/* * * Copyright (C) 2011 Novell Inc. * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 as published by * the Free Software Foundation. */ #include #include #include #include #include #include #include #include #include "overlayfs.h" struct ovl_cache_entry { const char *name; unsigned int len; unsigned int type; u64 ino; bool is_whiteout; struct list_head l_node; struct rb_node node; }; struct ovl_readdir_data { struct dir_context ctx; bool is_merge; struct rb_root *root; struct list_head *list; struct list_head *middle; struct dentry *dir; int count; int err; }; struct ovl_dir_file { bool is_real; bool is_cached; struct list_head cursor; u64 cache_version; struct list_head cache; struct file *realfile; }; static struct ovl_cache_entry *ovl_cache_entry_from_node(struct rb_node *n) { return container_of(n, struct ovl_cache_entry, node); } static struct ovl_cache_entry *ovl_cache_entry_find(struct rb_root *root, const char *name, int len) { struct rb_node *node = root->rb_node; int cmp; while (node) { struct ovl_cache_entry *p = ovl_cache_entry_from_node(node); cmp = strncmp(name, p->name, len); if (cmp > 0) node = p->node.rb_right; else if (cmp < 0 || len < p->len) node = p->node.rb_left; else return p; } return NULL; } static struct ovl_cache_entry *ovl_cache_entry_new(const char *name, int len, u64 ino, unsigned int d_type) { struct ovl_cache_entry *p; p = kmalloc(sizeof(*p) + len + 1, GFP_KERNEL); if (p) { char *name_copy = (char *) (p + 1); memcpy(name_copy, name, len); name_copy[len] = '\0'; p->name = name_copy; p->len = len; p->type = d_type; p->ino = ino; p->is_whiteout = false; } return p; } static int ovl_cache_entry_add_rb(struct ovl_readdir_data *rdd, const char *name, int len, u64 ino, unsigned int d_type) { struct rb_node **newp = &rdd->root->rb_node; struct rb_node *parent = NULL; struct ovl_cache_entry *p; while (*newp) { int cmp; struct ovl_cache_entry *tmp; parent = *newp; tmp = ovl_cache_entry_from_node(*newp); cmp = strncmp(name, tmp->name, len); if (cmp > 0) newp = &tmp->node.rb_right; else if (cmp < 0 || len < tmp->len) newp = &tmp->node.rb_left; else return 0; } p = ovl_cache_entry_new(name, len, ino, d_type); if (p == NULL) return -ENOMEM; list_add_tail(&p->l_node, rdd->list); rb_link_node(&p->node, parent, newp); rb_insert_color(&p->node, rdd->root); return 0; } static int ovl_fill_lower(void *buf, const char *name, int namelen, loff_t offset, u64 ino, unsigned int d_type) { struct ovl_readdir_data *rdd = buf; struct ovl_cache_entry *p; rdd->count++; p = ovl_cache_entry_find(rdd->root, name, namelen); if (p) { list_move_tail(&p->l_node, rdd->middle); } else { p = ovl_cache_entry_new(name, namelen, ino, d_type); if (p == NULL) rdd->err = -ENOMEM; else list_add_tail(&p->l_node, rdd->middle); } return rdd->err; } static void ovl_cache_free(struct list_head *list) { struct ovl_cache_entry *p; struct ovl_cache_entry *n; list_for_each_entry_safe(p, n, list, l_node) kfree(p); INIT_LIST_HEAD(list); } static int ovl_fill_merge(void *buf, const char *name, int namelen, loff_t offset, u64 ino, unsigned int d_type) { struct ovl_readdir_data *rdd = buf; rdd->count++; if (!rdd->is_merge) return ovl_cache_entry_add_rb(rdd, name, namelen, ino, d_type); else return ovl_fill_lower(rdd, name, namelen, offset, ino, d_type); } static inline int ovl_dir_read(struct path *realpath, struct ovl_readdir_data *rdd) { struct file *realfile; int err; realfile = ovl_path_open(realpath, O_RDONLY | O_DIRECTORY); if (IS_ERR(realfile)) return PTR_ERR(realfile); do { rdd->count = 0; rdd->err = 0; err = iterate_dir(realfile, &rdd->ctx); if (err >= 0) err = rdd->err; } while (!err && rdd->count); fput(realfile); return 0; } static void ovl_dir_reset(struct file *file) { struct ovl_dir_file *od = file->private_data; enum ovl_path_type type = ovl_path_type(file->f_path.dentry); if (ovl_dentry_version_get(file->f_path.dentry) != od->cache_version) { list_del_init(&od->cursor); ovl_cache_free(&od->cache); od->is_cached = false; } WARN_ON(!od->is_real && type != OVL_PATH_MERGE); if (od->is_real && type == OVL_PATH_MERGE) { fput(od->realfile); od->realfile = NULL; od->is_real = false; } } static int ovl_dir_mark_whiteouts(struct ovl_readdir_data *rdd) { struct ovl_cache_entry *p; struct dentry *dentry; const struct cred *old_cred; struct cred *override_cred; override_cred = prepare_creds(); if (!override_cred) { ovl_cache_free(rdd->list); return -ENOMEM; } /* * CAP_SYS_ADMIN for getxattr * CAP_DAC_OVERRIDE for lookup */ cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); old_cred = override_creds(override_cred); mutex_lock(&rdd->dir->d_inode->i_mutex); list_for_each_entry(p, rdd->list, l_node) { if (p->type != DT_LNK) continue; dentry = lookup_one_len(p->name, rdd->dir, p->len); if (IS_ERR(dentry)) continue; p->is_whiteout = ovl_is_whiteout(dentry); dput(dentry); } mutex_unlock(&rdd->dir->d_inode->i_mutex); revert_creds(old_cred); put_cred(override_cred); return 0; } static inline int ovl_dir_read_merged(struct path *upperpath, struct path *lowerpath, struct list_head *list) { int err; struct rb_root root = RB_ROOT; struct list_head middle; struct ovl_readdir_data rdd = { .ctx.actor = ovl_fill_merge, .list = list, .root = &root, .is_merge = false, }; if (upperpath->dentry) { rdd.dir = upperpath->dentry; err = ovl_dir_read(upperpath, &rdd); if (err) goto out; err = ovl_dir_mark_whiteouts(&rdd); if (err) goto out; } /* * Insert lowerpath entries before upperpath ones, this allows * offsets to be reasonably constant */ list_add(&middle, rdd.list); rdd.middle = &middle; rdd.is_merge = true; err = ovl_dir_read(lowerpath, &rdd); list_del(&middle); out: return err; } static void ovl_seek_cursor(struct ovl_dir_file *od, loff_t pos) { struct list_head *l; loff_t off; l = od->cache.next; for (off = 0; off < pos; off++) { if (l == &od->cache) break; l = l->next; } list_move_tail(&od->cursor, l); } static int ovl_iterate(struct file *file, struct dir_context *ctx) { struct ovl_dir_file *od = file->private_data; int res; if (!ctx->pos) ovl_dir_reset(file); if (od->is_real) { res = iterate_dir(od->realfile, ctx); return res; } if (!od->is_cached) { struct path lowerpath; struct path upperpath; ovl_path_lower(file->f_path.dentry, &lowerpath); ovl_path_upper(file->f_path.dentry, &upperpath); res = ovl_dir_read_merged(&upperpath, &lowerpath, &od->cache); if (res) { ovl_cache_free(&od->cache); return res; } od->cache_version = ovl_dentry_version_get(file->f_path.dentry); od->is_cached = true; ovl_seek_cursor(od, ctx->pos); } while (od->cursor.next != &od->cache) { struct ovl_cache_entry *p; p = list_entry(od->cursor.next, struct ovl_cache_entry, l_node); if (!p->is_whiteout) { if (!dir_emit(ctx, p->name, p->len, p->ino, p->type)) break; } ctx->pos++; list_move(&od->cursor, &p->l_node); } return 0; } static loff_t ovl_dir_llseek(struct file *file, loff_t offset, int origin) { loff_t res; struct ovl_dir_file *od = file->private_data; mutex_lock(&file_inode(file)->i_mutex); if (!file->f_pos) ovl_dir_reset(file); if (od->is_real) { res = vfs_llseek(od->realfile, offset, origin); file->f_pos = od->realfile->f_pos; } else { res = -EINVAL; switch (origin) { case SEEK_CUR: offset += file->f_pos; break; case SEEK_SET: break; default: goto out_unlock; } if (offset < 0) goto out_unlock; if (offset != file->f_pos) { file->f_pos = offset; if (od->is_cached) ovl_seek_cursor(od, offset); } res = offset; } out_unlock: mutex_unlock(&file_inode(file)->i_mutex); return res; } static int ovl_dir_fsync(struct file *file, loff_t start, loff_t end, int datasync) { struct ovl_dir_file *od = file->private_data; /* May need to reopen directory if it got copied up */ if (!od->realfile) { struct path upperpath; ovl_path_upper(file->f_path.dentry, &upperpath); od->realfile = ovl_path_open(&upperpath, O_RDONLY); if (IS_ERR(od->realfile)) return PTR_ERR(od->realfile); } return vfs_fsync_range(od->realfile, start, end, datasync); } static int ovl_dir_release(struct inode *inode, struct file *file) { struct ovl_dir_file *od = file->private_data; list_del(&od->cursor); ovl_cache_free(&od->cache); if (od->realfile) fput(od->realfile); kfree(od); return 0; } static int ovl_dir_open(struct inode *inode, struct file *file) { struct path realpath; struct file *realfile; struct ovl_dir_file *od; enum ovl_path_type type; od = kzalloc(sizeof(struct ovl_dir_file), GFP_KERNEL); if (!od) return -ENOMEM; type = ovl_path_real(file->f_path.dentry, &realpath); realfile = ovl_path_open(&realpath, file->f_flags); if (IS_ERR(realfile)) { kfree(od); return PTR_ERR(realfile); } INIT_LIST_HEAD(&od->cache); INIT_LIST_HEAD(&od->cursor); od->is_cached = false; od->realfile = realfile; od->is_real = (type != OVL_PATH_MERGE); file->private_data = od; return 0; } const struct file_operations ovl_dir_operations = { .read = generic_read_dir, .open = ovl_dir_open, .iterate = ovl_iterate, .llseek = ovl_dir_llseek, .fsync = ovl_dir_fsync, .release = ovl_dir_release, }; static int ovl_check_empty_dir(struct dentry *dentry, struct list_head *list) { int err; struct path lowerpath; struct path upperpath; struct ovl_cache_entry *p; ovl_path_upper(dentry, &upperpath); ovl_path_lower(dentry, &lowerpath); err = ovl_dir_read_merged(&upperpath, &lowerpath, list); if (err) return err; err = 0; list_for_each_entry(p, list, l_node) { if (p->is_whiteout) continue; if (p->name[0] == '.') { if (p->len == 1) continue; if (p->len == 2 && p->name[1] == '.') continue; } err = -ENOTEMPTY; break; } return err; } static int ovl_remove_whiteouts(struct dentry *dir, struct list_head *list) { struct path upperpath; struct dentry *upperdir; struct ovl_cache_entry *p; const struct cred *old_cred; struct cred *override_cred; int err; ovl_path_upper(dir, &upperpath); upperdir = upperpath.dentry; override_cred = prepare_creds(); if (!override_cred) return -ENOMEM; /* * CAP_DAC_OVERRIDE for lookup and unlink * CAP_SYS_ADMIN for setxattr of "trusted" namespace * CAP_FOWNER for unlink in sticky directory */ cap_raise(override_cred->cap_effective, CAP_DAC_OVERRIDE); cap_raise(override_cred->cap_effective, CAP_SYS_ADMIN); cap_raise(override_cred->cap_effective, CAP_FOWNER); old_cred = override_creds(override_cred); err = vfs_setxattr(upperdir, ovl_opaque_xattr, "y", 1, 0); if (err) goto out_revert_creds; mutex_lock_nested(&upperdir->d_inode->i_mutex, I_MUTEX_PARENT); list_for_each_entry(p, list, l_node) { struct dentry *dentry; int ret; if (!p->is_whiteout) continue; dentry = lookup_one_len(p->name, upperdir, p->len); if (IS_ERR(dentry)) { pr_warn( "overlayfs: failed to lookup whiteout %.*s: %li\n", p->len, p->name, PTR_ERR(dentry)); continue; } ret = vfs_unlink(upperdir->d_inode, dentry, NULL); dput(dentry); if (ret) pr_warn( "overlayfs: failed to unlink whiteout %.*s: %i\n", p->len, p->name, ret); } mutex_unlock(&upperdir->d_inode->i_mutex); out_revert_creds: revert_creds(old_cred); put_cred(override_cred); return err; } int ovl_check_empty_and_clear(struct dentry *dentry, enum ovl_path_type type) { int err; LIST_HEAD(list); err = ovl_check_empty_dir(dentry, &list); if (!err && type == OVL_PATH_MERGE) err = ovl_remove_whiteouts(dentry, &list); ovl_cache_free(&list); return err; }