This source file includes following definitions.
- ovl_check_redirect
- ovl_acceptable
- ovl_check_fh_len
- ovl_get_fh
- ovl_decode_real_fh
- ovl_is_opaquedir
- ovl_lookup_single
- ovl_lookup_layer
- ovl_check_origin_fh
- ovl_check_origin
- ovl_verify_fh
- ovl_verify_set_fh
- ovl_index_upper
- ovl_is_temp_index
- ovl_verify_index
- ovl_get_index_name_fh
- ovl_get_index_name
- ovl_get_index_fh
- ovl_lookup_index
- ovl_path_next
- ovl_fix_origin
- ovl_lookup
- ovl_lower_positive
1
2
3
4
5
6
7 #include <linux/fs.h>
8 #include <linux/cred.h>
9 #include <linux/ctype.h>
10 #include <linux/namei.h>
11 #include <linux/xattr.h>
12 #include <linux/ratelimit.h>
13 #include <linux/mount.h>
14 #include <linux/exportfs.h>
15 #include "overlayfs.h"
16
17 struct ovl_lookup_data {
18 struct super_block *sb;
19 struct qstr name;
20 bool is_dir;
21 bool opaque;
22 bool stop;
23 bool last;
24 char *redirect;
25 bool metacopy;
26 };
27
28 static int ovl_check_redirect(struct dentry *dentry, struct ovl_lookup_data *d,
29 size_t prelen, const char *post)
30 {
31 int res;
32 char *buf;
33
34 buf = ovl_get_redirect_xattr(dentry, prelen + strlen(post));
35 if (IS_ERR_OR_NULL(buf))
36 return PTR_ERR(buf);
37
38 if (buf[0] == '/') {
39
40
41
42
43
44
45
46
47 d->stop = false;
48 } else {
49 res = strlen(buf) + 1;
50 memmove(buf + prelen, buf, res);
51 memcpy(buf, d->name.name, prelen);
52 }
53
54 strcat(buf, post);
55 kfree(d->redirect);
56 d->redirect = buf;
57 d->name.name = d->redirect;
58 d->name.len = strlen(d->redirect);
59
60 return 0;
61 }
62
63 static int ovl_acceptable(void *ctx, struct dentry *dentry)
64 {
65
66
67
68
69 if (!d_is_dir(dentry))
70 return 1;
71
72
73 if (d_unhashed(dentry))
74 return 0;
75
76
77 return is_subdir(dentry, ((struct vfsmount *)ctx)->mnt_root);
78 }
79
80
81
82
83
84
85
86
87 int ovl_check_fh_len(struct ovl_fh *fh, int fh_len)
88 {
89 if (fh_len < sizeof(struct ovl_fh) || fh_len < fh->len)
90 return -EINVAL;
91
92 if (fh->magic != OVL_FH_MAGIC)
93 return -EINVAL;
94
95
96 if (fh->version > OVL_FH_VERSION || fh->flags & ~OVL_FH_FLAG_ALL)
97 return -ENODATA;
98
99
100 if (!(fh->flags & OVL_FH_FLAG_ANY_ENDIAN) &&
101 (fh->flags & OVL_FH_FLAG_BIG_ENDIAN) != OVL_FH_FLAG_CPU_ENDIAN)
102 return -ENODATA;
103
104 return 0;
105 }
106
107 static struct ovl_fh *ovl_get_fh(struct dentry *dentry, const char *name)
108 {
109 int res, err;
110 struct ovl_fh *fh = NULL;
111
112 res = vfs_getxattr(dentry, name, NULL, 0);
113 if (res < 0) {
114 if (res == -ENODATA || res == -EOPNOTSUPP)
115 return NULL;
116 goto fail;
117 }
118
119 if (res == 0)
120 return NULL;
121
122 fh = kzalloc(res, GFP_KERNEL);
123 if (!fh)
124 return ERR_PTR(-ENOMEM);
125
126 res = vfs_getxattr(dentry, name, fh, res);
127 if (res < 0)
128 goto fail;
129
130 err = ovl_check_fh_len(fh, res);
131 if (err < 0) {
132 if (err == -ENODATA)
133 goto out;
134 goto invalid;
135 }
136
137 return fh;
138
139 out:
140 kfree(fh);
141 return NULL;
142
143 fail:
144 pr_warn_ratelimited("overlayfs: failed to get origin (%i)\n", res);
145 goto out;
146 invalid:
147 pr_warn_ratelimited("overlayfs: invalid origin (%*phN)\n", res, fh);
148 goto out;
149 }
150
151 struct dentry *ovl_decode_real_fh(struct ovl_fh *fh, struct vfsmount *mnt,
152 bool connected)
153 {
154 struct dentry *real;
155 int bytes;
156
157
158
159
160
161 if (!uuid_equal(&fh->uuid, &mnt->mnt_sb->s_uuid))
162 return NULL;
163
164 bytes = (fh->len - offsetof(struct ovl_fh, fid));
165 real = exportfs_decode_fh(mnt, (struct fid *)fh->fid,
166 bytes >> 2, (int)fh->type,
167 connected ? ovl_acceptable : NULL, mnt);
168 if (IS_ERR(real)) {
169
170
171
172
173
174
175 if (real == ERR_PTR(-ESTALE) &&
176 !(fh->flags & OVL_FH_FLAG_PATH_UPPER))
177 real = NULL;
178 return real;
179 }
180
181 if (ovl_dentry_weird(real)) {
182 dput(real);
183 return NULL;
184 }
185
186 return real;
187 }
188
189 static bool ovl_is_opaquedir(struct dentry *dentry)
190 {
191 return ovl_check_dir_xattr(dentry, OVL_XATTR_OPAQUE);
192 }
193
194 static int ovl_lookup_single(struct dentry *base, struct ovl_lookup_data *d,
195 const char *name, unsigned int namelen,
196 size_t prelen, const char *post,
197 struct dentry **ret)
198 {
199 struct dentry *this;
200 int err;
201 bool last_element = !post[0];
202
203 this = lookup_one_len_unlocked(name, base, namelen);
204 if (IS_ERR(this)) {
205 err = PTR_ERR(this);
206 this = NULL;
207 if (err == -ENOENT || err == -ENAMETOOLONG)
208 goto out;
209 goto out_err;
210 }
211 if (!this->d_inode)
212 goto put_and_out;
213
214 if (ovl_dentry_weird(this)) {
215
216 err = -EREMOTE;
217 goto out_err;
218 }
219 if (ovl_is_whiteout(this)) {
220 d->stop = d->opaque = true;
221 goto put_and_out;
222 }
223
224
225
226
227 if (last_element && d->metacopy && !d_is_reg(this)) {
228 d->stop = true;
229 goto put_and_out;
230 }
231 if (!d_can_lookup(this)) {
232 if (d->is_dir || !last_element) {
233 d->stop = true;
234 goto put_and_out;
235 }
236 err = ovl_check_metacopy_xattr(this);
237 if (err < 0)
238 goto out_err;
239
240 d->metacopy = err;
241 d->stop = !d->metacopy;
242 if (!d->metacopy || d->last)
243 goto out;
244 } else {
245 if (ovl_lookup_trap_inode(d->sb, this)) {
246
247 err = -ELOOP;
248 goto out_err;
249 }
250
251 if (last_element)
252 d->is_dir = true;
253 if (d->last)
254 goto out;
255
256 if (ovl_is_opaquedir(this)) {
257 d->stop = true;
258 if (last_element)
259 d->opaque = true;
260 goto out;
261 }
262 }
263 err = ovl_check_redirect(this, d, prelen, post);
264 if (err)
265 goto out_err;
266 out:
267 *ret = this;
268 return 0;
269
270 put_and_out:
271 dput(this);
272 this = NULL;
273 goto out;
274
275 out_err:
276 dput(this);
277 return err;
278 }
279
280 static int ovl_lookup_layer(struct dentry *base, struct ovl_lookup_data *d,
281 struct dentry **ret)
282 {
283
284 size_t rem = d->name.len - 1;
285 struct dentry *dentry = NULL;
286 int err;
287
288 if (d->name.name[0] != '/')
289 return ovl_lookup_single(base, d, d->name.name, d->name.len,
290 0, "", ret);
291
292 while (!IS_ERR_OR_NULL(base) && d_can_lookup(base)) {
293 const char *s = d->name.name + d->name.len - rem;
294 const char *next = strchrnul(s, '/');
295 size_t thislen = next - s;
296 bool end = !next[0];
297
298
299 if (WARN_ON(s[-1] != '/'))
300 return -EIO;
301
302 err = ovl_lookup_single(base, d, s, thislen,
303 d->name.len - rem, next, &base);
304 dput(dentry);
305 if (err)
306 return err;
307 dentry = base;
308 if (end)
309 break;
310
311 rem -= thislen + 1;
312
313 if (WARN_ON(rem >= d->name.len))
314 return -EIO;
315 }
316 *ret = dentry;
317 return 0;
318 }
319
320
321 int ovl_check_origin_fh(struct ovl_fs *ofs, struct ovl_fh *fh, bool connected,
322 struct dentry *upperdentry, struct ovl_path **stackp)
323 {
324 struct dentry *origin = NULL;
325 int i;
326
327 for (i = 0; i < ofs->numlower; i++) {
328
329
330
331
332 if (ofs->lower_layers[i].fsid &&
333 ofs->lower_layers[i].fs->bad_uuid)
334 continue;
335
336 origin = ovl_decode_real_fh(fh, ofs->lower_layers[i].mnt,
337 connected);
338 if (origin)
339 break;
340 }
341
342 if (!origin)
343 return -ESTALE;
344 else if (IS_ERR(origin))
345 return PTR_ERR(origin);
346
347 if (upperdentry && !ovl_is_whiteout(upperdentry) &&
348 ((d_inode(origin)->i_mode ^ d_inode(upperdentry)->i_mode) & S_IFMT))
349 goto invalid;
350
351 if (!*stackp)
352 *stackp = kmalloc(sizeof(struct ovl_path), GFP_KERNEL);
353 if (!*stackp) {
354 dput(origin);
355 return -ENOMEM;
356 }
357 **stackp = (struct ovl_path){
358 .dentry = origin,
359 .layer = &ofs->lower_layers[i]
360 };
361
362 return 0;
363
364 invalid:
365 pr_warn_ratelimited("overlayfs: invalid origin (%pd2, ftype=%x, origin ftype=%x).\n",
366 upperdentry, d_inode(upperdentry)->i_mode & S_IFMT,
367 d_inode(origin)->i_mode & S_IFMT);
368 dput(origin);
369 return -EIO;
370 }
371
372 static int ovl_check_origin(struct ovl_fs *ofs, struct dentry *upperdentry,
373 struct ovl_path **stackp, unsigned int *ctrp)
374 {
375 struct ovl_fh *fh = ovl_get_fh(upperdentry, OVL_XATTR_ORIGIN);
376 int err;
377
378 if (IS_ERR_OR_NULL(fh))
379 return PTR_ERR(fh);
380
381 err = ovl_check_origin_fh(ofs, fh, false, upperdentry, stackp);
382 kfree(fh);
383
384 if (err) {
385 if (err == -ESTALE)
386 return 0;
387 return err;
388 }
389
390 if (WARN_ON(*ctrp))
391 return -EIO;
392
393 *ctrp = 1;
394 return 0;
395 }
396
397
398
399
400
401 static int ovl_verify_fh(struct dentry *dentry, const char *name,
402 const struct ovl_fh *fh)
403 {
404 struct ovl_fh *ofh = ovl_get_fh(dentry, name);
405 int err = 0;
406
407 if (!ofh)
408 return -ENODATA;
409
410 if (IS_ERR(ofh))
411 return PTR_ERR(ofh);
412
413 if (fh->len != ofh->len || memcmp(fh, ofh, fh->len))
414 err = -ESTALE;
415
416 kfree(ofh);
417 return err;
418 }
419
420
421
422
423
424
425
426
427
428 int ovl_verify_set_fh(struct dentry *dentry, const char *name,
429 struct dentry *real, bool is_upper, bool set)
430 {
431 struct inode *inode;
432 struct ovl_fh *fh;
433 int err;
434
435 fh = ovl_encode_real_fh(real, is_upper);
436 err = PTR_ERR(fh);
437 if (IS_ERR(fh)) {
438 fh = NULL;
439 goto fail;
440 }
441
442 err = ovl_verify_fh(dentry, name, fh);
443 if (set && err == -ENODATA)
444 err = ovl_do_setxattr(dentry, name, fh, fh->len, 0);
445 if (err)
446 goto fail;
447
448 out:
449 kfree(fh);
450 return err;
451
452 fail:
453 inode = d_inode(real);
454 pr_warn_ratelimited("overlayfs: failed to verify %s (%pd2, ino=%lu, err=%i)\n",
455 is_upper ? "upper" : "origin", real,
456 inode ? inode->i_ino : 0, err);
457 goto out;
458 }
459
460
461 struct dentry *ovl_index_upper(struct ovl_fs *ofs, struct dentry *index)
462 {
463 struct ovl_fh *fh;
464 struct dentry *upper;
465
466 if (!d_is_dir(index))
467 return dget(index);
468
469 fh = ovl_get_fh(index, OVL_XATTR_UPPER);
470 if (IS_ERR_OR_NULL(fh))
471 return ERR_CAST(fh);
472
473 upper = ovl_decode_real_fh(fh, ofs->upper_mnt, true);
474 kfree(fh);
475
476 if (IS_ERR_OR_NULL(upper))
477 return upper ?: ERR_PTR(-ESTALE);
478
479 if (!d_is_dir(upper)) {
480 pr_warn_ratelimited("overlayfs: invalid index upper (%pd2, upper=%pd2).\n",
481 index, upper);
482 dput(upper);
483 return ERR_PTR(-EIO);
484 }
485
486 return upper;
487 }
488
489
490 static bool ovl_is_temp_index(struct dentry *index)
491 {
492 return index->d_name.name[0] == '#';
493 }
494
495
496
497
498
499
500 int ovl_verify_index(struct ovl_fs *ofs, struct dentry *index)
501 {
502 struct ovl_fh *fh = NULL;
503 size_t len;
504 struct ovl_path origin = { };
505 struct ovl_path *stack = &origin;
506 struct dentry *upper = NULL;
507 int err;
508
509 if (!d_inode(index))
510 return 0;
511
512
513 err = -ESTALE;
514 if (ovl_is_temp_index(index))
515 goto fail;
516
517 err = -EINVAL;
518 if (index->d_name.len < sizeof(struct ovl_fh)*2)
519 goto fail;
520
521 err = -ENOMEM;
522 len = index->d_name.len / 2;
523 fh = kzalloc(len, GFP_KERNEL);
524 if (!fh)
525 goto fail;
526
527 err = -EINVAL;
528 if (hex2bin((u8 *)fh, index->d_name.name, len))
529 goto fail;
530
531 err = ovl_check_fh_len(fh, len);
532 if (err)
533 goto fail;
534
535
536
537
538
539
540 if (ovl_is_whiteout(index))
541 goto out;
542
543
544
545
546
547 if (d_is_dir(index) && !ofs->config.nfs_export)
548 goto out;
549
550
551
552
553
554
555
556
557 upper = ovl_index_upper(ofs, index);
558 if (IS_ERR_OR_NULL(upper)) {
559 err = PTR_ERR(upper);
560
561
562
563
564
565
566 if (err == -ESTALE)
567 goto orphan;
568 else if (!err)
569 err = -ESTALE;
570 goto fail;
571 }
572
573 err = ovl_verify_fh(upper, OVL_XATTR_ORIGIN, fh);
574 dput(upper);
575 if (err)
576 goto fail;
577
578
579 if (!d_is_dir(index) && d_inode(index)->i_nlink == 1) {
580 err = ovl_check_origin_fh(ofs, fh, false, index, &stack);
581 if (err)
582 goto fail;
583
584 if (ovl_get_nlink(origin.dentry, index, 0) == 0)
585 goto orphan;
586 }
587
588 out:
589 dput(origin.dentry);
590 kfree(fh);
591 return err;
592
593 fail:
594 pr_warn_ratelimited("overlayfs: failed to verify index (%pd2, ftype=%x, err=%i)\n",
595 index, d_inode(index)->i_mode & S_IFMT, err);
596 goto out;
597
598 orphan:
599 pr_warn_ratelimited("overlayfs: orphan index entry (%pd2, ftype=%x, nlink=%u)\n",
600 index, d_inode(index)->i_mode & S_IFMT,
601 d_inode(index)->i_nlink);
602 err = -ENOENT;
603 goto out;
604 }
605
606 static int ovl_get_index_name_fh(struct ovl_fh *fh, struct qstr *name)
607 {
608 char *n, *s;
609
610 n = kcalloc(fh->len, 2, GFP_KERNEL);
611 if (!n)
612 return -ENOMEM;
613
614 s = bin2hex(n, fh, fh->len);
615 *name = (struct qstr) QSTR_INIT(n, s - n);
616
617 return 0;
618
619 }
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636 int ovl_get_index_name(struct dentry *origin, struct qstr *name)
637 {
638 struct ovl_fh *fh;
639 int err;
640
641 fh = ovl_encode_real_fh(origin, false);
642 if (IS_ERR(fh))
643 return PTR_ERR(fh);
644
645 err = ovl_get_index_name_fh(fh, name);
646
647 kfree(fh);
648 return err;
649 }
650
651
652 struct dentry *ovl_get_index_fh(struct ovl_fs *ofs, struct ovl_fh *fh)
653 {
654 struct dentry *index;
655 struct qstr name;
656 int err;
657
658 err = ovl_get_index_name_fh(fh, &name);
659 if (err)
660 return ERR_PTR(err);
661
662 index = lookup_one_len_unlocked(name.name, ofs->indexdir, name.len);
663 kfree(name.name);
664 if (IS_ERR(index)) {
665 if (PTR_ERR(index) == -ENOENT)
666 index = NULL;
667 return index;
668 }
669
670 if (d_is_negative(index))
671 err = 0;
672 else if (ovl_is_whiteout(index))
673 err = -ESTALE;
674 else if (ovl_dentry_weird(index))
675 err = -EIO;
676 else
677 return index;
678
679 dput(index);
680 return ERR_PTR(err);
681 }
682
683 struct dentry *ovl_lookup_index(struct ovl_fs *ofs, struct dentry *upper,
684 struct dentry *origin, bool verify)
685 {
686 struct dentry *index;
687 struct inode *inode;
688 struct qstr name;
689 bool is_dir = d_is_dir(origin);
690 int err;
691
692 err = ovl_get_index_name(origin, &name);
693 if (err)
694 return ERR_PTR(err);
695
696 index = lookup_one_len_unlocked(name.name, ofs->indexdir, name.len);
697 if (IS_ERR(index)) {
698 err = PTR_ERR(index);
699 if (err == -ENOENT) {
700 index = NULL;
701 goto out;
702 }
703 pr_warn_ratelimited("overlayfs: failed inode index lookup (ino=%lu, key=%.*s, err=%i);\n"
704 "overlayfs: mount with '-o index=off' to disable inodes index.\n",
705 d_inode(origin)->i_ino, name.len, name.name,
706 err);
707 goto out;
708 }
709
710 inode = d_inode(index);
711 if (d_is_negative(index)) {
712 goto out_dput;
713 } else if (ovl_is_whiteout(index) && !verify) {
714
715
716
717
718
719
720 dput(index);
721 index = ERR_PTR(-ESTALE);
722 goto out;
723 } else if (ovl_dentry_weird(index) || ovl_is_whiteout(index) ||
724 ((inode->i_mode ^ d_inode(origin)->i_mode) & S_IFMT)) {
725
726
727
728
729
730
731
732 pr_warn_ratelimited("overlayfs: bad index found (index=%pd2, ftype=%x, origin ftype=%x).\n",
733 index, d_inode(index)->i_mode & S_IFMT,
734 d_inode(origin)->i_mode & S_IFMT);
735 goto fail;
736 } else if (is_dir && verify) {
737 if (!upper) {
738 pr_warn_ratelimited("overlayfs: suspected uncovered redirected dir found (origin=%pd2, index=%pd2).\n",
739 origin, index);
740 goto fail;
741 }
742
743
744 err = ovl_verify_upper(index, upper, false);
745 if (err) {
746 if (err == -ESTALE) {
747 pr_warn_ratelimited("overlayfs: suspected multiply redirected dir found (upper=%pd2, origin=%pd2, index=%pd2).\n",
748 upper, origin, index);
749 }
750 goto fail;
751 }
752 } else if (upper && d_inode(upper) != inode) {
753 goto out_dput;
754 }
755 out:
756 kfree(name.name);
757 return index;
758
759 out_dput:
760 dput(index);
761 index = NULL;
762 goto out;
763
764 fail:
765 dput(index);
766 index = ERR_PTR(-EIO);
767 goto out;
768 }
769
770
771
772
773
774 int ovl_path_next(int idx, struct dentry *dentry, struct path *path)
775 {
776 struct ovl_entry *oe = dentry->d_fsdata;
777
778 BUG_ON(idx < 0);
779 if (idx == 0) {
780 ovl_path_upper(dentry, path);
781 if (path->dentry)
782 return oe->numlower ? 1 : -1;
783 idx++;
784 }
785 BUG_ON(idx > oe->numlower);
786 path->dentry = oe->lowerstack[idx - 1].dentry;
787 path->mnt = oe->lowerstack[idx - 1].layer->mnt;
788
789 return (idx < oe->numlower) ? idx + 1 : -1;
790 }
791
792
793 static int ovl_fix_origin(struct dentry *dentry, struct dentry *lower,
794 struct dentry *upper)
795 {
796 int err;
797
798 if (ovl_check_origin_xattr(upper))
799 return 0;
800
801 err = ovl_want_write(dentry);
802 if (err)
803 return err;
804
805 err = ovl_set_origin(dentry, lower, upper);
806 if (!err)
807 err = ovl_set_impure(dentry->d_parent, upper->d_parent);
808
809 ovl_drop_write(dentry);
810 return err;
811 }
812
813 struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
814 unsigned int flags)
815 {
816 struct ovl_entry *oe;
817 const struct cred *old_cred;
818 struct ovl_fs *ofs = dentry->d_sb->s_fs_info;
819 struct ovl_entry *poe = dentry->d_parent->d_fsdata;
820 struct ovl_entry *roe = dentry->d_sb->s_root->d_fsdata;
821 struct ovl_path *stack = NULL, *origin_path = NULL;
822 struct dentry *upperdir, *upperdentry = NULL;
823 struct dentry *origin = NULL;
824 struct dentry *index = NULL;
825 unsigned int ctr = 0;
826 struct inode *inode = NULL;
827 bool upperopaque = false;
828 char *upperredirect = NULL;
829 struct dentry *this;
830 unsigned int i;
831 int err;
832 bool metacopy = false;
833 struct ovl_lookup_data d = {
834 .sb = dentry->d_sb,
835 .name = dentry->d_name,
836 .is_dir = false,
837 .opaque = false,
838 .stop = false,
839 .last = ofs->config.redirect_follow ? false : !poe->numlower,
840 .redirect = NULL,
841 .metacopy = false,
842 };
843
844 if (dentry->d_name.len > ofs->namelen)
845 return ERR_PTR(-ENAMETOOLONG);
846
847 old_cred = ovl_override_creds(dentry->d_sb);
848 upperdir = ovl_dentry_upper(dentry->d_parent);
849 if (upperdir) {
850 err = ovl_lookup_layer(upperdir, &d, &upperdentry);
851 if (err)
852 goto out;
853
854 if (upperdentry && unlikely(ovl_dentry_remote(upperdentry))) {
855 dput(upperdentry);
856 err = -EREMOTE;
857 goto out;
858 }
859 if (upperdentry && !d.is_dir) {
860 unsigned int origin_ctr = 0;
861
862
863
864
865
866
867
868
869
870
871
872 err = ovl_check_origin(ofs, upperdentry, &origin_path,
873 &origin_ctr);
874 if (err)
875 goto out_put_upper;
876
877 if (d.metacopy)
878 metacopy = true;
879 }
880
881 if (d.redirect) {
882 err = -ENOMEM;
883 upperredirect = kstrdup(d.redirect, GFP_KERNEL);
884 if (!upperredirect)
885 goto out_put_upper;
886 if (d.redirect[0] == '/')
887 poe = roe;
888 }
889 upperopaque = d.opaque;
890 }
891
892 if (!d.stop && poe->numlower) {
893 err = -ENOMEM;
894 stack = kcalloc(ofs->numlower, sizeof(struct ovl_path),
895 GFP_KERNEL);
896 if (!stack)
897 goto out_put_upper;
898 }
899
900 for (i = 0; !d.stop && i < poe->numlower; i++) {
901 struct ovl_path lower = poe->lowerstack[i];
902
903 if (!ofs->config.redirect_follow)
904 d.last = i == poe->numlower - 1;
905 else
906 d.last = lower.layer->idx == roe->numlower;
907
908 err = ovl_lookup_layer(lower.dentry, &d, &this);
909 if (err)
910 goto out_put;
911
912 if (!this)
913 continue;
914
915
916
917
918
919 if (upperdentry && !ctr && !ofs->noxattr && d.is_dir) {
920 err = ovl_fix_origin(dentry, this, upperdentry);
921 if (err) {
922 dput(this);
923 goto out_put;
924 }
925 }
926
927
928
929
930
931
932
933
934
935
936 if (upperdentry && !ctr &&
937 ((d.is_dir && ovl_verify_lower(dentry->d_sb)) ||
938 (!d.is_dir && ofs->config.index && origin_path))) {
939 err = ovl_verify_origin(upperdentry, this, false);
940 if (err) {
941 dput(this);
942 if (d.is_dir)
943 break;
944 goto out_put;
945 }
946 origin = this;
947 }
948
949 if (d.metacopy)
950 metacopy = true;
951
952
953
954
955 if (d.metacopy && ctr) {
956 dput(this);
957 continue;
958 }
959
960 stack[ctr].dentry = this;
961 stack[ctr].layer = lower.layer;
962 ctr++;
963
964
965
966
967
968
969
970
971
972
973
974 err = -EPERM;
975 if (d.redirect && !ofs->config.redirect_follow) {
976 pr_warn_ratelimited("overlayfs: refusing to follow redirect for (%pd2)\n",
977 dentry);
978 goto out_put;
979 }
980
981 if (d.stop)
982 break;
983
984 if (d.redirect && d.redirect[0] == '/' && poe != roe) {
985 poe = roe;
986
987 i = lower.layer->idx - 1;
988 }
989 }
990
991 if (metacopy) {
992
993
994
995
996 if (d.metacopy) {
997 err = -EIO;
998 goto out_put;
999 }
1000
1001 err = -EPERM;
1002 if (!ofs->config.metacopy) {
1003 pr_warn_ratelimited("overlay: refusing to follow metacopy origin for (%pd2)\n",
1004 dentry);
1005 goto out_put;
1006 }
1007 } else if (!d.is_dir && upperdentry && !ctr && origin_path) {
1008 if (WARN_ON(stack != NULL)) {
1009 err = -EIO;
1010 goto out_put;
1011 }
1012 stack = origin_path;
1013 ctr = 1;
1014 origin_path = NULL;
1015 }
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032 if (ctr && (!upperdentry || (!d.is_dir && !metacopy)))
1033 origin = stack[0].dentry;
1034
1035 if (origin && ovl_indexdir(dentry->d_sb) &&
1036 (!d.is_dir || ovl_index_all(dentry->d_sb))) {
1037 index = ovl_lookup_index(ofs, upperdentry, origin, true);
1038 if (IS_ERR(index)) {
1039 err = PTR_ERR(index);
1040 index = NULL;
1041 goto out_put;
1042 }
1043 }
1044
1045 oe = ovl_alloc_entry(ctr);
1046 err = -ENOMEM;
1047 if (!oe)
1048 goto out_put;
1049
1050 memcpy(oe->lowerstack, stack, sizeof(struct ovl_path) * ctr);
1051 dentry->d_fsdata = oe;
1052
1053 if (upperopaque)
1054 ovl_dentry_set_opaque(dentry);
1055
1056 if (upperdentry)
1057 ovl_dentry_set_upper_alias(dentry);
1058 else if (index) {
1059 upperdentry = dget(index);
1060 upperredirect = ovl_get_redirect_xattr(upperdentry, 0);
1061 if (IS_ERR(upperredirect)) {
1062 err = PTR_ERR(upperredirect);
1063 upperredirect = NULL;
1064 goto out_free_oe;
1065 }
1066 }
1067
1068 if (upperdentry || ctr) {
1069 struct ovl_inode_params oip = {
1070 .upperdentry = upperdentry,
1071 .lowerpath = stack,
1072 .index = index,
1073 .numlower = ctr,
1074 .redirect = upperredirect,
1075 .lowerdata = (ctr > 1 && !d.is_dir) ?
1076 stack[ctr - 1].dentry : NULL,
1077 };
1078
1079 inode = ovl_get_inode(dentry->d_sb, &oip);
1080 err = PTR_ERR(inode);
1081 if (IS_ERR(inode))
1082 goto out_free_oe;
1083 }
1084
1085 revert_creds(old_cred);
1086 if (origin_path) {
1087 dput(origin_path->dentry);
1088 kfree(origin_path);
1089 }
1090 dput(index);
1091 kfree(stack);
1092 kfree(d.redirect);
1093 return d_splice_alias(inode, dentry);
1094
1095 out_free_oe:
1096 dentry->d_fsdata = NULL;
1097 kfree(oe);
1098 out_put:
1099 dput(index);
1100 for (i = 0; i < ctr; i++)
1101 dput(stack[i].dentry);
1102 kfree(stack);
1103 out_put_upper:
1104 if (origin_path) {
1105 dput(origin_path->dentry);
1106 kfree(origin_path);
1107 }
1108 dput(upperdentry);
1109 kfree(upperredirect);
1110 out:
1111 kfree(d.redirect);
1112 revert_creds(old_cred);
1113 return ERR_PTR(err);
1114 }
1115
1116 bool ovl_lower_positive(struct dentry *dentry)
1117 {
1118 struct ovl_entry *poe = dentry->d_parent->d_fsdata;
1119 const struct qstr *name = &dentry->d_name;
1120 const struct cred *old_cred;
1121 unsigned int i;
1122 bool positive = false;
1123 bool done = false;
1124
1125
1126
1127
1128
1129 if (!dentry->d_inode)
1130 return ovl_dentry_is_opaque(dentry);
1131
1132
1133 if (!ovl_dentry_upper(dentry))
1134 return true;
1135
1136 old_cred = ovl_override_creds(dentry->d_sb);
1137
1138 for (i = 0; !done && !positive && i < poe->numlower; i++) {
1139 struct dentry *this;
1140 struct dentry *lowerdir = poe->lowerstack[i].dentry;
1141
1142 this = lookup_one_len_unlocked(name->name, lowerdir,
1143 name->len);
1144 if (IS_ERR(this)) {
1145 switch (PTR_ERR(this)) {
1146 case -ENOENT:
1147 case -ENAMETOOLONG:
1148 break;
1149
1150 default:
1151
1152
1153
1154
1155 positive = true;
1156 break;
1157 }
1158 } else {
1159 if (this->d_inode) {
1160 positive = !ovl_is_whiteout(this);
1161 done = true;
1162 }
1163 dput(this);
1164 }
1165 }
1166 revert_creds(old_cred);
1167
1168 return positive;
1169 }