From 52cad1fe64c413290c3679f977292ca3b3c30d29 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Fri, 25 Mar 2022 18:40:32 +0000
Subject: mount-copybind: add MOUNT_COPYBIND_AVOID_OVERLAYFS env var to skip
 OverlayFS

In some cases we don't want to even attempt to set up OverlayFS, for
example because SELinux in enforcing mode would kill the process
attempting to use the mount. See:

https://lore.kernel.org/all/CA+FmFJBDwt52Z-dVGfuUcnRMiMtGPhK4cCQJ=J_fg0r3x-b6ng@mail.gmail.com/T/#mef98aa406324096d1889d3d467251f30456f403c

If MOUNT_COPYBIND_AVOID_OVERLAYFS=1 is set, skip directly to copy and
bind mount.

(From OE-Core rev: a8e7dca69054798b1c9843a0de889cef3e261c4f)

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-core/volatile-binds/files/mount-copybind | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'meta/recipes-core/volatile-binds')

diff --git a/meta/recipes-core/volatile-binds/files/mount-copybind b/meta/recipes-core/volatile-binds/files/mount-copybind
index 8bbb406b3a..ddc4357615 100755
--- a/meta/recipes-core/volatile-binds/files/mount-copybind
+++ b/meta/recipes-core/volatile-binds/files/mount-copybind
@@ -2,6 +2,9 @@
 #
 # Perform a bind mount, copying existing files as we do so to ensure the
 # overlaid path has the necessary content.
+# If the target is a directory and overlayfs is available (and the environment
+# variable MOUNT_COPYBIND_AVOID_OVERLAYFS=1 is not set), then an overlay mount
+# will be attempted first.
 
 if [ $# -lt 2 ]; then
     echo >&2 "Usage: $0 spec mountpoint [OPTIONS]"
@@ -51,7 +54,7 @@ if [ -d "$mountpoint" ]; then
             mountcontext=",rootcontext=$(matchpathcon -n "$mountpoint")"
         fi
     fi
-    if ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir""$mountcontext" "$mountpoint" > /dev/null 2>&1; then
+    if [ "$MOUNT_COPYBIND_AVOID_OVERLAYFS" = 1 ] || ! mount -t overlay overlay -olowerdir="$mountpoint",upperdir="$spec",workdir="$overlay_workdir""$mountcontext" "$mountpoint" > /dev/null 2>&1; then
 
         if [ "$specdir_existed" != "yes" ]; then
             cp -aPR "$mountpoint"/. "$spec/"
-- 
cgit v1.2.3-54-g00ecf