From: Amir Goldstein <amir73il@gmail.com>
To: Alexander Larsson <alexl@redhat.com>
Cc: miklos@szeredi.hu, linux-unionfs@vger.kernel.org
Subject: Re: [PATCH 2/4] ovl: Support escaped overlay.* xattrs
Date: Wed, 16 Aug 2023 21:45:01 +0300 [thread overview]
Message-ID: <CAOQ4uxhN=ufK5cYyBsh68A=vGcZybMTJskdeXxsbyVim8YKx8A@mail.gmail.com> (raw)
In-Reply-To: <511f90c1f5425c4536381aef8146ef2b1b0b1326.1692198910.git.alexl@redhat.com>
On Wed, Aug 16, 2023 at 6:29 PM Alexander Larsson <alexl@redhat.com> wrote:
>
> There are cases where you want to use an overlayfs mount as a lowerdir
> for another overlayfs mount. For example, if the system rootfs is on
> overlayfs due to composefs, or to make it volatile (via tmps), then
> you cannot currently store a lowerdir on the rootfs. This means you
> can't e.g. store on the rootfs a prepared container image for use
> using overlayfs.
>
> To work around this, we introduce an escapment mechanism for overlayfs
> xattrs. Whenever the lower/upper dir has a xattr named
> `overlay.overlay.XYZ`, we list it as overlay.XYZ in listxattrs, and
> when the user calls getxattr or setxattr on `overlay.XYZ`, we apply to
> `overlay.overlay.XYZ` in the backing directories.
>
> This allows storing any kind of overlay xattrs in a overlayfs mount
> that can be used as a lowerdir in another mount. It is possible to
> stack this mechanism multiple times, such that
> overlay.overlay.overlay.XYZ will survive two levels of overlay mounts,
> however this is not all that useful in practice because of stack depth
> limitations of overlayfs mounts.
>
> Signed-off-by: Alexander Larsson <alexl@redhat.com>
> ---
> fs/overlayfs/inode.c | 27 +++++++++++++++++++--
> fs/overlayfs/overlayfs.h | 7 ++++++
> fs/overlayfs/super.c | 51 ++++++++++++++++++++++++++++++++++++++--
> 3 files changed, 81 insertions(+), 4 deletions(-)
>
> diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
> index 2dccf3f7fcbe..743951c11534 100644
> --- a/fs/overlayfs/inode.c
> +++ b/fs/overlayfs/inode.c
> @@ -339,6 +339,18 @@ static const char *ovl_get_link(struct dentry *dentry,
> return p;
> }
>
> +bool ovl_is_escaped_xattr(struct super_block *sb, const char *name)
> +{
> + struct ovl_fs *ofs = sb->s_fs_info;
> +
> + if (ofs->config.userxattr)
> + return strncmp(name, OVL_XATTR_ESCAPE_USER_PREFIX,
> + OVL_XATTR_ESCAPE_USER_PREFIX_LEN) == 0;
> + else
> + return strncmp(name, OVL_XATTR_ESCAPE_TRUSTED_PREFIX,
> + OVL_XATTR_ESCAPE_TRUSTED_PREFIX_LEN - 1) == 0;
> +}
> +
> bool ovl_is_private_xattr(struct super_block *sb, const char *name)
> {
> struct ovl_fs *ofs = OVL_FS(sb);
> @@ -417,8 +429,8 @@ int ovl_xattr_get(struct dentry *dentry, struct inode *inode, const char *name,
>
> static bool ovl_can_list(struct super_block *sb, const char *s)
> {
> - /* Never list private (.overlay) */
> - if (ovl_is_private_xattr(sb, s))
> + /* Never list non-escaped private (.overlay) */
> + if (ovl_is_private_xattr(sb, s) && !ovl_is_escaped_xattr(sb, s))
> return false;
>
> /* List all non-trusted xattrs */
> @@ -432,10 +444,12 @@ static bool ovl_can_list(struct super_block *sb, const char *s)
> ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
> {
> struct dentry *realdentry = ovl_dentry_real(dentry);
> + struct ovl_fs *ofs = OVL_FS(dentry->d_sb);
> ssize_t res;
> size_t len;
> char *s;
> const struct cred *old_cred;
> + size_t prefix_len;
>
> old_cred = ovl_override_creds(dentry->d_sb);
> res = vfs_listxattr(realdentry, list, size);
> @@ -443,6 +457,9 @@ ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
> if (res <= 0 || size == 0)
> return res;
>
> + prefix_len = ofs->config.userxattr ?
> + OVL_XATTR_USER_PREFIX_LEN : OVL_XATTR_TRUSTED_PREFIX_LEN;
> +
> /* filter out private xattrs */
> for (s = list, len = res; len;) {
> size_t slen = strnlen(s, len) + 1;
> @@ -455,6 +472,12 @@ ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
> if (!ovl_can_list(dentry->d_sb, s)) {
> res -= slen;
> memmove(s, s + slen, len);
> + } else if (ovl_is_escaped_xattr(dentry->d_sb, s)) {
> + memmove(s + prefix_len,
> + s + prefix_len + OVL_XATTR_ESCAPE_PREFIX_LEN,
> + slen - (prefix_len + OVL_XATTR_ESCAPE_PREFIX_LEN) + len);
> + res -= OVL_XATTR_ESCAPE_PREFIX_LEN;
> + s += slen - OVL_XATTR_ESCAPE_PREFIX_LEN;
> } else {
> s += slen;
> }
> diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h
> index 33f88b524627..1dbd01719f63 100644
> --- a/fs/overlayfs/overlayfs.h
> +++ b/fs/overlayfs/overlayfs.h
> @@ -32,6 +32,13 @@ enum ovl_path_type {
> #define OVL_XATTR_USER_PREFIX XATTR_USER_PREFIX OVL_XATTR_NAMESPACE
> #define OVL_XATTR_USER_PREFIX_LEN (sizeof(OVL_XATTR_USER_PREFIX) - 1)
>
> +#define OVL_XATTR_ESCAPE_PREFIX OVL_XATTR_NAMESPACE
> +#define OVL_XATTR_ESCAPE_PREFIX_LEN (sizeof(OVL_XATTR_ESCAPE_PREFIX) - 1)
> +#define OVL_XATTR_ESCAPE_TRUSTED_PREFIX OVL_XATTR_TRUSTED_PREFIX OVL_XATTR_ESCAPE_PREFIX
> +#define OVL_XATTR_ESCAPE_TRUSTED_PREFIX_LEN (sizeof(OVL_XATTR_ESCAPE_TRUSTED_PREFIX) - 1)
> +#define OVL_XATTR_ESCAPE_USER_PREFIX OVL_XATTR_USER_PREFIX OVL_XATTR_ESCAPE_PREFIX
> +#define OVL_XATTR_ESCAPE_USER_PREFIX_LEN (sizeof(OVL_XATTR_ESCAPE_USER_PREFIX) - 1)
> +
> enum ovl_xattr {
> OVL_XATTR_OPAQUE,
> OVL_XATTR_REDIRECT,
> diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
> index def266b5e2a3..97bc94459f7a 100644
> --- a/fs/overlayfs/super.c
> +++ b/fs/overlayfs/super.c
> @@ -434,11 +434,47 @@ static bool ovl_workdir_ok(struct dentry *workdir, struct dentry *upperdir)
> return ok;
> }
>
> +static char *ovl_xattr_escape_name(const char *prefix, const char *name)
> +{
> + size_t prefix_len = strlen(prefix);
> + size_t name_len = strlen(name);
> + size_t escaped_len;
> + char *escaped, *s;
> +
> + escaped_len = prefix_len + OVL_XATTR_ESCAPE_PREFIX_LEN + name_len;
> + if (escaped_len > XATTR_NAME_MAX)
> + return ERR_PTR(-EOPNOTSUPP);
> +
> + escaped = kmalloc(escaped_len + 1, GFP_KERNEL);
> + if (escaped == NULL)
> + return ERR_PTR(-ENOMEM);
> +
> + s = escaped;
> + memcpy(s, prefix, prefix_len);
> + s += prefix_len;
> + memcpy(s, OVL_XATTR_ESCAPE_PREFIX, OVL_XATTR_ESCAPE_PREFIX_LEN);
> + s += OVL_XATTR_ESCAPE_PREFIX_LEN;
> + memcpy(s, name, name_len + 1);
> +
> + return escaped;
> +}
> +
> static int ovl_own_xattr_get(const struct xattr_handler *handler,
> struct dentry *dentry, struct inode *inode,
> const char *name, void *buffer, size_t size)
> {
> - return -EOPNOTSUPP;
> + char *escaped;
> + int r;
> +
> + escaped = ovl_xattr_escape_name(handler->prefix, name);
> + if (IS_ERR(escaped))
> + return PTR_ERR(escaped);
> +
> + r = ovl_xattr_get(dentry, inode, escaped, buffer, size);
> +
> + kfree(escaped);
> +
> + return r;
> }
>
> static int ovl_own_xattr_set(const struct xattr_handler *handler,
> @@ -447,7 +483,18 @@ static int ovl_own_xattr_set(const struct xattr_handler *handler,
> const char *name, const void *value,
> size_t size, int flags)
> {
> - return -EOPNOTSUPP;
> + char *escaped;
> + int r;
> +
> + escaped = ovl_xattr_escape_name(handler->prefix, name);
> + if (IS_ERR(escaped))
> + return PTR_ERR(escaped);
> +
> + r = ovl_xattr_set(dentry, inode, escaped, value, size, flags);
> +
> + kfree(escaped);
> +
> + return r;
> }
>
I thought I posted those comments on github, but I don't see them -
it would be nice to first move the xattr handlers and get/set/listxattr
implementations to xattr.c file before adding escaping support.
We started shrinking down super.c and I'd hate to see it bloat again.
The way I see it, xattr.c only need to export this helper for super.c:
sb->s_xattr = ovl_xattr_handlers(ofs);
Thanks,
Amir.
next prev parent reply other threads:[~2023-08-16 18:46 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-16 15:29 [PATCH 0/4] Support nested overlayfs mounts Alexander Larsson
2023-08-16 15:29 ` [PATCH 1/4] ovl: Add OVL_XATTR_TRUSTED/USER_PREFIX_LEN macros Alexander Larsson
2023-08-16 15:29 ` [PATCH 2/4] ovl: Support escaped overlay.* xattrs Alexander Larsson
2023-08-16 18:45 ` Amir Goldstein [this message]
2023-08-16 15:29 ` [PATCH 3/4] ovl: Support creation of whiteout files on overlayfs Alexander Larsson
2023-08-16 18:40 ` Amir Goldstein
2023-08-16 15:29 ` [PATCH 4/4] ovl: Add documentation on nesting of overlayfs mounts Alexander Larsson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOQ4uxhN=ufK5cYyBsh68A=vGcZybMTJskdeXxsbyVim8YKx8A@mail.gmail.com' \
--to=amir73il@gmail.com \
--cc=alexl@redhat.com \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).