1. 20 Jul, 2018 10 commits
    • Vivek Goyal's avatar
      ovl: Modify ovl_lookup() and friends to lookup metacopy dentry · 9d3dfea3
      Vivek Goyal authored
      This patch modifies ovl_lookup() and friends to lookup metacopy dentries.
      It also allows for presence of metacopy dentries in lower layer.
      
      During lookup, check for presence of OVL_XATTR_METACOPY and if not present,
      set OVL_UPPERDATA bit in flags.
      
      We don't support metacopy feature with nfs_export.  So in nfs_export code,
      we set OVL_UPPERDATA flag set unconditionally if upper inode exists.
      
      Do not follow metacopy origin if we find a metacopy only inode and metacopy
      feature is not enabled for that mount.  Like redirect, this can have
      security implications where an attacker could hand craft upper and try to
      gain access to file on lower which it should not have to begin with.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      9d3dfea3
    • Vivek Goyal's avatar
      ovl: Use out_err instead of out_nomem · 027065b7
      Vivek Goyal authored
      Right now we use goto out_nomem which assumes error code is -ENOMEM.  But
      there are other errors returned like -ESTALE as well.  So instead of
      out_nomem, use out_err which will do ERR_PTR(err).  That way one can put
      error code in err and jump to out_err.
      
      This just code reorganization and no change of functionality.
      
      I am about to add more code and this organization helps laying more code
      and error paths on top of it.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      027065b7
    • Vivek Goyal's avatar
      ovl: A new xattr OVL_XATTR_METACOPY for file on upper · 0c288874
      Vivek Goyal authored
      Now we will have the capability to have upper inodes which might be only
      metadata copy up and data is still on lower inode.  So add a new xattr
      OVL_XATTR_METACOPY to distinguish between two cases.
      
      Presence of OVL_XATTR_METACOPY reflects that file has been copied up
      metadata only and and data will be copied up later from lower origin.  So
      this xattr is set when a metadata copy takes place and cleared when data
      copy takes place.
      
      We also use a bit in ovl_inode->flags to cache OVL_UPPERDATA which reflects
      whether ovl inode has data or not (as opposed to metadata only copy up).
      
      If a file is copied up metadata only and later when same file is opened for
      WRITE, then data copy up takes place.  We copy up data, remove METACOPY
      xattr and then set the UPPERDATA flag in ovl_inode->flags.  While all these
      operations happen with oi->lock held, read side of oi->flags can be
      lockless.  That is another thread on another cpu can check if UPPERDATA
      flag is set or not.
      
      So this gives us an ordering requirement w.r.t UPPERDATA flag.  That is, if
      another cpu sees UPPERDATA flag set, then it should be guaranteed that
      effects of data copy up and remove xattr operations are also visible.
      
      For example.
      
      	CPU1				CPU2
      ovl_open()				acquire(oi->lock)
       ovl_open_maybe_copy_up()                ovl_copy_up_data()
        open_open_need_copy_up()		 vfs_removexattr()
         ovl_already_copied_up()
          ovl_dentry_needs_data_copy_up()	 ovl_set_flag(OVL_UPPERDATA)
           ovl_test_flag(OVL_UPPERDATA)       release(oi->lock)
      
      Say CPU2 is copying up data and in the end sets UPPERDATA flag.  But if
      CPU1 perceives the effects of setting UPPERDATA flag but not the effects of
      preceding operations (ex. upper that is not fully copied up), it will be a
      problem.
      
      Hence this patch introduces smp_wmb() on setting UPPERDATA flag operation
      and smp_rmb() on UPPERDATA flag test operation.
      
      May be some other lock or barrier is already covering it. But I am not sure
      what that is and is it obvious enough that we will not break it in future.
      
      So hence trying to be safe here and introducing barriers explicitly for
      UPPERDATA flag/bit.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      0c288874
    • Vivek Goyal's avatar
      ovl: Add helper ovl_already_copied_up() · 2002df85
      Vivek Goyal authored
      There are couple of places where we need to know if file is already copied
      up (in lockless manner).  Right now its open coded and there are only two
      conditions to check.  Soon this patch series will introduce another
      condition to check and Amir wants to introduce one more.  So introduce a
      helper instead to check this so that code is easier to read.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      2002df85
    • Vivek Goyal's avatar
      ovl: Copy up only metadata during copy up where it makes sense · 44d5bf10
      Vivek Goyal authored
      If it makes sense to copy up only metadata during copy up, do it.  This is
      done for regular files which are not opened for WRITE.
      
      Right now ->metacopy is set to 0 always.  Last patch in the series will
      remove the hard coded statement and enable metacopy feature.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      44d5bf10
    • Vivek Goyal's avatar
      ovl: During copy up, first copy up metadata and then data · bd64e575
      Vivek Goyal authored
      Just a little re-ordering of code.  This helps with next patch where after
      copying up metadata, we skip data copying step, if needed.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      bd64e575
    • Vivek Goyal's avatar
      ovl: Provide a mount option metacopy=on/off for metadata copyup · d5791044
      Vivek Goyal authored
      By default metadata only copy up is disabled.  Provide a mount option so
      that users can choose one way or other.
      
      Also provide a kernel config and module option to enable/disable metacopy
      feature.
      
      metacopy feature requires redirect_dir=on when upper is present.
      Otherwise, it requires redirect_dir=follow atleast.
      
      As of now, metacopy does not work with nfs_export=on.  So if both
      metacopy=on and nfs_export=on then nfs_export is disabled.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      d5791044
    • Vivek Goyal's avatar
      ovl: Move the copy up helpers to copy_up.c · d6eac039
      Vivek Goyal authored
      Right now two copy up helpers are in inode.c.  Amir suggested it might be
      better to move these to copy_up.c.
      
      There will one more related function which will come in later patch.
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      d6eac039
    • Vivek Goyal's avatar
      ovl: Initialize ovl_inode->redirect in ovl_get_inode() · 9cec54c8
      Vivek Goyal authored
      ovl_inode->redirect is an inode property and should be initialized in
      ovl_get_inode() only when we are adding a new inode to cache.  If inode is
      already in cache, it is already initialized and we should not be touching
      ovl_inode->redirect field.
      
      As of now this is not a problem as redirects are used only for directories
      which don't share inode.  But soon I want to use redirects for regular
      files also and there it can become an issue.
      
      Hence, move ->redirect initialization in ovl_get_inode().
      Signed-off-by: default avatarVivek Goyal <vgoyal@redhat.com>
      Reviewed-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      9cec54c8
    • Miklos Szeredi's avatar
      ovl: fix documentation of non-standard behavior · 0c31d675
      Miklos Szeredi authored
      We can now drop description of the ro/rw inconsistency from the
      documentation.
      
      Also clarify, that now fully standard compliant behavior can be enabled
      with kernel/module/mount options.
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      0c31d675
  2. 18 Jul, 2018 30 commits