On Tue, Sep 12, 2023 at 6:36 PM Alexander Larsson <alexl@xxxxxxxxxx> wrote: > > > > On Tue, Sep 12, 2023 at 2:08 PM Amir Goldstein <amir73il@xxxxxxxxx> wrote: >> >> On Tue, Sep 12, 2023 at 12:56 PM Alexander Larsson <alexl@xxxxxxxxxx> wrote: >> > >> > There are cases where you want to use an overlayfs mount as a lowerdir for >> > another overlayfs mount. For example, if the system rootfs is on overlayfs due >> > to composefs, or to make it volatile (via tmpfs), then you cannot currently store >> > a lowerdir on the rootfs, because the inner overlayfs will eat all the whiteouts >> > and overlay xattrs. This means you can't e.g. store on the rootfs a prepared >> > container image for use with overlayfs. >> > >> > This patch series adds support for nesting of overlayfs mounts by escaping the >> > problematic features and unescaping them when exposing to the overlayfs user. >> > >> > This series is also available here: >> > https://github.com/alexlarsson/linux/tree/ovl-nesting >> > >> > And xfstest to test it is available here: >> > https://github.com/alexlarsson/xfstests/tree/overlayfs-nesting >> > >> > The overlay/083 test checks both xattr escaping, the new whiteouts as well as >> > actual nesting of overlayfs. >> > >> > Note that this series breaks the overlay/026 test which validates that >> > writing overlay.* xattrs is not supported, but it now is. I'm not sure >> > if we should fix this test to not fail, or if we should make this an >> > opt-in mount feature. >> >> Please fix the test as we discussed: >> 1. relax the requirement that getxattr trusted.overlay should fail >> 2. set expectations for setxattr depending on result of getxattr >> >> This way we will not lose much test coverage for old kernels. >> This test fix can be posted to fstests ahead of time as preparation >> for your patch set. > > > Added to https://github.com/alexlarsson/xfstests/commits/overlayfs-nesting > Nice. Not sure that you need "getattr ok" in the golden output. Also, if you test "legit failure" with [[ "$res" =~ "Operation not" ]] there is no need to sed the output of [gs]etfattr not to _filter_scratch. Those are only done to canonicalize the golder output. However, test 083 failed all the xwhiteout test cases when I ran it with your ovl-nesting-4 tag: == Check xwhiteout trusted == +hidden regular -stat: cannot statx 'SCRATCH_MNT/hidden': No such file or directory + File: SCRATCH_MNT/hidden ... >> Given that this version has dropped the controversial bits >> and that the whiteout implementation is the one that was >> proposed by Miklos, I don't see any problem with it now. >> I can queue it up for 6.7 and if Miklos has any objections >> or comments, we have enough time to address them. >> > > That sounds good to me. > >> >> Thanks, >> Amir. >> >> > >> > Changes since v3: >> > * Dropped the handling of whiteout xattrs across layers. >> > * Copy-up escaped overlayfs xattrs. >> > * Minor code cleanups. >> > >> > Changes since v2: >> > * Uses a new approach for escaping whiteouts with a regular file with an >> > overlay.whiteout xattr in a lower directory with an overlay.whiteouts >> > xattr. >> > >> > Changes since v1: >> > >> > * Moved all xattr handling to xattr.c >> > * Made creation of escaped whiteouts atomic >> > >> > Alexander Larsson (5): >> > ovl: Move xattr support to new xattrs.c file >> > ovl: Add OVL_XATTR_TRUSTED/USER_PREFIX_LEN macros >> > ovl: Support escaped overlay.* xattrs >> > ovl: Add an alternative type of whiteout >> > ovl: Add documentation on nesting of overlayfs mounts >> > >> > Documentation/filesystems/overlayfs.rst | 23 ++ >> > fs/overlayfs/Makefile | 2 +- >> > fs/overlayfs/dir.c | 4 +- >> > fs/overlayfs/inode.c | 124 ----------- >> > fs/overlayfs/namei.c | 15 +- >> > fs/overlayfs/overlayfs.h | 42 +++- >> > fs/overlayfs/readdir.c | 27 ++- >> > fs/overlayfs/super.c | 67 +----- >> > fs/overlayfs/util.c | 40 ++++ >> > fs/overlayfs/xattrs.c | 273 ++++++++++++++++++++++++ >> > 10 files changed, 404 insertions(+), 213 deletions(-) >> > create mode 100644 fs/overlayfs/xattrs.c >> > >> > -- >> > 2.41.0 >> > >> > > > -- > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > Alexander Larsson Red Hat, Inc > alexl@xxxxxxxxxx alexander.larsson@xxxxxxxxx
