ovl: add support for unique fsid per instance

The legacy behavior of ovl_statfs() reports the f_fsid filled by
underlying upper fs. This fsid is not unique among overlayfs instances
on the same upper fs.

With mount option uuid=on, generate a non-persistent uuid per overlayfs
instance and use it as the seed for f_fsid, similar to tmpfs.

This is useful for reporting fanotify events with fid info from different
instances of overlayfs over the same upper fs.

The old behavior of null uuid and upper fs fsid is retained with the
mount option uuid=null, which is the default.

The mount option uuid=off that disables uuid checks in underlying layers
also retains the legacy behavior.

Signed-off-by: Amir Goldstein <amir73il@gmail.com>
This commit is contained in:
Amir Goldstein 2023-06-26 16:34:25 +03:00
parent 16aac5ad1f
commit b0504bfe1b
7 changed files with 69 additions and 13 deletions

View File

@ -657,6 +657,22 @@ can be useful in case the underlying disk is copied and the UUID of this copy
is changed. This is only applicable if all lower/upper/work directories are on is changed. This is only applicable if all lower/upper/work directories are on
the same filesystem, otherwise it will fallback to normal behaviour. the same filesystem, otherwise it will fallback to normal behaviour.
UUID and fsid
-------------
The UUID of overlayfs instance itself and the fsid reported by statfs(2) are
controlled by the "uuid" mount option, which supports these values:
- "null": (default)
UUID of overlayfs is null. fsid is taken from upper most filesystem.
- "off":
UUID of overlayfs is null. fsid is taken from upper most filesystem.
UUID of underlying layers is ignored.
- "on":
UUID of overlayfs is generated and used to report a unique fsid.
Volatile mount Volatile mount
-------------- --------------

View File

@ -416,7 +416,7 @@ struct ovl_fh *ovl_encode_real_fh(struct ovl_fs *ofs, struct dentry *real,
if (is_upper) if (is_upper)
fh->fb.flags |= OVL_FH_FLAG_PATH_UPPER; fh->fb.flags |= OVL_FH_FLAG_PATH_UPPER;
fh->fb.len = sizeof(fh->fb) + buflen; fh->fb.len = sizeof(fh->fb) + buflen;
if (ofs->config.uuid) if (ovl_origin_uuid(ofs))
fh->fb.uuid = *uuid; fh->fb.uuid = *uuid;
return fh; return fh;

View File

@ -171,8 +171,9 @@ struct dentry *ovl_decode_real_fh(struct ovl_fs *ofs, struct ovl_fh *fh,
* layer where file handle will be decoded. * layer where file handle will be decoded.
* In case of uuid=off option just make sure that stored uuid is null. * In case of uuid=off option just make sure that stored uuid is null.
*/ */
if (ofs->config.uuid ? !uuid_equal(&fh->fb.uuid, &mnt->mnt_sb->s_uuid) : if (ovl_origin_uuid(ofs) ?
!uuid_is_null(&fh->fb.uuid)) !uuid_equal(&fh->fb.uuid, &mnt->mnt_sb->s_uuid) :
!uuid_is_null(&fh->fb.uuid))
return NULL; return NULL;
bytes = (fh->fb.len - offsetof(struct ovl_fb, fid)); bytes = (fh->fb.len - offsetof(struct ovl_fb, fid));

View File

@ -67,6 +67,12 @@ enum {
OVL_REDIRECT_ON, OVL_REDIRECT_ON,
}; };
enum {
OVL_UUID_OFF,
OVL_UUID_NULL,
OVL_UUID_ON,
};
enum { enum {
OVL_XINO_OFF, OVL_XINO_OFF,
OVL_XINO_AUTO, OVL_XINO_AUTO,
@ -534,6 +540,16 @@ static inline bool ovl_redirect_dir(struct ovl_fs *ofs)
return ofs->config.redirect_mode == OVL_REDIRECT_ON; return ofs->config.redirect_mode == OVL_REDIRECT_ON;
} }
static inline bool ovl_origin_uuid(struct ovl_fs *ofs)
{
return ofs->config.uuid != OVL_UUID_OFF;
}
static inline bool ovl_has_fsid(struct ovl_fs *ofs)
{
return ofs->config.uuid == OVL_UUID_ON;
}
/* /*
* With xino=auto, we do best effort to keep all inodes on same st_dev and * With xino=auto, we do best effort to keep all inodes on same st_dev and
* d_ino consistent with st_ino. * d_ino consistent with st_ino.

View File

@ -12,7 +12,7 @@ struct ovl_config {
int redirect_mode; int redirect_mode;
int verity_mode; int verity_mode;
bool index; bool index;
bool uuid; int uuid;
bool nfs_export; bool nfs_export;
int xino; int xino;
bool metacopy; bool metacopy;

View File

@ -65,6 +65,23 @@ static const struct constant_table ovl_parameter_bool[] = {
{} {}
}; };
static const struct constant_table ovl_parameter_uuid[] = {
{ "off", OVL_UUID_OFF },
{ "null", OVL_UUID_NULL },
{ "on", OVL_UUID_ON },
{}
};
static const char *ovl_uuid_mode(struct ovl_config *config)
{
return ovl_parameter_uuid[config->uuid].name;
}
static int ovl_uuid_def(void)
{
return OVL_UUID_NULL;
}
static const struct constant_table ovl_parameter_xino[] = { static const struct constant_table ovl_parameter_xino[] = {
{ "off", OVL_XINO_OFF }, { "off", OVL_XINO_OFF },
{ "auto", OVL_XINO_AUTO }, { "auto", OVL_XINO_AUTO },
@ -129,7 +146,7 @@ const struct fs_parameter_spec ovl_parameter_spec[] = {
fsparam_flag("default_permissions", Opt_default_permissions), fsparam_flag("default_permissions", Opt_default_permissions),
fsparam_enum("redirect_dir", Opt_redirect_dir, ovl_parameter_redirect_dir), fsparam_enum("redirect_dir", Opt_redirect_dir, ovl_parameter_redirect_dir),
fsparam_enum("index", Opt_index, ovl_parameter_bool), fsparam_enum("index", Opt_index, ovl_parameter_bool),
fsparam_enum("uuid", Opt_uuid, ovl_parameter_bool), fsparam_enum("uuid", Opt_uuid, ovl_parameter_uuid),
fsparam_enum("nfs_export", Opt_nfs_export, ovl_parameter_bool), fsparam_enum("nfs_export", Opt_nfs_export, ovl_parameter_bool),
fsparam_flag("userxattr", Opt_userxattr), fsparam_flag("userxattr", Opt_userxattr),
fsparam_enum("xino", Opt_xino, ovl_parameter_xino), fsparam_enum("xino", Opt_xino, ovl_parameter_xino),
@ -701,7 +718,7 @@ int ovl_init_fs_context(struct fs_context *fc)
ofs->config.redirect_mode = ovl_redirect_mode_def(); ofs->config.redirect_mode = ovl_redirect_mode_def();
ofs->config.index = ovl_index_def; ofs->config.index = ovl_index_def;
ofs->config.uuid = true; ofs->config.uuid = ovl_uuid_def();
ofs->config.nfs_export = ovl_nfs_export_def; ofs->config.nfs_export = ovl_nfs_export_def;
ofs->config.xino = ovl_xino_def(); ofs->config.xino = ovl_xino_def();
ofs->config.metacopy = ovl_metacopy_def; ofs->config.metacopy = ovl_metacopy_def;
@ -947,8 +964,8 @@ int ovl_show_options(struct seq_file *m, struct dentry *dentry)
ovl_redirect_mode(&ofs->config)); ovl_redirect_mode(&ofs->config));
if (ofs->config.index != ovl_index_def) if (ofs->config.index != ovl_index_def)
seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off"); seq_printf(m, ",index=%s", ofs->config.index ? "on" : "off");
if (!ofs->config.uuid) if (ofs->config.uuid != ovl_uuid_def())
seq_puts(m, ",uuid=off"); seq_printf(m, ",uuid=%s", ovl_uuid_mode(&ofs->config));
if (ofs->config.nfs_export != ovl_nfs_export_def) if (ofs->config.nfs_export != ovl_nfs_export_def)
seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ? seq_printf(m, ",nfs_export=%s", ofs->config.nfs_export ?
"on" : "off"); "on" : "off");

View File

@ -242,8 +242,9 @@ static int ovl_sync_fs(struct super_block *sb, int wait)
*/ */
static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf) static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf)
{ {
struct ovl_fs *ofs = dentry->d_sb->s_fs_info; struct super_block *sb = dentry->d_sb;
struct dentry *root_dentry = dentry->d_sb->s_root; struct ovl_fs *ofs = OVL_FS(sb);
struct dentry *root_dentry = sb->s_root;
struct path path; struct path path;
int err; int err;
@ -253,6 +254,8 @@ static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf)
if (!err) { if (!err) {
buf->f_namelen = ofs->namelen; buf->f_namelen = ofs->namelen;
buf->f_type = OVERLAYFS_SUPER_MAGIC; buf->f_type = OVERLAYFS_SUPER_MAGIC;
if (ovl_has_fsid(ofs))
buf->f_fsid = uuid_to_fsid(sb->s_uuid.b);
} }
return err; return err;
@ -1421,9 +1424,12 @@ int ovl_fill_super(struct super_block *sb, struct fs_context *fc)
if (!ovl_upper_mnt(ofs)) if (!ovl_upper_mnt(ofs))
sb->s_flags |= SB_RDONLY; sb->s_flags |= SB_RDONLY;
if (!ofs->config.uuid && ofs->numfs > 1) { if (!ovl_origin_uuid(ofs) && ofs->numfs > 1) {
pr_warn("The uuid=off requires a single fs for lower and upper, falling back to uuid=on.\n"); pr_warn("The uuid=off requires a single fs for lower and upper, falling back to uuid=null.\n");
ofs->config.uuid = true; ofs->config.uuid = OVL_UUID_NULL;
} else if (ovl_has_fsid(ofs)) {
/* Use per instance uuid/fsid */
uuid_gen(&sb->s_uuid);
} }
if (!ovl_force_readonly(ofs) && ofs->config.index) { if (!ovl_force_readonly(ofs) && ofs->config.index) {