tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'ovl-fixes-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs

Pull overlayfs fixes from Miklos Szeredi:
"Needed to revert a patch, because it possibly introduces a security
hole. Since the patch is basically a conceptual cleanup, not a bug
fix, it's safe to revert. I'm not giving up on this, and discussions
seemed to have reached an agreement over how to move forward, but that
can wait 'till the next release.

The other two patches are fixes for bugs introduced in recent
releases"

* tag 'ovl-fixes-4.20-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
Revert "ovl: relax permission checking on underlying layers"
ovl: fix decode of dir file handle with multi lower layers
ovl: fix missing override creds in link of a metacopy upper

Linus Torvalds e6333d72 70f48282

+20 -17
+13 -1
fs/overlayfs/dir.c
··· 651 651 return ovl_create_object(dentry, S_IFLNK, 0, link); 652 652 } 653 653 654 + static int ovl_set_link_redirect(struct dentry *dentry) 655 + { 656 + const struct cred *old_cred; 657 + int err; 658 + 659 + old_cred = ovl_override_creds(dentry->d_sb); 660 + err = ovl_set_redirect(dentry, false); 661 + revert_creds(old_cred); 662 + 663 + return err; 664 + } 665 + 654 666 static int ovl_link(struct dentry *old, struct inode *newdir, 655 667 struct dentry *new) 656 668 { ··· 682 670 goto out_drop_write; 683 671 684 672 if (ovl_is_metacopy_dentry(old)) { 685 - err = ovl_set_redirect(old, false); 673 + err = ovl_set_link_redirect(old); 686 674 if (err) 687 675 goto out_drop_write; 688 676 }
+3 -3
fs/overlayfs/export.c
··· 754 754 goto out; 755 755 } 756 756 757 - /* Otherwise, get a connected non-upper dir or disconnected non-dir */ 758 - if (d_is_dir(origin.dentry) && 759 - (origin.dentry->d_flags & DCACHE_DISCONNECTED)) { 757 + /* Find origin.dentry again with ovl_acceptable() layer check */ 758 + if (d_is_dir(origin.dentry)) { 760 759 dput(origin.dentry); 761 760 origin.dentry = NULL; 762 761 err = ovl_check_origin_fh(ofs, fh, true, NULL, &stack); ··· 768 769 goto out_err; 769 770 } 770 771 772 + /* Get a connected non-upper dir or disconnected non-dir */ 771 773 dentry = ovl_get_dentry(sb, NULL, &origin, index); 772 774 773 775 out:
+4 -13
fs/overlayfs/inode.c
··· 286 286 if (err) 287 287 return err; 288 288 289 - /* No need to do any access on underlying for special files */ 290 - if (special_file(realinode->i_mode)) 291 - return 0; 292 - 293 - /* No need to access underlying for execute */ 294 - mask &= ~MAY_EXEC; 295 - if ((mask & (MAY_READ | MAY_WRITE)) == 0) 296 - return 0; 297 - 298 - /* Lower files get copied up, so turn write access into read */ 299 - if (!upperinode && mask & MAY_WRITE) { 289 + old_cred = ovl_override_creds(inode->i_sb); 290 + if (!upperinode && 291 + !special_file(realinode->i_mode) && mask & MAY_WRITE) { 300 292 mask &= ~(MAY_WRITE | MAY_APPEND); 293 + /* Make sure mounter can read file for copy up later */ 301 294 mask |= MAY_READ; 302 295 } 303 - 304 - old_cred = ovl_override_creds(inode->i_sb); 305 296 err = inode_permission(realinode, mask); 306 297 revert_creds(old_cred); 307 298