]>
Commit | Line | Data |
---|---|---|
b36a5780 CB |
1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | ||
3 | #include <linux/fs.h> | |
7fb7998b | 4 | #include <linux/module.h> |
b36a5780 CB |
5 | #include <linux/namei.h> |
6 | #include <linux/fs_context.h> | |
7 | #include <linux/fs_parser.h> | |
8 | #include <linux/posix_acl_xattr.h> | |
7fb7998b | 9 | #include <linux/seq_file.h> |
b36a5780 CB |
10 | #include <linux/xattr.h> |
11 | #include "overlayfs.h" | |
7fb7998b CB |
12 | #include "params.h" |
13 | ||
14 | static bool ovl_redirect_dir_def = IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_DIR); | |
15 | module_param_named(redirect_dir, ovl_redirect_dir_def, bool, 0644); | |
16 | MODULE_PARM_DESC(redirect_dir, | |
17 | "Default to on or off for the redirect_dir feature"); | |
18 | ||
19 | static bool ovl_redirect_always_follow = | |
20 | IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW); | |
21 | module_param_named(redirect_always_follow, ovl_redirect_always_follow, | |
22 | bool, 0644); | |
23 | MODULE_PARM_DESC(redirect_always_follow, | |
24 | "Follow redirects even if redirect_dir feature is turned off"); | |
25 | ||
26 | static bool ovl_xino_auto_def = IS_ENABLED(CONFIG_OVERLAY_FS_XINO_AUTO); | |
27 | module_param_named(xino_auto, ovl_xino_auto_def, bool, 0644); | |
28 | MODULE_PARM_DESC(xino_auto, | |
29 | "Auto enable xino feature"); | |
30 | ||
31 | static bool ovl_index_def = IS_ENABLED(CONFIG_OVERLAY_FS_INDEX); | |
32 | module_param_named(index, ovl_index_def, bool, 0644); | |
33 | MODULE_PARM_DESC(index, | |
34 | "Default to on or off for the inodes index feature"); | |
35 | ||
36 | static bool ovl_nfs_export_def = IS_ENABLED(CONFIG_OVERLAY_FS_NFS_EXPORT); | |
37 | module_param_named(nfs_export, ovl_nfs_export_def, bool, 0644); | |
38 | MODULE_PARM_DESC(nfs_export, | |
39 | "Default to on or off for the NFS export feature"); | |
40 | ||
41 | static bool ovl_metacopy_def = IS_ENABLED(CONFIG_OVERLAY_FS_METACOPY); | |
42 | module_param_named(metacopy, ovl_metacopy_def, bool, 0644); | |
43 | MODULE_PARM_DESC(metacopy, | |
44 | "Default to on or off for the metadata only copy up feature"); | |
45 | ||
819829f0 | 46 | enum ovl_opt { |
7fb7998b | 47 | Opt_lowerdir, |
24e16e38 AG |
48 | Opt_lowerdir_add, |
49 | Opt_datadir_add, | |
7fb7998b CB |
50 | Opt_upperdir, |
51 | Opt_workdir, | |
52 | Opt_default_permissions, | |
53 | Opt_redirect_dir, | |
54 | Opt_index, | |
55 | Opt_uuid, | |
56 | Opt_nfs_export, | |
57 | Opt_userxattr, | |
58 | Opt_xino, | |
59 | Opt_metacopy, | |
ae8cba40 | 60 | Opt_verity, |
7fb7998b CB |
61 | Opt_volatile, |
62 | }; | |
63 | ||
64 | static const struct constant_table ovl_parameter_bool[] = { | |
65 | { "on", true }, | |
66 | { "off", false }, | |
67 | {} | |
68 | }; | |
69 | ||
b0504bfe AG |
70 | static const struct constant_table ovl_parameter_uuid[] = { |
71 | { "off", OVL_UUID_OFF }, | |
72 | { "null", OVL_UUID_NULL }, | |
cbb44f09 | 73 | { "auto", OVL_UUID_AUTO }, |
b0504bfe AG |
74 | { "on", OVL_UUID_ON }, |
75 | {} | |
76 | }; | |
77 | ||
78 | static const char *ovl_uuid_mode(struct ovl_config *config) | |
79 | { | |
80 | return ovl_parameter_uuid[config->uuid].name; | |
81 | } | |
82 | ||
83 | static int ovl_uuid_def(void) | |
84 | { | |
cbb44f09 | 85 | return OVL_UUID_AUTO; |
b0504bfe AG |
86 | } |
87 | ||
7fb7998b CB |
88 | static const struct constant_table ovl_parameter_xino[] = { |
89 | { "off", OVL_XINO_OFF }, | |
90 | { "auto", OVL_XINO_AUTO }, | |
91 | { "on", OVL_XINO_ON }, | |
92 | {} | |
93 | }; | |
94 | ||
95 | const char *ovl_xino_mode(struct ovl_config *config) | |
96 | { | |
97 | return ovl_parameter_xino[config->xino].name; | |
98 | } | |
99 | ||
100 | static int ovl_xino_def(void) | |
101 | { | |
102 | return ovl_xino_auto_def ? OVL_XINO_AUTO : OVL_XINO_OFF; | |
103 | } | |
104 | ||
105 | const struct constant_table ovl_parameter_redirect_dir[] = { | |
106 | { "off", OVL_REDIRECT_OFF }, | |
107 | { "follow", OVL_REDIRECT_FOLLOW }, | |
108 | { "nofollow", OVL_REDIRECT_NOFOLLOW }, | |
109 | { "on", OVL_REDIRECT_ON }, | |
110 | {} | |
111 | }; | |
112 | ||
113 | static const char *ovl_redirect_mode(struct ovl_config *config) | |
114 | { | |
115 | return ovl_parameter_redirect_dir[config->redirect_mode].name; | |
116 | } | |
117 | ||
118 | static int ovl_redirect_mode_def(void) | |
119 | { | |
120 | return ovl_redirect_dir_def ? OVL_REDIRECT_ON : | |
121 | ovl_redirect_always_follow ? OVL_REDIRECT_FOLLOW : | |
122 | OVL_REDIRECT_NOFOLLOW; | |
123 | } | |
124 | ||
ae8cba40 AL |
125 | static const struct constant_table ovl_parameter_verity[] = { |
126 | { "off", OVL_VERITY_OFF }, | |
127 | { "on", OVL_VERITY_ON }, | |
128 | { "require", OVL_VERITY_REQUIRE }, | |
129 | {} | |
130 | }; | |
131 | ||
132 | static const char *ovl_verity_mode(struct ovl_config *config) | |
133 | { | |
134 | return ovl_parameter_verity[config->verity_mode].name; | |
135 | } | |
136 | ||
137 | static int ovl_verity_mode_def(void) | |
138 | { | |
139 | return OVL_VERITY_OFF; | |
140 | } | |
141 | ||
7fb7998b CB |
142 | #define fsparam_string_empty(NAME, OPT) \ |
143 | __fsparam(fs_param_is_string, NAME, OPT, fs_param_can_be_empty, NULL) | |
144 | ||
24e16e38 | 145 | |
7fb7998b CB |
146 | const struct fs_parameter_spec ovl_parameter_spec[] = { |
147 | fsparam_string_empty("lowerdir", Opt_lowerdir), | |
24e16e38 AG |
148 | fsparam_string("lowerdir+", Opt_lowerdir_add), |
149 | fsparam_string("datadir+", Opt_datadir_add), | |
7fb7998b CB |
150 | fsparam_string("upperdir", Opt_upperdir), |
151 | fsparam_string("workdir", Opt_workdir), | |
152 | fsparam_flag("default_permissions", Opt_default_permissions), | |
153 | fsparam_enum("redirect_dir", Opt_redirect_dir, ovl_parameter_redirect_dir), | |
154 | fsparam_enum("index", Opt_index, ovl_parameter_bool), | |
b0504bfe | 155 | fsparam_enum("uuid", Opt_uuid, ovl_parameter_uuid), |
7fb7998b CB |
156 | fsparam_enum("nfs_export", Opt_nfs_export, ovl_parameter_bool), |
157 | fsparam_flag("userxattr", Opt_userxattr), | |
158 | fsparam_enum("xino", Opt_xino, ovl_parameter_xino), | |
159 | fsparam_enum("metacopy", Opt_metacopy, ovl_parameter_bool), | |
ae8cba40 | 160 | fsparam_enum("verity", Opt_verity, ovl_parameter_verity), |
7fb7998b CB |
161 | fsparam_flag("volatile", Opt_volatile), |
162 | {} | |
163 | }; | |
b36a5780 | 164 | |
c34706ac AG |
165 | static char *ovl_next_opt(char **s) |
166 | { | |
167 | char *sbegin = *s; | |
168 | char *p; | |
169 | ||
170 | if (sbegin == NULL) | |
171 | return NULL; | |
172 | ||
173 | for (p = sbegin; *p; p++) { | |
174 | if (*p == '\\') { | |
175 | p++; | |
176 | if (!*p) | |
177 | break; | |
178 | } else if (*p == ',') { | |
179 | *p = '\0'; | |
180 | *s = p + 1; | |
181 | return sbegin; | |
182 | } | |
183 | } | |
184 | *s = NULL; | |
185 | return sbegin; | |
186 | } | |
187 | ||
188 | static int ovl_parse_monolithic(struct fs_context *fc, void *data) | |
189 | { | |
190 | return vfs_parse_monolithic_sep(fc, data, ovl_next_opt); | |
191 | } | |
192 | ||
b36a5780 CB |
193 | static ssize_t ovl_parse_param_split_lowerdirs(char *str) |
194 | { | |
195 | ssize_t nr_layers = 1, nr_colons = 0; | |
196 | char *s, *d; | |
197 | ||
198 | for (s = d = str;; s++, d++) { | |
199 | if (*s == '\\') { | |
32db5107 AG |
200 | /* keep esc chars in split lowerdir */ |
201 | *d++ = *s++; | |
b36a5780 CB |
202 | } else if (*s == ':') { |
203 | bool next_colon = (*(s + 1) == ':'); | |
204 | ||
205 | nr_colons++; | |
206 | if (nr_colons == 2 && next_colon) { | |
207 | pr_err("only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.\n"); | |
208 | return -EINVAL; | |
209 | } | |
210 | /* count layers, not colons */ | |
211 | if (!next_colon) | |
212 | nr_layers++; | |
213 | ||
214 | *d = '\0'; | |
215 | continue; | |
216 | } | |
217 | ||
218 | *d = *s; | |
219 | if (!*s) { | |
220 | /* trailing colons */ | |
221 | if (nr_colons) { | |
222 | pr_err("unescaped trailing colons in lowerdir mount option.\n"); | |
223 | return -EINVAL; | |
224 | } | |
225 | break; | |
226 | } | |
227 | nr_colons = 0; | |
228 | } | |
229 | ||
230 | return nr_layers; | |
231 | } | |
232 | ||
233 | static int ovl_mount_dir_noesc(const char *name, struct path *path) | |
234 | { | |
235 | int err = -EINVAL; | |
236 | ||
237 | if (!*name) { | |
238 | pr_err("empty lowerdir\n"); | |
239 | goto out; | |
240 | } | |
241 | err = kern_path(name, LOOKUP_FOLLOW, path); | |
242 | if (err) { | |
243 | pr_err("failed to resolve '%s': %i\n", name, err); | |
244 | goto out; | |
245 | } | |
b36a5780 CB |
246 | return 0; |
247 | ||
b36a5780 CB |
248 | out: |
249 | return err; | |
250 | } | |
251 | ||
252 | static void ovl_unescape(char *s) | |
253 | { | |
254 | char *d = s; | |
255 | ||
256 | for (;; s++, d++) { | |
257 | if (*s == '\\') | |
258 | s++; | |
259 | *d = *s; | |
260 | if (!*s) | |
261 | break; | |
262 | } | |
263 | } | |
264 | ||
819829f0 | 265 | static int ovl_mount_dir(const char *name, struct path *path) |
b36a5780 CB |
266 | { |
267 | int err = -ENOMEM; | |
268 | char *tmp = kstrdup(name, GFP_KERNEL); | |
269 | ||
270 | if (tmp) { | |
271 | ovl_unescape(tmp); | |
272 | err = ovl_mount_dir_noesc(tmp, path); | |
b36a5780 CB |
273 | kfree(tmp); |
274 | } | |
275 | return err; | |
276 | } | |
277 | ||
819829f0 AG |
278 | static int ovl_mount_dir_check(struct fs_context *fc, const struct path *path, |
279 | enum ovl_opt layer, const char *name, bool upper) | |
b36a5780 | 280 | { |
24e16e38 AG |
281 | struct ovl_fs_context *ctx = fc->fs_private; |
282 | ||
819829f0 AG |
283 | if (ovl_dentry_weird(path->dentry)) |
284 | return invalfc(fc, "filesystem on %s not supported", name); | |
b36a5780 | 285 | |
819829f0 AG |
286 | if (!d_is_dir(path->dentry)) |
287 | return invalfc(fc, "%s is not a directory", name); | |
b36a5780 | 288 | |
24e16e38 | 289 | |
b36a5780 CB |
290 | /* |
291 | * Check whether upper path is read-only here to report failures | |
292 | * early. Don't forget to recheck when the superblock is created | |
293 | * as the mount attributes could change. | |
294 | */ | |
819829f0 AG |
295 | if (upper) { |
296 | if (path->dentry->d_flags & DCACHE_OP_REAL) | |
297 | return invalfc(fc, "filesystem on %s not supported as upperdir", name); | |
298 | if (__mnt_is_readonly(path->mnt)) | |
299 | return invalfc(fc, "filesystem on %s is read-only", name); | |
24e16e38 AG |
300 | } else { |
301 | if (ctx->lowerdir_all && layer != Opt_lowerdir) | |
302 | return invalfc(fc, "lowerdir+ and datadir+ cannot follow lowerdir"); | |
303 | if (ctx->nr_data && layer == Opt_lowerdir_add) | |
304 | return invalfc(fc, "regular lower layers cannot follow data layers"); | |
305 | if (ctx->nr == OVL_MAX_STACK) | |
306 | return invalfc(fc, "too many lower directories, limit is %d", | |
307 | OVL_MAX_STACK); | |
b36a5780 | 308 | } |
819829f0 AG |
309 | return 0; |
310 | } | |
b36a5780 | 311 | |
24e16e38 AG |
312 | static int ovl_ctx_realloc_lower(struct fs_context *fc) |
313 | { | |
314 | struct ovl_fs_context *ctx = fc->fs_private; | |
315 | struct ovl_fs_context_layer *l; | |
316 | size_t nr; | |
317 | ||
318 | if (ctx->nr < ctx->capacity) | |
319 | return 0; | |
320 | ||
321 | nr = min_t(size_t, max(4096 / sizeof(*l), ctx->capacity * 2), | |
322 | OVL_MAX_STACK); | |
323 | l = krealloc_array(ctx->lower, nr, sizeof(*l), GFP_KERNEL_ACCOUNT); | |
324 | if (!l) | |
325 | return -ENOMEM; | |
326 | ||
327 | ctx->lower = l; | |
328 | ctx->capacity = nr; | |
329 | return 0; | |
330 | } | |
331 | ||
819829f0 AG |
332 | static void ovl_add_layer(struct fs_context *fc, enum ovl_opt layer, |
333 | struct path *path, char **pname) | |
334 | { | |
335 | struct ovl_fs *ofs = fc->s_fs_info; | |
336 | struct ovl_config *config = &ofs->config; | |
337 | struct ovl_fs_context *ctx = fc->fs_private; | |
24e16e38 | 338 | struct ovl_fs_context_layer *l; |
b36a5780 | 339 | |
819829f0 AG |
340 | switch (layer) { |
341 | case Opt_workdir: | |
342 | swap(config->workdir, *pname); | |
343 | swap(ctx->work, *path); | |
344 | break; | |
345 | case Opt_upperdir: | |
346 | swap(config->upperdir, *pname); | |
347 | swap(ctx->upper, *path); | |
348 | break; | |
24e16e38 AG |
349 | case Opt_datadir_add: |
350 | ctx->nr_data++; | |
351 | fallthrough; | |
352 | case Opt_lowerdir_add: | |
353 | WARN_ON(ctx->nr >= ctx->capacity); | |
354 | l = &ctx->lower[ctx->nr++]; | |
355 | memset(l, 0, sizeof(*l)); | |
356 | swap(l->name, *pname); | |
357 | swap(l->path, *path); | |
358 | break; | |
819829f0 AG |
359 | default: |
360 | WARN_ON(1); | |
b36a5780 | 361 | } |
819829f0 AG |
362 | } |
363 | ||
364 | static int ovl_parse_layer(struct fs_context *fc, struct fs_parameter *param, | |
365 | enum ovl_opt layer) | |
366 | { | |
367 | char *name = kstrdup(param->string, GFP_KERNEL); | |
368 | bool upper = (layer == Opt_upperdir || layer == Opt_workdir); | |
369 | struct path path; | |
370 | int err; | |
371 | ||
372 | if (!name) | |
373 | return -ENOMEM; | |
374 | ||
24e16e38 AG |
375 | if (upper) |
376 | err = ovl_mount_dir(name, &path); | |
377 | else | |
378 | err = ovl_mount_dir_noesc(name, &path); | |
819829f0 AG |
379 | if (err) |
380 | goto out_free; | |
381 | ||
382 | err = ovl_mount_dir_check(fc, &path, layer, name, upper); | |
383 | if (err) | |
384 | goto out_put; | |
385 | ||
24e16e38 AG |
386 | if (!upper) { |
387 | err = ovl_ctx_realloc_lower(fc); | |
388 | if (err) | |
389 | goto out_put; | |
390 | } | |
391 | ||
819829f0 AG |
392 | /* Store the user provided path string in ctx to show in mountinfo */ |
393 | ovl_add_layer(fc, layer, &path, &name); | |
394 | ||
395 | out_put: | |
396 | path_put(&path); | |
397 | out_free: | |
398 | kfree(name); | |
399 | return err; | |
b36a5780 CB |
400 | } |
401 | ||
0cea4c09 | 402 | static void ovl_reset_lowerdirs(struct ovl_fs_context *ctx) |
b36a5780 | 403 | { |
0cea4c09 AG |
404 | struct ovl_fs_context_layer *l = ctx->lower; |
405 | ||
406 | // Reset old user provided lowerdir string | |
407 | kfree(ctx->lowerdir_all); | |
408 | ctx->lowerdir_all = NULL; | |
409 | ||
410 | for (size_t nr = 0; nr < ctx->nr; nr++, l++) { | |
411 | path_put(&l->path); | |
412 | kfree(l->name); | |
413 | l->name = NULL; | |
b36a5780 CB |
414 | } |
415 | ctx->nr = 0; | |
416 | ctx->nr_data = 0; | |
417 | } | |
418 | ||
419 | /* | |
420 | * Parse lowerdir= mount option: | |
421 | * | |
c835110b | 422 | * e.g.: lowerdir=/lower1:/lower2:/lower3::/data1::/data2 |
b36a5780 CB |
423 | * Set "/lower1", "/lower2", and "/lower3" as lower layers and |
424 | * "/data1" and "/data2" as data lower layers. Any existing lower | |
425 | * layers are replaced. | |
b36a5780 | 426 | */ |
7fb7998b | 427 | static int ovl_parse_param_lowerdir(const char *name, struct fs_context *fc) |
b36a5780 CB |
428 | { |
429 | int err; | |
430 | struct ovl_fs_context *ctx = fc->fs_private; | |
431 | struct ovl_fs_context_layer *l; | |
c835110b | 432 | char *dup = NULL, *iter; |
37f32f52 | 433 | ssize_t nr_lower, nr; |
c835110b | 434 | bool data_layer = false; |
b36a5780 CB |
435 | |
436 | /* | |
437 | * Ensure we're backwards compatible with mount(2) | |
438 | * by allowing relative paths. | |
439 | */ | |
440 | ||
441 | /* drop all existing lower layers */ | |
0cea4c09 | 442 | ovl_reset_lowerdirs(ctx); |
c835110b AG |
443 | |
444 | if (!*name) | |
b36a5780 | 445 | return 0; |
b36a5780 | 446 | |
beae836e AG |
447 | if (*name == ':') { |
448 | pr_err("cannot append lower layer"); | |
449 | return -EINVAL; | |
b36a5780 CB |
450 | } |
451 | ||
0cea4c09 AG |
452 | // Store user provided lowerdir string to show in mount options |
453 | ctx->lowerdir_all = kstrdup(name, GFP_KERNEL); | |
454 | if (!ctx->lowerdir_all) | |
455 | return -ENOMEM; | |
456 | ||
b36a5780 CB |
457 | dup = kstrdup(name, GFP_KERNEL); |
458 | if (!dup) | |
459 | return -ENOMEM; | |
460 | ||
461 | err = -EINVAL; | |
462 | nr_lower = ovl_parse_param_split_lowerdirs(dup); | |
463 | if (nr_lower < 0) | |
464 | goto out_err; | |
465 | ||
c835110b | 466 | if (nr_lower > OVL_MAX_STACK) { |
b36a5780 CB |
467 | pr_err("too many lower directories, limit is %d\n", OVL_MAX_STACK); |
468 | goto out_err; | |
469 | } | |
470 | ||
b36a5780 CB |
471 | if (nr_lower > ctx->capacity) { |
472 | err = -ENOMEM; | |
473 | l = krealloc_array(ctx->lower, nr_lower, sizeof(*ctx->lower), | |
474 | GFP_KERNEL_ACCOUNT); | |
475 | if (!l) | |
476 | goto out_err; | |
477 | ||
478 | ctx->lower = l; | |
479 | ctx->capacity = nr_lower; | |
480 | } | |
481 | ||
c835110b AG |
482 | iter = dup; |
483 | l = ctx->lower; | |
484 | for (nr = 0; nr < nr_lower; nr++, l++) { | |
37f32f52 | 485 | ctx->nr++; |
b36a5780 CB |
486 | memset(l, 0, sizeof(*l)); |
487 | ||
819829f0 AG |
488 | err = ovl_mount_dir(iter, &l->path); |
489 | if (err) | |
490 | goto out_put; | |
491 | ||
492 | err = ovl_mount_dir_check(fc, &l->path, Opt_lowerdir, iter, false); | |
b36a5780 CB |
493 | if (err) |
494 | goto out_put; | |
495 | ||
496 | err = -ENOMEM; | |
c835110b | 497 | l->name = kstrdup(iter, GFP_KERNEL_ACCOUNT); |
b36a5780 CB |
498 | if (!l->name) |
499 | goto out_put; | |
500 | ||
501 | if (data_layer) | |
37f32f52 | 502 | ctx->nr_data++; |
b36a5780 CB |
503 | |
504 | /* Calling strchr() again would overrun. */ | |
37f32f52 | 505 | if (ctx->nr == nr_lower) |
b36a5780 CB |
506 | break; |
507 | ||
508 | err = -EINVAL; | |
c835110b AG |
509 | iter = strchr(iter, '\0') + 1; |
510 | if (*iter) { | |
b36a5780 CB |
511 | /* |
512 | * This is a regular layer so we require that | |
513 | * there are no data layers. | |
514 | */ | |
37f32f52 | 515 | if (ctx->nr_data > 0) { |
b36a5780 CB |
516 | pr_err("regular lower layers cannot follow data lower layers"); |
517 | goto out_put; | |
518 | } | |
519 | ||
520 | data_layer = false; | |
521 | continue; | |
522 | } | |
523 | ||
524 | /* This is a data lower layer. */ | |
525 | data_layer = true; | |
c835110b | 526 | iter++; |
b36a5780 | 527 | } |
b36a5780 CB |
528 | kfree(dup); |
529 | return 0; | |
530 | ||
531 | out_put: | |
0cea4c09 | 532 | ovl_reset_lowerdirs(ctx); |
b36a5780 CB |
533 | |
534 | out_err: | |
535 | kfree(dup); | |
536 | ||
537 | /* Intentionally don't realloc to a smaller size. */ | |
538 | return err; | |
539 | } | |
7fb7998b CB |
540 | |
541 | static int ovl_parse_param(struct fs_context *fc, struct fs_parameter *param) | |
542 | { | |
543 | int err = 0; | |
544 | struct fs_parse_result result; | |
545 | struct ovl_fs *ofs = fc->s_fs_info; | |
546 | struct ovl_config *config = &ofs->config; | |
547 | struct ovl_fs_context *ctx = fc->fs_private; | |
548 | int opt; | |
549 | ||
550 | if (fc->purpose == FS_CONTEXT_FOR_RECONFIGURE) { | |
551 | /* | |
552 | * On remount overlayfs has always ignored all mount | |
553 | * options no matter if malformed or not so for | |
554 | * backwards compatibility we do the same here. | |
555 | */ | |
556 | if (fc->oldapi) | |
557 | return 0; | |
558 | ||
559 | /* | |
560 | * Give us the freedom to allow changing mount options | |
561 | * with the new mount api in the future. So instead of | |
562 | * silently ignoring everything we report a proper | |
563 | * error. This is only visible for users of the new | |
564 | * mount api. | |
565 | */ | |
566 | return invalfc(fc, "No changes allowed in reconfigure"); | |
567 | } | |
568 | ||
569 | opt = fs_parse(fc, ovl_parameter_spec, param, &result); | |
570 | if (opt < 0) | |
571 | return opt; | |
572 | ||
573 | switch (opt) { | |
574 | case Opt_lowerdir: | |
575 | err = ovl_parse_param_lowerdir(param->string, fc); | |
576 | break; | |
24e16e38 AG |
577 | case Opt_lowerdir_add: |
578 | case Opt_datadir_add: | |
7fb7998b | 579 | case Opt_upperdir: |
7fb7998b | 580 | case Opt_workdir: |
819829f0 | 581 | err = ovl_parse_layer(fc, param, opt); |
7fb7998b CB |
582 | break; |
583 | case Opt_default_permissions: | |
584 | config->default_permissions = true; | |
585 | break; | |
586 | case Opt_redirect_dir: | |
587 | config->redirect_mode = result.uint_32; | |
588 | if (config->redirect_mode == OVL_REDIRECT_OFF) { | |
589 | config->redirect_mode = ovl_redirect_always_follow ? | |
590 | OVL_REDIRECT_FOLLOW : | |
591 | OVL_REDIRECT_NOFOLLOW; | |
592 | } | |
593 | ctx->set.redirect = true; | |
594 | break; | |
595 | case Opt_index: | |
596 | config->index = result.uint_32; | |
597 | ctx->set.index = true; | |
598 | break; | |
599 | case Opt_uuid: | |
600 | config->uuid = result.uint_32; | |
601 | break; | |
602 | case Opt_nfs_export: | |
603 | config->nfs_export = result.uint_32; | |
604 | ctx->set.nfs_export = true; | |
605 | break; | |
606 | case Opt_xino: | |
607 | config->xino = result.uint_32; | |
608 | break; | |
609 | case Opt_metacopy: | |
610 | config->metacopy = result.uint_32; | |
611 | ctx->set.metacopy = true; | |
612 | break; | |
ae8cba40 AL |
613 | case Opt_verity: |
614 | config->verity_mode = result.uint_32; | |
615 | break; | |
7fb7998b CB |
616 | case Opt_volatile: |
617 | config->ovl_volatile = true; | |
618 | break; | |
619 | case Opt_userxattr: | |
620 | config->userxattr = true; | |
621 | break; | |
622 | default: | |
623 | pr_err("unrecognized mount option \"%s\" or missing value\n", | |
624 | param->key); | |
625 | return -EINVAL; | |
626 | } | |
627 | ||
628 | return err; | |
629 | } | |
630 | ||
631 | static int ovl_get_tree(struct fs_context *fc) | |
632 | { | |
633 | return get_tree_nodev(fc, ovl_fill_super); | |
634 | } | |
635 | ||
636 | static inline void ovl_fs_context_free(struct ovl_fs_context *ctx) | |
637 | { | |
0cea4c09 | 638 | ovl_reset_lowerdirs(ctx); |
7fb7998b CB |
639 | path_put(&ctx->upper); |
640 | path_put(&ctx->work); | |
641 | kfree(ctx->lower); | |
642 | kfree(ctx); | |
643 | } | |
644 | ||
645 | static void ovl_free(struct fs_context *fc) | |
646 | { | |
647 | struct ovl_fs *ofs = fc->s_fs_info; | |
648 | struct ovl_fs_context *ctx = fc->fs_private; | |
649 | ||
650 | /* | |
651 | * ofs is stored in the fs_context when it is initialized. | |
652 | * ofs is transferred to the superblock on a successful mount, | |
653 | * but if an error occurs before the transfer we have to free | |
654 | * it here. | |
655 | */ | |
656 | if (ofs) | |
657 | ovl_free_fs(ofs); | |
658 | ||
659 | if (ctx) | |
660 | ovl_fs_context_free(ctx); | |
661 | } | |
662 | ||
663 | static int ovl_reconfigure(struct fs_context *fc) | |
664 | { | |
665 | struct super_block *sb = fc->root->d_sb; | |
f01d0889 | 666 | struct ovl_fs *ofs = OVL_FS(sb); |
7fb7998b CB |
667 | struct super_block *upper_sb; |
668 | int ret = 0; | |
669 | ||
670 | if (!(fc->sb_flags & SB_RDONLY) && ovl_force_readonly(ofs)) | |
671 | return -EROFS; | |
672 | ||
673 | if (fc->sb_flags & SB_RDONLY && !sb_rdonly(sb)) { | |
674 | upper_sb = ovl_upper_mnt(ofs)->mnt_sb; | |
675 | if (ovl_should_sync(ofs)) { | |
676 | down_read(&upper_sb->s_umount); | |
677 | ret = sync_filesystem(upper_sb); | |
678 | up_read(&upper_sb->s_umount); | |
679 | } | |
680 | } | |
681 | ||
682 | return ret; | |
683 | } | |
684 | ||
685 | static const struct fs_context_operations ovl_context_ops = { | |
c34706ac | 686 | .parse_monolithic = ovl_parse_monolithic, |
7fb7998b CB |
687 | .parse_param = ovl_parse_param, |
688 | .get_tree = ovl_get_tree, | |
689 | .reconfigure = ovl_reconfigure, | |
690 | .free = ovl_free, | |
691 | }; | |
692 | ||
693 | /* | |
694 | * This is called during fsopen() and will record the user namespace of | |
695 | * the caller in fc->user_ns since we've raised FS_USERNS_MOUNT. We'll | |
696 | * need it when we actually create the superblock to verify that the | |
697 | * process creating the superblock is in the same user namespace as | |
698 | * process that called fsopen(). | |
699 | */ | |
700 | int ovl_init_fs_context(struct fs_context *fc) | |
701 | { | |
702 | struct ovl_fs_context *ctx; | |
703 | struct ovl_fs *ofs; | |
704 | ||
705 | ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT); | |
706 | if (!ctx) | |
707 | return -ENOMEM; | |
708 | ||
709 | /* | |
710 | * By default we allocate for three lower layers. It's likely | |
711 | * that it'll cover most users. | |
712 | */ | |
713 | ctx->lower = kmalloc_array(3, sizeof(*ctx->lower), GFP_KERNEL_ACCOUNT); | |
714 | if (!ctx->lower) | |
715 | goto out_err; | |
716 | ctx->capacity = 3; | |
717 | ||
718 | ofs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL); | |
719 | if (!ofs) | |
720 | goto out_err; | |
721 | ||
722 | ofs->config.redirect_mode = ovl_redirect_mode_def(); | |
723 | ofs->config.index = ovl_index_def; | |
b0504bfe | 724 | ofs->config.uuid = ovl_uuid_def(); |
7fb7998b CB |
725 | ofs->config.nfs_export = ovl_nfs_export_def; |
726 | ofs->config.xino = ovl_xino_def(); | |
727 | ofs->config.metacopy = ovl_metacopy_def; | |
728 | ||
729 | fc->s_fs_info = ofs; | |
730 | fc->fs_private = ctx; | |
731 | fc->ops = &ovl_context_ops; | |
732 | return 0; | |
733 | ||
734 | out_err: | |
735 | ovl_fs_context_free(ctx); | |
736 | return -ENOMEM; | |
737 | ||
738 | } | |
739 | ||
740 | void ovl_free_fs(struct ovl_fs *ofs) | |
741 | { | |
742 | struct vfsmount **mounts; | |
743 | unsigned i; | |
744 | ||
745 | iput(ofs->workbasedir_trap); | |
746 | iput(ofs->indexdir_trap); | |
747 | iput(ofs->workdir_trap); | |
748 | dput(ofs->whiteout); | |
749 | dput(ofs->indexdir); | |
750 | dput(ofs->workdir); | |
751 | if (ofs->workdir_locked) | |
752 | ovl_inuse_unlock(ofs->workbasedir); | |
753 | dput(ofs->workbasedir); | |
754 | if (ofs->upperdir_locked) | |
755 | ovl_inuse_unlock(ovl_upper_mnt(ofs)->mnt_root); | |
756 | ||
a535116d AG |
757 | /* Reuse ofs->config.lowerdirs as a vfsmount array before freeing it */ |
758 | mounts = (struct vfsmount **) ofs->config.lowerdirs; | |
7fb7998b CB |
759 | for (i = 0; i < ofs->numlayer; i++) { |
760 | iput(ofs->layers[i].trap); | |
a535116d | 761 | kfree(ofs->config.lowerdirs[i]); |
7fb7998b | 762 | mounts[i] = ofs->layers[i].mnt; |
7fb7998b CB |
763 | } |
764 | kern_unmount_array(mounts, ofs->numlayer); | |
765 | kfree(ofs->layers); | |
766 | for (i = 0; i < ofs->numfs; i++) | |
767 | free_anon_bdev(ofs->fs[i].pseudo_dev); | |
768 | kfree(ofs->fs); | |
769 | ||
a535116d | 770 | kfree(ofs->config.lowerdirs); |
7fb7998b CB |
771 | kfree(ofs->config.upperdir); |
772 | kfree(ofs->config.workdir); | |
773 | if (ofs->creator_cred) | |
774 | put_cred(ofs->creator_cred); | |
775 | kfree(ofs); | |
776 | } | |
777 | ||
778 | int ovl_fs_params_verify(const struct ovl_fs_context *ctx, | |
779 | struct ovl_config *config) | |
780 | { | |
781 | struct ovl_opt_set set = ctx->set; | |
782 | ||
783 | if (ctx->nr_data > 0 && !config->metacopy) { | |
784 | pr_err("lower data-only dirs require metacopy support.\n"); | |
785 | return -EINVAL; | |
786 | } | |
787 | ||
788 | /* Workdir/index are useless in non-upper mount */ | |
789 | if (!config->upperdir) { | |
790 | if (config->workdir) { | |
791 | pr_info("option \"workdir=%s\" is useless in a non-upper mount, ignore\n", | |
792 | config->workdir); | |
793 | kfree(config->workdir); | |
794 | config->workdir = NULL; | |
795 | } | |
796 | if (config->index && set.index) { | |
797 | pr_info("option \"index=on\" is useless in a non-upper mount, ignore\n"); | |
798 | set.index = false; | |
799 | } | |
800 | config->index = false; | |
801 | } | |
802 | ||
803 | if (!config->upperdir && config->ovl_volatile) { | |
804 | pr_info("option \"volatile\" is meaningless in a non-upper mount, ignoring it.\n"); | |
805 | config->ovl_volatile = false; | |
806 | } | |
807 | ||
d9544c1b AG |
808 | if (!config->upperdir && config->uuid == OVL_UUID_ON) { |
809 | pr_info("option \"uuid=on\" requires an upper fs, falling back to uuid=null.\n"); | |
810 | config->uuid = OVL_UUID_NULL; | |
811 | } | |
812 | ||
ae8cba40 AL |
813 | /* Resolve verity -> metacopy dependency */ |
814 | if (config->verity_mode && !config->metacopy) { | |
815 | /* Don't allow explicit specified conflicting combinations */ | |
816 | if (set.metacopy) { | |
817 | pr_err("conflicting options: metacopy=off,verity=%s\n", | |
818 | ovl_verity_mode(config)); | |
819 | return -EINVAL; | |
820 | } | |
821 | /* Otherwise automatically enable metacopy. */ | |
822 | config->metacopy = true; | |
823 | } | |
824 | ||
7fb7998b CB |
825 | /* |
826 | * This is to make the logic below simpler. It doesn't make any other | |
827 | * difference, since redirect_dir=on is only used for upper. | |
828 | */ | |
829 | if (!config->upperdir && config->redirect_mode == OVL_REDIRECT_FOLLOW) | |
830 | config->redirect_mode = OVL_REDIRECT_ON; | |
831 | ||
ae8cba40 | 832 | /* Resolve verity -> metacopy -> redirect_dir dependency */ |
7fb7998b CB |
833 | if (config->metacopy && config->redirect_mode != OVL_REDIRECT_ON) { |
834 | if (set.metacopy && set.redirect) { | |
835 | pr_err("conflicting options: metacopy=on,redirect_dir=%s\n", | |
836 | ovl_redirect_mode(config)); | |
837 | return -EINVAL; | |
838 | } | |
ae8cba40 AL |
839 | if (config->verity_mode && set.redirect) { |
840 | pr_err("conflicting options: verity=%s,redirect_dir=%s\n", | |
841 | ovl_verity_mode(config), ovl_redirect_mode(config)); | |
842 | return -EINVAL; | |
843 | } | |
7fb7998b CB |
844 | if (set.redirect) { |
845 | /* | |
846 | * There was an explicit redirect_dir=... that resulted | |
847 | * in this conflict. | |
848 | */ | |
849 | pr_info("disabling metacopy due to redirect_dir=%s\n", | |
850 | ovl_redirect_mode(config)); | |
851 | config->metacopy = false; | |
852 | } else { | |
853 | /* Automatically enable redirect otherwise. */ | |
854 | config->redirect_mode = OVL_REDIRECT_ON; | |
855 | } | |
856 | } | |
857 | ||
858 | /* Resolve nfs_export -> index dependency */ | |
859 | if (config->nfs_export && !config->index) { | |
860 | if (!config->upperdir && | |
861 | config->redirect_mode != OVL_REDIRECT_NOFOLLOW) { | |
862 | pr_info("NFS export requires \"redirect_dir=nofollow\" on non-upper mount, falling back to nfs_export=off.\n"); | |
863 | config->nfs_export = false; | |
864 | } else if (set.nfs_export && set.index) { | |
865 | pr_err("conflicting options: nfs_export=on,index=off\n"); | |
866 | return -EINVAL; | |
867 | } else if (set.index) { | |
868 | /* | |
869 | * There was an explicit index=off that resulted | |
870 | * in this conflict. | |
871 | */ | |
872 | pr_info("disabling nfs_export due to index=off\n"); | |
873 | config->nfs_export = false; | |
874 | } else { | |
875 | /* Automatically enable index otherwise. */ | |
876 | config->index = true; | |
877 | } | |
878 | } | |
879 | ||
ae8cba40 | 880 | /* Resolve nfs_export -> !metacopy && !verity dependency */ |
7fb7998b CB |
881 | if (config->nfs_export && config->metacopy) { |
882 | if (set.nfs_export && set.metacopy) { | |
883 | pr_err("conflicting options: nfs_export=on,metacopy=on\n"); | |
884 | return -EINVAL; | |
885 | } | |
886 | if (set.metacopy) { | |
887 | /* | |
888 | * There was an explicit metacopy=on that resulted | |
889 | * in this conflict. | |
890 | */ | |
891 | pr_info("disabling nfs_export due to metacopy=on\n"); | |
892 | config->nfs_export = false; | |
ae8cba40 AL |
893 | } else if (config->verity_mode) { |
894 | /* | |
895 | * There was an explicit verity=.. that resulted | |
896 | * in this conflict. | |
897 | */ | |
898 | pr_info("disabling nfs_export due to verity=%s\n", | |
899 | ovl_verity_mode(config)); | |
900 | config->nfs_export = false; | |
7fb7998b CB |
901 | } else { |
902 | /* | |
903 | * There was an explicit nfs_export=on that resulted | |
904 | * in this conflict. | |
905 | */ | |
906 | pr_info("disabling metacopy due to nfs_export=on\n"); | |
907 | config->metacopy = false; | |
908 | } | |
909 | } | |
910 | ||
911 | ||
ae8cba40 | 912 | /* Resolve userxattr -> !redirect && !metacopy && !verity dependency */ |
7fb7998b CB |
913 | if (config->userxattr) { |
914 | if (set.redirect && | |
915 | config->redirect_mode != OVL_REDIRECT_NOFOLLOW) { | |
916 | pr_err("conflicting options: userxattr,redirect_dir=%s\n", | |
917 | ovl_redirect_mode(config)); | |
918 | return -EINVAL; | |
919 | } | |
920 | if (config->metacopy && set.metacopy) { | |
921 | pr_err("conflicting options: userxattr,metacopy=on\n"); | |
922 | return -EINVAL; | |
923 | } | |
ae8cba40 AL |
924 | if (config->verity_mode) { |
925 | pr_err("conflicting options: userxattr,verity=%s\n", | |
926 | ovl_verity_mode(config)); | |
927 | return -EINVAL; | |
928 | } | |
7fb7998b CB |
929 | /* |
930 | * Silently disable default setting of redirect and metacopy. | |
931 | * This shall be the default in the future as well: these | |
932 | * options must be explicitly enabled if used together with | |
933 | * userxattr. | |
934 | */ | |
935 | config->redirect_mode = OVL_REDIRECT_NOFOLLOW; | |
936 | config->metacopy = false; | |
937 | } | |
938 | ||
939 | return 0; | |
940 | } | |
941 | ||
942 | /** | |
943 | * ovl_show_options | |
944 | * @m: the seq_file handle | |
945 | * @dentry: The dentry to query | |
946 | * | |
947 | * Prints the mount options for a given superblock. | |
948 | * Returns zero; does not fail. | |
949 | */ | |
950 | int ovl_show_options(struct seq_file *m, struct dentry *dentry) | |
951 | { | |
952 | struct super_block *sb = dentry->d_sb; | |
f01d0889 | 953 | struct ovl_fs *ofs = OVL_FS(sb); |
24e16e38 | 954 | size_t nr, nr_merged_lower, nr_lower = 0; |
0cea4c09 | 955 | char **lowerdirs = ofs->config.lowerdirs; |
32db5107 AG |
956 | |
957 | /* | |
0cea4c09 AG |
958 | * lowerdirs[0] holds the colon separated list that user provided |
959 | * with lowerdir mount option. | |
24e16e38 AG |
960 | * lowerdirs[1..numlayer] hold the lowerdir paths that were added |
961 | * using the lowerdir+ and datadir+ mount options. | |
962 | * For now, we do not allow mixing the legacy lowerdir mount option | |
963 | * with the new lowerdir+ and datadir+ mount options. | |
32db5107 | 964 | */ |
24e16e38 AG |
965 | if (lowerdirs[0]) { |
966 | seq_show_option(m, "lowerdir", lowerdirs[0]); | |
967 | } else { | |
968 | nr_lower = ofs->numlayer; | |
969 | nr_merged_lower = nr_lower - ofs->numdatalayer; | |
970 | } | |
971 | for (nr = 1; nr < nr_lower; nr++) { | |
972 | if (nr < nr_merged_lower) | |
973 | seq_show_option(m, "lowerdir+", lowerdirs[nr]); | |
974 | else | |
975 | seq_show_option(m, "datadir+", lowerdirs[nr]); | |
976 | } | |
7fb7998b CB |
977 | if (ofs->config.upperdir) { |
978 | seq_show_option(m, "upperdir", ofs->config.upperdir); | |
979 | seq_show_option(m, "workdir", ofs->config.workdir); | |
980 | } | |
981 | if (ofs->config.default_permissions) | |
982 | seq_puts(m, ",default_permissions"); | |
983 | if (ofs->config.redirect_mode != ovl_redirect_mode_def()) | |
984 | seq_printf(m, ",redirect_dir=%s", | |
985 | ovl_redirect_mode(&ofs->config)); | |
986 | if (ofs->config.index != ovl_index_def) | |
987 | seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off"); | |
b0504bfe AG |
988 | if (ofs->config.uuid != ovl_uuid_def()) |
989 | seq_printf(m, ",uuid=%s", ovl_uuid_mode(&ofs->config)); | |
7fb7998b CB |
990 | if (ofs->config.nfs_export != ovl_nfs_export_def) |
991 | seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ? | |
992 | "on" : "off"); | |
993 | if (ofs->config.xino != ovl_xino_def() && !ovl_same_fs(ofs)) | |
994 | seq_printf(m, ",xino=%s", ovl_xino_mode(&ofs->config)); | |
995 | if (ofs->config.metacopy != ovl_metacopy_def) | |
996 | seq_printf(m, ",metacopy=%s", | |
997 | ofs->config.metacopy ? "on" : "off"); | |
998 | if (ofs->config.ovl_volatile) | |
999 | seq_puts(m, ",volatile"); | |
1000 | if (ofs->config.userxattr) | |
1001 | seq_puts(m, ",userxattr"); | |
ae8cba40 AL |
1002 | if (ofs->config.verity_mode != ovl_verity_mode_def()) |
1003 | seq_printf(m, ",verity=%s", | |
1004 | ovl_verity_mode(&ofs->config)); | |
7fb7998b CB |
1005 | return 0; |
1006 | } |