1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 *
4 * Copyright (C) 2011 Novell Inc.
5 */
6
7 #include <linux/module.h>
8 #include <linux/fs.h>
9 #include <linux/slab.h>
10 #include <linux/file.h>
11 #include <linux/splice.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/uaccess.h>
15 #include <linux/sched/signal.h>
16 #include <linux/cred.h>
17 #include <linux/namei.h>
18 #include <linux/fdtable.h>
19 #include <linux/ratelimit.h>
20 #include <linux/exportfs.h>
21 #include "overlayfs.h"
22
23 #define OVL_COPY_UP_CHUNK_SIZE (1 << 20)
24
ovl_ccup_set(const char * buf,const struct kernel_param * param)25 static int ovl_ccup_set(const char *buf, const struct kernel_param *param)
26 {
27 pr_warn("overlayfs: \"check_copy_up\" module option is obsolete\n");
28 return 0;
29 }
30
ovl_ccup_get(char * buf,const struct kernel_param * param)31 static int ovl_ccup_get(char *buf, const struct kernel_param *param)
32 {
33 return sprintf(buf, "N\n");
34 }
35
36 module_param_call(check_copy_up, ovl_ccup_set, ovl_ccup_get, NULL, 0644);
37 MODULE_PARM_DESC(check_copy_up, "Obsolete; does nothing");
38
ovl_copy_xattr(struct dentry * old,struct dentry * new)39 int ovl_copy_xattr(struct dentry *old, struct dentry *new)
40 {
41 ssize_t list_size, size, value_size = 0;
42 char *buf, *name, *value = NULL;
43 int uninitialized_var(error);
44 size_t slen;
45
46 if (!(old->d_inode->i_opflags & IOP_XATTR) ||
47 !(new->d_inode->i_opflags & IOP_XATTR))
48 return 0;
49
50 list_size = vfs_listxattr(old, NULL, 0);
51 if (list_size <= 0) {
52 if (list_size == -EOPNOTSUPP)
53 return 0;
54 return list_size;
55 }
56
57 buf = kzalloc(list_size, GFP_KERNEL);
58 if (!buf)
59 return -ENOMEM;
60
61 list_size = vfs_listxattr(old, buf, list_size);
62 if (list_size <= 0) {
63 error = list_size;
64 goto out;
65 }
66
67 for (name = buf; list_size; name += slen) {
68 slen = strnlen(name, list_size) + 1;
69
70 /* underlying fs providing us with an broken xattr list? */
71 if (WARN_ON(slen > list_size)) {
72 error = -EIO;
73 break;
74 }
75 list_size -= slen;
76
77 if (ovl_is_private_xattr(name))
78 continue;
79 retry:
80 size = vfs_getxattr(old, name, value, value_size);
81 if (size == -ERANGE)
82 size = vfs_getxattr(old, name, NULL, 0);
83
84 if (size < 0) {
85 error = size;
86 break;
87 }
88
89 if (size > value_size) {
90 void *new;
91
92 new = krealloc(value, size, GFP_KERNEL);
93 if (!new) {
94 error = -ENOMEM;
95 break;
96 }
97 value = new;
98 value_size = size;
99 goto retry;
100 }
101
102 error = security_inode_copy_up_xattr(name);
103 if (error < 0 && error != -EOPNOTSUPP)
104 break;
105 if (error == 1) {
106 error = 0;
107 continue; /* Discard */
108 }
109 error = vfs_setxattr(new, name, value, size, 0);
110 if (error)
111 break;
112 }
113 kfree(value);
114 out:
115 kfree(buf);
116 return error;
117 }
118
ovl_copy_up_data(struct path * old,struct path * new,loff_t len)119 static int ovl_copy_up_data(struct path *old, struct path *new, loff_t len)
120 {
121 struct file *old_file;
122 struct file *new_file;
123 loff_t old_pos = 0;
124 loff_t new_pos = 0;
125 loff_t cloned;
126 int error = 0;
127
128 if (len == 0)
129 return 0;
130
131 old_file = ovl_path_open(old, O_LARGEFILE | O_RDONLY);
132 if (IS_ERR(old_file))
133 return PTR_ERR(old_file);
134
135 new_file = ovl_path_open(new, O_LARGEFILE | O_WRONLY);
136 if (IS_ERR(new_file)) {
137 error = PTR_ERR(new_file);
138 goto out_fput;
139 }
140
141 /* Try to use clone_file_range to clone up within the same fs */
142 cloned = do_clone_file_range(old_file, 0, new_file, 0, len, 0);
143 if (cloned == len)
144 goto out;
145 /* Couldn't clone, so now we try to copy the data */
146
147 /* FIXME: copy up sparse files efficiently */
148 while (len) {
149 size_t this_len = OVL_COPY_UP_CHUNK_SIZE;
150 long bytes;
151
152 if (len < this_len)
153 this_len = len;
154
155 if (signal_pending_state(TASK_KILLABLE, current)) {
156 error = -EINTR;
157 break;
158 }
159
160 bytes = do_splice_direct(old_file, &old_pos,
161 new_file, &new_pos,
162 this_len, SPLICE_F_MOVE);
163 if (bytes <= 0) {
164 error = bytes;
165 break;
166 }
167 WARN_ON(old_pos != new_pos);
168
169 len -= bytes;
170 }
171 out:
172 if (!error)
173 error = vfs_fsync(new_file, 0);
174 fput(new_file);
175 out_fput:
176 fput(old_file);
177 return error;
178 }
179
ovl_set_size(struct dentry * upperdentry,struct kstat * stat)180 static int ovl_set_size(struct dentry *upperdentry, struct kstat *stat)
181 {
182 struct iattr attr = {
183 .ia_valid = ATTR_SIZE,
184 .ia_size = stat->size,
185 };
186
187 return notify_change(upperdentry, &attr, NULL);
188 }
189
ovl_set_timestamps(struct dentry * upperdentry,struct kstat * stat)190 static int ovl_set_timestamps(struct dentry *upperdentry, struct kstat *stat)
191 {
192 struct iattr attr = {
193 .ia_valid =
194 ATTR_ATIME | ATTR_MTIME | ATTR_ATIME_SET | ATTR_MTIME_SET,
195 .ia_atime = stat->atime,
196 .ia_mtime = stat->mtime,
197 };
198
199 return notify_change(upperdentry, &attr, NULL);
200 }
201
ovl_set_attr(struct dentry * upperdentry,struct kstat * stat)202 int ovl_set_attr(struct dentry *upperdentry, struct kstat *stat)
203 {
204 int err = 0;
205
206 if (!S_ISLNK(stat->mode)) {
207 struct iattr attr = {
208 .ia_valid = ATTR_MODE,
209 .ia_mode = stat->mode,
210 };
211 err = notify_change(upperdentry, &attr, NULL);
212 }
213 if (!err) {
214 struct iattr attr = {
215 .ia_valid = ATTR_UID | ATTR_GID,
216 .ia_uid = stat->uid,
217 .ia_gid = stat->gid,
218 };
219 err = notify_change(upperdentry, &attr, NULL);
220 }
221 if (!err)
222 ovl_set_timestamps(upperdentry, stat);
223
224 return err;
225 }
226
ovl_encode_real_fh(struct dentry * real,bool is_upper)227 struct ovl_fh *ovl_encode_real_fh(struct dentry *real, bool is_upper)
228 {
229 struct ovl_fh *fh;
230 int fh_type, fh_len, dwords;
231 void *buf;
232 int buflen = MAX_HANDLE_SZ;
233 uuid_t *uuid = &real->d_sb->s_uuid;
234
235 buf = kmalloc(buflen, GFP_KERNEL);
236 if (!buf)
237 return ERR_PTR(-ENOMEM);
238
239 /*
240 * We encode a non-connectable file handle for non-dir, because we
241 * only need to find the lower inode number and we don't want to pay
242 * the price or reconnecting the dentry.
243 */
244 dwords = buflen >> 2;
245 fh_type = exportfs_encode_fh(real, buf, &dwords, 0);
246 buflen = (dwords << 2);
247
248 fh = ERR_PTR(-EIO);
249 if (WARN_ON(fh_type < 0) ||
250 WARN_ON(buflen > MAX_HANDLE_SZ) ||
251 WARN_ON(fh_type == FILEID_INVALID))
252 goto out;
253
254 BUILD_BUG_ON(MAX_HANDLE_SZ + offsetof(struct ovl_fh, fid) > 255);
255 fh_len = offsetof(struct ovl_fh, fid) + buflen;
256 fh = kmalloc(fh_len, GFP_KERNEL);
257 if (!fh) {
258 fh = ERR_PTR(-ENOMEM);
259 goto out;
260 }
261
262 fh->version = OVL_FH_VERSION;
263 fh->magic = OVL_FH_MAGIC;
264 fh->type = fh_type;
265 fh->flags = OVL_FH_FLAG_CPU_ENDIAN;
266 /*
267 * When we will want to decode an overlay dentry from this handle
268 * and all layers are on the same fs, if we get a disconncted real
269 * dentry when we decode fid, the only way to tell if we should assign
270 * it to upperdentry or to lowerstack is by checking this flag.
271 */
272 if (is_upper)
273 fh->flags |= OVL_FH_FLAG_PATH_UPPER;
274 fh->len = fh_len;
275 fh->uuid = *uuid;
276 memcpy(fh->fid, buf, buflen);
277
278 out:
279 kfree(buf);
280 return fh;
281 }
282
ovl_set_origin(struct dentry * dentry,struct dentry * lower,struct dentry * upper)283 int ovl_set_origin(struct dentry *dentry, struct dentry *lower,
284 struct dentry *upper)
285 {
286 const struct ovl_fh *fh = NULL;
287 int err;
288
289 /*
290 * When lower layer doesn't support export operations store a 'null' fh,
291 * so we can use the overlay.origin xattr to distignuish between a copy
292 * up and a pure upper inode.
293 */
294 if (ovl_can_decode_fh(lower->d_sb)) {
295 fh = ovl_encode_real_fh(lower, false);
296 if (IS_ERR(fh))
297 return PTR_ERR(fh);
298 }
299
300 /*
301 * Do not fail when upper doesn't support xattrs.
302 */
303 err = ovl_check_setxattr(dentry, upper, OVL_XATTR_ORIGIN, fh,
304 fh ? fh->len : 0, 0);
305 kfree(fh);
306
307 return err;
308 }
309
310 /* Store file handle of @upper dir in @index dir entry */
ovl_set_upper_fh(struct dentry * upper,struct dentry * index)311 static int ovl_set_upper_fh(struct dentry *upper, struct dentry *index)
312 {
313 const struct ovl_fh *fh;
314 int err;
315
316 fh = ovl_encode_real_fh(upper, true);
317 if (IS_ERR(fh))
318 return PTR_ERR(fh);
319
320 err = ovl_do_setxattr(index, OVL_XATTR_UPPER, fh, fh->len, 0);
321
322 kfree(fh);
323 return err;
324 }
325
326 /*
327 * Create and install index entry.
328 *
329 * Caller must hold i_mutex on indexdir.
330 */
ovl_create_index(struct dentry * dentry,struct dentry * origin,struct dentry * upper)331 static int ovl_create_index(struct dentry *dentry, struct dentry *origin,
332 struct dentry *upper)
333 {
334 struct dentry *indexdir = ovl_indexdir(dentry->d_sb);
335 struct inode *dir = d_inode(indexdir);
336 struct dentry *index = NULL;
337 struct dentry *temp = NULL;
338 struct qstr name = { };
339 int err;
340
341 /*
342 * For now this is only used for creating index entry for directories,
343 * because non-dir are copied up directly to index and then hardlinked
344 * to upper dir.
345 *
346 * TODO: implement create index for non-dir, so we can call it when
347 * encoding file handle for non-dir in case index does not exist.
348 */
349 if (WARN_ON(!d_is_dir(dentry)))
350 return -EIO;
351
352 /* Directory not expected to be indexed before copy up */
353 if (WARN_ON(ovl_test_flag(OVL_INDEX, d_inode(dentry))))
354 return -EIO;
355
356 err = ovl_get_index_name(origin, &name);
357 if (err)
358 return err;
359
360 temp = ovl_create_temp(indexdir, OVL_CATTR(S_IFDIR | 0));
361 err = PTR_ERR(temp);
362 if (IS_ERR(temp))
363 goto free_name;
364
365 err = ovl_set_upper_fh(upper, temp);
366 if (err)
367 goto out;
368
369 index = lookup_one_len(name.name, indexdir, name.len);
370 if (IS_ERR(index)) {
371 err = PTR_ERR(index);
372 } else {
373 err = ovl_do_rename(dir, temp, dir, index, 0);
374 dput(index);
375 }
376 out:
377 if (err)
378 ovl_cleanup(dir, temp);
379 dput(temp);
380 free_name:
381 kfree(name.name);
382 return err;
383 }
384
385 struct ovl_copy_up_ctx {
386 struct dentry *parent;
387 struct dentry *dentry;
388 struct path lowerpath;
389 struct kstat stat;
390 struct kstat pstat;
391 const char *link;
392 struct dentry *destdir;
393 struct qstr destname;
394 struct dentry *workdir;
395 bool origin;
396 bool indexed;
397 bool metacopy;
398 };
399
ovl_link_up(struct ovl_copy_up_ctx * c)400 static int ovl_link_up(struct ovl_copy_up_ctx *c)
401 {
402 int err;
403 struct dentry *upper;
404 struct dentry *upperdir = ovl_dentry_upper(c->parent);
405 struct inode *udir = d_inode(upperdir);
406
407 /* Mark parent "impure" because it may now contain non-pure upper */
408 err = ovl_set_impure(c->parent, upperdir);
409 if (err)
410 return err;
411
412 err = ovl_set_nlink_lower(c->dentry);
413 if (err)
414 return err;
415
416 inode_lock_nested(udir, I_MUTEX_PARENT);
417 upper = lookup_one_len(c->dentry->d_name.name, upperdir,
418 c->dentry->d_name.len);
419 err = PTR_ERR(upper);
420 if (!IS_ERR(upper)) {
421 err = ovl_do_link(ovl_dentry_upper(c->dentry), udir, upper);
422 dput(upper);
423
424 if (!err) {
425 /* Restore timestamps on parent (best effort) */
426 ovl_set_timestamps(upperdir, &c->pstat);
427 ovl_dentry_set_upper_alias(c->dentry);
428 }
429 }
430 inode_unlock(udir);
431 if (err)
432 return err;
433
434 err = ovl_set_nlink_upper(c->dentry);
435
436 return err;
437 }
438
ovl_copy_up_inode(struct ovl_copy_up_ctx * c,struct dentry * temp)439 static int ovl_copy_up_inode(struct ovl_copy_up_ctx *c, struct dentry *temp)
440 {
441 int err;
442
443 /*
444 * Copy up data first and then xattrs. Writing data after
445 * xattrs will remove security.capability xattr automatically.
446 */
447 if (S_ISREG(c->stat.mode) && !c->metacopy) {
448 struct path upperpath, datapath;
449
450 ovl_path_upper(c->dentry, &upperpath);
451 if (WARN_ON(upperpath.dentry != NULL))
452 return -EIO;
453 upperpath.dentry = temp;
454
455 ovl_path_lowerdata(c->dentry, &datapath);
456 err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
457 if (err)
458 return err;
459 }
460
461 err = ovl_copy_xattr(c->lowerpath.dentry, temp);
462 if (err)
463 return err;
464
465 /*
466 * Store identifier of lower inode in upper inode xattr to
467 * allow lookup of the copy up origin inode.
468 *
469 * Don't set origin when we are breaking the association with a lower
470 * hard link.
471 */
472 if (c->origin) {
473 err = ovl_set_origin(c->dentry, c->lowerpath.dentry, temp);
474 if (err)
475 return err;
476 }
477
478 if (c->metacopy) {
479 err = ovl_check_setxattr(c->dentry, temp, OVL_XATTR_METACOPY,
480 NULL, 0, -EOPNOTSUPP);
481 if (err)
482 return err;
483 }
484
485 inode_lock(temp->d_inode);
486 if (c->metacopy)
487 err = ovl_set_size(temp, &c->stat);
488 if (!err)
489 err = ovl_set_attr(temp, &c->stat);
490 inode_unlock(temp->d_inode);
491
492 return err;
493 }
494
495 struct ovl_cu_creds {
496 const struct cred *old;
497 struct cred *new;
498 };
499
ovl_prep_cu_creds(struct dentry * dentry,struct ovl_cu_creds * cc)500 static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
501 {
502 int err;
503
504 cc->old = cc->new = NULL;
505 err = security_inode_copy_up(dentry, &cc->new);
506 if (err < 0)
507 return err;
508
509 if (cc->new)
510 cc->old = override_creds(cc->new);
511
512 return 0;
513 }
514
ovl_revert_cu_creds(struct ovl_cu_creds * cc)515 static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
516 {
517 if (cc->new) {
518 revert_creds(cc->old);
519 put_cred(cc->new);
520 }
521 }
522
523 /*
524 * Copyup using workdir to prepare temp file. Used when copying up directories,
525 * special files or when upper fs doesn't support O_TMPFILE.
526 */
ovl_copy_up_workdir(struct ovl_copy_up_ctx * c)527 static int ovl_copy_up_workdir(struct ovl_copy_up_ctx *c)
528 {
529 struct inode *inode;
530 struct inode *udir = d_inode(c->destdir), *wdir = d_inode(c->workdir);
531 struct dentry *temp, *upper;
532 struct ovl_cu_creds cc;
533 int err;
534 struct ovl_cattr cattr = {
535 /* Can't properly set mode on creation because of the umask */
536 .mode = c->stat.mode & S_IFMT,
537 .rdev = c->stat.rdev,
538 .link = c->link
539 };
540
541 err = ovl_lock_rename_workdir(c->workdir, c->destdir);
542 if (err)
543 return err;
544
545 err = ovl_prep_cu_creds(c->dentry, &cc);
546 if (err)
547 goto unlock;
548
549 temp = ovl_create_temp(c->workdir, &cattr);
550 ovl_revert_cu_creds(&cc);
551
552 err = PTR_ERR(temp);
553 if (IS_ERR(temp))
554 goto unlock;
555
556 err = ovl_copy_up_inode(c, temp);
557 if (err)
558 goto cleanup;
559
560 if (S_ISDIR(c->stat.mode) && c->indexed) {
561 err = ovl_create_index(c->dentry, c->lowerpath.dentry, temp);
562 if (err)
563 goto cleanup;
564 }
565
566 upper = lookup_one_len(c->destname.name, c->destdir, c->destname.len);
567 err = PTR_ERR(upper);
568 if (IS_ERR(upper))
569 goto cleanup;
570
571 err = ovl_do_rename(wdir, temp, udir, upper, 0);
572 dput(upper);
573 if (err)
574 goto cleanup;
575
576 if (!c->metacopy)
577 ovl_set_upperdata(d_inode(c->dentry));
578 inode = d_inode(c->dentry);
579 ovl_inode_update(inode, temp);
580 if (S_ISDIR(inode->i_mode))
581 ovl_set_flag(OVL_WHITEOUTS, inode);
582 unlock:
583 unlock_rename(c->workdir, c->destdir);
584
585 return err;
586
587 cleanup:
588 ovl_cleanup(wdir, temp);
589 dput(temp);
590 goto unlock;
591 }
592
593 /* Copyup using O_TMPFILE which does not require cross dir locking */
ovl_copy_up_tmpfile(struct ovl_copy_up_ctx * c)594 static int ovl_copy_up_tmpfile(struct ovl_copy_up_ctx *c)
595 {
596 struct inode *udir = d_inode(c->destdir);
597 struct dentry *temp, *upper;
598 struct ovl_cu_creds cc;
599 int err;
600
601 err = ovl_prep_cu_creds(c->dentry, &cc);
602 if (err)
603 return err;
604
605 temp = ovl_do_tmpfile(c->workdir, c->stat.mode);
606 ovl_revert_cu_creds(&cc);
607
608 if (IS_ERR(temp))
609 return PTR_ERR(temp);
610
611 err = ovl_copy_up_inode(c, temp);
612 if (err)
613 goto out_dput;
614
615 inode_lock_nested(udir, I_MUTEX_PARENT);
616
617 upper = lookup_one_len(c->destname.name, c->destdir, c->destname.len);
618 err = PTR_ERR(upper);
619 if (!IS_ERR(upper)) {
620 err = ovl_do_link(temp, udir, upper);
621 dput(upper);
622 }
623 inode_unlock(udir);
624
625 if (err)
626 goto out_dput;
627
628 if (!c->metacopy)
629 ovl_set_upperdata(d_inode(c->dentry));
630 ovl_inode_update(d_inode(c->dentry), temp);
631
632 return 0;
633
634 out_dput:
635 dput(temp);
636 return err;
637 }
638
639 /*
640 * Copy up a single dentry
641 *
642 * All renames start with copy up of source if necessary. The actual
643 * rename will only proceed once the copy up was successful. Copy up uses
644 * upper parent i_mutex for exclusion. Since rename can change d_parent it
645 * is possible that the copy up will lock the old parent. At that point
646 * the file will have already been copied up anyway.
647 */
ovl_do_copy_up(struct ovl_copy_up_ctx * c)648 static int ovl_do_copy_up(struct ovl_copy_up_ctx *c)
649 {
650 int err;
651 struct ovl_fs *ofs = c->dentry->d_sb->s_fs_info;
652 bool to_index = false;
653
654 /*
655 * Indexed non-dir is copied up directly to the index entry and then
656 * hardlinked to upper dir. Indexed dir is copied up to indexdir,
657 * then index entry is created and then copied up dir installed.
658 * Copying dir up to indexdir instead of workdir simplifies locking.
659 */
660 if (ovl_need_index(c->dentry)) {
661 c->indexed = true;
662 if (S_ISDIR(c->stat.mode))
663 c->workdir = ovl_indexdir(c->dentry->d_sb);
664 else
665 to_index = true;
666 }
667
668 if (S_ISDIR(c->stat.mode) || c->stat.nlink == 1 || to_index)
669 c->origin = true;
670
671 if (to_index) {
672 c->destdir = ovl_indexdir(c->dentry->d_sb);
673 err = ovl_get_index_name(c->lowerpath.dentry, &c->destname);
674 if (err)
675 return err;
676 } else if (WARN_ON(!c->parent)) {
677 /* Disconnected dentry must be copied up to index dir */
678 return -EIO;
679 } else {
680 /*
681 * Mark parent "impure" because it may now contain non-pure
682 * upper
683 */
684 err = ovl_set_impure(c->parent, c->destdir);
685 if (err)
686 return err;
687 }
688
689 /* Should we copyup with O_TMPFILE or with workdir? */
690 if (S_ISREG(c->stat.mode) && ofs->tmpfile)
691 err = ovl_copy_up_tmpfile(c);
692 else
693 err = ovl_copy_up_workdir(c);
694 if (err)
695 goto out;
696
697 if (c->indexed)
698 ovl_set_flag(OVL_INDEX, d_inode(c->dentry));
699
700 if (to_index) {
701 /* Initialize nlink for copy up of disconnected dentry */
702 err = ovl_set_nlink_upper(c->dentry);
703 } else {
704 struct inode *udir = d_inode(c->destdir);
705
706 /* Restore timestamps on parent (best effort) */
707 inode_lock(udir);
708 ovl_set_timestamps(c->destdir, &c->pstat);
709 inode_unlock(udir);
710
711 ovl_dentry_set_upper_alias(c->dentry);
712 }
713
714 out:
715 if (to_index)
716 kfree(c->destname.name);
717 return err;
718 }
719
ovl_need_meta_copy_up(struct dentry * dentry,umode_t mode,int flags)720 static bool ovl_need_meta_copy_up(struct dentry *dentry, umode_t mode,
721 int flags)
722 {
723 struct ovl_fs *ofs = dentry->d_sb->s_fs_info;
724
725 if (!ofs->config.metacopy)
726 return false;
727
728 if (!S_ISREG(mode))
729 return false;
730
731 if (flags && ((OPEN_FMODE(flags) & FMODE_WRITE) || (flags & O_TRUNC)))
732 return false;
733
734 return true;
735 }
736
737 /* Copy up data of an inode which was copied up metadata only in the past. */
ovl_copy_up_meta_inode_data(struct ovl_copy_up_ctx * c)738 static int ovl_copy_up_meta_inode_data(struct ovl_copy_up_ctx *c)
739 {
740 struct path upperpath, datapath;
741 int err;
742 char *capability = NULL;
743 ssize_t uninitialized_var(cap_size);
744
745 ovl_path_upper(c->dentry, &upperpath);
746 if (WARN_ON(upperpath.dentry == NULL))
747 return -EIO;
748
749 ovl_path_lowerdata(c->dentry, &datapath);
750 if (WARN_ON(datapath.dentry == NULL))
751 return -EIO;
752
753 if (c->stat.size) {
754 err = cap_size = ovl_getxattr(upperpath.dentry, XATTR_NAME_CAPS,
755 &capability, 0);
756 if (err < 0 && err != -ENODATA)
757 goto out;
758 }
759
760 err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
761 if (err)
762 goto out_free;
763
764 /*
765 * Writing to upper file will clear security.capability xattr. We
766 * don't want that to happen for normal copy-up operation.
767 */
768 if (capability) {
769 err = ovl_do_setxattr(upperpath.dentry, XATTR_NAME_CAPS,
770 capability, cap_size, 0);
771 if (err)
772 goto out_free;
773 }
774
775
776 err = vfs_removexattr(upperpath.dentry, OVL_XATTR_METACOPY);
777 if (err)
778 goto out_free;
779
780 ovl_set_upperdata(d_inode(c->dentry));
781 out_free:
782 kfree(capability);
783 out:
784 return err;
785 }
786
ovl_copy_up_one(struct dentry * parent,struct dentry * dentry,int flags)787 static int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
788 int flags)
789 {
790 int err;
791 DEFINE_DELAYED_CALL(done);
792 struct path parentpath;
793 struct ovl_copy_up_ctx ctx = {
794 .parent = parent,
795 .dentry = dentry,
796 .workdir = ovl_workdir(dentry),
797 };
798
799 if (WARN_ON(!ctx.workdir))
800 return -EROFS;
801
802 ovl_path_lower(dentry, &ctx.lowerpath);
803 err = vfs_getattr(&ctx.lowerpath, &ctx.stat,
804 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
805 if (err)
806 return err;
807
808 ctx.metacopy = ovl_need_meta_copy_up(dentry, ctx.stat.mode, flags);
809
810 if (parent) {
811 ovl_path_upper(parent, &parentpath);
812 ctx.destdir = parentpath.dentry;
813 ctx.destname = dentry->d_name;
814
815 err = vfs_getattr(&parentpath, &ctx.pstat,
816 STATX_ATIME | STATX_MTIME,
817 AT_STATX_SYNC_AS_STAT);
818 if (err)
819 return err;
820 }
821
822 /* maybe truncate regular file. this has no effect on dirs */
823 if (flags & O_TRUNC)
824 ctx.stat.size = 0;
825
826 if (S_ISLNK(ctx.stat.mode)) {
827 ctx.link = vfs_get_link(ctx.lowerpath.dentry, &done);
828 if (IS_ERR(ctx.link))
829 return PTR_ERR(ctx.link);
830 }
831
832 err = ovl_copy_up_start(dentry, flags);
833 /* err < 0: interrupted, err > 0: raced with another copy-up */
834 if (unlikely(err)) {
835 if (err > 0)
836 err = 0;
837 } else {
838 if (!ovl_dentry_upper(dentry))
839 err = ovl_do_copy_up(&ctx);
840 if (!err && parent && !ovl_dentry_has_upper_alias(dentry))
841 err = ovl_link_up(&ctx);
842 if (!err && ovl_dentry_needs_data_copy_up_locked(dentry, flags))
843 err = ovl_copy_up_meta_inode_data(&ctx);
844 ovl_copy_up_end(dentry);
845 }
846 do_delayed_call(&done);
847
848 return err;
849 }
850
ovl_copy_up_flags(struct dentry * dentry,int flags)851 int ovl_copy_up_flags(struct dentry *dentry, int flags)
852 {
853 int err = 0;
854 const struct cred *old_cred = ovl_override_creds(dentry->d_sb);
855 bool disconnected = (dentry->d_flags & DCACHE_DISCONNECTED);
856
857 /*
858 * With NFS export, copy up can get called for a disconnected non-dir.
859 * In this case, we will copy up lower inode to index dir without
860 * linking it to upper dir.
861 */
862 if (WARN_ON(disconnected && d_is_dir(dentry)))
863 return -EIO;
864
865 while (!err) {
866 struct dentry *next;
867 struct dentry *parent = NULL;
868
869 if (ovl_already_copied_up(dentry, flags))
870 break;
871
872 next = dget(dentry);
873 /* find the topmost dentry not yet copied up */
874 for (; !disconnected;) {
875 parent = dget_parent(next);
876
877 if (ovl_dentry_upper(parent))
878 break;
879
880 dput(next);
881 next = parent;
882 }
883
884 err = ovl_copy_up_one(parent, next, flags);
885
886 dput(parent);
887 dput(next);
888 }
889 revert_creds(old_cred);
890
891 return err;
892 }
893
ovl_open_need_copy_up(struct dentry * dentry,int flags)894 static bool ovl_open_need_copy_up(struct dentry *dentry, int flags)
895 {
896 /* Copy up of disconnected dentry does not set upper alias */
897 if (ovl_already_copied_up(dentry, flags))
898 return false;
899
900 if (special_file(d_inode(dentry)->i_mode))
901 return false;
902
903 if (!ovl_open_flags_need_copy_up(flags))
904 return false;
905
906 return true;
907 }
908
ovl_maybe_copy_up(struct dentry * dentry,int flags)909 int ovl_maybe_copy_up(struct dentry *dentry, int flags)
910 {
911 int err = 0;
912
913 if (ovl_open_need_copy_up(dentry, flags)) {
914 err = ovl_want_write(dentry);
915 if (!err) {
916 err = ovl_copy_up_flags(dentry, flags);
917 ovl_drop_write(dentry);
918 }
919 }
920
921 return err;
922 }
923
ovl_copy_up_with_data(struct dentry * dentry)924 int ovl_copy_up_with_data(struct dentry *dentry)
925 {
926 return ovl_copy_up_flags(dentry, O_WRONLY);
927 }
928
ovl_copy_up(struct dentry * dentry)929 int ovl_copy_up(struct dentry *dentry)
930 {
931 return ovl_copy_up_flags(dentry, 0);
932 }
933