Commit 61b67471 authored by Amir Goldstein's avatar Amir Goldstein Committed by Miklos Szeredi

ovl: do not cleanup directory and whiteout index entries

Directory index entries are going to be used for looking up
redirected upper dirs by lower dir fh when decoding an overlay
file handle of a merge dir.

Whiteout index entries are going to be used as an indication that
an exported overlay file handle should be treated as stale (i.e.
after unlink of the overlay inode).

We don't know the verification rules for directory and whiteout
index entries, because they have not been implemented yet, so fail
to mount overlay rw if those entries are found to avoid corrupting
an index that was created by a newer kernel.
Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
parent 1d88f183
...@@ -397,8 +397,19 @@ int ovl_verify_index(struct dentry *index, struct path *lowerstack, ...@@ -397,8 +397,19 @@ int ovl_verify_index(struct dentry *index, struct path *lowerstack,
if (!d_inode(index)) if (!d_inode(index))
return 0; return 0;
err = -EISDIR; /*
if (d_is_dir(index)) * Directory index entries are going to be used for looking up
* redirected upper dirs by lower dir fh when decoding an overlay
* file handle of a merge dir. Whiteout index entries are going to be
* used as an indication that an exported overlay file handle should
* be treated as stale (i.e. after unlink of the overlay inode).
* We don't know the verification rules for directory and whiteout
* index entries, because they have not been implemented yet, so return
* EROFS if those entries are found to avoid corrupting an index that
* was created by a newer kernel.
*/
err = -EROFS;
if (d_is_dir(index) || ovl_is_whiteout(index))
goto fail; goto fail;
err = -EINVAL; err = -EINVAL;
...@@ -436,8 +447,8 @@ int ovl_verify_index(struct dentry *index, struct path *lowerstack, ...@@ -436,8 +447,8 @@ int ovl_verify_index(struct dentry *index, struct path *lowerstack,
return err; return err;
fail: fail:
pr_warn_ratelimited("overlayfs: failed to verify index (%pd2, err=%i)\n", pr_warn_ratelimited("overlayfs: failed to verify index (%pd2, ftype=%x, err=%i)\n",
index, err); index, d_inode(index)->i_mode & S_IFMT, err);
goto out; goto out;
} }
......
...@@ -703,7 +703,10 @@ int ovl_indexdir_cleanup(struct dentry *dentry, struct vfsmount *mnt, ...@@ -703,7 +703,10 @@ int ovl_indexdir_cleanup(struct dentry *dentry, struct vfsmount *mnt,
err = PTR_ERR(index); err = PTR_ERR(index);
break; break;
} }
if (ovl_verify_index(index, lowerstack, numlower)) { err = ovl_verify_index(index, lowerstack, numlower);
if (err) {
if (err == -EROFS)
break;
err = ovl_cleanup(dir, index); err = ovl_cleanup(dir, index);
if (err) if (err)
break; break;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment