hamza.kesraoui/sst-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

overlayfs fixes for 5.19-rc7

Browse Source 
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQSQHSd0lITzzeNWNm3h3BK/laaZPAUCYs11GgAKCRDh3BK/laaZ
 PAD3APsHu08aHid5O/zPnD/90BNqAo3ruvu2WhI5wa8Dacd5SwEAgoSlH2Tx3iy9
 4zWK4zZX98qAGyI+ij5aejc0TvONqAE=
 =4KjV
 -----END PGP SIGNATURE-----

Merge tag 'ovl-fixes-5.19-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs

Pull overlayfs fix from Miklos Szeredi:
 "Add a temporary fix for posix acls on idmapped mounts introduced in
  this cycle. A proper fix will be added in the next cycle"

* tag 'ovl-fixes-5.19-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
  ovl: turn off SB_POSIXACL with idmapped layers temporarily
This commit is contained in:
Linus Torvalds 2022-07-12 08:59:35 -07:00
commit 72a8e05d4f
2 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Documentation/filesystems/overlayfs.rst
View File

@ -466,6 +466,10 @@ overlay filesystem and the value of st_ino for filesystem objects may not be
persistent and could change even while the overlay filesystem is mounted, as persistent and could change even while the overlay filesystem is mounted, as
summarized in the `Inode properties`_ table above. summarized in the `Inode properties`_ table above.
4) "idmapped mounts"
When the upper or lower layers are idmapped mounts overlayfs will be mounted
without support for POSIX Access Control Lists (ACLs). This limitation will
eventually be lifted.
Changes to underlying filesystems Changes to underlying filesystems
--------------------------------- ---------------------------------

25
fs/overlayfs/super.c
View File

@ -1003,6 +1003,9 @@ ovl_posix_acl_xattr_get(const struct xattr_handler *handler,
struct dentry *dentry, struct inode *inode, struct dentry *dentry, struct inode *inode,
const char *name, void *buffer, size_t size) const char *name, void *buffer, size_t size)
{ {
if (!IS_POSIXACL(inode))
return -EOPNOTSUPP;
return ovl_xattr_get(dentry, inode, handler->name, buffer, size); return ovl_xattr_get(dentry, inode, handler->name, buffer, size);
} }
@ -1018,6 +1021,9 @@ ovl_posix_acl_xattr_set(const struct xattr_handler *handler,
struct posix_acl *acl = NULL; struct posix_acl *acl = NULL;
int err; int err;
if (!IS_POSIXACL(inode))
return -EOPNOTSUPP;
/* Check that everything is OK before copy-up */ /* Check that everything is OK before copy-up */
if (value) { if (value) {
acl = posix_acl_from_xattr(&init_user_ns, value, size); acl = posix_acl_from_xattr(&init_user_ns, value, size);
@ -1960,6 +1966,20 @@ static struct dentry *ovl_get_root(struct super_block *sb,
return root; return root;
} }
static bool ovl_has_idmapped_layers(struct ovl_fs *ofs)
{
unsigned int i;
const struct vfsmount *mnt;
for (i = 0; i < ofs->numlayer; i++) {
mnt = ofs->layers[i].mnt;
if (mnt && is_idmapped_mnt(mnt))
return true;
}
return false;
}
static int ovl_fill_super(struct super_block *sb, void *data, int silent) static int ovl_fill_super(struct super_block *sb, void *data, int silent)
{ {
struct path upperpath = { }; struct path upperpath = { };
@ -2129,7 +2149,10 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
sb->s_xattr = ofs->config.userxattr ? ovl_user_xattr_handlers : sb->s_xattr = ofs->config.userxattr ? ovl_user_xattr_handlers :
ovl_trusted_xattr_handlers; ovl_trusted_xattr_handlers;
sb->s_fs_info = ofs; sb->s_fs_info = ofs;
sb->s_flags |= SB_POSIXACL; if (ovl_has_idmapped_layers(ofs))
pr_warn("POSIX ACLs are not yet supported with idmapped layers, mounting without ACL support.\n");
else
sb->s_flags |= SB_POSIXACL;
sb->s_iflags |= SB_I_SKIP_SYNC; sb->s_iflags |= SB_I_SKIP_SYNC;
err = -ENOMEM; err = -ENOMEM;