Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'ovl-update-5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs
Pull overlayfs updates from Miklos Szeredi:
- Improve performance for certain container setups by introducing a
"volatile" mode
- ioctl improvements
- continue preparation for unprivileged overlay mounts
* tag 'ovl-update-5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: use generic vfs_ioc_setflags_prepare() helper
ovl: support [S|G]ETFLAGS and FS[S|G]ETXATTR ioctls for directories
ovl: rearrange ovl_can_list()
ovl: enumerate private xattrs
ovl: pass ovl_fs down to functions accessing private xattrs
ovl: drop flags argument from ovl_do_setxattr()
ovl: adhere to the vfs_ vs. ovl_do_ conventions for xattrs
ovl: use ovl_do_getxattr() for private xattr
ovl: fold ovl_getxattr() into ovl_get_redirect_xattr()
ovl: clean up ovl_getxattr() in copy_up.c
duplicate ovl_getxattr()
ovl: provide a mount option "volatile"
ovl: check for incompatible features in work dir
+446
-200
+19
Documentation/filesystems/overlayfs.rst
+19
Documentation/filesystems/overlayfs.rst
···
564
564
read-write mount and will result in an error.
565
565
566
566
567
+
Volatile mount
568
+
--------------
569
+
570
+
This is enabled with the "volatile" mount option. Volatile mounts are not
571
+
guaranteed to survive a crash. It is strongly recommended that volatile
572
+
mounts are only used if data written to the overlay can be recreated
573
+
without significant effort.
574
+
575
+
The advantage of mounting with the "volatile" option is that all forms of
576
+
sync calls to the upper filesystem are omitted.
577
+
578
+
When overlay is mounted with "volatile" option, the directory
579
+
"$workdir/work/incompat/volatile" is created. During next mount, overlay
580
+
checks for this directory and refuses to mount if present. This is a strong
581
+
indicator that user should throw away upper and work directories and create
582
+
fresh one. In very limited cases where the user knows that the system has
583
+
not crashed and contents of upperdir are intact, The "volatile" directory
584
+
can be removed.
585
+
567
586
Testsuite
568
587
---------
569
588
+44
-15
fs/overlayfs/copy_up.c
+44
-15
fs/overlayfs/copy_up.c
···
43
43
!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN);
44
44
}
45
45
46
-
int ovl_copy_xattr(struct dentry *old, struct dentry *new)
46
+
int ovl_copy_xattr(struct super_block *sb, struct dentry *old,
47
+
struct dentry *new)
47
48
{
48
49
ssize_t list_size, size, value_size = 0;
49
50
char *buf, *name, *value = NULL;
···
82
81
}
83
82
list_size -= slen;
84
83
85
-
if (ovl_is_private_xattr(name))
84
+
if (ovl_is_private_xattr(sb, name))
86
85
continue;
87
86
retry:
88
87
size = vfs_getxattr(old, name, value, value_size);
···
129
128
return error;
130
129
}
131
130
132
-
static int ovl_copy_up_data(struct path *old, struct path *new, loff_t len)
131
+
static int ovl_copy_up_data(struct ovl_fs *ofs, struct path *old,
132
+
struct path *new, loff_t len)
133
133
{
134
134
struct file *old_file;
135
135
struct file *new_file;
···
220
218
len -= bytes;
221
219
}
222
220
out:
223
-
if (!error)
221
+
if (!error && ovl_should_sync(ofs))
224
222
error = vfs_fsync(new_file, 0);
225
223
fput(new_file);
226
224
out_fput:
···
356
354
}
357
355
358
356
/* Store file handle of @upper dir in @index dir entry */
359
-
static int ovl_set_upper_fh(struct dentry *upper, struct dentry *index)
357
+
static int ovl_set_upper_fh(struct ovl_fs *ofs, struct dentry *upper,
358
+
struct dentry *index)
360
359
{
361
360
const struct ovl_fh *fh;
362
361
int err;
···
366
363
if (IS_ERR(fh))
367
364
return PTR_ERR(fh);
368
365
369
-
err = ovl_do_setxattr(index, OVL_XATTR_UPPER, fh->buf, fh->fb.len, 0);
366
+
err = ovl_do_setxattr(ofs, index, OVL_XATTR_UPPER, fh->buf, fh->fb.len);
370
367
371
368
kfree(fh);
372
369
return err;
···
411
408
if (IS_ERR(temp))
412
409
goto free_name;
413
410
414
-
err = ovl_set_upper_fh(upper, temp);
411
+
err = ovl_set_upper_fh(OVL_FS(dentry->d_sb), upper, temp);
415
412
if (err)
416
413
goto out;
417
414
···
487
484
488
485
static int ovl_copy_up_inode(struct ovl_copy_up_ctx *c, struct dentry *temp)
489
486
{
487
+
struct ovl_fs *ofs = OVL_FS(c->dentry->d_sb);
490
488
int err;
491
489
492
490
/*
···
503
499
upperpath.dentry = temp;
504
500
505
501
ovl_path_lowerdata(c->dentry, &datapath);
506
-
err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
502
+
err = ovl_copy_up_data(ofs, &datapath, &upperpath,
503
+
c->stat.size);
507
504
if (err)
508
505
return err;
509
506
}
510
507
511
-
err = ovl_copy_xattr(c->lowerpath.dentry, temp);
508
+
err = ovl_copy_xattr(c->dentry->d_sb, c->lowerpath.dentry, temp);
512
509
if (err)
513
510
return err;
514
511
···
786
781
return true;
787
782
}
788
783
784
+
static ssize_t ovl_getxattr(struct dentry *dentry, char *name, char **value)
785
+
{
786
+
ssize_t res;
787
+
char *buf;
788
+
789
+
res = vfs_getxattr(dentry, name, NULL, 0);
790
+
if (res == -ENODATA || res == -EOPNOTSUPP)
791
+
res = 0;
792
+
793
+
if (res > 0) {
794
+
buf = kzalloc(res, GFP_KERNEL);
795
+
if (!buf)
796
+
return -ENOMEM;
797
+
798
+
res = vfs_getxattr(dentry, name, buf, res);
799
+
if (res < 0)
800
+
kfree(buf);
801
+
else
802
+
*value = buf;
803
+
}
804
+
return res;
805
+
}
806
+
789
807
/* Copy up data of an inode which was copied up metadata only in the past. */
790
808
static int ovl_copy_up_meta_inode_data(struct ovl_copy_up_ctx *c)
791
809
{
810
+
struct ovl_fs *ofs = OVL_FS(c->dentry->d_sb);
792
811
struct path upperpath, datapath;
793
812
int err;
794
813
char *capability = NULL;
···
828
799
829
800
if (c->stat.size) {
830
801
err = cap_size = ovl_getxattr(upperpath.dentry, XATTR_NAME_CAPS,
831
-
&capability, 0);
832
-
if (err < 0 && err != -ENODATA)
802
+
&capability);
803
+
if (cap_size < 0)
833
804
goto out;
834
805
}
835
806
836
-
err = ovl_copy_up_data(&datapath, &upperpath, c->stat.size);
807
+
err = ovl_copy_up_data(ofs, &datapath, &upperpath, c->stat.size);
837
808
if (err)
838
809
goto out_free;
839
810
···
842
813
* don't want that to happen for normal copy-up operation.
843
814
*/
844
815
if (capability) {
845
-
err = ovl_do_setxattr(upperpath.dentry, XATTR_NAME_CAPS,
846
-
capability, cap_size, 0);
816
+
err = vfs_setxattr(upperpath.dentry, XATTR_NAME_CAPS,
817
+
capability, cap_size, 0);
847
818
if (err)
848
819
goto out_free;
849
820
}
850
821
851
822
852
-
err = vfs_removexattr(upperpath.dentry, OVL_XATTR_METACOPY);
823
+
err = ovl_do_removexattr(ofs, upperpath.dentry, OVL_XATTR_METACOPY);
853
824
if (err)
854
825
goto out_free;
855
826
+1
-1
fs/overlayfs/dir.c
+1
-1
fs/overlayfs/dir.c
+1
-1
fs/overlayfs/export.c
+1
-1
fs/overlayfs/export.c
+52
-36
fs/overlayfs/file.c
+52
-36
fs/overlayfs/file.c
···
136
136
137
137
static int ovl_real_fdget(const struct file *file, struct fd *real)
138
138
{
139
+
if (d_is_dir(file_dentry(file))) {
140
+
real->flags = 0;
141
+
real->file = ovl_dir_real_file(file, false);
142
+
143
+
return PTR_ERR_OR_ZERO(real->file);
144
+
}
145
+
139
146
return ovl_real_fdget_meta(file, real, false);
140
147
}
141
148
···
338
331
struct fd real;
339
332
const struct cred *old_cred;
340
333
ssize_t ret;
334
+
int ifl = iocb->ki_flags;
341
335
342
336
if (!iov_iter_count(iter))
343
337
return 0;
···
354
346
if (ret)
355
347
goto out_unlock;
356
348
349
+
if (!ovl_should_sync(OVL_FS(inode->i_sb)))
350
+
ifl &= ~(IOCB_DSYNC | IOCB_SYNC);
351
+
357
352
old_cred = ovl_override_creds(file_inode(file)->i_sb);
358
353
if (is_sync_kiocb(iocb)) {
359
354
file_start_write(real.file);
360
355
ret = vfs_iter_write(real.file, iter, &iocb->ki_pos,
361
-
ovl_iocb_to_rwf(iocb->ki_flags));
356
+
ovl_iocb_to_rwf(ifl));
362
357
file_end_write(real.file);
363
358
/* Update size */
364
359
ovl_copyattr(ovl_inode_real(inode), inode);
···
381
370
real.flags = 0;
382
371
aio_req->orig_iocb = iocb;
383
372
kiocb_clone(&aio_req->iocb, iocb, real.file);
373
+
aio_req->iocb.ki_flags = ifl;
384
374
aio_req->iocb.ki_complete = ovl_aio_rw_complete;
385
375
ret = vfs_iocb_iter_write(real.file, &aio_req->iocb, iter);
386
376
if (ret != -EIOCBQUEUED)
···
444
432
struct fd real;
445
433
const struct cred *old_cred;
446
434
int ret;
435
+
436
+
if (!ovl_should_sync(OVL_FS(file_inode(file)->i_sb)))
437
+
return 0;
447
438
448
439
ret = ovl_real_fdget_meta(file, &real, !datasync);
449
440
if (ret)
···
559
544
return ret;
560
545
}
561
546
547
+
static unsigned int ovl_iflags_to_fsflags(unsigned int iflags)
548
+
{
549
+
unsigned int flags = 0;
550
+
551
+
if (iflags & S_SYNC)
552
+
flags |= FS_SYNC_FL;
553
+
if (iflags & S_APPEND)
554
+
flags |= FS_APPEND_FL;
555
+
if (iflags & S_IMMUTABLE)
556
+
flags |= FS_IMMUTABLE_FL;
557
+
if (iflags & S_NOATIME)
558
+
flags |= FS_NOATIME_FL;
559
+
560
+
return flags;
561
+
}
562
+
562
563
static long ovl_ioctl_set_flags(struct file *file, unsigned int cmd,
563
-
unsigned long arg, unsigned int iflags)
564
+
unsigned long arg, unsigned int flags)
564
565
{
565
566
long ret;
566
567
struct inode *inode = file_inode(file);
567
-
unsigned int old_iflags;
568
+
unsigned int oldflags;
568
569
569
570
if (!inode_owner_or_capable(inode))
570
571
return -EACCES;
···
592
561
inode_lock(inode);
593
562
594
563
/* Check the capability before cred override */
595
-
ret = -EPERM;
596
-
old_iflags = READ_ONCE(inode->i_flags);
597
-
if (((iflags ^ old_iflags) & (S_APPEND | S_IMMUTABLE)) &&
598
-
!capable(CAP_LINUX_IMMUTABLE))
564
+
oldflags = ovl_iflags_to_fsflags(READ_ONCE(inode->i_flags));
565
+
ret = vfs_ioc_setflags_prepare(inode, oldflags, flags);
566
+
if (ret)
599
567
goto unlock;
600
568
601
569
ret = ovl_maybe_copy_up(file_dentry(file), O_WRONLY);
···
613
583
614
584
}
615
585
616
-
static unsigned int ovl_fsflags_to_iflags(unsigned int flags)
617
-
{
618
-
unsigned int iflags = 0;
619
-
620
-
if (flags & FS_SYNC_FL)
621
-
iflags |= S_SYNC;
622
-
if (flags & FS_APPEND_FL)
623
-
iflags |= S_APPEND;
624
-
if (flags & FS_IMMUTABLE_FL)
625
-
iflags |= S_IMMUTABLE;
626
-
if (flags & FS_NOATIME_FL)
627
-
iflags |= S_NOATIME;
628
-
629
-
return iflags;
630
-
}
631
-
632
586
static long ovl_ioctl_set_fsflags(struct file *file, unsigned int cmd,
633
587
unsigned long arg)
634
588
{
···
621
607
if (get_user(flags, (int __user *) arg))
622
608
return -EFAULT;
623
609
624
-
return ovl_ioctl_set_flags(file, cmd, arg,
625
-
ovl_fsflags_to_iflags(flags));
610
+
return ovl_ioctl_set_flags(file, cmd, arg, flags);
626
611
}
627
612
628
-
static unsigned int ovl_fsxflags_to_iflags(unsigned int xflags)
613
+
static unsigned int ovl_fsxflags_to_fsflags(unsigned int xflags)
629
614
{
630
-
unsigned int iflags = 0;
615
+
unsigned int flags = 0;
631
616
632
617
if (xflags & FS_XFLAG_SYNC)
633
-
iflags |= S_SYNC;
618
+
flags |= FS_SYNC_FL;
634
619
if (xflags & FS_XFLAG_APPEND)
635
-
iflags |= S_APPEND;
620
+
flags |= FS_APPEND_FL;
636
621
if (xflags & FS_XFLAG_IMMUTABLE)
637
-
iflags |= S_IMMUTABLE;
622
+
flags |= FS_IMMUTABLE_FL;
638
623
if (xflags & FS_XFLAG_NOATIME)
639
-
iflags |= S_NOATIME;
624
+
flags |= FS_NOATIME_FL;
640
625
641
-
return iflags;
626
+
return flags;
642
627
}
643
628
644
629
static long ovl_ioctl_set_fsxflags(struct file *file, unsigned int cmd,
···
650
637
return -EFAULT;
651
638
652
639
return ovl_ioctl_set_flags(file, cmd, arg,
653
-
ovl_fsxflags_to_iflags(fa.fsx_xflags));
640
+
ovl_fsxflags_to_fsflags(fa.fsx_xflags));
654
641
}
655
642
656
-
static long ovl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
643
+
long ovl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
657
644
{
658
645
long ret;
659
646
···
678
665
return ret;
679
666
}
680
667
681
-
static long ovl_compat_ioctl(struct file *file, unsigned int cmd,
682
-
unsigned long arg)
668
+
#ifdef CONFIG_COMPAT
669
+
long ovl_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
683
670
{
684
671
switch (cmd) {
685
672
case FS_IOC32_GETFLAGS:
···
696
683
697
684
return ovl_ioctl(file, cmd, arg);
698
685
}
686
+
#endif
699
687
700
688
enum ovl_copyop {
701
689
OVL_COPY,
···
798
784
.fallocate = ovl_fallocate,
799
785
.fadvise = ovl_fadvise,
800
786
.unlocked_ioctl = ovl_ioctl,
787
+
#ifdef CONFIG_COMPAT
801
788
.compat_ioctl = ovl_compat_ioctl,
789
+
#endif
802
790
.splice_read = ovl_splice_read,
803
791
.splice_write = ovl_splice_write,
804
792
+19
-13
fs/overlayfs/inode.c
+19
-13
fs/overlayfs/inode.c
···
327
327
return p;
328
328
}
329
329
330
-
bool ovl_is_private_xattr(const char *name)
330
+
bool ovl_is_private_xattr(struct super_block *sb, const char *name)
331
331
{
332
332
return strncmp(name, OVL_XATTR_PREFIX,
333
333
sizeof(OVL_XATTR_PREFIX) - 1) == 0;
···
391
391
return res;
392
392
}
393
393
394
-
static bool ovl_can_list(const char *s)
394
+
static bool ovl_can_list(struct super_block *sb, const char *s)
395
395
{
396
+
/* Never list private (.overlay) */
397
+
if (ovl_is_private_xattr(sb, s))
398
+
return false;
399
+
396
400
/* List all non-trusted xatts */
397
401
if (strncmp(s, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) != 0)
398
402
return true;
399
403
400
-
/* Never list trusted.overlay, list other trusted for superuser only */
401
-
return !ovl_is_private_xattr(s) &&
402
-
ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN);
404
+
/* list other trusted for superuser only */
405
+
return ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN);
403
406
}
404
407
405
408
ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
···
428
425
return -EIO;
429
426
430
427
len -= slen;
431
-
if (!ovl_can_list(s)) {
428
+
if (!ovl_can_list(dentry->d_sb, s)) {
432
429
res -= slen;
433
430
memmove(s, s + slen, len);
434
431
} else {
···
725
722
if (WARN_ON(len >= sizeof(buf)))
726
723
return -EIO;
727
724
728
-
return ovl_do_setxattr(ovl_dentry_upper(dentry),
729
-
OVL_XATTR_NLINK, buf, len, 0);
725
+
return ovl_do_setxattr(OVL_FS(inode->i_sb), ovl_dentry_upper(dentry),
726
+
OVL_XATTR_NLINK, buf, len);
730
727
}
731
728
732
729
int ovl_set_nlink_upper(struct dentry *dentry)
···
739
736
return ovl_set_nlink_common(dentry, ovl_dentry_lower(dentry), "L%+i");
740
737
}
741
738
742
-
unsigned int ovl_get_nlink(struct dentry *lowerdentry,
739
+
unsigned int ovl_get_nlink(struct ovl_fs *ofs, struct dentry *lowerdentry,
743
740
struct dentry *upperdentry,
744
741
unsigned int fallback)
745
742
{
···
751
748
if (!lowerdentry || !upperdentry || d_inode(lowerdentry)->i_nlink == 1)
752
749
return fallback;
753
750
754
-
err = vfs_getxattr(upperdentry, OVL_XATTR_NLINK, &buf, sizeof(buf) - 1);
751
+
err = ovl_do_getxattr(ofs, upperdentry, OVL_XATTR_NLINK,
752
+
&buf, sizeof(buf) - 1);
755
753
if (err < 0)
756
754
goto fail;
757
755
···
950
946
struct inode *ovl_get_inode(struct super_block *sb,
951
947
struct ovl_inode_params *oip)
952
948
{
949
+
struct ovl_fs *ofs = OVL_FS(sb);
953
950
struct dentry *upperdentry = oip->upperdentry;
954
951
struct ovl_path *lowerpath = oip->lowerpath;
955
952
struct inode *realinode = upperdentry ? d_inode(upperdentry) : NULL;
···
998
993
999
994
/* Recalculate nlink for non-dir due to indexing */
1000
995
if (!is_dir)
1001
-
nlink = ovl_get_nlink(lowerdentry, upperdentry, nlink);
996
+
nlink = ovl_get_nlink(ofs, lowerdentry, upperdentry,
997
+
nlink);
1002
998
set_nlink(inode, nlink);
1003
999
ino = key->i_ino;
1004
1000
} else {
···
1015
1009
ovl_fill_inode(inode, realinode->i_mode, realinode->i_rdev);
1016
1010
ovl_inode_init(inode, oip, ino, fsid);
1017
1011
1018
-
if (upperdentry && ovl_is_impuredir(upperdentry))
1012
+
if (upperdentry && ovl_is_impuredir(sb, upperdentry))
1019
1013
ovl_set_flag(OVL_IMPURE, inode);
1020
1014
1021
1015
if (oip->index)
···
1029
1023
/* Check for non-merge dir that may have whiteouts */
1030
1024
if (is_dir) {
1031
1025
if (((upperdentry && lowerdentry) || oip->numlower > 1) ||
1032
-
ovl_check_origin_xattr(upperdentry ?: lowerdentry)) {
1026
+
ovl_check_origin_xattr(ofs, upperdentry ?: lowerdentry)) {
1033
1027
ovl_set_flag(OVL_WHITEOUTS, inode);
1034
1028
}
1035
1029
}
+30
-27
fs/overlayfs/namei.c
+30
-27
fs/overlayfs/namei.c
···
30
30
{
31
31
int res;
32
32
char *buf;
33
+
struct ovl_fs *ofs = OVL_FS(d->sb);
33
34
34
-
buf = ovl_get_redirect_xattr(dentry, prelen + strlen(post));
35
+
buf = ovl_get_redirect_xattr(ofs, dentry, prelen + strlen(post));
35
36
if (IS_ERR_OR_NULL(buf))
36
37
return PTR_ERR(buf);
37
38
···
105
104
return 0;
106
105
}
107
106
108
-
static struct ovl_fh *ovl_get_fh(struct dentry *dentry, const char *name)
107
+
static struct ovl_fh *ovl_get_fh(struct ovl_fs *ofs, struct dentry *dentry,
108
+
enum ovl_xattr ox)
109
109
{
110
110
int res, err;
111
111
struct ovl_fh *fh = NULL;
112
112
113
-
res = vfs_getxattr(dentry, name, NULL, 0);
113
+
res = ovl_do_getxattr(ofs, dentry, ox, NULL, 0);
114
114
if (res < 0) {
115
115
if (res == -ENODATA || res == -EOPNOTSUPP)
116
116
return NULL;
···
125
123
if (!fh)
126
124
return ERR_PTR(-ENOMEM);
127
125
128
-
res = vfs_getxattr(dentry, name, fh->buf, res);
126
+
res = ovl_do_getxattr(ofs, dentry, ox, fh->buf, res);
129
127
if (res < 0)
130
128
goto fail;
131
129
···
188
186
return real;
189
187
}
190
188
191
-
static bool ovl_is_opaquedir(struct dentry *dentry)
189
+
static bool ovl_is_opaquedir(struct super_block *sb, struct dentry *dentry)
192
190
{
193
-
return ovl_check_dir_xattr(dentry, OVL_XATTR_OPAQUE);
191
+
return ovl_check_dir_xattr(sb, dentry, OVL_XATTR_OPAQUE);
194
192
}
195
193
196
194
static struct dentry *ovl_lookup_positive_unlocked(const char *name,
···
253
251
d->stop = true;
254
252
goto put_and_out;
255
253
}
256
-
err = ovl_check_metacopy_xattr(this);
254
+
err = ovl_check_metacopy_xattr(OVL_FS(d->sb), this);
257
255
if (err < 0)
258
256
goto out_err;
259
257
···
273
271
if (d->last)
274
272
goto out;
275
273
276
-
if (ovl_is_opaquedir(this)) {
274
+
if (ovl_is_opaquedir(d->sb, this)) {
277
275
d->stop = true;
278
276
if (last_element)
279
277
d->opaque = true;
···
393
391
static int ovl_check_origin(struct ovl_fs *ofs, struct dentry *upperdentry,
394
392
struct ovl_path **stackp)
395
393
{
396
-
struct ovl_fh *fh = ovl_get_fh(upperdentry, OVL_XATTR_ORIGIN);
394
+
struct ovl_fh *fh = ovl_get_fh(ofs, upperdentry, OVL_XATTR_ORIGIN);
397
395
int err;
398
396
399
397
if (IS_ERR_OR_NULL(fh))
···
415
413
* Verify that @fh matches the file handle stored in xattr @name.
416
414
* Return 0 on match, -ESTALE on mismatch, < 0 on error.
417
415
*/
418
-
static int ovl_verify_fh(struct dentry *dentry, const char *name,
419
-
const struct ovl_fh *fh)
416
+
static int ovl_verify_fh(struct ovl_fs *ofs, struct dentry *dentry,
417
+
enum ovl_xattr ox, const struct ovl_fh *fh)
420
418
{
421
-
struct ovl_fh *ofh = ovl_get_fh(dentry, name);
419
+
struct ovl_fh *ofh = ovl_get_fh(ofs, dentry, ox);
422
420
int err = 0;
423
421
424
422
if (!ofh)
···
442
440
*
443
441
* Return 0 on match, -ESTALE on mismatch, -ENODATA on no xattr, < 0 on error.
444
442
*/
445
-
int ovl_verify_set_fh(struct dentry *dentry, const char *name,
446
-
struct dentry *real, bool is_upper, bool set)
443
+
int ovl_verify_set_fh(struct ovl_fs *ofs, struct dentry *dentry,
444
+
enum ovl_xattr ox, struct dentry *real, bool is_upper,
445
+
bool set)
447
446
{
448
447
struct inode *inode;
449
448
struct ovl_fh *fh;
···
457
454
goto fail;
458
455
}
459
456
460
-
err = ovl_verify_fh(dentry, name, fh);
457
+
err = ovl_verify_fh(ofs, dentry, ox, fh);
461
458
if (set && err == -ENODATA)
462
-
err = ovl_do_setxattr(dentry, name, fh->buf, fh->fb.len, 0);
459
+
err = ovl_do_setxattr(ofs, dentry, ox, fh->buf, fh->fb.len);
463
460
if (err)
464
461
goto fail;
465
462
···
484
481
if (!d_is_dir(index))
485
482
return dget(index);
486
483
487
-
fh = ovl_get_fh(index, OVL_XATTR_UPPER);
484
+
fh = ovl_get_fh(ofs, index, OVL_XATTR_UPPER);
488
485
if (IS_ERR_OR_NULL(fh))
489
486
return ERR_CAST(fh);
490
487
···
577
574
goto fail;
578
575
}
579
576
580
-
err = ovl_verify_fh(upper, OVL_XATTR_ORIGIN, fh);
577
+
err = ovl_verify_fh(ofs, upper, OVL_XATTR_ORIGIN, fh);
581
578
dput(upper);
582
579
if (err)
583
580
goto fail;
···
588
585
if (err)
589
586
goto fail;
590
587
591
-
if (ovl_get_nlink(origin.dentry, index, 0) == 0)
588
+
if (ovl_get_nlink(ofs, origin.dentry, index, 0) == 0)
592
589
goto orphan;
593
590
}
594
591
···
744
741
}
745
742
746
743
/* Verify that dir index 'upper' xattr points to upper dir */
747
-
err = ovl_verify_upper(index, upper, false);
744
+
err = ovl_verify_upper(ofs, index, upper, false);
748
745
if (err) {
749
746
if (err == -ESTALE) {
750
747
pr_warn_ratelimited("suspected multiply redirected dir found (upper=%pd2, origin=%pd2, index=%pd2).\n",
···
793
790
}
794
791
795
792
/* Fix missing 'origin' xattr */
796
-
static int ovl_fix_origin(struct dentry *dentry, struct dentry *lower,
797
-
struct dentry *upper)
793
+
static int ovl_fix_origin(struct ovl_fs *ofs, struct dentry *dentry,
794
+
struct dentry *lower, struct dentry *upper)
798
795
{
799
796
int err;
800
797
801
-
if (ovl_check_origin_xattr(upper))
798
+
if (ovl_check_origin_xattr(ofs, upper))
802
799
return 0;
803
800
804
801
err = ovl_want_write(dentry);
···
923
920
* of lower dir and set upper parent "impure".
924
921
*/
925
922
if (upperdentry && !ctr && !ofs->noxattr && d.is_dir) {
926
-
err = ovl_fix_origin(dentry, this, upperdentry);
923
+
err = ovl_fix_origin(ofs, dentry, this, upperdentry);
927
924
if (err) {
928
925
dput(this);
929
926
goto out_put;
···
942
939
if (upperdentry && !ctr &&
943
940
((d.is_dir && ovl_verify_lower(dentry->d_sb)) ||
944
941
(!d.is_dir && ofs->config.index && origin_path))) {
945
-
err = ovl_verify_origin(upperdentry, this, false);
942
+
err = ovl_verify_origin(ofs, upperdentry, this, false);
946
943
if (err) {
947
944
dput(this);
948
945
if (d.is_dir)
···
1063
1060
ovl_dentry_set_upper_alias(dentry);
1064
1061
else if (index) {
1065
1062
upperdentry = dget(index);
1066
-
upperredirect = ovl_get_redirect_xattr(upperdentry, 0);
1063
+
upperredirect = ovl_get_redirect_xattr(ofs, upperdentry, 0);
1067
1064
if (IS_ERR(upperredirect)) {
1068
1065
err = PTR_ERR(upperredirect);
1069
1066
upperredirect = NULL;
1070
1067
goto out_free_oe;
1071
1068
}
1072
-
err = ovl_check_metacopy_xattr(upperdentry);
1069
+
err = ovl_check_metacopy_xattr(ofs, upperdentry);
1073
1070
if (err < 0)
1074
1071
goto out_free_oe;
1075
1072
uppermetacopy = err;
+60
-32
fs/overlayfs/overlayfs.h
+60
-32
fs/overlayfs/overlayfs.h
···
23
23
#define OVL_TYPE_ORIGIN(type) ((type) & __OVL_PATH_ORIGIN)
24
24
25
25
#define OVL_XATTR_PREFIX XATTR_TRUSTED_PREFIX "overlay."
26
-
#define OVL_XATTR_OPAQUE OVL_XATTR_PREFIX "opaque"
27
-
#define OVL_XATTR_REDIRECT OVL_XATTR_PREFIX "redirect"
28
-
#define OVL_XATTR_ORIGIN OVL_XATTR_PREFIX "origin"
29
-
#define OVL_XATTR_IMPURE OVL_XATTR_PREFIX "impure"
30
-
#define OVL_XATTR_NLINK OVL_XATTR_PREFIX "nlink"
31
-
#define OVL_XATTR_UPPER OVL_XATTR_PREFIX "upper"
32
-
#define OVL_XATTR_METACOPY OVL_XATTR_PREFIX "metacopy"
26
+
27
+
enum ovl_xattr {
28
+
OVL_XATTR_OPAQUE,
29
+
OVL_XATTR_REDIRECT,
30
+
OVL_XATTR_ORIGIN,
31
+
OVL_XATTR_IMPURE,
32
+
OVL_XATTR_NLINK,
33
+
OVL_XATTR_UPPER,
34
+
OVL_XATTR_METACOPY,
35
+
};
33
36
34
37
enum ovl_inode_flag {
35
38
/* Pure upper dir that may contain non pure upper entries */
···
113
110
#define OVL_FH_FID_OFFSET (OVL_FH_WIRE_OFFSET + \
114
111
offsetof(struct ovl_fb, fid))
115
112
113
+
extern const char *ovl_xattr_table[];
114
+
static inline const char *ovl_xattr(struct ovl_fs *ofs, enum ovl_xattr ox)
115
+
{
116
+
return ovl_xattr_table[ox];
117
+
}
118
+
116
119
static inline int ovl_do_rmdir(struct inode *dir, struct dentry *dentry)
117
120
{
118
121
int err = vfs_rmdir(dir, dentry);
···
179
170
return err;
180
171
}
181
172
182
-
static inline int ovl_do_setxattr(struct dentry *dentry, const char *name,
183
-
const void *value, size_t size, int flags)
173
+
static inline ssize_t ovl_do_getxattr(struct ovl_fs *ofs, struct dentry *dentry,
174
+
enum ovl_xattr ox, void *value,
175
+
size_t size)
184
176
{
185
-
int err = vfs_setxattr(dentry, name, value, size, flags);
186
-
pr_debug("setxattr(%pd2, \"%s\", \"%*pE\", %zu, 0x%x) = %i\n",
187
-
dentry, name, min((int)size, 48), value, size, flags, err);
177
+
const char *name = ovl_xattr(ofs, ox);
178
+
return vfs_getxattr(dentry, name, value, size);
179
+
}
180
+
181
+
static inline int ovl_do_setxattr(struct ovl_fs *ofs, struct dentry *dentry,
182
+
enum ovl_xattr ox, const void *value,
183
+
size_t size)
184
+
{
185
+
const char *name = ovl_xattr(ofs, ox);
186
+
int err = vfs_setxattr(dentry, name, value, size, 0);
187
+
pr_debug("setxattr(%pd2, \"%s\", \"%*pE\", %zu, 0) = %i\n",
188
+
dentry, name, min((int)size, 48), value, size, err);
188
189
return err;
189
190
}
190
191
191
-
static inline int ovl_do_removexattr(struct dentry *dentry, const char *name)
192
+
static inline int ovl_do_removexattr(struct ovl_fs *ofs, struct dentry *dentry,
193
+
enum ovl_xattr ox)
192
194
{
195
+
const char *name = ovl_xattr(ofs, ox);
193
196
int err = vfs_removexattr(dentry, name);
194
197
pr_debug("removexattr(%pd2, \"%s\") = %i\n", dentry, name, err);
195
198
return err;
···
301
280
int ovl_copy_up_start(struct dentry *dentry, int flags);
302
281
void ovl_copy_up_end(struct dentry *dentry);
303
282
bool ovl_already_copied_up(struct dentry *dentry, int flags);
304
-
bool ovl_check_origin_xattr(struct dentry *dentry);
305
-
bool ovl_check_dir_xattr(struct dentry *dentry, const char *name);
283
+
bool ovl_check_origin_xattr(struct ovl_fs *ofs, struct dentry *dentry);
284
+
bool ovl_check_dir_xattr(struct super_block *sb, struct dentry *dentry,
285
+
enum ovl_xattr ox);
306
286
int ovl_check_setxattr(struct dentry *dentry, struct dentry *upperdentry,
307
-
const char *name, const void *value, size_t size,
287
+
enum ovl_xattr ox, const void *value, size_t size,
308
288
int xerr);
309
289
int ovl_set_impure(struct dentry *dentry, struct dentry *upperdentry);
310
290
void ovl_set_flag(unsigned long flag, struct inode *inode);
···
318
296
int ovl_nlink_start(struct dentry *dentry);
319
297
void ovl_nlink_end(struct dentry *dentry);
320
298
int ovl_lock_rename_workdir(struct dentry *workdir, struct dentry *upperdir);
321
-
int ovl_check_metacopy_xattr(struct dentry *dentry);
299
+
int ovl_check_metacopy_xattr(struct ovl_fs *ofs, struct dentry *dentry);
322
300
bool ovl_is_metacopy_dentry(struct dentry *dentry);
323
-
char *ovl_get_redirect_xattr(struct dentry *dentry, int padding);
324
-
ssize_t ovl_getxattr(struct dentry *dentry, char *name, char **value,
325
-
size_t padding);
301
+
char *ovl_get_redirect_xattr(struct ovl_fs *ofs, struct dentry *dentry,
302
+
int padding);
326
303
327
-
static inline bool ovl_is_impuredir(struct dentry *dentry)
304
+
static inline bool ovl_is_impuredir(struct super_block *sb,
305
+
struct dentry *dentry)
328
306
{
329
-
return ovl_check_dir_xattr(dentry, OVL_XATTR_IMPURE);
307
+
return ovl_check_dir_xattr(sb, dentry, OVL_XATTR_IMPURE);
330
308
}
331
309
332
310
/*
···
387
365
bool connected);
388
366
int ovl_check_origin_fh(struct ovl_fs *ofs, struct ovl_fh *fh, bool connected,
389
367
struct dentry *upperdentry, struct ovl_path **stackp);
390
-
int ovl_verify_set_fh(struct dentry *dentry, const char *name,
391
-
struct dentry *real, bool is_upper, bool set);
368
+
int ovl_verify_set_fh(struct ovl_fs *ofs, struct dentry *dentry,
369
+
enum ovl_xattr ox, struct dentry *real, bool is_upper,
370
+
bool set);
392
371
struct dentry *ovl_index_upper(struct ovl_fs *ofs, struct dentry *index);
393
372
int ovl_verify_index(struct ovl_fs *ofs, struct dentry *index);
394
373
int ovl_get_index_name(struct dentry *origin, struct qstr *name);
···
401
378
unsigned int flags);
402
379
bool ovl_lower_positive(struct dentry *dentry);
403
380
404
-
static inline int ovl_verify_origin(struct dentry *upper,
381
+
static inline int ovl_verify_origin(struct ovl_fs *ofs, struct dentry *upper,
405
382
struct dentry *origin, bool set)
406
383
{
407
-
return ovl_verify_set_fh(upper, OVL_XATTR_ORIGIN, origin, false, set);
384
+
return ovl_verify_set_fh(ofs, upper, OVL_XATTR_ORIGIN, origin,
385
+
false, set);
408
386
}
409
387
410
-
static inline int ovl_verify_upper(struct dentry *index,
411
-
struct dentry *upper, bool set)
388
+
static inline int ovl_verify_upper(struct ovl_fs *ofs, struct dentry *index,
389
+
struct dentry *upper, bool set)
412
390
{
413
-
return ovl_verify_set_fh(index, OVL_XATTR_UPPER, upper, true, set);
391
+
return ovl_verify_set_fh(ofs, index, OVL_XATTR_UPPER, upper, true, set);
414
392
}
415
393
416
394
/* readdir.c */
417
395
extern const struct file_operations ovl_dir_operations;
396
+
struct file *ovl_dir_real_file(const struct file *file, bool want_upper);
418
397
int ovl_check_empty_dir(struct dentry *dentry, struct list_head *list);
419
398
void ovl_cleanup_whiteouts(struct dentry *upper, struct list_head *list);
420
399
void ovl_cache_free(struct list_head *list);
···
429
404
/* inode.c */
430
405
int ovl_set_nlink_upper(struct dentry *dentry);
431
406
int ovl_set_nlink_lower(struct dentry *dentry);
432
-
unsigned int ovl_get_nlink(struct dentry *lowerdentry,
407
+
unsigned int ovl_get_nlink(struct ovl_fs *ofs, struct dentry *lowerdentry,
433
408
struct dentry *upperdentry,
434
409
unsigned int fallback);
435
410
int ovl_setattr(struct dentry *dentry, struct iattr *attr);
···
443
418
ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size);
444
419
struct posix_acl *ovl_get_acl(struct inode *inode, int type);
445
420
int ovl_update_time(struct inode *inode, struct timespec64 *ts, int flags);
446
-
bool ovl_is_private_xattr(const char *name);
421
+
bool ovl_is_private_xattr(struct super_block *sb, const char *name);
447
422
448
423
struct ovl_inode_params {
449
424
struct inode *newinode;
···
504
479
extern const struct file_operations ovl_file_operations;
505
480
int __init ovl_aio_request_cache_init(void);
506
481
void ovl_aio_request_cache_destroy(void);
482
+
long ovl_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
483
+
long ovl_compat_ioctl(struct file *file, unsigned int cmd, unsigned long arg);
507
484
508
485
/* copy_up.c */
509
486
int ovl_copy_up(struct dentry *dentry);
510
487
int ovl_copy_up_with_data(struct dentry *dentry);
511
488
int ovl_maybe_copy_up(struct dentry *dentry, int flags);
512
-
int ovl_copy_xattr(struct dentry *old, struct dentry *new);
489
+
int ovl_copy_xattr(struct super_block *sb, struct dentry *old,
490
+
struct dentry *new);
513
491
int ovl_set_attr(struct dentry *upper, struct kstat *stat);
514
492
struct ovl_fh *ovl_encode_real_fh(struct dentry *real, bool is_upper);
515
493
int ovl_set_origin(struct dentry *dentry, struct dentry *lower,
+6
fs/overlayfs/ovl_entry.h
+6
fs/overlayfs/ovl_entry.h
···
17
17
bool nfs_export;
18
18
int xino;
19
19
bool metacopy;
20
+
bool ovl_volatile;
20
21
};
21
22
22
23
struct ovl_sb {
···
89
88
static inline struct ovl_fs *OVL_FS(struct super_block *sb)
90
89
{
91
90
return (struct ovl_fs *)sb->s_fs_info;
91
+
}
92
+
93
+
static inline bool ovl_should_sync(struct ovl_fs *ofs)
94
+
{
95
+
return !ofs->config.ovl_volatile;
92
96
}
93
97
94
98
/* private information held for every overlayfs dentry */
+65
-11
fs/overlayfs/readdir.c
+65
-11
fs/overlayfs/readdir.c
···
606
606
{
607
607
int res;
608
608
struct dentry *dentry = path->dentry;
609
+
struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
609
610
struct ovl_dir_cache *cache;
610
611
611
612
cache = ovl_dir_cache(d_inode(dentry));
···
633
632
* Removing the "impure" xattr is best effort.
634
633
*/
635
634
if (!ovl_want_write(dentry)) {
636
-
ovl_do_removexattr(ovl_dentry_upper(dentry),
635
+
ovl_do_removexattr(ofs, ovl_dentry_upper(dentry),
637
636
OVL_XATTR_IMPURE);
638
637
ovl_drop_write(dentry);
639
638
}
···
840
839
return res;
841
840
}
842
841
843
-
static struct file *ovl_dir_open_realfile(struct file *file,
842
+
static struct file *ovl_dir_open_realfile(const struct file *file,
844
843
struct path *realpath)
845
844
{
846
845
struct file *res;
···
853
852
return res;
854
853
}
855
854
856
-
static int ovl_dir_fsync(struct file *file, loff_t start, loff_t end,
857
-
int datasync)
855
+
/*
856
+
* Like ovl_real_fdget(), returns upperfile if dir was copied up since open.
857
+
* Unlike ovl_real_fdget(), this caches upperfile in file->private_data.
858
+
*
859
+
* TODO: use same abstract type for file->private_data of dir and file so
860
+
* upperfile could also be cached for files as well.
861
+
*/
862
+
struct file *ovl_dir_real_file(const struct file *file, bool want_upper)
858
863
{
864
+
859
865
struct ovl_dir_file *od = file->private_data;
860
866
struct dentry *dentry = file->f_path.dentry;
861
867
struct file *realfile = od->realfile;
862
868
863
-
/* Nothing to sync for lower */
864
869
if (!OVL_TYPE_UPPER(ovl_path_type(dentry)))
865
-
return 0;
870
+
return want_upper ? NULL : realfile;
866
871
867
872
/*
868
873
* Need to check if we started out being a lower dir, but got copied up
···
887
880
if (!od->upperfile) {
888
881
if (IS_ERR(realfile)) {
889
882
inode_unlock(inode);
890
-
return PTR_ERR(realfile);
883
+
return realfile;
891
884
}
892
885
smp_store_release(&od->upperfile, realfile);
893
886
} else {
···
899
892
inode_unlock(inode);
900
893
}
901
894
}
895
+
896
+
return realfile;
897
+
}
898
+
899
+
static int ovl_dir_fsync(struct file *file, loff_t start, loff_t end,
900
+
int datasync)
901
+
{
902
+
struct file *realfile;
903
+
int err;
904
+
905
+
if (!ovl_should_sync(OVL_FS(file->f_path.dentry->d_sb)))
906
+
return 0;
907
+
908
+
realfile = ovl_dir_real_file(file, true);
909
+
err = PTR_ERR_OR_ZERO(realfile);
910
+
911
+
/* Nothing to sync for lower */
912
+
if (!realfile || err)
913
+
return err;
902
914
903
915
return vfs_fsync_range(realfile, start, end, datasync);
904
916
}
···
971
945
.llseek = ovl_dir_llseek,
972
946
.fsync = ovl_dir_fsync,
973
947
.release = ovl_dir_release,
948
+
.unlocked_ioctl = ovl_ioctl,
949
+
#ifdef CONFIG_COMPAT
950
+
.compat_ioctl = ovl_compat_ioctl,
951
+
#endif
974
952
};
975
953
976
954
int ovl_check_empty_dir(struct dentry *dentry, struct list_head *list)
···
1081
1051
return rdd.d_type_supported;
1082
1052
}
1083
1053
1084
-
static void ovl_workdir_cleanup_recurse(struct path *path, int level)
1054
+
#define OVL_INCOMPATDIR_NAME "incompat"
1055
+
1056
+
static int ovl_workdir_cleanup_recurse(struct path *path, int level)
1085
1057
{
1086
1058
int err;
1087
1059
struct inode *dir = path->dentry->d_inode;
···
1097
1065
.root = &root,
1098
1066
.is_lowest = false,
1099
1067
};
1068
+
bool incompat = false;
1069
+
1070
+
/*
1071
+
* The "work/incompat" directory is treated specially - if it is not
1072
+
* empty, instead of printing a generic error and mounting read-only,
1073
+
* we will error about incompat features and fail the mount.
1074
+
*
1075
+
* When called from ovl_indexdir_cleanup(), path->dentry->d_name.name
1076
+
* starts with '#'.
1077
+
*/
1078
+
if (level == 2 &&
1079
+
!strcmp(path->dentry->d_name.name, OVL_INCOMPATDIR_NAME))
1080
+
incompat = true;
1100
1081
1101
1082
err = ovl_dir_read(path, &rdd);
1102
1083
if (err)
···
1124
1079
continue;
1125
1080
if (p->len == 2 && p->name[1] == '.')
1126
1081
continue;
1082
+
} else if (incompat) {
1083
+
pr_err("overlay with incompat feature '%s' cannot be mounted\n",
1084
+
p->name);
1085
+
err = -EINVAL;
1086
+
break;
1127
1087
}
1128
1088
dentry = lookup_one_len(p->name, path->dentry, p->len);
1129
1089
if (IS_ERR(dentry))
1130
1090
continue;
1131
1091
if (dentry->d_inode)
1132
-
ovl_workdir_cleanup(dir, path->mnt, dentry, level);
1092
+
err = ovl_workdir_cleanup(dir, path->mnt, dentry, level);
1133
1093
dput(dentry);
1094
+
if (err)
1095
+
break;
1134
1096
}
1135
1097
inode_unlock(dir);
1136
1098
out:
1137
1099
ovl_cache_free(&list);
1100
+
return err;
1138
1101
}
1139
1102
1140
1103
int ovl_workdir_cleanup(struct inode *dir, struct vfsmount *mnt,
···
1159
1106
struct path path = { .mnt = mnt, .dentry = dentry };
1160
1107
1161
1108
inode_unlock(dir);
1162
-
ovl_workdir_cleanup_recurse(&path, level + 1);
1109
+
err = ovl_workdir_cleanup_recurse(&path, level + 1);
1163
1110
inode_lock_nested(dir, I_MUTEX_PARENT);
1164
-
err = ovl_cleanup(dir, dentry);
1111
+
if (!err)
1112
+
err = ovl_cleanup(dir, dentry);
1165
1113
}
1166
1114
1167
1115
return err;
+99
-18
fs/overlayfs/super.c
+99
-18
fs/overlayfs/super.c
···
264
264
if (!ovl_upper_mnt(ofs))
265
265
return 0;
266
266
267
+
if (!ovl_should_sync(ofs))
268
+
return 0;
267
269
/*
268
270
* Not called for sync(2) call or an emergency sync (SB_I_SKIP_SYNC).
269
271
* All the super blocks will be iterated, including upper_sb.
···
364
362
if (ofs->config.metacopy != ovl_metacopy_def)
365
363
seq_printf(m, ",metacopy=%s",
366
364
ofs->config.metacopy ? "on" : "off");
365
+
if (ofs->config.ovl_volatile)
366
+
seq_puts(m, ",volatile");
367
367
return 0;
368
368
}
369
369
···
380
376
381
377
if (*flags & SB_RDONLY && !sb_rdonly(sb)) {
382
378
upper_sb = ovl_upper_mnt(ofs)->mnt_sb;
383
-
down_read(&upper_sb->s_umount);
384
-
ret = sync_filesystem(upper_sb);
385
-
up_read(&upper_sb->s_umount);
379
+
if (ovl_should_sync(ofs)) {
380
+
down_read(&upper_sb->s_umount);
381
+
ret = sync_filesystem(upper_sb);
382
+
up_read(&upper_sb->s_umount);
383
+
}
386
384
}
387
385
388
386
return ret;
···
417
411
OPT_XINO_AUTO,
418
412
OPT_METACOPY_ON,
419
413
OPT_METACOPY_OFF,
414
+
OPT_VOLATILE,
420
415
OPT_ERR,
421
416
};
422
417
···
436
429
{OPT_XINO_AUTO, "xino=auto"},
437
430
{OPT_METACOPY_ON, "metacopy=on"},
438
431
{OPT_METACOPY_OFF, "metacopy=off"},
432
+
{OPT_VOLATILE, "volatile"},
439
433
{OPT_ERR, NULL}
440
434
};
441
435
···
581
573
metacopy_opt = true;
582
574
break;
583
575
576
+
case OPT_VOLATILE:
577
+
config->ovl_volatile = true;
578
+
break;
579
+
584
580
default:
585
581
pr_err("unrecognized mount option \"%s\" or missing value\n",
586
582
p);
···
605
593
index_opt = false;
606
594
}
607
595
config->index = false;
596
+
}
597
+
598
+
if (!config->upperdir && config->ovl_volatile) {
599
+
pr_info("option \"volatile\" is meaningless in a non-upper mount, ignoring it.\n");
600
+
config->ovl_volatile = false;
608
601
}
609
602
610
603
err = ovl_parse_redirect_mode(config, config->redirect_mode);
···
722
705
goto out_unlock;
723
706
724
707
retried = true;
725
-
ovl_workdir_cleanup(dir, mnt, work, 0);
708
+
err = ovl_workdir_cleanup(dir, mnt, work, 0);
726
709
dput(work);
710
+
if (err == -EINVAL) {
711
+
work = ERR_PTR(err);
712
+
goto out_unlock;
713
+
}
727
714
goto retry;
728
715
}
729
716
···
1220
1199
return err;
1221
1200
}
1222
1201
1202
+
static struct dentry *ovl_lookup_or_create(struct dentry *parent,
1203
+
const char *name, umode_t mode)
1204
+
{
1205
+
size_t len = strlen(name);
1206
+
struct dentry *child;
1207
+
1208
+
inode_lock_nested(parent->d_inode, I_MUTEX_PARENT);
1209
+
child = lookup_one_len(name, parent, len);
1210
+
if (!IS_ERR(child) && !child->d_inode)
1211
+
child = ovl_create_real(parent->d_inode, child,
1212
+
OVL_CATTR(mode));
1213
+
inode_unlock(parent->d_inode);
1214
+
dput(parent);
1215
+
1216
+
return child;
1217
+
}
1218
+
1219
+
/*
1220
+
* Creates $workdir/work/incompat/volatile/dirty file if it is not already
1221
+
* present.
1222
+
*/
1223
+
static int ovl_create_volatile_dirty(struct ovl_fs *ofs)
1224
+
{
1225
+
unsigned int ctr;
1226
+
struct dentry *d = dget(ofs->workbasedir);
1227
+
static const char *const volatile_path[] = {
1228
+
OVL_WORKDIR_NAME, "incompat", "volatile", "dirty"
1229
+
};
1230
+
const char *const *name = volatile_path;
1231
+
1232
+
for (ctr = ARRAY_SIZE(volatile_path); ctr; ctr--, name++) {
1233
+
d = ovl_lookup_or_create(d, *name, ctr > 1 ? S_IFDIR : S_IFREG);
1234
+
if (IS_ERR(d))
1235
+
return PTR_ERR(d);
1236
+
}
1237
+
dput(d);
1238
+
return 0;
1239
+
}
1240
+
1223
1241
static int ovl_make_workdir(struct super_block *sb, struct ovl_fs *ofs,
1224
1242
struct path *workpath)
1225
1243
{
1226
1244
struct vfsmount *mnt = ovl_upper_mnt(ofs);
1227
-
struct dentry *temp;
1245
+
struct dentry *temp, *workdir;
1228
1246
bool rename_whiteout;
1229
1247
bool d_type;
1230
1248
int fh_type;
···
1273
1213
if (err)
1274
1214
return err;
1275
1215
1276
-
ofs->workdir = ovl_workdir_create(ofs, OVL_WORKDIR_NAME, false);
1277
-
if (!ofs->workdir)
1216
+
workdir = ovl_workdir_create(ofs, OVL_WORKDIR_NAME, false);
1217
+
err = PTR_ERR(workdir);
1218
+
if (IS_ERR_OR_NULL(workdir))
1278
1219
goto out;
1220
+
1221
+
ofs->workdir = workdir;
1279
1222
1280
1223
err = ovl_setup_trap(sb, ofs->workdir, &ofs->workdir_trap, "workdir");
1281
1224
if (err)
···
1319
1256
/*
1320
1257
* Check if upper/work fs supports trusted.overlay.* xattr
1321
1258
*/
1322
-
err = ovl_do_setxattr(ofs->workdir, OVL_XATTR_OPAQUE, "0", 1, 0);
1259
+
err = ovl_do_setxattr(ofs, ofs->workdir, OVL_XATTR_OPAQUE, "0", 1);
1323
1260
if (err) {
1324
1261
ofs->noxattr = true;
1325
1262
ofs->config.index = false;
···
1327
1264
pr_warn("upper fs does not support xattr, falling back to index=off and metacopy=off.\n");
1328
1265
err = 0;
1329
1266
} else {
1330
-
vfs_removexattr(ofs->workdir, OVL_XATTR_OPAQUE);
1267
+
ovl_do_removexattr(ofs, ofs->workdir, OVL_XATTR_OPAQUE);
1331
1268
}
1332
1269
1333
1270
/*
···
1340
1277
pr_err("upper fs missing required features.\n");
1341
1278
err = -EINVAL;
1342
1279
goto out;
1280
+
}
1281
+
1282
+
/*
1283
+
* For volatile mount, create a incompat/volatile/dirty file to keep
1284
+
* track of it.
1285
+
*/
1286
+
if (ofs->config.ovl_volatile) {
1287
+
err = ovl_create_volatile_dirty(ofs);
1288
+
if (err < 0) {
1289
+
pr_err("Failed to create volatile/dirty file.\n");
1290
+
goto out;
1291
+
}
1343
1292
}
1344
1293
1345
1294
/* Check if upper/work fs supports file handles */
···
1422
1347
struct ovl_entry *oe, struct path *upperpath)
1423
1348
{
1424
1349
struct vfsmount *mnt = ovl_upper_mnt(ofs);
1350
+
struct dentry *indexdir;
1425
1351
int err;
1426
1352
1427
1353
err = mnt_want_write(mnt);
···
1430
1354
return err;
1431
1355
1432
1356
/* Verify lower root is upper root origin */
1433
-
err = ovl_verify_origin(upperpath->dentry, oe->lowerstack[0].dentry,
1434
-
true);
1357
+
err = ovl_verify_origin(ofs, upperpath->dentry,
1358
+
oe->lowerstack[0].dentry, true);
1435
1359
if (err) {
1436
1360
pr_err("failed to verify upper root origin\n");
1437
1361
goto out;
···
1442
1366
ofs->workdir_trap = NULL;
1443
1367
dput(ofs->workdir);
1444
1368
ofs->workdir = NULL;
1445
-
ofs->indexdir = ovl_workdir_create(ofs, OVL_INDEXDIR_NAME, true);
1446
-
if (ofs->indexdir) {
1447
-
ofs->workdir = dget(ofs->indexdir);
1369
+
indexdir = ovl_workdir_create(ofs, OVL_INDEXDIR_NAME, true);
1370
+
if (IS_ERR(indexdir)) {
1371
+
err = PTR_ERR(indexdir);
1372
+
} else if (indexdir) {
1373
+
ofs->indexdir = indexdir;
1374
+
ofs->workdir = dget(indexdir);
1448
1375
1449
1376
err = ovl_setup_trap(sb, ofs->indexdir, &ofs->indexdir_trap,
1450
1377
"indexdir");
···
1462
1383
* "trusted.overlay.upper" to indicate that index may have
1463
1384
* directory entries.
1464
1385
*/
1465
-
if (ovl_check_origin_xattr(ofs->indexdir)) {
1466
-
err = ovl_verify_set_fh(ofs->indexdir, OVL_XATTR_ORIGIN,
1386
+
if (ovl_check_origin_xattr(ofs, ofs->indexdir)) {
1387
+
err = ovl_verify_set_fh(ofs, ofs->indexdir,
1388
+
OVL_XATTR_ORIGIN,
1467
1389
upperpath->dentry, true, false);
1468
1390
if (err)
1469
1391
pr_err("failed to verify index dir 'origin' xattr\n");
1470
1392
}
1471
-
err = ovl_verify_upper(ofs->indexdir, upperpath->dentry, true);
1393
+
err = ovl_verify_upper(ofs, ofs->indexdir, upperpath->dentry,
1394
+
true);
1472
1395
if (err)
1473
1396
pr_err("failed to verify index dir 'upper' xattr\n");
1474
1397
···
1836
1755
ino = d_inode(upperdentry)->i_ino;
1837
1756
fsid = 0;
1838
1757
ovl_dentry_set_upper_alias(root);
1839
-
if (ovl_is_impuredir(upperdentry))
1758
+
if (ovl_is_impuredir(sb, upperdentry))
1840
1759
ovl_set_flag(OVL_IMPURE, d_inode(root));
1841
1760
}
1842
1761
+50
-46
fs/overlayfs/util.c
+50
-46
fs/overlayfs/util.c
···
544
544
ovl_inode_unlock(d_inode(dentry));
545
545
}
546
546
547
-
bool ovl_check_origin_xattr(struct dentry *dentry)
547
+
bool ovl_check_origin_xattr(struct ovl_fs *ofs, struct dentry *dentry)
548
548
{
549
549
int res;
550
550
551
-
res = vfs_getxattr(dentry, OVL_XATTR_ORIGIN, NULL, 0);
551
+
res = ovl_do_getxattr(ofs, dentry, OVL_XATTR_ORIGIN, NULL, 0);
552
552
553
553
/* Zero size value means "copied up but origin unknown" */
554
554
if (res >= 0)
···
557
557
return false;
558
558
}
559
559
560
-
bool ovl_check_dir_xattr(struct dentry *dentry, const char *name)
560
+
bool ovl_check_dir_xattr(struct super_block *sb, struct dentry *dentry,
561
+
enum ovl_xattr ox)
561
562
{
562
563
int res;
563
564
char val;
···
566
565
if (!d_is_dir(dentry))
567
566
return false;
568
567
569
-
res = vfs_getxattr(dentry, name, &val, 1);
568
+
res = ovl_do_getxattr(OVL_FS(sb), dentry, ox, &val, 1);
570
569
if (res == 1 && val == 'y')
571
570
return true;
572
571
573
572
return false;
574
573
}
575
574
575
+
#define OVL_XATTR_OPAQUE_POSTFIX "opaque"
576
+
#define OVL_XATTR_REDIRECT_POSTFIX "redirect"
577
+
#define OVL_XATTR_ORIGIN_POSTFIX "origin"
578
+
#define OVL_XATTR_IMPURE_POSTFIX "impure"
579
+
#define OVL_XATTR_NLINK_POSTFIX "nlink"
580
+
#define OVL_XATTR_UPPER_POSTFIX "upper"
581
+
#define OVL_XATTR_METACOPY_POSTFIX "metacopy"
582
+
583
+
#define OVL_XATTR_TAB_ENTRY(x) \
584
+
[x] = OVL_XATTR_PREFIX x ## _POSTFIX
585
+
586
+
const char *ovl_xattr_table[] = {
587
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_OPAQUE),
588
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_REDIRECT),
589
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_ORIGIN),
590
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_IMPURE),
591
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_NLINK),
592
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_UPPER),
593
+
OVL_XATTR_TAB_ENTRY(OVL_XATTR_METACOPY),
594
+
};
595
+
576
596
int ovl_check_setxattr(struct dentry *dentry, struct dentry *upperdentry,
577
-
const char *name, const void *value, size_t size,
597
+
enum ovl_xattr ox, const void *value, size_t size,
578
598
int xerr)
579
599
{
580
600
int err;
···
604
582
if (ofs->noxattr)
605
583
return xerr;
606
584
607
-
err = ovl_do_setxattr(upperdentry, name, value, size, 0);
585
+
err = ovl_do_setxattr(ofs, upperdentry, ox, value, size);
608
586
609
587
if (err == -EOPNOTSUPP) {
610
-
pr_warn("cannot set %s xattr on upper\n", name);
588
+
pr_warn("cannot set %s xattr on upper\n", ovl_xattr(ofs, ox));
611
589
ofs->noxattr = true;
612
590
return xerr;
613
591
}
···
867
845
}
868
846
869
847
/* err < 0, 0 if no metacopy xattr, 1 if metacopy xattr found */
870
-
int ovl_check_metacopy_xattr(struct dentry *dentry)
848
+
int ovl_check_metacopy_xattr(struct ovl_fs *ofs, struct dentry *dentry)
871
849
{
872
850
int res;
873
851
···
875
853
if (!S_ISREG(d_inode(dentry)->i_mode))
876
854
return 0;
877
855
878
-
res = vfs_getxattr(dentry, OVL_XATTR_METACOPY, NULL, 0);
856
+
res = ovl_do_getxattr(ofs, dentry, OVL_XATTR_METACOPY, NULL, 0);
879
857
if (res < 0) {
880
858
if (res == -ENODATA || res == -EOPNOTSUPP)
881
859
return 0;
···
904
882
return (oe->numlower > 1);
905
883
}
906
884
907
-
ssize_t ovl_getxattr(struct dentry *dentry, char *name, char **value,
908
-
size_t padding)
909
-
{
910
-
ssize_t res;
911
-
char *buf = NULL;
912
-
913
-
res = vfs_getxattr(dentry, name, NULL, 0);
914
-
if (res < 0) {
915
-
if (res == -ENODATA || res == -EOPNOTSUPP)
916
-
return -ENODATA;
917
-
goto fail;
918
-
}
919
-
920
-
if (res != 0) {
921
-
buf = kzalloc(res + padding, GFP_KERNEL);
922
-
if (!buf)
923
-
return -ENOMEM;
924
-
925
-
res = vfs_getxattr(dentry, name, buf, res);
926
-
if (res < 0)
927
-
goto fail;
928
-
}
929
-
*value = buf;
930
-
931
-
return res;
932
-
933
-
fail:
934
-
pr_warn_ratelimited("failed to get xattr %s: err=%zi)\n",
935
-
name, res);
936
-
kfree(buf);
937
-
return res;
938
-
}
939
-
940
-
char *ovl_get_redirect_xattr(struct dentry *dentry, int padding)
885
+
char *ovl_get_redirect_xattr(struct ovl_fs *ofs, struct dentry *dentry,
886
+
int padding)
941
887
{
942
888
int res;
943
889
char *s, *next, *buf = NULL;
944
890
945
-
res = ovl_getxattr(dentry, OVL_XATTR_REDIRECT, &buf, padding + 1);
946
-
if (res == -ENODATA)
891
+
res = ovl_do_getxattr(ofs, dentry, OVL_XATTR_REDIRECT, NULL, 0);
892
+
if (res == -ENODATA || res == -EOPNOTSUPP)
947
893
return NULL;
948
894
if (res < 0)
949
-
return ERR_PTR(res);
895
+
goto fail;
896
+
if (res == 0)
897
+
goto invalid;
898
+
899
+
buf = kzalloc(res + padding + 1, GFP_KERNEL);
900
+
if (!buf)
901
+
return ERR_PTR(-ENOMEM);
902
+
903
+
res = ovl_do_getxattr(ofs, dentry, OVL_XATTR_REDIRECT, buf, res);
904
+
if (res < 0)
905
+
goto fail;
950
906
if (res == 0)
951
907
goto invalid;
952
908
···
943
943
invalid:
944
944
pr_warn_ratelimited("invalid redirect (%s)\n", buf);
945
945
res = -EINVAL;
946
+
goto err_free;
947
+
fail:
948
+
pr_warn_ratelimited("failed to get redirect (%i)\n", res);
949
+
err_free:
946
950
kfree(buf);
947
951
return ERR_PTR(res);
948
952
}