On Sun, Nov 15, 2020 at 02:31:46PM +0200, Amir Goldstein wrote:
> On Sun, Nov 15, 2020 at 12:42 PM Christian Brauner
> <christian.brauner@xxxxxxxxxx> wrote:
> >
> > Prevent overlayfs from being mounted on top of idmapped mounts until we
> > have ported it to handle this case and added proper testing for it.
> >
> > Cc: Christoph Hellwig <hch@xxxxxx>
> > Cc: David Howells <dhowells@xxxxxxxxxx>
> > Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> > Cc: linux-fsdevel@xxxxxxxxxxxxxxx
> > Signed-off-by: Christian Brauner <christian.brauner@xxxxxxxxxx>
> > ---
> > /* v2 */
> > patch introduced
> > ---
> > fs/overlayfs/super.c | 12 ++++++++++++
> > 1 file changed, 12 insertions(+)
> >
> > diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
> > index 0d4f2baf6836..3cacc3d3fb65 100644
> > --- a/fs/overlayfs/super.c
> > +++ b/fs/overlayfs/super.c
> > @@ -1708,6 +1708,12 @@ static struct ovl_entry *ovl_get_lowerstack(struct super_block *sb,
> > if (err)
> > goto out_err;
> >
> > + if (mnt_idmapped(stack[i].mnt)) {
> > + err = -EINVAL;
> > + pr_err("idmapped lower layers are currently unsupported\n");
> > + goto out_err;
> > + }
> > +
> > lower = strchr(lower, '\0') + 1;
> > }
> >
> > @@ -1939,6 +1945,12 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
> > if (err)
> > goto out_err;
> >
> > + if (mnt_idmapped(upperpath.mnt)) {
> > + err = -EINVAL;
> > + pr_err("idmapped lower layers are currently unsupported\n");
> > + goto out_err;
> > + }
> > +
>
> Both checks should be replaced with one check in ovl_mount_dir_noesc()
> right next to ovl_dentry_weird() check and FWIW the error above about
> "lower layers" when referring to upperpath.mnt is confusing.
> "idmapped layers..." should be fine.
Noted, thanks!
Christian
