On Tue, 11 Feb 2025 at 16:52, Amir Goldstein <amir73il@xxxxxxxxx> wrote: > It sounds very complicated. Is that even possible? > Do we always know the path of the upper alias? > IIRC, the absolute redirect path in upper is not necessary > the absolute path where the origin is found. > e.g. if there are middle layer redirects of parents. Okay, it was a stupid idea. > > > Looking closer at ovl_maybe_validate_verity(), it's actually > > > worse - if you create an upper without metacopy above > > > a lower with metacopy, ovl_validate_verity() will only check > > > the metacopy xattr on metapath, which is the uppermost > > > and find no md5digest, so create an upper above a metacopy > > > lower is a way to avert verity check. > > > > I need to dig into how verity is supposed to work as I'm not seeing it > > clearly yet... > > > > The short version - for lazy data lookup we store the lowerdata > redirect absolute path in the ovl entry stack, but we do not store > the verity digest, we just store OVL_HAS_DIGEST inode flag if there > is a digest in metacopy xattr. > > If we store the digest from lookup time in ovl entry stack, your changes > may be easier. Sorry, I can't wrap my head around this issue. Cc-ing Giuseppe. > > > So I think lookup code needs to disallow finding metacopy > > > in middle layer and need to enforce that also when upper is found > > > via index. > > > > That's the hard link case. I.e. with metacopy=on,index=on it's > > possible that one link is metacopyied up, and the other one is then > > found through the index. Metacopy *should* work in this case, no? > > > > Right. So I guess we only need to disallow uppermetacopy from > index when metacoy=off. Yes. Thanks, Miklos
