Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszer...
[sfrench/cifs-2.6.git] / fs / overlayfs / dir.c
1 /*
2  *
3  * Copyright (C) 2011 Novell Inc.
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 as published by
7  * the Free Software Foundation.
8  */
9
10 #include <linux/fs.h>
11 #include <linux/namei.h>
12 #include <linux/xattr.h>
13 #include <linux/security.h>
14 #include <linux/cred.h>
15 #include <linux/module.h>
16 #include <linux/posix_acl.h>
17 #include <linux/posix_acl_xattr.h>
18 #include <linux/atomic.h>
19 #include <linux/ratelimit.h>
20 #include "overlayfs.h"
21
22 static unsigned short ovl_redirect_max = 256;
23 module_param_named(redirect_max, ovl_redirect_max, ushort, 0644);
24 MODULE_PARM_DESC(ovl_redirect_max,
25                  "Maximum length of absolute redirect xattr value");
26
27 int ovl_cleanup(struct inode *wdir, struct dentry *wdentry)
28 {
29         int err;
30
31         dget(wdentry);
32         if (d_is_dir(wdentry))
33                 err = ovl_do_rmdir(wdir, wdentry);
34         else
35                 err = ovl_do_unlink(wdir, wdentry);
36         dput(wdentry);
37
38         if (err) {
39                 pr_err("overlayfs: cleanup of '%pd2' failed (%i)\n",
40                        wdentry, err);
41         }
42
43         return err;
44 }
45
46 struct dentry *ovl_lookup_temp(struct dentry *workdir)
47 {
48         struct dentry *temp;
49         char name[20];
50         static atomic_t temp_id = ATOMIC_INIT(0);
51
52         /* counter is allowed to wrap, since temp dentries are ephemeral */
53         snprintf(name, sizeof(name), "#%x", atomic_inc_return(&temp_id));
54
55         temp = lookup_one_len(name, workdir, strlen(name));
56         if (!IS_ERR(temp) && temp->d_inode) {
57                 pr_err("overlayfs: workdir/%s already exists\n", name);
58                 dput(temp);
59                 temp = ERR_PTR(-EIO);
60         }
61
62         return temp;
63 }
64
65 /* caller holds i_mutex on workdir */
66 static struct dentry *ovl_whiteout(struct dentry *workdir,
67                                    struct dentry *dentry)
68 {
69         int err;
70         struct dentry *whiteout;
71         struct inode *wdir = workdir->d_inode;
72
73         whiteout = ovl_lookup_temp(workdir);
74         if (IS_ERR(whiteout))
75                 return whiteout;
76
77         err = ovl_do_whiteout(wdir, whiteout);
78         if (err) {
79                 dput(whiteout);
80                 whiteout = ERR_PTR(err);
81         }
82
83         return whiteout;
84 }
85
86 int ovl_create_real(struct inode *dir, struct dentry *newdentry,
87                     struct cattr *attr, struct dentry *hardlink, bool debug)
88 {
89         int err;
90
91         if (newdentry->d_inode)
92                 return -ESTALE;
93
94         if (hardlink) {
95                 err = ovl_do_link(hardlink, dir, newdentry, debug);
96         } else {
97                 switch (attr->mode & S_IFMT) {
98                 case S_IFREG:
99                         err = ovl_do_create(dir, newdentry, attr->mode, debug);
100                         break;
101
102                 case S_IFDIR:
103                         err = ovl_do_mkdir(dir, newdentry, attr->mode, debug);
104                         break;
105
106                 case S_IFCHR:
107                 case S_IFBLK:
108                 case S_IFIFO:
109                 case S_IFSOCK:
110                         err = ovl_do_mknod(dir, newdentry,
111                                            attr->mode, attr->rdev, debug);
112                         break;
113
114                 case S_IFLNK:
115                         err = ovl_do_symlink(dir, newdentry, attr->link, debug);
116                         break;
117
118                 default:
119                         err = -EPERM;
120                 }
121         }
122         if (!err && WARN_ON(!newdentry->d_inode)) {
123                 /*
124                  * Not quite sure if non-instantiated dentry is legal or not.
125                  * VFS doesn't seem to care so check and warn here.
126                  */
127                 err = -ENOENT;
128         }
129         return err;
130 }
131
132 static int ovl_set_opaque_xerr(struct dentry *dentry, struct dentry *upper,
133                                int xerr)
134 {
135         int err;
136
137         err = ovl_check_setxattr(dentry, upper, OVL_XATTR_OPAQUE, "y", 1, xerr);
138         if (!err)
139                 ovl_dentry_set_opaque(dentry);
140
141         return err;
142 }
143
144 static int ovl_set_opaque(struct dentry *dentry, struct dentry *upperdentry)
145 {
146         /*
147          * Fail with -EIO when trying to create opaque dir and upper doesn't
148          * support xattrs. ovl_rename() calls ovl_set_opaque_xerr(-EXDEV) to
149          * return a specific error for noxattr case.
150          */
151         return ovl_set_opaque_xerr(dentry, upperdentry, -EIO);
152 }
153
154 /* Common operations required to be done after creation of file on upper */
155 static void ovl_instantiate(struct dentry *dentry, struct inode *inode,
156                             struct dentry *newdentry, bool hardlink)
157 {
158         ovl_dentry_version_inc(dentry->d_parent);
159         ovl_dentry_set_upper_alias(dentry);
160         if (!hardlink) {
161                 ovl_inode_update(inode, newdentry);
162                 ovl_copyattr(newdentry->d_inode, inode);
163         } else {
164                 WARN_ON(ovl_inode_real(inode) != d_inode(newdentry));
165                 dput(newdentry);
166                 inc_nlink(inode);
167         }
168         d_instantiate(dentry, inode);
169         /* Force lookup of new upper hardlink to find its lower */
170         if (hardlink)
171                 d_drop(dentry);
172 }
173
174 static bool ovl_type_merge(struct dentry *dentry)
175 {
176         return OVL_TYPE_MERGE(ovl_path_type(dentry));
177 }
178
179 static bool ovl_type_origin(struct dentry *dentry)
180 {
181         return OVL_TYPE_ORIGIN(ovl_path_type(dentry));
182 }
183
184 static int ovl_create_upper(struct dentry *dentry, struct inode *inode,
185                             struct cattr *attr, struct dentry *hardlink)
186 {
187         struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
188         struct inode *udir = upperdir->d_inode;
189         struct dentry *newdentry;
190         int err;
191
192         if (!hardlink && !IS_POSIXACL(udir))
193                 attr->mode &= ~current_umask();
194
195         inode_lock_nested(udir, I_MUTEX_PARENT);
196         newdentry = lookup_one_len(dentry->d_name.name, upperdir,
197                                    dentry->d_name.len);
198         err = PTR_ERR(newdentry);
199         if (IS_ERR(newdentry))
200                 goto out_unlock;
201         err = ovl_create_real(udir, newdentry, attr, hardlink, false);
202         if (err)
203                 goto out_dput;
204
205         if (ovl_type_merge(dentry->d_parent) && d_is_dir(newdentry)) {
206                 /* Setting opaque here is just an optimization, allow to fail */
207                 ovl_set_opaque(dentry, newdentry);
208         }
209
210         ovl_instantiate(dentry, inode, newdentry, !!hardlink);
211         newdentry = NULL;
212 out_dput:
213         dput(newdentry);
214 out_unlock:
215         inode_unlock(udir);
216         return err;
217 }
218
219 static int ovl_lock_rename_workdir(struct dentry *workdir,
220                                    struct dentry *upperdir)
221 {
222         /* Workdir should not be the same as upperdir */
223         if (workdir == upperdir)
224                 goto err;
225
226         /* Workdir should not be subdir of upperdir and vice versa */
227         if (lock_rename(workdir, upperdir) != NULL)
228                 goto err_unlock;
229
230         return 0;
231
232 err_unlock:
233         unlock_rename(workdir, upperdir);
234 err:
235         pr_err("overlayfs: failed to lock workdir+upperdir\n");
236         return -EIO;
237 }
238
239 static struct dentry *ovl_clear_empty(struct dentry *dentry,
240                                       struct list_head *list)
241 {
242         struct dentry *workdir = ovl_workdir(dentry);
243         struct inode *wdir = workdir->d_inode;
244         struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
245         struct inode *udir = upperdir->d_inode;
246         struct path upperpath;
247         struct dentry *upper;
248         struct dentry *opaquedir;
249         struct kstat stat;
250         int err;
251
252         if (WARN_ON(!workdir))
253                 return ERR_PTR(-EROFS);
254
255         err = ovl_lock_rename_workdir(workdir, upperdir);
256         if (err)
257                 goto out;
258
259         ovl_path_upper(dentry, &upperpath);
260         err = vfs_getattr(&upperpath, &stat,
261                           STATX_BASIC_STATS, AT_STATX_SYNC_AS_STAT);
262         if (err)
263                 goto out_unlock;
264
265         err = -ESTALE;
266         if (!S_ISDIR(stat.mode))
267                 goto out_unlock;
268         upper = upperpath.dentry;
269         if (upper->d_parent->d_inode != udir)
270                 goto out_unlock;
271
272         opaquedir = ovl_lookup_temp(workdir);
273         err = PTR_ERR(opaquedir);
274         if (IS_ERR(opaquedir))
275                 goto out_unlock;
276
277         err = ovl_create_real(wdir, opaquedir,
278                               &(struct cattr){.mode = stat.mode}, NULL, true);
279         if (err)
280                 goto out_dput;
281
282         err = ovl_copy_xattr(upper, opaquedir);
283         if (err)
284                 goto out_cleanup;
285
286         err = ovl_set_opaque(dentry, opaquedir);
287         if (err)
288                 goto out_cleanup;
289
290         inode_lock(opaquedir->d_inode);
291         err = ovl_set_attr(opaquedir, &stat);
292         inode_unlock(opaquedir->d_inode);
293         if (err)
294                 goto out_cleanup;
295
296         err = ovl_do_rename(wdir, opaquedir, udir, upper, RENAME_EXCHANGE);
297         if (err)
298                 goto out_cleanup;
299
300         ovl_cleanup_whiteouts(upper, list);
301         ovl_cleanup(wdir, upper);
302         unlock_rename(workdir, upperdir);
303
304         /* dentry's upper doesn't match now, get rid of it */
305         d_drop(dentry);
306
307         return opaquedir;
308
309 out_cleanup:
310         ovl_cleanup(wdir, opaquedir);
311 out_dput:
312         dput(opaquedir);
313 out_unlock:
314         unlock_rename(workdir, upperdir);
315 out:
316         return ERR_PTR(err);
317 }
318
319 static struct dentry *ovl_check_empty_and_clear(struct dentry *dentry)
320 {
321         int err;
322         struct dentry *ret = NULL;
323         enum ovl_path_type type = ovl_path_type(dentry);
324         LIST_HEAD(list);
325
326         err = ovl_check_empty_dir(dentry, &list);
327         if (err) {
328                 ret = ERR_PTR(err);
329                 goto out_free;
330         }
331
332         /*
333          * When removing an empty opaque directory, then it makes no sense to
334          * replace it with an exact replica of itself.
335          *
336          * If no upperdentry then skip clearing whiteouts.
337          *
338          * Can race with copy-up, since we don't hold the upperdir mutex.
339          * Doesn't matter, since copy-up can't create a non-empty directory
340          * from an empty one.
341          */
342         if (OVL_TYPE_UPPER(type) && OVL_TYPE_MERGE(type))
343                 ret = ovl_clear_empty(dentry, &list);
344
345 out_free:
346         ovl_cache_free(&list);
347
348         return ret;
349 }
350
351 static int ovl_set_upper_acl(struct dentry *upperdentry, const char *name,
352                              const struct posix_acl *acl)
353 {
354         void *buffer;
355         size_t size;
356         int err;
357
358         if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !acl)
359                 return 0;
360
361         size = posix_acl_to_xattr(NULL, acl, NULL, 0);
362         buffer = kmalloc(size, GFP_KERNEL);
363         if (!buffer)
364                 return -ENOMEM;
365
366         size = posix_acl_to_xattr(&init_user_ns, acl, buffer, size);
367         err = size;
368         if (err < 0)
369                 goto out_free;
370
371         err = vfs_setxattr(upperdentry, name, buffer, size, XATTR_CREATE);
372 out_free:
373         kfree(buffer);
374         return err;
375 }
376
377 static int ovl_create_over_whiteout(struct dentry *dentry, struct inode *inode,
378                                     struct cattr *cattr,
379                                     struct dentry *hardlink)
380 {
381         struct dentry *workdir = ovl_workdir(dentry);
382         struct inode *wdir = workdir->d_inode;
383         struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
384         struct inode *udir = upperdir->d_inode;
385         struct dentry *upper;
386         struct dentry *newdentry;
387         int err;
388         struct posix_acl *acl, *default_acl;
389
390         if (WARN_ON(!workdir))
391                 return -EROFS;
392
393         if (!hardlink) {
394                 err = posix_acl_create(dentry->d_parent->d_inode,
395                                        &cattr->mode, &default_acl, &acl);
396                 if (err)
397                         return err;
398         }
399
400         err = ovl_lock_rename_workdir(workdir, upperdir);
401         if (err)
402                 goto out;
403
404         newdentry = ovl_lookup_temp(workdir);
405         err = PTR_ERR(newdentry);
406         if (IS_ERR(newdentry))
407                 goto out_unlock;
408
409         upper = lookup_one_len(dentry->d_name.name, upperdir,
410                                dentry->d_name.len);
411         err = PTR_ERR(upper);
412         if (IS_ERR(upper))
413                 goto out_dput;
414
415         err = ovl_create_real(wdir, newdentry, cattr, hardlink, true);
416         if (err)
417                 goto out_dput2;
418
419         /*
420          * mode could have been mutilated due to umask (e.g. sgid directory)
421          */
422         if (!hardlink &&
423             !S_ISLNK(cattr->mode) &&
424             newdentry->d_inode->i_mode != cattr->mode) {
425                 struct iattr attr = {
426                         .ia_valid = ATTR_MODE,
427                         .ia_mode = cattr->mode,
428                 };
429                 inode_lock(newdentry->d_inode);
430                 err = notify_change(newdentry, &attr, NULL);
431                 inode_unlock(newdentry->d_inode);
432                 if (err)
433                         goto out_cleanup;
434         }
435         if (!hardlink) {
436                 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_ACCESS,
437                                         acl);
438                 if (err)
439                         goto out_cleanup;
440
441                 err = ovl_set_upper_acl(newdentry, XATTR_NAME_POSIX_ACL_DEFAULT,
442                                         default_acl);
443                 if (err)
444                         goto out_cleanup;
445         }
446
447         if (!hardlink && S_ISDIR(cattr->mode)) {
448                 err = ovl_set_opaque(dentry, newdentry);
449                 if (err)
450                         goto out_cleanup;
451
452                 err = ovl_do_rename(wdir, newdentry, udir, upper,
453                                     RENAME_EXCHANGE);
454                 if (err)
455                         goto out_cleanup;
456
457                 ovl_cleanup(wdir, upper);
458         } else {
459                 err = ovl_do_rename(wdir, newdentry, udir, upper, 0);
460                 if (err)
461                         goto out_cleanup;
462         }
463         ovl_instantiate(dentry, inode, newdentry, !!hardlink);
464         newdentry = NULL;
465 out_dput2:
466         dput(upper);
467 out_dput:
468         dput(newdentry);
469 out_unlock:
470         unlock_rename(workdir, upperdir);
471 out:
472         if (!hardlink) {
473                 posix_acl_release(acl);
474                 posix_acl_release(default_acl);
475         }
476         return err;
477
478 out_cleanup:
479         ovl_cleanup(wdir, newdentry);
480         goto out_dput2;
481 }
482
483 static int ovl_create_or_link(struct dentry *dentry, struct inode *inode,
484                               struct cattr *attr, struct dentry *hardlink)
485 {
486         int err;
487         const struct cred *old_cred;
488         struct cred *override_cred;
489
490         err = ovl_copy_up(dentry->d_parent);
491         if (err)
492                 return err;
493
494         old_cred = ovl_override_creds(dentry->d_sb);
495         err = -ENOMEM;
496         override_cred = prepare_creds();
497         if (override_cred) {
498                 override_cred->fsuid = inode->i_uid;
499                 override_cred->fsgid = inode->i_gid;
500                 if (!hardlink) {
501                         err = security_dentry_create_files_as(dentry,
502                                         attr->mode, &dentry->d_name, old_cred,
503                                         override_cred);
504                         if (err) {
505                                 put_cred(override_cred);
506                                 goto out_revert_creds;
507                         }
508                 }
509                 put_cred(override_creds(override_cred));
510                 put_cred(override_cred);
511
512                 if (!ovl_dentry_is_whiteout(dentry))
513                         err = ovl_create_upper(dentry, inode, attr,
514                                                 hardlink);
515                 else
516                         err = ovl_create_over_whiteout(dentry, inode, attr,
517                                                         hardlink);
518         }
519 out_revert_creds:
520         revert_creds(old_cred);
521         if (!err) {
522                 struct inode *realinode = d_inode(ovl_dentry_upper(dentry));
523
524                 WARN_ON(inode->i_mode != realinode->i_mode);
525                 WARN_ON(!uid_eq(inode->i_uid, realinode->i_uid));
526                 WARN_ON(!gid_eq(inode->i_gid, realinode->i_gid));
527         }
528         return err;
529 }
530
531 static int ovl_create_object(struct dentry *dentry, int mode, dev_t rdev,
532                              const char *link)
533 {
534         int err;
535         struct inode *inode;
536         struct cattr attr = {
537                 .rdev = rdev,
538                 .link = link,
539         };
540
541         err = ovl_want_write(dentry);
542         if (err)
543                 goto out;
544
545         err = -ENOMEM;
546         inode = ovl_new_inode(dentry->d_sb, mode, rdev);
547         if (!inode)
548                 goto out_drop_write;
549
550         inode_init_owner(inode, dentry->d_parent->d_inode, mode);
551         attr.mode = inode->i_mode;
552
553         err = ovl_create_or_link(dentry, inode, &attr, NULL);
554         if (err)
555                 iput(inode);
556
557 out_drop_write:
558         ovl_drop_write(dentry);
559 out:
560         return err;
561 }
562
563 static int ovl_create(struct inode *dir, struct dentry *dentry, umode_t mode,
564                       bool excl)
565 {
566         return ovl_create_object(dentry, (mode & 07777) | S_IFREG, 0, NULL);
567 }
568
569 static int ovl_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
570 {
571         return ovl_create_object(dentry, (mode & 07777) | S_IFDIR, 0, NULL);
572 }
573
574 static int ovl_mknod(struct inode *dir, struct dentry *dentry, umode_t mode,
575                      dev_t rdev)
576 {
577         /* Don't allow creation of "whiteout" on overlay */
578         if (S_ISCHR(mode) && rdev == WHITEOUT_DEV)
579                 return -EPERM;
580
581         return ovl_create_object(dentry, mode, rdev, NULL);
582 }
583
584 static int ovl_symlink(struct inode *dir, struct dentry *dentry,
585                        const char *link)
586 {
587         return ovl_create_object(dentry, S_IFLNK, 0, link);
588 }
589
590 static int ovl_link(struct dentry *old, struct inode *newdir,
591                     struct dentry *new)
592 {
593         int err;
594         bool locked = false;
595         struct inode *inode;
596
597         err = ovl_want_write(old);
598         if (err)
599                 goto out;
600
601         err = ovl_copy_up(old);
602         if (err)
603                 goto out_drop_write;
604
605         err = ovl_nlink_start(old, &locked);
606         if (err)
607                 goto out_drop_write;
608
609         inode = d_inode(old);
610         ihold(inode);
611
612         err = ovl_create_or_link(new, inode, NULL, ovl_dentry_upper(old));
613         if (err)
614                 iput(inode);
615
616         ovl_nlink_end(old, locked);
617 out_drop_write:
618         ovl_drop_write(old);
619 out:
620         return err;
621 }
622
623 static bool ovl_matches_upper(struct dentry *dentry, struct dentry *upper)
624 {
625         return d_inode(ovl_dentry_upper(dentry)) == d_inode(upper);
626 }
627
628 static int ovl_remove_and_whiteout(struct dentry *dentry, bool is_dir)
629 {
630         struct dentry *workdir = ovl_workdir(dentry);
631         struct inode *wdir = workdir->d_inode;
632         struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
633         struct inode *udir = upperdir->d_inode;
634         struct dentry *whiteout;
635         struct dentry *upper;
636         struct dentry *opaquedir = NULL;
637         int err;
638         int flags = 0;
639
640         if (WARN_ON(!workdir))
641                 return -EROFS;
642
643         if (is_dir) {
644                 opaquedir = ovl_check_empty_and_clear(dentry);
645                 err = PTR_ERR(opaquedir);
646                 if (IS_ERR(opaquedir))
647                         goto out;
648         }
649
650         err = ovl_lock_rename_workdir(workdir, upperdir);
651         if (err)
652                 goto out_dput;
653
654         upper = lookup_one_len(dentry->d_name.name, upperdir,
655                                dentry->d_name.len);
656         err = PTR_ERR(upper);
657         if (IS_ERR(upper))
658                 goto out_unlock;
659
660         err = -ESTALE;
661         if ((opaquedir && upper != opaquedir) ||
662             (!opaquedir && ovl_dentry_upper(dentry) &&
663              !ovl_matches_upper(dentry, upper))) {
664                 goto out_dput_upper;
665         }
666
667         whiteout = ovl_whiteout(workdir, dentry);
668         err = PTR_ERR(whiteout);
669         if (IS_ERR(whiteout))
670                 goto out_dput_upper;
671
672         if (d_is_dir(upper))
673                 flags = RENAME_EXCHANGE;
674
675         err = ovl_do_rename(wdir, whiteout, udir, upper, flags);
676         if (err)
677                 goto kill_whiteout;
678         if (flags)
679                 ovl_cleanup(wdir, upper);
680
681         ovl_dentry_version_inc(dentry->d_parent);
682 out_d_drop:
683         d_drop(dentry);
684         dput(whiteout);
685 out_dput_upper:
686         dput(upper);
687 out_unlock:
688         unlock_rename(workdir, upperdir);
689 out_dput:
690         dput(opaquedir);
691 out:
692         return err;
693
694 kill_whiteout:
695         ovl_cleanup(wdir, whiteout);
696         goto out_d_drop;
697 }
698
699 static int ovl_remove_upper(struct dentry *dentry, bool is_dir)
700 {
701         struct dentry *upperdir = ovl_dentry_upper(dentry->d_parent);
702         struct inode *dir = upperdir->d_inode;
703         struct dentry *upper;
704         struct dentry *opaquedir = NULL;
705         int err;
706
707         /* Redirect dir can be !ovl_lower_positive && OVL_TYPE_MERGE */
708         if (is_dir && ovl_dentry_get_redirect(dentry)) {
709                 opaquedir = ovl_check_empty_and_clear(dentry);
710                 err = PTR_ERR(opaquedir);
711                 if (IS_ERR(opaquedir))
712                         goto out;
713         }
714
715         inode_lock_nested(dir, I_MUTEX_PARENT);
716         upper = lookup_one_len(dentry->d_name.name, upperdir,
717                                dentry->d_name.len);
718         err = PTR_ERR(upper);
719         if (IS_ERR(upper))
720                 goto out_unlock;
721
722         err = -ESTALE;
723         if ((opaquedir && upper != opaquedir) ||
724             (!opaquedir && !ovl_matches_upper(dentry, upper)))
725                 goto out_dput_upper;
726
727         if (is_dir)
728                 err = vfs_rmdir(dir, upper);
729         else
730                 err = vfs_unlink(dir, upper, NULL);
731         ovl_dentry_version_inc(dentry->d_parent);
732
733         /*
734          * Keeping this dentry hashed would mean having to release
735          * upperpath/lowerpath, which could only be done if we are the
736          * sole user of this dentry.  Too tricky...  Just unhash for
737          * now.
738          */
739         if (!err)
740                 d_drop(dentry);
741 out_dput_upper:
742         dput(upper);
743 out_unlock:
744         inode_unlock(dir);
745         dput(opaquedir);
746 out:
747         return err;
748 }
749
750 static int ovl_do_remove(struct dentry *dentry, bool is_dir)
751 {
752         int err;
753         bool locked = false;
754         const struct cred *old_cred;
755
756         err = ovl_want_write(dentry);
757         if (err)
758                 goto out;
759
760         err = ovl_copy_up(dentry->d_parent);
761         if (err)
762                 goto out_drop_write;
763
764         err = ovl_nlink_start(dentry, &locked);
765         if (err)
766                 goto out_drop_write;
767
768         old_cred = ovl_override_creds(dentry->d_sb);
769         if (!ovl_lower_positive(dentry))
770                 err = ovl_remove_upper(dentry, is_dir);
771         else
772                 err = ovl_remove_and_whiteout(dentry, is_dir);
773         revert_creds(old_cred);
774         if (!err) {
775                 if (is_dir)
776                         clear_nlink(dentry->d_inode);
777                 else
778                         drop_nlink(dentry->d_inode);
779         }
780         ovl_nlink_end(dentry, locked);
781 out_drop_write:
782         ovl_drop_write(dentry);
783 out:
784         return err;
785 }
786
787 static int ovl_unlink(struct inode *dir, struct dentry *dentry)
788 {
789         return ovl_do_remove(dentry, false);
790 }
791
792 static int ovl_rmdir(struct inode *dir, struct dentry *dentry)
793 {
794         return ovl_do_remove(dentry, true);
795 }
796
797 static bool ovl_type_merge_or_lower(struct dentry *dentry)
798 {
799         enum ovl_path_type type = ovl_path_type(dentry);
800
801         return OVL_TYPE_MERGE(type) || !OVL_TYPE_UPPER(type);
802 }
803
804 static bool ovl_can_move(struct dentry *dentry)
805 {
806         return ovl_redirect_dir(dentry->d_sb) ||
807                 !d_is_dir(dentry) || !ovl_type_merge_or_lower(dentry);
808 }
809
810 static char *ovl_get_redirect(struct dentry *dentry, bool samedir)
811 {
812         char *buf, *ret;
813         struct dentry *d, *tmp;
814         int buflen = ovl_redirect_max + 1;
815
816         if (samedir) {
817                 ret = kstrndup(dentry->d_name.name, dentry->d_name.len,
818                                GFP_KERNEL);
819                 goto out;
820         }
821
822         buf = ret = kmalloc(buflen, GFP_TEMPORARY);
823         if (!buf)
824                 goto out;
825
826         buflen--;
827         buf[buflen] = '\0';
828         for (d = dget(dentry); !IS_ROOT(d);) {
829                 const char *name;
830                 int thislen;
831
832                 spin_lock(&d->d_lock);
833                 name = ovl_dentry_get_redirect(d);
834                 if (name) {
835                         thislen = strlen(name);
836                 } else {
837                         name = d->d_name.name;
838                         thislen = d->d_name.len;
839                 }
840
841                 /* If path is too long, fall back to userspace move */
842                 if (thislen + (name[0] != '/') > buflen) {
843                         ret = ERR_PTR(-EXDEV);
844                         spin_unlock(&d->d_lock);
845                         goto out_put;
846                 }
847
848                 buflen -= thislen;
849                 memcpy(&buf[buflen], name, thislen);
850                 tmp = dget_dlock(d->d_parent);
851                 spin_unlock(&d->d_lock);
852
853                 dput(d);
854                 d = tmp;
855
856                 /* Absolute redirect: finished */
857                 if (buf[buflen] == '/')
858                         break;
859                 buflen--;
860                 buf[buflen] = '/';
861         }
862         ret = kstrdup(&buf[buflen], GFP_KERNEL);
863 out_put:
864         dput(d);
865         kfree(buf);
866 out:
867         return ret ? ret : ERR_PTR(-ENOMEM);
868 }
869
870 static int ovl_set_redirect(struct dentry *dentry, bool samedir)
871 {
872         int err;
873         const char *redirect = ovl_dentry_get_redirect(dentry);
874
875         if (redirect && (samedir || redirect[0] == '/'))
876                 return 0;
877
878         redirect = ovl_get_redirect(dentry, samedir);
879         if (IS_ERR(redirect))
880                 return PTR_ERR(redirect);
881
882         err = ovl_check_setxattr(dentry, ovl_dentry_upper(dentry),
883                                  OVL_XATTR_REDIRECT,
884                                  redirect, strlen(redirect), -EXDEV);
885         if (!err) {
886                 spin_lock(&dentry->d_lock);
887                 ovl_dentry_set_redirect(dentry, redirect);
888                 spin_unlock(&dentry->d_lock);
889         } else {
890                 kfree(redirect);
891                 pr_warn_ratelimited("overlay: failed to set redirect (%i)\n", err);
892                 /* Fall back to userspace copy-up */
893                 err = -EXDEV;
894         }
895         return err;
896 }
897
898 static int ovl_rename(struct inode *olddir, struct dentry *old,
899                       struct inode *newdir, struct dentry *new,
900                       unsigned int flags)
901 {
902         int err;
903         bool locked = false;
904         struct dentry *old_upperdir;
905         struct dentry *new_upperdir;
906         struct dentry *olddentry;
907         struct dentry *newdentry;
908         struct dentry *trap;
909         bool old_opaque;
910         bool new_opaque;
911         bool cleanup_whiteout = false;
912         bool overwrite = !(flags & RENAME_EXCHANGE);
913         bool is_dir = d_is_dir(old);
914         bool new_is_dir = d_is_dir(new);
915         bool samedir = olddir == newdir;
916         struct dentry *opaquedir = NULL;
917         const struct cred *old_cred = NULL;
918
919         err = -EINVAL;
920         if (flags & ~(RENAME_EXCHANGE | RENAME_NOREPLACE))
921                 goto out;
922
923         flags &= ~RENAME_NOREPLACE;
924
925         /* Don't copy up directory trees */
926         err = -EXDEV;
927         if (!ovl_can_move(old))
928                 goto out;
929         if (!overwrite && !ovl_can_move(new))
930                 goto out;
931
932         err = ovl_want_write(old);
933         if (err)
934                 goto out;
935
936         err = ovl_copy_up(old);
937         if (err)
938                 goto out_drop_write;
939
940         err = ovl_copy_up(new->d_parent);
941         if (err)
942                 goto out_drop_write;
943         if (!overwrite) {
944                 err = ovl_copy_up(new);
945                 if (err)
946                         goto out_drop_write;
947         } else {
948                 err = ovl_nlink_start(new, &locked);
949                 if (err)
950                         goto out_drop_write;
951         }
952
953         old_cred = ovl_override_creds(old->d_sb);
954
955         if (overwrite && new_is_dir && ovl_type_merge_or_lower(new)) {
956                 opaquedir = ovl_check_empty_and_clear(new);
957                 err = PTR_ERR(opaquedir);
958                 if (IS_ERR(opaquedir)) {
959                         opaquedir = NULL;
960                         goto out_revert_creds;
961                 }
962         }
963
964         if (overwrite) {
965                 if (ovl_lower_positive(old)) {
966                         if (!ovl_dentry_is_whiteout(new)) {
967                                 /* Whiteout source */
968                                 flags |= RENAME_WHITEOUT;
969                         } else {
970                                 /* Switch whiteouts */
971                                 flags |= RENAME_EXCHANGE;
972                         }
973                 } else if (is_dir && ovl_dentry_is_whiteout(new)) {
974                         flags |= RENAME_EXCHANGE;
975                         cleanup_whiteout = true;
976                 }
977         }
978
979         old_upperdir = ovl_dentry_upper(old->d_parent);
980         new_upperdir = ovl_dentry_upper(new->d_parent);
981
982         if (!samedir) {
983                 /*
984                  * When moving a merge dir or non-dir with copy up origin into
985                  * a new parent, we are marking the new parent dir "impure".
986                  * When ovl_iterate() iterates an "impure" upper dir, it will
987                  * lookup the origin inodes of the entries to fill d_ino.
988                  */
989                 if (ovl_type_origin(old)) {
990                         err = ovl_set_impure(new->d_parent, new_upperdir);
991                         if (err)
992                                 goto out_revert_creds;
993                 }
994                 if (!overwrite && ovl_type_origin(new)) {
995                         err = ovl_set_impure(old->d_parent, old_upperdir);
996                         if (err)
997                                 goto out_revert_creds;
998                 }
999         }
1000
1001         trap = lock_rename(new_upperdir, old_upperdir);
1002
1003         olddentry = lookup_one_len(old->d_name.name, old_upperdir,
1004                                    old->d_name.len);
1005         err = PTR_ERR(olddentry);
1006         if (IS_ERR(olddentry))
1007                 goto out_unlock;
1008
1009         err = -ESTALE;
1010         if (!ovl_matches_upper(old, olddentry))
1011                 goto out_dput_old;
1012
1013         newdentry = lookup_one_len(new->d_name.name, new_upperdir,
1014                                    new->d_name.len);
1015         err = PTR_ERR(newdentry);
1016         if (IS_ERR(newdentry))
1017                 goto out_dput_old;
1018
1019         old_opaque = ovl_dentry_is_opaque(old);
1020         new_opaque = ovl_dentry_is_opaque(new);
1021
1022         err = -ESTALE;
1023         if (d_inode(new) && ovl_dentry_upper(new)) {
1024                 if (opaquedir) {
1025                         if (newdentry != opaquedir)
1026                                 goto out_dput;
1027                 } else {
1028                         if (!ovl_matches_upper(new, newdentry))
1029                                 goto out_dput;
1030                 }
1031         } else {
1032                 if (!d_is_negative(newdentry) &&
1033                     (!new_opaque || !ovl_is_whiteout(newdentry)))
1034                         goto out_dput;
1035         }
1036
1037         if (olddentry == trap)
1038                 goto out_dput;
1039         if (newdentry == trap)
1040                 goto out_dput;
1041
1042         if (WARN_ON(olddentry->d_inode == newdentry->d_inode))
1043                 goto out_dput;
1044
1045         err = 0;
1046         if (is_dir) {
1047                 if (ovl_type_merge_or_lower(old))
1048                         err = ovl_set_redirect(old, samedir);
1049                 else if (!old_opaque && ovl_type_merge(new->d_parent))
1050                         err = ovl_set_opaque_xerr(old, olddentry, -EXDEV);
1051                 if (err)
1052                         goto out_dput;
1053         }
1054         if (!overwrite && new_is_dir) {
1055                 if (ovl_type_merge_or_lower(new))
1056                         err = ovl_set_redirect(new, samedir);
1057                 else if (!new_opaque && ovl_type_merge(old->d_parent))
1058                         err = ovl_set_opaque_xerr(new, newdentry, -EXDEV);
1059                 if (err)
1060                         goto out_dput;
1061         }
1062
1063         err = ovl_do_rename(old_upperdir->d_inode, olddentry,
1064                             new_upperdir->d_inode, newdentry, flags);
1065         if (err)
1066                 goto out_dput;
1067
1068         if (cleanup_whiteout)
1069                 ovl_cleanup(old_upperdir->d_inode, newdentry);
1070
1071         if (overwrite && d_inode(new)) {
1072                 if (new_is_dir)
1073                         clear_nlink(d_inode(new));
1074                 else
1075                         drop_nlink(d_inode(new));
1076         }
1077
1078         ovl_dentry_version_inc(old->d_parent);
1079         ovl_dentry_version_inc(new->d_parent);
1080
1081 out_dput:
1082         dput(newdentry);
1083 out_dput_old:
1084         dput(olddentry);
1085 out_unlock:
1086         unlock_rename(new_upperdir, old_upperdir);
1087 out_revert_creds:
1088         revert_creds(old_cred);
1089         ovl_nlink_end(new, locked);
1090 out_drop_write:
1091         ovl_drop_write(old);
1092 out:
1093         dput(opaquedir);
1094         return err;
1095 }
1096
1097 const struct inode_operations ovl_dir_inode_operations = {
1098         .lookup         = ovl_lookup,
1099         .mkdir          = ovl_mkdir,
1100         .symlink        = ovl_symlink,
1101         .unlink         = ovl_unlink,
1102         .rmdir          = ovl_rmdir,
1103         .rename         = ovl_rename,
1104         .link           = ovl_link,
1105         .setattr        = ovl_setattr,
1106         .create         = ovl_create,
1107         .mknod          = ovl_mknod,
1108         .permission     = ovl_permission,
1109         .getattr        = ovl_getattr,
1110         .listxattr      = ovl_listxattr,
1111         .get_acl        = ovl_get_acl,
1112         .update_time    = ovl_update_time,
1113 };