[packages/kernel.git] / ovl09-fs-limit-filesystem-stacking-depth.patch

From d990b52f916662c551b56aa46ef86141ecc4e679 Mon Sep 17 00:00:00 2001
From: Miklos Szeredi <mszeredi@suse.cz>
Date: Thu, 30 Aug 2012 16:13:50 +0200
Subject: [PATCH 08/13] fs: limit filesystem stacking depth
Patch-mainline: not yet

Add a simple read-only counter to super_block that indicates deep this
is in the stack of filesystems.  Previously ecryptfs was the only
stackable filesystem and it explicitly disallowed multiple layers of
itself.

Overlayfs, however, can be stacked recursively and also may be stacked
on top of ecryptfs or vice versa.

To limit the kernel stack usage we must limit the depth of the
filesystem stack.  Initially the limit is set to 2.

Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
---
 fs/ecryptfs/main.c   |    7 +++++++
 fs/overlayfs/super.c |   10 ++++++++++
 include/linux/fs.h   |   11 +++++++++++
 3 files changed, 28 insertions(+)

--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -567,6 +567,13 @@ static struct dentry *ecryptfs_mount(str
 	s->s_maxbytes = path.dentry->d_sb->s_maxbytes;
 	s->s_blocksize = path.dentry->d_sb->s_blocksize;
 	s->s_magic = ECRYPTFS_SUPER_MAGIC;
+	s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1;
+
+	rc = -EINVAL;
+	if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
+		pr_err("eCryptfs: maximum fs stacking depth exceeded\n");
+		goto out_free;
+	}
 
 	inode = ecryptfs_get_inode(path.dentry->d_inode, s);
 	rc = PTR_ERR(inode);
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -571,6 +571,16 @@ static int ovl_fill_super(struct super_b
 	}
 	ufs->lower_namelen = statfs.f_namelen;
 
+	sb->s_stack_depth = max(upperpath.mnt->mnt_sb->s_stack_depth,
+				lowerpath.mnt->mnt_sb->s_stack_depth) + 1;
+
+	err = -EINVAL;
+	if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
+		pr_err("overlayfs: maximum fs stacking depth exceeded\n");
+		goto out_put_lowerpath;
+	}
+
+
 	ufs->upper_mnt = clone_private_mount(&upperpath);
 	err = PTR_ERR(ufs->upper_mnt);
 	if (IS_ERR(ufs->upper_mnt)) {
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -244,6 +244,12 @@ struct iattr {
  */
 #include <linux/quota.h>
 
+/*
+ * Maximum number of layers of fs stack.  Needs to be limited to
+ * prevent kernel stack overflow
+ */
+#define FILESYSTEM_MAX_STACK_DEPTH 2
+
 /** 
  * enum positive_aop_returns - aop return codes with specific semantics
  *
@@ -1322,6 +1328,11 @@ struct super_block {
 
 	/* AIO completions deferred from interrupt context */
 	struct workqueue_struct *s_dio_done_wq;
+
+	/*
+	 * Indicates how deep in a filesystem stack this SB is
+	 */
+	int s_stack_depth;
 
 	/*
 	 * Keep the lru lists last in the structure so they always sit on their
Commit	Line	Data
	1	From d990b52f916662c551b56aa46ef86141ecc4e679 Mon Sep 17 00:00:00 2001
	2	From: Miklos Szeredi <mszeredi@suse.cz>
	3	Date: Thu, 30 Aug 2012 16:13:50 +0200
	4	Subject: [PATCH 08/13] fs: limit filesystem stacking depth
	5	Patch-mainline: not yet
	6
	7	Add a simple read-only counter to super_block that indicates deep this
	8	is in the stack of filesystems. Previously ecryptfs was the only
	9	stackable filesystem and it explicitly disallowed multiple layers of
	10	itself.
	11
	12	Overlayfs, however, can be stacked recursively and also may be stacked
	13	on top of ecryptfs or vice versa.
	14
	15	To limit the kernel stack usage we must limit the depth of the
	16	filesystem stack. Initially the limit is set to 2.
	17
	18	Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
	19	---
	20	fs/ecryptfs/main.c \| 7 +++++++
	21	fs/overlayfs/super.c \| 10 ++++++++++
	22	include/linux/fs.h \| 11 +++++++++++
	23	3 files changed, 28 insertions(+)
	24
	25	--- a/fs/ecryptfs/main.c
	26	+++ b/fs/ecryptfs/main.c
	27	@@ -567,6 +567,13 @@ static struct dentry *ecryptfs_mount(str
	28	s->s_maxbytes = path.dentry->d_sb->s_maxbytes;
	29	s->s_blocksize = path.dentry->d_sb->s_blocksize;
	30	s->s_magic = ECRYPTFS_SUPER_MAGIC;
	31	+ s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1;
	32	+
	33	+ rc = -EINVAL;
	34	+ if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
	35	+ pr_err("eCryptfs: maximum fs stacking depth exceeded\n");
	36	+ goto out_free;
	37	+ }
	38
	39	inode = ecryptfs_get_inode(path.dentry->d_inode, s);
	40	rc = PTR_ERR(inode);
	41	--- a/fs/overlayfs/super.c
	42	+++ b/fs/overlayfs/super.c
	43	@@ -571,6 +571,16 @@ static int ovl_fill_super(struct super_b
	44	}
	45	ufs->lower_namelen = statfs.f_namelen;
	46
	47	+ sb->s_stack_depth = max(upperpath.mnt->mnt_sb->s_stack_depth,
	48	+ lowerpath.mnt->mnt_sb->s_stack_depth) + 1;
	49	+
	50	+ err = -EINVAL;
	51	+ if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
	52	+ pr_err("overlayfs: maximum fs stacking depth exceeded\n");
	53	+ goto out_put_lowerpath;
	54	+ }
	55	+
	56	+
	57	ufs->upper_mnt = clone_private_mount(&upperpath);
	58	err = PTR_ERR(ufs->upper_mnt);
	59	if (IS_ERR(ufs->upper_mnt)) {
	60	--- a/include/linux/fs.h
	61	+++ b/include/linux/fs.h
	62	@@ -244,6 +244,12 @@ struct iattr {
	63	*/
	64	#include <linux/quota.h>
	65
	66	+/*
	67	+ * Maximum number of layers of fs stack. Needs to be limited to
	68	+ * prevent kernel stack overflow
	69	+ */
	70	+#define FILESYSTEM_MAX_STACK_DEPTH 2
	71	+
	72	/**
	73	* enum positive_aop_returns - aop return codes with specific semantics
	74	*
	75	@@ -1322,6 +1328,11 @@ struct super_block {
	76
	77	/* AIO completions deferred from interrupt context */
	78	struct workqueue_struct *s_dio_done_wq;
	79	+
	80	+ /*
	81	+ * Indicates how deep in a filesystem stack this SB is
	82	+ */
	83	+ int s_stack_depth;
	84
	85	/*
	86	* Keep the lru lists last in the structure so they always sit on their