summaryrefslogtreecommitdiff
path: root/fs/overlayfs
diff options
context:
space:
mode:
authorAmir Goldstein <amir73il@gmail.com>2018-01-11 11:03:13 +0200
committerMiklos Szeredi <mszeredi@redhat.com>2018-01-24 11:25:53 +0100
commit7db25d36d9253c58afd3db837dd53e66ae3b1ac9 (patch)
tree185fe698004d3c34b16dcbc27ef457f615b50cbc /fs/overlayfs
parentad1d615cec1c973aa222c065997a77e7cd5a0d17 (diff)
ovl: verify whiteout index entries on mount
Whiteout index entries are used as an indication that an exported overlay file handle should be treated as stale (i.e. after unlink of the overlay inode). Check on mount that whiteout index entries have a name that looks like a valid file handle and cleanup invalid index entries. For whiteout index entries, do not check that they also have valid origin fh and nlink xattr, because those xattr do not exist for a whiteout index entry. Signed-off-by: Amir Goldstein <amir73il@gmail.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'fs/overlayfs')
-rw-r--r--fs/overlayfs/namei.c21
1 files changed, 13 insertions, 8 deletions
diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c
index b00d909e7326..c6c79753b3b3 100644
--- a/fs/overlayfs/namei.c
+++ b/fs/overlayfs/namei.c
@@ -439,16 +439,13 @@ int ovl_verify_index(struct ovl_fs *ofs, struct dentry *index)
/*
* Directory index entries are going to be used for looking up
* redirected upper dirs by lower dir fh when decoding an overlay
- * file handle of a merge dir. Whiteout index entries are going to be
- * used as an indication that an exported overlay file handle should
- * be treated as stale (i.e. after unlink of the overlay inode).
- * We don't know the verification rules for directory and whiteout
- * index entries, because they have not been implemented yet, so return
- * EINVAL if those entries are found to abort the mount to avoid
- * corrupting an index that was created by a newer kernel.
+ * file handle of a merge dir. We don't know the verification rules
+ * for directory index entries, because they have not been implemented
+ * yet, so return EINVAL if those entries are found to abort the mount
+ * and to avoid corrupting an index that was created by a newer kernel.
*/
err = -EINVAL;
- if (d_is_dir(index) || ovl_is_whiteout(index))
+ if (d_is_dir(index))
goto fail;
if (index->d_name.len < sizeof(struct ovl_fh)*2)
@@ -468,6 +465,14 @@ int ovl_verify_index(struct ovl_fs *ofs, struct dentry *index)
if (err)
goto fail;
+ /*
+ * Whiteout index entries are used as an indication that an exported
+ * overlay file handle should be treated as stale (i.e. after unlink
+ * of the overlay inode). These entries contain no origin xattr.
+ */
+ if (ovl_is_whiteout(index))
+ goto out;
+
err = ovl_verify_fh(index, OVL_XATTR_ORIGIN, fh);
if (err)
goto fail;