| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250521-ovl_ro-v1-1-2350b1493d94@igalia.com>
Date: Wed, 21 May 2025 03:42:12 -0300
From: André Almeida <andrealmeid@...lia.com>
To: Miklos Szeredi <miklos@...redi.hu>, Amir Goldstein <amir73il@...il.com>,
Christian Brauner <brauner@...nel.org>
Cc: linux-unionfs@...r.kernel.org, linux-kernel@...r.kernel.org,
kernel-dev@...lia.com, linux-fsdevel@...r.kernel.org,
André Almeida <andrealmeid@...lia.com>
Subject: [PATCH] ovl: Allow mount options to be parsed on remount
Allow mount options to be parsed on remount when using the new mount(8)
API. This allows to give a precise error code to userspace when the
remount is using wrong arguments instead of a generic -EINVAL error.
Signed-off-by: André Almeida <andrealmeid@...lia.com>
---
Hi folks,
I was playing with xfstest with overlayfs and I got those fails:
$ sudo TEST_DIR=/tmp/dir1 TEST_DEV=/dev/vdb SCRATCH_DEV=/dev/vdc SCRATCH_MNT=/tmp/dir2 ./check -overlay
...
Failures: generic/294 generic/306 generic/452 generic/599 generic/623 overlay/035
Failed 6 of 859 tests
5 of those 6 fails were related to the same issue, where fsconfig
syscall returns EINVAL instead of EROFS:
-mount: cannot remount device read-write, is write-protected
+mount: /tmp/dir2/ovl-mnt: fsconfig() failed: overlay: No changes allowed in reconfigure
I tracked down the origin of this issue being commit ceecc2d87f00 ("ovl:
reserve ability to reconfigure mount options with new mount api"), where
ovl_parse_param() was modified to reject any reconfiguration when using
the new mount API, returning -EINVAL. This was done to avoid non-sense
parameters being accepted by the new API, as exemplified in the commit
message:
mount -t overlay overlay -o lowerdir=/mnt/a:/mnt/b,upperdir=/mnt/upper,workdir=/mnt/work /mnt/merged
and then issue a remount via:
# force mount(8) to use mount(2)
export LIBMOUNT_FORCE_MOUNT2=always
mount -t overlay overlay -o remount,WOOTWOOT,lowerdir=/DOESNT-EXIST /mnt/merged
with completely nonsensical mount options whatsoever it will succeed
nonetheless.
However, after manually reverting such commit, I found out that
currently those nonsensical mount options are being reject by the
kernel:
$ mount -t overlay overlay -o remount,WOOTWOOT,lowerdir=/DOESNT-EXIST /mnt/merged
mount: /mnt/merged: fsconfig() failed: overlay: Unknown parameter 'WOOTWOOT'.
$ mount -t overlay overlay -o remount,lowerdir=/DOESNT-EXIST /mnt/merged
mount: /mnt/merged: special device overlay does not exist.
dmesg(1) may have more information after failed mount system call
And now 5 tests are passing because the code can now returns EROFS:
Failures: generic/623
Failed 1 of 1 tests
So this patch basically allows for the parameters to be parsed and to
return an appropriated error message instead of a generic EINVAL one.
Please let me know if this looks like going in the right direction.
Thanks!
---
fs/overlayfs/params.c | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/fs/overlayfs/params.c b/fs/overlayfs/params.c
index f42488c019572479d8fdcfc1efd62b21d2995875..f6b7acc0fee6174c48fcc8b87481fbcb60e6d421 100644
--- a/fs/overlayfs/params.c
+++ b/fs/overlayfs/params.c
@@ -600,15 +600,6 @@ static int ovl_parse_param(struct fs_context *fc, struct fs_parameter *param)
*/
if (fc->oldapi)
return 0;
-
- /*
- * Give us the freedom to allow changing mount options
- * with the new mount api in the future. So instead of
- * silently ignoring everything we report a proper
- * error. This is only visible for users of the new
- * mount api.
- */
- return invalfc(fc, "No changes allowed in reconfigure");
}
opt = fs_parse(fc, ovl_parameter_spec, param, &result);
---
base-commit: b87e2318cdaa14024b62ab428b3471d81eafaf1a
change-id: 20250521-ovl_ro-b38a57d2984d
Best regards,
--
André Almeida <andrealmeid@...lia.com>
Powered by blists - more mailing lists