1. 25 Jun, 2019 8 commits
    • Miklos Szeredi's avatar
      ovl: don't fail with disconnected lower NFS · 639e8c2f
      Miklos Szeredi authored
      [ Upstream commit 9179c21d ]
      
      NFS mounts can be disconnected from fs root.  Don't fail the overlapping
      layer check because of this.
      
      The check is not authoritative anyway, since topology can change during or
      after the check.
      Reported-by: default avatarAntti Antinoja <antti@fennosys.fi>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Fixes: 146d62e5 ("ovl: detect overlapping layers")
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      639e8c2f
    • Amir Goldstein's avatar
      ovl: detect overlapping layers · f1c5aa5e
      Amir Goldstein authored
      [ Upstream commit 146d62e5 ]
      
      Overlapping overlay layers are not supported and can cause unexpected
      behavior, but overlayfs does not currently check or warn about these
      configurations.
      
      User is not supposed to specify the same directory for upper and
      lower dirs or for different lower layers and user is not supposed to
      specify directories that are descendants of each other for overlay
      layers, but that is exactly what this zysbot repro did:
      
          https://syzkaller.appspot.com/x/repro.syz?x=12c7a94f400000
      
      Moving layer root directories into other layers while overlayfs
      is mounted could also result in unexpected behavior.
      
      This commit places "traps" in the overlay inode hash table.
      Those traps are dummy overlay inodes that are hashed by the layers
      root inodes.
      
      On mount, the hash table trap entries are used to verify that overlay
      layers are not overlapping.  While at it, we also verify that overlay
      layers are not overlapping with directories "in-use" by other overlay
      instances as upperdir/workdir.
      
      On lookup, the trap entries are used to verify that overlay layers
      root inodes have not been moved into other layers after mount.
      
      Some examples:
      
      $ ./run --ov --samefs -s
      ...
      ( mkdir -p base/upper/0/u base/upper/0/w base/lower lower upper mnt
        mount -o bind base/lower lower
        mount -o bind base/upper upper
        mount -t overlay none mnt ...
              -o lowerdir=lower,upperdir=upper/0/u,workdir=upper/0/w)
      
      $ umount mnt
      $ mount -t overlay none mnt ...
              -o lowerdir=base,upperdir=upper/0/u,workdir=upper/0/w
      
        [   94.434900] overlayfs: overlapping upperdir path
        mount: mount overlay on mnt failed: Too many levels of symbolic links
      
      $ mount -t overlay none mnt ...
              -o lowerdir=upper/0/u,upperdir=upper/0/u,workdir=upper/0/w
      
        [  151.350132] overlayfs: conflicting lowerdir path
        mount: none is already mounted or mnt busy
      
      $ mount -t overlay none mnt ...
              -o lowerdir=lower:lower/a,upperdir=upper/0/u,workdir=upper/0/w
      
        [  201.205045] overlayfs: overlapping lowerdir path
        mount: mount overlay on mnt failed: Too many levels of symbolic links
      
      $ mount -t overlay none mnt ...
              -o lowerdir=lower,upperdir=upper/0/u,workdir=upper/0/w
      $ mv base/upper/0/ base/lower/
      $ find mnt/0
        mnt/0
        mnt/0/w
        find: 'mnt/0/w/work': Too many levels of symbolic links
        find: 'mnt/0/u': Too many levels of symbolic links
      
      Reported-by: syzbot+9c69c282adc4edd2b540@syzkaller.appspotmail.com
      Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      f1c5aa5e
    • Amir Goldstein's avatar
      ovl: make i_ino consistent with st_ino in more cases · a00f405e
      Amir Goldstein authored
      [ Upstream commit 6dde1e42 ]
      
      Relax the condition that overlayfs supports nfs export, to require
      that i_ino is consistent with st_ino/d_ino.
      
      It is enough to require that st_ino and d_ino are consistent.
      
      This fixes the failure of xfstest generic/504, due to mismatch of
      st_ino to inode number in the output of /proc/locks.
      
      Fixes: 12574a9f ("ovl: consistent i_ino for non-samefs with xino")
      Cc: <stable@vger.kernel.org> # v4.19
      Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      a00f405e
    • Amir Goldstein's avatar
      ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls · d6623379
      Amir Goldstein authored
      [ Upstream commit 941d935a ]
      
      The ioctl argument was parsed as the wrong type.
      
      Fixes: b21d9c43 ("ovl: support the FS_IOC_FS[SG]ETXATTR ioctls")
      Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      d6623379
    • Amir Goldstein's avatar
      ovl: support the FS_IOC_FS[SG]ETXATTR ioctls · 3cb5d7fa
      Amir Goldstein authored
      [ Upstream commit b21d9c43 ]
      
      They are the extended version of FS_IOC_FS[SG]ETFLAGS ioctls.
      xfs_io -c "chattr <flags>" uses the new ioctls for setting flags.
      
      This used to work in kernel pre v4.19, before stacked file ops
      introduced the ovl_ioctl whitelist.
      Reported-by: default avatarDave Chinner <david@fromorbit.com>
      Fixes: d1d04ef8 ("ovl: stack file ops")
      Cc: <stable@vger.kernel.org> # v4.19
      Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      3cb5d7fa
    • Linus Torvalds's avatar
      gcc-9: silence 'address-of-packed-member' warning · 76343a13
      Linus Torvalds authored
      commit 6f303d60 upstream.
      
      We already did this for clang, but now gcc has that warning too.  Yes,
      yes, the address may be unaligned.  And that's kind of the point.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      76343a13
    • Allan Xavier's avatar
      objtool: Support per-function rodata sections · 6a997c3a
      Allan Xavier authored
      commit 4a60aa05 upstream.
      
      Add support for processing switch jump tables in objects with multiple
      .rodata sections, such as those created by '-ffunction-sections' and
      '-fdata-sections'.  Currently, objtool always looks in .rodata for jump
      table information, which results in many "sibling call from callable
      instruction with modified stack frame" warnings with objects compiled
      using those flags.
      
      The fix is comprised of three parts:
      
      1. Flagging all .rodata sections when importing ELF information for
         easier checking later.
      
      2. Keeping a reference to the section each relocation is from in order
         to get the list_head for the other relocations in that section.
      
      3. Finding jump tables by following relocations to .rodata sections,
         rather than always referencing a single global .rodata section.
      
      The patch has been tested without data sections enabled and no
      differences in the resulting orc unwind information were seen.
      
      Note that as objtool adds terminators to end of each .text section the
      unwind information generated between a function+data sections build and
      a normal build aren't directly comparable. Manual inspection suggests
      that objtool is now generating the correct information, or at least
      making more of an effort to do so than it did previously.
      Signed-off-by: default avatarAllan Xavier <allan.x.xavier@oracle.com>
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Link: https://lkml.kernel.org/r/099bdc375195c490dda04db777ee0b95d566ded1.1536325914.git.jpoimboe@redhat.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      6a997c3a
    • Miguel Ojeda's avatar
      tracing: Silence GCC 9 array bounds warning · c493ead3
      Miguel Ojeda authored
      commit 0c97bf86 upstream.
      
      Starting with GCC 9, -Warray-bounds detects cases when memset is called
      starting on a member of a struct but the size to be cleared ends up
      writing over further members.
      
      Such a call happens in the trace code to clear, at once, all members
      after and including `seq` on struct trace_iterator:
      
          In function 'memset',
              inlined from 'ftrace_dump' at kernel/trace/trace.c:8914:3:
          ./include/linux/string.h:344:9: warning: '__builtin_memset' offset
          [8505, 8560] from the object at 'iter' is out of the bounds of
          referenced subobject 'seq' with type 'struct trace_seq' at offset
          4368 [-Warray-bounds]
            344 |  return __builtin_memset(p, c, size);
                |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      In order to avoid GCC complaining about it, we compute the address
      ourselves by adding the offsetof distance instead of referring
      directly to the member.
      
      Since there are two places doing this clear (trace.c and trace_kdb.c),
      take the chance to move the workaround into a single place in
      the internal header.
      
      Link: http://lkml.kernel.org/r/20190523124535.GA12931@gmail.comSigned-off-by: default avatarMiguel Ojeda <miguel.ojeda.sandonis@gmail.com>
      [ Removed unnecessary parenthesis around "iter" ]
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      c493ead3
  2. 22 Jun, 2019 32 commits