]>
git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - fs/overlayfs/namei.c
2 * Copyright (C) 2011 Novell Inc.
3 * Copyright (C) 2016 Red Hat, Inc.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
11 #include <linux/cred.h>
12 #include <linux/namei.h>
13 #include <linux/xattr.h>
14 #include <linux/ratelimit.h>
15 #include <linux/mount.h>
16 #include <linux/exportfs.h>
17 #include "overlayfs.h"
18 #include "ovl_entry.h"
20 struct ovl_lookup_data
{
29 static int ovl_check_redirect(struct dentry
*dentry
, struct ovl_lookup_data
*d
,
30 size_t prelen
, const char *post
)
33 char *s
, *next
, *buf
= NULL
;
35 res
= vfs_getxattr(dentry
, OVL_XATTR_REDIRECT
, NULL
, 0);
37 if (res
== -ENODATA
|| res
== -EOPNOTSUPP
)
41 buf
= kzalloc(prelen
+ res
+ strlen(post
) + 1, GFP_TEMPORARY
);
48 res
= vfs_getxattr(dentry
, OVL_XATTR_REDIRECT
, buf
, res
);
54 for (s
= buf
; *s
++ == '/'; s
= next
) {
55 next
= strchrnul(s
, '/');
60 if (strchr(buf
, '/') != NULL
)
63 memmove(buf
+ prelen
, buf
, res
);
64 memcpy(buf
, d
->name
.name
, prelen
);
70 d
->name
.name
= d
->redirect
;
71 d
->name
.len
= strlen(d
->redirect
);
79 pr_warn_ratelimited("overlayfs: failed to get redirect (%i)\n", res
);
82 pr_warn_ratelimited("overlayfs: invalid redirect (%s)\n", buf
);
86 static int ovl_acceptable(void *ctx
, struct dentry
*dentry
)
91 static struct dentry
*ovl_get_origin(struct dentry
*dentry
,
95 struct ovl_fh
*fh
= NULL
;
96 struct dentry
*origin
= NULL
;
99 res
= vfs_getxattr(dentry
, OVL_XATTR_ORIGIN
, NULL
, 0);
101 if (res
== -ENODATA
|| res
== -EOPNOTSUPP
)
105 /* Zero size value means "copied up but origin unknown" */
109 fh
= kzalloc(res
, GFP_TEMPORARY
);
111 return ERR_PTR(-ENOMEM
);
113 res
= vfs_getxattr(dentry
, OVL_XATTR_ORIGIN
, fh
, res
);
117 if (res
< sizeof(struct ovl_fh
) || res
< fh
->len
)
120 if (fh
->magic
!= OVL_FH_MAGIC
)
123 /* Treat larger version and unknown flags as "origin unknown" */
124 if (fh
->version
> OVL_FH_VERSION
|| fh
->flags
& ~OVL_FH_FLAG_ALL
)
127 /* Treat endianness mismatch as "origin unknown" */
128 if (!(fh
->flags
& OVL_FH_FLAG_ANY_ENDIAN
) &&
129 (fh
->flags
& OVL_FH_FLAG_BIG_ENDIAN
) != OVL_FH_FLAG_CPU_ENDIAN
)
132 bytes
= (fh
->len
- offsetof(struct ovl_fh
, fid
));
135 * Make sure that the stored uuid matches the uuid of the lower
136 * layer where file handle will be decoded.
138 if (uuid_be_cmp(fh
->uuid
, *(uuid_be
*) &mnt
->mnt_sb
->s_uuid
))
141 origin
= exportfs_decode_fh(mnt
, (struct fid
*)fh
->fid
,
142 bytes
>> 2, (int)fh
->type
,
143 ovl_acceptable
, NULL
);
144 if (IS_ERR(origin
)) {
145 /* Treat stale file handle as "origin unknown" */
146 if (origin
== ERR_PTR(-ESTALE
))
151 if (ovl_dentry_weird(origin
) ||
152 ((d_inode(origin
)->i_mode
^ d_inode(dentry
)->i_mode
) & S_IFMT
)) {
163 pr_warn_ratelimited("overlayfs: failed to get origin (%i)\n", res
);
166 pr_warn_ratelimited("overlayfs: invalid origin (%*phN)\n", res
, fh
);
170 static bool ovl_is_opaquedir(struct dentry
*dentry
)
172 return ovl_check_dir_xattr(dentry
, OVL_XATTR_OPAQUE
);
175 static int ovl_lookup_single(struct dentry
*base
, struct ovl_lookup_data
*d
,
176 const char *name
, unsigned int namelen
,
177 size_t prelen
, const char *post
,
183 this = lookup_one_len_unlocked(name
, base
, namelen
);
187 if (err
== -ENOENT
|| err
== -ENAMETOOLONG
)
194 if (ovl_dentry_weird(this)) {
195 /* Don't support traversing automounts and other weirdness */
199 if (ovl_is_whiteout(this)) {
200 d
->stop
= d
->opaque
= true;
203 if (!d_can_lookup(this)) {
210 if (!d
->last
&& ovl_is_opaquedir(this)) {
211 d
->stop
= d
->opaque
= true;
214 err
= ovl_check_redirect(this, d
, prelen
, post
);
231 static int ovl_lookup_layer(struct dentry
*base
, struct ovl_lookup_data
*d
,
234 /* Counting down from the end, since the prefix can change */
235 size_t rem
= d
->name
.len
- 1;
236 struct dentry
*dentry
= NULL
;
239 if (d
->name
.name
[0] != '/')
240 return ovl_lookup_single(base
, d
, d
->name
.name
, d
->name
.len
,
243 while (!IS_ERR_OR_NULL(base
) && d_can_lookup(base
)) {
244 const char *s
= d
->name
.name
+ d
->name
.len
- rem
;
245 const char *next
= strchrnul(s
, '/');
246 size_t thislen
= next
- s
;
249 /* Verify we did not go off the rails */
250 if (WARN_ON(s
[-1] != '/'))
253 err
= ovl_lookup_single(base
, d
, s
, thislen
,
254 d
->name
.len
- rem
, next
, &base
);
264 if (WARN_ON(rem
>= d
->name
.len
))
272 static int ovl_check_origin(struct dentry
*dentry
, struct dentry
*upperdentry
,
273 struct path
**stackp
, unsigned int *ctrp
)
275 struct super_block
*same_sb
= ovl_same_sb(dentry
->d_sb
);
276 struct ovl_entry
*roe
= dentry
->d_sb
->s_root
->d_fsdata
;
277 struct vfsmount
*mnt
;
278 struct dentry
*origin
;
280 if (!same_sb
|| !roe
->numlower
)
284 * Since all layers are on the same fs, we use the first layer for
285 * decoding the file handle. We may get a disconnected dentry,
286 * which is fine, because we only need to hold the origin inode in
287 * cache and use its inode number. We may even get a connected dentry,
288 * that is not under the first layer's root. That is also fine for
289 * using it's inode number - it's the same as if we held a reference
290 * to a dentry in first layer that was moved under us.
292 mnt
= roe
->lowerstack
[0].mnt
;
294 origin
= ovl_get_origin(upperdentry
, mnt
);
295 if (IS_ERR_OR_NULL(origin
))
296 return PTR_ERR(origin
);
298 BUG_ON(*stackp
|| *ctrp
);
299 *stackp
= kmalloc(sizeof(struct path
), GFP_TEMPORARY
);
304 **stackp
= (struct path
) { .dentry
= origin
, .mnt
= mnt
};
311 * Returns next layer in stack starting from top.
312 * Returns -1 if this is the last layer.
314 int ovl_path_next(int idx
, struct dentry
*dentry
, struct path
*path
)
316 struct ovl_entry
*oe
= dentry
->d_fsdata
;
320 ovl_path_upper(dentry
, path
);
322 return oe
->numlower
? 1 : -1;
325 BUG_ON(idx
> oe
->numlower
);
326 *path
= oe
->lowerstack
[idx
- 1];
328 return (idx
< oe
->numlower
) ? idx
+ 1 : -1;
331 struct dentry
*ovl_lookup(struct inode
*dir
, struct dentry
*dentry
,
334 struct ovl_entry
*oe
;
335 const struct cred
*old_cred
;
336 struct ovl_fs
*ofs
= dentry
->d_sb
->s_fs_info
;
337 struct ovl_entry
*poe
= dentry
->d_parent
->d_fsdata
;
338 struct ovl_entry
*roe
= dentry
->d_sb
->s_root
->d_fsdata
;
339 struct path
*stack
= NULL
;
340 struct dentry
*upperdir
, *upperdentry
= NULL
;
341 unsigned int ctr
= 0;
342 struct inode
*inode
= NULL
;
343 bool upperopaque
= false;
344 bool upperimpure
= false;
345 char *upperredirect
= NULL
;
349 struct ovl_lookup_data d
= {
350 .name
= dentry
->d_name
,
354 .last
= !poe
->numlower
,
358 if (dentry
->d_name
.len
> ofs
->namelen
)
359 return ERR_PTR(-ENAMETOOLONG
);
361 old_cred
= ovl_override_creds(dentry
->d_sb
);
362 upperdir
= ovl_upperdentry_dereference(poe
);
364 err
= ovl_lookup_layer(upperdir
, &d
, &upperdentry
);
368 if (upperdentry
&& unlikely(ovl_dentry_remote(upperdentry
))) {
373 if (upperdentry
&& !d
.is_dir
) {
374 BUG_ON(!d
.stop
|| d
.redirect
);
375 err
= ovl_check_origin(dentry
, upperdentry
,
382 upperredirect
= kstrdup(d
.redirect
, GFP_KERNEL
);
385 if (d
.redirect
[0] == '/')
388 upperopaque
= d
.opaque
;
389 if (upperdentry
&& d
.is_dir
)
390 upperimpure
= ovl_is_impuredir(upperdentry
);
393 if (!d
.stop
&& poe
->numlower
) {
395 stack
= kcalloc(ofs
->numlower
, sizeof(struct path
),
401 for (i
= 0; !d
.stop
&& i
< poe
->numlower
; i
++) {
402 struct path lowerpath
= poe
->lowerstack
[i
];
404 d
.last
= i
== poe
->numlower
- 1;
405 err
= ovl_lookup_layer(lowerpath
.dentry
, &d
, &this);
412 stack
[ctr
].dentry
= this;
413 stack
[ctr
].mnt
= lowerpath
.mnt
;
419 if (d
.redirect
&& d
.redirect
[0] == '/' && poe
!= roe
) {
422 /* Find the current layer on the root dentry */
423 for (i
= 0; i
< poe
->numlower
; i
++)
424 if (poe
->lowerstack
[i
].mnt
== lowerpath
.mnt
)
426 if (WARN_ON(i
== poe
->numlower
))
431 oe
= ovl_alloc_entry(ctr
);
436 if (upperdentry
|| ctr
) {
437 struct dentry
*realdentry
;
438 struct inode
*realinode
;
440 realdentry
= upperdentry
? upperdentry
: stack
[0].dentry
;
441 realinode
= d_inode(realdentry
);
444 if (upperdentry
&& !d_is_dir(upperdentry
)) {
445 inode
= ovl_get_inode(dentry
->d_sb
, realinode
);
447 inode
= ovl_new_inode(dentry
->d_sb
, realinode
->i_mode
,
450 ovl_inode_init(inode
, realinode
, !!upperdentry
);
454 ovl_copyattr(realdentry
->d_inode
, inode
);
457 revert_creds(old_cred
);
458 oe
->opaque
= upperopaque
;
459 oe
->impure
= upperimpure
;
460 oe
->redirect
= upperredirect
;
461 oe
->__upperdentry
= upperdentry
;
462 memcpy(oe
->lowerstack
, stack
, sizeof(struct path
) * ctr
);
465 dentry
->d_fsdata
= oe
;
466 d_add(dentry
, inode
);
473 for (i
= 0; i
< ctr
; i
++)
474 dput(stack
[i
].dentry
);
478 kfree(upperredirect
);
481 revert_creds(old_cred
);
485 bool ovl_lower_positive(struct dentry
*dentry
)
487 struct ovl_entry
*oe
= dentry
->d_fsdata
;
488 struct ovl_entry
*poe
= dentry
->d_parent
->d_fsdata
;
489 const struct qstr
*name
= &dentry
->d_name
;
491 bool positive
= false;
495 * If dentry is negative, then lower is positive iff this is a
498 if (!dentry
->d_inode
)
501 /* Negative upper -> positive lower */
502 if (!oe
->__upperdentry
)
505 /* Positive upper -> have to look up lower to see whether it exists */
506 for (i
= 0; !done
&& !positive
&& i
< poe
->numlower
; i
++) {
508 struct dentry
*lowerdir
= poe
->lowerstack
[i
].dentry
;
510 this = lookup_one_len_unlocked(name
->name
, lowerdir
,
513 switch (PTR_ERR(this)) {
520 * Assume something is there, we just couldn't
528 positive
= !ovl_is_whiteout(this);