From: Vivek Goyal <vgoyal@redhat.com>
To: Amir Goldstein <amir73il@gmail.com>
Cc: overlayfs <linux-unionfs@vger.kernel.org>,
Miklos Szeredi <miklos@szeredi.hu>
Subject: Re: [PATCH v12 12/17] ovl: Do not expose metacopy only upper dentry from d_real()
Date: Wed, 7 Mar 2018 08:29:02 -0500 [thread overview]
Message-ID: <20180307132902.GB5350@redhat.com> (raw)
In-Reply-To: <CAOQ4uxhcd-5Vv6NNeh6m_C=ioRjQjuyhf+-SF+wa0JUow+YoGg@mail.gmail.com>
On Wed, Mar 07, 2018 at 09:15:40AM +0200, Amir Goldstein wrote:
> On Tue, Mar 6, 2018 at 10:54 PM, Vivek Goyal <vgoyal@redhat.com> wrote:
> > d_real() can make a upper metacopy dentry/inode visible to the vfs layer.
> > This is something new and vfs layer does not know that this inode contains
> > only metadata and not data. And this could break things.
> >
> > So to be safe, do not expose metacopy only dentry/inode to vfs using
> > d_real().
> >
> > IOW, d_real() will not reuturn metacopy dentry. Instead, it will return
> > dentry corresponding lower dentry/inode which has file data.
> >
> > For regular d_real() call (inode == NULL, D_REAL_UPPER not set), if upper
> > dentry inode is metacopy only and does not have data, return lower dentry.
> >
> > If d_real() is called with flag D_REAL_UPPER, return upper dentry only if
> > it has data (flag OVL_UPPERDATA is set).
> >
> > Similiarly, if d_real(inode=X) is called, a warning is emitted if returned
> > dentry/inode does not have OVL_UPPERDATA set. This should not happen as
> > we never made this metacopy inode visible to vfs so nobody should be
> > calling overlayfs back with inode=metacopy_inode.
> >
> > I scanned the code and I don't think it breaks any of the existing code.
> > There are two users of D_REAL_UPPER. may_write_real() and
> > update_ovl_inode_times().
> >
> > may_write_real(), will get an NULL dentry if upper inode is metacopy only
> > and it will return -EPERM. Effectively, we are disallowing modifications
> > to metacopy only inode from this interface. Though there is opportunity
> > to improve it. (Allow chattr on metacopy inodes).
> >
> > update_ovl_inode_times() gets inode mtime and ctime from real inode. It
> > should not be broken for metacopy inode as well for following reasons.
> >
> > - For any metadata operations (setattr, acl etc), overlay always calls
> > ovl_copyattr() and updates ovl inode mtime and ctime. So there is no
> > need to update mtime and ctime in this case. Its already updated, hence
> > even if d_real(D_REAL_UPPER) returns nil, it should be fine.
> >
> > - For metadata inode, mtime should be same as lower and not change. (data
> > can't be modified on metadata inode without copyup). IOW, mtime of
> > ovl dentry should be same as mtime of underlying metadata inode on upper
> > always. So there is no need to update it.
> >
> > - For file writes, ctime and mtime will be updated. But in that case
> > first data will be copied up and this will not be a metadata inode
> > anymore. And furthr call to d_real(D_REAL_UPPER) will return upper
> > inode and new mtime and ctime will be obtainable.
> >
> > So atime updates should work just fine for metacopy inodes. I think only
> > corner case is if somehow underlying filesystem changes ctime of upper
> > metadata inode without overlay knowing about it. Not sure how that
> > can happen. If somehow is affected by that, then we probably can implement
> > another flag which will allow caller to get metacopy inode as well.
> > Something like d_real(D_REAL_UPPER | D_METACOPY). And that should solve
> > this issue.
> >
> > Reviewed-by: Amir Goldstein <amir73il@gmail.com>
> > Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
> > ---
> > fs/overlayfs/overlayfs.h | 1 +
> > fs/overlayfs/super.c | 21 +++++++++++++++++----
> > fs/overlayfs/util.c | 8 ++++++++
> > 3 files changed, 26 insertions(+), 4 deletions(-)
> >
> > diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h
> > index 2d682923252e..24725b6668b9 100644
> > --- a/fs/overlayfs/overlayfs.h
> > +++ b/fs/overlayfs/overlayfs.h
> > @@ -225,6 +225,7 @@ void ovl_path_lowerdata(struct dentry *dentry, struct path *path);
> > enum ovl_path_type ovl_path_real(struct dentry *dentry, struct path *path);
> > struct dentry *ovl_dentry_upper(struct dentry *dentry);
> > struct dentry *ovl_dentry_lower(struct dentry *dentry);
> > +struct dentry *ovl_dentry_lowerdata(struct dentry *dentry);
> > struct dentry *ovl_dentry_real(struct dentry *dentry);
> > struct dentry *ovl_i_dentry_upper(struct inode *inode);
> > struct inode *ovl_inode_upper(struct inode *inode);
> > diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
> > index d3dbdd695722..4be4e47cbf57 100644
> > --- a/fs/overlayfs/super.c
> > +++ b/fs/overlayfs/super.c
> > @@ -96,8 +96,14 @@ static struct dentry *ovl_d_real(struct dentry *dentry,
> > struct dentry *real;
> > int err;
> >
> > - if (flags & D_REAL_UPPER)
> > - return ovl_dentry_upper(dentry);
> > + if (flags & D_REAL_UPPER) {
> > + real = ovl_dentry_upper(dentry);
> > + if (!real)
> > + return NULL;
> > + if (!ovl_has_upperdata(dentry))
> > + return NULL;
> > + return real;
> > + }
> >
> > if (!d_is_reg(dentry)) {
> > if (!inode || inode == d_inode(dentry))
> > @@ -113,15 +119,22 @@ static struct dentry *ovl_d_real(struct dentry *dentry,
> >
> > real = ovl_dentry_upper(dentry);
> > if (real && (!inode || inode == d_inode(real))) {
> > + bool metacopy = !ovl_has_upperdata(dentry);
> > if (!inode) {
> > err = ovl_check_append_only(d_inode(real), open_flags);
> > if (err)
> > return ERR_PTR(err);
> > - }
> > +
> > + if (unlikely(metacopy))
> > + goto lower;
> > + } else if (unlikely(metacopy))
> > + goto bug;
> > +
> > return real;
> > }
> >
> > - real = ovl_dentry_lower(dentry);
> > +lower:
> > + real = ovl_dentry_lowerdata(dentry);
> > if (!real)
> > goto bug;
> >
> > diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c
> > index 274bbfc855e0..36d41f7001e3 100644
> > --- a/fs/overlayfs/util.c
> > +++ b/fs/overlayfs/util.c
> > @@ -186,6 +186,14 @@ struct dentry *ovl_dentry_lower(struct dentry *dentry)
> > return oe->numlower ? oe->lowerstack[0].dentry : NULL;
> > }
> >
> > +struct dentry *ovl_dentry_lowerdata(struct dentry *dentry)
> > +{
> > + struct ovl_entry *oe = dentry->d_fsdata;
> > + int idx = oe->numlower - 1;
> > +
> > + return oe->lowerstack[idx].dentry;
> > +}
> > +
>
> This new change is not in line with the subject line.
> Either change the commit message to fit or better split this
> small change to a new patch because the commit message is long
> enough as it is.
Ok, I will move this helper in a separate patch before this patch.
Vivek
next prev parent reply other threads:[~2018-03-07 13:29 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-06 20:53 [PATCH v12 00/17] overlayfs: Delayed copy up of data Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 01/17] ovl: redirect_dir=nofollow can follow redirect for opaque lower Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 02/17] ovl: Provide a mount option metacopy=on/off for metadata copyup Vivek Goyal
2018-03-07 8:47 ` Amir Goldstein
2018-03-07 15:43 ` Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 03/17] ovl: During copy up, first copy up metadata and then data Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 04/17] ovl: Move the copy up helpers to copy_up.c Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 05/17] ovl: Copy up only metadata during copy up where it makes sense Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 06/17] ovl: Add helper ovl_already_copied_up() Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 07/17] ovl: A new xattr OVL_XATTR_METACOPY for file on upper Vivek Goyal
2018-03-06 20:53 ` [PATCH v12 08/17] ovl: Modify ovl_lookup() and friends to lookup metacopy dentry Vivek Goyal
2018-03-07 14:42 ` Amir Goldstein
2018-03-07 20:27 ` Vivek Goyal
2018-03-08 8:43 ` Amir Goldstein
2018-03-08 17:03 ` Vivek Goyal
2018-03-08 17:54 ` Amir Goldstein
2018-03-06 20:54 ` [PATCH v12 09/17] ovl: Do not mark a non dir as _OVL_PATH_MERGE in ovl_path_type() Vivek Goyal
2018-03-07 7:07 ` Amir Goldstein
2018-03-07 13:21 ` Vivek Goyal
2018-03-07 13:37 ` Amir Goldstein
2018-03-28 19:43 ` Vivek Goyal
2018-03-29 4:27 ` Amir Goldstein
2018-03-06 20:54 ` [PATCH v12 10/17] ovl: Copy up meta inode data from lowest data inode Vivek Goyal
2018-03-07 7:19 ` Amir Goldstein
2018-03-07 13:30 ` Vivek Goyal
2018-03-06 20:54 ` [PATCH v12 11/17] ovl: Fix ovl_getattr() to get number of blocks from lower Vivek Goyal
2018-03-06 20:54 ` [PATCH v12 12/17] ovl: Do not expose metacopy only upper dentry from d_real() Vivek Goyal
2018-03-07 7:15 ` Amir Goldstein
2018-03-07 13:29 ` Vivek Goyal [this message]
2018-03-07 13:40 ` Amir Goldstein
2018-03-07 19:13 ` Vivek Goyal
2018-03-06 20:54 ` [PATCH v12 13/17] ovl: Check redirects for metacopy files Vivek Goyal
2018-03-07 12:16 ` Amir Goldstein
2018-03-07 18:52 ` Vivek Goyal
2018-03-08 8:55 ` Amir Goldstein
2018-03-06 20:54 ` [PATCH v12 14/17] ovl: Set redirect on metacopy files upon rename Vivek Goyal
2018-03-07 7:48 ` Amir Goldstein
2018-03-07 15:15 ` Vivek Goyal
2018-03-07 16:26 ` Amir Goldstein
2018-03-07 20:43 ` Vivek Goyal
2018-03-08 8:04 ` Amir Goldstein
2018-03-06 20:54 ` [PATCH v12 15/17] ovl: Remove redirect when data of a metacopy file is copied up Vivek Goyal
2018-03-07 8:21 ` Amir Goldstein
2018-03-14 19:15 ` Vivek Goyal
2018-03-15 18:47 ` Vivek Goyal
2018-03-15 20:42 ` Amir Goldstein
2018-03-16 12:52 ` Vivek Goyal
2018-03-16 13:17 ` Amir Goldstein
2018-03-16 15:06 ` Vivek Goyal
2018-03-16 16:09 ` Amir Goldstein
2018-03-16 18:09 ` Vivek Goyal
2018-03-20 19:26 ` Vivek Goyal
2018-03-20 20:35 ` Vivek Goyal
2018-03-21 6:23 ` Amir Goldstein
2018-03-29 14:08 ` Vivek Goyal
2018-04-04 13:41 ` Vivek Goyal
2018-04-04 16:04 ` Amir Goldstein
2018-03-06 20:54 ` [PATCH v12 16/17] ovl: Set redirect on upper inode when it is linked Vivek Goyal
2018-03-07 8:02 ` Amir Goldstein
2018-03-07 15:19 ` Vivek Goyal
2018-03-29 14:01 ` Vivek Goyal
2018-03-29 14:09 ` Amir Goldstein
2018-03-06 20:54 ` [PATCH v12 17/17] ovl: Enable metadata only feature Vivek Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180307132902.GB5350@redhat.com \
--to=vgoyal@redhat.com \
--cc=amir73il@gmail.com \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox