1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *
4  * Copyright (C) 2011 Novell Inc.
5  */
6 
7 #include <linux/fs.h>
8 #include <linux/slab.h>
9 #include <linux/namei.h>
10 #include <linux/file.h>
11 #include <linux/xattr.h>
12 #include <linux/rbtree.h>
13 #include <linux/security.h>
14 #include <linux/cred.h>
15 #include <linux/ratelimit.h>
16 #include "overlayfs.h"
17 
18 struct ovl_cache_entry {
19 	unsigned int len;
20 	unsigned int type;
21 	u64 real_ino;
22 	u64 ino;
23 	struct list_head l_node;
24 	struct rb_node node;
25 	struct ovl_cache_entry *next_maybe_whiteout;
26 	bool is_upper;
27 	bool is_whiteout;
28 	char name[];
29 };
30 
31 struct ovl_dir_cache {
32 	long refcount;
33 	u64 version;
34 	struct list_head entries;
35 	struct rb_root root;
36 };
37 
38 struct ovl_readdir_data {
39 	struct dir_context ctx;
40 	struct dentry *dentry;
41 	bool is_lowest;
42 	struct rb_root *root;
43 	struct list_head *list;
44 	struct list_head middle;
45 	struct ovl_cache_entry *first_maybe_whiteout;
46 	int count;
47 	int err;
48 	bool is_upper;
49 	bool d_type_supported;
50 };
51 
52 struct ovl_dir_file {
53 	bool is_real;
54 	bool is_upper;
55 	struct ovl_dir_cache *cache;
56 	struct list_head *cursor;
57 	struct file *realfile;
58 	struct file *upperfile;
59 };
60 
ovl_cache_entry_from_node(struct rb_node * n)61 static struct ovl_cache_entry *ovl_cache_entry_from_node(struct rb_node *n)
62 {
63 	return rb_entry(n, struct ovl_cache_entry, node);
64 }
65 
ovl_cache_entry_find_link(const char * name,int len,struct rb_node *** link,struct rb_node ** parent)66 static bool ovl_cache_entry_find_link(const char *name, int len,
67 				      struct rb_node ***link,
68 				      struct rb_node **parent)
69 {
70 	bool found = false;
71 	struct rb_node **newp = *link;
72 
73 	while (!found && *newp) {
74 		int cmp;
75 		struct ovl_cache_entry *tmp;
76 
77 		*parent = *newp;
78 		tmp = ovl_cache_entry_from_node(*newp);
79 		cmp = strncmp(name, tmp->name, len);
80 		if (cmp > 0)
81 			newp = &tmp->node.rb_right;
82 		else if (cmp < 0 || len < tmp->len)
83 			newp = &tmp->node.rb_left;
84 		else
85 			found = true;
86 	}
87 	*link = newp;
88 
89 	return found;
90 }
91 
ovl_cache_entry_find(struct rb_root * root,const char * name,int len)92 static struct ovl_cache_entry *ovl_cache_entry_find(struct rb_root *root,
93 						    const char *name, int len)
94 {
95 	struct rb_node *node = root->rb_node;
96 	int cmp;
97 
98 	while (node) {
99 		struct ovl_cache_entry *p = ovl_cache_entry_from_node(node);
100 
101 		cmp = strncmp(name, p->name, len);
102 		if (cmp > 0)
103 			node = p->node.rb_right;
104 		else if (cmp < 0 || len < p->len)
105 			node = p->node.rb_left;
106 		else
107 			return p;
108 	}
109 
110 	return NULL;
111 }
112 
ovl_calc_d_ino(struct ovl_readdir_data * rdd,struct ovl_cache_entry * p)113 static bool ovl_calc_d_ino(struct ovl_readdir_data *rdd,
114 			   struct ovl_cache_entry *p)
115 {
116 	/* Don't care if not doing ovl_iter() */
117 	if (!rdd->dentry)
118 		return false;
119 
120 	/* Always recalc d_ino when remapping lower inode numbers */
121 	if (ovl_xino_bits(rdd->dentry->d_sb))
122 		return true;
123 
124 	/* Always recalc d_ino for parent */
125 	if (strcmp(p->name, "..") == 0)
126 		return true;
127 
128 	/* If this is lower, then native d_ino will do */
129 	if (!rdd->is_upper)
130 		return false;
131 
132 	/*
133 	 * Recalc d_ino for '.' and for all entries if dir is impure (contains
134 	 * copied up entries)
135 	 */
136 	if ((p->name[0] == '.' && p->len == 1) ||
137 	    ovl_test_flag(OVL_IMPURE, d_inode(rdd->dentry)))
138 		return true;
139 
140 	return false;
141 }
142 
ovl_cache_entry_new(struct ovl_readdir_data * rdd,const char * name,int len,u64 ino,unsigned int d_type)143 static struct ovl_cache_entry *ovl_cache_entry_new(struct ovl_readdir_data *rdd,
144 						   const char *name, int len,
145 						   u64 ino, unsigned int d_type)
146 {
147 	struct ovl_cache_entry *p;
148 	size_t size = offsetof(struct ovl_cache_entry, name[len + 1]);
149 
150 	p = kmalloc(size, GFP_KERNEL);
151 	if (!p)
152 		return NULL;
153 
154 	memcpy(p->name, name, len);
155 	p->name[len] = '\0';
156 	p->len = len;
157 	p->type = d_type;
158 	p->real_ino = ino;
159 	p->ino = ino;
160 	/* Defer setting d_ino for upper entry to ovl_iterate() */
161 	if (ovl_calc_d_ino(rdd, p))
162 		p->ino = 0;
163 	p->is_upper = rdd->is_upper;
164 	p->is_whiteout = false;
165 
166 	if (d_type == DT_CHR) {
167 		p->next_maybe_whiteout = rdd->first_maybe_whiteout;
168 		rdd->first_maybe_whiteout = p;
169 	}
170 	return p;
171 }
172 
ovl_cache_entry_add_rb(struct ovl_readdir_data * rdd,const char * name,int len,u64 ino,unsigned int d_type)173 static int ovl_cache_entry_add_rb(struct ovl_readdir_data *rdd,
174 				  const char *name, int len, u64 ino,
175 				  unsigned int d_type)
176 {
177 	struct rb_node **newp = &rdd->root->rb_node;
178 	struct rb_node *parent = NULL;
179 	struct ovl_cache_entry *p;
180 
181 	if (ovl_cache_entry_find_link(name, len, &newp, &parent))
182 		return 0;
183 
184 	p = ovl_cache_entry_new(rdd, name, len, ino, d_type);
185 	if (p == NULL) {
186 		rdd->err = -ENOMEM;
187 		return -ENOMEM;
188 	}
189 
190 	list_add_tail(&p->l_node, rdd->list);
191 	rb_link_node(&p->node, parent, newp);
192 	rb_insert_color(&p->node, rdd->root);
193 
194 	return 0;
195 }
196 
ovl_fill_lowest(struct ovl_readdir_data * rdd,const char * name,int namelen,loff_t offset,u64 ino,unsigned int d_type)197 static int ovl_fill_lowest(struct ovl_readdir_data *rdd,
198 			   const char *name, int namelen,
199 			   loff_t offset, u64 ino, unsigned int d_type)
200 {
201 	struct ovl_cache_entry *p;
202 
203 	p = ovl_cache_entry_find(rdd->root, name, namelen);
204 	if (p) {
205 		list_move_tail(&p->l_node, &rdd->middle);
206 	} else {
207 		p = ovl_cache_entry_new(rdd, name, namelen, ino, d_type);
208 		if (p == NULL)
209 			rdd->err = -ENOMEM;
210 		else
211 			list_add_tail(&p->l_node, &rdd->middle);
212 	}
213 
214 	return rdd->err;
215 }
216 
ovl_cache_free(struct list_head * list)217 void ovl_cache_free(struct list_head *list)
218 {
219 	struct ovl_cache_entry *p;
220 	struct ovl_cache_entry *n;
221 
222 	list_for_each_entry_safe(p, n, list, l_node)
223 		kfree(p);
224 
225 	INIT_LIST_HEAD(list);
226 }
227 
ovl_dir_cache_free(struct inode * inode)228 void ovl_dir_cache_free(struct inode *inode)
229 {
230 	struct ovl_dir_cache *cache = ovl_dir_cache(inode);
231 
232 	if (cache) {
233 		ovl_cache_free(&cache->entries);
234 		kfree(cache);
235 	}
236 }
237 
ovl_cache_put(struct ovl_dir_file * od,struct dentry * dentry)238 static void ovl_cache_put(struct ovl_dir_file *od, struct dentry *dentry)
239 {
240 	struct ovl_dir_cache *cache = od->cache;
241 
242 	WARN_ON(cache->refcount <= 0);
243 	cache->refcount--;
244 	if (!cache->refcount) {
245 		if (ovl_dir_cache(d_inode(dentry)) == cache)
246 			ovl_set_dir_cache(d_inode(dentry), NULL);
247 
248 		ovl_cache_free(&cache->entries);
249 		kfree(cache);
250 	}
251 }
252 
ovl_fill_merge(struct dir_context * ctx,const char * name,int namelen,loff_t offset,u64 ino,unsigned int d_type)253 static int ovl_fill_merge(struct dir_context *ctx, const char *name,
254 			  int namelen, loff_t offset, u64 ino,
255 			  unsigned int d_type)
256 {
257 	struct ovl_readdir_data *rdd =
258 		container_of(ctx, struct ovl_readdir_data, ctx);
259 
260 	rdd->count++;
261 	if (!rdd->is_lowest)
262 		return ovl_cache_entry_add_rb(rdd, name, namelen, ino, d_type);
263 	else
264 		return ovl_fill_lowest(rdd, name, namelen, offset, ino, d_type);
265 }
266 
ovl_check_whiteouts(struct dentry * dir,struct ovl_readdir_data * rdd)267 static int ovl_check_whiteouts(struct dentry *dir, struct ovl_readdir_data *rdd)
268 {
269 	int err;
270 	struct ovl_cache_entry *p;
271 	struct dentry *dentry;
272 	const struct cred *old_cred;
273 
274 	old_cred = ovl_override_creds(rdd->dentry->d_sb);
275 
276 	err = down_write_killable(&dir->d_inode->i_rwsem);
277 	if (!err) {
278 		while (rdd->first_maybe_whiteout) {
279 			p = rdd->first_maybe_whiteout;
280 			rdd->first_maybe_whiteout = p->next_maybe_whiteout;
281 			dentry = lookup_one_len(p->name, dir, p->len);
282 			if (!IS_ERR(dentry)) {
283 				p->is_whiteout = ovl_is_whiteout(dentry);
284 				dput(dentry);
285 			}
286 		}
287 		inode_unlock(dir->d_inode);
288 	}
289 	revert_creds(old_cred);
290 
291 	return err;
292 }
293 
ovl_dir_read(struct path * realpath,struct ovl_readdir_data * rdd)294 static inline int ovl_dir_read(struct path *realpath,
295 			       struct ovl_readdir_data *rdd)
296 {
297 	struct file *realfile;
298 	int err;
299 
300 	realfile = ovl_path_open(realpath, O_RDONLY | O_LARGEFILE);
301 	if (IS_ERR(realfile))
302 		return PTR_ERR(realfile);
303 
304 	rdd->first_maybe_whiteout = NULL;
305 	rdd->ctx.pos = 0;
306 	do {
307 		rdd->count = 0;
308 		rdd->err = 0;
309 		err = iterate_dir(realfile, &rdd->ctx);
310 		if (err >= 0)
311 			err = rdd->err;
312 	} while (!err && rdd->count);
313 
314 	if (!err && rdd->first_maybe_whiteout && rdd->dentry)
315 		err = ovl_check_whiteouts(realpath->dentry, rdd);
316 
317 	fput(realfile);
318 
319 	return err;
320 }
321 
322 /*
323  * Can we iterate real dir directly?
324  *
325  * Non-merge dir may contain whiteouts from a time it was a merge upper, before
326  * lower dir was removed under it and possibly before it was rotated from upper
327  * to lower layer.
328  */
ovl_dir_is_real(struct dentry * dir)329 static bool ovl_dir_is_real(struct dentry *dir)
330 {
331 	return !ovl_test_flag(OVL_WHITEOUTS, d_inode(dir));
332 }
333 
ovl_dir_reset(struct file * file)334 static void ovl_dir_reset(struct file *file)
335 {
336 	struct ovl_dir_file *od = file->private_data;
337 	struct ovl_dir_cache *cache = od->cache;
338 	struct dentry *dentry = file->f_path.dentry;
339 	bool is_real;
340 
341 	if (cache && ovl_dentry_version_get(dentry) != cache->version) {
342 		ovl_cache_put(od, dentry);
343 		od->cache = NULL;
344 		od->cursor = NULL;
345 	}
346 	is_real = ovl_dir_is_real(dentry);
347 	if (od->is_real != is_real) {
348 		/* is_real can only become false when dir is copied up */
349 		if (WARN_ON(is_real))
350 			return;
351 		od->is_real = false;
352 	}
353 }
354 
ovl_dir_read_merged(struct dentry * dentry,struct list_head * list,struct rb_root * root)355 static int ovl_dir_read_merged(struct dentry *dentry, struct list_head *list,
356 	struct rb_root *root)
357 {
358 	int err;
359 	struct path realpath;
360 	struct ovl_readdir_data rdd = {
361 		.ctx.actor = ovl_fill_merge,
362 		.dentry = dentry,
363 		.list = list,
364 		.root = root,
365 		.is_lowest = false,
366 	};
367 	int idx, next;
368 
369 	for (idx = 0; idx != -1; idx = next) {
370 		next = ovl_path_next(idx, dentry, &realpath);
371 		rdd.is_upper = ovl_dentry_upper(dentry) == realpath.dentry;
372 
373 		if (next != -1) {
374 			err = ovl_dir_read(&realpath, &rdd);
375 			if (err)
376 				break;
377 		} else {
378 			/*
379 			 * Insert lowest layer entries before upper ones, this
380 			 * allows offsets to be reasonably constant
381 			 */
382 			list_add(&rdd.middle, rdd.list);
383 			rdd.is_lowest = true;
384 			err = ovl_dir_read(&realpath, &rdd);
385 			list_del(&rdd.middle);
386 		}
387 	}
388 	return err;
389 }
390 
ovl_seek_cursor(struct ovl_dir_file * od,loff_t pos)391 static void ovl_seek_cursor(struct ovl_dir_file *od, loff_t pos)
392 {
393 	struct list_head *p;
394 	loff_t off = 0;
395 
396 	list_for_each(p, &od->cache->entries) {
397 		if (off >= pos)
398 			break;
399 		off++;
400 	}
401 	/* Cursor is safe since the cache is stable */
402 	od->cursor = p;
403 }
404 
ovl_cache_get(struct dentry * dentry)405 static struct ovl_dir_cache *ovl_cache_get(struct dentry *dentry)
406 {
407 	int res;
408 	struct ovl_dir_cache *cache;
409 
410 	cache = ovl_dir_cache(d_inode(dentry));
411 	if (cache && ovl_dentry_version_get(dentry) == cache->version) {
412 		WARN_ON(!cache->refcount);
413 		cache->refcount++;
414 		return cache;
415 	}
416 	ovl_set_dir_cache(d_inode(dentry), NULL);
417 
418 	cache = kzalloc(sizeof(struct ovl_dir_cache), GFP_KERNEL);
419 	if (!cache)
420 		return ERR_PTR(-ENOMEM);
421 
422 	cache->refcount = 1;
423 	INIT_LIST_HEAD(&cache->entries);
424 	cache->root = RB_ROOT;
425 
426 	res = ovl_dir_read_merged(dentry, &cache->entries, &cache->root);
427 	if (res) {
428 		ovl_cache_free(&cache->entries);
429 		kfree(cache);
430 		return ERR_PTR(res);
431 	}
432 
433 	cache->version = ovl_dentry_version_get(dentry);
434 	ovl_set_dir_cache(d_inode(dentry), cache);
435 
436 	return cache;
437 }
438 
439 /* Map inode number to lower fs unique range */
ovl_remap_lower_ino(u64 ino,int xinobits,int fsid,const char * name,int namelen,bool warn)440 static u64 ovl_remap_lower_ino(u64 ino, int xinobits, int fsid,
441 			       const char *name, int namelen, bool warn)
442 {
443 	unsigned int xinoshift = 64 - xinobits;
444 
445 	if (unlikely(ino >> xinoshift)) {
446 		if (warn) {
447 			pr_warn_ratelimited("d_ino too big (%.*s, ino=%llu, xinobits=%d)\n",
448 					    namelen, name, ino, xinobits);
449 		}
450 		return ino;
451 	}
452 
453 	/*
454 	 * The lowest xinobit is reserved for mapping the non-peresistent inode
455 	 * numbers range, but this range is only exposed via st_ino, not here.
456 	 */
457 	return ino | ((u64)fsid) << (xinoshift + 1);
458 }
459 
460 /*
461  * Set d_ino for upper entries. Non-upper entries should always report
462  * the uppermost real inode ino and should not call this function.
463  *
464  * When not all layer are on same fs, report real ino also for upper.
465  *
466  * When all layers are on the same fs, and upper has a reference to
467  * copy up origin, call vfs_getattr() on the overlay entry to make
468  * sure that d_ino will be consistent with st_ino from stat(2).
469  */
ovl_cache_update_ino(struct path * path,struct ovl_cache_entry * p)470 static int ovl_cache_update_ino(struct path *path, struct ovl_cache_entry *p)
471 
472 {
473 	struct dentry *dir = path->dentry;
474 	struct dentry *this = NULL;
475 	enum ovl_path_type type;
476 	u64 ino = p->real_ino;
477 	int xinobits = ovl_xino_bits(dir->d_sb);
478 	int err = 0;
479 
480 	if (!ovl_same_dev(dir->d_sb))
481 		goto out;
482 
483 	if (p->name[0] == '.') {
484 		if (p->len == 1) {
485 			this = dget(dir);
486 			goto get;
487 		}
488 		if (p->len == 2 && p->name[1] == '.') {
489 			/* we shall not be moved */
490 			this = dget(dir->d_parent);
491 			goto get;
492 		}
493 	}
494 	this = lookup_one_len(p->name, dir, p->len);
495 	if (IS_ERR_OR_NULL(this) || !this->d_inode) {
496 		if (IS_ERR(this)) {
497 			err = PTR_ERR(this);
498 			this = NULL;
499 			goto fail;
500 		}
501 		goto out;
502 	}
503 
504 get:
505 	type = ovl_path_type(this);
506 	if (OVL_TYPE_ORIGIN(type)) {
507 		struct kstat stat;
508 		struct path statpath = *path;
509 
510 		statpath.dentry = this;
511 		err = vfs_getattr(&statpath, &stat, STATX_INO, 0);
512 		if (err)
513 			goto fail;
514 
515 		/*
516 		 * Directory inode is always on overlay st_dev.
517 		 * Non-dir with ovl_same_dev() could be on pseudo st_dev in case
518 		 * of xino bits overflow.
519 		 */
520 		WARN_ON_ONCE(S_ISDIR(stat.mode) &&
521 			     dir->d_sb->s_dev != stat.dev);
522 		ino = stat.ino;
523 	} else if (xinobits && !OVL_TYPE_UPPER(type)) {
524 		ino = ovl_remap_lower_ino(ino, xinobits,
525 					  ovl_layer_lower(this)->fsid,
526 					  p->name, p->len,
527 					  ovl_xino_warn(dir->d_sb));
528 	}
529 
530 out:
531 	p->ino = ino;
532 	dput(this);
533 	return err;
534 
535 fail:
536 	pr_warn_ratelimited("failed to look up (%s) for ino (%i)\n",
537 			    p->name, err);
538 	goto out;
539 }
540 
ovl_fill_plain(struct dir_context * ctx,const char * name,int namelen,loff_t offset,u64 ino,unsigned int d_type)541 static int ovl_fill_plain(struct dir_context *ctx, const char *name,
542 			  int namelen, loff_t offset, u64 ino,
543 			  unsigned int d_type)
544 {
545 	struct ovl_cache_entry *p;
546 	struct ovl_readdir_data *rdd =
547 		container_of(ctx, struct ovl_readdir_data, ctx);
548 
549 	rdd->count++;
550 	p = ovl_cache_entry_new(rdd, name, namelen, ino, d_type);
551 	if (p == NULL) {
552 		rdd->err = -ENOMEM;
553 		return -ENOMEM;
554 	}
555 	list_add_tail(&p->l_node, rdd->list);
556 
557 	return 0;
558 }
559 
ovl_dir_read_impure(struct path * path,struct list_head * list,struct rb_root * root)560 static int ovl_dir_read_impure(struct path *path,  struct list_head *list,
561 			       struct rb_root *root)
562 {
563 	int err;
564 	struct path realpath;
565 	struct ovl_cache_entry *p, *n;
566 	struct ovl_readdir_data rdd = {
567 		.ctx.actor = ovl_fill_plain,
568 		.list = list,
569 		.root = root,
570 	};
571 
572 	INIT_LIST_HEAD(list);
573 	*root = RB_ROOT;
574 	ovl_path_upper(path->dentry, &realpath);
575 
576 	err = ovl_dir_read(&realpath, &rdd);
577 	if (err)
578 		return err;
579 
580 	list_for_each_entry_safe(p, n, list, l_node) {
581 		if (strcmp(p->name, ".") != 0 &&
582 		    strcmp(p->name, "..") != 0) {
583 			err = ovl_cache_update_ino(path, p);
584 			if (err)
585 				return err;
586 		}
587 		if (p->ino == p->real_ino) {
588 			list_del(&p->l_node);
589 			kfree(p);
590 		} else {
591 			struct rb_node **newp = &root->rb_node;
592 			struct rb_node *parent = NULL;
593 
594 			if (WARN_ON(ovl_cache_entry_find_link(p->name, p->len,
595 							      &newp, &parent)))
596 				return -EIO;
597 
598 			rb_link_node(&p->node, parent, newp);
599 			rb_insert_color(&p->node, root);
600 		}
601 	}
602 	return 0;
603 }
604 
ovl_cache_get_impure(struct path * path)605 static struct ovl_dir_cache *ovl_cache_get_impure(struct path *path)
606 {
607 	int res;
608 	struct dentry *dentry = path->dentry;
609 	struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
610 	struct ovl_dir_cache *cache;
611 
612 	cache = ovl_dir_cache(d_inode(dentry));
613 	if (cache && ovl_dentry_version_get(dentry) == cache->version)
614 		return cache;
615 
616 	/* Impure cache is not refcounted, free it here */
617 	ovl_dir_cache_free(d_inode(dentry));
618 	ovl_set_dir_cache(d_inode(dentry), NULL);
619 
620 	cache = kzalloc(sizeof(struct ovl_dir_cache), GFP_KERNEL);
621 	if (!cache)
622 		return ERR_PTR(-ENOMEM);
623 
624 	res = ovl_dir_read_impure(path, &cache->entries, &cache->root);
625 	if (res) {
626 		ovl_cache_free(&cache->entries);
627 		kfree(cache);
628 		return ERR_PTR(res);
629 	}
630 	if (list_empty(&cache->entries)) {
631 		/*
632 		 * A good opportunity to get rid of an unneeded "impure" flag.
633 		 * Removing the "impure" xattr is best effort.
634 		 */
635 		if (!ovl_want_write(dentry)) {
636 			ovl_do_removexattr(ofs, ovl_dentry_upper(dentry),
637 					   OVL_XATTR_IMPURE);
638 			ovl_drop_write(dentry);
639 		}
640 		ovl_clear_flag(OVL_IMPURE, d_inode(dentry));
641 		kfree(cache);
642 		return NULL;
643 	}
644 
645 	cache->version = ovl_dentry_version_get(dentry);
646 	ovl_set_dir_cache(d_inode(dentry), cache);
647 
648 	return cache;
649 }
650 
651 struct ovl_readdir_translate {
652 	struct dir_context *orig_ctx;
653 	struct ovl_dir_cache *cache;
654 	struct dir_context ctx;
655 	u64 parent_ino;
656 	int fsid;
657 	int xinobits;
658 	bool xinowarn;
659 };
660 
ovl_fill_real(struct dir_context * ctx,const char * name,int namelen,loff_t offset,u64 ino,unsigned int d_type)661 static int ovl_fill_real(struct dir_context *ctx, const char *name,
662 			   int namelen, loff_t offset, u64 ino,
663 			   unsigned int d_type)
664 {
665 	struct ovl_readdir_translate *rdt =
666 		container_of(ctx, struct ovl_readdir_translate, ctx);
667 	struct dir_context *orig_ctx = rdt->orig_ctx;
668 
669 	if (rdt->parent_ino && strcmp(name, "..") == 0) {
670 		ino = rdt->parent_ino;
671 	} else if (rdt->cache) {
672 		struct ovl_cache_entry *p;
673 
674 		p = ovl_cache_entry_find(&rdt->cache->root, name, namelen);
675 		if (p)
676 			ino = p->ino;
677 	} else if (rdt->xinobits) {
678 		ino = ovl_remap_lower_ino(ino, rdt->xinobits, rdt->fsid,
679 					  name, namelen, rdt->xinowarn);
680 	}
681 
682 	return orig_ctx->actor(orig_ctx, name, namelen, offset, ino, d_type);
683 }
684 
ovl_is_impure_dir(struct file * file)685 static bool ovl_is_impure_dir(struct file *file)
686 {
687 	struct ovl_dir_file *od = file->private_data;
688 	struct inode *dir = d_inode(file->f_path.dentry);
689 
690 	/*
691 	 * Only upper dir can be impure, but if we are in the middle of
692 	 * iterating a lower real dir, dir could be copied up and marked
693 	 * impure. We only want the impure cache if we started iterating
694 	 * a real upper dir to begin with.
695 	 */
696 	return od->is_upper && ovl_test_flag(OVL_IMPURE, dir);
697 
698 }
699 
ovl_iterate_real(struct file * file,struct dir_context * ctx)700 static int ovl_iterate_real(struct file *file, struct dir_context *ctx)
701 {
702 	int err;
703 	struct ovl_dir_file *od = file->private_data;
704 	struct dentry *dir = file->f_path.dentry;
705 	const struct ovl_layer *lower_layer = ovl_layer_lower(dir);
706 	struct ovl_readdir_translate rdt = {
707 		.ctx.actor = ovl_fill_real,
708 		.orig_ctx = ctx,
709 		.xinobits = ovl_xino_bits(dir->d_sb),
710 		.xinowarn = ovl_xino_warn(dir->d_sb),
711 	};
712 
713 	if (rdt.xinobits && lower_layer)
714 		rdt.fsid = lower_layer->fsid;
715 
716 	if (OVL_TYPE_MERGE(ovl_path_type(dir->d_parent))) {
717 		struct kstat stat;
718 		struct path statpath = file->f_path;
719 
720 		statpath.dentry = dir->d_parent;
721 		err = vfs_getattr(&statpath, &stat, STATX_INO, 0);
722 		if (err)
723 			return err;
724 
725 		WARN_ON_ONCE(dir->d_sb->s_dev != stat.dev);
726 		rdt.parent_ino = stat.ino;
727 	}
728 
729 	if (ovl_is_impure_dir(file)) {
730 		rdt.cache = ovl_cache_get_impure(&file->f_path);
731 		if (IS_ERR(rdt.cache))
732 			return PTR_ERR(rdt.cache);
733 	}
734 
735 	err = iterate_dir(od->realfile, &rdt.ctx);
736 	ctx->pos = rdt.ctx.pos;
737 
738 	return err;
739 }
740 
741 
ovl_iterate(struct file * file,struct dir_context * ctx)742 static int ovl_iterate(struct file *file, struct dir_context *ctx)
743 {
744 	struct ovl_dir_file *od = file->private_data;
745 	struct dentry *dentry = file->f_path.dentry;
746 	struct ovl_cache_entry *p;
747 	const struct cred *old_cred;
748 	int err;
749 
750 	old_cred = ovl_override_creds(dentry->d_sb);
751 	if (!ctx->pos)
752 		ovl_dir_reset(file);
753 
754 	if (od->is_real) {
755 		/*
756 		 * If parent is merge, then need to adjust d_ino for '..', if
757 		 * dir is impure then need to adjust d_ino for copied up
758 		 * entries.
759 		 */
760 		if (ovl_xino_bits(dentry->d_sb) ||
761 		    (ovl_same_fs(dentry->d_sb) &&
762 		     (ovl_is_impure_dir(file) ||
763 		      OVL_TYPE_MERGE(ovl_path_type(dentry->d_parent))))) {
764 			err = ovl_iterate_real(file, ctx);
765 		} else {
766 			err = iterate_dir(od->realfile, ctx);
767 		}
768 		goto out;
769 	}
770 
771 	if (!od->cache) {
772 		struct ovl_dir_cache *cache;
773 
774 		cache = ovl_cache_get(dentry);
775 		err = PTR_ERR(cache);
776 		if (IS_ERR(cache))
777 			goto out;
778 
779 		od->cache = cache;
780 		ovl_seek_cursor(od, ctx->pos);
781 	}
782 
783 	while (od->cursor != &od->cache->entries) {
784 		p = list_entry(od->cursor, struct ovl_cache_entry, l_node);
785 		if (!p->is_whiteout) {
786 			if (!p->ino) {
787 				err = ovl_cache_update_ino(&file->f_path, p);
788 				if (err)
789 					goto out;
790 			}
791 			if (!dir_emit(ctx, p->name, p->len, p->ino, p->type))
792 				break;
793 		}
794 		od->cursor = p->l_node.next;
795 		ctx->pos++;
796 	}
797 	err = 0;
798 out:
799 	revert_creds(old_cred);
800 	return err;
801 }
802 
ovl_dir_llseek(struct file * file,loff_t offset,int origin)803 static loff_t ovl_dir_llseek(struct file *file, loff_t offset, int origin)
804 {
805 	loff_t res;
806 	struct ovl_dir_file *od = file->private_data;
807 
808 	inode_lock(file_inode(file));
809 	if (!file->f_pos)
810 		ovl_dir_reset(file);
811 
812 	if (od->is_real) {
813 		res = vfs_llseek(od->realfile, offset, origin);
814 		file->f_pos = od->realfile->f_pos;
815 	} else {
816 		res = -EINVAL;
817 
818 		switch (origin) {
819 		case SEEK_CUR:
820 			offset += file->f_pos;
821 			break;
822 		case SEEK_SET:
823 			break;
824 		default:
825 			goto out_unlock;
826 		}
827 		if (offset < 0)
828 			goto out_unlock;
829 
830 		if (offset != file->f_pos) {
831 			file->f_pos = offset;
832 			if (od->cache)
833 				ovl_seek_cursor(od, offset);
834 		}
835 		res = offset;
836 	}
837 out_unlock:
838 	inode_unlock(file_inode(file));
839 
840 	return res;
841 }
842 
ovl_dir_open_realfile(const struct file * file,struct path * realpath)843 static struct file *ovl_dir_open_realfile(const struct file *file,
844 					  struct path *realpath)
845 {
846 	struct file *res;
847 	const struct cred *old_cred;
848 
849 	old_cred = ovl_override_creds(file_inode(file)->i_sb);
850 	res = ovl_path_open(realpath, O_RDONLY | (file->f_flags & O_LARGEFILE));
851 	revert_creds(old_cred);
852 
853 	return res;
854 }
855 
856 /*
857  * Like ovl_real_fdget(), returns upperfile if dir was copied up since open.
858  * Unlike ovl_real_fdget(), this caches upperfile in file->private_data.
859  *
860  * TODO: use same abstract type for file->private_data of dir and file so
861  * upperfile could also be cached for files as well.
862  */
ovl_dir_real_file(const struct file * file,bool want_upper)863 struct file *ovl_dir_real_file(const struct file *file, bool want_upper)
864 {
865 
866 	struct ovl_dir_file *od = file->private_data;
867 	struct dentry *dentry = file->f_path.dentry;
868 	struct file *realfile = od->realfile;
869 
870 	if (!OVL_TYPE_UPPER(ovl_path_type(dentry)))
871 		return want_upper ? NULL : realfile;
872 
873 	/*
874 	 * Need to check if we started out being a lower dir, but got copied up
875 	 */
876 	if (!od->is_upper) {
877 		struct inode *inode = file_inode(file);
878 
879 		realfile = READ_ONCE(od->upperfile);
880 		if (!realfile) {
881 			struct path upperpath;
882 
883 			ovl_path_upper(dentry, &upperpath);
884 			realfile = ovl_dir_open_realfile(file, &upperpath);
885 
886 			inode_lock(inode);
887 			if (!od->upperfile) {
888 				if (IS_ERR(realfile)) {
889 					inode_unlock(inode);
890 					return realfile;
891 				}
892 				smp_store_release(&od->upperfile, realfile);
893 			} else {
894 				/* somebody has beaten us to it */
895 				if (!IS_ERR(realfile))
896 					fput(realfile);
897 				realfile = od->upperfile;
898 			}
899 			inode_unlock(inode);
900 		}
901 	}
902 
903 	return realfile;
904 }
905 
ovl_dir_fsync(struct file * file,loff_t start,loff_t end,int datasync)906 static int ovl_dir_fsync(struct file *file, loff_t start, loff_t end,
907 			 int datasync)
908 {
909 	struct file *realfile;
910 	int err;
911 
912 	if (!ovl_should_sync(OVL_FS(file->f_path.dentry->d_sb)))
913 		return 0;
914 
915 	realfile = ovl_dir_real_file(file, true);
916 	err = PTR_ERR_OR_ZERO(realfile);
917 
918 	/* Nothing to sync for lower */
919 	if (!realfile || err)
920 		return err;
921 
922 	return vfs_fsync_range(realfile, start, end, datasync);
923 }
924 
ovl_dir_release(struct inode * inode,struct file * file)925 static int ovl_dir_release(struct inode *inode, struct file *file)
926 {
927 	struct ovl_dir_file *od = file->private_data;
928 
929 	if (od->cache) {
930 		inode_lock(inode);
931 		ovl_cache_put(od, file->f_path.dentry);
932 		inode_unlock(inode);
933 	}
934 	fput(od->realfile);
935 	if (od->upperfile)
936 		fput(od->upperfile);
937 	kfree(od);
938 
939 	return 0;
940 }
941 
ovl_dir_open(struct inode * inode,struct file * file)942 static int ovl_dir_open(struct inode *inode, struct file *file)
943 {
944 	struct path realpath;
945 	struct file *realfile;
946 	struct ovl_dir_file *od;
947 	enum ovl_path_type type;
948 
949 	od = kzalloc(sizeof(struct ovl_dir_file), GFP_KERNEL);
950 	if (!od)
951 		return -ENOMEM;
952 
953 	type = ovl_path_real(file->f_path.dentry, &realpath);
954 	realfile = ovl_dir_open_realfile(file, &realpath);
955 	if (IS_ERR(realfile)) {
956 		kfree(od);
957 		return PTR_ERR(realfile);
958 	}
959 	od->realfile = realfile;
960 	od->is_real = ovl_dir_is_real(file->f_path.dentry);
961 	od->is_upper = OVL_TYPE_UPPER(type);
962 	file->private_data = od;
963 
964 	return 0;
965 }
966 
967 const struct file_operations ovl_dir_operations = {
968 	.read		= generic_read_dir,
969 	.open		= ovl_dir_open,
970 	.iterate	= ovl_iterate,
971 	.llseek		= ovl_dir_llseek,
972 	.fsync		= ovl_dir_fsync,
973 	.release	= ovl_dir_release,
974 	.unlocked_ioctl	= ovl_ioctl,
975 #ifdef CONFIG_COMPAT
976 	.compat_ioctl	= ovl_compat_ioctl,
977 #endif
978 };
979 
ovl_check_empty_dir(struct dentry * dentry,struct list_head * list)980 int ovl_check_empty_dir(struct dentry *dentry, struct list_head *list)
981 {
982 	int err;
983 	struct ovl_cache_entry *p, *n;
984 	struct rb_root root = RB_ROOT;
985 	const struct cred *old_cred;
986 
987 	old_cred = ovl_override_creds(dentry->d_sb);
988 	err = ovl_dir_read_merged(dentry, list, &root);
989 	revert_creds(old_cred);
990 	if (err)
991 		return err;
992 
993 	err = 0;
994 
995 	list_for_each_entry_safe(p, n, list, l_node) {
996 		/*
997 		 * Select whiteouts in upperdir, they should
998 		 * be cleared when deleting this directory.
999 		 */
1000 		if (p->is_whiteout) {
1001 			if (p->is_upper)
1002 				continue;
1003 			goto del_entry;
1004 		}
1005 
1006 		if (p->name[0] == '.') {
1007 			if (p->len == 1)
1008 				goto del_entry;
1009 			if (p->len == 2 && p->name[1] == '.')
1010 				goto del_entry;
1011 		}
1012 		err = -ENOTEMPTY;
1013 		break;
1014 
1015 del_entry:
1016 		list_del(&p->l_node);
1017 		kfree(p);
1018 	}
1019 
1020 	return err;
1021 }
1022 
ovl_cleanup_whiteouts(struct dentry * upper,struct list_head * list)1023 void ovl_cleanup_whiteouts(struct dentry *upper, struct list_head *list)
1024 {
1025 	struct ovl_cache_entry *p;
1026 
1027 	inode_lock_nested(upper->d_inode, I_MUTEX_CHILD);
1028 	list_for_each_entry(p, list, l_node) {
1029 		struct dentry *dentry;
1030 
1031 		if (WARN_ON(!p->is_whiteout || !p->is_upper))
1032 			continue;
1033 
1034 		dentry = lookup_one_len(p->name, upper, p->len);
1035 		if (IS_ERR(dentry)) {
1036 			pr_err("lookup '%s/%.*s' failed (%i)\n",
1037 			       upper->d_name.name, p->len, p->name,
1038 			       (int) PTR_ERR(dentry));
1039 			continue;
1040 		}
1041 		if (dentry->d_inode)
1042 			ovl_cleanup(upper->d_inode, dentry);
1043 		dput(dentry);
1044 	}
1045 	inode_unlock(upper->d_inode);
1046 }
1047 
ovl_check_d_type(struct dir_context * ctx,const char * name,int namelen,loff_t offset,u64 ino,unsigned int d_type)1048 static int ovl_check_d_type(struct dir_context *ctx, const char *name,
1049 			  int namelen, loff_t offset, u64 ino,
1050 			  unsigned int d_type)
1051 {
1052 	struct ovl_readdir_data *rdd =
1053 		container_of(ctx, struct ovl_readdir_data, ctx);
1054 
1055 	/* Even if d_type is not supported, DT_DIR is returned for . and .. */
1056 	if (!strncmp(name, ".", namelen) || !strncmp(name, "..", namelen))
1057 		return 0;
1058 
1059 	if (d_type != DT_UNKNOWN)
1060 		rdd->d_type_supported = true;
1061 
1062 	return 0;
1063 }
1064 
1065 /*
1066  * Returns 1 if d_type is supported, 0 not supported/unknown. Negative values
1067  * if error is encountered.
1068  */
ovl_check_d_type_supported(struct path * realpath)1069 int ovl_check_d_type_supported(struct path *realpath)
1070 {
1071 	int err;
1072 	struct ovl_readdir_data rdd = {
1073 		.ctx.actor = ovl_check_d_type,
1074 		.d_type_supported = false,
1075 	};
1076 
1077 	err = ovl_dir_read(realpath, &rdd);
1078 	if (err)
1079 		return err;
1080 
1081 	return rdd.d_type_supported;
1082 }
1083 
1084 #define OVL_INCOMPATDIR_NAME "incompat"
1085 
ovl_workdir_cleanup_recurse(struct path * path,int level)1086 static int ovl_workdir_cleanup_recurse(struct path *path, int level)
1087 {
1088 	int err;
1089 	struct inode *dir = path->dentry->d_inode;
1090 	LIST_HEAD(list);
1091 	struct rb_root root = RB_ROOT;
1092 	struct ovl_cache_entry *p;
1093 	struct ovl_readdir_data rdd = {
1094 		.ctx.actor = ovl_fill_merge,
1095 		.dentry = NULL,
1096 		.list = &list,
1097 		.root = &root,
1098 		.is_lowest = false,
1099 	};
1100 	bool incompat = false;
1101 
1102 	/*
1103 	 * The "work/incompat" directory is treated specially - if it is not
1104 	 * empty, instead of printing a generic error and mounting read-only,
1105 	 * we will error about incompat features and fail the mount.
1106 	 *
1107 	 * When called from ovl_indexdir_cleanup(), path->dentry->d_name.name
1108 	 * starts with '#'.
1109 	 */
1110 	if (level == 2 &&
1111 	    !strcmp(path->dentry->d_name.name, OVL_INCOMPATDIR_NAME))
1112 		incompat = true;
1113 
1114 	err = ovl_dir_read(path, &rdd);
1115 	if (err)
1116 		goto out;
1117 
1118 	inode_lock_nested(dir, I_MUTEX_PARENT);
1119 	list_for_each_entry(p, &list, l_node) {
1120 		struct dentry *dentry;
1121 
1122 		if (p->name[0] == '.') {
1123 			if (p->len == 1)
1124 				continue;
1125 			if (p->len == 2 && p->name[1] == '.')
1126 				continue;
1127 		} else if (incompat) {
1128 			pr_err("overlay with incompat feature '%s' cannot be mounted\n",
1129 				p->name);
1130 			err = -EINVAL;
1131 			break;
1132 		}
1133 		dentry = lookup_one_len(p->name, path->dentry, p->len);
1134 		if (IS_ERR(dentry))
1135 			continue;
1136 		if (dentry->d_inode)
1137 			err = ovl_workdir_cleanup(dir, path->mnt, dentry, level);
1138 		dput(dentry);
1139 		if (err)
1140 			break;
1141 	}
1142 	inode_unlock(dir);
1143 out:
1144 	ovl_cache_free(&list);
1145 	return err;
1146 }
1147 
ovl_workdir_cleanup(struct inode * dir,struct vfsmount * mnt,struct dentry * dentry,int level)1148 int ovl_workdir_cleanup(struct inode *dir, struct vfsmount *mnt,
1149 			 struct dentry *dentry, int level)
1150 {
1151 	int err;
1152 
1153 	if (!d_is_dir(dentry) || level > 1) {
1154 		return ovl_cleanup(dir, dentry);
1155 	}
1156 
1157 	err = ovl_do_rmdir(dir, dentry);
1158 	if (err) {
1159 		struct path path = { .mnt = mnt, .dentry = dentry };
1160 
1161 		inode_unlock(dir);
1162 		err = ovl_workdir_cleanup_recurse(&path, level + 1);
1163 		inode_lock_nested(dir, I_MUTEX_PARENT);
1164 		if (!err)
1165 			err = ovl_cleanup(dir, dentry);
1166 	}
1167 
1168 	return err;
1169 }
1170 
ovl_indexdir_cleanup(struct ovl_fs * ofs)1171 int ovl_indexdir_cleanup(struct ovl_fs *ofs)
1172 {
1173 	int err;
1174 	struct dentry *indexdir = ofs->indexdir;
1175 	struct dentry *index = NULL;
1176 	struct inode *dir = indexdir->d_inode;
1177 	struct path path = { .mnt = ovl_upper_mnt(ofs), .dentry = indexdir };
1178 	LIST_HEAD(list);
1179 	struct rb_root root = RB_ROOT;
1180 	struct ovl_cache_entry *p;
1181 	struct ovl_readdir_data rdd = {
1182 		.ctx.actor = ovl_fill_merge,
1183 		.dentry = NULL,
1184 		.list = &list,
1185 		.root = &root,
1186 		.is_lowest = false,
1187 	};
1188 
1189 	err = ovl_dir_read(&path, &rdd);
1190 	if (err)
1191 		goto out;
1192 
1193 	inode_lock_nested(dir, I_MUTEX_PARENT);
1194 	list_for_each_entry(p, &list, l_node) {
1195 		if (p->name[0] == '.') {
1196 			if (p->len == 1)
1197 				continue;
1198 			if (p->len == 2 && p->name[1] == '.')
1199 				continue;
1200 		}
1201 		index = lookup_one_len(p->name, indexdir, p->len);
1202 		if (IS_ERR(index)) {
1203 			err = PTR_ERR(index);
1204 			index = NULL;
1205 			break;
1206 		}
1207 		/* Cleanup leftover from index create/cleanup attempt */
1208 		if (index->d_name.name[0] == '#') {
1209 			err = ovl_workdir_cleanup(dir, path.mnt, index, 1);
1210 			if (err)
1211 				break;
1212 			goto next;
1213 		}
1214 		err = ovl_verify_index(ofs, index);
1215 		if (!err) {
1216 			goto next;
1217 		} else if (err == -ESTALE) {
1218 			/* Cleanup stale index entries */
1219 			err = ovl_cleanup(dir, index);
1220 		} else if (err != -ENOENT) {
1221 			/*
1222 			 * Abort mount to avoid corrupting the index if
1223 			 * an incompatible index entry was found or on out
1224 			 * of memory.
1225 			 */
1226 			break;
1227 		} else if (ofs->config.nfs_export) {
1228 			/*
1229 			 * Whiteout orphan index to block future open by
1230 			 * handle after overlay nlink dropped to zero.
1231 			 */
1232 			err = ovl_cleanup_and_whiteout(ofs, dir, index);
1233 		} else {
1234 			/* Cleanup orphan index entries */
1235 			err = ovl_cleanup(dir, index);
1236 		}
1237 
1238 		if (err)
1239 			break;
1240 
1241 next:
1242 		dput(index);
1243 		index = NULL;
1244 	}
1245 	dput(index);
1246 	inode_unlock(dir);
1247 out:
1248 	ovl_cache_free(&list);
1249 	if (err)
1250 		pr_err("failed index dir cleanup (%i)\n", err);
1251 	return err;
1252 }
1253