]> git.ipfire.org Git - thirdparty/kernel/linux.git/blob - fs/overlayfs/file.c
projects / thirdparty / kernel / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fs: factor out backing_file_{read,write}_iter() helpers
[thirdparty/kernel/linux.git] / fs / overlayfs / file.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2017 Red Hat, Inc.
4 */
5
6 #include <linux/cred.h>
7 #include <linux/file.h>
8 #include <linux/mount.h>
9 #include <linux/xattr.h>
10 #include <linux/uio.h>
11 #include <linux/uaccess.h>
12 #include <linux/splice.h>
13 #include <linux/security.h>
14 #include <linux/mm.h>
15 #include <linux/fs.h>
16 #include <linux/backing-file.h>
17 #include "overlayfs.h"
18
19 static char ovl_whatisit(struct inode *inode, struct inode *realinode)
20 {
21 if (realinode != ovl_inode_upper(inode))
22 return 'l';
23 if (ovl_has_upperdata(inode))
24 return 'u';
25 else
26 return 'm';
27 }
28
29 /* No atime modification on underlying */
30 #define OVL_OPEN_FLAGS (O_NOATIME)
31
32 static struct file *ovl_open_realfile(const struct file *file,
33 const struct path *realpath)
34 {
35 struct inode *realinode = d_inode(realpath->dentry);
36 struct inode *inode = file_inode(file);
37 struct mnt_idmap *real_idmap;
38 struct file *realfile;
39 const struct cred *old_cred;
40 int flags = file->f_flags | OVL_OPEN_FLAGS;
41 int acc_mode = ACC_MODE(flags);
42 int err;
43
44 if (flags & O_APPEND)
45 acc_mode |= MAY_APPEND;
46
47 old_cred = ovl_override_creds(inode->i_sb);
48 real_idmap = mnt_idmap(realpath->mnt);
49 err = inode_permission(real_idmap, realinode, MAY_OPEN | acc_mode);
50 if (err) {
51 realfile = ERR_PTR(err);
52 } else {
53 if (!inode_owner_or_capable(real_idmap, realinode))
54 flags &= ~O_NOATIME;
55
56 realfile = backing_file_open(&file->f_path, flags, realpath,
57 current_cred());
58 }
59 revert_creds(old_cred);
60
61 pr_debug("open(%p[%pD2/%c], 0%o) -> (%p, 0%o)\n",
62 file, file, ovl_whatisit(inode, realinode), file->f_flags,
63 realfile, IS_ERR(realfile) ? 0 : realfile->f_flags);
64
65 return realfile;
66 }
67
68 #define OVL_SETFL_MASK (O_APPEND | O_NONBLOCK | O_NDELAY | O_DIRECT)
69
70 static int ovl_change_flags(struct file *file, unsigned int flags)
71 {
72 struct inode *inode = file_inode(file);
73 int err;
74
75 flags &= OVL_SETFL_MASK;
76
77 if (((flags ^ file->f_flags) & O_APPEND) && IS_APPEND(inode))
78 return -EPERM;
79
80 if ((flags & O_DIRECT) && !(file->f_mode & FMODE_CAN_ODIRECT))
81 return -EINVAL;
82
83 if (file->f_op->check_flags) {
84 err = file->f_op->check_flags(flags);
85 if (err)
86 return err;
87 }
88
89 spin_lock(&file->f_lock);
90 file->f_flags = (file->f_flags & ~OVL_SETFL_MASK) | flags;
91 file->f_iocb_flags = iocb_flags(file);
92 spin_unlock(&file->f_lock);
93
94 return 0;
95 }
96
97 static int ovl_real_fdget_meta(const struct file *file, struct fd *real,
98 bool allow_meta)
99 {
100 struct dentry *dentry = file_dentry(file);
101 struct path realpath;
102 int err;
103
104 real->flags = 0;
105 real->file = file->private_data;
106
107 if (allow_meta) {
108 ovl_path_real(dentry, &realpath);
109 } else {
110 /* lazy lookup and verify of lowerdata */
111 err = ovl_verify_lowerdata(dentry);
112 if (err)
113 return err;
114
115 ovl_path_realdata(dentry, &realpath);
116 }
117 if (!realpath.dentry)
118 return -EIO;
119
120 /* Has it been copied up since we'd opened it? */
121 if (unlikely(file_inode(real->file) != d_inode(realpath.dentry))) {
122 real->flags = FDPUT_FPUT;
123 real->file = ovl_open_realfile(file, &realpath);
124
125 return PTR_ERR_OR_ZERO(real->file);
126 }
127
128 /* Did the flags change since open? */
129 if (unlikely((file->f_flags ^ real->file->f_flags) & ~OVL_OPEN_FLAGS))
130 return ovl_change_flags(real->file, file->f_flags);
131
132 return 0;
133 }
134
135 static int ovl_real_fdget(const struct file *file, struct fd *real)
136 {
137 if (d_is_dir(file_dentry(file))) {
138 real->flags = 0;
139 real->file = ovl_dir_real_file(file, false);
140
141 return PTR_ERR_OR_ZERO(real->file);
142 }
143
144 return ovl_real_fdget_meta(file, real, false);
145 }
146
147 static int ovl_open(struct inode *inode, struct file *file)
148 {
149 struct dentry *dentry = file_dentry(file);
150 struct file *realfile;
151 struct path realpath;
152 int err;
153
154 /* lazy lookup and verify lowerdata */
155 err = ovl_verify_lowerdata(dentry);
156 if (err)
157 return err;
158
159 err = ovl_maybe_copy_up(dentry, file->f_flags);
160 if (err)
161 return err;
162
163 /* No longer need these flags, so don't pass them on to underlying fs */
164 file->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC);
165
166 ovl_path_realdata(dentry, &realpath);
167 if (!realpath.dentry)
168 return -EIO;
169
170 realfile = ovl_open_realfile(file, &realpath);
171 if (IS_ERR(realfile))
172 return PTR_ERR(realfile);
173
174 file->private_data = realfile;
175
176 return 0;
177 }
178
179 static int ovl_release(struct inode *inode, struct file *file)
180 {
181 fput(file->private_data);
182
183 return 0;
184 }
185
186 static loff_t ovl_llseek(struct file *file, loff_t offset, int whence)
187 {
188 struct inode *inode = file_inode(file);
189 struct fd real;
190 const struct cred *old_cred;
191 loff_t ret;
192
193 /*
194 * The two special cases below do not need to involve real fs,
195 * so we can optimizing concurrent callers.
196 */
197 if (offset == 0) {
198 if (whence == SEEK_CUR)
199 return file->f_pos;
200
201 if (whence == SEEK_SET)
202 return vfs_setpos(file, 0, 0);
203 }
204
205 ret = ovl_real_fdget(file, &real);
206 if (ret)
207 return ret;
208
209 /*
210 * Overlay file f_pos is the master copy that is preserved
211 * through copy up and modified on read/write, but only real
212 * fs knows how to SEEK_HOLE/SEEK_DATA and real fs may impose
213 * limitations that are more strict than ->s_maxbytes for specific
214 * files, so we use the real file to perform seeks.
215 */
216 ovl_inode_lock(inode);
217 real.file->f_pos = file->f_pos;
218
219 old_cred = ovl_override_creds(inode->i_sb);
220 ret = vfs_llseek(real.file, offset, whence);
221 revert_creds(old_cred);
222
223 file->f_pos = real.file->f_pos;
224 ovl_inode_unlock(inode);
225
226 fdput(real);
227
228 return ret;
229 }
230
231 static void ovl_file_modified(struct file *file)
232 {
233 /* Update size/mtime */
234 ovl_copyattr(file_inode(file));
235 }
236
237 static void ovl_file_accessed(struct file *file)
238 {
239 struct inode *inode, *upperinode;
240 struct timespec64 ctime, uctime;
241 struct timespec64 mtime, umtime;
242
243 if (file->f_flags & O_NOATIME)
244 return;
245
246 inode = file_inode(file);
247 upperinode = ovl_inode_upper(inode);
248
249 if (!upperinode)
250 return;
251
252 ctime = inode_get_ctime(inode);
253 uctime = inode_get_ctime(upperinode);
254 mtime = inode_get_mtime(inode);
255 umtime = inode_get_mtime(upperinode);
256 if ((!timespec64_equal(&mtime, &umtime)) ||
257 !timespec64_equal(&ctime, &uctime)) {
258 inode_set_mtime_to_ts(inode, inode_get_mtime(upperinode));
259 inode_set_ctime_to_ts(inode, uctime);
260 }
261
262 touch_atime(&file->f_path);
263 }
264
265 static ssize_t ovl_read_iter(struct kiocb *iocb, struct iov_iter *iter)
266 {
267 struct file *file = iocb->ki_filp;
268 struct fd real;
269 ssize_t ret;
270 struct backing_file_ctx ctx = {
271 .cred = ovl_creds(file_inode(file)->i_sb),
272 .user_file = file,
273 .accessed = ovl_file_accessed,
274 };
275
276 if (!iov_iter_count(iter))
277 return 0;
278
279 ret = ovl_real_fdget(file, &real);
280 if (ret)
281 return ret;
282
283 ret = backing_file_read_iter(real.file, iter, iocb, iocb->ki_flags,
284 &ctx);
285 fdput(real);
286
287 return ret;
288 }
289
290 static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter)
291 {
292 struct file *file = iocb->ki_filp;
293 struct inode *inode = file_inode(file);
294 struct fd real;
295 ssize_t ret;
296 int ifl = iocb->ki_flags;
297 struct backing_file_ctx ctx = {
298 .cred = ovl_creds(inode->i_sb),
299 .user_file = file,
300 .end_write = ovl_file_modified,
301 };
302
303 if (!iov_iter_count(iter))
304 return 0;
305
306 inode_lock(inode);
307 /* Update mode */
308 ovl_copyattr(inode);
309
310 ret = ovl_real_fdget(file, &real);
311 if (ret)
312 goto out_unlock;
313
314 if (!ovl_should_sync(OVL_FS(inode->i_sb)))
315 ifl &= ~(IOCB_DSYNC | IOCB_SYNC);
316
317 /*
318 * Overlayfs doesn't support deferred completions, don't copy
319 * this property in case it is set by the issuer.
320 */
321 ifl &= ~IOCB_DIO_CALLER_COMP;
322 ret = backing_file_write_iter(real.file, iter, iocb, ifl, &ctx);
323 fdput(real);
324
325 out_unlock:
326 inode_unlock(inode);
327
328 return ret;
329 }
330
331 static ssize_t ovl_splice_read(struct file *in, loff_t *ppos,
332 struct pipe_inode_info *pipe, size_t len,
333 unsigned int flags)
334 {
335 const struct cred *old_cred;
336 struct fd real;
337 ssize_t ret;
338
339 ret = ovl_real_fdget(in, &real);
340 if (ret)
341 return ret;
342
343 old_cred = ovl_override_creds(file_inode(in)->i_sb);
344 ret = vfs_splice_read(real.file, ppos, pipe, len, flags);
345 revert_creds(old_cred);
346 ovl_file_accessed(in);
347
348 fdput(real);
349 return ret;
350 }
351
352 /*
353 * Calling iter_file_splice_write() directly from overlay's f_op may deadlock
354 * due to lock order inversion between pipe->mutex in iter_file_splice_write()
355 * and file_start_write(real.file) in ovl_write_iter().
356 *
357 * So do everything ovl_write_iter() does and call iter_file_splice_write() on
358 * the real file.
359 */
360 static ssize_t ovl_splice_write(struct pipe_inode_info *pipe, struct file *out,
361 loff_t *ppos, size_t len, unsigned int flags)
362 {
363 struct fd real;
364 const struct cred *old_cred;
365 struct inode *inode = file_inode(out);
366 ssize_t ret;
367
368 inode_lock(inode);
369 /* Update mode */
370 ovl_copyattr(inode);
371 ret = file_remove_privs(out);
372 if (ret)
373 goto out_unlock;
374
375 ret = ovl_real_fdget(out, &real);
376 if (ret)
377 goto out_unlock;
378
379 old_cred = ovl_override_creds(inode->i_sb);
380 file_start_write(real.file);
381
382 ret = iter_file_splice_write(pipe, real.file, ppos, len, flags);
383
384 file_end_write(real.file);
385 /* Update size */
386 ovl_file_modified(out);
387 revert_creds(old_cred);
388 fdput(real);
389
390 out_unlock:
391 inode_unlock(inode);
392
393 return ret;
394 }
395
396 static int ovl_fsync(struct file *file, loff_t start, loff_t end, int datasync)
397 {
398 struct fd real;
399 const struct cred *old_cred;
400 int ret;
401
402 ret = ovl_sync_status(OVL_FS(file_inode(file)->i_sb));
403 if (ret <= 0)
404 return ret;
405
406 ret = ovl_real_fdget_meta(file, &real, !datasync);
407 if (ret)
408 return ret;
409
410 /* Don't sync lower file for fear of receiving EROFS error */
411 if (file_inode(real.file) == ovl_inode_upper(file_inode(file))) {
412 old_cred = ovl_override_creds(file_inode(file)->i_sb);
413 ret = vfs_fsync_range(real.file, start, end, datasync);
414 revert_creds(old_cred);
415 }
416
417 fdput(real);
418
419 return ret;
420 }
421
422 static int ovl_mmap(struct file *file, struct vm_area_struct *vma)
423 {
424 struct file *realfile = file->private_data;
425 const struct cred *old_cred;
426 int ret;
427
428 if (!realfile->f_op->mmap)
429 return -ENODEV;
430
431 if (WARN_ON(file != vma->vm_file))
432 return -EIO;
433
434 vma_set_file(vma, realfile);
435
436 old_cred = ovl_override_creds(file_inode(file)->i_sb);
437 ret = call_mmap(vma->vm_file, vma);
438 revert_creds(old_cred);
439 ovl_file_accessed(file);
440
441 return ret;
442 }
443
444 static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len)
445 {
446 struct inode *inode = file_inode(file);
447 struct fd real;
448 const struct cred *old_cred;
449 int ret;
450
451 inode_lock(inode);
452 /* Update mode */
453 ovl_copyattr(inode);
454 ret = file_remove_privs(file);
455 if (ret)
456 goto out_unlock;
457
458 ret = ovl_real_fdget(file, &real);
459 if (ret)
460 goto out_unlock;
461
462 old_cred = ovl_override_creds(file_inode(file)->i_sb);
463 ret = vfs_fallocate(real.file, mode, offset, len);
464 revert_creds(old_cred);
465
466 /* Update size */
467 ovl_file_modified(file);
468
469 fdput(real);
470
471 out_unlock:
472 inode_unlock(inode);
473
474 return ret;
475 }
476
477 static int ovl_fadvise(struct file *file, loff_t offset, loff_t len, int advice)
478 {
479 struct fd real;
480 const struct cred *old_cred;
481 int ret;
482
483 ret = ovl_real_fdget(file, &real);
484 if (ret)
485 return ret;
486
487 old_cred = ovl_override_creds(file_inode(file)->i_sb);
488 ret = vfs_fadvise(real.file, offset, len, advice);
489 revert_creds(old_cred);
490
491 fdput(real);
492
493 return ret;
494 }
495
496 enum ovl_copyop {
497 OVL_COPY,
498 OVL_CLONE,
499 OVL_DEDUPE,
500 };
501
502 static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in,
503 struct file *file_out, loff_t pos_out,
504 loff_t len, unsigned int flags, enum ovl_copyop op)
505 {
506 struct inode *inode_out = file_inode(file_out);
507 struct fd real_in, real_out;
508 const struct cred *old_cred;
509 loff_t ret;
510
511 inode_lock(inode_out);
512 if (op != OVL_DEDUPE) {
513 /* Update mode */
514 ovl_copyattr(inode_out);
515 ret = file_remove_privs(file_out);
516 if (ret)
517 goto out_unlock;
518 }
519
520 ret = ovl_real_fdget(file_out, &real_out);
521 if (ret)
522 goto out_unlock;
523
524 ret = ovl_real_fdget(file_in, &real_in);
525 if (ret) {
526 fdput(real_out);
527 goto out_unlock;
528 }
529
530 old_cred = ovl_override_creds(file_inode(file_out)->i_sb);
531 switch (op) {
532 case OVL_COPY:
533 ret = vfs_copy_file_range(real_in.file, pos_in,
534 real_out.file, pos_out, len, flags);
535 break;
536
537 case OVL_CLONE:
538 ret = vfs_clone_file_range(real_in.file, pos_in,
539 real_out.file, pos_out, len, flags);
540 break;
541
542 case OVL_DEDUPE:
543 ret = vfs_dedupe_file_range_one(real_in.file, pos_in,
544 real_out.file, pos_out, len,
545 flags);
546 break;
547 }
548 revert_creds(old_cred);
549
550 /* Update size */
551 ovl_file_modified(file_out);
552
553 fdput(real_in);
554 fdput(real_out);
555
556 out_unlock:
557 inode_unlock(inode_out);
558
559 return ret;
560 }
561
562 static ssize_t ovl_copy_file_range(struct file *file_in, loff_t pos_in,
563 struct file *file_out, loff_t pos_out,
564 size_t len, unsigned int flags)
565 {
566 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len, flags,
567 OVL_COPY);
568 }
569
570 static loff_t ovl_remap_file_range(struct file *file_in, loff_t pos_in,
571 struct file *file_out, loff_t pos_out,
572 loff_t len, unsigned int remap_flags)
573 {
574 enum ovl_copyop op;
575
576 if (remap_flags & ~(REMAP_FILE_DEDUP | REMAP_FILE_ADVISORY))
577 return -EINVAL;
578
579 if (remap_flags & REMAP_FILE_DEDUP)
580 op = OVL_DEDUPE;
581 else
582 op = OVL_CLONE;
583
584 /*
585 * Don't copy up because of a dedupe request, this wouldn't make sense
586 * most of the time (data would be duplicated instead of deduplicated).
587 */
588 if (op == OVL_DEDUPE &&
589 (!ovl_inode_upper(file_inode(file_in)) ||
590 !ovl_inode_upper(file_inode(file_out))))
591 return -EPERM;
592
593 return ovl_copyfile(file_in, pos_in, file_out, pos_out, len,
594 remap_flags, op);
595 }
596
597 static int ovl_flush(struct file *file, fl_owner_t id)
598 {
599 struct fd real;
600 const struct cred *old_cred;
601 int err;
602
603 err = ovl_real_fdget(file, &real);
604 if (err)
605 return err;
606
607 if (real.file->f_op->flush) {
608 old_cred = ovl_override_creds(file_inode(file)->i_sb);
609 err = real.file->f_op->flush(real.file, id);
610 revert_creds(old_cred);
611 }
612 fdput(real);
613
614 return err;
615 }
616
617 const struct file_operations ovl_file_operations = {
618 .open = ovl_open,
619 .release = ovl_release,
620 .llseek = ovl_llseek,
621 .read_iter = ovl_read_iter,
622 .write_iter = ovl_write_iter,
623 .fsync = ovl_fsync,
624 .mmap = ovl_mmap,
625 .fallocate = ovl_fallocate,
626 .fadvise = ovl_fadvise,
627 .flush = ovl_flush,
628 .splice_read = ovl_splice_read,
629 .splice_write = ovl_splice_write,
630
631 .copy_file_range = ovl_copy_file_range,
632 .remap_file_range = ovl_remap_file_range,
633 };
A mirror of Linus' kernel repository