);
365 err
= ovl_do_rename(wdir
, newdentry
, udir
, upper
, 0);
369 ovl_dentry_version_inc(dentry
->d_parent
);
370 ovl_dentry_update(dentry
, newdentry
);
371 ovl_copyattr(newdentry
->d_inode
, inode
);
372 d_instantiate(dentry
, inode
);
379 unlock_rename(workdir
, upperdir
);
384 ovl_cleanup(wdir
, newdentry
);
388 static int ovl_create_or_link(struct dentry
*dentry
, int mode
, dev_t rdev
,
389 const char *link
, struct dentry
*hardlink
)
393 struct kstat stat
= {
399 inode
= ovl_new_inode(dentry
->d_sb
, mode
, dentry
->d_fsdata
);
403 err
= ovl_copy_up(dentry
->d_parent
);
407 if (!ovl_dentry_is_opaque(dentry
)) {
408 err
= ovl_create_upper(dentry
, inode
, &stat
, link
, hardlink
);
410 const struct cred
*old_cred
;
411 struct cred
*override_cred
;
413 old_cred
= ovl_override_creds(dentry
->d_sb
);
416 override_cred
= prepare_creds();
418 override_cred
->fsuid
= old_cred
->fsuid
;
419 override_cred
->fsgid
= old_cred
->fsgid
;
420 put_cred(override_creds(override_cred
));
421 put_cred(override_cred
);
423 err
= ovl_create_over_whiteout(dentry
, inode
, &stat
,
426 revert_creds(old_cred
);
437 static int ovl_create_object(struct dentry
*dentry
, int mode
, dev_t rdev
,
442 err
= ovl_want_write(dentry
);
444 err
= ovl_create_or_link(dentry
, mode
, rdev
, link
, NULL
);
445 ovl_drop_write(dentry
);
451 static int ovl_create(struct inode
*dir
, struct dentry
*dentry
, umode_t mode
,
454 return ovl_create_object(dentry
, (mode
& 07777) | S_IFREG
, 0, NULL
);
457 static int ovl_mkdir(struct inode
*dir
, struct dentry
*dentry
, umode_t mode
)
459 return ovl_create_object(dentry
, (mode
& 07777) | S_IFDIR
, 0, NULL
);
462 static int ovl_mknod(struct inode
*dir
, struct dentry
*dentry
, umode_t mode
,
465 /* Don't allow creation of "whiteout" on overlay */
466 if (S_ISCHR(mode
) && rdev
== WHITEOUT_DEV
)
469 return ovl_create_object(dentry
, mode
, rdev
, NULL
);
472 static int ovl_symlink(struct inode
*dir
, struct dentry
*dentry
,
475 return ovl_create_object(dentry
, S_IFLNK
, 0, link
);
478 static int ovl_link(struct dentry
*old
, struct inode
*newdir
,
482 struct dentry
*upper
;
484 err
= ovl_want_write(old
);
488 err
= ovl_copy_up(old
);
492 upper
= ovl_dentry_upper(old
);
493 err
= ovl_create_or_link(new, upper
->d_inode
->i_mode
, 0, NULL
, upper
);
501 static int ovl_remove_and_whiteout(struct dentry
*dentry
, bool is_dir
)
503 struct dentry
*workdir
= ovl_workdir(dentry
);
504 struct inode
*wdir
= workdir
->d_inode
;
505 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
506 struct inode
*udir
= upperdir
->d_inode
;
507 struct dentry
*whiteout
;
508 struct dentry
*upper
;
509 struct dentry
*opaquedir
= NULL
;
513 if (WARN_ON(!workdir
))
517 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry
))) {
518 opaquedir
= ovl_check_empty_and_clear(dentry
);
519 err
= PTR_ERR(opaquedir
);
520 if (IS_ERR(opaquedir
))
526 * When removing an empty opaque directory, then it
527 * makes no sense to replace it with an exact replica of
528 * itself. But emptiness still needs to be checked.
530 err
= ovl_check_empty_dir(dentry
, &list
);
531 ovl_cache_free(&list
);
537 err
= ovl_lock_rename_workdir(workdir
, upperdir
);
541 upper
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
543 err
= PTR_ERR(upper
);
548 if ((opaquedir
&& upper
!= opaquedir
) ||
549 (!opaquedir
&& ovl_dentry_upper(dentry
) &&
550 upper
!= ovl_dentry_upper(dentry
))) {
554 whiteout
= ovl_whiteout(workdir
, dentry
);
555 err
= PTR_ERR(whiteout
);
556 if (IS_ERR(whiteout
))
560 flags
= RENAME_EXCHANGE
;
562 err
= ovl_do_rename(wdir
, whiteout
, udir
, upper
, flags
);
566 ovl_cleanup(wdir
, upper
);
568 ovl_dentry_version_inc(dentry
->d_parent
);
575 unlock_rename(workdir
, upperdir
);
582 ovl_cleanup(wdir
, whiteout
);
586 static int ovl_remove_upper(struct dentry
*dentry
, bool is_dir
)
588 struct dentry
*upperdir
= ovl_dentry_upper(dentry
->d_parent
);
589 struct inode
*dir
= upperdir
->d_inode
;
590 struct dentry
*upper
;
593 mutex_lock_nested(&dir
->i_mutex
, I_MUTEX_PARENT
);
594 upper
= lookup_one_len(dentry
->d_name
.name
, upperdir
,
596 err
= PTR_ERR(upper
);
601 if (upper
== ovl_dentry_upper(dentry
)) {
603 err
= vfs_rmdir(dir
, upper
);
605 err
= vfs_unlink(dir
, upper
, NULL
);
606 ovl_dentry_version_inc(dentry
->d_parent
);
611 * Keeping this dentry hashed would mean having to release
612 * upperpath/lowerpath, which could only be done if we are the
613 * sole user of this dentry. Too tricky... Just unhash for
619 mutex_unlock(&dir
->i_mutex
);
624 static inline int ovl_check_sticky(struct dentry
*dentry
)
626 struct inode
*dir
= ovl_dentry_real(dentry
->d_parent
)->d_inode
;
627 struct inode
*inode
= ovl_dentry_real(dentry
)->d_inode
;
629 if (check_sticky(dir
, inode
))
635 static int ovl_do_remove(struct dentry
*dentry
, bool is_dir
)
637 enum ovl_path_type type
;
640 err
= ovl_check_sticky(dentry
);
644 err
= ovl_want_write(dentry
);
648 err
= ovl_copy_up(dentry
->d_parent
);
652 type
= ovl_path_type(dentry
);
653 if (OVL_TYPE_PURE_UPPER(type
)) {
654 err
= ovl_remove_upper(dentry
, is_dir
);
656 const struct cred
*old_cred
= ovl_override_creds(dentry
->d_sb
);
658 err
= ovl_remove_and_whiteout(dentry
, is_dir
);
660 revert_creds(old_cred
);
663 ovl_drop_write(dentry
);
668 static int ovl_unlink(struct inode
*dir
, struct dentry
*dentry
)
670 return ovl_do_remove(dentry
, false);
673 static int ovl_rmdir(struct inode
*dir
, struct dentry
*dentry
)
675 return ovl_do_remove(dentry
, true);
678 static int ovl_rename2(struct inode
*olddir
, struct dentry
*old
,
679 struct inode
*newdir
, struct dentry
*new,
683 enum ovl_path_type old_type
;
684 enum ovl_path_type new_type
;
685 struct dentry
*old_upperdir
;
686 struct dentry
*new_upperdir
;
687 struct dentry
*olddentry
;
688 struct dentry
*newdentry
;
692 bool new_create
= false;
693 bool cleanup_whiteout
= false;
694 bool overwrite
= !(flags
& RENAME_EXCHANGE
);
695 bool is_dir
= d_is_dir(old
);
696 bool new_is_dir
= false;
697 struct dentry
*opaquedir
= NULL
;
698 const struct cred
*old_cred
= NULL
;
701 if (flags
& ~(RENAME_EXCHANGE
| RENAME_NOREPLACE
))
704 flags
&= ~RENAME_NOREPLACE
;
706 err
= ovl_check_sticky(old
);
710 /* Don't copy up directory trees */
711 old_type
= ovl_path_type(old
);
713 if (OVL_TYPE_MERGE_OR_LOWER(old_type
) && is_dir
)
717 err
= ovl_check_sticky(new);
724 new_type
= ovl_path_type(new);
726 if (!overwrite
&& OVL_TYPE_MERGE_OR_LOWER(new_type
) && new_is_dir
)
730 if (!OVL_TYPE_UPPER(new_type
) && !OVL_TYPE_UPPER(old_type
)) {
731 if (ovl_dentry_lower(old
)->d_inode
==
732 ovl_dentry_lower(new)->d_inode
)
735 if (OVL_TYPE_UPPER(new_type
) && OVL_TYPE_UPPER(old_type
)) {
736 if (ovl_dentry_upper(old
)->d_inode
==
737 ovl_dentry_upper(new)->d_inode
)
741 if (ovl_dentry_is_opaque(new))
742 new_type
= __OVL_PATH_UPPER
;
744 new_type
= __OVL_PATH_UPPER
| __OVL_PATH_PURE
;
747 err
= ovl_want_write(old
);
751 err
= ovl_copy_up(old
);
755 err
= ovl_copy_up(new->d_parent
);
759 err
= ovl_copy_up(new);
764 old_opaque
= !OVL_TYPE_PURE_UPPER(old_type
);
765 new_opaque
= !OVL_TYPE_PURE_UPPER(new_type
);
767 if (old_opaque
|| new_opaque
)
768 old_cred
= ovl_override_creds(old
->d_sb
);
770 if (overwrite
&& OVL_TYPE_MERGE_OR_LOWER(new_type
) && new_is_dir
) {
771 opaquedir
= ovl_check_empty_and_clear(new);
772 err
= PTR_ERR(opaquedir
);
773 if (IS_ERR(opaquedir
)) {
775 goto out_revert_creds
;
781 if (new->d_inode
|| !new_opaque
) {
782 /* Whiteout source */
783 flags
|= RENAME_WHITEOUT
;
785 /* Switch whiteouts */
786 flags
|= RENAME_EXCHANGE
;
788 } else if (is_dir
&& !new->d_inode
&& new_opaque
) {
789 flags
|= RENAME_EXCHANGE
;
790 cleanup_whiteout
= true;
794 old_upperdir
= ovl_dentry_upper(old
->d_parent
);
795 new_upperdir
= ovl_dentry_upper(new->d_parent
);
797 trap
= lock_rename(new_upperdir
, old_upperdir
);
800 olddentry
= lookup_one_len(old
->d_name
.name
, old_upperdir
,
802 err
= PTR_ERR(olddentry
);
803 if (IS_ERR(olddentry
))
807 if (olddentry
!= ovl_dentry_upper(old
))
810 newdentry
= lookup_one_len(new->d_name
.name
, new_upperdir
,
812 err
= PTR_ERR(newdentry
);
813 if (IS_ERR(newdentry
))
817 if (ovl_dentry_upper(new)) {
819 if (newdentry
!= opaquedir
)
822 if (newdentry
!= ovl_dentry_upper(new))
827 if (!d_is_negative(newdentry
) &&
828 (!new_opaque
|| !ovl_is_whiteout(newdentry
)))
832 if (olddentry
== trap
)
834 if (newdentry
== trap
)
837 if (is_dir
&& !old_opaque
&& new_opaque
) {
838 err
= ovl_set_opaque(olddentry
);
842 if (!overwrite
&& new_is_dir
&& old_opaque
&& !new_opaque
) {
843 err
= ovl_set_opaque(newdentry
);
848 if (old_opaque
|| new_opaque
) {
849 err
= ovl_do_rename(old_upperdir
->d_inode
, olddentry
,
850 new_upperdir
->d_inode
, newdentry
,
853 /* No debug for the plain case */
854 BUG_ON(flags
& ~RENAME_EXCHANGE
);
855 err
= vfs_rename(old_upperdir
->d_inode
, olddentry
,
856 new_upperdir
->d_inode
, newdentry
,
861 if (is_dir
&& !old_opaque
&& new_opaque
)
862 ovl_remove_opaque(olddentry
);
863 if (!overwrite
&& new_is_dir
&& old_opaque
&& !new_opaque
)
864 ovl_remove_opaque(newdentry
);
868 if (is_dir
&& old_opaque
&& !new_opaque
)
869 ovl_remove_opaque(olddentry
);
870 if (!overwrite
&& new_is_dir
&& !old_opaque
&& new_opaque
)
871 ovl_remove_opaque(newdentry
);
874 * Old dentry now lives in different location. Dentries in
875 * lowerstack are stale. We cannot drop them here because
876 * access to them is lockless. This could be only pure upper
877 * or opaque directory - numlower is zero. Or upper non-dir
878 * entry - its pureness is tracked by flag opaque.
880 if (old_opaque
!= new_opaque
) {
881 ovl_dentry_set_opaque(old
, new_opaque
);
883 ovl_dentry_set_opaque(new, old_opaque
);
886 if (cleanup_whiteout
)
887 ovl_cleanup(old_upperdir
->d_inode
, newdentry
);
889 ovl_dentry_version_inc(old
->d_parent
);
890 ovl_dentry_version_inc(new->d_parent
);
897 unlock_rename(new_upperdir
, old_upperdir
);
899 if (old_opaque
|| new_opaque
)
900 revert_creds(old_cred
);
908 const struct inode_operations ovl_dir_inode_operations
= {
909 .lookup
= ovl_lookup
,
911 .symlink
= ovl_symlink
,
912 .unlink
= ovl_unlink
,
914 .rename2
= ovl_rename2
,
916 .setattr
= ovl_setattr
,
917 .create
= ovl_create
,
919 .permission
= ovl_permission
,
920 .getattr
= ovl_dir_getattr
,
921 .setxattr
= ovl_setxattr
,
922 .getxattr
= ovl_getxattr
,
923 .listxattr
= ovl_listxattr
,
924 .removexattr
= ovl_removexattr
,