1/* 2 * 3 * Copyright (C) 2011 Novell Inc. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 as published by 7 * the Free Software Foundation. 8 */ 9 10#include <linux/fs.h> 11#include <linux/slab.h> 12#include <linux/xattr.h> 13#include "overlayfs.h" 14 15static int ovl_copy_up_truncate(struct dentry *dentry) 16{ 17 int err; 18 struct dentry *parent; 19 struct kstat stat; 20 struct path lowerpath; 21 22 parent = dget_parent(dentry); 23 err = ovl_copy_up(parent); 24 if (err) 25 goto out_dput_parent; 26 27 ovl_path_lower(dentry, &lowerpath); 28 err = vfs_getattr(&lowerpath, &stat); 29 if (err) 30 goto out_dput_parent; 31 32 stat.size = 0; 33 err = ovl_copy_up_one(parent, dentry, &lowerpath, &stat); 34 35out_dput_parent: 36 dput(parent); 37 return err; 38} 39 40int ovl_setattr(struct dentry *dentry, struct iattr *attr) 41{ 42 int err; 43 struct dentry *upperdentry; 44 45 /* 46 * Check for permissions before trying to copy-up. This is redundant 47 * since it will be rechecked later by ->setattr() on upper dentry. But 48 * without this, copy-up can be triggered by just about anybody. 49 * 50 * We don't initialize inode->size, which just means that 51 * inode_newsize_ok() will always check against MAX_LFS_FILESIZE and not 52 * check for a swapfile (which this won't be anyway). 53 */ 54 err = inode_change_ok(dentry->d_inode, attr); 55 if (err) 56 return err; 57 58 err = ovl_want_write(dentry); 59 if (err) 60 goto out; 61 62 err = ovl_copy_up(dentry); 63 if (!err) { 64 upperdentry = ovl_dentry_upper(dentry); 65 66 mutex_lock(&upperdentry->d_inode->i_mutex); 67 err = notify_change(upperdentry, attr, NULL); 68 if (!err) 69 ovl_copyattr(upperdentry->d_inode, dentry->d_inode); 70 mutex_unlock(&upperdentry->d_inode->i_mutex); 71 } 72 ovl_drop_write(dentry); 73out: 74 return err; 75} 76 77static int ovl_getattr(struct vfsmount *mnt, struct dentry *dentry, 78 struct kstat *stat) 79{ 80 struct path realpath; 81 82 ovl_path_real(dentry, &realpath); 83 return vfs_getattr(&realpath, stat); 84} 85 86int ovl_permission(struct inode *inode, int mask) 87{ 88 struct ovl_entry *oe; 89 struct dentry *alias = NULL; 90 struct inode *realinode; 91 struct dentry *realdentry; 92 bool is_upper; 93 int err; 94 95 if (S_ISDIR(inode->i_mode)) { 96 oe = inode->i_private; 97 } else if (mask & MAY_NOT_BLOCK) { 98 return -ECHILD; 99 } else { 100 /* 101 * For non-directories find an alias and get the info 102 * from there. 103 */ 104 alias = d_find_any_alias(inode); 105 if (WARN_ON(!alias)) 106 return -ENOENT; 107 108 oe = alias->d_fsdata; 109 } 110 111 realdentry = ovl_entry_real(oe, &is_upper); 112 113 /* Careful in RCU walk mode */ 114 realinode = ACCESS_ONCE(realdentry->d_inode); 115 if (!realinode) { 116 WARN_ON(!(mask & MAY_NOT_BLOCK)); 117 err = -ENOENT; 118 goto out_dput; 119 } 120 121 if (mask & MAY_WRITE) { 122 umode_t mode = realinode->i_mode; 123 124 /* 125 * Writes will always be redirected to upper layer, so 126 * ignore lower layer being read-only. 127 * 128 * If the overlay itself is read-only then proceed 129 * with the permission check, don't return EROFS. 130 * This will only happen if this is the lower layer of 131 * another overlayfs. 132 * 133 * If upper fs becomes read-only after the overlay was 134 * constructed return EROFS to prevent modification of 135 * upper layer. 136 */ 137 err = -EROFS; 138 if (is_upper && !IS_RDONLY(inode) && IS_RDONLY(realinode) && 139 (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) 140 goto out_dput; 141 } 142 143 err = __inode_permission(realinode, mask); 144out_dput: 145 dput(alias); 146 return err; 147} 148 149 150struct ovl_link_data { 151 struct dentry *realdentry; 152 void *cookie; 153}; 154 155static const char *ovl_follow_link(struct dentry *dentry, void **cookie) 156{ 157 struct dentry *realdentry; 158 struct inode *realinode; 159 struct ovl_link_data *data = NULL; 160 const char *ret; 161 162 realdentry = ovl_dentry_real(dentry); 163 realinode = realdentry->d_inode; 164 165 if (WARN_ON(!realinode->i_op->follow_link)) 166 return ERR_PTR(-EPERM); 167 168 if (realinode->i_op->put_link) { 169 data = kmalloc(sizeof(struct ovl_link_data), GFP_KERNEL); 170 if (!data) 171 return ERR_PTR(-ENOMEM); 172 data->realdentry = realdentry; 173 } 174 175 ret = realinode->i_op->follow_link(realdentry, cookie); 176 if (IS_ERR_OR_NULL(ret)) { 177 kfree(data); 178 return ret; 179 } 180 181 if (data) 182 data->cookie = *cookie; 183 184 *cookie = data; 185 186 return ret; 187} 188 189static void ovl_put_link(struct inode *unused, void *c) 190{ 191 struct inode *realinode; 192 struct ovl_link_data *data = c; 193 194 if (!data) 195 return; 196 197 realinode = data->realdentry->d_inode; 198 realinode->i_op->put_link(realinode, data->cookie); 199 kfree(data); 200} 201 202static int ovl_readlink(struct dentry *dentry, char __user *buf, int bufsiz) 203{ 204 struct path realpath; 205 struct inode *realinode; 206 207 ovl_path_real(dentry, &realpath); 208 realinode = realpath.dentry->d_inode; 209 210 if (!realinode->i_op->readlink) 211 return -EINVAL; 212 213 touch_atime(&realpath); 214 215 return realinode->i_op->readlink(realpath.dentry, buf, bufsiz); 216} 217 218 219static bool ovl_is_private_xattr(const char *name) 220{ 221 return strncmp(name, OVL_XATTR_PRE_NAME, OVL_XATTR_PRE_LEN) == 0; 222} 223 224int ovl_setxattr(struct dentry *dentry, const char *name, 225 const void *value, size_t size, int flags) 226{ 227 int err; 228 struct dentry *upperdentry; 229 230 err = ovl_want_write(dentry); 231 if (err) 232 goto out; 233 234 err = -EPERM; 235 if (ovl_is_private_xattr(name)) 236 goto out_drop_write; 237 238 err = ovl_copy_up(dentry); 239 if (err) 240 goto out_drop_write; 241 242 upperdentry = ovl_dentry_upper(dentry); 243 err = vfs_setxattr(upperdentry, name, value, size, flags); 244 245out_drop_write: 246 ovl_drop_write(dentry); 247out: 248 return err; 249} 250 251static bool ovl_need_xattr_filter(struct dentry *dentry, 252 enum ovl_path_type type) 253{ 254 if ((type & (__OVL_PATH_PURE | __OVL_PATH_UPPER)) == __OVL_PATH_UPPER) 255 return S_ISDIR(dentry->d_inode->i_mode); 256 else 257 return false; 258} 259 260ssize_t ovl_getxattr(struct dentry *dentry, const char *name, 261 void *value, size_t size) 262{ 263 struct path realpath; 264 enum ovl_path_type type = ovl_path_real(dentry, &realpath); 265 266 if (ovl_need_xattr_filter(dentry, type) && ovl_is_private_xattr(name)) 267 return -ENODATA; 268 269 return vfs_getxattr(realpath.dentry, name, value, size); 270} 271 272ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size) 273{ 274 struct path realpath; 275 enum ovl_path_type type = ovl_path_real(dentry, &realpath); 276 ssize_t res; 277 int off; 278 279 res = vfs_listxattr(realpath.dentry, list, size); 280 if (res <= 0 || size == 0) 281 return res; 282 283 if (!ovl_need_xattr_filter(dentry, type)) 284 return res; 285 286 /* filter out private xattrs */ 287 for (off = 0; off < res;) { 288 char *s = list + off; 289 size_t slen = strlen(s) + 1; 290 291 BUG_ON(off + slen > res); 292 293 if (ovl_is_private_xattr(s)) { 294 res -= slen; 295 memmove(s, s + slen, res - off); 296 } else { 297 off += slen; 298 } 299 } 300 301 return res; 302} 303 304int ovl_removexattr(struct dentry *dentry, const char *name) 305{ 306 int err; 307 struct path realpath; 308 enum ovl_path_type type = ovl_path_real(dentry, &realpath); 309 310 err = ovl_want_write(dentry); 311 if (err) 312 goto out; 313 314 err = -ENODATA; 315 if (ovl_need_xattr_filter(dentry, type) && ovl_is_private_xattr(name)) 316 goto out_drop_write; 317 318 if (!OVL_TYPE_UPPER(type)) { 319 err = vfs_getxattr(realpath.dentry, name, NULL, 0); 320 if (err < 0) 321 goto out_drop_write; 322 323 err = ovl_copy_up(dentry); 324 if (err) 325 goto out_drop_write; 326 327 ovl_path_upper(dentry, &realpath); 328 } 329 330 err = vfs_removexattr(realpath.dentry, name); 331out_drop_write: 332 ovl_drop_write(dentry); 333out: 334 return err; 335} 336 337static bool ovl_open_need_copy_up(int flags, enum ovl_path_type type, 338 struct dentry *realdentry) 339{ 340 if (OVL_TYPE_UPPER(type)) 341 return false; 342 343 if (special_file(realdentry->d_inode->i_mode)) 344 return false; 345 346 if (!(OPEN_FMODE(flags) & FMODE_WRITE) && !(flags & O_TRUNC)) 347 return false; 348 349 return true; 350} 351 352struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags) 353{ 354 int err; 355 struct path realpath; 356 enum ovl_path_type type; 357 358 if (d_is_dir(dentry)) 359 return d_backing_inode(dentry); 360 361 type = ovl_path_real(dentry, &realpath); 362 if (ovl_open_need_copy_up(file_flags, type, realpath.dentry)) { 363 err = ovl_want_write(dentry); 364 if (err) 365 return ERR_PTR(err); 366 367 if (file_flags & O_TRUNC) 368 err = ovl_copy_up_truncate(dentry); 369 else 370 err = ovl_copy_up(dentry); 371 ovl_drop_write(dentry); 372 if (err) 373 return ERR_PTR(err); 374 375 ovl_path_upper(dentry, &realpath); 376 } 377 378 if (realpath.dentry->d_flags & DCACHE_OP_SELECT_INODE) 379 return realpath.dentry->d_op->d_select_inode(realpath.dentry, file_flags); 380 381 return d_backing_inode(realpath.dentry); 382} 383 384static const struct inode_operations ovl_file_inode_operations = { 385 .setattr = ovl_setattr, 386 .permission = ovl_permission, 387 .getattr = ovl_getattr, 388 .setxattr = ovl_setxattr, 389 .getxattr = ovl_getxattr, 390 .listxattr = ovl_listxattr, 391 .removexattr = ovl_removexattr, 392}; 393 394static const struct inode_operations ovl_symlink_inode_operations = { 395 .setattr = ovl_setattr, 396 .follow_link = ovl_follow_link, 397 .put_link = ovl_put_link, 398 .readlink = ovl_readlink, 399 .getattr = ovl_getattr, 400 .setxattr = ovl_setxattr, 401 .getxattr = ovl_getxattr, 402 .listxattr = ovl_listxattr, 403 .removexattr = ovl_removexattr, 404}; 405 406struct inode *ovl_new_inode(struct super_block *sb, umode_t mode, 407 struct ovl_entry *oe) 408{ 409 struct inode *inode; 410 411 inode = new_inode(sb); 412 if (!inode) 413 return NULL; 414 415 mode &= S_IFMT; 416 417 inode->i_ino = get_next_ino(); 418 inode->i_mode = mode; 419 inode->i_flags |= S_NOATIME | S_NOCMTIME; 420 421 switch (mode) { 422 case S_IFDIR: 423 inode->i_private = oe; 424 inode->i_op = &ovl_dir_inode_operations; 425 inode->i_fop = &ovl_dir_operations; 426 break; 427 428 case S_IFLNK: 429 inode->i_op = &ovl_symlink_inode_operations; 430 break; 431 432 case S_IFREG: 433 case S_IFSOCK: 434 case S_IFBLK: 435 case S_IFCHR: 436 case S_IFIFO: 437 inode->i_op = &ovl_file_inode_operations; 438 break; 439 440 default: 441 WARN(1, "illegal file type: %i\n", mode); 442 iput(inode); 443 inode = NULL; 444 } 445 446 return inode; 447} 448