]> git.ipfire.org Git - thirdparty/kernel/linux.git/blame - fs/overlayfs/params.c
projects / thirdparty / kernel / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ovl: remove unused code in lowerdir param parsing
[thirdparty/kernel/linux.git] / fs / overlayfs / params.c
CommitLineData
b36a5780
CB		 1// SPDX-License-Identifier: GPL-2.0-only
2
3#include <linux/fs.h>
7fb7998b 4#include <linux/module.h>
b36a5780
CB		 5#include <linux/namei.h>
6#include <linux/fs_context.h>
7#include <linux/fs_parser.h>
8#include <linux/posix_acl_xattr.h>
7fb7998b 9#include <linux/seq_file.h>
b36a5780
CB		 10#include <linux/xattr.h>
11#include "overlayfs.h"
7fb7998b
CB		 12#include "params.h"
13
14static bool ovl_redirect_dir_def = IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_DIR);
15module_param_named(redirect_dir, ovl_redirect_dir_def, bool, 0644);
16MODULE_PARM_DESC(redirect_dir,
17 "Default to on or off for the redirect_dir feature");
18
19static bool ovl_redirect_always_follow =
20 IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW);
21module_param_named(redirect_always_follow, ovl_redirect_always_follow,
22 bool, 0644);
23MODULE_PARM_DESC(redirect_always_follow,
24 "Follow redirects even if redirect_dir feature is turned off");
25
26static bool ovl_xino_auto_def = IS_ENABLED(CONFIG_OVERLAY_FS_XINO_AUTO);
27module_param_named(xino_auto, ovl_xino_auto_def, bool, 0644);
28MODULE_PARM_DESC(xino_auto,
29 "Auto enable xino feature");
30
31static bool ovl_index_def = IS_ENABLED(CONFIG_OVERLAY_FS_INDEX);
32module_param_named(index, ovl_index_def, bool, 0644);
33MODULE_PARM_DESC(index,
34 "Default to on or off for the inodes index feature");
35
36static bool ovl_nfs_export_def = IS_ENABLED(CONFIG_OVERLAY_FS_NFS_EXPORT);
37module_param_named(nfs_export, ovl_nfs_export_def, bool, 0644);
38MODULE_PARM_DESC(nfs_export,
39 "Default to on or off for the NFS export feature");
40
41static bool ovl_metacopy_def = IS_ENABLED(CONFIG_OVERLAY_FS_METACOPY);
42module_param_named(metacopy, ovl_metacopy_def, bool, 0644);
43MODULE_PARM_DESC(metacopy,
44 "Default to on or off for the metadata only copy up feature");
45
46enum {
47 Opt_lowerdir,
48 Opt_upperdir,
49 Opt_workdir,
50 Opt_default_permissions,
51 Opt_redirect_dir,
52 Opt_index,
53 Opt_uuid,
54 Opt_nfs_export,
55 Opt_userxattr,
56 Opt_xino,
57 Opt_metacopy,
ae8cba40 58 Opt_verity,
7fb7998b
CB		 59 Opt_volatile,
60};
61
62static const struct constant_table ovl_parameter_bool[] = {
63 { "on", true },
64 { "off", false },
65 {}
66};
67
b0504bfe
AG		 68static const struct constant_table ovl_parameter_uuid[] = {
69 { "off", OVL_UUID_OFF },
70 { "null", OVL_UUID_NULL },
cbb44f09 71 { "auto", OVL_UUID_AUTO },
b0504bfe
AG		 72 { "on", OVL_UUID_ON },
73 {}
74};
75
76static const char *ovl_uuid_mode(struct ovl_config *config)
77{
78 return ovl_parameter_uuid[config->uuid].name;
79}
80
81static int ovl_uuid_def(void)
82{
cbb44f09 83 return OVL_UUID_AUTO;
b0504bfe
AG		 84}
85
7fb7998b
CB		 86static const struct constant_table ovl_parameter_xino[] = {
87 { "off", OVL_XINO_OFF },
88 { "auto", OVL_XINO_AUTO },
89 { "on", OVL_XINO_ON },
90 {}
91};
92
93const char *ovl_xino_mode(struct ovl_config *config)
94{
95 return ovl_parameter_xino[config->xino].name;
96}
97
98static int ovl_xino_def(void)
99{
100 return ovl_xino_auto_def ? OVL_XINO_AUTO : OVL_XINO_OFF;
101}
102
103const struct constant_table ovl_parameter_redirect_dir[] = {
104 { "off", OVL_REDIRECT_OFF },
105 { "follow", OVL_REDIRECT_FOLLOW },
106 { "nofollow", OVL_REDIRECT_NOFOLLOW },
107 { "on", OVL_REDIRECT_ON },
108 {}
109};
110
111static const char *ovl_redirect_mode(struct ovl_config *config)
112{
113 return ovl_parameter_redirect_dir[config->redirect_mode].name;
114}
115
116static int ovl_redirect_mode_def(void)
117{
118 return ovl_redirect_dir_def ? OVL_REDIRECT_ON :
119 ovl_redirect_always_follow ? OVL_REDIRECT_FOLLOW :
120 OVL_REDIRECT_NOFOLLOW;
121}
122
ae8cba40
AL		 123static const struct constant_table ovl_parameter_verity[] = {
124 { "off", OVL_VERITY_OFF },
125 { "on", OVL_VERITY_ON },
126 { "require", OVL_VERITY_REQUIRE },
127 {}
128};
129
130static const char *ovl_verity_mode(struct ovl_config *config)
131{
132 return ovl_parameter_verity[config->verity_mode].name;
133}
134
135static int ovl_verity_mode_def(void)
136{
137 return OVL_VERITY_OFF;
138}
139
7fb7998b
CB		 140#define fsparam_string_empty(NAME, OPT) \
141 __fsparam(fs_param_is_string, NAME, OPT, fs_param_can_be_empty, NULL)
142
143const struct fs_parameter_spec ovl_parameter_spec[] = {
144 fsparam_string_empty("lowerdir", Opt_lowerdir),
145 fsparam_string("upperdir", Opt_upperdir),
146 fsparam_string("workdir", Opt_workdir),
147 fsparam_flag("default_permissions", Opt_default_permissions),
148 fsparam_enum("redirect_dir", Opt_redirect_dir, ovl_parameter_redirect_dir),
149 fsparam_enum("index", Opt_index, ovl_parameter_bool),
b0504bfe 150 fsparam_enum("uuid", Opt_uuid, ovl_parameter_uuid),
7fb7998b
CB		 151 fsparam_enum("nfs_export", Opt_nfs_export, ovl_parameter_bool),
152 fsparam_flag("userxattr", Opt_userxattr),
153 fsparam_enum("xino", Opt_xino, ovl_parameter_xino),
154 fsparam_enum("metacopy", Opt_metacopy, ovl_parameter_bool),
ae8cba40 155 fsparam_enum("verity", Opt_verity, ovl_parameter_verity),
7fb7998b
CB		 156 fsparam_flag("volatile", Opt_volatile),
157 {}
158};
b36a5780 159
c34706ac
AG		 160static char *ovl_next_opt(char **s)
161{
162 char *sbegin = *s;
163 char *p;
164
165 if (sbegin == NULL)
166 return NULL;
167
168 for (p = sbegin; *p; p++) {
169 if (*p == '\\') {
170 p++;
171 if (!*p)
172 break;
173 } else if (*p == ',') {
174 *p = '\0';
175 *s = p + 1;
176 return sbegin;
177 }
178 }
179 *s = NULL;
180 return sbegin;
181}
182
183static int ovl_parse_monolithic(struct fs_context *fc, void *data)
184{
185 return vfs_parse_monolithic_sep(fc, data, ovl_next_opt);
186}
187
b36a5780
CB		 188static ssize_t ovl_parse_param_split_lowerdirs(char *str)
189{
190 ssize_t nr_layers = 1, nr_colons = 0;
191 char *s, *d;
192
193 for (s = d = str;; s++, d++) {
194 if (*s == '\\') {
32db5107
AG		 195 /* keep esc chars in split lowerdir */
196 *d++ = *s++;
b36a5780
CB		 197 } else if (*s == ':') {
198 bool next_colon = (*(s + 1) == ':');
199
200 nr_colons++;
201 if (nr_colons == 2 && next_colon) {
202 pr_err("only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.\n");
203 return -EINVAL;
204 }
205 /* count layers, not colons */
206 if (!next_colon)
207 nr_layers++;
208
209 *d = '\0';
210 continue;
211 }
212
213 *d = *s;
214 if (!*s) {
215 /* trailing colons */
216 if (nr_colons) {
217 pr_err("unescaped trailing colons in lowerdir mount option.\n");
218 return -EINVAL;
219 }
220 break;
221 }
222 nr_colons = 0;
223 }
224
225 return nr_layers;
226}
227
228static int ovl_mount_dir_noesc(const char *name, struct path *path)
229{
230 int err = -EINVAL;
231
232 if (!*name) {
233 pr_err("empty lowerdir\n");
234 goto out;
235 }
236 err = kern_path(name, LOOKUP_FOLLOW, path);
237 if (err) {
238 pr_err("failed to resolve '%s': %i\n", name, err);
239 goto out;
240 }
241 err = -EINVAL;
242 if (ovl_dentry_weird(path->dentry)) {
243 pr_err("filesystem on '%s' not supported\n", name);
244 goto out_put;
245 }
246 if (!d_is_dir(path->dentry)) {
247 pr_err("'%s' not a directory\n", name);
248 goto out_put;
249 }
250 return 0;
251
252out_put:
253 path_put_init(path);
254out:
255 return err;
256}
257
258static void ovl_unescape(char *s)
259{
260 char *d = s;
261
262 for (;; s++, d++) {
263 if (*s == '\\')
264 s++;
265 *d = *s;
266 if (!*s)
267 break;
268 }
269}
270
32db5107 271static int ovl_mount_dir(const char *name, struct path *path, bool upper)
b36a5780
CB		 272{
273 int err = -ENOMEM;
274 char *tmp = kstrdup(name, GFP_KERNEL);
275
276 if (tmp) {
277 ovl_unescape(tmp);
278 err = ovl_mount_dir_noesc(tmp, path);
279
32db5107 280 if (!err && upper && path->dentry->d_flags & DCACHE_OP_REAL) {
b36a5780
CB		 281 pr_err("filesystem on '%s' not supported as upperdir\n",
282 tmp);
283 path_put_init(path);
284 err = -EINVAL;
285 }
286 kfree(tmp);
287 }
288 return err;
289}
290
7fb7998b
CB		 291static int ovl_parse_param_upperdir(const char *name, struct fs_context *fc,
292 bool workdir)
b36a5780
CB		 293{
294 int err;
295 struct ovl_fs *ofs = fc->s_fs_info;
296 struct ovl_config *config = &ofs->config;
297 struct ovl_fs_context *ctx = fc->fs_private;
298 struct path path;
299 char *dup;
300
32db5107 301 err = ovl_mount_dir(name, &path, true);
b36a5780
CB		 302 if (err)
303 return err;
304
305 /*
306 * Check whether upper path is read-only here to report failures
307 * early. Don't forget to recheck when the superblock is created
308 * as the mount attributes could change.
309 */
310 if (__mnt_is_readonly(path.mnt)) {
311 path_put(&path);
312 return -EINVAL;
313 }
314
315 dup = kstrdup(name, GFP_KERNEL);
316 if (!dup) {
317 path_put(&path);
318 return -ENOMEM;
319 }
320
321 if (workdir) {
322 kfree(config->workdir);
323 config->workdir = dup;
324 path_put(&ctx->work);
325 ctx->work = path;
326 } else {
327 kfree(config->upperdir);
328 config->upperdir = dup;
329 path_put(&ctx->upper);
330 ctx->upper = path;
331 }
332 return 0;
333}
334
7fb7998b 335static void ovl_parse_param_drop_lowerdir(struct ovl_fs_context *ctx)
b36a5780
CB		 336{
337 for (size_t nr = 0; nr < ctx->nr; nr++) {
338 path_put(&ctx->lower[nr].path);
339 kfree(ctx->lower[nr].name);
340 ctx->lower[nr].name = NULL;
341 }
342 ctx->nr = 0;
343 ctx->nr_data = 0;
344}
345
346/*
347 * Parse lowerdir= mount option:
348 *
c835110b 349 * e.g.: lowerdir=/lower1:/lower2:/lower3::/data1::/data2
b36a5780
CB		 350 * Set "/lower1", "/lower2", and "/lower3" as lower layers and
351 * "/data1" and "/data2" as data lower layers. Any existing lower
352 * layers are replaced.
b36a5780 353 */
7fb7998b 354static int ovl_parse_param_lowerdir(const char *name, struct fs_context *fc)
b36a5780
CB		 355{
356 int err;
357 struct ovl_fs_context *ctx = fc->fs_private;
358 struct ovl_fs_context_layer *l;
c835110b 359 char *dup = NULL, *iter;
b36a5780 360 ssize_t nr_lower = 0, nr = 0, nr_data = 0;
c835110b 361 bool data_layer = false;
b36a5780
CB		 362
363 /*
364 * Ensure we're backwards compatible with mount(2)
365 * by allowing relative paths.
366 */
367
368 /* drop all existing lower layers */
c835110b
AG		 369 ovl_parse_param_drop_lowerdir(ctx);
370
371 if (!*name)
b36a5780 372 return 0;
b36a5780 373
beae836e
AG		 374 if (*name == ':') {
375 pr_err("cannot append lower layer");
376 return -EINVAL;
b36a5780
CB		 377 }
378
379 dup = kstrdup(name, GFP_KERNEL);
380 if (!dup)
381 return -ENOMEM;
382
383 err = -EINVAL;
384 nr_lower = ovl_parse_param_split_lowerdirs(dup);
385 if (nr_lower < 0)
386 goto out_err;
387
c835110b 388 if (nr_lower > OVL_MAX_STACK) {
b36a5780
CB		 389 pr_err("too many lower directories, limit is %d\n", OVL_MAX_STACK);
390 goto out_err;
391 }
392
b36a5780
CB		 393 if (nr_lower > ctx->capacity) {
394 err = -ENOMEM;
395 l = krealloc_array(ctx->lower, nr_lower, sizeof(*ctx->lower),
396 GFP_KERNEL_ACCOUNT);
397 if (!l)
398 goto out_err;
399
400 ctx->lower = l;
401 ctx->capacity = nr_lower;
402 }
403
c835110b
AG		 404 iter = dup;
405 l = ctx->lower;
406 for (nr = 0; nr < nr_lower; nr++, l++) {
b36a5780
CB		 407 memset(l, 0, sizeof(*l));
408
c835110b 409 err = ovl_mount_dir(iter, &l->path, false);
b36a5780
CB		 410 if (err)
411 goto out_put;
412
413 err = -ENOMEM;
c835110b 414 l->name = kstrdup(iter, GFP_KERNEL_ACCOUNT);
b36a5780
CB		 415 if (!l->name)
416 goto out_put;
417
418 if (data_layer)
419 nr_data++;
420
421 /* Calling strchr() again would overrun. */
422 if ((nr + 1) == nr_lower)
423 break;
424
425 err = -EINVAL;
c835110b
AG		 426 iter = strchr(iter, '\0') + 1;
427 if (*iter) {
b36a5780
CB		 428 /*
429 * This is a regular layer so we require that
430 * there are no data layers.
431 */
432 if ((ctx->nr_data + nr_data) > 0) {
433 pr_err("regular lower layers cannot follow data lower layers");
434 goto out_put;
435 }
436
437 data_layer = false;
438 continue;
439 }
440
441 /* This is a data lower layer. */
442 data_layer = true;
c835110b 443 iter++;
b36a5780
CB		 444 }
445 ctx->nr = nr_lower;
446 ctx->nr_data += nr_data;
447 kfree(dup);
448 return 0;
449
450out_put:
c835110b 451 ovl_parse_param_drop_lowerdir(ctx);
b36a5780
CB		 452
453out_err:
454 kfree(dup);
455
456 /* Intentionally don't realloc to a smaller size. */
457 return err;
458}
7fb7998b
CB		 459
460static int ovl_parse_param(struct fs_context *fc, struct fs_parameter *param)
461{
462 int err = 0;
463 struct fs_parse_result result;
464 struct ovl_fs *ofs = fc->s_fs_info;
465 struct ovl_config *config = &ofs->config;
466 struct ovl_fs_context *ctx = fc->fs_private;
467 int opt;
468
469 if (fc->purpose == FS_CONTEXT_FOR_RECONFIGURE) {
470 /*
471 * On remount overlayfs has always ignored all mount
472 * options no matter if malformed or not so for
473 * backwards compatibility we do the same here.
474 */
475 if (fc->oldapi)
476 return 0;
477
478 /*
479 * Give us the freedom to allow changing mount options
480 * with the new mount api in the future. So instead of
481 * silently ignoring everything we report a proper
482 * error. This is only visible for users of the new
483 * mount api.
484 */
485 return invalfc(fc, "No changes allowed in reconfigure");
486 }
487
488 opt = fs_parse(fc, ovl_parameter_spec, param, &result);
489 if (opt < 0)
490 return opt;
491
492 switch (opt) {
493 case Opt_lowerdir:
494 err = ovl_parse_param_lowerdir(param->string, fc);
495 break;
496 case Opt_upperdir:
497 fallthrough;
498 case Opt_workdir:
499 err = ovl_parse_param_upperdir(param->string, fc,
500 (Opt_workdir == opt));
501 break;
502 case Opt_default_permissions:
503 config->default_permissions = true;
504 break;
505 case Opt_redirect_dir:
506 config->redirect_mode = result.uint_32;
507 if (config->redirect_mode == OVL_REDIRECT_OFF) {
508 config->redirect_mode = ovl_redirect_always_follow ?
509 OVL_REDIRECT_FOLLOW :
510 OVL_REDIRECT_NOFOLLOW;
511 }
512 ctx->set.redirect = true;
513 break;
514 case Opt_index:
515 config->index = result.uint_32;
516 ctx->set.index = true;
517 break;
518 case Opt_uuid:
519 config->uuid = result.uint_32;
520 break;
521 case Opt_nfs_export:
522 config->nfs_export = result.uint_32;
523 ctx->set.nfs_export = true;
524 break;
525 case Opt_xino:
526 config->xino = result.uint_32;
527 break;
528 case Opt_metacopy:
529 config->metacopy = result.uint_32;
530 ctx->set.metacopy = true;
531 break;
ae8cba40
AL		 532 case Opt_verity:
533 config->verity_mode = result.uint_32;
534 break;
7fb7998b
CB		 535 case Opt_volatile:
536 config->ovl_volatile = true;
537 break;
538 case Opt_userxattr:
539 config->userxattr = true;
540 break;
541 default:
542 pr_err("unrecognized mount option \"%s\" or missing value\n",
543 param->key);
544 return -EINVAL;
545 }
546
547 return err;
548}
549
550static int ovl_get_tree(struct fs_context *fc)
551{
552 return get_tree_nodev(fc, ovl_fill_super);
553}
554
555static inline void ovl_fs_context_free(struct ovl_fs_context *ctx)
556{
557 ovl_parse_param_drop_lowerdir(ctx);
558 path_put(&ctx->upper);
559 path_put(&ctx->work);
560 kfree(ctx->lower);
561 kfree(ctx);
562}
563
564static void ovl_free(struct fs_context *fc)
565{
566 struct ovl_fs *ofs = fc->s_fs_info;
567 struct ovl_fs_context *ctx = fc->fs_private;
568
569 /*
570 * ofs is stored in the fs_context when it is initialized.
571 * ofs is transferred to the superblock on a successful mount,
572 * but if an error occurs before the transfer we have to free
573 * it here.
574 */
575 if (ofs)
576 ovl_free_fs(ofs);
577
578 if (ctx)
579 ovl_fs_context_free(ctx);
580}
581
582static int ovl_reconfigure(struct fs_context *fc)
583{
584 struct super_block *sb = fc->root->d_sb;
f01d0889 585 struct ovl_fs *ofs = OVL_FS(sb);
7fb7998b
CB		 586 struct super_block *upper_sb;
587 int ret = 0;
588
589 if (!(fc->sb_flags & SB_RDONLY) && ovl_force_readonly(ofs))
590 return -EROFS;
591
592 if (fc->sb_flags & SB_RDONLY && !sb_rdonly(sb)) {
593 upper_sb = ovl_upper_mnt(ofs)->mnt_sb;
594 if (ovl_should_sync(ofs)) {
595 down_read(&upper_sb->s_umount);
596 ret = sync_filesystem(upper_sb);
597 up_read(&upper_sb->s_umount);
598 }
599 }
600
601 return ret;
602}
603
604static const struct fs_context_operations ovl_context_ops = {
c34706ac 605 .parse_monolithic = ovl_parse_monolithic,
7fb7998b
CB		 606 .parse_param = ovl_parse_param,
607 .get_tree = ovl_get_tree,
608 .reconfigure = ovl_reconfigure,
609 .free = ovl_free,
610};
611
612/*
613 * This is called during fsopen() and will record the user namespace of
614 * the caller in fc->user_ns since we've raised FS_USERNS_MOUNT. We'll
615 * need it when we actually create the superblock to verify that the
616 * process creating the superblock is in the same user namespace as
617 * process that called fsopen().
618 */
619int ovl_init_fs_context(struct fs_context *fc)
620{
621 struct ovl_fs_context *ctx;
622 struct ovl_fs *ofs;
623
624 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT);
625 if (!ctx)
626 return -ENOMEM;
627
628 /*
629 * By default we allocate for three lower layers. It's likely
630 * that it'll cover most users.
631 */
632 ctx->lower = kmalloc_array(3, sizeof(*ctx->lower), GFP_KERNEL_ACCOUNT);
633 if (!ctx->lower)
634 goto out_err;
635 ctx->capacity = 3;
636
637 ofs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL);
638 if (!ofs)
639 goto out_err;
640
641 ofs->config.redirect_mode = ovl_redirect_mode_def();
642 ofs->config.index = ovl_index_def;
b0504bfe 643 ofs->config.uuid = ovl_uuid_def();
7fb7998b
CB		 644 ofs->config.nfs_export = ovl_nfs_export_def;
645 ofs->config.xino = ovl_xino_def();
646 ofs->config.metacopy = ovl_metacopy_def;
647
648 fc->s_fs_info = ofs;
649 fc->fs_private = ctx;
650 fc->ops = &ovl_context_ops;
651 return 0;
652
653out_err:
654 ovl_fs_context_free(ctx);
655 return -ENOMEM;
656
657}
658
659void ovl_free_fs(struct ovl_fs *ofs)
660{
661 struct vfsmount **mounts;
662 unsigned i;
663
664 iput(ofs->workbasedir_trap);
665 iput(ofs->indexdir_trap);
666 iput(ofs->workdir_trap);
667 dput(ofs->whiteout);
668 dput(ofs->indexdir);
669 dput(ofs->workdir);
670 if (ofs->workdir_locked)
671 ovl_inuse_unlock(ofs->workbasedir);
672 dput(ofs->workbasedir);
673 if (ofs->upperdir_locked)
674 ovl_inuse_unlock(ovl_upper_mnt(ofs)->mnt_root);
675
a535116d
AG		 676 /* Reuse ofs->config.lowerdirs as a vfsmount array before freeing it */
677 mounts = (struct vfsmount **) ofs->config.lowerdirs;
7fb7998b
CB		 678 for (i = 0; i < ofs->numlayer; i++) {
679 iput(ofs->layers[i].trap);
a535116d 680 kfree(ofs->config.lowerdirs[i]);
7fb7998b 681 mounts[i] = ofs->layers[i].mnt;
7fb7998b
CB		 682 }
683 kern_unmount_array(mounts, ofs->numlayer);
684 kfree(ofs->layers);
685 for (i = 0; i < ofs->numfs; i++)
686 free_anon_bdev(ofs->fs[i].pseudo_dev);
687 kfree(ofs->fs);
688
a535116d 689 kfree(ofs->config.lowerdirs);
7fb7998b
CB		 690 kfree(ofs->config.upperdir);
691 kfree(ofs->config.workdir);
692 if (ofs->creator_cred)
693 put_cred(ofs->creator_cred);
694 kfree(ofs);
695}
696
697int ovl_fs_params_verify(const struct ovl_fs_context *ctx,
698 struct ovl_config *config)
699{
700 struct ovl_opt_set set = ctx->set;
701
702 if (ctx->nr_data > 0 && !config->metacopy) {
703 pr_err("lower data-only dirs require metacopy support.\n");
704 return -EINVAL;
705 }
706
707 /* Workdir/index are useless in non-upper mount */
708 if (!config->upperdir) {
709 if (config->workdir) {
710 pr_info("option \"workdir=%s\" is useless in a non-upper mount, ignore\n",
711 config->workdir);
712 kfree(config->workdir);
713 config->workdir = NULL;
714 }
715 if (config->index && set.index) {
716 pr_info("option \"index=on\" is useless in a non-upper mount, ignore\n");
717 set.index = false;
718 }
719 config->index = false;
720 }
721
722 if (!config->upperdir && config->ovl_volatile) {
723 pr_info("option \"volatile\" is meaningless in a non-upper mount, ignoring it.\n");
724 config->ovl_volatile = false;
725 }
726
d9544c1b
AG		 727 if (!config->upperdir && config->uuid == OVL_UUID_ON) {
728 pr_info("option \"uuid=on\" requires an upper fs, falling back to uuid=null.\n");
729 config->uuid = OVL_UUID_NULL;
730 }
731
ae8cba40
AL		 732 /* Resolve verity -> metacopy dependency */
733 if (config->verity_mode && !config->metacopy) {
734 /* Don't allow explicit specified conflicting combinations */
735 if (set.metacopy) {
736 pr_err("conflicting options: metacopy=off,verity=%s\n",
737 ovl_verity_mode(config));
738 return -EINVAL;
739 }
740 /* Otherwise automatically enable metacopy. */
741 config->metacopy = true;
742 }
743
7fb7998b
CB		 744 /*
745 * This is to make the logic below simpler. It doesn't make any other
746 * difference, since redirect_dir=on is only used for upper.
747 */
748 if (!config->upperdir && config->redirect_mode == OVL_REDIRECT_FOLLOW)
749 config->redirect_mode = OVL_REDIRECT_ON;
750
ae8cba40 751 /* Resolve verity -> metacopy -> redirect_dir dependency */
7fb7998b
CB		 752 if (config->metacopy && config->redirect_mode != OVL_REDIRECT_ON) {
753 if (set.metacopy && set.redirect) {
754 pr_err("conflicting options: metacopy=on,redirect_dir=%s\n",
755 ovl_redirect_mode(config));
756 return -EINVAL;
757 }
ae8cba40
AL		 758 if (config->verity_mode && set.redirect) {
759 pr_err("conflicting options: verity=%s,redirect_dir=%s\n",
760 ovl_verity_mode(config), ovl_redirect_mode(config));
761 return -EINVAL;
762 }
7fb7998b
CB		 763 if (set.redirect) {
764 /*
765 * There was an explicit redirect_dir=... that resulted
766 * in this conflict.
767 */
768 pr_info("disabling metacopy due to redirect_dir=%s\n",
769 ovl_redirect_mode(config));
770 config->metacopy = false;
771 } else {
772 /* Automatically enable redirect otherwise. */
773 config->redirect_mode = OVL_REDIRECT_ON;
774 }
775 }
776
777 /* Resolve nfs_export -> index dependency */
778 if (config->nfs_export && !config->index) {
779 if (!config->upperdir &&
780 config->redirect_mode != OVL_REDIRECT_NOFOLLOW) {
781 pr_info("NFS export requires \"redirect_dir=nofollow\" on non-upper mount, falling back to nfs_export=off.\n");
782 config->nfs_export = false;
783 } else if (set.nfs_export && set.index) {
784 pr_err("conflicting options: nfs_export=on,index=off\n");
785 return -EINVAL;
786 } else if (set.index) {
787 /*
788 * There was an explicit index=off that resulted
789 * in this conflict.
790 */
791 pr_info("disabling nfs_export due to index=off\n");
792 config->nfs_export = false;
793 } else {
794 /* Automatically enable index otherwise. */
795 config->index = true;
796 }
797 }
798
ae8cba40 799 /* Resolve nfs_export -> !metacopy && !verity dependency */
7fb7998b
CB		 800 if (config->nfs_export && config->metacopy) {
801 if (set.nfs_export && set.metacopy) {
802 pr_err("conflicting options: nfs_export=on,metacopy=on\n");
803 return -EINVAL;
804 }
805 if (set.metacopy) {
806 /*
807 * There was an explicit metacopy=on that resulted
808 * in this conflict.
809 */
810 pr_info("disabling nfs_export due to metacopy=on\n");
811 config->nfs_export = false;
ae8cba40
AL		 812 } else if (config->verity_mode) {
813 /*
814 * There was an explicit verity=.. that resulted
815 * in this conflict.
816 */
817 pr_info("disabling nfs_export due to verity=%s\n",
818 ovl_verity_mode(config));
819 config->nfs_export = false;
7fb7998b
CB		 820 } else {
821 /*
822 * There was an explicit nfs_export=on that resulted
823 * in this conflict.
824 */
825 pr_info("disabling metacopy due to nfs_export=on\n");
826 config->metacopy = false;
827 }
828 }
829
830
ae8cba40 831 /* Resolve userxattr -> !redirect && !metacopy && !verity dependency */
7fb7998b
CB		 832 if (config->userxattr) {
833 if (set.redirect &&
834 config->redirect_mode != OVL_REDIRECT_NOFOLLOW) {
835 pr_err("conflicting options: userxattr,redirect_dir=%s\n",
836 ovl_redirect_mode(config));
837 return -EINVAL;
838 }
839 if (config->metacopy && set.metacopy) {
840 pr_err("conflicting options: userxattr,metacopy=on\n");
841 return -EINVAL;
842 }
ae8cba40
AL		 843 if (config->verity_mode) {
844 pr_err("conflicting options: userxattr,verity=%s\n",
845 ovl_verity_mode(config));
846 return -EINVAL;
847 }
7fb7998b
CB		 848 /*
849 * Silently disable default setting of redirect and metacopy.
850 * This shall be the default in the future as well: these
851 * options must be explicitly enabled if used together with
852 * userxattr.
853 */
854 config->redirect_mode = OVL_REDIRECT_NOFOLLOW;
855 config->metacopy = false;
856 }
857
858 return 0;
859}
860
861/**
862 * ovl_show_options
863 * @m: the seq_file handle
864 * @dentry: The dentry to query
865 *
866 * Prints the mount options for a given superblock.
867 * Returns zero; does not fail.
868 */
869int ovl_show_options(struct seq_file *m, struct dentry *dentry)
870{
871 struct super_block *sb = dentry->d_sb;
f01d0889 872 struct ovl_fs *ofs = OVL_FS(sb);
7fb7998b 873 size_t nr, nr_merged_lower = ofs->numlayer - ofs->numdatalayer;
32db5107
AG		 874
875 /*
876 * lowerdirs[] starts from offset 1, then
877 * >= 0 regular lower layers prefixed with : and
878 * >= 0 data-only lower layers prefixed with ::
879 *
880 * we need to escase comma and space like seq_show_option() does and
881 * we also need to escape the colon separator from lowerdir paths.
882 */
883 seq_puts(m, ",lowerdir=");
884 for (nr = 1; nr < ofs->numlayer; nr++) {
885 if (nr > 1)
886 seq_putc(m, ':');
887 if (nr >= nr_merged_lower)
888 seq_putc(m, ':');
889 seq_escape(m, ofs->config.lowerdirs[nr], ":, \t\n\\");
890 }
7fb7998b
CB		 891 if (ofs->config.upperdir) {
892 seq_show_option(m, "upperdir", ofs->config.upperdir);
893 seq_show_option(m, "workdir", ofs->config.workdir);
894 }
895 if (ofs->config.default_permissions)
896 seq_puts(m, ",default_permissions");
897 if (ofs->config.redirect_mode != ovl_redirect_mode_def())
898 seq_printf(m, ",redirect_dir=%s",
899 ovl_redirect_mode(&ofs->config));
900 if (ofs->config.index != ovl_index_def)
901 seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off");
b0504bfe
AG		 902 if (ofs->config.uuid != ovl_uuid_def())
903 seq_printf(m, ",uuid=%s", ovl_uuid_mode(&ofs->config));
7fb7998b
CB		 904 if (ofs->config.nfs_export != ovl_nfs_export_def)
905 seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ?
906 "on" : "off");
907 if (ofs->config.xino != ovl_xino_def() && !ovl_same_fs(ofs))
908 seq_printf(m, ",xino=%s", ovl_xino_mode(&ofs->config));
909 if (ofs->config.metacopy != ovl_metacopy_def)
910 seq_printf(m, ",metacopy=%s",
911 ofs->config.metacopy ? "on" : "off");
912 if (ofs->config.ovl_volatile)
913 seq_puts(m, ",volatile");
914 if (ofs->config.userxattr)
915 seq_puts(m, ",userxattr");
ae8cba40
AL		 916 if (ofs->config.verity_mode != ovl_verity_mode_def())
917 seq_printf(m, ",verity=%s",
918 ovl_verity_mode(&ofs->config));
7fb7998b
CB		 919 return 0;
920}
A mirror of Linus' kernel repository