From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> This reverts commit a1a541fbfa7e97c1100144db34b57553d7164ce5 which is commit c45beebfde34aa71afbc48b2c54cdda623515037 upstream. It is reported to part of a series that causes problems in the 6.6.y tree, so revert it at this point in time and it can come back later if still needed. Reported-by: Ignat Korchagin <ignat@xxxxxxxxxxxxxx> Link: https://lore.kernel.org/r/ACD4D6CC-C4D5-4657-A805-03C34559046E@xxxxxxxxxxxxxx Cc: Dmitry Safonov <dima@xxxxxxxxxx> Cc: Amir Goldstein <amir73il@xxxxxxxxx> Cc: Christian Brauner <brauner@xxxxxxxxxx> Cc: Sasha Levin <sashal@xxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/overlayfs/export.c | 46 +++++++++++++++++++++------------------------- 1 file changed, 21 insertions(+), 25 deletions(-) --- a/fs/overlayfs/export.c +++ b/fs/overlayfs/export.c @@ -181,37 +181,35 @@ static int ovl_connect_layer(struct dent * * Return 0 for upper file handle, > 0 for lower file handle or < 0 on error. */ -static int ovl_check_encode_origin(struct inode *inode) +static int ovl_check_encode_origin(struct dentry *dentry) { - struct ovl_fs *ofs = OVL_FS(inode->i_sb); + struct ovl_fs *ofs = OVL_FS(dentry->d_sb); bool decodable = ofs->config.nfs_export; - struct dentry *dentry; - int err; /* No upper layer? */ if (!ovl_upper_mnt(ofs)) return 1; /* Lower file handle for non-upper non-decodable */ - if (!ovl_inode_upper(inode) && !decodable) + if (!ovl_dentry_upper(dentry) && !decodable) return 1; /* Upper file handle for pure upper */ - if (!ovl_inode_lower(inode)) + if (!ovl_dentry_lower(dentry)) return 0; /* * Root is never indexed, so if there's an upper layer, encode upper for * root. */ - if (inode == d_inode(inode->i_sb->s_root)) + if (dentry == dentry->d_sb->s_root) return 0; /* * Upper decodable file handle for non-indexed upper. */ - if (ovl_inode_upper(inode) && decodable && - !ovl_test_flag(OVL_INDEX, inode)) + if (ovl_dentry_upper(dentry) && decodable && + !ovl_test_flag(OVL_INDEX, d_inode(dentry))) return 0; /* @@ -220,25 +218,17 @@ static int ovl_check_encode_origin(struc * ovl_connect_layer() will try to make origin's layer "connected" by * copying up a "connectable" ancestor. */ - if (!decodable || !S_ISDIR(inode->i_mode)) - return 1; - - dentry = d_find_any_alias(inode); - if (!dentry) - return -ENOENT; - - err = ovl_connect_layer(dentry); - dput(dentry); - if (err < 0) - return err; + if (d_is_dir(dentry) && decodable) + return ovl_connect_layer(dentry); /* Lower file handle for indexed and non-upper dir/non-dir */ return 1; } -static int ovl_dentry_to_fid(struct ovl_fs *ofs, struct inode *inode, +static int ovl_dentry_to_fid(struct ovl_fs *ofs, struct dentry *dentry, u32 *fid, int buflen) { + struct inode *inode = d_inode(dentry); struct ovl_fh *fh = NULL; int err, enc_lower; int len; @@ -247,7 +237,7 @@ static int ovl_dentry_to_fid(struct ovl_ * Check if we should encode a lower or upper file handle and maybe * copy up an ancestor to make lower file handle connectable. */ - err = enc_lower = ovl_check_encode_origin(inode); + err = enc_lower = ovl_check_encode_origin(dentry); if (enc_lower < 0) goto fail; @@ -267,8 +257,8 @@ out: return err; fail: - pr_warn_ratelimited("failed to encode file handle (ino=%lu, err=%i)\n", - inode->i_ino, err); + pr_warn_ratelimited("failed to encode file handle (%pd2, err=%i)\n", + dentry, err); goto out; } @@ -276,13 +266,19 @@ static int ovl_encode_fh(struct inode *i struct inode *parent) { struct ovl_fs *ofs = OVL_FS(inode->i_sb); + struct dentry *dentry; int bytes, buflen = *max_len << 2; /* TODO: encode connectable file handles */ if (parent) return FILEID_INVALID; - bytes = ovl_dentry_to_fid(ofs, inode, fid, buflen); + dentry = d_find_any_alias(inode); + if (!dentry) + return FILEID_INVALID; + + bytes = ovl_dentry_to_fid(ofs, dentry, fid, buflen); + dput(dentry); if (bytes <= 0) return FILEID_INVALID; Patches currently in stable-queue which might be from gregkh@xxxxxxxxxxxxxxxxxxx are queue-6.6/vsock-virtio-cancel-close-work-in-the-destructor.patch queue-6.6/mptcp-fix-spurious-wake-up-on-under-memory-pressure.patch queue-6.6/zram-fix-potential-uaf-of-zram-table.patch queue-6.6/pmdomain-imx8mp-blk-ctrl-add-missing-loop-break-condition.patch queue-6.6/revert-pci-use-preserve_config-in-place-of-pci_flags.patch queue-6.6/mptcp-be-sure-to-send-ack-when-mptcp-level-window-re-opens.patch queue-6.6/revert-ovl-support-encoding-fid-from-inode-with-no-alias.patch queue-6.6/drm-amd-display-fix-out-of-bounds-access-in-dcn21_link_encoder_create.patch queue-6.6/irqchip-plug-a-of-node-reference-leak-in-platform_irqchip_probe.patch queue-6.6/vsock-prevent-null-ptr-deref-in-vsock_.patch queue-6.6/drm-i915-fb-relax-clear-color-alignment-to-64-bytes.patch queue-6.6/alsa-hda-realtek-add-support-for-ayaneo-system-using-cs35l41-hda.patch queue-6.6/net-ethernet-xgbe-re-add-aneg-to-supported-features-in-phy-quirks.patch queue-6.6/irqchip-gic-v3-its-don-t-enable-interrupts-in-its_irq_set_vcpu_affinity.patch queue-6.6/filemap-avoid-truncating-64-bit-offset-to-32-bits.patch queue-6.6/irqchip-gic-v3-handle-cpu_pm_enter_failed-correctly.patch queue-6.6/iio-imu-inv_icm42600-fix-spi-burst-write-not-supported.patch queue-6.6/block-fix-uaf-for-flush-rq-while-iterating-tags.patch queue-6.6/hrtimers-handle-cpu-state-correctly-on-hotplug.patch queue-6.6/vsock-reset-socket-state-when-de-assigning-the-transport.patch queue-6.6/revert-ovl-pass-realinode-to-ovl_encode_real_fh-instead-of-realdentry.patch queue-6.6/vsock-virtio-discard-packets-if-the-transport-changes.patch queue-6.6/nouveau-fence-handle-cross-device-fences-properly.patch queue-6.6/i2c-atr-fix-client-detach.patch queue-6.6/revert-ovl-do-not-encode-lower-fh-with-upper-sb_writers-held.patch queue-6.6/gpio-xilinx-convert-gpio_lock-to-raw-spinlock.patch queue-6.6/fs-proc-fix-softlockup-in-__read_vmcore-part-2.patch queue-6.6/selftests-mptcp-avoid-spurious-errors-on-disconnect.patch queue-6.6/drm-amdgpu-always-sync-the-gfx-pipe-on-ctx-switch.patch queue-6.6/ocfs2-fix-deadlock-in-ocfs2_get_system_file_inode.patch queue-6.6/vsock-bpf-return-early-if-transport-is-not-assigned.patch
