/*
* after branch manipulating, refresh the file.
*/
static int refresh_file(struct file *file, int (*reopen)(struct file *file))
{
int err, need_reopen;
aufs_bindex_t bend, bindex;
struct dentry *dentry;
struct au_finfo *finfo;
struct au_hfile *hfile;
dentry = file->f_dentry;
finfo = au_fi(file);
if (!finfo->fi_hdir) {
hfile = &finfo->fi_htop;
AuDebugOn(!hfile->hf_file);
bindex = au_br_index(dentry->d_sb, hfile->hf_br->br_id);
AuDebugOn(bindex < 0);
if (bindex != finfo->fi_btop)
au_set_fbstart(file, bindex);
} else {
err = au_fidir_realloc(finfo, au_sbend(dentry->d_sb) + 1);
if (unlikely(err))
goto out;
au_do_refresh_dir(file);
}
err = 0;
need_reopen = 1;
if (!au_test_mmapped(file))
err = au_file_refresh_by_inode(file, &need_reopen);
if (!err && need_reopen && !d_unlinked(dentry))
err = reopen(file);
if (!err) {
au_update_figen(file);
goto out; /* success */
}
/* error, close all lower files */
if (finfo->fi_hdir) {
bend = au_fbend_dir(file);
for (bindex = au_fbstart(file); bindex <= bend; bindex++)
au_set_h_fptr(file, bindex, NULL);
}
out:
return err;
}
static void au_do_refresh_dir(struct file *file)
{
aufs_bindex_t bindex, bend, new_bindex, brid;
struct au_hfile *p, tmp, *q;
struct au_finfo *finfo;
struct super_block *sb;
struct au_fidir *fidir;
FiMustWriteLock(file);
sb = file->f_dentry->d_sb;
finfo = au_fi(file);
fidir = finfo->fi_hdir;
AuDebugOn(!fidir);
p = fidir->fd_hfile + finfo->fi_btop;
brid = p->hf_br->br_id;
bend = fidir->fd_bbot;
for (bindex = finfo->fi_btop; bindex <= bend; bindex++, p++) {
if (!p->hf_file)
continue;
new_bindex = au_br_index(sb, p->hf_br->br_id);
if (new_bindex == bindex)
continue;
if (new_bindex < 0) {
au_set_h_fptr(file, bindex, NULL);
continue;
}
/* swap two lower inode, and loop again */
q = fidir->fd_hfile + new_bindex;
tmp = *q;
*q = *p;
*p = tmp;
if (tmp.hf_file) {
bindex--;
p--;
}
}
p = fidir->fd_hfile;
if (!au_test_mmapped(file) && !d_unlinked(file->f_dentry)) {
bend = au_sbend(sb);
for (finfo->fi_btop = 0; finfo->fi_btop <= bend;
finfo->fi_btop++, p++)
if (p->hf_file) {
if (p->hf_file->f_dentry
&& p->hf_file->f_dentry->d_inode)
break;
else
au_hfput(p, file);
}
} else {
bend = au_br_index(sb, brid);
for (finfo->fi_btop = 0; finfo->fi_btop < bend;
finfo->fi_btop++, p++)
if (p->hf_file)
au_hfput(p, file);
bend = au_sbend(sb);
}
p = fidir->fd_hfile + bend;
for (fidir->fd_bbot = bend; fidir->fd_bbot >= finfo->fi_btop;
fidir->fd_bbot--, p--)
if (p->hf_file) {
if (p->hf_file->f_dentry
&& p->hf_file->f_dentry->d_inode)
break;
else
au_hfput(p, file);
}
AuDebugOn(fidir->fd_bbot < finfo->fi_btop);
}
/**
* d_namespace_path - lookup a name associated with a given path
* @path: path to lookup (NOT NULL)
* @buf: buffer to store path to (NOT NULL)
* @buflen: length of @buf
* @name: Returns - pointer for start of path name with in @buf (NOT NULL)
* @flags: flags controlling path lookup
*
* Handle path name lookup.
*
* Returns: %0 else error code if path lookup fails
* When no error the path name is returned in @name which points to
* to a position in @buf
*/
static int d_namespace_path(struct path *path, char *buf, int buflen,
char **name, int flags)
{
struct path root, tmp;
char *res;
int connected, error = 0;
/* Get the root we want to resolve too, released below */
if (flags & PATH_CHROOT_REL) {
/* resolve paths relative to chroot */
get_fs_root(current->fs, &root);
} else {
/* resolve paths relative to namespace */
root.mnt = current->nsproxy->mnt_ns->root;
root.dentry = root.mnt->mnt_root;
path_get(&root);
}
tmp = root;
res = __d_path(path, &tmp, buf, buflen);
*name = res;
/* handle error conditions - and still allow a partial path to
* be returned.
*/
if (IS_ERR(res)) {
error = PTR_ERR(res);
*name = buf;
goto out;
}
/* Handle two cases:
* 1. A deleted dentry && profile is not allowing mediation of deleted
* 2. On some filesystems, newly allocated dentries appear to the
* security_path hooks as a deleted dentry except without an inode
* allocated.
*/
if (d_unlinked(path->dentry) && path->dentry->d_inode &&
!(flags & PATH_MEDIATE_DELETED)) {
error = -ENOENT;
goto out;
}
/* Determine if the path is connected to the expected root */
connected = tmp.dentry == root.dentry && tmp.mnt == root.mnt;
/* If the path is not connected,
* check if it is a sysctl and handle specially else remove any
* leading / that __d_path may have returned.
* Unless
* specifically directed to connect the path,
* OR
* if in a chroot and doing chroot relative paths and the path
* resolves to the namespace root (would be connected outside
* of chroot) and specifically directed to connect paths to
* namespace root.
*/
if (!connected) {
/* is the disconnect path a sysctl? */
if (tmp.dentry->d_sb->s_magic == PROC_SUPER_MAGIC &&
strncmp(*name, "/sys/", 5) == 0) {
/* TODO: convert over to using a per namespace
* control instead of hard coded /proc
*/
error = prepend(name, *name - buf, "/proc", 5);
} else if (!(flags & PATH_CONNECT_PATH) &&
!(((flags & CHROOT_NSCONNECT) == CHROOT_NSCONNECT) &&
(tmp.mnt == current->nsproxy->mnt_ns->root &&
tmp.dentry == tmp.mnt->mnt_root))) {
/* disconnected path, don't return pathname starting
* with '/'
*/
error = -ESTALE;
if (*res == '/')
*name = res + 1;
}
}
out:
path_put(&root);
return error;
}
/* common functions to regular file and dir */
struct file *au_h_open(struct dentry *dentry, aufs_bindex_t bindex, int flags,
struct file *file)
{
struct file *h_file;
struct dentry *h_dentry;
struct inode *h_inode;
struct super_block *sb;
struct au_branch *br;
struct path h_path;
int err, exec_flag;
/* a race condition can happen between open and unlink/rmdir */
h_file = ERR_PTR(-ENOENT);
h_dentry = au_h_dptr(dentry, bindex);
if (au_test_nfsd() && !h_dentry)
goto out;
h_inode = h_dentry->d_inode;
if (au_test_nfsd() && !h_inode)
goto out;
spin_lock(&h_dentry->d_lock);
err = (!d_unhashed(dentry) && d_unlinked(h_dentry))
|| !h_inode
/* || !dentry->d_inode->i_nlink */
;
spin_unlock(&h_dentry->d_lock);
if (unlikely(err))
goto out;
sb = dentry->d_sb;
br = au_sbr(sb, bindex);
h_file = ERR_PTR(-EACCES);
exec_flag = flags & __FMODE_EXEC;
if (exec_flag && (br->br_mnt->mnt_flags & MNT_NOEXEC))
goto out;
/* drop flags for writing */
if (au_test_ro(sb, bindex, dentry->d_inode))
flags = au_file_roflags(flags);
flags &= ~O_CREAT;
atomic_inc(&br->br_count);
h_path.dentry = h_dentry;
h_path.mnt = br->br_mnt;
if (!au_special_file(h_inode->i_mode))
h_file = vfsub_dentry_open(&h_path, flags);
else {
/* this block depends upon the configuration */
di_read_unlock(dentry, AuLock_IR);
fi_write_unlock(file);
si_read_unlock(sb);
h_file = vfsub_dentry_open(&h_path, flags);
si_noflush_read_lock(sb);
fi_write_lock(file);
di_read_lock_child(dentry, AuLock_IR);
}
if (IS_ERR(h_file))
goto out_br;
if (exec_flag) {
err = deny_write_access(h_file);
if (unlikely(err)) {
fput(h_file);
h_file = ERR_PTR(err);
goto out_br;
}
}
fsnotify_open(h_file);
goto out; /* success */
out_br:
atomic_dec(&br->br_count);
out:
return h_file;
}
/**
* d_namespace_path - lookup a name associated with a given path
* @path: path to lookup (NOT NULL)
* @buf: buffer to store path to (NOT NULL)
* @buflen: length of @buf
* @name: Returns - pointer for start of path name with in @buf (NOT NULL)
* @flags: flags controlling path lookup
*
* Handle path name lookup.
*
* Returns: %0 else error code if path lookup fails
* When no error the path name is returned in @name which points to
* to a position in @buf
*/
static int d_namespace_path(struct path *path, char *buf, int buflen,
char **name, int flags)
{
char *res;
int error = 0;
int connected = 1;
if (path->mnt->mnt_flags & MNT_INTERNAL) {
/* it's not mounted anywhere */
res = dentry_path(path->dentry, buf, buflen);
*name = res;
if (IS_ERR(res)) {
*name = buf;
return PTR_ERR(res);
}
if (path->dentry->d_sb->s_magic == PROC_SUPER_MAGIC &&
strncmp(*name, "/sys/", 5) == 0) {
/* TODO: convert over to using a per namespace
* control instead of hard coded /proc
*/
return prepend(name, *name - buf, "/proc", 5);
}
return 0;
}
/* resolve paths relative to chroot?*/
if (flags & PATH_CHROOT_REL) {
struct path root;
get_fs_root(current->fs, &root);
res = __d_path(path, &root, buf, buflen);
path_put(&root);
} else {
res = d_absolute_path(path, buf, buflen);
if (!our_mnt(path->mnt))
connected = 0;
}
/* handle error conditions - and still allow a partial path to
* be returned.
*/
if (!res || IS_ERR(res)) {
connected = 0;
res = dentry_path_raw(path->dentry, buf, buflen);
if (IS_ERR(res)) {
error = PTR_ERR(res);
*name = buf;
goto out;
};
} else if (!our_mnt(path->mnt))
connected = 0;
*name = res;
/* Handle two cases:
* 1. A deleted dentry && profile is not allowing mediation of deleted
* 2. On some filesystems, newly allocated dentries appear to the
* security_path hooks as a deleted dentry except without an inode
* allocated.
*/
if (d_unlinked(path->dentry) && path->dentry->d_inode &&
!(flags & PATH_MEDIATE_DELETED)) {
error = -ENOENT;
goto out;
}
/* If the path is not connected to the expected root,
* check if it is a sysctl and handle specially else remove any
* leading / that __d_path may have returned.
* Unless
* specifically directed to connect the path,
* OR
* if in a chroot and doing chroot relative paths and the path
* resolves to the namespace root (would be connected outside
* of chroot) and specifically directed to connect paths to
* namespace root.
*/
if (!connected) {
if (!(flags & PATH_CONNECT_PATH) &&
!(((flags & CHROOT_NSCONNECT) == CHROOT_NSCONNECT) &&
our_mnt(path->mnt))) {
/* disconnected path, don't return pathname starting
* with '/'
*/
error = -ESTALE;
if (*res == '/')
*name = res + 1;
}
}
out:
return error;
}
/**
* d_namespace_path - lookup a name associated with a given path
* @path: path to lookup (NOT NULL)
* @buf: buffer to store path to (NOT NULL)
* @buflen: length of @buf
* @name: return pointer for start of path name with in @buf (NOT NULL)
* @flags: flags controling path lookup
*
* Handle path name lookup.
*
* Returns: %0 else error code if path lookup fails
* When no error the path name is returned in @name which points to
* to a position in @buf
*/
static int d_namespace_path(struct path *path, char *buf, int buflen,
char **name, int flags)
{
struct path root, tmp;
char *res;
int deleted, connected;
int error = 0;
/* Get the root we want to resolve too */
if (flags & PATH_CHROOT_REL) {
/* resolve paths relative to chroot */
read_lock(¤t->fs->lock);
root = current->fs->root;
/* released below */
path_get(&root);
read_unlock(¤t->fs->lock);
} else {
/* resolve paths relative to namespace */
root.mnt = current->nsproxy->mnt_ns->root;
root.dentry = root.mnt->mnt_root;
/* released below */
path_get(&root);
}
spin_lock(&dcache_lock);
/* There is a race window between path lookup here and the
* need to strip the " (deleted) string that __d_path applies
* Detect the race and relookup the path
*
* The stripping of (deleted) is a hack that could be removed
* with an updated __d_path
*/
do {
tmp = root;
deleted = d_unlinked(path->dentry);
res = __d_path(path, &tmp, buf, buflen);
} while (deleted != d_unlinked(path->dentry));
spin_unlock(&dcache_lock);
*name = res;
/* handle error conditions - and still allow a partial path to
* be returned.
*/
if (IS_ERR(res)) {
error = PTR_ERR(res);
*name = buf;
goto out;
}
if (deleted) {
/* On some filesystems, newly allocated dentries appear to the
* security_path hooks as a deleted dentry except without an
* inode allocated.
*
* Remove the appended deleted text and return as string for
* normal mediation, or auditing. The (deleted) string is
* guarenteed to be added in this case, so just strip it.
*/
buf[buflen - 11] = 0; /* - (len(" (deleted)") +\0) */
if (path->dentry->d_inode && !(flags & PATH_MEDIATE_DELETED)) {
error = -ENOENT;
goto out;
}
}
/* Determine if the path is connected to the expected root */
connected = tmp.dentry == root.dentry && tmp.mnt == root.mnt;
/* If the path is not connected, then remove any leading / that
* __d_path may have returned.
* Unless
* specifically directed to connect the path,
* OR
* if in a chroot and doing chroot relative paths and the path
* resolves to the namespace root (would be connected outside
* of chroot) and specifically directed to connect paths to
* namespace root.
*/
if (!connected &&
!(flags & PATH_CONNECT_PATH) &&
!((flags & PATH_CHROOT_REL) && (flags & PATH_CHROOT_NSCONNECT) &&
(tmp.mnt == current->nsproxy->mnt_ns->root &&
tmp.dentry == current->nsproxy->mnt_ns->root->mnt_root))) {
/* disconnected path, don't return pathname starting with '/' */
error = -ESTALE;
if (*res == '/')
*name = res + 1;
}
out:
path_put(&root);
return error;
}
/**
* is_deleted - test if a file has been completely unlinked
* @dentry: dentry of file to test for deletion (NOT NULL)
*
* Returns: %1 if deleted else %0
*/
static inline bool is_deleted(struct dentry *dentry)
{
if (d_unlinked(dentry) && d_backing_inode(dentry)->i_nlink == 0)
return 1;
return 0;
}
static int au_file_refresh_by_inode(struct file *file, int *need_reopen)
{
int err;
struct au_pin pin;
struct au_finfo *finfo;
struct dentry *parent, *hi_wh;
struct inode *inode;
struct super_block *sb;
struct au_cp_generic cpg = {
.dentry = file->f_dentry,
.bdst = -1,
.bsrc = -1,
.len = -1,
.pin = &pin,
.flags = AuCpup_DTIME
};
FiMustWriteLock(file);
err = 0;
finfo = au_fi(file);
sb = cpg.dentry->d_sb;
inode = cpg.dentry->d_inode;
cpg.bdst = au_ibstart(inode);
if (cpg.bdst == finfo->fi_btop || IS_ROOT(cpg.dentry))
goto out;
parent = dget_parent(cpg.dentry);
if (au_test_ro(sb, cpg.bdst, inode)) {
di_read_lock_parent(parent, !AuLock_IR);
err = AuWbrCopyup(au_sbi(sb), cpg.dentry);
cpg.bdst = err;
di_read_unlock(parent, !AuLock_IR);
if (unlikely(err < 0))
goto out_parent;
err = 0;
}
di_read_lock_parent(parent, AuLock_IR);
hi_wh = au_hi_wh(inode, cpg.bdst);
if (!S_ISDIR(inode->i_mode)
&& au_opt_test(au_mntflags(sb), PLINK)
&& au_plink_test(inode)
&& !d_unhashed(cpg.dentry)
&& cpg.bdst < au_dbstart(cpg.dentry)) {
err = au_test_and_cpup_dirs(cpg.dentry, cpg.bdst);
if (unlikely(err))
goto out_unlock;
/* always superio. */
err = au_pin(&pin, cpg.dentry, cpg.bdst, AuOpt_UDBA_NONE,
AuPin_DI_LOCKED | AuPin_MNT_WRITE);
if (!err) {
err = au_sio_cpup_simple(&cpg);
au_unpin(&pin);
}
} else if (hi_wh) {
/* already copied-up after unlink */
err = au_reopen_wh(file, cpg.bdst, hi_wh);
*need_reopen = 0;
}
out_unlock:
di_read_unlock(parent, AuLock_IR);
out_parent:
dput(parent);
out:
return err;
}
static void au_do_refresh_dir(struct file *file)
{
aufs_bindex_t bindex, bend, new_bindex, brid;
struct au_hfile *p, tmp, *q;
struct au_finfo *finfo;
struct super_block *sb;
struct au_fidir *fidir;
FiMustWriteLock(file);
sb = file->f_dentry->d_sb;
finfo = au_fi(file);
fidir = finfo->fi_hdir;
AuDebugOn(!fidir);
p = fidir->fd_hfile + finfo->fi_btop;
brid = p->hf_br->br_id;
bend = fidir->fd_bbot;
for (bindex = finfo->fi_btop; bindex <= bend; bindex++, p++) {
if (!p->hf_file)
continue;
new_bindex = au_br_index(sb, p->hf_br->br_id);
if (new_bindex == bindex)
continue;
if (new_bindex < 0) {
au_set_h_fptr(file, bindex, NULL);
continue;
}
/* swap two lower inode, and loop again */
q = fidir->fd_hfile + new_bindex;
tmp = *q;
*q = *p;
*p = tmp;
if (tmp.hf_file) {
bindex--;
p--;
}
}
p = fidir->fd_hfile;
if (!au_test_mmapped(file) && !d_unlinked(file->f_dentry)) {
bend = au_sbend(sb);
for (finfo->fi_btop = 0; finfo->fi_btop <= bend;
finfo->fi_btop++, p++)
if (p->hf_file) {
if (file_inode(p->hf_file))
break;
else
au_hfput(p, file);
}
} else {
bend = au_br_index(sb, brid);
for (finfo->fi_btop = 0; finfo->fi_btop < bend;
finfo->fi_btop++, p++)
if (p->hf_file)
au_hfput(p, file);
bend = au_sbend(sb);
}
p = fidir->fd_hfile + bend;
for (fidir->fd_bbot = bend; fidir->fd_bbot >= finfo->fi_btop;
fidir->fd_bbot--, p--)
if (p->hf_file) {
if (file_inode(p->hf_file))
break;
else
au_hfput(p, file);
}
AuDebugOn(fidir->fd_bbot < finfo->fi_btop);
}
/* common functions to regular file and dir */
struct file *au_h_open(struct dentry *dentry, aufs_bindex_t bindex, int flags,
struct file *file, int force_wr)
{
struct file *h_file;
struct dentry *h_dentry;
struct inode *h_inode;
struct super_block *sb;
struct au_branch *br;
struct path h_path;
int err, exec_flag;
/* a race condition can happen between open and unlink/rmdir */
h_file = ERR_PTR(-ENOENT);
h_dentry = au_h_dptr(dentry, bindex);
if (au_test_nfsd() && !h_dentry)
goto out;
h_inode = h_dentry->d_inode;
if (au_test_nfsd() && !h_inode)
goto out;
spin_lock(&h_dentry->d_lock);
err = (!d_unhashed(dentry) && d_unlinked(h_dentry))
|| !h_inode
/* || !dentry->d_inode->i_nlink */
;
spin_unlock(&h_dentry->d_lock);
if (unlikely(err))
goto out;
sb = dentry->d_sb;
br = au_sbr(sb, bindex);
h_file = ERR_PTR(-EACCES);
exec_flag = flags & __FMODE_EXEC;
if (exec_flag && (au_br_mnt(br)->mnt_flags & MNT_NOEXEC))
goto out;
/* drop flags for writing */
if (au_test_ro(sb, bindex, dentry->d_inode)) {
if (force_wr && !(flags & O_WRONLY))
force_wr = 0;
flags = au_file_roflags(flags);
if (force_wr) {
h_file = ERR_PTR(-EROFS);
flags = au_file_roflags(flags);
if (unlikely(vfsub_native_ro(h_inode)
|| IS_APPEND(h_inode)))
goto out;
flags &= ~O_ACCMODE;
flags |= O_WRONLY;
}
}
flags &= ~O_CREAT;
atomic_inc(&br->br_count);
h_path.dentry = h_dentry;
h_path.mnt = au_br_mnt(br);
h_file = vfsub_dentry_open(&h_path, flags);
if (IS_ERR(h_file))
goto out_br;
if (exec_flag) {
err = deny_write_access(h_file);
if (unlikely(err)) {
fput(h_file);
h_file = ERR_PTR(err);
goto out_br;
}
}
fsnotify_open(h_file);
goto out; /* success */
out_br:
atomic_dec(&br->br_count);
out:
return h_file;
}