diff options
| author | Nicolas Lacasse <nlacasse@google.com> | 2018-08-10 17:15:27 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-08-10 17:16:38 -0700 |
| commit | a2ec391dfbc5a03077b73078777a9347c372dece (patch) | |
| tree | 037d59bfbb29c2bb4bee25678060be65139e8bb7 /pkg/sentry/fs/overlay.go | |
| parent | ae6f092fe117a738df34e072ef5ba01a41c89222 (diff) | |
fs: Allow overlays to revalidate files from the upper fs.
Previously, an overlay would panic if either the upper or lower fs required
revalidation for a given Dirent. Now, we allow revalidation from the upper
file, but not the lower.
If a cached overlay inode does need revalidation (because the upper needs
revalidation), then the entire overlay Inode will be discarded and a new
overlay Inode will be built with a fresh copy of the upper file.
As a side effect of this change, Revalidate must take an Inode instead of a
Dirent, since an overlay needs to revalidate individual Inodes.
PiperOrigin-RevId: 208293638
Change-Id: Ic8f8d1ffdc09114721745661a09522b54420c5f1
Diffstat (limited to 'pkg/sentry/fs/overlay.go')
| -rw-r--r-- | pkg/sentry/fs/overlay.go | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/pkg/sentry/fs/overlay.go b/pkg/sentry/fs/overlay.go index af13dc8c7..5a30af419 100644 --- a/pkg/sentry/fs/overlay.go +++ b/pkg/sentry/fs/overlay.go @@ -88,10 +88,11 @@ func isXattrOverlay(name string) bool { // Preconditions: // // - upper and lower must be non-nil. +// - upper must not be an overlay. // - lower should not expose character devices, pipes, or sockets, because // copying up these types of files is not supported. -// - upper and lower must not require that file objects be revalidated. -// - upper and lower must not have dynamic file/directory content. +// - lower must not require that file objects be revalidated. +// - lower must not have dynamic file/directory content. func NewOverlayRoot(ctx context.Context, upper *Inode, lower *Inode, flags MountSourceFlags) (*Inode, error) { if !IsDir(upper.StableAttr) { return nil, fmt.Errorf("upper Inode is not a directory") @@ -99,6 +100,9 @@ func NewOverlayRoot(ctx context.Context, upper *Inode, lower *Inode, flags Mount if !IsDir(lower.StableAttr) { return nil, fmt.Errorf("lower Inode is not a directory") } + if upper.overlay != nil { + return nil, fmt.Errorf("cannot nest overlay in upper file of another overlay") + } msrc := newOverlayMountSource(upper.MountSource, lower.MountSource, flags) overlay, err := newOverlayEntry(ctx, upper, lower, true) |