1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Overlayfs NFS export support.
4  *
5  * Amir Goldstein <amir73il@gmail.com>
6  *
7  * Copyright (C) 2017-2018 CTERA Networks. All Rights Reserved.
8  */
9 
10 #include <linux/fs.h>
11 #include <linux/cred.h>
12 #include <linux/mount.h>
13 #include <linux/namei.h>
14 #include <linux/xattr.h>
15 #include <linux/exportfs.h>
16 #include <linux/ratelimit.h>
17 #include "overlayfs.h"
18 
ovl_encode_maybe_copy_up(struct dentry * dentry)19 static int ovl_encode_maybe_copy_up(struct dentry *dentry)
20 {
21 	int err;
22 
23 	if (ovl_dentry_upper(dentry))
24 		return 0;
25 
26 	err = ovl_copy_up(dentry);
27 	if (err) {
28 		pr_warn_ratelimited("failed to copy up on encode (%pd2, err=%i)\n",
29 				    dentry, err);
30 	}
31 
32 	return err;
33 }
34 
35 /*
36  * Before encoding a non-upper directory file handle from real layer N, we need
37  * to check if it will be possible to reconnect an overlay dentry from the real
38  * lower decoded dentry. This is done by following the overlay ancestry up to a
39  * "layer N connected" ancestor and verifying that all parents along the way are
40  * "layer N connectable". If an ancestor that is NOT "layer N connectable" is
41  * found, we need to copy up an ancestor, which is "layer N connectable", thus
42  * making that ancestor "layer N connected". For example:
43  *
44  * layer 1: /a
45  * layer 2: /a/b/c
46  *
47  * The overlay dentry /a is NOT "layer 2 connectable", because if dir /a is
48  * copied up and renamed, upper dir /a will be indexed by lower dir /a from
49  * layer 1. The dir /a from layer 2 will never be indexed, so the algorithm (*)
50  * in ovl_lookup_real_ancestor() will not be able to lookup a connected overlay
51  * dentry from the connected lower dentry /a/b/c.
52  *
53  * To avoid this problem on decode time, we need to copy up an ancestor of
54  * /a/b/c, which is "layer 2 connectable", on encode time. That ancestor is
55  * /a/b. After copy up (and index) of /a/b, it will become "layer 2 connected"
56  * and when the time comes to decode the file handle from lower dentry /a/b/c,
57  * ovl_lookup_real_ancestor() will find the indexed ancestor /a/b and decoding
58  * a connected overlay dentry will be accomplished.
59  *
60  * (*) the algorithm in ovl_lookup_real_ancestor() can be improved to lookup an
61  * entry /a in the lower layers above layer N and find the indexed dir /a from
62  * layer 1. If that improvement is made, then the check for "layer N connected"
63  * will need to verify there are no redirects in lower layers above N. In the
64  * example above, /a will be "layer 2 connectable". However, if layer 2 dir /a
65  * is a target of a layer 1 redirect, then /a will NOT be "layer 2 connectable":
66  *
67  * layer 1: /A (redirect = /a)
68  * layer 2: /a/b/c
69  */
70 
71 /* Return the lowest layer for encoding a connectable file handle */
ovl_connectable_layer(struct dentry * dentry)72 static int ovl_connectable_layer(struct dentry *dentry)
73 {
74 	struct ovl_entry *oe = OVL_E(dentry);
75 
76 	/* We can get overlay root from root of any layer */
77 	if (dentry == dentry->d_sb->s_root)
78 		return ovl_numlower(oe);
79 
80 	/*
81 	 * If it's an unindexed merge dir, then it's not connectable with any
82 	 * lower layer
83 	 */
84 	if (ovl_dentry_upper(dentry) &&
85 	    !ovl_test_flag(OVL_INDEX, d_inode(dentry)))
86 		return 0;
87 
88 	/* We can get upper/overlay path from indexed/lower dentry */
89 	return ovl_lowerstack(oe)->layer->idx;
90 }
91 
92 /*
93  * @dentry is "connected" if all ancestors up to root or a "connected" ancestor
94  * have the same uppermost lower layer as the origin's layer. We may need to
95  * copy up a "connectable" ancestor to make it "connected". A "connected" dentry
96  * cannot become non "connected", so cache positive result in dentry flags.
97  *
98  * Return the connected origin layer or < 0 on error.
99  */
ovl_connect_layer(struct dentry * dentry)100 static int ovl_connect_layer(struct dentry *dentry)
101 {
102 	struct dentry *next, *parent = NULL;
103 	struct ovl_entry *oe = OVL_E(dentry);
104 	int origin_layer;
105 	int err = 0;
106 
107 	if (WARN_ON(dentry == dentry->d_sb->s_root) ||
108 	    WARN_ON(!ovl_dentry_lower(dentry)))
109 		return -EIO;
110 
111 	origin_layer = ovl_lowerstack(oe)->layer->idx;
112 	if (ovl_dentry_test_flag(OVL_E_CONNECTED, dentry))
113 		return origin_layer;
114 
115 	/* Find the topmost origin layer connectable ancestor of @dentry */
116 	next = dget(dentry);
117 	for (;;) {
118 		parent = dget_parent(next);
119 		if (WARN_ON(parent == next)) {
120 			err = -EIO;
121 			break;
122 		}
123 
124 		/*
125 		 * If @parent is not origin layer connectable, then copy up
126 		 * @next which is origin layer connectable and we are done.
127 		 */
128 		if (ovl_connectable_layer(parent) < origin_layer) {
129 			err = ovl_encode_maybe_copy_up(next);
130 			break;
131 		}
132 
133 		/* If @parent is connected or indexed we are done */
134 		if (ovl_dentry_test_flag(OVL_E_CONNECTED, parent) ||
135 		    ovl_test_flag(OVL_INDEX, d_inode(parent)))
136 			break;
137 
138 		dput(next);
139 		next = parent;
140 	}
141 
142 	dput(parent);
143 	dput(next);
144 
145 	if (!err)
146 		ovl_dentry_set_flag(OVL_E_CONNECTED, dentry);
147 
148 	return err ?: origin_layer;
149 }
150 
151 /*
152  * We only need to encode origin if there is a chance that the same object was
153  * encoded pre copy up and then we need to stay consistent with the same
154  * encoding also after copy up. If non-pure upper is not indexed, then it was
155  * copied up before NFS export was enabled. In that case we don't need to worry
156  * about staying consistent with pre copy up encoding and we encode an upper
157  * file handle. Overlay root dentry is a private case of non-indexed upper.
158  *
159  * The following table summarizes the different file handle encodings used for
160  * different overlay object types:
161  *
162  *  Object type		| Encoding
163  * --------------------------------
164  *  Pure upper		| U
165  *  Non-indexed upper	| U
166  *  Indexed upper	| L (*)
167  *  Non-upper		| L (*)
168  *
169  * U = upper file handle
170  * L = lower file handle
171  *
172  * (*) Decoding a connected overlay dir from real lower dentry is not always
173  * possible when there are redirects in lower layers and non-indexed merge dirs.
174  * To mitigate those case, we may copy up the lower dir ancestor before encode
175  * of a decodable file handle for non-upper dir.
176  *
177  * Return 0 for upper file handle, > 0 for lower file handle or < 0 on error.
178  */
ovl_check_encode_origin(struct dentry * dentry)179 static int ovl_check_encode_origin(struct dentry *dentry)
180 {
181 	struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
182 	bool decodable = ofs->config.nfs_export;
183 
184 	/* No upper layer? */
185 	if (!ovl_upper_mnt(ofs))
186 		return 1;
187 
188 	/* Lower file handle for non-upper non-decodable */
189 	if (!ovl_dentry_upper(dentry) && !decodable)
190 		return 1;
191 
192 	/* Upper file handle for pure upper */
193 	if (!ovl_dentry_lower(dentry))
194 		return 0;
195 
196 	/*
197 	 * Root is never indexed, so if there's an upper layer, encode upper for
198 	 * root.
199 	 */
200 	if (dentry == dentry->d_sb->s_root)
201 		return 0;
202 
203 	/*
204 	 * Upper decodable file handle for non-indexed upper.
205 	 */
206 	if (ovl_dentry_upper(dentry) && decodable &&
207 	    !ovl_test_flag(OVL_INDEX, d_inode(dentry)))
208 		return 0;
209 
210 	/*
211 	 * Decoding a merge dir, whose origin's ancestor is under a redirected
212 	 * lower dir or under a non-indexed upper is not always possible.
213 	 * ovl_connect_layer() will try to make origin's layer "connected" by
214 	 * copying up a "connectable" ancestor.
215 	 */
216 	if (d_is_dir(dentry) && decodable)
217 		return ovl_connect_layer(dentry);
218 
219 	/* Lower file handle for indexed and non-upper dir/non-dir */
220 	return 1;
221 }
222 
ovl_dentry_to_fid(struct ovl_fs * ofs,struct dentry * dentry,u32 * fid,int buflen)223 static int ovl_dentry_to_fid(struct ovl_fs *ofs, struct dentry *dentry,
224 			     u32 *fid, int buflen)
225 {
226 	struct ovl_fh *fh = NULL;
227 	int err, enc_lower;
228 	int len;
229 
230 	/*
231 	 * Check if we should encode a lower or upper file handle and maybe
232 	 * copy up an ancestor to make lower file handle connectable.
233 	 */
234 	err = enc_lower = ovl_check_encode_origin(dentry);
235 	if (enc_lower < 0)
236 		goto fail;
237 
238 	/* Encode an upper or lower file handle */
239 	fh = ovl_encode_real_fh(ofs, enc_lower ? ovl_dentry_lower(dentry) :
240 				ovl_dentry_upper(dentry), !enc_lower);
241 	if (IS_ERR(fh))
242 		return PTR_ERR(fh);
243 
244 	len = OVL_FH_LEN(fh);
245 	if (len <= buflen)
246 		memcpy(fid, fh, len);
247 	err = len;
248 
249 out:
250 	kfree(fh);
251 	return err;
252 
253 fail:
254 	pr_warn_ratelimited("failed to encode file handle (%pd2, err=%i)\n",
255 			    dentry, err);
256 	goto out;
257 }
258 
ovl_encode_fh(struct inode * inode,u32 * fid,int * max_len,struct inode * parent)259 static int ovl_encode_fh(struct inode *inode, u32 *fid, int *max_len,
260 			 struct inode *parent)
261 {
262 	struct ovl_fs *ofs = OVL_FS(inode->i_sb);
263 	struct dentry *dentry;
264 	int bytes, buflen = *max_len << 2;
265 
266 	/* TODO: encode connectable file handles */
267 	if (parent)
268 		return FILEID_INVALID;
269 
270 	dentry = d_find_any_alias(inode);
271 	if (!dentry)
272 		return FILEID_INVALID;
273 
274 	bytes = ovl_dentry_to_fid(ofs, dentry, fid, buflen);
275 	dput(dentry);
276 	if (bytes <= 0)
277 		return FILEID_INVALID;
278 
279 	*max_len = bytes >> 2;
280 	if (bytes > buflen)
281 		return FILEID_INVALID;
282 
283 	return OVL_FILEID_V1;
284 }
285 
286 /*
287  * Find or instantiate an overlay dentry from real dentries and index.
288  */
ovl_obtain_alias(struct super_block * sb,struct dentry * upper_alias,struct ovl_path * lowerpath,struct dentry * index)289 static struct dentry *ovl_obtain_alias(struct super_block *sb,
290 				       struct dentry *upper_alias,
291 				       struct ovl_path *lowerpath,
292 				       struct dentry *index)
293 {
294 	struct dentry *lower = lowerpath ? lowerpath->dentry : NULL;
295 	struct dentry *upper = upper_alias ?: index;
296 	struct inode *inode = NULL;
297 	struct ovl_entry *oe;
298 	struct ovl_inode_params oip = {
299 		.index = index,
300 	};
301 
302 	/* We get overlay directory dentries with ovl_lookup_real() */
303 	if (d_is_dir(upper ?: lower))
304 		return ERR_PTR(-EIO);
305 
306 	oe = ovl_alloc_entry(!!lower);
307 	if (!oe)
308 		return ERR_PTR(-ENOMEM);
309 
310 	oip.upperdentry = dget(upper);
311 	if (lower) {
312 		ovl_lowerstack(oe)->dentry = dget(lower);
313 		ovl_lowerstack(oe)->layer = lowerpath->layer;
314 	}
315 	oip.oe = oe;
316 	inode = ovl_get_inode(sb, &oip);
317 	if (IS_ERR(inode)) {
318 		ovl_free_entry(oe);
319 		dput(upper);
320 		return ERR_CAST(inode);
321 	}
322 
323 	if (upper)
324 		ovl_set_flag(OVL_UPPERDATA, inode);
325 
326 	return d_obtain_alias(inode);
327 }
328 
329 /* Get the upper or lower dentry in stack whose on layer @idx */
ovl_dentry_real_at(struct dentry * dentry,int idx)330 static struct dentry *ovl_dentry_real_at(struct dentry *dentry, int idx)
331 {
332 	struct ovl_entry *oe = OVL_E(dentry);
333 	struct ovl_path *lowerstack = ovl_lowerstack(oe);
334 	int i;
335 
336 	if (!idx)
337 		return ovl_dentry_upper(dentry);
338 
339 	for (i = 0; i < ovl_numlower(oe); i++) {
340 		if (lowerstack[i].layer->idx == idx)
341 			return lowerstack[i].dentry;
342 	}
343 
344 	return NULL;
345 }
346 
347 /*
348  * Lookup a child overlay dentry to get a connected overlay dentry whose real
349  * dentry is @real. If @real is on upper layer, we lookup a child overlay
350  * dentry with the same name as the real dentry. Otherwise, we need to consult
351  * index for lookup.
352  */
ovl_lookup_real_one(struct dentry * connected,struct dentry * real,const struct ovl_layer * layer)353 static struct dentry *ovl_lookup_real_one(struct dentry *connected,
354 					  struct dentry *real,
355 					  const struct ovl_layer *layer)
356 {
357 	struct inode *dir = d_inode(connected);
358 	struct dentry *this, *parent = NULL;
359 	struct name_snapshot name;
360 	int err;
361 
362 	/*
363 	 * Lookup child overlay dentry by real name. The dir mutex protects us
364 	 * from racing with overlay rename. If the overlay dentry that is above
365 	 * real has already been moved to a parent that is not under the
366 	 * connected overlay dir, we return -ECHILD and restart the lookup of
367 	 * connected real path from the top.
368 	 */
369 	inode_lock_nested(dir, I_MUTEX_PARENT);
370 	err = -ECHILD;
371 	parent = dget_parent(real);
372 	if (ovl_dentry_real_at(connected, layer->idx) != parent)
373 		goto fail;
374 
375 	/*
376 	 * We also need to take a snapshot of real dentry name to protect us
377 	 * from racing with underlying layer rename. In this case, we don't
378 	 * care about returning ESTALE, only from dereferencing a free name
379 	 * pointer because we hold no lock on the real dentry.
380 	 */
381 	take_dentry_name_snapshot(&name, real);
382 	/*
383 	 * No idmap handling here: it's an internal lookup.  Could skip
384 	 * permission checking altogether, but for now just use non-idmap
385 	 * transformed ids.
386 	 */
387 	this = lookup_one_len(name.name.name, connected, name.name.len);
388 	release_dentry_name_snapshot(&name);
389 	err = PTR_ERR(this);
390 	if (IS_ERR(this)) {
391 		goto fail;
392 	} else if (!this || !this->d_inode) {
393 		dput(this);
394 		err = -ENOENT;
395 		goto fail;
396 	} else if (ovl_dentry_real_at(this, layer->idx) != real) {
397 		dput(this);
398 		err = -ESTALE;
399 		goto fail;
400 	}
401 
402 out:
403 	dput(parent);
404 	inode_unlock(dir);
405 	return this;
406 
407 fail:
408 	pr_warn_ratelimited("failed to lookup one by real (%pd2, layer=%d, connected=%pd2, err=%i)\n",
409 			    real, layer->idx, connected, err);
410 	this = ERR_PTR(err);
411 	goto out;
412 }
413 
414 static struct dentry *ovl_lookup_real(struct super_block *sb,
415 				      struct dentry *real,
416 				      const struct ovl_layer *layer);
417 
418 /*
419  * Lookup an indexed or hashed overlay dentry by real inode.
420  */
ovl_lookup_real_inode(struct super_block * sb,struct dentry * real,const struct ovl_layer * layer)421 static struct dentry *ovl_lookup_real_inode(struct super_block *sb,
422 					    struct dentry *real,
423 					    const struct ovl_layer *layer)
424 {
425 	struct ovl_fs *ofs = OVL_FS(sb);
426 	struct dentry *index = NULL;
427 	struct dentry *this = NULL;
428 	struct inode *inode;
429 
430 	/*
431 	 * Decoding upper dir from index is expensive, so first try to lookup
432 	 * overlay dentry in inode/dcache.
433 	 */
434 	inode = ovl_lookup_inode(sb, real, !layer->idx);
435 	if (IS_ERR(inode))
436 		return ERR_CAST(inode);
437 	if (inode) {
438 		this = d_find_any_alias(inode);
439 		iput(inode);
440 	}
441 
442 	/*
443 	 * For decoded lower dir file handle, lookup index by origin to check
444 	 * if lower dir was copied up and and/or removed.
445 	 */
446 	if (!this && layer->idx && ovl_indexdir(sb) && !WARN_ON(!d_is_dir(real))) {
447 		index = ovl_lookup_index(ofs, NULL, real, false);
448 		if (IS_ERR(index))
449 			return index;
450 	}
451 
452 	/* Get connected upper overlay dir from index */
453 	if (index) {
454 		struct dentry *upper = ovl_index_upper(ofs, index, true);
455 
456 		dput(index);
457 		if (IS_ERR_OR_NULL(upper))
458 			return upper;
459 
460 		/*
461 		 * ovl_lookup_real() in lower layer may call recursively once to
462 		 * ovl_lookup_real() in upper layer. The first level call walks
463 		 * back lower parents to the topmost indexed parent. The second
464 		 * recursive call walks back from indexed upper to the topmost
465 		 * connected/hashed upper parent (or up to root).
466 		 */
467 		this = ovl_lookup_real(sb, upper, &ofs->layers[0]);
468 		dput(upper);
469 	}
470 
471 	if (IS_ERR_OR_NULL(this))
472 		return this;
473 
474 	if (ovl_dentry_real_at(this, layer->idx) != real) {
475 		dput(this);
476 		this = ERR_PTR(-EIO);
477 	}
478 
479 	return this;
480 }
481 
482 /*
483  * Lookup an indexed or hashed overlay dentry, whose real dentry is an
484  * ancestor of @real.
485  */
ovl_lookup_real_ancestor(struct super_block * sb,struct dentry * real,const struct ovl_layer * layer)486 static struct dentry *ovl_lookup_real_ancestor(struct super_block *sb,
487 					       struct dentry *real,
488 					       const struct ovl_layer *layer)
489 {
490 	struct dentry *next, *parent = NULL;
491 	struct dentry *ancestor = ERR_PTR(-EIO);
492 
493 	if (real == layer->mnt->mnt_root)
494 		return dget(sb->s_root);
495 
496 	/* Find the topmost indexed or hashed ancestor */
497 	next = dget(real);
498 	for (;;) {
499 		parent = dget_parent(next);
500 
501 		/*
502 		 * Lookup a matching overlay dentry in inode/dentry
503 		 * cache or in index by real inode.
504 		 */
505 		ancestor = ovl_lookup_real_inode(sb, next, layer);
506 		if (ancestor)
507 			break;
508 
509 		if (parent == layer->mnt->mnt_root) {
510 			ancestor = dget(sb->s_root);
511 			break;
512 		}
513 
514 		/*
515 		 * If @real has been moved out of the layer root directory,
516 		 * we will eventully hit the real fs root. This cannot happen
517 		 * by legit overlay rename, so we return error in that case.
518 		 */
519 		if (parent == next) {
520 			ancestor = ERR_PTR(-EXDEV);
521 			break;
522 		}
523 
524 		dput(next);
525 		next = parent;
526 	}
527 
528 	dput(parent);
529 	dput(next);
530 
531 	return ancestor;
532 }
533 
534 /*
535  * Lookup a connected overlay dentry whose real dentry is @real.
536  * If @real is on upper layer, we lookup a child overlay dentry with the same
537  * path the real dentry. Otherwise, we need to consult index for lookup.
538  */
ovl_lookup_real(struct super_block * sb,struct dentry * real,const struct ovl_layer * layer)539 static struct dentry *ovl_lookup_real(struct super_block *sb,
540 				      struct dentry *real,
541 				      const struct ovl_layer *layer)
542 {
543 	struct dentry *connected;
544 	int err = 0;
545 
546 	connected = ovl_lookup_real_ancestor(sb, real, layer);
547 	if (IS_ERR(connected))
548 		return connected;
549 
550 	while (!err) {
551 		struct dentry *next, *this;
552 		struct dentry *parent = NULL;
553 		struct dentry *real_connected = ovl_dentry_real_at(connected,
554 								   layer->idx);
555 
556 		if (real_connected == real)
557 			break;
558 
559 		/* Find the topmost dentry not yet connected */
560 		next = dget(real);
561 		for (;;) {
562 			parent = dget_parent(next);
563 
564 			if (parent == real_connected)
565 				break;
566 
567 			/*
568 			 * If real has been moved out of 'real_connected',
569 			 * we will not find 'real_connected' and hit the layer
570 			 * root. In that case, we need to restart connecting.
571 			 * This game can go on forever in the worst case. We
572 			 * may want to consider taking s_vfs_rename_mutex if
573 			 * this happens more than once.
574 			 */
575 			if (parent == layer->mnt->mnt_root) {
576 				dput(connected);
577 				connected = dget(sb->s_root);
578 				break;
579 			}
580 
581 			/*
582 			 * If real file has been moved out of the layer root
583 			 * directory, we will eventully hit the real fs root.
584 			 * This cannot happen by legit overlay rename, so we
585 			 * return error in that case.
586 			 */
587 			if (parent == next) {
588 				err = -EXDEV;
589 				break;
590 			}
591 
592 			dput(next);
593 			next = parent;
594 		}
595 
596 		if (!err) {
597 			this = ovl_lookup_real_one(connected, next, layer);
598 			if (IS_ERR(this))
599 				err = PTR_ERR(this);
600 
601 			/*
602 			 * Lookup of child in overlay can fail when racing with
603 			 * overlay rename of child away from 'connected' parent.
604 			 * In this case, we need to restart the lookup from the
605 			 * top, because we cannot trust that 'real_connected' is
606 			 * still an ancestor of 'real'. There is a good chance
607 			 * that the renamed overlay ancestor is now in cache, so
608 			 * ovl_lookup_real_ancestor() will find it and we can
609 			 * continue to connect exactly from where lookup failed.
610 			 */
611 			if (err == -ECHILD) {
612 				this = ovl_lookup_real_ancestor(sb, real,
613 								layer);
614 				err = PTR_ERR_OR_ZERO(this);
615 			}
616 			if (!err) {
617 				dput(connected);
618 				connected = this;
619 			}
620 		}
621 
622 		dput(parent);
623 		dput(next);
624 	}
625 
626 	if (err)
627 		goto fail;
628 
629 	return connected;
630 
631 fail:
632 	pr_warn_ratelimited("failed to lookup by real (%pd2, layer=%d, connected=%pd2, err=%i)\n",
633 			    real, layer->idx, connected, err);
634 	dput(connected);
635 	return ERR_PTR(err);
636 }
637 
638 /*
639  * Get an overlay dentry from upper/lower real dentries and index.
640  */
ovl_get_dentry(struct super_block * sb,struct dentry * upper,struct ovl_path * lowerpath,struct dentry * index)641 static struct dentry *ovl_get_dentry(struct super_block *sb,
642 				     struct dentry *upper,
643 				     struct ovl_path *lowerpath,
644 				     struct dentry *index)
645 {
646 	struct ovl_fs *ofs = OVL_FS(sb);
647 	const struct ovl_layer *layer = upper ? &ofs->layers[0] : lowerpath->layer;
648 	struct dentry *real = upper ?: (index ?: lowerpath->dentry);
649 
650 	/*
651 	 * Obtain a disconnected overlay dentry from a non-dir real dentry
652 	 * and index.
653 	 */
654 	if (!d_is_dir(real))
655 		return ovl_obtain_alias(sb, upper, lowerpath, index);
656 
657 	/* Removed empty directory? */
658 	if ((real->d_flags & DCACHE_DISCONNECTED) || d_unhashed(real))
659 		return ERR_PTR(-ENOENT);
660 
661 	/*
662 	 * If real dentry is connected and hashed, get a connected overlay
663 	 * dentry whose real dentry is @real.
664 	 */
665 	return ovl_lookup_real(sb, real, layer);
666 }
667 
ovl_upper_fh_to_d(struct super_block * sb,struct ovl_fh * fh)668 static struct dentry *ovl_upper_fh_to_d(struct super_block *sb,
669 					struct ovl_fh *fh)
670 {
671 	struct ovl_fs *ofs = OVL_FS(sb);
672 	struct dentry *dentry;
673 	struct dentry *upper;
674 
675 	if (!ovl_upper_mnt(ofs))
676 		return ERR_PTR(-EACCES);
677 
678 	upper = ovl_decode_real_fh(ofs, fh, ovl_upper_mnt(ofs), true);
679 	if (IS_ERR_OR_NULL(upper))
680 		return upper;
681 
682 	dentry = ovl_get_dentry(sb, upper, NULL, NULL);
683 	dput(upper);
684 
685 	return dentry;
686 }
687 
ovl_lower_fh_to_d(struct super_block * sb,struct ovl_fh * fh)688 static struct dentry *ovl_lower_fh_to_d(struct super_block *sb,
689 					struct ovl_fh *fh)
690 {
691 	struct ovl_fs *ofs = OVL_FS(sb);
692 	struct ovl_path origin = { };
693 	struct ovl_path *stack = &origin;
694 	struct dentry *dentry = NULL;
695 	struct dentry *index = NULL;
696 	struct inode *inode;
697 	int err;
698 
699 	/* First lookup overlay inode in inode cache by origin fh */
700 	err = ovl_check_origin_fh(ofs, fh, false, NULL, &stack);
701 	if (err)
702 		return ERR_PTR(err);
703 
704 	if (!d_is_dir(origin.dentry) ||
705 	    !(origin.dentry->d_flags & DCACHE_DISCONNECTED)) {
706 		inode = ovl_lookup_inode(sb, origin.dentry, false);
707 		err = PTR_ERR(inode);
708 		if (IS_ERR(inode))
709 			goto out_err;
710 		if (inode) {
711 			dentry = d_find_any_alias(inode);
712 			iput(inode);
713 			if (dentry)
714 				goto out;
715 		}
716 	}
717 
718 	/* Then lookup indexed upper/whiteout by origin fh */
719 	if (ovl_indexdir(sb)) {
720 		index = ovl_get_index_fh(ofs, fh);
721 		err = PTR_ERR(index);
722 		if (IS_ERR(index)) {
723 			index = NULL;
724 			goto out_err;
725 		}
726 	}
727 
728 	/* Then try to get a connected upper dir by index */
729 	if (index && d_is_dir(index)) {
730 		struct dentry *upper = ovl_index_upper(ofs, index, true);
731 
732 		err = PTR_ERR(upper);
733 		if (IS_ERR_OR_NULL(upper))
734 			goto out_err;
735 
736 		dentry = ovl_get_dentry(sb, upper, NULL, NULL);
737 		dput(upper);
738 		goto out;
739 	}
740 
741 	/* Find origin.dentry again with ovl_acceptable() layer check */
742 	if (d_is_dir(origin.dentry)) {
743 		dput(origin.dentry);
744 		origin.dentry = NULL;
745 		err = ovl_check_origin_fh(ofs, fh, true, NULL, &stack);
746 		if (err)
747 			goto out_err;
748 	}
749 	if (index) {
750 		err = ovl_verify_origin(ofs, index, origin.dentry, false);
751 		if (err)
752 			goto out_err;
753 	}
754 
755 	/* Get a connected non-upper dir or disconnected non-dir */
756 	dentry = ovl_get_dentry(sb, NULL, &origin, index);
757 
758 out:
759 	dput(origin.dentry);
760 	dput(index);
761 	return dentry;
762 
763 out_err:
764 	dentry = ERR_PTR(err);
765 	goto out;
766 }
767 
ovl_fid_to_fh(struct fid * fid,int buflen,int fh_type)768 static struct ovl_fh *ovl_fid_to_fh(struct fid *fid, int buflen, int fh_type)
769 {
770 	struct ovl_fh *fh;
771 
772 	/* If on-wire inner fid is aligned - nothing to do */
773 	if (fh_type == OVL_FILEID_V1)
774 		return (struct ovl_fh *)fid;
775 
776 	if (fh_type != OVL_FILEID_V0)
777 		return ERR_PTR(-EINVAL);
778 
779 	if (buflen <= OVL_FH_WIRE_OFFSET)
780 		return ERR_PTR(-EINVAL);
781 
782 	fh = kzalloc(buflen, GFP_KERNEL);
783 	if (!fh)
784 		return ERR_PTR(-ENOMEM);
785 
786 	/* Copy unaligned inner fh into aligned buffer */
787 	memcpy(fh->buf, fid, buflen - OVL_FH_WIRE_OFFSET);
788 	return fh;
789 }
790 
ovl_fh_to_dentry(struct super_block * sb,struct fid * fid,int fh_len,int fh_type)791 static struct dentry *ovl_fh_to_dentry(struct super_block *sb, struct fid *fid,
792 				       int fh_len, int fh_type)
793 {
794 	struct dentry *dentry = NULL;
795 	struct ovl_fh *fh = NULL;
796 	int len = fh_len << 2;
797 	unsigned int flags = 0;
798 	int err;
799 
800 	fh = ovl_fid_to_fh(fid, len, fh_type);
801 	err = PTR_ERR(fh);
802 	if (IS_ERR(fh))
803 		goto out_err;
804 
805 	err = ovl_check_fh_len(fh, len);
806 	if (err)
807 		goto out_err;
808 
809 	flags = fh->fb.flags;
810 	dentry = (flags & OVL_FH_FLAG_PATH_UPPER) ?
811 		 ovl_upper_fh_to_d(sb, fh) :
812 		 ovl_lower_fh_to_d(sb, fh);
813 	err = PTR_ERR(dentry);
814 	if (IS_ERR(dentry) && err != -ESTALE)
815 		goto out_err;
816 
817 out:
818 	/* We may have needed to re-align OVL_FILEID_V0 */
819 	if (!IS_ERR_OR_NULL(fh) && fh != (void *)fid)
820 		kfree(fh);
821 
822 	return dentry;
823 
824 out_err:
825 	pr_warn_ratelimited("failed to decode file handle (len=%d, type=%d, flags=%x, err=%i)\n",
826 			    fh_len, fh_type, flags, err);
827 	dentry = ERR_PTR(err);
828 	goto out;
829 }
830 
ovl_fh_to_parent(struct super_block * sb,struct fid * fid,int fh_len,int fh_type)831 static struct dentry *ovl_fh_to_parent(struct super_block *sb, struct fid *fid,
832 				       int fh_len, int fh_type)
833 {
834 	pr_warn_ratelimited("connectable file handles not supported; use 'no_subtree_check' exportfs option.\n");
835 	return ERR_PTR(-EACCES);
836 }
837 
ovl_get_name(struct dentry * parent,char * name,struct dentry * child)838 static int ovl_get_name(struct dentry *parent, char *name,
839 			struct dentry *child)
840 {
841 	/*
842 	 * ovl_fh_to_dentry() returns connected dir overlay dentries and
843 	 * ovl_fh_to_parent() is not implemented, so we should not get here.
844 	 */
845 	WARN_ON_ONCE(1);
846 	return -EIO;
847 }
848 
ovl_get_parent(struct dentry * dentry)849 static struct dentry *ovl_get_parent(struct dentry *dentry)
850 {
851 	/*
852 	 * ovl_fh_to_dentry() returns connected dir overlay dentries, so we
853 	 * should not get here.
854 	 */
855 	WARN_ON_ONCE(1);
856 	return ERR_PTR(-EIO);
857 }
858 
859 const struct export_operations ovl_export_operations = {
860 	.encode_fh	= ovl_encode_fh,
861 	.fh_to_dentry	= ovl_fh_to_dentry,
862 	.fh_to_parent	= ovl_fh_to_parent,
863 	.get_name	= ovl_get_name,
864 	.get_parent	= ovl_get_parent,
865 };
866 
867 /* encode_fh() encodes non-decodable file handles with nfs_export=off */
868 const struct export_operations ovl_export_fid_operations = {
869 	.encode_fh	= ovl_encode_fh,
870 };
871