Currently after copy-up, upper file will lose most of file
attributions except copy-up triggered by setting fsflags.
Because ioctl operation of underlying file systems does not
expect calling from kernel component, it seems hard to
copy fsflags during copy-up.
Overlayfs keeps limited attributions(append-only, etc) in it's
inode flags after successfully updating attributions. so ater
copy-up, lsattr(1) does not show correct result but overlayfs
can still prohibit ramdom write for those files which originally
have append-only attribution. However, recently I found this
protection can be easily broken in below operations.
1, Set append attribution to lower file.
2, Mount overlayfs.
3, Trigger copy-up by data append.
4, Set noatime attributtion to the file.
5, The file is random writable.
This patch tries to keep some file attributions after copy-up
so that overlayfs keeps compatible behavior with local filesystem
as much as possible.
Signed-off-by: Chengguang Xu <cgxu519@xxxxxxxxxxxx>
---
fs/overlayfs/file.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index efccb7c1f9bc..e0eb055d00a6 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -655,12 +655,24 @@ static long ovl_ioctl_set_fsxflags(struct file *file, unsigned int cmd,
long ovl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
+ unsigned int imask = S_SYNC | S_APPEND | S_NOATIME;
+ unsigned int fsmask = FS_SYNC_FL | FS_APPEND_FL | FS_NOATIME_FL;
+ unsigned int flags, ovl_fsflags;
long ret;
switch (cmd) {
case FS_IOC_GETFLAGS:
case FS_IOC_FSGETXATTR:
ret = ovl_real_ioctl(file, cmd, arg);
+ if (!ret) {
+ if (get_user(flags, (int __user *) arg))
+ return -EFAULT;
+
+ ovl_fsflags = ovl_iflags_to_fsflags(file_inode(file)->i_flags & imask);
+ if ((flags & fsmask) != ovl_fsflags)
+ flags |= ovl_fsflags;
+ ret = put_user(flags, (int __user *)arg);
+ }
break;
case FS_IOC_SETFLAGS:
--
2.18.4
