ovl: do not cleanup unsupported index entries

BugLink: http://bugs.launchpad.net/bugs/1731961
commit fa0096e3bad69ed6f34843fd7ae1c45ca987012a upstream.

With index=on, ovl_indexdir_cleanup() tries to cleanup invalid index
entries (e.g. bad index name). This behavior could result in cleaning of
entries created by newer kernels and is therefore undesirable.
Instead, abort mount if such entries are encountered. We still cleanup
'stale' entries and 'orphan' entries, both those cases can be a result
of offline changes to lower and upper dirs.

When encoutering an index entry of type directory or whiteout, kernel
was supposed to fallback to read-only mount, but the fill_super()
operation returns EROFS in this case instead of returning success with
read-only mount flag, so mount fails when encoutering directory or
whiteout index entries. Bless this behavior by returning -EINVAL on
directory and whiteout index entries as we do for all unsupported index
entries.

Fixes: 61b674710cd9 ("ovl: do not cleanup directory and whiteout index..")
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>

diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c
index e2fc425da165d5272e07a18a404036bf4e1ef009..0223ef4acbe4af7d3c029a9d30762ac0bc91e1c5 100644 (file)
--- a/fs/overlayfs/namei.c
+++ b/fs/overlayfs/namei.c
@@ -405,14 +405,13 @@ int ovl_verify_index(struct dentry *index, struct path *lowerstack,
         * be treated as stale (i.e. after unlink of the overlay inode).
         * We don't know the verification rules for directory and whiteout
         * index entries, because they have not been implemented yet, so return
-        * EROFS if those entries are found to avoid corrupting an index that
-        * was created by a newer kernel.
+        * EINVAL if those entries are found to abort the mount to avoid
+        * corrupting an index that was created by a newer kernel.
         */
-       err = -EROFS;
+       err = -EINVAL;
        if (d_is_dir(index) || ovl_is_whiteout(index))
                goto fail;
 
-       err = -EINVAL;
        if (index->d_name.len < sizeof(struct ovl_fh)*2)
                goto fail;
 

diff --git a/fs/overlayfs/readdir.c b/fs/overlayfs/readdir.c
index 74f7ead442f03b674c6b61af4ba11b80c31a6ccf..3ff960372cb9e73eae22bcb972d975403c316658 100644 (file)
--- a/fs/overlayfs/readdir.c
+++ b/fs/overlayfs/readdir.c
@@ -704,13 +704,12 @@ int ovl_indexdir_cleanup(struct dentry *dentry, struct vfsmount *mnt,
                        break;
                }
                err = ovl_verify_index(index, lowerstack, numlower);
-               if (err) {
-                       if (err == -EROFS)
-                               break;
+               /* Cleanup stale and orphan index entries */
+               if (err && (err == -ESTALE || err == -ENOENT))
                        err = ovl_cleanup(dir, index);
-                       if (err)
-                               break;
-               }
+               if (err)
+                       break;
+
                dput(index);
                index = NULL;
        }