blob: cce483a1d0ffcca971e6a174afb793d287b05bf6 [file] [log] [blame]
Thomas Gleixnerd2912cb2019-06-04 10:11:33 +02001// SPDX-License-Identifier: GPL-2.0-only
Miklos Szeredie9be9d52014-10-24 00:14:38 +02002/*
3 *
4 * Copyright (C) 2011 Novell Inc.
Miklos Szeredie9be9d52014-10-24 00:14:38 +02005 */
6
Ingo Molnar5b825c32017-02-02 17:54:15 +01007#include <uapi/linux/magic.h>
Miklos Szeredie9be9d52014-10-24 00:14:38 +02008#include <linux/fs.h>
9#include <linux/namei.h>
10#include <linux/xattr.h>
Miklos Szeredie9be9d52014-10-24 00:14:38 +020011#include <linux/mount.h>
Miklos Szeredie9be9d52014-10-24 00:14:38 +020012#include <linux/parser.h>
13#include <linux/module.h>
Andy Whitcroftcc259632014-10-24 00:14:38 +020014#include <linux/statfs.h>
Erez Zadokf45827e82014-10-24 00:14:38 +020015#include <linux/seq_file.h>
Miklos Szeredid837a492016-07-29 12:05:24 +020016#include <linux/posix_acl_xattr.h>
Amir Goldsteine487d882017-11-07 13:55:04 +020017#include <linux/exportfs.h>
Miklos Szeredie9be9d52014-10-24 00:14:38 +020018#include "overlayfs.h"
19
20MODULE_AUTHOR("Miklos Szeredi <miklos@szeredi.hu>");
21MODULE_DESCRIPTION("Overlay filesystem");
22MODULE_LICENSE("GPL");
23
Miklos Szeredie9be9d52014-10-24 00:14:38 +020024
25struct ovl_dir_cache;
26
Miklos Szeredia78d9f02014-12-13 00:59:52 +010027#define OVL_MAX_STACK 500
28
Miklos Szeredi688ea0e2016-12-16 11:02:57 +010029static bool ovl_redirect_dir_def = IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_DIR);
30module_param_named(redirect_dir, ovl_redirect_dir_def, bool, 0644);
Nicolas Schier253e7482019-06-17 09:39:00 +020031MODULE_PARM_DESC(redirect_dir,
Miklos Szeredi688ea0e2016-12-16 11:02:57 +010032 "Default to on or off for the redirect_dir feature");
Miklos Szeredie9be9d52014-10-24 00:14:38 +020033
Miklos Szeredi438c84c2017-12-11 11:28:10 +010034static bool ovl_redirect_always_follow =
35 IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW);
36module_param_named(redirect_always_follow, ovl_redirect_always_follow,
37 bool, 0644);
Nicolas Schier253e7482019-06-17 09:39:00 +020038MODULE_PARM_DESC(redirect_always_follow,
Miklos Szeredi438c84c2017-12-11 11:28:10 +010039 "Follow redirects even if redirect_dir feature is turned off");
40
Amir Goldstein02bcd152017-06-21 15:28:36 +030041static bool ovl_index_def = IS_ENABLED(CONFIG_OVERLAY_FS_INDEX);
42module_param_named(index, ovl_index_def, bool, 0644);
Nicolas Schier253e7482019-06-17 09:39:00 +020043MODULE_PARM_DESC(index,
Amir Goldstein02bcd152017-06-21 15:28:36 +030044 "Default to on or off for the inodes index feature");
45
Amir Goldsteinf168f102018-01-19 11:26:53 +020046static bool ovl_nfs_export_def = IS_ENABLED(CONFIG_OVERLAY_FS_NFS_EXPORT);
47module_param_named(nfs_export, ovl_nfs_export_def, bool, 0644);
Nicolas Schier253e7482019-06-17 09:39:00 +020048MODULE_PARM_DESC(nfs_export,
Amir Goldsteinf168f102018-01-19 11:26:53 +020049 "Default to on or off for the NFS export feature");
50
Amir Goldstein795939a2018-03-29 09:08:18 +030051static bool ovl_xino_auto_def = IS_ENABLED(CONFIG_OVERLAY_FS_XINO_AUTO);
52module_param_named(xino_auto, ovl_xino_auto_def, bool, 0644);
Nicolas Schier253e7482019-06-17 09:39:00 +020053MODULE_PARM_DESC(xino_auto,
Amir Goldstein795939a2018-03-29 09:08:18 +030054 "Auto enable xino feature");
55
Miklos Szeredi4155c102017-11-10 09:39:15 +010056static void ovl_entry_stack_free(struct ovl_entry *oe)
57{
58 unsigned int i;
59
60 for (i = 0; i < oe->numlower; i++)
61 dput(oe->lowerstack[i].dentry);
62}
63
Vivek Goyald5791042018-05-11 11:49:27 -040064static bool ovl_metacopy_def = IS_ENABLED(CONFIG_OVERLAY_FS_METACOPY);
65module_param_named(metacopy, ovl_metacopy_def, bool, 0644);
Nicolas Schier253e7482019-06-17 09:39:00 +020066MODULE_PARM_DESC(metacopy,
Vivek Goyald5791042018-05-11 11:49:27 -040067 "Default to on or off for the metadata only copy up feature");
68
Miklos Szeredie9be9d52014-10-24 00:14:38 +020069static void ovl_dentry_release(struct dentry *dentry)
70{
71 struct ovl_entry *oe = dentry->d_fsdata;
72
73 if (oe) {
Miklos Szeredi4155c102017-11-10 09:39:15 +010074 ovl_entry_stack_free(oe);
Miklos Szeredie9be9d52014-10-24 00:14:38 +020075 kfree_rcu(oe, rcu);
76 }
77}
78
Miklos Szeredi2d902672016-06-30 08:53:27 +020079static struct dentry *ovl_d_real(struct dentry *dentry,
Miklos Szeredifb160432018-07-18 15:44:44 +020080 const struct inode *inode)
Miklos Szeredid101a122016-03-26 16:14:37 -040081{
82 struct dentry *real;
83
Miklos Szeredie8c985b2018-07-18 15:44:41 +020084 /* It's an overlay file */
85 if (inode && d_inode(dentry) == inode)
86 return dentry;
87
Miklos Szeredica4c8a32016-12-16 11:02:55 +010088 if (!d_is_reg(dentry)) {
Miklos Szeredid101a122016-03-26 16:14:37 -040089 if (!inode || inode == d_inode(dentry))
90 return dentry;
91 goto bug;
92 }
93
94 real = ovl_dentry_upper(dentry);
Vivek Goyal2c3d7352018-05-11 11:49:31 -040095 if (real && (inode == d_inode(real)))
Miklos Szeredid101a122016-03-26 16:14:37 -040096 return real;
97
Vivek Goyal2c3d7352018-05-11 11:49:31 -040098 if (real && !inode && ovl_has_upperdata(d_inode(dentry)))
99 return real;
100
101 real = ovl_dentry_lowerdata(dentry);
Miklos Szeredid101a122016-03-26 16:14:37 -0400102 if (!real)
103 goto bug;
104
Miklos Szeredic4fcfc12016-11-29 10:20:24 +0100105 /* Handle recursion */
Miklos Szeredifb160432018-07-18 15:44:44 +0200106 real = d_real(real, inode);
Miklos Szeredic4fcfc12016-11-29 10:20:24 +0100107
Miklos Szeredid101a122016-03-26 16:14:37 -0400108 if (!inode || inode == d_inode(real))
109 return real;
Miklos Szeredid101a122016-03-26 16:14:37 -0400110bug:
Miklos Szeredi656189d2016-07-29 12:05:24 +0200111 WARN(1, "ovl_d_real(%pd4, %s:%lu): real dentry not found\n", dentry,
Miklos Szeredid101a122016-03-26 16:14:37 -0400112 inode ? inode->i_sb->s_id : "NULL", inode ? inode->i_ino : 0);
113 return dentry;
114}
115
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200116static int ovl_dentry_revalidate(struct dentry *dentry, unsigned int flags)
117{
118 struct ovl_entry *oe = dentry->d_fsdata;
119 unsigned int i;
120 int ret = 1;
121
122 for (i = 0; i < oe->numlower; i++) {
123 struct dentry *d = oe->lowerstack[i].dentry;
124
125 if (d->d_flags & DCACHE_OP_REVALIDATE) {
126 ret = d->d_op->d_revalidate(d, flags);
127 if (ret < 0)
128 return ret;
129 if (!ret) {
130 if (!(flags & LOOKUP_RCU))
131 d_invalidate(d);
132 return -ESTALE;
133 }
134 }
135 }
136 return 1;
137}
138
139static int ovl_dentry_weak_revalidate(struct dentry *dentry, unsigned int flags)
140{
141 struct ovl_entry *oe = dentry->d_fsdata;
142 unsigned int i;
143 int ret = 1;
144
145 for (i = 0; i < oe->numlower; i++) {
146 struct dentry *d = oe->lowerstack[i].dentry;
147
148 if (d->d_flags & DCACHE_OP_WEAK_REVALIDATE) {
149 ret = d->d_op->d_weak_revalidate(d, flags);
150 if (ret <= 0)
151 break;
152 }
153 }
154 return ret;
155}
156
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200157static const struct dentry_operations ovl_dentry_operations = {
158 .d_release = ovl_dentry_release,
Miklos Szeredid101a122016-03-26 16:14:37 -0400159 .d_real = ovl_d_real,
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200160};
161
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200162static const struct dentry_operations ovl_reval_dentry_operations = {
163 .d_release = ovl_dentry_release,
Miklos Szeredid101a122016-03-26 16:14:37 -0400164 .d_real = ovl_d_real,
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200165 .d_revalidate = ovl_dentry_revalidate,
166 .d_weak_revalidate = ovl_dentry_weak_revalidate,
167};
168
Amir Goldstein13cf1992017-06-12 09:54:40 +0300169static struct kmem_cache *ovl_inode_cachep;
170
171static struct inode *ovl_alloc_inode(struct super_block *sb)
172{
173 struct ovl_inode *oi = kmem_cache_alloc(ovl_inode_cachep, GFP_KERNEL);
174
Hirofumi Nakagawab3885bd2017-09-26 03:09:53 +0900175 if (!oi)
176 return NULL;
177
Miklos Szeredi04a01ac2017-07-04 22:03:16 +0200178 oi->cache = NULL;
Miklos Szeredicf31c462017-07-04 22:03:16 +0200179 oi->redirect = NULL;
Miklos Szeredi04a01ac2017-07-04 22:03:16 +0200180 oi->version = 0;
Miklos Szeredi13c72072017-07-04 22:03:16 +0200181 oi->flags = 0;
Miklos Szeredi09d8b582017-07-04 22:03:16 +0200182 oi->__upperdentry = NULL;
Miklos Szeredi25b77132017-07-04 22:03:16 +0200183 oi->lower = NULL;
Vivek Goyal2664bd02018-05-11 11:49:30 -0400184 oi->lowerdata = NULL;
Amir Goldsteina015daf2017-06-21 15:28:51 +0300185 mutex_init(&oi->lock);
Miklos Szeredi25b77132017-07-04 22:03:16 +0200186
Amir Goldstein13cf1992017-06-12 09:54:40 +0300187 return &oi->vfs_inode;
188}
189
Al Viro0b269de2019-04-15 22:52:17 -0400190static void ovl_free_inode(struct inode *inode)
Amir Goldstein13cf1992017-06-12 09:54:40 +0300191{
Al Viro0b269de2019-04-15 22:52:17 -0400192 struct ovl_inode *oi = OVL_I(inode);
Amir Goldstein13cf1992017-06-12 09:54:40 +0300193
Al Viro0b269de2019-04-15 22:52:17 -0400194 kfree(oi->redirect);
195 mutex_destroy(&oi->lock);
196 kmem_cache_free(ovl_inode_cachep, oi);
Amir Goldstein13cf1992017-06-12 09:54:40 +0300197}
198
199static void ovl_destroy_inode(struct inode *inode)
200{
Miklos Szeredi09d8b582017-07-04 22:03:16 +0200201 struct ovl_inode *oi = OVL_I(inode);
202
203 dput(oi->__upperdentry);
Amir Goldstein31747ed2018-01-14 18:35:40 +0200204 iput(oi->lower);
Vivek Goyal2664bd02018-05-11 11:49:30 -0400205 if (S_ISDIR(inode->i_mode))
206 ovl_dir_cache_free(inode);
207 else
208 iput(oi->lowerdata);
Amir Goldstein13cf1992017-06-12 09:54:40 +0300209}
210
Miklos Szerediad204482017-11-10 09:39:16 +0100211static void ovl_free_fs(struct ovl_fs *ofs)
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200212{
Miklos Szeredidd662662014-12-13 00:59:43 +0100213 unsigned i;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200214
Amir Goldstein0be0bfd2019-07-12 15:24:34 +0300215 iput(ofs->workbasedir_trap);
Amir Goldstein146d62e2019-04-18 17:42:08 +0300216 iput(ofs->indexdir_trap);
217 iput(ofs->workdir_trap);
218 iput(ofs->upperdir_trap);
Miklos Szerediad204482017-11-10 09:39:16 +0100219 dput(ofs->indexdir);
220 dput(ofs->workdir);
221 if (ofs->workdir_locked)
222 ovl_inuse_unlock(ofs->workbasedir);
223 dput(ofs->workbasedir);
224 if (ofs->upperdir_locked)
225 ovl_inuse_unlock(ofs->upper_mnt->mnt_root);
226 mntput(ofs->upper_mnt);
Amir Goldstein146d62e2019-04-18 17:42:08 +0300227 for (i = 0; i < ofs->numlower; i++) {
228 iput(ofs->lower_layers[i].trap);
Miklos Szerediad204482017-11-10 09:39:16 +0100229 mntput(ofs->lower_layers[i].mnt);
Amir Goldstein146d62e2019-04-18 17:42:08 +0300230 }
Amir Goldstein51486262018-03-28 20:22:41 +0300231 for (i = 0; i < ofs->numlowerfs; i++)
232 free_anon_bdev(ofs->lower_fs[i].pseudo_dev);
Miklos Szerediad204482017-11-10 09:39:16 +0100233 kfree(ofs->lower_layers);
Amir Goldstein51486262018-03-28 20:22:41 +0300234 kfree(ofs->lower_fs);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200235
Miklos Szerediad204482017-11-10 09:39:16 +0100236 kfree(ofs->config.lowerdir);
237 kfree(ofs->config.upperdir);
238 kfree(ofs->config.workdir);
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100239 kfree(ofs->config.redirect_mode);
Miklos Szerediad204482017-11-10 09:39:16 +0100240 if (ofs->creator_cred)
241 put_cred(ofs->creator_cred);
242 kfree(ofs);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200243}
244
Miklos Szeredia9075cd2017-11-10 09:39:15 +0100245static void ovl_put_super(struct super_block *sb)
246{
247 struct ovl_fs *ofs = sb->s_fs_info;
248
249 ovl_free_fs(ofs);
250}
251
Chengguang Xue8d4bfe2017-11-29 10:01:32 +0800252/* Sync real dirty inodes in upper filesystem (if it exists) */
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200253static int ovl_sync_fs(struct super_block *sb, int wait)
254{
Miklos Szerediad204482017-11-10 09:39:16 +0100255 struct ovl_fs *ofs = sb->s_fs_info;
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200256 struct super_block *upper_sb;
257 int ret;
258
Miklos Szerediad204482017-11-10 09:39:16 +0100259 if (!ofs->upper_mnt)
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200260 return 0;
Chengguang Xue8d4bfe2017-11-29 10:01:32 +0800261
262 /*
263 * If this is a sync(2) call or an emergency sync, all the super blocks
264 * will be iterated, including upper_sb, so no need to do anything.
265 *
266 * If this is a syncfs(2) call, then we do need to call
267 * sync_filesystem() on upper_sb, but enough if we do it when being
268 * called with wait == 1.
269 */
270 if (!wait)
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200271 return 0;
272
Chengguang Xue8d4bfe2017-11-29 10:01:32 +0800273 upper_sb = ofs->upper_mnt->mnt_sb;
274
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200275 down_read(&upper_sb->s_umount);
Chengguang Xue8d4bfe2017-11-29 10:01:32 +0800276 ret = sync_filesystem(upper_sb);
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200277 up_read(&upper_sb->s_umount);
Chengguang Xue8d4bfe2017-11-29 10:01:32 +0800278
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200279 return ret;
280}
281
Andy Whitcroftcc259632014-10-24 00:14:38 +0200282/**
283 * ovl_statfs
284 * @sb: The overlayfs super block
285 * @buf: The struct kstatfs to fill in with stats
286 *
287 * Get the filesystem statistics. As writes always target the upper layer
Miklos Szeredi4ebc5812014-12-13 00:59:46 +0100288 * filesystem pass the statfs to the upper filesystem (if it exists)
Andy Whitcroftcc259632014-10-24 00:14:38 +0200289 */
290static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf)
291{
292 struct ovl_fs *ofs = dentry->d_sb->s_fs_info;
293 struct dentry *root_dentry = dentry->d_sb->s_root;
294 struct path path;
295 int err;
296
Miklos Szeredi4ebc5812014-12-13 00:59:46 +0100297 ovl_path_real(root_dentry, &path);
Andy Whitcroftcc259632014-10-24 00:14:38 +0200298
299 err = vfs_statfs(&path, buf);
300 if (!err) {
Miklos Szeredi6b2d5fe2016-12-16 11:02:56 +0100301 buf->f_namelen = ofs->namelen;
Andy Whitcroftcc259632014-10-24 00:14:38 +0200302 buf->f_type = OVERLAYFS_SUPER_MAGIC;
303 }
304
305 return err;
306}
307
Amir Goldstein02bcd152017-06-21 15:28:36 +0300308/* Will this overlay be forced to mount/remount ro? */
Miklos Szerediad204482017-11-10 09:39:16 +0100309static bool ovl_force_readonly(struct ovl_fs *ofs)
Amir Goldstein02bcd152017-06-21 15:28:36 +0300310{
Miklos Szerediad204482017-11-10 09:39:16 +0100311 return (!ofs->upper_mnt || !ofs->workdir);
Amir Goldstein02bcd152017-06-21 15:28:36 +0300312}
313
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100314static const char *ovl_redirect_mode_def(void)
315{
316 return ovl_redirect_dir_def ? "on" : "off";
317}
318
Amir Goldstein795939a2018-03-29 09:08:18 +0300319enum {
320 OVL_XINO_OFF,
321 OVL_XINO_AUTO,
322 OVL_XINO_ON,
323};
324
325static const char * const ovl_xino_str[] = {
326 "off",
327 "auto",
328 "on",
329};
330
331static inline int ovl_xino_def(void)
332{
333 return ovl_xino_auto_def ? OVL_XINO_AUTO : OVL_XINO_OFF;
334}
335
Erez Zadokf45827e82014-10-24 00:14:38 +0200336/**
337 * ovl_show_options
338 *
339 * Prints the mount options for a given superblock.
340 * Returns zero; does not fail.
341 */
342static int ovl_show_options(struct seq_file *m, struct dentry *dentry)
343{
344 struct super_block *sb = dentry->d_sb;
Miklos Szerediad204482017-11-10 09:39:16 +0100345 struct ovl_fs *ofs = sb->s_fs_info;
Erez Zadokf45827e82014-10-24 00:14:38 +0200346
Miklos Szerediad204482017-11-10 09:39:16 +0100347 seq_show_option(m, "lowerdir", ofs->config.lowerdir);
348 if (ofs->config.upperdir) {
349 seq_show_option(m, "upperdir", ofs->config.upperdir);
350 seq_show_option(m, "workdir", ofs->config.workdir);
Miklos Szeredi53a08cb2014-12-13 00:59:51 +0100351 }
Miklos Szerediad204482017-11-10 09:39:16 +0100352 if (ofs->config.default_permissions)
Miklos Szeredi8d3095f2015-10-12 17:11:44 +0200353 seq_puts(m, ",default_permissions");
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100354 if (strcmp(ofs->config.redirect_mode, ovl_redirect_mode_def()) != 0)
355 seq_printf(m, ",redirect_dir=%s", ofs->config.redirect_mode);
Miklos Szerediad204482017-11-10 09:39:16 +0100356 if (ofs->config.index != ovl_index_def)
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100357 seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off");
Amir Goldsteinf168f102018-01-19 11:26:53 +0200358 if (ofs->config.nfs_export != ovl_nfs_export_def)
359 seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ?
360 "on" : "off");
Amir Goldstein795939a2018-03-29 09:08:18 +0300361 if (ofs->config.xino != ovl_xino_def())
362 seq_printf(m, ",xino=%s", ovl_xino_str[ofs->config.xino]);
Vivek Goyald5791042018-05-11 11:49:27 -0400363 if (ofs->config.metacopy != ovl_metacopy_def)
364 seq_printf(m, ",metacopy=%s",
365 ofs->config.metacopy ? "on" : "off");
Erez Zadokf45827e82014-10-24 00:14:38 +0200366 return 0;
367}
368
Seunghun Lee3cdf6fe2015-01-03 02:26:49 +0900369static int ovl_remount(struct super_block *sb, int *flags, char *data)
370{
Miklos Szerediad204482017-11-10 09:39:16 +0100371 struct ovl_fs *ofs = sb->s_fs_info;
Seunghun Lee3cdf6fe2015-01-03 02:26:49 +0900372
Linus Torvalds1751e8a2017-11-27 13:05:09 -0800373 if (!(*flags & SB_RDONLY) && ovl_force_readonly(ofs))
Seunghun Lee3cdf6fe2015-01-03 02:26:49 +0900374 return -EROFS;
375
376 return 0;
377}
378
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200379static const struct super_operations ovl_super_operations = {
Amir Goldstein13cf1992017-06-12 09:54:40 +0300380 .alloc_inode = ovl_alloc_inode,
Al Viro0b269de2019-04-15 22:52:17 -0400381 .free_inode = ovl_free_inode,
Amir Goldstein13cf1992017-06-12 09:54:40 +0300382 .destroy_inode = ovl_destroy_inode,
383 .drop_inode = generic_delete_inode,
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200384 .put_super = ovl_put_super,
Amir Goldsteine593b2b2017-01-23 14:32:21 +0200385 .sync_fs = ovl_sync_fs,
Andy Whitcroftcc259632014-10-24 00:14:38 +0200386 .statfs = ovl_statfs,
Erez Zadokf45827e82014-10-24 00:14:38 +0200387 .show_options = ovl_show_options,
Seunghun Lee3cdf6fe2015-01-03 02:26:49 +0900388 .remount_fs = ovl_remount,
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200389};
390
391enum {
392 OPT_LOWERDIR,
393 OPT_UPPERDIR,
394 OPT_WORKDIR,
Miklos Szeredi8d3095f2015-10-12 17:11:44 +0200395 OPT_DEFAULT_PERMISSIONS,
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100396 OPT_REDIRECT_DIR,
Amir Goldstein02bcd152017-06-21 15:28:36 +0300397 OPT_INDEX_ON,
398 OPT_INDEX_OFF,
Amir Goldsteinf168f102018-01-19 11:26:53 +0200399 OPT_NFS_EXPORT_ON,
400 OPT_NFS_EXPORT_OFF,
Amir Goldstein795939a2018-03-29 09:08:18 +0300401 OPT_XINO_ON,
402 OPT_XINO_OFF,
403 OPT_XINO_AUTO,
Vivek Goyald5791042018-05-11 11:49:27 -0400404 OPT_METACOPY_ON,
405 OPT_METACOPY_OFF,
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200406 OPT_ERR,
407};
408
409static const match_table_t ovl_tokens = {
410 {OPT_LOWERDIR, "lowerdir=%s"},
411 {OPT_UPPERDIR, "upperdir=%s"},
412 {OPT_WORKDIR, "workdir=%s"},
Miklos Szeredi8d3095f2015-10-12 17:11:44 +0200413 {OPT_DEFAULT_PERMISSIONS, "default_permissions"},
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100414 {OPT_REDIRECT_DIR, "redirect_dir=%s"},
Amir Goldstein02bcd152017-06-21 15:28:36 +0300415 {OPT_INDEX_ON, "index=on"},
416 {OPT_INDEX_OFF, "index=off"},
Amir Goldsteinf168f102018-01-19 11:26:53 +0200417 {OPT_NFS_EXPORT_ON, "nfs_export=on"},
418 {OPT_NFS_EXPORT_OFF, "nfs_export=off"},
Amir Goldstein795939a2018-03-29 09:08:18 +0300419 {OPT_XINO_ON, "xino=on"},
420 {OPT_XINO_OFF, "xino=off"},
421 {OPT_XINO_AUTO, "xino=auto"},
Vivek Goyald5791042018-05-11 11:49:27 -0400422 {OPT_METACOPY_ON, "metacopy=on"},
423 {OPT_METACOPY_OFF, "metacopy=off"},
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200424 {OPT_ERR, NULL}
425};
426
Miklos Szeredi91c77942014-11-20 16:40:00 +0100427static char *ovl_next_opt(char **s)
428{
429 char *sbegin = *s;
430 char *p;
431
432 if (sbegin == NULL)
433 return NULL;
434
435 for (p = sbegin; *p; p++) {
436 if (*p == '\\') {
437 p++;
438 if (!*p)
439 break;
440 } else if (*p == ',') {
441 *p = '\0';
442 *s = p + 1;
443 return sbegin;
444 }
445 }
446 *s = NULL;
447 return sbegin;
448}
449
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100450static int ovl_parse_redirect_mode(struct ovl_config *config, const char *mode)
451{
452 if (strcmp(mode, "on") == 0) {
453 config->redirect_dir = true;
454 /*
455 * Does not make sense to have redirect creation without
456 * redirect following.
457 */
458 config->redirect_follow = true;
459 } else if (strcmp(mode, "follow") == 0) {
460 config->redirect_follow = true;
461 } else if (strcmp(mode, "off") == 0) {
462 if (ovl_redirect_always_follow)
463 config->redirect_follow = true;
464 } else if (strcmp(mode, "nofollow") != 0) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800465 pr_err("bad mount option \"redirect_dir=%s\"\n",
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100466 mode);
467 return -EINVAL;
468 }
469
470 return 0;
471}
472
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200473static int ovl_parse_opt(char *opt, struct ovl_config *config)
474{
475 char *p;
Vivek Goyald5791042018-05-11 11:49:27 -0400476 int err;
Miklos Szeredid47748e2018-11-01 21:31:39 +0100477 bool metacopy_opt = false, redirect_opt = false;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200478
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100479 config->redirect_mode = kstrdup(ovl_redirect_mode_def(), GFP_KERNEL);
480 if (!config->redirect_mode)
481 return -ENOMEM;
482
Miklos Szeredi91c77942014-11-20 16:40:00 +0100483 while ((p = ovl_next_opt(&opt)) != NULL) {
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200484 int token;
485 substring_t args[MAX_OPT_ARGS];
486
487 if (!*p)
488 continue;
489
490 token = match_token(p, ovl_tokens, args);
491 switch (token) {
492 case OPT_UPPERDIR:
493 kfree(config->upperdir);
494 config->upperdir = match_strdup(&args[0]);
495 if (!config->upperdir)
496 return -ENOMEM;
497 break;
498
499 case OPT_LOWERDIR:
500 kfree(config->lowerdir);
501 config->lowerdir = match_strdup(&args[0]);
502 if (!config->lowerdir)
503 return -ENOMEM;
504 break;
505
506 case OPT_WORKDIR:
507 kfree(config->workdir);
508 config->workdir = match_strdup(&args[0]);
509 if (!config->workdir)
510 return -ENOMEM;
511 break;
512
Miklos Szeredi8d3095f2015-10-12 17:11:44 +0200513 case OPT_DEFAULT_PERMISSIONS:
514 config->default_permissions = true;
515 break;
516
Miklos Szeredi438c84c2017-12-11 11:28:10 +0100517 case OPT_REDIRECT_DIR:
518 kfree(config->redirect_mode);
519 config->redirect_mode = match_strdup(&args[0]);
520 if (!config->redirect_mode)
521 return -ENOMEM;
Miklos Szeredid47748e2018-11-01 21:31:39 +0100522 redirect_opt = true;
Miklos Szeredia6c60652016-12-16 11:02:56 +0100523 break;
524
Amir Goldstein02bcd152017-06-21 15:28:36 +0300525 case OPT_INDEX_ON:
526 config->index = true;
527 break;
528
529 case OPT_INDEX_OFF:
530 config->index = false;
531 break;
532
Amir Goldsteinf168f102018-01-19 11:26:53 +0200533 case OPT_NFS_EXPORT_ON:
534 config->nfs_export = true;
535 break;
536
537 case OPT_NFS_EXPORT_OFF:
538 config->nfs_export = false;
539 break;
540
Amir Goldstein795939a2018-03-29 09:08:18 +0300541 case OPT_XINO_ON:
542 config->xino = OVL_XINO_ON;
543 break;
544
545 case OPT_XINO_OFF:
546 config->xino = OVL_XINO_OFF;
547 break;
548
549 case OPT_XINO_AUTO:
550 config->xino = OVL_XINO_AUTO;
551 break;
552
Vivek Goyald5791042018-05-11 11:49:27 -0400553 case OPT_METACOPY_ON:
554 config->metacopy = true;
Miklos Szeredid47748e2018-11-01 21:31:39 +0100555 metacopy_opt = true;
Vivek Goyald5791042018-05-11 11:49:27 -0400556 break;
557
558 case OPT_METACOPY_OFF:
559 config->metacopy = false;
560 break;
561
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200562 default:
lijiazi1bd0a3a2019-12-16 19:12:32 +0800563 pr_err("unrecognized mount option \"%s\" or missing value\n",
564 p);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200565 return -EINVAL;
566 }
567 }
hujianyang71cbad72015-01-15 13:20:57 +0800568
569 /* Workdir is useless in non-upper mount */
570 if (!config->upperdir && config->workdir) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800571 pr_info("option \"workdir=%s\" is useless in a non-upper mount, ignore\n",
hujianyang71cbad72015-01-15 13:20:57 +0800572 config->workdir);
573 kfree(config->workdir);
574 config->workdir = NULL;
575 }
576
Vivek Goyald5791042018-05-11 11:49:27 -0400577 err = ovl_parse_redirect_mode(config, config->redirect_mode);
578 if (err)
579 return err;
580
Miklos Szeredid47748e2018-11-01 21:31:39 +0100581 /*
582 * This is to make the logic below simpler. It doesn't make any other
583 * difference, since config->redirect_dir is only used for upper.
584 */
585 if (!config->upperdir && config->redirect_follow)
586 config->redirect_dir = true;
587
588 /* Resolve metacopy -> redirect_dir dependency */
589 if (config->metacopy && !config->redirect_dir) {
590 if (metacopy_opt && redirect_opt) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800591 pr_err("conflicting options: metacopy=on,redirect_dir=%s\n",
Miklos Szeredid47748e2018-11-01 21:31:39 +0100592 config->redirect_mode);
593 return -EINVAL;
594 }
595 if (redirect_opt) {
596 /*
597 * There was an explicit redirect_dir=... that resulted
598 * in this conflict.
599 */
lijiazi1bd0a3a2019-12-16 19:12:32 +0800600 pr_info("disabling metacopy due to redirect_dir=%s\n",
Miklos Szeredid47748e2018-11-01 21:31:39 +0100601 config->redirect_mode);
602 config->metacopy = false;
603 } else {
604 /* Automatically enable redirect otherwise. */
605 config->redirect_follow = config->redirect_dir = true;
606 }
Vivek Goyald5791042018-05-11 11:49:27 -0400607 }
608
609 return 0;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200610}
611
612#define OVL_WORKDIR_NAME "work"
Amir Goldstein02bcd152017-06-21 15:28:36 +0300613#define OVL_INDEXDIR_NAME "index"
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200614
Miklos Szerediad204482017-11-10 09:39:16 +0100615static struct dentry *ovl_workdir_create(struct ovl_fs *ofs,
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300616 const char *name, bool persist)
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200617{
Miklos Szerediad204482017-11-10 09:39:16 +0100618 struct inode *dir = ofs->workbasedir->d_inode;
619 struct vfsmount *mnt = ofs->upper_mnt;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200620 struct dentry *work;
621 int err;
622 bool retried = false;
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300623 bool locked = false;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200624
Al Viro59551022016-01-22 15:40:57 -0500625 inode_lock_nested(dir, I_MUTEX_PARENT);
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300626 locked = true;
627
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200628retry:
Miklos Szerediad204482017-11-10 09:39:16 +0100629 work = lookup_one_len(name, ofs->workbasedir, strlen(name));
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200630
631 if (!IS_ERR(work)) {
Miklos Szeredic11b9fd2016-09-01 11:11:59 +0200632 struct iattr attr = {
633 .ia_valid = ATTR_MODE,
Al Viro32a3d842016-12-04 17:33:17 +0000634 .ia_mode = S_IFDIR | 0,
Miklos Szeredic11b9fd2016-09-01 11:11:59 +0200635 };
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200636
637 if (work->d_inode) {
638 err = -EEXIST;
639 if (retried)
640 goto out_dput;
641
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300642 if (persist)
643 goto out_unlock;
644
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200645 retried = true;
Miklos Szeredieea2fb42016-09-01 11:11:59 +0200646 ovl_workdir_cleanup(dir, mnt, work, 0);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200647 dput(work);
648 goto retry;
649 }
650
Miklos Szeredi95a1c812018-05-16 17:51:25 +0300651 work = ovl_create_real(dir, work, OVL_CATTR(attr.ia_mode));
652 err = PTR_ERR(work);
653 if (IS_ERR(work))
654 goto out_err;
Miklos Szeredic11b9fd2016-09-01 11:11:59 +0200655
Miklos Szeredicb348ed2016-10-04 14:40:44 +0200656 /*
657 * Try to remove POSIX ACL xattrs from workdir. We are good if:
658 *
659 * a) success (there was a POSIX ACL xattr and was removed)
660 * b) -ENODATA (there was no POSIX ACL xattr)
661 * c) -EOPNOTSUPP (POSIX ACL xattrs are not supported)
662 *
663 * There are various other error values that could effectively
664 * mean that the xattr doesn't exist (e.g. -ERANGE is returned
665 * if the xattr name is too long), but the set of filesystems
666 * allowed as upper are limited to "normal" ones, where checking
667 * for the above two errors is sufficient.
668 */
Miklos Szeredic11b9fd2016-09-01 11:11:59 +0200669 err = vfs_removexattr(work, XATTR_NAME_POSIX_ACL_DEFAULT);
Miklos Szeredie1ff3dd2016-09-05 13:55:20 +0200670 if (err && err != -ENODATA && err != -EOPNOTSUPP)
Miklos Szeredic11b9fd2016-09-01 11:11:59 +0200671 goto out_dput;
672
673 err = vfs_removexattr(work, XATTR_NAME_POSIX_ACL_ACCESS);
Miklos Szeredie1ff3dd2016-09-05 13:55:20 +0200674 if (err && err != -ENODATA && err != -EOPNOTSUPP)
Miklos Szeredic11b9fd2016-09-01 11:11:59 +0200675 goto out_dput;
676
677 /* Clear any inherited mode bits */
678 inode_lock(work->d_inode);
679 err = notify_change(work, &attr, NULL);
680 inode_unlock(work->d_inode);
681 if (err)
682 goto out_dput;
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300683 } else {
684 err = PTR_ERR(work);
685 goto out_err;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200686 }
687out_unlock:
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300688 if (locked)
689 inode_unlock(dir);
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200690
691 return work;
692
693out_dput:
694 dput(work);
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300695out_err:
lijiazi1bd0a3a2019-12-16 19:12:32 +0800696 pr_warn("failed to create directory %s/%s (errno: %i); mounting read-only\n",
Miklos Szerediad204482017-11-10 09:39:16 +0100697 ofs->config.workdir, name, -err);
Amir Goldstein6b8aa122017-06-21 15:28:35 +0300698 work = NULL;
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200699 goto out_unlock;
700}
701
Miklos Szeredi91c77942014-11-20 16:40:00 +0100702static void ovl_unescape(char *s)
703{
704 char *d = s;
705
706 for (;; s++, d++) {
707 if (*s == '\\')
708 s++;
709 *d = *s;
710 if (!*s)
711 break;
712 }
713}
714
Miklos Szerediab508822014-12-13 00:59:49 +0100715static int ovl_mount_dir_noesc(const char *name, struct path *path)
716{
Miklos Szeredia78d9f02014-12-13 00:59:52 +0100717 int err = -EINVAL;
Miklos Szerediab508822014-12-13 00:59:49 +0100718
Miklos Szeredia78d9f02014-12-13 00:59:52 +0100719 if (!*name) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800720 pr_err("empty lowerdir\n");
Miklos Szeredia78d9f02014-12-13 00:59:52 +0100721 goto out;
722 }
Miklos Szerediab508822014-12-13 00:59:49 +0100723 err = kern_path(name, LOOKUP_FOLLOW, path);
724 if (err) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800725 pr_err("failed to resolve '%s': %i\n", name, err);
Miklos Szerediab508822014-12-13 00:59:49 +0100726 goto out;
727 }
728 err = -EINVAL;
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200729 if (ovl_dentry_weird(path->dentry)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800730 pr_err("filesystem on '%s' not supported\n", name);
Miklos Szerediab508822014-12-13 00:59:49 +0100731 goto out_put;
732 }
Miklos Szeredi2b8c30e2016-12-16 11:02:56 +0100733 if (!d_is_dir(path->dentry)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800734 pr_err("'%s' not a directory\n", name);
Miklos Szerediab508822014-12-13 00:59:49 +0100735 goto out_put;
736 }
737 return 0;
738
739out_put:
Miklos Szeredi8aafcb52017-11-09 10:23:28 +0100740 path_put_init(path);
Miklos Szerediab508822014-12-13 00:59:49 +0100741out:
742 return err;
743}
744
745static int ovl_mount_dir(const char *name, struct path *path)
746{
747 int err = -ENOMEM;
748 char *tmp = kstrdup(name, GFP_KERNEL);
749
750 if (tmp) {
751 ovl_unescape(tmp);
752 err = ovl_mount_dir_noesc(tmp, path);
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200753
754 if (!err)
755 if (ovl_dentry_remote(path->dentry)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +0800756 pr_err("filesystem on '%s' not supported as upperdir\n",
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200757 tmp);
Miklos Szeredi8aafcb52017-11-09 10:23:28 +0100758 path_put_init(path);
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200759 err = -EINVAL;
760 }
Miklos Szerediab508822014-12-13 00:59:49 +0100761 kfree(tmp);
762 }
763 return err;
764}
765
Miklos Szeredi6b2d5fe2016-12-16 11:02:56 +0100766static int ovl_check_namelen(struct path *path, struct ovl_fs *ofs,
767 const char *name)
768{
769 struct kstatfs statfs;
770 int err = vfs_statfs(path, &statfs);
771
772 if (err)
lijiazi1bd0a3a2019-12-16 19:12:32 +0800773 pr_err("statfs failed on '%s'\n", name);
Miklos Szeredi6b2d5fe2016-12-16 11:02:56 +0100774 else
775 ofs->namelen = max(ofs->namelen, statfs.f_namelen);
776
777 return err;
778}
779
780static int ovl_lower_dir(const char *name, struct path *path,
781 struct ovl_fs *ofs, int *stack_depth, bool *remote)
Miklos Szerediab508822014-12-13 00:59:49 +0100782{
Amir Goldsteine487d882017-11-07 13:55:04 +0200783 int fh_type;
Miklos Szerediab508822014-12-13 00:59:49 +0100784 int err;
Miklos Szerediab508822014-12-13 00:59:49 +0100785
Miklos Szeredia78d9f02014-12-13 00:59:52 +0100786 err = ovl_mount_dir_noesc(name, path);
Miklos Szerediab508822014-12-13 00:59:49 +0100787 if (err)
788 goto out;
789
Miklos Szeredi6b2d5fe2016-12-16 11:02:56 +0100790 err = ovl_check_namelen(path, ofs, name);
791 if (err)
Miklos Szerediab508822014-12-13 00:59:49 +0100792 goto out_put;
Miklos Szeredi6b2d5fe2016-12-16 11:02:56 +0100793
Miklos Szerediab508822014-12-13 00:59:49 +0100794 *stack_depth = max(*stack_depth, path->mnt->mnt_sb->s_stack_depth);
795
Miklos Szeredi7c03b5d2015-06-22 13:53:48 +0200796 if (ovl_dentry_remote(path->dentry))
797 *remote = true;
798
Amir Goldstein02bcd152017-06-21 15:28:36 +0300799 /*
Amir Goldsteinf168f102018-01-19 11:26:53 +0200800 * The inodes index feature and NFS export need to encode and decode
801 * file handles, so they require that all layers support them.
Amir Goldstein02bcd152017-06-21 15:28:36 +0300802 */
Amir Goldsteine487d882017-11-07 13:55:04 +0200803 fh_type = ovl_can_decode_fh(path->dentry->d_sb);
Amir Goldsteinf168f102018-01-19 11:26:53 +0200804 if ((ofs->config.nfs_export ||
Amir Goldsteine487d882017-11-07 13:55:04 +0200805 (ofs->config.index && ofs->config.upperdir)) && !fh_type) {
Amir Goldstein02bcd152017-06-21 15:28:36 +0300806 ofs->config.index = false;
Amir Goldsteinf168f102018-01-19 11:26:53 +0200807 ofs->config.nfs_export = false;
lijiazi1bd0a3a2019-12-16 19:12:32 +0800808 pr_warn("fs on '%s' does not support file handles, falling back to index=off,nfs_export=off.\n",
Amir Goldsteinf168f102018-01-19 11:26:53 +0200809 name);
Amir Goldstein02bcd152017-06-21 15:28:36 +0300810 }
811
Amir Goldsteine487d882017-11-07 13:55:04 +0200812 /* Check if lower fs has 32bit inode numbers */
813 if (fh_type != FILEID_INO32_GEN)
814 ofs->xino_bits = 0;
815
Miklos Szerediab508822014-12-13 00:59:49 +0100816 return 0;
817
818out_put:
Miklos Szeredi8aafcb52017-11-09 10:23:28 +0100819 path_put_init(path);
Miklos Szerediab508822014-12-13 00:59:49 +0100820out:
821 return err;
822}
823
Miklos Szeredie9be9d52014-10-24 00:14:38 +0200824/* Workdir should not be subdir of upperdir and vice versa */
825static bool ovl_workdir_ok(struct dentry *workdir, struct dentry *upperdir)
826{
827 bool ok = false;
828
829 if (workdir != upperdir) {
830 ok = (lock_rename(workdir, upperdir) == NULL);
831 unlock_rename(workdir, upperdir);
832 }
833 return ok;
834}
835
Miklos Szeredia78d9f02014-12-13 00:59:52 +0100836static unsigned int ovl_split_lowerdirs(char *str)
837{
838 unsigned int ctr = 1;
839 char *s, *d;
840
841 for (s = d = str;; s++, d++) {
842 if (*s == '\\') {
843 s++;
844 } else if (*s == ':') {
845 *d = '\0';
846 ctr++;
847 continue;
848 }
849 *d = *s;
850 if (!*s)
851 break;
852 }
853 return ctr;
854}
855
Andreas Gruenbacher0c97be22016-08-22 16:36:49 +0200856static int __maybe_unused
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200857ovl_posix_acl_xattr_get(const struct xattr_handler *handler,
858 struct dentry *dentry, struct inode *inode,
859 const char *name, void *buffer, size_t size)
860{
Miklos Szeredi1d88f182017-07-20 11:08:21 +0200861 return ovl_xattr_get(dentry, inode, handler->name, buffer, size);
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200862}
863
864static int __maybe_unused
Andreas Gruenbacher0c97be22016-08-22 16:36:49 +0200865ovl_posix_acl_xattr_set(const struct xattr_handler *handler,
866 struct dentry *dentry, struct inode *inode,
867 const char *name, const void *value,
868 size_t size, int flags)
Miklos Szeredid837a492016-07-29 12:05:24 +0200869{
870 struct dentry *workdir = ovl_workdir(dentry);
Miklos Szeredi09d8b582017-07-04 22:03:16 +0200871 struct inode *realinode = ovl_inode_real(inode);
Miklos Szeredid837a492016-07-29 12:05:24 +0200872 struct posix_acl *acl = NULL;
873 int err;
874
875 /* Check that everything is OK before copy-up */
876 if (value) {
877 acl = posix_acl_from_xattr(&init_user_ns, value, size);
878 if (IS_ERR(acl))
879 return PTR_ERR(acl);
880 }
881 err = -EOPNOTSUPP;
882 if (!IS_POSIXACL(d_inode(workdir)))
883 goto out_acl_release;
884 if (!realinode->i_op->set_acl)
885 goto out_acl_release;
886 if (handler->flags == ACL_TYPE_DEFAULT && !S_ISDIR(inode->i_mode)) {
887 err = acl ? -EACCES : 0;
888 goto out_acl_release;
889 }
890 err = -EPERM;
891 if (!inode_owner_or_capable(inode))
892 goto out_acl_release;
893
894 posix_acl_release(acl);
895
Miklos Szeredifd3220d2016-10-31 14:42:14 +0100896 /*
897 * Check if sgid bit needs to be cleared (actual setacl operation will
898 * be done with mounter's capabilities and so that won't do it for us).
899 */
900 if (unlikely(inode->i_mode & S_ISGID) &&
901 handler->flags == ACL_TYPE_ACCESS &&
902 !in_group_p(inode->i_gid) &&
903 !capable_wrt_inode_uidgid(inode, CAP_FSETID)) {
904 struct iattr iattr = { .ia_valid = ATTR_KILL_SGID };
905
906 err = ovl_setattr(dentry, &iattr);
907 if (err)
908 return err;
909 }
910
Miklos Szeredi1d88f182017-07-20 11:08:21 +0200911 err = ovl_xattr_set(dentry, inode, handler->name, value, size, flags);
Miklos Szeredice315132016-09-01 11:12:00 +0200912 if (!err)
Miklos Szeredi09d8b582017-07-04 22:03:16 +0200913 ovl_copyattr(ovl_inode_real(inode), inode);
Miklos Szeredice315132016-09-01 11:12:00 +0200914
915 return err;
Miklos Szeredid837a492016-07-29 12:05:24 +0200916
917out_acl_release:
918 posix_acl_release(acl);
919 return err;
920}
921
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200922static int ovl_own_xattr_get(const struct xattr_handler *handler,
923 struct dentry *dentry, struct inode *inode,
924 const char *name, void *buffer, size_t size)
925{
Amir Goldstein48fab5d2016-11-16 11:22:39 +0200926 return -EOPNOTSUPP;
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200927}
928
Miklos Szeredid837a492016-07-29 12:05:24 +0200929static int ovl_own_xattr_set(const struct xattr_handler *handler,
930 struct dentry *dentry, struct inode *inode,
931 const char *name, const void *value,
932 size_t size, int flags)
933{
Amir Goldstein48fab5d2016-11-16 11:22:39 +0200934 return -EOPNOTSUPP;
Miklos Szeredid837a492016-07-29 12:05:24 +0200935}
936
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200937static int ovl_other_xattr_get(const struct xattr_handler *handler,
938 struct dentry *dentry, struct inode *inode,
939 const char *name, void *buffer, size_t size)
940{
Miklos Szeredi1d88f182017-07-20 11:08:21 +0200941 return ovl_xattr_get(dentry, inode, name, buffer, size);
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200942}
943
Andreas Gruenbacher0e585cc2016-08-22 17:22:11 +0200944static int ovl_other_xattr_set(const struct xattr_handler *handler,
945 struct dentry *dentry, struct inode *inode,
946 const char *name, const void *value,
947 size_t size, int flags)
948{
Miklos Szeredi1d88f182017-07-20 11:08:21 +0200949 return ovl_xattr_set(dentry, inode, name, value, size, flags);
Andreas Gruenbacher0e585cc2016-08-22 17:22:11 +0200950}
951
Andreas Gruenbacher0c97be22016-08-22 16:36:49 +0200952static const struct xattr_handler __maybe_unused
953ovl_posix_acl_access_xattr_handler = {
Miklos Szeredid837a492016-07-29 12:05:24 +0200954 .name = XATTR_NAME_POSIX_ACL_ACCESS,
955 .flags = ACL_TYPE_ACCESS,
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200956 .get = ovl_posix_acl_xattr_get,
Miklos Szeredid837a492016-07-29 12:05:24 +0200957 .set = ovl_posix_acl_xattr_set,
958};
959
Andreas Gruenbacher0c97be22016-08-22 16:36:49 +0200960static const struct xattr_handler __maybe_unused
961ovl_posix_acl_default_xattr_handler = {
Miklos Szeredid837a492016-07-29 12:05:24 +0200962 .name = XATTR_NAME_POSIX_ACL_DEFAULT,
963 .flags = ACL_TYPE_DEFAULT,
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200964 .get = ovl_posix_acl_xattr_get,
Miklos Szeredid837a492016-07-29 12:05:24 +0200965 .set = ovl_posix_acl_xattr_set,
966};
967
968static const struct xattr_handler ovl_own_xattr_handler = {
969 .prefix = OVL_XATTR_PREFIX,
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200970 .get = ovl_own_xattr_get,
Miklos Szeredid837a492016-07-29 12:05:24 +0200971 .set = ovl_own_xattr_set,
972};
973
974static const struct xattr_handler ovl_other_xattr_handler = {
975 .prefix = "", /* catch all */
Andreas Gruenbacher0eb45fc2016-08-22 17:52:55 +0200976 .get = ovl_other_xattr_get,
Miklos Szeredid837a492016-07-29 12:05:24 +0200977 .set = ovl_other_xattr_set,
978};
979
980static const struct xattr_handler *ovl_xattr_handlers[] = {
Andreas Gruenbacher0c97be22016-08-22 16:36:49 +0200981#ifdef CONFIG_FS_POSIX_ACL
Miklos Szeredid837a492016-07-29 12:05:24 +0200982 &ovl_posix_acl_access_xattr_handler,
983 &ovl_posix_acl_default_xattr_handler,
Andreas Gruenbacher0c97be22016-08-22 16:36:49 +0200984#endif
Miklos Szeredid837a492016-07-29 12:05:24 +0200985 &ovl_own_xattr_handler,
986 &ovl_other_xattr_handler,
987 NULL
988};
989
Amir Goldstein146d62e2019-04-18 17:42:08 +0300990static int ovl_setup_trap(struct super_block *sb, struct dentry *dir,
991 struct inode **ptrap, const char *name)
992{
993 struct inode *trap;
994 int err;
995
996 trap = ovl_get_trap_inode(sb, dir);
Arnd Bergmann1dac6f5b2019-06-17 14:39:29 +0200997 err = PTR_ERR_OR_ZERO(trap);
998 if (err) {
Amir Goldstein146d62e2019-04-18 17:42:08 +0300999 if (err == -ELOOP)
lijiazi1bd0a3a2019-12-16 19:12:32 +08001000 pr_err("conflicting %s path\n", name);
Amir Goldstein146d62e2019-04-18 17:42:08 +03001001 return err;
1002 }
1003
1004 *ptrap = trap;
1005 return 0;
1006}
1007
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001008/*
1009 * Determine how we treat concurrent use of upperdir/workdir based on the
1010 * index feature. This is papering over mount leaks of container runtimes,
1011 * for example, an old overlay mount is leaked and now its upperdir is
1012 * attempted to be used as a lower layer in a new overlay mount.
1013 */
1014static int ovl_report_in_use(struct ovl_fs *ofs, const char *name)
1015{
1016 if (ofs->config.index) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001017 pr_err("%s is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.\n",
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001018 name);
1019 return -EBUSY;
1020 } else {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001021 pr_warn("%s is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.\n",
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001022 name);
1023 return 0;
1024 }
1025}
1026
Amir Goldstein146d62e2019-04-18 17:42:08 +03001027static int ovl_get_upper(struct super_block *sb, struct ovl_fs *ofs,
1028 struct path *upperpath)
Miklos Szeredi6ee8acf2017-11-09 10:23:28 +01001029{
Miklos Szeredi50649752017-11-10 09:39:15 +01001030 struct vfsmount *upper_mnt;
Miklos Szeredi6ee8acf2017-11-09 10:23:28 +01001031 int err;
1032
Miklos Szerediad204482017-11-10 09:39:16 +01001033 err = ovl_mount_dir(ofs->config.upperdir, upperpath);
Miklos Szeredi6ee8acf2017-11-09 10:23:28 +01001034 if (err)
1035 goto out;
1036
1037 /* Upper fs should not be r/o */
1038 if (sb_rdonly(upperpath->mnt->mnt_sb)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001039 pr_err("upper fs is r/o, try multi-lower layers mount\n");
Miklos Szeredi6ee8acf2017-11-09 10:23:28 +01001040 err = -EINVAL;
1041 goto out;
1042 }
1043
Miklos Szerediad204482017-11-10 09:39:16 +01001044 err = ovl_check_namelen(upperpath, ofs, ofs->config.upperdir);
Miklos Szeredi6ee8acf2017-11-09 10:23:28 +01001045 if (err)
1046 goto out;
1047
Amir Goldstein146d62e2019-04-18 17:42:08 +03001048 err = ovl_setup_trap(sb, upperpath->dentry, &ofs->upperdir_trap,
1049 "upperdir");
1050 if (err)
1051 goto out;
1052
Miklos Szeredi50649752017-11-10 09:39:15 +01001053 upper_mnt = clone_private_mount(upperpath);
1054 err = PTR_ERR(upper_mnt);
1055 if (IS_ERR(upper_mnt)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001056 pr_err("failed to clone upperpath\n");
Miklos Szeredi50649752017-11-10 09:39:15 +01001057 goto out;
1058 }
1059
1060 /* Don't inherit atime flags */
1061 upper_mnt->mnt_flags &= ~(MNT_NOATIME | MNT_NODIRATIME | MNT_RELATIME);
Miklos Szerediad204482017-11-10 09:39:16 +01001062 ofs->upper_mnt = upper_mnt;
Miklos Szeredi8c257412018-09-10 11:43:29 +02001063
Miklos Szeredi8c257412018-09-10 11:43:29 +02001064 if (ovl_inuse_trylock(ofs->upper_mnt->mnt_root)) {
1065 ofs->upperdir_locked = true;
Miklos Szeredi8c257412018-09-10 11:43:29 +02001066 } else {
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001067 err = ovl_report_in_use(ofs, "upperdir");
1068 if (err)
1069 goto out;
Miklos Szeredi8c257412018-09-10 11:43:29 +02001070 }
1071
Miklos Szeredi6ee8acf2017-11-09 10:23:28 +01001072 err = 0;
1073out:
1074 return err;
1075}
1076
Amir Goldstein146d62e2019-04-18 17:42:08 +03001077static int ovl_make_workdir(struct super_block *sb, struct ovl_fs *ofs,
1078 struct path *workpath)
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001079{
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001080 struct vfsmount *mnt = ofs->upper_mnt;
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001081 struct dentry *temp;
Amir Goldsteine487d882017-11-07 13:55:04 +02001082 int fh_type;
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001083 int err;
1084
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001085 err = mnt_want_write(mnt);
1086 if (err)
1087 return err;
1088
Miklos Szerediad204482017-11-10 09:39:16 +01001089 ofs->workdir = ovl_workdir_create(ofs, OVL_WORKDIR_NAME, false);
1090 if (!ofs->workdir)
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001091 goto out;
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001092
Amir Goldstein146d62e2019-04-18 17:42:08 +03001093 err = ovl_setup_trap(sb, ofs->workdir, &ofs->workdir_trap, "workdir");
1094 if (err)
1095 goto out;
1096
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001097 /*
1098 * Upper should support d_type, else whiteouts are visible. Given
1099 * workdir and upper are on same fs, we can do iterate_dir() on
1100 * workdir. This check requires successful creation of workdir in
1101 * previous step.
1102 */
1103 err = ovl_check_d_type_supported(workpath);
1104 if (err < 0)
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001105 goto out;
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001106
1107 /*
1108 * We allowed this configuration and don't want to break users over
1109 * kernel upgrade. So warn instead of erroring out.
1110 */
1111 if (!err)
lijiazi1bd0a3a2019-12-16 19:12:32 +08001112 pr_warn("upper fs needs to support d_type.\n");
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001113
1114 /* Check if upper/work fs supports O_TMPFILE */
Miklos Szerediad204482017-11-10 09:39:16 +01001115 temp = ovl_do_tmpfile(ofs->workdir, S_IFREG | 0);
1116 ofs->tmpfile = !IS_ERR(temp);
1117 if (ofs->tmpfile)
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001118 dput(temp);
1119 else
lijiazi1bd0a3a2019-12-16 19:12:32 +08001120 pr_warn("upper fs does not support tmpfile.\n");
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001121
1122 /*
1123 * Check if upper/work fs supports trusted.overlay.* xattr
1124 */
Miklos Szerediad204482017-11-10 09:39:16 +01001125 err = ovl_do_setxattr(ofs->workdir, OVL_XATTR_OPAQUE, "0", 1, 0);
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001126 if (err) {
Miklos Szerediad204482017-11-10 09:39:16 +01001127 ofs->noxattr = true;
Amir Goldsteina6837372017-09-19 12:14:18 +03001128 ofs->config.index = false;
Vivek Goyald5791042018-05-11 11:49:27 -04001129 ofs->config.metacopy = false;
lijiazi1bd0a3a2019-12-16 19:12:32 +08001130 pr_warn("upper fs does not support xattr, falling back to index=off and metacopy=off.\n");
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001131 err = 0;
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001132 } else {
Miklos Szerediad204482017-11-10 09:39:16 +01001133 vfs_removexattr(ofs->workdir, OVL_XATTR_OPAQUE);
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001134 }
1135
1136 /* Check if upper/work fs supports file handles */
Amir Goldsteine487d882017-11-07 13:55:04 +02001137 fh_type = ovl_can_decode_fh(ofs->workdir->d_sb);
1138 if (ofs->config.index && !fh_type) {
Miklos Szerediad204482017-11-10 09:39:16 +01001139 ofs->config.index = false;
lijiazi1bd0a3a2019-12-16 19:12:32 +08001140 pr_warn("upper fs does not support file handles, falling back to index=off.\n");
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001141 }
1142
Amir Goldsteine487d882017-11-07 13:55:04 +02001143 /* Check if upper fs has 32bit inode numbers */
1144 if (fh_type != FILEID_INO32_GEN)
1145 ofs->xino_bits = 0;
1146
Amir Goldsteinf168f102018-01-19 11:26:53 +02001147 /* NFS export of r/w mount depends on index */
1148 if (ofs->config.nfs_export && !ofs->config.index) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001149 pr_warn("NFS export requires \"index=on\", falling back to nfs_export=off.\n");
Amir Goldsteinf168f102018-01-19 11:26:53 +02001150 ofs->config.nfs_export = false;
1151 }
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001152out:
1153 mnt_drop_write(mnt);
1154 return err;
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001155}
1156
Amir Goldstein146d62e2019-04-18 17:42:08 +03001157static int ovl_get_workdir(struct super_block *sb, struct ovl_fs *ofs,
1158 struct path *upperpath)
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001159{
1160 int err;
Miklos Szeredibca44b52017-11-10 09:39:15 +01001161 struct path workpath = { };
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001162
Miklos Szerediad204482017-11-10 09:39:16 +01001163 err = ovl_mount_dir(ofs->config.workdir, &workpath);
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001164 if (err)
1165 goto out;
1166
1167 err = -EINVAL;
Miklos Szeredibca44b52017-11-10 09:39:15 +01001168 if (upperpath->mnt != workpath.mnt) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001169 pr_err("workdir and upperdir must reside under the same mount\n");
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001170 goto out;
1171 }
Miklos Szeredibca44b52017-11-10 09:39:15 +01001172 if (!ovl_workdir_ok(workpath.dentry, upperpath->dentry)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001173 pr_err("workdir and upperdir must be separate subtrees\n");
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001174 goto out;
1175 }
1176
Miklos Szeredi8c257412018-09-10 11:43:29 +02001177 ofs->workbasedir = dget(workpath.dentry);
1178
Miklos Szeredi8c257412018-09-10 11:43:29 +02001179 if (ovl_inuse_trylock(ofs->workbasedir)) {
Miklos Szerediad204482017-11-10 09:39:16 +01001180 ofs->workdir_locked = true;
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001181 } else {
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001182 err = ovl_report_in_use(ofs, "workdir");
1183 if (err)
1184 goto out;
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001185 }
1186
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001187 err = ovl_setup_trap(sb, ofs->workbasedir, &ofs->workbasedir_trap,
1188 "workdir");
1189 if (err)
1190 goto out;
1191
Amir Goldstein146d62e2019-04-18 17:42:08 +03001192 err = ovl_make_workdir(sb, ofs, &workpath);
Miklos Szeredibca44b52017-11-10 09:39:15 +01001193
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001194out:
Miklos Szeredibca44b52017-11-10 09:39:15 +01001195 path_put(&workpath);
1196
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001197 return err;
1198}
1199
Amir Goldstein146d62e2019-04-18 17:42:08 +03001200static int ovl_get_indexdir(struct super_block *sb, struct ovl_fs *ofs,
1201 struct ovl_entry *oe, struct path *upperpath)
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001202{
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001203 struct vfsmount *mnt = ofs->upper_mnt;
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001204 int err;
1205
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001206 err = mnt_want_write(mnt);
1207 if (err)
1208 return err;
1209
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001210 /* Verify lower root is upper root origin */
Amir Goldsteind9768072017-09-24 13:00:19 +03001211 err = ovl_verify_origin(upperpath->dentry, oe->lowerstack[0].dentry,
Amir Goldstein05122442018-01-11 08:25:32 +02001212 true);
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001213 if (err) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001214 pr_err("failed to verify upper root origin\n");
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001215 goto out;
1216 }
1217
Miklos Szerediad204482017-11-10 09:39:16 +01001218 ofs->indexdir = ovl_workdir_create(ofs, OVL_INDEXDIR_NAME, true);
1219 if (ofs->indexdir) {
Amir Goldstein146d62e2019-04-18 17:42:08 +03001220 err = ovl_setup_trap(sb, ofs->indexdir, &ofs->indexdir_trap,
1221 "indexdir");
1222 if (err)
1223 goto out;
1224
Amir Goldsteinad1d6152018-01-11 10:47:03 +02001225 /*
1226 * Verify upper root is exclusively associated with index dir.
1227 * Older kernels stored upper fh in "trusted.overlay.origin"
1228 * xattr. If that xattr exists, verify that it is a match to
1229 * upper dir file handle. In any case, verify or set xattr
1230 * "trusted.overlay.upper" to indicate that index may have
1231 * directory entries.
1232 */
1233 if (ovl_check_origin_xattr(ofs->indexdir)) {
1234 err = ovl_verify_set_fh(ofs->indexdir, OVL_XATTR_ORIGIN,
1235 upperpath->dentry, true, false);
1236 if (err)
lijiazi1bd0a3a2019-12-16 19:12:32 +08001237 pr_err("failed to verify index dir 'origin' xattr\n");
Amir Goldsteinad1d6152018-01-11 10:47:03 +02001238 }
1239 err = ovl_verify_upper(ofs->indexdir, upperpath->dentry, true);
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001240 if (err)
lijiazi1bd0a3a2019-12-16 19:12:32 +08001241 pr_err("failed to verify index dir 'upper' xattr\n");
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001242
1243 /* Cleanup bad/stale/orphan index entries */
1244 if (!err)
Amir Goldstein1eff1a12017-12-12 22:40:46 +02001245 err = ovl_indexdir_cleanup(ofs);
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001246 }
Miklos Szerediad204482017-11-10 09:39:16 +01001247 if (err || !ofs->indexdir)
lijiazi1bd0a3a2019-12-16 19:12:32 +08001248 pr_warn("try deleting index dir or mounting with '-o index=off' to disable inodes index.\n");
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001249
1250out:
Amir Goldstein2ba9d572018-01-03 18:54:41 +02001251 mnt_drop_write(mnt);
Miklos Szeredif7e3a7d2017-11-09 10:23:28 +01001252 return err;
1253}
1254
Amir Goldstein9df085f2018-09-03 09:12:09 +03001255static bool ovl_lower_uuid_ok(struct ovl_fs *ofs, const uuid_t *uuid)
Amir Goldstein51486262018-03-28 20:22:41 +03001256{
1257 unsigned int i;
Amir Goldstein9df085f2018-09-03 09:12:09 +03001258
Amir Goldstein7e63c872019-11-14 22:28:41 +02001259 if (!ofs->config.nfs_export && !ofs->upper_mnt)
Amir Goldstein9df085f2018-09-03 09:12:09 +03001260 return true;
1261
1262 for (i = 0; i < ofs->numlowerfs; i++) {
1263 /*
1264 * We use uuid to associate an overlay lower file handle with a
1265 * lower layer, so we can accept lower fs with null uuid as long
1266 * as all lower layers with null uuid are on the same fs.
Amir Goldstein7e63c872019-11-14 22:28:41 +02001267 * if we detect multiple lower fs with the same uuid, we
1268 * disable lower file handle decoding on all of them.
Amir Goldstein9df085f2018-09-03 09:12:09 +03001269 */
Amir Goldstein7e63c872019-11-14 22:28:41 +02001270 if (uuid_equal(&ofs->lower_fs[i].sb->s_uuid, uuid)) {
1271 ofs->lower_fs[i].bad_uuid = true;
Amir Goldstein9df085f2018-09-03 09:12:09 +03001272 return false;
Amir Goldstein7e63c872019-11-14 22:28:41 +02001273 }
Amir Goldstein9df085f2018-09-03 09:12:09 +03001274 }
1275 return true;
1276}
1277
1278/* Get a unique fsid for the layer */
1279static int ovl_get_fsid(struct ovl_fs *ofs, const struct path *path)
1280{
1281 struct super_block *sb = path->mnt->mnt_sb;
1282 unsigned int i;
Amir Goldstein51486262018-03-28 20:22:41 +03001283 dev_t dev;
1284 int err;
Amir Goldstein7e63c872019-11-14 22:28:41 +02001285 bool bad_uuid = false;
Amir Goldstein51486262018-03-28 20:22:41 +03001286
1287 /* fsid 0 is reserved for upper fs even with non upper overlay */
1288 if (ofs->upper_mnt && ofs->upper_mnt->mnt_sb == sb)
1289 return 0;
1290
1291 for (i = 0; i < ofs->numlowerfs; i++) {
1292 if (ofs->lower_fs[i].sb == sb)
1293 return i + 1;
1294 }
1295
Amir Goldstein9df085f2018-09-03 09:12:09 +03001296 if (!ovl_lower_uuid_ok(ofs, &sb->s_uuid)) {
Amir Goldstein7e63c872019-11-14 22:28:41 +02001297 bad_uuid = true;
1298 if (ofs->config.index || ofs->config.nfs_export) {
1299 ofs->config.index = false;
1300 ofs->config.nfs_export = false;
lijiazi1bd0a3a2019-12-16 19:12:32 +08001301 pr_warn("%s uuid detected in lower fs '%pd2', falling back to index=off,nfs_export=off.\n",
Amir Goldstein7e63c872019-11-14 22:28:41 +02001302 uuid_is_null(&sb->s_uuid) ? "null" :
1303 "conflicting",
1304 path->dentry);
1305 }
Amir Goldstein9df085f2018-09-03 09:12:09 +03001306 }
1307
Amir Goldstein51486262018-03-28 20:22:41 +03001308 err = get_anon_bdev(&dev);
1309 if (err) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001310 pr_err("failed to get anonymous bdev for lowerpath\n");
Amir Goldstein51486262018-03-28 20:22:41 +03001311 return err;
1312 }
1313
1314 ofs->lower_fs[ofs->numlowerfs].sb = sb;
1315 ofs->lower_fs[ofs->numlowerfs].pseudo_dev = dev;
Amir Goldstein7e63c872019-11-14 22:28:41 +02001316 ofs->lower_fs[ofs->numlowerfs].bad_uuid = bad_uuid;
Amir Goldstein51486262018-03-28 20:22:41 +03001317 ofs->numlowerfs++;
1318
1319 return ofs->numlowerfs;
1320}
1321
Amir Goldstein146d62e2019-04-18 17:42:08 +03001322static int ovl_get_lower_layers(struct super_block *sb, struct ovl_fs *ofs,
1323 struct path *stack, unsigned int numlower)
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001324{
1325 int err;
1326 unsigned int i;
1327
1328 err = -ENOMEM;
Miklos Szerediad204482017-11-10 09:39:16 +01001329 ofs->lower_layers = kcalloc(numlower, sizeof(struct ovl_layer),
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001330 GFP_KERNEL);
Miklos Szerediad204482017-11-10 09:39:16 +01001331 if (ofs->lower_layers == NULL)
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001332 goto out;
Amir Goldstein51486262018-03-28 20:22:41 +03001333
1334 ofs->lower_fs = kcalloc(numlower, sizeof(struct ovl_sb),
1335 GFP_KERNEL);
1336 if (ofs->lower_fs == NULL)
1337 goto out;
1338
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001339 for (i = 0; i < numlower; i++) {
1340 struct vfsmount *mnt;
Amir Goldstein146d62e2019-04-18 17:42:08 +03001341 struct inode *trap;
Amir Goldstein51486262018-03-28 20:22:41 +03001342 int fsid;
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001343
Amir Goldstein9df085f2018-09-03 09:12:09 +03001344 err = fsid = ovl_get_fsid(ofs, &stack[i]);
Amir Goldstein51486262018-03-28 20:22:41 +03001345 if (err < 0)
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001346 goto out;
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001347
Amir Goldstein146d62e2019-04-18 17:42:08 +03001348 err = ovl_setup_trap(sb, stack[i].dentry, &trap, "lowerdir");
1349 if (err)
1350 goto out;
1351
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001352 if (ovl_is_inuse(stack[i].dentry)) {
1353 err = ovl_report_in_use(ofs, "lowerdir");
1354 if (err)
1355 goto out;
1356 }
1357
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001358 mnt = clone_private_mount(&stack[i]);
1359 err = PTR_ERR(mnt);
1360 if (IS_ERR(mnt)) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001361 pr_err("failed to clone lowerpath\n");
Amir Goldstein146d62e2019-04-18 17:42:08 +03001362 iput(trap);
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001363 goto out;
1364 }
Amir Goldstein51486262018-03-28 20:22:41 +03001365
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001366 /*
1367 * Make lower layers R/O. That way fchmod/fchown on lower file
1368 * will fail instead of modifying lower fs.
1369 */
1370 mnt->mnt_flags |= MNT_READONLY | MNT_NOATIME;
1371
Amir Goldstein146d62e2019-04-18 17:42:08 +03001372 ofs->lower_layers[ofs->numlower].trap = trap;
Miklos Szerediad204482017-11-10 09:39:16 +01001373 ofs->lower_layers[ofs->numlower].mnt = mnt;
Amir Goldsteind583ed72017-11-08 19:23:36 +02001374 ofs->lower_layers[ofs->numlower].idx = i + 1;
Amir Goldstein51486262018-03-28 20:22:41 +03001375 ofs->lower_layers[ofs->numlower].fsid = fsid;
1376 if (fsid) {
1377 ofs->lower_layers[ofs->numlower].fs =
1378 &ofs->lower_fs[fsid - 1];
1379 }
Miklos Szerediad204482017-11-10 09:39:16 +01001380 ofs->numlower++;
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001381 }
Amir Goldsteine487d882017-11-07 13:55:04 +02001382
Amir Goldstein795939a2018-03-29 09:08:18 +03001383 /*
1384 * When all layers on same fs, overlay can use real inode numbers.
1385 * With mount option "xino=on", mounter declares that there are enough
1386 * free high bits in underlying fs to hold the unique fsid.
1387 * If overlayfs does encounter underlying inodes using the high xino
1388 * bits reserved for fsid, it emits a warning and uses the original
1389 * inode number.
1390 */
1391 if (!ofs->numlowerfs || (ofs->numlowerfs == 1 && !ofs->upper_mnt)) {
Amir Goldsteine487d882017-11-07 13:55:04 +02001392 ofs->xino_bits = 0;
Amir Goldstein795939a2018-03-29 09:08:18 +03001393 ofs->config.xino = OVL_XINO_OFF;
1394 } else if (ofs->config.xino == OVL_XINO_ON && !ofs->xino_bits) {
1395 /*
1396 * This is a roundup of number of bits needed for numlowerfs+1
1397 * (i.e. ilog2(numlowerfs+1 - 1) + 1). fsid 0 is reserved for
1398 * upper fs even with non upper overlay.
1399 */
1400 BUILD_BUG_ON(ilog2(OVL_MAX_STACK) > 31);
1401 ofs->xino_bits = ilog2(ofs->numlowerfs) + 1;
1402 }
1403
1404 if (ofs->xino_bits) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001405 pr_info("\"xino\" feature enabled using %d upper inode bits.\n",
Amir Goldstein795939a2018-03-29 09:08:18 +03001406 ofs->xino_bits);
1407 }
Amir Goldsteine487d882017-11-07 13:55:04 +02001408
Miklos Szeredi520d7c82017-11-10 09:39:15 +01001409 err = 0;
1410out:
1411 return err;
1412}
1413
Miklos Szeredi4155c102017-11-10 09:39:15 +01001414static struct ovl_entry *ovl_get_lowerstack(struct super_block *sb,
Miklos Szerediad204482017-11-10 09:39:16 +01001415 struct ovl_fs *ofs)
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001416{
1417 int err;
1418 char *lowertmp, *lower;
Miklos Szeredi4155c102017-11-10 09:39:15 +01001419 struct path *stack = NULL;
1420 unsigned int stacklen, numlower = 0, i;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001421 bool remote = false;
Miklos Szeredi4155c102017-11-10 09:39:15 +01001422 struct ovl_entry *oe;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001423
1424 err = -ENOMEM;
Miklos Szerediad204482017-11-10 09:39:16 +01001425 lowertmp = kstrdup(ofs->config.lowerdir, GFP_KERNEL);
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001426 if (!lowertmp)
Miklos Szeredi4155c102017-11-10 09:39:15 +01001427 goto out_err;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001428
1429 err = -EINVAL;
1430 stacklen = ovl_split_lowerdirs(lowertmp);
1431 if (stacklen > OVL_MAX_STACK) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001432 pr_err("too many lower directories, limit is %d\n",
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001433 OVL_MAX_STACK);
Miklos Szeredi4155c102017-11-10 09:39:15 +01001434 goto out_err;
Miklos Szerediad204482017-11-10 09:39:16 +01001435 } else if (!ofs->config.upperdir && stacklen == 1) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001436 pr_err("at least 2 lowerdir are needed while upperdir nonexistent\n");
Miklos Szeredi4155c102017-11-10 09:39:15 +01001437 goto out_err;
Amir Goldsteinf168f102018-01-19 11:26:53 +02001438 } else if (!ofs->config.upperdir && ofs->config.nfs_export &&
1439 ofs->config.redirect_follow) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001440 pr_warn("NFS export requires \"redirect_dir=nofollow\" on non-upper mount, falling back to nfs_export=off.\n");
Amir Goldsteinf168f102018-01-19 11:26:53 +02001441 ofs->config.nfs_export = false;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001442 }
1443
1444 err = -ENOMEM;
1445 stack = kcalloc(stacklen, sizeof(struct path), GFP_KERNEL);
1446 if (!stack)
Miklos Szeredi4155c102017-11-10 09:39:15 +01001447 goto out_err;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001448
1449 err = -EINVAL;
1450 lower = lowertmp;
1451 for (numlower = 0; numlower < stacklen; numlower++) {
Miklos Szerediad204482017-11-10 09:39:16 +01001452 err = ovl_lower_dir(lower, &stack[numlower], ofs,
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001453 &sb->s_stack_depth, &remote);
1454 if (err)
Miklos Szeredi4155c102017-11-10 09:39:15 +01001455 goto out_err;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001456
1457 lower = strchr(lower, '\0') + 1;
1458 }
1459
1460 err = -EINVAL;
1461 sb->s_stack_depth++;
1462 if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001463 pr_err("maximum fs stacking depth exceeded\n");
Miklos Szeredi4155c102017-11-10 09:39:15 +01001464 goto out_err;
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001465 }
1466
Amir Goldstein146d62e2019-04-18 17:42:08 +03001467 err = ovl_get_lower_layers(sb, ofs, stack, numlower);
Miklos Szeredi4155c102017-11-10 09:39:15 +01001468 if (err)
1469 goto out_err;
1470
1471 err = -ENOMEM;
1472 oe = ovl_alloc_entry(numlower);
1473 if (!oe)
1474 goto out_err;
1475
1476 for (i = 0; i < numlower; i++) {
1477 oe->lowerstack[i].dentry = dget(stack[i].dentry);
Miklos Szerediad204482017-11-10 09:39:16 +01001478 oe->lowerstack[i].layer = &ofs->lower_layers[i];
Miklos Szeredi4155c102017-11-10 09:39:15 +01001479 }
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001480
1481 if (remote)
1482 sb->s_d_op = &ovl_reval_dentry_operations;
1483 else
1484 sb->s_d_op = &ovl_dentry_operations;
1485
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001486out:
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001487 for (i = 0; i < numlower; i++)
1488 path_put(&stack[i]);
1489 kfree(stack);
Miklos Szeredi4155c102017-11-10 09:39:15 +01001490 kfree(lowertmp);
1491
1492 return oe;
1493
1494out_err:
1495 oe = ERR_PTR(err);
Miklos Szeredi53dbb0b2017-11-09 10:23:28 +01001496 goto out;
1497}
1498
Amir Goldstein146d62e2019-04-18 17:42:08 +03001499/*
1500 * Check if this layer root is a descendant of:
1501 * - another layer of this overlayfs instance
1502 * - upper/work dir of any overlayfs instance
Amir Goldstein146d62e2019-04-18 17:42:08 +03001503 */
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001504static int ovl_check_layer(struct super_block *sb, struct ovl_fs *ofs,
1505 struct dentry *dentry, const char *name)
Amir Goldstein146d62e2019-04-18 17:42:08 +03001506{
Miklos Szeredi9179c21d2019-06-18 15:06:16 +02001507 struct dentry *next = dentry, *parent;
Amir Goldstein146d62e2019-04-18 17:42:08 +03001508 int err = 0;
1509
Miklos Szeredi9179c21d2019-06-18 15:06:16 +02001510 if (!dentry)
Amir Goldstein146d62e2019-04-18 17:42:08 +03001511 return 0;
1512
Miklos Szeredi9179c21d2019-06-18 15:06:16 +02001513 parent = dget_parent(next);
1514
1515 /* Walk back ancestors to root (inclusive) looking for traps */
1516 while (!err && parent != next) {
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001517 if (ovl_lookup_trap_inode(sb, parent)) {
Amir Goldstein146d62e2019-04-18 17:42:08 +03001518 err = -ELOOP;
lijiazi1bd0a3a2019-12-16 19:12:32 +08001519 pr_err("overlapping %s path\n", name);
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001520 } else if (ovl_is_inuse(parent)) {
1521 err = ovl_report_in_use(ofs, name);
Amir Goldstein146d62e2019-04-18 17:42:08 +03001522 }
Amir Goldstein146d62e2019-04-18 17:42:08 +03001523 next = parent;
Miklos Szeredi9179c21d2019-06-18 15:06:16 +02001524 parent = dget_parent(next);
1525 dput(next);
Amir Goldstein146d62e2019-04-18 17:42:08 +03001526 }
1527
Miklos Szeredi9179c21d2019-06-18 15:06:16 +02001528 dput(parent);
Amir Goldstein146d62e2019-04-18 17:42:08 +03001529
1530 return err;
1531}
1532
1533/*
1534 * Check if any of the layers or work dirs overlap.
1535 */
1536static int ovl_check_overlapping_layers(struct super_block *sb,
1537 struct ovl_fs *ofs)
1538{
1539 int i, err;
1540
1541 if (ofs->upper_mnt) {
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001542 err = ovl_check_layer(sb, ofs, ofs->upper_mnt->mnt_root,
1543 "upperdir");
Amir Goldstein146d62e2019-04-18 17:42:08 +03001544 if (err)
1545 return err;
1546
1547 /*
1548 * Checking workbasedir avoids hitting ovl_is_inuse(parent) of
1549 * this instance and covers overlapping work and index dirs,
1550 * unless work or index dir have been moved since created inside
1551 * workbasedir. In that case, we already have their traps in
1552 * inode cache and we will catch that case on lookup.
1553 */
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001554 err = ovl_check_layer(sb, ofs, ofs->workbasedir, "workdir");
Amir Goldstein146d62e2019-04-18 17:42:08 +03001555 if (err)
1556 return err;
1557 }
1558
1559 for (i = 0; i < ofs->numlower; i++) {
Amir Goldstein0be0bfd2019-07-12 15:24:34 +03001560 err = ovl_check_layer(sb, ofs,
1561 ofs->lower_layers[i].mnt->mnt_root,
Amir Goldstein146d62e2019-04-18 17:42:08 +03001562 "lowerdir");
1563 if (err)
1564 return err;
1565 }
1566
1567 return 0;
1568}
1569
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001570static int ovl_fill_super(struct super_block *sb, void *data, int silent)
1571{
Kees Cook33006cd2017-03-29 14:02:19 -07001572 struct path upperpath = { };
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001573 struct dentry *root_dentry;
Miklos Szeredi4155c102017-11-10 09:39:15 +01001574 struct ovl_entry *oe;
Miklos Szerediad204482017-11-10 09:39:16 +01001575 struct ovl_fs *ofs;
Konstantin Khlebnikov51f8f3c2017-01-10 21:30:21 +03001576 struct cred *cred;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001577 int err;
1578
Erez Zadokf45827e82014-10-24 00:14:38 +02001579 err = -ENOMEM;
Miklos Szerediad204482017-11-10 09:39:16 +01001580 ofs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL);
1581 if (!ofs)
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001582 goto out;
1583
Miklos Szerediad204482017-11-10 09:39:16 +01001584 ofs->creator_cred = cred = prepare_creds();
Miklos Szeredic6fe6252017-11-10 09:39:15 +01001585 if (!cred)
1586 goto out_err;
1587
Miklos Szerediad204482017-11-10 09:39:16 +01001588 ofs->config.index = ovl_index_def;
Amir Goldsteinf168f102018-01-19 11:26:53 +02001589 ofs->config.nfs_export = ovl_nfs_export_def;
Amir Goldstein795939a2018-03-29 09:08:18 +03001590 ofs->config.xino = ovl_xino_def();
Vivek Goyald5791042018-05-11 11:49:27 -04001591 ofs->config.metacopy = ovl_metacopy_def;
Miklos Szerediad204482017-11-10 09:39:16 +01001592 err = ovl_parse_opt((char *) data, &ofs->config);
Erez Zadokf45827e82014-10-24 00:14:38 +02001593 if (err)
Miklos Szeredia9075cd2017-11-10 09:39:15 +01001594 goto out_err;
Erez Zadokf45827e82014-10-24 00:14:38 +02001595
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001596 err = -EINVAL;
Miklos Szerediad204482017-11-10 09:39:16 +01001597 if (!ofs->config.lowerdir) {
Konstantin Khlebnikov07f2af72015-06-29 20:18:56 +03001598 if (!silent)
lijiazi1bd0a3a2019-12-16 19:12:32 +08001599 pr_err("missing 'lowerdir'\n");
Miklos Szeredia9075cd2017-11-10 09:39:15 +01001600 goto out_err;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001601 }
1602
Miklos Szeredi53a08cb2014-12-13 00:59:51 +01001603 sb->s_stack_depth = 0;
Miklos Szeredicf9a6782015-12-11 16:30:49 +01001604 sb->s_maxbytes = MAX_LFS_FILESIZE;
Amir Goldsteine487d882017-11-07 13:55:04 +02001605 /* Assume underlaying fs uses 32bit inodes unless proven otherwise */
Amir Goldstein795939a2018-03-29 09:08:18 +03001606 if (ofs->config.xino != OVL_XINO_OFF)
1607 ofs->xino_bits = BITS_PER_LONG - 32;
1608
Amir Goldstein146d62e2019-04-18 17:42:08 +03001609 /* alloc/destroy_inode needed for setting up traps in inode cache */
1610 sb->s_op = &ovl_super_operations;
1611
Miklos Szerediad204482017-11-10 09:39:16 +01001612 if (ofs->config.upperdir) {
1613 if (!ofs->config.workdir) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001614 pr_err("missing 'workdir'\n");
Miklos Szeredia9075cd2017-11-10 09:39:15 +01001615 goto out_err;
Miklos Szeredi53a08cb2014-12-13 00:59:51 +01001616 }
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001617
Amir Goldstein146d62e2019-04-18 17:42:08 +03001618 err = ovl_get_upper(sb, ofs, &upperpath);
Miklos Szeredi21a3b312017-11-09 10:23:28 +01001619 if (err)
Miklos Szeredia9075cd2017-11-10 09:39:15 +01001620 goto out_err;
Miklos Szeredid719e8f2016-07-29 12:05:23 +02001621
Amir Goldstein146d62e2019-04-18 17:42:08 +03001622 err = ovl_get_workdir(sb, ofs, &upperpath);
Miklos Szeredi8ed61dc2017-11-09 10:23:28 +01001623 if (err)
Miklos Szeredia9075cd2017-11-10 09:39:15 +01001624 goto out_err;
Miklos Szeredic6fe6252017-11-10 09:39:15 +01001625
Miklos Szerediad204482017-11-10 09:39:16 +01001626 if (!ofs->workdir)
Linus Torvalds1751e8a2017-11-27 13:05:09 -08001627 sb->s_flags |= SB_RDONLY;
Miklos Szeredi6e882562017-11-10 09:39:15 +01001628
Miklos Szerediad204482017-11-10 09:39:16 +01001629 sb->s_stack_depth = ofs->upper_mnt->mnt_sb->s_stack_depth;
1630 sb->s_time_gran = ofs->upper_mnt->mnt_sb->s_time_gran;
Miklos Szeredic6fe6252017-11-10 09:39:15 +01001631
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001632 }
Miklos Szerediad204482017-11-10 09:39:16 +01001633 oe = ovl_get_lowerstack(sb, ofs);
Miklos Szeredi4155c102017-11-10 09:39:15 +01001634 err = PTR_ERR(oe);
1635 if (IS_ERR(oe))
Miklos Szeredia9075cd2017-11-10 09:39:15 +01001636 goto out_err;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001637
hujianyang71cbad72015-01-15 13:20:57 +08001638 /* If the upper fs is nonexistent, we mark overlayfs r/o too */
Miklos Szerediad204482017-11-10 09:39:16 +01001639 if (!ofs->upper_mnt)
Linus Torvalds1751e8a2017-11-27 13:05:09 -08001640 sb->s_flags |= SB_RDONLY;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001641
Miklos Szerediad204482017-11-10 09:39:16 +01001642 if (!(ovl_force_readonly(ofs)) && ofs->config.index) {
Amir Goldstein146d62e2019-04-18 17:42:08 +03001643 err = ovl_get_indexdir(sb, ofs, oe, &upperpath);
Amir Goldstein54fb3472017-06-21 15:28:38 +03001644 if (err)
Miklos Szeredi4155c102017-11-10 09:39:15 +01001645 goto out_free_oe;
Miklos Szeredi6e882562017-11-10 09:39:15 +01001646
Amir Goldstein972d0092017-09-19 12:14:18 +03001647 /* Force r/o mount with no index dir */
1648 if (!ofs->indexdir) {
1649 dput(ofs->workdir);
1650 ofs->workdir = NULL;
Linus Torvalds1751e8a2017-11-27 13:05:09 -08001651 sb->s_flags |= SB_RDONLY;
Amir Goldstein972d0092017-09-19 12:14:18 +03001652 }
1653
Amir Goldstein02bcd152017-06-21 15:28:36 +03001654 }
1655
Amir Goldstein146d62e2019-04-18 17:42:08 +03001656 err = ovl_check_overlapping_layers(sb, ofs);
1657 if (err)
1658 goto out_free_oe;
1659
Amir Goldstein972d0092017-09-19 12:14:18 +03001660 /* Show index=off in /proc/mounts for forced r/o mount */
Amir Goldsteinf168f102018-01-19 11:26:53 +02001661 if (!ofs->indexdir) {
Miklos Szerediad204482017-11-10 09:39:16 +01001662 ofs->config.index = false;
Amir Goldsteinf168f102018-01-19 11:26:53 +02001663 if (ofs->upper_mnt && ofs->config.nfs_export) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001664 pr_warn("NFS export requires an index dir, falling back to nfs_export=off.\n");
Amir Goldsteinf168f102018-01-19 11:26:53 +02001665 ofs->config.nfs_export = false;
1666 }
1667 }
Amir Goldstein02bcd152017-06-21 15:28:36 +03001668
Vivek Goyald5791042018-05-11 11:49:27 -04001669 if (ofs->config.metacopy && ofs->config.nfs_export) {
lijiazi1bd0a3a2019-12-16 19:12:32 +08001670 pr_warn("NFS export is not supported with metadata only copy up, falling back to nfs_export=off.\n");
Vivek Goyald5791042018-05-11 11:49:27 -04001671 ofs->config.nfs_export = false;
1672 }
1673
Amir Goldstein8383f172017-10-02 11:31:42 +03001674 if (ofs->config.nfs_export)
1675 sb->s_export_op = &ovl_export_operations;
1676
Konstantin Khlebnikov51f8f3c2017-01-10 21:30:21 +03001677 /* Never override disk quota limits or use reserved space */
1678 cap_lower(cred->cap_effective, CAP_SYS_RESOURCE);
1679
Vivek Goyal655042c2016-10-14 03:03:36 +02001680 sb->s_magic = OVERLAYFS_SUPER_MAGIC;
Vivek Goyal655042c2016-10-14 03:03:36 +02001681 sb->s_xattr = ovl_xattr_handlers;
Miklos Szerediad204482017-11-10 09:39:16 +01001682 sb->s_fs_info = ofs;
Miklos Szeredide2a4a52018-07-18 15:44:43 +02001683 sb->s_flags |= SB_POSIXACL;
Vivek Goyal655042c2016-10-14 03:03:36 +02001684
Miklos Szeredic6fe6252017-11-10 09:39:15 +01001685 err = -ENOMEM;
Miklos Szeredica4c8a32016-12-16 11:02:55 +01001686 root_dentry = d_make_root(ovl_new_inode(sb, S_IFDIR, 0));
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001687 if (!root_dentry)
Miklos Szeredi4155c102017-11-10 09:39:15 +01001688 goto out_free_oe;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001689
Amir Goldsteinc62520a2018-01-14 19:25:31 +02001690 root_dentry->d_fsdata = oe;
1691
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001692 mntput(upperpath.mnt);
Amir Goldsteinf3a15682017-05-24 15:29:33 +03001693 if (upperpath.dentry) {
Amir Goldsteinc62520a2018-01-14 19:25:31 +02001694 ovl_dentry_set_upper_alias(root_dentry);
Miklos Szeredi13c72072017-07-04 22:03:16 +02001695 if (ovl_is_impuredir(upperpath.dentry))
1696 ovl_set_flag(OVL_IMPURE, d_inode(root_dentry));
Amir Goldsteinf3a15682017-05-24 15:29:33 +03001697 }
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001698
Amir Goldsteinb79e05a2017-06-25 16:37:17 +03001699 /* Root is always merge -> can have whiteouts */
1700 ovl_set_flag(OVL_WHITEOUTS, d_inode(root_dentry));
Amir Goldstein2ca3c142018-01-30 13:31:09 +02001701 ovl_dentry_set_flag(OVL_E_CONNECTED, root_dentry);
Vivek Goyal0c288872018-05-11 11:49:28 -04001702 ovl_set_upperdata(d_inode(root_dentry));
Miklos Szeredi09d8b582017-07-04 22:03:16 +02001703 ovl_inode_init(d_inode(root_dentry), upperpath.dentry,
Vivek Goyal2664bd02018-05-11 11:49:30 -04001704 ovl_dentry_lower(root_dentry), NULL);
Miklos Szeredied06e062015-12-09 16:11:59 +01001705
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001706 sb->s_root = root_dentry;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001707
1708 return 0;
1709
Miklos Szeredi4155c102017-11-10 09:39:15 +01001710out_free_oe:
1711 ovl_entry_stack_free(oe);
Chandan Rajendrab9343632017-07-24 01:57:54 -05001712 kfree(oe);
Miklos Szeredi4155c102017-11-10 09:39:15 +01001713out_err:
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001714 path_put(&upperpath);
Miklos Szerediad204482017-11-10 09:39:16 +01001715 ovl_free_fs(ofs);
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001716out:
1717 return err;
1718}
1719
1720static struct dentry *ovl_mount(struct file_system_type *fs_type, int flags,
1721 const char *dev_name, void *raw_data)
1722{
1723 return mount_nodev(fs_type, flags, raw_data, ovl_fill_super);
1724}
1725
1726static struct file_system_type ovl_fs_type = {
1727 .owner = THIS_MODULE,
Miklos Szeredief94b182014-11-20 16:39:59 +01001728 .name = "overlay",
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001729 .mount = ovl_mount,
1730 .kill_sb = kill_anon_super,
1731};
Miklos Szeredief94b182014-11-20 16:39:59 +01001732MODULE_ALIAS_FS("overlay");
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001733
Amir Goldstein13cf1992017-06-12 09:54:40 +03001734static void ovl_inode_init_once(void *foo)
1735{
1736 struct ovl_inode *oi = foo;
1737
1738 inode_init_once(&oi->vfs_inode);
1739}
1740
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001741static int __init ovl_init(void)
1742{
Amir Goldstein13cf1992017-06-12 09:54:40 +03001743 int err;
1744
1745 ovl_inode_cachep = kmem_cache_create("ovl_inode",
1746 sizeof(struct ovl_inode), 0,
1747 (SLAB_RECLAIM_ACCOUNT|
1748 SLAB_MEM_SPREAD|SLAB_ACCOUNT),
1749 ovl_inode_init_once);
1750 if (ovl_inode_cachep == NULL)
1751 return -ENOMEM;
1752
1753 err = register_filesystem(&ovl_fs_type);
1754 if (err)
1755 kmem_cache_destroy(ovl_inode_cachep);
1756
1757 return err;
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001758}
1759
1760static void __exit ovl_exit(void)
1761{
1762 unregister_filesystem(&ovl_fs_type);
Amir Goldstein13cf1992017-06-12 09:54:40 +03001763
1764 /*
1765 * Make sure all delayed rcu free inodes are flushed before we
1766 * destroy cache.
1767 */
1768 rcu_barrier();
1769 kmem_cache_destroy(ovl_inode_cachep);
1770
Miklos Szeredie9be9d52014-10-24 00:14:38 +02001771}
1772
1773module_init(ovl_init);
1774module_exit(ovl_exit);