From: Andrew Morton <akpm@linux-foundation.org>
To: David Howells <dhowells@redhat.com>
Cc: torvalds@linux-foundation.org, linux-cachefs@redhat.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] CacheFiles: Fix error handling in cachefiles_determine_cache_security()
Date: Wed, 12 May 2010 12:36:29 -0700 [thread overview]
Message-ID: <20100512123629.41139fd5.akpm@linux-foundation.org> (raw)
In-Reply-To: <20100512143403.2722.29652.stgit@warthog.procyon.org.uk>
On Wed, 12 May 2010 15:34:03 +0100
David Howells <dhowells@redhat.com> wrote:
> cachefiles_determine_cache_security() is expected to return with a security
> override in place. However, if set_create_files_as() fails, we fail to do
> this. In this case, we should just reinstate the security override that was
> set by the caller.
>
> Furthermore, if set_create_files_as() fails, we should dispose of the new
> credentials we were in the process of creating.
>
> Signed-off-by: David Howells <dhowells@redhat.com>
> ---
>
> fs/cachefiles/security.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/fs/cachefiles/security.c b/fs/cachefiles/security.c
> index b5808cd..039b501 100644
> --- a/fs/cachefiles/security.c
> +++ b/fs/cachefiles/security.c
> @@ -77,6 +77,8 @@ static int cachefiles_check_cache_dir(struct cachefiles_cache *cache,
> /*
> * check the security details of the on-disk cache
> * - must be called with security override in force
> + * - must return with a security override in force - even in the case of an
> + * error
> */
> int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
> struct dentry *root,
> @@ -99,6 +101,8 @@ int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
> * which create files */
> ret = set_create_files_as(new, root->d_inode);
> if (ret < 0) {
> + abort_creds(new);
> + cachefiles_begin_secure(cache, _saved_cred);
> _leave(" = %d [cfa]", ret);
> return ret;
> }
The changelog makes it hard for civilians to work out what the
user-visible effect of this bug was.
Should this fix be backported into -stable?
next prev parent reply other threads:[~2010-05-12 19:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-12 14:34 [PATCH] CacheFiles: Fix error handling in cachefiles_determine_cache_security() David Howells
2010-05-12 19:36 ` Andrew Morton [this message]
2010-05-13 9:51 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100512123629.41139fd5.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=dhowells@redhat.com \
--cc=linux-cachefs@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.