[PATCH] ovl: properly handle large files in ovl_security_fileattr

[PATCH] ovl: properly handle large files in ovl_security_fileattr

[Oleksandr Tymoshenko]

dentry_open in ovl_security_fileattr fails for any file
larger than 2GB if open method of the underlying filesystem
calls generic_file_open (e.g. fusefs).

The issue can be reproduce using the following script:
(passthrough_ll is an example app from libfuse).

  $ D=/opt/test/mnt
  $ mkdir -p ${D}/{source,base,top/uppr,top/work,ovlfs}
  $ dd if=/dev/zero of=${D}/source/zero.bin bs=1G count=2
  $ passthrough_ll -o source=${D}/source ${D}/base
  $ mount -t overlay overlay \
      -olowerdir=${D}/base,upperdir=${D}/top/uppr,workdir=${D}/top/work \
      ${D}/ovlfs
  $ chmod 0777 ${D}/mnt/ovlfs/zero.bin

Running this script results in "Value too large for defined data type"
error message from chmod.

Signed-off-by: Oleksandr Tymoshenko <ovt@google.com>
Fixes: 72db82115d2b ("ovl: copy up sync/noatime fileattr flags")
Cc: stable@vger.kernel.org # v5.15+
---
 fs/overlayfs/inode.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
index 35fd3e3e1778..baa54c718bd7 100644
--- a/fs/overlayfs/inode.c
+++ b/fs/overlayfs/inode.c
@@ -616,8 +616,13 @@ static int ovl_security_fileattr(const struct path *realpath, struct fileattr *f
 	struct file *file;
 	unsigned int cmd;
 	int err;
+	unsigned int flags;
+
+	flags = O_RDONLY;
+	if (force_o_largefile())
+		flags |= O_LARGEFILE;
 
-	file = dentry_open(realpath, O_RDONLY, current_cred());
+	file = dentry_open(realpath, flags, current_cred());
 	if (IS_ERR(file))
 		return PTR_ERR(file);
 
-- 
2.47.0.163.g1226f6d8fa-goog

Re: [PATCH] ovl: properly handle large files in ovl_security_fileattr

[Amir Goldstein]

On Wed, Oct 30, 2024 at 1:29 AM Oleksandr Tymoshenko <ovt@google.com> wrote:
>
> dentry_open in ovl_security_fileattr fails for any file
> larger than 2GB if open method of the underlying filesystem
> calls generic_file_open (e.g. fusefs).
>
> The issue can be reproduce using the following script:
> (passthrough_ll is an example app from libfuse).
>
>   $ D=/opt/test/mnt
>   $ mkdir -p ${D}/{source,base,top/uppr,top/work,ovlfs}
>   $ dd if=/dev/zero of=${D}/source/zero.bin bs=1G count=2
>   $ passthrough_ll -o source=${D}/source ${D}/base
>   $ mount -t overlay overlay \
>       -olowerdir=${D}/base,upperdir=${D}/top/uppr,workdir=${D}/top/work \
>       ${D}/ovlfs
>   $ chmod 0777 ${D}/mnt/ovlfs/zero.bin
>
> Running this script results in "Value too large for defined data type"
> error message from chmod.
>
> Signed-off-by: Oleksandr Tymoshenko <ovt@google.com>
> Fixes: 72db82115d2b ("ovl: copy up sync/noatime fileattr flags")
> Cc: stable@vger.kernel.org # v5.15+

Applied.

Thanks,
Amir,

> ---
>  fs/overlayfs/inode.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
> index 35fd3e3e1778..baa54c718bd7 100644
> --- a/fs/overlayfs/inode.c
> +++ b/fs/overlayfs/inode.c
> @@ -616,8 +616,13 @@ static int ovl_security_fileattr(const struct path *realpath, struct fileattr *f
>         struct file *file;
>         unsigned int cmd;
>         int err;
> +       unsigned int flags;
> +
> +       flags = O_RDONLY;
> +       if (force_o_largefile())
> +               flags |= O_LARGEFILE;
>
> -       file = dentry_open(realpath, O_RDONLY, current_cred());
> +       file = dentry_open(realpath, flags, current_cred());
>         if (IS_ERR(file))
>                 return PTR_ERR(file);
>
> --
> 2.47.0.163.g1226f6d8fa-goog
>