tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'fsnotify_for_v7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs

Pull fsnotify updates from Jan Kara:
"A couple of small fsnotify fixes and cleanups"

* tag 'fsnotify_for_v7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
fanotify: replace deprecated strcpy in fanotify_info_copy_{name,name2}
fsnotify: inotify: pass mark connector to fsnotify_recalc_mask()
fanotify: call fanotify_events_supported() before path_permission() and security_path_notify()
fanotify: avoid/silence premature LSM capability checks
inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

Linus Torvalds c4ef28fe 04809172

+28 -30
+3 -2
fs/notify/fanotify/fanotify.h
··· 2 2 #include <linux/fsnotify_backend.h> 3 3 #include <linux/path.h> 4 4 #include <linux/slab.h> 5 + #include <linux/string.h> 5 6 #include <linux/exportfs.h> 6 7 #include <linux/hashtable.h> 7 8 ··· 219 218 return; 220 219 221 220 info->name_len = name->len; 222 - strcpy(fanotify_info_name(info), name->name); 221 + strscpy(fanotify_info_name(info), name->name, name->len + 1); 223 222 } 224 223 225 224 static inline void fanotify_info_copy_name2(struct fanotify_info *info, ··· 229 228 return; 230 229 231 230 info->name2_len = name->len; 232 - strcpy(fanotify_info_name2(info), name->name); 231 + strscpy(fanotify_info_name2(info), name->name, name->len + 1); 233 232 } 234 233 235 234 /*
+23 -27
fs/notify/fanotify/fanotify_user.c
··· 1210 1210 1211 1211 *path = fd_file(f)->f_path; 1212 1212 path_get(path); 1213 + ret = 0; 1213 1214 } else { 1214 1215 unsigned int lookup_flags = 0; 1215 1216 ··· 1220 1219 lookup_flags |= LOOKUP_DIRECTORY; 1221 1220 1222 1221 ret = user_path_at(dfd, filename, lookup_flags, path); 1223 - if (ret) 1224 - goto out; 1225 1222 } 1226 - 1227 - /* you can only watch an inode if you have read permissions on it */ 1228 - ret = path_permission(path, MAY_READ); 1229 - if (ret) { 1230 - path_put(path); 1231 - goto out; 1232 - } 1233 - 1234 - ret = security_path_notify(path, mask, obj_type); 1235 - if (ret) 1236 - path_put(path); 1237 - 1238 - out: 1239 1223 return ret; 1240 1224 } 1241 1225 ··· 1601 1615 pr_debug("%s: flags=%x event_f_flags=%x\n", 1602 1616 __func__, flags, event_f_flags); 1603 1617 1604 - if (!capable(CAP_SYS_ADMIN)) { 1605 - /* 1606 - * An unprivileged user can setup an fanotify group with 1607 - * limited functionality - an unprivileged group is limited to 1608 - * notification events with file handles or mount ids and it 1609 - * cannot use unlimited queue/marks. 1610 - */ 1611 - if ((flags & FANOTIFY_ADMIN_INIT_FLAGS) || 1612 - !(flags & (FANOTIFY_FID_BITS | FAN_REPORT_MNT))) 1613 - return -EPERM; 1618 + /* 1619 + * An unprivileged user can setup an fanotify group with limited 1620 + * functionality - an unprivileged group is limited to notification 1621 + * events with file handles or mount ids and it cannot use unlimited 1622 + * queue/marks. 1623 + */ 1624 + if (((flags & FANOTIFY_ADMIN_INIT_FLAGS) || 1625 + !(flags & (FANOTIFY_FID_BITS | FAN_REPORT_MNT))) && 1626 + !capable(CAP_SYS_ADMIN)) 1627 + return -EPERM; 1614 1628 1629 + if (!ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN)) { 1615 1630 /* 1616 1631 * Setting the internal flag FANOTIFY_UNPRIV on the group 1617 1632 * prevents setting mount/filesystem marks on this group and ··· 1977 1990 * A user is allowed to setup sb/mount/mntns marks only if it is 1978 1991 * capable in the user ns where the group was created. 1979 1992 */ 1980 - if (!ns_capable(group->user_ns, CAP_SYS_ADMIN) && 1981 - mark_type != FAN_MARK_INODE) 1993 + if (mark_type != FAN_MARK_INODE && 1994 + !ns_capable(group->user_ns, CAP_SYS_ADMIN)) 1982 1995 return -EPERM; 1983 1996 1984 1997 /* ··· 2043 2056 if (ret) 2044 2057 goto path_put_and_out; 2045 2058 } 2059 + 2060 + /* you can only watch an inode if you have read permissions on it */ 2061 + ret = path_permission(&path, MAY_READ); 2062 + if (ret) 2063 + goto path_put_and_out; 2064 + 2065 + ret = security_path_notify(&path, mask, obj_type); 2066 + if (ret) 2067 + goto path_put_and_out; 2046 2068 2047 2069 if (fid_mode) { 2048 2070 ret = fanotify_test_fsid(path.dentry, flags, &__fsid);
+2 -1
fs/notify/inotify/inotify_user.c
··· 573 573 574 574 /* update the inode with this new fsn_mark */ 575 575 if (dropped || do_inode) 576 - fsnotify_recalc_mask(inode->i_fsnotify_marks); 576 + fsnotify_recalc_mask(fsn_mark->connector); 577 577 578 578 } 579 579 ··· 621 621 if (ret) { 622 622 /* we failed to get on the inode, get off the idr */ 623 623 inotify_remove_from_idr(group, tmp_i_mark); 624 + dec_inotify_watches(group->inotify_data.ucounts); 624 625 goto out_err; 625 626 } 626 627