]> git.ipfire.org Git - thirdparty/kernel/linux.git/blame - fs/overlayfs/params.c
projects / thirdparty / kernel / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ovl: fix memory leak in ovl_parse_param()
[thirdparty/kernel/linux.git] / fs / overlayfs / params.c
CommitLineData
b36a5780
CB		 1// SPDX-License-Identifier: GPL-2.0-only
2
3#include <linux/fs.h>
7fb7998b 4#include <linux/module.h>
b36a5780
CB		 5#include <linux/namei.h>
6#include <linux/fs_context.h>
7#include <linux/fs_parser.h>
8#include <linux/posix_acl_xattr.h>
7fb7998b 9#include <linux/seq_file.h>
b36a5780
CB		 10#include <linux/xattr.h>
11#include "overlayfs.h"
7fb7998b
CB		 12#include "params.h"
13
14static bool ovl_redirect_dir_def = IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_DIR);
15module_param_named(redirect_dir, ovl_redirect_dir_def, bool, 0644);
16MODULE_PARM_DESC(redirect_dir,
17 "Default to on or off for the redirect_dir feature");
18
19static bool ovl_redirect_always_follow =
20 IS_ENABLED(CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW);
21module_param_named(redirect_always_follow, ovl_redirect_always_follow,
22 bool, 0644);
23MODULE_PARM_DESC(redirect_always_follow,
24 "Follow redirects even if redirect_dir feature is turned off");
25
26static bool ovl_xino_auto_def = IS_ENABLED(CONFIG_OVERLAY_FS_XINO_AUTO);
27module_param_named(xino_auto, ovl_xino_auto_def, bool, 0644);
28MODULE_PARM_DESC(xino_auto,
29 "Auto enable xino feature");
30
31static bool ovl_index_def = IS_ENABLED(CONFIG_OVERLAY_FS_INDEX);
32module_param_named(index, ovl_index_def, bool, 0644);
33MODULE_PARM_DESC(index,
34 "Default to on or off for the inodes index feature");
35
36static bool ovl_nfs_export_def = IS_ENABLED(CONFIG_OVERLAY_FS_NFS_EXPORT);
37module_param_named(nfs_export, ovl_nfs_export_def, bool, 0644);
38MODULE_PARM_DESC(nfs_export,
39 "Default to on or off for the NFS export feature");
40
41static bool ovl_metacopy_def = IS_ENABLED(CONFIG_OVERLAY_FS_METACOPY);
42module_param_named(metacopy, ovl_metacopy_def, bool, 0644);
43MODULE_PARM_DESC(metacopy,
44 "Default to on or off for the metadata only copy up feature");
45
819829f0 46enum ovl_opt {
7fb7998b 47 Opt_lowerdir,
24e16e38
AG		 48 Opt_lowerdir_add,
49 Opt_datadir_add,
7fb7998b
CB		 50 Opt_upperdir,
51 Opt_workdir,
52 Opt_default_permissions,
53 Opt_redirect_dir,
54 Opt_index,
55 Opt_uuid,
56 Opt_nfs_export,
57 Opt_userxattr,
58 Opt_xino,
59 Opt_metacopy,
ae8cba40 60 Opt_verity,
7fb7998b
CB		 61 Opt_volatile,
62};
63
64static const struct constant_table ovl_parameter_bool[] = {
65 { "on", true },
66 { "off", false },
67 {}
68};
69
b0504bfe
AG		 70static const struct constant_table ovl_parameter_uuid[] = {
71 { "off", OVL_UUID_OFF },
72 { "null", OVL_UUID_NULL },
cbb44f09 73 { "auto", OVL_UUID_AUTO },
b0504bfe
AG		 74 { "on", OVL_UUID_ON },
75 {}
76};
77
78static const char *ovl_uuid_mode(struct ovl_config *config)
79{
80 return ovl_parameter_uuid[config->uuid].name;
81}
82
83static int ovl_uuid_def(void)
84{
cbb44f09 85 return OVL_UUID_AUTO;
b0504bfe
AG		 86}
87
7fb7998b
CB		 88static const struct constant_table ovl_parameter_xino[] = {
89 { "off", OVL_XINO_OFF },
90 { "auto", OVL_XINO_AUTO },
91 { "on", OVL_XINO_ON },
92 {}
93};
94
95const char *ovl_xino_mode(struct ovl_config *config)
96{
97 return ovl_parameter_xino[config->xino].name;
98}
99
100static int ovl_xino_def(void)
101{
102 return ovl_xino_auto_def ? OVL_XINO_AUTO : OVL_XINO_OFF;
103}
104
105const struct constant_table ovl_parameter_redirect_dir[] = {
106 { "off", OVL_REDIRECT_OFF },
107 { "follow", OVL_REDIRECT_FOLLOW },
108 { "nofollow", OVL_REDIRECT_NOFOLLOW },
109 { "on", OVL_REDIRECT_ON },
110 {}
111};
112
113static const char *ovl_redirect_mode(struct ovl_config *config)
114{
115 return ovl_parameter_redirect_dir[config->redirect_mode].name;
116}
117
118static int ovl_redirect_mode_def(void)
119{
120 return ovl_redirect_dir_def ? OVL_REDIRECT_ON :
121 ovl_redirect_always_follow ? OVL_REDIRECT_FOLLOW :
122 OVL_REDIRECT_NOFOLLOW;
123}
124
ae8cba40
AL		 125static const struct constant_table ovl_parameter_verity[] = {
126 { "off", OVL_VERITY_OFF },
127 { "on", OVL_VERITY_ON },
128 { "require", OVL_VERITY_REQUIRE },
129 {}
130};
131
132static const char *ovl_verity_mode(struct ovl_config *config)
133{
134 return ovl_parameter_verity[config->verity_mode].name;
135}
136
137static int ovl_verity_mode_def(void)
138{
139 return OVL_VERITY_OFF;
140}
141
7fb7998b
CB		 142#define fsparam_string_empty(NAME, OPT) \
143 __fsparam(fs_param_is_string, NAME, OPT, fs_param_can_be_empty, NULL)
144
24e16e38 145
7fb7998b
CB		 146const struct fs_parameter_spec ovl_parameter_spec[] = {
147 fsparam_string_empty("lowerdir", Opt_lowerdir),
24e16e38
AG		 148 fsparam_string("lowerdir+", Opt_lowerdir_add),
149 fsparam_string("datadir+", Opt_datadir_add),
7fb7998b
CB		 150 fsparam_string("upperdir", Opt_upperdir),
151 fsparam_string("workdir", Opt_workdir),
152 fsparam_flag("default_permissions", Opt_default_permissions),
153 fsparam_enum("redirect_dir", Opt_redirect_dir, ovl_parameter_redirect_dir),
154 fsparam_enum("index", Opt_index, ovl_parameter_bool),
b0504bfe 155 fsparam_enum("uuid", Opt_uuid, ovl_parameter_uuid),
7fb7998b
CB		 156 fsparam_enum("nfs_export", Opt_nfs_export, ovl_parameter_bool),
157 fsparam_flag("userxattr", Opt_userxattr),
158 fsparam_enum("xino", Opt_xino, ovl_parameter_xino),
159 fsparam_enum("metacopy", Opt_metacopy, ovl_parameter_bool),
ae8cba40 160 fsparam_enum("verity", Opt_verity, ovl_parameter_verity),
7fb7998b
CB		 161 fsparam_flag("volatile", Opt_volatile),
162 {}
163};
b36a5780 164
c34706ac
AG		 165static char *ovl_next_opt(char **s)
166{
167 char *sbegin = *s;
168 char *p;
169
170 if (sbegin == NULL)
171 return NULL;
172
173 for (p = sbegin; *p; p++) {
174 if (*p == '\\') {
175 p++;
176 if (!*p)
177 break;
178 } else if (*p == ',') {
179 *p = '\0';
180 *s = p + 1;
181 return sbegin;
182 }
183 }
184 *s = NULL;
185 return sbegin;
186}
187
188static int ovl_parse_monolithic(struct fs_context *fc, void *data)
189{
190 return vfs_parse_monolithic_sep(fc, data, ovl_next_opt);
191}
192
b36a5780
CB		 193static ssize_t ovl_parse_param_split_lowerdirs(char *str)
194{
195 ssize_t nr_layers = 1, nr_colons = 0;
196 char *s, *d;
197
198 for (s = d = str;; s++, d++) {
199 if (*s == '\\') {
32db5107
AG		 200 /* keep esc chars in split lowerdir */
201 *d++ = *s++;
b36a5780
CB		 202 } else if (*s == ':') {
203 bool next_colon = (*(s + 1) == ':');
204
205 nr_colons++;
206 if (nr_colons == 2 && next_colon) {
207 pr_err("only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.\n");
208 return -EINVAL;
209 }
210 /* count layers, not colons */
211 if (!next_colon)
212 nr_layers++;
213
214 *d = '\0';
215 continue;
216 }
217
218 *d = *s;
219 if (!*s) {
220 /* trailing colons */
221 if (nr_colons) {
222 pr_err("unescaped trailing colons in lowerdir mount option.\n");
223 return -EINVAL;
224 }
225 break;
226 }
227 nr_colons = 0;
228 }
229
230 return nr_layers;
231}
232
233static int ovl_mount_dir_noesc(const char *name, struct path *path)
234{
235 int err = -EINVAL;
236
237 if (!*name) {
238 pr_err("empty lowerdir\n");
239 goto out;
240 }
241 err = kern_path(name, LOOKUP_FOLLOW, path);
242 if (err) {
243 pr_err("failed to resolve '%s': %i\n", name, err);
244 goto out;
245 }
b36a5780
CB		 246 return 0;
247
b36a5780
CB		 248out:
249 return err;
250}
251
252static void ovl_unescape(char *s)
253{
254 char *d = s;
255
256 for (;; s++, d++) {
257 if (*s == '\\')
258 s++;
259 *d = *s;
260 if (!*s)
261 break;
262 }
263}
264
819829f0 265static int ovl_mount_dir(const char *name, struct path *path)
b36a5780
CB		 266{
267 int err = -ENOMEM;
268 char *tmp = kstrdup(name, GFP_KERNEL);
269
270 if (tmp) {
271 ovl_unescape(tmp);
272 err = ovl_mount_dir_noesc(tmp, path);
b36a5780
CB		 273 kfree(tmp);
274 }
275 return err;
276}
277
819829f0
AG		 278static int ovl_mount_dir_check(struct fs_context *fc, const struct path *path,
279 enum ovl_opt layer, const char *name, bool upper)
b36a5780 280{
24e16e38
AG		 281 struct ovl_fs_context *ctx = fc->fs_private;
282
819829f0
AG		 283 if (ovl_dentry_weird(path->dentry))
284 return invalfc(fc, "filesystem on %s not supported", name);
b36a5780 285
819829f0
AG		 286 if (!d_is_dir(path->dentry))
287 return invalfc(fc, "%s is not a directory", name);
b36a5780 288
24e16e38 289
b36a5780
CB		 290 /*
291 * Check whether upper path is read-only here to report failures
292 * early. Don't forget to recheck when the superblock is created
293 * as the mount attributes could change.
294 */
819829f0
AG		 295 if (upper) {
296 if (path->dentry->d_flags & DCACHE_OP_REAL)
297 return invalfc(fc, "filesystem on %s not supported as upperdir", name);
298 if (__mnt_is_readonly(path->mnt))
299 return invalfc(fc, "filesystem on %s is read-only", name);
24e16e38
AG		 300 } else {
301 if (ctx->lowerdir_all && layer != Opt_lowerdir)
302 return invalfc(fc, "lowerdir+ and datadir+ cannot follow lowerdir");
303 if (ctx->nr_data && layer == Opt_lowerdir_add)
304 return invalfc(fc, "regular lower layers cannot follow data layers");
305 if (ctx->nr == OVL_MAX_STACK)
306 return invalfc(fc, "too many lower directories, limit is %d",
307 OVL_MAX_STACK);
b36a5780 308 }
819829f0
AG		 309 return 0;
310}
b36a5780 311
24e16e38
AG		 312static int ovl_ctx_realloc_lower(struct fs_context *fc)
313{
314 struct ovl_fs_context *ctx = fc->fs_private;
315 struct ovl_fs_context_layer *l;
316 size_t nr;
317
318 if (ctx->nr < ctx->capacity)
319 return 0;
320
321 nr = min_t(size_t, max(4096 / sizeof(*l), ctx->capacity * 2),
322 OVL_MAX_STACK);
323 l = krealloc_array(ctx->lower, nr, sizeof(*l), GFP_KERNEL_ACCOUNT);
324 if (!l)
325 return -ENOMEM;
326
327 ctx->lower = l;
328 ctx->capacity = nr;
329 return 0;
330}
331
819829f0
AG		 332static void ovl_add_layer(struct fs_context *fc, enum ovl_opt layer,
333 struct path *path, char **pname)
334{
335 struct ovl_fs *ofs = fc->s_fs_info;
336 struct ovl_config *config = &ofs->config;
337 struct ovl_fs_context *ctx = fc->fs_private;
24e16e38 338 struct ovl_fs_context_layer *l;
b36a5780 339
819829f0
AG		 340 switch (layer) {
341 case Opt_workdir:
342 swap(config->workdir, *pname);
343 swap(ctx->work, *path);
344 break;
345 case Opt_upperdir:
346 swap(config->upperdir, *pname);
347 swap(ctx->upper, *path);
348 break;
24e16e38
AG		 349 case Opt_datadir_add:
350 ctx->nr_data++;
351 fallthrough;
352 case Opt_lowerdir_add:
353 WARN_ON(ctx->nr >= ctx->capacity);
354 l = &ctx->lower[ctx->nr++];
355 memset(l, 0, sizeof(*l));
356 swap(l->name, *pname);
357 swap(l->path, *path);
358 break;
819829f0
AG		 359 default:
360 WARN_ON(1);
b36a5780 361 }
819829f0
AG		 362}
363
364static int ovl_parse_layer(struct fs_context *fc, struct fs_parameter *param,
365 enum ovl_opt layer)
366{
367 char *name = kstrdup(param->string, GFP_KERNEL);
368 bool upper = (layer == Opt_upperdir || layer == Opt_workdir);
369 struct path path;
370 int err;
371
372 if (!name)
373 return -ENOMEM;
374
24e16e38
AG		 375 if (upper)
376 err = ovl_mount_dir(name, &path);
377 else
378 err = ovl_mount_dir_noesc(name, &path);
819829f0
AG		 379 if (err)
380 goto out_free;
381
382 err = ovl_mount_dir_check(fc, &path, layer, name, upper);
383 if (err)
384 goto out_put;
385
24e16e38
AG		 386 if (!upper) {
387 err = ovl_ctx_realloc_lower(fc);
388 if (err)
389 goto out_put;
390 }
391
819829f0
AG		 392 /* Store the user provided path string in ctx to show in mountinfo */
393 ovl_add_layer(fc, layer, &path, &name);
394
395out_put:
396 path_put(&path);
397out_free:
398 kfree(name);
399 return err;
b36a5780
CB		 400}
401
0cea4c09 402static void ovl_reset_lowerdirs(struct ovl_fs_context *ctx)
b36a5780 403{
0cea4c09
AG		 404 struct ovl_fs_context_layer *l = ctx->lower;
405
406 // Reset old user provided lowerdir string
407 kfree(ctx->lowerdir_all);
408 ctx->lowerdir_all = NULL;
409
410 for (size_t nr = 0; nr < ctx->nr; nr++, l++) {
411 path_put(&l->path);
412 kfree(l->name);
413 l->name = NULL;
b36a5780
CB		 414 }
415 ctx->nr = 0;
416 ctx->nr_data = 0;
417}
418
419/*
420 * Parse lowerdir= mount option:
421 *
c835110b 422 * e.g.: lowerdir=/lower1:/lower2:/lower3::/data1::/data2
b36a5780
CB		 423 * Set "/lower1", "/lower2", and "/lower3" as lower layers and
424 * "/data1" and "/data2" as data lower layers. Any existing lower
425 * layers are replaced.
b36a5780 426 */
7fb7998b 427static int ovl_parse_param_lowerdir(const char *name, struct fs_context *fc)
b36a5780
CB		 428{
429 int err;
430 struct ovl_fs_context *ctx = fc->fs_private;
431 struct ovl_fs_context_layer *l;
c835110b 432 char *dup = NULL, *iter;
37f32f52 433 ssize_t nr_lower, nr;
c835110b 434 bool data_layer = false;
b36a5780
CB		 435
436 /*
437 * Ensure we're backwards compatible with mount(2)
438 * by allowing relative paths.
439 */
440
441 /* drop all existing lower layers */
0cea4c09 442 ovl_reset_lowerdirs(ctx);
c835110b
AG		 443
444 if (!*name)
b36a5780 445 return 0;
b36a5780 446
beae836e
AG		 447 if (*name == ':') {
448 pr_err("cannot append lower layer");
449 return -EINVAL;
b36a5780
CB		 450 }
451
0cea4c09
AG		 452 // Store user provided lowerdir string to show in mount options
453 ctx->lowerdir_all = kstrdup(name, GFP_KERNEL);
454 if (!ctx->lowerdir_all)
455 return -ENOMEM;
456
b36a5780
CB		 457 dup = kstrdup(name, GFP_KERNEL);
458 if (!dup)
459 return -ENOMEM;
460
461 err = -EINVAL;
462 nr_lower = ovl_parse_param_split_lowerdirs(dup);
463 if (nr_lower < 0)
464 goto out_err;
465
c835110b 466 if (nr_lower > OVL_MAX_STACK) {
b36a5780
CB		 467 pr_err("too many lower directories, limit is %d\n", OVL_MAX_STACK);
468 goto out_err;
469 }
470
b36a5780
CB		 471 if (nr_lower > ctx->capacity) {
472 err = -ENOMEM;
473 l = krealloc_array(ctx->lower, nr_lower, sizeof(*ctx->lower),
474 GFP_KERNEL_ACCOUNT);
475 if (!l)
476 goto out_err;
477
478 ctx->lower = l;
479 ctx->capacity = nr_lower;
480 }
481
c835110b
AG		 482 iter = dup;
483 l = ctx->lower;
484 for (nr = 0; nr < nr_lower; nr++, l++) {
37f32f52 485 ctx->nr++;
b36a5780
CB		 486 memset(l, 0, sizeof(*l));
487
819829f0
AG		 488 err = ovl_mount_dir(iter, &l->path);
489 if (err)
490 goto out_put;
491
492 err = ovl_mount_dir_check(fc, &l->path, Opt_lowerdir, iter, false);
b36a5780
CB		 493 if (err)
494 goto out_put;
495
496 err = -ENOMEM;
c835110b 497 l->name = kstrdup(iter, GFP_KERNEL_ACCOUNT);
b36a5780
CB		 498 if (!l->name)
499 goto out_put;
500
501 if (data_layer)
37f32f52 502 ctx->nr_data++;
b36a5780
CB		 503
504 /* Calling strchr() again would overrun. */
37f32f52 505 if (ctx->nr == nr_lower)
b36a5780
CB		 506 break;
507
508 err = -EINVAL;
c835110b
AG		 509 iter = strchr(iter, '\0') + 1;
510 if (*iter) {
b36a5780
CB		 511 /*
512 * This is a regular layer so we require that
513 * there are no data layers.
514 */
37f32f52 515 if (ctx->nr_data > 0) {
b36a5780
CB		 516 pr_err("regular lower layers cannot follow data lower layers");
517 goto out_put;
518 }
519
520 data_layer = false;
521 continue;
522 }
523
524 /* This is a data lower layer. */
525 data_layer = true;
c835110b 526 iter++;
b36a5780 527 }
b36a5780
CB		 528 kfree(dup);
529 return 0;
530
531out_put:
0cea4c09 532 ovl_reset_lowerdirs(ctx);
b36a5780
CB		 533
534out_err:
535 kfree(dup);
536
537 /* Intentionally don't realloc to a smaller size. */
538 return err;
539}
7fb7998b
CB		 540
541static int ovl_parse_param(struct fs_context *fc, struct fs_parameter *param)
542{
543 int err = 0;
544 struct fs_parse_result result;
545 struct ovl_fs *ofs = fc->s_fs_info;
546 struct ovl_config *config = &ofs->config;
547 struct ovl_fs_context *ctx = fc->fs_private;
548 int opt;
549
550 if (fc->purpose == FS_CONTEXT_FOR_RECONFIGURE) {
551 /*
552 * On remount overlayfs has always ignored all mount
553 * options no matter if malformed or not so for
554 * backwards compatibility we do the same here.
555 */
556 if (fc->oldapi)
557 return 0;
558
559 /*
560 * Give us the freedom to allow changing mount options
561 * with the new mount api in the future. So instead of
562 * silently ignoring everything we report a proper
563 * error. This is only visible for users of the new
564 * mount api.
565 */
566 return invalfc(fc, "No changes allowed in reconfigure");
567 }
568
569 opt = fs_parse(fc, ovl_parameter_spec, param, &result);
570 if (opt < 0)
571 return opt;
572
573 switch (opt) {
574 case Opt_lowerdir:
575 err = ovl_parse_param_lowerdir(param->string, fc);
576 break;
24e16e38
AG		 577 case Opt_lowerdir_add:
578 case Opt_datadir_add:
7fb7998b 579 case Opt_upperdir:
7fb7998b 580 case Opt_workdir:
819829f0 581 err = ovl_parse_layer(fc, param, opt);
7fb7998b
CB		 582 break;
583 case Opt_default_permissions:
584 config->default_permissions = true;
585 break;
586 case Opt_redirect_dir:
587 config->redirect_mode = result.uint_32;
588 if (config->redirect_mode == OVL_REDIRECT_OFF) {
589 config->redirect_mode = ovl_redirect_always_follow ?
590 OVL_REDIRECT_FOLLOW :
591 OVL_REDIRECT_NOFOLLOW;
592 }
593 ctx->set.redirect = true;
594 break;
595 case Opt_index:
596 config->index = result.uint_32;
597 ctx->set.index = true;
598 break;
599 case Opt_uuid:
600 config->uuid = result.uint_32;
601 break;
602 case Opt_nfs_export:
603 config->nfs_export = result.uint_32;
604 ctx->set.nfs_export = true;
605 break;
606 case Opt_xino:
607 config->xino = result.uint_32;
608 break;
609 case Opt_metacopy:
610 config->metacopy = result.uint_32;
611 ctx->set.metacopy = true;
612 break;
ae8cba40
AL		 613 case Opt_verity:
614 config->verity_mode = result.uint_32;
615 break;
7fb7998b
CB		 616 case Opt_volatile:
617 config->ovl_volatile = true;
618 break;
619 case Opt_userxattr:
620 config->userxattr = true;
621 break;
622 default:
623 pr_err("unrecognized mount option \"%s\" or missing value\n",
624 param->key);
625 return -EINVAL;
626 }
627
628 return err;
629}
630
631static int ovl_get_tree(struct fs_context *fc)
632{
633 return get_tree_nodev(fc, ovl_fill_super);
634}
635
636static inline void ovl_fs_context_free(struct ovl_fs_context *ctx)
637{
0cea4c09 638 ovl_reset_lowerdirs(ctx);
7fb7998b
CB		 639 path_put(&ctx->upper);
640 path_put(&ctx->work);
641 kfree(ctx->lower);
642 kfree(ctx);
643}
644
645static void ovl_free(struct fs_context *fc)
646{
647 struct ovl_fs *ofs = fc->s_fs_info;
648 struct ovl_fs_context *ctx = fc->fs_private;
649
650 /*
651 * ofs is stored in the fs_context when it is initialized.
652 * ofs is transferred to the superblock on a successful mount,
653 * but if an error occurs before the transfer we have to free
654 * it here.
655 */
656 if (ofs)
657 ovl_free_fs(ofs);
658
659 if (ctx)
660 ovl_fs_context_free(ctx);
661}
662
663static int ovl_reconfigure(struct fs_context *fc)
664{
665 struct super_block *sb = fc->root->d_sb;
f01d0889 666 struct ovl_fs *ofs = OVL_FS(sb);
7fb7998b
CB		 667 struct super_block *upper_sb;
668 int ret = 0;
669
670 if (!(fc->sb_flags & SB_RDONLY) && ovl_force_readonly(ofs))
671 return -EROFS;
672
673 if (fc->sb_flags & SB_RDONLY && !sb_rdonly(sb)) {
674 upper_sb = ovl_upper_mnt(ofs)->mnt_sb;
675 if (ovl_should_sync(ofs)) {
676 down_read(&upper_sb->s_umount);
677 ret = sync_filesystem(upper_sb);
678 up_read(&upper_sb->s_umount);
679 }
680 }
681
682 return ret;
683}
684
685static const struct fs_context_operations ovl_context_ops = {
c34706ac 686 .parse_monolithic = ovl_parse_monolithic,
7fb7998b
CB		 687 .parse_param = ovl_parse_param,
688 .get_tree = ovl_get_tree,
689 .reconfigure = ovl_reconfigure,
690 .free = ovl_free,
691};
692
693/*
694 * This is called during fsopen() and will record the user namespace of
695 * the caller in fc->user_ns since we've raised FS_USERNS_MOUNT. We'll
696 * need it when we actually create the superblock to verify that the
697 * process creating the superblock is in the same user namespace as
698 * process that called fsopen().
699 */
700int ovl_init_fs_context(struct fs_context *fc)
701{
702 struct ovl_fs_context *ctx;
703 struct ovl_fs *ofs;
704
705 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT);
706 if (!ctx)
707 return -ENOMEM;
708
709 /*
710 * By default we allocate for three lower layers. It's likely
711 * that it'll cover most users.
712 */
713 ctx->lower = kmalloc_array(3, sizeof(*ctx->lower), GFP_KERNEL_ACCOUNT);
714 if (!ctx->lower)
715 goto out_err;
716 ctx->capacity = 3;
717
718 ofs = kzalloc(sizeof(struct ovl_fs), GFP_KERNEL);
719 if (!ofs)
720 goto out_err;
721
722 ofs->config.redirect_mode = ovl_redirect_mode_def();
723 ofs->config.index = ovl_index_def;
b0504bfe 724 ofs->config.uuid = ovl_uuid_def();
7fb7998b
CB		 725 ofs->config.nfs_export = ovl_nfs_export_def;
726 ofs->config.xino = ovl_xino_def();
727 ofs->config.metacopy = ovl_metacopy_def;
728
729 fc->s_fs_info = ofs;
730 fc->fs_private = ctx;
731 fc->ops = &ovl_context_ops;
732 return 0;
733
734out_err:
735 ovl_fs_context_free(ctx);
736 return -ENOMEM;
737
738}
739
740void ovl_free_fs(struct ovl_fs *ofs)
741{
742 struct vfsmount **mounts;
743 unsigned i;
744
745 iput(ofs->workbasedir_trap);
746 iput(ofs->indexdir_trap);
747 iput(ofs->workdir_trap);
748 dput(ofs->whiteout);
749 dput(ofs->indexdir);
750 dput(ofs->workdir);
751 if (ofs->workdir_locked)
752 ovl_inuse_unlock(ofs->workbasedir);
753 dput(ofs->workbasedir);
754 if (ofs->upperdir_locked)
755 ovl_inuse_unlock(ovl_upper_mnt(ofs)->mnt_root);
756
a535116d
AG		 757 /* Reuse ofs->config.lowerdirs as a vfsmount array before freeing it */
758 mounts = (struct vfsmount **) ofs->config.lowerdirs;
7fb7998b
CB		 759 for (i = 0; i < ofs->numlayer; i++) {
760 iput(ofs->layers[i].trap);
a535116d 761 kfree(ofs->config.lowerdirs[i]);
7fb7998b 762 mounts[i] = ofs->layers[i].mnt;
7fb7998b
CB		 763 }
764 kern_unmount_array(mounts, ofs->numlayer);
765 kfree(ofs->layers);
766 for (i = 0; i < ofs->numfs; i++)
767 free_anon_bdev(ofs->fs[i].pseudo_dev);
768 kfree(ofs->fs);
769
a535116d 770 kfree(ofs->config.lowerdirs);
7fb7998b
CB		 771 kfree(ofs->config.upperdir);
772 kfree(ofs->config.workdir);
773 if (ofs->creator_cred)
774 put_cred(ofs->creator_cred);
775 kfree(ofs);
776}
777
778int ovl_fs_params_verify(const struct ovl_fs_context *ctx,
779 struct ovl_config *config)
780{
781 struct ovl_opt_set set = ctx->set;
782
783 if (ctx->nr_data > 0 && !config->metacopy) {
784 pr_err("lower data-only dirs require metacopy support.\n");
785 return -EINVAL;
786 }
787
788 /* Workdir/index are useless in non-upper mount */
789 if (!config->upperdir) {
790 if (config->workdir) {
791 pr_info("option \"workdir=%s\" is useless in a non-upper mount, ignore\n",
792 config->workdir);
793 kfree(config->workdir);
794 config->workdir = NULL;
795 }
796 if (config->index && set.index) {
797 pr_info("option \"index=on\" is useless in a non-upper mount, ignore\n");
798 set.index = false;
799 }
800 config->index = false;
801 }
802
803 if (!config->upperdir && config->ovl_volatile) {
804 pr_info("option \"volatile\" is meaningless in a non-upper mount, ignoring it.\n");
805 config->ovl_volatile = false;
806 }
807
d9544c1b
AG		 808 if (!config->upperdir && config->uuid == OVL_UUID_ON) {
809 pr_info("option \"uuid=on\" requires an upper fs, falling back to uuid=null.\n");
810 config->uuid = OVL_UUID_NULL;
811 }
812
ae8cba40
AL		 813 /* Resolve verity -> metacopy dependency */
814 if (config->verity_mode && !config->metacopy) {
815 /* Don't allow explicit specified conflicting combinations */
816 if (set.metacopy) {
817 pr_err("conflicting options: metacopy=off,verity=%s\n",
818 ovl_verity_mode(config));
819 return -EINVAL;
820 }
821 /* Otherwise automatically enable metacopy. */
822 config->metacopy = true;
823 }
824
7fb7998b
CB		 825 /*
826 * This is to make the logic below simpler. It doesn't make any other
827 * difference, since redirect_dir=on is only used for upper.
828 */
829 if (!config->upperdir && config->redirect_mode == OVL_REDIRECT_FOLLOW)
830 config->redirect_mode = OVL_REDIRECT_ON;
831
ae8cba40 832 /* Resolve verity -> metacopy -> redirect_dir dependency */
7fb7998b
CB		 833 if (config->metacopy && config->redirect_mode != OVL_REDIRECT_ON) {
834 if (set.metacopy && set.redirect) {
835 pr_err("conflicting options: metacopy=on,redirect_dir=%s\n",
836 ovl_redirect_mode(config));
837 return -EINVAL;
838 }
ae8cba40
AL		 839 if (config->verity_mode && set.redirect) {
840 pr_err("conflicting options: verity=%s,redirect_dir=%s\n",
841 ovl_verity_mode(config), ovl_redirect_mode(config));
842 return -EINVAL;
843 }
7fb7998b
CB		 844 if (set.redirect) {
845 /*
846 * There was an explicit redirect_dir=... that resulted
847 * in this conflict.
848 */
849 pr_info("disabling metacopy due to redirect_dir=%s\n",
850 ovl_redirect_mode(config));
851 config->metacopy = false;
852 } else {
853 /* Automatically enable redirect otherwise. */
854 config->redirect_mode = OVL_REDIRECT_ON;
855 }
856 }
857
858 /* Resolve nfs_export -> index dependency */
859 if (config->nfs_export && !config->index) {
860 if (!config->upperdir &&
861 config->redirect_mode != OVL_REDIRECT_NOFOLLOW) {
862 pr_info("NFS export requires \"redirect_dir=nofollow\" on non-upper mount, falling back to nfs_export=off.\n");
863 config->nfs_export = false;
864 } else if (set.nfs_export && set.index) {
865 pr_err("conflicting options: nfs_export=on,index=off\n");
866 return -EINVAL;
867 } else if (set.index) {
868 /*
869 * There was an explicit index=off that resulted
870 * in this conflict.
871 */
872 pr_info("disabling nfs_export due to index=off\n");
873 config->nfs_export = false;
874 } else {
875 /* Automatically enable index otherwise. */
876 config->index = true;
877 }
878 }
879
ae8cba40 880 /* Resolve nfs_export -> !metacopy && !verity dependency */
7fb7998b
CB		 881 if (config->nfs_export && config->metacopy) {
882 if (set.nfs_export && set.metacopy) {
883 pr_err("conflicting options: nfs_export=on,metacopy=on\n");
884 return -EINVAL;
885 }
886 if (set.metacopy) {
887 /*
888 * There was an explicit metacopy=on that resulted
889 * in this conflict.
890 */
891 pr_info("disabling nfs_export due to metacopy=on\n");
892 config->nfs_export = false;
ae8cba40
AL		 893 } else if (config->verity_mode) {
894 /*
895 * There was an explicit verity=.. that resulted
896 * in this conflict.
897 */
898 pr_info("disabling nfs_export due to verity=%s\n",
899 ovl_verity_mode(config));
900 config->nfs_export = false;
7fb7998b
CB		 901 } else {
902 /*
903 * There was an explicit nfs_export=on that resulted
904 * in this conflict.
905 */
906 pr_info("disabling metacopy due to nfs_export=on\n");
907 config->metacopy = false;
908 }
909 }
910
911
ae8cba40 912 /* Resolve userxattr -> !redirect && !metacopy && !verity dependency */
7fb7998b
CB		 913 if (config->userxattr) {
914 if (set.redirect &&
915 config->redirect_mode != OVL_REDIRECT_NOFOLLOW) {
916 pr_err("conflicting options: userxattr,redirect_dir=%s\n",
917 ovl_redirect_mode(config));
918 return -EINVAL;
919 }
920 if (config->metacopy && set.metacopy) {
921 pr_err("conflicting options: userxattr,metacopy=on\n");
922 return -EINVAL;
923 }
ae8cba40
AL		 924 if (config->verity_mode) {
925 pr_err("conflicting options: userxattr,verity=%s\n",
926 ovl_verity_mode(config));
927 return -EINVAL;
928 }
7fb7998b
CB		 929 /*
930 * Silently disable default setting of redirect and metacopy.
931 * This shall be the default in the future as well: these
932 * options must be explicitly enabled if used together with
933 * userxattr.
934 */
935 config->redirect_mode = OVL_REDIRECT_NOFOLLOW;
936 config->metacopy = false;
937 }
938
939 return 0;
940}
941
942/**
943 * ovl_show_options
944 * @m: the seq_file handle
945 * @dentry: The dentry to query
946 *
947 * Prints the mount options for a given superblock.
948 * Returns zero; does not fail.
949 */
950int ovl_show_options(struct seq_file *m, struct dentry *dentry)
951{
952 struct super_block *sb = dentry->d_sb;
f01d0889 953 struct ovl_fs *ofs = OVL_FS(sb);
24e16e38 954 size_t nr, nr_merged_lower, nr_lower = 0;
0cea4c09 955 char **lowerdirs = ofs->config.lowerdirs;
32db5107
AG		 956
957 /*
0cea4c09
AG		 958 * lowerdirs[0] holds the colon separated list that user provided
959 * with lowerdir mount option.
24e16e38
AG		 960 * lowerdirs[1..numlayer] hold the lowerdir paths that were added
961 * using the lowerdir+ and datadir+ mount options.
962 * For now, we do not allow mixing the legacy lowerdir mount option
963 * with the new lowerdir+ and datadir+ mount options.
32db5107 964 */
24e16e38
AG		 965 if (lowerdirs[0]) {
966 seq_show_option(m, "lowerdir", lowerdirs[0]);
967 } else {
968 nr_lower = ofs->numlayer;
969 nr_merged_lower = nr_lower - ofs->numdatalayer;
970 }
971 for (nr = 1; nr < nr_lower; nr++) {
972 if (nr < nr_merged_lower)
973 seq_show_option(m, "lowerdir+", lowerdirs[nr]);
974 else
975 seq_show_option(m, "datadir+", lowerdirs[nr]);
976 }
7fb7998b
CB		 977 if (ofs->config.upperdir) {
978 seq_show_option(m, "upperdir", ofs->config.upperdir);
979 seq_show_option(m, "workdir", ofs->config.workdir);
980 }
981 if (ofs->config.default_permissions)
982 seq_puts(m, ",default_permissions");
983 if (ofs->config.redirect_mode != ovl_redirect_mode_def())
984 seq_printf(m, ",redirect_dir=%s",
985 ovl_redirect_mode(&ofs->config));
986 if (ofs->config.index != ovl_index_def)
987 seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off");
b0504bfe
AG		 988 if (ofs->config.uuid != ovl_uuid_def())
989 seq_printf(m, ",uuid=%s", ovl_uuid_mode(&ofs->config));
7fb7998b
CB		 990 if (ofs->config.nfs_export != ovl_nfs_export_def)
991 seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ?
992 "on" : "off");
993 if (ofs->config.xino != ovl_xino_def() && !ovl_same_fs(ofs))
994 seq_printf(m, ",xino=%s", ovl_xino_mode(&ofs->config));
995 if (ofs->config.metacopy != ovl_metacopy_def)
996 seq_printf(m, ",metacopy=%s",
997 ofs->config.metacopy ? "on" : "off");
998 if (ofs->config.ovl_volatile)
999 seq_puts(m, ",volatile");
1000 if (ofs->config.userxattr)
1001 seq_puts(m, ",userxattr");
ae8cba40
AL		 1002 if (ofs->config.verity_mode != ovl_verity_mode_def())
1003 seq_printf(m, ",verity=%s",
1004 ovl_verity_mode(&ofs->config));
7fb7998b
CB		 1005 return 0;
1006}
A mirror of Linus' kernel repository