Don't copy-up extended attributes that specifically configure a lower overlay.

When copying-up files from a lower fs to an upper, we also copy the extended attributes on the file. If there is a (nested) overlay inside the lower, some of these extended attributes configure the lower overlay, and should not be copied-up to the upper. In particular, whiteout attributes in the lower fs overlay should not be copied-up, since the upper fs may actually contain the file. PiperOrigin-RevId: 206236010 Change-Id: Ia0454ac7b99d0e11383f732a529cb195ed364062
author: Nicolas Lacasse <nlacasse@google.com> 2018-07-26 15:54:55 -0700
committer: Shentubot <shentubot@google.com> 2018-07-26 15:55:50 -0700
commit: 127c977ab04d56de78c5caf16a8e6446eda340d4 (patch)
tree: 1a745aadb0511ed4da27cad33f55b5c5e5447bbc /pkg/sentry/fs/copy_up.go
parent: 6d7199bcffcb45b2bdb662128034a9b728a74efb (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/pkg/sentry/fs/copy_up.go b/pkg/sentry/fs/copy_up.go
index ea74d0efd..8c949b176 100644
--- a/pkg/sentry/fs/copy_up.go
+++ b/pkg/sentry/fs/copy_up.go
@@ -402,6 +402,11 @@ func copyAttributesLocked(ctx context.Context, upper *Inode, lower *Inode) error
 		return err
 	}
 	for name := range lowerXattr {
+		// Don't copy-up attributes that configure an overlay in the
+		// lower.
+		if isXattrOverlay(name) {
+			continue
+		}
 		value, err := lower.Getxattr(name)
 		if err != nil {
 			return err
author	Nicolas Lacasse <nlacasse@google.com>	2018-07-26 15:54:55 -0700
committer	Shentubot <shentubot@google.com>	2018-07-26 15:55:50 -0700
commit	127c977ab04d56de78c5caf16a8e6446eda340d4 (patch)
tree	1a745aadb0511ed4da27cad33f55b5c5e5447bbc /pkg/sentry/fs/copy_up.go
parent	6d7199bcffcb45b2bdb662128034a9b728a74efb (diff)