git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Miklos Szeredi <mszeredi@redhat.com>
	Thu, 1 Sep 2016 09:11:59 +0000 (11:11 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 15 Sep 2016 06:20:28 +0000 (08:20 +0200)
commit	0147f6b0d92e085327531146bff9038ed99a10e8
tree	e2f325e11cd18641f3a100a6cb7bb2117ecc3289	tree
parent	b035f15daf750e1594964d68889e0de5c3014922	commit \| diff

ovl: proper cleanup of workdir

commit eea2fb4851e9dcbab6b991aaf47e2e024f1f55a0 upstream.

When mounting overlayfs it needs a clean "work" directory under the
supplied workdir.

Previously the mount code removed this directory if it already existed and
created a new one. If the removal failed (e.g. directory was not empty)
then it fell back to a read-only mount not using the workdir.

While this has never been reported, it is possible to get a non-empty
"work" dir from a previous mount of overlayfs in case of crash in the
middle of an operation using the work directory.

In this case the left over state should be discarded and the overlay
filesystem will be consistent, guaranteed by the atomicity of operations on
moving to/from the workdir to the upper layer.

This patch implements cleaning out any files left in workdir. It is
implemented using real recursion for simplicity, but the depth is limited
to 2, because the worst case is that of a directory containing whiteouts
under "work".

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/overlayfs/overlayfs.h		diff \| blob \| blame \| history
fs/overlayfs/readdir.c		diff \| blob \| blame \| history
fs/overlayfs/super.c		diff \| blob \| blame \| history