[Devel] [PATCH RH9 04/22] fs: Allow to remove swapfile hardlinks (for ploop images protection)

Andrey Zhadchenko andrey.zhadchenko at virtuozzo.com
Thu Oct 7 13:57:28 MSK 2021 

From: Vladimir Davydov <vdavydov at parallels.com>

Author: Maxim Patlasov
Email: MPatlasov at parallels.com
Subject: fs: allow to remove swapfile hardlinks
Date: Tue, 11 Mar 2014 20:33:12 +0400

There is nothing wrong to allow unlink(2) on a swapfile unless this is the last
link (i_nlink == 1).

The patch is useful for sharing a ploop image (which uses the same
S_SWAPFILE flag for protection against truncate as swapfiles) among several
containers by hardlinks. Otherwise, CT destroy would fail due to inability
to unlink image file.

>>>> Nice.
>>>> Why it's not done in upstream?
>>>> I mean, is there any reason against it?
>>>
>>> No, I think. They had solved the problem of lost swapfile by the
>>> simplest patch: disable any unlink.
>>>
>>
>> Are you going to suggest to patch to the upstream?
>> Or it's just our local usage scenario?
>
> It's our own invention -- to use S_SWAPFILE for protection ploop images
> from truncation. Ordinary loop block-device doesn't use it. Nobody else
> (except swapfiles) uses it. So its our local usage from which nobody
> else can get a benefit (until we didn't push ploop upstream in some form).

https://jira.sw.ru/browse/PSBM-25310

Signed-off-by: Maxim Patlasov <MPatlasov at parallels.com>

=============================================================================
Related to https://jira.sw.ru/browse/PSBM-33650
Signed-off-by: Vladimir Davydov <vdavydov at parallels.com>
=============================================================================

VZ 8 rebase part https://jira.sw.ru/browse/PSBM-127782
vz7 commit: ede015466b21 ("ve/fs: Port
diff-ve-fs-allow-to-remove-swapfile-hardlinks")

Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn at virtuozzo.com>

khorenko@: currently we don't use S_SWAPFILE flag as a protection for ploops,
but it might be useful for fast path later, so let's apply the patch for now,
it's simple.

(cherry picked from vz8 commit f759285a1949df2e9c8e65b5916079f546843d25)
Signed-off-by: Andrey Zhadchenko <andrey.zhadchenko at virtuozzo.com>
---
 fs/namei.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/namei.c b/fs/namei.c
index 47c0fe3..38f52c1 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2809,7 +2809,8 @@ static int may_delete(struct user_namespace *mnt_userns, struct inode *dir,
 
 	if (check_sticky(mnt_userns, dir, inode) || IS_APPEND(inode) ||
 	    IS_IMMUTABLE(inode) || IS_SWAPFILE(inode) ||
-	    HAS_UNMAPPED_ID(mnt_userns, inode))
+	    HAS_UNMAPPED_ID(mnt_userns, inode) ||
+	    (IS_SWAPFILE(inode) && inode->i_nlink == 1))
 		return -EPERM;
 	if (isdir) {
 		if (!d_is_dir(victim))
-- 
1.8.3.1

More information about the Devel mailing list