1 /* 2 * 3 * Copyright (C) 2011 Novell Inc. 4 * 5 * This program is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 as published by 7 * the Free Software Foundation. 8 */ 9 10 #include <linux/fs.h> 11 #include <linux/namei.h> 12 #include <linux/xattr.h> 13 #include <linux/security.h> 14 #include <linux/cred.h> 15 #include "overlayfs.h" 16 17 void ovl_cleanup(struct inode *wdir, struct dentry *wdentry) 18 { 19 int err; 20 21 dget(wdentry); 22 if (d_is_dir(wdentry)) 23 err = ovl_do_rmdir(wdir, wdentry); 24 else 25 err = ovl_do_unlink(wdir, wdentry); 26 dput(wdentry); 27 28 if (err) { 29 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n", 30 wdentry, err); 31 } 32 } 33 34 struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry) 35 { 36 struct dentry *temp; 37 char name[20]; 38 39 snprintf(name, sizeof(name), "#%lx", (unsigned long) dentry); 40 41 temp = lookup_one_len(name, workdir, strlen(name)); 42 if (!IS_ERR(temp) && temp->d_inode) { 43 pr_err("overlayfs: workdir/%s already exists\n", name); 44 dput(temp); 45 temp = ERR_PTR(-EIO); 46 } 47 48 return temp; 49 } 50 51 /* caller holds i_mutex on workdir */ 52 static struct dentry *ovl_whiteout(struct dentry *workdir, 53 struct dentry *dentry) 54 { 55 int err; 56 struct dentry *whiteout; 57 struct inode *wdir = workdir->d_inode; 58 59 whiteout = ovl_lookup_temp(workdir, dentry); 60 if (IS_ERR(whiteout)) 61 return whiteout; 62 63 err = ovl_do_whiteout(wdir, whiteout); 64 if (err) { 65 dput(whiteout); 66 whiteout = ERR_PTR(err); 67 } 68 69 return whiteout; 70 } 71 72 int ovl_create_real(struct inode *dir, struct dentry *newdentry, 73 struct kstat *stat, const char *link, 74 struct dentry *hardlink, bool debug) 75 { 76 int err; 77 78 if (newdentry->d_inode) 79 return -ESTALE; 80 81 if (hardlink) { 82 err = ovl_do_link(hardlink, dir, newdentry, debug); 83 } else { 84 switch (stat->mode & S_IFMT) { 85 case S_IFREG: 86 err = ovl_do_create(dir, newdentry, stat->mode, debug); 87 break; 88 89 case S_IFDIR: 90 err = ovl_do_mkdir(dir, newdentry, stat->mode, debug); 91 break; 92 93 case S_IFCHR: 94 case S_IFBLK: 95 case S_IFIFO: 96 case S_IFSOCK: 97 err = ovl_do_mknod(dir, newdentry, 98 stat->mode, stat->rdev, debug); 99 break; 100 101 case S_IFLNK: 102 err = ovl_do_symlink(dir, newdentry, link, debug); 103 break; 104 105 default: 106 err = -EPERM; 107 } 108 } 109 if (!err && WARN_ON(!newdentry->d_inode)) { 110 /* 111 * Not quite sure if non-instantiated dentry is legal or not. 112 * VFS doesn't seem to care so check and warn here. 113 */ 114 err = -ENOENT; 115 } 116 return err; 117 } 118 119 static int ovl_set_opaque(struct dentry *upperdentry) 120 { 121 return ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0); 122 } 123 124 static void ovl_remove_opaque(struct dentry *upperdentry) 125 { 126 int err; 127 128 err = ovl_do_removexattr(upperdentry, OVL_XATTR_OPAQUE); 129 if (err) { 130 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n", 131 upperdentry->d_name.name, err); 132 } 133 } 134 135 static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry, 136 struct kstat *stat) 137 { 138 int err; 139 enum ovl_path_type type; 140 struct path realpath; 141 142 type = ovl_path_real(dentry, &realpath); 143 err = vfs_getattr(&realpath, stat); 144 if (err) 145 return err; 146 147 stat->dev = dentry->d_sb->s_dev; 148 stat->ino = dentry->d_inode->i_ino; 149 150 /* 151 * It's probably not worth it to count subdirs to get the 152 * correct link count. nlink=1 seems to pacify 'find' and 153 * other utilities. 154 */ 155 if (OVL_TYPE_MERGE(type)) 156 stat->nlink = 1; 157 158 return 0; 159 } 160 161 static int ovl_create_upper(struct dentry *dentry, struct inode *inode, 162 struct kstat *stat, const char *link, 163 struct dentry *hardlink) 164 { 165 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 166 struct inode *udir = upperdir->d_inode; 167 struct dentry *newdentry; 168 int err; 169 170 mutex_lock_nested(&udir->i_mutex, I_MUTEX_PARENT); 171 newdentry = lookup_one_len(dentry->d_name.name, upperdir, 172 dentry->d_name.len); 173 err = PTR_ERR(newdentry); 174 if (IS_ERR(newdentry)) 175 goto out_unlock; 176 err = ovl_create_real(udir, newdentry, stat, link, hardlink, false); 177 if (err) 178 goto out_dput; 179 180 ovl_dentry_version_inc(dentry->d_parent); 181 ovl_dentry_update(dentry, newdentry); 182 ovl_copyattr(newdentry->d_inode, inode); 183 d_instantiate(dentry, inode); 184 newdentry = NULL; 185 out_dput: 186 dput(newdentry); 187 out_unlock: 188 mutex_unlock(&udir->i_mutex); 189 return err; 190 } 191 192 static int ovl_lock_rename_workdir(struct dentry *workdir, 193 struct dentry *upperdir) 194 { 195 /* Workdir should not be the same as upperdir */ 196 if (workdir == upperdir) 197 goto err; 198 199 /* Workdir should not be subdir of upperdir and vice versa */ 200 if (lock_rename(workdir, upperdir) != NULL) 201 goto err_unlock; 202 203 return 0; 204 205 err_unlock: 206 unlock_rename(workdir, upperdir); 207 err: 208 pr_err("overlayfs: failed to lock workdir+upperdir\n"); 209 return -EIO; 210 } 211 212 static struct dentry *ovl_clear_empty(struct dentry *dentry, 213 struct list_head *list) 214 { 215 struct dentry *workdir = ovl_workdir(dentry); 216 struct inode *wdir = workdir->d_inode; 217 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 218 struct inode *udir = upperdir->d_inode; 219 struct path upperpath; 220 struct dentry *upper; 221 struct dentry *opaquedir; 222 struct kstat stat; 223 int err; 224 225 if (WARN_ON(!workdir)) 226 return ERR_PTR(-EROFS); 227 228 err = ovl_lock_rename_workdir(workdir, upperdir); 229 if (err) 230 goto out; 231 232 ovl_path_upper(dentry, &upperpath); 233 err = vfs_getattr(&upperpath, &stat); 234 if (err) 235 goto out_unlock; 236 237 err = -ESTALE; 238 if (!S_ISDIR(stat.mode)) 239 goto out_unlock; 240 upper = upperpath.dentry; 241 if (upper->d_parent->d_inode != udir) 242 goto out_unlock; 243 244 opaquedir = ovl_lookup_temp(workdir, dentry); 245 err = PTR_ERR(opaquedir); 246 if (IS_ERR(opaquedir)) 247 goto out_unlock; 248 249 err = ovl_create_real(wdir, opaquedir, &stat, NULL, NULL, true); 250 if (err) 251 goto out_dput; 252 253 err = ovl_copy_xattr(upper, opaquedir); 254 if (err) 255 goto out_cleanup; 256 257 err = ovl_set_opaque(opaquedir); 258 if (err) 259 goto out_cleanup; 260 261 mutex_lock(&opaquedir->d_inode->i_mutex); 262 err = ovl_set_attr(opaquedir, &stat); 263 mutex_unlock(&opaquedir->d_inode->i_mutex); 264 if (err) 265 goto out_cleanup; 266 267 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE); 268 if (err) 269 goto out_cleanup; 270 271 ovl_cleanup_whiteouts(upper, list); 272 ovl_cleanup(wdir, upper); 273 unlock_rename(workdir, upperdir); 274 275 /* dentry's upper doesn't match now, get rid of it */ 276 d_drop(dentry); 277 278 return opaquedir; 279 280 out_cleanup: 281 ovl_cleanup(wdir, opaquedir); 282 out_dput: 283 dput(opaquedir); 284 out_unlock: 285 unlock_rename(workdir, upperdir); 286 out: 287 return ERR_PTR(err); 288 } 289 290 static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry) 291 { 292 int err; 293 struct dentry *ret = NULL; 294 LIST_HEAD(list); 295 296 err = ovl_check_empty_dir(dentry, &list); 297 if (err) 298 ret = ERR_PTR(err); 299 else { 300 /* 301 * If no upperdentry then skip clearing whiteouts. 302 * 303 * Can race with copy-up, since we don't hold the upperdir 304 * mutex. Doesn't matter, since copy-up can't create a 305 * non-empty directory from an empty one. 306 */ 307 if (ovl_dentry_upper(dentry)) 308 ret = ovl_clear_empty(dentry, &list); 309 } 310 311 ovl_cache_free(&list); 312 313 return ret; 314 } 315 316 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode, 317 struct kstat *stat, const char *link, 318 struct dentry *hardlink) 319 { 320 struct dentry *workdir = ovl_workdir(dentry); 321 struct inode *wdir = workdir->d_inode; 322 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 323 struct inode *udir = upperdir->d_inode; 324 struct dentry *upper; 325 struct dentry *newdentry; 326 int err; 327 328 if (WARN_ON(!workdir)) 329 return -EROFS; 330 331 err = ovl_lock_rename_workdir(workdir, upperdir); 332 if (err) 333 goto out; 334 335 newdentry = ovl_lookup_temp(workdir, dentry); 336 err = PTR_ERR(newdentry); 337 if (IS_ERR(newdentry)) 338 goto out_unlock; 339 340 upper = lookup_one_len(dentry->d_name.name, upperdir, 341 dentry->d_name.len); 342 err = PTR_ERR(upper); 343 if (IS_ERR(upper)) 344 goto out_dput; 345 346 err = ovl_create_real(wdir, newdentry, stat, link, hardlink, true); 347 if (err) 348 goto out_dput2; 349 350 if (S_ISDIR(stat->mode)) { 351 err = ovl_set_opaque(newdentry); 352 if (err) 353 goto out_cleanup; 354 355 err = ovl_do_rename(wdir, newdentry, udir, upper, 356 RENAME_EXCHANGE); 357 if (err) 358 goto out_cleanup; 359 360 ovl_cleanup(wdir, upper); 361 } else { 362 err = ovl_do_rename(wdir, newdentry, udir, upper, 0); 363 if (err) 364 goto out_cleanup; 365 } 366 ovl_dentry_version_inc(dentry->d_parent); 367 ovl_dentry_update(dentry, newdentry); 368 ovl_copyattr(newdentry->d_inode, inode); 369 d_instantiate(dentry, inode); 370 newdentry = NULL; 371 out_dput2: 372 dput(upper); 373 out_dput: 374 dput(newdentry); 375 out_unlock: 376 unlock_rename(workdir, upperdir); 377 out: 378 return err; 379 380 out_cleanup: 381 ovl_cleanup(wdir, newdentry); 382 goto out_dput2; 383 } 384 385 static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev, 386 const char *link, struct dentry *hardlink) 387 { 388 int err; 389 struct inode *inode; 390 struct kstat stat = { 391 .mode = mode, 392 .rdev = rdev, 393 }; 394 395 err = -ENOMEM; 396 inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata); 397 if (!inode) 398 goto out; 399 400 err = ovl_copy_up(dentry->d_parent); 401 if (err) 402 goto out_iput; 403 404 if (!ovl_dentry_is_opaque(dentry)) { 405 err = ovl_create_upper(dentry, inode, &stat, link, hardlink); 406 } else { 407 const struct cred *old_cred; 408 struct cred *override_cred; 409 410 err = -ENOMEM; 411 override_cred = prepare_creds(); 412 if (!override_cred) 413 goto out_iput; 414 415 /* 416 * CAP_SYS_ADMIN for setting opaque xattr 417 * CAP_DAC_OVERRIDE for create in workdir, rename 418 * CAP_FOWNER for removing whiteout from sticky dir 419 */ 420 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 421 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 422 cap_raise(override_cred->cap_effective, CAP_FOWNER); 423 old_cred = override_creds(override_cred); 424 425 err = ovl_create_over_whiteout(dentry, inode, &stat, link, 426 hardlink); 427 428 revert_creds(old_cred); 429 put_cred(override_cred); 430 } 431 432 if (!err) 433 inode = NULL; 434 out_iput: 435 iput(inode); 436 out: 437 return err; 438 } 439 440 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev, 441 const char *link) 442 { 443 int err; 444 445 err = ovl_want_write(dentry); 446 if (!err) { 447 err = ovl_create_or_link(dentry, mode, rdev, link, NULL); 448 ovl_drop_write(dentry); 449 } 450 451 return err; 452 } 453 454 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode, 455 bool excl) 456 { 457 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL); 458 } 459 460 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) 461 { 462 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL); 463 } 464 465 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, 466 dev_t rdev) 467 { 468 /* Don't allow creation of "whiteout" on overlay */ 469 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV) 470 return -EPERM; 471 472 return ovl_create_object(dentry, mode, rdev, NULL); 473 } 474 475 static int ovl_symlink(struct inode *dir, struct dentry *dentry, 476 const char *link) 477 { 478 return ovl_create_object(dentry, S_IFLNK, 0, link); 479 } 480 481 static int ovl_link(struct dentry *old, struct inode *newdir, 482 struct dentry *new) 483 { 484 int err; 485 struct dentry *upper; 486 487 err = ovl_want_write(old); 488 if (err) 489 goto out; 490 491 err = ovl_copy_up(old); 492 if (err) 493 goto out_drop_write; 494 495 upper = ovl_dentry_upper(old); 496 err = ovl_create_or_link(new, upper->d_inode->i_mode, 0, NULL, upper); 497 498 out_drop_write: 499 ovl_drop_write(old); 500 out: 501 return err; 502 } 503 504 static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir) 505 { 506 struct dentry *workdir = ovl_workdir(dentry); 507 struct inode *wdir = workdir->d_inode; 508 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 509 struct inode *udir = upperdir->d_inode; 510 struct dentry *whiteout; 511 struct dentry *upper; 512 struct dentry *opaquedir = NULL; 513 int err; 514 515 if (WARN_ON(!workdir)) 516 return -EROFS; 517 518 if (is_dir) { 519 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry))) { 520 opaquedir = ovl_check_empty_and_clear(dentry); 521 err = PTR_ERR(opaquedir); 522 if (IS_ERR(opaquedir)) 523 goto out; 524 } else { 525 LIST_HEAD(list); 526 527 /* 528 * When removing an empty opaque directory, then it 529 * makes no sense to replace it with an exact replica of 530 * itself. But emptiness still needs to be checked. 531 */ 532 err = ovl_check_empty_dir(dentry, &list); 533 ovl_cache_free(&list); 534 if (err) 535 goto out; 536 } 537 } 538 539 err = ovl_lock_rename_workdir(workdir, upperdir); 540 if (err) 541 goto out_dput; 542 543 whiteout = ovl_whiteout(workdir, dentry); 544 err = PTR_ERR(whiteout); 545 if (IS_ERR(whiteout)) 546 goto out_unlock; 547 548 upper = ovl_dentry_upper(dentry); 549 if (!upper) { 550 upper = lookup_one_len(dentry->d_name.name, upperdir, 551 dentry->d_name.len); 552 err = PTR_ERR(upper); 553 if (IS_ERR(upper)) 554 goto kill_whiteout; 555 556 err = ovl_do_rename(wdir, whiteout, udir, upper, 0); 557 dput(upper); 558 if (err) 559 goto kill_whiteout; 560 } else { 561 int flags = 0; 562 563 if (opaquedir) 564 upper = opaquedir; 565 err = -ESTALE; 566 if (upper->d_parent != upperdir) 567 goto kill_whiteout; 568 569 if (is_dir) 570 flags |= RENAME_EXCHANGE; 571 572 err = ovl_do_rename(wdir, whiteout, udir, upper, flags); 573 if (err) 574 goto kill_whiteout; 575 576 if (is_dir) 577 ovl_cleanup(wdir, upper); 578 } 579 ovl_dentry_version_inc(dentry->d_parent); 580 out_d_drop: 581 d_drop(dentry); 582 dput(whiteout); 583 out_unlock: 584 unlock_rename(workdir, upperdir); 585 out_dput: 586 dput(opaquedir); 587 out: 588 return err; 589 590 kill_whiteout: 591 ovl_cleanup(wdir, whiteout); 592 goto out_d_drop; 593 } 594 595 static int ovl_remove_upper(struct dentry *dentry, bool is_dir) 596 { 597 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent); 598 struct inode *dir = upperdir->d_inode; 599 struct dentry *upper = ovl_dentry_upper(dentry); 600 int err; 601 602 mutex_lock_nested(&dir->i_mutex, I_MUTEX_PARENT); 603 err = -ESTALE; 604 if (upper->d_parent == upperdir) { 605 /* Don't let d_delete() think it can reset d_inode */ 606 dget(upper); 607 if (is_dir) 608 err = vfs_rmdir(dir, upper); 609 else 610 err = vfs_unlink(dir, upper, NULL); 611 dput(upper); 612 ovl_dentry_version_inc(dentry->d_parent); 613 } 614 615 /* 616 * Keeping this dentry hashed would mean having to release 617 * upperpath/lowerpath, which could only be done if we are the 618 * sole user of this dentry. Too tricky... Just unhash for 619 * now. 620 */ 621 d_drop(dentry); 622 mutex_unlock(&dir->i_mutex); 623 624 return err; 625 } 626 627 static inline int ovl_check_sticky(struct dentry *dentry) 628 { 629 struct inode *dir = ovl_dentry_real(dentry->d_parent)->d_inode; 630 struct inode *inode = ovl_dentry_real(dentry)->d_inode; 631 632 if (check_sticky(dir, inode)) 633 return -EPERM; 634 635 return 0; 636 } 637 638 static int ovl_do_remove(struct dentry *dentry, bool is_dir) 639 { 640 enum ovl_path_type type; 641 int err; 642 643 err = ovl_check_sticky(dentry); 644 if (err) 645 goto out; 646 647 err = ovl_want_write(dentry); 648 if (err) 649 goto out; 650 651 err = ovl_copy_up(dentry->d_parent); 652 if (err) 653 goto out_drop_write; 654 655 type = ovl_path_type(dentry); 656 if (OVL_TYPE_PURE_UPPER(type)) { 657 err = ovl_remove_upper(dentry, is_dir); 658 } else { 659 const struct cred *old_cred; 660 struct cred *override_cred; 661 662 err = -ENOMEM; 663 override_cred = prepare_creds(); 664 if (!override_cred) 665 goto out_drop_write; 666 667 /* 668 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir 669 * CAP_DAC_OVERRIDE for create in workdir, rename 670 * CAP_FOWNER for removing whiteout from sticky dir 671 * CAP_FSETID for chmod of opaque dir 672 * CAP_CHOWN for chown of opaque dir 673 */ 674 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 675 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 676 cap_raise(override_cred->cap_effective, CAP_FOWNER); 677 cap_raise(override_cred->cap_effective, CAP_FSETID); 678 cap_raise(override_cred->cap_effective, CAP_CHOWN); 679 old_cred = override_creds(override_cred); 680 681 err = ovl_remove_and_whiteout(dentry, is_dir); 682 683 revert_creds(old_cred); 684 put_cred(override_cred); 685 } 686 out_drop_write: 687 ovl_drop_write(dentry); 688 out: 689 return err; 690 } 691 692 static int ovl_unlink(struct inode *dir, struct dentry *dentry) 693 { 694 return ovl_do_remove(dentry, false); 695 } 696 697 static int ovl_rmdir(struct inode *dir, struct dentry *dentry) 698 { 699 return ovl_do_remove(dentry, true); 700 } 701 702 static int ovl_rename2(struct inode *olddir, struct dentry *old, 703 struct inode *newdir, struct dentry *new, 704 unsigned int flags) 705 { 706 int err; 707 enum ovl_path_type old_type; 708 enum ovl_path_type new_type; 709 struct dentry *old_upperdir; 710 struct dentry *new_upperdir; 711 struct dentry *olddentry; 712 struct dentry *newdentry; 713 struct dentry *trap; 714 bool old_opaque; 715 bool new_opaque; 716 bool new_create = false; 717 bool cleanup_whiteout = false; 718 bool overwrite = !(flags & RENAME_EXCHANGE); 719 bool is_dir = d_is_dir(old); 720 bool new_is_dir = false; 721 struct dentry *opaquedir = NULL; 722 const struct cred *old_cred = NULL; 723 struct cred *override_cred = NULL; 724 725 err = -EINVAL; 726 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE)) 727 goto out; 728 729 flags &= ~RENAME_NOREPLACE; 730 731 err = ovl_check_sticky(old); 732 if (err) 733 goto out; 734 735 /* Don't copy up directory trees */ 736 old_type = ovl_path_type(old); 737 err = -EXDEV; 738 if (OVL_TYPE_MERGE_OR_LOWER(old_type) && is_dir) 739 goto out; 740 741 if (new->d_inode) { 742 err = ovl_check_sticky(new); 743 if (err) 744 goto out; 745 746 if (d_is_dir(new)) 747 new_is_dir = true; 748 749 new_type = ovl_path_type(new); 750 err = -EXDEV; 751 if (!overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) 752 goto out; 753 754 err = 0; 755 if (!OVL_TYPE_UPPER(new_type) && !OVL_TYPE_UPPER(old_type)) { 756 if (ovl_dentry_lower(old)->d_inode == 757 ovl_dentry_lower(new)->d_inode) 758 goto out; 759 } 760 if (OVL_TYPE_UPPER(new_type) && OVL_TYPE_UPPER(old_type)) { 761 if (ovl_dentry_upper(old)->d_inode == 762 ovl_dentry_upper(new)->d_inode) 763 goto out; 764 } 765 } else { 766 if (ovl_dentry_is_opaque(new)) 767 new_type = __OVL_PATH_UPPER; 768 else 769 new_type = __OVL_PATH_UPPER | __OVL_PATH_PURE; 770 } 771 772 err = ovl_want_write(old); 773 if (err) 774 goto out; 775 776 err = ovl_copy_up(old); 777 if (err) 778 goto out_drop_write; 779 780 err = ovl_copy_up(new->d_parent); 781 if (err) 782 goto out_drop_write; 783 if (!overwrite) { 784 err = ovl_copy_up(new); 785 if (err) 786 goto out_drop_write; 787 } 788 789 old_opaque = !OVL_TYPE_PURE_UPPER(old_type); 790 new_opaque = !OVL_TYPE_PURE_UPPER(new_type); 791 792 if (old_opaque || new_opaque) { 793 err = -ENOMEM; 794 override_cred = prepare_creds(); 795 if (!override_cred) 796 goto out_drop_write; 797 798 /* 799 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir 800 * CAP_DAC_OVERRIDE for create in workdir 801 * CAP_FOWNER for removing whiteout from sticky dir 802 * CAP_FSETID for chmod of opaque dir 803 * CAP_CHOWN for chown of opaque dir 804 */ 805 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); 806 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); 807 cap_raise(override_cred->cap_effective, CAP_FOWNER); 808 cap_raise(override_cred->cap_effective, CAP_FSETID); 809 cap_raise(override_cred->cap_effective, CAP_CHOWN); 810 old_cred = override_creds(override_cred); 811 } 812 813 if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) { 814 opaquedir = ovl_check_empty_and_clear(new); 815 err = PTR_ERR(opaquedir); 816 if (IS_ERR(opaquedir)) { 817 opaquedir = NULL; 818 goto out_revert_creds; 819 } 820 } 821 822 if (overwrite) { 823 if (old_opaque) { 824 if (new->d_inode || !new_opaque) { 825 /* Whiteout source */ 826 flags |= RENAME_WHITEOUT; 827 } else { 828 /* Switch whiteouts */ 829 flags |= RENAME_EXCHANGE; 830 } 831 } else if (is_dir && !new->d_inode && new_opaque) { 832 flags |= RENAME_EXCHANGE; 833 cleanup_whiteout = true; 834 } 835 } 836 837 old_upperdir = ovl_dentry_upper(old->d_parent); 838 new_upperdir = ovl_dentry_upper(new->d_parent); 839 840 trap = lock_rename(new_upperdir, old_upperdir); 841 842 olddentry = ovl_dentry_upper(old); 843 newdentry = ovl_dentry_upper(new); 844 if (newdentry) { 845 if (opaquedir) { 846 newdentry = opaquedir; 847 opaquedir = NULL; 848 } else { 849 dget(newdentry); 850 } 851 } else { 852 new_create = true; 853 newdentry = lookup_one_len(new->d_name.name, new_upperdir, 854 new->d_name.len); 855 err = PTR_ERR(newdentry); 856 if (IS_ERR(newdentry)) 857 goto out_unlock; 858 } 859 860 err = -ESTALE; 861 if (olddentry->d_parent != old_upperdir) 862 goto out_dput; 863 if (newdentry->d_parent != new_upperdir) 864 goto out_dput; 865 if (olddentry == trap) 866 goto out_dput; 867 if (newdentry == trap) 868 goto out_dput; 869 870 if (is_dir && !old_opaque && new_opaque) { 871 err = ovl_set_opaque(olddentry); 872 if (err) 873 goto out_dput; 874 } 875 if (!overwrite && new_is_dir && old_opaque && !new_opaque) { 876 err = ovl_set_opaque(newdentry); 877 if (err) 878 goto out_dput; 879 } 880 881 if (old_opaque || new_opaque) { 882 err = ovl_do_rename(old_upperdir->d_inode, olddentry, 883 new_upperdir->d_inode, newdentry, 884 flags); 885 } else { 886 /* No debug for the plain case */ 887 BUG_ON(flags & ~RENAME_EXCHANGE); 888 err = vfs_rename(old_upperdir->d_inode, olddentry, 889 new_upperdir->d_inode, newdentry, 890 NULL, flags); 891 } 892 893 if (err) { 894 if (is_dir && !old_opaque && new_opaque) 895 ovl_remove_opaque(olddentry); 896 if (!overwrite && new_is_dir && old_opaque && !new_opaque) 897 ovl_remove_opaque(newdentry); 898 goto out_dput; 899 } 900 901 if (is_dir && old_opaque && !new_opaque) 902 ovl_remove_opaque(olddentry); 903 if (!overwrite && new_is_dir && !old_opaque && new_opaque) 904 ovl_remove_opaque(newdentry); 905 906 if (old_opaque != new_opaque) { 907 ovl_dentry_set_opaque(old, new_opaque); 908 if (!overwrite) 909 ovl_dentry_set_opaque(new, old_opaque); 910 } 911 912 if (cleanup_whiteout) 913 ovl_cleanup(old_upperdir->d_inode, newdentry); 914 915 ovl_dentry_version_inc(old->d_parent); 916 ovl_dentry_version_inc(new->d_parent); 917 918 out_dput: 919 dput(newdentry); 920 out_unlock: 921 unlock_rename(new_upperdir, old_upperdir); 922 out_revert_creds: 923 if (old_opaque || new_opaque) { 924 revert_creds(old_cred); 925 put_cred(override_cred); 926 } 927 out_drop_write: 928 ovl_drop_write(old); 929 out: 930 dput(opaquedir); 931 return err; 932 } 933 934 const struct inode_operations ovl_dir_inode_operations = { 935 .lookup = ovl_lookup, 936 .mkdir = ovl_mkdir, 937 .symlink = ovl_symlink, 938 .unlink = ovl_unlink, 939 .rmdir = ovl_rmdir, 940 .rename2 = ovl_rename2, 941 .link = ovl_link, 942 .setattr = ovl_setattr, 943 .create = ovl_create, 944 .mknod = ovl_mknod, 945 .permission = ovl_permission, 946 .getattr = ovl_dir_getattr, 947 .setxattr = ovl_setxattr, 948 .getxattr = ovl_getxattr, 949 .listxattr = ovl_listxattr, 950 .removexattr = ovl_removexattr, 951 }; 952