tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs

Pull overlayfs update from Miklos Szeredi:
"The biggest part of this is making st_dev/st_ino on the overlay behave
like a normal filesystem (i.e. st_ino doesn't change on copy up,
st_dev is the same for all files and directories). Currently this only
works if all layers are on the same filesystem, but future work will
move the general case towards more sane behavior.

There are also miscellaneous fixes, including fixes to handling
append-only files. There's a small change in the VFS, but that only
has an effect on overlayfs, since otherwise file->f_path.dentry->inode
and file_inode(file) are always the same"

* 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: update documentation w.r.t. constant inode numbers
ovl: persistent inode numbers for upper hardlinks
ovl: merge getattr for dir and nondir
ovl: constant st_ino/st_dev across copy up
ovl: persistent inode number for directories
ovl: set the ORIGIN type flag
ovl: lookup non-dir copy-up-origin by file handle
ovl: use an auxiliary var for overlay root entry
ovl: store file handle of lower inode on copy up
ovl: check if all layers are on the same fs
ovl: do not set overlay.opaque on non-dir create
ovl: check IS_APPEND() on real upper inode
vfs: ftruncate check IS_APPEND() on real upper inode
ovl: Use designated initializers
ovl: lockdep annotate of nested stacked overlayfs inode lock

Linus Torvalds b948abf5 a2e5ad45

+425 -52
+8 -1
Documentation/filesystems/overlayfs.txt
··· 21 21 This is most obvious from the 'st_dev' field returned by stat(2). 22 22 23 23 While directories will report an st_dev from the overlay-filesystem, 24 - all non-directory objects will report an st_dev from the lower or 24 + non-directory objects may report an st_dev from the lower filesystem or 25 25 upper filesystem that is providing the object. Similarly st_ino will 26 26 only be unique when combined with st_dev, and both of these can change 27 27 over the lifetime of a non-directory object. Many applications and 28 28 tools ignore these values and will not be affected. 29 + 30 + In the special case of all overlay layers on the same underlying 31 + filesystem, all objects will report an st_dev from the overlay 32 + filesystem and st_ino from the underlying filesystem. This will 33 + make the overlay mount more compliant with filesystem scanners and 34 + overlay objects will be distinguishable from the corresponding 35 + objects in the original filesystem. 29 36 30 37 Upper and Lower 31 38 ---------------
+2 -1
fs/open.c
··· 193 193 goto out_putf; 194 194 195 195 error = -EPERM; 196 - if (IS_APPEND(inode)) 196 + /* Check IS_APPEND on real upper inode */ 197 + if (IS_APPEND(file_inode(f.file))) 197 198 goto out_putf; 198 199 199 200 sb_start_write(inode->i_sb);
+82
fs/overlayfs/copy_up.c
··· 20 20 #include <linux/namei.h> 21 21 #include <linux/fdtable.h> 22 22 #include <linux/ratelimit.h> 23 + #include <linux/exportfs.h> 23 24 #include "overlayfs.h" 24 25 #include "ovl_entry.h" 25 26 ··· 233 232 return err; 234 233 } 235 234 235 + static struct ovl_fh *ovl_encode_fh(struct dentry *lower, uuid_be *uuid) 236 + { 237 + struct ovl_fh *fh; 238 + int fh_type, fh_len, dwords; 239 + void *buf; 240 + int buflen = MAX_HANDLE_SZ; 241 + 242 + buf = kmalloc(buflen, GFP_TEMPORARY); 243 + if (!buf) 244 + return ERR_PTR(-ENOMEM); 245 + 246 + /* 247 + * We encode a non-connectable file handle for non-dir, because we 248 + * only need to find the lower inode number and we don't want to pay 249 + * the price or reconnecting the dentry. 250 + */ 251 + dwords = buflen >> 2; 252 + fh_type = exportfs_encode_fh(lower, buf, &dwords, 0); 253 + buflen = (dwords << 2); 254 + 255 + fh = ERR_PTR(-EIO); 256 + if (WARN_ON(fh_type < 0) || 257 + WARN_ON(buflen > MAX_HANDLE_SZ) || 258 + WARN_ON(fh_type == FILEID_INVALID)) 259 + goto out; 260 + 261 + BUILD_BUG_ON(MAX_HANDLE_SZ + offsetof(struct ovl_fh, fid) > 255); 262 + fh_len = offsetof(struct ovl_fh, fid) + buflen; 263 + fh = kmalloc(fh_len, GFP_KERNEL); 264 + if (!fh) { 265 + fh = ERR_PTR(-ENOMEM); 266 + goto out; 267 + } 268 + 269 + fh->version = OVL_FH_VERSION; 270 + fh->magic = OVL_FH_MAGIC; 271 + fh->type = fh_type; 272 + fh->flags = OVL_FH_FLAG_CPU_ENDIAN; 273 + fh->len = fh_len; 274 + fh->uuid = *uuid; 275 + memcpy(fh->fid, buf, buflen); 276 + 277 + out: 278 + kfree(buf); 279 + return fh; 280 + } 281 + 282 + static int ovl_set_origin(struct dentry *dentry, struct dentry *lower, 283 + struct dentry *upper) 284 + { 285 + struct super_block *sb = lower->d_sb; 286 + uuid_be *uuid = (uuid_be *) &sb->s_uuid; 287 + const struct ovl_fh *fh = NULL; 288 + int err; 289 + 290 + /* 291 + * When lower layer doesn't support export operations store a 'null' fh, 292 + * so we can use the overlay.origin xattr to distignuish between a copy 293 + * up and a pure upper inode. 294 + */ 295 + if (sb->s_export_op && sb->s_export_op->fh_to_dentry && 296 + uuid_be_cmp(*uuid, NULL_UUID_BE)) { 297 + fh = ovl_encode_fh(lower, uuid); 298 + if (IS_ERR(fh)) 299 + return PTR_ERR(fh); 300 + } 301 + 302 + err = ovl_do_setxattr(upper, OVL_XATTR_ORIGIN, fh, fh ? fh->len : 0, 0); 303 + kfree(fh); 304 + 305 + return err; 306 + } 307 + 236 308 static int ovl_copy_up_locked(struct dentry *workdir, struct dentry *upperdir, 237 309 struct dentry *dentry, struct path *lowerpath, 238 310 struct kstat *stat, const char *link, ··· 387 313 inode_lock(temp->d_inode); 388 314 err = ovl_set_attr(temp, stat); 389 315 inode_unlock(temp->d_inode); 316 + if (err) 317 + goto out_cleanup; 318 + 319 + /* 320 + * Store identifier of lower inode in upper inode xattr to 321 + * allow lookup of the copy up origin inode. 322 + */ 323 + err = ovl_set_origin(dentry, lowerpath->dentry, temp); 390 324 if (err) 391 325 goto out_cleanup; 392 326
+5 -32
fs/overlayfs/dir.c
··· 138 138 return err; 139 139 } 140 140 141 - static int ovl_dir_getattr(const struct path *path, struct kstat *stat, 142 - u32 request_mask, unsigned int flags) 143 - { 144 - struct dentry *dentry = path->dentry; 145 - int err; 146 - enum ovl_path_type type; 147 - struct path realpath; 148 - const struct cred *old_cred; 149 - 150 - type = ovl_path_real(dentry, &realpath); 151 - old_cred = ovl_override_creds(dentry->d_sb); 152 - err = vfs_getattr(&realpath, stat, request_mask, flags); 153 - revert_creds(old_cred); 154 - if (err) 155 - return err; 156 - 157 - stat->dev = dentry->d_sb->s_dev; 158 - stat->ino = dentry->d_inode->i_ino; 159 - 160 - /* 161 - * It's probably not worth it to count subdirs to get the 162 - * correct link count. nlink=1 seems to pacify 'find' and 163 - * other utilities. 164 - */ 165 - if (OVL_TYPE_MERGE(type)) 166 - stat->nlink = 1; 167 - 168 - return 0; 169 - } 170 - 171 141 /* Common operations required to be done after creation of file on upper */ 172 142 static void ovl_instantiate(struct dentry *dentry, struct inode *inode, 173 143 struct dentry *newdentry, bool hardlink) ··· 152 182 inc_nlink(inode); 153 183 } 154 184 d_instantiate(dentry, inode); 185 + /* Force lookup of new upper hardlink to find its lower */ 186 + if (hardlink) 187 + d_drop(dentry); 155 188 } 156 189 157 190 static bool ovl_type_merge(struct dentry *dentry) ··· 183 210 if (err) 184 211 goto out_dput; 185 212 186 - if (ovl_type_merge(dentry->d_parent)) { 213 + if (ovl_type_merge(dentry->d_parent) && d_is_dir(newdentry)) { 187 214 /* Setting opaque here is just an optimization, allow to fail */ 188 215 ovl_set_opaque(dentry, newdentry); 189 216 } ··· 1043 1070 .create = ovl_create, 1044 1071 .mknod = ovl_mknod, 1045 1072 .permission = ovl_permission, 1046 - .getattr = ovl_dir_getattr, 1073 + .getattr = ovl_getattr, 1047 1074 .listxattr = ovl_listxattr, 1048 1075 .get_acl = ovl_get_acl, 1049 1076 .update_time = ovl_update_time,
+100 -3
fs/overlayfs/inode.c
··· 57 57 return err; 58 58 } 59 59 60 - static int ovl_getattr(const struct path *path, struct kstat *stat, 61 - u32 request_mask, unsigned int flags) 60 + int ovl_getattr(const struct path *path, struct kstat *stat, 61 + u32 request_mask, unsigned int flags) 62 62 { 63 63 struct dentry *dentry = path->dentry; 64 + enum ovl_path_type type; 64 65 struct path realpath; 65 66 const struct cred *old_cred; 67 + bool is_dir = S_ISDIR(dentry->d_inode->i_mode); 66 68 int err; 67 69 68 - ovl_path_real(dentry, &realpath); 70 + type = ovl_path_real(dentry, &realpath); 69 71 old_cred = ovl_override_creds(dentry->d_sb); 70 72 err = vfs_getattr(&realpath, stat, request_mask, flags); 73 + if (err) 74 + goto out; 75 + 76 + /* 77 + * When all layers are on the same fs, all real inode number are 78 + * unique, so we use the overlay st_dev, which is friendly to du -x. 79 + * 80 + * We also use st_ino of the copy up origin, if we know it. 81 + * This guaranties constant st_dev/st_ino across copy up. 82 + * 83 + * If filesystem supports NFS export ops, this also guaranties 84 + * persistent st_ino across mount cycle. 85 + */ 86 + if (ovl_same_sb(dentry->d_sb)) { 87 + if (OVL_TYPE_ORIGIN(type)) { 88 + struct kstat lowerstat; 89 + u32 lowermask = STATX_INO | (!is_dir ? STATX_NLINK : 0); 90 + 91 + ovl_path_lower(dentry, &realpath); 92 + err = vfs_getattr(&realpath, &lowerstat, 93 + lowermask, flags); 94 + if (err) 95 + goto out; 96 + 97 + WARN_ON_ONCE(stat->dev != lowerstat.dev); 98 + /* 99 + * Lower hardlinks are broken on copy up to different 100 + * upper files, so we cannot use the lower origin st_ino 101 + * for those different files, even for the same fs case. 102 + */ 103 + if (is_dir || lowerstat.nlink == 1) 104 + stat->ino = lowerstat.ino; 105 + } 106 + stat->dev = dentry->d_sb->s_dev; 107 + } else if (is_dir) { 108 + /* 109 + * If not all layers are on the same fs the pair {real st_ino; 110 + * overlay st_dev} is not unique, so use the non persistent 111 + * overlay st_ino. 112 + * 113 + * Always use the overlay st_dev for directories, so 'find 114 + * -xdev' will scan the entire overlay mount and won't cross the 115 + * overlay mount boundaries. 116 + */ 117 + stat->dev = dentry->d_sb->s_dev; 118 + stat->ino = dentry->d_inode->i_ino; 119 + } 120 + 121 + /* 122 + * It's probably not worth it to count subdirs to get the 123 + * correct link count. nlink=1 seems to pacify 'find' and 124 + * other utilities. 125 + */ 126 + if (is_dir && OVL_TYPE_MERGE(type)) 127 + stat->nlink = 1; 128 + 129 + out: 71 130 revert_creds(old_cred); 131 + 72 132 return err; 73 133 } 74 134 ··· 363 303 .update_time = ovl_update_time, 364 304 }; 365 305 306 + /* 307 + * It is possible to stack overlayfs instance on top of another 308 + * overlayfs instance as lower layer. We need to annonate the 309 + * stackable i_mutex locks according to stack level of the super 310 + * block instance. An overlayfs instance can never be in stack 311 + * depth 0 (there is always a real fs below it). An overlayfs 312 + * inode lock will use the lockdep annotaion ovl_i_mutex_key[depth]. 313 + * 314 + * For example, here is a snip from /proc/lockdep_chains after 315 + * dir_iterate of nested overlayfs: 316 + * 317 + * [...] &ovl_i_mutex_dir_key[depth] (stack_depth=2) 318 + * [...] &ovl_i_mutex_dir_key[depth]#2 (stack_depth=1) 319 + * [...] &type->i_mutex_dir_key (stack_depth=0) 320 + */ 321 + #define OVL_MAX_NESTING FILESYSTEM_MAX_STACK_DEPTH 322 + 323 + static inline void ovl_lockdep_annotate_inode_mutex_key(struct inode *inode) 324 + { 325 + #ifdef CONFIG_LOCKDEP 326 + static struct lock_class_key ovl_i_mutex_key[OVL_MAX_NESTING]; 327 + static struct lock_class_key ovl_i_mutex_dir_key[OVL_MAX_NESTING]; 328 + 329 + int depth = inode->i_sb->s_stack_depth - 1; 330 + 331 + if (WARN_ON_ONCE(depth < 0 || depth >= OVL_MAX_NESTING)) 332 + depth = 0; 333 + 334 + if (S_ISDIR(inode->i_mode)) 335 + lockdep_set_class(&inode->i_rwsem, &ovl_i_mutex_dir_key[depth]); 336 + else 337 + lockdep_set_class(&inode->i_rwsem, &ovl_i_mutex_key[depth]); 338 + #endif 339 + } 340 + 366 341 static void ovl_fill_inode(struct inode *inode, umode_t mode, dev_t rdev) 367 342 { 368 343 inode->i_ino = get_next_ino(); ··· 406 311 #ifdef CONFIG_FS_POSIX_ACL 407 312 inode->i_acl = inode->i_default_acl = ACL_DONT_CACHE; 408 313 #endif 314 + 315 + ovl_lockdep_annotate_inode_mutex_key(inode); 409 316 410 317 switch (mode & S_IFMT) { 411 318 case S_IFREG:
+136 -5
fs/overlayfs/namei.c
··· 12 12 #include <linux/namei.h> 13 13 #include <linux/xattr.h> 14 14 #include <linux/ratelimit.h> 15 + #include <linux/mount.h> 16 + #include <linux/exportfs.h> 15 17 #include "overlayfs.h" 16 18 #include "ovl_entry.h" 17 19 ··· 81 79 invalid: 82 80 pr_warn_ratelimited("overlayfs: invalid redirect (%s)\n", buf); 83 81 goto err_free; 82 + } 83 + 84 + static int ovl_acceptable(void *ctx, struct dentry *dentry) 85 + { 86 + return 1; 87 + } 88 + 89 + static struct dentry *ovl_get_origin(struct dentry *dentry, 90 + struct vfsmount *mnt) 91 + { 92 + int res; 93 + struct ovl_fh *fh = NULL; 94 + struct dentry *origin = NULL; 95 + int bytes; 96 + 97 + res = vfs_getxattr(dentry, OVL_XATTR_ORIGIN, NULL, 0); 98 + if (res < 0) { 99 + if (res == -ENODATA || res == -EOPNOTSUPP) 100 + return NULL; 101 + goto fail; 102 + } 103 + /* Zero size value means "copied up but origin unknown" */ 104 + if (res == 0) 105 + return NULL; 106 + 107 + fh = kzalloc(res, GFP_TEMPORARY); 108 + if (!fh) 109 + return ERR_PTR(-ENOMEM); 110 + 111 + res = vfs_getxattr(dentry, OVL_XATTR_ORIGIN, fh, res); 112 + if (res < 0) 113 + goto fail; 114 + 115 + if (res < sizeof(struct ovl_fh) || res < fh->len) 116 + goto invalid; 117 + 118 + if (fh->magic != OVL_FH_MAGIC) 119 + goto invalid; 120 + 121 + /* Treat larger version and unknown flags as "origin unknown" */ 122 + if (fh->version > OVL_FH_VERSION || fh->flags & ~OVL_FH_FLAG_ALL) 123 + goto out; 124 + 125 + /* Treat endianness mismatch as "origin unknown" */ 126 + if (!(fh->flags & OVL_FH_FLAG_ANY_ENDIAN) && 127 + (fh->flags & OVL_FH_FLAG_BIG_ENDIAN) != OVL_FH_FLAG_CPU_ENDIAN) 128 + goto out; 129 + 130 + bytes = (fh->len - offsetof(struct ovl_fh, fid)); 131 + 132 + /* 133 + * Make sure that the stored uuid matches the uuid of the lower 134 + * layer where file handle will be decoded. 135 + */ 136 + if (uuid_be_cmp(fh->uuid, *(uuid_be *) &mnt->mnt_sb->s_uuid)) 137 + goto out; 138 + 139 + origin = exportfs_decode_fh(mnt, (struct fid *)fh->fid, 140 + bytes >> 2, (int)fh->type, 141 + ovl_acceptable, NULL); 142 + if (IS_ERR(origin)) { 143 + /* Treat stale file handle as "origin unknown" */ 144 + if (origin == ERR_PTR(-ESTALE)) 145 + origin = NULL; 146 + goto out; 147 + } 148 + 149 + if (ovl_dentry_weird(origin) || 150 + ((d_inode(origin)->i_mode ^ d_inode(dentry)->i_mode) & S_IFMT)) { 151 + dput(origin); 152 + origin = NULL; 153 + goto invalid; 154 + } 155 + 156 + out: 157 + kfree(fh); 158 + return origin; 159 + 160 + fail: 161 + pr_warn_ratelimited("overlayfs: failed to get origin (%i)\n", res); 162 + goto out; 163 + invalid: 164 + pr_warn_ratelimited("overlayfs: invalid origin (%*phN)\n", res, fh); 165 + goto out; 84 166 } 85 167 86 168 static bool ovl_is_opaquedir(struct dentry *dentry) ··· 278 192 return 0; 279 193 } 280 194 195 + 196 + static int ovl_check_origin(struct dentry *dentry, struct dentry *upperdentry, 197 + struct path **stackp, unsigned int *ctrp) 198 + { 199 + struct super_block *same_sb = ovl_same_sb(dentry->d_sb); 200 + struct ovl_entry *roe = dentry->d_sb->s_root->d_fsdata; 201 + struct vfsmount *mnt; 202 + struct dentry *origin; 203 + 204 + if (!same_sb || !roe->numlower) 205 + return 0; 206 + 207 + /* 208 + * Since all layers are on the same fs, we use the first layer for 209 + * decoding the file handle. We may get a disconnected dentry, 210 + * which is fine, because we only need to hold the origin inode in 211 + * cache and use its inode number. We may even get a connected dentry, 212 + * that is not under the first layer's root. That is also fine for 213 + * using it's inode number - it's the same as if we held a reference 214 + * to a dentry in first layer that was moved under us. 215 + */ 216 + mnt = roe->lowerstack[0].mnt; 217 + 218 + origin = ovl_get_origin(upperdentry, mnt); 219 + if (IS_ERR_OR_NULL(origin)) 220 + return PTR_ERR(origin); 221 + 222 + BUG_ON(*stackp || *ctrp); 223 + *stackp = kmalloc(sizeof(struct path), GFP_TEMPORARY); 224 + if (!*stackp) { 225 + dput(origin); 226 + return -ENOMEM; 227 + } 228 + **stackp = (struct path) { .dentry = origin, .mnt = mnt }; 229 + *ctrp = 1; 230 + 231 + return 0; 232 + } 233 + 281 234 /* 282 235 * Returns next layer in stack starting from top. 283 236 * Returns -1 if this is the last layer. ··· 345 220 const struct cred *old_cred; 346 221 struct ovl_fs *ofs = dentry->d_sb->s_fs_info; 347 222 struct ovl_entry *poe = dentry->d_parent->d_fsdata; 223 + struct ovl_entry *roe = dentry->d_sb->s_root->d_fsdata; 348 224 struct path *stack = NULL; 349 225 struct dentry *upperdir, *upperdentry = NULL; 350 226 unsigned int ctr = 0; ··· 379 253 err = -EREMOTE; 380 254 goto out; 381 255 } 256 + if (upperdentry && !d.is_dir) { 257 + BUG_ON(!d.stop || d.redirect); 258 + err = ovl_check_origin(dentry, upperdentry, 259 + &stack, &ctr); 260 + if (err) 261 + goto out; 262 + } 382 263 383 264 if (d.redirect) { 384 265 upperredirect = kstrdup(d.redirect, GFP_KERNEL); 385 266 if (!upperredirect) 386 267 goto out_put_upper; 387 268 if (d.redirect[0] == '/') 388 - poe = dentry->d_sb->s_root->d_fsdata; 269 + poe = roe; 389 270 } 390 271 upperopaque = d.opaque; 391 272 } ··· 423 290 if (d.stop) 424 291 break; 425 292 426 - if (d.redirect && 427 - d.redirect[0] == '/' && 428 - poe != dentry->d_sb->s_root->d_fsdata) { 429 - poe = dentry->d_sb->s_root->d_fsdata; 293 + if (d.redirect && d.redirect[0] == '/' && poe != roe) { 294 + poe = roe; 430 295 431 296 /* Find the current layer on the root dentry */ 432 297 for (i = 0; i < poe->numlower; i++)
+41
fs/overlayfs/overlayfs.h
··· 8 8 */ 9 9 10 10 #include <linux/kernel.h> 11 + #include <linux/uuid.h> 11 12 12 13 enum ovl_path_type { 13 14 __OVL_PATH_UPPER = (1 << 0), 14 15 __OVL_PATH_MERGE = (1 << 1), 16 + __OVL_PATH_ORIGIN = (1 << 2), 15 17 }; 16 18 17 19 #define OVL_TYPE_UPPER(type) ((type) & __OVL_PATH_UPPER) 18 20 #define OVL_TYPE_MERGE(type) ((type) & __OVL_PATH_MERGE) 21 + #define OVL_TYPE_ORIGIN(type) ((type) & __OVL_PATH_ORIGIN) 19 22 20 23 #define OVL_XATTR_PREFIX XATTR_TRUSTED_PREFIX "overlay." 21 24 #define OVL_XATTR_OPAQUE OVL_XATTR_PREFIX "opaque" 22 25 #define OVL_XATTR_REDIRECT OVL_XATTR_PREFIX "redirect" 26 + #define OVL_XATTR_ORIGIN OVL_XATTR_PREFIX "origin" 27 + 28 + /* 29 + * The tuple (fh,uuid) is a universal unique identifier for a copy up origin, 30 + * where: 31 + * origin.fh - exported file handle of the lower file 32 + * origin.uuid - uuid of the lower filesystem 33 + */ 34 + #define OVL_FH_VERSION 0 35 + #define OVL_FH_MAGIC 0xfb 36 + 37 + /* CPU byte order required for fid decoding: */ 38 + #define OVL_FH_FLAG_BIG_ENDIAN (1 << 0) 39 + #define OVL_FH_FLAG_ANY_ENDIAN (1 << 1) 40 + 41 + #define OVL_FH_FLAG_ALL (OVL_FH_FLAG_BIG_ENDIAN | OVL_FH_FLAG_ANY_ENDIAN) 42 + 43 + #if defined(__LITTLE_ENDIAN) 44 + #define OVL_FH_FLAG_CPU_ENDIAN 0 45 + #elif defined(__BIG_ENDIAN) 46 + #define OVL_FH_FLAG_CPU_ENDIAN OVL_FH_FLAG_BIG_ENDIAN 47 + #else 48 + #error Endianness not defined 49 + #endif 50 + 51 + /* On-disk and in-memeory format for redirect by file handle */ 52 + struct ovl_fh { 53 + u8 version; /* 0 */ 54 + u8 magic; /* 0xfb */ 55 + u8 len; /* size of this header + size of fid */ 56 + u8 flags; /* OVL_FH_FLAG_* */ 57 + u8 type; /* fid_type of fid */ 58 + uuid_be uuid; /* uuid of filesystem */ 59 + u8 fid[0]; /* file identifier */ 60 + } __packed; 23 61 24 62 #define OVL_ISUPPER_MASK 1UL 25 63 ··· 189 151 void ovl_drop_write(struct dentry *dentry); 190 152 struct dentry *ovl_workdir(struct dentry *dentry); 191 153 const struct cred *ovl_override_creds(struct super_block *sb); 154 + struct super_block *ovl_same_sb(struct super_block *sb); 192 155 struct ovl_entry *ovl_alloc_entry(unsigned int numlower); 193 156 bool ovl_dentry_remote(struct dentry *dentry); 194 157 bool ovl_dentry_weird(struct dentry *dentry); ··· 236 197 237 198 /* inode.c */ 238 199 int ovl_setattr(struct dentry *dentry, struct iattr *attr); 200 + int ovl_getattr(const struct path *path, struct kstat *stat, 201 + u32 request_mask, unsigned int flags); 239 202 int ovl_permission(struct inode *inode, int mask); 240 203 int ovl_xattr_set(struct dentry *dentry, const char *name, const void *value, 241 204 size_t size, int flags);
+2
fs/overlayfs/ovl_entry.h
··· 29 29 const struct cred *creator_cred; 30 30 bool tmpfile; 31 31 wait_queue_head_t copyup_wq; 32 + /* sb common to all layers */ 33 + struct super_block *same_sb; 32 34 }; 33 35 34 36 /* private information held for every overlayfs dentry */
+35 -5
fs/overlayfs/super.c
··· 49 49 } 50 50 } 51 51 52 + static int ovl_check_append_only(struct inode *inode, int flag) 53 + { 54 + /* 55 + * This test was moot in vfs may_open() because overlay inode does 56 + * not have the S_APPEND flag, so re-check on real upper inode 57 + */ 58 + if (IS_APPEND(inode)) { 59 + if ((flag & O_ACCMODE) != O_RDONLY && !(flag & O_APPEND)) 60 + return -EPERM; 61 + if (flag & O_TRUNC) 62 + return -EPERM; 63 + } 64 + 65 + return 0; 66 + } 67 + 52 68 static struct dentry *ovl_d_real(struct dentry *dentry, 53 69 const struct inode *inode, 54 70 unsigned int open_flags) 55 71 { 56 72 struct dentry *real; 73 + int err; 57 74 58 75 if (!d_is_reg(dentry)) { 59 76 if (!inode || inode == d_inode(dentry)) ··· 82 65 return dentry; 83 66 84 67 if (open_flags) { 85 - int err = ovl_open_maybe_copy_up(dentry, open_flags); 86 - 68 + err = ovl_open_maybe_copy_up(dentry, open_flags); 87 69 if (err) 88 70 return ERR_PTR(err); 89 71 } 90 72 91 73 real = ovl_dentry_upper(dentry); 92 - if (real && (!inode || inode == d_inode(real))) 74 + if (real && (!inode || inode == d_inode(real))) { 75 + if (!inode) { 76 + err = ovl_check_append_only(d_inode(real), open_flags); 77 + if (err) 78 + return ERR_PTR(err); 79 + } 93 80 return real; 81 + } 94 82 95 83 real = ovl_dentry_lower(dentry); 96 84 if (!real) ··· 731 709 732 710 static int ovl_fill_super(struct super_block *sb, void *data, int silent) 733 711 { 734 - struct path upperpath = { NULL, NULL }; 735 - struct path workpath = { NULL, NULL }; 712 + struct path upperpath = { }; 713 + struct path workpath = { }; 736 714 struct dentry *root_dentry; 737 715 struct inode *realinode; 738 716 struct ovl_entry *oe; ··· 914 892 915 893 ufs->lower_mnt[ufs->numlower] = mnt; 916 894 ufs->numlower++; 895 + 896 + /* Check if all lower layers are on same sb */ 897 + if (i == 0) 898 + ufs->same_sb = mnt->mnt_sb; 899 + else if (ufs->same_sb != mnt->mnt_sb) 900 + ufs->same_sb = NULL; 917 901 } 918 902 919 903 /* If the upper fs is nonexistent, we mark overlayfs r/o too */ 920 904 if (!ufs->upper_mnt) 921 905 sb->s_flags |= MS_RDONLY; 906 + else if (ufs->upper_mnt->mnt_sb != ufs->same_sb) 907 + ufs->same_sb = NULL; 922 908 923 909 if (remote) 924 910 sb->s_d_op = &ovl_reval_dentry_operations;
+14 -5
fs/overlayfs/util.c
··· 40 40 return override_creds(ofs->creator_cred); 41 41 } 42 42 43 + struct super_block *ovl_same_sb(struct super_block *sb) 44 + { 45 + struct ovl_fs *ofs = sb->s_fs_info; 46 + 47 + return ofs->same_sb; 48 + } 49 + 43 50 struct ovl_entry *ovl_alloc_entry(unsigned int numlower) 44 51 { 45 52 size_t size = offsetof(struct ovl_entry, lowerstack[numlower]); ··· 82 75 type = __OVL_PATH_UPPER; 83 76 84 77 /* 85 - * Non-dir dentry can hold lower dentry from previous 86 - * location. 78 + * Non-dir dentry can hold lower dentry of its copy up origin. 87 79 */ 88 - if (oe->numlower && d_is_dir(dentry)) 89 - type |= __OVL_PATH_MERGE; 80 + if (oe->numlower) { 81 + type |= __OVL_PATH_ORIGIN; 82 + if (d_is_dir(dentry)) 83 + type |= __OVL_PATH_MERGE; 84 + } 90 85 } else { 91 86 if (oe->numlower > 1) 92 87 type |= __OVL_PATH_MERGE; ··· 109 100 { 110 101 struct ovl_entry *oe = dentry->d_fsdata; 111 102 112 - *path = oe->numlower ? oe->lowerstack[0] : (struct path) { NULL, NULL }; 103 + *path = oe->numlower ? oe->lowerstack[0] : (struct path) { }; 113 104 } 114 105 115 106 enum ovl_path_type ovl_path_real(struct dentry *dentry, struct path *path)