[PATCH v3 3/7] mtd: Check permissions towards mtd block device inode when mounting

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Seth Forshee <seth.forshee@canonical.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>,
	David Woodhouse <dwmw2@infradead.org>,
	Brian Norris <computersforpeace@gmail.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
	Serge Hallyn <serge.hallyn@canonical.com>,
	Andy Lutomirski <luto@amacapital.net>,
	linux-kernel@vger.kernel.org, linux-bcache@vger.kernel.org,
	dm-devel@redhat.com, linux-raid@vger.kernel.org,
	linux-mtd@lists.infradead.org, linux-fsdevel@vger.kernel.org,
	linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov,
	Seth Forshee <seth.forshee@canonical.com>
Subject: [PATCH v3 3/7] mtd: Check permissions towards mtd block device inode when mounting
Date: Tue, 17 Nov 2015 10:39:06 -0600	[thread overview]
Message-ID: <1447778351-118699-4-git-send-email-seth.forshee@canonical.com> (raw)
In-Reply-To: <1447778351-118699-1-git-send-email-seth.forshee@canonical.com>

Unprivileged users should not be able to mount mtd block devices
when they lack sufficient privileges towards the block device
inode.  Update mount_mtd() to validate that the user has the
required access to the inode at the specified path. The check
will be skipped for CAP_SYS_ADMIN, so privileged mounts will
continue working as before.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
---
 drivers/mtd/mtdsuper.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/mtd/mtdsuper.c b/drivers/mtd/mtdsuper.c
index b5b60e1af31c..5d7e7705fed8 100644
--- a/drivers/mtd/mtdsuper.c
+++ b/drivers/mtd/mtdsuper.c
@@ -125,6 +125,7 @@ struct dentry *mount_mtd(struct file_system_type *fs_type, int flags,
 #ifdef CONFIG_BLOCK
 	struct block_device *bdev;
 	int ret, major;
+	int perm;
 #endif
 	int mtdnr;
 
@@ -176,7 +177,10 @@ struct dentry *mount_mtd(struct file_system_type *fs_type, int flags,
 	/* try the old way - the hack where we allowed users to mount
 	 * /dev/mtdblock$(n) but didn't actually _use_ the blockdev
 	 */
-	bdev = lookup_bdev(dev_name, 0);
+	perm = MAY_READ;
+	if (!(flags & MS_RDONLY))
+		perm |= MAY_WRITE;
+	bdev = lookup_bdev(dev_name, perm);
 	if (IS_ERR(bdev)) {
 		ret = PTR_ERR(bdev);
 		pr_debug("MTDSB: lookup_bdev() returned %d\n", ret);
-- 
1.9.1

next prev parent reply	other threads:[~2015-11-17 16:40 UTC|newest]

Thread overview: 61+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-17 16:39 [PATCH v3 0/7] User namespace mount updates Seth Forshee
2015-11-17 16:39 ` [PATCH v3 1/7] block_dev: Support checking inode permissions in lookup_bdev() Seth Forshee
2015-11-17 16:39 ` [PATCH v3 2/7] block_dev: Check permissions towards block device inode when mounting Seth Forshee
2015-11-17 16:39 ` Seth Forshee [this message]
2015-11-17 16:39 ` [PATCH v3 4/7] fs: Treat foreign mounts as nosuid Seth Forshee
2015-11-18  0:00   ` James Morris
2015-11-17 16:39 ` [PATCH v3 5/7] selinux: Add support for unprivileged mounts from user namespaces Seth Forshee
2015-11-18  0:02   ` James Morris
2015-11-17 16:39 ` [PATCH v3 6/7] userns: Replace in_userns with current_in_userns Seth Forshee
2015-11-18  0:03   ` James Morris
2015-11-17 16:39 ` [PATCH v3 7/7] Smack: Handle labels consistently in untrusted mounts Seth Forshee
2015-11-17 18:24   ` Casey Schaufler
2015-11-18  0:12   ` James Morris
2015-11-18  0:50     ` Seth Forshee
2015-11-17 17:05 ` [PATCH v3 0/7] User namespace mount updates Al Viro
2015-11-17 17:25   ` Seth Forshee
2015-11-17 17:45     ` Serge E. Hallyn
2015-11-17 17:55     ` Al Viro
2015-11-17 18:34       ` Seth Forshee
2015-11-17 19:12         ` Richard Weinberger
2015-11-17 19:21           ` Seth Forshee
2015-11-17 19:25             ` Octavian Purdila
2015-11-17 20:12               ` Richard Weinberger
2015-11-17 22:00                 ` Octavian Purdila
2015-11-19 15:23                   ` Seth Forshee
2015-11-19 16:19                     ` Octavian Purdila
2015-11-19 16:31                       ` Seth Forshee
2015-11-20 17:33                       ` Serge E. Hallyn
2015-11-17 19:26             ` Richard Weinberger
2015-11-18 19:10         ` Theodore Ts'o
2015-11-18 19:28           ` Seth Forshee
2015-11-18 19:32           ` Serge Hallyn
2015-11-17 19:02       ` Austin S Hemmelgarn
2015-11-17 19:16         ` Seth Forshee
2015-11-17 20:54           ` Austin S Hemmelgarn
2015-11-17 21:32             ` Seth Forshee
2015-11-18 12:23               ` Austin S Hemmelgarn
2015-11-18 14:22                 ` Seth Forshee
2015-11-18 14:58                   ` Al Viro
2015-11-18 15:05                     ` Seth Forshee
2015-11-18 15:13                       ` Al Viro
2015-11-18 15:19                         ` Richard Weinberger
2015-11-19  7:47                           ` James Morris
2015-11-19  7:53                             ` Richard Weinberger
2015-11-19 14:21                               ` Serge E. Hallyn
2015-11-19 15:04                                 ` Richard Weinberger
2015-11-19 14:37                               ` Colin Walters
2015-11-19 14:49                                 ` Richard Weinberger
2015-11-19 15:17                                   ` Richard W.M. Jones
2015-11-19 14:58                         ` Serge E. Hallyn
2015-11-18 15:34                     ` Austin S Hemmelgarn
2015-11-18 15:36                     ` Nikolay Borisov
2015-11-17 19:30         ` Al Viro
2015-11-17 20:39           ` Austin S Hemmelgarn
2015-11-17 21:05             ` Al Viro
2015-11-17 22:01               ` Seth Forshee
2015-11-18 12:46                 ` Austin S Hemmelgarn
2015-11-18 14:30                   ` Seth Forshee
2015-11-18 15:38                     ` Austin S Hemmelgarn
     [not found]                       ` <564C9B92.5080107-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-11-18 18:33                         ` Daniel J Walsh
2015-11-18 18:44           ` J. Bruce Fields

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:b5b60e1af31 dfblob:5d7e7705fed )
 OR (
bs:"[PATCH v3 3/7] mtd: Check permissions towards mtd block device inode when mounting" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1447778351-118699-4-git-send-email-seth.forshee@canonical.com \
    --to=seth.forshee@canonical.com \
    --cc=computersforpeace@gmail.com \
    --cc=dm-devel@redhat.com \
    --cc=dwmw2@infradead.org \
    --cc=ebiederm@xmission.com \
    --cc=linux-bcache@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mtd@lists.infradead.org \
    --cc=linux-raid@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=selinux@tycho.nsa.gov \
    --cc=serge.hallyn@canonical.com \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).