| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bf7f5eb0-7c9f-41e1-9a39-2278595b98e9@linux.alibaba.com>
Date: Thu, 8 Jan 2026 17:25:37 +0800
From: Gao Xiang <hsiangkao@...ux.alibaba.com>
To: Sheng Yong <shengyong2021@...il.com>, linux-erofs@...ts.ozlabs.org
Cc: shengyong1@...omi.com, LKML <linux-kernel@...r.kernel.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Dusty Mabe <dusty@...tymabe.com>, Timothée Ravier
<tim@...sm.fr>, Alekséi Naidénov <an@...italtide.io>,
Amir Goldstein <amir73il@...il.com>, Alexander Larsson <alexl@...hat.com>,
Christian Brauner <brauner@...nel.org>, Miklos Szeredi
<mszeredi@...hat.com>, Zhiguo Niu <niuzhiguo84@...il.com>
Subject: Re: [PATCH v3 RESEND] erofs: don't bother with s_stack_depth
increasing for now
Hi Sheng,
On 2026/1/8 17:14, Sheng Yong wrote:
> On 1/8/26 11:07, Gao Xiang wrote:
>> Previously, commit d53cd891f0e4 ("erofs: limit the level of fs stacking
>> for file-backed mounts") bumped `s_stack_depth` by one to avoid kernel
>> stack overflow when stacking an unlimited number of EROFS on top of
>> each other.
>>
>> This fix breaks composefs mounts, which need EROFS+ovl^2 sometimes
>> (and such setups are already used in production for quite a long time).
>>
>> One way to fix this regression is to bump FILESYSTEM_MAX_STACK_DEPTH
>> from 2 to 3, but proving that this is safe in general is a high bar.
>>
>> After a long discussion on GitHub issues [1] about possible solutions,
>> one conclusion is that there is no need to support nesting file-backed
>> EROFS mounts on stacked filesystems, because there is always the option
>> to use loopback devices as a fallback.
>>
>> As a quick fix for the composefs regression for this cycle, instead of
>> bumping `s_stack_depth` for file backed EROFS mounts, we disallow
>> nesting file-backed EROFS over EROFS and over filesystems with
>> `s_stack_depth` > 0.
>>
>> This works for all known file-backed mount use cases (composefs,
>> containerd, and Android APEX for some Android vendors), and the fix is
>> self-contained.
>>
>> Essentially, we are allowing one extra unaccounted fs stacking level of
>> EROFS below stacking filesystems, but EROFS can only be used in the read
>> path (i.e. overlayfs lower layers), which typically has much lower stack
>> usage than the write path.
>>
>> We can consider increasing FILESYSTEM_MAX_STACK_DEPTH later, after more
>> stack usage analysis or using alternative approaches, such as splitting
>> the `s_stack_depth` limitation according to different combinations of
>> stacking.
>>
>> Fixes: d53cd891f0e4 ("erofs: limit the level of fs stacking for file-backed mounts")
>> Reported-and-tested-by: Dusty Mabe <dusty@...tymabe.com>
>> Reported-by: Timothée Ravier <tim@...sm.fr>
>> Closes: https://github.com/coreos/fedora-coreos-tracker/issues/2087 [1]
>> Reported-by: "Alekséi Naidénov" <an@...italtide.io>
>> Closes: https://lore.kernel.org/r/CAFHtUiYv4+=+JP_-JjARWjo6OwcvBj1wtYN=z0QXwCpec9sXtg@mail.gmail.com
>> Acked-by: Amir Goldstein <amir73il@...il.com>
>> Acked-by: Alexander Larsson <alexl@...hat.com>
>> Cc: Christian Brauner <brauner@...nel.org>
>> Cc: Miklos Szeredi <mszeredi@...hat.com>
>> Cc: Sheng Yong <shengyong1@...omi.com>
>> Cc: Zhiguo Niu <niuzhiguo84@...il.com>
>> Signed-off-by: Gao Xiang <hsiangkao@...ux.alibaba.com>
>
> Reviewed-and-tested-by: Sheng Yong <shengyong1@...omi.com>
>
> I tested the APEX scenario on an Android phone. APEX images are
> filebacked-mounted correctly.
> And for a stacked APEX testcase, it reports error as expected.
Just to make sure it's an invalid case (should not be used on
Android), yes? If so, thanks for the test on the APEX side.
Thanks,
Gao Xiang
>
> thanks,
> shengyong
Powered by blists - more mailing lists