1/* 2 * 3 * Copyright (C) 2011 Novell Inc. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 as published by 7 * the Free Software Foundation. 8 */ 9 10#include <linux/fs.h> 11#include <linux/namei.h> 12#include <linux/xattr.h> 13#include <linux/security.h> 14#include <linux/cred.h> 15#include "overlayfs.h" 16 17void ovl_cleanup(struct inode *wdir, struct dentry *wdentry) 18{ 19 int err; 20 21 dget(wdentry); 22 if (d_is_dir(wdentry)) 23 err = ovl_do_rmdir(wdir, wdentry); 24 else 25 err = ovl_do_unlink(wdir, wdentry); 26 dput(wdentry); 27 28 if (err) { 29 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n", 30 wdentry, err); 31 } 32} 33 34struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry) 35{ 36 struct dentry *temp; 37 char name[20]; 38 39 snprintf(name, sizeof(name), "#%lx", (unsigned long) dentry); 40 41 temp = lookup_one_len(name, workdir, strlen(name)); 42 if (!IS_ERR(temp) && temp->d_inode) { 43 pr_err("overlayfs: workdir/%s already exists\n", name); 44 dput(temp); 45 temp = ERR_PTR(-EIO); 46 } 47 48 return temp; 49} 50 51/* caller holds i_mutex on workdir */ 52static struct dentry *ovl_whiteout(struct dentry *workdir, 53 struct dentry *dentry) 54{ 55 int err; 56 struct dentry *whiteout; 57 struct inode *wdir = workdir->d_inode; 58 59 whiteout = ovl_lookup_temp(workdir, dentry); 60 if (IS_ERR(whiteout)) 61 return whiteout; 62 63 err = ovl_do_whiteout(wdir, whiteout); 64 if (err) { 65 dput(whiteout); 66 whiteout = ERR_PTR(err); 67 } 68 69 return whiteout; 70} 71 72int ovl_create_real(struct inode *dir, struct dentry *newdentry, 73 struct kstat *stat, const char *link, 74 struct dentry *hardlink, bool debug) 75{ 76 int err; 77 78 if (newdentry->d_inode) 79 return -ESTALE; 80 81 if (hardlink) { 82 err = ovl_do_link(hardlink, dir, newdentry, debug); 83 } else { 84 switch (stat->mode & S_IFMT) { 85 case S_IFREG: 86 err = ovl_do_create(dir, newdentry, stat->mode, debug); 87 break; 88 89 case S_IFDIR: 90 err = ovl_do_mkdir(dir, newdentry, stat->mode, debug); 91 break; 92 93 case S_IFCHR: 94 case S_IFBLK: 95 case S_IFIFO: 96 case S_IFSOCK: 97 err = ovl_do_mknod(dir, newdentry, 98 stat->mode, stat->rdev, debug); 99 break; 100 101 case S_IFLNK: 102 err = ovl_do_symlink(dir, newdentry, link, debug); 103 break; 104 105 default: 106 err = -EPERM; 107 } 108 } 109 if (!err && WARN_ON(!newdentry->d_inode)) { 110 /* 111 * Not quite sure if non-instantiated dentry is legal or not. 112 * VFS doesn't seem to care so check and warn here. 113 */ 114 err = -ENOENT; 115 } 116 return err; 117} 118 119static int ovl_set_opaque(struct dentry *upperdentry) 120{ 121 return ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0); 122} 123 124static void ovl_remove_opaque(struct dentry *upperdentry) 125{ 126 int err; 127 128 err = ovl_do_removexattr(upperdentry, OVL_XATTR_OPAQUE); 129 if (err) { 130 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n", 131 upperdentry->d_name.name, err); 132 } 133} 134 135static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry, 136 struct kstat *stat) 137{ 138 int err; 139 enum ovl_path_type type; 140 struct path realpath; 141 142 type = ovl_path_real(dentry, &realpath); 143 err = vfs_getattr(&realpath, stat); 144 if (err) 145 return err; 146 147 stat->dev = dentry->d_sb->s_dev; 148 stat->ino = dentry->d_inode->i_ino; 149 150 /* 151 * It's probably not worth it to count subdirs to get the 152 * correct link count. nlink=1 seems to pacify 'find' and 153 * other utilities. 154 */ 155 if (OVL_TYPE_MERGE(type)) 156 stat->nlink = 1; 157 158 return 0; 159} 160 161static int ovl_create_upper(struct dentry *dentry, struct inode *inode, 162 struct kstat *stat, const char *link, 163 struct dentry *hardlink) 164{ 165 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 166 struct inode *udir = upperdir->d_inode; 167 struct dentry *newdentry; 168 int err; 169 170 mutex_lock_nested(&udir->i_mutex, I_MUTEX_PARENT); 171 newdentry = lookup_one_len(dentry->d_name.name, upperdir, 172 dentry->d_name.len); 173 err = PTR_ERR(newdentry); 174 if (IS_ERR(newdentry)) 175 goto out_unlock; 176 err = ovl_create_real(udir, newdentry, stat, link, hardlink, false); 177 if (err) 178 goto out_dput; 179 180 ovl_dentry_version_inc(dentry->d_parent); 181 ovl_dentry_update(dentry, newdentry); 182 ovl_copyattr(newdentry->d_inode, inode); 183 d_instantiate(dentry, inode); 184 newdentry = NULL; 185out_dput: 186 dput(newdentry); 187out_unlock: 188 mutex_unlock(&udir->i_mutex); 189 return err; 190} 191 192static int ovl_lock_rename_workdir(struct dentry *workdir, 193 struct dentry *upperdir) 194{ 195 /* Workdir should not be the same as upperdir */ 196 if (workdir == upperdir) 197 goto err; 198 199 /* Workdir should not be subdir of upperdir and vice versa */ 200 if (lock_rename(workdir, upperdir) != NULL) 201 goto err_unlock; 202 203 return 0; 204 205err_unlock: 206 unlock_rename(workdir, upperdir); 207err: 208 pr_err("overlayfs: failed to lock workdir+upperdir\n"); 209 return -EIO; 210} 211 212static struct dentry *ovl_clear_empty(struct dentry *dentry, 213 struct list_head *list) 214{ 215 struct dentry *workdir = ovl_workdir(dentry); 216 struct inode *wdir = workdir->d_inode; 217 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 218 struct inode *udir = upperdir->d_inode; 219 struct path upperpath; 220 struct dentry *upper; 221 struct dentry *opaquedir; 222 struct kstat stat; 223 int err; 224 225 if (WARN_ON(!workdir)) 226 return ERR_PTR(-EROFS); 227 228 err = ovl_lock_rename_workdir(workdir, upperdir); 229 if (err) 230 goto out; 231 232 ovl_path_upper(dentry, &upperpath); 233 err = vfs_getattr(&upperpath, &stat); 234 if (err) 235 goto out_unlock; 236 237 err = -ESTALE; 238 if (!S_ISDIR(stat.mode)) 239 goto out_unlock; 240 upper = upperpath.dentry; 241 if (upper->d_parent->d_inode != udir) 242 goto out_unlock; 243 244 opaquedir = ovl_lookup_temp(workdir, dentry); 245 err = PTR_ERR(opaquedir); 246 if (IS_ERR(opaquedir)) 247 goto out_unlock; 248 249 err = ovl_create_real(wdir, opaquedir, &stat, NULL, NULL, true); 250 if (err) 251 goto out_dput; 252 253 err = ovl_copy_xattr(upper, opaquedir); 254 if (err) 255 goto out_cleanup; 256 257 err = ovl_set_opaque(opaquedir); 258 if (err) 259 goto out_cleanup; 260 261 mutex_lock(&opaquedir->d_inode->i_mutex); 262 err = ovl_set_attr(opaquedir, &stat); 263 mutex_unlock(&opaquedir->d_inode->i_mutex); 264 if (err) 265 goto out_cleanup; 266 267 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE); 268 if (err) 269 goto out_cleanup; 270 271 ovl_cleanup_whiteouts(upper, list); 272 ovl_cleanup(wdir, upper); 273 unlock_rename(workdir, upperdir); 274 275 /* dentry's upper doesn't match now, get rid of it */ 276 d_drop(dentry); 277 278 return opaquedir; 279 280out_cleanup: 281 ovl_cleanup(wdir, opaquedir); 282out_dput: 283 dput(opaquedir); 284out_unlock: 285 unlock_rename(workdir, upperdir); 286out: 287 return ERR_PTR(err); 288} 289 290static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry) 291{ 292 int err; 293 struct dentry *ret = NULL; 294 LIST_HEAD(list); 295 296 err = ovl_check_empty_dir(dentry, &list); 297 if (err) 298 ret = ERR_PTR(err); 299 else { 300 /* 301 * If no upperdentry then skip clearing whiteouts. 302 * 303 * Can race with copy-up, since we don't hold the upperdir 304 * mutex. Doesn't matter, since copy-up can't create a 305 * non-empty directory from an empty one. 306 */ 307 if (ovl_dentry_upper(dentry)) 308 ret = ovl_clear_empty(dentry, &list); 309 } 310 311 ovl_cache_free(&list); 312 313 return ret; 314} 315 316static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode, 317 struct kstat *stat, const char *link, 318 struct dentry *hardlink) 319{ 320 struct dentry *workdir = ovl_workdir(dentry); 321 struct inode *wdir = workdir->d_inode; 322 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 323 struct inode *udir = upperdir->d_inode; 324 struct dentry *upper; 325 struct dentry *newdentry; 326 int err; 327 328 if (WARN_ON(!workdir)) 329 return -EROFS; 330 331 err = ovl_lock_rename_workdir(workdir, upperdir); 332 if (err) 333 goto out; 334 335 newdentry = ovl_lookup_temp(workdir, dentry); 336 err = PTR_ERR(newdentry); 337 if (IS_ERR(newdentry)) 338 goto out_unlock; 339 340 upper = lookup_one_len(dentry->d_name.name, upperdir, 341 dentry->d_name.len); 342 err = PTR_ERR(upper); 343 if (IS_ERR(upper)) 344 goto out_dput; 345 346 err = ovl_create_real(wdir, newdentry, stat, link, hardlink, true); 347 if (err) 348 goto out_dput2; 349 350 if (S_ISDIR(stat->mode)) { 351 err = ovl_set_opaque(newdentry); 352 if (err) 353 goto out_cleanup; 354 355 err = ovl_do_rename(wdir, newdentry, udir, upper, 356 RENAME_EXCHANGE); 357 if (err) 358 goto out_cleanup; 359 360 ovl_cleanup(wdir, upper); 361 } else { 362 err = ovl_do_rename(wdir, newdentry, udir, upper, 0); 363 if (err) 364 goto out_cleanup; 365 } 366 ovl_dentry_version_inc(dentry->d_parent); 367 ovl_dentry_update(dentry, newdentry); 368 ovl_copyattr(newdentry->d_inode, inode); 369 d_instantiate(dentry, inode); 370 newdentry = NULL; 371out_dput2: 372 dput(upper); 373out_dput: 374 dput(newdentry); 375out_unlock: 376 unlock_rename(workdir, upperdir); 377out: 378 return err; 379 380out_cleanup: 381 ovl_cleanup(wdir, newdentry); 382 goto out_dput2; 383} 384 385static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev, 386 const char *link, struct dentry *hardlink) 387{ 388 int err; 389 struct inode *inode; 390 struct kstat stat = { 391 .mode = mode, 392 .rdev = rdev, 393 }; 394 395 err = -ENOMEM; 396 inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata); 397 if (!inode) 398 goto out; 399 400 err = ovl_copy_up(dentry->d_parent); 401 if (err) 402 goto out_iput; 403 404 if (!ovl_dentry_is_opaque(dentry)) { 405 err = ovl_create_upper(dentry, inode, &stat, link, hardlink); 406 } else { 407 const struct cred *old_cred; 408 struct cred *override_cred; 409 410 err = -ENOMEM; 411 override_cred = prepare_creds(); 412 if (!override_cred) 413 goto out_iput; 414 415 /* 416 * CAP_SYS_ADMIN for setting opaque xattr 417 * CAP_DAC_OVERRIDE for create in workdir, rename 418 * CAP_FOWNER for removing whiteout from sticky dir 419 */ 420 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 421 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 422 cap_raise(override_cred->cap_effective, CAP_FOWNER); 423 old_cred = override_creds(override_cred); 424 425 err = ovl_create_over_whiteout(dentry, inode, &stat, link, 426 hardlink); 427 428 revert_creds(old_cred); 429 put_cred(override_cred); 430 } 431 432 if (!err) 433 inode = NULL; 434out_iput: 435 iput(inode); 436out: 437 return err; 438} 439 440static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev, 441 const char *link) 442{ 443 int err; 444 445 err = ovl_want_write(dentry); 446 if (!err) { 447 err = ovl_create_or_link(dentry, mode, rdev, link, NULL); 448 ovl_drop_write(dentry); 449 } 450 451 return err; 452} 453 454static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode, 455 bool excl) 456{ 457 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL); 458} 459 460static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 461{ 462 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL); 463} 464 465static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, 466 dev_t rdev) 467{ 468 /* Don't allow creation of "whiteout" on overlay */ 469 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV) 470 return -EPERM; 471 472 return ovl_create_object(dentry, mode, rdev, NULL); 473} 474 475static int ovl_symlink(struct inode *dir, struct dentry *dentry, 476 const char *link) 477{ 478 return ovl_create_object(dentry, S_IFLNK, 0, link); 479} 480 481static int ovl_link(struct dentry *old, struct inode *newdir, 482 struct dentry *new) 483{ 484 int err; 485 struct dentry *upper; 486 487 err = ovl_want_write(old); 488 if (err) 489 goto out; 490 491 err = ovl_copy_up(old); 492 if (err) 493 goto out_drop_write; 494 495 upper = ovl_dentry_upper(old); 496 err = ovl_create_or_link(new, upper->d_inode->i_mode, 0, NULL, upper); 497 498out_drop_write: 499 ovl_drop_write(old); 500out: 501 return err; 502} 503 504static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir) 505{ 506 struct dentry *workdir = ovl_workdir(dentry); 507 struct inode *wdir = workdir->d_inode; 508 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 509 struct inode *udir = upperdir->d_inode; 510 struct dentry *whiteout; 511 struct dentry *upper; 512 struct dentry *opaquedir = NULL; 513 int err; 514 515 if (WARN_ON(!workdir)) 516 return -EROFS; 517 518 if (is_dir) { 519 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry))) { 520 opaquedir = ovl_check_empty_and_clear(dentry); 521 err = PTR_ERR(opaquedir); 522 if (IS_ERR(opaquedir)) 523 goto out; 524 } else { 525 LIST_HEAD(list); 526 527 /* 528 * When removing an empty opaque directory, then it 529 * makes no sense to replace it with an exact replica of 530 * itself. But emptiness still needs to be checked. 531 */ 532 err = ovl_check_empty_dir(dentry, &list); 533 ovl_cache_free(&list); 534 if (err) 535 goto out; 536 } 537 } 538 539 err = ovl_lock_rename_workdir(workdir, upperdir); 540 if (err) 541 goto out_dput; 542 543 whiteout = ovl_whiteout(workdir, dentry); 544 err = PTR_ERR(whiteout); 545 if (IS_ERR(whiteout)) 546 goto out_unlock; 547 548 upper = ovl_dentry_upper(dentry); 549 if (!upper) { 550 upper = lookup_one_len(dentry->d_name.name, upperdir, 551 dentry->d_name.len); 552 err = PTR_ERR(upper); 553 if (IS_ERR(upper)) 554 goto kill_whiteout; 555 556 err = ovl_do_rename(wdir, whiteout, udir, upper, 0); 557 dput(upper); 558 if (err) 559 goto kill_whiteout; 560 } else { 561 int flags = 0; 562 563 if (opaquedir) 564 upper = opaquedir; 565 err = -ESTALE; 566 if (upper->d_parent != upperdir) 567 goto kill_whiteout; 568 569 if (is_dir) 570 flags |= RENAME_EXCHANGE; 571 572 err = ovl_do_rename(wdir, whiteout, udir, upper, flags); 573 if (err) 574 goto kill_whiteout; 575 576 if (is_dir) 577 ovl_cleanup(wdir, upper); 578 } 579 ovl_dentry_version_inc(dentry->d_parent); 580out_d_drop: 581 d_drop(dentry); 582 dput(whiteout); 583out_unlock: 584 unlock_rename(workdir, upperdir); 585out_dput: 586 dput(opaquedir); 587out: 588 return err; 589 590kill_whiteout: 591 ovl_cleanup(wdir, whiteout); 592 goto out_d_drop; 593} 594 595static int ovl_remove_upper(struct dentry *dentry, bool is_dir) 596{ 597 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 598 struct inode *dir = upperdir->d_inode; 599 struct dentry *upper = ovl_dentry_upper(dentry); 600 int err; 601 602 mutex_lock_nested(&dir->i_mutex, I_MUTEX_PARENT); 603 err = -ESTALE; 604 if (upper->d_parent == upperdir) { 605 /* Don't let d_delete() think it can reset d_inode */ 606 dget(upper); 607 if (is_dir) 608 err = vfs_rmdir(dir, upper); 609 else 610 err = vfs_unlink(dir, upper, NULL); 611 dput(upper); 612 ovl_dentry_version_inc(dentry->d_parent); 613 } 614 615 /* 616 * Keeping this dentry hashed would mean having to release 617 * upperpath/lowerpath, which could only be done if we are the 618 * sole user of this dentry. Too tricky... Just unhash for 619 * now. 620 */ 621 if (!err) 622 d_drop(dentry); 623 mutex_unlock(&dir->i_mutex); 624 625 return err; 626} 627 628static inline int ovl_check_sticky(struct dentry *dentry) 629{ 630 struct inode *dir = ovl_dentry_real(dentry->d_parent)->d_inode; 631 struct inode *inode = ovl_dentry_real(dentry)->d_inode; 632 633 if (check_sticky(dir, inode)) 634 return -EPERM; 635 636 return 0; 637} 638 639static int ovl_do_remove(struct dentry *dentry, bool is_dir) 640{ 641 enum ovl_path_type type; 642 int err; 643 644 err = ovl_check_sticky(dentry); 645 if (err) 646 goto out; 647 648 err = ovl_want_write(dentry); 649 if (err) 650 goto out; 651 652 err = ovl_copy_up(dentry->d_parent); 653 if (err) 654 goto out_drop_write; 655 656 type = ovl_path_type(dentry); 657 if (OVL_TYPE_PURE_UPPER(type)) { 658 err = ovl_remove_upper(dentry, is_dir); 659 } else { 660 const struct cred *old_cred; 661 struct cred *override_cred; 662 663 err = -ENOMEM; 664 override_cred = prepare_creds(); 665 if (!override_cred) 666 goto out_drop_write; 667 668 /* 669 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir 670 * CAP_DAC_OVERRIDE for create in workdir, rename 671 * CAP_FOWNER for removing whiteout from sticky dir 672 * CAP_FSETID for chmod of opaque dir 673 * CAP_CHOWN for chown of opaque dir 674 */ 675 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 676 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 677 cap_raise(override_cred->cap_effective, CAP_FOWNER); 678 cap_raise(override_cred->cap_effective, CAP_FSETID); 679 cap_raise(override_cred->cap_effective, CAP_CHOWN); 680 old_cred = override_creds(override_cred); 681 682 err = ovl_remove_and_whiteout(dentry, is_dir); 683 684 revert_creds(old_cred); 685 put_cred(override_cred); 686 } 687out_drop_write: 688 ovl_drop_write(dentry); 689out: 690 return err; 691} 692 693static int ovl_unlink(struct inode *dir, struct dentry *dentry) 694{ 695 return ovl_do_remove(dentry, false); 696} 697 698static int ovl_rmdir(struct inode *dir, struct dentry *dentry) 699{ 700 return ovl_do_remove(dentry, true); 701} 702 703static int ovl_rename2(struct inode *olddir, struct dentry *old, 704 struct inode *newdir, struct dentry *new, 705 unsigned int flags) 706{ 707 int err; 708 enum ovl_path_type old_type; 709 enum ovl_path_type new_type; 710 struct dentry *old_upperdir; 711 struct dentry *new_upperdir; 712 struct dentry *olddentry; 713 struct dentry *newdentry; 714 struct dentry *trap; 715 bool old_opaque; 716 bool new_opaque; 717 bool new_create = false; 718 bool cleanup_whiteout = false; 719 bool overwrite = !(flags & RENAME_EXCHANGE); 720 bool is_dir = d_is_dir(old); 721 bool new_is_dir = false; 722 struct dentry *opaquedir = NULL; 723 const struct cred *old_cred = NULL; 724 struct cred *override_cred = NULL; 725 726 err = -EINVAL; 727 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE)) 728 goto out; 729 730 flags &= ~RENAME_NOREPLACE; 731 732 err = ovl_check_sticky(old); 733 if (err) 734 goto out; 735 736 /* Don't copy up directory trees */ 737 old_type = ovl_path_type(old); 738 err = -EXDEV; 739 if (OVL_TYPE_MERGE_OR_LOWER(old_type) && is_dir) 740 goto out; 741 742 if (new->d_inode) { 743 err = ovl_check_sticky(new); 744 if (err) 745 goto out; 746 747 if (d_is_dir(new)) 748 new_is_dir = true; 749 750 new_type = ovl_path_type(new); 751 err = -EXDEV; 752 if (!overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) 753 goto out; 754 755 err = 0; 756 if (!OVL_TYPE_UPPER(new_type) && !OVL_TYPE_UPPER(old_type)) { 757 if (ovl_dentry_lower(old)->d_inode == 758 ovl_dentry_lower(new)->d_inode) 759 goto out; 760 } 761 if (OVL_TYPE_UPPER(new_type) && OVL_TYPE_UPPER(old_type)) { 762 if (ovl_dentry_upper(old)->d_inode == 763 ovl_dentry_upper(new)->d_inode) 764 goto out; 765 } 766 } else { 767 if (ovl_dentry_is_opaque(new)) 768 new_type = __OVL_PATH_UPPER; 769 else 770 new_type = __OVL_PATH_UPPER | __OVL_PATH_PURE; 771 } 772 773 err = ovl_want_write(old); 774 if (err) 775 goto out; 776 777 err = ovl_copy_up(old); 778 if (err) 779 goto out_drop_write; 780 781 err = ovl_copy_up(new->d_parent); 782 if (err) 783 goto out_drop_write; 784 if (!overwrite) { 785 err = ovl_copy_up(new); 786 if (err) 787 goto out_drop_write; 788 } 789 790 old_opaque = !OVL_TYPE_PURE_UPPER(old_type); 791 new_opaque = !OVL_TYPE_PURE_UPPER(new_type); 792 793 if (old_opaque || new_opaque) { 794 err = -ENOMEM; 795 override_cred = prepare_creds(); 796 if (!override_cred) 797 goto out_drop_write; 798 799 /* 800 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir 801 * CAP_DAC_OVERRIDE for create in workdir 802 * CAP_FOWNER for removing whiteout from sticky dir 803 * CAP_FSETID for chmod of opaque dir 804 * CAP_CHOWN for chown of opaque dir 805 */ 806 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 807 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 808 cap_raise(override_cred->cap_effective, CAP_FOWNER); 809 cap_raise(override_cred->cap_effective, CAP_FSETID); 810 cap_raise(override_cred->cap_effective, CAP_CHOWN); 811 old_cred = override_creds(override_cred); 812 } 813 814 if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) { 815 opaquedir = ovl_check_empty_and_clear(new); 816 err = PTR_ERR(opaquedir); 817 if (IS_ERR(opaquedir)) { 818 opaquedir = NULL; 819 goto out_revert_creds; 820 } 821 } 822 823 if (overwrite) { 824 if (old_opaque) { 825 if (new->d_inode || !new_opaque) { 826 /* Whiteout source */ 827 flags |= RENAME_WHITEOUT; 828 } else { 829 /* Switch whiteouts */ 830 flags |= RENAME_EXCHANGE; 831 } 832 } else if (is_dir && !new->d_inode && new_opaque) { 833 flags |= RENAME_EXCHANGE; 834 cleanup_whiteout = true; 835 } 836 } 837 838 old_upperdir = ovl_dentry_upper(old->d_parent); 839 new_upperdir = ovl_dentry_upper(new->d_parent); 840 841 trap = lock_rename(new_upperdir, old_upperdir); 842 843 olddentry = ovl_dentry_upper(old); 844 newdentry = ovl_dentry_upper(new); 845 if (newdentry) { 846 if (opaquedir) { 847 newdentry = opaquedir; 848 opaquedir = NULL; 849 } else { 850 dget(newdentry); 851 } 852 } else { 853 new_create = true; 854 newdentry = lookup_one_len(new->d_name.name, new_upperdir, 855 new->d_name.len); 856 err = PTR_ERR(newdentry); 857 if (IS_ERR(newdentry)) 858 goto out_unlock; 859 } 860 861 err = -ESTALE; 862 if (olddentry->d_parent != old_upperdir) 863 goto out_dput; 864 if (newdentry->d_parent != new_upperdir) 865 goto out_dput; 866 if (olddentry == trap) 867 goto out_dput; 868 if (newdentry == trap) 869 goto out_dput; 870 871 if (is_dir && !old_opaque && new_opaque) { 872 err = ovl_set_opaque(olddentry); 873 if (err) 874 goto out_dput; 875 } 876 if (!overwrite && new_is_dir && old_opaque && !new_opaque) { 877 err = ovl_set_opaque(newdentry); 878 if (err) 879 goto out_dput; 880 } 881 882 if (old_opaque || new_opaque) { 883 err = ovl_do_rename(old_upperdir->d_inode, olddentry, 884 new_upperdir->d_inode, newdentry, 885 flags); 886 } else { 887 /* No debug for the plain case */ 888 BUG_ON(flags & ~RENAME_EXCHANGE); 889 err = vfs_rename(old_upperdir->d_inode, olddentry, 890 new_upperdir->d_inode, newdentry, 891 NULL, flags); 892 } 893 894 if (err) { 895 if (is_dir && !old_opaque && new_opaque) 896 ovl_remove_opaque(olddentry); 897 if (!overwrite && new_is_dir && old_opaque && !new_opaque) 898 ovl_remove_opaque(newdentry); 899 goto out_dput; 900 } 901 902 if (is_dir && old_opaque && !new_opaque) 903 ovl_remove_opaque(olddentry); 904 if (!overwrite && new_is_dir && !old_opaque && new_opaque) 905 ovl_remove_opaque(newdentry); 906 907 /* 908 * Old dentry now lives in different location. Dentries in 909 * lowerstack are stale. We cannot drop them here because 910 * access to them is lockless. This could be only pure upper 911 * or opaque directory - numlower is zero. Or upper non-dir 912 * entry - its pureness is tracked by flag opaque. 913 */ 914 if (old_opaque != new_opaque) { 915 ovl_dentry_set_opaque(old, new_opaque); 916 if (!overwrite) 917 ovl_dentry_set_opaque(new, old_opaque); 918 } 919 920 if (cleanup_whiteout) 921 ovl_cleanup(old_upperdir->d_inode, newdentry); 922 923 ovl_dentry_version_inc(old->d_parent); 924 ovl_dentry_version_inc(new->d_parent); 925 926out_dput: 927 dput(newdentry); 928out_unlock: 929 unlock_rename(new_upperdir, old_upperdir); 930out_revert_creds: 931 if (old_opaque || new_opaque) { 932 revert_creds(old_cred); 933 put_cred(override_cred); 934 } 935out_drop_write: 936 ovl_drop_write(old); 937out: 938 dput(opaquedir); 939 return err; 940} 941 942const struct inode_operations ovl_dir_inode_operations = { 943 .lookup = ovl_lookup, 944 .mkdir = ovl_mkdir, 945 .symlink = ovl_symlink, 946 .unlink = ovl_unlink, 947 .rmdir = ovl_rmdir, 948 .rename2 = ovl_rename2, 949 .link = ovl_link, 950 .setattr = ovl_setattr, 951 .create = ovl_create, 952 .mknod = ovl_mknod, 953 .permission = ovl_permission, 954 .getattr = ovl_dir_getattr, 955 .setxattr = ovl_setxattr, 956 .getxattr = ovl_getxattr, 957 .listxattr = ovl_listxattr, 958 .removexattr = ovl_removexattr, 959}; 960