From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 21 Jan 2021 13:19:47 +0000 (+0100)
Subject: overlayfs: do not mount on top of idmapped mounts
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=029a52ada6a774cac457f3be34b79cfc85563ced;p=linux.git

overlayfs: do not mount on top of idmapped mounts

Prevent overlayfs from being mounted on top of idmapped mounts.
Stacking filesystems need to be prevented from being mounted on top of
idmapped mounts until they have have been converted to handle this.

Link: https://lore.kernel.org/r/20210121131959.646623-29-christian.brauner@ubuntu.com
Cc: Christoph Hellwig <hch@lst.de>
Cc: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Reviewed-by: James Morris <jamorris@linux.microsoft.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
index c04612b190545..b702c576e7830 100644
--- a/fs/overlayfs/super.c
+++ b/fs/overlayfs/super.c
@@ -858,6 +858,10 @@ static int ovl_mount_dir_noesc(const char *name, struct path *path)
 		pr_err("filesystem on '%s' not supported\n", name);
 		goto out_put;
 	}
+	if (mnt_user_ns(path->mnt) != &init_user_ns) {
+		pr_err("idmapped layers are currently not supported\n");
+		goto out_put;
+	}
 	if (!d_is_dir(path->dentry)) {
 		pr_err("'%s' not a directory\n", name);
 		goto out_put;