From: Vivek Goyal <vgoyal@redhat.com>
To: Amir Goldstein <amir73il@gmail.com>
Cc: overlayfs <linux-unionfs@vger.kernel.org>,
Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: [PATCH 04/13] ovl: Provide a mount option metacopy=on/off for metadata copyup
Date: Thu, 26 Oct 2017 09:15:05 -0400 [thread overview]
Message-ID: <20171026131505.GB28005@redhat.com> (raw)
In-Reply-To: <CAOQ4uxhV3-8ytms+M5n2QVYGmZJNL527H7KYpXnzbE93fOsBdA@mail.gmail.com>
On Thu, Oct 26, 2017 at 08:39:28AM +0300, Amir Goldstein wrote:
> On Wed, Oct 25, 2017 at 10:09 PM, Vivek Goyal <vgoyal@redhat.com> wrote:
> > By default metadata only copy up is disabled. Provide a mount option so
> > that users can choose one way or other.
> >
> > Also provide a kernel config and module option to enable/disable
> > metacopy feature.
> >
> > Like index feature, when overlay is mounted, on root upper directory we
> > set ORIGIN which points to lower. And at later mount time it is verified
> > again. This hopes to get the configuration right. But this does only so
> > much as we don't verify all the lowers. So it is possible that a lower is
> > missing and later data copy up fails.
>
> Since you bother to specify the motivation for verifying lower root dir,
> FYI, the main motivation was to detect the case of copied layers.
What are copied layers? You mean I remove original layer and bring in
another one with same top dir name?
But this tests only one layer, right. So if there are multiple lower
layers, I can still copy/remove or do something else with other layers
and it will not detect.
Also I should be able to retain top dir name same and replace anything
underneath and that will not be detected either.
So it provides only so much of protection, IIUC.
> I still hold the opinion that new incompat features should enforce
> exclusive dir lock, so withholding Reviewed-by on this one for now.
I am really not happy about enforcing exlusive dir lock because
this breaks userspace.
I like the idea of making it hard to get configuration wrong, but overlay
was like this since the beginning and how many issues have we faced
that users ended up sharing upper. Atleast I have not come across
even a single one.
If that's the case, I would rahter wait that a proper fix comes along
(finding existing super block and returning that) and then harden it.
If I enforce it now, I most likely can't even use it with current
container run time because there is a possibility they can leak
mount points. So what's the point of introducing this feature.
Miklos, what do you think?
Vivek
next prev parent reply other threads:[~2017-10-26 13:15 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-25 19:09 [RFC PATCH 00/13][V5] overlayfs: Delayed copy up of data Vivek Goyal
2017-10-25 19:09 ` [PATCH 01/13] ovl: Put upperdentry if ovl_check_origin() fails Vivek Goyal
2017-10-25 20:08 ` Amir Goldstein
2017-10-25 19:09 ` [PATCH 02/13] ovl: Create origin xattr on copy up for all files Vivek Goyal
2017-10-26 5:31 ` Amir Goldstein
2017-10-26 12:53 ` Vivek Goyal
2017-10-25 19:09 ` [PATCH 03/13] ovl: ovl_check_setxattr() get rid of redundant -EOPNOTSUPP check Vivek Goyal
2017-10-25 19:09 ` [PATCH 04/13] ovl: Provide a mount option metacopy=on/off for metadata copyup Vivek Goyal
2017-10-26 5:39 ` Amir Goldstein
2017-10-26 13:15 ` Vivek Goyal [this message]
2017-10-26 13:57 ` Amir Goldstein
2017-10-25 19:09 ` [PATCH 05/13] ovl: During copy up, first copy up metadata and then data Vivek Goyal
2017-10-26 5:42 ` Amir Goldstein
2017-10-26 13:19 ` Vivek Goyal
2017-10-25 19:09 ` [PATCH 06/13] ovl: Copy up only metadata during copy up where it makes sense Vivek Goyal
2017-10-25 19:09 ` [PATCH 07/13] ovl: A new xattr OVL_XATTR_METACOPY for file on upper Vivek Goyal
2017-10-26 6:04 ` Amir Goldstein
2017-10-26 13:53 ` Vivek Goyal
2017-10-26 14:14 ` Amir Goldstein
2017-10-26 14:34 ` Vivek Goyal
2017-10-26 16:11 ` Amir Goldstein
2017-10-27 4:28 ` Amir Goldstein
2017-10-25 19:09 ` [PATCH 08/13] ovl: Fix ovl_getattr() to get number of blocks from lower Vivek Goyal
2017-10-26 6:12 ` Amir Goldstein
2017-10-25 19:09 ` [PATCH 09/13] ovl: Set OVL_UPPERDATA flag during ovl_lookup() Vivek Goyal
2017-10-26 6:19 ` Amir Goldstein
2017-10-26 18:04 ` Vivek Goyal
2017-10-25 19:09 ` [PATCH 10/13] ovl: Return lower dentry if only metadata copy up took place Vivek Goyal
2017-10-25 19:09 ` [PATCH 11/13] ovl: Introduce read/write barriers around metacopy flag update Vivek Goyal
2017-10-26 6:34 ` Amir Goldstein
2017-10-26 17:54 ` Vivek Goyal
2017-10-27 4:35 ` Amir Goldstein
2017-10-27 13:14 ` Vivek Goyal
2017-10-25 19:09 ` [PATCH 12/13] ovl: Do not export metacopy only upper dentry Vivek Goyal
2017-10-26 6:54 ` Amir Goldstein
2017-10-26 6:54 ` Amir Goldstein
2017-10-25 19:09 ` [PATCH 13/13] ovl: Enable metadata only feature Vivek Goyal
2017-10-26 7:07 ` Amir Goldstein
2017-10-26 18:19 ` Vivek Goyal
2017-10-26 7:18 ` [RFC PATCH 00/13][V5] overlayfs: Delayed copy up of data Amir Goldstein
2017-10-27 16:40 ` Vivek Goyal
2017-10-28 14:50 ` Amir Goldstein
2017-10-31 13:39 ` Vivek Goyal
2017-10-31 13:56 ` Amir Goldstein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171026131505.GB28005@redhat.com \
--to=vgoyal@redhat.com \
--cc=amir73il@gmail.com \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).