fs/overlayfs/export.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Overlayfs NFS export support.
0004  *
0005  * Amir Goldstein <amir73il@gmail.com>
0006  *
0007  * Copyright (C) 2017-2018 CTERA Networks. All Rights Reserved.
0008  */
0009
0010 #include <linux/fs.h>
0011 #include <linux/cred.h>
0012 #include <linux/mount.h>
0013 #include <linux/namei.h>
0014 #include <linux/xattr.h>
0015 #include <linux/exportfs.h>
0016 #include <linux/ratelimit.h>
0017 #include "overlayfs.h"
0018
0019 static int ovl_encode_maybe_copy_up(struct dentry *dentry)
0020 {
0021     int err;
0022
0023     if (ovl_dentry_upper(dentry))
0024         return 0;
0025
0026     err = ovl_want_write(dentry);
0027     if (!err) {
0028         err = ovl_copy_up(dentry);
0029         ovl_drop_write(dentry);
0030     }
0031
0032     if (err) {
0033         pr_warn_ratelimited("failed to copy up on encode (%pd2, err=%i)\n",
0034                     dentry, err);
0035     }
0036
0037     return err;
0038 }
0039
0040 /*
0041  * Before encoding a non-upper directory file handle from real layer N, we need
0042  * to check if it will be possible to reconnect an overlay dentry from the real
0043  * lower decoded dentry. This is done by following the overlay ancestry up to a
0044  * "layer N connected" ancestor and verifying that all parents along the way are
0045  * "layer N connectable". If an ancestor that is NOT "layer N connectable" is
0046  * found, we need to copy up an ancestor, which is "layer N connectable", thus
0047  * making that ancestor "layer N connected". For example:
0048  *
0049  * layer 1: /a
0050  * layer 2: /a/b/c
0051  *
0052  * The overlay dentry /a is NOT "layer 2 connectable", because if dir /a is
0053  * copied up and renamed, upper dir /a will be indexed by lower dir /a from
0054  * layer 1. The dir /a from layer 2 will never be indexed, so the algorithm (*)
0055  * in ovl_lookup_real_ancestor() will not be able to lookup a connected overlay
0056  * dentry from the connected lower dentry /a/b/c.
0057  *
0058  * To avoid this problem on decode time, we need to copy up an ancestor of
0059  * /a/b/c, which is "layer 2 connectable", on encode time. That ancestor is
0060  * /a/b. After copy up (and index) of /a/b, it will become "layer 2 connected"
0061  * and when the time comes to decode the file handle from lower dentry /a/b/c,
0062  * ovl_lookup_real_ancestor() will find the indexed ancestor /a/b and decoding
0063  * a connected overlay dentry will be accomplished.
0064  *
0065  * (*) the algorithm in ovl_lookup_real_ancestor() can be improved to lookup an
0066  * entry /a in the lower layers above layer N and find the indexed dir /a from
0067  * layer 1. If that improvement is made, then the check for "layer N connected"
0068  * will need to verify there are no redirects in lower layers above N. In the
0069  * example above, /a will be "layer 2 connectable". However, if layer 2 dir /a
0070  * is a target of a layer 1 redirect, then /a will NOT be "layer 2 connectable":
0071  *
0072  * layer 1: /A (redirect = /a)
0073  * layer 2: /a/b/c
0074  */
0075
0076 /* Return the lowest layer for encoding a connectable file handle */
0077 static int ovl_connectable_layer(struct dentry *dentry)
0078 {
0079     struct ovl_entry *oe = OVL_E(dentry);
0080
0081     /* We can get overlay root from root of any layer */
0082     if (dentry == dentry->d_sb->s_root)
0083         return oe->numlower;
0084
0085     /*
0086      * If it's an unindexed merge dir, then it's not connectable with any
0087      * lower layer
0088      */
0089     if (ovl_dentry_upper(dentry) &&
0090         !ovl_test_flag(OVL_INDEX, d_inode(dentry)))
0091         return 0;
0092
0093     /* We can get upper/overlay path from indexed/lower dentry */
0094     return oe->lowerstack[0].layer->idx;
0095 }
0096
0097 /*
0098  * @dentry is "connected" if all ancestors up to root or a "connected" ancestor
0099  * have the same uppermost lower layer as the origin's layer. We may need to
0100  * copy up a "connectable" ancestor to make it "connected". A "connected" dentry
0101  * cannot become non "connected", so cache positive result in dentry flags.
0102  *
0103  * Return the connected origin layer or < 0 on error.
0104  */
0105 static int ovl_connect_layer(struct dentry *dentry)
0106 {
0107     struct dentry *next, *parent = NULL;
0108     int origin_layer;
0109     int err = 0;
0110
0111     if (WARN_ON(dentry == dentry->d_sb->s_root) ||
0112         WARN_ON(!ovl_dentry_lower(dentry)))
0113         return -EIO;
0114
0115     origin_layer = OVL_E(dentry)->lowerstack[0].layer->idx;
0116     if (ovl_dentry_test_flag(OVL_E_CONNECTED, dentry))
0117         return origin_layer;
0118
0119     /* Find the topmost origin layer connectable ancestor of @dentry */
0120     next = dget(dentry);
0121     for (;;) {
0122         parent = dget_parent(next);
0123         if (WARN_ON(parent == next)) {
0124             err = -EIO;
0125             break;
0126         }
0127
0128         /*
0129          * If @parent is not origin layer connectable, then copy up
0130          * @next which is origin layer connectable and we are done.
0131          */
0132         if (ovl_connectable_layer(parent) < origin_layer) {
0133             err = ovl_encode_maybe_copy_up(next);
0134             break;
0135         }
0136
0137         /* If @parent is connected or indexed we are done */
0138         if (ovl_dentry_test_flag(OVL_E_CONNECTED, parent) ||
0139             ovl_test_flag(OVL_INDEX, d_inode(parent)))
0140             break;
0141
0142         dput(next);
0143         next = parent;
0144     }
0145
0146     dput(parent);
0147     dput(next);
0148
0149     if (!err)
0150         ovl_dentry_set_flag(OVL_E_CONNECTED, dentry);
0151
0152     return err ?: origin_layer;
0153 }
0154
0155 /*
0156  * We only need to encode origin if there is a chance that the same object was
0157  * encoded pre copy up and then we need to stay consistent with the same
0158  * encoding also after copy up. If non-pure upper is not indexed, then it was
0159  * copied up before NFS export was enabled. In that case we don't need to worry
0160  * about staying consistent with pre copy up encoding and we encode an upper
0161  * file handle. Overlay root dentry is a private case of non-indexed upper.
0162  *
0163  * The following table summarizes the different file handle encodings used for
0164  * different overlay object types:
0165  *
0166  *  Object type     | Encoding
0167  * --------------------------------
0168  *  Pure upper      | U
0169  *  Non-indexed upper   | U
0170  *  Indexed upper   | L (*)
0171  *  Non-upper       | L (*)
0172  *
0173  * U = upper file handle
0174  * L = lower file handle
0175  *
0176  * (*) Connecting an overlay dir from real lower dentry is not always
0177  * possible when there are redirects in lower layers and non-indexed merge dirs.
0178  * To mitigate those case, we may copy up the lower dir ancestor before encode
0179  * a lower dir file handle.
0180  *
0181  * Return 0 for upper file handle, > 0 for lower file handle or < 0 on error.
0182  */
0183 static int ovl_check_encode_origin(struct dentry *dentry)
0184 {
0185     struct ovl_fs *ofs = dentry->d_sb->s_fs_info;
0186
0187     /* Upper file handle for pure upper */
0188     if (!ovl_dentry_lower(dentry))
0189         return 0;
0190
0191     /*
0192      * Upper file handle for non-indexed upper.
0193      *
0194      * Root is never indexed, so if there's an upper layer, encode upper for
0195      * root.
0196      */
0197     if (ovl_dentry_upper(dentry) &&
0198         !ovl_test_flag(OVL_INDEX, d_inode(dentry)))
0199         return 0;
0200
0201     /*
0202      * Decoding a merge dir, whose origin's ancestor is under a redirected
0203      * lower dir or under a non-indexed upper is not always possible.
0204      * ovl_connect_layer() will try to make origin's layer "connected" by
0205      * copying up a "connectable" ancestor.
0206      */
0207     if (d_is_dir(dentry) && ovl_upper_mnt(ofs))
0208         return ovl_connect_layer(dentry);
0209
0210     /* Lower file handle for indexed and non-upper dir/non-dir */
0211     return 1;
0212 }
0213
0214 static int ovl_dentry_to_fid(struct ovl_fs *ofs, struct dentry *dentry,
0215                  u32 *fid, int buflen)
0216 {
0217     struct ovl_fh *fh = NULL;
0218     int err, enc_lower;
0219     int len;
0220
0221     /*
0222      * Check if we should encode a lower or upper file handle and maybe
0223      * copy up an ancestor to make lower file handle connectable.
0224      */
0225     err = enc_lower = ovl_check_encode_origin(dentry);
0226     if (enc_lower < 0)
0227         goto fail;
0228
0229     /* Encode an upper or lower file handle */
0230     fh = ovl_encode_real_fh(ofs, enc_lower ? ovl_dentry_lower(dentry) :
0231                 ovl_dentry_upper(dentry), !enc_lower);
0232     if (IS_ERR(fh))
0233         return PTR_ERR(fh);
0234
0235     len = OVL_FH_LEN(fh);
0236     if (len <= buflen)
0237         memcpy(fid, fh, len);
0238     err = len;
0239
0240 out:
0241     kfree(fh);
0242     return err;
0243
0244 fail:
0245     pr_warn_ratelimited("failed to encode file handle (%pd2, err=%i)\n",
0246                 dentry, err);
0247     goto out;
0248 }
0249
0250 static int ovl_encode_fh(struct inode *inode, u32 *fid, int *max_len,
0251              struct inode *parent)
0252 {
0253     struct ovl_fs *ofs = OVL_FS(inode->i_sb);
0254     struct dentry *dentry;
0255     int bytes, buflen = *max_len << 2;
0256
0257     /* TODO: encode connectable file handles */
0258     if (parent)
0259         return FILEID_INVALID;
0260
0261     dentry = d_find_any_alias(inode);
0262     if (!dentry)
0263         return FILEID_INVALID;
0264
0265     bytes = ovl_dentry_to_fid(ofs, dentry, fid, buflen);
0266     dput(dentry);
0267     if (bytes <= 0)
0268         return FILEID_INVALID;
0269
0270     *max_len = bytes >> 2;
0271     if (bytes > buflen)
0272         return FILEID_INVALID;
0273
0274     return OVL_FILEID_V1;
0275 }
0276
0277 /*
0278  * Find or instantiate an overlay dentry from real dentries and index.
0279  */
0280 static struct dentry *ovl_obtain_alias(struct super_block *sb,
0281                        struct dentry *upper_alias,
0282                        struct ovl_path *lowerpath,
0283                        struct dentry *index)
0284 {
0285     struct dentry *lower = lowerpath ? lowerpath->dentry : NULL;
0286     struct dentry *upper = upper_alias ?: index;
0287     struct dentry *dentry;
0288     struct inode *inode;
0289     struct ovl_entry *oe;
0290     struct ovl_inode_params oip = {
0291         .lowerpath = lowerpath,
0292         .index = index,
0293         .numlower = !!lower
0294     };
0295
0296     /* We get overlay directory dentries with ovl_lookup_real() */
0297     if (d_is_dir(upper ?: lower))
0298         return ERR_PTR(-EIO);
0299
0300     oip.upperdentry = dget(upper);
0301     inode = ovl_get_inode(sb, &oip);
0302     if (IS_ERR(inode)) {
0303         dput(upper);
0304         return ERR_CAST(inode);
0305     }
0306
0307     if (upper)
0308         ovl_set_flag(OVL_UPPERDATA, inode);
0309
0310     dentry = d_find_any_alias(inode);
0311     if (dentry)
0312         goto out_iput;
0313
0314     dentry = d_alloc_anon(inode->i_sb);
0315     if (unlikely(!dentry))
0316         goto nomem;
0317     oe = ovl_alloc_entry(lower ? 1 : 0);
0318     if (!oe)
0319         goto nomem;
0320
0321     if (lower) {
0322         oe->lowerstack->dentry = dget(lower);
0323         oe->lowerstack->layer = lowerpath->layer;
0324     }
0325     dentry->d_fsdata = oe;
0326     if (upper_alias)
0327         ovl_dentry_set_upper_alias(dentry);
0328
0329     ovl_dentry_update_reval(dentry, upper,
0330             DCACHE_OP_REVALIDATE | DCACHE_OP_WEAK_REVALIDATE);
0331
0332     return d_instantiate_anon(dentry, inode);
0333
0334 nomem:
0335     dput(dentry);
0336     dentry = ERR_PTR(-ENOMEM);
0337 out_iput:
0338     iput(inode);
0339     return dentry;
0340 }
0341
0342 /* Get the upper or lower dentry in stach whose on layer @idx */
0343 static struct dentry *ovl_dentry_real_at(struct dentry *dentry, int idx)
0344 {
0345     struct ovl_entry *oe = dentry->d_fsdata;
0346     int i;
0347
0348     if (!idx)
0349         return ovl_dentry_upper(dentry);
0350
0351     for (i = 0; i < oe->numlower; i++) {
0352         if (oe->lowerstack[i].layer->idx == idx)
0353             return oe->lowerstack[i].dentry;
0354     }
0355
0356     return NULL;
0357 }
0358
0359 /*
0360  * Lookup a child overlay dentry to get a connected overlay dentry whose real
0361  * dentry is @real. If @real is on upper layer, we lookup a child overlay
0362  * dentry with the same name as the real dentry. Otherwise, we need to consult
0363  * index for lookup.
0364  */
0365 static struct dentry *ovl_lookup_real_one(struct dentry *connected,
0366                       struct dentry *real,
0367                       const struct ovl_layer *layer)
0368 {
0369     struct inode *dir = d_inode(connected);
0370     struct dentry *this, *parent = NULL;
0371     struct name_snapshot name;
0372     int err;
0373
0374     /*
0375      * Lookup child overlay dentry by real name. The dir mutex protects us
0376      * from racing with overlay rename. If the overlay dentry that is above
0377      * real has already been moved to a parent that is not under the
0378      * connected overlay dir, we return -ECHILD and restart the lookup of
0379      * connected real path from the top.
0380      */
0381     inode_lock_nested(dir, I_MUTEX_PARENT);
0382     err = -ECHILD;
0383     parent = dget_parent(real);
0384     if (ovl_dentry_real_at(connected, layer->idx) != parent)
0385         goto fail;
0386
0387     /*
0388      * We also need to take a snapshot of real dentry name to protect us
0389      * from racing with underlying layer rename. In this case, we don't
0390      * care about returning ESTALE, only from dereferencing a free name
0391      * pointer because we hold no lock on the real dentry.
0392      */
0393     take_dentry_name_snapshot(&name, real);
0394     /*
0395      * No mnt_userns handling here: it's an internal lookup.  Could skip
0396      * permission checking altogether, but for now just use non-mnt_userns
0397      * transformed ids.
0398      */
0399     this = lookup_one_len(name.name.name, connected, name.name.len);
0400     release_dentry_name_snapshot(&name);
0401     err = PTR_ERR(this);
0402     if (IS_ERR(this)) {
0403         goto fail;
0404     } else if (!this || !this->d_inode) {
0405         dput(this);
0406         err = -ENOENT;
0407         goto fail;
0408     } else if (ovl_dentry_real_at(this, layer->idx) != real) {
0409         dput(this);
0410         err = -ESTALE;
0411         goto fail;
0412     }
0413
0414 out:
0415     dput(parent);
0416     inode_unlock(dir);
0417     return this;
0418
0419 fail:
0420     pr_warn_ratelimited("failed to lookup one by real (%pd2, layer=%d, connected=%pd2, err=%i)\n",
0421                 real, layer->idx, connected, err);
0422     this = ERR_PTR(err);
0423     goto out;
0424 }
0425
0426 static struct dentry *ovl_lookup_real(struct super_block *sb,
0427                       struct dentry *real,
0428                       const struct ovl_layer *layer);
0429
0430 /*
0431  * Lookup an indexed or hashed overlay dentry by real inode.
0432  */
0433 static struct dentry *ovl_lookup_real_inode(struct super_block *sb,
0434                         struct dentry *real,
0435                         const struct ovl_layer *layer)
0436 {
0437     struct ovl_fs *ofs = sb->s_fs_info;
0438     struct dentry *index = NULL;
0439     struct dentry *this = NULL;
0440     struct inode *inode;
0441
0442     /*
0443      * Decoding upper dir from index is expensive, so first try to lookup
0444      * overlay dentry in inode/dcache.
0445      */
0446     inode = ovl_lookup_inode(sb, real, !layer->idx);
0447     if (IS_ERR(inode))
0448         return ERR_CAST(inode);
0449     if (inode) {
0450         this = d_find_any_alias(inode);
0451         iput(inode);
0452     }
0453
0454     /*
0455      * For decoded lower dir file handle, lookup index by origin to check
0456      * if lower dir was copied up and and/or removed.
0457      */
0458     if (!this && layer->idx && ofs->indexdir && !WARN_ON(!d_is_dir(real))) {
0459         index = ovl_lookup_index(ofs, NULL, real, false);
0460         if (IS_ERR(index))
0461             return index;
0462     }
0463
0464     /* Get connected upper overlay dir from index */
0465     if (index) {
0466         struct dentry *upper = ovl_index_upper(ofs, index);
0467
0468         dput(index);
0469         if (IS_ERR_OR_NULL(upper))
0470             return upper;
0471
0472         /*
0473          * ovl_lookup_real() in lower layer may call recursively once to
0474          * ovl_lookup_real() in upper layer. The first level call walks
0475          * back lower parents to the topmost indexed parent. The second
0476          * recursive call walks back from indexed upper to the topmost
0477          * connected/hashed upper parent (or up to root).
0478          */
0479         this = ovl_lookup_real(sb, upper, &ofs->layers[0]);
0480         dput(upper);
0481     }
0482
0483     if (IS_ERR_OR_NULL(this))
0484         return this;
0485
0486     if (ovl_dentry_real_at(this, layer->idx) != real) {
0487         dput(this);
0488         this = ERR_PTR(-EIO);
0489     }
0490
0491     return this;
0492 }
0493
0494 /*
0495  * Lookup an indexed or hashed overlay dentry, whose real dentry is an
0496  * ancestor of @real.
0497  */
0498 static struct dentry *ovl_lookup_real_ancestor(struct super_block *sb,
0499                            struct dentry *real,
0500                            const struct ovl_layer *layer)
0501 {
0502     struct dentry *next, *parent = NULL;
0503     struct dentry *ancestor = ERR_PTR(-EIO);
0504
0505     if (real == layer->mnt->mnt_root)
0506         return dget(sb->s_root);
0507
0508     /* Find the topmost indexed or hashed ancestor */
0509     next = dget(real);
0510     for (;;) {
0511         parent = dget_parent(next);
0512
0513         /*
0514          * Lookup a matching overlay dentry in inode/dentry
0515          * cache or in index by real inode.
0516          */
0517         ancestor = ovl_lookup_real_inode(sb, next, layer);
0518         if (ancestor)
0519             break;
0520
0521         if (parent == layer->mnt->mnt_root) {
0522             ancestor = dget(sb->s_root);
0523             break;
0524         }
0525
0526         /*
0527          * If @real has been moved out of the layer root directory,
0528          * we will eventully hit the real fs root. This cannot happen
0529          * by legit overlay rename, so we return error in that case.
0530          */
0531         if (parent == next) {
0532             ancestor = ERR_PTR(-EXDEV);
0533             break;
0534         }
0535
0536         dput(next);
0537         next = parent;
0538     }
0539
0540     dput(parent);
0541     dput(next);
0542
0543     return ancestor;
0544 }
0545
0546 /*
0547  * Lookup a connected overlay dentry whose real dentry is @real.
0548  * If @real is on upper layer, we lookup a child overlay dentry with the same
0549  * path the real dentry. Otherwise, we need to consult index for lookup.
0550  */
0551 static struct dentry *ovl_lookup_real(struct super_block *sb,
0552                       struct dentry *real,
0553                       const struct ovl_layer *layer)
0554 {
0555     struct dentry *connected;
0556     int err = 0;
0557
0558     connected = ovl_lookup_real_ancestor(sb, real, layer);
0559     if (IS_ERR(connected))
0560         return connected;
0561
0562     while (!err) {
0563         struct dentry *next, *this;
0564         struct dentry *parent = NULL;
0565         struct dentry *real_connected = ovl_dentry_real_at(connected,
0566                                    layer->idx);
0567
0568         if (real_connected == real)
0569             break;
0570
0571         /* Find the topmost dentry not yet connected */
0572         next = dget(real);
0573         for (;;) {
0574             parent = dget_parent(next);
0575
0576             if (parent == real_connected)
0577                 break;
0578
0579             /*
0580              * If real has been moved out of 'real_connected',
0581              * we will not find 'real_connected' and hit the layer
0582              * root. In that case, we need to restart connecting.
0583              * This game can go on forever in the worst case. We
0584              * may want to consider taking s_vfs_rename_mutex if
0585              * this happens more than once.
0586              */
0587             if (parent == layer->mnt->mnt_root) {
0588                 dput(connected);
0589                 connected = dget(sb->s_root);
0590                 break;
0591             }
0592
0593             /*
0594              * If real file has been moved out of the layer root
0595              * directory, we will eventully hit the real fs root.
0596              * This cannot happen by legit overlay rename, so we
0597              * return error in that case.
0598              */
0599             if (parent == next) {
0600                 err = -EXDEV;
0601                 break;
0602             }
0603
0604             dput(next);
0605             next = parent;
0606         }
0607
0608         if (!err) {
0609             this = ovl_lookup_real_one(connected, next, layer);
0610             if (IS_ERR(this))
0611                 err = PTR_ERR(this);
0612
0613             /*
0614              * Lookup of child in overlay can fail when racing with
0615              * overlay rename of child away from 'connected' parent.
0616              * In this case, we need to restart the lookup from the
0617              * top, because we cannot trust that 'real_connected' is
0618              * still an ancestor of 'real'. There is a good chance
0619              * that the renamed overlay ancestor is now in cache, so
0620              * ovl_lookup_real_ancestor() will find it and we can
0621              * continue to connect exactly from where lookup failed.
0622              */
0623             if (err == -ECHILD) {
0624                 this = ovl_lookup_real_ancestor(sb, real,
0625                                 layer);
0626                 err = PTR_ERR_OR_ZERO(this);
0627             }
0628             if (!err) {
0629                 dput(connected);
0630                 connected = this;
0631             }
0632         }
0633
0634         dput(parent);
0635         dput(next);
0636     }
0637
0638     if (err)
0639         goto fail;
0640
0641     return connected;
0642
0643 fail:
0644     pr_warn_ratelimited("failed to lookup by real (%pd2, layer=%d, connected=%pd2, err=%i)\n",
0645                 real, layer->idx, connected, err);
0646     dput(connected);
0647     return ERR_PTR(err);
0648 }
0649
0650 /*
0651  * Get an overlay dentry from upper/lower real dentries and index.
0652  */
0653 static struct dentry *ovl_get_dentry(struct super_block *sb,
0654                      struct dentry *upper,
0655                      struct ovl_path *lowerpath,
0656                      struct dentry *index)
0657 {
0658     struct ovl_fs *ofs = sb->s_fs_info;
0659     const struct ovl_layer *layer = upper ? &ofs->layers[0] : lowerpath->layer;
0660     struct dentry *real = upper ?: (index ?: lowerpath->dentry);
0661
0662     /*
0663      * Obtain a disconnected overlay dentry from a non-dir real dentry
0664      * and index.
0665      */
0666     if (!d_is_dir(real))
0667         return ovl_obtain_alias(sb, upper, lowerpath, index);
0668
0669     /* Removed empty directory? */
0670     if ((real->d_flags & DCACHE_DISCONNECTED) || d_unhashed(real))
0671         return ERR_PTR(-ENOENT);
0672
0673     /*
0674      * If real dentry is connected and hashed, get a connected overlay
0675      * dentry whose real dentry is @real.
0676      */
0677     return ovl_lookup_real(sb, real, layer);
0678 }
0679
0680 static struct dentry *ovl_upper_fh_to_d(struct super_block *sb,
0681                     struct ovl_fh *fh)
0682 {
0683     struct ovl_fs *ofs = sb->s_fs_info;
0684     struct dentry *dentry;
0685     struct dentry *upper;
0686
0687     if (!ovl_upper_mnt(ofs))
0688         return ERR_PTR(-EACCES);
0689
0690     upper = ovl_decode_real_fh(ofs, fh, ovl_upper_mnt(ofs), true);
0691     if (IS_ERR_OR_NULL(upper))
0692         return upper;
0693
0694     dentry = ovl_get_dentry(sb, upper, NULL, NULL);
0695     dput(upper);
0696
0697     return dentry;
0698 }
0699
0700 static struct dentry *ovl_lower_fh_to_d(struct super_block *sb,
0701                     struct ovl_fh *fh)
0702 {
0703     struct ovl_fs *ofs = sb->s_fs_info;
0704     struct ovl_path origin = { };
0705     struct ovl_path *stack = &origin;
0706     struct dentry *dentry = NULL;
0707     struct dentry *index = NULL;
0708     struct inode *inode;
0709     int err;
0710
0711     /* First lookup overlay inode in inode cache by origin fh */
0712     err = ovl_check_origin_fh(ofs, fh, false, NULL, &stack);
0713     if (err)
0714         return ERR_PTR(err);
0715
0716     if (!d_is_dir(origin.dentry) ||
0717         !(origin.dentry->d_flags & DCACHE_DISCONNECTED)) {
0718         inode = ovl_lookup_inode(sb, origin.dentry, false);
0719         err = PTR_ERR(inode);
0720         if (IS_ERR(inode))
0721             goto out_err;
0722         if (inode) {
0723             dentry = d_find_any_alias(inode);
0724             iput(inode);
0725             if (dentry)
0726                 goto out;
0727         }
0728     }
0729
0730     /* Then lookup indexed upper/whiteout by origin fh */
0731     if (ofs->indexdir) {
0732         index = ovl_get_index_fh(ofs, fh);
0733         err = PTR_ERR(index);
0734         if (IS_ERR(index)) {
0735             index = NULL;
0736             goto out_err;
0737         }
0738     }
0739
0740     /* Then try to get a connected upper dir by index */
0741     if (index && d_is_dir(index)) {
0742         struct dentry *upper = ovl_index_upper(ofs, index);
0743
0744         err = PTR_ERR(upper);
0745         if (IS_ERR_OR_NULL(upper))
0746             goto out_err;
0747
0748         dentry = ovl_get_dentry(sb, upper, NULL, NULL);
0749         dput(upper);
0750         goto out;
0751     }
0752
0753     /* Find origin.dentry again with ovl_acceptable() layer check */
0754     if (d_is_dir(origin.dentry)) {
0755         dput(origin.dentry);
0756         origin.dentry = NULL;
0757         err = ovl_check_origin_fh(ofs, fh, true, NULL, &stack);
0758         if (err)
0759             goto out_err;
0760     }
0761     if (index) {
0762         err = ovl_verify_origin(ofs, index, origin.dentry, false);
0763         if (err)
0764             goto out_err;
0765     }
0766
0767     /* Get a connected non-upper dir or disconnected non-dir */
0768     dentry = ovl_get_dentry(sb, NULL, &origin, index);
0769
0770 out:
0771     dput(origin.dentry);
0772     dput(index);
0773     return dentry;
0774
0775 out_err:
0776     dentry = ERR_PTR(err);
0777     goto out;
0778 }
0779
0780 static struct ovl_fh *ovl_fid_to_fh(struct fid *fid, int buflen, int fh_type)
0781 {
0782     struct ovl_fh *fh;
0783
0784     /* If on-wire inner fid is aligned - nothing to do */
0785     if (fh_type == OVL_FILEID_V1)
0786         return (struct ovl_fh *)fid;
0787
0788     if (fh_type != OVL_FILEID_V0)
0789         return ERR_PTR(-EINVAL);
0790
0791     if (buflen <= OVL_FH_WIRE_OFFSET)
0792         return ERR_PTR(-EINVAL);
0793
0794     fh = kzalloc(buflen, GFP_KERNEL);
0795     if (!fh)
0796         return ERR_PTR(-ENOMEM);
0797
0798     /* Copy unaligned inner fh into aligned buffer */
0799     memcpy(&fh->fb, fid, buflen - OVL_FH_WIRE_OFFSET);
0800     return fh;
0801 }
0802
0803 static struct dentry *ovl_fh_to_dentry(struct super_block *sb, struct fid *fid,
0804                        int fh_len, int fh_type)
0805 {
0806     struct dentry *dentry = NULL;
0807     struct ovl_fh *fh = NULL;
0808     int len = fh_len << 2;
0809     unsigned int flags = 0;
0810     int err;
0811
0812     fh = ovl_fid_to_fh(fid, len, fh_type);
0813     err = PTR_ERR(fh);
0814     if (IS_ERR(fh))
0815         goto out_err;
0816
0817     err = ovl_check_fh_len(fh, len);
0818     if (err)
0819         goto out_err;
0820
0821     flags = fh->fb.flags;
0822     dentry = (flags & OVL_FH_FLAG_PATH_UPPER) ?
0823          ovl_upper_fh_to_d(sb, fh) :
0824          ovl_lower_fh_to_d(sb, fh);
0825     err = PTR_ERR(dentry);
0826     if (IS_ERR(dentry) && err != -ESTALE)
0827         goto out_err;
0828
0829 out:
0830     /* We may have needed to re-align OVL_FILEID_V0 */
0831     if (!IS_ERR_OR_NULL(fh) && fh != (void *)fid)
0832         kfree(fh);
0833
0834     return dentry;
0835
0836 out_err:
0837     pr_warn_ratelimited("failed to decode file handle (len=%d, type=%d, flags=%x, err=%i)\n",
0838                 fh_len, fh_type, flags, err);
0839     dentry = ERR_PTR(err);
0840     goto out;
0841 }
0842
0843 static struct dentry *ovl_fh_to_parent(struct super_block *sb, struct fid *fid,
0844                        int fh_len, int fh_type)
0845 {
0846     pr_warn_ratelimited("connectable file handles not supported; use 'no_subtree_check' exportfs option.\n");
0847     return ERR_PTR(-EACCES);
0848 }
0849
0850 static int ovl_get_name(struct dentry *parent, char *name,
0851             struct dentry *child)
0852 {
0853     /*
0854      * ovl_fh_to_dentry() returns connected dir overlay dentries and
0855      * ovl_fh_to_parent() is not implemented, so we should not get here.
0856      */
0857     WARN_ON_ONCE(1);
0858     return -EIO;
0859 }
0860
0861 static struct dentry *ovl_get_parent(struct dentry *dentry)
0862 {
0863     /*
0864      * ovl_fh_to_dentry() returns connected dir overlay dentries, so we
0865      * should not get here.
0866      */
0867     WARN_ON_ONCE(1);
0868     return ERR_PTR(-EIO);
0869 }
0870
0871 const struct export_operations ovl_export_operations = {
0872     .encode_fh  = ovl_encode_fh,
0873     .fh_to_dentry   = ovl_fh_to_dentry,
0874     .fh_to_parent   = ovl_fh_to_parent,
0875     .get_name   = ovl_get_name,
0876     .get_parent = ovl_get_parent,
0877 };