[Devel] [PATCH RHEL8 COMMIT] fs: Allow to remove swapfile hardlinks (for ploop images protection)

Konstantin Khorenko khorenko at virtuozzo.com
Thu Apr 15 15:34:10 MSK 2021 

The commit is pushed to "branch-rh8-4.18.0-240.1.1.vz8.5.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh8-4.18.0-240.1.1.vz8.5.14
------>
commit 5ea1b1d3ca9d65a58e83568a7ac37bba7662a82a
Author: Vladimir Davydov <vdavydov.dev at gmail.com>
Date:   Thu Apr 15 15:34:10 2021 +0300

    fs: Allow to remove swapfile hardlinks (for ploop images protection)
    
    Author: Maxim Patlasov
    Email: MPatlasov at parallels.com
    Subject: fs: allow to remove swapfile hardlinks
    Date: Tue, 11 Mar 2014 20:33:12 +0400
    
    There is nothing wrong to allow unlink(2) on a swapfile unless this is the last
    link (i_nlink == 1).
    
    The patch is useful for sharing a ploop image (which uses the same
    S_SWAPFILE flag for protection against truncate as swapfiles) among several
    containers by hardlinks. Otherwise, CT destroy would fail due to inability
    to unlink image file.
    
    >>>> Nice.
    >>>> Why it's not done in upstream?
    >>>> I mean, is there any reason against it?
    >>>
    >>> No, I think. They had solved the problem of lost swapfile by the
    >>> simplest patch: disable any unlink.
    >>>
    >>
    >> Are you going to suggest to patch to the upstream?
    >> Or it's just our local usage scenario?
    >
    > It's our own invention -- to use S_SWAPFILE for protection ploop images
    > from truncation. Ordinary loop block-device doesn't use it. Nobody else
    > (except swapfiles) uses it. So its our local usage from which nobody
    > else can get a benefit (until we didn't push ploop upstream in some form).
    
    https://jira.sw.ru/browse/PSBM-25310
    
    Signed-off-by: Maxim Patlasov <MPatlasov at parallels.com>
    
    =============================================================================
    Related to https://jira.sw.ru/browse/PSBM-33650
    Signed-off-by: Vladimir Davydov <vdavydov at parallels.com>
    =============================================================================
    
    VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127782
    vz7 commit: ede015466b21 ("ve/fs: Port
    diff-ve-fs-allow-to-remove-swapfile-hardlinks")
    
    Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn at virtuozzo.com>
    
    khorenko@: currently we don't use S_SWAPFILE flag as a protection for ploops,
    but it might be useful for fast path later, so let's apply the patch for now,
    it's simple.
---
 fs/namei.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/namei.c b/fs/namei.c
index 486e4c587649..52b95f7f1fb6 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2844,7 +2844,8 @@ static int may_delete(struct inode *dir, struct dentry *victim, bool isdir)
 		return -EPERM;
 
 	if (check_sticky(dir, inode) || IS_APPEND(inode) ||
-	    IS_IMMUTABLE(inode) || IS_SWAPFILE(inode) || HAS_UNMAPPED_ID(inode))
+	    IS_IMMUTABLE(inode) || HAS_UNMAPPED_ID(inode) ||
+	    (IS_SWAPFILE(inode) && inode->i_nlink == 1))
 		return -EPERM;
 	if (isdir) {
 		if (!d_is_dir(victim))

More information about the Devel mailing list