Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs

+1

fs/overlayfs/Kconfig

··· 1 1 config OVERLAY_FS 2 2 tristate "Overlay filesystem support" 3 + select EXPORTFS 3 4 help 4 5 An overlay filesystem combines two filesystems - an 'upper' filesystem 5 6 and a 'lower' filesystem. When a name exists in both filesystems, the

+17 -7

fs/overlayfs/copy_up.c

··· 300 300 return PTR_ERR(fh); 301 301 } 302 302 303 - err = ovl_do_setxattr(upper, OVL_XATTR_ORIGIN, fh, fh ? fh->len : 0, 0); 303 + /* 304 + * Do not fail when upper doesn't support xattrs. 305 + */ 306 + err = ovl_check_setxattr(dentry, upper, OVL_XATTR_ORIGIN, fh, 307 + fh ? fh->len : 0, 0); 304 308 kfree(fh); 305 309 306 310 return err; ··· 346 342 if (tmpfile) 347 343 temp = ovl_do_tmpfile(upperdir, stat->mode); 348 344 else 349 - temp = ovl_lookup_temp(workdir, dentry); 350 - err = PTR_ERR(temp); 351 - if (IS_ERR(temp)) 352 - goto out1; 353 - 345 + temp = ovl_lookup_temp(workdir); 354 346 err = 0; 355 - if (!tmpfile) 347 + if (IS_ERR(temp)) { 348 + err = PTR_ERR(temp); 349 + temp = NULL; 350 + } 351 + 352 + if (!err && !tmpfile) 356 353 err = ovl_create_real(wdir, temp, &cattr, NULL, true); 357 354 358 355 if (new_creds) { ··· 458 453 459 454 ovl_path_upper(parent, &parentpath); 460 455 upperdir = parentpath.dentry; 456 + 457 + /* Mark parent "impure" because it may now contain non-pure upper */ 458 + err = ovl_set_impure(parent, upperdir); 459 + if (err) 460 + return err; 461 461 462 462 err = vfs_getattr(&parentpath, &pstat, 463 463 STATX_ATIME | STATX_MTIME, AT_STATX_SYNC_AS_STAT);

+47 -14

fs/overlayfs/dir.c

··· 41 41 } 42 42 } 43 43 44 - struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry) 44 + struct dentry *ovl_lookup_temp(struct dentry *workdir) 45 45 { 46 46 struct dentry *temp; 47 47 char name[20]; ··· 68 68 struct dentry *whiteout; 69 69 struct inode *wdir = workdir->d_inode; 70 70 71 - whiteout = ovl_lookup_temp(workdir, dentry); 71 + whiteout = ovl_lookup_temp(workdir); 72 72 if (IS_ERR(whiteout)) 73 73 return whiteout; 74 74 ··· 127 127 return err; 128 128 } 129 129 130 - static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry) 130 + static int ovl_set_opaque_xerr(struct dentry *dentry, struct dentry *upper, 131 + int xerr) 131 132 { 132 133 int err; 133 134 134 - err = ovl_do_setxattr(upperdentry, OVL_XATTR_OPAQUE, "y", 1, 0); 135 + err = ovl_check_setxattr(dentry, upper, OVL_XATTR_OPAQUE, "y", 1, xerr); 135 136 if (!err) 136 137 ovl_dentry_set_opaque(dentry); 137 138 138 139 return err; 140 + } 141 + 142 + static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry) 143 + { 144 + /* 145 + * Fail with -EIO when trying to create opaque dir and upper doesn't 146 + * support xattrs. ovl_rename() calls ovl_set_opaque_xerr(-EXDEV) to 147 + * return a specific error for noxattr case. 148 + */ 149 + return ovl_set_opaque_xerr(dentry, upperdentry, -EIO); 139 150 } 140 151 141 152 /* Common operations required to be done after creation of file on upper */ ··· 171 160 static bool ovl_type_merge(struct dentry *dentry) 172 161 { 173 162 return OVL_TYPE_MERGE(ovl_path_type(dentry)); 163 + } 164 + 165 + static bool ovl_type_origin(struct dentry *dentry) 166 + { 167 + return OVL_TYPE_ORIGIN(ovl_path_type(dentry)); 174 168 } 175 169 176 170 static int ovl_create_upper(struct dentry *dentry, struct inode *inode, ··· 266 250 if (upper->d_parent->d_inode != udir) 267 251 goto out_unlock; 268 252 269 - opaquedir = ovl_lookup_temp(workdir, dentry); 253 + opaquedir = ovl_lookup_temp(workdir); 270 254 err = PTR_ERR(opaquedir); 271 255 if (IS_ERR(opaquedir)) 272 256 goto out_unlock; ··· 398 382 if (err) 399 383 goto out; 400 384 401 - newdentry = ovl_lookup_temp(workdir, dentry); 385 + newdentry = ovl_lookup_temp(workdir); 402 386 err = PTR_ERR(newdentry); 403 387 if (IS_ERR(newdentry)) 404 388 goto out_unlock; ··· 862 846 if (IS_ERR(redirect)) 863 847 return PTR_ERR(redirect); 864 848 865 - err = ovl_do_setxattr(ovl_dentry_upper(dentry), OVL_XATTR_REDIRECT, 866 - redirect, strlen(redirect), 0); 849 + err = ovl_check_setxattr(dentry, ovl_dentry_upper(dentry), 850 + OVL_XATTR_REDIRECT, 851 + redirect, strlen(redirect), -EXDEV); 867 852 if (!err) { 868 853 spin_lock(&dentry->d_lock); 869 854 ovl_dentry_set_redirect(dentry, redirect); 870 855 spin_unlock(&dentry->d_lock); 871 856 } else { 872 857 kfree(redirect); 873 - if (err == -EOPNOTSUPP) 874 - ovl_clear_redirect_dir(dentry->d_sb); 875 - else 876 - pr_warn_ratelimited("overlay: failed to set redirect (%i)\n", err); 858 + pr_warn_ratelimited("overlay: failed to set redirect (%i)\n", err); 877 859 /* Fall back to userspace copy-up */ 878 860 err = -EXDEV; 879 861 } ··· 957 943 old_upperdir = ovl_dentry_upper(old->d_parent); 958 944 new_upperdir = ovl_dentry_upper(new->d_parent); 959 945 946 + if (!samedir) { 947 + /* 948 + * When moving a merge dir or non-dir with copy up origin into 949 + * a new parent, we are marking the new parent dir "impure". 950 + * When ovl_iterate() iterates an "impure" upper dir, it will 951 + * lookup the origin inodes of the entries to fill d_ino. 952 + */ 953 + if (ovl_type_origin(old)) { 954 + err = ovl_set_impure(new->d_parent, new_upperdir); 955 + if (err) 956 + goto out_revert_creds; 957 + } 958 + if (!overwrite && ovl_type_origin(new)) { 959 + err = ovl_set_impure(old->d_parent, old_upperdir); 960 + if (err) 961 + goto out_revert_creds; 962 + } 963 + } 964 + 960 965 trap = lock_rename(new_upperdir, old_upperdir); 961 966 962 967 olddentry = lookup_one_len(old->d_name.name, old_upperdir, ··· 1025 992 if (ovl_type_merge_or_lower(old)) 1026 993 err = ovl_set_redirect(old, samedir); 1027 994 else if (!old_opaque && ovl_type_merge(new->d_parent)) 1028 - err = ovl_set_opaque(old, olddentry); 995 + err = ovl_set_opaque_xerr(old, olddentry, -EXDEV); 1029 996 if (err) 1030 997 goto out_dput; 1031 998 } ··· 1033 1000 if (ovl_type_merge_or_lower(new)) 1034 1001 err = ovl_set_redirect(new, samedir); 1035 1002 else if (!new_opaque && ovl_type_merge(old->d_parent)) 1036 - err = ovl_set_opaque(new, newdentry); 1003 + err = ovl_set_opaque_xerr(new, newdentry, -EXDEV); 1037 1004 if (err) 1038 1005 goto out_dput; 1039 1006 }

+11 -1

fs/overlayfs/inode.c

··· 240 240 return res; 241 241 } 242 242 243 + static bool ovl_can_list(const char *s) 244 + { 245 + /* List all non-trusted xatts */ 246 + if (strncmp(s, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) != 0) 247 + return true; 248 + 249 + /* Never list trusted.overlay, list other trusted for superuser only */ 250 + return !ovl_is_private_xattr(s) && capable(CAP_SYS_ADMIN); 251 + } 252 + 243 253 ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size) 244 254 { 245 255 struct dentry *realdentry = ovl_dentry_real(dentry); ··· 273 263 return -EIO; 274 264 275 265 len -= slen; 276 - if (ovl_is_private_xattr(s)) { 266 + if (!ovl_can_list(s)) { 277 267 res -= slen; 278 268 memmove(s, s + slen, len); 279 269 } else {

+5 -11

fs/overlayfs/namei.c

··· 169 169 170 170 static bool ovl_is_opaquedir(struct dentry *dentry) 171 171 { 172 - int res; 173 - char val; 174 - 175 - if (!d_is_dir(dentry)) 176 - return false; 177 - 178 - res = vfs_getxattr(dentry, OVL_XATTR_OPAQUE, &val, 1); 179 - if (res == 1 && val == 'y') 180 - return true; 181 - 182 - return false; 172 + return ovl_check_dir_xattr(dentry, OVL_XATTR_OPAQUE); 183 173 } 184 174 185 175 static int ovl_lookup_single(struct dentry *base, struct ovl_lookup_data *d, ··· 341 351 unsigned int ctr = 0; 342 352 struct inode *inode = NULL; 343 353 bool upperopaque = false; 354 + bool upperimpure = false; 344 355 char *upperredirect = NULL; 345 356 struct dentry *this; 346 357 unsigned int i; ··· 386 395 poe = roe; 387 396 } 388 397 upperopaque = d.opaque; 398 + if (upperdentry && d.is_dir) 399 + upperimpure = ovl_is_impuredir(upperdentry); 389 400 } 390 401 391 402 if (!d.stop && poe->numlower) { ··· 456 463 457 464 revert_creds(old_cred); 458 465 oe->opaque = upperopaque; 466 + oe->impure = upperimpure; 459 467 oe->redirect = upperredirect; 460 468 oe->__upperdentry = upperdentry; 461 469 memcpy(oe->lowerstack, stack, sizeof(struct path) * ctr);

+14 -2

fs/overlayfs/overlayfs.h

··· 24 24 #define OVL_XATTR_OPAQUE OVL_XATTR_PREFIX "opaque" 25 25 #define OVL_XATTR_REDIRECT OVL_XATTR_PREFIX "redirect" 26 26 #define OVL_XATTR_ORIGIN OVL_XATTR_PREFIX "origin" 27 + #define OVL_XATTR_IMPURE OVL_XATTR_PREFIX "impure" 27 28 28 29 /* 29 30 * The tuple (fh,uuid) is a universal unique identifier for a copy up origin, ··· 204 203 struct ovl_dir_cache *ovl_dir_cache(struct dentry *dentry); 205 204 void ovl_set_dir_cache(struct dentry *dentry, struct ovl_dir_cache *cache); 206 205 bool ovl_dentry_is_opaque(struct dentry *dentry); 206 + bool ovl_dentry_is_impure(struct dentry *dentry); 207 207 bool ovl_dentry_is_whiteout(struct dentry *dentry); 208 208 void ovl_dentry_set_opaque(struct dentry *dentry); 209 209 bool ovl_redirect_dir(struct super_block *sb); 210 - void ovl_clear_redirect_dir(struct super_block *sb); 211 210 const char *ovl_dentry_get_redirect(struct dentry *dentry); 212 211 void ovl_dentry_set_redirect(struct dentry *dentry, const char *redirect); 213 212 void ovl_dentry_update(struct dentry *dentry, struct dentry *upperdentry); ··· 220 219 struct file *ovl_path_open(struct path *path, int flags); 221 220 int ovl_copy_up_start(struct dentry *dentry); 222 221 void ovl_copy_up_end(struct dentry *dentry); 222 + bool ovl_check_dir_xattr(struct dentry *dentry, const char *name); 223 + int ovl_check_setxattr(struct dentry *dentry, struct dentry *upperdentry, 224 + const char *name, const void *value, size_t size, 225 + int xerr); 226 + int ovl_set_impure(struct dentry *dentry, struct dentry *upperdentry); 227 + 228 + static inline bool ovl_is_impuredir(struct dentry *dentry) 229 + { 230 + return ovl_check_dir_xattr(dentry, OVL_XATTR_IMPURE); 231 + } 232 + 223 233 224 234 /* namei.c */ 225 235 int ovl_path_next(int idx, struct dentry *dentry, struct path *path); ··· 275 263 276 264 /* dir.c */ 277 265 extern const struct inode_operations ovl_dir_inode_operations; 278 - struct dentry *ovl_lookup_temp(struct dentry *workdir, struct dentry *dentry); 266 + struct dentry *ovl_lookup_temp(struct dentry *workdir); 279 267 struct cattr { 280 268 dev_t rdev; 281 269 umode_t mode;

+2

fs/overlayfs/ovl_entry.h

··· 28 28 /* creds of process who forced instantiation of super block */ 29 29 const struct cred *creator_cred; 30 30 bool tmpfile; 31 + bool noxattr; 31 32 wait_queue_head_t copyup_wq; 32 33 /* sb common to all layers */ 33 34 struct super_block *same_sb; ··· 43 42 u64 version; 44 43 const char *redirect; 45 44 bool opaque; 45 + bool impure; 46 46 bool copying; 47 47 }; 48 48 struct rcu_head rcu;

+17 -1

fs/overlayfs/super.c

··· 891 891 dput(temp); 892 892 else 893 893 pr_warn("overlayfs: upper fs does not support tmpfile.\n"); 894 + 895 + /* 896 + * Check if upper/work fs supports trusted.overlay.* 897 + * xattr 898 + */ 899 + err = ovl_do_setxattr(ufs->workdir, OVL_XATTR_OPAQUE, 900 + "0", 1, 0); 901 + if (err) { 902 + ufs->noxattr = true; 903 + pr_warn("overlayfs: upper fs does not support xattr.\n"); 904 + } else { 905 + vfs_removexattr(ufs->workdir, OVL_XATTR_OPAQUE); 906 + } 894 907 } 895 908 } 896 909 ··· 974 961 path_put(&workpath); 975 962 kfree(lowertmp); 976 963 977 - oe->__upperdentry = upperpath.dentry; 964 + if (upperpath.dentry) { 965 + oe->__upperdentry = upperpath.dentry; 966 + oe->impure = ovl_is_impuredir(upperpath.dentry); 967 + } 978 968 for (i = 0; i < numlower; i++) { 979 969 oe->lowerstack[i].dentry = stack[i].dentry; 980 970 oe->lowerstack[i].mnt = ufs->lower_mnt[i];

+64 -8

fs/overlayfs/util.c

··· 175 175 return oe->opaque; 176 176 } 177 177 178 + bool ovl_dentry_is_impure(struct dentry *dentry) 179 + { 180 + struct ovl_entry *oe = dentry->d_fsdata; 181 + 182 + return oe->impure; 183 + } 184 + 178 185 bool ovl_dentry_is_whiteout(struct dentry *dentry) 179 186 { 180 187 return !dentry->d_inode && ovl_dentry_is_opaque(dentry); ··· 198 191 { 199 192 struct ovl_fs *ofs = sb->s_fs_info; 200 193 201 - return ofs->config.redirect_dir; 202 - } 203 - 204 - void ovl_clear_redirect_dir(struct super_block *sb) 205 - { 206 - struct ovl_fs *ofs = sb->s_fs_info; 207 - 208 - ofs->config.redirect_dir = false; 194 + return ofs->config.redirect_dir && !ofs->noxattr; 209 195 } 210 196 211 197 const char *ovl_dentry_get_redirect(struct dentry *dentry) ··· 302 302 oe->copying = false; 303 303 wake_up_locked(&ofs->copyup_wq); 304 304 spin_unlock(&ofs->copyup_wq.lock); 305 + } 306 + 307 + bool ovl_check_dir_xattr(struct dentry *dentry, const char *name) 308 + { 309 + int res; 310 + char val; 311 + 312 + if (!d_is_dir(dentry)) 313 + return false; 314 + 315 + res = vfs_getxattr(dentry, name, &val, 1); 316 + if (res == 1 && val == 'y') 317 + return true; 318 + 319 + return false; 320 + } 321 + 322 + int ovl_check_setxattr(struct dentry *dentry, struct dentry *upperdentry, 323 + const char *name, const void *value, size_t size, 324 + int xerr) 325 + { 326 + int err; 327 + struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 328 + 329 + if (ofs->noxattr) 330 + return xerr; 331 + 332 + err = ovl_do_setxattr(upperdentry, name, value, size, 0); 333 + 334 + if (err == -EOPNOTSUPP) { 335 + pr_warn("overlayfs: cannot set %s xattr on upper\n", name); 336 + ofs->noxattr = true; 337 + return xerr; 338 + } 339 + 340 + return err; 341 + } 342 + 343 + int ovl_set_impure(struct dentry *dentry, struct dentry *upperdentry) 344 + { 345 + int err; 346 + struct ovl_entry *oe = dentry->d_fsdata; 347 + 348 + if (oe->impure) 349 + return 0; 350 + 351 + /* 352 + * Do not fail when upper doesn't support xattrs. 353 + * Upper inodes won't have origin nor redirect xattr anyway. 354 + */ 355 + err = ovl_check_setxattr(dentry, upperdentry, OVL_XATTR_IMPURE, 356 + "y", 1, 0); 357 + if (!err) 358 + oe->impure = true; 359 + 360 + return err; 305 361 }