]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/blob - fs/overlayfs/copy_up.c
projects / mirror_ubuntu-hirsute-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: Ubuntu-5.11.0-22.23
[mirror_ubuntu-hirsute-kernel.git] / fs / overlayfs / copy_up.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 *
4 * Copyright (C) 2011 Novell Inc.
5 */
6
7 #include <linux/module.h>
8 #include <linux/fs.h>
9 #include <linux/slab.h>
10 #include <linux/file.h>
11 #include <linux/splice.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/uaccess.h>
15 #include <linux/sched/signal.h>
16 #include <linux/cred.h>
17 #include <linux/namei.h>
18 #include <linux/fdtable.h>
19 #include <linux/ratelimit.h>
20 #include <linux/exportfs.h>
21 #include "overlayfs.h"
22
23 #define OVL_COPY_UP_CHUNK_SIZE (1 << 20)
24
25 static int ovl_ccup_set(const char *buf, const struct kernel_param *param)
26 {
27 pr_warn("\"check_copy_up\" module option is obsolete\n");
28 return 0;
29 }
30
31 static int ovl_ccup_get(char *buf, const struct kernel_param *param)
32 {
33 return sprintf(buf, "N\n");
34 }
35
36 module_param_call(check_copy_up, ovl_ccup_set, ovl_ccup_get, NULL, 0644);
37 MODULE_PARM_DESC(check_copy_up, "Obsolete; does nothing");
38
39 static bool ovl_must_copy_xattr(const char *name)
40 {
41 return !strcmp(name, XATTR_POSIX_ACL_ACCESS) ||
42 !strcmp(name, XATTR_POSIX_ACL_DEFAULT) ||
43 !strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN);
44 }
45
46 int ovl_copy_xattr(struct super_block *sb, struct dentry *old,
47 struct dentry *new)
48 {
49 ssize_t list_size, size, value_size = 0;
50 char *buf, *name, *value = NULL;
51 int error = 0;
52 size_t slen;
53
54 if (!(old->d_inode->i_opflags & IOP_XATTR) ||
55 !(new->d_inode->i_opflags & IOP_XATTR))
56 return 0;
57
58 list_size = vfs_listxattr(old, NULL, 0);
59 if (list_size <= 0) {
60 if (list_size == -EOPNOTSUPP)
61 return 0;
62 return list_size;
63 }
64
65 buf = kzalloc(list_size, GFP_KERNEL);
66 if (!buf)
67 return -ENOMEM;
68
69 list_size = vfs_listxattr(old, buf, list_size);
70 if (list_size <= 0) {
71 error = list_size;
72 goto out;
73 }
74
75 for (name = buf; list_size; name += slen) {
76 slen = strnlen(name, list_size) + 1;
77
78 /* underlying fs providing us with an broken xattr list? */
79 if (WARN_ON(slen > list_size)) {
80 error = -EIO;
81 break;
82 }
83 list_size -= slen;
84
85 if (ovl_is_private_xattr(sb, name))
86 continue;
87
88 error = security_inode_copy_up_xattr(name);
89 if (error < 0 && error != -EOPNOTSUPP)
90 break;
91 if (error == 1) {
92 error = 0;
93 continue; /* Discard */
94 }
95 retry:
96 size = vfs_getxattr(old, name, value, value_size);
97 if (size == -ERANGE)
98 size = vfs_getxattr(old, name, NULL, 0);
99
100 if (size < 0) {
101 error = size;
102 break;
103 }
104
105 if (size > value_size) {
106 void *new;
107
108 new = krealloc(value, size, GFP_KERNEL);
109 if (!new) {
110 error = -ENOMEM;
111 break;
112 }
113 value = new;
114 value_size = size;
115 goto retry;
116 }
117
118 error = vfs_setxattr(new, name, value, size, 0);
119 if (error) {
120 if (error != -EOPNOTSUPP || ovl_must_copy_xattr(name))
121 break;
122
123 /* Ignore failure to copy unknown xattrs */
124 error = 0;
125 }
126 }
127 kfree(value);
128 out:
129 kfree(buf);
130 return error;
131 }
132
133 static int ovl_copy_up_data(struct ovl_fs *ofs, struct path *old,
134 struct path *new, loff_t len)
135 {
136 struct file *old_file;
137 struct file *new_file;
138 loff_t old_pos = 0;
139 loff_t new_pos = 0;
140 loff_t cloned;
141 loff_t data_pos = -1;
142 loff_t hole_len;
143 bool skip_hole = false;
144 int error = 0;
145
146 if (len == 0)
147 return 0;
148
149 old_file = ovl_path_open(old, O_LARGEFILE | O_RDONLY);
150 if (IS_ERR(old_file))
151 return PTR_ERR(old_file);
152
153 new_file = ovl_path_open(new, O_LARGEFILE | O_WRONLY);
154 if (IS_ERR(new_file)) {
155 error = PTR_ERR(new_file);
156 goto out_fput;
157 }
158
159 /* Try to use clone_file_range to clone up within the same fs */
160 cloned = do_clone_file_range(old_file, 0, new_file, 0, len, 0);
161 if (cloned == len)
162 goto out;
163 /* Couldn't clone, so now we try to copy the data */
164
165 /* Check if lower fs supports seek operation */
166 if (old_file->f_mode & FMODE_LSEEK &&
167 old_file->f_op->llseek)
168 skip_hole = true;
169
170 while (len) {
171 size_t this_len = OVL_COPY_UP_CHUNK_SIZE;
172 long bytes;
173
174 if (len < this_len)
175 this_len = len;
176
177 if (signal_pending_state(TASK_KILLABLE, current)) {
178 error = -EINTR;
179 break;
180 }
181
182 /*
183 * Fill zero for hole will cost unnecessary disk space
184 * and meanwhile slow down the copy-up speed, so we do
185 * an optimization for hole during copy-up, it relies
186 * on SEEK_DATA implementation in lower fs so if lower
187 * fs does not support it, copy-up will behave as before.
188 *
189 * Detail logic of hole detection as below:
190 * When we detect next data position is larger than current
191 * position we will skip that hole, otherwise we copy
192 * data in the size of OVL_COPY_UP_CHUNK_SIZE. Actually,
193 * it may not recognize all kind of holes and sometimes
194 * only skips partial of hole area. However, it will be
195 * enough for most of the use cases.
196 */
197
198 if (skip_hole && data_pos < old_pos) {
199 data_pos = vfs_llseek(old_file, old_pos, SEEK_DATA);
200 if (data_pos > old_pos) {
201 hole_len = data_pos - old_pos;
202 len -= hole_len;
203 old_pos = new_pos = data_pos;
204 continue;
205 } else if (data_pos == -ENXIO) {
206 break;
207 } else if (data_pos < 0) {
208 skip_hole = false;
209 }
210 }
211
212 bytes = do_splice_direct(old_file, &old_pos,
213 new_file, &new_pos,
214 this_len, SPLICE_F_MOVE);
215 if (bytes <= 0) {
216 error = bytes;
217 break;
218 }
219 WARN_ON(old_pos != new_pos);
220
221 len -= bytes;
222 }
223 out:
224 if (!error && ovl_should_sync(ofs))
225 error = vfs_fsync(new_file, 0);
226 fput(new_file);
227 out_fput:
228 fput(old_file);
229 return error;
230 }
231
232 static int ovl_set_size(struct dentry *upperdentry, struct kstat *stat)
233 {
234 struct iattr attr = {
235 .ia_valid = ATTR_SIZE,
236 .ia_size = stat->size,
237 };
238
239 return notify_change(upperdentry, &attr, NULL);
240 }
241
242 static int ovl_set_timestamps(struct dentry *upperdentry, struct kstat *stat)
243 {
244 struct iattr attr = {
245 .ia_valid =
246 ATTR_ATIME | ATTR_MTIME | ATTR_ATIME_SET | ATTR_MTIME_SET,
247 .ia_atime = stat->atime,
248 .ia_mtime = stat->mtime,
249 };
250
251 return notify_change(upperdentry, &attr, NULL);
252 }
253
254 int ovl_set_attr(struct dentry *upperdentry, struct kstat *stat)
255 {
256 int err = 0;
257
258 /*
259 * For the most part we want to set the mode bits before setting
260 * the user, otherwise the current context might lack permission
261 * for setting the mode. However for sxid/sticky bits we want
262 * the operation to fail if the current user isn't privileged
263 * towards the resulting inode. So we first set the mode but
264 * exclude the sxid/sticky bits, then set the user, then set the
265 * mode again if any of the sxid/sticky bits are set.
266 */
267 if (!S_ISLNK(stat->mode)) {
268 struct iattr attr = {
269 .ia_valid = ATTR_MODE,
270 .ia_mode = stat->mode & ~(S_ISUID|S_ISGID|S_ISVTX),
271 };
272 err = notify_change(upperdentry, &attr, NULL);
273 }
274 if (!err) {
275 struct iattr attr = {
276 .ia_valid = ATTR_UID | ATTR_GID,
277 .ia_uid = stat->uid,
278 .ia_gid = stat->gid,
279 };
280 err = notify_change(upperdentry, &attr, NULL);
281 }
282 if (!err && !S_ISLNK(stat->mode) &&
283 (stat->mode & (S_ISUID|S_ISGID|S_ISVTX))) {
284 struct iattr attr = {
285 .ia_valid = ATTR_MODE,
286 .ia_mode = stat->mode,
287 };
288 err = notify_change(upperdentry, &attr, NULL);
289 }
290 if (!err)
291 ovl_set_timestamps(upperdentry, stat);
292
293 return err;
294 }
295
296 struct ovl_fh *ovl_encode_real_fh(struct ovl_fs *ofs, struct dentry *real,
297 bool is_upper)
298 {
299 struct ovl_fh *fh;
300 int fh_type, dwords;
301 int buflen = MAX_HANDLE_SZ;
302 uuid_t *uuid = &real->d_sb->s_uuid;
303 int err;
304
305 /* Make sure the real fid stays 32bit aligned */
306 BUILD_BUG_ON(OVL_FH_FID_OFFSET % 4);
307 BUILD_BUG_ON(MAX_HANDLE_SZ + OVL_FH_FID_OFFSET > 255);
308
309 fh = kzalloc(buflen + OVL_FH_FID_OFFSET, GFP_KERNEL);
310 if (!fh)
311 return ERR_PTR(-ENOMEM);
312
313 /*
314 * We encode a non-connectable file handle for non-dir, because we
315 * only need to find the lower inode number and we don't want to pay
316 * the price or reconnecting the dentry.
317 */
318 dwords = buflen >> 2;
319 fh_type = exportfs_encode_fh(real, (void *)fh->fb.fid, &dwords, 0);
320 buflen = (dwords << 2);
321
322 err = -EIO;
323 if (WARN_ON(fh_type < 0) ||
324 WARN_ON(buflen > MAX_HANDLE_SZ) ||
325 WARN_ON(fh_type == FILEID_INVALID))
326 goto out_err;
327
328 fh->fb.version = OVL_FH_VERSION;
329 fh->fb.magic = OVL_FH_MAGIC;
330 fh->fb.type = fh_type;
331 fh->fb.flags = OVL_FH_FLAG_CPU_ENDIAN;
332 /*
333 * When we will want to decode an overlay dentry from this handle
334 * and all layers are on the same fs, if we get a disconncted real
335 * dentry when we decode fid, the only way to tell if we should assign
336 * it to upperdentry or to lowerstack is by checking this flag.
337 */
338 if (is_upper)
339 fh->fb.flags |= OVL_FH_FLAG_PATH_UPPER;
340 fh->fb.len = sizeof(fh->fb) + buflen;
341 if (ofs->config.uuid)
342 fh->fb.uuid = *uuid;
343
344 return fh;
345
346 out_err:
347 kfree(fh);
348 return ERR_PTR(err);
349 }
350
351 int ovl_set_origin(struct ovl_fs *ofs, struct dentry *dentry,
352 struct dentry *lower, struct dentry *upper)
353 {
354 const struct ovl_fh *fh = NULL;
355 int err;
356
357 /*
358 * When lower layer doesn't support export operations store a 'null' fh,
359 * so we can use the overlay.origin xattr to distignuish between a copy
360 * up and a pure upper inode.
361 */
362 if (ovl_can_decode_fh(lower->d_sb)) {
363 fh = ovl_encode_real_fh(ofs, lower, false);
364 if (IS_ERR(fh))
365 return PTR_ERR(fh);
366 }
367
368 /*
369 * Do not fail when upper doesn't support xattrs.
370 */
371 err = ovl_check_setxattr(dentry, upper, OVL_XATTR_ORIGIN, fh->buf,
372 fh ? fh->fb.len : 0, 0);
373 kfree(fh);
374
375 /* Ignore -EPERM from setting "user.*" on symlink/special */
376 return err == -EPERM ? 0 : err;
377 }
378
379 /* Store file handle of @upper dir in @index dir entry */
380 static int ovl_set_upper_fh(struct ovl_fs *ofs, struct dentry *upper,
381 struct dentry *index)
382 {
383 const struct ovl_fh *fh;
384 int err;
385
386 fh = ovl_encode_real_fh(ofs, upper, true);
387 if (IS_ERR(fh))
388 return PTR_ERR(fh);
389
390 err = ovl_do_setxattr(ofs, index, OVL_XATTR_UPPER, fh->buf, fh->fb.len);
391
392 kfree(fh);
393 return err;
394 }
395
396 /*
397 * Create and install index entry.
398 *
399 * Caller must hold i_mutex on indexdir.
400 */
401 static int ovl_create_index(struct dentry *dentry, struct dentry *origin,
402 struct dentry *upper)
403 {
404 struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
405 struct dentry *indexdir = ovl_indexdir(dentry->d_sb);
406 struct inode *dir = d_inode(indexdir);
407 struct dentry *index = NULL;
408 struct dentry *temp = NULL;
409 struct qstr name = { };
410 int err;
411
412 /*
413 * For now this is only used for creating index entry for directories,
414 * because non-dir are copied up directly to index and then hardlinked
415 * to upper dir.
416 *
417 * TODO: implement create index for non-dir, so we can call it when
418 * encoding file handle for non-dir in case index does not exist.
419 */
420 if (WARN_ON(!d_is_dir(dentry)))
421 return -EIO;
422
423 /* Directory not expected to be indexed before copy up */
424 if (WARN_ON(ovl_test_flag(OVL_INDEX, d_inode(dentry))))
425 return -EIO;
426
427 err = ovl_get_index_name(ofs, origin, &name);
428 if (err)
429 return err;
430
431 temp = ovl_create_temp(indexdir, OVL_CATTR(S_IFDIR | 0));
432 err = PTR_ERR(temp);
433 if (IS_ERR(temp))
434 goto free_name;
435
436 err = ovl_set_upper_fh(ofs, upper, temp);
437 if (err)
438 goto out;
439
440 index = lookup_one_len(name.name, indexdir, name.len);
441 if (IS_ERR(index)) {
442 err = PTR_ERR(index);
443 } else {
444 err = ovl_do_rename(dir, temp, dir, index, 0);
445 dput(index);
446 }
447 out:
448 if (err)
449 ovl_cleanup(dir, temp);
450 dput(temp);
451 free_name:
452 kfree(name.name);
453 return err;
454 }
455
456 struct ovl_copy_up_ctx {
457 struct dentry *parent;
458 struct dentry *dentry;
459 struct path lowerpath;
460 struct kstat stat;
461 struct kstat pstat;
462 const char *link;
463 struct dentry *destdir;
464 struct qstr destname;
465 struct dentry *workdir;
466 bool origin;
467 bool indexed;
468 bool metacopy;
469 };
470
471 static int ovl_link_up(struct ovl_copy_up_ctx *c)
472 {
473 int err;
474 struct dentry *upper;
475 struct dentry *upperdir = ovl_dentry_upper(c->parent);
476 struct inode *udir = d_inode(upperdir);
477
478 /* Mark parent "impure" because it may now contain non-pure upper */
479 err = ovl_set_impure(c->parent, upperdir);
480 if (err)
481 return err;
482
483 err = ovl_set_nlink_lower(c->dentry);
484 if (err)
485 return err;
486
487 inode_lock_nested(udir, I_MUTEX_PARENT);
488 upper = lookup_one_len(c->dentry->d_name.name, upperdir,
489 c->dentry->d_name.len);
490 err = PTR_ERR(upper);
491 if (!IS_ERR(upper)) {
492 err = ovl_do_link(ovl_dentry_upper(c->dentry), udir, upper);
493 dput(upper);
494
495 if (!err) {
496 /* Restore timestamps on parent (best effort) */
497 ovl_set_timestamps(upperdir, &c->pstat);
498 ovl_dentry_set_upper_alias(c->dentry);
499 }
500 }
501 inode_unlock(udir);
502 if (err)
503 return err;
504
505 err = ovl_set_nlink_upper(c->dentry);
506
507 return err;
508 }
509
510 static int ovl_copy_up_inode(struct ovl_copy_up_ctx *c, struct dentry *temp)
511 {
512 struct ovl_fs *ofs = OVL_FS(c->dentry->d_sb);
513 int err;
514
515 /*
516 * Copy up data first and then xattrs. Writing data after
517 * xattrs will remove security.capability xattr automatically.
518 */
519 if (S_ISREG(c->stat.mode) && !c->metacopy) {
520 struct path upperpath, datapath;
521
522 ovl_path_upper(c->dentry, &upperpath);
523 if (WARN_ON(upperpath.dentry != NULL))
524 return -EIO;
525 upperpath.dentry = temp;
526
527 ovl_path_lowerdata(c->dentry, &datapath);
528 err = ovl_copy_up_data(ofs, &datapath, &upperpath,
529 c->stat.size);
530 if (err)
531 return err;
532 }
533
534 err = ovl_copy_xattr(c->dentry->d_sb, c->lowerpath.dentry, temp);
535 if (err)
536 return err;
537
538 /*
539 * Store identifier of lower inode in upper inode xattr to
540 * allow lookup of the copy up origin inode.
541 *
542 * Don't set origin when we are breaking the association with a lower
543 * hard link.
544 */
545 if (c->origin) {
546 err = ovl_set_origin(ofs, c->dentry, c->lowerpath.dentry, temp);
547 if (err)
548 return err;
549 }
550
551 if (c->metacopy) {
552 err = ovl_check_setxattr(c->dentry, temp, OVL_XATTR_METACOPY,
553 NULL, 0, -EOPNOTSUPP);
554 if (err)
555 return err;
556 }
557
558 inode_lock(temp->d_inode);
559 if (S_ISREG(c->stat.mode))
560 err = ovl_set_size(temp, &c->stat);
561 if (!err)
562 err = ovl_set_attr(temp, &c->stat);
563 inode_unlock(temp->d_inode);
564
565 return err;
566 }
567
568 struct ovl_cu_creds {
569 const struct cred *old;
570 struct cred *new;
571 };
572
573 static int ovl_prep_cu_creds(struct dentry *dentry, struct ovl_cu_creds *cc)
574 {
575 int err;
576
577 cc->old = cc->new = NULL;
578 err = security_inode_copy_up(dentry, &cc->new);
579 if (err < 0)
580 return err;
581
582 if (cc->new)
583 cc->old = override_creds(cc->new);
584
585 return 0;
586 }
587
588 static void ovl_revert_cu_creds(struct ovl_cu_creds *cc)
589 {
590 if (cc->new) {
591 revert_creds(cc->old);
592 put_cred(cc->new);
593 }
594 }
595
596 /*
597 * Copyup using workdir to prepare temp file. Used when copying up directories,
598 * special files or when upper fs doesn't support O_TMPFILE.
599 */
600 static int ovl_copy_up_workdir(struct ovl_copy_up_ctx *c)
601 {
602 struct inode *inode;
603 struct inode *udir = d_inode(c->destdir), *wdir = d_inode(c->workdir);
604 struct dentry *temp, *upper;
605 struct ovl_cu_creds cc;
606 int err;
607 struct ovl_cattr cattr = {
608 /* Can't properly set mode on creation because of the umask */
609 .mode = c->stat.mode & S_IFMT,
610 .rdev = c->stat.rdev,
611 .link = c->link
612 };
613
614 /* workdir and destdir could be the same when copying up to indexdir */
615 err = -EIO;
616 if (lock_rename(c->workdir, c->destdir) != NULL)
617 goto unlock;
618
619 err = ovl_prep_cu_creds(c->dentry, &cc);
620 if (err)
621 goto unlock;
622
623 temp = ovl_create_temp(c->workdir, &cattr);
624 ovl_revert_cu_creds(&cc);
625
626 err = PTR_ERR(temp);
627 if (IS_ERR(temp))
628 goto unlock;
629
630 err = ovl_copy_up_inode(c, temp);
631 if (err)
632 goto cleanup;
633
634 if (S_ISDIR(c->stat.mode) && c->indexed) {
635 err = ovl_create_index(c->dentry, c->lowerpath.dentry, temp);
636 if (err)
637 goto cleanup;
638 }
639
640 upper = lookup_one_len(c->destname.name, c->destdir, c->destname.len);
641 err = PTR_ERR(upper);
642 if (IS_ERR(upper))
643 goto cleanup;
644
645 err = ovl_do_rename(wdir, temp, udir, upper, 0);
646 dput(upper);
647 if (err)
648 goto cleanup;
649
650 if (!c->metacopy)
651 ovl_set_upperdata(d_inode(c->dentry));
652 inode = d_inode(c->dentry);
653 ovl_inode_update(inode, temp);
654 if (S_ISDIR(inode->i_mode))
655 ovl_set_flag(OVL_WHITEOUTS, inode);
656 unlock:
657 unlock_rename(c->workdir, c->destdir);
658
659 return err;
660
661 cleanup:
662 ovl_cleanup(wdir, temp);
663 dput(temp);
664 goto unlock;
665 }
666
667 /* Copyup using O_TMPFILE which does not require cross dir locking */
668 static int ovl_copy_up_tmpfile(struct ovl_copy_up_ctx *c)
669 {
670 struct inode *udir = d_inode(c->destdir);
671 struct dentry *temp, *upper;
672 struct ovl_cu_creds cc;
673 int err;
674
675 err = ovl_prep_cu_creds(c->dentry, &cc);
676 if (err)
677 return err;
678
679 temp = ovl_do_tmpfile(c->workdir, c->stat.mode);
680 ovl_revert_cu_creds(&cc);
681
682 if (IS_ERR(temp))
683 return PTR_ERR(temp);
684
685 err = ovl_copy_up_inode(c, temp);
686 if (err)
687 goto out_dput;
688
689 inode_lock_nested(udir, I_MUTEX_PARENT);
690
691 upper = lookup_one_len(c->destname.name, c->destdir, c->destname.len);
692 err = PTR_ERR(upper);
693 if (!IS_ERR(upper)) {
694 err = ovl_do_link(temp, udir, upper);
695 dput(upper);
696 }
697 inode_unlock(udir);
698
699 if (err)
700 goto out_dput;
701
702 if (!c->metacopy)
703 ovl_set_upperdata(d_inode(c->dentry));
704 ovl_inode_update(d_inode(c->dentry), temp);
705
706 return 0;
707
708 out_dput:
709 dput(temp);
710 return err;
711 }
712
713 /*
714 * Copy up a single dentry
715 *
716 * All renames start with copy up of source if necessary. The actual
717 * rename will only proceed once the copy up was successful. Copy up uses
718 * upper parent i_mutex for exclusion. Since rename can change d_parent it
719 * is possible that the copy up will lock the old parent. At that point
720 * the file will have already been copied up anyway.
721 */
722 static int ovl_do_copy_up(struct ovl_copy_up_ctx *c)
723 {
724 int err;
725 struct ovl_fs *ofs = OVL_FS(c->dentry->d_sb);
726 bool to_index = false;
727
728 /*
729 * Indexed non-dir is copied up directly to the index entry and then
730 * hardlinked to upper dir. Indexed dir is copied up to indexdir,
731 * then index entry is created and then copied up dir installed.
732 * Copying dir up to indexdir instead of workdir simplifies locking.
733 */
734 if (ovl_need_index(c->dentry)) {
735 c->indexed = true;
736 if (S_ISDIR(c->stat.mode))
737 c->workdir = ovl_indexdir(c->dentry->d_sb);
738 else
739 to_index = true;
740 }
741
742 if (S_ISDIR(c->stat.mode) || c->stat.nlink == 1 || to_index)
743 c->origin = true;
744
745 if (to_index) {
746 c->destdir = ovl_indexdir(c->dentry->d_sb);
747 err = ovl_get_index_name(ofs, c->lowerpath.dentry, &c->destname);
748 if (err)
749 return err;
750 } else if (WARN_ON(!c->parent)) {
751 /* Disconnected dentry must be copied up to index dir */
752 return -EIO;
753 } else {
754 /*
755 * Mark parent "impure" because it may now contain non-pure
756 * upper
757 */
758 err = ovl_set_impure(c->parent, c->destdir);
759 if (err)
760 return err;
761 }
762
763 /* Should we copyup with O_TMPFILE or with workdir? */
764 if (S_ISREG(c->stat.mode) && ofs->tmpfile)
765 err = ovl_copy_up_tmpfile(c);
766 else
767 err = ovl_copy_up_workdir(c);
768 if (err)
769 goto out;
770
771 if (c->indexed)
772 ovl_set_flag(OVL_INDEX, d_inode(c->dentry));
773
774 if (to_index) {
775 /* Initialize nlink for copy up of disconnected dentry */
776 err = ovl_set_nlink_upper(c->dentry);
777 } else {
778 struct inode *udir = d_inode(c->destdir);
779
780 /* Restore timestamps on parent (best effort) */
781 inode_lock(udir);
782 ovl_set_timestamps(c->destdir, &c->pstat);
783 inode_unlock(udir);
784
785 ovl_dentry_set_upper_alias(c->dentry);
786 }
787
788 out:
789 if (to_index)
790 kfree(c->destname.name);
791 return err;
792 }
793
794 static bool ovl_need_meta_copy_up(struct dentry *dentry, umode_t mode,
795 int flags)
796 {
797 struct ovl_fs *ofs = dentry->d_sb->s_fs_info;
798
799 if (!ofs->config.metacopy)
800 return false;
801
802 if (!S_ISREG(mode))
803 return false;
804
805 if (flags && ((OPEN_FMODE(flags) & FMODE_WRITE) || (flags & O_TRUNC)))
806 return false;
807
808 return true;
809 }
810
811 static ssize_t ovl_getxattr(struct dentry *dentry, char *name, char **value)
812 {
813 ssize_t res;
814 char *buf;
815
816 res = vfs_getxattr(dentry, name, NULL, 0);
817 if (res == -ENODATA || res == -EOPNOTSUPP)
818 res = 0;
819
820 if (res > 0) {
821 buf = kzalloc(res, GFP_KERNEL);
822 if (!buf)
823 return -ENOMEM;
824
825 res = vfs_getxattr(dentry, name, buf, res);
826 if (res < 0)
827 kfree(buf);
828 else
829 *value = buf;
830 }
831 return res;
832 }
833
834 /* Copy up data of an inode which was copied up metadata only in the past. */
835 static int ovl_copy_up_meta_inode_data(struct ovl_copy_up_ctx *c)
836 {
837 struct ovl_fs *ofs = OVL_FS(c->dentry->d_sb);
838 struct path upperpath, datapath;
839 int err;
840 char *capability = NULL;
841 ssize_t cap_size;
842
843 ovl_path_upper(c->dentry, &upperpath);
844 if (WARN_ON(upperpath.dentry == NULL))
845 return -EIO;
846
847 ovl_path_lowerdata(c->dentry, &datapath);
848 if (WARN_ON(datapath.dentry == NULL))
849 return -EIO;
850
851 if (c->stat.size) {
852 err = cap_size = ovl_getxattr(upperpath.dentry, XATTR_NAME_CAPS,
853 &capability);
854 if (cap_size < 0)
855 goto out;
856 }
857
858 err = ovl_copy_up_data(ofs, &datapath, &upperpath, c->stat.size);
859 if (err)
860 goto out_free;
861
862 /*
863 * Writing to upper file will clear security.capability xattr. We
864 * don't want that to happen for normal copy-up operation.
865 */
866 if (capability) {
867 err = vfs_setxattr(upperpath.dentry, XATTR_NAME_CAPS,
868 capability, cap_size, 0);
869 if (err)
870 goto out_free;
871 }
872
873
874 err = ovl_do_removexattr(ofs, upperpath.dentry, OVL_XATTR_METACOPY);
875 if (err)
876 goto out_free;
877
878 ovl_set_upperdata(d_inode(c->dentry));
879 out_free:
880 kfree(capability);
881 out:
882 return err;
883 }
884
885 static int ovl_copy_up_one(struct dentry *parent, struct dentry *dentry,
886 int flags)
887 {
888 int err;
889 DEFINE_DELAYED_CALL(done);
890 struct path parentpath;
891 struct ovl_copy_up_ctx ctx = {
892 .parent = parent,
893 .dentry = dentry,
894 .workdir = ovl_workdir(dentry),
895 };
896
897 if (WARN_ON(!ctx.workdir))
898 return -EROFS;
899
900 ovl_path_lower(dentry, &ctx.lowerpath);
901 err = vfs_getattr(&ctx.lowerpath, &ctx.stat,
902 STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
903 if (err)
904 return err;
905
906 ctx.metacopy = ovl_need_meta_copy_up(dentry, ctx.stat.mode, flags);
907
908 if (parent) {
909 ovl_path_upper(parent, &parentpath);
910 ctx.destdir = parentpath.dentry;
911 ctx.destname = dentry->d_name;
912
913 err = vfs_getattr(&parentpath, &ctx.pstat,
914 STATX_ATIME | STATX_MTIME,
915 AT_STATX_SYNC_AS_STAT);
916 if (err)
917 return err;
918 }
919
920 /* maybe truncate regular file. this has no effect on dirs */
921 if (flags & O_TRUNC)
922 ctx.stat.size = 0;
923
924 if (S_ISLNK(ctx.stat.mode)) {
925 ctx.link = vfs_get_link(ctx.lowerpath.dentry, &done);
926 if (IS_ERR(ctx.link))
927 return PTR_ERR(ctx.link);
928 }
929
930 err = ovl_copy_up_start(dentry, flags);
931 /* err < 0: interrupted, err > 0: raced with another copy-up */
932 if (unlikely(err)) {
933 if (err > 0)
934 err = 0;
935 } else {
936 if (!ovl_dentry_upper(dentry))
937 err = ovl_do_copy_up(&ctx);
938 if (!err && parent && !ovl_dentry_has_upper_alias(dentry))
939 err = ovl_link_up(&ctx);
940 if (!err && ovl_dentry_needs_data_copy_up_locked(dentry, flags))
941 err = ovl_copy_up_meta_inode_data(&ctx);
942 ovl_copy_up_end(dentry);
943 }
944 do_delayed_call(&done);
945
946 return err;
947 }
948
949 static int ovl_copy_up_flags(struct dentry *dentry, int flags)
950 {
951 int err = 0;
952 const struct cred *old_cred;
953 bool disconnected = (dentry->d_flags & DCACHE_DISCONNECTED);
954
955 /*
956 * With NFS export, copy up can get called for a disconnected non-dir.
957 * In this case, we will copy up lower inode to index dir without
958 * linking it to upper dir.
959 */
960 if (WARN_ON(disconnected && d_is_dir(dentry)))
961 return -EIO;
962
963 old_cred = ovl_override_creds(dentry->d_sb);
964 while (!err) {
965 struct dentry *next;
966 struct dentry *parent = NULL;
967
968 if (ovl_already_copied_up(dentry, flags))
969 break;
970
971 next = dget(dentry);
972 /* find the topmost dentry not yet copied up */
973 for (; !disconnected;) {
974 parent = dget_parent(next);
975
976 if (ovl_dentry_upper(parent))
977 break;
978
979 dput(next);
980 next = parent;
981 }
982
983 err = ovl_copy_up_one(parent, next, flags);
984
985 dput(parent);
986 dput(next);
987 }
988 revert_creds(old_cred);
989
990 return err;
991 }
992
993 static bool ovl_open_need_copy_up(struct dentry *dentry, int flags)
994 {
995 /* Copy up of disconnected dentry does not set upper alias */
996 if (ovl_already_copied_up(dentry, flags))
997 return false;
998
999 if (special_file(d_inode(dentry)->i_mode))
1000 return false;
1001
1002 if (!ovl_open_flags_need_copy_up(flags))
1003 return false;
1004
1005 return true;
1006 }
1007
1008 int ovl_maybe_copy_up(struct dentry *dentry, int flags)
1009 {
1010 int err = 0;
1011
1012 if (ovl_open_need_copy_up(dentry, flags)) {
1013 err = ovl_want_write(dentry);
1014 if (!err) {
1015 err = ovl_copy_up_flags(dentry, flags);
1016 ovl_drop_write(dentry);
1017 }
1018 }
1019
1020 return err;
1021 }
1022
1023 int ovl_copy_up_with_data(struct dentry *dentry)
1024 {
1025 return ovl_copy_up_flags(dentry, O_WRONLY);
1026 }
1027
1028 int ovl_copy_up(struct dentry *dentry)
1029 {
1030 return ovl_copy_up_flags(dentry, 0);
1031 }
Ubuntu Hirsute Linux kernel mirror