TheCloud/fuse-overlayfs
1
0
Fork 0
mirror of https://github.com/containers/fuse-overlayfs.git synced 2025-08-04 02:15:58 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #329 from giuseppe/honor-user-overlay

Browse Source 
main: honor user.overlay. xattrs
This commit is contained in:
Daniel J Walsh 2021-11-22 10:14:57 -05:00 committed by GitHub
commit bafeebf02a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
main.c
View File

@ -137,6 +137,8 @@ open_by_handle_at (int mount_fd, struct file_handle *handle, int flags)
#define ORIGIN_XATTR "user.fuseoverlayfs.origin" #define ORIGIN_XATTR "user.fuseoverlayfs.origin"
#define OPAQUE_XATTR "user.fuseoverlayfs.opaque" #define OPAQUE_XATTR "user.fuseoverlayfs.opaque"
#define XATTR_CONTAINERS_PREFIX "user.containers." #define XATTR_CONTAINERS_PREFIX "user.containers."
#define UNPRIVILEGED_XATTR_PREFIX "user.overlay."
#define UNPRIVILEGED_OPAQUE_XATTR "user.overlay.opaque"
#define PRIVILEGED_XATTR_PREFIX "trusted.overlay." #define PRIVILEGED_XATTR_PREFIX "trusted.overlay."
#define PRIVILEGED_OPAQUE_XATTR "trusted.overlay.opaque" #define PRIVILEGED_OPAQUE_XATTR "trusted.overlay.opaque"
#define PRIVILEGED_ORIGIN_XATTR "trusted.overlay.origin" #define PRIVILEGED_ORIGIN_XATTR "trusted.overlay.origin"
@ -495,8 +497,9 @@ has_prefix (const char *str, const char *pref)
static bool static bool
can_access_xattr (const char *name) can_access_xattr (const char *name)
{ {
return !has_prefix (name, XATTR_PREFIX) \ return !has_prefix (name, XATTR_PREFIX)
&& !has_prefix (name, PRIVILEGED_XATTR_PREFIX); && !has_prefix (name, PRIVILEGED_XATTR_PREFIX)
&& !has_prefix (name, UNPRIVILEGED_XATTR_PREFIX);
} }
static ssize_t static ssize_t
@ -683,6 +686,8 @@ is_directory_opaque (struct ovl_layer *l, const char *path)
ssize_t s; ssize_t s;
s = l->ds->getxattr (l, path, PRIVILEGED_OPAQUE_XATTR, b, sizeof (b)); s = l->ds->getxattr (l, path, PRIVILEGED_OPAQUE_XATTR, b, sizeof (b));
if (s < 0 && errno == ENODATA)
s = l->ds->getxattr (l, path, UNPRIVILEGED_OPAQUE_XATTR, b, sizeof (b));
if (s < 0 && errno == ENODATA) if (s < 0 && errno == ENODATA)
s = l->ds->getxattr (l, path, OPAQUE_XATTR, b, sizeof (b)); s = l->ds->getxattr (l, path, OPAQUE_XATTR, b, sizeof (b));