On Wed, Jul 15, 2020 at 11:57 AM Miklos Szeredi <miklos@xxxxxxxxxx> wrote: > > On Tue, Jul 14, 2020 at 4:05 PM Amir Goldstein <amir73il@xxxxxxxxx> wrote: > > > Today, if a user deletes/renames underlying lower that leaves > > the overlayfs dentry in a vulnerable state. > > I do not have a reproducer to OOPS the kernel with that, but > > syzbot has created some crashes of similar nature in the past. > > Can you back that up with references? What I meant by "similar nature" is the overlapping layers shenanigans. So no, I do not have any concrete evidence to reproducible OOPS, but we both know that the bugs are there somewhere. If not a proper OOPS then some WARN_ON must be possible. > > Don't misunderstand me, I'm all for making behavior more > deterministic, but I'd also like to fully understand the current > behavior. > So as I said, I needed those local fs change invalidations for the snapshot use case and those patches are now in my branch passing the snapshot tests. I posted them for consideration, because they *seem* to slightly improve things, even if not by a lot. I can claim that they will buy us some more time before syzbot evolves to finding an OOPS triggered by an underlying change, but I do not have any real evidence to support this claim. If you want me to take this one step further and verify overlay dentry before ovl_lookup() and ovl_iterate() (anything else?) I can do that. ovl_lookup() on parent dentry with mangled lowerstack sounds like a possible source of trouble. Thanks, Amir.
