]>
Commit | Line | Data |
---|---|---|
d2912cb1 | 1 | // SPDX-License-Identifier: GPL-2.0-only |
bbb1e54d MS |
2 | /* |
3 | * Copyright (C) 2011 Novell Inc. | |
4 | * Copyright (C) 2016 Red Hat, Inc. | |
bbb1e54d MS |
5 | */ |
6 | ||
7 | #include <linux/fs.h> | |
5b825c3a | 8 | #include <linux/cred.h> |
9ee60ce2 | 9 | #include <linux/ctype.h> |
bbb1e54d MS |
10 | #include <linux/namei.h> |
11 | #include <linux/xattr.h> | |
02b69b28 | 12 | #include <linux/ratelimit.h> |
a9d01957 AG |
13 | #include <linux/mount.h> |
14 | #include <linux/exportfs.h> | |
bbb1e54d | 15 | #include "overlayfs.h" |
bbb1e54d | 16 | |
e28edc46 | 17 | struct ovl_lookup_data { |
146d62e5 | 18 | struct super_block *sb; |
e28edc46 MS |
19 | struct qstr name; |
20 | bool is_dir; | |
21 | bool opaque; | |
22 | bool stop; | |
23 | bool last; | |
02b69b28 | 24 | char *redirect; |
9d3dfea3 | 25 | bool metacopy; |
e28edc46 | 26 | }; |
bbb1e54d | 27 | |
02b69b28 MS |
28 | static int ovl_check_redirect(struct dentry *dentry, struct ovl_lookup_data *d, |
29 | size_t prelen, const char *post) | |
30 | { | |
31 | int res; | |
0a2d0d3f | 32 | char *buf; |
02b69b28 | 33 | |
0a2d0d3f VG |
34 | buf = ovl_get_redirect_xattr(dentry, prelen + strlen(post)); |
35 | if (IS_ERR_OR_NULL(buf)) | |
36 | return PTR_ERR(buf); | |
02b69b28 | 37 | |
02b69b28 | 38 | if (buf[0] == '/') { |
3ec9b3fa AG |
39 | /* |
40 | * One of the ancestor path elements in an absolute path | |
41 | * lookup in ovl_lookup_layer() could have been opaque and | |
42 | * that will stop further lookup in lower layers (d->stop=true) | |
43 | * But we have found an absolute redirect in decendant path | |
44 | * element and that should force continue lookup in lower | |
45 | * layers (reset d->stop). | |
46 | */ | |
47 | d->stop = false; | |
02b69b28 | 48 | } else { |
0a2d0d3f | 49 | res = strlen(buf) + 1; |
02b69b28 MS |
50 | memmove(buf + prelen, buf, res); |
51 | memcpy(buf, d->name.name, prelen); | |
52 | } | |
53 | ||
54 | strcat(buf, post); | |
55 | kfree(d->redirect); | |
56 | d->redirect = buf; | |
57 | d->name.name = d->redirect; | |
58 | d->name.len = strlen(d->redirect); | |
59 | ||
60 | return 0; | |
02b69b28 MS |
61 | } |
62 | ||
a9d01957 AG |
63 | static int ovl_acceptable(void *ctx, struct dentry *dentry) |
64 | { | |
e8f9e5b7 AG |
65 | /* |
66 | * A non-dir origin may be disconnected, which is fine, because | |
67 | * we only need it for its unique inode number. | |
68 | */ | |
69 | if (!d_is_dir(dentry)) | |
70 | return 1; | |
71 | ||
72 | /* Don't decode a deleted empty directory */ | |
73 | if (d_unhashed(dentry)) | |
74 | return 0; | |
75 | ||
76 | /* Check if directory belongs to the layer we are decoding from */ | |
77 | return is_subdir(dentry, ((struct vfsmount *)ctx)->mnt_root); | |
a9d01957 AG |
78 | } |
79 | ||
2e1a5328 AG |
80 | /* |
81 | * Check validity of an overlay file handle buffer. | |
82 | * | |
83 | * Return 0 for a valid file handle. | |
84 | * Return -ENODATA for "origin unknown". | |
85 | * Return <0 for an invalid file handle. | |
86 | */ | |
8556a420 | 87 | int ovl_check_fh_len(struct ovl_fh *fh, int fh_len) |
2e1a5328 AG |
88 | { |
89 | if (fh_len < sizeof(struct ovl_fh) || fh_len < fh->len) | |
90 | return -EINVAL; | |
91 | ||
92 | if (fh->magic != OVL_FH_MAGIC) | |
93 | return -EINVAL; | |
94 | ||
95 | /* Treat larger version and unknown flags as "origin unknown" */ | |
96 | if (fh->version > OVL_FH_VERSION || fh->flags & ~OVL_FH_FLAG_ALL) | |
97 | return -ENODATA; | |
98 | ||
99 | /* Treat endianness mismatch as "origin unknown" */ | |
100 | if (!(fh->flags & OVL_FH_FLAG_ANY_ENDIAN) && | |
101 | (fh->flags & OVL_FH_FLAG_BIG_ENDIAN) != OVL_FH_FLAG_CPU_ENDIAN) | |
102 | return -ENODATA; | |
103 | ||
104 | return 0; | |
105 | } | |
106 | ||
05122443 | 107 | static struct ovl_fh *ovl_get_fh(struct dentry *dentry, const char *name) |
a9d01957 | 108 | { |
2e1a5328 | 109 | int res, err; |
a9d01957 | 110 | struct ovl_fh *fh = NULL; |
a9d01957 | 111 | |
05122443 | 112 | res = vfs_getxattr(dentry, name, NULL, 0); |
a9d01957 AG |
113 | if (res < 0) { |
114 | if (res == -ENODATA || res == -EOPNOTSUPP) | |
115 | return NULL; | |
116 | goto fail; | |
117 | } | |
118 | /* Zero size value means "copied up but origin unknown" */ | |
119 | if (res == 0) | |
120 | return NULL; | |
121 | ||
2e1a5328 | 122 | fh = kzalloc(res, GFP_KERNEL); |
a9d01957 AG |
123 | if (!fh) |
124 | return ERR_PTR(-ENOMEM); | |
125 | ||
05122443 | 126 | res = vfs_getxattr(dentry, name, fh, res); |
a9d01957 AG |
127 | if (res < 0) |
128 | goto fail; | |
129 | ||
2e1a5328 AG |
130 | err = ovl_check_fh_len(fh, res); |
131 | if (err < 0) { | |
132 | if (err == -ENODATA) | |
133 | goto out; | |
a9d01957 | 134 | goto invalid; |
2e1a5328 | 135 | } |
a9d01957 | 136 | |
8b88a2e6 AG |
137 | return fh; |
138 | ||
139 | out: | |
140 | kfree(fh); | |
141 | return NULL; | |
142 | ||
143 | fail: | |
144 | pr_warn_ratelimited("overlayfs: failed to get origin (%i)\n", res); | |
145 | goto out; | |
146 | invalid: | |
147 | pr_warn_ratelimited("overlayfs: invalid origin (%*phN)\n", res, fh); | |
148 | goto out; | |
149 | } | |
150 | ||
8a22efa1 AG |
151 | struct dentry *ovl_decode_real_fh(struct ovl_fh *fh, struct vfsmount *mnt, |
152 | bool connected) | |
8b88a2e6 | 153 | { |
e8f9e5b7 | 154 | struct dentry *real; |
8b88a2e6 AG |
155 | int bytes; |
156 | ||
a9d01957 AG |
157 | /* |
158 | * Make sure that the stored uuid matches the uuid of the lower | |
159 | * layer where file handle will be decoded. | |
160 | */ | |
85787090 | 161 | if (!uuid_equal(&fh->uuid, &mnt->mnt_sb->s_uuid)) |
2e1a5328 | 162 | return NULL; |
a9d01957 | 163 | |
8b88a2e6 | 164 | bytes = (fh->len - offsetof(struct ovl_fh, fid)); |
e8f9e5b7 AG |
165 | real = exportfs_decode_fh(mnt, (struct fid *)fh->fid, |
166 | bytes >> 2, (int)fh->type, | |
8a22efa1 | 167 | connected ? ovl_acceptable : NULL, mnt); |
e8f9e5b7 AG |
168 | if (IS_ERR(real)) { |
169 | /* | |
170 | * Treat stale file handle to lower file as "origin unknown". | |
171 | * upper file handle could become stale when upper file is | |
172 | * unlinked and this information is needed to handle stale | |
173 | * index entries correctly. | |
174 | */ | |
175 | if (real == ERR_PTR(-ESTALE) && | |
176 | !(fh->flags & OVL_FH_FLAG_PATH_UPPER)) | |
177 | real = NULL; | |
178 | return real; | |
a9d01957 AG |
179 | } |
180 | ||
e8f9e5b7 AG |
181 | if (ovl_dentry_weird(real)) { |
182 | dput(real); | |
2e1a5328 AG |
183 | return NULL; |
184 | } | |
a9d01957 | 185 | |
e8f9e5b7 | 186 | return real; |
a9d01957 AG |
187 | } |
188 | ||
ee1d6d37 AG |
189 | static bool ovl_is_opaquedir(struct dentry *dentry) |
190 | { | |
191 | return ovl_check_dir_xattr(dentry, OVL_XATTR_OPAQUE); | |
192 | } | |
193 | ||
e28edc46 MS |
194 | static int ovl_lookup_single(struct dentry *base, struct ovl_lookup_data *d, |
195 | const char *name, unsigned int namelen, | |
02b69b28 | 196 | size_t prelen, const char *post, |
e28edc46 MS |
197 | struct dentry **ret) |
198 | { | |
199 | struct dentry *this; | |
200 | int err; | |
102b0d11 | 201 | bool last_element = !post[0]; |
e28edc46 MS |
202 | |
203 | this = lookup_one_len_unlocked(name, base, namelen); | |
204 | if (IS_ERR(this)) { | |
205 | err = PTR_ERR(this); | |
206 | this = NULL; | |
207 | if (err == -ENOENT || err == -ENAMETOOLONG) | |
208 | goto out; | |
209 | goto out_err; | |
210 | } | |
211 | if (!this->d_inode) | |
212 | goto put_and_out; | |
213 | ||
214 | if (ovl_dentry_weird(this)) { | |
215 | /* Don't support traversing automounts and other weirdness */ | |
216 | err = -EREMOTE; | |
217 | goto out_err; | |
218 | } | |
219 | if (ovl_is_whiteout(this)) { | |
220 | d->stop = d->opaque = true; | |
221 | goto put_and_out; | |
222 | } | |
9d3dfea3 VG |
223 | /* |
224 | * This dentry should be a regular file if previous layer lookup | |
225 | * found a metacopy dentry. | |
226 | */ | |
227 | if (last_element && d->metacopy && !d_is_reg(this)) { | |
e28edc46 | 228 | d->stop = true; |
9d3dfea3 VG |
229 | goto put_and_out; |
230 | } | |
231 | if (!d_can_lookup(this)) { | |
232 | if (d->is_dir || !last_element) { | |
233 | d->stop = true; | |
e28edc46 | 234 | goto put_and_out; |
9d3dfea3 VG |
235 | } |
236 | err = ovl_check_metacopy_xattr(this); | |
237 | if (err < 0) | |
238 | goto out_err; | |
3a291774 | 239 | |
9d3dfea3 VG |
240 | d->metacopy = err; |
241 | d->stop = !d->metacopy; | |
b8a8824c VG |
242 | if (!d->metacopy || d->last) |
243 | goto out; | |
0618a816 | 244 | } else { |
146d62e5 AG |
245 | if (ovl_lookup_trap_inode(d->sb, this)) { |
246 | /* Caught in a trap of overlapping layers */ | |
247 | err = -ELOOP; | |
248 | goto out_err; | |
249 | } | |
250 | ||
102b0d11 | 251 | if (last_element) |
0618a816 VG |
252 | d->is_dir = true; |
253 | if (d->last) | |
254 | goto out; | |
255 | ||
256 | if (ovl_is_opaquedir(this)) { | |
257 | d->stop = true; | |
258 | if (last_element) | |
259 | d->opaque = true; | |
260 | goto out; | |
261 | } | |
e28edc46 | 262 | } |
02b69b28 MS |
263 | err = ovl_check_redirect(this, d, prelen, post); |
264 | if (err) | |
265 | goto out_err; | |
e28edc46 MS |
266 | out: |
267 | *ret = this; | |
268 | return 0; | |
269 | ||
270 | put_and_out: | |
271 | dput(this); | |
272 | this = NULL; | |
273 | goto out; | |
274 | ||
275 | out_err: | |
276 | dput(this); | |
277 | return err; | |
278 | } | |
279 | ||
280 | static int ovl_lookup_layer(struct dentry *base, struct ovl_lookup_data *d, | |
281 | struct dentry **ret) | |
282 | { | |
4c7d0c9c AG |
283 | /* Counting down from the end, since the prefix can change */ |
284 | size_t rem = d->name.len - 1; | |
02b69b28 MS |
285 | struct dentry *dentry = NULL; |
286 | int err; | |
287 | ||
4c7d0c9c | 288 | if (d->name.name[0] != '/') |
02b69b28 MS |
289 | return ovl_lookup_single(base, d, d->name.name, d->name.len, |
290 | 0, "", ret); | |
291 | ||
4c7d0c9c AG |
292 | while (!IS_ERR_OR_NULL(base) && d_can_lookup(base)) { |
293 | const char *s = d->name.name + d->name.len - rem; | |
02b69b28 | 294 | const char *next = strchrnul(s, '/'); |
4c7d0c9c AG |
295 | size_t thislen = next - s; |
296 | bool end = !next[0]; | |
02b69b28 | 297 | |
4c7d0c9c AG |
298 | /* Verify we did not go off the rails */ |
299 | if (WARN_ON(s[-1] != '/')) | |
02b69b28 MS |
300 | return -EIO; |
301 | ||
4c7d0c9c AG |
302 | err = ovl_lookup_single(base, d, s, thislen, |
303 | d->name.len - rem, next, &base); | |
02b69b28 MS |
304 | dput(dentry); |
305 | if (err) | |
306 | return err; | |
307 | dentry = base; | |
4c7d0c9c AG |
308 | if (end) |
309 | break; | |
310 | ||
311 | rem -= thislen + 1; | |
312 | ||
313 | if (WARN_ON(rem >= d->name.len)) | |
314 | return -EIO; | |
02b69b28 MS |
315 | } |
316 | *ret = dentry; | |
317 | return 0; | |
e28edc46 MS |
318 | } |
319 | ||
a9d01957 | 320 | |
8a22efa1 | 321 | int ovl_check_origin_fh(struct ovl_fs *ofs, struct ovl_fh *fh, bool connected, |
f941866f | 322 | struct dentry *upperdentry, struct ovl_path **stackp) |
a9d01957 | 323 | { |
f7d3daca AG |
324 | struct dentry *origin = NULL; |
325 | int i; | |
a9d01957 | 326 | |
1eff1a1d | 327 | for (i = 0; i < ofs->numlower; i++) { |
8a22efa1 AG |
328 | origin = ovl_decode_real_fh(fh, ofs->lower_layers[i].mnt, |
329 | connected); | |
f7d3daca AG |
330 | if (origin) |
331 | break; | |
332 | } | |
333 | ||
334 | if (!origin) | |
2e1a5328 AG |
335 | return -ESTALE; |
336 | else if (IS_ERR(origin)) | |
337 | return PTR_ERR(origin); | |
338 | ||
f941866f | 339 | if (upperdentry && !ovl_is_whiteout(upperdentry) && |
2e1a5328 AG |
340 | ((d_inode(origin)->i_mode ^ d_inode(upperdentry)->i_mode) & S_IFMT)) |
341 | goto invalid; | |
a9d01957 | 342 | |
415543d5 | 343 | if (!*stackp) |
b9343632 | 344 | *stackp = kmalloc(sizeof(struct ovl_path), GFP_KERNEL); |
a9d01957 AG |
345 | if (!*stackp) { |
346 | dput(origin); | |
347 | return -ENOMEM; | |
348 | } | |
1eff1a1d AG |
349 | **stackp = (struct ovl_path){ |
350 | .dentry = origin, | |
351 | .layer = &ofs->lower_layers[i] | |
352 | }; | |
a9d01957 AG |
353 | |
354 | return 0; | |
2e1a5328 AG |
355 | |
356 | invalid: | |
357 | pr_warn_ratelimited("overlayfs: invalid origin (%pd2, ftype=%x, origin ftype=%x).\n", | |
358 | upperdentry, d_inode(upperdentry)->i_mode & S_IFMT, | |
359 | d_inode(origin)->i_mode & S_IFMT); | |
360 | dput(origin); | |
361 | return -EIO; | |
362 | } | |
363 | ||
1eff1a1d | 364 | static int ovl_check_origin(struct ovl_fs *ofs, struct dentry *upperdentry, |
2e1a5328 AG |
365 | struct ovl_path **stackp, unsigned int *ctrp) |
366 | { | |
05122443 | 367 | struct ovl_fh *fh = ovl_get_fh(upperdentry, OVL_XATTR_ORIGIN); |
2e1a5328 AG |
368 | int err; |
369 | ||
370 | if (IS_ERR_OR_NULL(fh)) | |
371 | return PTR_ERR(fh); | |
372 | ||
8a22efa1 | 373 | err = ovl_check_origin_fh(ofs, fh, false, upperdentry, stackp); |
2e1a5328 AG |
374 | kfree(fh); |
375 | ||
376 | if (err) { | |
377 | if (err == -ESTALE) | |
378 | return 0; | |
379 | return err; | |
380 | } | |
381 | ||
382 | if (WARN_ON(*ctrp)) | |
383 | return -EIO; | |
384 | ||
385 | *ctrp = 1; | |
386 | return 0; | |
a9d01957 AG |
387 | } |
388 | ||
8b88a2e6 | 389 | /* |
05122443 | 390 | * Verify that @fh matches the file handle stored in xattr @name. |
8b88a2e6 AG |
391 | * Return 0 on match, -ESTALE on mismatch, < 0 on error. |
392 | */ | |
05122443 AG |
393 | static int ovl_verify_fh(struct dentry *dentry, const char *name, |
394 | const struct ovl_fh *fh) | |
8b88a2e6 | 395 | { |
05122443 | 396 | struct ovl_fh *ofh = ovl_get_fh(dentry, name); |
8b88a2e6 AG |
397 | int err = 0; |
398 | ||
399 | if (!ofh) | |
400 | return -ENODATA; | |
401 | ||
402 | if (IS_ERR(ofh)) | |
403 | return PTR_ERR(ofh); | |
404 | ||
405 | if (fh->len != ofh->len || memcmp(fh, ofh, fh->len)) | |
406 | err = -ESTALE; | |
407 | ||
408 | kfree(ofh); | |
409 | return err; | |
410 | } | |
411 | ||
412 | /* | |
05122443 | 413 | * Verify that @real dentry matches the file handle stored in xattr @name. |
8b88a2e6 | 414 | * |
05122443 AG |
415 | * If @set is true and there is no stored file handle, encode @real and store |
416 | * file handle in xattr @name. | |
8b88a2e6 | 417 | * |
05122443 | 418 | * Return 0 on match, -ESTALE on mismatch, -ENODATA on no xattr, < 0 on error. |
8b88a2e6 | 419 | */ |
05122443 AG |
420 | int ovl_verify_set_fh(struct dentry *dentry, const char *name, |
421 | struct dentry *real, bool is_upper, bool set) | |
8b88a2e6 AG |
422 | { |
423 | struct inode *inode; | |
424 | struct ovl_fh *fh; | |
425 | int err; | |
426 | ||
5b2cccd3 | 427 | fh = ovl_encode_real_fh(real, is_upper); |
8b88a2e6 | 428 | err = PTR_ERR(fh); |
babf4770 AG |
429 | if (IS_ERR(fh)) { |
430 | fh = NULL; | |
8b88a2e6 | 431 | goto fail; |
babf4770 | 432 | } |
8b88a2e6 | 433 | |
05122443 | 434 | err = ovl_verify_fh(dentry, name, fh); |
8b88a2e6 | 435 | if (set && err == -ENODATA) |
05122443 | 436 | err = ovl_do_setxattr(dentry, name, fh, fh->len, 0); |
8b88a2e6 AG |
437 | if (err) |
438 | goto fail; | |
439 | ||
440 | out: | |
441 | kfree(fh); | |
442 | return err; | |
443 | ||
444 | fail: | |
05122443 AG |
445 | inode = d_inode(real); |
446 | pr_warn_ratelimited("overlayfs: failed to verify %s (%pd2, ino=%lu, err=%i)\n", | |
447 | is_upper ? "upper" : "origin", real, | |
448 | inode ? inode->i_ino : 0, err); | |
8b88a2e6 AG |
449 | goto out; |
450 | } | |
451 | ||
e8f9e5b7 | 452 | /* Get upper dentry from index */ |
3b0bfc6e | 453 | struct dentry *ovl_index_upper(struct ovl_fs *ofs, struct dentry *index) |
e8f9e5b7 AG |
454 | { |
455 | struct ovl_fh *fh; | |
456 | struct dentry *upper; | |
457 | ||
458 | if (!d_is_dir(index)) | |
459 | return dget(index); | |
460 | ||
461 | fh = ovl_get_fh(index, OVL_XATTR_UPPER); | |
462 | if (IS_ERR_OR_NULL(fh)) | |
463 | return ERR_CAST(fh); | |
464 | ||
8a22efa1 | 465 | upper = ovl_decode_real_fh(fh, ofs->upper_mnt, true); |
e8f9e5b7 AG |
466 | kfree(fh); |
467 | ||
468 | if (IS_ERR_OR_NULL(upper)) | |
469 | return upper ?: ERR_PTR(-ESTALE); | |
470 | ||
471 | if (!d_is_dir(upper)) { | |
472 | pr_warn_ratelimited("overlayfs: invalid index upper (%pd2, upper=%pd2).\n", | |
473 | index, upper); | |
474 | dput(upper); | |
475 | return ERR_PTR(-EIO); | |
476 | } | |
477 | ||
478 | return upper; | |
479 | } | |
480 | ||
9ee60ce2 AG |
481 | /* Is this a leftover from create/whiteout of directory index entry? */ |
482 | static bool ovl_is_temp_index(struct dentry *index) | |
483 | { | |
484 | return index->d_name.name[0] == '#'; | |
485 | } | |
486 | ||
415543d5 AG |
487 | /* |
488 | * Verify that an index entry name matches the origin file handle stored in | |
489 | * OVL_XATTR_ORIGIN and that origin file handle can be decoded to lower path. | |
490 | * Return 0 on match, -ESTALE on mismatch or stale origin, < 0 on error. | |
491 | */ | |
1eff1a1d | 492 | int ovl_verify_index(struct ovl_fs *ofs, struct dentry *index) |
415543d5 AG |
493 | { |
494 | struct ovl_fh *fh = NULL; | |
495 | size_t len; | |
b9343632 CR |
496 | struct ovl_path origin = { }; |
497 | struct ovl_path *stack = &origin; | |
e8f9e5b7 | 498 | struct dentry *upper = NULL; |
415543d5 AG |
499 | int err; |
500 | ||
501 | if (!d_inode(index)) | |
502 | return 0; | |
503 | ||
9ee60ce2 AG |
504 | /* Cleanup leftover from index create/cleanup attempt */ |
505 | err = -ESTALE; | |
506 | if (ovl_is_temp_index(index)) | |
507 | goto fail; | |
508 | ||
fa0096e3 | 509 | err = -EINVAL; |
415543d5 AG |
510 | if (index->d_name.len < sizeof(struct ovl_fh)*2) |
511 | goto fail; | |
512 | ||
513 | err = -ENOMEM; | |
514 | len = index->d_name.len / 2; | |
0ee931c4 | 515 | fh = kzalloc(len, GFP_KERNEL); |
415543d5 AG |
516 | if (!fh) |
517 | goto fail; | |
518 | ||
519 | err = -EINVAL; | |
2e1a5328 AG |
520 | if (hex2bin((u8 *)fh, index->d_name.name, len)) |
521 | goto fail; | |
522 | ||
523 | err = ovl_check_fh_len(fh, len); | |
524 | if (err) | |
415543d5 AG |
525 | goto fail; |
526 | ||
7db25d36 AG |
527 | /* |
528 | * Whiteout index entries are used as an indication that an exported | |
529 | * overlay file handle should be treated as stale (i.e. after unlink | |
530 | * of the overlay inode). These entries contain no origin xattr. | |
531 | */ | |
532 | if (ovl_is_whiteout(index)) | |
533 | goto out; | |
534 | ||
e8f9e5b7 AG |
535 | /* |
536 | * Verifying directory index entries are not stale is expensive, so | |
537 | * only verify stale dir index if NFS export is enabled. | |
538 | */ | |
539 | if (d_is_dir(index) && !ofs->config.nfs_export) | |
540 | goto out; | |
541 | ||
542 | /* | |
543 | * Directory index entries should have 'upper' xattr pointing to the | |
544 | * real upper dir. Non-dir index entries are hardlinks to the upper | |
545 | * real inode. For non-dir index, we can read the copy up origin xattr | |
546 | * directly from the index dentry, but for dir index we first need to | |
547 | * decode the upper directory. | |
548 | */ | |
549 | upper = ovl_index_upper(ofs, index); | |
550 | if (IS_ERR_OR_NULL(upper)) { | |
551 | err = PTR_ERR(upper); | |
24f0b172 AG |
552 | /* |
553 | * Directory index entries with no 'upper' xattr need to be | |
554 | * removed. When dir index entry has a stale 'upper' xattr, | |
555 | * we assume that upper dir was removed and we treat the dir | |
556 | * index as orphan entry that needs to be whited out. | |
557 | */ | |
558 | if (err == -ESTALE) | |
559 | goto orphan; | |
560 | else if (!err) | |
e8f9e5b7 | 561 | err = -ESTALE; |
415543d5 | 562 | goto fail; |
e8f9e5b7 | 563 | } |
415543d5 | 564 | |
e8f9e5b7 AG |
565 | err = ovl_verify_fh(upper, OVL_XATTR_ORIGIN, fh); |
566 | dput(upper); | |
415543d5 AG |
567 | if (err) |
568 | goto fail; | |
569 | ||
e8f9e5b7 AG |
570 | /* Check if non-dir index is orphan and don't warn before cleaning it */ |
571 | if (!d_is_dir(index) && d_inode(index)->i_nlink == 1) { | |
8a22efa1 | 572 | err = ovl_check_origin_fh(ofs, fh, false, index, &stack); |
e8f9e5b7 AG |
573 | if (err) |
574 | goto fail; | |
575 | ||
576 | if (ovl_get_nlink(origin.dentry, index, 0) == 0) | |
24f0b172 | 577 | goto orphan; |
e8f9e5b7 | 578 | } |
caf70cb2 | 579 | |
415543d5 | 580 | out: |
e8f9e5b7 | 581 | dput(origin.dentry); |
415543d5 AG |
582 | kfree(fh); |
583 | return err; | |
584 | ||
585 | fail: | |
61b67471 AG |
586 | pr_warn_ratelimited("overlayfs: failed to verify index (%pd2, ftype=%x, err=%i)\n", |
587 | index, d_inode(index)->i_mode & S_IFMT, err); | |
415543d5 | 588 | goto out; |
24f0b172 AG |
589 | |
590 | orphan: | |
591 | pr_warn_ratelimited("overlayfs: orphan index entry (%pd2, ftype=%x, nlink=%u)\n", | |
592 | index, d_inode(index)->i_mode & S_IFMT, | |
593 | d_inode(index)->i_nlink); | |
594 | err = -ENOENT; | |
595 | goto out; | |
415543d5 AG |
596 | } |
597 | ||
91ffe7be AG |
598 | static int ovl_get_index_name_fh(struct ovl_fh *fh, struct qstr *name) |
599 | { | |
600 | char *n, *s; | |
601 | ||
6396bb22 | 602 | n = kcalloc(fh->len, 2, GFP_KERNEL); |
91ffe7be AG |
603 | if (!n) |
604 | return -ENOMEM; | |
605 | ||
606 | s = bin2hex(n, fh, fh->len); | |
607 | *name = (struct qstr) QSTR_INIT(n, s - n); | |
608 | ||
609 | return 0; | |
610 | ||
611 | } | |
612 | ||
359f392c AG |
613 | /* |
614 | * Lookup in indexdir for the index entry of a lower real inode or a copy up | |
615 | * origin inode. The index entry name is the hex representation of the lower | |
616 | * inode file handle. | |
617 | * | |
618 | * If the index dentry in negative, then either no lower aliases have been | |
619 | * copied up yet, or aliases have been copied up in older kernels and are | |
620 | * not indexed. | |
621 | * | |
622 | * If the index dentry for a copy up origin inode is positive, but points | |
623 | * to an inode different than the upper inode, then either the upper inode | |
624 | * has been copied up and not indexed or it was indexed, but since then | |
625 | * index dir was cleared. Either way, that index cannot be used to indentify | |
626 | * the overlay inode. | |
627 | */ | |
628 | int ovl_get_index_name(struct dentry *origin, struct qstr *name) | |
629 | { | |
359f392c | 630 | struct ovl_fh *fh; |
91ffe7be | 631 | int err; |
359f392c | 632 | |
5b2cccd3 | 633 | fh = ovl_encode_real_fh(origin, false); |
359f392c AG |
634 | if (IS_ERR(fh)) |
635 | return PTR_ERR(fh); | |
636 | ||
91ffe7be | 637 | err = ovl_get_index_name_fh(fh, name); |
359f392c | 638 | |
91ffe7be | 639 | kfree(fh); |
359f392c | 640 | return err; |
91ffe7be AG |
641 | } |
642 | ||
643 | /* Lookup index by file handle for NFS export */ | |
644 | struct dentry *ovl_get_index_fh(struct ovl_fs *ofs, struct ovl_fh *fh) | |
645 | { | |
646 | struct dentry *index; | |
647 | struct qstr name; | |
648 | int err; | |
649 | ||
650 | err = ovl_get_index_name_fh(fh, &name); | |
651 | if (err) | |
652 | return ERR_PTR(err); | |
653 | ||
654 | index = lookup_one_len_unlocked(name.name, ofs->indexdir, name.len); | |
655 | kfree(name.name); | |
656 | if (IS_ERR(index)) { | |
657 | if (PTR_ERR(index) == -ENOENT) | |
658 | index = NULL; | |
659 | return index; | |
660 | } | |
661 | ||
662 | if (d_is_negative(index)) | |
663 | err = 0; | |
664 | else if (ovl_is_whiteout(index)) | |
665 | err = -ESTALE; | |
666 | else if (ovl_dentry_weird(index)) | |
667 | err = -EIO; | |
668 | else | |
669 | return index; | |
359f392c | 670 | |
91ffe7be AG |
671 | dput(index); |
672 | return ERR_PTR(err); | |
359f392c AG |
673 | } |
674 | ||
06170154 AG |
675 | struct dentry *ovl_lookup_index(struct ovl_fs *ofs, struct dentry *upper, |
676 | struct dentry *origin, bool verify) | |
359f392c | 677 | { |
359f392c AG |
678 | struct dentry *index; |
679 | struct inode *inode; | |
680 | struct qstr name; | |
ad1d615c | 681 | bool is_dir = d_is_dir(origin); |
359f392c AG |
682 | int err; |
683 | ||
684 | err = ovl_get_index_name(origin, &name); | |
685 | if (err) | |
686 | return ERR_PTR(err); | |
687 | ||
688 | index = lookup_one_len_unlocked(name.name, ofs->indexdir, name.len); | |
689 | if (IS_ERR(index)) { | |
e0082a0f | 690 | err = PTR_ERR(index); |
7937a56f AG |
691 | if (err == -ENOENT) { |
692 | index = NULL; | |
693 | goto out; | |
694 | } | |
601350ff | 695 | pr_warn_ratelimited("overlayfs: failed inode index lookup (ino=%lu, key=%.*s, err=%i);\n" |
359f392c AG |
696 | "overlayfs: mount with '-o index=off' to disable inodes index.\n", |
697 | d_inode(origin)->i_ino, name.len, name.name, | |
698 | err); | |
699 | goto out; | |
700 | } | |
701 | ||
0e082555 | 702 | inode = d_inode(index); |
359f392c | 703 | if (d_is_negative(index)) { |
6eaf0111 | 704 | goto out_dput; |
06170154 AG |
705 | } else if (ovl_is_whiteout(index) && !verify) { |
706 | /* | |
707 | * When index lookup is called with !verify for decoding an | |
708 | * overlay file handle, a whiteout index implies that decode | |
709 | * should treat file handle as stale and no need to print a | |
710 | * warning about it. | |
711 | */ | |
712 | dput(index); | |
713 | index = ERR_PTR(-ESTALE); | |
714 | goto out; | |
0e082555 AG |
715 | } else if (ovl_dentry_weird(index) || ovl_is_whiteout(index) || |
716 | ((inode->i_mode ^ d_inode(origin)->i_mode) & S_IFMT)) { | |
717 | /* | |
718 | * Index should always be of the same file type as origin | |
719 | * except for the case of a whiteout index. A whiteout | |
720 | * index should only exist if all lower aliases have been | |
721 | * unlinked, which means that finding a lower origin on lookup | |
722 | * whose index is a whiteout should be treated as an error. | |
723 | */ | |
724 | pr_warn_ratelimited("overlayfs: bad index found (index=%pd2, ftype=%x, origin ftype=%x).\n", | |
725 | index, d_inode(index)->i_mode & S_IFMT, | |
726 | d_inode(origin)->i_mode & S_IFMT); | |
359f392c | 727 | goto fail; |
06170154 | 728 | } else if (is_dir && verify) { |
ad1d615c AG |
729 | if (!upper) { |
730 | pr_warn_ratelimited("overlayfs: suspected uncovered redirected dir found (origin=%pd2, index=%pd2).\n", | |
731 | origin, index); | |
732 | goto fail; | |
733 | } | |
359f392c | 734 | |
ad1d615c AG |
735 | /* Verify that dir index 'upper' xattr points to upper dir */ |
736 | err = ovl_verify_upper(index, upper, false); | |
737 | if (err) { | |
738 | if (err == -ESTALE) { | |
739 | pr_warn_ratelimited("overlayfs: suspected multiply redirected dir found (upper=%pd2, origin=%pd2, index=%pd2).\n", | |
740 | upper, origin, index); | |
741 | } | |
742 | goto fail; | |
743 | } | |
744 | } else if (upper && d_inode(upper) != inode) { | |
745 | goto out_dput; | |
746 | } | |
359f392c AG |
747 | out: |
748 | kfree(name.name); | |
749 | return index; | |
750 | ||
6eaf0111 AG |
751 | out_dput: |
752 | dput(index); | |
753 | index = NULL; | |
754 | goto out; | |
755 | ||
359f392c AG |
756 | fail: |
757 | dput(index); | |
758 | index = ERR_PTR(-EIO); | |
759 | goto out; | |
760 | } | |
761 | ||
bbb1e54d MS |
762 | /* |
763 | * Returns next layer in stack starting from top. | |
764 | * Returns -1 if this is the last layer. | |
765 | */ | |
766 | int ovl_path_next(int idx, struct dentry *dentry, struct path *path) | |
767 | { | |
768 | struct ovl_entry *oe = dentry->d_fsdata; | |
769 | ||
770 | BUG_ON(idx < 0); | |
771 | if (idx == 0) { | |
772 | ovl_path_upper(dentry, path); | |
773 | if (path->dentry) | |
774 | return oe->numlower ? 1 : -1; | |
775 | idx++; | |
776 | } | |
777 | BUG_ON(idx > oe->numlower); | |
b9343632 CR |
778 | path->dentry = oe->lowerstack[idx - 1].dentry; |
779 | path->mnt = oe->lowerstack[idx - 1].layer->mnt; | |
bbb1e54d MS |
780 | |
781 | return (idx < oe->numlower) ? idx + 1 : -1; | |
782 | } | |
783 | ||
9678e630 AG |
784 | /* Fix missing 'origin' xattr */ |
785 | static int ovl_fix_origin(struct dentry *dentry, struct dentry *lower, | |
786 | struct dentry *upper) | |
787 | { | |
788 | int err; | |
789 | ||
790 | if (ovl_check_origin_xattr(upper)) | |
791 | return 0; | |
792 | ||
793 | err = ovl_want_write(dentry); | |
794 | if (err) | |
795 | return err; | |
796 | ||
797 | err = ovl_set_origin(dentry, lower, upper); | |
798 | if (!err) | |
799 | err = ovl_set_impure(dentry->d_parent, upper->d_parent); | |
800 | ||
801 | ovl_drop_write(dentry); | |
802 | return err; | |
803 | } | |
804 | ||
bbb1e54d MS |
805 | struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry, |
806 | unsigned int flags) | |
807 | { | |
808 | struct ovl_entry *oe; | |
809 | const struct cred *old_cred; | |
6b2d5fe4 | 810 | struct ovl_fs *ofs = dentry->d_sb->s_fs_info; |
bbb1e54d | 811 | struct ovl_entry *poe = dentry->d_parent->d_fsdata; |
c22205d0 | 812 | struct ovl_entry *roe = dentry->d_sb->s_root->d_fsdata; |
9d3dfea3 | 813 | struct ovl_path *stack = NULL, *origin_path = NULL; |
bbb1e54d | 814 | struct dentry *upperdir, *upperdentry = NULL; |
ad1d615c | 815 | struct dentry *origin = NULL; |
359f392c | 816 | struct dentry *index = NULL; |
bbb1e54d MS |
817 | unsigned int ctr = 0; |
818 | struct inode *inode = NULL; | |
819 | bool upperopaque = false; | |
02b69b28 | 820 | char *upperredirect = NULL; |
bbb1e54d MS |
821 | struct dentry *this; |
822 | unsigned int i; | |
823 | int err; | |
9d3dfea3 | 824 | bool metacopy = false; |
e28edc46 | 825 | struct ovl_lookup_data d = { |
146d62e5 | 826 | .sb = dentry->d_sb, |
e28edc46 MS |
827 | .name = dentry->d_name, |
828 | .is_dir = false, | |
829 | .opaque = false, | |
830 | .stop = false, | |
452061fd | 831 | .last = ofs->config.redirect_follow ? false : !poe->numlower, |
02b69b28 | 832 | .redirect = NULL, |
9d3dfea3 | 833 | .metacopy = false, |
e28edc46 | 834 | }; |
bbb1e54d | 835 | |
6b2d5fe4 MS |
836 | if (dentry->d_name.len > ofs->namelen) |
837 | return ERR_PTR(-ENAMETOOLONG); | |
838 | ||
bbb1e54d | 839 | old_cred = ovl_override_creds(dentry->d_sb); |
09d8b586 | 840 | upperdir = ovl_dentry_upper(dentry->d_parent); |
bbb1e54d | 841 | if (upperdir) { |
e28edc46 MS |
842 | err = ovl_lookup_layer(upperdir, &d, &upperdentry); |
843 | if (err) | |
bbb1e54d MS |
844 | goto out; |
845 | ||
e28edc46 MS |
846 | if (upperdentry && unlikely(ovl_dentry_remote(upperdentry))) { |
847 | dput(upperdentry); | |
848 | err = -EREMOTE; | |
849 | goto out; | |
bbb1e54d | 850 | } |
a9d01957 | 851 | if (upperdentry && !d.is_dir) { |
9d3dfea3 VG |
852 | unsigned int origin_ctr = 0; |
853 | ||
f7d3daca AG |
854 | /* |
855 | * Lookup copy up origin by decoding origin file handle. | |
856 | * We may get a disconnected dentry, which is fine, | |
857 | * because we only need to hold the origin inode in | |
858 | * cache and use its inode number. We may even get a | |
859 | * connected dentry, that is not under any of the lower | |
860 | * layers root. That is also fine for using it's inode | |
861 | * number - it's the same as if we held a reference | |
862 | * to a dentry in lower layer that was moved under us. | |
863 | */ | |
9d3dfea3 VG |
864 | err = ovl_check_origin(ofs, upperdentry, &origin_path, |
865 | &origin_ctr); | |
a9d01957 | 866 | if (err) |
5455f92b | 867 | goto out_put_upper; |
9d3dfea3 VG |
868 | |
869 | if (d.metacopy) | |
870 | metacopy = true; | |
a9d01957 | 871 | } |
02b69b28 MS |
872 | |
873 | if (d.redirect) { | |
0ce5cdc9 | 874 | err = -ENOMEM; |
02b69b28 MS |
875 | upperredirect = kstrdup(d.redirect, GFP_KERNEL); |
876 | if (!upperredirect) | |
877 | goto out_put_upper; | |
878 | if (d.redirect[0] == '/') | |
c22205d0 | 879 | poe = roe; |
02b69b28 | 880 | } |
e28edc46 | 881 | upperopaque = d.opaque; |
bbb1e54d MS |
882 | } |
883 | ||
e28edc46 | 884 | if (!d.stop && poe->numlower) { |
bbb1e54d | 885 | err = -ENOMEM; |
b9343632 | 886 | stack = kcalloc(ofs->numlower, sizeof(struct ovl_path), |
0ee931c4 | 887 | GFP_KERNEL); |
bbb1e54d MS |
888 | if (!stack) |
889 | goto out_put_upper; | |
890 | } | |
891 | ||
e28edc46 | 892 | for (i = 0; !d.stop && i < poe->numlower; i++) { |
b9343632 | 893 | struct ovl_path lower = poe->lowerstack[i]; |
bbb1e54d | 894 | |
452061fd VG |
895 | if (!ofs->config.redirect_follow) |
896 | d.last = i == poe->numlower - 1; | |
897 | else | |
898 | d.last = lower.layer->idx == roe->numlower; | |
899 | ||
b9343632 | 900 | err = ovl_lookup_layer(lower.dentry, &d, &this); |
e28edc46 | 901 | if (err) |
bbb1e54d | 902 | goto out_put; |
6b2d5fe4 | 903 | |
bbb1e54d MS |
904 | if (!this) |
905 | continue; | |
bbb1e54d | 906 | |
9678e630 AG |
907 | /* |
908 | * If no origin fh is stored in upper of a merge dir, store fh | |
909 | * of lower dir and set upper parent "impure". | |
910 | */ | |
9d3dfea3 | 911 | if (upperdentry && !ctr && !ofs->noxattr && d.is_dir) { |
9678e630 AG |
912 | err = ovl_fix_origin(dentry, this, upperdentry); |
913 | if (err) { | |
914 | dput(this); | |
915 | goto out_put; | |
916 | } | |
917 | } | |
918 | ||
37b12916 AG |
919 | /* |
920 | * When "verify_lower" feature is enabled, do not merge with a | |
ad1d615c AG |
921 | * lower dir that does not match a stored origin xattr. In any |
922 | * case, only verified origin is used for index lookup. | |
9d3dfea3 VG |
923 | * |
924 | * For non-dir dentry, if index=on, then ensure origin | |
925 | * matches the dentry found using path based lookup, | |
926 | * otherwise error out. | |
37b12916 | 927 | */ |
9d3dfea3 VG |
928 | if (upperdentry && !ctr && |
929 | ((d.is_dir && ovl_verify_lower(dentry->d_sb)) || | |
930 | (!d.is_dir && ofs->config.index && origin_path))) { | |
37b12916 AG |
931 | err = ovl_verify_origin(upperdentry, this, false); |
932 | if (err) { | |
933 | dput(this); | |
9d3dfea3 VG |
934 | if (d.is_dir) |
935 | break; | |
936 | goto out_put; | |
37b12916 | 937 | } |
ad1d615c | 938 | origin = this; |
37b12916 AG |
939 | } |
940 | ||
9d3dfea3 VG |
941 | if (d.metacopy) |
942 | metacopy = true; | |
943 | /* | |
944 | * Do not store intermediate metacopy dentries in chain, | |
945 | * except top most lower metacopy dentry | |
946 | */ | |
947 | if (d.metacopy && ctr) { | |
948 | dput(this); | |
949 | continue; | |
950 | } | |
951 | ||
bbb1e54d | 952 | stack[ctr].dentry = this; |
b9343632 | 953 | stack[ctr].layer = lower.layer; |
bbb1e54d | 954 | ctr++; |
02b69b28 | 955 | |
438c84c2 MS |
956 | /* |
957 | * Following redirects can have security consequences: it's like | |
958 | * a symlink into the lower layer without the permission checks. | |
959 | * This is only a problem if the upper layer is untrusted (e.g | |
960 | * comes from an USB drive). This can allow a non-readable file | |
961 | * or directory to become readable. | |
962 | * | |
963 | * Only following redirects when redirects are enabled disables | |
964 | * this attack vector when not necessary. | |
965 | */ | |
966 | err = -EPERM; | |
967 | if (d.redirect && !ofs->config.redirect_follow) { | |
f8167817 AG |
968 | pr_warn_ratelimited("overlayfs: refusing to follow redirect for (%pd2)\n", |
969 | dentry); | |
438c84c2 MS |
970 | goto out_put; |
971 | } | |
972 | ||
d1fe96c0 VG |
973 | if (d.stop) |
974 | break; | |
975 | ||
c22205d0 AG |
976 | if (d.redirect && d.redirect[0] == '/' && poe != roe) { |
977 | poe = roe; | |
02b69b28 | 978 | /* Find the current layer on the root dentry */ |
d583ed7d | 979 | i = lower.layer->idx - 1; |
02b69b28 | 980 | } |
bbb1e54d MS |
981 | } |
982 | ||
9d3dfea3 VG |
983 | if (metacopy) { |
984 | /* | |
985 | * Found a metacopy dentry but did not find corresponding | |
986 | * data dentry | |
987 | */ | |
988 | if (d.metacopy) { | |
989 | err = -EIO; | |
990 | goto out_put; | |
991 | } | |
992 | ||
993 | err = -EPERM; | |
994 | if (!ofs->config.metacopy) { | |
995 | pr_warn_ratelimited("overlay: refusing to follow metacopy origin for (%pd2)\n", | |
996 | dentry); | |
997 | goto out_put; | |
998 | } | |
999 | } else if (!d.is_dir && upperdentry && !ctr && origin_path) { | |
1000 | if (WARN_ON(stack != NULL)) { | |
1001 | err = -EIO; | |
1002 | goto out_put; | |
1003 | } | |
1004 | stack = origin_path; | |
1005 | ctr = 1; | |
1006 | origin_path = NULL; | |
1007 | } | |
1008 | ||
ad1d615c AG |
1009 | /* |
1010 | * Lookup index by lower inode and verify it matches upper inode. | |
1011 | * We only trust dir index if we verified that lower dir matches | |
1012 | * origin, otherwise dir index entries may be inconsistent and we | |
9d3dfea3 VG |
1013 | * ignore them. |
1014 | * | |
1015 | * For non-dir upper metacopy dentry, we already set "origin" if we | |
1016 | * verified that lower matched upper origin. If upper origin was | |
1017 | * not present (because lower layer did not support fh encode/decode), | |
1018 | * or indexing is not enabled, do not set "origin" and skip looking up | |
1019 | * index. This case should be handled in same way as a non-dir upper | |
1020 | * without ORIGIN is handled. | |
1021 | * | |
1022 | * Always lookup index of non-dir non-metacopy and non-upper. | |
ad1d615c | 1023 | */ |
9d3dfea3 | 1024 | if (ctr && (!upperdentry || (!d.is_dir && !metacopy))) |
ad1d615c | 1025 | origin = stack[0].dentry; |
359f392c | 1026 | |
ad1d615c AG |
1027 | if (origin && ovl_indexdir(dentry->d_sb) && |
1028 | (!d.is_dir || ovl_index_all(dentry->d_sb))) { | |
06170154 | 1029 | index = ovl_lookup_index(ofs, upperdentry, origin, true); |
359f392c AG |
1030 | if (IS_ERR(index)) { |
1031 | err = PTR_ERR(index); | |
1032 | index = NULL; | |
1033 | goto out_put; | |
1034 | } | |
1035 | } | |
1036 | ||
bbb1e54d MS |
1037 | oe = ovl_alloc_entry(ctr); |
1038 | err = -ENOMEM; | |
1039 | if (!oe) | |
1040 | goto out_put; | |
1041 | ||
b9343632 | 1042 | memcpy(oe->lowerstack, stack, sizeof(struct ovl_path) * ctr); |
e6d2ebdd | 1043 | dentry->d_fsdata = oe; |
bbb1e54d | 1044 | |
c62520a8 AG |
1045 | if (upperopaque) |
1046 | ovl_dentry_set_opaque(dentry); | |
1047 | ||
55acc661 MS |
1048 | if (upperdentry) |
1049 | ovl_dentry_set_upper_alias(dentry); | |
0a2d0d3f | 1050 | else if (index) { |
359f392c | 1051 | upperdentry = dget(index); |
0a2d0d3f VG |
1052 | upperredirect = ovl_get_redirect_xattr(upperdentry, 0); |
1053 | if (IS_ERR(upperredirect)) { | |
1054 | err = PTR_ERR(upperredirect); | |
1055 | upperredirect = NULL; | |
1056 | goto out_free_oe; | |
1057 | } | |
1058 | } | |
359f392c | 1059 | |
e6d2ebdd | 1060 | if (upperdentry || ctr) { |
ac6a52eb VG |
1061 | struct ovl_inode_params oip = { |
1062 | .upperdentry = upperdentry, | |
1063 | .lowerpath = stack, | |
1064 | .index = index, | |
1065 | .numlower = ctr, | |
9cec54c8 | 1066 | .redirect = upperredirect, |
2664bd08 VG |
1067 | .lowerdata = (ctr > 1 && !d.is_dir) ? |
1068 | stack[ctr - 1].dentry : NULL, | |
ac6a52eb VG |
1069 | }; |
1070 | ||
1071 | inode = ovl_get_inode(dentry->d_sb, &oip); | |
b9ac5c27 MS |
1072 | err = PTR_ERR(inode); |
1073 | if (IS_ERR(inode)) | |
bbb1e54d | 1074 | goto out_free_oe; |
bbb1e54d MS |
1075 | } |
1076 | ||
1077 | revert_creds(old_cred); | |
9d3dfea3 VG |
1078 | if (origin_path) { |
1079 | dput(origin_path->dentry); | |
1080 | kfree(origin_path); | |
1081 | } | |
359f392c | 1082 | dput(index); |
bbb1e54d | 1083 | kfree(stack); |
02b69b28 | 1084 | kfree(d.redirect); |
829c28be | 1085 | return d_splice_alias(inode, dentry); |
bbb1e54d MS |
1086 | |
1087 | out_free_oe: | |
e6d2ebdd | 1088 | dentry->d_fsdata = NULL; |
bbb1e54d MS |
1089 | kfree(oe); |
1090 | out_put: | |
359f392c | 1091 | dput(index); |
bbb1e54d MS |
1092 | for (i = 0; i < ctr; i++) |
1093 | dput(stack[i].dentry); | |
1094 | kfree(stack); | |
1095 | out_put_upper: | |
9d3dfea3 VG |
1096 | if (origin_path) { |
1097 | dput(origin_path->dentry); | |
1098 | kfree(origin_path); | |
1099 | } | |
bbb1e54d | 1100 | dput(upperdentry); |
02b69b28 | 1101 | kfree(upperredirect); |
bbb1e54d | 1102 | out: |
02b69b28 | 1103 | kfree(d.redirect); |
bbb1e54d MS |
1104 | revert_creds(old_cred); |
1105 | return ERR_PTR(err); | |
1106 | } | |
1107 | ||
1108 | bool ovl_lower_positive(struct dentry *dentry) | |
1109 | { | |
bbb1e54d MS |
1110 | struct ovl_entry *poe = dentry->d_parent->d_fsdata; |
1111 | const struct qstr *name = &dentry->d_name; | |
6d0a8a90 | 1112 | const struct cred *old_cred; |
bbb1e54d MS |
1113 | unsigned int i; |
1114 | bool positive = false; | |
1115 | bool done = false; | |
1116 | ||
1117 | /* | |
1118 | * If dentry is negative, then lower is positive iff this is a | |
1119 | * whiteout. | |
1120 | */ | |
1121 | if (!dentry->d_inode) | |
c62520a8 | 1122 | return ovl_dentry_is_opaque(dentry); |
bbb1e54d MS |
1123 | |
1124 | /* Negative upper -> positive lower */ | |
09d8b586 | 1125 | if (!ovl_dentry_upper(dentry)) |
bbb1e54d MS |
1126 | return true; |
1127 | ||
6d0a8a90 | 1128 | old_cred = ovl_override_creds(dentry->d_sb); |
bbb1e54d MS |
1129 | /* Positive upper -> have to look up lower to see whether it exists */ |
1130 | for (i = 0; !done && !positive && i < poe->numlower; i++) { | |
1131 | struct dentry *this; | |
1132 | struct dentry *lowerdir = poe->lowerstack[i].dentry; | |
1133 | ||
1134 | this = lookup_one_len_unlocked(name->name, lowerdir, | |
1135 | name->len); | |
1136 | if (IS_ERR(this)) { | |
1137 | switch (PTR_ERR(this)) { | |
1138 | case -ENOENT: | |
1139 | case -ENAMETOOLONG: | |
1140 | break; | |
1141 | ||
1142 | default: | |
1143 | /* | |
1144 | * Assume something is there, we just couldn't | |
1145 | * access it. | |
1146 | */ | |
1147 | positive = true; | |
1148 | break; | |
1149 | } | |
1150 | } else { | |
1151 | if (this->d_inode) { | |
1152 | positive = !ovl_is_whiteout(this); | |
1153 | done = true; | |
1154 | } | |
1155 | dput(this); | |
1156 | } | |
1157 | } | |
6d0a8a90 | 1158 | revert_creds(old_cred); |
bbb1e54d MS |
1159 | |
1160 | return positive; | |
1161 | } |