1/*
2 *
3 * Copyright (C) 2011 Novell Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
8 */
9
10#include <linux/fs.h>
11#include <linux/slab.h>
12#include <linux/xattr.h>
13#include "overlayfs.h"
14
15static int ovl_copy_up_truncate(struct dentry *dentry)
16{
17	int err;
18	struct dentry *parent;
19	struct kstat stat;
20	struct path lowerpath;
21
22	parent = dget_parent(dentry);
23	err = ovl_copy_up(parent);
24	if (err)
25		goto out_dput_parent;
26
27	ovl_path_lower(dentry, &lowerpath);
28	err = vfs_getattr(&lowerpath, &stat);
29	if (err)
30		goto out_dput_parent;
31
32	stat.size = 0;
33	err = ovl_copy_up_one(parent, dentry, &lowerpath, &stat);
34
35out_dput_parent:
36	dput(parent);
37	return err;
38}
39
40int ovl_setattr(struct dentry *dentry, struct iattr *attr)
41{
42	int err;
43	struct dentry *upperdentry;
44
45	/*
46	 * Check for permissions before trying to copy-up.  This is redundant
47	 * since it will be rechecked later by ->setattr() on upper dentry.  But
48	 * without this, copy-up can be triggered by just about anybody.
49	 *
50	 * We don't initialize inode->size, which just means that
51	 * inode_newsize_ok() will always check against MAX_LFS_FILESIZE and not
52	 * check for a swapfile (which this won't be anyway).
53	 */
54	err = inode_change_ok(dentry->d_inode, attr);
55	if (err)
56		return err;
57
58	err = ovl_want_write(dentry);
59	if (err)
60		goto out;
61
62	err = ovl_copy_up(dentry);
63	if (!err) {
64		upperdentry = ovl_dentry_upper(dentry);
65
66		mutex_lock(&upperdentry->d_inode->i_mutex);
67		err = notify_change(upperdentry, attr, NULL);
68		if (!err)
69			ovl_copyattr(upperdentry->d_inode, dentry->d_inode);
70		mutex_unlock(&upperdentry->d_inode->i_mutex);
71	}
72	ovl_drop_write(dentry);
73out:
74	return err;
75}
76
77static int ovl_getattr(struct vfsmount *mnt, struct dentry *dentry,
78			 struct kstat *stat)
79{
80	struct path realpath;
81
82	ovl_path_real(dentry, &realpath);
83	return vfs_getattr(&realpath, stat);
84}
85
86int ovl_permission(struct inode *inode, int mask)
87{
88	struct ovl_entry *oe;
89	struct dentry *alias = NULL;
90	struct inode *realinode;
91	struct dentry *realdentry;
92	bool is_upper;
93	int err;
94
95	if (S_ISDIR(inode->i_mode)) {
96		oe = inode->i_private;
97	} else if (mask & MAY_NOT_BLOCK) {
98		return -ECHILD;
99	} else {
100		/*
101		 * For non-directories find an alias and get the info
102		 * from there.
103		 */
104		alias = d_find_any_alias(inode);
105		if (WARN_ON(!alias))
106			return -ENOENT;
107
108		oe = alias->d_fsdata;
109	}
110
111	realdentry = ovl_entry_real(oe, &is_upper);
112
113	/* Careful in RCU walk mode */
114	realinode = ACCESS_ONCE(realdentry->d_inode);
115	if (!realinode) {
116		WARN_ON(!(mask & MAY_NOT_BLOCK));
117		err = -ENOENT;
118		goto out_dput;
119	}
120
121	if (mask & MAY_WRITE) {
122		umode_t mode = realinode->i_mode;
123
124		/*
125		 * Writes will always be redirected to upper layer, so
126		 * ignore lower layer being read-only.
127		 *
128		 * If the overlay itself is read-only then proceed
129		 * with the permission check, don't return EROFS.
130		 * This will only happen if this is the lower layer of
131		 * another overlayfs.
132		 *
133		 * If upper fs becomes read-only after the overlay was
134		 * constructed return EROFS to prevent modification of
135		 * upper layer.
136		 */
137		err = -EROFS;
138		if (is_upper && !IS_RDONLY(inode) && IS_RDONLY(realinode) &&
139		    (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
140			goto out_dput;
141	}
142
143	err = __inode_permission(realinode, mask);
144out_dput:
145	dput(alias);
146	return err;
147}
148
149
150struct ovl_link_data {
151	struct dentry *realdentry;
152	void *cookie;
153};
154
155static const char *ovl_follow_link(struct dentry *dentry, void **cookie)
156{
157	struct dentry *realdentry;
158	struct inode *realinode;
159	struct ovl_link_data *data = NULL;
160	const char *ret;
161
162	realdentry = ovl_dentry_real(dentry);
163	realinode = realdentry->d_inode;
164
165	if (WARN_ON(!realinode->i_op->follow_link))
166		return ERR_PTR(-EPERM);
167
168	if (realinode->i_op->put_link) {
169		data = kmalloc(sizeof(struct ovl_link_data), GFP_KERNEL);
170		if (!data)
171			return ERR_PTR(-ENOMEM);
172		data->realdentry = realdentry;
173	}
174
175	ret = realinode->i_op->follow_link(realdentry, cookie);
176	if (IS_ERR_OR_NULL(ret)) {
177		kfree(data);
178		return ret;
179	}
180
181	if (data)
182		data->cookie = *cookie;
183
184	*cookie = data;
185
186	return ret;
187}
188
189static void ovl_put_link(struct inode *unused, void *c)
190{
191	struct inode *realinode;
192	struct ovl_link_data *data = c;
193
194	if (!data)
195		return;
196
197	realinode = data->realdentry->d_inode;
198	realinode->i_op->put_link(realinode, data->cookie);
199	kfree(data);
200}
201
202static int ovl_readlink(struct dentry *dentry, char __user *buf, int bufsiz)
203{
204	struct path realpath;
205	struct inode *realinode;
206
207	ovl_path_real(dentry, &realpath);
208	realinode = realpath.dentry->d_inode;
209
210	if (!realinode->i_op->readlink)
211		return -EINVAL;
212
213	touch_atime(&realpath);
214
215	return realinode->i_op->readlink(realpath.dentry, buf, bufsiz);
216}
217
218
219static bool ovl_is_private_xattr(const char *name)
220{
221	return strncmp(name, OVL_XATTR_PRE_NAME, OVL_XATTR_PRE_LEN) == 0;
222}
223
224int ovl_setxattr(struct dentry *dentry, const char *name,
225		 const void *value, size_t size, int flags)
226{
227	int err;
228	struct dentry *upperdentry;
229
230	err = ovl_want_write(dentry);
231	if (err)
232		goto out;
233
234	err = -EPERM;
235	if (ovl_is_private_xattr(name))
236		goto out_drop_write;
237
238	err = ovl_copy_up(dentry);
239	if (err)
240		goto out_drop_write;
241
242	upperdentry = ovl_dentry_upper(dentry);
243	err = vfs_setxattr(upperdentry, name, value, size, flags);
244
245out_drop_write:
246	ovl_drop_write(dentry);
247out:
248	return err;
249}
250
251static bool ovl_need_xattr_filter(struct dentry *dentry,
252				  enum ovl_path_type type)
253{
254	if ((type & (__OVL_PATH_PURE | __OVL_PATH_UPPER)) == __OVL_PATH_UPPER)
255		return S_ISDIR(dentry->d_inode->i_mode);
256	else
257		return false;
258}
259
260ssize_t ovl_getxattr(struct dentry *dentry, const char *name,
261		     void *value, size_t size)
262{
263	struct path realpath;
264	enum ovl_path_type type = ovl_path_real(dentry, &realpath);
265
266	if (ovl_need_xattr_filter(dentry, type) && ovl_is_private_xattr(name))
267		return -ENODATA;
268
269	return vfs_getxattr(realpath.dentry, name, value, size);
270}
271
272ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
273{
274	struct path realpath;
275	enum ovl_path_type type = ovl_path_real(dentry, &realpath);
276	ssize_t res;
277	int off;
278
279	res = vfs_listxattr(realpath.dentry, list, size);
280	if (res <= 0 || size == 0)
281		return res;
282
283	if (!ovl_need_xattr_filter(dentry, type))
284		return res;
285
286	/* filter out private xattrs */
287	for (off = 0; off < res;) {
288		char *s = list + off;
289		size_t slen = strlen(s) + 1;
290
291		BUG_ON(off + slen > res);
292
293		if (ovl_is_private_xattr(s)) {
294			res -= slen;
295			memmove(s, s + slen, res - off);
296		} else {
297			off += slen;
298		}
299	}
300
301	return res;
302}
303
304int ovl_removexattr(struct dentry *dentry, const char *name)
305{
306	int err;
307	struct path realpath;
308	enum ovl_path_type type = ovl_path_real(dentry, &realpath);
309
310	err = ovl_want_write(dentry);
311	if (err)
312		goto out;
313
314	err = -ENODATA;
315	if (ovl_need_xattr_filter(dentry, type) && ovl_is_private_xattr(name))
316		goto out_drop_write;
317
318	if (!OVL_TYPE_UPPER(type)) {
319		err = vfs_getxattr(realpath.dentry, name, NULL, 0);
320		if (err < 0)
321			goto out_drop_write;
322
323		err = ovl_copy_up(dentry);
324		if (err)
325			goto out_drop_write;
326
327		ovl_path_upper(dentry, &realpath);
328	}
329
330	err = vfs_removexattr(realpath.dentry, name);
331out_drop_write:
332	ovl_drop_write(dentry);
333out:
334	return err;
335}
336
337static bool ovl_open_need_copy_up(int flags, enum ovl_path_type type,
338				  struct dentry *realdentry)
339{
340	if (OVL_TYPE_UPPER(type))
341		return false;
342
343	if (special_file(realdentry->d_inode->i_mode))
344		return false;
345
346	if (!(OPEN_FMODE(flags) & FMODE_WRITE) && !(flags & O_TRUNC))
347		return false;
348
349	return true;
350}
351
352struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags)
353{
354	int err;
355	struct path realpath;
356	enum ovl_path_type type;
357
358	if (d_is_dir(dentry))
359		return d_backing_inode(dentry);
360
361	type = ovl_path_real(dentry, &realpath);
362	if (ovl_open_need_copy_up(file_flags, type, realpath.dentry)) {
363		err = ovl_want_write(dentry);
364		if (err)
365			return ERR_PTR(err);
366
367		if (file_flags & O_TRUNC)
368			err = ovl_copy_up_truncate(dentry);
369		else
370			err = ovl_copy_up(dentry);
371		ovl_drop_write(dentry);
372		if (err)
373			return ERR_PTR(err);
374
375		ovl_path_upper(dentry, &realpath);
376	}
377
378	if (realpath.dentry->d_flags & DCACHE_OP_SELECT_INODE)
379		return realpath.dentry->d_op->d_select_inode(realpath.dentry, file_flags);
380
381	return d_backing_inode(realpath.dentry);
382}
383
384static const struct inode_operations ovl_file_inode_operations = {
385	.setattr	= ovl_setattr,
386	.permission	= ovl_permission,
387	.getattr	= ovl_getattr,
388	.setxattr	= ovl_setxattr,
389	.getxattr	= ovl_getxattr,
390	.listxattr	= ovl_listxattr,
391	.removexattr	= ovl_removexattr,
392};
393
394static const struct inode_operations ovl_symlink_inode_operations = {
395	.setattr	= ovl_setattr,
396	.follow_link	= ovl_follow_link,
397	.put_link	= ovl_put_link,
398	.readlink	= ovl_readlink,
399	.getattr	= ovl_getattr,
400	.setxattr	= ovl_setxattr,
401	.getxattr	= ovl_getxattr,
402	.listxattr	= ovl_listxattr,
403	.removexattr	= ovl_removexattr,
404};
405
406struct inode *ovl_new_inode(struct super_block *sb, umode_t mode,
407			    struct ovl_entry *oe)
408{
409	struct inode *inode;
410
411	inode = new_inode(sb);
412	if (!inode)
413		return NULL;
414
415	mode &= S_IFMT;
416
417	inode->i_ino = get_next_ino();
418	inode->i_mode = mode;
419	inode->i_flags |= S_NOATIME | S_NOCMTIME;
420
421	switch (mode) {
422	case S_IFDIR:
423		inode->i_private = oe;
424		inode->i_op = &ovl_dir_inode_operations;
425		inode->i_fop = &ovl_dir_operations;
426		break;
427
428	case S_IFLNK:
429		inode->i_op = &ovl_symlink_inode_operations;
430		break;
431
432	case S_IFREG:
433	case S_IFSOCK:
434	case S_IFBLK:
435	case S_IFCHR:
436	case S_IFIFO:
437		inode->i_op = &ovl_file_inode_operations;
438		break;
439
440	default:
441		WARN(1, "illegal file type: %i\n", mode);
442		iput(inode);
443		inode = NULL;
444	}
445
446	return inode;
447}
448