From 7dcef0769b1521b8f14bdee58339c26140466c85 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Fri, 24 May 2019 14:26:18 +0200
Subject: [PATCH] rename: create whiteout before doing the renameat

so we don't uncover files from the lower layers if the whiteout cannot
be created.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 main.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main.c b/main.c
index 989d7f4..6232b59 100644
--- a/main.c
+++ b/main.c
@@ -622,13 +622,13 @@ hide_node (struct ovl_data *lo, struct ovl_node *node, bool unlink_src)
       if (syscall (SYS_renameat2, node_dirfd (node), node->path, lo->workdir_fd,
                    newpath, RENAME_WHITEOUT) < 0)
         {
-          if (renameat (node_dirfd (node), node->path, lo->workdir_fd, newpath) < 0)
-            return -1;
           if (node->parent)
             {
               if (create_whiteout (lo, node->parent, node->name, false, false) < 0)
                 return -1;
             }
+          if (renameat (node_dirfd (node), node->path, lo->workdir_fd, newpath) < 0)
+            return -1;
         }
     }
   else