Gitiles
Code Review Sign In
gerrit.nordix.org / codeaurora / cp-linux / 8d8f6542b666daf5e87de156590e635c2c4da0c0 / . / fs / overlayfs / dir.c
blob: 327177df03a5ca00b1f3839034622eca3eb1aacf [file] [log] [blame]
Kyle Swenson8d8f6542021-03-15 11:02:55 -0600[diff] [blame^]1/*
2 *
3 * Copyright (C) 2011 Novell Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
8 */
9
10#include <linux/fs.h>
11#include <linux/namei.h>
12#include <linux/xattr.h>
13#include <linux/security.h>
14#include <linux/cred.h>
15#include <linux/atomic.h>
16#include "overlayfs.h"
17
18void ovl_cleanup(struct inode *wdir, struct dentry *wdentry)
19{
20 int err;
21
22 dget(wdentry);
23 if (d_is_dir(wdentry))
24 err = ovl_do_rmdir(wdir, wdentry);
25 else
26 err = ovl_do_unlink(wdir, wdentry);
27 dput(wdentry);
28
29 if (err) {
30 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
31 wdentry, err);
32 }
33}
34
35struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry)
36{
37 struct dentry *temp;
38 char name[20];
39 static atomic_t temp_id = ATOMIC_INIT(0);
40
41 /* counter is allowed to wrap, since temp dentries are ephemeral */
42 snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id));
43
44 temp = lookup_one_len(name, workdir, strlen(name));
45 if (!IS_ERR(temp) && temp->d_inode) {
46 pr_err("overlayfs: workdir/%s already exists\n", name);
47 dput(temp);
48 temp = ERR_PTR(-EIO);
49 }
50
51 return temp;
52}
53
54/* caller holds i_mutex on workdir */
55static struct dentry *ovl_whiteout(struct dentry *workdir,
56 struct dentry *dentry)
57{
58 int err;
59 struct dentry *whiteout;
60 struct inode *wdir = workdir->d_inode;
61
62 whiteout = ovl_lookup_temp(workdir, dentry);
63 if (IS_ERR(whiteout))
64 return whiteout;
65
66 err = ovl_do_whiteout(wdir, whiteout);
67 if (err) {
68 dput(whiteout);
69 whiteout = ERR_PTR(err);
70 }
71
72 return whiteout;
73}
74
75int ovl_create_real(struct inode *dir, struct dentry *newdentry,
76 struct kstat *stat, const char *link,
77 struct dentry *hardlink, bool debug)
78{
79 int err;
80
81 if (newdentry->d_inode)
82 return -ESTALE;
83
84 if (hardlink) {
85 err = ovl_do_link(hardlink, dir, newdentry, debug);
86 } else {
87 switch (stat->mode & S_IFMT) {
88 case S_IFREG:
89 err = ovl_do_create(dir, newdentry, stat->mode, debug);
90 break;
91
92 case S_IFDIR:
93 err = ovl_do_mkdir(dir, newdentry, stat->mode, debug);
94 break;
95
96 case S_IFCHR:
97 case S_IFBLK:
98 case S_IFIFO:
99 case S_IFSOCK:
100 err = ovl_do_mknod(dir, newdentry,
101 stat->mode, stat->rdev, debug);
102 break;
103
104 case S_IFLNK:
105 err = ovl_do_symlink(dir, newdentry, link, debug);
106 break;
107
108 default:
109 err = -EPERM;
110 }
111 }
112 if (!err && WARN_ON(!newdentry->d_inode)) {
113 /*
114 * Not quite sure if non-instantiated dentry is legal or not.
115 * VFS doesn't seem to care so check and warn here.
116 */
117 err = -ENOENT;
118 }
119 return err;
120}
121
122static int ovl_set_opaque(struct dentry *upperdentry)
123{
124 return ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0);
125}
126
127static void ovl_remove_opaque(struct dentry *upperdentry)
128{
129 int err;
130
131 err = ovl_do_removexattr(upperdentry, OVL_XATTR_OPAQUE);
132 if (err) {
133 pr_warn("overlayfs: failed to remove opaque from '%s' (%i)\n",
134 upperdentry->d_name.name, err);
135 }
136}
137
138static int ovl_dir_getattr(struct vfsmount *mnt, struct dentry *dentry,
139 struct kstat *stat)
140{
141 int err;
142 enum ovl_path_type type;
143 struct path realpath;
144
145 type = ovl_path_real(dentry, &realpath);
146 err = vfs_getattr(&realpath, stat);
147 if (err)
148 return err;
149
150 stat->dev = dentry->d_sb->s_dev;
151 stat->ino = dentry->d_inode->i_ino;
152
153 /*
154 * It's probably not worth it to count subdirs to get the
155 * correct link count. nlink=1 seems to pacify 'find' and
156 * other utilities.
157 */
158 if (OVL_TYPE_MERGE(type))
159 stat->nlink = 1;
160
161 return 0;
162}
163
164static int ovl_create_upper(struct dentry *dentry, struct inode *inode,
165 struct kstat *stat, const char *link,
166 struct dentry *hardlink)
167{
168 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
169 struct inode *udir = upperdir->d_inode;
170 struct dentry *newdentry;
171 int err;
172
173 mutex_lock_nested(&udir->i_mutex, I_MUTEX_PARENT);
174 newdentry = lookup_one_len(dentry->d_name.name, upperdir,
175 dentry->d_name.len);
176 err = PTR_ERR(newdentry);
177 if (IS_ERR(newdentry))
178 goto out_unlock;
179 err = ovl_create_real(udir, newdentry, stat, link, hardlink, false);
180 if (err)
181 goto out_dput;
182
183 ovl_dentry_version_inc(dentry->d_parent);
184 ovl_dentry_update(dentry, newdentry);
185 ovl_copyattr(newdentry->d_inode, inode);
186 d_instantiate(dentry, inode);
187 newdentry = NULL;
188out_dput:
189 dput(newdentry);
190out_unlock:
191 mutex_unlock(&udir->i_mutex);
192 return err;
193}
194
195static int ovl_lock_rename_workdir(struct dentry *workdir,
196 struct dentry *upperdir)
197{
198 /* Workdir should not be the same as upperdir */
199 if (workdir == upperdir)
200 goto err;
201
202 /* Workdir should not be subdir of upperdir and vice versa */
203 if (lock_rename(workdir, upperdir) != NULL)
204 goto err_unlock;
205
206 return 0;
207
208err_unlock:
209 unlock_rename(workdir, upperdir);
210err:
211 pr_err("overlayfs: failed to lock workdir+upperdir\n");
212 return -EIO;
213}
214
215static struct dentry *ovl_clear_empty(struct dentry *dentry,
216 struct list_head *list)
217{
218 struct dentry *workdir = ovl_workdir(dentry);
219 struct inode *wdir = workdir->d_inode;
220 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
221 struct inode *udir = upperdir->d_inode;
222 struct path upperpath;
223 struct dentry *upper;
224 struct dentry *opaquedir;
225 struct kstat stat;
226 int err;
227
228 if (WARN_ON(!workdir))
229 return ERR_PTR(-EROFS);
230
231 err = ovl_lock_rename_workdir(workdir, upperdir);
232 if (err)
233 goto out;
234
235 ovl_path_upper(dentry, &upperpath);
236 err = vfs_getattr(&upperpath, &stat);
237 if (err)
238 goto out_unlock;
239
240 err = -ESTALE;
241 if (!S_ISDIR(stat.mode))
242 goto out_unlock;
243 upper = upperpath.dentry;
244 if (upper->d_parent->d_inode != udir)
245 goto out_unlock;
246
247 opaquedir = ovl_lookup_temp(workdir, dentry);
248 err = PTR_ERR(opaquedir);
249 if (IS_ERR(opaquedir))
250 goto out_unlock;
251
252 err = ovl_create_real(wdir, opaquedir, &stat, NULL, NULL, true);
253 if (err)
254 goto out_dput;
255
256 err = ovl_copy_xattr(upper, opaquedir);
257 if (err)
258 goto out_cleanup;
259
260 err = ovl_set_opaque(opaquedir);
261 if (err)
262 goto out_cleanup;
263
264 mutex_lock(&opaquedir->d_inode->i_mutex);
265 err = ovl_set_attr(opaquedir, &stat);
266 mutex_unlock(&opaquedir->d_inode->i_mutex);
267 if (err)
268 goto out_cleanup;
269
270 err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE);
271 if (err)
272 goto out_cleanup;
273
274 ovl_cleanup_whiteouts(upper, list);
275 ovl_cleanup(wdir, upper);
276 unlock_rename(workdir, upperdir);
277
278 /* dentry's upper doesn't match now, get rid of it */
279 d_drop(dentry);
280
281 return opaquedir;
282
283out_cleanup:
284 ovl_cleanup(wdir, opaquedir);
285out_dput:
286 dput(opaquedir);
287out_unlock:
288 unlock_rename(workdir, upperdir);
289out:
290 return ERR_PTR(err);
291}
292
293static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry)
294{
295 int err;
296 struct dentry *ret = NULL;
297 LIST_HEAD(list);
298
299 err = ovl_check_empty_dir(dentry, &list);
300 if (err)
301 ret = ERR_PTR(err);
302 else {
303 /*
304 * If no upperdentry then skip clearing whiteouts.
305 *
306 * Can race with copy-up, since we don't hold the upperdir
307 * mutex. Doesn't matter, since copy-up can't create a
308 * non-empty directory from an empty one.
309 */
310 if (ovl_dentry_upper(dentry))
311 ret = ovl_clear_empty(dentry, &list);
312 }
313
314 ovl_cache_free(&list);
315
316 return ret;
317}
318
319static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode,
320 struct kstat *stat, const char *link,
321 struct dentry *hardlink)
322{
323 struct dentry *workdir = ovl_workdir(dentry);
324 struct inode *wdir = workdir->d_inode;
325 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
326 struct inode *udir = upperdir->d_inode;
327 struct dentry *upper;
328 struct dentry *newdentry;
329 int err;
330
331 if (WARN_ON(!workdir))
332 return -EROFS;
333
334 err = ovl_lock_rename_workdir(workdir, upperdir);
335 if (err)
336 goto out;
337
338 newdentry = ovl_lookup_temp(workdir, dentry);
339 err = PTR_ERR(newdentry);
340 if (IS_ERR(newdentry))
341 goto out_unlock;
342
343 upper = lookup_one_len(dentry->d_name.name, upperdir,
344 dentry->d_name.len);
345 err = PTR_ERR(upper);
346 if (IS_ERR(upper))
347 goto out_dput;
348
349 err = ovl_create_real(wdir, newdentry, stat, link, hardlink, true);
350 if (err)
351 goto out_dput2;
352
353 if (S_ISDIR(stat->mode)) {
354 err = ovl_set_opaque(newdentry);
355 if (err)
356 goto out_cleanup;
357
358 err = ovl_do_rename(wdir, newdentry, udir, upper,
359 RENAME_EXCHANGE);
360 if (err)
361 goto out_cleanup;
362
363 ovl_cleanup(wdir, upper);
364 } else {
365 err = ovl_do_rename(wdir, newdentry, udir, upper, 0);
366 if (err)
367 goto out_cleanup;
368 }
369 ovl_dentry_version_inc(dentry->d_parent);
370 ovl_dentry_update(dentry, newdentry);
371 ovl_copyattr(newdentry->d_inode, inode);
372 d_instantiate(dentry, inode);
373 newdentry = NULL;
374out_dput2:
375 dput(upper);
376out_dput:
377 dput(newdentry);
378out_unlock:
379 unlock_rename(workdir, upperdir);
380out:
381 return err;
382
383out_cleanup:
384 ovl_cleanup(wdir, newdentry);
385 goto out_dput2;
386}
387
388static int ovl_create_or_link(struct dentry *dentry, int mode, dev_t rdev,
389 const char *link, struct dentry *hardlink)
390{
391 int err;
392 struct inode *inode;
393 struct kstat stat = {
394 .mode = mode,
395 .rdev = rdev,
396 };
397
398 err = -ENOMEM;
399 inode = ovl_new_inode(dentry->d_sb, mode, dentry->d_fsdata);
400 if (!inode)
401 goto out;
402
403 err = ovl_copy_up(dentry->d_parent);
404 if (err)
405 goto out_iput;
406
407 if (!ovl_dentry_is_opaque(dentry)) {
408 err = ovl_create_upper(dentry, inode, &stat, link, hardlink);
409 } else {
410 const struct cred *old_cred;
411 struct cred *override_cred;
412
413 err = -ENOMEM;
414 override_cred = prepare_creds();
415 if (!override_cred)
416 goto out_iput;
417
418 /*
419 * CAP_SYS_ADMIN for setting opaque xattr
420 * CAP_DAC_OVERRIDE for create in workdir, rename
421 * CAP_FOWNER for removing whiteout from sticky dir
422 */
423 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
424 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
425 cap_raise(override_cred->cap_effective, CAP_FOWNER);
426 old_cred = override_creds(override_cred);
427
428 err = ovl_create_over_whiteout(dentry, inode, &stat, link,
429 hardlink);
430
431 revert_creds(old_cred);
432 put_cred(override_cred);
433 }
434
435 if (!err)
436 inode = NULL;
437out_iput:
438 iput(inode);
439out:
440 return err;
441}
442
443static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
444 const char *link)
445{
446 int err;
447
448 err = ovl_want_write(dentry);
449 if (!err) {
450 err = ovl_create_or_link(dentry, mode, rdev, link, NULL);
451 ovl_drop_write(dentry);
452 }
453
454 return err;
455}
456
457static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode,
458 bool excl)
459{
460 return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
461}
462
463static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
464{
465 return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
466}
467
468static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode,
469 dev_t rdev)
470{
471 /* Don't allow creation of "whiteout" on overlay */
472 if (S_ISCHR(mode) && rdev == WHITEOUT_DEV)
473 return -EPERM;
474
475 return ovl_create_object(dentry, mode, rdev, NULL);
476}
477
478static int ovl_symlink(struct inode *dir, struct dentry *dentry,
479 const char *link)
480{
481 return ovl_create_object(dentry, S_IFLNK, 0, link);
482}
483
484static int ovl_link(struct dentry *old, struct inode *newdir,
485 struct dentry *new)
486{
487 int err;
488 struct dentry *upper;
489
490 err = ovl_want_write(old);
491 if (err)
492 goto out;
493
494 err = ovl_copy_up(old);
495 if (err)
496 goto out_drop_write;
497
498 upper = ovl_dentry_upper(old);
499 err = ovl_create_or_link(new, upper->d_inode->i_mode, 0, NULL, upper);
500
501out_drop_write:
502 ovl_drop_write(old);
503out:
504 return err;
505}
506
507static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir)
508{
509 struct dentry *workdir = ovl_workdir(dentry);
510 struct inode *wdir = workdir->d_inode;
511 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
512 struct inode *udir = upperdir->d_inode;
513 struct dentry *whiteout;
514 struct dentry *upper;
515 struct dentry *opaquedir = NULL;
516 int err;
517 int flags = 0;
518
519 if (WARN_ON(!workdir))
520 return -EROFS;
521
522 if (is_dir) {
523 if (OVL_TYPE_MERGE_OR_LOWER(ovl_path_type(dentry))) {
524 opaquedir = ovl_check_empty_and_clear(dentry);
525 err = PTR_ERR(opaquedir);
526 if (IS_ERR(opaquedir))
527 goto out;
528 } else {
529 LIST_HEAD(list);
530
531 /*
532 * When removing an empty opaque directory, then it
533 * makes no sense to replace it with an exact replica of
534 * itself. But emptiness still needs to be checked.
535 */
536 err = ovl_check_empty_dir(dentry, &list);
537 ovl_cache_free(&list);
538 if (err)
539 goto out;
540 }
541 }
542
543 err = ovl_lock_rename_workdir(workdir, upperdir);
544 if (err)
545 goto out_dput;
546
547 upper = lookup_one_len(dentry->d_name.name, upperdir,
548 dentry->d_name.len);
549 err = PTR_ERR(upper);
550 if (IS_ERR(upper))
551 goto out_unlock;
552
553 err = -ESTALE;
554 if ((opaquedir && upper != opaquedir) ||
555 (!opaquedir && ovl_dentry_upper(dentry) &&
556 upper != ovl_dentry_upper(dentry))) {
557 goto out_dput_upper;
558 }
559
560 whiteout = ovl_whiteout(workdir, dentry);
561 err = PTR_ERR(whiteout);
562 if (IS_ERR(whiteout))
563 goto out_dput_upper;
564
565 if (d_is_dir(upper))
566 flags = RENAME_EXCHANGE;
567
568 err = ovl_do_rename(wdir, whiteout, udir, upper, flags);
569 if (err)
570 goto kill_whiteout;
571 if (flags)
572 ovl_cleanup(wdir, upper);
573
574 ovl_dentry_version_inc(dentry->d_parent);
575out_d_drop:
576 d_drop(dentry);
577 dput(whiteout);
578out_dput_upper:
579 dput(upper);
580out_unlock:
581 unlock_rename(workdir, upperdir);
582out_dput:
583 dput(opaquedir);
584out:
585 return err;
586
587kill_whiteout:
588 ovl_cleanup(wdir, whiteout);
589 goto out_d_drop;
590}
591
592static int ovl_remove_upper(struct dentry *dentry, bool is_dir)
593{
594 struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
595 struct inode *dir = upperdir->d_inode;
596 struct dentry *upper;
597 int err;
598
599 mutex_lock_nested(&dir->i_mutex, I_MUTEX_PARENT);
600 upper = lookup_one_len(dentry->d_name.name, upperdir,
601 dentry->d_name.len);
602 err = PTR_ERR(upper);
603 if (IS_ERR(upper))
604 goto out_unlock;
605
606 err = -ESTALE;
607 if (upper == ovl_dentry_upper(dentry)) {
608 if (is_dir)
609 err = vfs_rmdir(dir, upper);
610 else
611 err = vfs_unlink(dir, upper, NULL);
612 ovl_dentry_version_inc(dentry->d_parent);
613 }
614 dput(upper);
615
616 /*
617 * Keeping this dentry hashed would mean having to release
618 * upperpath/lowerpath, which could only be done if we are the
619 * sole user of this dentry. Too tricky... Just unhash for
620 * now.
621 */
622 if (!err)
623 d_drop(dentry);
624out_unlock:
625 mutex_unlock(&dir->i_mutex);
626
627 return err;
628}
629
630static inline int ovl_check_sticky(struct dentry *dentry)
631{
632 struct inode *dir = ovl_dentry_real(dentry->d_parent)->d_inode;
633 struct inode *inode = ovl_dentry_real(dentry)->d_inode;
634
635 if (check_sticky(dir, inode))
636 return -EPERM;
637
638 return 0;
639}
640
641static int ovl_do_remove(struct dentry *dentry, bool is_dir)
642{
643 enum ovl_path_type type;
644 int err;
645
646 err = ovl_check_sticky(dentry);
647 if (err)
648 goto out;
649
650 err = ovl_want_write(dentry);
651 if (err)
652 goto out;
653
654 err = ovl_copy_up(dentry->d_parent);
655 if (err)
656 goto out_drop_write;
657
658 type = ovl_path_type(dentry);
659 if (OVL_TYPE_PURE_UPPER(type)) {
660 err = ovl_remove_upper(dentry, is_dir);
661 } else {
662 const struct cred *old_cred;
663 struct cred *override_cred;
664
665 err = -ENOMEM;
666 override_cred = prepare_creds();
667 if (!override_cred)
668 goto out_drop_write;
669
670 /*
671 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
672 * CAP_DAC_OVERRIDE for create in workdir, rename
673 * CAP_FOWNER for removing whiteout from sticky dir
674 * CAP_FSETID for chmod of opaque dir
675 * CAP_CHOWN for chown of opaque dir
676 */
677 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
678 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
679 cap_raise(override_cred->cap_effective, CAP_FOWNER);
680 cap_raise(override_cred->cap_effective, CAP_FSETID);
681 cap_raise(override_cred->cap_effective, CAP_CHOWN);
682 old_cred = override_creds(override_cred);
683
684 err = ovl_remove_and_whiteout(dentry, is_dir);
685
686 revert_creds(old_cred);
687 put_cred(override_cred);
688 }
689out_drop_write:
690 ovl_drop_write(dentry);
691out:
692 return err;
693}
694
695static int ovl_unlink(struct inode *dir, struct dentry *dentry)
696{
697 return ovl_do_remove(dentry, false);
698}
699
700static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
701{
702 return ovl_do_remove(dentry, true);
703}
704
705static int ovl_rename2(struct inode *olddir, struct dentry *old,
706 struct inode *newdir, struct dentry *new,
707 unsigned int flags)
708{
709 int err;
710 enum ovl_path_type old_type;
711 enum ovl_path_type new_type;
712 struct dentry *old_upperdir;
713 struct dentry *new_upperdir;
714 struct dentry *olddentry;
715 struct dentry *newdentry;
716 struct dentry *trap;
717 bool old_opaque;
718 bool new_opaque;
719 bool new_create = false;
720 bool cleanup_whiteout = false;
721 bool overwrite = !(flags & RENAME_EXCHANGE);
722 bool is_dir = d_is_dir(old);
723 bool new_is_dir = false;
724 struct dentry *opaquedir = NULL;
725 const struct cred *old_cred = NULL;
726 struct cred *override_cred = NULL;
727
728 err = -EINVAL;
729 if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
730 goto out;
731
732 flags &= ~RENAME_NOREPLACE;
733
734 err = ovl_check_sticky(old);
735 if (err)
736 goto out;
737
738 /* Don't copy up directory trees */
739 old_type = ovl_path_type(old);
740 err = -EXDEV;
741 if (OVL_TYPE_MERGE_OR_LOWER(old_type) && is_dir)
742 goto out;
743
744 if (new->d_inode) {
745 err = ovl_check_sticky(new);
746 if (err)
747 goto out;
748
749 if (d_is_dir(new))
750 new_is_dir = true;
751
752 new_type = ovl_path_type(new);
753 err = -EXDEV;
754 if (!overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir)
755 goto out;
756
757 err = 0;
758 if (!OVL_TYPE_UPPER(new_type) && !OVL_TYPE_UPPER(old_type)) {
759 if (ovl_dentry_lower(old)->d_inode ==
760 ovl_dentry_lower(new)->d_inode)
761 goto out;
762 }
763 if (OVL_TYPE_UPPER(new_type) && OVL_TYPE_UPPER(old_type)) {
764 if (ovl_dentry_upper(old)->d_inode ==
765 ovl_dentry_upper(new)->d_inode)
766 goto out;
767 }
768 } else {
769 if (ovl_dentry_is_opaque(new))
770 new_type = __OVL_PATH_UPPER;
771 else
772 new_type = __OVL_PATH_UPPER | __OVL_PATH_PURE;
773 }
774
775 err = ovl_want_write(old);
776 if (err)
777 goto out;
778
779 err = ovl_copy_up(old);
780 if (err)
781 goto out_drop_write;
782
783 err = ovl_copy_up(new->d_parent);
784 if (err)
785 goto out_drop_write;
786 if (!overwrite) {
787 err = ovl_copy_up(new);
788 if (err)
789 goto out_drop_write;
790 }
791
792 old_opaque = !OVL_TYPE_PURE_UPPER(old_type);
793 new_opaque = !OVL_TYPE_PURE_UPPER(new_type);
794
795 if (old_opaque || new_opaque) {
796 err = -ENOMEM;
797 override_cred = prepare_creds();
798 if (!override_cred)
799 goto out_drop_write;
800
801 /*
802 * CAP_SYS_ADMIN for setting xattr on whiteout, opaque dir
803 * CAP_DAC_OVERRIDE for create in workdir
804 * CAP_FOWNER for removing whiteout from sticky dir
805 * CAP_FSETID for chmod of opaque dir
806 * CAP_CHOWN for chown of opaque dir
807 */
808 cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN);
809 cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE);
810 cap_raise(override_cred->cap_effective, CAP_FOWNER);
811 cap_raise(override_cred->cap_effective, CAP_FSETID);
812 cap_raise(override_cred->cap_effective, CAP_CHOWN);
813 old_cred = override_creds(override_cred);
814 }
815
816 if (overwrite && OVL_TYPE_MERGE_OR_LOWER(new_type) && new_is_dir) {
817 opaquedir = ovl_check_empty_and_clear(new);
818 err = PTR_ERR(opaquedir);
819 if (IS_ERR(opaquedir)) {
820 opaquedir = NULL;
821 goto out_revert_creds;
822 }
823 }
824
825 if (overwrite) {
826 if (old_opaque) {
827 if (new->d_inode || !new_opaque) {
828 /* Whiteout source */
829 flags |= RENAME_WHITEOUT;
830 } else {
831 /* Switch whiteouts */
832 flags |= RENAME_EXCHANGE;
833 }
834 } else if (is_dir && !new->d_inode && new_opaque) {
835 flags |= RENAME_EXCHANGE;
836 cleanup_whiteout = true;
837 }
838 }
839
840 old_upperdir = ovl_dentry_upper(old->d_parent);
841 new_upperdir = ovl_dentry_upper(new->d_parent);
842
843 trap = lock_rename(new_upperdir, old_upperdir);
844
845
846 olddentry = lookup_one_len(old->d_name.name, old_upperdir,
847 old->d_name.len);
848 err = PTR_ERR(olddentry);
849 if (IS_ERR(olddentry))
850 goto out_unlock;
851
852 err = -ESTALE;
853 if (olddentry != ovl_dentry_upper(old))
854 goto out_dput_old;
855
856 newdentry = lookup_one_len(new->d_name.name, new_upperdir,
857 new->d_name.len);
858 err = PTR_ERR(newdentry);
859 if (IS_ERR(newdentry))
860 goto out_dput_old;
861
862 err = -ESTALE;
863 if (ovl_dentry_upper(new)) {
864 if (opaquedir) {
865 if (newdentry != opaquedir)
866 goto out_dput;
867 } else {
868 if (newdentry != ovl_dentry_upper(new))
869 goto out_dput;
870 }
871 } else {
872 new_create = true;
873 if (!d_is_negative(newdentry) &&
874 (!new_opaque || !ovl_is_whiteout(newdentry)))
875 goto out_dput;
876 }
877
878 if (olddentry == trap)
879 goto out_dput;
880 if (newdentry == trap)
881 goto out_dput;
882
883 if (is_dir && !old_opaque && new_opaque) {
884 err = ovl_set_opaque(olddentry);
885 if (err)
886 goto out_dput;
887 }
888 if (!overwrite && new_is_dir && old_opaque && !new_opaque) {
889 err = ovl_set_opaque(newdentry);
890 if (err)
891 goto out_dput;
892 }
893
894 if (old_opaque || new_opaque) {
895 err = ovl_do_rename(old_upperdir->d_inode, olddentry,
896 new_upperdir->d_inode, newdentry,
897 flags);
898 } else {
899 /* No debug for the plain case */
900 BUG_ON(flags & ~RENAME_EXCHANGE);
901 err = vfs_rename(old_upperdir->d_inode, olddentry,
902 new_upperdir->d_inode, newdentry,
903 NULL, flags);
904 }
905
906 if (err) {
907 if (is_dir && !old_opaque && new_opaque)
908 ovl_remove_opaque(olddentry);
909 if (!overwrite && new_is_dir && old_opaque && !new_opaque)
910 ovl_remove_opaque(newdentry);
911 goto out_dput;
912 }
913
914 if (is_dir && old_opaque && !new_opaque)
915 ovl_remove_opaque(olddentry);
916 if (!overwrite && new_is_dir && !old_opaque && new_opaque)
917 ovl_remove_opaque(newdentry);
918
919 /*
920 * Old dentry now lives in different location. Dentries in
921 * lowerstack are stale. We cannot drop them here because
922 * access to them is lockless. This could be only pure upper
923 * or opaque directory - numlower is zero. Or upper non-dir
924 * entry - its pureness is tracked by flag opaque.
925 */
926 if (old_opaque != new_opaque) {
927 ovl_dentry_set_opaque(old, new_opaque);
928 if (!overwrite)
929 ovl_dentry_set_opaque(new, old_opaque);
930 }
931
932 if (cleanup_whiteout)
933 ovl_cleanup(old_upperdir->d_inode, newdentry);
934
935 ovl_dentry_version_inc(old->d_parent);
936 ovl_dentry_version_inc(new->d_parent);
937
938out_dput:
939 dput(newdentry);
940out_dput_old:
941 dput(olddentry);
942out_unlock:
943 unlock_rename(new_upperdir, old_upperdir);
944out_revert_creds:
945 if (old_opaque || new_opaque) {
946 revert_creds(old_cred);
947 put_cred(override_cred);
948 }
949out_drop_write:
950 ovl_drop_write(old);
951out:
952 dput(opaquedir);
953 return err;
954}
955
956const struct inode_operations ovl_dir_inode_operations = {
957 .lookup = ovl_lookup,
958 .mkdir = ovl_mkdir,
959 .symlink = ovl_symlink,
960 .unlink = ovl_unlink,
961 .rmdir = ovl_rmdir,
962 .rename2 = ovl_rename2,
963 .link = ovl_link,
964 .setattr = ovl_setattr,
965 .create = ovl_create,
966 .mknod = ovl_mknod,
967 .permission = ovl_permission,
968 .getattr = ovl_dir_getattr,
969 .setxattr = ovl_setxattr,
970 .getxattr = ovl_getxattr,
971 .listxattr = ovl_listxattr,
972 .removexattr = ovl_removexattr,
973};