]>
Commit | Line | Data |
---|---|---|
68184a5a JR |
1 | From d990b52f916662c551b56aa46ef86141ecc4e679 Mon Sep 17 00:00:00 2001 |
2 | From: Miklos Szeredi <mszeredi@suse.cz> | |
3 | Date: Thu, 30 Aug 2012 16:13:50 +0200 | |
4 | Subject: [PATCH 08/13] fs: limit filesystem stacking depth | |
5 | Patch-mainline: not yet | |
6 | ||
7 | Add a simple read-only counter to super_block that indicates deep this | |
8 | is in the stack of filesystems. Previously ecryptfs was the only | |
9 | stackable filesystem and it explicitly disallowed multiple layers of | |
10 | itself. | |
11 | ||
12 | Overlayfs, however, can be stacked recursively and also may be stacked | |
13 | on top of ecryptfs or vice versa. | |
14 | ||
15 | To limit the kernel stack usage we must limit the depth of the | |
16 | filesystem stack. Initially the limit is set to 2. | |
17 | ||
18 | Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> | |
19 | --- | |
20 | fs/ecryptfs/main.c | 7 +++++++ | |
21 | fs/overlayfs/super.c | 10 ++++++++++ | |
22 | include/linux/fs.h | 11 +++++++++++ | |
23 | 3 files changed, 28 insertions(+) | |
24 | ||
c06a8ce3 AM |
25 | --- a/fs/ecryptfs/main.c |
26 | +++ b/fs/ecryptfs/main.c | |
27 | @@ -567,6 +567,13 @@ static struct dentry *ecryptfs_mount(str | |
68184a5a JR |
28 | s->s_maxbytes = path.dentry->d_sb->s_maxbytes; |
29 | s->s_blocksize = path.dentry->d_sb->s_blocksize; | |
30 | s->s_magic = ECRYPTFS_SUPER_MAGIC; | |
31 | + s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1; | |
32 | + | |
33 | + rc = -EINVAL; | |
34 | + if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) { | |
c06a8ce3 | 35 | + pr_err("eCryptfs: maximum fs stacking depth exceeded\n"); |
68184a5a JR |
36 | + goto out_free; |
37 | + } | |
38 | ||
39 | inode = ecryptfs_get_inode(path.dentry->d_inode, s); | |
40 | rc = PTR_ERR(inode); | |
c06a8ce3 AM |
41 | --- a/fs/overlayfs/super.c |
42 | +++ b/fs/overlayfs/super.c | |
43 | @@ -571,6 +571,16 @@ static int ovl_fill_super(struct super_b | |
68184a5a JR |
44 | } |
45 | ufs->lower_namelen = statfs.f_namelen; | |
46 | ||
47 | + sb->s_stack_depth = max(upperpath.mnt->mnt_sb->s_stack_depth, | |
48 | + lowerpath.mnt->mnt_sb->s_stack_depth) + 1; | |
49 | + | |
50 | + err = -EINVAL; | |
51 | + if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) { | |
c06a8ce3 | 52 | + pr_err("overlayfs: maximum fs stacking depth exceeded\n"); |
68184a5a JR |
53 | + goto out_put_lowerpath; |
54 | + } | |
55 | + | |
56 | + | |
57 | ufs->upper_mnt = clone_private_mount(&upperpath); | |
58 | err = PTR_ERR(ufs->upper_mnt); | |
59 | if (IS_ERR(ufs->upper_mnt)) { | |
c06a8ce3 AM |
60 | --- a/include/linux/fs.h |
61 | +++ b/include/linux/fs.h | |
62 | @@ -244,6 +244,12 @@ struct iattr { | |
68184a5a JR |
63 | */ |
64 | #include <linux/quota.h> | |
65 | ||
66 | +/* | |
67 | + * Maximum number of layers of fs stack. Needs to be limited to | |
68 | + * prevent kernel stack overflow | |
69 | + */ | |
70 | +#define FILESYSTEM_MAX_STACK_DEPTH 2 | |
71 | + | |
72 | /** | |
73 | * enum positive_aop_returns - aop return codes with specific semantics | |
74 | * | |
c06a8ce3 | 75 | @@ -1322,6 +1328,11 @@ struct super_block { |
68184a5a JR |
76 | |
77 | /* Being remounted read-only */ | |
78 | int s_readonly_remount; | |
79 | + | |
80 | + /* | |
81 | + * Indicates how deep in a filesystem stack this SB is | |
82 | + */ | |
83 | + int s_stack_depth; | |
84 | }; | |
85 | ||
86 | /* superblock cache pruning functions */ |