On Sun, Nov 15, 2020 at 12:42 PM Christian Brauner
<christian.brauner@xxxxxxxxxx> wrote:
>
> Prevent overlayfs from being mounted on top of idmapped mounts until we
> have ported it to handle this case and added proper testing for it.
>
> Cc: Christoph Hellwig <hch@xxxxxx>
> Cc: David Howells <dhowells@xxxxxxxxxx>
> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> Cc: linux-fsdevel@xxxxxxxxxxxxxxx
> Signed-off-by: Christian Brauner <christian.brauner@xxxxxxxxxx>
> ---
> /* v2 */
> patch introduced
> ---
> fs/overlayfs/super.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
> index 0d4f2baf6836..3cacc3d3fb65 100644
> --- a/fs/overlayfs/super.c
> +++ b/fs/overlayfs/super.c
> @@ -1708,6 +1708,12 @@ static struct ovl_entry *ovl_get_lowerstack(struct super_block *sb,
> if (err)
> goto out_err;
>
> + if (mnt_idmapped(stack[i].mnt)) {
> + err = -EINVAL;
> + pr_err("idmapped lower layers are currently unsupported\n");
> + goto out_err;
> + }
> +
> lower = strchr(lower, '\0') + 1;
> }
>
> @@ -1939,6 +1945,12 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
> if (err)
> goto out_err;
>
> + if (mnt_idmapped(upperpath.mnt)) {
> + err = -EINVAL;
> + pr_err("idmapped lower layers are currently unsupported\n");
> + goto out_err;
> + }
> +
Both checks should be replaced with one check in ovl_mount_dir_noesc()
right next to ovl_dentry_weird() check and FWIW the error above about
"lower layers" when referring to upperpath.mnt is confusing.
"idmapped layers..." should be fine.
Thanks,
Amir.
