linux/fs/overlayfs
Sargun Dhillon 335d3fc579 ovl: implement volatile-specific fsync error behaviour
Overlayfs's volatile option allows the user to bypass all forced sync calls
to the upperdir filesystem. This comes at the cost of safety. We can never
ensure that the user's data is intact, but we can make a best effort to
expose whether or not the data is likely to be in a bad state.

The best way to handle this in the time being is that if an overlayfs's
upperdir experiences an error after a volatile mount occurs, that error
will be returned on fsync, fdatasync, sync, and syncfs. This is
contradictory to the traditional behaviour of VFS which fails the call
once, and only raises an error if a subsequent fsync error has occurred,
and been raised by the filesystem.

One awkward aspect of the patch is that we have to manually set the
superblock's errseq_t after the sync_fs callback as opposed to just
returning an error from syncfs. This is because the call chain looks
something like this:

sys_syncfs ->
	sync_filesystem ->
		__sync_filesystem ->
			/* The return value is ignored here
			sb->s_op->sync_fs(sb)
			_sync_blockdev
		/* Where the VFS fetches the error to raise to userspace */
		errseq_check_and_advance

Because of this we call errseq_set every time the sync_fs callback occurs.
Due to the nature of this seen / unseen dichotomy, if the upperdir is an
inconsistent state at the initial mount time, overlayfs will refuse to
mount, as overlayfs cannot get a snapshot of the upperdir's errseq that
will increment on error until the user calls syncfs.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
Suggested-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Fixes: c86243b090 ("ovl: provide a mount option "volatile"")
Cc: stable@vger.kernel.org
Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
2021-01-28 10:22:48 +01:00
..
copy_up.c ovl: skip getxattr of security labels 2021-01-28 10:22:48 +01:00
dir.c ovl: fix dentry leak in ovl_get_redirect 2021-01-28 10:22:48 +01:00
export.c ovl: propagate ovl_fs to ovl_decode_real_fh and ovl_encode_real_fh 2020-11-12 11:31:55 +01:00
file.c ovl: implement volatile-specific fsync error behaviour 2021-01-28 10:22:48 +01:00
inode.c ovl: perform vfs_getxattr() with mounter creds 2021-01-28 10:22:48 +01:00
Kconfig docs: fix broken references to text files 2020-04-20 15:35:59 -06:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
namei.c ovl: check privs before decoding file handle 2020-12-14 15:26:14 +01:00
overlayfs.h ovl: implement volatile-specific fsync error behaviour 2021-01-28 10:22:48 +01:00
ovl_entry.h ovl: implement volatile-specific fsync error behaviour 2021-01-28 10:22:48 +01:00
readdir.c ovl: implement volatile-specific fsync error behaviour 2021-01-28 10:22:48 +01:00
super.c ovl: implement volatile-specific fsync error behaviour 2021-01-28 10:22:48 +01:00
util.c ovl: implement volatile-specific fsync error behaviour 2021-01-28 10:22:48 +01:00