From patchwork Mon May 1 13:42:00 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Amir Goldstein X-Patchwork-Id: 9706623 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8BAE360385 for ; Mon, 1 May 2017 13:42:24 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7E2B1205A8 for ; Mon, 1 May 2017 13:42:24 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 733232807E; Mon, 1 May 2017 13:42:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.5 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 23FF2205A8 for ; Mon, 1 May 2017 13:42:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1425536AbdEANmW (ORCPT ); Mon, 1 May 2017 09:42:22 -0400 Received: from mail-wm0-f65.google.com ([74.125.82.65]:35599 "EHLO mail-wm0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1424497AbdEANmO (ORCPT ); Mon, 1 May 2017 09:42:14 -0400 Received: by mail-wm0-f65.google.com with SMTP id d79so23553090wmi.2; Mon, 01 May 2017 06:42:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=j2T9NQR0PoCq2u0GYo3lT4a7O9gNlNc/shT2/iVLPSE=; b=hXCsn7Y2JNwiDtu6X2gXtBCzcatsHtQtr7Zcq6AUR/An0XnMnJel82dzX4t+nBF7+J hOCqOHoDRllCPTXdmIbmYietgB8HwJM88MarUUfU23jCO0qtpTnt+UdyH74Sy4jtSM6C hxhKOUIhb897E6zmMh6ALfzGn3P5B4szXiVhDwnr/7HR+Fwp1lyBD2gumodTaHtzP+yC LW7t5+6df1a+s5CnAOEzP4LbK37X0bDQqrNXj0dTuj1UIxqfjE/zgi7dP/NvuN25PkF4 QDJWOVUM+aMZjjwwWR3Zx/WZB/bSXo35E+6ECwphug44AI2undew6PrZ74yjCxpXn71l naUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=j2T9NQR0PoCq2u0GYo3lT4a7O9gNlNc/shT2/iVLPSE=; b=X+NR1JFYQp/b9OqelWdLkm16dawDmZN3l0i/bwTcvcTWanvqOKxqMPOq7msWuiV4uX ASjNS1va0Ikb5tynEIR4yCNckzTSUYtPUto9hnHKNVI102h1AMRrWuOC1uwu42/eZI01 Zv8X7KgMPyMtfngKC9Ff3TQ/FD0/LZpNKISrCmWXuYB6LRPrY5ahhIEnn/mtynZKaXqz eQ8bheAV9h12cjeeGcuQCFg593FLZSiOJDgYawRzZAgMFDORdPLpyey/drGvmgZFZgti Hu3q7oevpBpPhznqcofhWeoh9lw2e4/OiB0uqONrW+IlHQ4+AldZvullRdqSjhiyEpfA os/A== X-Gm-Message-State: AN3rC/4Hnpr8PV/bt9W5iqw2J4Vfg6/q4BBlJumAo6stB7ncKdQHdo4G 60ICzHQN4FuN8RHr X-Received: by 10.28.113.73 with SMTP id m70mr6940149wmc.12.1493646133122; Mon, 01 May 2017 06:42:13 -0700 (PDT) Received: from amir-VirtualBox.lan (bzq-79-179-55-127.red.bezeqint.net. [79.179.55.127]) by smtp.gmail.com with ESMTPSA id l82sm12532249wmf.17.2017.05.01.06.42.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 01 May 2017 06:42:12 -0700 (PDT) From: Amir Goldstein To: Miklos Szeredi Cc: Vivek Goyal , Al Viro , linux-unionfs@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH v4 09/15] ovl: validate lower layer uuid on redirect by fh Date: Mon, 1 May 2017 16:42:00 +0300 Message-Id: <1493646126-10101-10-git-send-email-amir73il@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1493646126-10101-1-git-send-email-amir73il@gmail.com> References: <1493646126-10101-1-git-send-email-amir73il@gmail.com> Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On copy up, we store in xattr overlay.origin the lower file handle along with the lower fs uuid. Before decoding the file handle in overlay.origin verify: - All lower layers are on the same fs - UUID of lower fs matches the stored uuid In the future we will support finding the lower layer by uuid so we won't have to require that all lower layers are on the same fs. Signed-off-by: Amir Goldstein --- fs/overlayfs/namei.c | 8 ++++++-- fs/overlayfs/super.c | 15 +++++++++++++-- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c index 695a78e..2be2917 100644 --- a/fs/overlayfs/namei.c +++ b/fs/overlayfs/namei.c @@ -343,8 +343,12 @@ static int ovl_find_layer_by_fh(struct dentry *dentry, int idx, { struct super_block *same_sb = ovl_same_sb(dentry->d_sb); - /* We only support redirect_fh when all layers are on the same fs */ - if (!same_sb) + /* + * We only support redirect_fh when all layers are on the same fs. + * Make sure that the stored uuid matches the uuid of the lower + * layer where file handle will be decoded. + */ + if (!same_sb || memcmp(same_sb->s_uuid, fh->uuid, sizeof(fh->uuid))) return -1; /* diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index de246a5..e639750 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c @@ -18,6 +18,7 @@ #include #include #include +#include #include "overlayfs.h" #include "ovl_entry.h" @@ -941,10 +942,20 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent) * Also, for NFS export of overlay, it is easier if all layers are on * the same fs, because then we can export the encoded file handle * without adding a layer descriptor to it. + * + * We use the lower fs uuid to validate that file handles are decoded + * from the same fs they were encoded from, so redirect_fh requires + * that the lower fs has filled a valid uuid in sb->s_uuid. */ if (ufs->same_sb && ufs->same_sb->s_export_op && - ufs->same_sb->s_export_op->fh_to_dentry) - ufs->redirect_fh = true; + ufs->same_sb->s_export_op->fh_to_dentry) { + uuid_le *uuid = (uuid_le *) ufs->same_lower_sb->s_uuid; + + if (uuid_le_cmp(*uuid, NULL_UUID_LE)) + ufs->redirect_fh = true; + else + pr_warn("overlayfs: lower fs needs to report s_uuid.\n"); + } if (remote) sb->s_d_op = &ovl_reval_dentry_operations;