95 lines
2.8 KiB
Diff
95 lines
2.8 KiB
Diff
From 094e2fc56d5a0dd9d5c579e08bd4df3013bb171a Mon Sep 17 00:00:00 2001
|
|
From: Miklos Szeredi <mszeredi@suse.cz>
|
|
Date: Thu, 27 Jun 2013 16:39:50 +0200
|
|
Subject: [PATCH 9/9] fs: limit filesystem stacking depth
|
|
|
|
Add a simple read-only counter to super_block that indicates deep this
|
|
is in the stack of filesystems. Previously ecryptfs was the only
|
|
stackable filesystem and it explicitly disallowed multiple layers of
|
|
itself.
|
|
|
|
Overlayfs, however, can be stacked recursively and also may be stacked
|
|
on top of ecryptfs or vice versa.
|
|
|
|
To limit the kernel stack usage we must limit the depth of the
|
|
filesystem stack. Initially the limit is set to 2.
|
|
|
|
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
|
|
---
|
|
fs/ecryptfs/main.c | 7 +++++++
|
|
fs/overlayfs/super.c | 10 ++++++++++
|
|
include/linux/fs.h | 11 +++++++++++
|
|
3 files changed, 28 insertions(+)
|
|
|
|
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
|
|
index e924cf4..8b0957e 100644
|
|
--- a/fs/ecryptfs/main.c
|
|
+++ b/fs/ecryptfs/main.c
|
|
@@ -567,6 +567,13 @@ static struct dentry *ecryptfs_mount(struct file_system_type *fs_type, int flags
|
|
s->s_maxbytes = path.dentry->d_sb->s_maxbytes;
|
|
s->s_blocksize = path.dentry->d_sb->s_blocksize;
|
|
s->s_magic = ECRYPTFS_SUPER_MAGIC;
|
|
+ s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1;
|
|
+
|
|
+ rc = -EINVAL;
|
|
+ if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
|
|
+ pr_err("eCryptfs: maximum fs stacking depth exceeded\n");
|
|
+ goto out_free;
|
|
+ }
|
|
|
|
inode = ecryptfs_get_inode(path.dentry->d_inode, s);
|
|
rc = PTR_ERR(inode);
|
|
diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
|
|
index 066ea5a..9473e79 100644
|
|
--- a/fs/overlayfs/super.c
|
|
+++ b/fs/overlayfs/super.c
|
|
@@ -570,6 +570,16 @@ static int ovl_fill_super(struct super_block *sb, void *data, int silent)
|
|
}
|
|
ufs->lower_namelen = statfs.f_namelen;
|
|
|
|
+ sb->s_stack_depth = max(upperpath.mnt->mnt_sb->s_stack_depth,
|
|
+ lowerpath.mnt->mnt_sb->s_stack_depth) + 1;
|
|
+
|
|
+ err = -EINVAL;
|
|
+ if (sb->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
|
|
+ pr_err("overlayfs: maximum fs stacking depth exceeded\n");
|
|
+ goto out_put_lowerpath;
|
|
+ }
|
|
+
|
|
+
|
|
ufs->upper_mnt = clone_private_mount(&upperpath);
|
|
err = PTR_ERR(ufs->upper_mnt);
|
|
if (IS_ERR(ufs->upper_mnt)) {
|
|
diff --git a/include/linux/fs.h b/include/linux/fs.h
|
|
index 8a6752b..72d04f8 100644
|
|
--- a/include/linux/fs.h
|
|
+++ b/include/linux/fs.h
|
|
@@ -244,6 +244,12 @@ struct iattr {
|
|
*/
|
|
#include <linux/quota.h>
|
|
|
|
+/*
|
|
+ * Maximum number of layers of fs stack. Needs to be limited to
|
|
+ * prevent kernel stack overflow
|
|
+ */
|
|
+#define FILESYSTEM_MAX_STACK_DEPTH 2
|
|
+
|
|
/**
|
|
* enum positive_aop_returns - aop return codes with specific semantics
|
|
*
|
|
@@ -1322,6 +1328,11 @@ struct super_block {
|
|
|
|
/* Being remounted read-only */
|
|
int s_readonly_remount;
|
|
+
|
|
+ /*
|
|
+ * Indicates how deep in a filesystem stack this SB is
|
|
+ */
|
|
+ int s_stack_depth;
|
|
};
|
|
|
|
/* superblock cache pruning functions */
|
|
--
|
|
1.8.3.2
|
|
|