diff options
| -rw-r--r-- | src/basic/copy.c | 31 | ||||
| -rw-r--r-- | src/basic/copy.h | 7 |
2 files changed, 33 insertions, 5 deletions
diff --git a/src/basic/copy.c b/src/basic/copy.c index 5962e4ce7..c09292b94 100644 --- a/src/basic/copy.c +++ b/src/basic/copy.c @@ -29,6 +29,7 @@ #include "io-util.h" //#include "macro.h" #include "missing.h" +//#include "mount-util.h" //#include "string-util.h" #include "strv.h" #include "time-util.h" @@ -534,8 +535,34 @@ static int fd_copy_directory( } if (S_ISDIR(buf.st_mode)) { - if (buf.st_dev != original_device) - continue; + /* + * Don't descend into directories on other file systems, if this is requested. We do a simple + * .st_dev check here, which basically comes for free. Note that we do this check only on + * directories, not other kind of file system objects, for two reason: + * + * • The kernel's overlayfs pseudo file system that overlays multiple real file systems + * propagates the .st_dev field of the file system a file originates from all the way up + * through the stack to stat(). It doesn't do that for directories however. This means that + * comparing .st_dev on non-directories suggests that they all are mount points. To avoid + * confusion we hence avoid relying on this check for regular files. + * + * • The main reason we do this check at all is to protect ourselves from bind mount cycles, + * where we really want to avoid descending down in all eternity. However the .st_dev check + * is usually not sufficient for this protection anyway, as bind mount cycles from the same + * file system onto itself can't be detected that way. + */ + + if (FLAGS_SET(copy_flags, COPY_SAME_MOUNT)) { + if (buf.st_dev != original_device) + continue; + + r = fd_is_mount_point(dirfd(d), de->d_name, 0); + if (r < 0) + return r; + if (r > 0) + continue; + } + q = fd_copy_directory(dirfd(d), de->d_name, &buf, fdt, de->d_name, original_device, override_uid, override_gid, copy_flags); } else if (S_ISREG(buf.st_mode)) q = fd_copy_regular(dirfd(d), de->d_name, &buf, fdt, de->d_name, override_uid, override_gid, copy_flags); diff --git a/src/basic/copy.h b/src/basic/copy.h index 8f5acdb7c..7c1d86fe3 100644 --- a/src/basic/copy.h +++ b/src/basic/copy.h @@ -13,9 +13,10 @@ #include <sys/types.h> typedef enum CopyFlags { - COPY_REFLINK = 1U << 0, /* Try to reflink */ - COPY_MERGE = 1U << 1, /* Merge existing trees with our new one to copy */ - COPY_REPLACE = 1U << 2, /* Replace an existing file if there's one */ + COPY_REFLINK = 1U << 0, /* Try to reflink */ + COPY_MERGE = 1U << 1, /* Merge existing trees with our new one to copy */ + COPY_REPLACE = 1U << 2, /* Replace an existing file if there's one */ + COPY_SAME_MOUNT = 1U << 3, /* Don't descend recursively into other file systems, across mount point boundaries */ } CopyFlags; #if 0 /// UNNEEDED by elogind |