1. 16 12月, 2016 24 次提交
    • M
      ovl: redirect on rename-dir · a6c60655
      Miklos Szeredi 提交于
      Current code returns EXDEV when a directory would need to be copied up to
      move.  We could copy up the directory tree in this case, but there's
      another, simpler solution: point to old lower directory from moved upper
      directory.
      
      This is achieved with a "trusted.overlay.redirect" xattr storing the path
      relative to the root of the overlay.  After such attribute has been set,
      the directory can be moved without further actions required.
      
      This is a backward incompatible feature, old kernels won't be able to
      correctly mount an overlay containing redirected directories.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      a6c60655
    • M
      ovl: lookup redirects · 02b69b28
      Miklos Szeredi 提交于
      If a directory has the "trusted.overlay.redirect" xattr, it means that the
      value of the xattr should be used to find the underlying directory on the
      next lower layer.
      
      The redirect may be relative or absolute.  Absolute redirects begin with a
      slash.
      
      A relative redirect means: instead of the current dentry's name use the
      value of the redirect to find the directory in the next lower
      layer. Relative redirects must not contain a slash.
      
      An absolute redirect means: look up the directory relative to the root of
      the overlay using the value of the redirect in the next lower layer.
      
      Redirects work on lower layers as well.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      02b69b28
    • M
      ovl: consolidate lookup for underlying layers · e28edc46
      Miklos Szeredi 提交于
      Use a common helper for lookup of upper and lower layers.  This paves the
      way for looking up directory redirects.
      
      No functional change.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      e28edc46
    • A
      ovl: fix nested overlayfs mount · 48fab5d7
      Amir Goldstein 提交于
      When the upper overlayfs checks "trusted.overlay.*" xattr on the underlying
      overlayfs mount, it gets -EPERM, which confuses the upper overlayfs.
      
      Fix this by returning -EOPNOTSUPP instead of -EPERM from
      ovl_own_xattr_get() and ovl_own_xattr_set().  This behavior is consistent
      with the behavior of ovl_listxattr(), which filters out the private
      overlayfs xattrs.
      
      Note: nested overlays are deprecated.  But this change makes sense
      regardless: these xattrs are private to the overlay and should always be
      hidden.  Hence getting and setting them should indicate this.
      
      [SzMi: Use EOPNOTSUPP instead of ENODATA and use it for both getting and
      setting "trusted.overlay." xattrs.  This is a perfectly valid error code
      for "we don't support this prefix", which is the case here.]
      Signed-off-by: NAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      48fab5d7
    • M
      ovl: check namelen · 6b2d5fe4
      Miklos Szeredi 提交于
      We already calculate f_namelen in statfs as the maximum of the name lengths
      provided by the filesystems taking part in the overlay.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      6b2d5fe4
    • M
      ovl: split super.c · bbb1e54d
      Miklos Szeredi 提交于
      fs/overlayfs/super.c is the biggest of the overlayfs source files and it
      contains various utility functions as well as the rather complicated lookup
      code.  Split these parts out to separate files.
      
      Before:
      
       1446 fs/overlayfs/super.c
      
      After:
      
        919 fs/overlayfs/super.c
        267 fs/overlayfs/namei.c
        235 fs/overlayfs/util.c
         51 fs/overlayfs/ovl_entry.h
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      bbb1e54d
    • M
      ovl: use d_is_dir() · 2b8c30e9
      Miklos Szeredi 提交于
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      2b8c30e9
    • M
      ovl: simplify lookup · 8ee6059c
      Miklos Szeredi 提交于
      If encountering a non-directory, then stop looking at lower layers.
      
      In this case the oe->opaque flag is not set anymore, which doesn't matter
      since existence of lower file is now checked at remove/rename time.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      8ee6059c
    • M
      ovl: check lower existence of rename target · 3ee23ff1
      Miklos Szeredi 提交于
      Check if something exists on the lower layer(s) under the target or rename
      to decide if directory needs to be marked "opaque".
      
      Marking opaque is done before the rename, and on failure the marking was
      undone.  Also the opaque xattr was removed if the target didn't cover
      anything.
      
      This patch changes behavior so that removal of "opaque" is not done in
      either of the above cases.  This means that directory may have the opaque
      flag even if it doesn't cover anything.  However this shouldn't affect the
      performance or semantics of the overalay, while simplifying the code.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      3ee23ff1
    • M
      ovl: rename: simplify handling of lower/merged directory · 370e55ac
      Miklos Szeredi 提交于
      d_is_dir() is safe to call on a negative dentry.  Use this fact to simplify
      handling of the lower or merged directories.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      370e55ac
    • M
      ovl: get rid of PURE type · 38e813db
      Miklos Szeredi 提交于
      The remainging uses of __OVL_PATH_PURE can be replaced by
      ovl_dentry_is_opaque().
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      38e813db
    • M
      ovl: check lower existence when removing · 2aff4534
      Miklos Szeredi 提交于
      Currently ovl_lookup() checks existence of lower file even if there's a
      non-directory on upper (which is always opaque).  This is done so that
      remove can decide whether a whiteout is needed or not.
      
      It would be better to defer this check to unlink, since most of the time
      the gathered information about opaqueness will be unused.
      
      This adds a helper ovl_lower_positive() that checks if there's anything on
      the lower layer(s).
      
      The following patches also introduce changes to how the "opaque" attribute
      is updated on directories: this attribute is added when the directory is
      creted or moved over a whiteout or object covering something on the lower
      layer.  However following changes will allow the attribute to remain on the
      directory after being moved, even if the new location doesn't cover
      anything.  Because of this, we need to check lower layers even for opaque
      directories, so that whiteout is only created when necessary.
      
      This function will later be also used to decide about marking a directory
      opaque, so deal with negative dentries as well.  When dealing with
      negative, it's enough to check for being a whiteout
      
      If the dentry is positive but not upper then it also obviously needs
      whiteout/opaque.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      2aff4534
    • M
      ovl: add ovl_dentry_is_whiteout() · c412ce49
      Miklos Szeredi 提交于
      And use it instead of ovl_dentry_is_opaque() where appropriate.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      c412ce49
    • M
      ovl: don't check sticky · 99f5d08e
      Miklos Szeredi 提交于
      Since commit 07a2daab ("ovl: Copy up underlying inode's ->i_mode to
      overlay inode") sticky checking on overlay inode is performed by the vfs,
      so checking against sticky on underlying inode is not needed.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      99f5d08e
    • M
      ovl: don't check rename to self · 804032fa
      Miklos Szeredi 提交于
      This is redundant, the vfs already performed this check (and was broken,
      see commit 9409e22a ("vfs: rename: check backing inode being equal")).
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      804032fa
    • M
      ovl: treat special files like a regular fs · ca4c8a3a
      Miklos Szeredi 提交于
      No sense in opening special files on the underlying layers, they work just
      as well if opened on the overlay.
      
      Side effect is that it's no longer possible to connect one side of a pipe
      opened on overlayfs with the other side opened on the underlying layer.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      ca4c8a3a
    • M
      ovl: rename ovl_rename2() to ovl_rename() · 6c02cb59
      Miklos Szeredi 提交于
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      6c02cb59
    • A
      ovl: use vfs_clone_file_range() for copy up if possible · 2ea98466
      Amir Goldstein 提交于
      When copying up within the same fs, try to use vfs_clone_file_range().
      This is very efficient when lower and upper are on the same fs
      with file reflink support. If vfs_clone_file_range() fails for any
      reason, copy up falls back to the regular data copy code.
      
      Tested correct behavior when lower and upper are on:
      1. same ext4 (copy)
      2. same xfs + reflink patches + mkfs.xfs (copy)
      3. same xfs + reflink patches + mkfs.xfs -m reflink=1 (reflink)
      4. different xfs + reflink patches + mkfs.xfs -m reflink=1 (copy)
      
      For comparison, on my laptop, xfstest overlay/001 (copy up of large
      sparse files) takes less than 1 second in the xfs reflink setup vs.
      25 seconds on the rest of the setups.
      Signed-off-by: NAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      2ea98466
    • M
      Revert "ovl: get_write_access() in truncate" · 31c3a706
      Miklos Szeredi 提交于
      This reverts commit 03bea604.
      
      Commit 4d0c5ba2 ("vfs: do get_write_access() on upper layer of
      overlayfs") makes the writecount checks inside overlayfs superfluous, the
      file is already copied up and write access acquired on the upper inode when
      ovl_setattr is called with ATTR_SIZE.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      31c3a706
    • A
      vfs: fix vfs_clone_file_range() for overlayfs files · b335e9d9
      Amir Goldstein 提交于
      With overlayfs, it is wrong to compare file_inode(inode)->i_sb
      of regular files with those of non-regular files, because the
      former reference the real (upper/lower) sb and the latter reference
      the overlayfs sb.
      
      Move the test for same super block after the sanity tests for
      clone range of directory and non-regular file.
      
      This change fixes xfstest generic/157, which returned EXDEV instead
      of EISDIR/EINVAL in the following test cases over overlayfs:
      
        echo "Try to reflink a dir"
        _reflink_range $testdir1/dir1 0 $testdir1/file2 0 $blksz
      
        echo "Try to reflink a device"
        _reflink_range $testdir1/dev1 0 $testdir1/file2 0 $blksz
      Signed-off-by: NAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      b335e9d9
    • A
      vfs: call vfs_clone_file_range() under freeze protection · 031a072a
      Amir Goldstein 提交于
      Move sb_start_write()/sb_end_write() out of the vfs helper and up into the
      ioctl handler.
      Signed-off-by: NAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      031a072a
    • A
      vfs: allow vfs_clone_file_range() across mount points · 913b86e9
      Amir Goldstein 提交于
      FICLONE/FICLONERANGE ioctls return -EXDEV if src and dest
      files are not on the same mount point.
      Practically, clone only requires that src and dest files
      are on the same file system.
      
      Move the check for same mount point to ioctl handler and keep
      only the check for same super block in the vfs helper.
      
      A following patch is going to use the vfs_clone_file_range()
      helper in overlayfs to copy up between lower and upper
      mount points on the same file system.
      Signed-off-by: NAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      913b86e9
    • M
      vfs: no mnt_want_write_file() in vfs_{copy,clone}_file_range() · 3616119d
      Miklos Szeredi 提交于
      We've checked for file_out being opened for write.  This ensures that we
      already have mnt_want_write() on target.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      3616119d
    • M
      Revert "vfs: rename: check backing inode being equal" · 8d3e2936
      Miklos Szeredi 提交于
      This reverts commit 9409e22a.
      
      Since commit 51f7e52d ("ovl: share inode for hard link") there's no
      need to call d_real_inode() to check two overlay inodes for equality.
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      8d3e2936
  2. 01 12月, 2016 1 次提交
  3. 29 11月, 2016 4 次提交
    • M
      ovl: fix d_real() for stacked fs · c4fcfc16
      Miklos Szeredi 提交于
      Handling of recursion in d_real() is completely broken.  Recursion is only
      done in the 'inode != NULL' case.  But when opening the file we have
      'inode == NULL' hence d_real() will return an overlay dentry.  This won't
      work since overlayfs doesn't define its own file operations, so all file
      ops will fail.
      
      Fix by doing the recursion first and the check against the inode second.
      
      Bash script to reproduce the issue written by Quentin:
      
       - 8< - - - - - 8< - - - - - 8< - - - - - 8< - - - -
      tmpdir=$(mktemp -d)
      pushd ${tmpdir}
      
      mkdir -p {upper,lower,work}
      echo -n 'rocks' > lower/ksplice
      mount -t overlay level_zero upper -o lowerdir=lower,upperdir=upper,workdir=work
      cat upper/ksplice
      
      tmpdir2=$(mktemp -d)
      pushd ${tmpdir2}
      
      mkdir -p {upper,work}
      mount -t overlay level_one upper -o lowerdir=${tmpdir}/upper,upperdir=upper,workdir=work
      ls -l upper/ksplice
      cat upper/ksplice
       - 8< - - - - - 8< - - - - - 8< - - - - - 8< - - - - 
      Reported-by: NQuentin Casasnovas <quentin.casasnovas@oracle.com>
      Signed-off-by: NMiklos Szeredi <mszeredi@redhat.com>
      Fixes: 2d902671 ("vfs: merge .d_select_inode() into .d_real()")
      Cc: <stable@vger.kernel.org> # v4.8+
      c4fcfc16
    • E
      CIFS: iterate over posix acl xattr entry correctly in ACL_to_cifs_posix() · ae9ebe7c
      Eryu Guan 提交于
      Commit 2211d5ba ("posix_acl: xattr representation cleanups")
      removes the typedefs and the zero-length a_entries array in struct
      posix_acl_xattr_header, and uses bare struct posix_acl_xattr_header
      and struct posix_acl_xattr_entry directly.
      
      But it failed to iterate over posix acl slots when converting posix
      acls to CIFS format, which results in several test failures in
      xfstests (generic/053 generic/105) when testing against a samba v1
      server, starting from v4.9-rc1 kernel. e.g.
      
        [root@localhost xfstests]# diff -u tests/generic/105.out /root/xfstests/results//generic/105.out.bad
        --- tests/generic/105.out       2016-09-19 16:33:28.577962575 +0800
        +++ /root/xfstests/results//generic/105.out.bad 2016-10-22 15:41:15.201931110 +0800
        @@ -1,3 +1,4 @@
         QA output created by 105
         -rw-r--r-- root
        +setfacl: subdir: Invalid argument
         -rw-r--r-- root
      
      Fix it by introducing a new "ace" var, like what
      cifs_copy_posix_acl() does, and iterating posix acl xattr entries
      over it in the for loop.
      Signed-off-by: NEryu Guan <guaneryu@gmail.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      ae9ebe7c
    • S
      Call echo service immediately after socket reconnect · b8c60012
      Sachin Prabhu 提交于
      Commit 4fcd1813 ("Fix reconnect to not defer smb3 session reconnect
      long after socket reconnect") changes the behaviour of the SMB2 echo
      service and causes it to renegotiate after a socket reconnect. However
      under default settings, the echo service could take up to 120 seconds to
      be scheduled.
      
      The patch forces the echo service to be called immediately resulting a
      negotiate call being made immediately on reconnect.
      Signed-off-by: NSachin Prabhu <sprabhu@redhat.com>
      Reviewed-by: NPavel Shilovsky <pshilov@microsoft.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      b8c60012
    • S
      CIFS: Fix BUG() in calc_seckey() · 5f4b5569
      Sachin Prabhu 提交于
      Andy Lutromirski's new virtually mapped kernel stack allocations moves
      kernel stacks the vmalloc area. This triggers the bug
       kernel BUG at ./include/linux/scatterlist.h:140!
      at calc_seckey()->sg_init()
      Signed-off-by: NSachin Prabhu <sprabhu@redhat.com>
      Signed-off-by: NSteve French <smfrench@gmail.com>
      Reviewed-by: NJeff Layton <jlayton@redhat.com>
      5f4b5569
  4. 27 11月, 2016 1 次提交
  5. 23 11月, 2016 1 次提交
    • A
      NFSv4.x: hide array-bounds warning · d55b352b
      Arnd Bergmann 提交于
      A correct bugfix introduced a harmless warning that shows up with gcc-7:
      
      fs/nfs/callback.c: In function 'nfs_callback_up':
      fs/nfs/callback.c:214:14: error: array subscript is outside array bounds [-Werror=array-bounds]
      
      What happens here is that the 'minorversion == 0' check tells the
      compiler that we assume minorversion can be something other than 0,
      but when CONFIG_NFS_V4_1 is disabled that would be invalid and
      result in an out-of-bounds access.
      
      The added check for IS_ENABLED(CONFIG_NFS_V4_1) tells gcc that this
      really can't happen, which makes the code slightly smaller and also
      avoids the warning.
      
      The bugfix that introduced the warning is marked for stable backports,
      we want this one backported to the same releases.
      
      Fixes: 98b0f80c ("NFSv4.x: Fix a refcount leak in nfs_callback_up_net")
      Cc: stable@vger.kernel.org # v3.7+
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NAnna Schumaker <Anna.Schumaker@Netapp.com>
      d55b352b
  6. 22 11月, 2016 1 次提交
  7. 20 11月, 2016 3 次提交
  8. 19 11月, 2016 4 次提交
  9. 17 11月, 2016 1 次提交
    • A
      xattr: Fix setting security xattrs on sockfs · 4a590153
      Andreas Gruenbacher 提交于
      The IOP_XATTR flag is set on sockfs because sockfs supports getting the
      "system.sockprotoname" xattr.  Since commit 6c6ef9f2, this flag is checked for
      setxattr support as well.  This is wrong on sockfs because security xattr
      support there is supposed to be provided by security_inode_setsecurity.  The
      smack security module relies on socket labels (xattrs).
      
      Fix this by adding a security xattr handler on sockfs that returns
      -EAGAIN, and by checking for -EAGAIN in setxattr.
      
      We cannot simply check for -EOPNOTSUPP in setxattr because there are
      filesystems that neither have direct security xattr support nor support
      via security_inode_setsecurity.  A more proper fix might be to move the
      call to security_inode_setsecurity into sockfs, but it's not clear to me
      if that is safe: we would end up calling security_inode_post_setxattr after
      that as well.
      Signed-off-by: NAndreas Gruenbacher <agruenba@redhat.com>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      4a590153