1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright (C) 2017 Red Hat, Inc.
6 #include <linux/cred.h>
7 #include <linux/file.h>
8 #include <linux/mount.h>
9 #include <linux/xattr.h>
10 #include <linux/uio.h>
11 #include <linux/uaccess.h>
12 #include <linux/security.h>
14 #include <linux/backing-file.h>
15 #include "overlayfs.h"
17 static char ovl_whatisit(struct inode *inode, struct inode *realinode)
19 if (realinode != ovl_inode_upper(inode))
21 if (ovl_has_upperdata(inode))
27 static struct file *ovl_open_realfile(const struct file *file,
28 const struct path *realpath)
30 struct inode *realinode = d_inode(realpath->dentry);
31 struct inode *inode = file_inode(file);
32 struct mnt_idmap *real_idmap;
33 struct file *realfile;
34 const struct cred *old_cred;
35 int flags = file->f_flags | OVL_OPEN_FLAGS;
36 int acc_mode = ACC_MODE(flags);
40 acc_mode |= MAY_APPEND;
42 old_cred = ovl_override_creds(inode->i_sb);
43 real_idmap = mnt_idmap(realpath->mnt);
44 err = inode_permission(real_idmap, realinode, MAY_OPEN | acc_mode);
46 realfile = ERR_PTR(err);
48 if (!inode_owner_or_capable(real_idmap, realinode))
51 realfile = backing_file_open(&file->f_path, flags, realpath,
54 revert_creds(old_cred);
56 pr_debug("open(%p[%pD2/%c], 0%o) -> (%p, 0%o)\n",
57 file, file, ovl_whatisit(inode, realinode), file->f_flags,
58 realfile, IS_ERR(realfile) ? 0 : realfile->f_flags);
63 #define OVL_SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT)
65 static int ovl_change_flags(struct file *file, unsigned int flags)
67 struct inode *inode = file_inode(file);
70 flags &= OVL_SETFL_MASK;
72 if (((flags ^ file->f_flags) & O_APPEND) && IS_APPEND(inode))
75 if ((flags & O_DIRECT) && !(file->f_mode & FMODE_CAN_ODIRECT))
78 if (file->f_op->check_flags) {
79 err = file->f_op->check_flags(flags);
84 spin_lock(&file->f_lock);
85 file->f_flags = (file->f_flags & ~OVL_SETFL_MASK) | flags;
86 file->f_iocb_flags = iocb_flags(file);
87 spin_unlock(&file->f_lock);
92 static int ovl_real_fdget_meta(const struct file *file, struct fd *real,
95 struct dentry *dentry = file_dentry(file);
100 real->file = file->private_data;
103 ovl_path_real(dentry, &realpath);
105 /* lazy lookup and verify of lowerdata */
106 err = ovl_verify_lowerdata(dentry);
110 ovl_path_realdata(dentry, &realpath);
112 if (!realpath.dentry)
115 /* Has it been copied up since we'd opened it? */
116 if (unlikely(file_inode(real->file) != d_inode(realpath.dentry))) {
117 real->flags = FDPUT_FPUT;
118 real->file = ovl_open_realfile(file, &realpath);
120 return PTR_ERR_OR_ZERO(real->file);
123 /* Did the flags change since open? */
124 if (unlikely((file->f_flags ^ real->file->f_flags) & ~OVL_OPEN_FLAGS))
125 return ovl_change_flags(real->file, file->f_flags);
130 static int ovl_real_fdget(const struct file *file, struct fd *real)
132 if (d_is_dir(file_dentry(file))) {
134 real->file = ovl_dir_real_file(file, false);
136 return PTR_ERR_OR_ZERO(real->file);
139 return ovl_real_fdget_meta(file, real, false);
142 static int ovl_open(struct inode *inode, struct file *file)
144 struct dentry *dentry = file_dentry(file);
145 struct file *realfile;
146 struct path realpath;
149 /* lazy lookup and verify lowerdata */
150 err = ovl_verify_lowerdata(dentry);
154 err = ovl_maybe_copy_up(dentry, file->f_flags);
158 /* No longer need these flags, so don't pass them on to underlying fs */
159 file->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
161 ovl_path_realdata(dentry, &realpath);
162 if (!realpath.dentry)
165 realfile = ovl_open_realfile(file, &realpath);
166 if (IS_ERR(realfile))
167 return PTR_ERR(realfile);
169 file->private_data = realfile;
174 static int ovl_release(struct inode *inode, struct file *file)
176 fput(file->private_data);
181 static loff_t ovl_llseek(struct file *file, loff_t offset, int whence)
183 struct inode *inode = file_inode(file);
185 const struct cred *old_cred;
189 * The two special cases below do not need to involve real fs,
190 * so we can optimizing concurrent callers.
193 if (whence == SEEK_CUR)
196 if (whence == SEEK_SET)
197 return vfs_setpos(file, 0, 0);
200 ret = ovl_real_fdget(file, &real);
205 * Overlay file f_pos is the master copy that is preserved
206 * through copy up and modified on read/write, but only real
207 * fs knows how to SEEK_HOLE/SEEK_DATA and real fs may impose
208 * limitations that are more strict than ->s_maxbytes for specific
209 * files, so we use the real file to perform seeks.
211 ovl_inode_lock(inode);
212 real.file->f_pos = file->f_pos;
214 old_cred = ovl_override_creds(inode->i_sb);
215 ret = vfs_llseek(real.file, offset, whence);
216 revert_creds(old_cred);
218 file->f_pos = real.file->f_pos;
219 ovl_inode_unlock(inode);
226 static void ovl_file_modified(struct file *file)
228 /* Update size/mtime */
229 ovl_copyattr(file_inode(file));
232 static void ovl_file_accessed(struct file *file)
234 struct inode *inode, *upperinode;
235 struct timespec64 ctime, uctime;
236 struct timespec64 mtime, umtime;
238 if (file->f_flags & O_NOATIME)
241 inode = file_inode(file);
242 upperinode = ovl_inode_upper(inode);
247 ctime = inode_get_ctime(inode);
248 uctime = inode_get_ctime(upperinode);
249 mtime = inode_get_mtime(inode);
250 umtime = inode_get_mtime(upperinode);
251 if ((!timespec64_equal(&mtime, &umtime)) ||
252 !timespec64_equal(&ctime, &uctime)) {
253 inode_set_mtime_to_ts(inode, inode_get_mtime(upperinode));
254 inode_set_ctime_to_ts(inode, uctime);
257 touch_atime(&file->f_path);
260 static ssize_t ovl_read_iter(struct kiocb *iocb, struct iov_iter *iter)
262 struct file *file = iocb->ki_filp;
265 struct backing_file_ctx ctx = {
266 .cred = ovl_creds(file_inode(file)->i_sb),
268 .accessed = ovl_file_accessed,
271 if (!iov_iter_count(iter))
274 ret = ovl_real_fdget(file, &real);
278 ret = backing_file_read_iter(real.file, iter, iocb, iocb->ki_flags,
285 static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
287 struct file *file = iocb->ki_filp;
288 struct inode *inode = file_inode(file);
291 int ifl = iocb->ki_flags;
292 struct backing_file_ctx ctx = {
293 .cred = ovl_creds(inode->i_sb),
295 .end_write = ovl_file_modified,
298 if (!iov_iter_count(iter))
305 ret = ovl_real_fdget(file, &real);
309 if (!ovl_should_sync(OVL_FS(inode->i_sb)))
310 ifl &= ~(IOCB_DSYNC | IOCB_SYNC);
313 * Overlayfs doesn't support deferred completions, don't copy
314 * this property in case it is set by the issuer.
316 ifl &= ~IOCB_DIO_CALLER_COMP;
317 ret = backing_file_write_iter(real.file, iter, iocb, ifl, &ctx);
326 static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
327 struct pipe_inode_info *pipe, size_t len,
332 struct backing_file_ctx ctx = {
333 .cred = ovl_creds(file_inode(in)->i_sb),
335 .accessed = ovl_file_accessed,
338 ret = ovl_real_fdget(in, &real);
342 ret = backing_file_splice_read(real.file, ppos, pipe, len, flags, &ctx);
349 * Calling iter_file_splice_write() directly from overlay's f_op may deadlock
350 * due to lock order inversion between pipe->mutex in iter_file_splice_write()
351 * and file_start_write(real.file) in ovl_write_iter().
353 * So do everything ovl_write_iter() does and call iter_file_splice_write() on
356 static ssize_t ovl_splice_write(struct pipe_inode_info *pipe, struct file *out,
357 loff_t *ppos, size_t len, unsigned int flags)
360 struct inode *inode = file_inode(out);
362 struct backing_file_ctx ctx = {
363 .cred = ovl_creds(inode->i_sb),
365 .end_write = ovl_file_modified,
372 ret = ovl_real_fdget(out, &real);
376 ret = backing_file_splice_write(pipe, real.file, ppos, len, flags, &ctx);
385 static int ovl_fsync(struct file *file, loff_t start, loff_t end, int datasync)
388 const struct cred *old_cred;
391 ret = ovl_sync_status(OVL_FS(file_inode(file)->i_sb));
395 ret = ovl_real_fdget_meta(file, &real, !datasync);
399 /* Don't sync lower file for fear of receiving EROFS error */
400 if (file_inode(real.file) == ovl_inode_upper(file_inode(file))) {
401 old_cred = ovl_override_creds(file_inode(file)->i_sb);
402 ret = vfs_fsync_range(real.file, start, end, datasync);
403 revert_creds(old_cred);
411 static int ovl_mmap(struct file *file, struct vm_area_struct *vma)
413 struct file *realfile = file->private_data;
414 struct backing_file_ctx ctx = {
415 .cred = ovl_creds(file_inode(file)->i_sb),
417 .accessed = ovl_file_accessed,
420 return backing_file_mmap(realfile, vma, &ctx);
423 static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len)
425 struct inode *inode = file_inode(file);
427 const struct cred *old_cred;
433 ret = file_remove_privs(file);
437 ret = ovl_real_fdget(file, &real);
441 old_cred = ovl_override_creds(file_inode(file)->i_sb);
442 ret = vfs_fallocate(real.file, mode, offset, len);
443 revert_creds(old_cred);
446 ovl_file_modified(file);
456 static int ovl_fadvise(struct file *file, loff_t offset, loff_t len, int advice)
459 const struct cred *old_cred;
462 ret = ovl_real_fdget(file, &real);
466 old_cred = ovl_override_creds(file_inode(file)->i_sb);
467 ret = vfs_fadvise(real.file, offset, len, advice);
468 revert_creds(old_cred);
481 static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in,
482 struct file *file_out, loff_t pos_out,
483 loff_t len, unsigned int flags, enum ovl_copyop op)
485 struct inode *inode_out = file_inode(file_out);
486 struct fd real_in, real_out;
487 const struct cred *old_cred;
490 inode_lock(inode_out);
491 if (op != OVL_DEDUPE) {
493 ovl_copyattr(inode_out);
494 ret = file_remove_privs(file_out);
499 ret = ovl_real_fdget(file_out, &real_out);
503 ret = ovl_real_fdget(file_in, &real_in);
509 old_cred = ovl_override_creds(file_inode(file_out)->i_sb);
512 ret = vfs_copy_file_range(real_in.file, pos_in,
513 real_out.file, pos_out, len, flags);
517 ret = vfs_clone_file_range(real_in.file, pos_in,
518 real_out.file, pos_out, len, flags);
522 ret = vfs_dedupe_file_range_one(real_in.file, pos_in,
523 real_out.file, pos_out, len,
527 revert_creds(old_cred);
530 ovl_file_modified(file_out);
536 inode_unlock(inode_out);
541 static ssize_t ovl_copy_file_range(struct file *file_in, loff_t pos_in,
542 struct file *file_out, loff_t pos_out,
543 size_t len, unsigned int flags)
545 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, flags,
549 static loff_t ovl_remap_file_range(struct file *file_in, loff_t pos_in,
550 struct file *file_out, loff_t pos_out,
551 loff_t len, unsigned int remap_flags)
555 if (remap_flags & ~(REMAP_FILE_DEDUP | REMAP_FILE_ADVISORY))
558 if (remap_flags & REMAP_FILE_DEDUP)
564 * Don't copy up because of a dedupe request, this wouldn't make sense
565 * most of the time (data would be duplicated instead of deduplicated).
567 if (op == OVL_DEDUPE &&
568 (!ovl_inode_upper(file_inode(file_in)) ||
569 !ovl_inode_upper(file_inode(file_out))))
572 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len,
576 static int ovl_flush(struct file *file, fl_owner_t id)
579 const struct cred *old_cred;
582 err = ovl_real_fdget(file, &real);
586 if (real.file->f_op->flush) {
587 old_cred = ovl_override_creds(file_inode(file)->i_sb);
588 err = real.file->f_op->flush(real.file, id);
589 revert_creds(old_cred);
596 const struct file_operations ovl_file_operations = {
598 .release = ovl_release,
599 .llseek = ovl_llseek,
600 .read_iter = ovl_read_iter,
601 .write_iter = ovl_write_iter,
604 .fallocate = ovl_fallocate,
605 .fadvise = ovl_fadvise,
607 .splice_read = ovl_splice_read,
608 .splice_write = ovl_splice_write,
610 .copy_file_range = ovl_copy_file_range,
611 .remap_file_range = ovl_remap_file_range,
projects / linux-block.git / blob